Our Commitment to Privacy
Your privacy is important to us. To better protect
your privacy we provide this notice explaining our online information practices
and the choices you can make about the way your information is collected and used.
To make this notice easy to find, we make it available on our homepage and many
pages of our websites.
The Data We Collect
In order to provide services to
you, we may collect the following types of information:
Information you provide - For example, when you sign-up
for an account, write reviews, contact us, or use other services on the website
that requires input, we will store and save the information you provide. This
information may include personally identifiable information such as your name,
postal address, email address, etc. (“
Personal Data”).
Cookies - When you use access files on
the website, one or more cookies will be sent and stored on your computer.
These cookies are used to save certain preferences on the website and identify you
on future visits. You can choose to limit the storage of cookies on your
computer when accessing the website. Limiting or prohibiting cookies from being
stored on your computer may however affect the usability of the website
services.
Log information - All information sent by your
web browser and computer when you visit the website may be stored by our
servers. This information may include your IP address, browser type, URL
accessed, cookie information, the date and time of your request, and other information
that may uniquely identify you and may also be considered as part of your
Personal Data.
You are responsible for ensuring
the accuracy of your Personal Data you submit to us. Inaccurate information
will affect the information you receive when we provide you services and our
ability to contact you as contemplated in this Privacy Policy as well as to
provide you the services at the best manner possible.
In
addition, please note that this Privacy Policy does not cover the following
information as it cannot be considered as Personal Data:
- Information relating to
a legal entity (e.g. corporate information, contact details, accounting
information, etc.);
- Anonymized data, namely
information which does not relate to an identified or identifiable natural
person or to Personal Data rendered anonymous in such a manner that the data
subject is not or no longer identifiable.
Use of Personal Data
We
use the Personal Data we collects from or about you to make the services
available to you, to conduct statistical analysis, provide customer support, to
undertake necessary security and identify verification checks, to meet certain
business requirements and for any other purpose related to the operation of the
services we provide you.
Your
Personal Data may also be used by us to provide you with promotional offers and
information regarding products and services from third parties, and in order
for us to improve the services and/or customer service. We may also use the
Information to track your use of the services and/or for other internal
purposes, such as evaluating, providing, and improving the services.
We
collects the Personal Data, solely for the use of our clients and the
administration of the websites and Facebook enabled apps. We limits access to
all Personal Data gathered within our organization and Personal Data is never
shared outside of Camilyo, only in accordance to this Privacy Policy as further
specified below.
We may
contact you in connection with the websites and Facebook apps you engaged with
and use your Personal Data collected from past engagements when you access or
utilize Camilyo applications in the future. You may also grant Camilyo permissions within Facebook applications that allow
Facebook to share your activity within Facebook applications on the Facebook
platform and post on your behalf. You may request that your Personal Data be
deleted from Camilyo systems at any time by sending your request to
support@camilyo.com.
Camilyo
will process Personal Data as above-mentioned and only in accordance to the
provisions of this Privacy Policy. Camilyo personnel are obligated to maintain
the security, and secrecy of any Personal Data as provided in this Privacy
Policy and this obligation continues even after their engagements end.
Personal Data Sharing
and Transferring
We
do not give, sell, transfer or otherwise share any Personal Data to, or with,
any third party without first advising our affected customers of this activity,
except for the cases listed in this Privacy Policy.
Sharing
of Personal Data may occur (i) if you have requested and/or agreed that the
Personal Data will be provided to third parties; or (ii) if the disclosure is
required by law; or (iii) if it is transferred for the performance of a
contract between you and Camilyo; or (iv) the transfer is necessary in order to
protect the vital interests of the data subject; or (v) the transfer is
necessary or legally required on important public interest grounds, or for the
establishment, exercise, or defense of legal claims; or(vi) if the transfer is for
the purposes of the legitimate interests pursued by Camilyo or by the relevant
third party.
The
information collected about you may be shared with third parties to facilitate
the serving of advertising on the website and to improve our service as part of
compliance with contractual duties between us.
Some
of these advertisers (such as Google through the Google AdSense program) may
use technology such as cookies and web beacons and may collect additional
information about you. Camilyo provides applications that contain entry forms
that collect information about you on behalf of other third-parties. Camilyo
makes this information available to the third-parties that have created the
campaign running on Camilyo's servers. This information can include any information
you provide along with other Personal Data that we collect and that is
accessible through permissions you grant to our applications on the Facebook,
Twitter, and other platforms.
