1.1 We are committed to safeguarding the privacy of our website visitors and service users. A visitor of our website or end user of our service is referred to as “you”, “your(s)” or “yourself”.
1.2 This policy applies where we are acting as a data controller with respect to the Personally Identifiable Information (hereinafter to be referred to as “PII”), as defined in Article 4 of the GDPR, of our website visitors and service users; in other words, where we determine the purposes and means of the processing of that personal data.
1.3 Our website incorporates privacy controls which affect how we will process your personal data. By using the privacy controls, you can specify whether you would like to receive direct marketing communications. You can access the privacy controls via your Getform dashboard.
1.4 In addition, the terms “collect”, “process”, “treat”, “use”, “share”, “disclose”, “divulge” and analogous words shall refer to your PII and other data collected from our visitors and end users.
1.5 From time to time, this Policy may be translated into other languages for your convenience. The English language version of each of these documents shall be the version that prevails and governs your use of Site and our products and services. Upon the case of any conflict between the English language version and any translated version, the English language version will prevail.
2. Information We Collect
2.2 We use your PII to administer your account and provide you services, to send communications and administrative emails, to respond to your inquiries, and to send marketing and product update messages to those who ask for such messages. Overall, through the provision of its Services, Getwebcraft will collect the following types of PII:
Personal Information includes information that can be used to personally identify an individual person, including but not limited to: first name, last name, title, date of birth, billing address, email address and telephone numbers.
Accordingly, you hereby represent and warrant to Getwebcraft that you have the necessary rights and authorizations required for the disclosure of any and all PII.
Personal Information collected by Getwebcraft includes: Name and Email
|Non-Personal Information||Non-Personal Information includes information that cannot be used to personally identify an individual person, such as: general demographic information, anonymous usage data including number of clicks, platform types, preferences you submit and preferences that are generated based on the data you submit.|
|Personal Information Collected via Third-Party Tools||Personal Information Collected via Third-Party Tools includes such information as aggregated user statistics, analytics, demographic information, and web site usage information. As our user, you will generally be able to control and select the amount and type of PII you may disclose to us.|
|Personal Information Collected via Social Media Integration||We may allow our users to use single sign-on authentication services such as those provided by Facebook, Google, and others (if applicable). Henceforth, the Site might provide an option of using your social media credentials and, thus, by such action, we will collect your PII as given by such third party platforms, but never more than the PII these platforms disclose. If you close your social media account, or if you deauthorize our access, your access to our website may be suspended. For more information, please read the terms and policies of such third-party platforms.|
|Technical Information Collected via our website||As you navigate through the website, certain information can be passively collected (that is, gathered without you actively providing the information) using various technologies and means, such as Internet Protocol addresses, cookies, Internet tags, and navigational data collection.|
|Internet Protocol (IP) addresses||An IP Address is a number assigned to your computer by your Internet service provider so you can access the Internet and is generally considered to be non-personally identifiable information, because in most cases an IP address is dynamic (changing each time you connect to the Internet), rather than static (unique to a particular user's computer). We use your IP address to diagnose problems with our server, report aggregate information, determine the fastest route for your computer to use in connecting to our Website, and administer and improve services to our consumers.|
|Cookies||A "cookie" is a bit of information that a website sends to your web browser that helps the site remember information about you and your preferences. "Session cookies" are temporary bits of information that are erased once you exit your web browser window or otherwise turn your computer off. Session cookies are used to improve navigation on websites and to collect aggregate statistical information.|
|Persistent Cookies||Persistent cookies are more permanent bits of information that are placed on the hard drive of your computer and stay there unless you delete the cookie. Persistent cookies store information on your computer for a number of purposes, such as retrieving certain information you have previously provided (e.g., username), helping to determine which areas of the website visitors find most valuable, and customizing the website based on your preferences.|
|Internet tags||Internet tags, also known as single-pixel GIFs, clear GIFs, invisible GIFs, and 1-by-1 GIFs, are smaller than cookies and tell the Site´s server information such as the IP address and browser type related to the visitor's computer.|
|Navigational data||Navigational data is also known as "log files," "server logs", "clickstream" data and "Internet Tags", and used for system management, to improve the content of the site, market research purposes, and to communicate information to visitors.|
2.3 We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
2.5 You can instruct your device or browser, by changing its options, to stop accepting cookies or to prompt you before accepting a cookie. If you do not accept cookies, however, you may not be able to use all functionality of our Services.
