This Policy is also subject to the Site Terms.
Please note that we follow the requirements of the so-called European Union General Data Protection Regulation and other applicable data protection laws while collecting, using and storing information about You.
“Site”(also referred to as "we", "us", and "ours") the website fitafun.com or any sub-domains of these websites (e.g. subdomain.fitafun.com) or other associated different domain sites if used as a part of such website and its purposes and operated by the Company, unless expressly excluded by their own terms and conditions (also collectively the “Site”).
“GDPR”- European Union General Data Protection Regulation.
“Personal Data” means any information relating to an identified or identifiable natural person. It also has a definition provided by GDPR.
“User”(also referred to as “You,” and “your”) refers to the individual person, company, or organisation that has visited or is using the Site, including subscribers or participants in our surveys.
There may be other definitions used in this Policy having the meaning of GDPR provided definitions.
1. CONTACTS OF DATA CONTROLLER
The data controller (use the GDPR provided definition) for the processing of the data of this Site is INTERNET IDEAS LTD, a corporation organised and existing under the laws of the United Kingdom, with its head office located at 85 Great Portland Street, London, W1W 7LT, United Kingdom; Company code 6951230, VAT code GB137526311.
Please contact us with any questions, concerns, complaints or comments about this Policy, your Personal Data, our use and disclosure practices, or your consent choices by emailing us at [email protected]
2. THE DATA WE COLLECT THROUGH THE SITE
We collect different types of information through the Site. The legal bases for the Site processing of your Personal Data are primarily that the processing is necessary for providing You with information and services, in accordance with the Site terms and that the processing is carried out in the Site owner’s legitimate interests, which are further explained in the section “How We Use the Data We Collect, purposes and legal bases” of this Policy.
In brief, the following Personal Data (categories of Personal Data) can be collected and processed on this Site:
• Email address;
• Contact telephone number;
• IP addresses (in some cases);
• CV for hiring (may include name, surname, age, experience..).
Read more detailed explanation about how we collect data, below:
2.1 User provided Information. When You use the Site You may provide, and we may collect information about You and your Personal Data. Such Personal Data may include name, surname, email address, mobile phone number, address. You may provide us with Personal Data or other information in various ways on the Site, for example, when subscribing to a newsletter, responding to the surveys or quizzes, by filling any information or Personal Data due to your requests, also information provided for hiring purposes.
2.2 Communication information. Includes any communication that You send to us whether that be through email, text, social media messaging, social media posting or any other communication or requests that You send us.
2.3 “Automatically Collected" Technical Information. When a User uses the Site, we may automatically record certain information from the User’s device by using various types of technology, including cookies. This “automatically collected" information may include IP address or other device address or ID, web browser and/or device type, the web pages or sites visited just before or just after using the Site, the pages or other content the User views or interacts with on the Site, and the dates and times of the visit, access, or use of the Site.
2.4 Marketing information. We may use data about your preferences in receiving marketing from us and our third parties and your communication preferences.
2.5 Information from Other Sources. We may obtain information, including Personal Data, from third parties and sources other than the Site, such as our partners, advertisers (if any). If we combine or associate information from other sources with Personal Data that we collect through the Site, we will treat the combined information as Personal Data in accordance with this Policy.
3. SENSITIVE DATA
We do not collect any Sensitive Data about You. Sensitive data refers to data that includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. We do not collect any information about criminal convictions and offences.
4. HOW WE USE THE DATA WE COLLECT, PURPOSES AND LEGAL BASES
In brief, the specified personal data are collected and processed only in accordance with the legal grounds specified in legal acts. The above mentioned Personal Data is basically processed in accordance with these legal grounds:
• Personal Data is necessary for the fulfillment of a legal obligation (for example: the law enforcement agencies request);
• Personal Data is necessary in order to fulfill the contract (if any);
• A data subject consent was given (for example: consent to direct marketing);
• Legitimate interests of the data controller.
We use the information that we collect in a variety of ways and purposes in providing the Site and operating our business. Read more detailed explanation below:
4.1 Improvements. We use the information to understand and analyse the usage trends and preferences of our Users, to improve the Site, and to develop new products, services, features, and functionality. Should this purpose require the Site to process Personal Data, then the data will only be used in anonymised or aggregated form.
