§ 1 General provisions
- The administrator of the personal data of the users of the website located at the domain www.icea-group.com is iCEA Group International Joint Stock Company with its registered seat at 19 W 34TH SUITE 1018, NEW YORK, NY 10001, USA (hereinafter: “Administrator”).
- Contact with the Administrator is possible:
(1) at e-mail address: firstname.lastname@example.org,
(2) in writing, to the Administrator’s address: 19 W 34TH SUITE 1018, NEW YORK, NY 10001, USA.
- The purpose of the Policy is to define the actions taken with respect to personal data collected through the Administrator’s website and related services and tools used by its users, as well as in the activity of entering into and performing contracts in contact outside the website.
- If necessary, the provisions of this Policy may be amended. The change will be communicated to users by announcing the new content of the Policy, and in the case of the base of persons who have consented to the processing of data by e-mail or have provided e-mail data in the performance of contracts, they will also be notified of the change by e-mail.
§ 2 Basis for processing, purposes and storage of personal data
- Your personal information is processed in accordance with the laws and regulations under applicable privacy laws in Canada, including The Personal Information Protection and Electronic Documents Act (“PIPEDA”).
- In the case of processing of personal data on the basis of an e-mail or a complaint sent by the user, such processing shall be carried out in accordance with which processing is necessary in order to take action at the request of the data subject.
- In the case of obtaining a separate consent of the user, his personal data can be processed by the administrator also for marketing purposes, including in order to send commercial information electronically to the e-mail address specified by the user.
- In the case of conclusion and performance by the Administrator of a sales contract or a contract for the provision of services, the other party shall be obliged to provide the data necessary for the conclusion of the contract (which is a contractual requirement, and in terms of tax numbers also a statutory requirement) and for this purpose the Administrator processes personal data.
- In the case of research and analysis for the purpose of improving the performance of available services (e.g. tracking tools), the user’s consent is indicated as the basis for data processing.
- Users’ personal data are stored no longer than necessary to achieve the purpose of processing, i.e. until the withdrawal of consent if the processing is based on such consent, until the statute of limitations of claims of the Administrator and the other party for the execution of concluded agreements (in the case of sales contracts/service contracts, 2 years, counting from the end of the year) and until the execution of the inquiry directed by e-mail or the completion of complaint handling.
- To the extent necessary for the proper functioning of the website, its functionality and the proper performance of the payment operation (if such is carried out by the website), the website uses the User’s metadata. Metadata means the process of reading and recognizing by the website’s IT system the configuration and components of the computer used by the user in order to adjust the website to its capabilities and to establish a secure connection between the user’s computer and the website. It is important to note that this metadata cannot identify you personally and is not harmful to any data stored on your computer. Nevertheless, the User is entitled to withdraw his or her consent to the processing of metadata at any time by configuring his or her browser accordingly or by downloading the relevant plug-in provided by the browser’s manufacturer. To do so, please consult the software manufacturer and its recommendations.
- The Administrator may use profiling for direct marketing purposes, but the decisions made on its basis by the Administrator do not concern conclusion or refusal of a contract or the possibility of using electronic services. The use of profiling may result, for example, in a person being granted a discount, being sent a discount code, being reminded of unfinished purchases, being offered a product that may match the person’s interests or preferences, or being offered better terms than the standard offer. Despite the profiling, it is up to the individual to decide whether they want to take advantage of the discount or better terms and make a purchase. Profiling consists in automatic analysis or prediction of a given person’s behavior on the Administrator’s website, e.g. by adding a particular product to the shopping cart, browsing a particular product page or analysis of the previous activity history on the website. Such profiling is conditioned by the fact that the Administrator has the personal data of a given person in order to be able to send him/her e.g. a discount code.
- To the extent necessary for the proper functioning of the website, its functionality, the website may, when used by the User, collect other information, including but not limited to:
- IP address;
- device, hardware and software information, such as hardware identifiers, mobile device identifiers (e.g., Apple Identifier for Advertising [“IDFA”] or advertising identifier on an Android device [“AAID”]),
- platform type,
- settings and components,
- installed software
- presence of necessary plug-ins;
- approximate geolocation data (compiled from IP address or device settings);
- browser data, including browser type and preferred language;
- Having regard to the nature, scope, context and purposes of the processing and the risk of violation of the rights or freedoms of natural persons of varying probability and gravity, the Administrator shall implement appropriate technical and organizational measures to ensure that the processing is carried out in accordance with the Regulation and to be able to demonstrate it. These measures shall be reviewed and updated as necessary. The Administrator shall apply technical measures to prevent the acquisition and modification by unauthorized persons, of personal data transmitted electronically.
