Tailor Brands Privacy Policy

Last Updated: June 28, 2023.

We, at Tailor Brands Ltd., together with our affiliated companies (collectively: “Tailor Brands”, “we”, “us”, or “our”) put great efforts to make sure that we secure personal data related to you and use it properly.

We offer our customers an online platform that helps them to develop, launch, and manage their business. Our platform creates actions for our customers based on their business needs. As such, our services may include, without limitation, logo design and branding capabilities, online presence (such as domain names and websites) and business mailbox, formation, and the ability to manage compliance aspects, submit trademark applications, and engage with our experts to access premium features, all as further provided on our website (collectively, our “Services”).

This policy applies when we process personal data related to you when you visit our website, use our Services, become our affiliate, or contact us.

Note that you are not legally obligated to provide us with any personal data. However, if you consent to this policy, the use of personal data related to you will be in accordance with the provisions herein.

If you give us personal data about someone else through use of our Services, you must do so only with that person’s express authorization. You must inform them how we collect, use, disclose, and retain personal data related to them according to this policy before you provide us with such personal data.

The term “personal data” refers to information that identifies an individual or relates to an identifiable individual. For example, personal data related to you is your name, email address, and phone number.

The summary of this policy will give you a quick and clear view of our practices. Please take the time to read our full policy. If you do not agree to this policy, please do not access or use our website and Services.

Summary

What Types of Personal Data Do We Process?

 

We receive, collect, and store any information you provide via our Services or give us in any other way. For example, when you visit our website, use our Services, or contact us, we receive different types of information related to you, such as your name, job title, email address, physical address, zip code, and phone number. 

What Do We Do with Personal Data?

 

We maintain our Services, make them better and continue developing them, and protect them from misuse and law violations. 

With Whom Do We Share Personal Data?

 

We engage with service providers and business partners who have access to personal data, for example, to send email messages and provide our Services. We also share personal data with our affiliate entities. 

Disclosure of Personal Data to Authorities

 

We will obey orders and other lawful requirements by authorities to disclose information. 

Aggregated and Analytical Information

 

We use standard analytics tools. We process anonymous, statistical, or aggregated information and will share it with our affiliates for legitimate business purposes. 

Your Choice

 

You can opt out from our mailing lists and terminate your use of our Services. You can also request to exercise your privacy rights under applicable law by contacting us. 

Your EU Data Subject Rights

 

If we process personal data related to you when you are in the EU, further terms apply to our processing in relation to your rights as a data subject under EU data protection laws. 

Specific Provisions for US Residents

 

If you reside in the US, further terms apply to our processing in relation to your rights as a data subject under US state privacy laws. 

Brazilian Privacy Rights

 

If the Brazilian General Data Privacy Law (Lei Geral de Proteção de Dados Pessoais; the “LGPD“) applies to our processing of personal data related to you, further terms apply to our processing in relation to your rights as a data subject under the LGPD. 

Personal Data Retention

 

We retain personal data to maintain and improve our Services and for legitimate and lawful purposes. We will keep aggregated non-identifiable information without limitation. 

Transfer of Data Outside Your Territory

 

We keep personal data related to you in Israel, the US, the UK, the EU, and other sites, at our discretion. Our service providers provide us adequate security and confidentiality commitments. 

Information Security

 

We implement systems, applications, and procedures to secure personal data, to minimize the risks of theft, damage, loss of information, or unauthorized access or use of information. 

Updates to this Privacy Policy

 

From time to time, we update this policy to comply with applicable law and to reflect changes to our processing practices in relation to personal data. 

Contact Us

 

If you have questions or comments about this policy, please contact us at: [email protected]

1. What Types of Personal Data Do We Process?

1.1. We receive, collect, and store any information you provide via our Services or give us in any other way.

1.2. For example, when you visit our website, use our Services, or contact us, we receive different types of information related to you, such as:

1.2.1. Your name, email address, physical address, zip code, and phone number.

1.2.2. Your job title, personal skills, and fields of expertise.

1.2.3. Your social security numbers (where appliable to the Services).

1.2.4. Your financial transactions, such as payment details (for example, your credit card number and its expiration date, billing address, etc.), shipping and contact details, and business preferences.

