Owner and Data Controller
Jobtome International S.A. - 9
Via San Martino 16/A Mendrisio - Switzerland
IDI: CHE-188.613.998
Owner contact email: info@jobtome.com
Types of Data collected
Among the types of Personal Data that this Website collects, by itself or through third parties, there are:
Trackers; Usage Data; email address; unique device identifiers for advertising (Google Advertiser ID or IDFA, for example); various types of Data.
Complete details on each type of Personal Data collected are provided in the dedicated sections of this privacy policy or by specific explanation texts displayed prior to the Data collection.
Personal Data may be freely provided by the User, or, in case of Usage Data, collected automatically when using this Website.
Unless specified otherwise, all Data requested by this Website is mandatory and failure to provide this Data may make it impossible for this Website to provide its services. In cases where this Website specifically states that some Data is not mandatory, Users are free not to communicate this Data without consequences to the availability or the functioning of the Service.
Users who are uncertain about which Personal Data is mandatory are welcome to contact the Owner.
Any use of Cookies – or of other tracking tools — by this Website or by the owners of third-party services used by this Website serves the purpose of providing the Service required by the User, in addition to any other purposes described in the present document and in the Cookie Policy.
Users are responsible for any third-party Personal Data obtained, published or shared through this Website.
Mode and place of processing the Data
Methods of processing
The Owner takes appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data.
The Data processing is carried out using computers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated. In addition to the Owner, in some cases, the Data may be accessible to certain types of persons in charge, involved with the operation of this Website (administration, sales, marketing, legal, system administration) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by the Owner. The updated list of these parties may be requested from the Owner at any time.
Place
The Data is processed at the Owner's operating offices and in any other places where the parties involved in the processing are located.
Depending on the User's location, data transfers may involve transferring the User's Data to a country other than their own. To find out more about the place of processing of such transferred Data, Users can check the section containing details about the processing of Personal Data.
Retention time
Unless specified otherwise in this document, Personal Data shall be processed and stored for as long as required by the purpose they have been collected for and may be retained for longer due to applicable legal obligation or based on the Users’ consent.
The purposes of processing
The Data concerning the User is collected to allow the Owner to provide its Service, comply with its legal obligations, respond to enforcement requests, protect its rights and interests (or those of its Users or third parties), detect any malicious or fraudulent activity, as well as the following:
Registration and authentication, Advertising, Remarketing and behavioral targeting, Analytics, Hosting and backend infrastructure, Displaying content from external platforms, Tag Management, Heat mapping and session recording, Interaction with data collection platforms and other third parties, Handling activity data and Marketing.
For specific information about the Personal Data used for each purpose, the User may refer to the section “Detailed information on the processing of Personal Data”.
Detailed information on the processing of Personal Data
Personal Data is collected for the following purposes and using the following services:
-
Advertising
This type of service allows User Data to be utilized for advertising communication purposes. These communications are displayed in the form of banners and other advertisements on this Website, possibly based on User interests.
This does not mean that all Personal Data are used for this purpose. Information and conditions of use are shown below.
Some of the services listed below may use Trackers for identifying Users, behavioral retargeting i.e. displaying ads tailored to the User’s interests and behavior, or to measure ads performance. For more information, please check the privacy policies of the relevant services.
Services of this kind usually offer the possibility to opt out of such tracking. In addition to any opt-out feature offered by any of the services below, Users may learn more on how to generally opt out of interest-based advertising within the dedicated section "How to opt-out of interest-based advertising" in this document.
Meta ads conversion tracking (Meta pixel) (Meta Platforms, Inc.)
Meta ads conversion tracking (Meta pixel) is an analytics service provided by Meta Platforms, Inc. that connects data from the Meta Audience Network with actions performed on this Website. The Meta pixel tracks conversions that can be attributed to ads on Facebook, Instagram and Meta Audience Network.
Personal Data processed: Trackers; Usage Data.
Place of processing: United States – Privacy Policy – Opt out.
Category of personal information collected according to the CCPA: internet or other electronic network activity information.
This processing constitutes:
-
a sale according to the CCPA, VCDPA, CPA, CTDPA and UCPA
-
targeted advertising according to the CPA, CTDPA and UCPA
Facebook Lookalike Audience (Facebook, Inc.)
Facebook Lookalike Audience is an advertising and behavioral targeting service provided by Facebook, Inc. that uses Data collected through Facebook Custom Audience in order to display ads to Users with similar behavior to Users who are already in a Custom Audience list on the base of their past use of this Website or engagement with relevant content across the Facebook apps and services.
On the base of these Data, personalized ads will be shown to Users suggested by Facebook Lookalike Audience.
Users can opt out of Facebook's use of cookies for ads personalization by visiting this opt-out page.
Personal Data processed: Cookies; Usage Data.
Place of processing: United States – Privacy Policy – Opt Out.
Category of personal information collected according to the CCPA: internet or other electronic network activity information.
This processing constitutes:
-
a sale according to the CCPA, VCDPA, CPA, CTDPA and UCPA
- a sharing according to the CCPA
-
targeted advertising according to the VCDPA, CPA, CTDPA and UCPA
Google Ad Manager
Google Ad Manager is an advertising service provided by Google LLC or by Google Ireland Limited, depending on how the Owner manages the Data processing, that allows the Owner to run advertising campaigns in conjunction with external advertising networks that the Owner, unless otherwise specified in this document, has no direct relationship with.
In order to opt out from being tracked by various advertising networks, Users may make use of Youronlinechoices. In order to understand Google's use of data, consult Google's partner policy.
This service uses the “DoubleClick” Cookie, which tracks use of this Website and User behavior concerning ads, products and services offered.
Users may decide to disable all the DoubleClick Cookies by going to: Google Ad Settings.
Personal Data processed: Cookies; Usage Data.
Place of processing: United States – Privacy Policy; Ireland – Privacy Policy.
Category of personal information collected according to the CCPA: internet or other electronic network activity information.
This processing constitutes:
-
a sale according to the CCPA, VCDPA, CPA, CTDPA and UCPA
- a sharing according to the CCPA
-
targeted advertising according to the VCDPA, CPA, CTDPA and UCPA
Google AdSense
Google AdSense is an advertising service provided by Google LLC or by Google Ireland Limited, depending on how the Owner manages the Data processing. This service uses the “DoubleClick” Cookie, which tracks use of this Website and User behavior concerning ads, products and services offered.
Users may decide to disable all the DoubleClick Cookies by going to: Google Ad Settings.
In order to understand Google's use of data, consult Google's partner policy.
Personal Data processed: Cookies; Usage Data.
Place of processing: United States – Privacy Policy – Opt Out; Ireland – Privacy Policy – Opt Out.
Category of personal information collected according to the CCPA: internet or other electronic network activity information.
This processing constitutes:
-
a sale according to the CCPA, VCDPA, CPA, CTDPA and UCPA
- a sharing according to the CCPA
-
targeted advertising according to the VCDPA, CPA, CTDPA and UCPA
Hotjar Form Analysis & Conversion Funnels (Hotjar Ltd.)
Hotjar is an analytics service provided by Hotjar Ltd.
Hotjar honors generic Do Not Track headers. This means your browser can tell its script not to collect any of your data. This is a setting that is available in all major browsers. Find Hotjar’s opt-out information here.
Personal Data processed: Trackers; Usage Data.
Place of processing: Malta – Privacy Policy – Opt Out.
Category of personal information collected according to the CCPA: internet or other electronic network activity information.
This processing constitutes:
-
a sale according to the CCPA, VCDPA, CPA, CTDPA and UCPA
-
targeted advertising according to the CPA, CTDPA and UCPA
Microsoft Advertising (Microsoft Corporation)
Microsoft Advertising is an advertising service provided by Microsoft Corporation.
Personal Data processed: Cookies; Usage Data.
Place of processing: United States – Privacy Policy – Opt Out.
Category of personal information collected according to the CCPA: internet or other electronic network activity information.
This processing constitutes:
-
a sale according to the CCPA, VCDPA, CPA, CTDPA and UCPA
- a sharing according to the CCPA
-
targeted advertising according to the VCDPA, CPA, CTDPA and UCPA
Index Exchange, Inc.
Index Exchange, Inc. (“Index Exchange”) believes in all Internet users’ rights to privacy. This Policy explains the information collection, use, and disclosure practices of Index Exchange. It applies to all information received by Index Exchange whether in electronic, paper or verbal format.
THE INDEX EXCHANGE BUSINESS
The Index Exchange Online Advertising Exchange (“Index Platform”) prides itself on providing an atmosphere that is non-disruptive to Internet users. Our proprietary ad personalizationmethodologies enable advertisers to effectively direct their campaigns to the audience(s) they are looking to reach without engaging in profiling practices. Services offered by Index Exchange include a Web-based advertising exchange marketplace that enables publishers, advertisers, and ad networks to efficiently market, buy and sell digital and mobile advertising and ad inventory.
Through its ad server, Index Exchange also acts as a service provider to enable its publishers, advertisers, ad networks and other clients to collect and use data for advertising purposes on their digital and mobile platforms across the Internet. Publishers may use our services to process consumer data, which they collect or source. Their data collection, use, and sharing practices may be governed by their own privacy policies and differ from those found in Index Exchange’s Privacy Policy. We encourage you to refer to the privacy policies of any websites you visit and apps you use, to learn about their privacy practices before disclosing any personal information to them.
INDUSTRY SELF–REGULATION
Index Exchange prides itself on conducting business in a transparent and open manner. In line with those values, we support efforts for self-regulation in the internet-based advertising industry.
NAI
Index Exchange is a member in good standing of the Network Advertising Initiative (NAI), a cooperative of online marketing and analytics companies committed to responsible data collection for digital advertising, building consumer awareness, and establishing responsible business and data management practices and standards. Index Exchange adheres to the NAI Code of Conduct in all its operations.
DAA
Index Exchange adheres to the standards and practices outlined by The Digital Advertising Alliance, a consortium of the leading national advertising and marketing trade associations, promoting a self-regulatory program for online interest-based advertising. More information on the program can be found here.