4.2 Communications. We may use any of your communication data that includes any communication that You send to us whether that be through email, text, social media messaging, social media posting or any other communication that You send us or other information, to contact You with updates on promotions and events, relating to products and services offered by us, and to answer your questions or concerns. We process this data for the purposes of communicating with You. Our lawful ground for this processing is our legitimate interests which in this case are to reply to communications sent to us or to inform You, or Your consent (in case of subscription to newsletters).
You have the ability to opt-out of receiving any promotional communications as described below under section “Your Rights”, but we still may use your information for other necessary communications.
4.3 Cookies, Analytics and Tracking Technologies. We may use automatically collected information and other information collected on the Site through cookies and Analytics or similar technologies to: provide customized advertisements, content, and information; monitor and analyse the effectiveness of the Site and third-party marketing activities; monitor aggregate Site usage metrics such as total number of visitors and pages viewed; and track your entries, submissions, and status in any promotions or other activities in the Site.
4.4 Hiring. We may publish job offers from time to time on the Site. In general, there shall be an offer to send us your CV (curriculum vitae) and/or motivation letter, which may include your Personal Data. Our lawful ground for this processing shall be our legitimate interest or fulfillment of a contract.
5. TO WHOM WE DISCLOSE INFORMATION
We may disclose your information to third parties in the following circumstances:
5.1 Service Providers. We work with third party service providers for example, who provide website, application development, hosting, maintenance, softwares and other services for us. These third parties may have access to, or process Personal Data as part of providing those services for us. We limit the information provided to these service providers to that which is reasonably necessary for them to perform their functions. According to the requirements of the GDPR, we have special contracts with such third parties to ensure that they are also compliant to GDPR and data protection laws and respect your data at least at the same level.
5.2 Non Personally Identifiable Information. We may make certain automatically-collected, aggregated, or otherwise non-personally-identifiable information available to third parties for various purposes, including (i) compliance with various reporting obligations; (ii) for business or marketing purposes; or (iii) to assist such parties in understanding our Users interests, habits, and usage patterns for certain programs, content, services, and/or functionality available through the Site.
5.3 Law Enforcement, Legal Process and Compliance. We may disclose Personal Data or other information if required to do so by law or in the good-faith belief that such action is necessary to comply with applicable laws, in response to a facially valid court order, judicial or other government subpoena or warrant, or to otherwise cooperate with law enforcement.
6. YOUR RIGHTS
Under data protection laws, especially GDPR You have rights in relation to your Personal Data. If You wish to exercise any of the rights set out in this section “Your Rights”, please email us. We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or You have made a number of requests.
Please Note: You will not have to pay a fee to access your Personal Data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive or refuse to comply with your request in these circumstances.
We may need to request specific information from You to help us confirm your identity and ensure your right to access your Personal Data (or to exercise any of your other rights). This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We may also contact You to ask You for further information in relation to your request to speed up our response.
6.1 Right to Access. We respect your privacy rights and provide You with reasonable access to the Personal Data that You may have provided through your use of the Site. If You wish to access any other Personal Data we hold about You, You may contact us.
6.2 Right to data portability. You shall have the right to your Personal Data portability. If You wish to request to transfer your Personal Data that we have, You may contact us.
6.3 Right to Rectification. You shall have the right to update or correct your Personal Data at any time by contacting to us.
6.4 Right to Erasure ("Right to be forgotten"). You shall have the right to obtain from the Site the erasure of Personal Data if: i) the Personal Data is no longer necessary in relation to the purposes for which they were collected or otherwise processed; ii) You withdraw consent on which the processing is based according to point and where there is no other legal ground for the processing; iii) the Personal Data have been unlawfully processed; or iv) any other legal grounds applicable.
6.5 Right to object. The GDPR right to object allows You to object to certain types of data processing and stop us from continuing to process your Personal Data. There are only certain situations when a legitimate right to object can be sent to us, but the most common to You may be the right to object processing related to direct marketing.
6.6 Right to restrict processing. You have a limited right of restriction of processing of your Personal Data by a data controller. Where processing of your data is restricted, it can be stored by the data controller, but most other processing actions, such as deletion, will require your permission. For example, You may ask us to restrict processing your Personal Data: i) if You believe your data is not accurate (we should stop processing until we verify the accuracy of the data); ii) if the processing is unlawful but You don't want the data to be erased, so You can restrict processing instead; iii) in other case provided by GDPR.
6.7 Right to complain. If You believe your right to privacy granted by applicable data protection laws has been infringed upon, please first contact us [email protected]. You also have a right to lodge a complaint with data protection authorities.