In
addition, we may disclose your Information if we believe in good faith that
such action is necessary to comply with applicable legislation, a current
judicial proceeding, a court order or legal process, or to protect and defend
Camilyo's rights or property, the personal safety of other users of the website
or the public at large. We reserves the right to share the Personal Data with
appropriate authorities and financial institutions, if we determines in our
sole discretion that you attempted to defraud Camilyo, or if we suspects you
are committing any fraudulent activity, or any other prohibited transaction, or
if you breach the Terms of Use.
In
the event that Camilyo sells, assigns or transfers some or all of its business
or assets to a successor or acquirer, or if Camilyo is acquired by or merges
with a third party, or if Camilyo files for bankruptcy or becomes insolvent,
Camilyo may disclose, sell, assign or transfer all of your Personal Data as
part of the transaction.
Our Commitment to Data
Security
To
prevent unauthorized access, maintain data accuracy, and ensure the correct use
of Personal Data, we have put in place physical, electronic, and managerial
procedures to safeguard and secure the information we collect online. However, we cannot guarantee the security of your data,
which may be compromised by unauthorized entry or use of the Website.
We
implemented and will maintain and follow appropriate technical and
organizational measures intended to protect information that we collect against
accidental, unauthorized or unlawful access, disclosure, alteration, loss, or
destruction.
Security Incident
Notification
If
we become aware of any unlawful access to any information we stored, or
unauthorized access to it, resulting in loss, disclosure, or alteration of the
information, we will promptly (1) notify you of this security incident;
(2) investigate this security incident and provide you with detailed
information about the security incident; and (3) take reasonable steps to
mitigate the effects and to minimize any damage resulting from the security
incident.
Notification(s)
of those security incidents will be delivered to one or more of your administrators
by any means we selects, including via email. It is your sole responsibility to
ensure your administrators maintain accurate contact information on the services
portal. Our obligation to report or respond to such security incident is not an
acknowledgement by us of any fault or liability with respect to a security incident.
You must
notify us promptly about any possible misuse of your accounts or authentication
credentials or any security incident related to the services that we providing
to you.
Our Commitment to
Children's Privacy
Protecting
the privacy of the very young is especially important. For that reason, our
services are not directed towards and may not be used by persons under 16, and
no part of our website is structured to attract anyone under 16.
Advertising/Retargeting
This
site uses Google Analytics for Display Advertising. We use Remarketing with
Google Analytics to advertise online. Third-party vendors, including Google,
show our ads on sites across the Internet. This site and third-party vendors,
including Google, use first-party cookies (such as the Google Analytics cookie)
and third-party cookies (such as the DoubleClick cookie) together to inform,
optimize, and serve ads based on someone's past visits to this website.
Visitors can opt-out of Google Analytics for Display Advertising and customize
Google Display Network ads using the Google Ads Preferences Manager.
Links to Other Sites
Our
website may contain links to other sites. Other sites may also reference or
link to our website. We are not responsible for the privacy practices or the content
of such other online sites, and any information collected by these third party
online sites is not governed by this Privacy Policy, and we assume no
responsibility or liability whatsoever for the policies (including privacy
policies), practices, actions or omissions of such third parties.
Retention and Deletion
of Your Information
We
may retain your information for as long as needed to provide you with the
services and the uses described in this Privacy Policy. This often means that
we will keep information for the duration of your account. Please note,
however, that where applicable legislation requires us to do so, it may be
required to keep records of your Information even after such termination.
How You Can Access or
Correct Your Information
Registered
users can access and maintain much of their personally identifiable information
that we collect online using the account management section of the website.
Information that is not accessible online can be modified or deleted by sending
us a request using the contact procedure in this policy. To protect your
privacy and security, we will also take reasonable steps to verify your
identity before granting access or making corrections.
We
provide registered users with the ability to correct, delete, or block their
data, or make such corrections, deletions, or blockages on their behalf.
Additional European Terms
These
Additional European Terms apply only if you resides in the European Union (“
EU”).