1.2.5. Your financial status (where appliable to the Services).

1.2.6. Your experience with the Services, based on your answers to us as part of our user research activities (such as our surveys and interviews).

1.3. Note that when you contact us via our website or Services or give us your feedback about our website or Services, we collect any information you choose to share with us.

1.3.1. We use your email address to send out account-related and promotional emails. The emails are sent by third-party providers with whom we share your name and email address. Similarly, we use your phone number to contact you regarding account-related and promotional information (where permitted). To do so, we use our third-party providers with whom we (i) share your phone number to call you or send you SMS; and (ii) record calls to improve your experience with our Services.

1.3.2. You may register for our mailing list to receive updates and marketing materials. You can opt-out from the list by simply clicking on the “unsubscribe” request written in the received email message.

1.4. Marketing and Business Development; Sales; Finance; Business Operations

1.4.1. As part of our marketing and business development, sales, finance, and business operations efforts, we collect different types of personal data, including –

1.4.1.1. Information about your use of our website, Services, and our business partners, including how you use our Services to help us improve them. Examples of such information we collect and analyze include the Internet Protocol (IP) address used to connect your device to the Internet; login; email address; password; access device and connection information such as browser type, version, and time zone setting, browser plug-in types and versions, operating system and platform, referral links, geo-locations, and clickstream data.

1.4.1.2. Information about whether you want to receive marketing communications from us and what your communication preferences are.

1.4.1.3. Information on how you interact with any of our emails or other communications, including if you have opened and engaged with such communications.

1.4.1.4. Information we get from third parties, including our business partners, service providers, and publicly available information.

1.4.1.5. Information about training or the services we provide to you or to our customers.

1.4.1.6. Information we collect to deliver support to our customers, including ticketing information and details of the support request.

1.4.1.7. Information we obtain from you to improve our Services.

1.4.1.8. Information captured by our cameras if you visit any of our premises and other types of information that we collect to ensure our premises remain safe and secure.

1.4.2. In addition, we can record calls, correspondence, and other communication channels, including screen capture, for compliance, quality, and training purposes.

1.4.3. We provide services to customers, some of them are legal entities such as LLCs, and work with corporations, as part of our affiliation program and marketing activities. If you are an owner, employee, or representative of these types of corporations who is involved in some aspect in the relationship we have with these corporations, we will collect:

1.4.3.1. Information about you, such as your name, address, email address, job title, and phone number so we can deliver our Services and promote them, provide proposals during a sales cycle, manage customer accounts, and process and fulfil orders.

1.5. Minors.

1.5.1. Our website and Services are not intended for or directed toward individuals under the age of 18 (for the purpose of this policy: “Minors”). If you are a Minor, you do not have authorization or permission to access or use our website and Services.

1.5.2. We do not knowingly collect personal data from Minors.

1.5.3. We reserve the right to request proof of age, via a recognized identification method, at any stage so that we can verify that Minors are not using our Services without appropriate consent. In the event that it comes to our knowledge that a Minor is using our Services, we will prohibit and block the individual from accessing our Services until the individual’s guardian consents to the use of our Services.

1.6. Cookies. Like many websites, we also use cookies and similar tracking technologies to obtain information when your browser accesses our website. For further information on cookies and similar tracking technologies, please read our Cookies and Similar Technologies Policy.

1.7. Aggregated Data. We process aggregated data that is not personally identifiable data. For example, we use statistical analysis to improve our Services and share marketing data with our business partners where such information does not identify individuals.

2. What Do We Do with Personal Data?

2.1. We use personal data related to you for the following purposes:

2.1.1. To provide you with our Services.

2.1.2. To provide you with notifications related to your use of our Services and to send you marketing materials, via electronic newsletters, SMS marketing (subject to your consent), social media notifications, and promotional emails.

