Applicable To The Following Website: www.lifelinesat.com / www.o-boy.com
We are committed to the protection of your privacy while you use our Website.
The Party responsible for the processing of your personal data is as follows: LifeLine srl. The Data Controller may be contacted as follows: [email protected], 7A Rue du Grand Arbre, 1470 Genappe, BELGIUM. The Data Controller and operator of the Website are one and the same.
The Data Protection Officer (“DPO”) may be contacted as follows: [email protected]
MODIFICATIONS AND REVISIONS:
THE PERSONAL DATA WE RECEIVE FROM YOU:
Depending on how you use our Website, you will be subject to different types of Personal Data collected and different manners of collection:
During the process of your registration, we will collect some of the following Personal Data from you through your voluntary disclosure:
Name, Email, Physical address, Email address, Phone number
Personal Data may be asked for in relation to:
We may also share such aggregated information with others, but only if that aggregated information does not contain any Personal Data.
THE PERSONAL DATA WE RECEIVE AUTOMATICALLY:
Cookies: We may collect information from you through automatic tracking systems (such as information about your browsing preferences) as well as through information that you volunteer to us (such as information that you provide during a registration process or at other times while using the Website, as described above).
A cookie consists of a reduced set of data transferred to your browser from a web server and it can only be read by the server that made the transfer. This is not executable code and does not transmit viruses.
Technical cookies: Technical cookies, which can also sometimes be called HTML cookies, are used for navigation and to facilitate your access to and use of the site. They are necessary for the transmission of communications on the network or to supply services requested by you. The use of technical cookies allows the safe and efficient use of the site.
You can manage or request the general deactivation or cancelation of cookies through your browser. If you do this though, please be advised this action might slow down or prevent access to some parts of the site.
Cookies may also be retransmitted by an analytics or statistics provider to collect aggregated information on the number of users and how they visit the Website. These are also considered technical cookies when they operate as described.
Temporary session cookies are deleted automatically at the end of the browsing session – these are mostly used to identify you and ensure that you don’t have to log in each time – whereas permanent cookies remain active longer than just one particular session.
Third-party cookies: We may also utilize third-party cookies, which are cookies sent by a third-party to your computer. Permanent cookies are often third-party cookies. The majority of third-party cookies consist of tracking cookies used to identify online behavior, understand interests and then customize advertising for users.
Third-party analytical cookies may also be installed. They are sent from the domains of the aforementioned third parties external to the site. Third-party analytical cookies are used to detect information on user behavior on our Website. This place anonymously, in order to monitor the performance and improve the usability of the site. Third-party profiling cookies are used to create profiles relating to users, in order to propose advertising in line with the choices expressed by the users themselves.
Profiling cookies: We may also use profiling cookies, which are those that create profiles related to the user and are used in order to send advertising to the user’s browser.
When these types of cookies are used, we will receive your explicit consent.
Support in configuring your browser: You can manage cookies through the settings of your browser on your device. However, deleting cookies from your browser may remove the preferences you have set for this Website.
Log Data: Like all websites and mobile applications, this Website also makes use of log files that store automatic information collected during user visits. The different types of log data could be as follows:
– internet protocol (IP) address;
– type of browser and device parameters used to connect to the Website;
– name of the Internet Service Provider (ISP);
– date and time of visit;
– web page of origin of the user (referral) and exit;
– possibly the number of clicks.
The aforementioned information is processed in an automated form and collected in an exclusively aggregated manner in order to verify the correct functioning of the site, and for security reasons. This information will be processed according to the legitimate interests of the Data Controller.
For security purposes (spam filters, firewalls, virus detection), the automatically recorded data may also possibly include Personal Data such as IP address, which could be used, in accordance with applicable laws, in order to block attempts at damage to the Website or damage to other users, or in the case of harmful activities or crime. Such data are never used for the identification or profiling of the user, but only for the protection of the Website and our users. Such information will be treated according to the legitimate interests of the Data Controller.
We may utilize third-party service providers (“Third-Party Service Providers”), from time to time or all the time, to help us with our Website, and to help serve you.
We may use Third-Party Service Providers to assist with information storage (such as cloud storage).
We may provide some of your Personal Data to Third-Party Service Providers in order to help us track usage data, such as referral websites, dates and times of page requests, etc. We use this information to understand patterns of usage of, and to improve, the Website.
We may use Third-Party Service Providers to host the Website. In this instance, the Third-Party Service Provider will have access to your Personal Data.
We may use Third-Party Service Providers to fulfill orders in relation to the Website.
In general, you may request that we do not share your Personal Data with third parties. Please contact us via email, if so. Please be advised that you may lose access to certain services that we rely on third-party providers for.
SOCIAL NETWORK PLUGINS:
HOW PERSONAL DATA IS STORED:
We use secure physical and digital systems to store your Personal Data when appropriate. We ensure that your Personal Data is protected against unauthorized access, disclosure, or destruction.
Please note, however, that no system involving the transmission of information via the internet, or the electronic storage of data, is completely secure. However, we take the protection and storage of your Personal Data very seriously. We take all reasonable steps to protect your Personal Data.
