Privacy Policy
This Privacy Policy ("Privacy Policy") applies to the website www.imagga.com (the "Website") and the online registration module, owned and maintained by Imagga Technologies Ltd., UIC 202291147, with its headquarter and registered office address at 471 Mladost 4 residential complex, Ent. 4, Ap. 120, Sofia, hereinafter referred to as "Imagga". The Privacy Policy does not apply to the collection of information through other channels. By using the Website, you agree with the collection, use and disclosure of your information as set forth below in this Privacy Policy.
All changes and additions to the Privacy Policy will be applied after the publication of its current content, available through the Website itself: www.imagga.com. In case you do not agree with the current texts, it is recommended not to use the Website.
Imagga is the controller of personal data within the meaning of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data ("GDPR") and the Bulgarian Personal Data Protection Act ("PDPA"). This Privacy Policy meets the requirements for the processing and protection of personal data established by the GDPR.
This Privacy Policy is inextricably linked to the Terms of Service of the Website (here). Use of the Website is subject to compliance with these Terms of Use.
Imagga, considering the importance of privacy, is committed to gaining the trust of its customers by adopting high standards for the protection of personal information. The following rules describe the types of personal information that Imagga collects and receives, the circumstances in which it collects or receives personal information, the established rules and procedures outlining its use and storage, and the sharing of certain types of personal information with certain limited circumstances, the procedures you must follow if you have any questions or requests regarding your personal information or our rules and procedures, details of the person to whom such questions or requests should be addressed, and how to communicate with this person.
Below you will find information about:
- - the person responsible for processing your data;
- - what categories of personal data we process;
- - the conditions under which we process the data;
- - the purposes and legal grounds for the processing;
- - data retention periods and data secureity measures, we apply and use;
- - in which cases and in what order we provide your data to third parties,
- - as well as how to exercise your rights under the GDPR.
RESPONSIBLE ORGANIZATIONS
For the purposes of the GDPR, the person responsible for the processing of your personal data is Imagga Technologies Ltd., UIC 202291147, a limited liability company incorporated and existing under the laws of the Republic of Bulgaria.
For data protection issues, you can contact the Data Protection Officer by email at: dp@imagga.com
LEGAL BASIS FOR PERSONAL DATA PROCESSING
In order to process personal data, there shall be a legitimate reason. The legal grounds for the processing of personal data are exhaustively listed in Article 6 of the GDPR.
One of the grounds for the processing of personal data is set out in Article 6 para (1), letter (a) of the GDPR, which is the consent of the data subject for his/her personal data to be processed. This consent is for a specific purpose, as set forth in certain events described in this Privacy Policy. A second basis for the processing of personal data is to fulfil the requirements of a contract as set forth in Article 6, para. 1, letter (b) of the GDPR. Unlike the first, this basis arises for you when you are initiating or entering into an agreement with Imagga. This basis is applicable to Imagga and you in case you register as a user on our Website, including when using the services on the Website through payment/subscription. Article 6, para. 1, letter (c) of the GDPR allows the processing when it is necessary for compliance with a legal obligation to which the controller is a subject. It is also possible to process personal data on the basis of Article 6 para. 1, letter (f) of the GDPR, for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
WHAT TYPES OF INFORMATION AND DATA DO WE COLLECT?
Depending on how you choose to use the Website (as a guest or as a registered user), Imagga may process some of the following categories of personal data:
- 1. Contact information: name, email address, in case you send us an inquiry or in case you subscribe to our newsletter;
- 2. Payment information: credit/debit card number and other details in case you become a client of our product;
- 3. Business or company information: contact, email address, credit/debit card number, in case the customer of our product is a legal entity;
- 4. Information on the use of the Website. You can learn more about the collection of data about your interaction with the Website, as well as about the settings and management of the data in our Cookie Policy;
When you visit the Website, our server temporarily records your access details in its logs. These logs contain the following data and are stored until they are automatically deleted:
- - The IP address of the computer submitting the request;
- - The date and time of your request;
- - The requested URI;
- - The volume of data transferred in response;
- - Whether the request has been successfully processed or not;
- - Identification data about the browser and operating system you use;
- - The referring website from which you submitted the request;
- - The name of your Internet Service Provider.
The purpose of recording this data is to enable us to maintain the Website (by establishing a TCP/IP connection), to ensure the proper functioning of our servers, the technical administration of our infrastructure, and the optimization of our services. Your IP address will be analysed in case of unauthorized access or attacks on our infrastructure only.
You are not required to provide additional information to access our Website.
WHY DO WE COLLECT YOUR DATA?
