Imagga, considering the importance of privacy, is committed to gaining the trust of its customers by adopting high standards for the protection of personal information. The following rules describe the types of personal information that Imagga collects and receives, the circumstances in which it collects or receives personal information, the established rules and procedures outlining its use and storage, and the sharing of certain types of personal information with certain limited circumstances, the procedures you must follow if you have any questions or requests regarding your personal information or our rules and procedures, details of the person to whom such questions or requests should be addressed, and how to communicate with this person.
Below you will find information about:
- - the person responsible for processing your data;
- - what categories of personal data we process;
- - the conditions under which we process the data;
- - the purposes and legal grounds for the processing;
- - data retention periods and data security measures, we apply and use;
- - in which cases and in what order we provide your data to third parties,
- - as well as how to exercise your rights under the GDPR.
For the purposes of the GDPR, the person responsible for the processing of your personal data is Imagga Technologies Ltd., UIC 202291147, a limited liability company incorporated and existing under the laws of the Republic of Bulgaria.
For data protection issues, you can contact the Data Protection Officer by email at: firstname.lastname@example.org
LEGAL BASIS FOR PERSONAL DATA PROCESSING
In order to process personal data, there shall be a legitimate reason. The legal grounds for the processing of personal data are exhaustively listed in Article 6 of the GDPR.
WHAT TYPES OF INFORMATION AND DATA DO WE COLLECT?
Depending on how you choose to use the Website (as a guest or as a registered user), Imagga may process some of the following categories of personal data:
- 1. Contact information: name, email address, in case you send us an inquiry or in case you subscribe to our newsletter;
- 2. Payment information: credit/debit card number and other details in case you become a client of our product;
- 3. Business or company information: contact, email address, credit/debit card number, in case the customer of our product is a legal entity;
When you visit the Website, our server temporarily records your access details in its logs. These logs contain the following data and are stored until they are automatically deleted:
- - The IP address of the computer submitting the request;
- - The date and time of your request;
- - The requested URI;
- - The volume of data transferred in response;
- - Whether the request has been successfully processed or not;
- - Identification data about the browser and operating system you use;
- - The referring website from which you submitted the request;
- - The name of your Internet Service Provider.
The purpose of recording this data is to enable us to maintain the Website (by establishing a TCP/IP connection), to ensure the proper functioning of our servers, the technical administration of our infrastructure, and the optimization of our services. Your IP address will be analysed in case of unauthorized access or attacks on our infrastructure only.
You are not required to provide additional information to access our Website.
WHY DO WE COLLECT YOUR DATA?
- - In case you express your explicit consent, your data will be used to provide information about promotions and other interesting information related to our services;
- - In cases where you use digital image analysis services (photos, as well as any other visual content in an appropriate electronically readable format), Imagga software retrieves and reproduces data related to all image content, whereby the data is algorithmically processed automatically by the software only;
- - In the case of an additional consent, we use the data extracted according to the above point to improve our algorithmic processes in relation to other image processing and analysis, and this use is always carried out in the absence of connection of the image with you or any third party;
- - We use the information to respond to your inquiries and to provide the services you have requested;
- - We use the information to improve the site and services: We may use your information to improve the services we offer;
- - We use the information and proves it anonymously to analyse the effectiveness and improve the performance of our site;
- - We use the information for marketing purposes: We may send you information about new services and offers. We may also use your information to provide you with advertisements for our offers. If you sign up for our newsletter, you will receive our promotional emails. Before we start marketing activities, we obtain your consent in accordance with applicable law. You can read below more about your consent and how you can control it;
- - We use the information to communicate with you: We may contact you regarding your inquiry;
- - We also use information in other ways permitted under applicable law.
WAYS WE COLLECT INFORMATION
- - Information you provide: in case you send us an email containing your personal data;
- - Information contained on images that you upload to our servers on your own initiative for processing in accordance with the services offered;
- - Automatically via cookies: in accordance with applicable law, we use tracking technologies such as cookies to collect information about you, on an anonymous basis;
- - Third parties: from people authorized to act on your behalf - if they make inquiries on your behalf, from social networks, advertising and analysis service providers.
