1. Introduction
- This Privacy Notice provides guidance and information to Winksite (“Winksite”) users regarding the processing of personal data by Winksite.
- Winksite ("us", "we" or "our") is committed to protecting and respecting your privacy. This Notice together with the Terms of Service, Cookie Notice, Data Policy and the documents referred to in them sets out the basis on which any personal data we collect from you or that you provide to us (“Data”) will be processed by us. Please read this Privacy Notice & Data Policy carefully to understand our treatment and use of Data.
- In this Privacy Notice, references to “you” means the person whose personal information we collect, use and process.
- We will use your personal data only for the purposes and in the manner set forth below, which describes the steps we take to ensure the processing of your personal data is in compliance with the Data Protection Acts 1988 and 2003 and any subsequent data protection and privacy legislation (the “Acts”), European Union Law including the General Data Protection Regulation (the “GDPR”) and any subsequent amendments (together the “Data Protection Legislation”).
- If you do not agree with or are not comfortable with any aspect of this Privacy Notice, your only remedy is to not become a user of Winksite.
- We seek to maintain the privacy, accuracy, and confidentiality of personal information (including your personal data) that we collect and use concerning our customers.
2. Identity of the controller of personal information
For the purposes of the Data Protection Legislation, the Data Controller is Engagelogic Corporation, a Delaware corporation registered in the United States. Engagelogic's registered office is at Engagelogic Corporation, 34 E. Main Street, Suite 392, Smithtown, NY 11787.
3. Contact details of the privacy officer
The data protection officer appointed in respect of your entity (if applicable) can be provided – please see clause 13 for further contact information.
4. When does this privacy notice apply
This Privacy Notice applies to personal information that we collect, use and otherwise process about you in connection with your relationship with us as a customer or potential customer.
Children Under the Age of 16Our Website is not intended for children under 16 years of age. No one under age 16 may provide any personal information on the Website. We do not knowingly collect personal information from children under 16. If you are under 16, do not use or provide any information on this Website. If we learn we have collected or received personal information from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us as described in clause 13.
5. What personal information is collected and processed?
-
We may collect and process the following categories of information about you:
- your personal information (e.g. name, address, email and phone number);
- your authentication information (e.g. tokens); and
- your financial information (e.g. credit card number and billing data).
-
We may collect and process the following categories of information about visitors to your campaign IF you activated a form on your landing pages and you visitor submitted the form:
- their personal information (e.g. name, address, email and phone number). This information is NOT stored on Winksite servers by default. On default form submit, the data is sent directly to the email you defined for receiving this data. See our Data Policy for details on how visit data is handled.
6. What do we use your personal information for?
-
The legal basis for this use and other processing will include (as relevant):
- process your account;
- provide services relating to your account and to work on improving our services to you (including service communication, insight, research, customer surveys and feedback);
- to provide you with relevant marketing communications;
- to support other administrative purposes;
- comply with all legal and regulatory requirements; and
- where you have given us permission, contact you from time to time to keep you up to date with limited offers, new services, company news and other promotions.
-
The main purposes for which we use your personal information are:
- if you have provided us with your consent to the processing of your personal data;
- to enable us to perform our obligations under any contract with you;
- processing for legitimate interests provided these are not overridden by your interests and fundamental rights and freedoms (this includes our own legitimate interests and those of other entities in the Winksite), in particular this is relevant when we use and process your personal data in order to respond to your enquiries and to address our good governance obligations; and
- we may also disclose your personal information to governmental and regulatory bodies and other third parties where required to do so by applicable law, such as to comply with a court order or a request from a regulator or similar legal process or where otherwise necessary to comply with a legal obligation or for the administration of justice.
- In addition, in the event of a merger, acquisition, or any form of sale of some or all of our assets to a third party, we may also disclose your personal information to the third parties concerned or their professional advisors. In the event of such a transaction, the personal information held by Winksite will be among the assets transferred to the buyer.
- The provision of personal data is a contractual requirement and may also be a statutory requirement, and is necessary to process your application or for the performance of a contract. If your personal data cannot be processed this may have an impact on fulfilling our rights and obligations.
- We do not knowingly process personal data from persons under the age of 13 years. If it comes to our attention that we are processing such personal data, we shall delete such personal data immediately.
- When you close your account, we may continue to process your personal data, to the extent permitted by applicable law, for the purposes detailed above.
7. International transfers
- Due to the global nature of Winksite, your personal data will be transferred to Winksite entities located in other countries, including outside the European Economic Area (“EEA”). These other countries may either have different data protection laws than your country of residence or they may not have data protection laws. Steps will however be taken to put in place safeguards (including around security) to protect your personal data when it is in other countries.
- Your personal information may be transferred, stored and processed in one or more countries outside the European Economic Area (“EEA”), including the United States of America.
