This Policy describes how we collect, use, store and disclose data, including ‘Personally Identifiable Information’ (PII, also referred to as Personal Data), from the users of our website and app.
Please read this Policy carefully since it is legally binding for anyone visiting our website and/or using the Outvio app and Services.
This Policy is part of and subject to the Outvio Terms of Service. Any capitalized terms used but not defined within this Policy have the meaning given to them in the Outvio Terms of Service or in the corresponding regulations.
1. DATA PROTECTION
1.1 The security of any data we process, especially PII, is of the highest priority to us which is why we use a secure server to store all the data and information provided to us.
1.2 We restrict access to any Personal Data we hold. Only selected Outvio employees have controlled access to PII for business reasons as necessary (eg. providing technical or customer support). We uphold electronic, physical and procedural safeguards that comply with relevant laws and regulations to protect personal information from unauthorised access.
1.3 We use SSL technology to encrypt data during transmission through public internet, however, as you will know, the transmission of information via the internet is never completely secure and even though we will do our best to protect your Personal Data, we cannot guarantee the security of your data during transmission to us. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
2. INFORMATION COLLECTED
We need to collect and process data in order to provide services that our Clients have contracted from us through the Outvio Platform in accordance with our Terms of Service. We will hold this information for the duration of the contract with the Clients in order to ensure a seamless and uninterrupted service.
The different types of information collected by or through the Service are:
2.1 Information users provide us when signing up and contracting our services via online registration or correspondence e.g. email, as well as information they provide when participating in discussion boards or other social media functions on our Website or App, when entering a competition, promotion or survey, and when they report a problem with our Services. The information may include the name, address, e-mail address, IP address, phone number, financial information, geographical location, registration number (etc.) of the user.
2.2 Information we automatically collect regarding the use of our Services:
- details of actions carried out when using our Services, including information regarding the details of Shipments fulfilled via the Outvio platform;
- technical information, including the Internet Protocol (IP) address used to connect the computer to the internet, login information, browser type and version, time zone setting, browser plug-in types and versions, operating systems and platforms;
- information about the visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our Website or App (including date and time);
- products viewed or searched for;
- page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone numbers used to call our Customer Support number.
2.3 Information we receive from other sources including other websites we operate or other services we provide; our clients; third parties, e.g eCommerce platforms, banks and payment service providers; business partners, e.g couriers; sub-contractors in technical, payment and delivery services; advertising networks; analytics providers; search information providers; and credit reference agencies.
If we combine or associate information from other sources with Personal Data that we collect through the Service, we will treat the combined information as Personal Data in accordance with this Policy.
2.4 Information Collected by our Clients. A Client or User may store or upload Client Data into the Service. Outvio has no direct relationship with the individuals whose Personal Data our Clients host as part of Client Data. Each Client is responsible for providing notice to its customers and third persons concerning the purpose for which the Client collects their Personal Data and how this Personal Data is processed in or through Outvio as part of Client Data.
4. HOW YOUR INFORMATION IS USED
We use the information collected:
- to carry out our obligations relating to contracts with our clients and to provide users with the information, products and services they have requested from us;
- to comply with any applicable legal and/or regulatory requirements;
- to notify users about changes to our Services;
- as part of our efforts to keep our Services safe and secure;
- to administer our Services and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- to improve our Services and to ensure that they are presented in the most effective manner;
- to measure or understand the effectiveness of advertising we serve and to deliver relevant advertising;
- to offer interactive features on our Services;
- to provide users with information about other similar goods and services we offer;
- to provide users, or permit selected third parties to provide users, with information about relevant goods or services; or
- combine the information we receive from other sources with the information users give to us and the information we collect. We may use this information and the combined information for the purposes set out above (depending on the types of information we receive).
5. DISCLOSURE OF INFORMATION
5.1 We may share information with selected third parties including:
- affiliates, business partners, our suppliers and sub-contractors for the performance of any contract we enter into with them or the users;
- advertisers and advertising networks solely to select and serve relevant adverts to users and others; and
- analytics and search engine providers that assist us in the improvement and optimisation of our site.
5.2 We may disclose your Personal Data to third parties only:
- in the event that we sell or buy any business or assets, in which case we may disclose Personal data to the prospective seller or buyer of such business or assets;
- if we are under a duty to disclose or share Personal data in order to comply with any legal obligation; or to protect the rights, property, or safety of Outvio, our customers, or others.
- to assist us in conducting or co-operating in investigations of fraud or other illegal activity where we believe it is reasonable and appropriate to do so;
- to prevent and detect fraud or crime;
- in response to a subpoena, warrant, court order, or as otherwise required by law;
- to assess financial and insurance risks;
- to recover debt or in relation to insolvency; and
- to develop customer relationships, services and systems.
