Privacy Policy

Effective Date: December 7, 2018

  1. Overview

This Privacy Policy applies to the IFDAQ and its operated websites and subdomains (“Sites”). The IFDAQ (“we,” or “us”) knows that you care how information about you is used and shared and take your data protection rights and our legal obligations seriously. This Privacy Policy explains what information of yours will be collected by the IFDQ when you access ifdaq.com and all subordinated domains and projects, how the information will be used, the steps we take to protect such information and how you can control the collection, correction and/or deletion of information. By visiting the Site, you accept the privacy practices described in this Policy. We will not use or share your information with anyone except as described in this Privacy Policy. This Privacy Policy does not apply to information we collect by other means (including offline) or from other sources. Capitalized terms that are not defined in this Privacy Policy have the meaning given them in our Terms. The use of information collected through our Sites shall be limited to the purposes under this Privacy Policy.

Except as otherwise noted in this Privacy Policy, IFDAQ is a data controller (as that term is used under the EU General Data Protection Regulation (“GDPR”)), which means that we decide how and why the information you provide to us is processed. Contact details are provided in Section 14 below. This Policy may be amended or updated from time to time to reflect changes in our practices with respect to the Processing of your information, or changes in applicable law. We encourage you to read this Policy carefully, and to regularly check this page to review any changes we might make.

Definitions:

  • “Client” means a customer of IFDAQ.
  • “Client Data” means personal data, reports, preferences in electronic form that a User of the Service stores within the Service.
  • “Personal Data” means any information relating to an identified or identifiable natural person.
  • “Public Area” means the area of the Site that can be accessed both by Users and Visitors, without needing to log in.
  • “Restricted Area” means the area of the Site that can be accessed only by clients and users, and where access requires logging in.
  • “User” means an employee, agent, or representative of a Client, who primarily uses the restricted areas of the Site for the purpose of accessing the Service in such capacity.
  • “Visitor” means an individual other than a User, who uses the public area, but has no access to the restricted areas of the Site or Service.

  1. Information We May Collect & Process

We collect different types of information from your use of our Website with your specific knowledge and consent. The processing is necessary for providing the Service and the processing of which is carried out in our legitimate interests, which are further explained in the section “How We Use the Information We Collect” of this Policy. We may also process data upon your consent, asking for it as appropriate.

  • Contact information (such as your name, email address, postal address, telephone number and any other personal data) that you provide by completing forms on the Website, including if you register and create an account on the Website;
  • Details of any transactions made by you;
  • Personal data that may be contained in communications you send to us, for example to report a problem or to submit queries, concerns or comments regarding the Website or its content;
  • Credit/debit card information;
  • Information about your use and navigation of our Website, such as your IP address and other device identifiers, your operating system and browser type, and information about the Website pages you visit, collected by cookies or other tracking technologies; and
  • Personal information collected from third parties, such as data that you agree to share with us on publicly accessible social networks (e.g., Facebook, Instagram, etc.) and/or that we may collect from other publicly accessible databases.

You are under no obligation to provide any such information. Providing your personal data to us (in particular, your personal details, your email, your address, your credit/debit card numbers and bank code and your telephone number) is necessary for processing your order for the purchase of services on the Website, supplying other services provided on the Website upon your request, or when your personal data is needed to fulfil obligations required by law or regulations. The refusal to provide us with any personal data necessary for performing the above purposes may consequently prevent us from processing your order for the purchase of products sold on the Website or fulfilling obligations required by law and other regulations. Therefore, failure to provide personal data may constitute, in some cases, a legitimate and justified reason for not processing your order for the purchase of products sold on the Website or not providing the Website’s services.

Disclosure of further personal data to us other than that required for fulfilling legal or contractual obligations and to properly browse our services with necessary traffic data is, on the contrary, optional and does not have any effect on the use of the Website and of its services or on the purchase of products on the Website. We will inform you at every step whether disclosing your personal data to us is required or optional by marking with an appropriate symbol (*) the information that is required, or data needed for the purchase of products and/or for the provision of requested services on the Website.

