Effective date: March 23, 2022
The Policy also describes the choices available to you regarding our use of your personal data and how you can access and update this information. This Policy does not apply to the practices of companies, websites, and services that we do not own or control, or to individuals that we do not employ or manage. Please read this Policy carefully before providing any personal data to us.
1- About us
2- Automatic collection of information
3- Collection of personal data
5- Managing personal data
5- Storing personal data
5- Information disclosure
7- The rights of users
7- How to exercise users’ rights
8- Billing and payments
8- Privacy of children
8- Newsletters and service notices
9- Cookies and targeted advertising
9- Do Not Track signals
9- Links to other websites
9- Information security
10- Data breach
10- Changes and amendments
10- Contacting us
The Website is owned and operated by Plutio LTD having a registered place of business at 4th Floor Silverstream House, Fitzroy Street, London, W1T 6EB, the United Kingdom.
We act in the capacity of a data controller and data processor with regard to the personal data processed through the Website in terms of the applicable data protection laws, including the UK Data Protection Act 2018 and the EU General Data Protection Regulation (GDPR). Our role depends on the specific situation in which your personal data is handled by us, as explained in detail below:
When you visit the Website our servers automatically record information that your browser sends. This data may include information such as your device's IP address, browser type and version, operating system type and version, language preferences or the webpage you were visiting before you came to our Website, pages of our Website that you visit, the time spent on those pages, information you search for on our Website, access times and dates, and other statistics. Information collected automatically is used only to identify potential cases of abuse and establish statistical information regarding Website usage. This statistical information is not otherwise aggregated in such a way that would identify any particular user of the system. In most cases, such information is not considered to be personal data (except for your IP address). The legal basis on which we rely when processing your IP address is ‘pursuing our legitimate business interests’ (i.e., to operate, analyse and protect our Website). We store such data as long as it is necessary for analysing and protecting our Website but no longer than 1 year.
When you use the Website, we collect only a minimal amount of personal data that is used for limited, specified and legitimate purposes explicitly mentioned in this Policy. We do not use your personal data for other purposes that are different from the purposes for which it was provided. Below, you can find an overview of the types of personal data that we collect, the instances in which we do so, the purposes for which we use it, and the legal basis on which we rely when processing your personal data.
Personal data collected directly from you:
When you upload the Content or generate the Content, we process all information that can be found in the Content, including any personal data the Content contains (for example, your clients’ names, contact details, and business information). We process the Content to (i) provide you with the requested services and (ii) perform our other contractual obligations. The legal basis on which we rely is ‘performing a contract with you’. We store such personal data until you stop using the Services.
We may receive information about you from third parties to whom you have previously provided your personal data, if those third parties have a lawful basis for disclosing your personal data to us. For example, if social media login is enabled, we will collect the personal data that your social media provider discloses to us (e.g., your name, email address, and photo). Please note that you can control what personal data is submitted to us by adjusting the privacy settings of your social media service provider. We will use such data as described in the section “User account” above.
We do not collect or have access to any special categories of personal data (“sensitive data”) from you, unless you decide, at your own discretion, to provide such data to us. Sensitive data is information that relates to your health, genetics, biometrics, religious and political beliefs, racial origins, membership of a professional or trade association, sex life, or sexual orientation.
You can choose not to provide us with your personal data when requested, but then you may not be able to take advantage of some of the Website's features. Users who are uncertain about what information is mandatory are welcome to contact us.
You are able to delete or change certain personal data that we have about you. The personal data you can delete may change as the Website or the Services change. When you delete personal data, however, we may maintain a copy of the unrevised personal data in our records if we have a legal basis for doing so. If you would like to delete your personal data or permanently delete your account, you can do so on the settings page of your account on the Website.
We will retain and use your personal data for the period necessary to perform our contractual obligations to you, comply with our legal obligations, resolve disputes, and enforce our agreements, unless a longer retention period is required or permitted by law. For more details on the retention periods applicable to each type of personal data, please refer to section “Collection of personal data” above. We may use any aggregated data derived from or incorporating your personal data after you update or delete it, but not in a manner that would identify you personally. Once the retention period expires, your personal data will be securely deleted. Therefore, the right to access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after the expiration of the retention period.
1) Disclosure to data processors
From time to time, your personal data is disclosed to our service providers with whom we cooperate (our data processors). For example, we share your personal and non-personal data with entities that provide certain technical support services to us, such as database, analytics, and email distribution services. We do not sell your personal data to third parties. The disclosure is limited to the situations when your personal data is required for the following purposes:
• Ensuring the proper operation of the Website;
• Ensuring the delivery of services that you purchase;
• Providing you with the requested information;
• Pursuing our legitimate business interests;
• Enforcing our rights, preventing fraud, and security purposes;
• Carrying out our contractual obligations; or
• If you provide your prior consent to such a disclosure.
2) List of our data processors
3) Disclosure of non-personal data
Your non-personal data may be disclosed to third parties for any purpose. For example, we may share it with prospects or partners for business or research purposes, for improving the Services, responding to lawful requests from public authorities or developing new products and services.
4) Legal requests
If we are contacted by a public authority, we may need to disclose information about you to the extent necessary for pursuing a public interest objective, such as national security or law enforcement.
In case the Website is sold partly or fully, we will provide your personal data to a purchaser or successor entity and request the successor to handle your personal data in line with this Policy. We will notify you of any changes of the data controller.
6) Selling personal data
We do not directly sell your personal data to third parties. However, some of your personal data, including online identifiers (e.g., cookie-generated data and IP addresses) may be used for advertising, marketing, and monetisation purposes (e.g., programmatic advertising, retargeting, third-party marketing, profiling, or cross-device tracking).