2.6 When we send emails to our registered customers, we may track who opened the emails and who clicked on any of the hyperlinks. We do this to measure the performance of our email campaigns, and to improve our offerings.
3. Third-Party Links and Services
3.2 Your browsing and interaction on any other website, or your dealings with any other third-party service provider, is subject to that website’s or third-party service provider’s own rules and policies.
3.3 We do not monitor, control, or endorse the privacy practices of any third parties.
3.4 We encourage you to become familiar with the privacy practices of every website you visit or third party service provider that you deal with and to contact them if you have any questions about their respective privacy policies and practices.
4. Use and Disclosure of Personal Information
4.1 We do not use or disclose your PII without your consent unless one of the following circumstances applies:
- We will need to use your PII in order to comply with our obligations we have under the service agreement we have with you.
- We may share aggregated information with third parties that does not include PII and we may otherwise disclose aggregated service usage information with third parties.
- We may send you informational and promotional content in accordance with your marketing preferences. You can stop receiving our promotional emails by following the unsubscribe instructions included in every email.
- We may use your information to request feedback and to contact you about your use of our website, to administer a contest, promotion, survey or other site feature.
- We may use your information as part of our efforts to keep our website safe and secure (for example, for fraud monitoring and prevention).
- We may share Personal information with third parties if access, use, or disclosure of such information is necessary to (a) satisfy applicable law, regulation, legal process or an enforceable governmental request, (b) enforce the applicable Terms of service, including investigation of potential violations thereof, (c) detect, prevent, or otherwise address fraud, security or technical issues, or (d) protect against harm to the rights, property or safety of Getwebcraft, its users or the public as required or permitted by law.
4.2 In order to provide our services, we use third-party platforms and tools, such as those provided by PayPal, Google and Amazon, among other providers. Please be aware that such platforms are governed by their own terms, policies and personal data collection practices and policies. Accordingly, by acknowledging your consent to this Policy, you are also acknowledging the applicable terms and conditions of such third-party platforms, which provide functionalities that include aggregated statistics. Upon the case of any discrepancy or conflict among this Policy and the terms of them, the terms of the latter entities will govern. We will keep a list of any sub-processors that will be involved in the processing of your PII due to the provision of our service and will inform you of any intended material changes concerning the addition or replacement of sub-processors before such changes are effective, thereby giving you the opportunity to object to such changes.
4.3 Finally, we may disclose your information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person and illegal activities, or as evidence in litigation in which we are involved.
5. Retaining and Deleting Personal Data
5.1 Personal data that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
5.2 We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
6. Your Privacy Rights as Data Subject
6.1 As we mentioned hereinabove, for the purposes of the General Data Protection Regulation or GDPR, for European Union residents, Getwebcraft is a “data controller” of the PII you provide to us for the primary purposes of providing you with our services.
This section below covers the certain situations that you, as a data subject, and we as a data controller, are most likely to see, but you should also carefully review the full list of data subject rights here:
- 6.1.1 You have the right to be informed about the PII we collect from you, and how we process it. For our European Union customers and users, by signing up, you agree to the terms and conditions of our services and hereby acknowledge, agree and unequivocally consent to the collection, processing, management, treatment, transfer and authorization of your PII by Getwebcraft, its affiliates and authorized third parties.
- 6.1.2 If you are resident in Switzerland, the contact details for the data protection authorities are available here:
6.2 You can request us to be “forgotten”; that is, to have your entire PII removed from our service. If we are asked to do this, in accordance with Article 17 GDPR we will remove any PII we collected from you as requested. We will also need to contact any third parties that process your PII on our behalf, such as our cloud service providers. To ensure that any personal data in possession of Getwebcraft can be removed in a timely manner, you can relay any request to be “forgotten” to us by submitting a request.
