Our aim is for you to feel comfortable on our website. The protection of your privacy and your personal rights are therefore important to us. Therefore, we would like to ask you to carefully read the following summary about how our website works. You can rely on transparent and fair data processing and we strive to handle your data carefully and responsibly.

The following Privacy Policy is intended to inform you about how we use your personal data. In doing so, we adhere to the strict provisions of the Hungarian National Authority for Data Protection (NAIH) as well as the requirements of the European General Data Protection Regulation (GDPR). This policy applies to both our web shop under https://ptrsroom.com and our newsletter sign-up page under https://ptrsroom.com/ (collectively our “website”)

Responsible Person
The person responsible within the meaning of the GDPR, other data protection laws applicable in the member states of the EU and other provisions of a data protection is:

Molnár Péter Tamás E.V.
Budapest 1202
Vaskapu street 25.

Hungary

Represented by
Péter Tamás Molnár

Contact information
E-Mail: info@ptrsroom.com
Internet address: ptrsroom.com
VAT number: HU42978808

Scope of the processing of personal data
As a matter of principle, we only collect and use personal data from you insofar as this is necessary to provide a functional website and our content and services, e.g. when you register on our website or log in to an existing customer account or when you order products. The collection and use of your personal data regularly only takes place with your consent. An exception applies in cases where prior consent is not possible for actual reasons and the processing of the data is permitted by legal regulations.

The security of your personal data is a high priority for us. We, therefore, protect your data stored with us by technical and organisational measures in order to effectively prevent loss or misuse by third parties. In particular, our employees who process personal data are bound to data secrecy and must comply with it. To protect your personal data, it is transmitted in encrypted form; for example, we use SSL=Secure Socket Layer for communication via your Internet browser.

You can recognise this by the lock symbol that your browser displays when an SSL connection is established. In order to ensure the permanent protection of your data, the technical security measures are regularly checked and, if necessary, adapted to the state of the art. These principles also apply to companies that process and use data on our behalf and in accordance with our instructions.

Purposes of processing and legal basis
We collect, process and use your personal data for the following purposes:

Establishment and performance of contractual relationships;
Sending newsletters;
Marketing measures;
Customer satisfaction surveys and analyses;
Product evaluations;
Customer service and customer support;
To process orders for our online range of goods.
The processing of your personal data may be based on the following legal grounds:

Art. 6 (1) lit. a GDPR serves as our legal basis for processing operations where we obtain your consent for a specific processing purpose.
Art. 6 (1) lit. b GDPR, insofar as the processing of personal data is necessary for the performance of a contract, e.g. if you purchase a product. The same applies to such processing operations that are necessary for the performance of pre-contractual measures, for example in the case of enquiries about our products or services.
Art. 6 (1) lit. c GDPR, insofar as we are subject to a legal obligation that requires the processing of personal data, such as for the fulfilment of tax obligations.
Art. 6 (1) lit. d GDPR in the event that vital interests of you or another natural person require the processing of personal data.
Art. 6 (1) lit. f GDPR applies on the basis of our legitimate interests, e.g. when using service providers as part of order processing, such as shipping service providers or when carrying out statistical surveys and analyses and logging registration procedures. Our interest is directed towards the use of a user-friendly, appealing and secure presentation as well as optimisation of our website, which serves our business interests as well as meeting your expectations.
Duration of storage and routine deletion of personal data
We process and store your personal data only for the period of time required to fulfil the purpose of storage or if this has been provided for, in laws or regulations. After the purpose has ceased to exist or has been fulfilled, your personal data will be deleted or blocked.

In the case of blocking, deletion will take place as soon as legal, statutory or contractual retention periods do not conflict with this, there is no reason to assume that deletion would impair your interests worthy of protection and deletion would not cause a disproportionately high expense due to the special nature of the storage.

Collection of general data and information, so-called log files
If you visit our website for information purposes only, without providing personal data via registration or in any other way, only the Internet connection data that your browser transmits to our server will be processed. Our website collects a series of general data and information with each call, which is temporarily stored in log files of a server. A log file is created in the course of an automatic protocol of the processing computer system. The following can be recorded:

Access to the website (date, time and frequency)
How you arrived at the website (previous page, hyperlink etc.)
Amount of data sent
Which browser and browser version you are using
The operating system you are using
Which internet service provider you use
Your IP address, which your Internet access provider assigns to your computer when you connect to the Internet
The legal basis for this data processing is Article 6 (1) sentence 1 lit. b of the GDPR, as the collection and storage of this data is necessary for the operation of the website in order to ensure the functionality of the website and to deliver the content of our website correctly.

In addition, the data serve us to optimise our website and to ensure the security of our IT systems and the processing is based in this respect on Art. 6 para. 1 lit. f GDPR. For this reason, the data is stored for a maximum of 7 days as a technical precaution.

We also use this data for the purposes of advertising, market research and to design our services to meet your needs by creating and evaluating user profiles under pseudonyms, but only if you have not exercised your right to object to this use of your data (see information on the right to object under “Your rights”).

