This Policy will explain what information we collect from persons who access the Services (“users”, “you”), why we collect it, and how we use it. Additionally, this Policy explains the choices we offer, including how to access and update your information.
If you have any questions about this Policy, please contact us at firstname.lastname@example.org.
By using the Services, you are consenting to this Policy and the processing of your data, including your personal information, in the manner provided in this Policy. If you do not agree with these terms, please do not use the Services.
1. INFORMATION WE COLLECT
We may collect information about the Services you use and how you use them, such as the selections you make on our Services. We collect PII, DII, as each is defined below, and log information about your interactions as described below.
Personally identifiable information (PII) is information that can be used to identify or contact you online or offline, such as your name, address, email, phone number, photos or audio data, and payment information, or data that is linked to such identifiers. The Services may collect PII when it is provided to us, such as when you use our Services, attempt to contact us, submit an inquiry, request to become a member, or connect with us on social media or one of our partners.
We may also create or collect device-identifiable information (DII), such as cookies, unique device and advertising identifiers, statistical identifiers, usernames, and similar identifiers that are linkable to a browser or device. From these platforms, we may also receive other information, such as your IP address, user agent, timestamps, precise and imprecise geolocation, sensor data, apps, fonts, battery life information, and screen size.
Our Services also collect information about your interactions, including navigation paths, search queries, crashes, timestamps, purchases, clicks and shares, and referral URLs. We may combine this data with PII and DII. For efficiency’s sake, information about your interactions may be transmitted to our servers while you are not using the app. We may also partner with third parties that collect additional information – please see their privacy policies for more details and see below for your choices regarding these parties.
1.1 Categories of Information We Collect:
2. HOW WE USE INFORMATION WE COLLECT
We use the information we collect from all of our Services to provide, maintain, protect and improve our Services, to develop new Services and offerings and to protect us and our users.
When you contact us, we may keep a record of your communication as well as the other information in this Policy to help solve any issues you might be facing. We may use your email address to inform you about our services, such as letting you know about upcoming changes or improvements.
PII is primarily used for business purposes, such as for sending you occasional newsletters and updates, hiring, responding to inquiries, logins, and providing Services. When you contact us, we may keep a record of your communication as well as the other information to help solve any issues you might be facing. We may use your email address to inform you about our Services, such as letting you know about changes or improvements. Please keep in mind that comments sections, forums, and other similar areas of our Services are public. Any information posted in those areas is viewable and usable by anyone that has access. We also use your PII for the following legitimate interests or business purposes:
A. To meet the reason for which the PII was provided.
B. To provide you with information or services you request from us.
C. To improve our website and performance of the contents therein.
D. To resolve disputes.
E. Preventing potentially fraudulent, prohibited, or illegal activities.
F. Enforcing the Terms of Service.
G. Performing other duties as required by law.
3. INFORMATION WE SHARE
We do not share PII or DII with third-party companies, organizations, or individuals unless one of the following circumstances apply:
A. With your consent
We will share PII and other data with companies, outside organizations or individuals if we have your consent to do so. If you enroll in the EBA Directory, as defined below, we will share any personal information, including PII, you provide us as part of that activity with fellow EBA members who also enroll in the EBA Directory.
B. For external processing
We share PII with our affiliates or other trusted businesses or persons to process it for us, in accordance with the purposes set forth above and based on our instructions and in compliance with our Policy and any other appropriate confidentiality and security measures.
C. For legal reasons
We will share PII with companies, outside organizations or individuals if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to meet any applicable law, regulation, legal process or enforceable governmental request, detect, prevent, or otherwise address fraud, security or technical issues or protect against harm to the rights, property or safety of our users or the public as required or permitted by law.
D. In case of a sale or asset transfer
If we become involved in a merger, acquisition or other transaction involving the sale of some or all of our assets, user information, including PII collected from you through your use of our Services, could be included in the transferred assets. Should such an event occur, we will use reasonable means to notify you, either through email and/or a prominent notice on the Services.
E. In aggregated form for business purposes
We may share aggregated, non-personally identifiable information publicly and with our partners such as businesses we have a relationship with, advertisers or connected sites. For example, we may share information to show trends about the general use of our services.
