The privacy of our customers is important to us. BannerBoo OÜ respects your privacy regarding any information we may collect from you through our Site. Capitalized terms that aren't defined here have the same meaning as in our Terms of Service
. We recommend you not use our Site if you do not wish for your information to be processed in accordance with this Privacy Statement, in general, or in particular.
1. Information we collect includes:
As you browse our Site, our servers may automatically record standard data provided by your web browser. Information collected may include your computer's Internet Protocol (IP) address, your browser type, and version, the pages visited, the time and date of your visit, and how long you spent on each page, etc.
Additionally, we may collect information about your device when you access the Site. Data collected may include the device type, operating system, unique device identifiers, device settings, and geolocation data. Your device and software settings can determine what information we collect. To learn what information your device manufacturer or software provider makes available to us, please check their policies.
We may collect personal information about you when you sign up for our service, such as:
- Social media profiles
- Home/Mailing address
- Phone/mobile number
- Payment information
We may also collect information about you as a registered user so that we can provide you with the Service in a reliable manner, and to assist you with any requests or issues relating to its functioning. Information such as this may include:
- IP addresses of the devices you use to log into your BannerBoo account
- Login dates and times
- Purchases dates and times
We may ask you for personal data when you fill out a form or request to download a resource, including your full name, email address, and whether you want to receive marketing communications and materials.
In order to avoid spam, we need this information to verify that you are a real person. This personal data is not used for marketing or any other purpose.
No credit card information is collected or distributed by us. To enable one-time and recurring payments to us, this information is collected and stored on the servers of our payment processors. In order to delete this information, you must access your account settings. To ensure that your passwords (and personal information) will not be stolen from us, all passwords are non-reversibly encrypted before they are saved in the database. For Users connecting using Facebook Connect or Google APIs, we do not collect any passwords.
2. Legal bases for processing
Your personal information will be handled legally, fairly, and transparently. We collect and process information about you only when we have legal grounds to do so.
These legal bases are based on the services you use and what you do with them, meaning that we collect and use your information when:
- we need it for the performance of a contract with you or to fulfill your request before entering into such a contract (for example, when we provide you with services that you request);
- it is necessary for a legitimate interest (not overridden by your interests in data protection), such as research and development, marketing and promotion of our services, and protecting our legal rights and interests;
- you give us your consent for a specific purpose (you might consent to receive our newsletter, for instance);
- we are required to process your data to comply with a legal obligation.
You may change your mind at any time if you consent to our use of information about you for a specific purpose (but this will not affect any processing already underway).
The information we collect from you will not be kept longer than is necessary. We will ensure that this information is protected within legal and commercially acceptable means to prevent unauthorized access, disclosure, copying, use, or modification. Despite this, we remind you that no method of electronic transmission or storage can guarantee absolute data security. Your personal information may be retained if necessary for the purposes of complying with a legal obligation or for the purpose of protecting your vital interests or the vital interests of another natural person.
3. Using and collecting information
For the following purposes, we can collect, hold, use and disclose information and none of it will be processed in an incompatible manner with these purposes:
- to allow you to customize your experience on the Site;
- to enable you to access and utilize our Site, associated applications, as well as related social media platforms;
- to contact you and communicate with you;
- to keep internal records and for administrative purposes;
- to run contests and/or offer you additional benefits;
- for analytics, market research, and business development, including maintenance and optimization of our Site, related apps, and related social media platforms;
- for advertising and marketing, including sending you information about our products and services and about third-party companies we think may be of interest to you;
- to comply with our legal obligations and to resolve any disputes that might arise.
4. Disclosure of personal data to third parties
Personal information may be disclosed to:
- third parties to collect and process data;
- our employees and contractors, as well as related entities;
- sponsors and promoters of any competition we run;
- courts, tribunals, regulatory authorities, and law enforcement officers, as required by law, for purposes of establishing, exercising, or defending legal rights.
Keeping your personal information secure and private is very important to us. Our servers are protected and kept secure and your data is protected. There can, however, be no guarantee of 100% security when transmitting data over the internet. Because of this, no matter how many safeguards are in place to protect your personal information, we cannot ensure or warrant that the information you transmit to us, or from our online services or products, will remain secure. Any such information you transmit is at your own risk. We will, however, make every effort to ensure the security of your personal information once we receive it. We have established appropriate physical, electronic, and management safeguards to ensure the security, integrity, and accuracy of the information we collect online. To access sensitive data, we require usernames and passwords. To protect your data, we will use industry-standard encryption methods unless you authorize the use of unencrypted transfer.