Cookies
We use cookies and similar technologies on our website. Cookies are small text files that are stored by your browser when you visit a website. This identifies the browser you are using and can be recognised by our web server. We use so-called “session cookies”, which are deleted again when the browser session is closed. Other cookies (“persistent cookies”) are automatically deleted after a specified period of time, which may differ depending on the cookie.

The use of cookies is partly technically necessary for the operation of our website. We also use cookies and comparable technologies to measure analytics about the reach of our website and to analyze the use of our website. If you wish to learn more about cookies in general, please visit www.allaboutcookies.com and if you like to learn more about the cookies we use please read our Cookie Policy.

Sending information
We use your data for sending information ordered by you about our offer and other promotions from us to the e-mail address provided by you.

a) Newsletter registration on our website
On our website, there is the possibility to subscribe to a free newsletter. When you register for the newsletter, the data from the input mask is transmitted to us, i.e. at least your e-mail address. The registration is carried out by means of the so-called double opt-in procedure.

After registration, you will receive an e-mail asking you to confirm your registration. This confirmation is necessary so that no one can register with other people’s e-mail addresses. For the processing of the data, your consent is obtained during the registration process and reference is made to this data protection notice. If you register for our newsletter, which informs you about our latest products and services, the personal data you provide in this context (such as name, address and e-mail address) will be processed by us for the purpose of sending you the newsletter.

b) Dispatch due to the sale of goods
If you purchase goods or services on our website, we may send you information on our own similar goods to your specified e-mail address even without your consent. The legal basis for this data processing is Art. 6 para. 1 p. 1 lit. f GDPR, because advertising related products and services by way of direct advertising represents a legitimate interest for us as the provider of this website. You may object to the processing of your personal data for the purpose of direct advertising at any time. We will then refrain from further processing for such purposes. You can send us your objection as described below. In addition, you can object to the sending of such newsletters at any time in the future without giving reasons by unsubscribing via the unsubscribe link at the end of each newsletter or by contacting us in any other way.

We would like you to enjoy reading our e-mails. Therefore, we try to only include content that you are likely to be interested in. We, therefore, measure and store opening and click-through rates in your usage profile, i.e. whether and when you open our emails, which content of the emails you click on and when, as well as whether and why our emails could possibly not be delivered. We also use this data for statistical purposes. In particular, this serves our legitimate interest to evaluate the performance of the individual newsletter campaigns and to define optimisation measures in order to make the newsletter as attractive and suitable as possible for you. The legal basis for the processing is therefore Art. 6 para. 1 lit. f GDPR.

Of course, you can unsubscribe from receiving our information at any time, i.e. revoke your consent with effect for the future or object to data processing. For this purpose, you will find a corresponding unsubscribe link in every mail or newsletter and can confirm the unsubscription on our website. You can also contact us for a cancellation at any time. Our Newsletter provider is MailerLite Limited.

MailerLite
With the newsletter we inform you about us and our offers. If you would like to receive the newsletter, we require a valid email address from you as well as information that allows us to verify that you are the owner of the specified email address or that its owner agrees to receive the newsletter. In addition, we request your first name for the personalization of our newsletter, whereby this information is provided voluntarily. No other data is collected. This data is only used for sending the newsletter and will not be passed on to third parties. When you register for the newsletter, we store your IP address and the date of registration. This storage serves solely as proof in the event that a third party misuses an email address and registers to receive the newsletter without the knowledge of the authorized person. You can revoke your consent to the storage of data, the email address and its use for sending the newsletter at any time. The revocation can be done via a link in the newsletters themselves, in your profile area or by sending a message to the contact options above.

The following information explains the contents of our newsletter as well as the registration, dispatch and statistical evaluation process and your rights of objection. By subscribing to our newsletter, you agree to receive it and to the procedures described.

We send newsletters, e-mails and other electronic notifications with promotional information (hereinafter “newsletter”) only with the consent of the recipients or a legal permission. Insofar as the contents of the Newsletter are specifically described in the context of a registration, they are decisive for the consent of the users. In addition, our newsletters contain information about our products and our company (this may include, in particular, references to blog articles, lectures or workshops, our services or online presences).

Registration for our newsletter takes place in a so-called double opt-in process. This means that after registration you will receive an e-mail in which you are asked to confirm your registration. This confirmation is necessary so that no one can register with other e-mail addresses. The registrations for the newsletter are logged in order to be able to prove the registration process according to the legal requirements. This includes the storage of the registration and confirmation time, as well as the IP address.

The newsletter is sent by means of “MailerLite”, a newsletter dispatch platform of the Irish provider MailerLite Limited, an Irish registered company at Ground Floor, 71 Lower Baggot Street, Dublin 2, D02 P593.