7) International transfers
Some of our data processors listed above are located outside the country in which you reside. For example, if you reside in the UK or the European Economic Area (EEA), we may need to transfer your personal data to jurisdictions outside the UK or EEA. In case it is necessary to make such a transfer, we will make sure that the jurisdiction in which the recipient third party is located guarantees an adequate level of protection for your personal data or we conclude a data processing agreement with the respective third party that ensures such protection. We will not transfer your personal data internationally if no appropriate level of protection can be granted.
You may exercise certain rights regarding your personal data processed by us. In particular, you have the right to do the following:
Any requests to exercise User rights can be directed to us through the contact details provided at the end of this Policy. These requests can be exercised free of charge and will be addressed by us as early as possible but no later than 30 days. In order to verify the legitimacy of your request, we may ask you to provide us with an identifying piece of information that allows us to correctly identify you in our system.
If we receive a request from a data subject asking to exercise the data subject’s rights with regard to the Content, we will forward such a request to the respective data controller (our client).
If you would like to launch a complaint about the way in which we process your personal data, we kindly ask you to contact us first and express your concerns. If we receive your complaint, we will investigate it and provide you with our response as soon as possible. If you are not satisfied with the outcome of your complaint, you have the right to lodge a complaint with your local data protection authority.
We do not discriminate against you if you decide to exercise your rights. It means that we do not (i) deny any goods and services, (ii) charge you different prices, (iii) deny any discounts or benefits, (iv) impose penalties, or (v) provide you with lower quality Services.
We use third-party payment processors Stripe and Square to assist us in processing your payment information securely. Such third-party processors' use of your personal data is governed by their respective privacy policies which may or may not contain privacy protections as protective as this Policy. We suggest that you review their respective privacy policies that can be found at https://stripe.com/en-be/privacy-center/legal and https://squareup.com/us/en/legal/general/privacy-no-account.
We do not knowingly collect any personal data from children under the age of 16. If you are under the age of 16, please do not submit any personal data through our Website or Services. We encourage parents and legal guardians to monitor their children's Internet usage and to help enforce this Policy by instructing their children never to provide personal data through our Website or Services without their permission.
If you have reason to believe that a child under the age of 16 has provided personal data to us through our Website or Services, please contact us.
If we have your email address, we may, from time to time, send you a newsletter to keep you updated about the latest developments related to the Services, promotions, and special offers. You will receive our newsletters in the following instances:
You can opt-out from receiving our commercial communication at any time free of charge by clicking on the “unsubscribe” link included in our newsletters or by contacting us directly (our contact details are available in the section “Contacting us” below).
If necessary, we will send you important informational notices, such as confirmation receipts, payment information, technical or administrative emails, and other administrative updates. Please note that such notices are sent on an “if-needed” basis and they do not fall within the scope of commercial communication that may require your prior consent. You cannot opt-out from service-related notices.
Some browsers incorporate a Do Not Track feature that signals to websites you visit that you do not want to have your online activity tracked. Tracking is not the same as using or collecting information in connection with a website. For these purposes, tracking refers to collecting personal data from consumers who use or visit a website or online service as they move across different websites over time. Our Website does not track its visitors over time and across third-party websites. However, some third party sites may keep track of your browsing activities when they serve you content, which enables them to tailor what they present to you.
Our Website contains links to other websites that are not owned or controlled by us. Please be aware that we are not responsible for the privacy practices of such other websites or third parties. We encourage you to be aware when you leave our Website and to read the privacy statements of each and every website that may collect personal data.
We secure information you provide on computer servers in a controlled, secure environment, protected from unauthorised access, use, or disclosure. We maintain reasonable administrative, technical, and physical safeguards in an effort to protect against unauthorised access, use, modification, and disclosure of personal data in our control and custody. We implement the following security measures: secured networks; use of virtual private networks (VPN); encryption; SSL protocol; secured calls; strong passwords; limited access to your personal data by our staff; anonymisation of personal data (when possible); and carefully selected data processors.
However, no data transmission over the Internet or wireless network can be guaranteed. Therefore, while we strive to protect your personal data, you acknowledge that (i) there are security and privacy limitations of the Internet which are beyond our control; (ii) the security, integrity, and privacy of any and all information and data exchanged between you and our Website cannot be guaranteed; and (iii) any such information and data may be viewed or tampered with in transit by a third-party, despite best efforts.
In the event we become aware that the security of the Website has been compromised or users personal data has been disclosed to unrelated third parties as a result of external activity, including, but not limited to, security attacks or fraud, we reserve the right to take reasonably appropriate measures, including, but not limited to, investigation and reporting, as well as notification to and cooperation with law enforcement authorities. In the event of a data breach, we will make reasonable efforts to notify affected individuals if we believe that there is a reasonable risk of harm to the user as a result of the breach or if notice is otherwise required by law. When we do, we will post a notice on the Website and send you an email.
We may update this Policy from time to time in our discretion and will notify you of any material changes to the way in which we treat personal data. When changes are made, we will revise the updated date at the top of this page. We may also provide notice to you in other ways at our discretion, such as through contact information you have provided. Any updated version of this Policy will be effective immediately upon the posting of the revised Policy unless otherwise specified. Your continued use of the Website or Services after the effective date of the revised Policy (or such other act specified at that time) will constitute your consent to those changes. However, we will not, without your consent, use your personal data in a manner materially different than what was stated at the time your personal data was collected.
If you would like to contact us to understand more about this Policy or wish to contact us concerning any matter relating to individual rights and your personal data, you may use the following contact details:
Email address: email@example.com
Postal address: Plutio LTD, 4th Floor Silverstream House, Fitzroy Street, London, W1T 6EB, United Kingdom