2.1.3. To ask for your feedback and provide support.

2.1.4. To maintain our Services and to continue developing and making them better, including by personalizing your products based on your preferences.

2.1.5. To establish statistical data about our web traffic, identify potential cases of abuse of our systems, and prevent cyber-attacks, fraud, and identity theft.

2.2. We use your email address and phone number to send out account-related and promotional emails. The emails are sent by third-party providers with whom we share your name and email address.

2.3. We obey the law and expect you to do the same. If necessary, we will use personal data related to you to enforce our terms, policies, and legal agreements, to comply with court orders and warrants, and assist law enforcement agencies, to collect debts, prevent fraud, misappropriation, infringements, identity thefts and any other misuse of our Services, and to take any action in any legal dispute and proceeding.

2.4. If you contact our customer support, we will use the content of your message for the following purposes: addressing your request, improving our website and Services, and legal defense.

2.5. You provide us with your freely given, specific, informed and unambiguous consent to use your name and likeness, including your Tailor Brands’ products, for our internal and marketing purposes, as further descried under our Terms of Service.

2.6. We use third-party payment processing services (the “Processing Services”) to process personally identifiable payment data related to you. If you choose to purchase products by using a payment service provider, we can also require you to provide your login details. The Processing Services have committed that they will comply with the necessary security standards. If you want to learn more about this matter, please contact us at: [email protected].

2.7. Your interaction with social media features, widgets, or websites is governed by the privacy policies of the applicable social media websites. If you contact us via these social media websites, we will use the content of your message for the following purposes: addressing your request, improving our Services, and complying with applicable law. We are not responsible for any use, misuse, or unlawful use of the personal data that you choose to post or share on these platforms.

3. With Whom Do We Share Personal Data?

3.1. We do not sell, rent, or lease personal data related to you.

3.2. We share personal data related to you with certain employees, and external consultants, within our corporate group, and with our affiliates, who are all governed by this policy.

3.3. We share personal data related to you with our business partners as well as with our service providers which process personal data related to you on our behalf. Examples are as follows:

3.3.1. Our Services. To provide and improve the Services, we share personal information related to you with our relevant business partners and service providers. For example, we share personal information related to you with our data storage service providers for storage and security purposes – so we can hold, maintain, and protect relevant information that is related to your account and services.

3.3.2. Marketing and Business Development. To deliver our marketing and business development campaigns, we share information with digital marketing providers, social media and advertising companies, market research partners, potential customers and venues, event organizers and registration providers, and other trusted service providers who assist in the performance of our marketing campaigns.

3.3.3. Sales, Finance, Business Operations and Delivering Service. We use (a) third-party sales tools to track pipeline activity and order information, (b) finance and invoicing tools to assist in managing orders, customer billing and fulfillment, (c) legal and compliance tools to assist in our contracting and compliance activities, (d) consultants, contractors, and other specialists to provide professional services, and (e) other service providers which support our business operations.

3.4. Such business partners and service providers are contractually bound to keep personal data related to you confidential and appropriately secure. Please note:

3.4.1. Our use of Google marketing services and features, that includes the Google Display Network, YouTube Ads, Google Ads Words, Google Ads Enhanced Conversions feature, and Google Remarketing, is also subject to Google’s relevant policies and agreements and the option to opt-out from them via the relevant web page is available.

3.4.2. Our use of Facebook marketing services and features is also subject to Facebook’s relevant policies and agreements, including Facebook’s Data Policy: www.facebook.com/policy.php?ref=pf, and the option to opt-out from them via the Facebook relevant help center page is available here: www.facebook.com/help/568137493302217.

3.4.3. Our use of TikTok marketing services is also subject to TikTik’s relevant policies and agreements, including TikTok’s privacy policy where you can exercise your privacy rights: www.tiktok.com/legal/privacy-policy-row?lang=en.