Contacting us, registration or placing orders
a) Contacting us
When you contact us, the data you provide will be stored by us based on Art. 6 (1) lit. b of the GDPR, insofar as it is necessary to answer your questions. The contact is logged in order to be able to prove the contact in accordance with the legal requirements. We delete the data accruing in this context when the respective conversation with you has ended and the facts concerned have been conclusively clarified.

b) Registration
On our website, we offer you the opportunity to register by providing personal data. The data is entered in an input mask and transmitted to us and stored. Registration is necessary in order to set up your customer account, which you can use to place orders and services. The processing of the data for this registration thus serves the fulfilment of the contract of use or the implementation of pre-contractual measures and is based on Art. 6 para. 1 lit. b GDPR. You can delete your customer account at any time on our website.

c) Storage of data in the user account
For the conclusion and processing of contracts, we require contact details, such as name, delivery and billing address and e-mail address, as well as information on the type of payment method you have chosen, depending on the individual case. You can store this data in your user account. In addition, we use your data to maintain our customer database so that only accurate data is stored there. In order to avoid typing errors and to ensure that the items you have ordered reach you, we check the completeness and accuracy of your address when you enter it.

Following your order, you will receive a corresponding order confirmation as well as further documents, which we are obliged to provide in order to fulfil our legal information obligations for an effective conclusion of a contract with you. The processing of your data is, therefore, necessary for the conclusion of the contract with you and is therefore based on Art. 6 para. 1 lit. b GDPR.

d) Guest order
You have the option to place your orders as a guest. If you choose this order type, you do not have to register before placing an order. Please note that you will have to enter your data again for each subsequent order.

We collect, process and use the information you provide in the context of a guest order for the purpose of executing the contract in accordance with Art. 6 Para. 1 lit. b GDPR. We store the information you provide for the period of processing and handling your order. Afterwards, your data will be deleted unless you decide to activate your customer account within 14 days after placing your order. Data that we are required to store due to legal, statutory or contractual retention obligations will be blocked instead of being deleted to prevent it from being used for other purposes.

f) Order confirmation
In order to process the contract and provide you with our services, for example the web shop or to send you a package for which a fee is charged, we use your contact details to send you registration confirmations, customer service information, order confirmations, contract documents or payment processing information. We are obliged to send you these documents in order to comply with our legal information obligations for an effective conclusion of a contract with you. The processing of your data is therefore necessary for the conclusion of the contract with you and is based on Art. 6 para. 1 lit. b GDPR.

g) Other
Based on Art. 6 para. 1 lit. c and f GDPR, we use and store your personal data and technical information to the extent necessary to prevent or prosecute misuse or other illegal behaviour on our website, e.g. to maintain data security in the event of attacks on our IT systems. This also takes place insofar as we are legally obliged to do so, for example due to official or court orders, and for the exercise of our rights and claims as well as for legal defence.

Disclosure of personal data to third parties
Your personal data will only be passed on if there is a legal obligation to do so or to service providers and partner companies that have been carefully selected in advance and are contractually obliged to comply with the requirements of data protection law.

a) Disclosure within affiliated companies pursuant to Art. 6 Para. 1 lit. b GDPR
We pass on your personal data for the conclusion and processing of contracts for offers on our website to affiliated companies. This is particularly necessary so that you can use all our offers. If you contact a store or our customer hotline with questions, complaints or returns as well as other complaints, they will also receive access to your order data in order to be able to process your request.

b)Disclosure to service providers according to Art. 6 para. 1 lit. b and f GDPR
For the operation and optimisation of our website and our services and for the processing of contracts, various service companies work for us, e.g. for central IT services or the hosting of our website, for the payment and delivery of products or for the dispatch of newsletters, to whom we pass on the data required for the fulfilment of the task (e.g. name, address).

Some of these companies act for us by way of commissioned processing and may therefore use the data provided exclusively in accordance with our instructions. In this case, we are legally responsible for appropriate data protection precautions at the companies we commission. We therefore agree on specific data security measures with these companies and monitor them regularly.

In contrast to order processing, in the following cases we transmit data to third parties for their own use in order to process the contract. In the case of payment for goods to the payment service provider specified when the order was placed. (Stripe, or ApplePay or GPay)

We do not collect or store any payment transaction information such as credit card numbers or bank details during the payment process. You only provide this information directly to the respective payment service provider.

c) Disclosure to other third parties pursuant to Art. 6 para. 1 lit. c and f GDPR
We will disclose your data to third parties or government agencies within the framework of existing data protection laws if we are legally obliged to do so, e.g. due to official or court orders, or if we are entitled to do so, e.g. because this is necessary for the prosecution of criminal offences or for the exercise and enforcement of our rights and claims.

Google Pay
If you choose the payment method “Google Pay” of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”), the payment will be processed via the “Google Pay” application of your mobile device running at least Android 4.4 (“KitKat”) and equipped with an NFC function by charging a payment card deposited with Google Pay or a payment system verified there (e.g., PayPal). For the release of payment via Google Pay in the amount of more than £25, the prior unlocking of your mobile end device by the respective verification measure set up (such as facial recognition, password, fingerprint or pattern) is required.

