In addition to the definitions contained elsewhere in the text of this Policy, the following terms and expressions shall have the following meaning ascribed to them for use in this Policy:
"Company Parties" means the Company and its respective past, present, and future employees, officers, directors, contractors, consultants, attorneys, accountants, financial advisors, equity holders, suppliers, vendors, service providers, parent companies, subsidiaries, affiliates, agents, representatives, predecessors, successors, and assigns.
"Company Party" means one of the foregoing, as the case may be.
"Consent" has the meaning set out for this term in Article ARTICLE 5.1. hereof.
"Controller" or "controller responsible for the processing" means the natural or legal person, public authority, agency or other body, who, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by EU legislation.
"Cookies" means a text file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server. Cookies may be either "persistent" cookies or "session" cookies. A persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed. Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.
"Data subject" means any identified or identifiable natural person, whose personal data is processed by the controller responsible for the processing.
"EU Persons" means Personal Data subjects who are in the European Union.
"GDPR" means Regulation (EU) 2016/679 of the European Parliament and the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
"Personal Data" means any information, relating to an identified or identifiable natural person (data subject); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
"Processing" means any operation or set of operations, which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation, or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.
"Process", "Processed" and other similar terms shall be construed accordingly
"Processor" means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
"Profiling" means any form of automated processing of personal data, consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.
"Recipient" means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities, which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law, shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.
"Restriction of processing" means the marking of stored personal data with the aim of limiting their processing in the future.
2.1. This Policy defines the Personal Data, explains how Personal Data is used and Processed and instances when the Company shares or permits collection of the Personal Data by the Company Parties or state authorities.
2.2. This Policy shall come into effect at the moment you first access the Website or start using of any of the Services. By accessing, browsing, or using the Website and/or any of the Services, you irrevocably and unconditionally accept and adhere to provisions of this Policy without any exemptions, limitations, and exclusions. If you access the Website or use any of the Services on behalf of a business (whether registered or operating without registration), that business hereby accepts this Policy.
2.3. In the event you disagree with any provision of this Policy or would not like to provide your consent for Processing of your Personal Data, you shall cease using the Website or any of the Services immediately.
3.1. Contact details about the data controller of this Website: firstname.lastname@example.org
4.1. Processing of Personal Data is permitted only on the following legal grounds:
4.1.1. Consent to Personal Data Processing, when the data subject has given Consent to the Processing of his or her Personal Data for one or more specific purposes;
4.1.2. contractual relationships, where the Personal Data Processing is necessary for the performance of a contract, to which the data subject is party or in order to take steps at the request of the data subject, prior to entering into a contract;
4.1.3. controller's legal obligation, when the Processing is necessary for compliance with a legal obligation, to which the controller is subject;
4.1.4. vital interests protection, when the Processing is necessary in order to protect the vital interests of the data subject or of another natural person;
4.1.5. public interests compliance, when the Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
4.1.6. controller's legitimate interests, when the Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of Personal Data, in particular where the data subject is a child.
4.2. We Process your Personal Data on the basis that it is:
4.2.1. necessary for the performance of a contract, therefore, where we have a contract with you, we will process your Personal Data in order to fulfil that contract (in particular, to provide you with the Services);
4.2.2. authorized by your Consent, which you give us as it is set out in Article 5 (Consent to Personal Data Processing) hereof;
4.2.3. necessary for compliance with our legal obligation, in particular, when we are obliged to respond to a court order or a regulator;
4.2.4. necessary for performance our legitimate interests, as it is more detailed described in Article 4.3 hereof; or
4.2.5. permitted by applicable legislation, if the respective legal ground for Personal Data Processing is not mentioned in, or contradicts to, the provisions of this Policy.
4.2.6. You are welcome to contact us for further information on the legal grounds that we rely on in relation to any specific Processing of your Personal Data.
