Website Privacy Policy

Last updated 17 August 2018

 

Controller of personal data is:

Prizmos Ltd.

e-mail: support@caristaapp.com

 

We, at Prizmos Ltd. take protection of your Personal Data seriously. We are committed to protecting the privacy of any personal information you provide or is being collected in the course of your usage of our website (www.caristaapp.com) and our services.

 

This Privacy Policy explains how we collect, share and use your Personal Data, and how you can exercise your privacy rights. We recommend that you read this Privacy Policy in full to ensure you are fully informed. This Privacy Policy applies to all Personal Data we collect about you, including information we collect on www.caristaapp.com and any other website and information you provide to us with respect to the use of our services or products, or when you request information about our services and products, all of which are referred to collectively as the “Services” and/or “Products”. By using the Services however they are used by you (whether via personal computers, mobile devices or otherwise) you’ll be confirming that you have read and understood and agree to this Privacy Policy.

Prizmos Ltd. collects and processes Personal Data with respect to the lawful execution of its activity upon observing the applicable requirements.

 

I. Key Terms

 

„Personal Data“ – any information that identifies or can be used to identify a person, directly or indirectly, including but not limited to names, date of birth, location data (GPS and IP), email address, physical address, gender, or other demographic information.

 

“Website(s)” – any website(s) we own and operate (such as www.caristaapp.com) or any other we pages, interactive features, applications, widgets, blogs, social networks or other online, mobile or wireless offerings that post a link to this Privacy Policy.

 

„Processing of Personal Data“ – any operation or set of operations which is performed on personal data by automated and other means, including collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure, dissemination, alignment or combination, restriction, erasure or destruction of data.

 

 

II. Personal Data we collect

 

To the extent that applicable data protection laws require special treatment of personally identifiable information, we shall take such measures as are necessary for compliance with these laws.

 

Our Services are not provided for persons aged below 16 and we do not deliberately collect Personal Data of persons below 16 years of age. In case we learn a person aged below 16 has provided Personal Data to us, we shall erase such data immediately.

 

 

Personal data you provide to us

In the course of visiting our Website or using our Services you may provide personal information about you. Personal information is usually, but not exclusively provided to us when you visit our Website, sign up for and use our Services and Products, consult with our customer support team, send us an email, integrate the Services with another website or service, or communicate with us in any other way. This Personal Data may include IP address and other device identifiers, contact information, device or product IDs.

 

Information we collect automatically

When you use our Website, our Services and Products we may automatically collect certain information about your device and usage of the Services. We use cookies and other tracking technologies to collect some of this information. Our use of cookies and other tracking technologies is discussed in detail below. The only data we collect beyond the data you provide to us are your IP address, browser software, operating system and the time and date you visited our Website. When you use our Website we use data from Google’s Interest-based advertising or 3rd party audience data (such as age, gender and interests) with analytical services provided by Google (Google Analytics), we Google Display Network Impression Reporting and we may use Facebook custom audiences for our marketing strategy.

For more information on how Googled Analytics uses your information, please see the page “How Google uses information from sites or apps that use our services”, located at https://policies.google.com/technologies/partner-sites?hl=en . You may opt out of the automated collection of information by third-party ad networks for the purpose of delivering advertisements tailored to your interests, by visiting the consumer opt-out page for the Self-Regulatory Principles for Online Behavioral Advertising at http://www.aboutads.info/choices/ and edit or opt-out your Google Display Network ads’ preferences at http://www.google.com/ads/preferences/ . You can also use the Google Analytics opt-out browser Add-on .

 

Payment Processors

 

We use third-party payment processors to process payments for our Services and Products. We have partnered with Checkout.com to offer safe and secure credit card transactions for our customers whenever you purchase our Services and we have partnered with Shopify.com to host our online store for our Products.

The Checkout.com Gateway manages the complex routing of sensitive customer information through the credit card processing networks. In connection with the processing of such payments we never see, nor store your credit card information. Rather, all such information is provided directly to Checkout.com, whose use of your personal information is governed by their privacy policy.

Checkout Ltd is licensed by the UK Financial Conduct Authority as an authorised payment institution under number 584615, as per listed on the FCA Register. Checkout.com adheres to strict industry standards for payment processing.

Shopify.com provide us with the platform that allow us to sell our Products to you. Your data is stored through Shopify’s data storage, databases and general application. With respect to your purchases we never see, nor store your credit card information or any other data you provide, which are provided to and stored directly to Shopify.com. You may further consult the terms and conditions for usage of Shopify here https://www.shopify.com/legal/terms and their respective privacy policy at https://www.shopify.com/legal/privacy .

 

III. Grounds and purposes for use or process of Personal Data

 

Our primary purpose for the processing of Personal Data is to provide you with the Services and Products you request and for those purposes which we believe will help you optimize your use of the Services. We may process Personal Data on different grounds on which the purposes of processing will vary, including to carry our legitimate interest in the business, to perform a contract or to fulfill a legal obligation. Whenever use and process of Personal Data is based on consent we will identify the purposes of processing such data and will provide you with relevant information.

 

We process Personal Data for the following purposes:

- to provide the information, Services or support you request and related after sale services;

- for analytics and market research to perform or improve our services;

- to send system alert messages;

- to process complaints or customer service inquiries, handling disputes, performing audits;

- to enforce compliance with our Privacy Policy, our Terms of Use and provisions of applicable law;

- to meet legal requirements or defend a legal proceeding;

- to fulfill lawful requests by public authorities;

- to promote our Services and Products including through use of email and social media upon explicit consent for this purpose.

 

We do not use automated decision-making when processing Personal Data.

