Privacy Policy
Introduction
Welcome to FansyMe’s privacy policy.
FansyMe respects your privacy and is committed to protecting your personal data. This privacy policy will inform you as to how we look after your personal data when you visit our website (regardless of where you visit it from) and tell you about your privacy rights and how the law protects you.
This Privacy Policy has been set out in the manner provided herein below:-
- Important Information and Who We Are
- The Data We Collect About You
- How Is Your Personal Data Collected
- How We Use Your Personal Data
- Disclosures of Your Personal Data
- International Transfers
- Data Security
- Rights of the Data Subject
- Right to Object
- Duration of Storage of Personal Data
- Do Not Track Policy
- Web Analysis Services
- Site Functionalities
- Your GDPR Legal Rights
- Entire Agreement
Purpose of this Privacy policy
This privacy policy aims to give you information on how FansyMe collects and processes your personal data through your use of this website, including any data you may provide through this website when you sign up to our website.
This website is not intended for children and we do not knowingly collect data relating to children.
It is important that you read this privacy policy together with any other privacy policy or fair processing policy we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy policy supplements other notices and privacy policies and is not intended to override them.
Controller
FansyMe is the controller and responsible for your personal data (collectively referred to as “FansyMe,” “we,” “us,” or “our” in this privacy policy). If you have any questions about this privacy policy, including any requests to exercise your GDPR legal rights, please contact us.
Third-Party Links
This website may include links to third-party websites, plug-ins, and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.
2. The Data We Collect When You Visit Our Website
When using our website for informational purposes only, meaning you do not register or provide us with any information, we collect data that is transmitted by your browser to our server, commonly known as "server log files." Whenever you visit our website, we gather the following data that is essential for us to display the website to you:
- The website you visited
- The date and time of your visit
- The amount of data transmitted in bytes
- The source/reference from where you accessed the page
- The type of browser you used
- The operating system you used
- The IP address used (in anonymized form, if applicable)
The data will not be shared or used for any other purposes. However, we reserve the right to review the server log files if there are any indications of illegal use.
3. The Data We Collect About You
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
According to Art. 6 (1) point b GDPR, personal data will be collected and processed when opening a customer account with us. The data required for opening an account with us can be can found in the input forms during the registration and or verification process.
We may collect, use and store different kinds of personal data about you which we have grouped together as follows:
- Identity Data includes first name, last name, username or similar identifier, third-party social media account login information, date of birth and gender.
- Contact Data includes billing address, email address, and telephone numbers.
- Financial Data includes bank account and payment card details. We store only very limited, if any, Financial Data.
- Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us or any creator.
- Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.
- Content Data includes photos, videos, or other digital content uploaded to our website (please remember that Content Data that you post may reveal personal data about yourself as well).
- Profile Data includes your username and password, purchases or orders made by you, your interests, preferences, feedback, and survey responses.
- Usage Data includes information about how you use our website, products, and services.
For security reasons and to protect the transmission of personal data and other confidential content (eg orders or inquiries to the responsible person), this website uses SSL or TLS encryption. You can recognize an encrypted connection by the string https:// and the lock symbol in the browser line.
If You Fail to Provide Personal Data
Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a service you have with us, but we will notify you if this is the case at the time.
4. How Is Your Personal Data Collected?
We do not retain any data and have no legitimate interest in doing so.
We use different methods to collect data from and about you, including through:
- Direct interactions. You may give us your Identity, Contact, and Financial Data by filling in forms or by corresponding with us by post, email, or otherwise. This includes personal data you provide when you:
- apply for our products or services;
- create an account on our website;
- create a profile on our website;
- subscribe to or purchase services.
- Automated technologies or interactions. As you interact with our website, we will automatically collect Technical and Usage Data about your equipment, browsing actions, and patterns. We collect this personal data by using cookies, server logs, and other similar technologies.