  1. Information We Do Not Collect & Process

We do not collect or otherwise Process Personal Information about race or ethnicity, political opinions, religious or philosophical beliefs, trade union membership, physical or mental health, sexual life, any actual or alleged criminal offences or penalties, or any other information that may be deemed to be sensitive under GDPR (collectively, “Sensitive Personal Information”) in the ordinary course of our business.

Where it becomes necessary to Process Sensitive Personal Information under GDPR, we would rely on one of the following legal bases:

  • Compliance with applicable law: We may Process your Sensitive Personal Information where the Processing is required or permitted by applicable law;
  • Detection and prevention of crime: We may Process your Sensitive Personal Information where the Processing is necessary for the detection or prevention of crime (including the prevention of fraud);
  • Establishment, exercise or defense of legal rights: We may Process your Sensitive Personal Information where the Processing is necessary for the establishment, exercise or defense of legal rights; or
  • Consent: We may Process your Sensitive Personal Information where we have, in accordance with applicable law, obtained your prior, express consent prior to Processing your Sensitive Personal Information.
  • Children: The Services are not intended for use by children, especially those under 18. No one under the age of 13 should provide any Personal Information. We do not knowingly collect Personal Data from children under the age of 18 without obtaining parental consent. If you are under 18 years of age, then please do not use or access the Service at any time or in any manner. If we learn that Personal Data has been collected on the Service from persons under 18 years of age and without verifiable parental consent, then we will take the appropriate steps to delete this information. If you are a parent or guardian and discover that your child under 18 years of age has obtained an Account on the Service, then you may alert us at privacy@ifdaq.com and request that we delete that child’s Personal Data from our systems.

  1. How We Collect Information

We may collect User Information about you from the following sources:

4.1 User-provided Information - We may obtain your Personal Information when you provide it to us across our Services (e.g. register for site membership or create a profile or account on any part of the Services; perform search queries through the Website; contact us via email, telephone or by any other means. We may also collect or obtain your Personal Information that you clearly choose to make public, including via social media (e.g., we may collect information from your social media profile(s) if you make a public post about us.

4.2 Automatically Collected Information - When a User or Visitor uses the Service, we may automatically record certain information from the User’s or Visitor’s device by using various types of technology including cookies, web beacons. This “automatically collected" information may include Non-precise information about the approximate physical location (“Geo IP Data”), Internet Protocol (“IP”) address or other device address or ID, internet service provider (“ISP”), web browser and/or device type, eTags, JavaScript, pixel tags, device ID tracking, anonymous identifiers, cookies, Log files, local Shared Objects, such as Flash cookies, and Local Storage, such as HTML5.

  1. How We May Use Your Information

The purposes for which we process your personal data are the following:

  • Administer your account with us, verify and carry out financial transactions in relation to payments you make, audit the downloading of data from the Website
  • Identify visitors to the Website, carry out data analytics and market research, Carry out data enrichment, such as by analyzing your product preferences, interactions with the Website together with data collected from third parties, such as data that you agree to share with us on social networks (e.g., Facebook, Instagram, etc.) and/or that we may collect from publicly accessible databases, Correspond with you to resolve your queries or complaints
  • Send you marketing communications containing news, information and updates about our products and services, offers, promotions and special events, and other marketing communications that may be of interest to you (by SMS, email or telephone), and customize your experience with us to your interests and shopping habits and improving our services, notably via profiling. We also may use the data we collect about you to assist us in advertising our products and services on third party websites – please see our Cookie Policy for additional information.

Whenever we process your personal data, we do so on the basis of a lawful "justification" (or legal basis) for processing. In the majority of cases, the processing of your personal data will be justified on one of the following bases:

  • processing is necessary to perform a contract with you or take steps that you have requested in order to enter into a contract (e.g., sale contract);
  • processing is necessary for us to comply with a legal obligation;
  • processing is in our legitimate interests as a business, and our interests are not overridden by your interests, fundamental rights or freedoms. Our legitimate interests may include our interest in using customer and Website user personal data to conduct and develop our business activities (including by carrying out standard marketing activities), with current and potential customers and Website users; and in establishing, exercising or defending legal claims; or
  • processing is based on your prior explicit consent, such as segmented and customized marketing activities.
  1. Cookies and Analytics

Cookies-
The IFDAQ may use cookies and other tracking technologies to analyze trends, administer Services, track users’ movements around the Website and on third party sites, devices and applications, and to gather demographic information about our user base. You can control the use of cookies at the individual browser level, but if you choose to disable cookies, it may limit your use of certain features or functions on the Website. Please see our Cookie Policy for more information, including a more in-depth explanation of what cookies are, the different types of cookies used on the Website, and how to change or delete them.

