PRIVACY AND GDPR POLICY

Introduction

Effective date: May 11, 2021

PEXLY (“us”, “we”, or “our”) operates the https://pexly.com website (hereinafter referred to as the “Service”).

This page informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Service and the choices you have associated with that data.

With this policy, we inform you that in cases in which we are required to do so by law, we apply the GDPR rules regarding the collection, storage, use, handling, transfer and deletion of personal information. In all other cases, we apply applicable laws (including CCPA, where applicable) and internal rules and policies.

Data Security, Transparency, Reliability, Standards of data protection and Compliance with legislation have always been the highest priority for our company.

Table of Contents

Please, find below the following information:

• What Is The GDPR
• What Data We Collect and How We Collect It
• Legal Basis for Processing the Data and Key Principles of Data Usage and Storage in our company
• Your Rights
• Final Provisions

1. What Is The GDPR

The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy, which came into effect on the 25th of May, 2018.

The GDPR applies to all organizations operating within the EU and processing “personal identifiable data” of EU residents.

To learn more about GDPR, please, visit official General Data Protection Regulation website.

2. What Data We Collect and How We Collect It

There are two ways, in which Pexly can obtain personal data:

• From this website, while being a Controller in GDPR terms;

• From its Clients under the framework of relevant legal binding agreements, while being a Processor in GDPR Terms

Therefore, there are two distinct groups of Data subjects: users of Pexly’s official web-site and Pexly’s Clients.

As per the GDPR definition, ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

For both parties, unless otherwise  specified in a separate agreement between Pexly and it’s Client (i.e. Data Protection Agreement) in most cases this means:

• Name;
• Email;
• Telephone number

Being a Controller, we collect your data via online inquiry forms on our website, emailed inquiries and correspondence, or phone conversations.

3. Legal Basis for Processing the Data and Key Principles of Data Usage and Storage

Using Pexly’s services to manage your customers’ data means that you have engaged Pexly as a data processor to carry out certain processing activities on your behalf.

According to  Article 28 of the GDPR, the relationship between the controller and the processor are regulated by the Data Processing Agreement, which we put in place with every Client.

With this said, responsibility regarding the accuracy and completeness of provided personal information, including the correctness and validity of the name, e-mail and other information that the data subject provides to Pexly lies with the Controller (being Pexly’s Client).

Additionally, Pexly acts as the data controller of the personal data we collect about you, our customer, in relations with its contractors.

Being driven by the GDPR regulation, we would like to provide you with clean and clear information on how exactly your data are used, in plain and simple language.

• Which data we collect and/or process? Only Personal data that is necessary for us to perform our contract with you (GDPR Article 6(1)(b)).

We process your personal data to meet our obligations under the law (GDPR Article 6(1)(c)) — this primarily involves financial data and information that we need to meet our accountability obligations under the GDPR.

We process your personal data for our legitimate interests in line with GDPR Article 6(1)(f). From time to time we may send you marketing information in case we believe that it is beneficial to you as a client.

• What are these ‘legitimate interests’ we talk about?

1. Improving our services (using new tools, processes) to help you  reach your goals.
2. Customize and enrich your experience on our Site
3. To identify patterns that we can use in our marketing strategy and to help us develop, administer, support and improve our services and features and adverts
4. To conduct reviews that assist us in the improvement and optimisation of our Site and our Services
5. To administer our Site and Services and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes; and as part of our efforts to keep our Site safe and secure
6. Making sure that your personal data and Pexly’s systems are safe and secure.
7. Responsible marketing of our services and its features, as in providing direct marketing advertisements and communications to you via email, text, post or telephone or via our selected third parties.
8. Monitoring the effectiveness of our direct marketing communications and your responses to it
9. Other legitimate interests and purposes compliant with GDPR provisions

• Choice and Consent

For Users of our site, consent to the provision of personal data is expressed either actively – by filling out and submitting forms that contain personal data, or passively – in terms of the use of cookies, after reading the disclaimer regarding our use of cookies.