3.5. There are business activities, such as merger, acquisition, or investment, that require us to share personal data related to you with another entity, provided, however, that the receiving entity will comply with the relevant provisions stated in this policy.

3.6. We will share personal data related to you only subject to the terms of this policy or subject to your prior consent.

4. Disclosure of Personal Data to Authorities

We will need to disclose personal data related to you, as we believe to be necessary or appropriate: (a) under applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities, including public and government authorities outside your country of residence; (d) to enforce our Terms of Service; (e) to protect our operations or those of any of our affiliates; (f) to protect our rights, privacy, safety, interests or property, and that of our affiliates, you, and others; (g) if we are involved in any discussions related to the sale of all or part of our business; and, (h) to allow us to pursue available remedies or limit the damages that we can sustain.

5. Aggregated and Analytical Information

5.1. We use standard analytics tools. The privacy practices of these tools are subject to their own privacy policies, and they use their own cookies to provide their service (for further information about cookies, please see our Cookies and Similar Technologies Policy).

5.2. Among our analytics tools, we use Google Analytics and Google Analytics 4 (GA4) to improve our website and Services. Here are two direct links that provide more information about how Google collects and processes data along with Google’s privacy practices: https://policies.google.com/technologies/partner-sites and policies.google.com/privacy?hl=en-US.

5.3. You can opt-out from the relevant Google Analytics Advertising Features by visiting the following links: https://optout.networkadvertising.org/?c=1 and tools.google.com/dlpage/gaoptout.

5.4. We can use additional or other analytics tools, from time to time, to learn about how you and others use our website and Services, in support of our Services-related activities and operations.

5.5. We process anonymous, statistical, or aggregated information and will share it with our affiliates for legitimate business purposes. It has no effect on your privacy, because there is no reasonable way to extract data from the aggregated information that we or others can associate specifically to you.

6. Your Choice

6.1. We will give you choices about the ways we use and share personal data related to you, and we will respect the choices you make.

6.2. Where permitted by law, we will send newsletters or promotional communications to our customers. You can unsubscribe from these communications. For example, with respect to email messages, you will be required to click an “Unsubscribe” link in these emails and confirm the email address for which you would like to unsubscribe.

6.3. We collect and receive personal data related to you that we need for the purposes described in this policy. You can stop using our Services at any time, thereafter we will stop collecting further personal data related to you. However, we will store and continue to use or make available certain personal data related to you as detailed above.

6.4. You can request that your account with us be terminated, and that personal data related to you be deleted by contacting us. Subject to the terms herein, any termination of your account will involve deletion of your account information from our live databases and all the information and data stored for the account in the service.

6.5. You can request a copy of the personal data related to you that we store about you by contacting us.

6.6. You can contact us at: [email protected] and request access to the personal data that we keep about you, correct wrong details about you, or delete them from our active databases. We will consider your request in accordance with applicable laws and regulations. To the extent necessary, we will ask you to provide us with certain credentials or details to make sure that you are who you claim to be.

6.7. When we delete personal data related to you that we have collected from or about you, it will be deleted from our active databases, but we will keep a reasonable number of copies in our archives. Although we will deactivate your account, we will continue to retain the personal data related to you for legitimate business purposes as set forth above.

6.8. Note that we are allowed to delete personal data related to you in different manners, including by removing any identifying data and transforming personal data that relates to you into anonymized data.

6.9. If you wish to exercise any of your rights in relation to personal data related to you, including exercising your choices or opt out rights, please send us an email to: [email protected].

7. Your EU Data Subject Rights

If EU data protection laws apply to the processing of the personal data related to you by us, the following terms apply. We adopted this section to comply with the General Data Protection Regulation (the “GDPR”), and any terms defined under the GDPR will have the same meaning when used in this section. This chapter supersedes any contradicting provisions under the other sections of this policy.

7.1. Where we process personal data related to you when you visit our website or use our Services, our processing activities are based on the following lawful grounds:

7.1.1. All processing activities of personal data related to you which are not based on the lawful grounds indicated below, are based on your consent.