6.3 As a data subject, in accordance with Article 15 GDPR, you have the right to obtain confirmation as to whether or not we process your personal data and, where we do, access to the personal data. You can always ask us to confirm how and where your PII is being stored and processed. You also have the right to know how that data is shared with third parties by us.
6.4 As a data subject, in accordance with Article 16 GDPR, you have the right to have any inaccurate PII about you rectified and, taking into account the purposes of the processing, to have any incomplete PII data about you completed.
6.5 In some circumstances you have the right to the erasure of your personal data without undue delay. Those circumstances include: the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed; you withdraw consent for consent-based processing; you object to the processing under certain rules of applicable data protection law; the processing is for direct marketing purposes; and/or the personal data have been unlawfully processed. However, there are exclusions of the right to erasure. The general exclusions include situations where processing is necessary: for exercising the right of freedom of expression and information; for compliance with a legal obligation or for the establishment, exercise or defense of legal claims.
6.6 In some circumstances you have the right to restrict the processing of your personal data. Those circumstances are: you contest the accuracy of the personal data; processing is unlawful but you oppose erasure; we no longer need the personal data for the purposes of our processing, but you require personal data for the establishment, exercise or defense of legal claims; and you have objected to processing, pending the verification of that objection. Where processing has been restricted on this basis, we may continue to store your personal data. However, we will only otherwise process it: with your consent; for the establishment, exercise or defense of legal claims; for the protection of the rights of another natural or legal person; or for reasons of important public interest.
6.7 In accordance with Article 18 GDPR, you have the right to object to our processing of your personal data on grounds relating to your particular situation, but only to the extent that the legal basis for the processing is that the processing is necessary for:
- the performance of a task carried out in the public interest or in the exercise of any official authority vested in us;
- direct marketing (including profiling);
- processing for purposes of scientific/historical research and statistics;
- in relation to automated decision-making and profiling;
- or the purposes of the legitimate interests pursued by us or by a third party. If you make such an objection, we will cease to process the personal information unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the establishment, exercise or defense of legal claims.
6.8 In accordance with Article 20 GDPR, our users located in the EU may request Getwebcraft to send them any PII in our possession. In this case, we will provide you with any PII that you have in a commonly used, machine-readable format.
6.9 You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
6.10 To the extent that the legal basis for our processing of your personal information is consent, in accordance with Article 7 (3) GDPR, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing before the withdrawal.
6.11 You have the right to file a complaint with supervisory authorities if your information has not been processed in compliance with the GDPR. In accordance with Article 77 GDPR, if the supervisory authorities fail to address your complaint properly, you may have the right to a judicial remedy.
6.12 You may exercise any of your rights in relation to your PII data by means of a written notice to us. Your privacy notice request must include, at the least, the following information: (i) your complete name, address and/or e-mail address in order for us to notify you the response to your request; (ii) attached documents establishing your identity; and (iii) a clear and concise description of the PII with regard to which you seek to enforce any of your privacy rights. If you request rectification, please indicate amendments to be made and attach documentation to back up your request.
- 6.12.1 Upon receipt of your written privacy notice request, and after due review, we may then edit, deactivate and/or delete your PII from our services within thirty (30) days. In case of secure databases under our control where deletion is impossible, we will make such information permanently inaccessible.
7. Safeguarding Your Information
7.1 We are committed to keeping the personal information you provide us secure and we will take reasonable precautions to protect your personal data from loss, misuse and unauthorized access, disclosure, alteration, and destruction, taking into account the risks involved in the processing and the nature of the personal data.
7.2 You can be assured that personal information collected through the website is secure and is maintained in a manner consistent with current industry standards, but please remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee its absolute security.
7.3 We have implemented information security policies, rules and technical measures to protect the personal information that we have under our control from:
- unauthorized access;
- improper use or disclosure;
- unauthorized modification; and
- unlawful destruction or accidental loss.
7.4 All our employees and data processors (i.e. those who process your personal information on our behalf, for the purposes listed above), who have access to, and are associated with the processing of personal information, are obliged to respect the confidentiality of the personal information of all users of the Site.
7.5 The importance of security for all PII associated with our users is of utmost concern to us. Your personal information is protected in several ways. We protect the information you input by undertaking the reasonable technical and administrative security measures (e.g. firewalls, data encryption, physical & administrative access controls to the data and servers) that limit the risk of loss, abuse, unauthorized access, disclosure, and alteration.
