Ivory Technologies LLC, a company registered at Shams, in the United Arab Emirates, being the developer and owner of the website www.fabfpro.com (hereinafter referred to it as “Company”, “we”, “us” , “our” and `Ivory`) respects and protects the privacy of visitors of the said website(s) and users of our services. In order to ensure transparency, this policy describes the handling practices and procedures when you access the content we own and/or operate on the website(s) located at Amsterdam, or any other websites, pages, features, or content we own and/or operate (collectively, the "Site(s)") and/or when you use GDAX API or third party applications relying on such an API, and related services (referred to collectively hereinafter as "Services").
2. ACCEPTANCE OF THIS POLICY
3. CHANGES TO THIS POLICY
4. SECURITY TECHNOLOGY
Company uses Secure Socket Layer (SSL) encryption technology to protect the information that you have submitted. This technology is used to prevent your information from being intercepted when you are communicating with us.
To protect your information better, Company's computer servers communicate via private network behind an industrial grade hardware firewall.
5. COLLECTION OF PERSONAL INFORMATION
Collection of personal information from users are required by law or it is relevant for specified purposes. Any information you provide to us that is not required shall be considered as voluntary. You may choose whether to provide us with your personal information requested, however we may not be able to serve you as effectively or offer you all of our Services in case certain data and information are not provided and shared with us.
To be more precise, we collect personal information which is required under the law in order to open an account or execute a transaction. We also collect personal information when you use or request information about our Services, subscribe to marketing communications, request support, complete surveys, or sign up for a Company event. We may also collect personal information from you offline, such as when you attend one of our events, or when you contact customer support. We may use this information in combination with other information collected about you as set forth in this Policy.
We collect the following types of information:
• Personal Identification Information: Full name, date of birth, age, nationality, gender, signature, utility bills, photographs, phone number, home address, and email.
• Formal Identification Information: Tax ID number, passport number, driver’s license details, national identity card details, photograph identification cards, and visa information.
• Financial Information: Bank account information, payment card primary account number (PAN), transaction history, trading data, and tax identification.
• Transaction Information: Information about the transactions you make on our Services, such as the name of the recipient, your name, the amount, and timestamp.
• Employment Information: Office location, job title, and description of role.
• Online Identifiers: Geo location/tracking details, browser fingerprint, OS, browser name and version, and personal IP addresses.
6. USE OF YOUR PERSONAL INFORMATION
Our primary purpose in collecting personal information is to provide you with a secure, smooth, efficient, and customized experience. In general, we use personal information to create, develop, operate, deliver, and improve our Services, content and advertising, and for loss prevention and anti-fraud purposes. We may use this information in the following ways:
• To maintain legal and regulatory compliance
Some of our core Services are subject to laws and regulations requiring us to collect and use your personal identification information, formal identification information, financial information, transaction information, employment information, online identifiers, and/or usage data in certain ways. Company must identify and verify customers using our Services in order to comply with anti-money laundering and terrorist financing laws across jurisdictions. In addition, we use third parties to verify your identity by comparing the personal information you provided against third-party databases and public records.
EEA Residents: For individuals who reside in the European Economic Area (including the United Kingdom) or Switzerland (collectively “EEA Residents”), pursuant to Article 6 of the EU General Data Protection Regulation (GDPR) or any equivalent legislation (collectively “EEA Data Protection Law”), we process this personal information to comply with our legal obligations.
• To enforce our terms in our user agreement and other agreements
COMPANY handles very sensitive information, such as your identification and financial data, so it is very important for us and our customers that we are actively monitoring, investigating, preventing and mitigating any potentially prohibited or illegal activities, enforcing our agreements with third parties, and/or violations of our posted user agreement or agreement for other Services. In addition, we may need to collect fees based on your use of our Services. We collect information about your account usage and closely monitor your interactions with our Services. We may use any of your personal information collected on our Services for these purposes. The consequences of not processing your personal information for such purposes is the termination of your account as we cannot perform our Services in accordance with our terms.
• To provide our Services
We process your personal information in order to provide the Services to you. For example, when you want to buy Digital Currency, we require certain information such as your identification, contact information, and payment information. We cannot provide you with Services without such information.
• To provide Service communications
We send administrative or account-related information to you to keep you updated about our Services, inform you of relevant security issues or updates, or provide other transaction-related information. Without such communications, you may not be aware of important developments relating to your account that may affect how you can use our Services.
