Website privacy, cookie and data use policy

1. THIS POLICY

1.1 This Policy explains how any personal data we collect from you, that you provide to us, or that we receive indirectly from third parties (e.g. persons that may represent you, registers, state authorities, etc.) will be processed by us or any processor on our behalf.

1.2 Any changes we make to this Policy will be posted on this Website. You are advised to check back frequently as any changes will be binding on you when you continue to use the Website after the date of the relevant change.

1.3 For more information relating to your rights under this Policy, please see section 10.

2. YOUR MAIN PERSONAL DATA PROCESING CONDITIONS

2.1 By accessing the Website and/or otherwise using the Website, you:

2.1.1 voluntarily provide us with the personal data necessary to allow you to use the Website. The personal information that we collect depends on the context of your interactions with us and the Website, the choices you make and the features you use:

2.1.2 confirm that, you are aware that the processing of your personal data may be performed by us and or other data controllers, and/or those specifically listed third parties, in accordance with this Policy; and

2.1.3 confirm that, you are aware that your personal data may be transferred to third parties listed in this Policy, for the reasons specified.

2.2 You may object to your data processing under 2.1 at any time. You may exercise your rights under 10.1 at any time, which includes your objection to our processing of your personal data. However, where this withdrawal prevents us from performing our contract with you, we may not be able to provide our services to you.

3. WHAT WE COLLECT

3.1 We may collect all or some of the following categories of data from you:

• Full name;
• Email;
• Phone number;
• Title
• Country of residence;
• Annual income;
• Best time to contact;
• Services you are interested in;
• Information for our internet access logs, such as but not limited to internet protocol (IP) addresses, browser types, internet service providers (ISP), referring/exit pages, operating systems used, date/time stamps, and click stream data;
• If you contact us, we may keep a record of that correspondence;
• We may use your personal data to target advertising to you, unless you do not express your disagreement. We attempt to advertise products and services in which you have expressed an interest in some previous communications with us. We may, at our discretion, target advertising by using email, direct mail, telephones, cell phones, and other means of communication to provide promotional offers.

3.2 Specific categories of processed personal data may also be in separate sections of this privacy policy.

3.3 All personal information that you provide to us must be true, complete and accurate.

4. HOW WE COLLECT YOUR DATA

We use different methods to collect data from and about you including:

4.1 Direct interactions – you may give us your Identity, Contact and Financial Data by filling in forms or by corresponding with us by post, phone or email. This includes personal data you provide when you apply for our products or services and/or give us feedback or contact us.

4.2 Automatically – as you interact with our website, we will automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies. We may also receive Technical Data about you if you visit other websites employing our cookies.

4.3 Third parties or publicly available sources – we will receive personal data about you from various third parties and public sources as set out below:
‍
Technical Data from the following parties:
(a) analytics providers such as Google;
(b) advertising networks; and
(c) search information providers.

5. HOW WE USE YOUR PERSONAL DATA

5.1 We use your personal information collected via our Website for a variety of business purposes described below. We process your personal information for these purposes in reliance on our legitimate business interests and use the information we collect or receive to:

5.1.1 personalise and improve our services (including the Website and its security);
5.1.2 notify you about changes to our Website or our services;
5.1.3 fulfill and manage your requests made through the Website;

5.2 We use any data we collect about you (as a result of your visit to our Website) for the below purposes:
‍
5.2.1 marketing purposes – if this is in accordance with your marketing preferences. When expressing an interest in obtaining information about us or our Website, subscribe to marketing or contacting us, we will collect personal information from you;
5.2.2 content development – we may use your information to develop and display personalised content and advertising, tailored to interests and/or location and to measure its effectiveness;
5.2.3 analysis – administer and monitor traffic and behaviors on our Website for analysis, testing, research, statistical and survey purposes;
5.2.4 ensure that any part of our Website (including any Content) is presented in the most effective manner for you and your device, and to make improvements (where necessary).

6. COOKIES

6.1. Like many businesses, we also collect information through cookies and similar technologies. We use first party cookies (first party cookies are set by the website owner) and third party cookies (third party cookies are set by parties other than the website owner). Third party cookies enable third party features and functionality to be provided on or through the Website (e.g. advertising, interactive content and analytics).

6.2 We are using first and third party cookies since some cookies are required for technical reasons in order for our Website to operate properly and other cookies enable us track and target the interests of our users to enhance the experience on our Website.

6.3 The specific types of first and third party cookies are described below:

6.3.1 Essential Website cookies – these cookies are strictly necessary to provide you with services available through our Website and to use some of its features, such as access to secure areas;
6.3.2 Analytics and Customization cookies – these cookies collect information that is used to help us understand how our Website is being used, how effective our marketing campaigns are or to help us customize our Website for you.

6.4 We also collect information through cookies and similar technologies. The information we collect includes:
6.4.1 Usage Data – this data is service related; usage and performance information our servers automatically collect, when you access or use our Website. Depending on how you interact with us, this data may include your IP address, device information, browser type and information about your activity on the Website.
6.4.2 Device Data – we collect device data such as information about your computer, phone, tablet or other device you use to access our Website.
6.4.3 Location Data – we collect location data such as information about your device’s location. How much information we collect depends on the type and settings of the device you use to access our Website.