For Clients, the conditions for the transfer, use and storage of personal data are governed by a separate legal agreement of the parties

• Use, retention, and disposal

Use, retention and disposal of personal data are governed by GDPR rules and regulations and/or separate agreements with Clients (Data Controllers)

• Acces, Data Storage and Security:

We confirm that Pexly tries to provide the appropriate level of security to cover all possible risks presented by processing, in particular from accidental or unlawful destruction, loss, unauthorized disclosure, etc.

• Any natural person acting under the authority of Pexly either as the controller or the processor who has access to personal data does not process them except on instructions from the controller, unless he or she is required to do so by law.
• We have appropriate Data Access and System Access Controls in place as well as Data Backup.
• We have implemented a wide range of rules and policies regarding information security, access to information and rules for the use of information and privacy. On top of existing standards and procedures, we are ISO 9001 and ISO 27001 certified.

• Sharing and Disclosing Your Personal Data. We retain access to all personal information that we have collected from you or about you. Once in our possession, we will be responsible for that information and that information will be subject to any privacy terms or policies that we have in place.

If our business is sold or merged, or if we sell or buy any businesses or assets, we may disclose your personal data to the prospective seller or buyer of such businesses or assets. We will make sure that any such transfer is done in a secure way.

If we offer or supply a service to you that is provided on our behalf by a third party we may have to pass your information to them in order to deliver the service. By using this Site you consent to us providing your information to  third parties authorised by us to provide such services. We may also use third parties to provide services on our behalf which may include processing (but not using themselves) your information e.g. to complete partial addresses or to enrich the information we hold about you. In either case, we will not pass your information to anyone who is not also subject to adequate privacy commitments in our contract with them and we will not allow the third party to use your information for marketing purposes without your consent.

We also may reveal your personal data to any local or international public authorities, if they have a legal right to ask and obtain such information.

We will not otherwise disclose, sell or distribute your information to any third party without your permission unless we are required to do so by law or to obtain professional advice. 

• Storing Your Personal Data. We retain Personal Data no longer  than it is necessary and we have regular reviews and proper processes in place. In cases when you provide us with your consent to use your details for direct marketing, we will keep such data until you notify us otherwise and/or withdraw your consent.

4. Rights of the Data Subject

According to the GDPR, as a Data subject you have the right to know:

• What personal data we collect and process about you;
• The purpose and location of processing;
• The categories of personal data concerned;
• The recipients to whom the personal data has been/will be disclosed;

• How long we intend to store your personal data for;
• If we did not collect the data directly from you, information about the source;
• What measures we put in place to provide you with these rights.

Also, it is important to list your rights as a Data Subject related to your data maintenance/amendments:

• The data subject has the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her;
• Right to obtain the erasure of personal data from the controller;
• Right to obtain restriction of processing from the controller;
• Right to Data Portability.

If you would like to send us either a general request or a particular request to correct/erase your data, please contact us at:

• Email: [email protected] 

5. Tracking & Cookies Data

We use cookies and similar tracking technologies to track the activity on our Service and hold certain information.

Cookies are files with small amounts of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyze our Service.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.

Examples of Cookies we use:

• Session Cookies. We use Session Cookies to operate our Service.
• Preference Cookies. We use Preference Cookies to remember your preferences and various settings.
• Security Cookies. We use Security Cookies for security purposes.

For more information on Cookies, please acquaint yourself with our designated Cookies Policy.

6. Service Providers

We may employ third party companies and individuals to facilitate our Service (“Service Providers”), to provide the Service on our behalf, to perform Service-related services or to assist us in analyzing how our Service is used.

These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

Analytics

We may use third-party Service Providers to monitor and analyze the use of our Service.

Google Analytics. Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network.

You can opt-out of having made your activity on the Service available to Google Analytics by installing the Google Analytics opt-out browser add-on. The add-on prevents  Google Analytics JavaScript (ga.js, analytics.js, and dc.js) from sharing information with Google Analytics about visits activity.

For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy?hl=en

7. Links To Other Sites

Our Service may contain links to other sites that are not operated by us. If you click on a third party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

8. Children’s Privacy

Our Service does not address anyone under the age of 18 (“Children”).