• To provide customer service
We process your personal information when you contact us to resolve any questions, disputes, collect fees, or to troubleshoot problems. We may process your information in response to another customer’s request, as relevant. Without processing your personal information for such purposes, we cannot respond to your requests and ensure your uninterrupted use of the Services.
• To ensure quality control
We process your personal information for quality control and staff training to make sure we continue to provide you with accurate information. If we do not process personal information for quality control purposes, you may experience issues on the Services such as inaccurate transaction records or other interruptions. Our basis for such processing is based on the necessity of performing our contractual obligations with you.
EEA Residents: For all of the above categories, excluding the first bullet point, pursuant to EEA Data Protection Law, we process this personal information based on our contract with you.
• To ensure network and information security
We process your personal information in order to enhance security, monitor and verify identity or service access, combat spam or other malware or security risks and to comply with applicable security laws and regulations. The threat landscape on the internet is constantly evolving, which makes it more important than ever that we have accurate and up-to-date information about your use of our Services. Without processing your personal information, we may not be able to ensure the security of our Services.
EEA Residents: Pursuant to EEA Data Protection Law, we process this personal information to satisfy our legal obligations.
• For research and development purposes
We process your personal information to better understand the way you use and interact with Company’s Services. In addition, we use such information to customize, measure, and improve Company’s Services and the content and layout of our website and applications, and to develop new services. Without such processing, we cannot ensure your continued enjoyment of our Services. Our basis for such processing is based on legitimate interest.
EEA Residents: Pursuant to EEA Data Protection Law, we process this personal information to satisfy our legitimate interests as described above.
• To enhance your website experience
We process your personal information to provide a personalized experience, and implement the preferences you request. For example, you may choose to provide us with access to certain personal information stored by third parties without such processing, we may not be able to ensure your continued enjoyment of part or all of our Services.
EEA Residents: Pursuant to EEA Data Protection Law, we process this personal information to satisfy our legitimate interests as described above.
• To facilitate corporate acquisitions, mergers, or transactions
We may process any information regarding your account and use of our Services as is necessary in the context of corporate acquisitions, mergers, or other corporate transactions. You have the option of closing your account if you do not wish to have your personal information processed for such purposes.
EEA Residents: Pursuant to EEA Data Protection Law, we process this personal information to satisfy our legitimate interests as described above.
• To engage in marketing activities
Based on your communication preferences, we may send you marketing communications to inform you about our events or our partner events; to deliver targeted marketing; and to provide you with promotional offers based on your communication preferences. We use information about your usage of our Services and your contact information to provide marketing communications. You can opt-out of our marketing communications at any time.
EEA Residents: Pursuant to EEA Data Protection Law, we process this personal information to satisfy on your consent.
We will not use your personal information for purposes other than those we have disclosed to you, without your permission. From time to time we may request your permission to allow us to share your personal information with third parties. You may opt out of having your personal information shared with third parties, or allowing us to use your personal information for any purpose that is incompatible with the purposes for which we originally collected it or subsequently obtained your authorization. If you choose to limit the use of your personal information, certain features and/or Company`s Services may not be available to you.
7. COLLECTION OF GENERAL DATA AND INFORMATION
Ivory’s website collects a range of general data and information when an individual or an automated system calls up the website. This data and information are stored in the server log files. The data collected may include:
(1) the browser types and versions used,
(2) the operating system used by the accessing system,
(3) the website from which an accessing system reaches our website (so-called referrers),
(4) the sub-websites,
(5) the date and time of access to the Website,
(6) an Internet protocol address (IP address),
(7) the Internet service provider of the accessing system, and
(8) any other similar data and information that may be used in the event of attacks on our information technology systems.
When using these general data and information, Ivory does not draw any conclusions about any natural person. Rather, this information is needed to:
(1) provide our products and services, including this website, and improve them over time,
(2) deliver the content of our website correctly,
(3) optimize the content of our website as well as its advertising,
(4) ensure the long-term viability of our information technology systems and website technology,
(5) personalize and manage our relationship with users, such as introducing users to products or services that may be of interest,
(6) investigate, respond to, and manage inquiries or events, and
(7) provide law enforcement authorities with the information necessary for criminal prosecution in case of a cyber-attack.
Therefore, Ivory analyses anonymously collected data and information statistically, with the aim of increasing the data protection and data security of our Company, and to ensure an optimal level of protection for the personal data we process. The anonymous data of the server log files are stored separately from all personal data provided by a data subject.