The
provisions of this Additional European Terms section of the Privacy Policy are
in addition to all other provisions in this Privacy Policy in which Camilyo is
bound.
For this section, below are important definitions:
- " GDPR" means the European
Union General Data Protection Regulation.
- “ Personal Data” means any information
relating to an identified or identifiable natural person. An identifiable natural person is one who can
be identified, directly or indirectly, in particular by reference to an
identifier such as a name, an identification number, location data, an online
identifier or to one or more factors specific to the physical, physiological,
genetic, mental, economic, cultural or social identity of that natural person.
For
the services provided by Camilyo, Camilyo is a data processor acting on your
behalf. As data processor, Camilyo will only act upon your instructions.
The
duration of data processing shall be for the term designated under an agreement
(which refers to this Privacy Policy) between you and Camilyo. The objective of
the data processing is the performance of the services and as specified above
in the “Use of Information” section above.
The
scope and purpose of processing your data, including any Personal Data is
described in this Privacy Policy.
This
section do not limit or reduce any data protection commitments Camilyo makes to
you in a services agreement between you and Camilyo and in this Privacy Policy.
Camilyo shall
not engage another processor without your prior specific or general written
authorization. In the case of general written authorization, Camilyo shall
inform you of any intended changes concerning the addition or replacement of
other processors, thereby giving Customer the opportunity to object to such
changes.
Processing by Camilyo shall be governed by the
GDPR terms under the EU and are binding on Camilyo with regard to you. The
subject matter and duration of the processing, the nature and purpose of the
processing, the type of Personal Data, the categories of data subjects and your
rights are set forth in your agreement, including these GDPR terms. In particular, Camilyo shall:
(a) process
the Personal Data only on documented instructions from you (if you are
“Controller” according to the GDPR), including with regard to transfers of
Personal Data to a third country or an international organization, unless
required to do so by Union law to which Camilyo is subject; in such a case,
Camilyo shall inform you of that legal requirement before processing, unless
that law prohibits such information on important grounds of public
interest;
(b) ensure that persons authorized to
process the Personal Data have committed themselves to confidentiality or are
under an appropriate statutory obligation of confidentiality;
(c) take
all measures required pursuant to Article 32 of the GDPR;
(d) ensure compliance with the obligations
pursuant to Articles 32 to 36 of the GDPR, taking into account the nature of
processing and the information available to Camilyo;
(g) at your choice, delete or return all
the Personal Data to you after the end of the provision of services relating to
processing, and delete existing copies unless Union law requires storage of the
Personal Data;
(h) make available to you all information
necessary to demonstrate compliance with the obligations laid down in Article 28
of the GDPR.
Camilyo shall immediately inform you if, in
its opinion, an instruction infringes the GDPR or other Union or Member State
data protection provisions.
Taking into account the state of the art, the
costs of implementation and the nature, scope, context and purposes of
processing as well as the risk of varying likelihood and severity for the
rights and freedoms of natural persons, Camilyo shall implement appropriate
technical and organizational measures to ensure a level of security appropriate
to the risk, including inter alia as appropriate:
(a) the
pseudonymisation and encryption of Personal Data;
(b) the ability to
ensure the ongoing confidentiality, integrity, availability and resilience of
processing systems and services;
(c) the ability to
restore the availability and access to Personal Data in a timely manner in the
event of a physical or technical incident; and
(d) a process for
regularly testing, assessing and evaluating the effectiveness of technical and
organizational measures for ensuring the security of the processing.
In assessing the appropriate level of
security, account shall be taken of the risks that are presented by processing,
in particular from accidental or unlawful destruction, loss, alteration,
unauthorized disclosure of, or access to Personal Data transmitted, stored or
otherwise processed.
Camilyo shall take steps to ensure that any
natural person acting under the authority of Camilyo who has access to Personal
Data does not process them except on instructions from Camilyo, unless he or
she is required to do so by Union law.
Camilyo shall notify you without undue delay
after becoming aware of a personal data breach.
Lawful
Bases for Processing
We will only collect and process Personal Data
about you where we have one of the following 6 lawful bases:
Consent (where you have given consent),
contract (where processing is necessary for the performance of a contract with you (e.g.
to deliver the services you have requested),
legal obligation (to comply
with a common law or statutory obligation),
vital interest (to protect
someone’s life),
public task (to perform a specific task in the public
interest that is set out in law) and for
legitimate interests.
