“Personal Information” is defined as any information about an identifiable individual.
When you sign up for a user account, the Companies will ask you to provide the necessary personal information required under the lawful basis of performance of a contract in order for the Companies to provide you with the Services. Such information will include specific personal information including Name and email address. In the event that you no longer wish to receive the Services from the Companies and you provide the Companies with notice that you no longer wish to receive the Services, the Companies will work with you to delete all personal information relating to you and used to provide you with the Services.
The Companies take commercially reasonable measures to help safeguard your personal information from loss, disclosure, alteration, misuse and unauthorized access, theft and destruction. This includes, when required or appropriate and feasible, obtaining written assurances from third parties that may access your data that they will protect the data with adequate safeguards. The internet is not 100% secure. The Companies have no control over the security protocols for internet networks that may be used by you. The Companies cannot guarantee the absolute security of your information and we do not accept liability for unintentional disclosure. The Companies are not responsible for the security of information that you transmit to us over networks that the Companies do not control, including the internet and wireless networks.
If you have any questions about the security of your personal information, please contact us at firstname.lastname@example.org
- Collection of Information
The Companies collects the following types of information:
Information that you provide to the Companies directly to deliver Services requested
When you use the Services to register an account with the Companies, the Companies will collect your name and email address.
Users will be asked upon signing up for the Companies Services if they would like to receive marketing information on our various products. Such marketing messages may be delivered to those users who choose to opt-in via personal contact such as email, SMS or by text message. Users may change their preferences to withdraw their consent to receive these personal messages at any time.
A cookie is a small text file that is placed and stored on your computer, mobile or other devices by webpages that you visit. The Cookies collect information in an anonymous form, including the number of visitors to the webpage, how the visitor found the webpage and recent webpages visited. All cookies used by the Companies are in accordance with current regulations.
The Companies may also use any of the following categories of Cookies.
- Essential Cookies
The Cookies are strictly necessary for the Companies websites to function. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. These Cookies do not store any personally identifiable information.
- Analytics Cookies
These Cookies track information about visits to the websites so that we can make improvements and report performance. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these Cookies collect is aggregated and anonymous.
- Functional or Preference Cookies
These Cookies enable the websites to provide enhanced functionality and personalisation. They are used to remember information you have entered or choices you make (i.e. username or language) on the Companies websites. They may be set by the Companies or by third party providers whose services we have added to our pages.
- Use of Information
The Companies may use the information collected from you for the following purposes:
The Companies may use personal information to provide products, Services or information requested by you. Examples include: to manage your individual information and account, help you efficiently access your information after you sign in, allow access to certain functionalities and features of the Companies’ Services, and respond to your inquiries.
The Companies may use personal information for the following administrative purposes:
- Process transactions
- Transfer your information that you choose to share with third parties upon your direction
- Measure interest in the Companies’ Services
- Develop new products and Services or improve existing products and Services
- Monitor metrics such as total number of visitors, traffic, and demographic patterns applicable to the Services
- Send you Service-related emails (i.e., account verification, changes or updates to features of the Service, technical and security notice)
- Compliance with legal obligations and regulatory requirements (i.e., respond to legal process or request for information issued by government authorities)
- Prevent potentially prohibited or illegal activities
- Enforce the Companies Terms and Conditions
- Sharing of Information
With Vendors and Service Providers
The Companies may disclose your information to third party service providers that perform services on behalf of the Companies, such as web-hosting companies, analytics providers and information technology providers. The Companies entrust personal information to the following types of service providers:
- Providers of IT and related services
- Customer service activities
- Fraud prevention
- Providers of services you have requested
The Companies have contracts with service providers that forbid them from using or disclosing personal information except as necessary to execute the contracted services on behalf of the Companies or to fulfil legal obligations.
With Law Enforcement or Government Authorities
The Companies may disclose information as may be permitted or required by laws of any jurisdiction that may apply to the Companies, as provided for under contract, or as the Companies deems reasonably necessary to provide legal services. In these circumstances, the Companies take reasonable efforts to notify you prior to disclosing information that may reasonably identify you, unless prior notice is prohibited by applicable law or is not possible or reasonable in the circumstances.
