Last updated: 1 January 2021
Children and privacy: We do not solicit or target persons under 18 years of age. We do not knowingly collect any information relating to children under the age of 18. By submitting information to us you represent that you are over the age of 18 and if we discover that a child under 18 has provided us with personal information, we will promptly delete such personal information from our systems.
Applicable Laws: We value our users’ privacy, and we comply with all applicable data privacy laws of the jurisdictions in which we operate, including the General Data Protection Regulation ((EU) 2016/679); the UK’s Data Protection Act 2018; the Privacy and Electronic Communications Directive 2002/58/EC (as updated by Directive 2009/136/EC) and the Privacy and Electronic Communications Regulations 2003 (SI 2003/2426) as amended, collectively the “Data Laws”. The specific law that will apply to you and your data will be determined by the location in which you live: if you live in Europe, the EU GDPR will apply, and if you live in the UK, the UK’s Data Protection Act 2018 will apply. Any reference to ‘personal data’ within this Policy, has the meaning ascribed to it by either of these applicable regulations. If you are a resident of California, USA, the California Consumer Privacy Act may be applicable as explained in this Policy.
2. Information that we collect
We collect information about you directly from you, from third parties, and automatically through your use of our Services. We may combine information collected from or about you from these various sources. You have choices about the data we collect. When you are asked to provide personal data, you may decline. But if you choose not to provide data that is necessary to provide a product or feature, you may not be able to use that product or feature. The data we collect depends on the context of your interactions with EOSDA, the choices you make, including your privacy settings, and the products and features you use.
2 A. We collect information from you when you sign up to our Services
- We collect information about you directly from you as you input the information to our Services.
- We will collect your personal details (which may or may not be considered personal data within the meaning of the Data Laws) including but not limited to your real name, user name, telephone, location, email address and any other information you submit when you access our Site and opt to input data.
- If you sign up to receive news or updates from us, we will collect information such as your email address, or your business name and location and other contact information if you provide us with it.
2 B. We collect data when you communicate with us
- If you contact us in any manner we will keep any information you provide to us including records of correspondence, and you should be aware that we monitor and may record telephone calls and written correspondence for training and security purposes.
- If you provide feedback or testimonials to us, or take part in any customer survey, or participate in events, promotions, product, feature or service launches, or competitions, we will keep any information you provide.
2 C. We collect data when you visit or otherwise make use of the Services
If you’re just browsing our Site or otherwise making any use of our Services we will collect different data as you do it, some of which may be considered personal data:
- A record of all of your activity on our services including communication logs and search histories;
- Your location according to the IP address assigned to your computer machine or device by your Internet Service Provider, and mobile location data (more details below);
- Usage data about how you use our site, this is what we consider Anonymous Data, which we collect using Cookies (more details below).
Some of these activities are a bit more detailed so please read below about the specifics of some of these data types and how we collect them from you.
2 D. Information We Collect Automatically Through Our Services.
We automatically collect information about you through your use of our Site or Services, including, without limitation:
- Log information, such as your Internet protocol (IP) address, the type of browser you are using, information about the device you are using, domain name, the website that led you to our Services, the website to which you go after leaving our Services, your location, and the dates and times you access our Services.
Please see our Cookies and Other Tracking Mechanisms section below for more information. We may combine information we collect automatically with information we collect directly from you or from third parties.
3. How we use your information
We process data, including personal data (as may be defined by Data Laws), that we collect from you for the following legitimate purposes:
3 A. Providing and Improving Our Services.
We use the information we collect about you:
- to provide and maintain our Site and Services and to fulfil your requests for our products, programs, and services on the Site and across our Services;
- to improve our Services;
- to develop new features, programs, products, or services and to offer these to you from us, our affiliates and selected third parties that we believe may be of interest to you;
- to authenticate users;
- to perform technical operations, such as updating software;
- to validate our users and ensure their qualifications to use our Services;
- for customer service and support purposes.
3 B. Marketing and Communications
We use the information we collect about you:
- to communicate with you about your account and/or use of our Services, including providing you with product updates;
- to respond to your enquiries;
- to provide you with news and newsletters, special offers, promotions, and other information from ourselves, our affiliates and selected third parties we think may interest you;
- for other informational, marketing, or promotional purposes. Our communications with you may include communications via email. Please see our section regarding Your Choices for more information about how to change your communications preferences.
- to notify you when we make changes to our terms or policies if necessary;
- to otherwise enforce or exercise any rights in our terms and policies.