For the purpose of payment processing, the information you provide during the ordering process, together with information about your order, will be passed on to Google. Google then transmits your payment information stored in Google Pay in the form of a uniquely assigned transaction number to the source website, which is used to verify a payment that has been made. This transaction number does not contain any information about the real payment data of your payment means deposited with Google Pay, but is created and transmitted as a one-time valid numeric token. For all transactions via Google Pay, Google only acts as an intermediary to process the payment. The transaction is carried out exclusively in the relationship between the user and the source website by debiting the means of payment deposited with Google Pay.

Insofar as personal data is processed during the described transfers, the processing is carried out exclusively for the purpose of payment processing in accordance with Art. 6 (1) lit. b of the GDPR.

Google reserves the right to collect, store and evaluate certain transaction-specific information for each transaction made via Google Pay. This includes the date, time, and amount of the transaction, merchant location and description, a description of the goods or services purchased provided by the merchant, photos you have attached to the transaction, the name, and email address of the seller and buyer or sender and recipient, the payment method used, your description for the reason for the transaction and, if applicable, the offer associated with the transaction.

According to Google, this processing is carried out exclusively in accordance with Art. 6 para.1 lit. f GDPR on the basis of the legitimate interest in proper accounting, verification of transaction data and optimisation and functional maintenance of the Google Pay service.

Google also reserves the right to merge the processed transaction data with other information that is collected and stored by Google when using other Google services.

Payments
We use the payment service provider Stripe. If you choose a payment method offered via the payment service provider Stripe Payments, the payment processing is carried out by the technical service provider Stripe Payments Europe Ltd, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland, to whom we pass on the information you provided during the ordering process, together with information about your order (name, address, account number, bank sort code, credit card number if applicable, invoice amount, currency and transaction number).

Your data will only be passed on for the purpose of processing payments with Stripe Payments Europe Ltd. and only to the extent necessary for this purpose.You can find data protection information on Stripe Payments Europe Ltd. here: https://stripe.com/privacy

Data transfer to third countries
If we use service providers in third countries, we take additional measures to ensure an adequate level of data protection for the transfer of personal data in accordance with Art. 44 of the GDPR and thus ensure that the transfer is generally permissible and that the special requirements for a transfer to a third country are met (e.g. by concluding EU standard contracts and additional guarantees, supplementary technical and organisational measures such as encryption or anonymisation).

Your rights
Of course, you have rights with regard to the collection of your data, which we are pleased to inform you of herewith. If you would like to make use of one of the following free rights, a simple message to us will suffice. For your own protection, we reserve the right, in the case of an existing enquiry, to obtain further information necessary to confirm your identity and, if identification is not possible, to refuse to process the enquiry.

a) Right to information
You have the right to request information and/or copies of the personal data stored about you.

b) Right to rectification
You have the right to request that personal data relating to you be corrected and/or completed without delay.

c) Right to object to processing
You have the right to request the restriction of the processing of your personal data, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer require the data, but you need it for the assertion, exercise or defence of legal claims or you have lodged an objection to the processing.

d) Right to deletion
You have the right to request the erasure of your personal data stored by us, unless the exercise of the right to freedom of expression and information, the processing is necessary for compliance with a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims.

e) Right to information
Where you have exercised the right to rectification, erasure or restriction of processing, we will notify all recipients to whom personal data relating to you has been disclosed of such rectification or erasure or restriction of processing, unless this proves impossible or involves a disproportionate effort.

f) Right to data portability
You have the right to have personal data that you have provided to us handed over to you or to a third party in a structured, common and machine-readable format. If you request the direct transfer of the data to another responsible party, this will only be done insofar as it is technically feasible.

g) Right of objection
Insofar as your personal data are processed on the basis of legitimate interests pursuant to Article 6 (1) (f) of the GDPR, you have the right to object to the processing at any time pursuant to Article 21 (1) of the GDPR.

If we process your for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing in accordance with Art. 21 (2) GDPR; this also applies to profiling insofar as it is related to such direct marketing.

h) Right to withdraw consent
You have the right to cancel your consent to the collection of data at any time with effect for the future. The data collected until the cancellation becomes legally effective will remain unaffected. Please understand that the implementation of your cancellation may take a little time for technical reasons and that you may still receive messages from us in the meantime.

i) Right to complain to a supervisory authority
If the processing of your personal data violates data protection law or if your data protection rights have otherwise been violated in any way, you may complain to the supervisory authority.

You can also exercise your rights of rectification and deletion most quickly, easily and conveniently by logging into your customer account and directly editing or deleting your data stored there.

j) Automated decision making including profiling
You have the right not to be subject to a decision based solely on automated processing which produces legal effects concerning you or similarly significantly affects you.

Hosting and Content Delivery Networks (CDN)
We use NetMasters Europe Kft. (4200 Hajdúszoboszló, Diószegi Sámuel u. 5.; szia@netmasters.hu).

