TABLE OF CONTENTS
- 1. DEFINITIONS
- 2. WHAT PERSONAL DATA DO WE COLLECT FROM YOU AND HOW DO WE COLLECT IT?
- 3. WHAT DO WE USE YOUR INFORMATION FOR?
- 4. WHO CAN ACCESS YOUR PERSONAL DATA?
- 5. INTERNATIONAL TRANSFER OF PERSONAL DATA
- 6. SECURITY MEASURES ADOPTED
- 7. HOW LONG DO WE KEEP YOUR PERSONAL DATA?
- 8. YOUR RIGHTS
- 10. GENERAL PROVISIONS
- 11. COMPLAINTS
- 12. QUESTIONS AND CONTACT
Flaming Head Limited (“the Company”, “we” or “us”) operates the website, which provides online dating services (hereinafter “Service(s)”).
As a result, we have prepared this Policy to help you understand what information is collected from you, why we collect it, whether we share it, and with whom. In addition, we inform you of your rights regarding this information and how to exercise them with us.
For us, it is a priority to ensure the privacy and security of your personal data. Any information you provide to us will be treated within the limits set forth herein.
In case of doubts related to the protection of your personal data, we provide an appropriate contact channel at the end of this notice. Please do not hesitate to contact us via email (firstname.lastname@example.org).
LEGAL DISCLAIMER: Our Services do not address anyone under the age of 18. We do not knowingly collect personally identifiable information from individuals under eighteen years of age. Should we discover that an underage person has provided us with personal information, we would immediately delete this information from our servers.
1.1. For a better understanding of this Policy, check our glossary with the main concepts used.
• Data Protection Authority: An independent public authority established by a Member State responsible for overseeing the application of the GDPR.
• Data Controller: Who is responsible for the decisions regarding the Processing of Personal Data, especially regarding the purposes and means of Processing.
• Data Processor: Party that handles Personal Data in accordance with the Data Controller’s instructions.
• Data Subject: The identified or identifiable living individual to whom the personal data relates.
• General Data Protection Law or GDPR: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016.
• Incident(s): Any accidental, illegal, or unauthorized access acquisition, use, modification, disclosure, loss, destruction, or damage involving Personal Data.
• Personal Data: Any information related to an identified or identifiable natural person, such as: name, ID, residential or business address, mobile phone number, email address, among others.
• Sensitive Data: Personal data on racial or ethnic origin, religious conviction, political opinion, affiliation to a union or organization of a religious, philosophical, or political nature, data relating to health or sexual life, genetic or biometric data, when linked to a natural person.
• Third Parties: It refers to, but is not limited to, any and all individuals or legal entities that we relate or will relate to, service provider, supplier, consultant, partner, contracted or subcontracted Third Party.
• Processing: An operation or set of operations carried out with Personal Data or on sets of Personal Data, by automated or non-automated means, such as collection, registration, organization, structuring, conservation, adaptation, or alteration, recovery, consultation, use, disclosure by transmission, broadcast or any other form of availability, comparison or interconnection, limitation, deletion, or destruction.
1.2. Other terms used herein and not defined above have the meaning given in a specific clause of the meaning contained in the General Data Protection Law.
2.1. The information requested from you is the minimum necessary to provide you with our Services or to comply with legal or regulatory obligations.
2.2. You guarantee the veracity and accuracy of the information and data you provide to us, assuming the corresponding responsibility if they are not accurate, and you undertake to keep them up to date. We take no responsibility for any direct or indirect damages caused by the inaccuracy of the Personal Data Provided by you.
2.3. We may collect or receive your Personal Data through registration on our website, brand pages, and social media, through your indirect interactions with our sellers/sales team or customer service team, among others.
2.4. If you do not provide the essential Personal Data for the provision of our Services and products, our ability to provide you with our Services and products may be affected.
2.5. We may send you communications and advertising messages by any means from the moment you register on our website.
If you no longer wish to receive advertising messages, you can request your cancellation at any time by sending a request via email to email@example.com.
2.6. Thus, for the proper Processing of your Personal Data, the GDPR establishes some legal hypotheses for Processing Personal Data (“legal basis”), which allows us the Processing of Personal Data on other occasions without your consent being required.
2.7. Thus, if there is a specific hypothesis in the GDPR that allows us to process your Personal Data, we will be able to process your Personal Data regardless of your consent, which may be requested at some point as a precaution to legitimize the Processing carried out for other situations that occur necessary, a fact that will be communicated in due course to all Data Subjects.
2.8. Information that is automatically collected. By accessing the website, you provide us with certain non-personal information that is automatically collected and analysed to improve your user experience. This information may include, but is not limited, to your IP address (i.e. the address used to identify a computer on the internet), browser type (i.e. the software you are using to view the website - Chrome, Safari, Firefox, etc.), operating system (i.e. Windows, Linux, Mac OS), device type (i.e. computer, tablet or smartphone), behaviour while using the website (i.e. which elements you click on), country and city from which you access the Service, time and date of your visit, duration of your visit. We obtain this information directly via cookies or through Third-Party services and use it to ensure our Service is accessible and easy to use by different types of users.