4.3. We Process the Personal Data for a number of legitimate interests, including to provide and improve the Services, administer our relationship with you and our business, for marketing and in order to exercise our rights and responsibilities. In particular, we Process the Personal Data to:
4.3.1. set up and administer your User Account, provide technical and customer support and training, verify your identity, and send important account, subscription and Service information;
4.3.2. administer our relationship with you, our business and our third-party providers (e.g., to send invoices);
4.3.3. deliver and suggest tailored content such as news, research, reports and business information. We analyse the way you use our Services to make suggestions to you for features or Services that we believe you will also be interested in, and so that we can make our Services more user-friendly;
4.3.4. personalize your experience with our Services. We may retain your browsing and usage information to make your searches within our Services more relevant and use those insights to target advertising to you online on our websites and apps;
4.3.5. share your Personal Data across our Services so that we can make all of the Services we deliver to you more intuitive (e.g., rather than requiring you to enter the same data many times);
4.3.6. contact you in relation to, and conduct, surveys or polls you choose to take part in and to analyse the data collected for market research purposes;
4.3.7. display information you choose to post, share, upload or make available in chat rooms, messaging services, and community and event forums (including in community and event profiles) and for related collaboration, peer connection, games and information exchange;
4.3.8. conduct internal research and development and to improve, test and enhance the features and functions of our Services;
4.3.9. provide you with marketing as permitted by law;
4.3.10. meet our internal and external audit requirements, including our information security obligations;
4.3.11. exercise, protect and/or enforce our rights, privacy, safety, networks, systems and property, or those of other persons;
4.3.12. prevent, detect or investigate a crime, fraud or other breach of law or requirement;
4.3.13. prevent or detect any loss incurred by Company Parties or third persons;
4.3.14. comply with requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, including where they are outside your country of residence;
4.3.15. defend Company Parties from claims;
4.3.16. comply with laws and regulations that apply to us or third parties with whom we work. Where we rely on legitimate interests as a lawful ground for Processing your Personal Data, we balance those interests against your interests, fundamental rights and freedoms. For more information on how this balancing exercise has been carried out, please contact us by sending an email to email@example.com.
§1. EU Persons Consent to Personal Data Processing
5.1. If you are an EU Person and to Process your Personal Data we need to receive your consent, as it is prescribed by GDPR, we will process your Personal Data only in the case we have received from you a freely given, specific, informed, and unambiguous indication of your wishes by which you signify agreement to the processing of your Personal Data ("Consent").
5.2. You may give your Consent by ticking a box when visiting the Website. In the case you tick the respective box, you irrevocably and unconditionally consent and agree that the Company Parties shall be entitled to Process your Personal Data as it is indicated in your Consent.
5.3. Your Consent covers all Processing activities with your Personal Data carried out for the same purpose or purposes. When the Processing has multiple purposes, your Consent should be deemed given for all of them.
5.4. You have the right to withdraw your Consent at any time. You can submit such request by sending us an email to firstname.lastname@example.org. Your withdrawal of Consent shall not affect the lawfulness of your Personal Data Processing based on Consent before its withdrawal.
5.5. Except as required or enabled by law (including, for the avoidance of doubt, the laws of the member states of the European Union), we will not use or disclose your Personal Data for any purpose for which you refuse Consent or later withdraw your Consent. If you withdraw Consent, you agree that in spite of this withdrawal, we may continue to use those Personal Data previously provided to us to the extent that we are contractually or otherwise legally obliged to do so and to the extent necessary to enforce any contractual obligation you may have towards the Company Parties or in any other way permitted by law. You also understand that although you can use the Website for some purposes without providing your Personal Data, we need certain Personal Data, including data linked to payment or involving an ongoing relationship with the Company Parties or our partners. If you refuse to provide us with Personal Data we require or later withdraw your consent, we may no longer be able to provide you with certain Services or access to the Website.
§2. Non-EU Persons Consent to Personal Data Processing
5.6. If you are not an EU Person, by transferring to us your Personal Data via the Website or otherwise, you irrevocably and unconditionally consent and agree that the Company Parties shall be entitled, in accordance with this Policy:
5.6.1. To Process in any manner, including to collect, store, use, disclose, share and transfer (including cross-border), your Personal Data so provided to us, as well as your Personal Data collected from your use of the Website and the Services (i.e. your Personal Data which we collet automatically and/or from other sources); and
§1. General Provisions
6.1. The type of Personal Data we collect depends on how you are interacting with us and which Services you are purchasing or using. In many cases, you can choose whether or not to provide us with Personal Data, but if you choose not to, you may not get full functionality from the Website or its Services.