Tracking Technologies & Analytics-
Tracking technologies on the Services may be deployed by IFDAQ and/or by our service providers, or partners. Certain tracking technologies enable us to assign a unique identifier to you, and relate information about your use of the Services to other information about you, including your User Information. We may match information collected from you through different means or at different times and use such information along with offline and online information obtained from other sources (including from third parties), including, but not limited to, demographic information and updated contact information.

We use Google Analytics to measure and evaluate access to and traffic on the Site, and create user navigation reports for our Site administrators. Google operates independently from us and has its own privacy policy, which we strongly suggest you review. Google may use the information collected through Google Analytics to evaluate Users' and Visitors’ activity on our Site. For more information, see Google Analytics Privacy and Data Sharing.

We take measures to protect the technical information collected by our use of Google Analytics. The data collected will only be used on a need to know basis to resolve technical issues, administer the Site and identify visitor preferences; but in this case, the data will be in non-identifiable form. We do not use any of this information to identify Visitors or Users.

When you receive email messages from us, we may use web beacons, customized links, clear GIFs or similar technologies to determine whether the email has been opened and which links you click in order to provide you with more focused email communications or other information, and/or to aggregate that information with other data we collect to use for some or all of the purposes outlined in this Privacy Policy.

We and our partners (including but not limited to affiliates, and analytics providers) also may use technologies such as pixel tags, e-tags, IP addresses, Local Shared Objects, Local Storage, Flash cookies and HTML5 to analyze trends; administer the Services; collect and store information such as user settings, anonymous browser identifiers and video viewing history; supplement our server logs and other methods of traffic and response measurement; track users’ location and movements around the Services; gather demographic information about our user base; and to improve our understanding of traffic on the Services, visitor behavior, and responses to promotional campaigns. We may receive reports based on the use of these technologies by these third-party companies on an individual and aggregated basis. For example, we may connect information about your IP address to known corporate or User Information and use the associated information related to aggregate content preferences to assist in our efforts to market services to you or the originating corporation(s). Various browsers may offer their own management tools for removing Local Storage. To manage Flash Local Shared Objects please click here.

  1. Information We Disclose to Third Parties

We may disclose your personal data to any of our affiliate companies, for legitimate business purposes (including operating the Website, and providing services to you), in accordance with applicable law, or to our service providers who assist us in providing the services we offer, processing transactions, fulfilling requests for information, receiving and sending communications, updating marketing lists, analyzing data, providing support services or in performing other tasks, from time to time. For the avoidance of doubt, we will get your express opt-in consent before we share your personal data with any third- party company other than IFDAQ for marketing purposes. We may also share your personal data with third parties in connection with potential or actual sale or restructuring of our company or any of our assets, or those of any associated company, in which case personal data held by us about our users may be one of the transferred assets. We will also respond to requests for personal data where required to do so by law, or when we believe that disclosure is necessary to protect our rights and/or comply with a judicial proceeding, court order, request from a regulator or any other legal process served on us.

7.1 Law Enforcement, Legal Process and Compliance - We may disclose Personal Data or other information if required to do so by law or in the good-faith belief that such action is necessary to comply with applicable laws, in response to a facially valid court order, judicial or other government subpoena or warrant, or to otherwise cooperate with law enforcement or other governmental agencies. We also reserve the right to disclose Personal Data or other information that we believe, in good faith, is appropriate or necessary to (i) take precautions against liability, (ii) protect ourselves or others from fraudulent, abusive, or unlawful uses or activity, (iii) investigate and defend ourselves against any third-party claims or allegations, (iv) protect the security or integrity of the Service and any facilities or equipment used to make the Service available, or (v) protect our property or other legal rights, enforce our contracts, or protect the rights, property, or safety of others.