In the past 12 months, we have shared the following categories of PII:
· Category 1: Identifiers
· Category 2: Personal Information as defined by California Civil Code §1798.80(e)
· Category 3: Commercial Information
4. EBA MEMBERSHIP DIRECTORY
If you “opt- in” to the EBA Membership Directory (the “EBA Directory”) you acknowledge and agree that any PII you provide as part of that process may be shared with other EBA Members. You may opt-out of the EBA Directory and consequently have your PII removed from the EBA Directory at any time by emailing email@example.com.
5. THIRD PARTY OPERATORS AND SERVICES
Our Policy does not apply to services offered by other companies or individuals, including products or websites that may be displayed to you on the Services. The Services may contain links to other websites are not controlled by us, and we do not endorse or make any representations about third-party websites. We also do not control the privacy policies and your privacy settings on third-party websites, including social networks. Visiting these other websites or applications is at your own risk.
6. INFORMATION SECURITY
We work hard to protect our users from unauthorized access to or unauthorized alteration, disclosure or destruction of information. Unfortunately, no website or storage system is entirely secure, and as such we can make no guarantee for the safety of your information stored in association with the Services. We do not accept liability for unintentional disclosure, and you should take appropriate measures to protect your information.
By using the Services, you agree that we may communicate with you electronically regarding security, privacy, and administrative issues relating to your use of the Services. If we learn of a security system’s breach, we may attempt to notify you electronically by posting a notice on the Services or sending an email to you.
We regularly review our compliance with our Policy. When we receive formal written complaints, we will contact the person who made the complaint to follow up.
We do not knowingly collect, maintain, or use information from children under 13 (and in certain jurisdictions under the age of 16) years of age, and no Services are directed to children under the age of 13 (and in certain jurisdictions under the age of 16). If you are the parent of a child under the age of 13 and have a concern regarding your child’s information on our Services, please contact us at firstname.lastname@example.org. If we learn that we have collected any information from children under 13 (and in certain jurisdictions under the age of 16), we will promptly take steps to delete such information.
9. LOCATION OF SERVICES
Our Services are hosted in the United States. If you are outside of the United States, your information, including PII, will be processed and stored in the United States and you are consenting to such processing and storage.
10. INFORMATION FOR OUR MEMBERS LOCATED IN THE EEC
If you are located in the European Economic Community (EEC), the following applies to you:
10.1 Legal Basis for Data Processing
Many types of data we process qualify for multiple legal bases for processing under the General Data Protection Regulation (GDPR). Below is the primary legal basis for each type of data that we process:
We have a legitimate interest in storing users’ purchase history for the purpose of providing users help in fixing purchase and payment issues.
We have a legitimate interest in periodic email and direct marketing, including newsletters, to inform registered users of updates and offers. We make clear disclosures when users sign up and offer opt outs for anyone not interested.
It is contractually necessary to process your name, email, password, credit card number, address, IP address, and similar information to fulfill our obligations in the terms of service to provide you with Services.
Our European members have the right to access their data, rectify mistakes, erase their data, restrict or object to certain processing (i.e., opt-out), move their data, withdraw consent, and lodge a complaint with a supervisory authority.
If you wish to exercise any of the above rights with regard to the above-reference PII, please reach out to us at email@example.com. We may ask you to verify your identity before we can act on your request. You must provide us with sufficient information to verify your identity, however we will only use any PII provided in a verifiable consumer request to verify the requestor’s identity. Making a verifiable consumer request does not require that you create an account with us.
In some cases, we may have to keep that information for legitimate business or legal purposes and therefore will deny your request to delete the information.
11. DATA RETENTION.
PII that we process for any purpose, as outlined herein, will not be kept for longer than necessary to accomplish that purpose or purposes. Notwithstanding the foregoing, we may retain your PII where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
Like many other companies, we do not honor DNT flags but instead offer other choices with respect to third-parties. Many third-parties participate in self-regulation to offer you a choice regarding receiving targeted ads. Please note that you’ll still see generic ads after opting out, but they won’t be based on your activities online. On the web, you can opt out of participating companies by visiting the following sites:
If you wish to similarly opt out of cross-app advertising on mobile devices, you can enable the Limit Ad Tracking flag on the device. Enabling Limit Ad Tracking sends a flag to third-parties that you wish to opt out of targeted advertising on that device, and major mobile platforms require companies to honor this flag. Screenshots on how to find these options on various devices are available here: http://www.networkadvertising.org/mobile-choices. To learn how to opt out on other devices, please visit the platform’s privacy policies for more information.
13. CHANGES TO POLICY