- User Contributions. You also may provide Content Data for us to publish or display ("post") on public website areas or transmit to other website users or third parties. You submit Content Data for posting and transmission to others at your own risk. Although you may set certain privacy settings for Content Data by logging into your account profile, please be aware that no security measures are perfect or impenetrable. Additionally, we cannot control the actions of any website users with whom you choose to share your Content Data. Therefore, we cannot and do not guarantee that unauthorized persons will not view your Content Data.
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
- Where we need to perform the contract we are about to enter into or have entered into with you.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
- Where we need to comply with a legal obligation.
We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising. We have established the following personal data control mechanisms:
Promotional Offers from Us
We may use your Identity, Contact, Technical, Usage, and Profile Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services, and offers may be relevant for you (we call this marketing).
You will receive marketing communications from us if you have requested information from us or purchased services from us or if you provided us with your details when you entered a competition or registered for a promotion and, in each case, you have not opted out of receiving that marketing.
Third-Party Marketing
We will get your express opt-in consent before we share your personal data with any third party for marketing purposes.
Opting Out
You can ask us or third parties to stop sending you marketing messages at any time by following the opt-out links on any marketing messages sent to you or by contacting us at any time.
Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us as a result of a service purchase or registration, service experience, or other transactions.
Cookies
For more information about how we use cookies in accordance with the GDPR and DSGVO, please refer to our Cookie Policy at https://fansyme.com/p/cookies.
Commentary Function
When you use the commentary function on our website, we collect and store your comment, the time it was written, and the username and ID you used when signing up. We also log and store your IP address for security purposes, in case any illegal content is posted or someone violates the rights of third parties. We may use your email address to contact you in case a third party raises concerns about the legality of your content. The legal basis for processing your data is Article 6(1)(b) and (f) of the GDPR. Please note that we reserve the right to delete comments that are deemed unlawful by third parties.
Change of Purpose
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
6. Disclosures of Your Personal Data
We may share your personal data with the following parties:
- External third parties
- Specific third parties
- Third parties to whom we may sell, transfer, or merge parts of our business or assets, or with whom we may acquire other businesses or merge
7. Payment Provider & International Transfers
We may process, store, and transfer personal data we collect, in and to a country outside your own, with different privacy laws that may or may not be comprehensive as your own. Where we do so, and where we are required to under local law, we will put in place appropriate mechanisms to ensure that your personal data receives an adequate level of protection where it is processed.
If you reside in the European Economic Area (EEA) or Germany, your personal data may be processed outside of the EEA or Germany, so processing of your personal data will involve a transfer of data outside the EEA or Germany.
Whenever we transfer your personal data out of the EEA or Germany, we ensure a similar degree of protection is afforded to it by ensuring that the recipient third party agrees to contractual clauses.
7.1 CCBill: When paying with Credit Card or SEPA, the payment is processed by the payment provider, CCBill, 2353 W. University Dr., Tempe, AZ 85281-7223, USA, to whom we will pass on your information provided during the order process together with the information about your order. This includes name, address, possibly credit card and bank account number, invoice amount, currency and transaction number, and is necessary for the performance of the contract between you and us in accordance with Article 6(1)(b) of the GDPR. Your data will be passed on exclusively for the purpose and only to the extent necessary for this purpose to the payment provider CCBill.
CCBill is committed to protecting the privacy of its users and has implemented a comprehensive set of privacy policies and data protection measures in compliance with the GDPR. For more information on how CCBill uses data and protects user privacy, please see CCBill's privacy policy at https://ccbill.com/gdpr/.
7.2 CoinPayments.com: When you select CoinPayments as your payment method, CoinPayments, 85 Piccadilly, London, England W1J 7NB, GB will process your payment. The processing of the payment will require personal data such as your name, email address, and the amount of the purchase. This data is collected and processed exclusively by CoinPayments and is subject to their privacy policy, which is available on their website.