8. INFORMATION FROM THIRD PARTY SOURCES
From time to time, we may obtain information about you from third party sources as required or permitted by applicable law, such as public databases, credit bureaus, ID verification partners, resellers and channel partners, joint marketing partners, and social media platforms.
• Public Databases, Credit Bureaus & ID Verification Partners: We obtain information about you from public databases and ID verification partners for purposes of verifying your identity. ID verification partners use a combination of government records and publicly available information about you to verify your identity. Such information includes your name, address, job role, public employment profile, credit history, status on any sanctions lists maintained by public authorities, and other relevant data. We obtain such information to comply with our legal obligations, such as anti-money laundering laws. Pursuant to EEA Data Protection Law, our lawful basis for processing such data is compliance with legal obligations. In some cases, we may process additional data about you to ensure our Services are not used fraudulently or for other illicit activities. In such instances, processing is necessary for us to continue to perform our contract with you and others.
9. COLLECTION AND USE OF INFORMATION COLLECTED AUTOMATICALLY
We receive and store certain types of information automatically, whenever you interact with the Sites or use the Services. This information does not necessarily reveal your identity directly but may include information about the specific device you are using, ie. Then hardware model, device ID, operating system version, web-browser software (ie. Firefox, Safari, or Internet Explorer) and your Internet Protocol (IP) address/MAC address/device identifier.
For example, we automatically receive and record information on our server logs from your browser, including how you came to and used the Services; your IP address; device type and unique device identification numbers, device event information (such as crashes, system activity and hardware settings, browser type, browser language, the date and time of your request and referral URL), broad geographic location (e.g. country or city-level location) and other technical data collected through cookies, pixel tags and other similar technologies that uniquely identify your browser. We may also collect information about how your device has interacted with our website, including pages accessed and links clicked. We may use identifiers to recognize you when you arrive at the Site via an external link, such as a link appearing on a third party site.
10. SHARING PERSONAL INFORMATION WITH OTHER PARTIES
We take care to allow your personal information to be accessed only by those who really need to in order to perform their tasks and duties, and to share with third parties who have a legitimate purpose for accessing it. Company will never sell or rent your personal information. We will only share your information in the following circumstances:
• We share your information with third party identity verification services in order to prevent fraud. This allows Company to confirm your identity by comparing the information you provide us to public records and other third party databases. These service providers may create derivative data based on your personal information that can be used solely in connection with provision of identity verification and fraud prevention services.
• We may share your information with service providers under contract who help with parts of our business operations such as bill collection, marketing, and technology services. Our contracts require these service providers to only use your information in connection with the services they perform for us, and prohibit them from selling your information to anyone else.
• We share your information with financial institutions with which we partner to process payments you have authorized.
• We may share your information with companies or other entities that purchase Company assets pursuant to a court-approved sale under U.S. bankruptcy law and / or where we are required to share your information pursuant to insolvency law in the U.K. or in any other jurisdiction;
• We may share your information with law enforcement, officials, or other third parties when we are compelled to do so by a subpoena, court order, or similar legal procedure, or when we believe in good faith that the disclosure of personal information is necessary to prevent physical harm or financial loss, to report suspected illegal activity or to investigate violations of our User Agreement or any other applicable policies.
If you establish a Company Account indirectly on a third party website or via a third party application, any information that you enter on that website or application (and not directly on a Company website) will be shared with the owner of the third party website or application and your information will be subject to their privacy policies.
11. SHARING PERSONAL INFORMATION WITH THIRD-PARTY SITES AND SERVICES
If you use your Company Account to transfer Digital Currency in connection with services of Company, we or you may also provide the seller with your shipping address, name, and/or email to help complete your transaction with the seller. The seller is not allowed to use this information to market their services to you unless you have agreed to it. If an attempt to transfer Digital Currency to your seller fails or is later invalidated, we may also provide your seller with details of the unsuccessful transfer. To facilitate dispute resolutions, we may provide a buyer with the seller's address so that goods can be returned to the seller.
In connection with a Digital Currency transfer between you and a third party, including merchants, a third party may share information about you with us, such as your email address or mobile phone number which may be used to inform you that a transfer has been sent to or received from the third party. We may use this information in connection with such transfers to confirm that you are a Company customer, that Digital Currency transfers are enabled, and/or to notify you that you have received Digital Currency. If you request that we validate your status as a Company customer with a third party, we will do so. You may also choose to send Digital Currency to or request Digital Currency from an email address. In such cases, your user name will be displayed in an email message notifying the user of the designated email address of your action.