§ 3 Data sharing
- The Administrator shall ensure that any personal information collected is used to fulfill obligations to users. This information will not be shared with third parties except where:
- the explicit consent of the data subjects to do so is given beforehand, or
- if an obligation to provide such data is or will be imposed by applicable law, such as law enforcement agencies
- In addition, personal data of service recipients and customers may be transferred to the following recipients or categories of recipients:
- The Administrator may share anonymized data (i.e. data that does not identify specific Users) with external service providers in order to better identify the attractiveness of advertisements and services for Users, and in this regard, due to the location of the software providers, the data may be transferred – subject to protection – to third countries. These entities in the case of the Administrator are:
- Google LLC. (registered office: 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) for Google Analytics tools used to analyse web site statistics, Google Tag manager: used to manage scripts by easily adding code fragments to a website or application and track users’ actions on the website, Google Ads: used to display sponsored links in the Google search engine results and on the websites cooperating within the Google AdSense programme,
- Facebook Inc. (registered office address: Facebook Inc., 1601 S. California Ave. Palo Alto, CA 94304, USA) for the Facebook pixel used to track conversions from Facebook ads, optimize them based on collected data and statistics, and build an audience list targeted for future ads.
- Third-party analytics technologies integrated into Administrator services (including SDKs [Software Development Kits] and APIs [Application Program Interfaces]) may combine data collected in connection with your use of Administrator websites with information they have collected separately over time and/or across platforms. Many of these companies collect and use information under their own data protection policies, which can be found on their websites. The Administrator encourages you to review these policies.
§ 4 User Privileges
- The user whose personal data is processed has the right to:
- access, rectification, restriction, erasure or portability – The data subject has the right to request from the Administrator access to his or her personal data, rectification, erasure (“right to be forgotten”) or restriction of processing and has the right to object to processing, and has the right to data portability.
- withdrawal of the consent at any time – the person whose data are processed by the Administrator on the basis of an expressed consent has the right to withdraw the consent at any time without affecting the legality of the processing performed on the basis of the consent before its withdrawal.
iCEA GROUP INTERNATIONAL
19 W 34TH SUITE 1018
NEW YORK, NY 10001
If you have further questions or concerns about this policy, or if you believe that this policy or applicable data protection laws have not been followed, you may submit a complaint to our Privacy Department listed above and the Administrator will respond promptly with information about who will handle the matter and when to expect a further response. The Administrator reserves the right to ask the user for additional information regarding the inquiry or complaint referred, and to keep a record of the inquiry and all actions taken regarding it. In the event that the Administrator’s investigation or any resulting remedies are unsatisfactory, you have the right to make a written complaint to the relevant Privacy Commissioner within Canada (Office of the Privacy Commissioner of Canada: https://www.priv.gc.ca/index_e.asp; Office of the Information and Privacy Commissioner (Alberta): http://www.oipc.ab.ca/pages/home/default.aspx; Office of the Information and Privacy Commissioner (British Columbia): https://www.oipc.bc.ca/; Commission d’accès à l’information du Québec: http://www.cai.gouv.qc.ca/english/);Privacy Commissioner in New Zealand (Office of the Privacy Commissioner for New Zealand: https://www.privacy.org.nz/; tel: 0800 803 909, PO Box 10 094, Wellington 6143, New Zealand, email@example.com);
- objection – The data subject shall have the right to object at any time, on grounds relating to his or her particular situation, to processing of personal data concerning him or her, including profiling pursuant to these provisions. The Administrator shall in that case no longer be permitted to process such personal data unless the Administrator demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or grounds for the establishment, exercise or defence of claims.
- objection to direct marketing – if personal data are processed for the purposes of direct marketing (based on the legitimate interest of the Administrator, not on the basis of the data subject’s consent), the data subject shall have the right to object at any time to the processing of personal data concerning him or her for such marketing, including profiling, to the extent that the processing is related to such direct marketing.
- Exercise of the above rights is based on the request of the user sent to the e-mail address firstname.lastname@example.org. Such a request should contain the name and surname of the user.