6.5 We may update this Cookies Notice from time to time in order to reflect the changes to the cookies we use or for other operational, legal or regulatory reasons. Please therefore re-check this Cookies Notice regularly to stay informed about our use of cookies and related technologies. If you have any questions about our cookies or other technologies, please email us at support@bobofin.com.

7. HOW AND WHY WE DISCLOSE YOUR DATA

7.1 We will only disclose your personal data to the third parties which shall be considered as data processors for the following purposes:

7.1.1 our approved email provider – in order to be able to send emails to you (please note that your email address is provided only to an approved email provider)
7.1.2 analytics provider – for performance of Website‘s troubleshooting, data analysis, testing, research, usage tracking and for the purposes of protection, or in other situations involving suspicious or illegal activities;
7.1.3 other approved service providers – in order to ensure the proper functioning and provision of the services (e.g. IT services provider, cloud storage providers, auditor, accounting services provider, etc.), we may disclose data to any member of the Bourgeois Bohème group, so that the data may be provided to any subsidiaries, affiliates or Bourgeois Bohème related entities.

7.2 In addition to the transfers contemplated by part 8.1, we may transfer or disclose your personal data to:

7.2.1 comply with any legal obligation required under legal requirement (e.g. to state authorities);
7.2.2 enforce any part of our Privacy Policy and/or any other agreements between you and us or to investigate potential breaches; or
7.2.3 protect our rights or our property. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.

7.3 We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

8. SECURITY

8.1 We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

8.2 We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

8.3 Nevertheless, we must inform you that the transmission of information via the Internet is not completely secure. We cannot guarantee the security of your data transmitted to our Website, so that any transmission is at your own risk.

9. RETAINING YOUR INFORMATION

9.1 We will only keep your personal information for as long as it is necessary for the purposes set out in this Privacy Policy, unless a longer retention period is required or permitted by law.

9.2 When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize such information, or, if this is not possible (e.g. your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

9.3 The personal data storage period is set based on the below principles:

9.3.1 For the purposes of direct marketing, while providing information regarding similar services that we have provided to you and/or you expressed the interest into them, according to the basis of legitimate interest;
9.3.2. For the purpose of direct marketing and according to your consent, we process your personal data until you revoke your consent regarding data processing. This provision is only applied for non-customers that did not expressed the interest into our services.
9.3.3 If you revoke your consent for data processing or the data processing term expires (when the data is processed based on your consent), only the data confirming the fact of your consent is retained for 6 years from the end of the consent period or the cancellation of consent in order to declare, execute or defend the legal claims.

10. YOUR RIGHTS

10.1 In relation to all your personal data, you have the following rights (in addition to any rights you may have under the Regulation and the Law). If you wish to exercise any of the rights set out above, please contact us. More detail of these rights is set out below:

10.1.1 to access to your personal data, i.e. this enables you to receive a copy of the personal data we hold about you;
10.1.2 to clarify what data we hold about you, how it was obtained, to whom it has been disclosed and for how long it will be stored;
10.1.3 to delete any of your data (where you no longer think we need to hold it or you think we have obtained it or processed it without your consent at any time);
10.1.4 to object to processing of your personal data, i.e. to process your personal data in limited circumstances or for limited purposes (e.g. process your data for direct marketing purposes);
10.1.5 to withdraw consent at any time where we are relaying on consent to process your personal data;
10.1.6 not to be the subject only to automated processing, including profiling;
10.1.7 to submit an appeal on the actions or inactions of us, related to the implementation of the data subject’s rights to the respective Data Protection authority that is located in member state of the European Union where you reside; and
10.1.8 compensation, which you must apply for to the competent court that is located in member state of the European Union where you reside, if you have suffered damage as a result of a violation of the data subject’s rights, you are entitled to.

10.2 Where you wish to exercise any of your rights, they may be subject to payment of a nominal administration fee (to cover our costs incurred in processing your request) and any clarification we may reasonably require in relation to your request. Such fees may be charged where we consider (acting reasonably) that your request is excessive, unfounded or repetitive.

10.3 Any data provided to you in accordance with your rights will be in a structured and machine-readable form.

11. YOUR RESPONSIBILITIES

11.1. You confirm that you have provided correct data about yourself in every required form and that afterwards. We will not tolerate invalid, false or otherwise incorrect data and will pursue actions in accordance with its legal obligations. You shall bear any losses that occur with regard to the submission of invalid, false or otherwise incorrect data.

11.2 We draw your attention to the fact that email address and any other contact information you have chosen to provide are used for your identification and communication. You undertake responsibility to protect these instruments and logins to them. You are responsible for password disclosure and for all operations performed after you use the password for a relevant account. We recommend memorizing your passwords and not to write them down or enter anywhere where they may be seen by other persons.