Please note that merchants you interact with may have their own privacy policies, and Company is not responsible for their operations, including, but not limited to, their information practices. Information collected by third parties, which may include such things as contact details or location data, is governed by their privacy practices. We encourage you to learn about the privacy practices of those third parties.
If you authorize one or more third-party applications to access your Company Account, then information you have provided to Company may be shared with those third parties. Unless you provide further authorization, these third parties are not allowed to use this information for any purpose other than to facilitate your transactions using Company Services.
12. PROTECTION AND STORING PERSONAL INFORMATION
We understand how important your privacy is, which is why Company maintains (and requires its service providers to maintain) appropriate physical, technical and administrative safeguards to protect the security and confidentiality of the personal information you entrust to us.
We may store and process all or part of your personal and transactional information, including certain payment information, such as your encrypted bank account and/or routing numbers, in the anywhere in the world where our facilities or our service providers are located. We protect your personal information by maintaining physical, electronic, and procedural safeguards in compliance with the applicable laws and regulations.
For example, we use computer safeguards such as firewalls and data encryption, we enforce physical access controls to our buildings and files, and we authorize access to personal information only for those employees who require it to fulfill their job responsibilities. Full credit card data is securely transferred and hosted off-site by a payment vendor in compliance with Payment Card Industry Data Security Standards (PCI DSS). This information is not accessible to Company staff.
However, we cannot guarantee that loss, misuse, unauthorized acquisition, or alteration of your data will not occur. Please recognize that you play a vital role in protecting your own personal information. When registering with our Services, it is important to choose a password of sufficient length and complexity, to not reveal this password to any third-parties, and to immediately notify us if you become aware of any unauthorized access to or use of your account.
13. ACCESS AND/OR CHANGES IN RESPECT OF YOUR PERSONAL INFORMATION
You are entitled to review, correct, or amend your personal information, or to delete that information where it is inaccurate. You may do this at any time by logging in to your account and clicking the Profile menu
14. RIGHTS IN RELATION TO THE USE OF YOUR PERSONAL INFORMATION
Rights of access, correction and deletion
You have a right of access to the personal information that we hold about you under European data protection legislation, and to some related information. You can also require any inaccurate personal information to be corrected or deleted.
Right to object
You can object to our use of your personal information for direct marketing purposes at any time and you may have the right to object to our processing of some or all of your personal information (and require them to be deleted) in some other circumstances.
If you wish to exercise any of these rights, please contact us as set out below.
15. RETENTION OF PERSONAL INFORMATION
We store your personal information securely throughout the life of your Company Account. We will only retain your personal information for as long as necessary to fulfil the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting obligations or to resolve disputes. While retention requirements vary by jurisdiction, information about our typical retention periods for different aspects of your personal information are described below.
• Contact Information such as your name, email address and telephone number for marketing purposes is retained on an ongoing basis until you unsubscribe. Thereafter we will add your details to our suppression list indefinitely.
• Content that you post on our website such as support desk comments, photographs, videos, blog posts, and other content may be kept indefinitely after you close your account for audit and crime prevention purposes.
• Recording of our telephone calls with you may be kept for a period of up to six years.
• Information collected via technical means such as cookies, webpage counters and other analytics tools is kept for a period of up to one year from expiry of the cookie.
16. CHILDREN'S PERSONAL INFORMATION
We do not knowingly request to collect personal information from any person under the age of 18. If a user submitting personal information is suspected of being younger than 18 years of age, COMPANY will require the user to close his or her account and will not allow the user to continue buying or selling digital currencies. We will also take steps to delete the information as soon as possible. Please notify us if you know of any individuals under the age of 18 using our Services so we can take action to prevent access to our Services.
17. INTERNATIONAL TRANSFERS OF PERSONAL INFORMATION
While Company is based in the United Arab Emirates, our service providers may store, transfer, and otherwise process your personal information in countries outside of the United Arab Emirates, and/or outside of country of your residence. We use approved Model Contractual Clauses for the international transfer of personal information collected in the European Economic Area and Switzerland, or require that any third party located in the U.S. receiving your personal information is certified under the E.U.-U.S. and/or the Swiss-U.S. Privacy Shield Frameworks and require that the third party agree to at least the same level of privacy safeguards as required under applicable data protection laws.