The processing of your personal data by CoinPayments is based on Art. 6 (1) point b GDPR (performance of a contract) and is necessary for the processing of your payment. We do not have access to your payment data and do not store any payment-related information on our website. We only receive a confirmation from CoinPayments that the payment has been made.
You have the right to request access to and rectification or erasure of your personal data, as well as the right to restrict processing and to object to processing. You also have the right to data portability and the right to lodge a complaint with a supervisory authority. For more information on how CoinPayments uses data, as well as your rights and options for managing your data and protecting your privacy, please see their privacy policy at https://www.coinpayments.net/help-privacy.
7.3 SOFORT: We use Sofort, a payment provider provided by Klarna Bank AB (publ) on our website. When you select Sofort as your payment method during the checkout process, you will be directed to the Sofort website where you can complete the payment. In order to process the payment, Sofort may collect personal data such as your name, email address, telephone number, bank details, and the amount of the purchase. This data is collected and processed exclusively by Sofort and is subject to Sofort's privacy policy, which is available on their website.
We do not have access to your payment data and do not store any payment-related information on our website. We only receive a confirmation from Sofort that the payment has been made.
For more information on how Sofort uses data, as well as your options for managing your data and protecting your privacy, please see Sofort's privacy policy at https://www.sofort.com/ger-DE/datenschutzerklaerung-sofort-gmbh/.
7.4 Epoch.com: Our website uses Epoch.com, a secure payment processing service, to handle your transactions. When you select Epoch.com at checkout, you'll be transferred to their secure platform to complete your payment.
During this process, Epoch.com may collect personal information such as your name, email address, billing address, and details related to your chosen payment method (credit card number, bank account information, etc.). This data is gathered and processed solely by Epoch.com, in accordance with their privacy policy which can be found on their website.
We, as the merchant, do not have access to your sensitive payment details and do not store any such information on our servers. We only receive confirmation from Epoch.com once your payment is successful.
For a more comprehensive understanding of Epoch.com's data practices, including your options for managing your information and safeguarding your privacy, please refer to their privacy policy: https://epoch.com/legal_docs/privacy_policy.html.
7.5. UAB Alternative Payments: Our website uses UAB Alternative Payments for secure transactions. When you choose this option at checkout, you'll be redirected to their secure platform.
UAB Alternative Payments handles all personal and payment information according to their privacy policy, available on their website.
We do not access or store your payment details. We only receive confirmation once your payment is successful.
For more details, refer to their privacy policy: https://www.iubenda.com/privacy-policy/25284899
8. Data SecurityWe take the security of your personal data seriously and have implemented appropriate technical and organizational measures to protect your personal data from unauthorized access, use, alteration or disclosure. These measures include implementing industry-standard encryption technologies to protect sensitive information, limiting access to personal data to only those who have a legitimate business need to access it, and ensuring that our employees, agents, and third-party service providers are bound by strict confidentiality obligations.
We also have procedures in place to detect, report and investigate any suspected data breaches. In the event of a data breach, we will notify you and the relevant supervisory authority without undue delay, unless the breach is unlikely to result in a risk to your rights and freedoms.
Please note that while we take reasonable steps to protect your personal data, no security measures can guarantee absolute security. You should always take care when transmitting personal data over the internet or storing it on your devices.
9. Data Processing with AI Services
9.1 Overview: We use third-party services, such as Sightengine, to analyse and moderate user-uploaded content on our platform. This is to ensure compliance with our community guidelines and to provide a safe environment for all users.
9.2 Data Handling:
- URL Submission: We submit only the URLs of user-uploaded content to these services. The actual content data (such as images, videos, or text) is not uploaded or shared directly with the third-party service.
- No Storage of Data: The third-party service does not store or retain any data submitted through URLs. All processing is done in real-time, and no data is retained beyond the completion of the content analysis.
- No Use in AI Training: The data processed by the third-party service is not used for training or improving their AI models. The service solely uses the data to provide the content moderation functionalities requested by our platform.