Where we rely
on your consent to process Personal Data, you have the right to withdraw or
decline your consent at any time and where we rely on legitimate interests, you
have the right to object. If you have any questions about the lawful bases upon
which we collect and use your Personal Data, please contact us (contact
information provided below).
Transfer
of Personal Data to Third Countries
We may
transfer your Personal Data to third parties located at destinations outside
the European Economic Area. The data protection and privacy laws of the
jurisdictions to which the Personal Data will be transferred may not be as
comprehensive as those in the European Union (if applicable to you); in which
case New Stream will take measures to ensure a similar level of protection is
provided to your Personal Data according to one of the following safeguards:
(a)
Personal Data is transferred to countries that the
European Commission has identified as the countries ensuring an adequate level
of protection of Personal Data;
(b)
In the case of recipients based in the United States
of America, we may transfer Personal Data if recipients participate in the Privacy
Shield programme, which aims at ensuring the same level of protection of Personal
Data as that applicable in Europe;
(c)
We apply relevant standard contractual clauses
approved by the European Commission or we rely on binding corporate rules which
guarantee the security of your data.
Your Rights
In certain
circumstances, you have rights in relation to the Personal Data we process
about you. The table below sets out an outline of those rights and how to
exercise them:
Please note
that Camilyo will require you to verify your identity before responding to any
requests to exercise your rights. To exercise any of your rights, please email
info@camilyo.com. Please note
that for each of the rights below, Camilyo may have valid legal reasons to
refuse your request, in such instances we will let you know if that is the
case.
Right
|
Content
|
Access
|
You have the right to know whether we processes Personal Data about you, and if we do, to access Personal Data we hold about you and certain information about how we uses it and who we shares it with. You can request a copy of these Personal Data.
|
Portability
|
You have the right to receive a subset of the
Personal Data you provide us in a structured, commonly used and machine-readable format and a
right to request that we transfers such Personal Data to another party if we process it on the bases of (i) Camilyo’s contract with you or (ii) with your consent and
when the processing is carried out by automated means.
|
Correction
|
If you believe that the Personal Data we holds about you are inaccurate or incomplete, you
have the right to request its correction or modification.
|
Erasure
|
You may request that we erase the Personal Data we hold about you in the following circumstances: (i)
where you believe it is no longer necessary for us to hold the Personal Data, (ii) we process it on the basis of your consent and you wish
to withdraw your consent, (iii) we process your Personal Data on the basis of Camilyo’s legitimate interest and you object to such processing, (iv) you no longer wish us to use your Personal Data to send you marketing or
(v) you believe Camilyo is unlawfully processing your Personal Data.
|
Restriction
of Processing
|
You have a right to require us to restrict of processing the Personal Data we hold about you in the following circumstances: (i) if you dispute the
accuracy of your Personal Data, (ii) if the processing is unlawful and you object to its
deletion, (iii) if you believe that we are no
longer need your Personal Data but that it is still necessary for you to
establish, exercise or defend your legal rights or, (iv) if you have objected
to Camilyo processing Personal Data we hold about you.
|
Objection
|
You have the right to object to the processing of the Personal Data we hold about you and we will consider your request. Please provide us with detail as to your reasoning so that we can assess whether there is a compelling overriding
interest in Camilyo continuing to process such Personal Data or we need to process it in relation to legal claims.
|
Your Acceptance of
this Policy
By signing up for an account or by continue browsing Camilyo’s
website, you agree to this Privacy Policy, and to any changes we may make to
this Privacy Policy from time to time – without the need to notify you about
such changes.
Changes to This
Privacy Policy
We reserve the right to alter the privacy policy at any time. We
will post any changes to the privacy policy on this page. It is recommended
that you revisit this Privacy Policy regularly so as to be kept apprised of the
updated Privacy Policy. Your continued use of the services following changes to
this Privacy Policy means you accept these changes. If you do not agree to the
altered privacy policy, you may stop using the services.
Last updated and effective as of May 16, 2019.
How To Contact Us
Should you have other questions
or concerns about these privacy policies and if you believe that we are not
adhering to our privacy or security commitments, please send us an email at
info@camilyo.com.
Last Updated: May 16, 2019