6.2. When you visit the Website, you may provide us with the following types of Personal Data: (i) Personal Data that you voluntarily disclose that is collected on an individual basis; (ii) Personal Data collected automatically when you use the Website and its Services; and (iii) Personal Data which we collect from sources other than the Website.
6.3. You may always refuse to supply your Personal Data, though this may prevent you from engaging in certain Website-related activities and/or obtaining certain Services.
6.4. The Website contains links to other third party websites that may collect Personal Data about you, including through cookies or other technologies. If you use our links to visit other websites, you will leave the Website and this Policy will not apply to your use of, and activity on, those other websites. You should consult these other websites' privacy policies as we have no control over them, and are not responsible for any information that is submitted to or collected by these third parties.
§3. Personal Data We Collect Automatically
6.8. Company Parties may collect the Personal Data from you in a variety of ways and circumstances, including, but not limited to, registration on the Website, placement of an order or a request (if applicable), subscription to a newsletter, response to a survey, filling out a form, use of a live chat (if applicable), providing us with feedback on our products or Services. Company Parties shall be entitled to combine Personal Data collected in the course of your interaction with different sections of the Website or the Services with any other relevant available information.
6.9. Personal Data collected by or transmitted to Company Parties in the course of accessing, interacting, and operating of the Website and provision of the Services may include, without limitation, the following Personal Data:
6.9.1. device information, which may include (but is not limited to) information about the computer or mobile device you use to access the Website, including the hardware model, operating system and version, the web browser you use, and other device identifiers;
6.9.2. usage information and browsing history, such as, information about how you navigate within the Website, your browsing history and which elements of the Website or which Services you use the most;
6.9.3. location data, for Services with location-enhanced features. If we need your consent to collect geo-location data, we will collect this separately;
6.9.4. demographic information, such as, your country, and preferred language;
6.9.5. server log information, which may include (but is not limited to) your login details, the date and time of visits, the pages viewed, your IP address, time spent at the Website and the websites you visit just before and just after the Website;
6.9.6. telemetry information. If you use any of our open source software, we may collect bandwidth upload and download speeds, the amount of free and used storage space on your device and other statistics about your device;
6.9.7. usage information. If you use the Website, we will collect metadata about the files you upload for storage and we will record instances in which you have used your private key to authenticate communications;
6.9.8. information collected by cookies and other tracking technologies. We and our service providers use various technologies to collect information when you interact with the Website, including cookies and web beacons. Cookies are small data files that are stored on your device when you visit a website, which enable us to collect information about your device identifiers, IP address, web browsers used to access the Website, pages or features viewed, time spent on pages, mobile app performance and links clicked. Web beacons are graphic images that are placed on a website or in an email that is used to monitor the behavior of the user visiting the website or sending the email. They are often used in combination with cookies.
7.1. We use Personal Data to provide and improve the Website and its Services and for other purposes that are in our legitimate interests, as well as for compliance purposes.
7.2. We will use the Personal Data for purposes of:
7.2.1. providing, maintaining, delivering, or improving the Website, the Services or other products or services provided through the Website;
7.2.2. verifying that you are a unique individual or entity;
7.2.3. analysing and tracking Personal Data to determine the usefulness or popularity of certain content, and to better understand the online activity of the Website users;
7.2.4. fulfilling our legal or regulatory requirements;
7.2.5. providing you with the information, products, or services that you have requested;
7.2.6. answering your inquiry or responding to a communication from you;
7.2.7. developing new products or services;
7.2.8. sending you technical notices, support, or administrative notifications;
7.2.9. communicating with you about news, products, Services, events and other information we think will be of interest to you;
7.2.10. monitoring and analysing trends, usage, and activities in connection with the Website;
7.2.11. detecting, investigating, and preventing fraudulent transactions or unauthorized or illegal activities;
7.2.12. protecting the rights and property of the Company Parties and others;
7.2.13. linking, connecting, or combining information we collect from or about you with other information; and
7.2.14. carrying out any other purpose or reason for which Personal Data was collected.
