Last updated: June 2021
OUR COMMITMENT TO YOU
Xshop OÜ (“us“, “we” or “Company“) respect the privacy of our users (each, a “User” or “you“) and are committed to protect the privacy of Users who access, use or engage with this including with any domain or sub-domain owned or associated with the Company, and any service we provide (the “Website” and the “Services” respectively).
- GROUNDS FOR DATA COLLECTION 1
- WHAT TYPE OF DATA WE COLLECT? 2
- HOW DO WE USE THE DATA WE COLLECT? 2
- TRACKING TECHNOLOGIES 3
- WITH WHOM DO WE SHARE YOUR PERSONAL DATA? 4
- HOW WE PROTECT YOUR INFORMATION 4
- RETENTION 5
- USER RIGHTS 5
- TRANSFER OF DATA OUTSIDE THE EEA 6
- OUR POLICY TOWARD CHILDREN 6
- HOW TO CONTACT US? 6
- UPDATES TO THIS POLICY 6
GROUNDS FOR DATA COLLECTION
Processing of your “Personal Data” (meaning any information which may potentially allow your identification with reasonable means) is necessary for the provision of our service, the performance of our contractual obligations towards you, to protect our legitimate interests, and for compliance with legal and regulatory obligations to which we are subject.
Where we rely on your consent to process your Personal Data, you have the right to withdraw or decline consent at any time.
WHAT TYPE OF DATA DO WE COLLECT?
In the course of using the Service, we may collect certain Personal Data to provide and improve the Service, to contact or identify you, to enable you to access certain parts of the Service or as otherwise indicated in this Policy. We collect the following Personal Data about you
- When you register for the Service – some parts of our Website require you to register in order to provide you with our Services. During registration, you may be required to provide your contact details, such as your full name, email address, and phone number.
- When you send us an email – we will collect any information, including Personal Data that you choose to include in your inquiry to us.
- When using our Service – our web server may automatically collect your IP address and unique online identifiers. These details are pseudonymized (cannot directly identify you) and are collected for the purpose of delivering relevant content and operating and improving our Service (including services from our partners, as applicable).
We also collect data about the use of our Service and the characteristics and activities of users, in order to operate it and improve it. We may collect the following non-Personal Data:
- Technical information – when you use our Services we may collect such data as your operating system, device type, session start/stop time, time zone, network connection type (e.g., Wi-Fi, cellular), your general location (city and country), phone call logs and general information regarding your online behavior (e.g. clicks, actions, queries, installed apps, etc.).
If we combine Personal Data with non-Personal Data, the combined data will be treated as Personal Data.
HOW DO WE USE THE DATA WE COLLECT?
- Provision of the Service – we will use the Personal Data you provide us for the provision and improvement of our Service, to provide customer support and to respond to your queries.
- Protecting our interests – we may use your Personal Data when we believe it’s necessary in order to take precautions against liabilities, investigate and defend ourselves against any third party claims or allegations, investigate and protect ourselves from fraud, protect the security or integrity of our services and protect the rights and property of the Company, its users and/or partners.
- Enforcing of policies – we may use your Personal Data in order to enforce our policies, including but not limited to our Terms and Conditions.
- Compliance with legal and regulatory requirements – we may use your Personal Data to investigate violations, and as required by law, regulation or other governmental authority, or to comply with a subpoena or similar legal process.
When you visit or access our Services, we use (and authorize 3rd parties to use) pixels, cookies, events, and other technologies (collectively, “Tracking Technologies“). These allow us to automatically collect information about you, your device, and your online behavior, in order to enhance your navigation in our Services, improve our Services’ performance, perform analytics and customize your experience. In addition, we may merge data we have with data collected through these tracking technologies and data we may obtain from other sources and, as a result, such data may become Personal Data.
How to Manage Your Tracking Technologies Settings
There are various ways in which you can manage and control your Tracking Technologies settings. Please remember that, by deleting or blocking Tracking Technologies, some of the features of the Services may not work properly or as effectively.
- Below are some links to some commonly used web browsers. Information about cookies is usually found in the “Help” section of the web browser.
- Google Chrome o Internet Explorer o Mozilla Firefox o Safari (Desktop) o Safari (Mobile) o Android Browser o Opera o Opera Mobile
For other browsers, please consult the documentation that your browser manufacturer provides.
- Mobile Devices – You can opt out of certain types of interest-based advertising (or “cross-app” advertising), by accessing the “settings” on your device:
- If you’re using an Apple device you can configure your device to limit ad tracking to by clicking on “settings” > “privacy” > “advertising” and toggling “limit ad tracking” to ‘on.’