7.1.2. We process your account and payment details to perform the contract with you.

7.1.3. We will process personal data related to you to comply with legal obligations and to protect your and others’ vital interests.

7.1.4. We will further rely on our legitimate interests, which we believe are not overridden by your fundamental rights and freedoms, for the following purposes:

7.1.4.1. Communications with you in the following circumstances:

7.1.4.1.1. Where you contact us through our Services and other digital assets:

7.1.4.1.2. After you sign up for our marketing or newsletter.

7.1.4.1.3. After you, on behalf of your company, sign up for any of our Services.

7.1.4.2. Cyber security.

7.1.4.3. Support, improving our Services, customer relations, and service operations.

7.1.4.4. Enhancements and improvements to your and other customers’ experience with our Services.

7.1.4.5. Fraud detection and misuse of our Services.

7.2. In addition to your rights under other sections in this policy, you have the following rights:

7.2.1. At any time, contact us if you want to withdraw your consent to the processing of personal data related to you. Exercising this right will not affect the lawfulness of processing based on consent before its withdrawal.

7.2.2. Request to delete or restrict access to personal data related to you. We will review your request and use our judgment, pursuant to the provisions of applicable law, to reach a decision about your request.

7.2.3. If you exercise one (or more) of the above-mentioned rights, in accordance with the provisions of applicable law, you can request to be informed that third parties that hold personal data related to you, in accordance with this policy, will act accordingly.

7.2.4. You can ask to transfer personal data related to you in accordance with your right to data portability.

7.2.5. You can object to the processing of personal data related to you for direct marketing purposes.

7.2.6. You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affecting you.

7.2.7. You have a right to lodge a complaint with a data protection supervisory authority of your habitual residence, place of work or of an alleged infringement of the GDPR.

7.3. A summary and further details about your rights under EU data protection laws, is available on the EU Commission’s website available at: Rights for citizens | European Commission (europa.eu).

7.4. Note that when you send us a request to exercise your rights, we will need to reasonably authenticate your identity and location. We will ask you to provide us with credentials to make sure that you are who you claim to be and will further ask you some questions to understand the nature and scope of your request.

7.5. If we need to delete personal data related to you following your request, it will take some time until we completely delete residual copies of personal data related to you from our active servers and from our backup systems.

7.6. If you have any concerns about the way we process personal data related to you, you are welcome to contact our data protection team at: [email protected]. We will look into your inquiry and make good-faith efforts to respond promptly.

7.7. Data Protection Team and Representatives

7.7.1. Our data protection team can be reached at: [email protected].

7.7.2. Here is relevant information about our EU representative: Rickert Rechtsanwaltsgesellschaft mbH – Tailorbrands – Colmantstraße 15, 53115, Bonn, Germany; e-mail address: [email protected].

7.7.3. Here is relevant information about our UK representative: Rickert Services Ltd UK – Tailorbrands – PO Box 1487, Peterborough, PE1 9XX, United Kingdom; e-mail address: [email protected].

8. Specific Provisions for US Residents

If you reside in the US, further terms apply to our processing in relation to your rights as a data subject under US state privacy laws. We adopted this section to comply with US state privacy laws, and any terms defined under US state privacy laws will have the same meaning when used in this section. This chapter supersedes any contradicting provisions under the other sections of this policy.

8.1. We have collected the personal data related to you which is described above under the section titled “What Type of Personal Data Do We Process?”. Such Information consists of the following categories:

8.1.1. Identifiers and Personal data categories listed in the applicable laws, such as the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).

8.1.2. Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding your interaction with our Services.

8.1.3. Commercial information, including products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

8.1.4. Geolocation data, namely your physical location or movements.

8.1.5. Inferences drawn from any of the above-mentioned information.

8.2. We obtain the categories of personal data related to you listed above from the following categories of sources:

8.2.1. Directly and indirectly from you and your activity on our Services.

8.2.2. Third parties such as reliable service providers.

8.3. We use the personal data related to you that we collect or receive for the purposes mentioned under this policy.

8.4. We disclose personal data related to you to third parties for business purposes as described above under the section titled “With Whom Do We Share Personal Data?”.

