For the purpose of the EU General Data 2016/679 (the GDPR) and any subsequent UK legislation on data protection, the data controller is ExpressPigeon. ExpressPigeon has appointed a company as its EU representative.
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
ExpressPigeon’s business is as a [your industry]. In the course of its business, we collect, transmit, record, store, and otherwise handle information about individuals (personally identifiable information or “PII”). We take these activities seriously and provide appropriate procedures for the handling of PII. This Statement provides information to our website visitors, customers, and individuals communicating with or through our customers (collectively “Consumers”) about how information is collected, transmitted, stored, or otherwise handled. Any information provided by Consumers or collected from individuals who use Express Pigeion services/products is not sold or shared with unauthorized third parties, except in certain cases described below. Our customers may provide your PII to us for conducting their business and their use of your information is governed under their privacy policies/statements.
2.0 Personal Information Collected From You
While you interact as a visitor or user of our websites and platform services (together, “Sites and Services”) we may ask, or you may volunteer, certain personal information, as follows:
- Account or Profile Data: your name, mailing address, email, phone number,user name and login credentials;
- Business Contact Information: your name, mailing address, phone number and email address;
- Purchase & Payment Details: financial information (bank account or credit card details); and
- for purposes of CCPA information that identifies, relates to, describes or is capable of being associated with or could reasonably be linked directly or indirectly with a particular consumer or household (as defined pursuant to the CCPA). For the purpose of the CCPA, personal information also includes unique personal identifiers which may be defined as device identifiers, online tracking technology, and probalistic identifiers. You have the right, upon written request to the Company to be informed exactly what personal information the Company has collected about you, or where it was sourced from, or is being used for, whether it is being disclosed or sold, and to whom it is being disclosed or sold.
3.0 Personal Information Collected Automatically
With regard to each of your visits to our website we will automatically collect the following information:
- Device and Usage Information: IP address, type of browser and operating system; and full Uniform Resource Locators (URL) clickstream to, through and from our website (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), device identifiers such as Apple IDFA or Google Advertising ID, cookie identifiers, other pseudonymous identifiers, and information about the timing, frequency, and patterns of your usage and methods used to browse away from the page and any phone number used to call our customer service number.
We will also collect personal information from you when you voluntarily complete a customer survey or provide feedback via our customer service (including telephone, email or webform or messaging).
We do not presently share any personal information (whether provided to us or collected by us) with any third party.
We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
If you fail to provide personal data which we need to provide the service, then we may not be able to perform the contract we have with you
5.0 How We Use Information
We use information held about you in the following ways:
- Information you give to Us.We will use this information:
- to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and service that you request from us;
- to provide you with information of other services we offer that are similar to those that you have already purchased or enquired about;
- to provide you with information about services we feel may interest you. If you are an existing customer, and have consented or opted-in to our contacting you with marketing messages, we will contact you by electronic means (e-mail or SMS) with information about services similar to those which were the subject of a previous sale or negotiations of a sale to you. If you are a new customer, we will contact you by electronic means only if you have consented to this. If you do not want us to use your data in this way, for marketing purposes, please follow the ‘unsubscribe’ link on any of our marketing emails or send us an email to [ ].
- to notify you about changes to the service;
- to ensure that content from our website is presented in the most effective manner for you and for your computer.
If you fail to provide personal data which we need to provide the service, then we may not be able to perform the contract we have with you. you are responsible for ensuring that the personal data which you give us is accurate and up to date.
- Information we collect about you when you visit our website. We will use this information:
- to administer our website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- to improve our website to ensure that content is presented in the most effective manner for you and for your computer;
- to allow you to participate in interactive features of the Service, when you choose to do so;
- as part of our efforts to keep our website safe and secure;
- to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you;
- to make suggestions and recommendations to you and other users of our website about services that may interest you or them.
- Information we receive from other sources. We may receive personal data about you from various third parties and public sources as set out below. We may combine this information with information you give to us and information we collect about you. We may use this information and the combined information for the purposes set out above (depending on the types of information we receive).
6.0 Financial Information
We collect your financial information so that we can be compensated for paid services. We store this information with an industry trusted third party financial institution. This prevents any potential theft of such information even in the unlikely event of a security breach. The security of your financial data while in transmission is assured through a 128-bit Secure Sockets Layer (SSL) connection between our Web server and a third party financial institution responsible for processing credit card transactions.
7.0 Contact List Information
You must comply with the Terms of Service and Use Agreement when you provide the contact details of your target audience to us. We reserve the right to monitor this information at any time in order to ensure your compliance with our Terms of Service. We also reserve the right to collect additional information about your contacts, including but not limited to IP address, browser type, email, client type and operating system. We do not presently nor will in the future share any contact information (whether provided to us or collected by us through subscription forms) with any Third Party. Contact list information is used strictly to fulfil the functionality of our systems.
8.0. Non-personally Identifiable Information
- Digital Advertising Alliance (DAA)’s self-regulatory opt-out – http://optout.aboutads.info/
- Network Advertising Initiative (NAI)’s self-regulatory opt-out – http://optout.networkad
9.0 Information Access, Correction And Deletion
While we store your personal information in order to support the proper function of our applications, it is your responsibility to keep this information up to date. You may access your personal information at any time by logging into the website and navigating to My Account. ExpressPigeon respects your control over your information, and, upon request, we will confirm whether we hold or are processing information that we have collected from you. You also have the right to amend or update inaccurate or incomplete personal information, request deletion of your personal information, or request that we no longer use it. Under certain circumstances we will not be able to fulfill your request, such as if it interferes with our regulatory obligations, affects legal matters, we cannot verify your identity, or it involves disproportionate cost or effort, but in any event we will respond to your request within a reasonable timeframe and provide you an explanation. In order to make such a request of us, please email us at our support email address, email@example.com.