- The user ensures that the data provided or published by him in the service is correct.
§ 5 Cookies
- Cookies are understood to be computer data, in particular text files, stored on the end user’s device (usually on the computer’s hard drive or mobile device) used to store certain settings and data by the user’s browser in order to use websites. These files allow for recognition of the user’s device and appropriate display of the website, ensuring comfort during its use. The storage of cookies enables the website and the offer to be tailored to your preferences. The server recognises and remembers your preferences, such as visits, clicks and previous actions.
- Cookies include, in particular, the domain name of the website from which they originate, the time of storage on the terminal device and a unique number used to identify the browser from which you connect to the website.
- Cookies are used for:
- adjusting the content of websites to user preferences and optimize the use of websites,
- creating anonymous statistics, which by helping to determine how a user uses websites allow for improving their structure and content,
- providing website users with advertising content tailored to their interests.
Cookies are not used to identify users and their identity is not determined on their basis.
- The basic division of Cookies is their distinction into:
- Essential cookies – these are absolutely necessary for the proper functioning of the website or the functionality you wish to use, as without them we would not be able to provide many of the services we offer. Some of them also ensure the security of the services we provide electronically.
- Functional cookies – are important for the functioning of the website due to the fact that:
– they serve to enrich the functionality of websites; without them a website will work correctly, but will not be adapted to the user’s preferences,
– they serve to ensure a high level of functionality of the website; without them the level of functionality of the website may decrease, but their absence should not prevent the complete use of the website
– serve the majority of website functionality; their blocking will cause that some functions will not work properly.
- Business cookies – make it possible to implement the business model on the basis of which the website is made available; their blocking will not make the entire functionality unavailable, but may lower the level of service provision due to the website owner’s inability to realise revenues subsidising its operation. Advertising cookies, for example, fall into this category.
- Cookies for website configuration – they allow setting functions and services on websites.
- Cookies for website security and reliability – to verify the authenticity and optimize website performance.
- Authentication cookies – allow you to be notified when you are logged in so that the website can show you relevant information and features.
- Session status cookies – these cookies enable us to record information about how users use a website. They may relate to the most frequently visited pages or possible error messages displayed on some pages. Session state cookies help to improve our services and make browsing more comfortable.
- Cookies for website processes – they allow efficient operation of the website and its functions.
- Ad serving cookies – allow ads to be displayed that are more interesting to users and more valuable to publishers and advertisers; cookies may also be used to personalize advertising, and to display ads outside of websites.
- Location-aware cookies – Allows you to customize the information displayed to your location.
- Cookies for analysis, research or audience auditing – allow the owner of websites to better understand the preferences of their users and through analysis improve and develop products and services. Usually the website owner or research company collects information anonymously and processes data on trends without identifying the personal data of individual users.
- Harmless cookies – includes cookies necessary for the proper functioning of the website and needed to enable the functionality of the website, but their action has nothing to do with tracking the user.
- Research cookies – used to track users, but do not include information that allows (without other data) to identify a specific user.
- Cookies are also used to facilitate logging into a user’s account, including via social media, and to enable switching between subpages on websites without having to log in again on each subpage. At the same time, Cookies are used to secure websites, e.g. to prevent access by unauthorized persons.
- As part of its cookie technology, Administrator may use tracking pixels or clear GIF files to collect information about how users use its services and how they respond to marketing messages sent by email. A pixel is a piece of software code that allows an object, usually a pixel-sized image, to be embedded on a page, which provides the ability to track user behavior on the web pages on which it is deployed. When the appropriate consent is given, the browser automatically establishes a direct connection with the server that stores the pixel, so the processing of data collected by the pixel is done within the framework of the data protection policy of the partner who administers the aforementioned server.
- Administrator may use Internet log files (which contain technical data such as your IP address) to monitor traffic on its services, troubleshoot technical problems, detect and prevent fraud, and enforce the User Agreement.
- The Administrator informs you that the site does not respond to Do Not Track (DNT) signals; however, you may disable certain forms of online tracking, including certain analytics and personalized advertising, by changing the cookie settings in your browser or using our cookie consent tools (if applicable).
- Detailed information on changing the settings for cookies and their independent deletion in the most popular web browsers are available in the help section of your browser and on the following pages (just click on the link):
- Please refer to the user guide for your mobile device for details on how to manage cookies on your cell phone or other mobile device.