We respect people’s right to privacy. We therefore want you to be familiar with how we collect, use and share information, and the options available to you.
First, here are some terms we use and what they mean:
- “Applicable Data Protection Law” means applicable legislation protecting data subjects’ right to privacy with respect to the processing of personal data, including but not limited to the GDPR and any local implementation laws.
- “Consent”, “Data Subject”, “Personal Data”, “Personal Data Breach”, “Processing”, “Supervisory Authority”, “Controller”, “Processor” and other terms in the GDPR have the same meaning as set out in the GDPR.
- “GDPR” means the EU General Data Protection Regulation 2016/679.
- “Publisher Property” means the websites, mobile applications and/or other digital media properties owned or operated by the Controller, using Adnuntius’ Services.
2 General Provisions
2.1 Ongoing compliance.
Adnuntius shall process all Personal Data in accordance with Applicable Data Protection Law. Adnuntius’ responsible person (Data Protection Officer) as specified in https://docs.google.com/spreadsheets/d/1rCZPF_TWBkTgaYeQ9f-lhU8qL_J9eJrv1l1jjf0G9uQ/edit#gid=776773052 shall take responsibility for Adnuntius’ ongoing compliance with this policy.
2.2 Data minimization
Adnuntius shall ensure that personal data are adequate, relevant and limited to what is necessary in relation to specified, explicit and legitimate purposes for which they are processed, and not further processed in a manner that is incompatible with those purposes. Data collection will be limited to what is necessary for the purposes as they are described in this Data Protection Policy. Processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with these purposes. Furthermore, Personal Data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organizational measures required by the GDPR in order to safeguard the rights and freedoms of individuals.
Adnuntius shall take reasonable steps to ensure personal data is accurate. Where necessary for the lawful basis on which data is processed, steps shall be put in place to ensure that personal data is kept up to date. Any inaccurate data, having regard to the purposes for which they are processed, shall be erased or rectified without undue delay.
2.4 Place of storage
Adnuntius stores all data in locations in compliance with Applicable Data Protection Law. These locations shall ensure appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage.
2.5 Security measures
Adnuntius shall have technical and organizational security measures aimed at protecting personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access. These measures shall ensure a level of security appropriate to the risk presented to the processing and the nature of the personal data to be protected having regard to the state of the art and the cost of their implementation. Adnuntius shall limit access to the personal data to relevant personnel, and ensure that all personnel authorized to process the personal data have committed themselves to confidentiality.
Adnuntius works with partners that act as sub-processors of data. In cases where partners are involved, we shall ensure that we have data processing agreements in place that help ensure that these partners comply with Applicable Data Protection Law, meet the same requirements as we do, and provide industry-leading security.
Adnuntius shall have in place robust breach detection, investigation and internal reporting procedures. In the event of a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data, Adnuntius shall without undue delay assess the risk to people’s rights and freedom, and if appropriate, report this breach as follows.
- Within 72 hours of becoming aware of the breach, Adnuntius shall report that breach to supervisory authorities.
- If the breach is likely to result in a high risk of adversely affecting individuals’ rights and freedoms, Adnuntius shall also inform those individuals without undue delay.
- Adnuntius shall also keep a record of any Personal Data breaches, regardless of whether we are required to notify.
In case of a data breach resulting in unauthorized disclosure of personal data, the Adnuntius shall without undue delay notify restore appropriate security levels, and rectify any errors resulting in the breach.
3. Provisions Specific to Individual Technologies
Adnuntius gathers data using the following systems and/or interfaces.
- Adnuntius.com, our company website. This site gathers user data enabling us to better understand user behavior, and to retarget our customers with ads based on their visits.
- Adnuntius technology: we deliver technologies that enable our customers to gather user information for advertising, analysis and personalization purposes. We use our own and partners’ technologies to deliver this value proposition to our customers.
- Efficiency and communication tools. In order to effectively communicate with customers and prospects we use a CRM system, an invoicing tool, and an email service provider.
3.1 Adnuntius.com Website
3.1.1 Purpose of processing
3.1.2 Transparency and control
To gather data as described above we need your consent. We will provide you with the tools to decide yourself whether or not you want to share your data with us. When you first visit our website we will present you with these choices, and we will store your choices for your next visit. You may at any time review your personal information, and you may at any time withdraw your consent. If you withdraw your consent then all data will be deleted. You may still use our services, but you will not be able to use services that require personalization.
3.2 Adnuntius Technology: Consumer Data
3.2.1 Purpose of processing, and control.
For the Adnuntius platform, we act as a Data Processor, meaning that we process data on behalf of our customers. When you visit one of our customers’ websites, we set cookies on your browser that allows us to fulfill the purpose of processing. Our customers are required by Applicable data protection law to inform you about the information gathered, and where to delete information, or opt out of information to be gathered.
Our customers are required by Applicable data protection law to inform you about the information gathered. Nonetheless, we also want to show you exactly what we gather on behalf of our customers. You will therefore be able to find information about all Personal Data, contact persons and sub-processors here: https://docs.google.com/spreadsheets/d/1rCZPF_TWBkTgaYeQ9f-lhU8qL_J9eJrv1l1jjf0G9uQ/edit?usp=sharing
3.3 Adnuntius Technology: Admin Interface
3.3.1 Purpose of processing
If you are a customer of Adnuntius and use one of our services, you likely share some information with us such as email address and name for logging into the services. We use this information to authenticate you as a user.
All information we gather is described in our privacy details sheet here: https://docs.google.com/spreadsheets/d/1rCZPF_TWBkTgaYeQ9f-lhU8qL_J9eJrv1l1jjf0G9uQ/edit#gid=825898133
If you do not wish to receive information about new features, changes or other information you can opt out of receiving future newsletters by clicking to opt out directly in any newsletter we send to you. If you do not wish to be a user of our system you can ask your system administrator at your company to delete your user, or you can send us a support request from inside the user interface.
3.4 Efficiency and communication tools
3.4.1 Purpose of processing
To have a structured sales process where contact information to prospects are gathered in one place; and to market news and updates to existing and prospective customers.
The personal data collected consists of names, phone numbers and/or email addresses. When we collect this information, we send you an automated email that notifies you of this. You will from there be able to control whether or not we may continue to safely store this information.
If you do not wish to receive emails you can opt out of receiving future newsletters by clicking to opt out directly in any newsletter that we send to you. If you would like us to remove personal information about you altogether you can send us an email.