Privacy policy

1. INTRODUCTION

1.1. The Personal Data Processing Policy (hereinafter - the "Policy") is issued and applies in the Push World Inc (the "Operator"). This Policy determines the procedure and conditions of the Operator's work with regard to personal data processing, establishes the provisions to ensure compliance with the laws referring to personal data processing. All issues related to the processing of personal data, not governed by this Policy, are resolved in accordance with the applicable laws in the field of personal data, General Data Protection Regulation, Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, signed in Strasbourg on January 28, 1981, as well as Amendments to the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (CDCE No. 108).

2. GENERAL PROVISIONS

2.1 The purpose of personal data processing is to provide services:

For individuals - direct clients of the Operator:

  • Provision of the Operator's services to the personal data owner by using the Operator's service. The Operator's service means the service of sending out notices for an effective interaction with the visitors of the website managed by the personal data owner, who asks for the Operator's service.
  • Safeguarding the rights and freedoms of individuals in the processing of their personal data.

For Operator's corporate clients:

  • Provision of services to the Operator's corporate client and maximum protection of personal data of the owners which are the users of corporate client services. The Operator's services mean in this context the provision of services for sending out notices for an effective interaction with the visitors of the website managed by the personal data owner, who asks for the Operator's service.
  • Safeguarding the rights and freedoms of individuals in the processing of their personal data.

2.2. Processing organized by the Operator relies on the following principles:

  • The legality of purposes and methods of personal data processing, integrity and fairness of the Operator's activities;
  • Reliability of personal data, their sufficiency for processing purposes, the inadmissibility of processing of personal data which is excessive in relation to the purposes stated when collecting personal data;
  • Processing only personal data that meet the purpose of the processing;
  • Compliance of the content and volume of processed personal data with the stated processing purposes. Personal data being processed shall not be excessive compared to the declared purposes of collection thereof.
  • No databases containing personal data being processed for any mutually incompatible purposes may be integrated;
  • Ensuring the accuracy of personal data, their sufficiency and, where necessary, their relevance to the purposes of personal data processing. The operator shall take the necessary actions or ensure that they are taken in order to delete or clarify incomplete or inaccurate data;
  • Storage of personal data in a form that allows the identification of the personal data owner, for a period of time which is not longer than required in accordance with the purposes of personal data processing.

2.3. The operator processes the following personal data:

Individuals - direct clients of the Operator:

  • e-mail;
  • phone number, which shall not be mandatorily provided by the personal data owner.

Individuals - visitors of the Operator's corporate client website:

  • HTTP-headers,
  • IP-address,
  • Browser ID data,
  • Hardware and software information;
  • Date and time of access to the site;
  • Geolocation data;
  • Information about the activity during the use of the site.

2.4. The above personal data is processed with and without the use of automation tools.

2.5. When processing personal data, the Operator takes legal, organizational and technical measures to ensure the safety of personal data, including through the extension of HTTPS to HTTP protocol to support encryption in order to enhance security. When signing up, the user is informed about the browsers recommended by the Operator that support encrypted data transmission.

2.6. Apart from the provisions of paragraph 2.5 the operator uses a private VPN in its activities, as well as means of encryption, authentication, public key infrastructure, means for data protection against repetitions and changes in the messages transmitted via the logical network.

2.7. The Operator shall not disclose to the third parties and shall not distribute the personal data without the consent of the personal data owner unless it is provided by the applicable laws, this Policy and General Data Protection Regulation.

2.8. Terms and Conditions of Personal Data Processing by the Operator:

For individuals - direct clients of the Operator:

  • personal data is processed by the Operator after the data owner has signed up on the Operator's website https://push.world/ and accepted the Operator's offer referring to services. A personal data owner accepts an offer on his own initiative and is a party to and beneficiary of the contract entered into as a result of the acceptance. An individual consent to the processing of personal data of the personal data owner is not required in this case.

For Operator's corporate clients:

  • Personal data is processed by the Operator when the personal data owner visits the Operator's corporate website. The corporate client is obliged to obtain consent from the personal data owner to transfer his personal data to a third party, i.e. - the Operator.

