FiG Media Group
1. What is GDPR?
The General Data Protection Regulation (GDPR) came into force on May 25th, 2018 and aims to protect your fundamental right to privacy and the protection of personal data of European Union (EU) citizens.
This regulation affects any entity (including websites) that processes EU citizens' personal data. Whether or not you or the business is located in the EU, whether EU visitors use the site, or whether our marketing campaigns target EU citizens.
2. What does it mean to you?
Transparency and communication with our site visitors are key elements of the GDPR. As part of the new regulation, we must let our site visitors know how we collect, store, and use your data, in a clear and transparent way. In addition, we must comply with our site visitors' requests to receive a copy of their data, called “right to access” or a “subject access request” relating to all data that is processed on our site. An extension to your rights is contained within the legislation and that is to have any data we have collected or stored removed and permanently deleted, often referred to as “Right to be forgotten”. Our privacy statement tells you how to make these requests, should you feel the need.
3. Our commitment to you
As part of the GDPR, we are responsible for any third-party apps or services implemented on our site. These services can include data analytics tools (e.g. Google Analytics, the Facebook pixel, The Twitter pixel, The Insta-gram pixel as well as Wix who are website hosts. These are major companies who have GDPR compliance units who monitor compliance issues pertaining to this and other websites. Should you have detailed questions regarding their GDPR compliance please contact them directly.
4. Our legal basis for processing your site visitors' data
In accordance with GDPR, we are permitted to process your site visitors' data (e.g. collect, use, store), so long as the process meets the requirements of the regulations. There are many ways in which we can lawfully process your site visitors' data - requesting your consent is just one of these ways. There are several methods of gaining your consent.
5. Our privacy statement
Countries around the world have their own laws with different requirements per jurisdiction regarding the use of privacy policies.
6. What type of information do we collect?
The type of personal information we collect varies according to your level of interaction with our site. Collected information may be provided by visitors and users of our website or collected automatically through monitory tools.
We receive, collect and store any information you enter on our website or provide us in any other way. In addition, we collect the Internet protocol (IP) address used to connect your computer to the Internet; login; e-mail address; password (if applicable); computer and connection information and purchase history. We may use software tools to measure and collect session information, including page response times, length of visits to certain pages, page interaction information, and methods used to browse away from the page. We also collect personally identifiable information (including name, email, password, communications); payment details (including credit card information), comments, feedback, product reviews, recommendations, and personal profile.
7. How we collect information?
When you visit, conduct a search, transaction, subscribe or interact with our website in any way, as part of the process, we collect personal information you give us such as your name, address and email address. Your personal information will be used for the specific reasons stated below only.
Why do we collect such personal information?
We collect such Non-personal and Personal Information for the following purposes:
To provide and operate our Services;
To provide our Users with ongoing customer assistance and technical support;
To be able to contact our Visitors and Users with general or personalized service-related notices and promotional messages;
To create aggregated statistical data and other aggregated and/or inferred Non-personal Information, which we or our business partners may use to provide and improve our respective services;
To comply with any applicable laws and regulations.
8. Personal data
Personal data is any information relating to an identified or identifiable living person. This means that the person can be identified, directly or indirectly, by using information such as a name, an identification number, location data or an online identifier.
9. Special category data
Physical or mental health
Racial or ethnic origin
Political opinions/membership of political parties
Religious or philosophical beliefs
Sex life or sexual orientation
Trade union membership
10. How we store, use, share and disclose our site visitors' personal information?
Our company is hosted on the Wix.com platform. Wix.com provides us with the online platform that allows us to advertise, sell our products and services to you. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall.
All direct payment gateways offered by Wix.com and used by our company adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
Any electronically collected personal information collected by FiG Media Group will be stored on adequately protected hard-drives protected behind a firewall and adequate system security to reduce the risk of theft or access by third parties. Such systems will be adequately protected by passwords known only to representatives of our company. Any manually collected information will be stored in a secure environment with restricted access and in either case such material will only be retained for the retention period referred to in this policy.
If, there is a requirement to share personal information with third-party services and/or with legal enforcement agencies, then this will be carried out in compliance with GDPR or relevant local regulations.