9.3 Compliance with GDPR: Sightengine complies with the General Data Protection Regulation (GDPR). This compliance is detailed in their Terms of Use and Data Processing Addendum.
9.4 Purpose of Data Processing: The primary purpose of using these AI services is to automate content moderation, ensuring compliance with our community standards and enhancing the user experience on our platform.
9.5 Legal Basis for Processing: The legal basis for processing this data under the DSGVO/GDPR is our legitimate interest (Article 6(1)(f) GDPR) in maintaining a safe and compliant online environment. Additionally, this processing is necessary for the performance of a contract with our users (Article 6(1)(b) GDPR) regarding the use of our platform.
9.6 Your Rights: Users have the right to access, rectify, erase, and restrict the processing of their personal data. Users can also object to the processing of their data and have the right to data portability. To exercise these rights or for any privacy-related inquiries, please contact us at support@fansyme.com.
9.7 Data Security: We implement appropriate technical and organisational measures to ensure the security of the data processed through these services. We select third-party service providers that adhere to high standards of data protection and security.
10. Rights of the Data Subject
Under applicable data protection law (GDPR and DSGVO), you have certain rights as a data subject with respect to the processing of your personal data by the data controller. These rights include:
- Right of access (Article 15 GDPR): You have the right to obtain information about the personal data that we process about you, including the purposes of the processing, the categories of personal data, the recipients or categories of recipients to whom the personal data have been or will be disclosed, the envisaged period for which the personal data will be stored, and the existence of certain rights such as the right to rectification or erasure of personal data, the right to restrict processing, the right to object to processing, and the right to lodge a complaint with a supervisory authority. You also have the right to know where the personal data originated if it was not collected directly from you and whether any automated decision-making or profiling is taking place. Finally, you have the right to know the appropriate safeguards being used when personal data is transferred to a third country.
- Right to rectification (Article 16 GDPR): You have the right to have inaccurate personal data corrected without undue delay or to have incomplete personal data completed, including by providing a supplementary statement.
- Right to erasure (Article 17 GDPR): You have the right to have your personal data erased if certain conditions are met, such as if the data is no longer necessary for the purposes for which it was collected, if you withdraw your consent and there is no other legal basis for processing, or if the data was unlawfully processed. However, this right is not absolute and may be limited in certain circumstances, such as for exercising the freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise, or defense of legal claims.
- Right to restriction of processing (Article 18 GDPR): You have the right to request the restriction of the processing of your personal data if certain conditions are met, such as if you contest the accuracy of the personal data, if the processing is unlawful and you oppose erasure, or if the data is no longer needed for the purposes of the processing but you require it for the establishment, exercise, or defense of legal claims.
- Right to be informed (Article 19 GDPR): If you have exercised your right to rectification, erasure, or restriction of processing, the controller is obliged to communicate any such rectification, erasure, or restriction of processing to any recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort. You have the right to know the recipients of your personal data.
- Right to data portability (Article 20 GDPR): You have the right to receive your personal data that you have provided to the controller in a structured, commonly used, and machine-readable format and to transmit that data to another controller where technically feasible.
- Right to withdraw consent (Article 7(3) GDPR): If the processing of your personal data is based on your consent, you have the right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal. If you withdraw your consent, the data concerned must be immediately erased, unless further processing can be based on another legal basis.
- Right to lodge a complaint (Article 77 GDPR): Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority if you consider that the processing of your personal data infringes the GDPR.
If we process your personal data based on our legitimate interests, you have the right to object to this processing at any time for reasons related to your particular situation.
If you exercise your right to object, we will stop processing your data, unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or if the processing is necessary for the establishment, exercise, or defense of legal claims.
If we process your personal data for direct marketing purposes, you have the right to object to the processing of your personal data for such purposes at any time. You can exercise this right as described above.
If you exercise your right to object, we will stop processing your data for direct marketing purposes.