8.1. The Company Parties treat Personal Data as confidential and may not pass on or use any such data without valid legal grounds.
8.2. We will only disclose your Personal Data in the following ways:
8.2.1. with your Consent or at your instruction;
8.2.2. with our current or future Company Parties and with other companies under common control or ownership with us or our offices internationally;
8.2.3. for everyday business purposes, such as to process transactions, maintain accounts, respond to court orders, and legal investigations or report to credit bureaus;
8.2.4. certain information you may choose to share may be displayed publicly, such as your username and any content you post when you use interactive areas of the Website like our online forums;
8.2.5. in connection with a merger or sale of our company assets, or if we do a financing or are involved in an acquisition, or any other situation where Personal Data may be disclosed or transferred as one of our business assets;
8.2.6. in response to a request for information if we believe disclosure is in accordance with, or required by, any applicable law, regulation, or legal process;
8.2.7. if we believe your actions are inconsistent with our user agreements, policies or legislation, or to protect the rights, property and safety of any assets of the Company Parties or third parties;
8.2.8. with third parties where aggregate Personal Data is disclosed which cannot be reasonably be used to identify you.
8.3. Please note that third parties that support our customer identification and anti-fraud controls may retain and use information about you to perform services on our behalf and to improve their services. By using our Services, you consent to the retention and use of such information by these providers to improve their services.
8.4. Company Parties may without limitations share aggregated or de-identified information, which cannot reasonably be used to identify you.
9.1. The transmission of Personal Data or any other information (including communications by e-mail) over the Internet or other publicly accessible networks is not one hundred percent secure. Company Parties are not liable for the security of any Personal Data or any other information you are transmitting over the Internet, or third-party content.
10.1. We take appropriate security, administrative, and technical measures to protect any Personal Data you provide regarding the collection, storage and Processing of Personal Data, as well as security measures to protect your User Account against unauthorized access, modification, disclosure or destruction of your Personal Data.
10.2. Personal Data is safeguarded from unauthorised access and unlawful Processing or disclosure, as well as accidental loss, modification or destruction, through state-ofthe-art technical and organisational measures. These are adjusted and updated continuously in tandem with technical developments and organizational changes. Additionally, Personal Data protection audits and other controls are carried out on a regular basis.
10.3. We take reasonable steps to protect the security of the Personal Data communicated through the Website. However, no computer security system is entirely fool proof and the Internet is not a secure method of transmitting information. As a result, we do not assume any responsibility for the Personal Data you submit to or receive from us through the Internet, or for any unauthorized access or use of that information, and we cannot and do not guarantee that information communicated by you to us or sent to you by us will be received, or that it will not be altered before or after its transmission to us. You agree to not hold any Company Party liable for any loss or damage of any sort incurred as a result of any misappropriation, interception, modification, deletion, destruction or use of information provided through the Website.
10.4. Most web browsers are set to accept cookies as a default. You may wish to opt out by turning off cookies (please refer to the help menu on your browser); however, switching off cookies may restrict your use of the Website. You may also opt out of receiving promotional communications from us at any time by following the instructions in those communications. If you opt out, we may still send you nonpromotional communications, such as technical notices, support or administrative notifications or information about your User Account (if you have one).
10.5. Personal Data provided to us is stored in accordance with applicable laws of the jurisdiction of the respective Company Party. The period for which the Personal Data will be stored is determined by the applicable laws of the jurisdiction of the respective Company Party. The Company Parties have ensured that appropriate security standards are in place regarding the safeguarding, confidentiality and security of Personal Data.
11.1. In accordance with applicable laws and as needed to provide the Services to our users, Company Parties may hold your Personal Data. This requirement is conditioned by a need to comply with legal obligations and resolve possible disputes.
