Effective Date: April 25th, 2018
GDPR Readiness Statement
Sciolytix is committed to your privacy, keeping your personal data secure, and compliance with the General Data Protection Regulation (GDPR) which goes into effect on May 25th, 2018.
The GDPR is a regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify the personal data protection rights of all individuals residing in the European Union (EU). The GDPR also governs how the personal data of EU residents can be transferred and processed both within and outside the EU. The GDPR gives EU residents specific rights concerning the collection, processing, and storage of their personal data and aims to simplify the regulatory environment which governs how international business is conducted with regard to management of an EU resident’s personal data. Upon implementation, the GDPR has replaced Directive 95/46/EC.
Sciolytix is actively working to ensure our processes and systems meet the rigorous requirements of the GDPR and aims for full compliance on or before the effectual date. We understand that our customers may have questions regarding the terms of the GDPR and as such we have prepared this statement to assist you in your pursuit of understanding. You can access and review the entire legislation at the following link: https://data.consilium.europa.eu/doc/document/ST-5419-2016-INIT/en/pdf
Information we may collect about you
We may collect and process the following data about you,
Information you give us. You may give us information about you by filling in forms on our Site or by corresponding with us by phone, e-mail or otherwise. This includes information you provide when you register to use our Site, apps or services, place an order on our Site, subscribe to our services or newsletter, take part in a demonstration, place a support request, search for a product, participate in discussion boards or other social media functions on our Site, enter a competition, promotion or survey, register for and participate in a course, and when you report a problem with our Site. The information you give us may include your name, address, e-mail address and phone number, financial and credit card information, personal description and photograph.
Information we collect about you. With regard to each of your visits to our Site we may automatically collect the following information:
- technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
- information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our Site (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our corporation, employees and/or organizational entities.
Information we receive from other sources. We may receive information about you if you use any of the other websites we operate or the other services we provide. In this case we will have informed you when we collected that data that it may be shared internally and combined with data collected on this Site. We are also working closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies) and may receive information about you from them.
EU-U.S. Privacy Shield
Sciolytix participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework. Sciolytix is committed to subjecting all personal data received from European Union (EU) member countries, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List available at: https://www.privacyshield.gov/list
Sciolytix is responsible for the processing of personal data it receives, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. DigitalChalk complies with the Privacy Shield Principles for all onward transfers of personal data from the EU, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Framework, Sciolytix is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Sciolytix may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at: https://feedback-form.truste.com/watchdog/request
Under certain conditions, more fully described on the Privacy Shield website at: https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint , you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
We use persistent cookies and session cookies on our Site. We use persistent cookies to save your login information for future logins to the Site. We use session cookies to enable certain features of the Site, to better understand how you interact with the Site and to monitor aggregate usage by users and web traffic routing on the Site. Unlike persistent cookies, session cookies are deleted from your computer when you log off from the Site and then close your browser.
The table below explains the cookies we use and why we use each of them.
You can set up your browser options, to stop your computer accepting cookies or to prompt you before accepting a cookie from the websites you visit. If you do not accept cookies, however, you may not be able to use the whole of the Site or all functionality of the services. To find out more about cookies, including how to see what cookies have been set, how to manage and delete them, visit: https://www.aboutcookies.org or https://www.allaboutcookies.org. To opt out of being tracked by Google Analytics across all websites visit https://tools.google.com/dlpage/gaoptout or by visiting the Network Advertising Initiative Opt Out page.
How is my personal data used?
