Version 1.0 — January 25, 2019
Our Services may contain links to other websites or services; and information practices and/or the content of such other websites or services shall be governed by the privacy statements of such other websites or services.
While using our Services, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. For example, we collect information
when you create an account, request customer support or otherwise communicate with us. The types of information we may collect include basis user information (such as your name, email address, social media avatar, telephone number and photograph), company information and any other information you choose to provide.
We will not collect financial information from you (such as your payment card number, expiration date or security code). All payments to us are handled via a third party, Paddle Ltd (https://paddle.com). We refer to their Privacy Statement https://paddle.com/gdpr.
When you access or use our Services we automatically collect information about you, including:
For individuals in the European Economic Area, our processing (i.e. use) of your Personal Information is justified on the following legal bases:
We operate worldwide and we may share your Personal Information with our affiliated businesses as part of our business operations, administration of the Services and to comply with local laws and regulations. We may also appoint third party service providers (who will operate under our instructions) to assist us in providing information, products or services to you, in conducting and managing our business, or in managing and improving our Services. We may share your personal data with these affiliates and third parties to perform services that the third parties have been engaged by us to perform on our behalf, subject to appropriate contractual restrictions and security measures, or if we believe it is reasonably necessary to prevent harm or loss, or if we believe that the disclosure will further an investigation of suspected or actual illegal activities.
We reserve the right to share any information that is not deemed Personal Information or is not otherwise subject to contractual restrictions.
Where Personal Information is transferred outside the European Economic Area to our affiliated companies or to third party service providers, we will take steps to ensure that your Personal Information is protected by the same level of protection as if it remained within the European Economic Area, including by entering into data transfer agreements using the European Commission approved Standard Contractual Clauses, or by relying on certification schemes such as the Privacy Shield. We contractually require agents, service providers, and affiliates who may process Personal Information related to the Services to provide the same level of protection for Personal Information as required under the European Union General Data Protection Regulation ("GDPR"). Personal Information transferred by us to Walter Inc. in the U.S. is done under the Privacy Shield.
In compliance with the Privacy Shield Principles, Walter commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Walter at: email@example.com.
Walter has further committed to refer unresolved Privacy Shield complaints to Jams ADR, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit https://www.jamsadr.com/eu-us-privacy-shield for more information or to file a complaint. The services of Jams ADR are provided at no cost to you. If your complaint still remains unresolved, then you have the right to invoke binding arbitration by the Privacy Shield Panel upon written notice to Walter at:firstname.lastname@example.org.
We may share Personal Information with third parties in connection with potential or actual sale of our company or any of our assets, or those of any affiliated company, in which case Personal Information held by us about our customers and/or users may be one of the transferred assets.
In accordance with our legal obligations, we may also process Personal Information, subject to a lawful request, to public authorities for law enforcement or national security purposes. Further we may also disclose Personal Information where otherwise required by local law or regulations.
The security of your Personal Information is important to us. We therefore aim to safeguard and protect your Personal Information from unauthorized access, improper use or disclosure, unauthorized modification or unlawful destruction or accidental loss, and we utilize and maintain certain reasonable processes, systems, and technologies to do so. This also means that our personnel is only allowed to access or process Personal Information if this is reasonably required to do so for work related tasks, to adhere to your request or to fulfill a legal obligation on behalf of us.
Please remember that no method of transmission over the internet, or method of electronic storage, is 100% secure or error-free. While we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security. Accordingly, we cannot be held responsible for unauthorized or unintended access that is beyond our control.
Account Password : We strongly encourage you to pick a strong password (use a long password made up of numbers, letters and symbols), that is different from other accounts you use and to update your password regularly.
Transferring Personal Information : As also mentioned above, where Personal Information is transferred outside the European Economic Area to our affiliated companies or to third party service providers, we will take steps to ensure that your Personal Information is protected by the same level of protection as if it remained within the European Economic Area, including by entering into data transfer agreements using the European Commission approved Standard Contractual Clauses, or by relying on certification schemes such as the Privacy Shield. We contractually require agents, service providers, and affiliates who may process Personal Information related to the Services to provide the same level of protection for Personal Information as required under the European Union General Data Protection Regulation ("GDPR").
Personal Information Breach : In the case of a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Information transmitted, stored or otherwise processed by us about our customers and/or users, we shall without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the Personal Information breach to the local supervisory authority, unless the Personal Information breach is unlikely to result in a risk to the rights and freedoms of natural persons. When the Personal Information breach is likely to result in a high risk to the rights and freedoms of natural persons we shall communicate the Personal Information breach without undue delay on our security page, unless we have already i ) implemented appropriate technical and organizational protection measures, and those measures are applied to the Personal Information affected by the breach, in particular those that render the Personal Information unintelligible to any person who is not authorized to access it, such as encryption, or ii) we have taken subsequent measures which ensure that the high risk to the rights and freedoms of natural persons is no longer likely to materialize.
In general the collected Personal Information is not stored by us for longer than three years, unless you do a prior deletion request. However, in some circumstances, we may retain certain Personal Information for other periods of time, for instance where we are required to do so in accordance with legal, tax and accounting requirements, or if required by a legal process, legal authority, or other governmental entity having authority to make the request, for so long as required. In specific circumstances, we may also retain certain Personal Information for longer periods of time corresponding to a statute of limitation, so that we have an accurate record of your dealings with us in the event of any complaints or challenges.
The Services are not for use by children under the age of 16 years and we do not knowingly collect, store, share or use Personal Information of children under 16 years. If you are under the age of 16 years, please do not provide any Personal Information, even if prompted by the Services to do so. If you are under the age of 16 years and you have provided Personal Information, please ask your parent(s) or guardian(s) to notify us and we will delete all such Personal Information.
Based on the GDPR you may have rights available to you in respect of your Personal Information, such as:
In addition to the above rights, you have the right to object, on grounds relating to your particular situation, at any time to any processing of your Personal Information which we have justified on the basis of a legitimate interest, including profiling (as opposed to your consent) or to perform a contract with you. You also have the right to object at any time to any processing of your Personal Information for marketing or promotional purposes, including profiling for marketing or promotional purposes.
identity, and we reserve the right to charge a fee where permitted by law, especially if your request is manifestly unfounded or excessive. We will endeavor to respond to your request within all applicable timeframes.