If you have a complaint about our privacy practices and our collection, use or disclosure of personal information please contact us at email@example.com.
18. EEA USERS & DATA
If you are a resident of the EEA, the Company shall control your personal information.
If you are a current customer residing in the EEA, we will only contact you by electronic means (email or SMS) with information about our Services that are similar to those which were the subject of a previous sale or negotiations of a sale to you.
If you are a new customer and located in the EEA, we will contact you if you are located in the EU by electronic means for marketing purposes only if you have consented to such communication. If you do not want us to use your personal information in this way, or to pass your personal information on to third parties for marketing purposes, please go to the Privacy Rights Dashboard in your account to opt-out or contact us at firstname.lastname@example.org. You may raise such objection with regard to initial or further processing for purposes of direct marketing, at any time and free of charge. Direct marketing includes any communications to you that are only based on advertising or promoting products and services
EEA Residents have the following rights, which can be exercised by going to your Privacy Rights Dashboard or contacting us at email@example.com so that we may consider your request under applicable law.
Our Privacy Rights Dashboard allows you to set your communication preferences and make individual rights requests relating to your personal information. We encourage you to make any individual rights requests through the Privacy Rights Dashboard because it ensures that you have been authenticated already. Otherwise, when we receive an individual rights request via email we may take steps to verify your identity before complying with the request to protect your privacy and security.
• Right to withdraw consent. You have the right to withdraw your consent to the processing of your personal information collected on the basis of your consent at any time. Your withdrawal will not affect the lawfulness of Company’s processing based on consent before your withdrawal.
• Right of access to and rectification of your personal information. You have a right to request that we provide you a copy of your personal information held by us. This information will be provided without undue delay subject to some fee associated with gathering of the information (as permitted by law), unless such provision adversely affects the rights and freedoms of others. You may also request us to rectify or update any of your personal information held by Company that is inaccurate. Your right to access and rectification shall only be limited where the burden or expense of providing access would be disproportionate to the risks to your privacy in the case in question, or where the rights of persons other than you would be violated.
• Right to erasure. You have the right to request erasure of your personal information that: (a) is no longer necessary in relation to the purposes for which it was collected or otherwise processed; (b) was collected in relation to processing that you previously consented, but later withdraw such consent; or (c) was collected in relation to processing activities to which you object, and there are no overriding legitimate grounds for our processing. If we have made your personal information public and are obliged to erase the personal information, we will, taking account of available technology and the cost of implementation, take reasonable steps, including technical measures, to inform other parties that are processing your personal information that you have requested the erasure of any links to, or copy or replication of your personal information. The above is subject to limitations by relevant data protection laws.
• Right to data portability. If we process your personal information based on a contract with you or based on your consent, or the processing is carried out by automated means, you may request to receive your personal information in a structured, commonly used and machine-readable format, and to have us transfer your personal information directly to another “controller”, where technically feasible, unless exercise of this right adversely affects the rights and freedoms of others. A “controller” is a natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of your personal information.
• Right to restriction of or processing. You have the right to restrict or object to us processing your personal information where one of the following applies:
(a) You contest the accuracy of your personal information that we processed. In such instances, we will restrict processing during the period necessary for us to verify the accuracy of your personal information.
(b) The processing is unlawful and you oppose the erasure of your personal information and request the restriction of its use instead.
(c) We no longer need your personal information for the purposes of the processing, but it is required by you to establish, exercise or defense of legal claims.
(d) You have objected to processing, pending the verification whether the legitimate grounds of Company’s processing override your rights.
Restricted personal information shall only be processed with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest. We will inform you if the restriction is lifted.
• Notification of erasure, rectification and restriction. We will communicate any rectification or erasure of your personal information or restriction of processing to each recipient to whom your personal information have been disclosed, unless this proves impossible or involves disproportionate effort. We will inform you about those recipients if you request this information.
• Right to object to processing. Where the processing of your personal information is based on consent, contract or legitimate interests you may restrict or object, at any time, to the processing of your personal information as permitted by applicable law. We can continue to process your personal information if it is necessary for the defense of legal claims, or for any other exceptions permitted by applicable law.
• Automated individual decision-making, including profiling. You have the right not to be subject to a decision based solely on automated processing of your personal information, including profiling, which produces legal or similarly significant effects on you, save for the exceptions applicable under relevant data protection laws.
