facebook-domain-verification=s9m3iqn9hvu2tvqc9f1l5y5kc17vml FiG Media Group GDPR
     FiG Media Group
GDPR - Privacy Policy

 

25/05/2018

1. What is GDPR?

The General Data Protection Regulation (GDPR) came into force on May 25th, 2018 and aims to protect your fundamental right to privacy and the protection of personal data of European Union (EU) citizens. 

 

This regulation affects any entity (including websites) that processes EU citizens' personal data. Whether or not you or the business is located in the EU, whether EU visitors use the site, or whether our marketing campaigns target EU citizens.

 

2. What does it mean to you?

Transparency and communication with our site visitors are key elements of the GDPR. As part of the new regulation, we must let our site visitors know how we collect, store, and use your data, in a clear and transparent way. In addition, we must comply with our site visitors' requests to receive a copy of their data, called “right to access” or a “subject access request” relating to all data that is processed on our site. An extension to your rights is contained within the legislation and that is to have any data we have collected or stored removed and permanently deleted, often referred to as “Right to be forgotten”. Our privacy statement tells you how to make these requests, should you feel the need.

 

3. Our commitment to you

Our commitment to you is set out in this privacy policy which is a statement that discloses the ways in which our website gathers, uses, discloses, and manages your site visitors' data. It also tells you how our site uses cookies and other tracking technologies. Naturally, websites work with partners in order to make web your viewing or interaction more efficient and pleasurable, these “third party companies are shown below, as many have deemed themselves as “Controllers” of data and therefore we are responsible for informing you who they are and how the site processes data that they might “control”. To manage this we maintain a clear and comprehensive privacy policy for our website, in accordance with the GDPR and local privacy regulations. 

 

As part of the GDPR, we are responsible for any third-party apps or services implemented on our site. These services can include data analytics tools (e.g. Google Analytics, the Facebook pixel, The Twitter pixel, The Insta-gram pixel as well as Wix who are website hosts. These are major companies who have GDPR compliance units who monitor compliance issues pertaining to this and other websites. Should you have detailed questions regarding their GDPR compliance please contact them directly.

 

4. Our legal basis for processing your site visitors' data

In accordance with GDPR, we are permitted to process your site visitors' data (e.g. collect, use, store), so long as the process meets the requirements of the regulations. There are many ways in which we can lawfully process your site visitors' data - requesting your consent is just one of these ways. There are several methods of gaining your consent. 

 

5. Our privacy statement

A privacy policy is a statement that discloses some or all of the ways a website collects, uses, discloses, and manages the data of its visitors and customers. It fulfills a legal requirement to protect a visitor or client's privacy.

 

Countries around the world have their own laws with different requirements per jurisdiction regarding the use of privacy policies.

 

6. What type of information do we collect?

The type of personal information we collect varies according to your level of interaction with our site. Collected information may be provided by visitors and users of our website or collected automatically through monitory tools.

 

We receive, collect and store any information you enter on our website or provide us in any other way. In addition, we collect the Internet protocol (IP) address used to connect your computer to the Internet; login; e-mail address; password (if applicable); computer and connection information and purchase history. We may use software tools to measure and collect session information, including page response times, length of visits to certain pages, page interaction information, and methods used to browse away from the page. We also collect personally identifiable information (including name, email, password, communications); payment details (including credit card information), comments, feedback, product reviews, recommendations, and personal profile.

 

7. How we collect information?

When you visit, conduct a search, transaction, subscribe or interact with our website in any way, as part of the process, we collect personal information you give us such as your name, address and email address. Your personal information will be used for the specific reasons stated below only.

 

Why do we collect such personal information?

 

We collect such Non-personal and Personal Information for the following purposes:

  1. To provide and operate our Services;

  2. To provide our Users with ongoing customer assistance and technical support;

  3. To be able to contact our Visitors and Users with general or personalized service-related notices and promotional messages;

  4. To create aggregated statistical data and other aggregated and/or inferred Non-personal Information, which we or our business partners may use to provide and improve our respective services; 

  5. To comply with any applicable laws and regulations.

 

8. Personal data

Personal data is any information relating to an identified or identifiable living person. This means that the person can be identified, directly or indirectly, by using information such as a name, an identification number, location data or an online identifier.

 

9. Special category data

In general, we will only have access/collect general personal data as outlined under “personal data” above, which would have been provided or communicated by visitors and users of our website or collected automatically through monitory tools. Special category data which includes specific information about an individual, as outlined below will not ordinarily be acquired or collected, below unless there is a specific need, for example, to execute one of the services being offered by FiG Media Group, where the information is required for the purpose of conducting an investigation, creation of profiles for use in connection with an investigation or facilitation of training or the need to provide accurate advice or reports via our consultancy services. Where such data is obtained this will be provided by visitors and users of our website or collected by a representative of FiG Media Group in the course of executing a task on behalf of the company. Where such data is collected it will be stored in line with the safety, security and retention policies outlined in this privacy policy.

 

  • Physical or mental health

  • Racial or ethnic origin

  • Political opinions/membership of political parties

  • Religious or philosophical beliefs

  • Sex life or sexual orientation

  • Trade union membership

  • Genetic data

  • Biometric data

 

10. How we store, use, share and disclose our site visitors' personal information?

Our company is hosted on the Wix.com platform. Wix.com provides us with the online platform that allows us to advertise, sell our products and services to you. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall. 

All direct payment gateways offered by Wix.com and used by our company adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.

 

Any electronically collected personal information collected by FiG Media Group will be stored on adequately protected hard-drives protected behind a firewall and adequate system security to reduce the risk of theft or access by third parties. Such systems will be adequately protected by passwords known only to representatives of our company. Any manually collected information will be stored in a secure environment with restricted access and in either case such material will only be retained for the retention period referred to in this policy.

 

If, there is a requirement to share personal information with third-party services and/or with legal enforcement agencies, then this will be carried out in compliance with GDPR or relevant local regulations.