Personal Data is stored throughout your relationship with us. We delete your Personal Data upon request for cancelation of your account or other general request for the deletion of data.
In the event of a breach of your Personal Data, you will be notified in a reasonable time frame and we will follow all applicable laws regarding such breach.
PURPOSES OF PROCESSING OF PERSONAL DATA:
We primarily use your Personal Data to help us provide a better experience for you on our Website and to provide you the services and/or information you may have requested, such as use of our Website.
Information that does not identify you personally, but that may assist in providing us broad overviews of our customer base, will be used for market research or marketing efforts. Such information may include, but is not limited to, interests based on your cookies.
Personal Data that may be considering identifying may be used for the following:
DISCLOSURE OF PERSONAL DATA:
Although our policy is to maintain the privacy of your Personal Data as described herein, we may disclose your Personal Data if we believe that it is reasonable to do so in certain cases, in our sole and exclusive discretion. Such cases may include, but are not limited to:
We may allow users to post their own content or information publicly on our Website. Such content or information may include, but is not limited to, photographs, status updates, blogs, articles, or other personal snippets. Please be aware that any such information or content that you may post should be considered entirely public and that we do not purport to maintain the privacy of such public information.
OPTING OUT OF TRANSMITTALS FROM US:
From time to time, we may send you informational or marketing communications related to our Website such as announcements or other information. If you wish to opt-out of such communications, you may contact the following email: [email protected] You may also click the opt-out/”unsubscribe” link which will be provided at the bottom of any and all such communications.
Please be advised that even though you may opt-out of such communications, you may still receive information from us that is specifically about your use of our Website or about your account with us.
By providing any Personal Data to us, or by using our Website in any manner, you have created a commercial relationship with us. As such, you agree that any email sent from us or third-party affiliates, even unsolicited email, shall specifically not be considered SPAM, as that term is legally defined.
MODIFYING, DELETING, AND ACCESSING YOUR INFORMATION:
If you wish to modify or delete any information we may have about you, or you wish to simply access any information we have about you, you may reach out to us at the following email address: [email protected]
ACCEPTANCE OF RISK:
You have many rights in relation to your Personal Data. Specifically, your rights are as follows:
– the right to be informed about the processing of your Personal Data
– the right to have access to your Personal Data
– the right to update and/or correct your Personal Data
– the right to portability of your Personal Data
– the right to oppose or limit the processing of your Personal Data
– the right to request that we stop processing and delete your Personal Data
– the right to block any Personal Data processing in violation of any applicable law
– the right to launch a complaint with the Federal Trade Commission (FTC) in the United States or applicable data protection authority in another jurisdiction
When the EU Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter “GDPR”) is legally and mandatorily applicable, the present addendum shall apply.
1.1.1. The data protection related concepts used in this article 1 shall have the meaning given to them in the GDPR.
1.1.2. The User (i) represents and warrants that it complies and undertakes to continue to comply with the national laws implementing the Data Protection Directive (95/46/EC) until 24 May 2018 and (ii) undertakes to comply with the General Data Protection Regulation (2016/679) as of 25 May 2018 and (iii) undertakes to comply with the national laws implementing the Directive on Privacy and Electronic Communications (the legislation referred to under (i) , (ii) and (iii) above being jointly referred to as the “GDPR”).
1.1.3. Company will comply with the GDPR when processing information relating to an identified or identifiable natural person in its performance of this Agreement (referred to as ‘personal data’ under the GDPR).
1.2. COMPANY ACTING AS DATA CONTROLLER
Company processes personal data relating to its Users (and their fellow users and end users where applicable), e.g. identification data, contact data, data on the User’s use of Company products and services, data on the User’s communication traffic, billing and payment data, and technical data. In this context, Company acts as a data controller. The data is processed for the following purposes:
– the performance of the agreement with the User and the delivery of the products and services requested by the User;
– the administration and management of relations with the User;
– User profiling and conducting information and promotion campaigns for products and services offered by the Company, unless the User objects to this;
– the improvement and development of Company products and services and the network infrastructure;
– the provision of reporting services to third parties based on anonymized data.
Company’ files may be accessible to third parties who work in the name or on behalf of Company. Company may share User data with the affiliates (or parents) of the Company in order to conduct information and promotion campaigns, unless the User objects to this. In the cases stipulated by law, Company shall hand over User data if requested to do so by the government services. The User has the right to access, correct and delete any data that relates to him. The data relating to Users who have terminated their contracts with Company can be used to inform them of Company’s products and services, unless the User objects to this. Company hereby delegates to the User, which agrees, to carry out the following obligations of Company under the Data Protection Legislation. In particular, the User shall:
– ensure that all personal data are accurate, complete and up-todate;
– shall provide, upon the request of Company, with evidence demonstrating that the data subjects have been duly informed in accordance with this article 1.2.
1.3. COMPANY ACTING AS DATA PROCESSOR
1.3.1. Where User (or its data controllers if the User is not the data controller) provides personal data to Company in connection with its use of the products/services and requests Company to process personal data on behalf of the User (or of the User’s data controllers) for the sole purpose of providing the User with the products/services, the User shall act as data controller in relation to the processing of these personal data and Company shall act as a data processor regarding these personal data.