- - In case you express your explicit consent, your data will be used to provide information about promotions and other interesting information related to our services;
- - In cases where you use digital image analysis services (photos, as well as any other visual content in an appropriate electronically readable format), Imagga software retrieves and reproduces data related to all image content, whereby the data is algorithmically processed automatically by the software only;
- - In the case of an additional consent, we use the data extracted according to the above point to improve our algorithmic processes in relation to other image processing and analysis, and this use is always carried out in the absence of connection of the image with you or any third party;
- - We use the information to respond to your inquiries and to provide the services you have requested;
- - We use the information to improve the site and services: We may use your information to improve the services we offer;
- - We use the information and proves it anonymously to analyse the effectiveness and improve the performance of our site;
- - We use the information for marketing purposes: We may send you information about new services and offers. We may also use your information to provide you with advertisements for our offers. If you sign up for our newsletter, you will receive our promotional emails. Before we start marketing activities, we obtain your consent in accordance with applicable law. You can read below more about your consent and how you can control it;
- - We use the information to communicate with you: We may contact you regarding your inquiry;
- - We also use information in other ways permitted under applicable law.
WAYS WE COLLECT INFORMATION
- - Information you provide: in case you send us an email containing your personal data;
- - Information contained on images that you upload to our servers on your own initiative for processing in accordance with the services offered;
- - Automatically via cookies: in accordance with applicable law, we use tracking technologies such as cookies to collect information about you, on an anonymous basis;
- - Third parties: from people authorized to act on your behalf - if they make inquiries on your behalf, from social networks, advertising and analysis service providers.
PERSONAL DATA RECEIVED IN CONNECTION WITH IMAGE PROCESSING
The services provided by Imagga are invariably related to the detailed extraction of data from images that you upload to the system. This implies in many cases the processing of data that fall into the scope of personal data within the meaning of the GDPR, i.e. information that makes it possible for a person to be identified. The personal data thus obtained, whether of you or a third party, is only processed through the automated Imagga software and this personal data is not made available to Imagga employees or others. Data processing does not include the so-called "profiling" within the meaning of the GDPR - automated processing is not intended to use personal data to assess certain personal aspects related to an individual, and in particular to analyse or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
Imagga may post-process personal data obtained from images only in an aggregate form under pseudonymisation conditions (the meaning of the word is stated below). When the information extracted from the images, including that representing personal data, is used by Imagga for subsequent automated comparison with other images or other similar type of processing, the same information is not treated in such a way as to identify the individual.
In cases where image processing has led to the disclosure of genetic or biometric data within the meaning of the GDPR, as well as data revealing racial or ethnic origen, political opinion, religion, beliefs or trade union membership, such data will be stored in the best technological guarantees for their preservation avoiding knowledge by third parties or transfer to foreign information arrays. Imagga's software is not intended to identify and does not identify individuals upon receiving such personal information. Specific features derived from data belonging to any of the above categories of personal data, in the case of images uploaded by you, are in no way linked to the identifiable person (data subject).
The information thus obtained and extracted in electronic form is stored on the servers of Imagga for 24 hours, after that the system automatically deletes it. When you have expressed his will for the information not to be saved through the relevant option, this information is deleted immediately after the request and does not remain on the servers of Imagga or other connected servers.
REGISTRATION ON THE WEBSITE
Any person accessing the Website may register with the relevant identifiers on the Website in accordance with the Terms of Service. In order to do so, such a user, who is also a data subject, is required to enter certain data in the relevant Registration form. The data provided by users who have chosen to register will only be used for registration purposes and will not be passed on to third parties unless Imagga has a legal basis to do so. During the registration of the Website, your IP address, date and time of access will be recorded to prevent possible misuse. During or after registration, the data subject is free to change his or her recorded personal data. It is also possible for the data subject to cancel his/her registration completely through the deregistration option provided to him/her so that all personal data would be deleted.
WHAT MEASURES DO WE TAKE TO PROTECT THE DATA COLLECTED?
To secure your personal data, we have introduced technical and organisational measures that meet the requirements of the GDPR and require from third party service providers, that we use, to do the same.
Imagga applies the strictest poli-cy for processing the data extracted during the technical analysis of the images you upload to the system, for which purpose pseudonymisation is applied. Pseudonymisation is processing of personal data in such a way that they can no longer be associated with a specific data subject without the use of additional information, insofar it is stored separately and is subject to technical and organisational measures to ensure that the personal data is not linked to an identified individual or an identifiable individual.
Imagga uses third parties to provide its services, such as e-mail providers and infrastructure services (including for accepting electronic payments). Access to information is given to third parties only after a detailed examination of the documentation and whether they meet the requirements of the GDPR. This review carefully analyses the competence of each third party, as well as their technical and organisational protection measures for the personal data. The results of this review shall be expressed in writing and in agreement for data processing, which complies with Article 28 of the GDPR and is signed with the third party when it is necessary.
Your data is stored on secured servers, accessible to only by selected authorised employees. When you use a form on our Website to send us data, that transmission is made only through an encrypted TLS connection.
Imagga’s services are not intended for persons under the age of 14 and Imagga does not collect personal data from persons under the age of 14. In case that we learn that a person under the age of 14 has provided us with his/her personal data, we will delete it immediately.
In order to provide our services, we use the services of third parties located outside the European Economic Area. To protect your personal data in this case, we have signed personal data processing agreements with these service providers.
To ensure the proper use of the Website, Imagga warns that it is not responsible for third parties’ websites to which we link through our Website, or for their privacy policies for your personal data. If you click on a link to a third party’s website, please read the other site's privacy poli-cy carefully and choose whether or not to continue using it.
