Last updated: 29 August 2020
This Policy applies where we are acting as a Controller with respect to the Personal Data of our Website users; in other words, where we determine the purposes and means of the processing of that Personal Data.
In this Policy, “we”, “us” and “our” refer to our Website administrator users.
1. Personal Data that we collect & process
In this Section the following are set out: the general categories of Personal Data that we may process; the source and specific categories of that Personal Data; the purposes for which we may process Personal Data; and the legal bases of the processing.
- We may process data about your use of our Website ("Usage Data"). The Usage Data may include your geographical location, browser type and version, operating system, referral source, length of visit, page views and navigation paths, as well as information about the timing, frequency and pattern of your service use. The source of the Usage Data is our analytics tracking system, Google Analytics that is added in our Website. This data is anonymous and we cannot link activity to a specific person. The Usage Data may be processed for the purposes of analysing the use of our Website. The legal basis for this processing is your consent (for EU & UK based users).
- We may process data about social sharing of pages from our Website ("Social Sharing Data"). The Social Sharing Data is generated when you share our content via the AddToAny widget that is added in our Website and may include the date that the social share took place, the social network through which the content was shared, the URL that was shared, in combination with Usage Data. The source of the Social Sharing Data is our analytics tracking system, Google Analytics. This data is anonymous and we cannot link activity to a specific person. The Social Sharing Data may be processed for the purposes of analysing the content shared by users via social networks and external platforms. The legal basis for this processing is your consent (for EU & UK based users).
- The use of any of the AddToAny buttons involves the exchange of information with the social networks and external platforms (such as Facebook, Twitter, Viber, etc) that you choose for sharing our content. We have no control over the Personal Data being shared within these networks and platforms. It is your responsibility to ensure that any sharing networks and platforms available through AddToAny meet any Data Protection requirements.
- We may process data about your acceptance of cookies used in our Website ("Consent Data"). The Consent Data is generated when you submit a consent from our Website and may include your IP number in anonymized form, the date and time of the consent, the user agent of your browser, the URL from which the consent was submitted, your consent state, as well as an anonymous, random and encrypted key value. The source of the Consent Data is our tracking consent system, Cookiebot that is added in our Website. This data is anonymous and we cannot link activity to a specific person. The Consent Data may be processed for the purposes of storing / not storing cookies from our Website in your device and consent logging. The legal basis for this processing is your consent (for EU & UK based users).
- We may process data provided in the course of interaction of the Website with our servers ("Log Data"). The Log Data may include your IP address, timestamp and url of the request to our servers, as well as any errors that may occur. The source of the Log Data is our servers. This data is securely stored in our servers, and IP addresses are anonymized through data minimization. This data is anonymous and we cannot link it to a specific person. The Log Data may be processed for the purposes of providing our Website, ensuring the security of our Website, and solving errors in our Website. The legal basis for this processing is our legitimate interests, namely the proper administration and operation of our Website.
- Exception: IP addresses will not be anonymized if and/or when used to monitor the security of our network and systems and the security of our Website offered via our network and systems, and to prevent any action that may compromise the availability of our Website. The legal basis for this processing is our legitimate interests, namely the security and availability of our Website.
- We may process information contained in or relating to any communication that you send to us ("Correspondence Data") through email. The Correspondence Data will include the communication content and metadata associated with the communication. The Correspondence Data may be processed for the purposes of communicating with you, replying to your submitted query, providing support and record-keeping. The legal basis for this processing is our legitimate interests, namely the proper administration of our Website and communications with our Website’ users.
We may process any of your Personal Data identified in this Policy where necessary for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure. The legal basis for this processing is our legitimate interests, namely the protection and assertion of our legal rights, your legal rights and the legal rights of others. In addition, we may also process any of your Personal Data where such processing is necessary for compliance with a legal obligation to which we are subject, or in order to protect ours or your vital interests or the vital interests of another natural person.
Please do not supply any other person's Personal Data to us, unless we prompt you to do so.
2. Providing Personal Data to others
We do not sell your Personal Data. We may share and disclose your information to third parties in the following circumstances:
- We may disclose your Personal Data where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect ours or your vital interests or the vital interests of another natural person. We may also disclose your Personal Data where such disclosure is necessary for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.
- Lastly, we may share your personal information in case there is a change in the ownership of the Website. In this case, you will be notified by a notification in our Website.
3. International transfers of your Personal Data
In this Section, we provide information about the circumstances in which your Personal Data may be transferred to countries outside the EEA.
Some of our service providers are situated in countries outside the EEA, including the United States of America. The European Commission has made an "adequacy decision” with respect to the Data Protection Laws of the USA. Transfers to the United States of America will be protected by appropriate safeguards, namely the use of standard data protection clauses adopted or approved by the European Commission, a copy of which you can obtain from: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en
Also, our service providers, that are located in the United States of America, participate, comply and are certified to the EU-US and Swiss-US Privacy Shield Frameworks:
4. Retaining & Deleting Personal Data
This Section sets out the Data Retention policies, which are designed to help ensure that we comply with our legal obligations in relation to the retention and deletion of Personal Data.