1.3.2. The User shall ensure the rights and obligations of the Parties are appropriately reflected towards its data controllers it allows to make use of the products/services. The Parties agree that User shall act as the sole point of contact for Company, either in its capacity as data controller or on behalf of its data controllers. All references to User rights and obligations under this article shall be deemed to include the respective data controllers of the User to the extent applicable.
The personal data made available by the User might relate to the following types of data subjects: its own Users, employees, workers, agents, representatives, consultants or other third parties.
The personal data might include the following categories of data:
With regard to these personal data of the User (or its data controllers) will have the rights and obligations a data controller as set out in the GDPR.
1.3.3. Company shall process or transfer the personal data in accordance with User’s documented instructions, unless Company is required to otherwise process or transfer the personal data under the laws of the European Union or one of its Member States. Where such a requirement is placed on Company, Company shall provide prior notice to the User, unless the law prohibits such notice on important grounds of public interest. The Agreement, including this article, is the User’s complete instruction to Company in this respect. All additional or alternative instructions must be agreed upon in writing by the Parties.
1.3.4. Company shall treat the personal data as strictly confidential and ensure that any natural person acting under its authority who has access to the personal data (i) commits himself/herself to confidentiality or is under an appropriate statutory obligation of confidentiality and (ii) does not process the personal data except on instructions from the User, unless he/she is required to otherwise process or transfer the personal data under the laws of the European Union or one of its Member States.
1.3.5. Irrespective of where Company receives or holds the personal data, Company shall take the technical and organizational measures agreed in this Agreement to ensure a level of security appropriate to the risks that are presented by the processing (in particular risks from accidental or unlawful destruction, loss, alteration, unauthorized disclosure, use or access and against all other unlawful forms of processing) and taking into account the state of the art, the costs of implementation and the nature of the personal data and the potential risks.
1.3.6. If Company detects a personal data breach affecting the personal data in the framework of the performance of the Agreement, Company shall inform the User about the breach within a reasonable delay.
1.3.7. At the request of the User and taking into account the nature of the processing as well as the information available to Company, Company shall provide insofar as possible reasonable assistance to the User in:
Company reserves the right to claim a reasonable compensation for this assistance.
1.3.8. At the request of the User, Company shall provide all information necessary to demonstrate compliance with this article 1.3 as well as to contribute reasonable demands for audits conducted by the User or another independent auditor mandated by the User.
Advance notice of at least 60 (sixty) Calendar days is required, unless GDPR requires earlier audit. In case of an audit, User will bear its own expense and the cost of Company’s internal resources required to conduct the audit. Audits will be limited to data privacy aspects and to a maximum of 3 business days and will only be allowed during business hours without impact on the Company business.
Company and the User agree to limit the audits to a strict minimum and with a maximum of once every 2 year, unless serious reasons for an earlier audit would exist or if a data protection authority would require so. Certifications and existing audit reports will be used to avoid audits. If any audit reveals that Company is, or that the products/services are, not in compliance with the provisions of this Agreement and/or GDPR, the exclusive remedy of the User, and the exclusive obligation of Company shall be that: (i) the Parties will discuss such finding, and (ii) Company shall take, at its own cost, all corrective actions, including any temporary workarounds, it deems necessary to comply with the provisions of this and/or GDPR. Company may charge the User for any corrective actions if the corrective actions were required due to changes of GDPR.
1.3.9. The User hereby provides a general written authorization to Company to engage subcontractors for the processing of the personal data (i) to the extent necessary to fulfil its contractual obligations under the Agreement and (ii) as long as Company remains responsible for any acts or omissions of its subcontractors in the same manner as for its own acts and omissions hereunder. Company shall inform the User of any intended addition or replacement of other processors, giving the User the opportunity to object to such changes. If the User has a legitimate reason for objection that relates to the processing of personal data, Company may not be in a position to continue to provide the products and/or services to the User and shall in such case be entitled to terminate this Agreement. Where Company engages another processor under this Article, Company shall ensure that the obligations set out in this article 1.3. are imposed on that other processor by way of a written contract.
1.3.10. Company shall be entitled to transfer the personal data to a country located outside the European Economic Area which has not been recognized by the European Commission as ensuring an adequate level of data protection, if Company (i) has provided appropriate safeguards in accordance with the GDPR or (ii) can rely on a derogation foreseen by the GDPR enabling such transfer. The User shall from time to time execute such documents and perform such acts as Company may reasonably require to implement any such appropriate safeguards.
1.3.11 At the end of the Agreement, Company will delete the personal data (unless the law requires further storage of the personal data) or, if requested by the User, return it to the User or give the User the possibility to extract the personal data.
1.3.12. If any request of the User under this article 1.3 requires Company to take additional steps beyond those directly imposed on Company by the GDPR, the User shall reimburse Company for any costs incurred by Company for taking such additional steps.
1.3.13. The breach of any GDPR by Company shall be deemed as a Company’ fault only if Company has acted outside or contrary to lawful instructions of the Use