INFORMATION COLLECTION, USE, AND SHARING
In general, like most standard website servers, Index Exchange uses log files to track transactions. These log files include internet protocol (IP) addresses, browser types used, postal or zip codes, the internet service provider (ISP) utilised, referring/exit pages, platform type, date/time stamps, device IDs, and number of clicks among others. This information is then used to analyze trends, administer the site, and personalizeadvertisements to users accordingly. Index Exchange does not collect a website user’s Personally Identifiable Information (PII) as defined under United States federal law. However, in the course of and for purposes of conducting its business, Index Exchange may collect and process the following consumer information that is considered Personal Information (PI) under the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA) or Personal Data under the European Union’s General Data Protection Regulation (GDPR):
(1) browser and device information received from publishers is shared with advertisers and agencies for responding to requests for advertisements, forecast advertising inventory and troubleshooting any operation issues related to the Index Platform;
(2) IP addresses, including both IPv4 and IPv6 are used to bid on advertising inventory;
(3) geo-location data is used to bid on advertising inventory;
(4) Precise Location Data (data obtained from a device about the physical location of the device) is used to bid on advertising inventory;
(5) GPS coordinates, where available;
(6) unique Index Exchange UserIDs, stored in browser cookies, are used for profiles on the ad server;
(7) mobile device identifiers are used to understand mobile traffic and are shared with advertisers and agencies to personalize the advertising experience;
(8) Pixel Data (data obtained through or in connection with the placement of any pixel mechanism) is used as part of the user matching process;
(9) people identifiers provided by Index Exchange’s partners are associated to audience segments, and shared with advertisers and agencies;
(10) data on whether a user viewed or clicked on an Ad is shared with advertisers and agencies.
Index Exchange’s internal processes treat personal data in accordance with regulatory requirements and applicable privacy laws to ensure that information is stored securely and used only for allowed and intended purposes.
Index Exchange may combine information that does not directly identify an individual with data collected from other sources to provide publishers, advertisers and ad networks with information to improve the relevance of advertising presented to users and determine whether to bid on ad inventory. In addition, although Index Exchange does not directly engage in Cross-App Advertising, our technology may collect and/or pass through Mobile Device IDs (the unique identifier assigned to a device by the manufacturer) or Advertising IDs (for iOS 6 and later), instead of cookies, to recognize you.
Do Not Track Signal
Index Exchange does not honor the ‘DNT’ browser signal. Instead, we utilize the cookie based opt-out mechanisms to allow users to opt-out of all advertising. For more information, please see the “Your Choices” section below.
Cross–Device Linking
Cross-Device Linking is the process of making assumptions that certain devices are related to each other, i.e. they belong to the same user/household. Index Exchange may engage in Cross Device Linking for personalized advertising, ad delivery, and reporting. If you would like to opt-out of having Cross-Device Linking used by Index Exchange on your devices, please see the “Your Choices” section below.
Cookies (HTTP Cookies and HTML5 Cookies or Local Storage)
An HTTP cookie is an object that stores a small amount of data on behalf of a browser on a given device. By saving information in a cookie, websites can remember preferences or recognize browsers from one visit to another or from one website to another. Index Exchange uses both session-only and persistent cookies. More specifically, Index Exchange uses certain cookies that last only for the duration of a user’s internet session and expire when that user closes his or her browser, as well as certain other cookies that are used to remember a user when he or she returns to a website and will last for longer.
HTML5 cookies, also known as HTML5 Web Storage, or local storage, is a technology that allows a website or application to store information locally on a user’s computer or mobile device. Index Exchange uses HTML5 cookies, or local storage, in connection with its platform and website to support publisher monetization objectives and speed up page load time.
Index Exchange ultimately uses these technologies (referred to as “cookies” going forward) to facilitate transactions between buyers and sellers of digital advertising inventory and, among other things, to enable its demand-side partners, publishers, data management platforms, and other third-party clients (collectively referred to as “Index Exchange clients/partners” moving forward) to effectively: (a) target advertisements to users of digital media properties, (b) evaluate and assess their advertisements and campaigns; and (c) view and enforce user opt-out choices. Index Exchange’s platform further uses cookies to associate information that does not directly identify an individual user with browsers and devices, so that Index Exchange’s platform and Index Exchange clients/partners can then use the information to select advertisements and campaigns for delivery via the Index Exchange platform. Index Exchange engages in cookie syncing, which is the matching of Index Exchange cookie IDs to Index Exchange clients’/partners’ cookie IDs.
Index Exchange collects and stores IDs from a variety of domains, including adsrvr.org and casalemedia.com. These IDs are stored in either Index Exchange’s domain (casalemedia.com) or the publisher’s first party domain.
PII, PI, and Personal Data of Index Exchange Clients
Registering to become a member of the Index Platform and use of the Index Exchange User Interface, either as an advertiser or a publisher, requires the submission of PI, PII or Personal Data to Index Exchange. This can include the full name, mailing and/or billing address, email address, company name, and website URL. Index Exchange uses this information to service its accounts and respond to inbound inquiries related to sales or technical support requests. Communications to business users are related to the Advertising Exchange. The Index Exchange User Interface also uses Google Analytics technology to monitor traffic on the UI. All such information submitted is held by Index Exchange in strict confidence and as prescribed by corresponding regulatory authorities.
Index Exchange does not engage in any form of distribution or sale of PII, PI or Personal Data to third parties for their own promotional use. Index Exchange does not sell, supply, or otherwise make user PII, PI or Personal Data available to any third party under any circumstances, unless ordered to do so by a court of competent jurisdiction.
Information Obtained from Third Parties
Index Exchange may obtain data from third party companies for the purpose of informing ad selection. This data may include Personal Data as defined under the GDPR. Advertisers who are clients of Index Exchange may collect PII and Personal Data on their own websites. These details are provided directly by the individual Internet user through online order forms, contests, etc. PII or Personal Data provided through an advertiser’s website is not visible to Index Exchange while being entered, nor provided to Index Exchange at any time in the future. This personal data collected by the advertiser is subject to the privacy policy of the individual advertiser involved.
YOUR PRIVACY CHOICES
Web Browser Option to Opt–Out
Some of the ads you see on the internet or in applications on your mobile device are tailored to your interests and based on your activity online or in the applications on your mobile device. This type of ad tailoring — sometimes called “interest-based” advertising — is enabled through various technologies, including browser cookies, mobile advertising identifiers as well as other non-cookie technologies. Tailored digital ads help support the free products, services and content you enjoy online. To help protect your privacy, Index Exchange (along with other NAI members) has voluntarily agreed to abide by high NAI standards including offering an opt-out mechanism.
Opting out of interest-based advertising means that you will no longer be shown ads that have been tailored to your interests. It does not mean you will no longer see advertising online. When you opt-out, an opt-out cookie will be stored in your web browser signaling your opt-out preference to NAI members including Index Exchange.
Please note that if your browser is configured to block third-party cookies, then the opt out cookie may not work. If you delete your browser cookies, you will need to opt out again. The opt-out will not apply to the specific browser in which you set it. The opt-out process must be repeated for each different browser.
CLICK HERE TO OPT-OUT
INDEX EXCHANGE INC. OFFERS INDIVIDUALS THE OPPORTUNITY TO CHOOSE WHETHER AN INDIVIDUAL’S PERSONAL DATA (OR SOMETIMES OTHERWISE REFERRED TO AS PERSONAL INFORMATION OR PERSONALLY IDENTIFIABLE INFORMATION) IS TO BE DISCLOSED TO A THIRD PARTY OR TO BE USED FOR A PURPOSE THAT IS MATERIALLY DIFFERENT FROM THE PURPOSE(S) FOR WHICH IT WAS ORIGINALLY COLLECTED OR FOR A PURPOSE THAT IS MATERIALLY DIFFERENT THAN ANY PURPOSE(S) SUBSEQUENTLY AUTHORIZED BY SUCH INDIVIDUAL.
IN THE EVENT THAT YOU WOULD LIKE TO EXERCISE YOUR CHOICE (I.E. OPT-OUT) TO SPECIFY THAT INDEX EXCHANGE INC. MAY NOT DISCLOSE YOUR COOKIE DATA TO A THIRD PARTY, PLEASE VISIT THE NAI’S OPT-OUT PAGE BY FOLLOWING THE LINK BELOW.
CLICK HERE TO OPT-OUT
IF INDEX EXCHANGE INC. USES YOUR PERSONAL DATA (AS SOMETIMES OTHERWISE REFERRED TO AS PERSONAL INFORMATION OR PERSONALLY IDENTIFIABLE INFORMATION) FOR A PURPOSE THAT IS MATERIALLY DIFFERENT FROM THE PURPOSE(S) FOR WHICH IT WAS ORIGINALLY COLLECTED OR SUBSEQUENTLY AUTHORIZED, INDEX EXCHANGE INC. WILL OFFER YOU THE OPPORTUNITY TO OPT OUT OF SUCH USES AND/OR DISCLOSURES.
DATA RETENTION
Index Exchange may retain data for as long as needed to provide services. We may retain data even after an account has been closed or is no longer engaged in business with Index Exchange if retention is reasonably necessary to comply with our legal obligations or meet regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our Privacy Policy or our contractual obligations. We also retain personal data for as long as is necessary to provide support-related reporting and trend analysis which is thirteen (13) months. After 13 months, we de-personalize data by creating data sets that cannot be traced back to individuals. Personal data will be destroyed according to our data destruction process.
INFORMATION SECURITY
Index Exchange follows strict Information Security policies to protect personal data submitted to us, both during transmission and once we receive it. Although we take steps to secure your information, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security.
In the unlikely event of a confirmed security breach, Index Exchange will investigate and contact impacted persons within 72 hours of the breach.
We reserve the right to disclose your personal data as required by law, in response to a subpoena or similar investigative demand, a court order, or a request for cooperation from a law enforcement or other government agency; when we believe that disclosure is necessary to protect or exercise our legal rights; or to defend against legal claims.
EUROPEAN UNION AND SWISS RESIDENTS
Index Exchange transfers data from the European Union and Switzerland to the United States in accordance with the EU-US and Swiss-US Privacy Shield Frameworks. More information on the Privacy Shield program set forth by the U.S. Department of Commerce can be found at https://www.privacyshield.gov/eu-us-framework.
