18th of June 2020
Besedo Ltd. (the ‘Operator’), a private limited liability company registered under the laws of Malta with company number C 43619, having its registered address situated at Suite 7, The Landmark, Triq l-Iljun, Qormi, Malta, is committed to protecting each visitor’s (‘Your’) personal data and information and comply with the General Data Protection Regulation and any applicable supplementary data protection legislation (‘Applicable Law’). The Operator strives for its services to be safe and enjoyable for everyone, and this Policy aims to help You understand what information the Operator might collect about You and how the Operator makes use of such information when You visit www.besedo.com including any of its sub-domains (Excluding Implio which is hosted on implio.com) and links hereon (the ‘Website’) and when accessing or using any service offered by the Operator through the Website, or which is available for download through third-party applications (‘Services’).
Any personal data that is provided to or gathered by the Operator through the use of the Website is controlled by the Operator, thereby acting as the data controller in terms of Applicable Law. The Operator is thus responsible for the collection and processing of personal data from the Website and ensures that Your personal data is processed fairly, lawfully, in accordance with good practice and collected only for specific purposes which are known and accepted by You when You make use of the Website and Services. The Operator seeks to adopt the best practices when it comes to the principles of personal data processing and email communication with You. This is in place in order to assure You that Your personal data is, at all times:
(i) processed in accordance with Your rights, in a fair and lawful manner;
(ii) obtained only for specific and lawful purposes;
(iii) adequate, relevant, and not excessive to its purpose;
(iv) kept in an accurate and updated form;
(v) stored securely; and
(vi) not kept longer than is necessary for the purpose.
2. When and what personal data is gathered
The Operator gathers and processes Your personal data in several situations, such as when You (i) visit the Webpage, (ii) request support or have questions, and/or (iii) participate in a survey. In the table provided below, the purposes for which the Operator processes personal data in connection to the Webpage is listed. The information gathered normally consists of contact information such as names, telephone numbers, addresses and/or e-mail addresses. It may also be technical information such as IP addresses, geolocation data, the type of browser You use.
Where personal data is gathered directly from You, the Operator will provide information on which personal data that is mandatory in order for the Operator to be able to fulfill its part of the agreement, e.g. to respond to queries.
3. Why and for how long personal data is processed and the legal basis therefor
The processing of personal data is permissible only where there is a specific purpose for the processing and an applicable so-called “legal basis”. Furthermore, the processing of personal data is permissible only during a limited period of time. The Operator will only process Your personal data for the purposes set forth below and at no time for any purpose which is incompatible with those purposes. Furthermore, the Operator will only process Your personal data for the period of time set forth in the column to the right in the table below. Please note that the Operator may be compelled to deviate from the time limits in the table in cases in which the Operator must process Your personal data in order to comply with applicable legislation. In such cases, however, the Operator will only process Your personal data to the extent such laws so require or make it necessary for the Operator to do so.
|Processing||Legal Basis||Storage Time|
|Customer service correspondence|
|If You forward any queries to the Operator, personal data may be retained by the Operator for customer service purposes, to keep records of the Operator’s relationship with You, to measure and improve customer service, and to investigate potential fraud and violations of the Operator’s terms and conditions.||Fulfillment of the Operator’s obligations towards You or, to the extent no agreement exists, the Operator’s legitimate interest to improve its business and investigate frauds and term violations.||The Operator stores its records of customer service correspondence for up to 1 year.|
|The Operator may obtain contact details for electronic mail in relation to the sale of its products or its Services and therefore may use such details for direct marketing of its own similar products or services. In all correspondence, You will have the opportunity to unsubscribe from receiving direct marketing free of charge.||The Operator’s legitimate interest to conduct direct marketing to potential and existing customers.||If You have subscribed to the Operator’s e-mail send-outs, the Operator will keep your personal data until you unsubscribe. In all other cases records will be kept until legitimate interest has been disproven.|
|Surveys and questionnaires|
|The Operator may, from time to time, offer optional questionnaires and surveys for such purposes as market research, collection of demographic information or assessing Your interests and needs. The use of the information collected in such surveys will be explained in detail in the survey itself. If personal data is collected from You, and if the survey or questionnaire is not anonymous, You will be given notice of how the information will be used prior to Your participation in the survey or questionnaire.||The Operator’s legitimate interest to improve its business processes and to provide the customer with the most relevant Services.||To the extent survey or questionnaire results include personal data, such personal data is erased after 1 year.|
|Personalization, website traffic information and security.|
|The information gathered by the Operator helps the Operator personalize and continually improve the experience on the Website and the Services provided to You, understand the Website’s users and to manage the load on servers. The Operator uses the information to improve the Website infrastructure and Services that are offered, and to prevent or detect fraud or abuses. This may include information on the pages of the Operator’s Website that You visit, including, but not limited to, IP addresses, geolocation data, the type of browser You use, details of any links which direct You to the Website and the times You access the Operator’s Website.||The Customer’s legitimate interest to improve Your browsing experience. To the extent cookies are used for this purpose, Your consent is gathered in accordance with applicable cookie legislation.||Most settings will apply until You change or disable them. With regard to cookies, please see the more detailed information below.|
4. Personal Data Security
Your personal data which is stored at the Operator may only be accessed by the Operator’s employees as well as the affiliates of the Operator in possession of the required clearance. All persons who have access to such personal data are required to comply with the terms of this Policy and are contractually obliged to keep such information strictly confidential even after appointment within the Operator has been terminated.
The Operator is committed to implement adequate organisational and technical security measures to protect Your personal data from illegal or accidental access, destruction, alteration, blocking, copying, distribution, as well as other illegal actions from third parties.