Change of Control
- Transfer of Data
The Companies takes all reasonable steps to ensure that the data we collect under this privacy statement is processed according to the provisions of this statement and the requirements of applicable law wherever the data is located. The Companies operates throughout the world and as we don’t necessarily store your data in your country of origin, we do transfer personal data from your country to the European Economic Area and to other countries, some of which have not been determined by the European Commission to have an adequate level of data protection. Some of these data transfers may include a transfer between internal entities, to third party suppliers and to cloud based storage providers.
Any transfer we make is done using a variety of legal mechanisms, including contracts, to help ensure your rights and equivalent protections travel with your data. We want to ensure that data is stored and transferred in a way which is secure. We will therefore only transfer data outside of the European Economic Area or EEA (i.e. the Member States of the European Union, together with Norway, Iceland and Liechtenstein) where it is compliant with data protection legislation and the means of transfer provides adequate safeguards in relation to your data.
Ways in which we safeguard your data include, but are not limited to:
- Through the use of a transfer agreement which includes the current standard contractual clauses put in place by the European Commission for the transfer of personal data;
Other circumstances under which your data could be transferred include when it is necessary for the conclusion or performance of a contract between ourselves and a third party and the transfer is in your interest for the purposes of the contract and where you have consented to the data transfer.
- Individual’s Data Rights
We respect the rights and freedoms of individuals and as such we would like to make you aware of the following:
You have the right to:
- Request access to your data
- Request rectification of your data where there are errors or inaccuracies or the data is not current
- Request that the data we hold is removed entirely from our systems (the right to have data removed is only applicable where it does not conflict with our legal and regulatory requirements to keep certain records according to the data retention period)
- Request us to restrict processing of your data
- Object to our processing of your data
- Request your data in a format that is commonly used/accepted
- Send your data to another controller
- Withdraw consent already provided – at any time
You also have the right to complain to us. To lodge a complaint or to exercise any of your rights listed above, please contact us at email@example.com and direct your email to the attention of the Data Protection Officer.
You also have the right to lodge a complaint with a supervisory authority.
- Third Party Services and Content
The third party vendors with which the Companies share your personal information are contractually required by the Companies to keep this information confidential and may generally not use such information for any purpose other than to help the Companies provide solutions to our users customers.
The Companies may use third party service providers to collect personal information on its behalf. These third party service providers may be located in countries where the privacy laws provide different levels of protection for personal information. If you would like more information about the Companies’ use of these service providers, please contact us at firstname.lastname@example.org
Due to the nature of the Companies’ business personal data will be kept for as long as the Companies provide services to the user.
Customer Service interactions result in the capture of certain information such as names and email addresses. Upon completion of a customer service ticket, such information will be kept on file by the Companies for 30 days and then deleted, with the exception of tickets relating to purchases. All customer personally identifying information from tickets relating to purchases will be deleted 30 days after the ticket has been completely resolved. Other, non-identifying information will be retained by the Companies to allow for the on-going evaluation of merchant issues and responses.
- Updates or Changes to the Companies Policies
- Your Choices and Rights
Subject to local law, you may have certain rights regarding information that the Companies have collected and that is related to you. Please contact the Companies to update or correct your information if it changes or if you believe that any information that we have collected about you is inaccurate or out of date. You can also ask to see what personal information the Companies retain about you, and to erase your personal information. If you would like to exercise the rights you may have, please contact us at email@example.com
Although the Companies strive to provide individuals with access to their personal information, there may be instances where the Companies may not provide access, including but not limited to: where the information would put another individual’s privacy at risk, where the access would reveal confidential commercial information, or the requested information contains legal privilege. If the Companies determine that access should be limited in any specific instance, the Companies will provide an explanation of why that assessment has been made and a contact point for any further concerns.
- Children’s Privacy
The Companies do not knowingly collect or solicit any information from anyone under the age of 13, or from a minor in a jurisdiction where parental / guardian consent for the collection of information is required until the age of majority in that jurisdiction, or knowingly allow such persons to register for the Service. The Service and its content are not directed at children under the age of 13. In the event that the Companies learn that they have collected personal information from a child under the age of 13 without parental consent, or from a minor in a jurisdiction where parental / guardian consent for the collection of information is required until the age of majority in that jurisdiction, the Companies will delete that information as quickly as possible. If you believe that the Companies might have any information from or about a child that requires parental or guardian consent, please contact firstname.lastname@example.org.
In some cases our services may be utilised by governmental bodies for the purposes of facilitating student identification for government approved education. In all such cases, parental / guardian consent will be required for the collection of personal information for participating minors.