Index Exchange is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission for any violations of the EU-US or Swiss-US Privacy Shield Framework. Index Exchange may be held responsible if third party controllers to whom it transfers personal information or third party agents it engages to process this data on its behalf, act in a manner inconsistent with the Privacy Shield Principles. Index Exchange is required to disclose personal information in response to lawful requests to meet national security or law enforcement requirements.
Access to and Deletion of Personal Data
Individuals residing in the European Union or Switzerland have the right to access any of their Personal Data retained by us. You also have the right to have the data corrected, amended or deleted where it is inaccurate or processed in violation of the Principles.
You can make a request to access or delete your Personal Data via Index Exchange’s User Access Request portal.
Data Protection Officer
If you have a complaint regarding the response to your request to access or delete information, please contact our Data Protection Officer:
Attn: Index Exchange Data Protection Officer
Legal Army, S.L.
B88103700
María de Molina, 60 4th
28006 Madrid (Spain)
Email: gdpr@legalarmy.net
Recourse Mechanisms
If you have any questions or complaints regarding Index Exchange’s compliance with the EU-US or Swiss-US Privacy Shield framework, please contact us. If we are unable to resolve your complaint, you may submit the matter to the ICDR-AAA, an independent dispute resolution body designated to addressing such complaints and providing appropriate recourse free of charge to you. You may also invoke, under specific conditions laid out by the EU-US and Swiss-US Privacy Shield, the right to binding arbitration to resolve your complaint.
CHANGES TO THIS PRIVACY POLICY
Index Exchange may find it necessary to update this Privacy Policy from time to time. Any changes will be posted at this site. Except as otherwise required by law, any modifications made to this Privacy Policy will not materially affect the privacy of data collected by Index Exchange prior to the effective date of the policy change.
CONTACT US
To inquire about privacy concerns, please contact Index Exchange by mail, as detailed below, or using our online form.
Attn: Privacy Team
Index Exchange
74 Wingold Avenue
Toronto, Ontario M6B1P5 Canada
Residents of the European Union can make a request to access or delete their Personal Data via Index Exchange’s User Access Request portal.
Index Exchange processes PII, PI and Personal Data in accordance with this Privacy Policy. In addition to Index Exchange being a controller, other controllers may exist depending on the use of your Personal Data. If you have questions regarding the collection and use of Personal Data, please contact our Privacy Team who will direct any inquiries to the proper controller as applicable.
Any user who has consented to the use of their Personal Data by Index Exchange in accordance with the uses disclosed in this Privacy Policy, has the right to withdraw their consent to such use. In order to withdraw your consent, please contact our Privacy Team.
This processing constitutes:
-
a sale according to the CCPA, VCDPA, CPA, CTDPA and UCPA
- a sharing according to the CCPA
-
targeted advertising according to the VCDPA, CPA, CTDPA and UCPA
OpenX Ad Exchange (OpenX Technologies, Inc.)
OpenX Ad Exchange is an advertising service provided by OpenX Technologies, Inc.
The service provides an ad exchange platform that facilitates the optimization of ads from multiple ad networks, which can be third parties to both OpenX and the Owner.
Personal Data processed: Cookies; Usage Data.
Place of processing: United States – Privacy Policy – Opt Out.
Category of personal information collected according to the CCPA: internet or other electronic network activity information.
This processing constitutes:
-
a sale according to the CCPA, VCDPA, CPA, CTDPA and UCPA
- a sharing according to the CCPA
-
targeted advertising according to the VCDPA, CPA, CTDPA and UCPA
Rubicon Project (The Rubicon Project, Inc.)
Rubicon Project is an advertising service provided by The Rubicon Project, Inc.
Personal Data processed: Cookies; Usage Data.
Place of processing: United States – Privacy Policy – Opt Out.
Category of personal information collected according to the CCPA: internet or other electronic network activity information.
This processing constitutes:
-
a sale according to the CCPA, VCDPA, CPA, CTDPA and UCPA
- a sharing according to the CCPA
-
targeted advertising according to the VCDPA, CPA, CTDPA and UCPA
Sovrn (Sovrn Holdings Inc)
Sovrn is an advertising service provided by Sovrn Holdings Inc.
Personal Data processed: Cookies; Usage Data.
Place of processing: United States – Privacy Policy.
Category of personal information collected according to the CCPA: internet or other electronic network activity information.
This processing constitutes:
-
a sale according to the CCPA, VCDPA, CPA, CTDPA and UCPA
- a sharing according to the CCPA
-
targeted advertising according to the VCDPA, CPA, CTDPA and UCPA
Smart AdServer (Smart AdServer SAS)
Smart AdServer is an advertising service provided by Smart AdServer SA.
Personal Data processed: Cookies; Usage Data.
Place of processing: France – Privacy Policy – Opt Out.
Category of personal information collected according to the CCPA: internet or other electronic network activity information.
This processing constitutes:
-
a sale according to the CCPA, VCDPA, CPA, CTDPA and UCPA
- a sharing according to the CCPA
-
targeted advertising according to the VCDPA, CPA, CTDPA and UCPA
Smart Adserver (Smart Adserver)
Smart Adserver is an advertising service provided by Smart Adserver.
Personal Data processed: Cookies; Usage Data.
Category of personal information collected according to the CCPA: internet or other electronic network activity information.
This processing constitutes:
-
a sale according to the CCPA, VCDPA, CPA, CTDPA and UCPA
- a sharing according to the CCPA
-
targeted advertising according to the VCDPA, CPA, CTDPA and UCPA
Improve Digital (Improve Digital International BV)
Improve Digital is an advertising service provided by Improve Digital International BV.
Personal Data processed: Cookies; Usage Data.
Place of processing: Netherlands – Privacy Policy – Opt out.
Category of personal information collected according to the CCPA: internet or other electronic network activity information.
This processing constitutes:
-
a sale according to the CCPA, VCDPA, CPA, CTDPA and UCPA
- a sharing according to the CCPA
-
targeted advertising according to the VCDPA, CPA, CTDPA and UCPA
Media.net (Media.net Advertising FZ-LLC)
Media.net is an advertising service provided by Media.net Advertising FZ-LLC.
Personal Data processed: Cookies; Usage Data.
Place of processing: United Arab Emirates – Privacy Policy – Opt out.
Category of personal information collected according to the CCPA: internet or other electronic network activity information.
This processing constitutes:
-
a sale according to the CCPA, VCDPA, CPA, CTDPA and UCPA
- a sharing according to the CCPA
-
targeted advertising according to the VCDPA, CPA, CTDPA and UCPA
Google Advertising Products (TCF integration) (Google Ireland Limited)
Google Advertising Products (TCF integration) is an advertising service provided by Google Ireland Limited.
Personal Data processed: Cookies; Usage Data.
Place of processing: Ireland – Privacy Policy – Opt Out.
Category of personal information collected according to the CCPA: internet or other electronic network activity information.
This processing constitutes:
-
a sale according to the VCDPA, CPA, CTDPA and UCPA
- a sharing according to the CCPA
-
targeted advertising according to the VCDPA, CPA, CTDPA and UCPA
RhythmOne (RhythmOne, LLC)
RhythmOne is an advertising service provided by RhythmOne, LLC.
Personal Data processed: Cookies; Usage Data.
Place of processing: United States – Privacy Policy – Opt out.
Category of personal information collected according to the CCPA: internet or other electronic network activity information.
This processing constitutes:
-
a sale according to the CCPA, VCDPA, CPA, CTDPA and UCPA
- a sharing according to the CCPA
-
targeted advertising according to the VCDPA, CPA, CTDPA and UCPA
RTB House (RTB House S.A.)
RTB House is an advertising service provided by RTB House S.A.
Personal Data processed: Tracker; Usage Data.
Place of processing: Poland – Privacy Policy – Opt out.
Category of personal information collected according to the CCPA: internet or other electronic network activity information.
This processing constitutes:
-
a sale according to the CCPA, VCDPA, CPA, CTDPA and UCPA
- a sharing according to the CCPA
-
targeted advertising according to the VCDPA, CPA, CTDPA and UCPA
-
Analytics
The services contained in this section enable the Owner to monitor and analyze web traffic and can be used to keep track of User behavior.
Google Analytics Advertising Reporting Features
Google Analytics on this Website has Advertising Reporting Features activated, which collects additional information from the DoubleClick cookie (web activity) and from device advertising IDs (app activity). It allows the Owner to analyze specific behavior and interests Data (traffic Data and Users' ads interaction Data) and, if enabled, demographic Data (information about the age and gender).
Users can opt out of Google's use of cookies by visiting Google's Ads Settings.
Personal Data processed: Cookies; unique device identifiers for advertising (Google Advertiser ID or IDFA, for example); various types of Data as specified in the privacy policy of the service.
Place of processing: United States – Privacy Policy – Opt Out; Ireland – Privacy Policy – Opt Out.
Category of personal information collected according to the CCPA: identifiers; internet or other electronic network activity information.
This processing constitutes:
-
a sale according to the CCPA, VCDPA, CPA, CTDPA and UCPA
-
targeted advertising according to the CPA, CTDPA and UCPA
Google Analytics
Google Analytics is a web analysis service provided by Google LLC or by Google Ireland Limited, depending on how the Owner manages the Data processing, (“Google”). Google utilizes the Data collected to track and examine the use of this Website, to prepare reports on its activities and share them with other Google services.
Google may use the Data collected to contextualize and personalize the ads of its own advertising network.
Personal Data processed: Cookies; Usage Data.
Place of processing: United States – Privacy Policy – Opt Out; Ireland – Privacy Policy – Opt Out.
Category of personal information collected according to the CCPA: internet or other electronic network activity information.
This processing constitutes:
-
a sale according to the CCPA, VCDPA, CPA, CTDPA and UCPA
Google Analytics with anonymized IP
Google Analytics is a web analysis service provided by Google LLC or by Google Ireland Limited, depending on how the Owner manages the Data processing, (“Google”). Google utilizes the Data collected to track and examine the use of this Website, to prepare reports on its activities and share them with other Google services.
Google may use the Data collected to contextualize and personalize the ads of its own advertising network.
This integration of Google Analytics anonymizes your IP address. It works by shortening Users' IP addresses within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the complete IP address be sent to a Google server and shortened within the US.