We may use any personal data held about you in the following ways,
Information you give to us. We will use this personal data to:
- fulfill your requests for products, services or information;
- carry out our obligations arising from any contracts entered into between you and us for example to provide customer services;
- provide you with information about other goods and services we offer that are similar to those that you have already purchased or enquired about;
- improve the effectiveness of our websites, our marketing endeavours and our services or offers;
- notify you about changess to our service;
- ensure that content from our Site is presented in the most effective manner for you and your computer;
- conduct research and analysis;
- provide you with information about goods or services we feel may interest you. If you are an existing customer, we will only contact you by electronic means (e-mail or SMS) with information about goods and services similar to those which were the subject of a previous sale or negotiations of a sale to you. If you are a new customer we will contact you by electronic means only if you have consented to this. If you do not want us to use your data in this way please tick the relevant box situated on the form on which we collect your personal data.
Please note you always have the ability to opt-out of receiving future marketing communications from us. To opt-out of receiving marketing communications from us, you should follow the directions in the marketing e-mail or direct mail marketing communication from us. Please note that even though you may have opted out of receiving marketing communications, you may still receive business-related communications such as order confirmations, product recall information or updates or other organisational related communications.
Information we collect about you. We will use this information to:
- administer our Site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- improve our Site to ensure that content is presented in the most effective manner for you and your computer;
- allow you to participate in interactive features of our service, when you choose to do so;
- take measures to keep our Site safe and secure;
- measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you;
- make suggestions and recommendations to you and other users of our Site about goods or services that may interest you or them.
Information we receive from other sources. We may combine this information with personal data you give to us and personal data we collect about you. We may use this personal data and the combined information for the purposes set out above (depending on the types of information we receive).
Disclosure of your personal data
We do not sell, trade, rent or otherwise transfer your personal data to third parties. We may, however, share your personal data with selected third parties including:
- any member of our group, which means our subsidiaries, our ultimate holding company or its subsidiaries;
- business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you;
- advertisers and advertising networks that require the data to select and serve relevant adverts to you and others. We do not disclose information about identifiable individuals to our advertisers, but we may provide them with aggregate information about our users (for example, we may inform them that 250 women aged under 40 have clicked on their advertisement on any given day). We may also use such aggregate information to help advertisers reach the kind of audience they want to target (for example, women working in Barcelona). We may make use of the personal data we have collected from you to enable us to comply with our advertisers’ wishes by displaying their advertisement to that target audience;
- analytics and search engine providers that assist us in the improvement and optimisation of our Site;
- credit reference agencies for the purpose of assessing your credit score where this is a condition of us entering into a contract with you;
- conducting research, analysis or administering surveys;
- sending regular mail and email on our behalf ;
- processing credit card payments
Information we disclose to third parties. We may disclose your personal data to third parties:
- in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
- if Sciolytix or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
- if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our EULA and/or any other agreements; or to protect our rights, property, safety, our customers or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
Where we store your personal data
The personal data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers or partners. Such staff or subcontractors maybe engaged in, among other things, the fulfilment of your order, the processing of your payment details or the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing outside of the EEA.
Our Site is accessible via the internet and may potentially be accessed by anyone around the world. Other users may access the Site from outside the EEA. This means that where you chose to post your data on our Site, it could be accessed from anywhere around the world and therefore a transfer of your data outside of the EEA may be deemed to have occurred. You consent to such transfer of your data for and by way of this purpose.
Protection of personal data
We have implemented technical, physical and administrative security measures to help protect against the loss, theft, misuse and unauthorised access of personal data that we may collect from you, or that you provide to us. Our Site is scanned on a regular basis for known vulnerabilities including regular malware scanning. Your personal data is contained behind secured networks and is only accessible by a limited number of persons who have authorised access to such systems, and are required to keep the information confidential.
We have taken numerous steps to ensure that personal data is processed confidentially, accurately and securely. The Site use encryption technology, such as Secure Sockets Layer (SSL), to protect your personal data during data transport. SSL encrypts ordering information such as your name, address and credit card number. Additionally, all financial transactions are processed through a gateway provider and are not stored or processed on our servers.
Unfortunately, the transmission of information via the Internet is not completely secure. Although we will endeavour to protect your personal data, we cannot guarantee the security of your data transmitted to our Site. Any transmission is at your own risk.