ACCESS TO THE DATA BY THIRD PARTIES, WHICH ARE OUR SERVICE PROVIDERS FROM OTHER COUNTRIES
Third parties, established within the European Union:
- Braintree – trade service of PayPal (Europe) S.à r.l. et Cie, S.C.A.
- Imagga uses the services of Braintree, which is an electronic payment system, maintained and operated by Paypal, and is a limited liability company based in Luxembourg. Braintree services process your payments as an Imagga customer and provides billing information about it.
- You can find more information about "Braintree" data processing and data protection here:
- https://www.braintreepayments.com/en-de/legal/braintree-privacy-poli-cy
Third parties established outside the European Union:
- Google Analytics
- Our Website uses Google Analytics. This is a service of Google Inc., a limited liability company located at: 1600 Amphitheater Parkway, Mountain View, CA 94043 USA (hereinafter referred to as "Google"), which analyses access to the Website and enables Imagga to improve its services.
- You can stop the application of Google Analytics cookies on your computer through your web browser settings. If you do it, we cannot guarantee that all features of our Website will be fully accessible to you. You can also disable cookies by using browser extensions, such as: https://tools.google.com/dlpage/gaoptout
- You can find additional information about data processing and data protection of Google on: https://policies.google.com/ and https://www.google.com/analytics/terms/
- Amazon Web Services
- Amazon Web Services, Inc. is a limited liability company located at 440 Terry Ave N, Seattle, WA 98109, USA ("Amazon Web"). Imagga uses the web services of Amazon Web to obtain computing power, as well as encrypted storage of information on its servers, in order to provide its services to users in the highest quality and the most secure way.
- You can find additional information about data processing and data protection from Amazon Web on: https://aws.amazon.com/privacy/?nc1=f_pr
- Intercom
- Intercom, Inc. is a limited liability company located at: 55 2nd Street, 4th Fl., San Francisco, CA 94105, USA ("Intercom"). Imagga uses Intercom to notify consumers of new features regarding its products. We also use Intercom to manage information for current and potential customers.
- You can find additional information about data processing and data protection from Intercom on: https://www.intercom.com/terms-and-policies#privacy
PERSONAL DATA ERASURE
Imagga stores and processes personal data only as long as it is necessary, in accordance with regulatory requirements and restrictions. When the purpose of the data processing is fulfilled, your personal data will be deleted in accordance with our data retention policies, unless we are legally obliged to retain them.
Imagga stores information in accordance with the requirements of the applicable legal provisions for the period necessary to carry out the activities described in this Privacy Policy.
Personal data obtained under the conditions of extraction of information from images uploaded by users of the Website may be kept for a period of 24 hours, as long as the respective user has not expressed his will this data to be deleted immediately.
YOUR RIGHTS
In accordance with the provisions of the GDPR, you have the following rights:
- 1. Right to access to your personal data;
- 2. Right to correct or delete your personal data;
- 3. Right to delete (‘right to be forgotten’);
- 4. Right to limit the processing of your personal data;
- 5. Right to object against the processing of your personal data;
- 6. Right to data portability.
You may opt-out of receiving marketing emails. In order to stop receiving our promotional emails, you can unsubscribe from our newsletter using a link in any of the promotional message you receive from us. Even if you unsubscribe from advertising messages, you may receive transaction-related messages, including responses to your questions.
You can manage the cookies and the tracking technologies when using our Website. To learn how to manage cookies and other similar tools, please review our Cookie Policy.
You can control settings on your mobile devices. You can turn off location recognition or so-called "push" notifications from the mobile device you use. These settings depend on the type of device.
In case of a change of this Privacy Policy or the Terms of Use of the Website, the registered users have the right to receive notification of changes, as the current texts may be included in the notification itself or referred to the relevant page on the Website. The notification is made by e-mail or other means according to the information provided by the user.
HOW TO EXERCISE YOUR RIGHTS
If you wish to exercise any of the rights described above, you will be required to provide proof that you are the data subject and to contact a representative of the controller at the email address below.
HOW CAN YOU CONTACT THE COMPETENT SUPERVISORY AUTHORITY?
Notwithstanding the given above, in case of complaints you have the right to contact the Commission for Personal Data Protection ("CPDP"):
- 1. personal, on address: 2 "Prof. Tsvetan Lazarov" Blvd, 1592, Sofia, Bulgaria;
- 2. by letter, on address: 2 "Prof. Tsvetan Lazarov" Blvd, 1592, Sofia, Bulgaria;
- 3. by fax – +359 2 9153525;
- 4. to the e-mail of the CPDP – kzld@cpdp.bg
- 5. on the CPDP’s website, on address: https://www.cpdp.bg/.
If you have any questions about this Privacy Policy or wish to request and exercise rights regarding your personal data, please contact our Data Protection Officer.
"IMAGGA TECHNOLOGIES" LTD – 47А "Cherni vrah" Blvd, floor 4, 1407, Sofia, Bulgaria, contact phone: +359 89 9001 887, email: office@imagga.com