- For transfers of your personal data to third parties outside of the EEA, we take additional steps in line with data protection laws. These include EU Commission approved forms of contract with the relevant recipients of your information, whether members of Winksite or otherwise.
- In addition, we take reasonable steps to ensure that your personal information is adequately protected in accordance with the Acts and the GDPR.
8. Period for which the personal data will be stored, or if that is not possible, the criteria used to determine that period
- Your personal data will not be kept for longer than is necessary to fulfill the specific purposes outlined in this Privacy Notice, Data Policy, and Cookie Notice and to allow us to comply with our legal requirements, including, without limitation, any tax and commercial obligations.
-
The criteria we use to determine data retention periods includes the following:
Please note that, although reasonable efforts will be taken, it may not always be possible to completely remove or delete all of your personal information from our databases because of back-ups and other technical reasons. Where this is the case, we will take steps to ensure that your personal data is suppressed in order to render it unusable.
-
Retention in case of queries
We may retain your personal data for a reasonable period after you have enquired about Services, in case of follow up queries from you.
-
Retention in case of claims
We may retain your personal data for the period in which you might legally bring claims against us (this means we will retain it for at least 7 years) if and to the extent this is relevant.
-
Retention in accordance with legal and regulatory requirements
We will consider whether we need to retain your personal data after the period of retention in the case of queries or claims (above) because of a legal or regulatory requirement. Some or all of these criteria may be relevant to retention of your personal data collected from you in connection with our Services.
-
Retention permitted under applicable law
We will continue to retain personal data where necessary to provide our services to you and the retention of such personal data is necessary for the purposes of pursuing our legitimate interests or where it is necessary for public interest purposes.
-
9. Your rights
-
You may have various rights under data privacy laws in your country (where applicable). These may include (as relevant):
- the right to withdraw your consent to the processing of your personal data. However, we may continue to process your personal information if there is an alternative legal basis for the processing;
- the right to request access to or a copy of the personal data we hold about you. Please note that there is no fee for this request and any request for a copy of your personal data will be processed within thirty (30) days in accordance with the GDPR;
- the right to rectification including to require us to correct inaccurate personal data;
-
the right to request restriction of processing concerning you or to object to processing of your personal data if:
- processing is based on legitimate interests or the performance of a task in the public interest or exercise of official authority;
- processed for direct marketing; or
- processed for the purposes of scientific or historical research and statistics;
-
the right to prevent further processing in specific circumstances and where there is no other lawful ground for continuing to process that information. These include for example:
- where the personal data is no longer necessary in relation to the purpose for which it was originally collected/processed;
- where you withdraw consent; or
- where you object to us processing your information;
- the right to request the erasure of your personal data where it is no longer necessary for us to retain it;
- the right to block or suppress processing of personal information. While we are entitled to store your personal information, we cannot further process it if you request it to be blocked;
- the right to data portability including to obtain personal data in a commonly used machine readable format in certain circumstances such as where our processing of it is based on a consent; and
- the right to object to automated decision making including profiling (if any) that has a legal or significant effect on you as an individual; and the right to withdraw your consent to any processing for which you have previously given that consent.
- You have the right to be informed of the identity of the privacy local representative (if we are required by law to have a local representative);
- You also have the right to any details of any persons to whom Winksite disclosed your personal data (unless Winksite is prohibited from providing such information pursuant to applicable law)
- Please see clause 13 if you wish to exercise any of these rights (as relevant).
10. International transfers
Without prejudice to any other administrative or judicial remedy you might have, you may have the right under data privacy laws in your country (where applicable) to lodge a complaint with the relevant data protection supervisory authority in your country (i.e. the Office of the Data Protection Commissioner in Ireland) if you consider that we have infringed applicable data privacy laws when processing your personal data. This means the country where you are habitually resident, where you work or where the alleged infringement took place.
11. Security
- We endeavour to use appropriate technical and physical security measures to protect your personal data which is transmitted, stored or otherwise processed by us, from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access. These measures include: storing personal data in a private database which is accessed via an internal control panel protected with the username, password and IP address of our authorized users; storing hashed information as opposed to passwords and using secure cloud storage for database backups. Our service providers are also selected carefully and required to use appropriate protective measures.
- As effective as modern security practices are, no physical or electronic security system is entirely secure. The transmission of information via the Internet is not completely secure. Although we will do our best to protect your Data, we cannot guarantee the security of your Data transmitted to our Site. Any transmission of Data is at your own risk. Once we receive your Data, we will use appropriate security measures to seek to prevent unauthorised access. We will continue to revise policies and implement additional security features as new technologies become available.
- In the event that there is an interception or unauthorised access to your personal data, we will not be liable or responsible for any resulting misuse of your personal information.
12. Updating the privacy notice
We may change the terms of this Privacy Notice from time to time. Any changes will be posted on this page.
13. Contact us
For further information or if you have any questions about this Privacy Notice, please contact support.
This Privacy Notice was last updated on 28 December 2020.