This website is hosted by our external service provider (NetMasters Europe Kft.). The personal data collected on this website is stored on NetMasters Europe Kft.’s servers. This may include, but is not limited to, IP addresses, contact requests, meta and communication data, contractual data, contact data, names, website accesses and other data generated via a website.

NetMasters Europe Kft. is used for the purpose of fulfilling the contract with our potential and existing visitors and users and in the interest of a secure, fast and efficient provision of our online offer by a professional provider.

NetMasters Europe Kft. will only process your data to the extent necessary to fulfil its service obligations and follow our instructions regarding this data.

Woocommerce Statistics
We use the Woocommerce Statistics feature on our website. This allows us to measure the reach of our website and provides us with statistical analysis of visitor behaviour on our website. The data is processed on servers of NetMasters Europe Kft., which we have commissioned with the processing.

The legal basis for the data processing in connection with the Shopify statistics function is Art. 6 (1) f GDPR and the processing serves our legitimate interest in the analysis of user behaviour on our website and the possible design according to requirements. You can object to this processing at any time in the cookie settings.

Google Analytics
We use the Google Analytics service of Google to analyze our website visits. Google uses cookies that enable an analysis of your use of our website. This involves processing personal data in the form of online identifiers (including cookie identifiers), IP addresses, device identifiers and information about your interaction with our website. Google will use this information on our behalf for the purpose of evaluating your use of our website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. In doing so, pseudonymous user profiles can be created from the processed data.

We only use Google Analytics with IP anonymization activated. This means that the IP address of the user is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. The IP address transmitted by the user’s browser is not merged with other data from Google.

You can also prevent the storage of cookies by Google Analytics by selecting the appropriate settings in your browser software. You can also prevent the collection of information generated by the cookie by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout. If you are visiting our website via a mobile device, you can deactivate Google Analytics by clicking on this link.

Social Media
The data you enter on our social media pages, such as comments, videos, pictures, likes, public messages, etc. are published by the social media platform and are not used or processed by us for any other purpose at any time. We only reserve the right to delete content if this should be necessary. Where applicable, we share your content on our site if this is a function of the social media platform and communicate with you via the social media platform. The legal basis is our legitimate interest. The data processing is carried out in the interest of our public relations and communication.

If you wish to object to certain data processing over which we have an influence, please contact us. We will then examine your objection. If you send us a request on the social media platform, we may also refer you to other secure communication channels that guarantee confidentiality, depending on the response required. You always have the option of sending us confidential enquiries to our address stated in the imprint.

As already stated, where the social media platform provider gives us the opportunity, we take care to design our social media pages to be as data protection compliant as possible. With regard to statistics that the provider of the social media platform makes available to us, we can only influence these to a limited extent and cannot switch them off. However, we make sure that no additional optional statistics are made available to us.

Data processing by the operator of the social media platform
The operator of the social media platform uses web tracking methods. The web tracking can also take place regardless of whether you are logged in or registered with the social media platform. As already explained, we can unfortunately hardly influence the web tracking methods of the social media platform. We cannot, for example, switch this off.

Please be aware: It cannot be ruled out that the provider of the social media platform uses your profile and behavioural data, for example to evaluate your habits, personal relationships, preferences, etc. We have no influence on this. In this respect, we have no influence on the processing of your data by the provider of the social media platform.

Facebook Remarketing
Within our website, so-called “Facebook pixels” of the social network Facebook, which is operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or if you are a resident of the EU, Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”), are used. With the help of the Facebook pixel, it is possible for Facebook to determine the visitors to our offer as a target group for the display of advertisements, so-called “Facebook ads”. Accordingly, we use the Facebook pixel to display the Facebook ads placed by us only to those Facebook users who have also shown an interest in our website. This means that with the help of the Facebook pixel we want to ensure that our Facebook ads correspond to the potential interest of the users and do not have a harassing effect. With the help of the Facebook pixel, we can also track the effectiveness of the Facebook ads for statistical and market research purposes by seeing whether users were redirected to our website after clicking on a Facebook ad.

The Facebook pixel is directly integrated by Facebook when our web sites are accessed and can save a so-called cookie, i.e. a small file, on your device. If you subsequently log in to Facebook or visit Facebook while logged in, your visit to our website will be noted in your profile. The data collected about you is anonymous for us, so it does not allow us to draw any conclusions about the identity of the user. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible. The processing of the data by Facebook takes place within the framework of Facebook’s data usage policy. Accordingly, you can find more information on how the remarketing pixel works and generally on the display of Facebook ads, in Facebook’s data usage policy: https://www.facebook.com/policy.php.

You can object to the collection by the Facebook pixel and use of your data for the display of Facebook ads. To do so, you can visit the page set up by Facebook and follow the instructions there on the settings for usage-based advertising: https://www.facebook.com/settings?tab=ads or declare the objection via the US page http://www.aboutads.info/choices/ or the EU page http://www.youronlinechoices.com/ . The settings are platform-independent. The settings are platform-independent, i.e. they are applied to all devices, such as desktop computers or mobile devices.