3.1. When managing and maintaining our website, we may collect and process the following Personal Data from you.
|Personal Data Category||Goal|
|(1) Registration, account creation, to authenticate you when returning to our website.|
|(1) Account Management, ensure the Service is delivered to you and provides an engaging user experience, and (2) Analyse the performance of the website.|
|(1) Management of our Services and to facilitate the matches.|
|(1) Newsletter, information related to your account, promotional content via marketing or push-notifications.|
|(1) To communicate with you and Customer Service.|
3.2. In addition, we may also process your Personal Data if it is reasonably necessary or legally required (i) for reasons of public interest; (ii) to respond to requests from public authorities; (iii) to meet government reporting or recordkeeping requirements; or (iv) for the regular exercise of rights in proceedings.
3.3. Marketing Choices. We may send you personalised marketing communications, based on your subscription to the Service, that we consider to be of interest to you. These communications may include content from Third-Party advertisers. As described below, you have choices about the types of marketing communications you receive.
3.4.1. We are not liable in any way for the Third Parties’ cookies stored in the memory of your device.
3.5. Email preferences. You may opt out of receiving promotional emails or text messages from us by following the instructions contained in them. Please note that, even if you opt out, we may still send you emails with non-promotional content (e.g., to verify your account’s email, change its password, etc.).
3.6. Push Notifications. A push notification is a message that pops up on a desktop or mobile device’s screen. We always ask for your consent to receive such notifications in advance to send them. We may use your consent to receive push notifications to send such to your desktop or mobile device. You can change the notification settings of your browser or mobile device to disable these messages at any time.
4.1. The Personal Data provided may be exchanged with Third Parties. Access to your information will be restricted only to people with internal and specific authorization to do so; however, we may share your Personal Data with Third Parties and business partners. For more information about sharing Personal Data with a Third-Party, contact us via email.
4.3. To ensure the proper functioning of our Service we may display links to other service providers. Such Third-Party service providers may be websites (owned by Third-Party companies and individuals). We use external services to facilitate the proper functioning of our Service, to perform Service-related services, or to be assisted in providing you with marketing content. If you click on a Third-Party link, you will be directed to that website. Please note that these external sites are not operated by us. Therefore, we encourage you to review their Privacy Policies. We have no control over and assume no responsibility for the content, privacy policies, cookies, or practices of any Third-Party sites or services. We want to inform you that these Third Parties have access to your Personal Information. The reason is to perform the tasks assigned to them on our behalf.
5.1. We may share your Personal Data with Third Parties that are necessary for the development of its activities and corporate purpose, always protecting the Rights and Information of the Data Subject and observing the legal provision of the GDPR.
6.1. We use the most modern security measures to protect your personal information, restricting access to it only to duly authorized persons.
6.2. We implement a series of Security, Technical and Administrative Measures necessary to protect your Personal Data against unauthorized access, accidental or unlawful situations of destruction, loss, alteration, communication, or any form of inappropriate or illegal Processing of Personal Data, such for example, the protection of our database and all Personal Data of our clients.
7.1. The Personal Data collected will be retained until the end of the term of your Processing, that is, when the Personal Data is no longer necessary to achieve the purposes communicated to you.
7.2. Personal Data may also be retained until there is a request for revocation of consent or deletion of unnecessary, excessive, or processed Personal Data in violation of the law.
7.3. After this period, if applicable, some personal information may be kept for the period necessary to meet the legal obligation and for the regular exercise of rights in court or the administrative sphere.
8.1. We respect your right to privacy: it is important that you are able to control your Personal Data.
8.2. You, as the owner of the Personal Data, have the right to confirm the Processing and access of your Personal Data, the right to correct incomplete, inaccurate, or outdated Personal Data and other rights (such as portability, revocation of consent, information on sharing and on the possibility not to provide consent and any consequences of denial, as we as anonymization, blocking or deletion of unnecessary, excessive, or improperly treated Personal Data).
You may exercise your rights using written communication sent to the email: firstname.lastname@example.org, specifying:
• Name and Surname
• Email address
• Right you want to exercise
• Date of order and signature of the Data Subject
8.3. To fulfil your rights, in addition to the Personal Data described above, we may request additional information to confirm that the person exercising these rights is you or an authorized person acting on your behalf.
8.4. Please note that the rights are not absolute and do not apply in all cases, but we will always do our best to honour your rights under applicable data protection law.
11.1. You also have the right to petition before the Data Protection Authority of your country, the authority responsible for ensuring the respect of the rights of Personal Data Subjects and for supervising compliance with the GDPR.
Data Controller details:
Flaming Head Limited
Antoniou Pavlidi 29, 2323 Nicosia, Cyprus
Last Update: 2022-07-07 14:25:17