PERSONAL DATA RECEIVED IN CONNECTION WITH IMAGE PROCESSING
The services provided by Imagga are invariably related to the detailed extraction of data from images that you upload to the system. This implies in many cases the processing of data that fall into the scope of personal data within the meaning of the GDPR, i.e. information that makes it possible for a person to be identified. The personal data thus obtained, whether of you or a third party, is only processed through the automated Imagga software and this personal data is not made available to Imagga employees or others. Data processing does not include the so-called "profiling" within the meaning of the GDPR - automated processing is not intended to use personal data to assess certain personal aspects related to an individual, and in particular to analyse or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
Imagga may post-process personal data obtained from images only in an aggregate form under pseudonymisation conditions (the meaning of the word is stated below). When the information extracted from the images, including that representing personal data, is used by Imagga for subsequent automated comparison with other images or other similar type of processing, the same information is not treated in such a way as to identify the individual.
In cases where image processing has led to the disclosure of genetic or biometric data within the meaning of the GDPR, as well as data revealing racial or ethnic origin, political opinion, religion, beliefs or trade union membership, such data will be stored in the best technological guarantees for their preservation avoiding knowledge by third parties or transfer to foreign information arrays. Imagga's software is not intended to identify and does not identify individuals upon receiving such personal information. Specific features derived from data belonging to any of the above categories of personal data, in the case of images uploaded by you, are in no way linked to the identifiable person (data subject).
The information thus obtained and extracted in electronic form is stored on the servers of Imagga for 24 hours, after that the system automatically deletes it. When you have expressed his will for the information not to be saved through the relevant option, this information is deleted immediately after the request and does not remain on the servers of Imagga or other connected servers.
REGISTRATION ON THE WEBSITE
Any person accessing the Website may register with the relevant identifiers on the Website in accordance with the Terms of Service. In order to do so, such a user, who is also a data subject, is required to enter certain data in the relevant Registration form. The data provided by users who have chosen to register will only be used for registration purposes and will not be passed on to third parties unless Imagga has a legal basis to do so. During the registration of the Website, your IP address, date and time of access will be recorded to prevent possible misuse. During or after registration, the data subject is free to change his or her recorded personal data. It is also possible for the data subject to cancel his/her registration completely through the deregistration option provided to him/her so that all personal data would be deleted.
WHAT MEASURES DO WE TAKE TO PROTECT THE DATA COLLECTED?
To secure your personal data, we have introduced technical and organisational measures that meet the requirements of the GDPR and require from third party service providers, that we use, to do the same.
Imagga applies the strictest policy for processing the data extracted during the technical analysis of the images you upload to the system, for which purpose pseudonymisation is applied. Pseudonymisation is processing of personal data in such a way that they can no longer be associated with a specific data subject without the use of additional information, insofar it is stored separately and is subject to technical and organisational measures to ensure that the personal data is not linked to an identified individual or an identifiable individual.
Imagga uses third parties to provide its services, such as e-mail providers and infrastructure services (including for accepting electronic payments). Access to information is given to third parties only after a detailed examination of the documentation and whether they meet the requirements of the GDPR. This review carefully analyses the competence of each third party, as well as their technical and organisational protection measures for the personal data. The results of this review shall be expressed in writing and in agreement for data processing, which complies with Article 28 of the GDPR and is signed with the third party when it is necessary.
Your data is stored on secured servers, accessible to only by selected authorised employees. When you use a form on our Website to send us data, that transmission is made only through an encrypted TLS connection.
Imagga’s services are not intended for persons under the age of 14 and Imagga does not collect personal data from persons under the age of 14. In case that we learn that a person under the age of 14 has provided us with his/her personal data, we will delete it immediately.
In order to provide our services, we use the services of third parties located outside the European Economic Area. To protect your personal data in this case, we have signed personal data processing agreements with these service providers.
ACCESS TO THE DATA BY THIRD PARTIES, WHICH ARE OUR SERVICE PROVIDERS FROM OTHER COUNTRIES
Third parties, established within the European Union:
- Braintree – trade service of PayPal (Europe) S.à r.l. et Cie, S.C.A.