5. Shared Information
Information about You and other users is an important part of the Operator’s business and the Operator is not in the business of selling it to third parties. The Operator may however be required to release personal information when it is believed by the Operator that the release is appropriate or necessary to comply with the law or an enforcement order, to enforce or apply the Operator’s agreements or to protect the rights, property or safety of the Operator, the Operator’s users or third-parties, including for fraud protection and credit risk. This excludes selling, renting, sharing or otherwise disclosing Your personal data for commercial purposes in a way that is contrary to the commitments made in this Policy.
To ensure proper provision of Services, the Operator may transfer Your personal data to third parties that provide hosting services, services related to the sending of emails and similar service providers. These third parties have the right to use the received personal data for the sole purpose of providing the Services to You and are bound by the terms of this Policy and by other agreements that ensure the proper use of Your personal data which is furnished.
The Operator may further transfer Your personal data to any affiliates of the Operator for the purpose of appropriate and high-quality provision and improvement of the Website and the Services and for the performance of the Services and this Policy.
Other than as set out above, You will receive notice when information about You might be transferred to third parties and You will have an opportunity to choose not to share such information.
The Operator will only transfer personal data to a country outside the EU/EEA (a so-called “third country”) if such third country has an adequate level of personal data protection, or if such transfer is required for conclusion or performance of any Service requested by You, in accordance with the Applicable Law. Where none of the aforementioned applies, such transfer will normally be based on the EU Commission’s standard model clauses for such transfers. You may find them here.
6. Links to Third-Party Web Sites
The Website and Services may include third-party advertising and links to other websites and/ or services. The Operator does not provide any personally identifiable customer information to these advertisers or third-party linked websites who work on their own behalf. The Operator does not have access to or control over cookies or other features that they may make use of, and their information practices are not covered by this Policy.
If you do not wish to allow cookies, you can change the settings in your web browser, e.g. so that you are notified each time a cookie is installed. In this way you can determine on a case-by-case basis whether a cookie will be accepted. Please note that refusal of a cookie may impair your experience. The “Help” or “FAQs” on the menu bar of most browsers will explain how to prevent Your browser from accepting new cookies, how to have the browser notify You when You receive a new cookie and how to disable cookies altogether. Additionally, You can disable or delete data used by browser add-ons by amending the add-on settings. Normally, You can also view the current cookies that are being in your browser settings.
There are two types of cookies: permanent cookies and session cookies. A permanent cookie remains on Your computer for a specified period of time. These are used to improve the Website and or Services by receiving statistics related to how You use the site, such as which articles are read and how You move in navigation. The statistics can also be about You, Your interests or Your Internet device (computer, tablet or mobile), and is mainly used for the well-functioning of the Website and/or Services that You expect.
A session cookie is temporarily stored in Your computer’s memory while You are browsing the Website and/or making use of the Services. Session cookies disappear when You close Your browser. The Website and/or Services make use of session cookies to handle the information You provide when You make use of the Website and/or Services.
To be transparent, the Operator has below summarized the cookies used on the Operator’s website.
|Supplier||Type||Purpose||Storage time||Stored data||Sharing|
|Hotjar||Permanent||Conducting research and diagnostics to improve the Operator’s content, products and services.||1 year||User behavior||https://slash.digital/|
|Google Analytics||Permanent||Conducting research and diagnostics to improve the Operator’s content, products and services.||2 years||User behavior||https://slash.digital/|
|Hubspot||Permanent||Keeping track of Your specified preferences and conducting research and diagnostics to improve the Operator’s content, products and services.||13 months||User behavior, device and IP|
|Intercom||Permanent||Conducting research and diagnostics to improve the Operator’s content, products and services.||9 months||User behavior, device and IP||https://hubspot.com|
8. Your Rights
Under Applicable Law, You are entitled to the following rights. Please note that all the rights are not unconditional. Therefore, an attempt to invoke one of the following rights might not lead to an action from the Operator. In addition to these rights, You may also lodge a complaint with the data protection supervisory authority.
- The right to access. You may at any time request to access Your personal data. Upon request, the Operator will provide a copy of Your personal data in a commonly used electronic form.
- The right to rectification. You are entitled to obtain rectification of inaccurate personal data and to have incomplete personal data completed.
- The right to erasure (“right to be forgotten”). Under certain circumstances, You may request the Operator to delete Your personal data. Please note that this right is not unconditional. Therefore, an attempt to invoke the right might not lead to an action from the Operator.
- The right to object. You are entitled to object to certain processing activities conducted by the Operator in relation to Your personal data, such as the Operator’s processing of the personal data based on the Operator’s legitimate interest. The right to object also applies to processing of Your personal data for direct marketing purposes.
- The right to restriction of processing. You may under certain circumstances request that the Operator restricts the processing of Your personal data.
- The right to data portability. You are entitled to receive the personal data (or have the personal data directly transmitted to another data controller) in a structured, commonly used and machine-readable format.
Most of the personal data processing carried out on the Website is entirely voluntary and so is allowing cookies. You are therefore not obliged to provide personal data or enable cookies. Please note however that some functionality on the Website or in the Services may require or function more smoothly if You provide Your personal data or allow cookies.
9. Notices and Revisions
If You have any concern about Your privacy, You are kindly requested to forward an e-mail to the Operator on firstname.lastname@example.org containing a detailed description of Your concerns. The Operator will do its best to resolve such issues within a reasonable time.
The Operator’s business changes constantly and the Policy will thereby also change to take account of the new changes in the Website and Services. The Operator will provide notice by e-mail containing reminders of notices and updates, unless You have instructed it not to.
Last updated: 2020-06-18