6.8 Right to withdraw. You shall have the right to withdraw any consent You gave to us regarding processing of your Personal data. In such case, there might be situations where You may not be able to use the Site and services efficiently.
You have a Right to Opt - out from commercial communications. If You receive commercial emails from us (for example subscription to newsletters), You may unsubscribe at any time. Nevertheless, even after You opt-out from receiving commercial messages from us, You may continue to receive administrative or necessary messages from us regarding the Site and services.
7. THIRD-PARTY SERVICES OR LINKS
The Site may contain features or links to websites and services provided by third parties. Any information You provide on third-party websites or services is provided directly to the operators of such services and is subject to those operators’ policies, if any, governing privacy and security, even if accessed through the Site. We are not responsible for the content or privacy and security practices and policies of third-party websites or services to which links or access are provided through the Site.
8. MINORS AND CHILDREN’S PRIVACY
Protecting the privacy of young children is especially important. Our Site is not directed to children under the age of 16, and we do not knowingly collect Personal Data from children under the age of 16 without obtaining verifiable parental consent. If You are under 16 years of age, then please do not use or access the Site at any time or in any manner. If we learn that Personal Data has been collected on the Site from persons under 16 years of age and without verifiable parental consent, then we will take the appropriate steps to delete this information. If you are a parent or guardian and discover that your child under 16 years of age uses the Site, then You may alert us at [email protected] and request that we delete that child’s Personal Data from our systems.
9. DATA SECURITY
We follow the GDPR requirements and generally accepted industry standards to protect the information submitted to us, both during transmission and once we receive it. We maintain appropriate administrative, technical and physical safeguards to protect Personal Data against accidental or unlawful destruction, accidental loss, unauthorised alteration, unauthorised disclosure or access, misuse, and any other unlawful form of processing of the Personal Data in our possession. We use SSL technology to encrypt data during transmission through public internet. We also require data security technology measures from the service providers (data processors- the GDPR provided definition) that we work with.
However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. We cannot ensure or warrant the security of any information You transmit or provide to us or store on the Site, and You do so at your own risk. We also cannot guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. However once we have received your Personal Data we use strict procedures to protect the security of your data, especially Personal Data. If You believe your Personal Data has been compromised, please contact us.
If we learn of a security systems breach, we will inform You and the authorities of the occurrence of the breach in accordance with GDPR and applicable laws requirements.
10. DATA RETENTION
We only retain the Personal Data collected from User, for a limited period of time as long as we need it to fulfill the purposes for which we have initially collected it, or while we have the consent of You (for example until You unsubscribe to the newsletters) and/or a reasonable time after that, unless otherwise required by law. Retention periods may differ depending on the type of Personal Data. We may retain your Personal data for longer or specific periods if it is necessary for the fulfillment of a legal obligation.
In some circumstances we may anonymise your Personal Data for research or statistical purposes in which case we may use this information indefinitely without further notice to You.
If You have a question about a specific retention period for certain types of Personal Data we process about You, please contact us.
11. DATA TRANSFERS
We may work with the service providers and/or use servers outside the EU and European Economic Area (EEA) regarding your information or Personal Data processing. We are subject to the provisions of the General Data Protection Regulations that protect your Personal Data. Where we or our service providers might transfer your data to third parties outside of the EEA, we will ensure that certain safeguards are in place to ensure a similar degree of security for your Personal Data, such as:
• We may transfer your Personal Data to countries that the European Commission have approved as providing an adequate level of protection for personal data by; or
• If we use US-based providers that are part of EU-US Privacy Shield, we may transfer data to them, as they have equivalent safeguards in place; or
• Where we use certain service providers who are established outside of the EEA, we may use specific contracts or codes of conduct or certification mechanisms approved by the European Commission which give Personal Data the same protection it has in Europe;
• Where we use certain service providers who are established outside of the EEA but they are compliant to the GDPR.
12. CHANGES AND UPDATES TO THIS POLICY
Please revisit this page periodically to stay aware of any changes to this Policy, which we may update from time to time. If we modify the Policy, we will make it available through the Site. If the changes are significant, we will try to notify You about such changes by publishing a notice of changes in the Site or by emailing You or any other way. Changes will comply with applicable laws, including GDPR. Your continued use of the Site after the revised Policy has become effective and indicates that You have read, understood and agreed to the current version of the Policy.