6. Personal information shared internationally
We store and process personal information in Germany, Ukraine, and in locations where we or our partners, affiliates, and third-party providers maintain facilities. By providing us with your personal information, you agree that the information will be disclosed to these overseas third parties.
In the event that we transfer personal information from countries in the European Economic Area (EEA) to countries outside the EEA, we ensure appropriate safeguards are used. These may include the use of standard data protection clauses approved by the European Commission or the use of binding corporate rules or other legally accepted means.
You acknowledge and agree that when we transfer personal information from a non-EEA country to another country, third parties in other jurisdictions might not be subject to the same data protection laws as those in our jurisdiction. You may not be able to pursue redress under our jurisdiction's privacy laws if any such third party engages in any act or practice that violates the data privacy laws in our jurisdiction.
7. Your data privacy rights
You consent to our collecting, holding, using, and disclosing your personal information in accordance with this privacy statement. The Site and Service are not directed to children under sixteen (16) years of age, so you should not use them or disclose any information about yourself if you are under that age.
In case we receive personal information about you from a third party, we will protect it in accordance with this policy. Third parties who provide personal information to us on behalf of another person are required to represent and warrant that the information is provided with that person's consent.
Contact us at [email protected]
if you wish to delete your collected data.
European Privacy Rights
Those living in or otherwise residing in Europe will find additional information in this section about the rights they are entitled to under the General Data Protection Regulation ("GDPR").
You have the following privacy rights under the GDPR, subject to certain limitations:
California Privacy Rights
- Right to access, object, restrict, erase, and port data. Please email [email protected] with any request to access, object, restrict, erase, or transfer your personal data. Additionally, if we are processing your data in accordance with your consent, you have the right to withdraw your consent at any time. Please let us know if you would like to restrict or limit how your personal information is used by us so that we can let you know how the restriction affects your use of the Site and the Service.
- Right to correct. To complain about inaccurate, out-of-date, incomplete, irrelevant, or misleading information we have about you, please contact us using [email protected]. If any information is inaccurate, incomplete, misleading, or out of date, we will correct it as soon as possible.
- Right not to receive direct marketing. If you do not wish to receive marketing materials from us, you may opt-out at any time by following the opt-out instructions in our commercial emails, by contacting us, or by adjusting your email preferences in your user account settings. We reserve the right to send you other communications, including service announcements and administrative messages related to your account, without giving you the opportunity to opt-out of receiving them.
- Right not to be subjected to automated decisions, including profiling. Our company does not make automated decisions based on your personal data that may negatively impact you.
- Right to complain. Please contact us at [email protected] and provide us with full details of the alleged breach if you believe we have breached a relevant data protection law. As soon as possible, we will investigate your complaint and respond to you, in writing, with the results of our investigation and how we will proceed with your complaint. If you believe that you have been violated, you can lodge a complaint with the competent supervisory authority of the member state where you reside, work, or where the infringement occurred. You can find contact details for the EU data protection authorities at https://edpb.europa.eu/about-edpb/about-edpb/members_en
Residents of California will find additional details here about their rights under the California Consumer Privacy Act ("CCPA").
Within certain limits, the CCPA permits you to:
- receive access to your information about the categories or specific items of personal information we collect and/or sell (including how we use and disclose this information, and to whom we may sell it);
- request that your personal information be deleted;
- opt out of any potential “sales” of your personal information; and
- not be discriminated against for exercising any of the above rights.
If you'd like to exercise a California privacy right under the CCPA, please contact us through our email address, [email protected]
. Our verification process involves identifying information associated with your account, including your e-mail address. Additional identification may be required. It is also possible to designate a representative who acts on your behalf.
Nevada Privacy Rights
Residents of Nevada may opt-out of the sale of certain kinds of personal information under Nevada law (SB 220). Nevada's law defines a sale as the transfer of personal information to third parties for monetary consideration, so the third parties can then resell or license the sold information. According to Nevada law, BannerBoo does not sell any personal information to third parties.
9. Business transfers
In the event that we are acquired, or if we cease doing business or go bankrupt, we would include data among the assets transferred to the buyer. Upon such transfer, you agree that any party who acquires us may continue to use your information in accordance with this policy.
10. Limits of our policy
Occasionally, our Site may include links to an external site operated by a third party. Due to the fact that we have no control over the content and policies of those sites, we cannot accept responsibility or liability for their respective privacy practices.
11. Changes to this policy
12. Contact information
Please contact us using the information below if you have any questions about this policy.
Harju maakond, Tallinn,
Nõmme linnaosa, Voolu tn 20a,
The effective date of this policy is September 16, 2021