Automated decision-making
We do not use automated decision-making or profiling.

Do Not Track
Do Not Track is a privacy preference you can set in most browsers. We support Do Not Track because we believe that you should have genuine control over how your info gets used and our Platform responds to Do Not Track requests.

Do Not Sell My Personal Information
We do not sell information that directly identifies you, like your name, address or phone records.

Accuracy
It is important that the data we hold about you is accurate and current, therefore please keep us informed of any changes to your personal data.

Children Data
Our website is not intended for children, and we do not knowingly collect data relating to children. If you become aware that your Child has provided us with Personal Data, without parental consent, please contact us, and we take the necessary steps to remove that information from our server.

External Links
Our website contains links to the online offers of other providers. We hereby point out that we have no influence on the content of the linked online offers and the compliance with data protection regulations by their providers.

Changes and updates to the privacy policy
We kindly ask you to regularly inform yourself about the content of our privacy policy. We will amend the privacy policy as soon as changes to the data processing activities we carry out make this necessary. We will inform you as soon as the changes require an act of cooperation on your part (e.g., consent) or other individual notification.

Queries and Complaints
Any comments or queries on this policy should be directed to us. If you believe that we have not complied with this policy or acted otherwise than in accordance with data protection law, then you should notify us.

All About MailerLite

At MailerLite, protecting your privacy and the privacy of anyone receiving your email is very important to us. The purpose of this Privacy Policy is to make MailerLite safe and appropriate for everyone. Our Privacy Policy applies to your use of MailerLite’s Services and describes the kind of information we process, how it is processed and why.

As used in these Terms, “MailerLite” means:

(a) MailerLite Limited, an Irish registered company at Ground Floor, 71 Lower Baggot Street, Dublin 2, D02 P593, Ireland, if the Customer’s billing address on the applicable Order Form is located in the EEA, UK or Switzerland; or

(b) MailerLite, Inc., a Delaware corporation at 548 Market St, PMB 98174, San Francisco, CA 94104-5401, United States, if the Customer’s billing address on the applicable Order Form is located anywhere else in the world.

MailerLite provides email marketing and automation software as a service. We process Personal Data as a Processor on behalf of the Customer.

1. Definitions

1.1. “Controller” means an entity that determines the purposes and means of the Processing of Personal Data.

1.2. “Customer” means a person or entity that is registered with MailerLite to use the Services.

1.3. “Data Protection Laws” means all data protection and privacy laws and regulations of the EU, EEA, and their member states, Switzerland and the United Kingdom, applicable to the Processing of Personal Data.

1.4. “GDPR” means (a) the Regulation (EU) 2016/679 of the European Parliament and the Council of 27 April 2016 on the protection of natural persons with regard to the Processing of Personal Data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation), and (b) the United Kingdom General Data Protection Regulation.

1.5. “Personal Data” means any information relating to an identified or identifiable natural person.

1.6. “Processing” means any operation or set of operations which is performed upon Personal Data, whether or not by automatic means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction. “Process”, “Processes” and “Processed” shall be interpreted accordingly.

1.7. “Processor” means a natural or legal person, public authority, agency, or any other body which Processes Personal Data on behalf of the Controller.

1.8. “Services” means any product or service provided by MailerLite pursuant to MailerLite’s Terms of Use (“TOU”).

1.9. “Subscriber” means a person Customer contacts through our Services.

1.10. “We”, “us”, and “our” refer to the MailerLite.

1.11. “You,” “your,” and “yours” refer to the user.

2. Consent

By accessing our Services, you accept our Privacy Policy and TOU, and you consent to our collection, storage, use, and disclosure of your personal information as described in this Privacy Policy. In addition, by using our Services you are accepting the policies and practices described in this Privacy Policy. Each time you visit our website or use the mobile app or the Service, and any time you voluntarily provide us with information, you agree that you are consenting to our collection, use, and disclosure of the information that you provide, and you are consenting to receive emails or otherwise be contacted, as described in this Privacy Policy. Whether or not you register or create an account with us, this Privacy Policy applies to all users of the website, mobile app, and Services.

3. What information we Process

MailerLite collects both “Personal Data” and “Non-Personal Data” about you and will Process this data for the duration of the Services, as described in the TOU:

3.1. Personal Data:

Customers’ information: identification and contact data (name, contact details, username); billing information (billing address, payment information); organization information (name, address, geographic location, area of responsibility, VAT code), IP addresses, browsing activity, web server logs.

Subscribers’ information: email address and any other additional information that Customer provides to MailerLite.

3.1.1. At any time, you may log in and change this information, or remove it. You may decline to provide Personal Data to the Services, however, some of the Personal Data we ask you to provide, for example, the email address is mandatory for a Service. If you decline to provide it, we may not be able to provide that service to you.