8.5. Selling and Sharing Personal data

8.5.1. We do not sell or share personal data. However, we engage third parties to provide us with services such as analytics, marketing automation and customer experience and allow them to collect personal data on our Services.

8.5.2. We do not knowingly sell or share the personal data of consumers who are under 18 years of age.

8.5.3. The categories of personal data collected by these third parties in the preceding 12 months include identifiers, online activities and inferences drawn from such activities.

8.5.4. These third parties do not pay us for collecting such information, but the right granted to them to collect personal data can be considered as disclosure for the purpose of sale or sharing for cross-context behavioral advertising. At any time, you can opt out of the collection of personal data by our service Providers by contacting us.

8.6. Your rights as a US Resident. In addition to your rights under other sections under this policy, if you are a resident of California or any other applicable US State, you are entitled also to the following specific rights under the CPRA or other applicable US state consumer privacy acts, regarding personal data related to you:

8.6.1. Access to specific personal data and data portability rights – you have the right to request that we disclose certain information to you about our collection and use of personal data related to you over the past 12 months. Upon verification of your request, we will disclose to you:

8.6.1.1. The categories of personal data we collected about you.

8.6.1.2. The categories of sources for the personal data we collected about you.

8.6.1.3. Our business or commercial purpose for collecting that personal data.

8.6.1.4. The categories of personal data that we disclosed for a business purpose, and the categories of third parties with whom we disclosed that particular category of personal data.

8.6.1.5. The specific pieces of personal data that we collected about you.

8.6.1.6. If we disclose personal data related to you for a business purpose, we will provide you with a list which will identify the personal data categories that each category of recipient obtained.

8.6.2. Deletion rights – you have the right to request that we delete any personal data related to you. Upon confirmation of your request, we will delete personal data related to you from our records, unless an exception applies.

8.6.3. Non-discrimination – you also have a right not to be discriminated against for exercising your rights under the CPRA.

8.7. Exercising Your Rights

8.7.1. To exercise the access, data portability, and deletion rights described above, please submit your request to us by sending an email message to: [email protected]. Only you or a person authorized to act on your behalf can make a request related to personal data related to you. A request for access can be made by you only twice within a 12-month period.

8.7.2. The verifiable consumer request must provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal data or an authorized representative and describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

8.7.3. We cannot respond to your request or provide you with the requested Personal data if we cannot verify your identity or authority to make the request and confirm the personal data related to you. We will only use the personal data provided in your request to verify your identity or authority to make the request.

8.7.4. We will do our best to respond to your request within 30 days of its receipt. If we require more time (up to additional 30 days), we will inform you of the reason and extension period in writing. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.

8.7.5. Any disclosures we provide will only cover the 12-month period preceding receipt of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable.

8.7.6. We do not charge a fee to process or respond to your request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will inform you of the reasons for such a decision and provide you with a cost estimate before completing your request.

8.7.7. We will not require that you create an account in order to exercise your rights under this policy and we will not increase the cost, or decrease the availability, of our Services based solely on the fact that you have chosen to exercise one of your rights under US privacy laws.

8.7.8. After receiving our reply, you can appeal against our decision by contacting us. We will review your appeal and provide you with our answer and our explanation of the reasons for our decision(s) within 60 days of receiving it. We will also provide you with a link (to the extent available) where you can submit a complaint with the relevant Attorney General.

9. Brazilian Privacy Rights

If the LGPD applies to our processing of personal data related to you, there are additional information, rights, and obligations that apply to this policy, as follows:

9.1. Our Position under the LGPD. We assume the position of a “controller”, as defined under Section 5 of the LGPD. We have the competence to make decisions about the processing of personal data related to you, as further described in this policy.