11.2. Company Parties may retain your Personal Data so long as your User Account is active. Moreover, your Personal Data may be held beyond the abovementioned period until it is indispensable for Company Parties to have relevant information to respond to any issues that may arise later.
12.1. The Company Parties value protection of all Website and Services users' rights relating to their Personal Data, hence, the Company Parties are committed to making sure you can exercise your respective rights effectively and free of charge. The Company will ensure each your request related to your Personal Data be reviewed in a timely fashion.
12.2. EU Persons shall acknowledge, that their rights relating to Personal Data are provided in the GDPR and other applicable laws of the member states of the European Union. In particular, EU Persons have the following rights relating to their Personal Data:
12.2.1. right to access. You can request access to you Personal Data and obtain a copy of such Personal Data in a format acceptable to you (e.g. PDF, DOC, DOCX, etc.). You can submit such request by sending an email to email@example.com. After your request is received, our privacy team reviews the form and conducts requestor's identity verification without undue delay. Upon successful verification, you are provided with a copy of your Personal Data;
12.2.2. right to data portability. You have the right to receive your Personal Data, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another service provider (controller) without hindrance from us;
12.2.3. right to erasure ("Right to be forgotten") and right to rectification. You are entitled to request erasure or rectification of your Personal Data by sending us a respective request to firstname.lastname@example.org. We will handle requests for Personal Data to be rectified or deleted, unless there is a legal requirement that prohibits such request to be fulfilled. When request is fulfilled, you will be informed that your Personal Data is changed or erased and is not-longer collected, however, to fulfil our legal requirements the Company Parties will store information about each requestor for the purposes of providing an evidence that a request has been fulfilled;
12.2.4. right to object. At all times, you are entitled to object to Processing of your Personal Data. Right to object can be exercised by sending an email to email@example.com. Upon receipt of the request, the Company Parties cease the Processing, unless there is a legal or statutory ground for such Processing;
12.2.5. right to be informed. If you are inquiring about Processing activities conducted with respect to your Personal Data, the Company Parties, without undue delay, will provide information about: (i) purposes of Processing; (ii) categories and types of Personal Data; (iii) the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations (iii) retention period; (v) source of the relevant Personal Data; (vi) privacy rights and information on Data portability; (vii) where the personal data are not collected from the data subject, any available information as to their source; (viii) the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) of the GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and envisaged consequences of such processing for the data subject; (ix) information as to whether personal data are transferred to a third country or to an international organization. Where this is the case, the data subject shall have the right to be informed of the appropriate safeguards relating to the transfer. However, all information about the categories of Personal Data and Processing operational conducted by Company Parties is available in this Policy; and
12.2.6. the right to lodge a complaint with a supervisory authority. Supervisory authority means an independent public authority which is established by an EU member state pursuant to Article 51 GDPR.
13.1. The Website and any products or Services available on Website are not intended to solicit information of any kind from persons under 18 years of age.
14.1. We have the right, at our discretion, to update this Policy at any time. We recommend that you frequently check this Policy to find any changes and stay informed about how we help protect the Personal Data.
14.2. By using the Website, you acknowledge and agree that it is your responsibility to periodically review this Policy and be aware of the changes
14.3. The subsequent use of the Website or the Services after changes to this Policy will also be considered as your acceptance of these changes.
14.4. This Policy may from time to time be translated into other languages. To the extent that any discrepancy may exist between the English version of this Policy and its version in another language, the English version prevails.
15.1. The Company may appoint an expert on data privacy who works independently to ensure that the Company is adhering to the policies and procedures set forth in the GDPR (data protection officer). Data protection officer assists the Company to monitor internal compliance, inform and advise on data protection obligations, provide advice regarding data protection impact assessments (DPIAs) and act as a contact point for data subjects and the supervisory authorities.
15.2. In the case the Company appoints such data protection officer, it will publish its contact details on the Website
16.1. We welcome your questions and suggestions with respect to the implementation or amendment of this Policy. Please use this feedback to communicate with us at: firstname.lastname@example.org.