Personal Data processed: Cookies; Usage Data.
Place of processing: United States – Privacy Policy – Opt Out; Ireland – Privacy Policy – Opt Out.
Category of personal information collected according to the CCPA: internet or other electronic network activity information.
This processing constitutes:
-
a sale according to the CCPA, VCDPA, CPA, CTDPA and UCPA
-
targeted advertising according to the CPA, CTDPA and UCPA
-
Displaying content from external platforms
This type of service allows you to view content hosted on external platforms directly from the pages of this Website and interact with them.
This type of service might still collect web traffic data for the pages where the service is installed, even when Users do not use it.
Google Fonts
Google Fonts is a typeface visualization service provided by Google LLC or by Google Ireland Limited, depending on how the Owner manages the Data processing, that allows this Website to incorporate content of this kind on its pages.
Personal Data processed: Usage Data; various types of Data as specified in the privacy policy of the service.
Place of processing: United States – Privacy Policy; Ireland – Privacy Policy.
Category of personal information collected according to the CCPA: internet or other electronic network activity information.
This processing constitutes:
-
a sale according to the CCPA, VCDPA, CPA, CTDPA and UCPA
-
targeted advertising according to the CPA, CTDPA and UCPA
-
Handling activity data
This type of service allows the Owner to use the activity data collected by your device in order for this Website to operate or to provide specific features. This may include movements, heartbeat, change in altitude or data about the surroundings.
Depending on what is described below, third parties may be involved in the activity tracking.
Most devices allow for the User to control which Data is accessed or stored.
Pipelin
Pipelin is a web analysis service provided by Jobtome International S.A.
Pipelin utilizes the Data collected to track and examine the use of this Application, to prepare reports on its activities and share them with other Jobtome International S.A. services.
Pipelin may use the Data collected to contextualize and personalize the user experience of this Application.
Personal Data collected: Cookies; Usage Data.
This processing constitutes:
-
a sale according to the CCPA, VCDPA, CPA, CTDPA and UCPA
- a sharing according to the CCPA
-
targeted advertising according to the VCDPA, CPA, CTDPA and UCPA
-
Heat mapping and session recording
Heat mapping services are used to display the areas of a page where Users most frequently move the mouse or click. This shows where the points of interest are. These services make it possible to monitor and analyze web traffic and keep track of User behavior.
Some of these services may record sessions and make them available for later visual playback.
Hotjar Heat Maps & Recordings (Hotjar Ltd.)
Hotjar is a session recording and heat mapping service provided by Hotjar Ltd.
Hotjar honors generic „Do Not Track” headers. This means the browser can tell its script not to collect any of the User's data. This is a setting that is available in all major browsers. Find Hotjar’s opt-out information here.
Personal Data processed: Cookies; Usage Data; various types of Data as specified in the privacy policy of the service.
Place of processing: Malta – Privacy Policy – Opt Out.
Category of personal information collected according to the CCPA: internet or other electronic network activity information.
This processing constitutes:
-
a sale according to the CCPA, VCDPA, CPA, CTDPA and UCPA
-
targeted advertising according to the CPA, CTDPA and UCPA
-
Hosting and backend infrastructure
This type of service has the purpose of hosting Data and files that enable this Website to run and be distributed as well as to provide a ready-made infrastructure to run specific features or parts of this Website.
Some services among those listed below, if any, may work through geographically distributed servers, making it difficult to determine the actual location where the Personal Data are stored.
Google Cloud Storage
Google Cloud Storage is a hosting service provided by Google LLC or by Google Ireland Limited, depending on how the Owner manages the Data processing.
Personal Data processed: various types of Data as specified in the privacy policy of the service.
Place of processing: United States – Privacy Policy; Canada – Privacy Policy; Brazil – Privacy Policy; Belgium – Privacy Policy; United Kingdom – Privacy Policy; Germany – Privacy Policy; Netherlands – Privacy Policy; Taiwan – Privacy Policy; Japan – Privacy Policy; India – Privacy Policy; Singapore – Privacy Policy; Australia – Privacy Policy; Ireland – Privacy Policy.
Category of personal information collected according to the CCPA: internet or other electronic network activity information.
This processing constitutes:
-
a sale according to the CPA, CTDPA and UCPA
-
targeted advertising according to the CPA, CTDPA and UCPA
-
Interaction with data collection platforms and other third parties
This type of service allows Users to interact with data collection platforms or other services directly from the pages of this Website for the purpose of saving and reusing data.
If one of these services is installed, it may collect browsing and Usage Data in the pages where it is installed, even if the Users do not actively use the service.
Hotjar Recruit User Testers (Hotjar Ltd.)
The Hotjar Recruit User Testers widget is a service for interacting with the Hotjar data collection platform provided by Hotjar Ltd.
Hotjar honors generic „Do Not Track” headers. This means the browser can tell its script not to collect any of the User's data. This is a setting that is available in all major browsers. Find Hotjar’s opt-out information here.
Personal Data processed: Cookies; Usage Data; various types of Data.
Place of processing: Malta – Privacy Policy – Opt Out.
Category of personal information collected according to the CCPA: internet or other electronic network activity information.
This processing constitutes:
-
a sale according to the CCPA, VCDPA, CPA, CTDPA and UCPA
- a sharing according to the CCPA
-
targeted advertising according to the VCDPA, CPA, CTDPA and UCPA
-
Marketing
LiveRamp
When you use our website, we share information that we collect from you, such as your email (in hashed form), IP address or information about your browser or operating system, with our partner/service provider, LiveRamp Inc. LiveRamp returns an online identification code that we may store in our first-party cookie for our use in online and cross-channel advertising and it may be shared with advertising companies to enable interest-based and targeted advertising. To opt out of this use, please click here (https://optout.liveramp.com/opt_out).
This processing constitutes:
-
a sale according to the CCPA, VCDPA, CPA, CTDPA and UCPA
- a sharing according to the CCPA
-
targeted advertising according to the VCDPA, CPA, CTDPA and UCPA
-
Registration and authentication
By registering or authenticating, Users allow this Website to identify them and give them access to dedicated services.
Depending on what is described below, third parties may provide registration and authentication services. In this case, this Website will be able to access some Data, stored by these third-party services, for registration or identification purposes.
Some of the services listed below may also collect Personal Data for targeting and profiling purposes; to find out more, please refer to the description of each service.
Facebook Authentication (Facebook, Inc.)
Facebook Authentication is a registration and authentication service provided by Facebook, Inc. and is connected to the Facebook social network.
Personal Data processed: various types of Data as specified in the privacy policy of the service.
Place of processing: United States – Privacy Policy.
Category of personal information collected according to the CCPA: internet or other electronic network activity information.
This processing constitutes:
-
a sale according to the CCPA and VCDPA
Google OAuth
Google OAuth is a registration and authentication service provided by Google LLC or by Google Ireland Limited, depending on how the Owner manages the Data processing, and is connected to the Google network.
Personal Data processed: various types of Data as specified in the privacy policy of the service.
Place of processing: United States – Privacy Policy; Ireland – Privacy Policy.
Category of personal information collected according to the CCPA: internet or other electronic network activity information.
This processing constitutes:
-
a sale according to the CCPA, VCDPA, CPA, CTDPA and UCPA
-
Remarketing and behavioral targeting
This type of service allows this Website and its partners to inform, optimize and serve advertising based on past use of this Website by the User.
This activity is facilitated by tracking Usage Data and by using Trackers to collect information which is then transferred to the partners that manage the remarketing and behavioral targeting activity.
Some services offer a remarketing option based on email address lists.
In addition to any opt-out feature provided by any of the services below, Users may opt out by visiting the Network Advertising Initiative opt-out page.
Users may also opt-out of certain advertising features through applicable device settings, such as the device advertising settings for mobile phones or ads settings in general.
Facebook Custom Audience (Facebook, Inc.)
Facebook Custom Audience is a remarketing and behavioral targeting service provided by Facebook, Inc. that connects the activity of this Website with the Facebook advertising network.
Users can opt out of Facebook's use of cookies for ads personalization by visiting this opt-out page.
Personal Data processed: Cookies; email address.
Place of processing: United States – Privacy Policy – Opt Out.
Category of personal information collected according to the CCPA: identifiers; internet or other electronic network activity information.
This processing constitutes:
-
a sale according to the CCPA, VCDPA, CPA, CTDPA and UCPA
- a sharing according to the CCPA
-
targeted advertising according to the VCDPA, CPA, CTDPA and UCPA
-
Tag Management
This type of service helps the Owner to manage the tags or scripts needed on this Website in a centralized fashion.
This results in the Users' Data flowing through these services, potentially resulting in the retention of this Data.
Google Tag Manager
Google Tag Manager is a tag management service provided by Google LLC or by Google Ireland Limited, depending on how the Owner manages the Data processing.
Personal Data processed: Usage Data.
Place of processing: United States – Privacy Policy; Ireland – Privacy Policy.
Category of personal information collected according to the CCPA: internet or other electronic network activity information.
This processing constitutes:
-
a sale according to the CCPA, CPA, CTDPA and UCPA
-
targeted advertising according to the CPA, CTDPA and UCPA
Information on opting out of interest-based advertising
In addition to any opt-out feature provided by
any of the services listed in this document, Users may learn more on
how to generally opt out of interest-based advertising within the
dedicated section of the Cookie Policy.
Cookie Policy
This Website uses Trackers. To learn more, Users may consult the Cookie Policy.
Legal basis of processing
The Owner may process Personal Data relating to Users if one of the following applies:
- Users have given their consent for one or more specific purposes.
- provision of Data is necessary for the performance of an agreement with the User and/or for any pre-contractual obligations thereof;
- processing is necessary for compliance with a legal obligation to which the Owner is subject;
- processing is related to a task that is carried out in the public interest or in the exercise of official authority vested in the Owner;
- processing is necessary for the purposes of the legitimate interests pursued by the Owner or by a third party.
In any case, the Owner will gladly help to clarify the specific legal basis that applies to the processing, and in particular whether the provision of Personal Data is a statutory or contractual requirement, or a requirement necessary to enter into a contract.