• Right to lodge a complaint. If you believe that we have infringed your rights, we encourage you to contact us first at firstname.lastname@example.org so that we can try to resolve the issue or dispute informally. You can also complain about our processing of your personal information to the relevant data protection authority. You can complain in the EU member state where you live or work, or in the place where the alleged breach of data protection law has taken place. In the UK, the relevant data protection authority is the Information Commissioner's Office (ICO).
Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, 0303 123 1113, email@example.com.
• Storage of your personal information. COMPANY will try to limit the storage of your personal information to the extent that storage is necessary to serve the purpose(s) for which the personal information was processed, to resolve disputes, enforce our agreements, and as required or permitted by law.
• Data Protection Officer: You may reach the Company Data Protection Officer at dpo@Company.com.
Your rights to personal information are not absolute. Access may be denied when:
• Denial of access is required or authorized by law;
• Granting access would have a negative impact on other's privacy;
• Granting access would have a negative impact on other's privacy;
• To protect our rights and properties; and
• Where the request is frivolous or vexatious.
19. LEGAL BASIS FOR THE PROCESS OF PERSONAL INFORMATION
Our legal bases for process under EEA Data Protection Law are described above. We may process your personal information if you consent to the processing, to satisfy our legal obligations, if it is necessary to carry out our obligations arising from any contracts we entered with you, or to take steps at your request prior to entering into a contract with you, or for our legitimate interests to protect our property, rights or safety of Company our customers or others.
As it already has been described, GDPR serves as the legal basis for processing operations for which we obtain consent for a specific processing purpose. Process of personal data is necessary for the performance of a contract to which the data subject is party, as is the case, for processing operations of supply of goods or to provide any other service. The same applies to such operations which are necessary for carrying out pre-contractual measures, or any inquiries concerning our products or services.
The processing operations` legal basis is used for processing operations which are not covered by any of the above-mentioned legal grounds, if processing is necessary for the purposes of the legitimate interests pursued by Ivory or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data. Such processing operations are particularly permissible because they have been specifically mentioned by the European legislator. He considered that a legitimate interest could be assumed if the data subject is a client of the controller.
The data subject may, at any time, prevent the setting of cookies through our website by means of a corresponding setting of the Internet browser used, and may thus permanently deny the setting of cookies. Furthermore, already set cookies may be deleted at any time via an Internet browser or other software programs. This is possible in all popular Internet browsers. If the data subject deactivates the setting of cookies in the Internet browser used, not all functions of our website may be entirely usable.
21. SOCIAL MEDIA
Registration on the Website
Users have the possibility to register on the Ivory’s website using personal data. Which personal data are transmitted to the controller is determined by the respective input mask used for the registration. The personal data entered by the data subject are collected and stored exclusively for internal use by the controller, and for his own purposes. The controller may request transfer to one or more processors that also use personal data for an internal purpose which is attributable to the controller. By registering on the website, the IP address, date, and time of the registration are also stored. The storage of this data is necessary to secure Ivory as controller. This data is not passed on to third parties unless there is a statutory obligation to pass on the data, or if the transfer serves the aim of criminal prosecution. Ivory provides information upon request to a natural person as to what personal data are stored. We also correct or erase personal data on request, insofar as there are no statutory storage obligations. The Data Protection Officer is available in such cases as the contact person.
Subscription to our newsletter
On the Ivory website, users are given the opportunity to subscribe to our newsletter. The input mask used for this purpose determines what personal data are transmitted, as well as when the newsletter is ordered from the controller. Ivory informs its customers and business partners regularly by means of a newsletter about enterprise offers. This newsletter may only be received if you have a valid e-mail address and you register for the newsletter. A confirmation e-mail will be sent to the e-mail address registered by you for the first time dispatch of the newsletter, for legal reasons, in the double opt-in procedure. This confirmation e-mail is used to prove whether the owner of the e-mail address as the data subject is authorized to receive the newsletter. During the registration for the newsletter, we also store the IP address of the computer system assigned by the Internet service provider (ISP) and used by the data subject at the time of the registration, as well as the date and time of the registration. The collection of this data is necessary in order to understand the (possible) misuse of the e-mail address of a data subject at a later date, and it therefore serves the aim of the legal protection of the controller. The personal data collected as part of a registration for the newsletter will only be used to send our newsletter. In addition, subscribers to the newsletter may be informed by e-mail, as long as this is necessary for the operation of the newsletter service or a registration in question, as this could be the case in the event of modifications to the newsletter offer, or in the event of a change in technical circumstances. There will be no transfer of personal data collected by the newsletter service to third parties. The subscription to our newsletter may be terminated by you at any time. The consent to the storage of personal data, which you have given for sending the newsletter, may be revoked at any time. For the purpose of revocation of consent, a corresponding link is found in each newsletter.
