What Types of Information We Collect
This Policy sets out what personal data we might collect, how we process and protect that data, the lawful grounds for that processing, and your related rights. In most cases, the lawful ground will be that the processing: (i) is necessary for our legitimate interests in carrying out our business, including to grow and improve our Services, provided those interests are not outweighed by your rights and interests (‘Legitimate Interests’), (ii) is necessary to perform a contract with you (‘Contract’), or (iii) we have a legal obligation to carry out the processing (‘Legal Obligation’). Where processing is based on your consent (‘Consent’), we will identify the processing purposes and provide you with relevant information to make the processing fair and transparent. As data protection law and practice are constantly developing, we’ll need to update this policy from time to time, which we’ll do by posting a new policy on the Website that takes effect from the date stated. It is your responsibility to return to the Website from time to time and check for changes.
When you use our Service, we may collect two types of information:
The Personal Information we collect (i.e. information that may allow the identification of the User) includes information voluntarily submitted by the User, including the Users' name and email address, phone number, billing address and certain payment information (e.g. credit card's expiration date and last four digits, etc.). We may also collect Personal Information from your device, such as your IP address.
Non-Personal Information may include the browser name, the type of the User's device and technical information transmitted by the User's device, language preferences, time stamps and visited pages, the operating system, utilized internet service provider and other similar information. We may also collect the User's IP address which would be irrevocably anonymized.
How We Collect Your Information?
We might collect or be provided personal data in the normal course of business, for example:
- you may provide us with your details when you become a customer, such as your name, email and employer ('Account Data')
- when you visit the Website, we may collect information about your visit such as your IP address and the pages you visited and when you use our Services we may collect information on how you use those Services ('Improvement Data')
- you may provide us with your details when you ask about our Services (through the Website, by email or otherwise) and we may obtain legally-compliant lists of potential business customers for our Services for our marketing purposes ('Marketing Data'), and
- we may receive personal data from our customers when using our Services, such as names of team members or data entered into the Services ('Service Data').
When using our Service we assign the User's device with a log file, a cookie (session or persistent), web beacons or other related technologies, to collect Non-Personal Information with respect to the User's activity on our Service.
A "cookie" is a small piece of information that a website assigns to your device while you are viewing a website. Cookies are very helpful and can be used for various different purposes. These purposes include allowing you to navigate between pages efficiently, enable automatic activation of certain features, remembering your preferences and making the interaction between you and our services quicker and easier. Cookies are also used to help customize your experience. You can find more information about cookies at www.allaboutcookies.org. You may remove our cookie by following the instructions of your device preferences; however, if you choose to disable our cookie, some features of our Service may not operate properly, and your online experience may be limited.
How We Use Information We Collect
We use personal data in the normal course of our business, including to provide and improve our Services and meet any binding contractual or legal obligations. For example:
- To respond to enquiries, to provide the websites and Services, to provide advice and support, and to invoice accordingly. Lawful basis: Legitimate Interests or Contract.
- To analyze and improve the website and Services, for example for technical or security purposes and to improve the customer experience. Lawful basis: Legitimate Interests, however where for example applicable law requires your consent to use certain cookies, we will ask for your Consent having provided you with relevant information.
- To market and sell our Services, including to communicate with you about same or similar services that we offer. If we do so, we will provide you with an easy and free way to opt-out of receiving such communications in the future. Legal basis: Legitimate Interests (or Consent as above).
- In certain circumstances, to share it with a limited number of third parties as described in this policy, for example for operational requirements and business continuity purposes. Lawful basis: most processing will be based on Legitimate Interests, some processing will be based on Contract and, where necessary (as above) some processing may be based on your prior Consent.
With Whom We Share Information
We do not sell, trade, or rent Users' Personal Information to other parties. We may share Personal Information with our trusted service providers only to the extent required to fulfill the purposes outlined above. We will only provide our service providers the information which is reasonably required to perform the services, and they will be prohibited from using that information for any other purpose. You can see a full list of our trusted partners, and the purpose for which we share information here: https://www.oktopost.com/cookies
We may also disclose Personal Information, or any other information submitted by a User via the Service if we have a good faith belief that disclosure of such information is helpful or reasonably necessary to: (i) comply with any applicable law, regulation, legal process or governmental request; (ii) enforce our policies, including investigations of potential violations thereof; (iii) investigate, detect, prevent, or take action regarding illegal activities or other wrongdoing, suspected fraud or security issues; (iv) to establish or exercise our rights to defend against legal claims; (v) prevent harm to the rights, property or safety of us, our users, yourself or any third party; or (vi) for the purpose of collaborating with law enforcement agencies and/or in case we find it necessary in order to enforce intellectual property or other legal rights.