Further information about retention time
Unless specified otherwise in this document, Personal Data shall be processed and stored for as long as required by the purpose they have been collected for and may be retained for longer due to applicable legal obligation or based on the Users’ consent.
Therefore:
- Personal Data collected for purposes related to the performance of a contract between the Owner and the User shall be retained until such contract has been fully performed.
- Personal Data collected for the purposes of the Owner’s legitimate interests shall be retained as long as needed to fulfill such purposes. Users may find specific information regarding the legitimate interests pursued by the Owner within the relevant sections of this document or by contacting the Owner.
The Owner may be allowed to retain Personal Data for a longer period whenever the User has given consent to such processing, as long as such consent is not withdrawn. Furthermore, the Owner may be obliged to retain Personal Data for a longer period whenever required to fulfil a legal obligation or upon order of an authority.
Once the retention period expires, Personal Data shall be deleted. Therefore, the right of access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after expiration of the retention period.
The rights of Users based on the General Data Protection Regulation (GDPR)
Users may exercise certain rights regarding their Data processed by the Owner.
In particular, Users have the right to do the following, to the extent permitted by law:
- Withdraw their consent at any time. Users have the right to withdraw consent where they have previously given their consent to the processing of their Personal Data.
- Object to processing of their Data. Users have the right to object to the processing of their Data if the processing is carried out on a legal basis other than consent.
- Access their Data. Users have the right to learn if Data is being processed by the Owner, obtain disclosure regarding certain aspects of the processing and obtain a copy of the Data undergoing processing.
- Verify and seek rectification. Users have the right to verify the accuracy of their Data and ask for it to be updated or corrected.
- Restrict the processing of their Data. Users have the right to restrict the processing of their Data. In this case, the Owner will not process their Data for any purpose other than storing it.
- Have their Personal Data deleted or otherwise removed. Users have the right to obtain the erasure of their Data from the Owner.
- Receive their Data and have it transferred to another controller. Users have the right to receive their Data in a structured, commonly used and machine readable format and, if technically feasible, to have it transmitted to another controller without any hindrance.
- Lodge a complaint. Users have the right to bring a claim before their competent data protection authority.
Users are also entitled to learn about the legal basis for Data transfers abroad including to any international organization governed by public international law or set up by two or more countries, such as the UN, and about the security measures taken by the Owner to safeguard their Data.
Details about the right to object to processing
Where Personal Data is processed for a public interest, in the exercise of an official authority vested in the Owner or for the purposes of the legitimate interests pursued by the Owner, Users may object to such processing by providing a ground related to their particular situation to justify the objection.
Users must know that, however, should their Personal Data be processed for direct marketing purposes, they can object to that processing at any time, free of charge and without providing any justification. Where the User objects to processing for direct marketing purposes, the Personal Data will no longer be processed for such purposes. To learn whether the Owner is processing Personal Data for direct marketing purposes, Users may refer to the relevant sections of this document.
How to exercise these rights
Any requests to exercise User rights can be directed to the Owner through the contact details provided in this document. Such requests are free of charge and will be answered by the Owner as early as possible and always within one month, providing Users with the information required by law. Any rectification or erasure of Personal Data or restriction of processing will be communicated by the Owner to each recipient, if any, to whom the Personal Data has been disclosed unless this proves impossible or involves disproportionate effort. At the Users’ request, the Owner will inform them about those recipients.
Further information for California consumers
This section of the document integrates with and supplements the information contained in the rest of the privacy policy and is provided by the business running this Website and, if the case may be, its parent, subsidiaries and affiliates (for the purposes of this section referred to collectively as “we”, “us”, “our”).
This section applies to all Users (Users are referred to below, simply as “you”, “your”, “yours”), who are consumers residing in the state of California, United States of America, according to the "California Consumer Privacy Act of 2018" (the "CCPA"), as updated by the "California Privacy Rights Act" (the "CPRA") and subsequent regulations. For such consumers, this section supersedes any other possibly divergent or conflicting information contained in the privacy policy.
This part of the document uses the term “personal information“ as defined in the California Consumer Privacy Act (CCPA/CPRA).
Notice at collection
In this section we summarize the categories of personal information that we've collected, used, sold, or shared and the purposes thereof. You can read about these activities in detail in the section titled “Detailed information on the processing of Personal Data” within this document.
Information we collect: the categories of personal information we collect
We have collected the following categories of personal information about you: identifiers and internet or other electronic network activity information.
We do not collect sensitive personal information.
We will not collect additional categories of personal information without notifying you.
What are the purposes for which we use your personal information?
We may use your personal information to allow the operational functioning of this Website and features thereof (“business purposes”). In such cases, your personal information will be processed in a fashion necessary and proportionate to the business purpose for which it was collected, and strictly within the limits of compatible operational purposes.
We may also use your personal information for other reasons such as for commercial purposes (as indicated within the section “Detailed information on the processing of Personal Data” within this document), as well as for complying with the law and defending our rights before the competent authorities where our rights and interests are threatened or we suffer an actual damage.
We won’t process your information for unexpected purposes, or for purposes incompatible with the purposes originally disclosed, without your consent.
How long do we keep your personal information?
Unless stated otherwise inside the “Detailed information on the processing of Personal Data” section, we will not retain your personal information for longer than is reasonably necessary for the purpose(s) they have been collected for.
How we collect information: what are the sources of the personal information we collect?
We collect the above-mentioned categories of personal information, either directly or indirectly, from you when you use this Website.
For example, you directly provide your personal information when you submit requests via any forms on this Website. You also provide personal information indirectly when you navigate this Website, as personal information about you is automatically observed and collected.
Finally, we may collect your personal information from third parties that work with us in connection with the Service or with the functioning of this Application and features thereof.
How we use the information we collect: disclosing of your personal information with third parties for a business purpose
For our purposes, the word “third party” means a person who is not any of the following: a service provider or a contractor, as defined by the CCPA.
We disclose your personal information with the third parties listed in detail in the section titled “Detailed information on the processing of Personal Data” within this document. These third parties are grouped and categorized in accordance with the different purposes of processing.
Sale or sharing of your personal information
For our purposes, the word “sale” means any “selling, renting, releasing, disclosing, disseminating, making available, transferring or otherwise communicating orally, in writing, or by electronic means, a consumer's personal information by the business to a third party, for monetary or other valuable consideration”, as defined by the CCPA.
This means that, for example, a sale can happen whenever an application runs ads, or makes statistical analyses on the traffic or views, or simply because it uses tools such as social network plugins and the like.
For our purposes, the word “sharing” means any “sharing, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer's personal information by the business to a third party for cross-context behavioral advertising, whether or not for monetary or other valuable consideration, including transactions between a business and a third party for cross-context behavioral advertising for the benefit of a business in which no money is exchanged”, as defined by the CCPA.
Please note that the exchange of personal information with a service provider pursuant to a written contract that meets the requirements set by the CCPA, does not constitute a sale or sharing of your personal information.
Your right to opt out of the sale or sharing of your personal information and how you can exercise it
We sell or share your personal information with the third parties listed in detail in the section titled “Detailed information on the processing of Personal Data” within this document. These third parties are grouped and categorized in accordance with the different purposes of processing.
You have the right to opt out of the sale or sharing of your personal information. This means that whenever you request us to stop selling or sharing your personal information, we will abide by your request.
Such requests can be made freely, at any time, without submitting any verifiable request.
To fully exercise your right to opt out, you can contact us at any time using the contact details provided in this document.
For a simplified opt-out method you can also use the privacy choices link provided on this Website.
If you want to submit requests to opt out of the sale or sharing of personal information via a user-enabled global privacy control, like the Global Privacy Control (“GPC”), you are free to do so and we will abide by such request in a frictionless manner (as defined in the CPRA regulations). The GPC consists of a setting or extension in the browser or mobile device and acts as a mechanism that websites can use to indicate they support the GPC signal. If you want to use GPC, you can download and enable it via a participating browser or browser extension. More information about downloading GPC is available here.
We use any personal information collected from you in connection with the submission of your opt-out request solely for the purposes of complying with the opt-out request.
Once you have opted out, we are required to wait at least 12 months before asking whether you have changed your mind.
Your privacy rights under the California Consumer Privacy Act and how to exercise them
The right to access personal information: the right to know and to portability
You have the right to request that we disclose to you:
- the categories of personal information that we collect about you;
- the sources from which the personal information is collected;
- the purposes for which we use your information;
- to whom we disclose such information;
- the specific pieces of personal information we have collected about you.
You also have the right to know what personal information is sold or shared and to whom. In particular, you have the right to request two separate lists from us where we disclose:
- the categories of personal information that we sold or shared about you and the categories of third parties to whom the personal information was sold or shared;
- the categories of personal information that we disclosed about you for a business purpose and the categories of persons to whom it was disclosed for a business purpose.
The disclosure described above will be limited to the personal information collected or used over the past 12 months.
If we deliver our response electronically, the information enclosed will be "portable", i.e. delivered in an easily usable format to enable you to transmit the information to another entity without hindrance — provided that this is technically feasible.
The right to request the deletion of your personal information
You have the right to request that we delete any of your personal information, subject to exceptions set forth by the law (such as, including but not limited to, where the information is used to identify and repair errors on this Website, to detect security incidents and protect against fraudulent or illegal activities, to exercise certain rights etc.).
If no legal exception applies, as a result of exercising your right, we will delete your personal information and notify any of our service providers and all third parties to whom we have sold or shared the personal information to do so — provided that this is technically feasible and doesn’t involve disproportionate effort.
The right to correct inaccurate personal information
You have the right to request that we correct any inaccurate personal information we maintain about you, taking into account the nature of the personal information and the purposes of the processing of the personal information.
The right to opt out of sale or sharing of personal information and to limit the use of your sensitive personal information
You have the right to opt out of the sale or sharing of your personal information. You also have the right to request that we limit our use or disclosure of your sensitive personal information.
The right of no retaliation following opt-out or exercise of other rights (the right to non-discrimination)
We will not discriminate against you for exercising your rights under the CCPA. This means that we will not discriminate against you, including, but not limited to, by denying goods or services, charging you a different price, or providing a different level or quality of goods or services just because you exercised your consumer privacy rights.