We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your Children have provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.

9. Compliance with California Consumer Privacy Act (CCPA)

With this policy, we declare ourselves to be in compliance with the rules and procedures established by the CCPA, in instances when, in accordance with applicable international or national law, we are obliged to be guided by the CCPA. The basic guiding principles of our handling of personal data to the extent of compliance with the CCPA are set forth above in this Policy.

10. Monitoring and Enforcement of Compliance to Privacy Policy

As the controller of your personal data, Pexly is committed to respecting all your rights under the GDPR. If you have any questions or feedback, please reach out to our Data Protection Officer (DPO) by email at [email protected].

The DPO is obliged to monitor compliance and enforcement with new regulations, act as the contact point for the supervisory authority on issues relating to processing personal data and to train the staff.

Any changes we may make to this Policy in the future will be posted on this page and, where appropriate, notified to you by e-mail or by other means, if such notification will be deemed necessary. Please check back frequently to see any updates or changes to this Policy.

Tracking Cookies

Cookies Policy

Effective updated date: October 6, 2020

Pexly  (“us”, “we”, or “our”) operates the pexly.com website (hereinafter referred to as the “Service”).

This Policy sets rules for us to use Cookies and informs you on your rights on that matter.

What Are Cookies?

As is common practice with almost all websites this site uses cookies, which are small files stored at your computer to improve your experience. This page describes what information they gather, how Pexly uses it, and why we sometimes need to store these cookies to improve your overall user experience.

We will also explain how you can prevent these cookies from being stored however be advised, that such actions may downgrade or even make it impossible for you to use certain elements of the sites functionality and\or site overall.

For more general information on cookies good starting point may be the Wikipedia article on HTTP Cookies.
Alternatively, you may wish to visit www.aboutcookies.org, which contains comprehensive information on how to do this on a wide variety of desktop browsers.

How We At Pexly  Use Cookies

We use cookies for a variety of reasons detailed below. Unfortunately, in most cases there are no quality option for disabling cookies without completely disabling the functionality and features of the site they associated with. It is recommended that you leave on all cookies if you are not sure whether you need them or not in case they are used to provide a service that you use.

The Cookies We Set

There are two types of cookie:

1. Persistent cookies remain on a user’s device for a set period of time specified in the cookie. They are activated each time that the user visits the website that created that particular cookie.
2. Session cookies are temporary. They allow website operators to link the actions of a user during a browser session. A browser session starts when a user opens the browser window and finishes when they close the browser window. Once you close the browser, all session cookies are deleted.

Third-party Cookies

You may notice on some pages of our websites that cookies have been set that are not related to Pexly. When you visit a page with content embedded from third party, these third party service providers may set their own cookies on your device. Pexly does not control the use of these third-party cookies and cannot access them due to the way that cookies work, as cookies can only be accessed by the party who originally set them. Please check the third party websites for more information about these cookies.

Disabling Cookies

You can prevent the setting of cookies by adjusting the settings in your browser (see your browser Help for how to do this). Be aware that disabling cookies will affect the functionality of this and also many other websites that you visit. Disabling cookies will usually result in simultaneous disabling certain functionality and features of this site. Therefore, it is highly recommended that you do not disable cookies.

User agreement

By continuing to use our site, you agree to the placement of cookies on your device. If you choose not to receive our cookies, we cannot guarantee that your experience will be as fulfilling as it would otherwise be.

More Information

Hopefully that has cleared things comprehensively for you and, as was previously mentioned, if there is something that you aren’t sure whether you need or not it’s usually safer to leave cookies enabled in case it does interact with one of the features you use on our site. However, if you are still looking for more information than you can contact us through one of our preferred contact methods.

Amendments and updates to this policy

This Cookie Policy may be changed at any time without prior notice due to updates or legislative changes. We will try to inform users of any changes made to this policy so that prior consent can be provided but we recommend that you verify this policy periodically. The use of this Site after the changes implies your acceptance of this Policy.