Non-Personal Information may be shared with other third parties (including retailers, ad networks, advertising companies, service providers, media and other interested parties) in any of the above circumstances, as well as for the purpose of developing or delivering advertising (whether via our Service, or websites, applications or services of third parties), or for the purpose of improving our Service, conducting business analysis or other business purposes. This information may be combined with information we collect from other sources, to the extent that the information remains Anonymous Information.
Transfer of Personal Information from the EU
Since we operate globally, it may be necessary to transfer your Personal Information to countries outside of the European Union (EU).
The data protection and other laws of these countries may not be as comprehensive as those in the European Union − in these instances we will take steps to ensure that a similar level of protection is given to your Personal Information. To Achieve this, we comply with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. We are responsible for the processing of personal data we receive, under the Privacy Shield Framework, and subsequently transfer to a third party acting as an agency on our behalf.
Under certain conditions, more fully described on the Privacy Shield website, https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/
You hereby consent to the transfer of your Personal Information to countries outside of the European Union.
Retention Policy and User Rights
We respect your privacy rights and therefore you may contact us at firstname.lastname@example.org at any time and request:
- to access, delete, change or update any Personal Information relating to you (for example, if you believe that your Personal Information is incorrect, you may ask to have it corrected or deleted); or
- to receive a copy of Personal Information you directly volunteer to us in a structured, commonly used and machine-readable format;
- that we will cease any further use of your Personal Information (for example, you may ask that we will stop using or sharing your Personal Information with third parties) or that we shall remove your Personal Information (subject to any other legal obligation that may require us to keep the information, such as transactional history and information which is required by anti-money laundering regulation).
We may rectify, replenish or remove incomplete or inaccurate information, at any time and at our own discretion. If you wish to raise a complaint on how we have handled your Personal Information, please contact our DPO at email@example.com.
If you are not satisfied with our response or believe we are collecting or processing your Personal Information not in accordance with the laws, you can complain to the applicable data protection authority.
Unless we are instructed otherwise by Users, we retain the information we collect for a period of seven (7) years. We store the information to provide the Service and to comply with our legal obligations, resolve disputes and enforce our agreements.
We will not knowingly collect Personal Information from children under the age of 16. If we become aware that a user is under the age of 16, we will remove its information from our servers. We reserve the right to request proof of age at any stage so that we can verify that children are not using the Service.
We use industry standard security tools and measures, as well as internal guidelines and organizational procedures to prevent information misuse and data leakage. The information is also protected using Amazon's Web Services cloud-based computing and data storage infrastructure (Amazon S3). You may read more our security practices in our Security and Customer Data Protection center.
While we strive to use commercially acceptable means and procedures to protect the information, which considerably reduce the risks of data misuse, we cannot guarantee that our systems will be absolutely safe. If you become aware of any security vulnerability or potential data breach, please contact us immediately at firstname.lastname@example.org, and we will take the appropriate measures to address such incident, as deemed necessary.
We may use your Personal Information, such as your name or email address, ourselves or by using our third party subcontractors for the purpose of providing you with promotional materials, concerning our Services, as well as products, services, websites and applications, including news about product updates, contests, events, and other promotional materials.
If you have given us your consent, we may also send communications for unrelated products or services. In addition, we may elect to share your Personal Information with qualified third-party partners for marketing or other similar purposes but only where you agree to share such information. Such partners will be prohibited from disclosing or using such information except for the limited purposes which the users have consented to.
Out of respect to your right to privacy we provide you within such marketing materials with means to decline receiving further marketing offers from us. In addition, at any time, you may request to unsubscribe and discontinue receiving marketing offers by contacting by sending a blank message with the word "remove" to email@example.com.
Please note that even if you unsubscribe from our mailing list, we may continue to send out periodic e-mails informing you of technical, service or security issues related to a product or service you requested, confirming you requested a product or service, or providing periodic updates or information relating to the product or service you requested.
Merger, Sale or Bankruptcy
Third party websites
Users may find advertising or other content on our Service that link to the sites and services of our partners, suppliers, advertisers, sponsors, licensors and other third parties. We do not control the content or links that appear on these sites and are not responsible for the practices employed by websites linked to or from our Service. In addition, these sites or services, including their content and links, may be constantly changing. These sites and services may have their own privacy policies and customer service policies. Browsing and interaction on any other website, including websites which have a link to our Service, is subject to that website's own terms and policies.
We are committed to cooperate with the panel established by the EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved Privacy Shield complaints concerning data transferred from the EU and Switzerland.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our your local DPA.