Data protection provisions about the application and use of Twitter
On its website Ivory has integrated components of Twitter. Twitter is a multilingual, publicly-accessible microblogging service on which users may publish and spread tweets, i.e. short messages limited to 140 characters. These short messages are available for everyone, including those who are not logged on to Twitter. The tweets are also displayed to so-called followers of the respective user. Followers are other Twitter users who follow a user's tweets. Furthermore, Twitter allows you to address a wide audience via hashtags, links or retweets.
The operating Company of Twitter is Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, UNITED STATES.
Twitter receives information via the Twitter component that the data subject has visited our website, provided that the data subject is logged in on Twitter at the time of the call-up to our website. This occurs regardless of whether the person clicks on the Twitter component or not. If such a transmission of information to Twitter is not desirable for the data subject, that he may prevent this by logging off from their Twitter account before a call-up to our website is made. The applicable data protection provisions of Twitter may be accessed under https://twitter.com/privacy?lang=en.
Data protection provisions about the application and use of Facebook
Data protection provisions about the application and use of LinkedIn
Data protection provisions about the application and use of Google Analytics
On this website, we have integrated the component of Google Analytics (with the anonymizer function). Google Analytics is a web analytics service. Web analytics is the collection, gathering, and analysis of data about the behavior of visitors to websites. A web analysis service collects, inter alia, data about the website from which a person has come (the so- called referrer), which sub-pages were visited, or how often and for what duration a sub- page was viewed. Web analytics are mainly used for the optimization of a website and in order to carry out a cost-benefit analysis of Internet advertising. The operator of the Google Analytics component is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, United States. Further information and the applicable data protection provisions of Google may be retrieved under: https://www.google.com/intl/en/policies/privacy/ and under: http://www.google.com/analytics/terms/us.html. Google Analytics is further explained under the following Link https://www.google.com/analytics/.
22. EXISTENCE OF AUTOMATED DECISION-MAKING
We may analyze your personal information to create a profile of your interests and preferences so that we can contact you with information relevant to you. We may make use of additional information about you when it is available from external sources to help us do this effectively. If you wish to exercise your rights in respect of automated individual decision making, you may at any time directly contact our Data Protection Officer.
Personal data can be controlled if the data subject consents to it. The data controller is entitled to control only the personal data essential and appropriate for the execution of the purpose of data control and to the extent and period necessary for it. Personal data can only be controlled with the specific consent of the data subject, based on sufficient information. The data subject must be informed in a transparent, detailed and understandable way of all the facts relating to the control of his/her personal data, and especially of the purpose and legal grounds of the data control, the person entitled to process these data, the period of data control and the people who can access their data. This information must include the rights and the available legal remedies of the data subject with respect to the data control. The controlled personal data must comply with the following requirements: (i) recording and controlling processes shall be carried in a fair and lawful way; (ii) the data are accurate, complete and up-to-date, if necessary; (iii) data storage allows the identification of the data subject only to the period necessary for the storage of the data.
24. DATA STORAGE AND SAFETY
The system and network are protected against computer-assisted frauds, spying, sabotage, acts of vandalism, fire and flood as well as viruses, computer break-ins and attacks resulting in refusal of operation. The operator provides maximum safety through system-level as well as application-level protective proceedings. Ivory cautions that electronic messages transmitted on the internet irrespective of the protocols employed (e-mail, web, ftp, etc.) are vulnerable to threats to the network which may result in dishonorable conduct, the contesting of the agreement, disclosure or modification of information. Ivory makes its best efforts within its power to protect the data from these threats.
In respect of the storage of personal data, we store during the period according to the statutory retention period. After expiration of the said period, the corresponding data is routinely deleted, as long as it is no longer necessary for the fulfillment of the contract or the initiation of a contract.
Please note that in the event of inconsistency or discrepancy between the English version and any of the other linguistic versions of this policy, the English language version shall prevail.
HOW TO CONTACT US
You can also complain about our processing of your personal information to the relevant data protection authority.
The data controller contacts are: Controller for the purposes of the GDPR, other data protection laws applicable in member states of the European Union and other provisions related to data protection is: Name: IVORY TECHNOLOGIES LLC.