9.2. DPO Contact Details. We have appointed a data protection officer in accordance with Article 41 of the LGPD (our “DPO”). Our DPO’s contact details are as follows: [email protected]. The activities of our DPO consist of the following:

9.2.1. To accept complaints and communications from data subjects, provide clarifications and take measures related to the same.

9.2.2. To instruct the employees and contractors of the entity on the practices to be adopted in relation to personal data protection.

9.2.3. To carry out any other duties established by the controller or in supplementary rules.

9.2.4. To comply with the Brazilian data protection authority (‘ANPD’)’s supplementary rules, where applicable.

9.3. Types of Processing. We process personal data related to you for the following lawful grounds –

9.3.1. Based on your consent.

9.3.2. For compliance with our statutory or regulatory obligation.

9.3.3. When necessary for the performance of agreements or preliminary procedures relating to agreements to which you are a party to, following your request.

9.3.4. For our regular exercise of rights in lawsuits, administrative or arbitration proceedings.

9.3.5. For protection of the life or of the physical safety of you or third parties.

9.3.6. When necessary to serve our relevant third parties’ legitimate interests or our own legitimate interests, in accordance with the LGPD, except for cases in which your fundamental rights and liberties prevail.

9.4. Our Main Responsibilities under the LGPD

9.4.1. It our responsibility to engage with all its processors (service providers who have access to personal data related to you) to protect personal data related to you in a suitable and secure manner and to indicate where personal data related to you is stored or processed.

9.4.2. In addition, we are responsible to provide you, where applicable, with the following privacy rights –

9.4.2.1. You have the right to request confirmation of the existence of processing of personal data related to you.

9.4.2.2. You have the right to request access to data personal data related to you.

9.4.2.3. You have the right to request the correction of incomplete, inaccurate, or outdated personal data related to you.

9.4.2.4. You have the right to request confirmation that anonymization, blocking, or elimination of unnecessary or excessive personal data related to you or personal data processed in noncompliance with the provisions of the LGPD have been implemented by us.

9.4.2.5. You have the right to be notified if a relevant personal data breach occurs. The notification will include: (a) a description of the nature of the affected personal data; (b) information on the data subjects involved, without violating their privacy; (c) indication of the technical and security measures used for data protection, with due regard for trade and industrial secrets; (d) the risks relating to the data breach; (e) the reasons for the delay, in case the notice is not immediate; and, (f) the measures that were or will be adopted to reverse or mitigate the effects of the loss related to the data breach.

9.4.2.6. You have the right to request the portability of personal data related to you to other service providers or suppliers of product, at the express request, and observing the business and industrial secrets, in accordance with the regulation of the controlling body.

9.4.2.7. You have the right to request the elimination of personal data related to you, processed with your consent, except for the cases set forth in Article 16 of the LGPD (for example, where the processing is needed to comply with legal obligations).

9.4.2.8. You have the right to request that we provide you with information about the public and private entities with which we have shared personal data related to you, as described in this policy.

9.4.2.9. You are not obligated to provide us with your consent for the processing of personal data related to you. Without your consent, we will still provide you with any service that is not based on the processing of personal data. Please bear in mind that most of our Services require a membership that is based on the processing of personal data related to you, and we cannot provide such Services otherwise.

9.4.2.10. You have the right to withdraw your consent, pursuant to the provisions of paragraph 5 of Article 8 of the LGPD – by contacting our DPO at: [email protected].

9.4.2.11. You have the right to petition with the Brazilian regulatory authority and consumer protection entities regarding the processing of personal data related to you.

9.5. Should you wish to exercise any of your LGPD’s rights, please contact our DPO at: [email protected].

9.6. We do not charge a fee to process or respond to your request unless otherwise provided or permitted under the LGPD, in which case we will provide you with the relevant notice in advance.

10. Personal Data Retention

10.1. We retain different types of personal data related to you for different periods, depending on the purposes for processing the information, our legitimate business purposes, and pursuant to legal requirements under applicable law.

