PRIVACY POLICY

The Operator prepared this Privacy Policy to assure that the Operator safeguards and respects the confidentiality of User’s information and personal data, as the Operator processes personal data of the Users in order to provide them with user-friendly high-quality Services.

The Operator reserves the right to update or amend this Privacy Policy at any time with or without prior notice. The Operator will publish revised Privacy Policy on the Platform to provide Users with the possibility to see what kind of information it collects, how it is used and under which circumstances it can be disclosed. However, the Operator will not use the personal data in any way that would substantially differ from the one described in this Privacy Policy without providing the User with a possibility to exclude such use.

The Operator can collect User’s personal data by different means. The User provides the Operator with their personal data by filling in forms or by communicating with the Operator by e-mail, massaging app, phone. Some information the Operator can collect automatically.

  1. Legitimate interest as the basis of personal data processing

The Operator processes the User’s personal data on the basis of legitimate interest.

  1. Personal data

In order to provide the User with the Services, to contact the User in relation to an ordering process, to respond to User’s queries, to communicate and cooperate with the User as an Expert, including to confirm the User’s candidacy for performing Services, the Operator processes the following personal data:

Name (first name, surname)

E-mail address

Phone number

These personal data is processed for Order fulfillment and enable the Operator to communicate with the User by different means, including filling in other forms or messaging apps and e-mail. This information is core for the adequate performance of Services.

The Operator does not perform Services to the Users who are under the age of 18. The Operator does not permit Users under the age of 18 on the Platform and do not knowingly collect personal information from anyone under the age of 18.

  1. Data attributable to an identifiable person

In order to ensure that the Operator works in the most effective, safe and secure way and to conduct research, statistical and behavioral analysis in order to enhance effectiveness and safety of the Operator, the Operator processes the following data that may be attributable to an identifiable person:

Information about visits to the Platform, the use of the Platform

IP-address

Operating system

Browser type

Pages requested by the User’s browser from the Operator‘s server

These data can be used to identify the User only by reference to an identifier such as a name, an identification number, location data, etc. These data may be collected through various technologies, including server logs, cookies and similar technologies.

  1. Data retention and protection

The Operator will hold the personal data, for as long as it has a business relationship with the User, in secure computer storage facilities, and will take the necessary measures to protect the personal information from misuse, loss, unauthorised access, modification or disclosure and to ensure safety of the information, which is required for functioning of the Services, on the Operator’s secure servers.

The Operator is subject to certain anti-money laundering laws which require it to retain the personal information, for a period of 5 years after the business relationship with the User has ended.

When the personal information is no longer necessary for the purpose for which it was collected, the Operator will remove any details that will identify the User or the Operator will securely destroy the records. The Company may keep the User’s data for longer than 5 years if the Company cannot delete them for legal, regulatory or technical reasons.

The Operator may transfer the personal data to countries or international organisations where an adequate level of protection is ensured. If the Operator decides to transfer the User’s personal data to those third countries or international organisations, in relation of which there are no any evidence of adequate protection level ensurance, the Operator can do this only if the Operator has provided appropriate safeguards, according to applicable law, and on condition that the User’s rights and effective legal remedies are available for the User.

  1. Controllers

For advertising purposes the Operator cooperates with Google Analytics. The Operator is entitled to provide summarized non-identifying information about all the Users for the purpose of demonstrating to advertisers the characteristics of the target audience. The Operator does not disclose the User’s personal data to any advertisers. The Operator is also entitled to use summarized non-identifying information to provide assistance to advertisers in attracting the target audience.

The Operator will share information with government agencies as required by law in response to lawful requests by public authorities, including to meet national security or law enforcement requirements and, including without limitation, in connection with reporting earnings.

  1. No profiling

The Operator does not apply automated decision-making, including profiling, which produces legal effects concerning the User or similarly significantly affects the User.

  1. Rights of the User
  • The User has the right to obtain from the Operator the erasure of personal data concerning them on the one of the following grounds: the personal data are no longer necessary in relation to the purposes for which they were processed; the User withdraws their consent on which the processing is based and there is no other legal ground for the processing; the personal data have been unlawfully processed; the User objects to the processing and there are no overriding legitimate grounds for the processing or the User object to the processing for direct marketing; the personal data have to be erased for compliance with a legal obligation in the European Union or a member state of the European Union law to which the the Operator is subject.
  • The User has the right to obtain from the Operator the restriction of processing on the one of the following grounds: the User is contesting the accuracy of the personal data – for a period enabling the Operator to verify the accuracy of the personal data; the processing is unlawful and the User opposes the erasure of their personal data and requests the restriction of their use instead; The Operator no longer needs the personal data for the purposes of the processing; the User requires them for the establishment, exercise or defence of legal claims; the User has objected to processing – pending the verification whether the legitimate grounds of the controller override those of the User.
  • The User has the right to obtain from the Operator confirmation as to whether or not personal data concerning them are being processed, and, where that is the case, access to the personal data and the information about the processing, including the purposes, the categories of personal data concerned; the recipients or categories of recipient to whom the personal data have been or will be disclosed, etc.
  • The User has the right to receive the personal data, which the User has provided to the Operator, in a structured, commonly used and machine-readable format and has the right to transmit those data to another controller without hindrance from the Operator to which the personal data have been provided, subject to the following conditions: the processing is based on consent and the processing is carried out by automated means.
  • The User has the right to obtain from the Operator the rectification of inaccurate personal data concerning them.
  • The User has the right to withdraw their consent given to the Operator to process their personal data at any time. Please, note that the withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
  • Without prejudice to any other administrative or judicial remedy, the User has the right to lodge a complaint with a supervisory authority, in particular in the member state of the European Union of their habitual residence, place of work or place of the alleged infringement if the User considers that the processing of personal data relating to the User infringes the applicable law.
  • The User has the right to object, on grounds relating to the User’s situation, at any time to processing of the User’s personal data which is based on the Operator‘s legitimate interest, for direct marketing purposes and profiling in connection to the direct marketing.
  1. Exercising the User’s rights

If the User wants to exercise their rights, mentioned above, or just to clear up any matter of the Operator‘s Privacy Policy, please, feel free to contact the Operator:

BRANDSTERRA LIMITED

Legal address: No.5, 17/F, Strand 50, 50 Bonham Stand, Sheung Wan, Hong Kong

[email protected]

  1. Other useful information on personal data processing

Cookies

The Operator uses cookies to help personalize User’s online experience. A cookie is a file that is placed on User’s hard disk by a web page server. Cookies cannot be used to run programs or deliver viruses to the User’s computer. The Operator may gather information about User’s general Internet use by using cookies. Where used, these cookies are downloaded to the User’s computer automatically. Cookies are uniquely assigned to the User, and can only be read by a web server in the domain that issued the cookie to the User.

The User have the ability to accept or decline cookies. If the User choose to decline cookies, they may not be able to fully experience the interactive features of the websites the User visit.

Payment information

The Operator enters into arrangements with payment services providers who process payments.

The Company does not view or store User’s full credit card or other payment method information – instead, such information is provided directly to payment processors for their processing of the User’s payment.

This information is used solely for billing purposes, processing and control of payment.

The payment services providers will process the User’s card details as well as other required information under their own policies. When the User enters their card details, the information is sent directly to secure databases maintained by the payment services providers, who then complete the transaction. The payment services providers will not keep the User’s payment information for any longer than it is required in light of the reason(s) for which it was initially collected. However, it will be kept until a relevant legal basis or legal obligation exists (including a need for payment services providers to establish or defend their legal rights).