11. Duration of Storage of Personal Data
The duration of storage of personal data is an important consideration when processing personal data. In determining the duration of storage, we take into account several factors, including the legal basis of the processing, the purpose of processing, and any relevant legal retention periods.
If personal data is processed based on an explicit consent as per Article 6(1)(a) of the General Data Protection Regulation (GDPR), the data will be stored until the data subject revokes their consent.
For data processed within the scope of legal or similar obligations as per Article 6(1)(b) GDPR, the data will be routinely deleted after expiry of the storage periods if it is no longer necessary for the fulfillment of the contract or the initiation of the contract and/or if we no longer have a justified interest in further storage.
When processing personal data based on Article 6(1)(f) GDPR, this data will be stored until the data subject exercises their right to object under Article 21(1) GDPR. However, we may still retain the data if we can provide compelling grounds for processing that are worthy of protection and outweigh the interests, rights, and freedoms of the data subject or if the processing serves to assert, exercise or defend legal claims.
If personal data is processed for the purpose of direct marketing as per Article 6(1)(f) GDPR, this data will be stored until the data subject exercises their right to object under Article 21(2) GDPR.
In cases where specific processing situations are not covered by the information contained in this declaration, stored personal data will be deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.
As a responsible data controller, we take our obligations under GDPR seriously and will always ensure that personal data is processed in accordance with the regulation, including the duration of storage.
12. Do Not Track Policy
Do Not Track (“DNT”) is a privacy preference that you can set in your browser. DNT is a way for you to inform websites and services that you do not want certain information about your webpage visits collected over time and across websites or online services. We are committed to providing you with meaningful choices about the information we collect and that is why we provide you the ability to opt out. But we do not recognize or respond to any DNT signals as the Internet industry works toward defining exactly what DNT means, what it means to comply with DNT, and a common approach to responding to DNT.
13. Web Analysis Services
a) Google Analytics
We use Google Analytics, a web analytics service provided by Google Inc. ("Google"), on our website. Google Analytics uses "cookies", which are text files stored on your computer that enable an analysis of your use of the website. The information generated by the cookie about your use of this website (including your IP address) is usually transmitted to a Google server in the USA and stored there.
We have enabled IP anonymization on this website, so your IP address will be truncated by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area before being transmitted. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there.
On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google.
You can prevent the storage of cookies by setting your browser software accordingly; however, we would like to point out that in this case you may not be able to use all functions of this website to their full extent. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google, as well as the processing of this data by Google, by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
For more information on how Google uses data, as well as your options for managing your data and protecting your privacy, please see Google's privacy policy at https://www.google.com/policies/privacy/.
14. Site functionalities
a) Google Sign-In
If you have a Google profile, you can use the "Google Sign In" social plug-in provided by Google Limited, Gordon House, 4 Barrow St, Dublin, D04 ESW5, Ireland ("Google"), a social network operated by Google Ireland, to create a customer account or to register using the single sign-on method. You can use the "Sign in with Google" button featuring the Google logo to register or sign in to our website.
When you visit a page utilizing the Google Sign-In plugin, your browser establishes a direct connection with Google servers, even if you do not have a Google profile and are currently not logged in. This information, including your IP address, may be sent to Google LLC in the USA based on Google's legitimate interest in the insertion of personalized advertising on the basis of surfing behavior.
By using our "Sign in with Google" button, you can login or register using your Google user data on our website. We will only receive the general and publicly accessible information stored in your profile when using the Google button on Google, if you provide your express consent as required by Art. 6 (1) point a of the GDPR, through a corresponding notice regarding the exchange of data with Google, and only if your personal data protection settings at Google permit it. This information includes your user ID, name, profile picture, age, and gender.
Please note that, following recent changes to Google's Privacy Policy and Terms of Use, information such as your profile picture, the user IDs of your friends, and your friend list may be transferred if they are marked as "public" in your Google privacy settings. If you have given Google permission to use your data, such as your title, first name, surname, address information, country, email address, and date of birth, we will store and process that data to create a user account for you. With your consent, we may also transfer data such as information about your browsing or purchasing behavior to your Google profile.