10.2. We will maintain your contact details, to help us stay in contact with you. At any time, you can contact our data protection team at: [email protected] and request to delete your contact details. Note that we will keep your details without using them if necessary, and for the necessary period of time, for legal requirements and proceedings.

10.3. We will retain personal data related to you after you have terminated your use of our Services, if retention is reasonably necessary to resolve disputes between our customers, to prevent fraud and abuse, or to enforce this policy and our Terms of Service.

10.4. We will keep aggregated non-identifiable information without limitation, and to the extent reasonable we will delete or de-identify potentially identifiable information, when we no longer need to process the information.

10.5. In any case, we will keep information about you for as long as you use our Services, unless applicable law requires us to delete it, or if we decide to remove it at our discretion, according to the terms of this policy and our Terms of Service.

11. Transfer of Data Outside Your Territory

11.1. We store and process information, including personal data, either directly or using third parties, such as data hosting service providers, in Israel, the US, the UK, the EU, and other sites, at our discretion. The laws of the territories where your data will be stored and processed can differ from the laws of the jurisdiction in which you live.

11.2. If you are a resident in a jurisdiction where transfer of personal data related to you to another jurisdiction requires your consent, then you provide us with your express and unambiguous consent to such transfer.

11.3. If you are located in the European Economic Area (EEA), note that we will transfer personal data related to you to other jurisdictions, which are not deemed to provide an adequate level of data protection. In such case, we will use appropriate safeguards, in particular, by way of entering into the European Union (“EU”) Standard Contractual Clauses as amended from time to time with the relevant recipients, or by adhering to equivalent data transfer regulations to protect the security and confidentiality of such personal data. You can obtain a copy of the suitable safeguards that we use when transferring personal data as described above or receive further information about data transfer by contacting us at: [email protected].

11.4. We make sure that our third-party service providers provide us with adequate confidentiality and security commitments, and we take reasonable steps to ensure that personal data related to you is treated securely and in accordance with this policy.

12. Information Security

12.1. We are committed to ensuring the security of personal data. We and our hosting services implement systems, applications, and procedures to secure personal data related to you, to minimize the risks of theft, damage, loss of information, or unauthorized access or use of information. These measures provide sound industry standard security.

12.2. However, please understand that no security system is impenetrable, and although we make efforts to protect your privacy, we cannot guarantee that our Services will be immune from any wrongdoings, malfunctions, unlawful interceptions or access, or other kinds of abuse and misuse.

13. Updates to this Privacy Policy

13.1. From time to time, we update this policy to comply with applicable law and to reflect changes to our processing (including, without limitation, collection, usage, and storage) practices in relation to personal data (“Privacy Updates”).

13.2. We will send you an email message or post a notice on our website, thirty (30) days before our Privacy Updates take effect, unless the update includes non-material changes (non-material changes will be effective immediately and without a notice), and except in urgent situations such as preventing fraud, compliance with applicable law, or addressing security and operability issues (which will be effective as soon as required, at our sole discretion).

13.3. If you object to our Privacy Updates, you can cancel your account. By continuing to use our website or Services after the Privacy Updates take effect, you signify your agreement and consent to the Privacy Updates, unless applicable law requires us otherwise. 

13.4. We can modify, enhance, or improve our website and Services, and can accordingly offer additional tools and features. Such additional tools and features may be governed by additional or different privacy practices, terms, and conditions, as provided by us, where applicable.

13.5. This policy was written in English and may be translated into other languages for your convenience. If a translated (non-English) version of this policy conflicts in any way with its English version, the provisions of the English version will prevail.

14. Contact Us

14.1. If you have questions or comments about this policy, please contact us at: [email protected].

14.2. Note that we can only process requests received with sufficient information to enable us to process your request. If we need to request additional information in order to complete your request, we will do so. If you do not provide sufficient information initially and do not respond to our request for additional information, we will not be able to complete your request.