However, if you refuse to provide your personal information to us or ask us to delete or stop selling your personal information, and that personal information or sale is necessary for us to provide you with goods or services, we may not be able to complete that transaction.
To the extent permitted by the law, we may offer you promotions, discounts, and other deals in exchange for collecting, keeping, or selling your personal information, provided that the financial incentive offered is reasonably related to the value of your personal information.
How to exercise your rights
To exercise the rights described above, you need to submit your verifiable request to us by contacting us via the details provided in this document.
For us to respond to your request, it’s necessary that we know who you are. Therefore, you can only exercise the above rights by making a verifiable request which must:
- provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative;
- describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We will not respond to any request if we are unable to verify your identity and therefore confirm the personal information in our possession actually relates to you.
Making a verifiable consumer request does not require you to create an account with us. We will use any personal information collected from you in connection with the verification of your request solely for the purposes of verification and shall not further disclose the personal information, retain it longer than necessary for purposes of verification, or use it for unrelated purposes.
If you cannot personally submit a verifiable request, you can authorize a person registered with the California Secretary of State to act on your behalf.
If you are an adult, you can make a verifiable request on behalf of a child under your parental authority.
You can submit a maximum number of 2 requests over a period of 12 months.
How and when we are expected to handle your request
We will confirm receipt of your verifiable request within 10 days and provide information about how we will process your request.
We will respond to your request within 45 days of its receipt. Should we need more time, we will explain to you the reasons why, and how much more time we need. In this regard, please note that we may take up to 90 days to fulfill your request.
Our disclosure(s) will cover the preceding 12-month period. Only with regard to personal information collected on or after January 1, 2022, you have the right to request that we disclose information beyond the 12-month period, and we will provide them to you unless doing so proves impossible or would involve a disproportionate effort.
Should we deny your request, we will explain you the reasons behind our denial.
We do not charge a fee to process or respond to your verifiable request unless such request is manifestly unfounded or excessive. In such cases, we may charge a reasonable fee, or refuse to act on the request. In either case, we will communicate our choices and explain the reasons behind it.
Further information for Virginia consumers
This section of the document integrates with and supplements the information contained in the rest of the privacy policy and is provided by the controller running this Application and, if the case may be, its parent, subsidiaries and affiliates (for the purposes of this section referred to collectively as “we”, “us”, “our”).
This section applies to all Users (Users are referred to below, simply as “you”, “your”, “yours”), who are consumers residing in the Commonwealth of Virginia, according to the “Virginia Consumer Data Protection Act" (the "VCDPA"), and, for such consumers, it supersedes any other possibly divergent or conflicting information contained in the privacy policy.
This part of the document uses the term “personal data” as defined in the VCDPA.
In this section, we summarize the categories of personal data that we've processed and the purposes thereof. You can read about these activities in detail in the section titled “Detailed information on the processing of Persona Data” within this document.
Categories of personal data we collect
We have collected the following categories of personal data: identifiers and internet information
We do not collect sensitive data.
We will not collect additional categories of personal data without notifying you.
Why we process your personal data
To find out why we process your personal data, you can read the sections titled “Detailed information on the processing of Personal Data” and “The purposes of processing” within this document.
We won’t process your information for unexpected purposes, or for purposes incompatible with the purposes originally disclosed, without your consent.
You can freely give, deny, or withdraw such consent at any time using the contact details provided in this document.
How we use the data we collect: sharing of your personal data with third parties
We share your personal data with the third parties listed in detail in the section titled “Detailed information on the processing of Personal Data” within this document. These third parties are grouped and categorized in accordance with the different purposes of processing.
For our purposes, the word "third party" means "a natural or legal person, public authority, agency, or body other than the consumer, controller, processor, or an affiliate of the processor or the controller" as defined by the VCDPA.
Sale of your personal data
For our purposes, the word “sale” means any “exchange of personal data for monetary consideration by us to a third party“ as defined by the VCDPA.
Please note that according to the VCDPA, the disclosure of personal data to a processor that processes personal data on behalf of a controller does not constitute a sale. In addition, other specific exceptions set forth in the VCDPA may apply, such as, but not limited to, the disclosure of personal data to a third party for the provision of a product or service requested by you.
As specified in the “Detailed information on the processing of Personal Data” section of this document, our use of your personal information may be considered a sale under VCDPA.
Your right to opt out of the sale of your personal data and how you can exercise it
You have the right to opt out of the sale of your personal data. This means that whenever you request us to stop selling your data, we will abide by your request. To fully exercise your right to opt out you can contact us at any time using the contact details provided in this document.
We use any personal data collected from you in connection with the submission of your opt-out request solely for the purpose of complying with the request.
Processing of your personal data for targeted advertising
For our purposes, the word "targeted advertising" means "displaying advertisements to you where the advertisement is selected based on personal data obtained from your activities over time and across nonaffiliated websites or online applications to predict your preferences or interests" as defined by the VCDPA.
Please note that according to the VCDPA, targeted advertising does not include: “advertisements based on activities within a controller's own websites or online applications; advertisements based on the context of a consumer's current search query, visit to a website or online application; advertisements directed to a consumer in response to the consumer's request for information or feedback; or processing personal data solely for measuring or reporting advertising performance, reach, or frequency”.
To find out more details on the processing of your personal data for targeted advertising purposes, you can read the section titled “Detailed information on the processing of Personal Data” within this document.
Your right to opt out of the processing of your personal data for targeted advertising and how you can exercise it
You have the right to opt out of the processing of your personal data for targeted advertising. This means that whenever you ask us to stop processing your data for targeted advertising, we will abide by your request. To fully exercise your right to opt out you can contact us at any time, using the contact details provided in this document.
We use any personal data collected from you in connection with the submission of your opt-out request solely for the purposes of complying with the opt-out request.
Your privacy rights under the Virginia Consumer Data Protection Act and how to exercise them
You may exercise certain rights regarding your data processed by us. In particular, you have the right to do the following:
- access personal data: the right to know. You have the right to request that we confirm whether or not we are processing your personal data. You also have the right to access such personal data.
- correct inaccurate personal data. You have the right to request that we correct any inaccurate personal data we maintain about you, taking into account the nature of the personal data and the purposes of the processing of the personal data.
- request the deletion of your personal data. You have the right to request that we delete any of your personal data.
- obtain a copy of your personal data. We will provide your personal data in a portable and usable format that allows you to transfer data easily to another entity — provided that this is technically feasible.
- opt out of the processing of your personal data for the purposes of targeted advertising, the sale of personal data, or profiling in furtherance of decisions that produce legal or similarly significant effects concerning you.
- non-discrimination. We will not discriminate against you for exercising your rights under the VCDPA. This means that we will not, among other things, deny goods or services, charge you a different price, or provide a different level or quality of goods or services just because you exercised your consumer privacy rights. However, if you refuse to provide your personal data to us or ask us to delete or stop selling your personal data, and that personal data or sale is necessary for us to provide you with goods or services, we may not be able to complete that transaction. To the extent permitted by the law, we may offer a different price, rate, level, quality, or selection of goods or services to you, including offering goods or services for no fee, if you have exercised your right to opt out, or our offer is related to your voluntary participation in a bona fide loyalty, rewards, premium features, discounts, or club card program.
How to exercise your rights
To exercise the rights described above, you need to submit your request to us by contacting us via the contact details provided in this document.
For us to respond to your request, we need to know who you are.
We will not respond to any request if we are unable to verify your identity using commercially reasonable efforts and therefore confirm that the personal data in our possession actually relate to you. In such cases, we may request that you provide additional information which is reasonably necessary to authenticate you and your request.
Making a consumer request does not require you to create an account with us. However, we may require you to use your existing account. We will use any personal data collected from you in connection with your request solely for the purposes of authentication, without further disclosing the personal data, retaining it longer than necessary for purposes of authentication, or using it for unrelated purposes.
If you are an adult, you can make a request on behalf of a child under your parental authority.
How and when we are expected to handle your request
We will respond to your request without undue delay, but in all cases and at the latest within 45 days of its receipt. Should we need more time, we will explain to you the reasons why, and how much more time we need. In this regard, please note that we may take up to 90 days to fulfill your request.
Should we deny your request, we will explain to you the reasons behind our denial without undue delay, but in all cases and at the latest within 45 days of receipt of the request. It is your right to appeal such decision by submitting a request to us via the details provided in this document. Within 60 days of receipt of the appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If the appeal is denied you may contact the Attorney General to submit a complaint.
We do not charge a fee to respond to your request, for up to two requests per year. If your request is manifestly unfounded, excessive or repetitive, we may charge a reasonable fee or refuse to act on the request. In either case, we will communicate our choices and explain the reasons behind them.
Further information for Colorado consumers
This section of the document integrates with and supplements the information contained in the rest of the privacy policy and is provided by the controller running this Website and, if the case may be, its parent, subsidiaries and affiliates (for the purposes of this section referred to collectively as “we”, “us”, “our”).
This section applies to all Users (Users are referred to below, simply as “you”, “your”, “yours”), who are consumers residing in the State of Colorado, according to the “Colorado Privacy Act" (the "CPA"), and, for such consumers, it supersedes any other possibly divergent or conflicting information contained in the privacy policy.
This part of the document uses the term “personal data” as defined in the CPA.
In this section, we summarize the categories of personal data that we've processed and the purposes thereof. You can read about these activities in detail in the section titled “Detailed information on the processing of Persona Data” within this document.
Categories of personal data we collect
We have collected the following categories of personal data: identifiers and internet information
We do not collect sensitive data.
We will not collect additional categories of personal data without notifying you.
Why we process your personal data
To find out why we process your personal data, you can read the sections titled “Detailed information on the processing of Personal Data” and “The purposes of processing” within this document.
We won’t process your information for unexpected purposes, or for purposes incompatible with the purposes originally disclosed, without your consent.
You can freely give, deny, or withdraw such consent at any time using the contact details provided in this document.
How we use the data we collect: sharing of your personal data with third parties
We share your personal data with the third parties listed in detail in the section titled “Detailed information on the processing of Personal Data” within this document. These third parties are grouped and categorized in accordance with the different purposes of processing.
For our purposes, the word "third party" means "a person, public authority, agency, or body other than a consumer, controller, processor, or affiliate of the processor or the controller." as defined by the CPA.