7.6 If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored within other encryption systems. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all requirements and implement additional generally accepted industry standards.
7.7 If you make a payment to us, we use third-party payment processors such as Adyen, Bluesnap or PayPal. Payments are encrypted through the Payment Card Industry Data Security Standard (PCI-DSS) or analogous systems. Your purchase transaction data is stored only as long as it is necessary to complete your purchase transaction. All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our site and related courses and its service providers.
8. User eligibility
8.1 This Website is not intended for children and we do not knowingly collect data relating to children. You must at least be eighteen (18) years of age or older to use our Website and our services. We may accept users under such age into our Services, provided, however, that they provide a valid consent proof of their parent or guardian.
8.2 We reserve the right to request any and all applicable proof of identification and consent proof from our users, at any moment, without prior notice, and at our sole and final discretion. Upon the failure to provide such proof of age, we reserve the right to immediately freeze, block or cancel the account, with no liability.
9.2 You should check this page occasionally to ensure you are happy with any changes to this policy. Your use after any changes indicate your acceptance thereof.
9.3 We may notify you of changes to this policy by email.
10. Notice to California Residents
10.1 Pursuant to the California Consumer Privacy Act of 2018 or CCPA, Getwebcraft and its affiliates hereto provide the following notice regarding the categories of PII that we have collected or disclosed within the preceding twelve (12) months about California residents who are not employees, independent contractors, owners, directors, officers, or job applicants of Getwebcraft, or emergency contacts or benefits beneficiaries of the foregoing.
10.2 Henceforth, the CCPA provides Californians with the following rights:
- Requests for Information:
You (or your authorized agent) can request a copy of your PII, including how we have collected, used, and shared your PII over the past 12 months (if any), including the categories of PII we collected and our purposes for doing so; the categories of sources for that information; the categories of third parties with whom we shared it for a business purpose and our purposes for doing so.
- Your Right to Opt Out of Sales:
We do not sell your PII, thus, we do not offer opt out notices.
- Your Right to Notification:
Under the CCPA, we will not collect new categories of PII or use them for materially different purposes without first notifying you.
- Nondiscrimination for exercising your CCPA Rights:
The CCPA prohibits us from discriminating against you for exercising your rights under the law. Such discrimination may include denying services, charging different prices or rates for services, providing a different level or quality of services, or suggesting that you will receive a different level or quality of goods or services as a result of exercising your rights.
- Your Right to Delete PII:
You can request that we delete your PII by contacting Getwebcraft. You also can request that we delete specific information, and we will honor such requests, unless a due exception applies, such as when the information is necessary to complete a transaction, verify a fraud, review a chargeback or contract for which it was collected or when it is being used to detect, prevent, or investigate security incidents, comply with laws, identify and repair bugs or ensure another consumer’s ability to exercise their free speech rights or other rights provided by law.
Please take into consideration that we may deny your deletion request if retaining the PII is necessary for us, our affiliates, or our service providers in order to:
- Complete the transaction for which we collected the PII information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you;
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities;
- Debug our products to identify and repair errors that impair existing intended functionality;
- Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law;
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.);
- Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us;
- Comply with a legal obligation that has substantive grounds;
- Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
10.3 Overall, we may collect or will collect the following categories of PII from our visitors, users, and customers as necessary to fulfill our legal obligations and operational business purposes:
- Personal information, as defined in the California customer records law, such as contact information and financial information;
- Identifiers, such as online identifier, IP address and name;
- Financial information, such as transaction information and history and securities trading information and history;
- Internet or network activity information, such as browsing history and interactions with our and other websites and systems;
- Geolocation data, such as device location and IP location;
- Audio, electronic, visual and similar information, such as video recordings created in connection with our business activities;
- Inferences drawn from any of the PII listed above to create a profile or summary about, for example, an individual’s preferences and characteristics.
11. Questions and Complaints
Klimentos 41-43, Klimentos Tower, Flat/Office 25, 1061, Nicosia, Cyprus
Date of last effective update is October 19, 2020.