  1. Transfer of Information

Because of the international nature of our business, we may need to transfer your User Information to third parties as noted in Section 9 above, in connection with the purposes set out in this Policy. For this reason, we may transfer your User Information to other countries that may have different laws and data protection compliance requirements to those that apply in the country in which you are located. The IFDAQ is committed to subjecting all Personal Information received from European Union (E.U.) member countries and Switzerland. Information collected through our website may be stored and processed in the United States, Europe, or any other country. We may transfer information that we collect about you, including personal information, to affiliated entities, or to other third parties across borders and from your country or jurisdiction to other countries or jurisdictions around the world. If you are located in the European Union or European Economic Area, please note that we will not transfer information, including personal data, to a country outside of the European Union or European Economic Area.

To ensure the protection of your personal data is consistent with applicable law, such transfers outside your country of residence or the EEA will be made pursuant to the EU Model Clauses, the EU-US or CH-US Privacy Shield certification. We will comply with GDPR requirements providing adequate protection for the transfer of personal information from Europe to the U.S.  Binding Corporate Rules or other acceptable legal mechanisms of which you can request a copy via privacy@ifdaq.com.

  1. Data Security

 

We place great importance on the security of all personal data associated with our users. We have adopted security measures to protect personal data against accidental or unlawful destruction, accidental loss, alteration, unauthorized disclosure or access. For the best possible protection of your personal data outside the limits of our control, your device should be protected (such as by updated antivirus systems) and your internet service provider should take appropriate measures for the security of network data transmission (such as, for example, firewalls and anti-spam filtering).

While we take reasonable steps to protect your personal data, we cannot guarantee that the personal data you disclose to us will be 100% secure, nor that any data breach will not occur. Because the internet is an open system, the transmission of information via the internet is not completely secure. You accept the inherent security implications of dealing on-line over the Internet and will not hold IFDAQ or its processors responsible for any data breach. Any such transmission is at your own risk and you are responsible for ensuring that any Personal Information that you send to us are sent securely.

  1. Data Retention

We take every reasonable step to ensure that your User Information is only Processed for the minimum period necessary for the purposes set out in this Policy. The criteria for determining the duration for which we will keep your User Information are as follows: we will retain copies of your User Information in a form that permits identification only for as long as is necessary in connection with the purposes set out in this Policy, unless applicable law requires a longer retention period.

We generally retain your personal data for three years from the end of our relationship or from the last contact from you, unless local law requires otherwise. However, in some circumstances we may retain personal data for longer periods of time, for instance where we are required to do so in accordance with legal, tax and accounting requirements.

In specific circumstances we may also retain your personal data for longer periods of time corresponding to the applicable statute of limitations so that we have an accurate record of your dealings with us in the event of any complaints or challenges.

  1. Your Choices: What Can you Do to Control your Information?

You may directly take steps to change your preferences as follows:

  • Location Based Services - You may opt-out of having your Precise Location Data collected by The IFDAQ at any time by editing the appropriate setting on your mobile device (which is usually located in the Settings area of your device).
  • Cookies and Pixel Tags - You may stop or restrict cookies and pixel tags on your computer or purge cookies from your browser by adjusting your web browser preferences. However, if you “turn off,” purge, or disable cookies or pixel tags, although you may still use the Website, you may not be able to use all of the features, functions, or services available on the Website. For more information on the types of cookies we use please see our Cookie Policy.
  • Navigation Information - You may opt out from the collection of navigation information about your visit to the Site by Google Analytics by using the Google Analytics Opt-out feature.  
  • EU Residents - GDPR provides certain rights for EU residents. You may decline to share certain information with us, in which case we may not be able to provide some of the features and functionality of the Website. These rights include, in accordance with applicable law, the right to object to or request the restriction of processing of your information, and to request access to, rectification, erasure and portability of your own information. Where we process your information on the basis of your consent, you have the right to withdraw that consent (noting that such withdrawal does not affect the lawfulness of any Processing performed prior to the date on which we receive notice of such withdrawal, and does not prevent the Processing of your Personal Information in reliance upon any other available legal bases). Requests should be submitted by contacting us (using the contact instructions in Section 14 below). If you are an EU resident and have any unresolved privacy concern that we have not addressed satisfactorily after contacting us, you have the right to contact the appropriate EU Supervisory Authority and lodge a complaint.
  • Do not Track Policy -  Some browsers have incorporated “Do Not Track” features. Most of these features, when turned on, send a signal or preference to the website or online service that a user visits, indicating that the user does not wish to be tracked. IFDAQ does not act on “do not track” requests from your browser because, there is not yet a common understanding of how to interpret Do Not Track signals and this way, we are able to personalize your experiences on our Websites.
  • Privacy Settings - Although we may allow you to adjust your privacy settings to limit access to certain Personal Data, please be aware that no security measures are perfect or impenetrable. We are not responsible for circumvention of any privacy settings or security measures on the Service. Additionally, we cannot control the actions of other users with whom you may choose to share your information. Further, even after information posted on the Service is removed, caching and archiving services may have saved that information, and other users or third parties may have copied or stored the information available on the Service. We cannot and do not guarantee that information you post on or transmit to the Service will not be viewed by unauthorized persons.
  1. Your Rights

