Last updated 17 August 2018
Controller of personal data is:
We, at Prizmos Ltd. take protection of your Personal Data seriously. We are committed to protecting the privacy of any personal information you provide or is being collected in the course of your usage of our website (www.caristaapp.com) and our services.
Prizmos Ltd. collects and processes Personal Data with respect to the lawful execution of its activity upon observing the applicable requirements.
I. Key Terms
„Personal Data“ – any information that identifies or can be used to identify a person, directly or indirectly, including but not limited to names, date of birth, location data (GPS and IP), email address, physical address, gender, or other demographic information.
„Processing of Personal Data“ – any operation or set of operations which is performed on personal data by automated and other means, including collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure, dissemination, alignment or combination, restriction, erasure or destruction of data.
II. Personal Data we collect
To the extent that applicable data protection laws require special treatment of personally identifiable information, we shall take such measures as are necessary for compliance with these laws.
Our Services are not provided for persons aged below 16 and we do not deliberately collect Personal Data of persons below 16 years of age. In case we learn a person aged below 16 has provided Personal Data to us, we shall erase such data immediately.
Personal data you provide to us
In the course of visiting our Website or using our Services you may provide personal information about you. Personal information is usually, but not exclusively provided to us when you visit our Website, sign up for and use our Services and Products, consult with our customer support team, send us an email, integrate the Services with another website or service, or communicate with us in any other way. This Personal Data may include IP address and other device identifiers, contact information, device or product IDs.
Information we collect automatically
For more information on how Googled Analytics uses your information, please see the page “How Google uses information from sites or apps that use our services”, located at https://policies.google.com/technologies/partner-sites?hl=en . You may opt out of the automated collection of information by third-party ad networks for the purpose of delivering advertisements tailored to your interests, by visiting the consumer opt-out page for the Self-Regulatory Principles for Online Behavioral Advertising at http://www.aboutads.info/choices/ and edit or opt-out your Google Display Network ads’ preferences at http://www.google.com/ads/preferences/ . You can also use the Google Analytics opt-out browser Add-on .
We use third-party payment processors to process payments for our Services and Products. We have partnered with Checkout.com to offer safe and secure credit card transactions for our customers whenever you purchase our Services and we have partnered with Shopify.com to host our online store for our Products.
Checkout Ltd is licensed by the UK Financial Conduct Authority as an authorised payment institution under number 584615, as per listed on the FCA Register. Checkout.com adheres to strict industry standards for payment processing.
III. Grounds and purposes for use or process of Personal Data
Our primary purpose for the processing of Personal Data is to provide you with the Services and Products you request and for those purposes which we believe will help you optimize your use of the Services. We may process Personal Data on different grounds on which the purposes of processing will vary, including to carry our legitimate interest in the business, to perform a contract or to fulfill a legal obligation. Whenever use and process of Personal Data is based on consent we will identify the purposes of processing such data and will provide you with relevant information.
We process Personal Data for the following purposes:
- to provide the information, Services or support you request and related after sale services;
- for analytics and market research to perform or improve our services;
- to send system alert messages;
- to process complaints or customer service inquiries, handling disputes, performing audits;
- to meet legal requirements or defend a legal proceeding;
- to fulfill lawful requests by public authorities;
- to promote our Services and Products including through use of email and social media upon explicit consent for this purpose.
We do not use automated decision-making when processing Personal Data.
IV. Period for processing of Personal Data
Notwithstanding any rights outlined below, we retain Personal Data only as long as is necessary for the purposes set out in this Privacy Notice, or as required by applicable law. At the end of the applicable retention period, we will either securely delete or deidentify your Personal Data, or if deletion or deidentification is not possible, we will securely store your Personal Data separate from any further processing until deletion is possible.
V. Security of Personal Data
In accordance with applicable laws and regulations, we have undertaken appropriate technical and organizational measures to safeguard the security of Personal Data against unauthorized or unlawful access. While no system is completely secure, we believe the measures implemented by Prizmos Ltd reduce our potential vulnerability to a level adequate to the types of data we process.
We periodically review our information collection, storage and processing practices, including physical security measures. We restrict access to Personal Data to employees and agents who need to know that information in order to process it for us and who are subjects to strict contractual confidentiality obligations.
VI. Data Protection Rights
You have the following data protection rights, as may be amended from time to time by applicable law:
Right to access – you have the right to receive at any time information from Prizmos Ltd for the Personal Data we retain about you, of their source and purpose, as well as you can obtain a copy of the Personal Data retained about you.
Right to correct – you have at any time the right to request the timely correction or update of your Personal Data.
Right to restrict processing – you have the right to request the restriction of the processing of your Personal Data in certain cases. Should you require such restriction, please contact us at firstname.lastname@example.org.
Right to request deletion (right to be forgotten) – you are entitled to request Prizmos Ltd to delete your Personal Data, when there is no legitimate reason to continue processing the data, as well as when the processing is not in compliance with the applicable law, except in cases where deletion is not possible or a legitimate reason for processing is applicable or a legal obligation is applicable.
Right to request portability – you have the right to request the transfer of your Personal Data to you or to a third party in a structured, commonly used and machine-readable format.
Right to object to processing – you are entitled to object to processing of your Personal Data if you have a legitimate interest or you deem your rights and freedoms are violated. You have the right to object at any time to processing of your Personal Data for the purposes of direct marketing.
Right to withdraw your consent – if we have collected and processed your Personal Data based on your consent, you may withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing conducted prior to your withdrawal, nor will it affect processing of your Personal Data conducted in reliance upon lawful processing grounds other than consent.
Right to complain – you can complain to the national data protection authority at any time about the collection and use of your Personal Data.
Exercise of Data Subject Right
VII. Third parties, with whom we share Personal Data
We only share Personal Data with third parties when there is a good reason to do so.
Delivery of the Services
Legal obligation or Law enforcement
We may disclose Personal Data to enforce our policies, to comply with our legal obligations or in the interest of security, public interest or in response to requests by law enforcement, regulatory or government authorities in any country where we have entities of affiliates. We may also disclose certain Personal Data in connection with actual or proposed litigation, or to protect our property, security, people and other legitimate rights or interests as allowed by law.
VIII. Cookies and tracking technologies
We and our partners may use various technologies to collect and store information when you use our Services, including cookies and similar tracking technologies. We use these technologies to personalize your experience when using our Services, for various business analytics to improve our Services, and for our marketing strategy.
The services used by third party sites, including social media, may not be secure. Despite reasonable security measures, use of the internet is not secure and unlawful or unauthorized access to private transmissions or data is possible.
If you have any question about our use of Personal Data, please contact us:
Struma 2B, unit 14, Sofia 1202, Bulgaria