About this policy
The purpose of this Policy is to explain when, how and why we process information that is collected from our customers and websites visitors.
1. Owner and Data Controller
Cashcow Ltd, registered in the address Level -4, The Quay, Portomaso Marina, Portomaso, St. Julians, Malta, is mainly responsible for collecting after your (website visitor) personal data.
Owner contact email: firstname.lastname@example.org
2. Types of Data collected
We may process the following personal data about you:
- Email address
- IP address
- Location data
- Website usage
- Personal preferences and opinions
Personal Data may be freely provided by the User, or, in case of Usage Data, collected automatically when using this website.
Unless specified otherwise, all Data requested by this website is mandatory and failure to provide this Data may make it impossible for this website to provide its services. In cases where this Application specifically states that some Data is not mandatory, Users are free not to communicate this Data without consequences to the availability or the functioning of the Service.
Users who are uncertain about which Personal Data is mandatory are welcome to contact the Owner.
Users are responsible for any third-party Personal Data obtained, published or shared through this Application and confirm that they have the third party’s consent to provide the Data to the Owner.
3. What do we use your personal data for and when do we process your personal data?
Cashcow will collect information when you use our services, visit our websites.
Personal data is being used to:
- Send our promotional emails.
- Analyze information collected and improve our services based on the information collected.
- Improve targeted advertising.
- Register you, if we make it available, in which you can take part in conversation (comment).
We will only process your data, if:
- You have provided your consent to us using the data.
- Our use of the personal data is necessary to support our business and it’s legitimate interests. For example improve our websites.
4. Who do we share your personal data with?
We work with several third parties, that our responsible in storing your personal data. We do so to help manage our business and deliver services. These third parties that have access in your data may include:
- Amazon and Digital Ocean, the cloud infrastructure providers we use.
- The mailing application we use, Aweber Systems, which is based in the USA.
- Our analytics providers (Hotjar, Google Analytics).
- If we sell, buy or re-organise any of our assets.
5. International Transfers
As mentioned in the section 4, we operate with some third party providers that store their data outside the European Union (International transfer).
6. Direct Marketing
Direct marketing is usually in the form of an email or targeted online advertisements. However you always have the possibility and the right to say no to direct marketing by using the opt-out link that can be found from the marketing communications. You can also always contact us directly.
7. How long do we keep your personal data?
- We will retain your personal data for as long as reasonably necessary for the purposes listed in Section 3 of this Policy.
- In some circumstances we keep your personal data during a certain period to meet for example legal, tax or accounting requirements.
- We maintain a data retention policy for personal data in our care. Where your personal data is no longer required we will ensure it is either securely deleted or made anonymous.
8. The rights of Users
Users may exercise certain rights regarding their Data processed by the Owner.
Users entitled to broader protection standards may exercise any of the rights described below. In all other cases, Users may inquire with the Owner to find out which rights apply to them.
In particular, Users have the right to do the following:
- Withdraw their consent at any time. Users have the right to withdraw consent where they have previously given their consent to the processing of their Personal Data.
- Object to processing of their Data. Users have the right to object to the processing of their Data if the processing is carried out on a legal basis other than consent. Further details are provided in the dedicated section below.
- Access their Data. Users have the right to learn if Data is being processed by the Owner, obtain disclosure regarding certain aspects of the processing and obtain a copy of the Data undergoing processing.
- Verify and seek rectification. Users have the right to verify the accuracy of their Data and ask for it to be updated or corrected.
- Restrict the processing of their Data. Users have the right, under certain circumstances, to restrict the processing of their Data. In this case, the Owner will not process their Data for any purpose other than storing it.
- Have their Personal Data deleted or otherwise removed. Users have the right, under certain circumstances, to obtain the erasure of their Data from the Owner.
- Receive their Data and have it transferred to another controller. Users have the right to receive their Data in a structured, commonly used and machine readable format and, if technically feasible, to have it transmitted to another controller without any hindrance. This provision is applicable provided that the Data is processed by automated means and that the processing is based on the User’s consent, on a contract which the User is part of or on pre-contractual obligations thereof.
- Lodge a complaint. Users have the right to bring a claim before their competent data protection authority. However we would prefer Users contacting us first.
Details about the right to object to processing
Where Personal Data is processed for a public interest, in the exercise of an official authority vested in the Owner or for the purposes of the legitimate interests pursued by the Owner, Users may object to such processing by providing a ground related to their particular situation to justify the objection.
Users must know that, however, should their Personal Data be processed for direct marketing purposes, they can object to that processing at any time without providing any justification. To learn, whether the Owner is processing Personal Data for direct marketing purposes, Users may refer to the relevant sections of this document.
How to exercise these rights
Any requests to exercise User rights can be directed to the Owner through the contact details provided in this document. These requests can be exercised free of charge and will be addressed by the Owner as early as possible and always within one month.
9. Cookies – Information that websites store
Cookies are small text files created by websites you visit. In your browser’s settings, you can manage and delete cookies.
Google Analytics is a web analytics tool that many are familiar with, for sure. We use Google Analytics to monitor how many users visit our website and what has been the source of the traffic.
One Signal is a tool to send push notifications. Notifications are only sent to users who have ordered them and can be removed at any time by the users.
More info: https://onesignal.com/privacy_policy
Hotjar is another analytics tool that records some of the users. This gives us a better visual idea how people use the site and allows us the continue developing a better user experience.
More info: https://www.hotjar.com/privacy
Cookies are used in this as well. This way we won’t notify users again and again on every page.
Should the changes affect processing activities performed on the basis of the User’s consent, the Owner shall collect new consent from the User, where required.
Malta 2018 – Updated 07.06.2018