3.1.2. Please note, MailerLite does not process or store your credit card information. Once you make a payment, your credit card information is transferred to our third-party payment processor Braintree. Please find their Privacy statement here.

3.1.3. If, being a Shopify user, you install MailerLite Shopify app through Shopify App Store, Shopify will bill you for our Services. More information about Personal Data collected by Shopify can be found in Shopify’s Privacy Policy here.

3.1.4. Please be informed that for communication via email and live chat, MailerLite uses third-party customer support platforms. When communication goes through our Contact Us form or email, your information is transferred to HelpScout. When communication is through live chat, your information is transferred to Intercom. If you reach out to us when using the new version of MailerLite, regardless of the method, your information will be transferred to HelpScout. You may find HelpScout’s privacy policy here and Intercom’s here.

3.2. Non-Personal Data:

The browser and device information: location, device type, model, number, type of browser or operating system, the time and date of access, screen resolution, plug-ins, add-ons and the version of the Services you are using, and other information that does not personally identify you.

Information from your use of the Services and information from other sources: we may receive information about how and when you use the Services, or other types of files associated with your account, and link it to other information we collect about you. Also, we may obtain information about you or your Subscribers from third-party sources, such as public databases, social media platforms, third-party data providers, and our joint marketing partners. This information may include, for example, time, date, browser used, demographic information, device information (such as device type, model, number, type of browser or operating system), location, and online behavioral data (such as information about your use of social media websites, page view information and search results and links), actions you have taken, anonymous usage data, referring/exit pages and URLs, preferences you submit and preferences that are generated based on the data you submit and the number of clicks.

4. Purposes of Processing

4.1. MailerLite uses collected information for the operation of the Services, to maintain the quality of the Service, to provide general statistics regarding use of the Service, to promote and analyze the Services, to provide customer support and send information about the Services, to protect the rights and safety of Customers, Subscribers, third-parties and our own, to send customized informational or promotional content and provide suggestions according to marketing preferences, to ensure observance of our TOU and meet the legal requirements, to verify identity and provided information, manage payments, to understand demographics, Customer interests and needs, and other trends among users, and for other business purposes.

4.2. We may combine Personal Data with other information we Process to customize informational content and enhance our ability to provide Services according to marketing preferences, restrictions or for advertising, targeting purposes, personalization of ads, or to develop and provide you with more relevant products and features in accordance with this Privacy Policy.

5. How we collect your information

5.1. Data provided by our Customers: Customers may import into the Services Personal Data they have collected from their Subscribers or other individuals. We have no direct relationship with Customers’ Subscribers or any individuals other than our Customers. Our Processing of Personal Data is based on the data subject freely given consent and Customers are responsible for making sure they have the necessary permissions for us to Process Personal Data about Subscribers or other individuals.

5.2. Tracking technologies: in connection with the performance of the Services, MailerLite uses:

Cookies: cookies are tiny files of data that a website transfers to your computer’s hard disk for record-keeping purposes. Most web browsers are set to accept cookies, but you can change this in your browser settings. However, if you do not accept cookies, you may not be able to use all of MailerLite’s functionality. We use cookies to improve your Mailerlite experience and by collecting this data, we can store information so that you don’t have to re-enter it every time you visit MailerLite. We also use it to monitor visitor metrics to MailerLite such as page views, time on site, number of visitors, etc.

Web beacons: we include single-pixel gifs (web beacons) in emails we send, which allow us to collect information about when you open the email and your IP address, your browser or email client type, and other similar details. We use the data from those web beacons to create reports about how your email campaign performed and what actions your Subscribers took, to capture the time spent on the Services, pages visited and email campaign performance.

Unique identifiers and similar tracking technologies: we may use other tracking technologies to administer the Services, track your movements around the Services, analyze trends, track behavior, serve targeted advertisements and gather demographic information, to measure the performance of our email campaigns and to improve our features for specific segments of Customers.

5.3. Log Data monitoring: we may collect log data whenever you access our tool. This data could include things like an IP address, browser type, and version, the pages you visit on MailerLite, and other user statistics. When you access MailerLite with a mobile device, log data may include the type of device, your mobile unique ID, the IP address of your device, mobile operating system, and other mobile statistics.

5.4. Third-party services: we may use third-party services, such as Google Analytics and Facebook, that collect and analyze log data to help us improve MailerLite, and occasionally to use for targeted online advertising. Our third-party partners may use cookies or other tracking technologies to provide you advertising on other sites based on your browsing activities and interests. You can find more information about these practices, including how to opt out of receiving targeted advertising here: http://www.aboutads.info/choices/.

5.5. Based on the requirements of the California Online Privacy Protection Act, MailerLite declares that it does not correspond to Do Not Track browser signals.

6. Transferring to third-party companies

6.1. We will never sell, rent, or lease your Personal Data to a third party, but we may share collected information for the purposes described in this Privacy Policy with third parties that help MailerLite provide, improve, promote or support Services, that help with our business operations and assist in the delivery of our Services, or who perform services for us, in order to prevent damage to our property or for safety reasons, for example, payment processors, hosting services, analytics, content delivery services, advertising partners, etc., in a manner that is consistent with this Privacy Policy. We may also share information with third parties if required to do so by law or if you violate our TOU.