Please note that for personal information about you that we have obtained or received for processing on behalf of a separate, unaffiliated entity–which determined the means and purposes of processing, all such requests should be made to that entity directly. We will honor and support any instructions they provide us with respect to your personal information.
10.0 Email content
Please refer to Section 4 of the Terms of Service and Use Agreement to review the list of prohibited content. You may not use ExpressPigeon systems to send e-mails that include or link to any prohibited content. We reserve the right to monitor the content of your emails to ensure compliance with our Terms of Service, and freeze or even permanently close your account if we deem your content inappropriate, based solely on our opinion.
11.0 Exception from Coverage
12.0 International transfers
We are based outside the EEA so processing of your personal data will involve a transfer of data outside the EEA.
We use providers based in the US, therefore we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between Europe and the US. Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
13.0 EU and Swiss – US Privacy Shield Participation
ExpressPigeon participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce. ExpressPigeon is committed to subjecting all personal data received from European Union (EU) member countries and Switzerland, respectively, in reliance on each Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Framework, and to view our certification, visit the U.S. Department of Commerce’s Privacy Shield List at https://www.privacyshield.gov/list .
ExpressPigeon is responsible for the processing of personal data it receives, under each Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. ExpressPigeon complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, ExpressPigeon is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission and/or the U.S. Department of Transportation, as applicable. In certain situations, ExpressPigeon may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge)at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, more fully described on the Privacy Shield website at https://www.privacyshield.gov, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
14.0 Information Protection
We represent that we will use commercially reasonable measures to maintain appropriate technical and organizational structure to protect any information, including personally-identifiable information that we collect, process or access against unauthorized or illegal processing or transfer and against accidental loss, access, or destruction.
We limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
15.0 Data retention
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you. We reserve the right to eliminate, delete or destroy your personal data and information at any time, in our sole discretion, and you shall have no reliance upon our storage or access to any such personal data or information.
To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
Your contact database as well as your account data may retain for as long as you keep it on your account. If you wish to delete it, you can freely do so at any time. If you have any questions, you can always contact us.
16.0 Your Rights
- where we are relying on your consent to process your personal data, you can withdraw your consent or opt-out of our processing your personal data at any time. If you do not want to receive communications from us, please contact us at firstname.lastname@example.org or if you are being contacted through a customer, please follow the instructions in the communication itself or contact the customer directly. You may also use the convenient opt-out feature included with emails. In certain circumstances, we can process your personal data without your consent in line with the lawful processing requirements in GDPR. These include (amongst other reasons) where processing is necessary to carry out a contractual obligation between us, to comply with a legal obligation, or to protect your vital interests.
- Ask us to rectify inaccurate or incomplete personal data. We would seek to rectify the data as soon as possible and usually within one month unless the request is complex.
- Ask Us to erase or delete your personal data. This is commonly referred to as the right to be forgotten. This right is only applicable where there is no compelling reason for the continued processing of your personal data. There are some circumstances where this right to erasure does not apply and in such cases we would notify you of the reason(s) why we need to retain your personal data (unless prevented to do so by law).
- Restrict processing of your personal data where, for example, the data is inaccurate, being processed unlawfully or where the data is no longer relevant to the specific purpose for processing. In such cases, we would retain the data but we would not process it further without your consent, or if processing your data is for establishing, exercising or defending a legal claim, or for the protection of rights of other individuals, or for public interest reasons. In such circumstances, we would let you know that we intend to lift the restriction on processing your personal data.
- Request access to your personal data via a subject access request. Your request should be made to us in writing by email to email@example.com and we may ask you for proof of your identity before providing you with the data. There is usually no fee for making such a request however, in limited circumstances, we may be able to charge an administrative fee (which will be based on the administrative cost of providing the information).
- You have the right to ask us not to process your personal data for marketing purposes (including profiling). We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting us at firstname.lastname@example.org
- Obtain and reuse your personal data for your own purposes across different services (right to data portability). This right is only applicable to data that you have provided to us, where we are processing the data based on your consent or for the performance of a contract and when the processing is carried out by automated means. Where this right applies, the data will be provided to you in a structured, commonly used and machine-readable format.
- The right to receive equal service and pricing from the Company, even if privacy rights are exercised pursuant to the CCPA. This is defined that the Company cannot deny goods or services or charge different prices for goods or services or provide a different quality of goods or services to those consumers who exercise their privacy rights. The foregoing shall in no event prevent the Company from charging different prices, and providing different level of service, to consumers, “if that difference is reasonably related to the value provided to the consumer by the consumers data”.
Our website may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
17.0 Changes to this policy
The ExpressPigeon, duty to protect Confidential Information shall survive the expiration or termination of the Terms of Service and Use Agreement for any reason and will extend for a period of 5(five) years from the date of disclosure by you or collection by us of Confidential Information.
19.0 Incorporation by Reference.
Not legal advice