6. STORING PERSONAL DATA
By submitting your Personal Data, you agree to this transfer, storing and processing.
7. DATA SUBJECTS RIGHTS
7.1 In accordance with the European General Data Protection Regulation rules concerning the protection of Personal data, the subjects have the right to:
- get information about the processing of their Personal data;
- obtain access to the Personal data held about them;
- ask for incorrect, inaccurate or incomplete Personal data to be corrected;
- request that Personal data be erased when it’s no longer needed or if processing it is unlawful;
- object to the processing of Personal data for marketing purposes or on grounds relating to their particular situation;
- request the restriction of the processing of Personal data in specific cases;
- receive their Personal data in a machine-readable format and send it to another controller (‘data portability’);
- request that decisions based on automated processing concerning them or significantly affecting them and based on their Personal data are made by natural persons, not only by computers. They also have the right in this case to express their point of view and to contest the decision.
7.2 Users have the right to ask us not to process their Personal data for marketing purposes by contacting us through firstname.lastname@example.org.
7.3 Users may opt out from the collection of navigation information about their visit to the Site by Google Analytics by using the Google Analytics Opt-out feature.
7.4 Our Services may, from time to time, contain links to and from websites of our partner networks, advertisers and affiliates. If a user follows a link to any of these websites, they need to be aware that these websites have their own privacy policies and that we do not accept any responsibility for them. Users should always check these policies before submitting any Personal data to these websites.
8. OUTVIO AS A DATA CONTROLLER
For the purpose of EU General Data Protection Regulation, Outvio is considered a Data Controller in regards to PII data submitted to our Service by our Clients regarding the Client itself in order to set up and operate their User accounts and use our Services.
9. OUTVIO AS A DATA PROCESSOR
Outvio does not collect or determine the use of any Personal Data contained in Client Data and it does not determine the purposes for which such Personal Data is collected, the means of collecting such Personal Data, or the uses of such Personal Data, thus Outvio is not acting in the capacity of a Data Controller in terms of GDPR and does not have the associated responsibilities.
Regarding any Client Data containing Personal Data that is subject to the requirements of GDPR Outvio should only be considered as a Data Processor on behalf of its Clients and Users.
The Client or the User is considered a Data Controller in regards to any Client Data containing Personal Data in accordance with the GDPR, since they are the ones that control the manner such Personal Data is collected and used, and Outvio does not own or directly access such Client Data except as authorized by the Client, or as necessary to provide Services to the Client and its Users.
An individual who seeks to access, correct, amend, or delete inaccurate Client Data or withdraw consent for further contact should direct his or her query to the Client or User they deal with directly.
When the Client requests Outvio to remove such data, we will respond to its request within thirty (30) days. We will delete, amend or block access to any Personal Data that we are storing only if we receive a written request to do so from the Client who is responsible for such Personal Data unless we have a legal right to retain such Personal Data. We reserve the right to retain a copy of such data for archiving purposes or to defend our rights in litigation.
10. DATA RETENTION
We only retain PII collected for as long as the User’s account is active or otherwise for a limited period of time for as long as we need it to fulfil the purposes for which it was initially collected for unless otherwise required by law. We will retain and use information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements as follows:
- the contents of closed accounts are deleted within 3 months of the date of closure;
- backups are kept for 3 months;
- accounting information is retained for a period of 7 years in accordance with the Estonian accounting and taxation laws
- information on legal transactions between the Client and Outvio is retained for a period of 10 years in accordance with the general limitation period set for civil claims in the Estonian General Part of the Civil Code Act
Outvio is not responsible for the content or quality of the data contained in Client Data or other information stored on its servers (or its subcontractors’ servers) at the discretion of the Client or User.
Similarly, Outvio is not responsible for the manner in which the Client or User collects, handles disclosure, distributes or otherwise processes such information.
Furthermore, although your privacy is our topmost concern and we are constantly working to keep your data safe, please be aware that no security measures are perfect or impenetrable. We are not responsible for circumvention of any privacy settings or security measures on the Service. Additionally, we cannot control the actions of other users with whom you may choose to share your information. Further, even after information posted on the Service is removed, caching and archiving services may have saved that information, and other users or third parties may have copied or stored the information available on the Service. This is why we cannot and do not guarantee that information you post on or transmit to the Service will not be viewed by unauthorized persons.
You should also contact us immediately if you believe your right to privacy has been infringed upon or that your data has been accessed without permission.
Last update: April 3rd, 2019