When you create an online account on the Site, you need to select a personal password. To maximise your level of protection, you should choose at least 8-30 characters including a combination of numbers, letters and varying case. You are solely responsible for keeping your password or any account information confidential We ask you not to share any password with anyone.
Security breach notification
We shall give notice to each Organization Administrator when the organization’s user personal data was, or it is reasonably believed to have been, inappropriately accessed as a result of a security breach. Said notice shall be made immediately upon confirmed discovery of the breach and the time necessary such as to allow us to determine the scope of the breach, to identify organizations and individuals affected by the breach, and to restore reasonable integrity of the data system that was breached.
If a federal, state, or local law enforcement agency determines that notice to organizations required under this policy would interfere with a criminal investigation, the notice shall be delayed upon the written request of the law enforcement agency for a specified period that the law enforcement agency determines is reasonably necessary. A law enforcement agency may, by a subsequent written request, revoke such delay as of a specified date or extend the period set forth in the original request made under this paragraph to a specified date if further delay is necessary. Notice to the affected organizations is not required if, after an appropriate investigation and consultation with relevant federal, state, or local law enforcement that it is reasonable to believe no user personal data was accessed by unauthorized individuals.
Links to other Websites
Our Site may, from time to time, contain links to and from the websites of our partner networks, subsidiaries and group companies, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
You have the right under the Act, free of charge, to request:
access to your personal data;
- rectification or deletion of your personal data;
- a restriction on the processing of your personal data;
- object to the processing of your personal data;
- a transfer of your personal data (data portability).
Where we process your personal data for marketing purposes, we will inform you and obtain your opt in consent (before collecting your personal data) if we intend to use your personal data for such purposes or if we intend to disclose your information to any third party for such purposes. If you change your mind about being contacted in the future, please click on the opt out options and we will remove you from our mailing lists.
We send push notifications from time to time in order to update you about any service updates, events and promotions we may be running. If you no longer wish to receive these communications, please disable these in the settings on your device.
We retain personal data for as long as necessary for the relevant activity for which it was provided or collected. This will be for as long as we provide access to the Site to you, your account with us remains active or open, or any period set out in any relevant contract you have with us. However, we may keep some data after your account is closed or you cease using the Site for the purposes set out below.
After you have closed your account, or ceased using the Site for a period of at least 6 months, we usually delete personal data, however we may retain personal data where reasonably necessary to comply with our legal obligations (including law enforcement requests), meet regulatory requirements, maintain security, prevent fraud and abuse, resolve disputes, enforce our EULA, or fulfil your request to “unsubscribe” from further messages from us.
We will retain de-personalised information after your account has been closed.
Please note: After you have closed your account or deleted information from your account, any information you have shared with others will remain visible. We do not control data that other users may have copied from the Site. Your profile may continue to be displayed in the services of others (e.g. search engine results) until they refresh their cache.
Online behavioural advertising and profiling
Please note that we collect personal data on our Site for the above purposes. If you wish to opt out of such data use click here, or if located outside the European Union click here. Please note you will continue to receive generic ads. These third-party sites have separate and independent privacy policies of which you are encouraged to review. We therefore have no responsibility or liability for the content and activities of these linked sites.
Age of users
This Site is not intended for and shall not be used by anyone under the age of 16 unless express permission is granted by the user’s parent or legal guardian.
- By telephone the following number:
- By email: firstname.lastname@example.org
- By post: Sciolytix Attn: Privacy Matters, 450 Lexington Ave, 4th Floor, NY, NY 10017 USA
After receiving your inquiry, we will respond within 10 business days.
Info on this page
- Information we may collect about you
- EU-U.S. Privacy Shield
- How is my personal data used?
- Disclosure of your personal data
- Where we store your personal data
- Protection of personal data
- Security breach notification
- Links to other Websites
- Your rights
- Data retention
- Online behavioral advertising and profiling
- Age of users