Sale of your personal data
As specified in the “Detailed information on the processing of Personal Data” section of this document, our use of your personal data may be considered a sale under the CPA.
For our purposes, the word "sale", "sell", or "sold" means "the exchange of personal data for monetary or other valuable consideration by a controller to a third party" as defined by the CPA.
Please note that according to the CPA, the disclosure of personal data to a processor that processes personal data on behalf of a controller does not constitute a sale. In addition, other specific exceptions set forth in the CPA may apply, such as, but not limited to, the disclosure of personal data to a third party for the provision of a product or service requested by you.
Your right to opt out of the sale of your personal data and how you can exercise it
You have the right to opt out of the sale of your personal data. This means that whenever you request us to stop selling your data, we will abide by your request.
To fully exercise your right to opt out you can contact us at any time, using the contact details provided in this document.
For a simplified opt-out method you can also use the privacy choices link provided on this Website.
We use any personal data collected from you in connection with the submission of your opt-out request solely for the purpose of complying with the request.
Processing of your personal data for targeted advertising
As specified in the “Detailed information on the processing of Personal Data” section of this document, we may use your personal data for targeted advertising purposes.
For our purposes, the word "targeted advertising" means "displaying to a consumer an advertisement that is selected based on personal data obtained or inferred over time from the consumer's activities across nonaffiliated websites, applications, or online services to predict consumer preferences or interests" as defined by CPA.
Please note that according to the CPA, targeted advertising does not include: “advertisements directed to a consumer in response to the consumer's request for information or feedback; advertisements based on activities within a controller's own websites or online applications or any affiliated website or online application; advertisements based on the context of a consumer's current search query, visit to an internet web site or online application; or processing personal data solely to measure or report advertising frequency, performance or reach”.
Your right to opt out of the processing of your personal data for targeted advertising and how you can exercise it
You have the right to opt out of the processing of your personal data for targeted advertising. This means that whenever you ask us to stop processing your data for targeted advertising, we will abide by your request.
To fully exercise your right to opt out you can contact us at any time, using the contact details provided in this document.
For a simplified opt-out method you can also use the privacy choices link provided on this Website.
We use any personal data collected from you in connection with the submission of your opt-out request solely for the purposes of complying with the opt-out request.
Universal opt-out mechanism: Global privacy control
If you want to submit requests to opt-out of the sale of personal data or the targeted advertising via a user-enabled global privacy control, like the Global Privacy Control (“GPC”), you are free to do so and we will abide by such request. The GPC consists of a setting or extension in the browser or mobile device and acts as a mechanism that websites can use to indicate they support the GPC signal. If you want to use GPC, you can download and enable it via a participating browser or browser extension. More information about downloading GPC is available here.
Your privacy rights under the Colorado Privacy Act and how to exercise them
You may exercise certain rights regarding your data processed by us. In particular, you have the right to do the following:
- opt out of the processing of your personal data for the purposes of targeted advertising, the sale of personal data, or profiling in furtherance of decisions that produce legal or similarly significant effects concerning you.
- access personal data. You have the right to request that we confirm whether or not we are processing your personal data. You also have the right to access such personal data.
- correct inaccurate personal data. You have the right to request that we correct any inaccurate personal data we maintain about you, taking into account the nature of the personal data and the purposes of the processing of the personal data.
- request the deletion of your personal data. You have the right to request that we delete any of your personal data.
- obtain a copy of your personal data. We will provide your personal data in a portable and usable format that allows you to transfer data easily to another entity – provided that this is technically feasible.
In any case, we will not increase the cost of, or decrease the availability of, a product or service, based solely on the exercise of any of your rights and unrelated to the feasibility or the value of a service. However, to the extent permitted by the law, we may offer a different price, rate, level, quality, or selection of goods or services to you, including offering goods or services for no fee, if our offer is related to your voluntary participation in a bona fide loyalty, rewards, premium features, discounts, or club card program.
How to exercise your rights
To exercise the rights described above, you need to submit your request to us by contacting us via the contact details provided in this document.
For us to respond to your request, we need to know who you are and which right you wish to exercise.
We will not respond to any request if we are unable to verify your identity using commercially reasonable efforts and therefore confirm that the personal data in our possession actually relate to you. In such cases, we may request that you provide additional information which is reasonably necessary to authenticate you and your request.
Making a consumer request does not require you to create an account with us. However, we may require you to use your existing account. We will use any personal data collected from you in connection with your request solely for the purposes of authentication, without further disclosing the personal data, retaining it longer than necessary for purposes of authentication, or using it for unrelated purposes.
If you are an adult, you can make a request on behalf of a child under your parental authority.
How and when we are expected to handle your request
We will respond to your request without undue delay, but in all cases and at the latest within 45 days of its receipt. Should we need more time, we will explain to you the reasons why, and how much more time we need. In this regard, please note that we may take up to 90 days to fulfill your request.
Should we deny your request, we will explain to you the reasons behind our denial without undue delay, but in all cases and at the latest within 45 days of receipt of the request. It is your right to appeal such decision by submitting a request to us via the details provided in this document. Within 45 days of receipt of the appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If the appeal is denied you may contact the Attorney General to submit a complaint.
We do not charge a fee to respond to your request, for up to two requests per year.
Further information for Connecticut consumers
This section of the document integrates with and supplements the information contained in the rest of the privacy policy and is provided by the controller running this Website and, if the case may be, its parent, subsidiaries and affiliates (for the purposes of this section referred to collectively as “we”, “us”, “our”).
This section applies o all Users (Users are referred to below, simply as “you”, “your”, “yours”), who are consumers residing in the State of Connecticut, according to “An Act Concerning Personal Data Privacy and Online Monitoring " (also known as "The Connecticut Data Privacy Act" or the “CTDPA"), and, for such consumers, it supersedes any other possibly divergent or conflicting information contained in the privacy policy.
This part of the document uses the term “personal data” as defined in the CTDPA.
In this section, we summarize the categories of personal data that we've processed and the purposes thereof. You can read about these activities in detail in the section titled “Detailed information on the processing of Persona Data” within this document.
Categories of personal data we collect
We have collected the following categories of personal data: identifiers and internet information
We do not collect sensitive data.
We will not collect additional categories of personal data without notifying you.
Why we process your personal data
To find out why we process your personal data, you can read the sections titled “Detailed information on the processing of Personal Data” and “The purposes of processing” within this document.
We won’t process your information for unexpected purposes, or for purposes incompatible with the purposes originally disclosed, without your consent.
You can freely give, deny, or withdraw such consent at any time using the contact details provided in this document.
How we use the data we collect: sharing of your personal data with third parties
We share your personal data with the third parties listed in detail in the section titled “Detailed information on the processing of Personal Data” within this document. These third parties are grouped and categorized in accordance with the different purposes of processing.
For our purposes, the word "third party" means "a person, public authority, agency, or body other than a consumer, controller, processor, or affiliate of the processor or the controller." as defined by the CTDPA.
Sale of your personal data
As specified in the “Detailed information on the processing of Personal Data” section of this document, our use of your personal data may be considered a sale under the CTDPA.
For our purposes, the word "sale", "sell", or "sold" means "the exchange of personal data for monetary or other valuable consideration by a controller to a third party" as defined by the CTDPA.
Please note that according to the CTDPA, the disclosure of personal data to a processor that processes personal data on behalf of a controller does not constitute a sale. In addition, other specific exceptions set forth in the CTDPA may apply, such as, but not limited to, the disclosure of personal data to a third party for the provision of a product or service requested by you.
Your right to opt out of the sale of your personal data and how you can exercise it
You have the right to opt out of the sale of your personal data. This means that whenever you request us to stop selling your data, we will abide by your request.
To fully exercise your right to opt out you can contact us at any time, using the contact details provided in this document.
For a simplified opt-out method you can also use the privacy choices link provided on this Website.
We use any personal data collected from you in connection with the submission of your opt-out request solely for the purpose of complying with the request.
Processing of your personal data for targeted advertising
As specified in the “Detailed information on the processing of Personal Data” section of this document, we may use your personal data for targeted advertising purposes.
For our purposes, the word "targeted advertising" means "displaying to a consumer an advertisement that is selected based on personal data obtained or inferred over time from the consumer's activities across non affiliated websites, applications, or online services to predict consumer preferences or interests" as defined by CTDPA.
Please note that according to the CTDPA, targeted advertising does not include: “advertisements based on activities within a controller's own web sites or online applications; advertisements based on the context of a consumer's current search query, visit to an internet web site or online application; advertisements directed to a consumer in response to the consumer's request for information or feedback; or processing personal data solely to measure or report advertising frequency, performance or reach”.
Your right to opt out of the processing of your personal data for targeted advertising and how you can exercise it
You have the right to opt out of the processing of your personal data for targeted advertising. This means that whenever you ask us to stop processing your data for targeted advertising, we will abide by your request.
To fully exercise your right to opt out you can contact us at any time, using the contact details provided in this document.
For a simplified opt-out method you can also use the privacy choices link provided on this Website.
We use any personal data collected from you in connection with the submission of your opt-out request solely for the purposes of complying with the opt-out request.
Universal opt-out mechanism: Global privacy control
If you want to submit requests to opt-out of the sale of personal data or the targeted advertising via a user-enabled global privacy control, like the Global Privacy Control (“GPC”), you are free to do so and we will abide by such request. The GPC consists of a setting or extension in the browser or mobile device and acts as a mechanism that websites can use to indicate they support the GPC signal. If you want to use GPC, you can download and enable it via a participating browser or browser extension. More information about downloading GPC is available here.
Your privacy rights under the Connecticut Data Privacy Act and how to exercise them
You may exercise certain rights regarding your data processed by us. In particular, you have the right to do the following:
- access personal data. You have the right to request that we confirm whether or not we are processing your personal data. You also have the right to access such personal data.
- correct inaccurate personal data. You have the right to request that we correct any inaccurate personal data we maintain about you, taking into account the nature of the personal data and the purposes of the processing of the personal data.
- request the deletion of your personal data. You have the right to request that we delete any of your personal data.
- obtain a copy of your personal data. We will provide your personal data in a portable and usable format that allows you to transfer data easily to another entity – provided that this is technically feasible.