3 C. Research and Analytics
We use the information we collect about you:
- to analyze how you interact with our Services;
- to monitor and analyze usage and activity trends; and
- for other research, analytical, and statistical purposes.
3 D. Protecting Rights and Interests
We use the information we collect about you:
- to protect the safety, rights, property, or security of EOSDA, the Services, any third party, or the general public;
- to detect, prevent, or otherwise address fraud, security, or technical issues; to prevent or stop activity which EOSDA, in its sole discretion, may consider to be, or to pose a risk of being, an illegal, unethical, or legally actionable activity;
- to use as evidence in litigation or any other civil dispute, matter or criminal matter; and
3 E. Legal Compliance
We use the information we collect about you to comply with applicable legal or regulatory obligations, including as part of a judicial proceeding; to respond to a subpoena, warrant, court order, or other legal process; or as part of an investigation or request, whether formal or informal, from law enforcement or a governmental authority.
3 F. Use of non-personal information
We use aggregate information about our users and non-personal information that we collect:
- to improve the design, functionality, and content of our Site and Services and to allow us to personalize your experience with our Services;
- to provide, maintain, personalize, protect, improve, and develop our products, programs, and services and to operate our business;
- to analyze usage and performance of our Site and Services;
- to tailor display for us and our affiliates, business partners, and selected third parties to offer you products, programs, or services.
4. Disclosing and and sharing your information
4 A. To our affiliates
4 B. To third party service providers
We may disclose your information to our vendors, service providers, agents, or others who perform functions on our behalf. For example, we may disclose your information to third-party service providers to process payments on our behalf.
4 C. For business transfers
We may disclose your information to another entity in connection with, including during negotiations of, an acquisition or merger, sale or transfer of a business unit or assets, bankruptcy proceeding, or as part of any other similar business transfer to a buyer or prospective buyer of our business, our professional advisers, such as our lawyers, where it is necessary for them to advise and to any other persons if we are under a duty to disclose or share your information in order to comply with any legal obligation.
4 D. For protecting rights and Interests
4 E. Legal Compliance
We may be required by law e.g. through potential or actual litigation, court order, public or governmental authorities, or rules and regulations within or out with your country of residence to disclose all or part of your information to third parties. We may also deem it necessary to make such a disclosure in the event of an issue of national security, law enforcement or other such similar situations as we deem necessary including, for example, allegations of alleged infringement of copyright, trade marks or other third parties’ rights by users or any criminal activity, whether formal or informal, from law enforcement or a government official.
4 F. Aggregate and De-Identified Information
We may disclose aggregate, anonymous, or de-identified information about users for marketing, advertising, research, compliance, or other purposes.
5 A. When we market to you directly about our, or third party, services
We may share your information with our affiliates or third parties to develop and deliver targeted advertising to you of our or third party products and services, or to help us to prepare marketing reports. We may send you information about our or our affiliates’ products and services, news and offers, and selected third party products and services that we think may be of interest to you. We may do this by contacting you through your email address or mobile phone number that you have provided. Any communication received from us, as consented to by you, will clearly state that it is being sent by us. You have the option to opt-out of our marketing communications at any time (see below).
5 B. When third parties market to you directly
If you have consented to receive marketing communications from third parties your data may be passed on to such third parties as we enter into data sharing agreements with, from time to time, for marketing and analytical reporting purposes. We cannot be held liable for the content of the third party’s communications or products/services they are promoting. If you have provided this consent, but change your mind, you can opt-out at any time (see below). Please be advised that you will also require to contact the individual third parties who have been marketing to you if you wish to stop receiving their communications directly.
5 C. Opting Out of Marketing
If you change your mind about the marketing consent you have granted to us, you can follow the opt out procedures contained in any marketing email, or you can opt out by emailing us at firstname.lastname@example.org
Please be aware that it may take up to ten (10) business days for us to process opt-out requests. Opting out of marketing emails will not impact upon email communications you may continue to receive which are relevant to the administration of your account, or relative to any other Services you have requested to receive from us (unless those have been opted out of also).
They enable us:
- to estimate our audience size and usage pattern;
- to store information about your preferences, and so allow us to customise the Services according to your individual interests;
- to speed up your user experience on Site;
- to recognise you when you return to any Site or Services;
- to provide anonymised statistical information: Non-personal data may be gathered on our behalf using cookies, log file data, and code that is embedded on our websites by specific third party partners to help these selected third parties to deliver relevant advertisements to you.
We use this cookie information to help improve the services we provide to you. When you visit the publicly available sections of the Services, a session ID cookie is placed on your computer that only lasts while you’re visiting. We also place persistent cookies (also known as local storage devices) on user computers, so that we remember them to make your login in process faster and easier.