6.2. We may disclose Non-Personal Data for any purpose because this information cannot be used to identify you or another person.

7. Email communications & opting out

7.1. From time to time you may receive emails related to your use of MailerLite. Based on the Personal Data that you provide us, we may communicate with you in response to your inquiries to provide the Services you request and to manage your account. We may also use your Personal Data to send you updates and other promotional communications. Every email will contain a link to be able to opt-out of receiving it. We may still send important messages regarding administrative matters, updates, disputes, and customer service issues that are required to provide the Services.

7.2. If a Subscriber no longer wants to be contacted by one of our Customers, he can unsubscribe directly from that Customers’ newsletter or contact the Customer directly to update or delete the data. If a Subscriber contacts us, we will refer him to that Customer. We will retain personal information we Process on behalf of our Customers only for as long as needed to provide our Services or to comply with our obligations.

8. Safety of your information

8.1. MailerLite takes reasonable precautions, technical and organizational security measures to ensure a level of security appropriate to the risk, follows industry best practices in order to protect your Personal Data from any unauthorized or unlawful breach of security that leads to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or access to Personal Data and to preserve the security and confidentiality of the data. However, these measures do not guarantee that your information will not be accessed, disclosed, altered or destroyed by breach of such precautions. By using our Service, you acknowledge that you understand and agree to assume these risks.

8.2. The customer is responsible for reviewing the information made available by MailerLite relating to its data security and making an independent determination as to whether the Services meet Customer’s requirements and legal obligations under Data Protection Laws. Also, Customer is responsible for its secure use of the Services, including securing its account authentication credentials, protecting the security of Personal Data when in transit to and from the Services and taking any appropriate steps to securely encrypt or backup any Personal Data uploaded to the Services.

9. Protecting Subscriber’s lists and data

9.1. We reserve the right to monitor your lists, content and response data from time to time to make sure they comply with our TOU, we will never share, sell or rent your customer data to anyone for any reason.

9.2. Our data storage center is in the European Union and has information storage security certificate (ISO 27001) so you can rest assured that your Subscribers data is safe with us.

10. Links to other websites

As part of the Service, we may provide links to or compatibility with other websites or applications. However, we are not responsible for the privacy practices employed by those websites or the information or content they contain. This Privacy Policy applies solely to information collected by us through the Service. Therefore, this Privacy Policy does not apply to your use of a third-party website accessed by selecting a link via our Service. To the extent that you access or use the Service through or on another website or application, then the privacy policy of that other website or application will apply to your access or use of that site or application. We encourage our users to read the privacy statements of other websites before proceeding to use them.

11. Data Processing Addendum

We created our Data Processing Addendum to cover the GDPR requirements as they relate to email marketing and we encourage all our Customers to review it here.

12. Age of consent

By using the Service, you represent that you are at least 16 years of age.

13. California Consumer Privacy Act

13.1. According to The California Consumer Privacy Act (“CCPA”) residents of California, United States have specific rights regarding their Personal Data. California consumers have the right to 1) request that businesses disclose information about their collection and use of Personal Data over the past year; 2) ask such businesses to delete Personal Data; 3) opt-out of the sale of their Personal Data.

13.2. MailerLite in terms of CCPA acts as a service provider and we process Personal Data on our Clients behalf. Please direct any requests for access or deletion of your Personal Data to our Clients with whom you have a direct relationship.

14. Merger or acquisition

In the event we undergo a business transaction such as a merger, acquisition by another company, or sale of all or a portion of our assets, your Personal Data may be among the assets transferred. You acknowledge and consent that such transfers may occur and are permitted by this Privacy Policy, and that any acquirer of our assets may continue to Process your Personal Data as set forth in this Privacy Policy.

15. MailerLite as a Controller

MailerLite acts as a Controller of Personal Data of its employees, contractors, candidates, affiliates and other third parties that are not considered as a Customer. MailerLite undertakes to comply with legal requirements when processing Personal Data as a Controller and implements appropriate technical and organizational measures to ensure a level of security of Personal Data as required under GDPR and applicable Data Protection Laws.

16. Changes

MailerLite reserves the right to change this Privacy Policy at any time. If we decide to change this Privacy Policy, we will post these changes on this page so that you are always aware of what information we collect, how we use it, and under what circumstances we disclose it. All changes are effective immediately upon posting and we suggest that you check this Privacy Policy periodically if you are concerned about how your information is used.

17. Contacting MailerLite

If you:

would like to request access to the information we hold about you, correct, modify, delete or update Personal Data that you have provided to us, or

have any questions regarding this Privacy Policy or the practices of this site, wish to withdraw your consent for the continued collection, would like to object to your Personal Data being used, or have any additional questions:

Please contact us any time via email: info@mailerlite.com.