16.California Consumer Protection Act of 2018
We have adopted this notice to comply with the California Consumer Privacy Act of 2018 (CCPA).
The terms “business,” “business purpose”, “personal information”, “processing”, and “service provider” have the meanings giving to them in the CCPA.
We have collected and used for business purposes, personal information relating to California residents covered by this policy which may include:
|Category||Examples May Include|
|Identifiers||Name, alias, postal address, unique personal identifier, online identifier, internet protocol address (IP Address), email address, account name,|
|Personal Information categories described in California Customer Records statute (Cal. Civ. Code § 1798.80(e))||Name, physical characteristics or description (photos only for use on a purchased MetaHero Project), address, telephone number,|
|Commercial information||Products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies (as they pertain to MetaHeros Project and other third party offers).|
|Internet/network activity||Browsing history and information regarding a consumer’s interaction with an internet website, application, or advertisement|
|Inferences drawn from other personal information.||Inferences drawn to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, preferences, predispositions, behavior, attitudes, intelligence, abilities and aptitudes.|
Sources of Personal Information We Collect
- Information directly from you, the consumer that you choose to provide, when you interact with us, for example, when you register for an account.
- Information provided by our clients in order for us to provide specific services as a service provider, or information from third parties, acquired at the direction of our clients in order to provide the services.
- Information from other sources, including service providers or publicly available sources.
We collect personal information to offer and administer our services and products. These include:
- To provide the products or perform services for our clients pursuant to a written agreement, including contacting you in the course of our ordinary commercial relationship, verifying client information, or similar activities as needed to provide services for or on behalf of our clients.
- For marketing purposes. For example, where you have previously opted in, we may use your information to further discuss your interest in our services and to send you information regarding MetaHero Project and other such services, opportunities and our related companies. You may opt-out of receiving email and SMS marketing communications and updates at any time.
- To improve our communications with you. Emails sent to you by the Companies may include standard tracking, including open and click activities. the Companies may collect information about your activity as you interact with our email messages and related content in order to verify or maintain the quality of our communications, or improve, upgrade, or enhance the services we provide.
- For operating and improving the Companies’ websites/web applications and your customer experience, including debugging to identify and repair errors that impair existing intended functionality or to verify or maintain the quality of our websites, and to improve, upgrade or enhance the websites services. For example, we may collect and analyze data on your use of our websites and process it for the purpose of improving online user experience.
- For security purposes, including detecting security incidents, protecting against malicious, deceptive, fraudulent or illegal activity, and prosecuting those responsible for that activity.
- For other business purposes, which will be disclosed at the time we collect personal information.
Disclosure/Sharing of Personal Data
In the preceding 12 months, we have not sold any personal information.
We share personal information for business purposes with the following categories of third parties:
- Our affiliates, as needed to operate our business and provide services.
- Service providers, such as vendors, consultants and other service providers who perform certain services on behalf of the Companies, in which case we enter into a contract that describes the purpose of processing and requires the recipient to not use it for any purpose except performing the contract.
- Third parties to whom you or your agents authorize us to disclose your personal information in connection with products or services we provide to you.
Subject to the CCPA and other applicable laws, you have the following rights concerning your data processed by the Companies:
- Access: You have the right to request to access the personal information that the Companies hold about you, including categories of information collected, categories of sources from which the information is collected, our business purpose for collecting information, and categories of third parties with whom we share your information.
- Deletion: You can request that the Companies erase your personal data. Please see Section 11 above.
- Non-discrimination: The Companies will not discriminate against a consumer because the consumer exercised any of the consumer’s rights under the CCPA.
- Contact Us
- EU and UK Representative
According to the GDPR Article 27, controllers or processors not established in the union providing goods or services to EU and or UK citizens must appoint a representative who is established in the EU.
- The representative should be the first point of contact for all data protection queries for the UK or EU
The Companies have formally appointed GDPR Auditing Limited as their EU and UK representative and have notified the UK Supervisory Authority the information Commissioners Office (ICO) of the appointment.
Supervisory authorities and data subjects may contact GDPR Auditing by emailing:
Or by writing to them at this following address:
GDPR Auditing Limited
47 The Lanes, Over,
United Kingdom, CB245NQ
Or by telephone: +44 (0) 203 488 3050