- Imagga uses the services of Braintree, which is an electronic payment system, maintained and operated by Paypal, and is a limited liability company based in Luxembourg. Braintree services process your payments as an Imagga customer and provides billing information about it.
- You can find more information about "Braintree" data processing and data protection here:
Third parties established outside the European Union:
- Google Analytics
- Our Website uses Google Analytics. This is a service of Google Inc., a limited liability company located at: 1600 Amphitheater Parkway, Mountain View, CA 94043 USA (hereinafter referred to as "Google"), which analyses access to the Website and enables Imagga to improve its services.
- You can stop the application of Google Analytics cookies on your computer through your web browser settings. If you do it, we cannot guarantee that all features of our Website will be fully accessible to you. You can also disable cookies by using browser extensions, such as: https://tools.google.com/dlpage/gaoptout
- You can find additional information about data processing and data protection of Google on: https://policies.google.com/ and https://www.google.com/analytics/terms/
- Amazon Web Services
- Amazon Web Services, Inc. is a limited liability company located at 440 Terry Ave N, Seattle, WA 98109, USA ("Amazon Web"). Imagga uses the web services of Amazon Web to obtain computing power, as well as encrypted storage of information on its servers, in order to provide its services to users in the highest quality and the most secure way.
- You can find additional information about data processing and data protection from Amazon Web on: https://aws.amazon.com/privacy/?nc1=f_pr
- Intercom, Inc. is a limited liability company located at: 55 2nd Street, 4th Fl., San Francisco, CA 94105, USA ("Intercom"). Imagga uses Intercom to notify consumers of new features regarding its products. We also use Intercom to manage information for current and potential customers.
- You can find additional information about data processing and data protection from Intercom on: https://www.intercom.com/terms-and-policies#privacy
PERSONAL DATA ERASURE
Imagga stores and processes personal data only as long as it is necessary, in accordance with regulatory requirements and restrictions. When the purpose of the data processing is fulfilled, your personal data will be deleted in accordance with our data retention policies, unless we are legally obliged to retain them.
Personal data obtained under the conditions of extraction of information from images uploaded by users of the Website may be kept for a period of 24 hours, as long as the respective user has not expressed his will this data to be deleted immediately.
In accordance with the provisions of the GDPR, you have the following rights:
- 1. Right to access to your personal data;
- 2. Right to correct or delete your personal data;
- 3. Right to delete (‘right to be forgotten’);
- 4. Right to limit the processing of your personal data;
- 5. Right to object against the processing of your personal data;
- 6. Right to data portability.
You may opt-out of receiving marketing emails. In order to stop receiving our promotional emails, you can unsubscribe from our newsletter using a link in any of the promotional message you receive from us. Even if you unsubscribe from advertising messages, you may receive transaction-related messages, including responses to your questions.
You can control settings on your mobile devices. You can turn off location recognition or so-called "push" notifications from the mobile device you use. These settings depend on the type of device.
HOW TO EXERCISE YOUR RIGHTS
If you wish to exercise any of the rights described above, you will be required to provide proof that you are the data subject and to contact a representative of the controller at the email address below.
HOW CAN YOU CONTACT THE COMPETENT SUPERVISORY AUTHORITY?
Notwithstanding the given above, in case of complaints you have the right to contact the Commission for Personal Data Protection ("CPDP"):
- 1. personal, on address: 2 "Prof. Tsvetan Lazarov" Blvd, 1592, Sofia, Bulgaria;
- 2. by letter, on address: 2 "Prof. Tsvetan Lazarov" Blvd, 1592, Sofia, Bulgaria;
- 3. by fax – +359 2 9153525;
- 4. to the e-mail of the CPDP – email@example.com
- 5. on the CPDP’s website, on address: https://www.cpdp.bg/.
"IMAGGA TECHNOLOGIES" LTD – 47А "Cherni vrah" Blvd, floor 4, 1407, Sofia, Bulgaria, contact phone: +359 89 9001 887, email: firstname.lastname@example.org