- opt out of the processing of your personal data for the purposes of targeted advertising, the sale of personal data, or profiling in furtherance of decisions that produce legal or similarly significant effects concerning you.
In any case, we will not increase the cost of, or decrease the availability of, a product or service, based solely on the exercise of any of your rights and unrelated to the feasibility or the value of a service. However, to the extent permitted by the law, we may offer a different price, rate, level, quality, or selection of goods or services to you, including offering goods or services for no fee, if our offer is related to your voluntary participation in a bona fide loyalty, rewards, premium features, discounts, or club card program.
How to exercise your rights
To exercise the rights described above, you need to submit your request to us by contacting us via the contact details provided in this document.
For us to respond to your request, we need to know who you are and which right you wish to exercise.
We will not respond to any request if we are unable to verify your identity using commercially reasonable efforts and therefore confirm that the personal data in our possession actually relate to you. In such cases, we may request that you provide additional information which is reasonably necessary to authenticate you and your request.
Making a consumer request does not require you to create an account with us. However, we may require you to use your existing account. We will use any personal data collected from you in connection with your request solely for the purposes of authentication, without further disclosing the personal data, retaining it longer than necessary for purposes of authentication, or using it for unrelated purposes.
If you are an adult, you can make a request on behalf of a child under your parental authority.
How and when we are expected to handle your request
We will respond to your request without undue delay, but in all cases and at the latest within 45 days of its receipt. Should we need more time, we will explain to you the reasons why, and how much more time we need. In this regard, please note that we may take up to 90 days to fulfill your request.
Should we deny your request, we will explain to you the reasons behind our denial without undue delay, but in all cases and at the latest within 45 days of receipt of the request. It is your right to appeal such decision by submitting a request to us via the details provided in this document. Within 45 days of receipt of the appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If the appeal is denied, you may contact the Attorney General to submit a complaint.
We do not charge a fee to respond to your request, for up to one request per year.
Further information for Utah consumers
This section of the document integrates with and supplements the information contained in the rest of the privacy policy and is provided by the controller running this Website and, if the case may be, its parent, subsidiaries and affiliates (for the purposes of this section referred to collectively as “we”, “us”, “our”).
This section applies to all Users (Users are referred to below, simply as “you”, “your”, “yours”), who are consumers residing in the State of Utah, according to the “Consumer Privacy Act" (the “UCPA"), and, for such consumers, it supersedes any other possibly divergent or conflicting information contained in the privacy policy.
This part of the document uses the term “personal data” as defined in the UCPA.
In this section, we summarize the categories of personal data that we've processed and the purposes thereof. You can read about these activities in detail in the section titled “Detailed information on the processing of Persona Data” within this document.
Categories of personal data we collect
We have collected the following categories of personal data: identifiers and internet information
We do not collect sensitive data.
We will not collect additional categories of personal data without notifying you.
Why we process your personal data
To find out why we process your personal data, you can read the sections titled “Detailed information on the processing of Personal Data” and “The purposes of processing” within this document.
How we use the data we collect: sharing of your personal data with third parties
We share your personal data with the third parties listed in detail in the section titled “Detailed information on the processing of Personal Data” within this document. These third parties are grouped and categorized in accordance with the different purposes of processing.
For our purposes, the word "third party" means "a person other than: the consumer, controller, or processor; or an affiliate or contractor of the controller or the processor" as defined by the UCPA.
Sale of your personal data
As specified in the “Detailed information on the processing of Personal Data” section of this document, our use of your personal data may be considered a sale under the UCPA.
For our purposes, the word "sale", "sell", or "sold" means "the exchange of personal data for monetary or other valuable consideration by a controller to a third party" as defined by the UCPA.
Please note that according to the UCPA, the disclosure of personal data to a processor that processes personal data on behalf of a controller does not constitute a sale. In addition, other specific exceptions set forth in the UCPA may apply, such as, but not limited to, the disclosure of personal data to a third party for the provision of a product or service requested by you.
Your right to opt out of the sale of your personal data and how you can exercise it
You have the right to opt out of the sale of your personal data. This means that whenever you request us to stop selling your data, we will abide by your request.
To fully exercise your right to opt out you can contact us at any time, using the contact details provided in this document.
For a simplified opt-out method you can also use the privacy choices link provided on this Website.
We use any personal data collected from you in connection with the submission of your opt-out request solely for the purpose of complying with the request.
Processing of your personal data for targeted advertising
As specified in the “Detailed information on the processing of Personal Data” section of this document, we may use your personal data for targeted advertising purposes.
For our purposes, the word "targeted advertising" means "displaying to a consumer an advertisement that is selected based on personal data obtained or inferred over time from the consumer's activities across nonaffiliated websites, applications, or online services to predict consumer preferences or interests" as defined by UCPA.
Please note that according to the UCPA, targeted advertising does not include: “advertisements based on activities within a controller's own websites or online applications or any affiliated website or online application; advertisements based on the context of a consumer's current search query, visit to an web site or online application; advertisements directed to a consumer in response to the consumer's request for information, product, a service or feedback; or processing personal data solely to measure or report advertising performance, reach or frequency.”
Your right to opt out of the processing of your personal data for targeted advertising and how you can exercise it
You have the right to opt out of the processing of your personal data for targeted advertising. This means that whenever you ask us to stop processing your data for targeted advertising, we will abide by your request.
To fully exercise your right to opt out you can contact us at any time, using the contact details provided in this document.
For a simplified opt-out method you can also use the privacy choices link provided on this Website.
We use any personal data collected from you in connection with the submission of your opt-out request solely for the purposes of complying with the opt-out request.
Your privacy rights under the Utah Consumer Privacy Act and how to exercise them
You may exercise certain rights regarding your data processed by us. In particular, you have the right to do the following:
- access personal data. You have the right to request that we confirm whether or not we are processing your personal data. You also have the right to access such personal data.
- request the deletion of your personal data. You have the right to request that we delete any of your personal data.
- obtain a copy of your personal data. We will provide your personal data in a portable and usable format that allows you to transfer data easily to another entity – provided that this is technically feasible.
- opt out of the processing of your personal data for the purposes of targeted advertising or the sale of personal data.
In any case, we will not increase the cost of, or decrease the availability of, a product or service, based solely on the exercise of any of your rights and unrelated to the feasibility or the value of a service. However, to the extent permitted by the law, we may offer a different price, rate, level, quality, or selection of goods or services to you, including offering goods or services for no fee, if our offer is related to your voluntary participation in a bona fide loyalty, rewards, premium features, discounts, or club card program.
How to exercise your rights
To exercise the rights described above, you need to submit your request to us by contacting us via the contact details provided in this document.
For us to respond to your request, we need to know who you are and which right you wish to exercise.
We will not respond to any request if we are unable to verify your identity using commercially reasonable efforts and therefore confirm that the personal data in our possession actually relate to you. In such cases, we may request that you provide additional information which is reasonably necessary to authenticate you and your request. We may retain your email address to respond to your request.
If you are an adult, you can make a request on behalf of a child under your parental authority.
How and when we are expected to handle your request
We will respond to your request without undue delay, but in all cases and at the latest within 45 days of its receipt. Should we need more time, we will explain to you the reasons why, and how much more time we need. In this regard, please note that we may take up to 90 days to fulfill your request.
Should we deny your request, we will explain to you the reasons behind our denial without undue delay, but in all cases and at the latest within 45 days of receipt of the request.
We do not charge a fee to respond to your request, for up to one request per year.
Additional information about Data collection and processing
Legal action
The User's Personal Data may be used for legal purposes by the Owner in Court or in the stages leading to possible legal action arising from improper use of this Website or the related Services.
The User declares to be aware that the Owner may be required to reveal personal data upon request of public authorities.
Additional information about User's Personal Data
In addition to the information contained in this privacy policy, this Website may provide the User with additional and contextual information concerning particular Services or the collection and processing of Personal Data upon request.
System logs and maintenance
For operation and maintenance purposes, this Website and any third-party services may collect files that record interaction with this Website (System logs) or use other Personal Data (such as the IP Address) for this purpose.
More details concerning the collection or processing of Personal Data may be requested from the Owner at any time. Please see the contact information at the beginning of this document.
Changes to this privacy policy
The Owner reserves the right to make changes to this privacy policy at any time by notifying its Users on this page and possibly within this Website and/or - as far as technically and legally feasible - sending a notice to Users via any contact information available to the Owner. It is strongly recommended to check this page often, referring to the date of the last modification listed at the bottom.
Should the changes affect processing activities performed on the basis of the User’s consent, the Owner shall collect new consent from the User, where required.
Definitions and legal references
Personal Data (or Data)
Any information that directly, indirectly, or in connection with other information — including a personal identification number — allows for the identification or identifiability of a natural person.
Usage Data
Information collected automatically through this Website (or third-party services employed in this Website), which can include: the IP addresses or domain names of the computers utilized by the Users who use this Website, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server's answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilized by the User, the various time details per visit (e.g., the time spent on each page within the Application) and the details about the path followed within the Application with special reference to the sequence of pages visited, and other parameters about the device operating system and/or the User's IT environment.
User
The individual using this Website who, unless otherwise specified, coincides with the Data Subject.
Data Subject
The natural person to whom the Personal Data refers.
Data Processor (or Processor)
The natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the Controller, as described in this privacy policy.
Data Controller (or Owner)
The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data, including the security measures concerning the operation and use of this Website. The Data Controller, unless otherwise specified, is the Owner of this Website.
This Website (or this Application)
The means by which the Personal Data of the User is collected and processed.
Service
The service provided by this Website as described in the relative terms (if available) and on this site/application.
European Union (or EU)
Unless otherwise specified, all references made within this document to the European Union include all current member states to the European Union and the European Economic Area.
Cookie
Cookies are Trackers consisting of small sets of data stored in the User's browser.
Tracker
Tracker indicates any technology - e.g Cookies, unique identifiers, web beacons, embedded scripts, e-tags and fingerprinting - that enables the tracking of Users, for example by accessing or storing information on the User’s device.
Legal information
This privacy statement has been prepared based on provisions of multiple legislations.
This privacy policy relates solely to this Website, if not stated otherwise within this document.