 

IV. Period for processing of Personal Data

 

Notwithstanding any rights outlined below, we retain Personal Data only as long as is necessary for the purposes set out in this Privacy Notice, or as required by applicable law. At the end of the applicable retention period, we will either securely delete or deidentify your Personal Data, or if deletion or deidentification is not possible, we will securely store your Personal Data separate from any further processing until deletion is possible.

 

 

V. Security of Personal Data

 

In accordance with applicable laws and regulations, we have undertaken appropriate technical and organizational measures to safeguard the security of Personal Data against unauthorized or unlawful access. While no system is completely secure, we believe the measures implemented by Prizmos Ltd reduce our potential vulnerability to a level adequate to the types of data we process.

 

We process and store Personal Data on our servers or on the servers of our third-party service providers in the United States or other countries where we or our service providers do business. This means that when we collect your Personal Data we may process this data in any of these countries, including countries other than the country in which you reside. Regardless of where Personal Data is processed we take steps to ensure that your Personal Data is protected in compliance with applicable data protection law and this Privacy Policy.

We periodically review our information collection, storage and processing practices, including physical security measures. We restrict access to Personal Data to employees and agents who need to know that information in order to process it for us and who are subjects to strict contractual confidentiality obligations.

 

VI. Data Protection Rights

 

You have the following data protection rights, as may be amended from time to time by applicable law:

 

  1. Right to access – you have the right to receive at any time information from Prizmos Ltd for the Personal Data we retain about you, of their source and purpose, as well as you can obtain a copy of the Personal Data retained about you.

  2. Right to correct – you have at any time the right to request the timely correction or update of your Personal Data.

  3. Right to restrict processing – you have the right to request the restriction of the processing of your Personal Data in certain cases. Should you require such restriction, please contact us at support@caristaapp.com.

  4. Right to request deletion (right to be forgotten) – you are entitled to request Prizmos Ltd to delete your Personal Data, when there is no legitimate reason to continue processing the data, as well as when the processing is not in compliance with the applicable law, except in cases where deletion is not possible or a legitimate reason for processing is applicable or a legal obligation is applicable.

  5. Right to request portability – you have the right to request the transfer of your Personal Data to you or to a third party in a structured, commonly used and machine-readable format.

  6. Right to object to processing – you are entitled to object to processing of your Personal Data if you have a legitimate interest or you deem your rights and freedoms are violated. You have the right to object at any time to processing of your Personal Data for the purposes of direct marketing.

  7. Right to withdraw your consent – if we have collected and processed your Personal Data based on your consent, you may withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing conducted prior to your withdrawal, nor will it affect processing of your Personal Data conducted in reliance upon lawful processing grounds other than consent.

  8. Right to complain – you can complain to the national data protection authority at any time about the collection and use of your Personal Data.

 

Exercise of Data Subject Right

Should you desire to exercise your data protection rights you can do so at any time by contacting us via one of the contact options available to you on our contact sheet at the end of this Privacy Policy. We respond to all requests we receive from individuals wishing to exercise their rights within a reasonable time in accordance with applicable law.

 

VII. Third parties, with whom we share Personal Data

 

We only share Personal Data with third parties when there is a good reason to do so.

 

Delivery of the Services

We may share Personal Data with third parties who help deliver our Products and Services. This may include hosting of our web servers, data analysis about the use or our Services and Products, delivery and monitoring of marketing initiatives, providing customer support services. We may provide Personal Data to our affiliates or other trusted business or persons to process that information for us, based on our instructions and in compliance with our Privacy Policy and any other applicable confidentiality and security measures.

Legal obligation or Law enforcement

We may disclose Personal Data to enforce our policies, to comply with our legal obligations or in the interest of security, public interest or in response to requests by law enforcement, regulatory or government authorities in any country where we have entities of affiliates. We may also disclose certain Personal Data in connection with actual or proposed litigation, or to protect our property, security, people and other legitimate rights or interests as allowed by law.

Corporate Organization

In the event of a merger, acquisition, reorganization, bankruptcy or other similar events, Personal Data may be transferred to a third party. Potential purchasers and their advisors may have limited access to corporate data that includes Personal Data as a part of the sale process. In any of these cases the use and processing of Personal Data shall remain subject to this Privacy Policy.

 

VIII. Cookies and tracking technologies

 

We and our partners may use various technologies to collect and store information when you use our Services, including cookies and similar tracking technologies. We use these technologies to personalize your experience when using our Services, for various business analytics to improve our Services, and for our marketing strategy.

 

A cookie is a small text file that is delivered with pages from the Website and which is stored by your browser on the hard drive of your device. Cookies have various functions, such as to store your language preferences. Cookies do not usually contain any information that could personally identify you. You can turn off the use of cookies via the settings on your device. Please note, turning off cookies may result in some functions of the website or application not working properly.

 

IX. Limitation of Privacy Policy

 

Our website may contain links or references to third parties’ websites. We are not responsible for the privacy practices or content of third party sites and services, even if we provide links or references for your convenience. Please read the policies and terms of use for any third party before using the site or services.

 

The services used by third party sites, including social media, may not be secure. Despite reasonable security measures, use of the internet is not secure and unlawful or unauthorized access to private transmissions or data is possible.

 

X. Contacts

 

If you have any question about our use of Personal Data, please contact us:

e-mail: support@caristaapp.com

Struma 2B, unit 14, Sofia 1202, Bulgaria

 

This Privacy Policy was last updated on the date listed at the top of the page and applies from that date. We may occasionally update this policy and will announce it on our website. If any changes are material or apply to information we have already collected, we may provide additional notice and/or request additional consent as appropriate.