You have the following rights with respect to your personal data:

  • Right to withdraw consent - where applicable, you have the right to withdraw your consent at any time.   For example you can take steps to change your preferences as listed above in Section 11.
  • Right of access, rectification and erasure - you have the right to request access to and obtain a copy of any of your personal data that we may hold, to request correction of any inaccurate data relating to you and to request the deletion of your personal data under certain circumstances. You can see and update most of this data yourself online, or by contacting directly privacy@ifdaq.com.
  • Right of data portability - Under certain conditions, you have the right to receive all such personal data which you have provided to us in a structured, commonly used and machine-readable format, and also to require us to transmit it to another controller where this is technically feasible.
  • Right to restriction of processing - you have the right to restrict our processing of your personal data where:
    • you contest the accuracy of the personal data until we have taken sufficient steps to correct or verify its accuracy;
    • the processing is unlawful, but you do not want us to erase the data;
    • we no longer need your personal data for the purposes of the processing, but you require such data for the establishment, exercise or defense of legal claims; or
    • you have objected to processing justified on legitimate interest grounds (see below) pending verification as to whether we have overriding compelling legitimate grounds to continue processing.
    • Where personal data is subject to restriction in this way, we will only process it with your consent or for the establishment, exercise or defense of legal claims.
  • Right to object to processing justified on legitimate interest grounds - where we are relying upon legitimate interest to process personal data, then you have the right to object to that processing. If you object, we must stop that processing unless we can either demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms or where we need to process the data for the establishment, exercise or defense of legal claims. Where we rely upon legitimate interest as a justification for processing we believe that we can demonstrate such compelling legitimate grounds, but we will consider each case on an individual basis.
  • Right to object to processing for marketing purposes - where we process personal data for direct marketing purposes, then you have the right to object to that processing at any time.
  • You also have the right to lodge a complaint with a supervisory authority if you consider that the processing of your personal data infringes applicable law.
    For further information regarding your rights, to exercise any of your rights, or if you have any complaints or questions regarding the processing of your personal data please contact privacy@ifdaq.com.

    1. Changes and Updates to Our Privacy Policy

    We may change this Privacy Policy from time to time, and all changes will be effective at the time we post them. If we believe there is a significant change to this Privacy Policy or our data collection and use practices, we will indicate on our websites that our Privacy Policy has changed prior to the change becoming effective. The then-posted version of the Privacy Policy supersedes all prior versions. Your continued access to or use of any of the Services shall be deemed your acceptance of the Privacy Policy.

    We urge you to come back to this web page and review this Privacy Policy regularly so that you remain aware of the terms and conditions that apply to you.

    1. How to Contact Us

    Please contact us with any questions, comments or concerns about any of the information in this Policy, your Personal Data, our use and disclosure practices, or your consent choices by email at privacy@ifdaq.com. If you are an EU resident, for matters relating to privacy and data protection, you may contact our Data Protection Officer by email at dpo@ifdaq.com.

    Last update: December 7, 2018