2.9. Personal data shall be deleted once the processing goals have been achieved. Personal data shall be deleted by deleting all records about the personal data owner at the Operator's service, with no possibility to restore such record. Personal data is kept with the Operator for a period of time when the Operator's direct client or corporate client intends to purchase the Operator's services.

2.10. Interaction with federal executive authorities on the issues of processing and protection of personal data of data owners, whose personal data are processed by the Operator, is performed under the applicable laws.

3. THIRD PARTIES INVOLVED IN THE PROCESSING OF PERSONAL DATA

3.1. The Operator's servers are physically placed by Fornex Hosting S.L., a company registered under the laws of Spain, which has accepted the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, signed in Strasbourg on January 28, 1981. The company Fornex Hosting S.L. operates in Germany. The servers where the personal data of the owners is stored are located in Germany. The Operator has fully made sure that there is a sufficient protection of personal data in the territory of Germany in the provision of services for the physical placement of the Operator's servers.

3.2. The hosting services are provided by Fornex Hosting S.L., a company registered under the laws of Spain, which has accepted the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, signed in Strasbourg on January 28, 1981. Hosting services are actually provided in Germany. The operator has fully made sure that there is sufficient protection of personal data in Germany during provision of hosting services.

3.3. Prior to the acceptance of the offer, the user is informed about the cross-border transfer of his/her personal data. Acceptance of the offer by the user means the consent of the user to the cross-border transfer.

4. PERSON IN CHARGE FOR PERSONAL DATA PROCESSING

4.1. When processing personal data, the Operator issues a respective order to appoint a person in charge for personal data processing.

4.2. The person in charge for personal data processing is subordinated to the Operator's executive body - the General Director, controls the personal data processing and ensures the implementation of all terms and provisions of this Policy within his/her competence.

4.3. Person in charge for personal data processing shall:

4.3.1. exercise internal control over compliance by the Operator and its employees with the applicable laws on personal data, including requirements to personal data protection;

4.3.2. supervise the reception and processing of requests and inquiries of personal data owners or their representatives;

4.3.2. supervise the reception and processing of requests and inquiries of personal data owners or their representatives;

4.3.3. take measures to identify the unauthorized access to personal data and immediately bring this information to the attention of the General Director;

4.3.4. perform continuous control over the level of personal data security;

4.3.5. familiarize the Operator's employees who have access to personal data with the provisions of the applicable laws on personal data under signed receipt, including the personal data protection requirements, as well as with the Operator's local acts which specify procedures of Personal Data Processing;

4.3.6. perform internal control and/or audit of compliance of personal data processing with Law and regulatory legal acts adopted in accordance therewith, requirements to personal data protection, Operator's policy on personal data processing, local acts of the Operator.

5. PROCEDURE FOR SAFEGUARDING THE OWNER' RIGHTS BY THE OPERATOR

5.1. Personal data owners or their representatives have the rights as set forth by the Law.

5.2. The representative's authority to represent the interests of each personal data owner shall be confirmed by an appropriate power of attorney.

5.5. The right of a personal data owner to access to his/her personal data may be restricted in accordance with federal laws.

5.6. The Operator is obliged to immediately desist from processing personal data at the request of the personal data owner.

5.7. The Operator is obliged to provide, free of charge, the personal data owner or its representative with an opportunity to get acquainted with the personal data concerning this personal data owner, at its premises during working hours.

5.8. At the request of the personal data owner or his/her authorized representative, the Operator shall provide by-laws of the Operator regarding the processing of personal data for reference.

6. CONTACT INFORMATION AND POLICY UPDATES

6.1. CONTACTING US. If you have any questions about this Policy, our practices related to this Site, or if you would like to have us correct, update or remove your information from our database, please feel contact us via email at support@push.world.

6.2. POLICY UPDATES AND CHANGES. If we decide, at any time, to add to, change, update, or modify this Policy, we will post such change, update, or modification on this page and update the “Effective Date.” Any such change, update, or modification will be effective immediately upon posting the updated Policy. We will notify you of any material changes to the Policy by placing a notice on the Site or sending a notice to the primary email address specified in your user account. It is your responsibility to review this Policy when visiting the Site to ensure that you continue to agree with all of its terms. If at any point you do not agree to any portion of the Privacy Policy then in effect, you must immediately stop using the Site.