- If you’re using an Android device you can opt-out of most app-based tracking for advertising by opening the “Google Settings” app on your device, selecting “Ads”, and then selecting the option to opt-out of interest-based ads.
Please note that the above information may change when the above manufacturers update their systems. Also note, that your device may use another platform, not described above. In that case, please consult the manufacturer documentation for further instructions.
- You can also turn off certain third-party targeting and advertising cookies by visiting the following link: Network Advertising Initiative.
TO WHOM DO WE SHARE YOUR PERSONAL DATA?
- Internal concerned parties – we share your information with companies in our group, as well as our employees, in order to provide you with our services.
- Business partners – we share your information with business partners, such as storage and cloud services provided to us and analytics providers who help us provide you with our service. We also share your Personal Data with third parties who perform Anti Money Laundering (AML) services on our behalf. These third parties may have access to your Personal Data so that they may perform these tasks on our behalf, but they are obligated to comply with the highest security standards and applicable data protection legislation, and may not use your Personal Data for any other purpose.
- Compliance with laws and law enforcement entities – we cooperate with government and law enforcement officials and private parties to enforce and comply with the law. We will disclose any data about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate to respond to claims and legal process (including but not limited to subpoenas), to protect our or a third party’s property and rights, to protect the safety of the public or any person, or to prevent or stop any activity we may consider to be, or to pose a risk of being, illegal, unethical, inappropriate or legally actionable. We also may be required to disclose an individual’s Personal Data in response to a lawful request by public authorities, including meeting national security or law enforcement requirements.
HOW WE PROTECT YOUR INFORMATION
We have implemented administrative, technical, and physical safeguards to help prevent unauthorized access, use, or disclosure of your Personal Data. Your data is stored on secure servers and isn’t publicly available. We limit access of your information only to those employees or partners on a “need to know” basis, in order to enable the carrying out of the agreement between us.
While we seek to protect your information to ensure that it is kept confidential, we cannot absolutely guarantee its security. You should be aware that there is always some risk involved in transmitting information over the internet. While we strive to protect your Personal Data, we cannot ensure or warrant the security and privacy of your Personal Data or other content you transmit using the Service, and you do so at your own risk.
We will retain your Personal Data for as long as necessary to provide our Service, and as necessary to comply with our legal obligations, resolve disputes, and enforce our policies. Retention periods would be determined taking into account the type of information that is collected and the purpose for which it is collected, bearing in mind the requirements applicable to the situation and the need to destroy outdated, unused information at the earliest reasonable time. Under applicable regulations, we will keep records containing Personal Data, communications, and anything else as required by applicable laws and regulations (Approximately 7 years).
EU User Rights
As an EU resident, you may request to:
- Receive confirmation as to whether or not Personal Data concerning you is being processed, and access your stored Personal Data, together with supplementary information.
- Receive a copy of Personal Data you directly volunteer to us in a structured, commonly used and machine-readable format.
- Request rectification of your Personal Data that is in our control.
- Request erasure of your Personal Data.
- Object to the processing of Personal Data by us.
- Request to restrict processing of your Personal Data by us.
- Lodge a complaint with a supervisory authority.
Please note that these rights pertain to EU residents only, are not absolute, and may be subject to our own legitimate interests and regulatory requirements.
California Privacy Rights
California Civil Code Section 1798.83 permits our customers who are California residents to request certain information regarding our disclosure of Personal Information to third parties for their direct marketing purposes. To make such a request, please send us an email using the “contact us” details provided below.
If you are a residence of Canada, you are permitted to request certain information regarding our disclosure of Personal Information to third parties for their direct marketing purposes, where applicable. To make such a request, please send us an email using the “contact us” details provided below.
TRANSFER OF DATA OUTSIDE THE EEA
If you reside in the European Union (“EU“), please note that some data recipients may be located outside the EEA. In such cases, we will transfer your data only to such countries as approved by the European Commission as providing an adequate level of data protection, or enter into legal agreements ensuring an adequate level of data protection.
OUR POLICY TOWARD CHILDREN
We understand the importance of protecting children’s privacy, especially in an online environment. The Site and Services are not designed for or directed at children under the age of 18 years old (“Minors”). We do not knowingly collect Personal Data from Minors. If a parent or guardian becomes aware that his or her child has provided us with Personal Data, he or she should contact us using the details provided above.
HOW TO CONTACT US?
If you wish to exercise any of the aforementioned rights or receive more information, please contact us using the details below:
Email: [email protected]
UPDATES TO THIS POLICY