6 A. Controlling and deleting cookies
- by using the opt-outs provided below;
- by visiting http://www.youronlinechoices.com/; or
- through your browser, as explained below.
You can also block cookies by changing your browser settings so that cookies from this Site cannot be placed on your computer or mobile device. In order to do this follow the instructions provided by your browser (usually located within the “Help”, “Tools” or “Edit” facility). Disabling a cookie or category of cookie does not delete the cookie from your browser, you will need to do this yourself from within your browser.
6 B. What cookies are used for and why we use them on this Site
This table shows fully the cookie functions and why they are used, although our uses may change over time and it is important that you revisit this page to understand these uses:
Analytics and research
We also use the information collected by Hotjar. If you have Cookies disabled, you won’t be tracked by any website using Hotjar. Most web browsers allow some control of most cookies through the browser settings. To find out what cookies have been set and how to manage and delete them, we recommend visiting All About Cookies (https://www.allaboutcookies.org/). You can opt-out of Hotjar here: https://help.hotjar.com/hc/en-us/articles/115011789248-Hotjar-Cookies
Security and site integrity
Site features and services
6 C. Do Not Track Disclosure.
Our Services do not respond to Do Not Track signals. For more information about Do Not Track signals, please click here. You may, however, disable certain tracking as discussed in the Cookies and Other Tracking Mechanisms section above (e.g., by disabling cookies).
7. Data retention
Irrespective of the above, EOSDA may still retain some of the data to the extent such retention is necessary to resolve disputes, enforce EOSDA user agreements, and comply with technical and legal requirements and constraints related to the security, integrity and operation of Services and international law enforcement or matters of dispute.
If your account is ever terminated by us, or you have been identified by us as a potential or otherwise threat to our business, our Services, our Site or our users, your email address will be retained on our internal blacklist for as long as we deem necessary to protect the business and its users.
8. Storage of your information
9. Your rights
International Data Laws give users a number of rights which you are free to exercise at any time regarding any personal data that you have provided to us. Some of these are rights required by law, if you reside in UK or EU states, for example, however, others are applicable to all users as we wish to ensure that you have open access to your data, and the ability to amend your consents easily. You can view, edit, or delete your personal data online for many EOSDA products. You can make choices about EOSDA’s collection and use of your data. How you can access or control your personal data will depend on which products you use. You can always contact EOSDA by email@example.com. We will respond to requests to access or delete your personal data promptly and in any case within any time limits set by applicable Data Laws.
9 A. Right to access personal data we hold about you
You can request a copy of the personal data that we hold about you and we aim to respond within 14 to 30 days. To obtain a copy of your data, simply email our data protection team at firstname.lastname@example.org. We may request you to provide additional information in order to verify your identity to protect the disclosure of information. We need to make sure you are who you claim to be when requesting copies of data, and once we are satisfied about your identity we will email or post a copy of your data to you. If this verification stage involves you providing us with any identification documents, these documents will be viewed for the purpose of verifying your identity prior to us making any personal data disclosures to you, and will the identification documents will not be stored for any period of time longer than this, nor will they be used for any purpose whatsoever other than facilitating your request for access. If you are not a resident of the UK or EU, we reserve the right to charge a small administration fee for provision of this information, if so permitted by the data laws governing your place of residence.
9 B. Right to amend/correct the data we hold on you
We want to make sure we have everything right in our database so please simply contact us at to make any amendments to our records by emailing email@example.com
9 C. Changing your consent and opting out
It’s ok to change your mind about what personal data you are allowing us to use and keep and what you don’t want us to use or keep. You can contact firstname.lastname@example.org. We have to advise you however, that opting out of some personal data processing/storage will result in a loss of functionality of the services and a reduced user experience.
9 D. Right to “be forgotten” (Applicable to residents of EU or UK only)
You have the right to have all of your personal data erased when you stop using the services. Sometimes we need to keep a record of some data for security purposes (for example to assist law enforcement agencies with any criminal investigations) or for payment processing (to prove to banks that we were authorised to take payments from you if you pay to use the services). To request erasure of all of your personal data please contact email@example.com
9 E. Rights available to residents of California, USA only
We may be required to act in compliance with the California Consumer Privacy Act (CCPA) and this section applies to you as an individual if you are a resident of California, USA, with references to personal information having the meaning given in that Act.
