Offcanvas
  • Home
  • About us
  • Protection
  • Fintech
  • Business and commerce
  • Contacts

Privacy Policy

  1. Home
  2. »
  3. Privacy Policy

PRIVACY POLICY

CP CARD LTD
Identification Number: 13142561
Registration Date: 19.01.2021

1 PREAMBLE

1.1 This Privacy Policy (hereinafter referred to as the “Policy”) applies to the relationship between Squirrel Limited Liability Company (hereinafter referred to as the “Controller”) and individuals (hereinafter referred to as the “Data Subject”) after they fill out the feedback form. on the Controller’s website: https://squirrel-pay.com/ (hereinafter referred to as the “Website”).

1.2 The Policy applies to personal data that the Controller receives about the Data Subject during his or her use of the Website and the purchase of the Controller's services.

1.3 A comprehensive list of personal data about the Data Subject (hereinafter referred to as “personal data”) collected and used by the Controller is given in Article 2 of the Policy.

1.4 The current version of the Policy is available on the Website:

https://squirrel-pay.com/privacy_policy_eng/

2 PERSONAL DATA COLLECTED AND USED BY THE CONTROLLER

2.1 Categories of personal data collected and used:

— First name, patronymic and last name;

- E-mail address;

- Cell phone number;

- Cookie.

2.2 Personal data is provided by the Data Subject independently when filling out the feedback form on the Site.

2.3 The Policy is applicable only if the data collection was carried out during the Data Subject's interaction with the user interface posted on the Site. The Controller does not control and is not responsible for third party websites that the Data Subject can access through links available on the Controller's website. The Controller is not responsible for information that may be collected or requested, or for other activities of the Data Subject on third party websites.

2.4 The Administrator does not check the accuracy of personal data about the name, patronymic, surname and other information provided by the Data Subject. At the same time, the Controller assumes that the Data Subject provides reliable and sufficient information about himself and keeps this information up to date.

3 PURPOSE OF PROCESSING PERSONAL DATA

3.1 The Controller collects and uses personal data for the following purposes:

– providing feedback to the Data subject, including sending notifications, requests and information related to the Website, as well as managing requests from the Data subject;

– provision of services to the Data Subject;

– conclusion of an agreement for the provision of services between the Controller and the Data Subject, execution of the agreement;

— improving the quality of services provided to the Data Subject, ease of use, conducting statistical and other studies based on anonymous data;

– informing about new offers, advertising and promotional materials (marketing) through electronic messages such as email.

3.2 When processing personal data, the Controller is guided by Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR). The processing of personal data is based on the following principles:

— legality, fairness and transparency;

— goal limitation;

— data minimization;

- accuracy;

— storage limitation;

— integrity and confidentiality

4 STORAGE PERIOD

4.1 Personal data is used by the Controller for one year.

4.2 The controller deletes personal data after expiration of the storage period described above or when the data subject requests us to erase the personal data.

4.3 LAWFUL GROUNDS FOR PROCESSING

4.3.1 The controller processes personal data to pursue its legitimate interest in conducting, maintaining and developing its business.

4.3.2 The controller processes personal data to fulfill its legal obligations.

5 RIGHTS OF THE DATA SUBJECT

5.1 The Data Subject has the right:

– obtain confirmation of the existence of personal data, gain access to their contents and obtain a copy, including the right to lodge a complaint with a supervisory authority (right of access);

– update, change and/or correct personal data (right to rectification);

- demand the deletion of personal data or restriction of data processing in cases provided for in the Regulations, including if the data was processed in violation of the law or if storage is not necessary for the purposes for which the data were collected or otherwise processed (right to erasure and right to to restriction);

– object to the processing of personal data at any time (right to object);

– withdraw the consent of the Data subject, if given, at any time and without prejudice to the lawfulness of processing based on the consent given before the withdrawal (right to withdraw consent);

5.2 obtain a copy of the data provided by the Data subject in a structured, commonly used and machine-readable format and request the transfer of such data to another data controller, if technically possible (right to data portability).

5.3 The Data Subject may exercise the Data Subject's rights at any time by writing to the email address provided in Article 10 below with the words "PRIVACY POLICY" in the subject line. The letter must include the following information:

– first name, patronymic and last name;

- E-mail address;

- Mobile phone number;

– relationship and/or interaction of the Data Subject with the Controller (depending on the circumstances);

– specifics of the information that the data subject would like to provide to the Controller or the data subject would like the Controller to take action.

5.4 The Controller may request additional information necessary to confirm the identity of the Data subject.

7 RESPONSIBILITIES OF THE CONTROLLER

7.1 The Controller undertakes:

– demonstrate that the processing it carries out or has carried out complies with the Regulation (accountability principle);

– ensure that data protection principles and appropriate security measures are taken into account/implemented during the planning stage of processing activities and the implementation stage of any new service (data protection by design and by default);

– keep detailed records of processing operations, which can be made available at any time to the supervisory authority, and cooperate with it;

– establish technical and organizational measures to ensure the security of processing, such as pseudonymization and data encryption;

– notify the competent supervisory authority without undue delay of any violations that may jeopardize the rights and freedoms of individuals;

– provide the Data Subject with information regarding the processing of personal data at the Data Subject’s request within two weeks.

8 PROTECTION OF PERSONAL DATA

8.1 The administrator takes necessary and sufficient organizational and technical measures to protect personal data from unauthorized or accidental access, destruction, modification, blocking, copying, distribution, as well as from other unlawful actions of third parties.

9 CHANGES TO THE PRIVACY POLICY

9.1 The administrator has the right to make changes to the Policy. When changes are made, the date of the last update is indicated in the latest version. The new version of the Policy comes into force from the date of its renewal and posting on the Company’s website, unless otherwise provided by the new version of the Policy.

9.2 Continued use of the Site by the Data Subject after any changes to the Policy constitutes the Data Subject’s consent to such changes and/or additions. The Data Subject agrees to regularly review the contents of the Policy in order to be aware of its changes.

CONTROL AND RESPONSIBILITY FOR DATA PROTECTION

 

10.1 The Data Protection Officer (“DPO”) is Max Levi. He is responsible for monitoring the Controller's compliance with the GDPR and for informing and advising the Controller of his obligations regarding the processing of personal data. The DPO can be contacted at the following email address: info@squirrel-pay.com.