Personal Data that we process for any purpose or purposes will be retained as follows:
- Usage and Social Sharing Data will be retained for a period of 14 months.
- Consent Data will be retained for a period of 12 months.
- Log Data will be retained for a period of 90 days.
- Correspondence Data, will be retained for a minimum period of 1 month following the date that you contacted us, and for a maximum period of 2 years following the date that you contacted us.
Notwithstanding the other provisions of this Section, we may retain your Personal Data where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect ours or your vital interests or the vital interests of another natural person.
We use a variety of technologies (such as data transmission through SSL, data encryption and anonymization and 24/7 monitoring of our Website) to ensure an appropriate level of security for protecting Personal Data from unauthorized access, use or disclosure. However, please keep in mind that the Internet cannot be guaranteed to be 100% secure.
In the case of a Personal Data Breach, the Controller shall without undue delay notify the Personal Data Breach to our Supervisory Authority, unless the Personal Data Breach is unlikely to result in a risk to the rights and freedoms of natural persons.
6. Your rights
In this Section, we have listed the rights that you have under Data Protection Laws. Your principal rights under the Data Protection Laws are:
- the right to access - ask for a copy of your Personal Data;
- the right to rectification - you can ask to rectify inaccurate Personal Data and to complete incomplete Personal Data;
- the right to erasure - you can ask to erase your Personal Data;
- the right to restrict processing - you can ask to restrict the processing of your Personal Data;
- the right to object to processing - you can object to the processing of your Personal Data;
- the right to data portability - you can ask that your Personal Data is transferred to another organisation or to you; and
- the right to withdraw consent - to the extent that the legal basis of the processing of your Personal Data is consent, you can withdraw that consent.
EU individuals also have the right to complain to a Supervisory Authority.
These rights are subject to certain limitations and exceptions. You can learn more by clicking here.
If you wish to exercise any of your rights in relation to your Personal Data, please contact us.
Note for California residents: Under the California Consumer Privacy Act ("CCPA"), California residents have the right to know what personal information about them is collected, request deletion of their Personal Data, opt-out of the sale of their Personal Data, and not be discriminated against if they choose to exercise any of these rights. AskBeat Website does not sell and does not process any personal information for any commercial purpose other than operating the Website. We will not discriminate against you for exercising any of your CCPA rights.
7. Children’s privacy
AskBeat Website is not intended for anyone under 18 years of age ("Children"). We do not knowingly collect any personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you believe that your Children have provided us with Personal Data, please contact us asap.
8. About cookies
Third party cookies may be stored by your web browser when you visit our Website for the following purposes:
- Analysis: We use Google Analytics. Google Analytics gathers information about the use of our Website by means of cookies. The information gathered is used to create reports about the use of our Website;
- Social sharing: We use AddToAny. AddtoAny widget creates cookies in order to properly provide the social sharing functionality on our website. By design, AddToAny does not store Personal Data; and
Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain up-to-date information about blocking and deleting cookies via these links:
Blocking all cookies will have a negative impact upon the usability of many websites.
We may update this Policy from time to time, in order to reflect, for example, changes to our practices or for other operational, legal or regulatory reasons. We will publish a new version here, mentioning the "Last update date", which is also the effective date of this Policy.
We will notify you of significant changes to this Policy by using a banner on the homepage of AskBeat Website Website and notification in our Website.
If a provision of this Policy is determined by any court or other competent authority to be invalid, unlawful and/or unenforceable, the other provisions will continue in effect. If any invalid and/or unlawful and/or unenforceable provision of this Policy would be valid, lawful or enforceable if part of it were deleted, that part will be deemed to be deleted, and the rest of the provision will continue in effect.
This document was created using a template from SEQ Legal.
If you have any questions or concerns about this Policy, please feel free to email us at firstname.lastname@example.org.
Appendix - Definitions
- "Controller" means an entity, which determines the purposes and means of the processing of Personal Data;
- "Data Protection Laws" means EU Data Protection Laws and, to the extent applicable, the data protection or privacy laws of any other country;
- "EEA" means European Economic Area and includes the European Union member states and the UK, Iceland, Liechtenstein, and Norway;
- "EU Data Protection Laws" means EU Directive 95/46/EC, as transposed into domestic legislation of each Member State and as amended, replaced or superseded from time to time, including by the GDPR and laws implementing or supplementing the GDPR;
- "GDPR" means EU General Data Protection Regulation 2016/679;
- "Personal Data" means any information relating to an identified or identifiable natural person, as long as this information falls within the Data Protection Laws;
- "Personal Data Breach" means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed;
- "Processor" means an entity that processes Personal Data on behalf of Controller;
- "Supervisory Authority means an independent public authority which is