You can withdraw your consent at any time by sending a message to the controller specified at the start of this declaration.
For more information on the purpose and scope of data collection, further processing and use of data by Google, as well as your rights and privacy protection options, please consult Google's Privacy Policy at https://policies.google.com/privacy.
You can view the terms of use for using "Google Sign-In" or "Register with Google" at https://policies.google.com/terms?hl=en.
To prevent Google from linking the data collected through our website with your Google profile, make sure to log out of Google before visiting our site or install browser add-ons such as "Adblock Plus" (https://adblockplus.org/en) to block Google plugins.
b) Twitter Sign-In
We use Twitter Login, a social login service provided by Twitter Inc. ("Twitter"), on our website. When you log in to our website using your Twitter account, Twitter may collect personal data such as your name, email address, profile picture, and a unique identifier for your account. This data is collected and processed exclusively by Twitter and is subject to Twitter's privacy policy, which is available on their website.
We do not have access to your Twitter login data and do not store any login-related information on our website. We only receive a confirmation from Twitter that you have successfully logged in.
For more information on how Twitter uses data, as well as your options for managing your data and protecting your privacy, please see Twitter's privacy policy at https://twitter.com/en/privacy.
c) FontAwesome
We use web icons from "FontAwesome," a service provided by Fonticons, Inc. located at 710 Blackhorn Dr, Carl Junction, 64834, MO, USA ("FontAwesome"), to display icons uniformly on our website. When you access a page, your browser caches the necessary icons to display them correctly. As a result, your browser connects to FontAwesome's servers in the USA, transmitting your IP address. The use of FontAwesome's icons to enhance the website's appearance is based on our legitimate interest, as outlined in Article 6(1)(f) of the GDPR.
Please note that we have no control over the data collected and processed by FontAwesome, and we encourage you to review their privacy policy, available at https://fontawesome.com/privacy, to learn about their data collection and processing practices.
d) Google reCAPTCHA
We use reCAPTCHA by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google") to prevent automated spam and abuse on our website. The use of reCAPTCHA is based on our legitimate interest in protecting our website from bots and ensuring the security of our users' personal data, as provided for by Art. 6(1)(f) GDPR.
To provide this service, Google LLC collects your IP address and other personal data, such as hardware and software information, which is then transferred to the USA. By using reCAPTCHA, you consent to this data processing by Google. For more information about how Google processes your data and your rights, please consult Google's privacy policy at: https://policies.google.com/privacy.
e) LiveChat
We use LiveChat, a live chat service provided by LiveChat, Inc. on our website to provide customer support. When you use our live chat service, LiveChat may collect personal data such as your name, email address, IP address, and chat transcripts. This data is collected and processed exclusively by LiveChat and is subject to LiveChat's privacy policy, which is available on their website.
We do not have access to your chat data and do not store any chat-related information on our website. We only receive a notification from LiveChat that a chat session has occurred.
For more information on how LiveChat uses data, as well as your options for managing your data and protecting your privacy, please see LiveChat's privacy policy at https://www.livechat.com/legal/privacy-policy/.
14. Your GDPR Legal Rights
If you reside in the EEA or Germany, under certain circumstances, you have rights under data protection laws in relation to your personal data. Please click on the links below to find out more about these rights:
- Request access to your personal data.
- Request correction of your personal data.
- Request erasure of your personal data.
- Object to processing of your personal data.
- Request restriction of processing your personal data.
- Request transfer of your personal data.
- Right to withdraw consent.
Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully, or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which overrides your rights and freedoms.
Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise, or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
15. Entire Agreement
This Privacy Policy constitutes the complete agreement and understanding between the parties regarding the subject matter described herein, and overrides any prior or current agreements, understandings, inducements, or conditions, either expressed or implied, whether oral or written, regarding the subject matter described herein.