We collect the following categories of Personal Information, as defined by the CCPA:
Inferences, Identifiers, Commercial Information, Employment Information, all of which is described at Section 2 of this Policy. This information is collected for the purposes described in Sections 3 and 5 of this Policy and shared as described in Sections 4 and 5.
If you reside in California, then under the CCPA you have the following rights:
- You have the right to obtain from us access to the information we hold on you, and you are entitled to know if we have shared that information with any third parties. If you would like to request this information, please submit your request by emailing firstname.lastname@example.org. It is important to protect you that we ensure the person making the request is really you and we will contact you to let you know what else we need from you before we send you a copy of your personal information, which currently involves providing us with photographic identification (which is used for the purpose of verifying your identity and is not otherwise used or stored by us). You are entitled to receive a response from us within 45 days.
- You have the right to ask us to delete all the personal information we hold on you. If you would like to request the deletion of your information, please submit your request by emailing email@example.com. It is important to protect you that we ensure the person making the request is really you and we will contact you to let you know what else we need from you before we send you a copy of your personal information, which currently involves providing us with photographic identification (which is used for the purpose of verifying your identity and is not otherwise used or stored by us). You are entitled to receive a response from us within 45 days.
- Please note that Your Right to Access and Right to Deletion are not absolute and are subject to certain exceptions. For instance, we cannot disclose specific pieces of Personal Information if the disclosure would create a substantial, articulable, and unreasonable risk to the security of the Personal Information, your account with us or the security of the business’s systems of networks.
- You have the right to appoint an authorized agent to submit a request to opt-out of the sale of personal information on your behalf if you provide the authorized agent written permission to do so. If you use an authorized agent to submit a request, he or she must provide their name, email address, phone number, and written permission from you that includes your contact information. We will contact you using the information provided and verify your identity directly with us. We cannot respond to your request to provide additional disclosures or delete any personal information if we cannot verify your identity and the authorized agent’s authority to make the request on your behalf. Written permission is not required if the agent provides proof of power of attorney.
10. Keeping information secure
In using your information for legitimate purposes, we may combine data we collect to give you a more personalized experience. However, to enhance privacy, we have built in technological and procedural safeguards designed to prevent certain data combinations. For example, we store data we collect from you when you are unauthenticated (not signed in) separately from any account information that directly identifies you, such as your name, email address or phone number. Where any information is required to be disclosed to third party service providers to ensure the provision of Services to you, all such third parties are subject to strict data processing agreements.
You should take steps to protect against unauthorized access to your device and account by, among other things, choosing a robust password that nobody else knows or can easily guess and keeping your log-in and password private. We are not responsible for any lost, stolen, or compromised passwords or for any activity on your account via unauthorized password activity.
11. Limitation of liability
SOME STATES OR JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF CERTAIN DAMAGES, SO THE FOLLOWING LIMITATION AND EXCLUSIONS MAY NOT APPLY TO YOU. TO THE FULLEST EXTENT ALLOWED BY APPLICABLE LAW, UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY (INCLUDING, WITHOUT LIMITATION, TORT, CONTRACT, STRICT LIABILITY, OR OTHERWISE) SHALL EOSDA (OR ITS LICENSOR(S) OR SUPPLIER(S)) BE LIABLE TO YOU OR TO ANY OTHER PERSON FOR (A) ANY INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY KIND, INCLUDING DAMAGES FOR LOST PROFITS, LOSS OF GOODWILL, WORK STOPPAGE, ACCURACY OF RESULTS, OR COMPUTER FAILURE OR MALFUNCTION, OR (B) ANY AMOUNT, IN THE AGGREGATE, IN EXCESS OF THE GREATER OF (I) $100 OR (II) THE AMOUNTS PAID BY YOU TO EOSDA IN CONNECTION WITH THE SERVICES IN THE THREE (3) MONTH PERIOD PRECEDING THIS APPLICABLE CLAIM, OR (C) ANY MATTER BEYOND OUR REASONABLE CONTROL.
12. Third party links
13. Governing law and jurisdiction
14. Important contacts for privacy matters
In accordance with the applicable UK and EU Data Laws, the following representatives are authorised to receive written communications on our behalf from the relevant supervising authorities and any data subjects exercising their rights under the UK Data Protection Act 2018, or the European General Data Protection Regulation:
UK Representative (in accordance with the UK Data Protection Act 2018):
Elpha Fox Privacy, 7 Bell Yard, London, WC2A 2JR
We hope that we will be able to directly resolve any complaint that you may have, however, if you are not happy with how we handle any complaint, depending on your place of residence, you may be able to raise a complaint at any time to your country’s national data protection authority.