We have created this policy to make it shorter and easier to read, and to comply with the EU General Data Protection Regulation which came into force on May 25, 2018.
1. What Data We Get
We collect certain data from you directly, like information you enter yourself, data about your participation in consultations, and data from third-party platforms you connect with Interfima. We also collect some data automatically, like information about your device and what parts of our Services you interact with or spend time using.
1.1 Data You Provide to Us
We may collect different data from or about you depending on how you use the Services. Below are some examples to help you better understand the data we collect.
When you create an account and use the Services, we collect any data you provide directly, including:
Account DataIn order to use certain features, you need to create a user account. When you create or update your account, we collect and store the data you provide, like your email address, password, (“Account Data”).
Profile DataYou can also choose to provide profile information like a photo, headline, website link, social media profiles, or other data. Your Profile Data will be publicly viewable by others.
Blog DataParts of the Services let you interact with other users or share content publicly, including by posting on a blog page, posting photos or other work you upload. Such shared content may be publicly viewable by others depending on where it is posted.
Learning Class DataWhen you enroll in one of our services, we collect certain data including which services, you’ve started and completed; your exchanges with our experts. When recording meetings that include protected Information or other regulated data, please be aware that all regulatory requirements apply. While Interfima certified Zoom for use with its services that include such data, you are responsible for ensuring regulatory requirements are met sharing, downloading, and storing the recordings, as with any other regulated content.
Client Payment DataIf you make purchases, we collect certain data about your purchase (such as your name and Postal code) as necessary to process your order. You must provide certain payment and billing data directly to our payment processing partners, including your name, credit card information, billing address, and zip code. For security, Interfima does not collect or store sensitive cardholder data, such as full credit card numbers or card authentication data.
Data About Your Accounts on Other ServicesWe may obtain certain information through your social media or other online accounts if they are connected to your Interfima account. If you login to Interfima via Facebook or another third-party platform or service, we ask for your permission to access certain information about that other account. Those platforms and services make information available to us through their APIs. The information we receive depends on what information you (via your privacy settings) or the platform or service decide to give us. If you access or use our Services through a third-party platform or service, or click on any third-party links, the collection, use, and sharing of your data will also be subject to the privacy policies and other agreements of that third party.
1.2 Data We Collect through Automated Means
When you access the Services (including browsing our services), we collect certain data by automated means, including:
System DataTechnical data about your computer or device, like your IP address, device type, operating system type and version, unique device identifiers, browser, browser language, domain and other systems data, and platform types (“System Data”).
Usage DataUsage statistics about your interactions with the Services, including accesses, time spent on pages or the Service, pages visited, features used, your search queries, click data, date and time, and other data regarding your use of the Services (“Usage Data”).
Approximate Geographic DataAn approximate geographic location, including information like country, city, and geographic coordinates, calculated based on your IP address.
The data listed above is collected through the use of server log files and tracking technologies, as detailed in the “Cookies and Data Collection Tools” section below. It is stored by us and associated with your account.
2. How We Get Data About You
We use tools like cookies, web beacons, analytics services, and advertising providers to gather the data listed above. Some of these tools offer you the ability to opt out of data collection.
2.1 Cookies and Data Collection Tools
Interfima uses the following types of cookies:
Preferences: cookies that remember data about your browser and preferred settings that affect the appearance and behavior of the Services (like your preferred language).
Security: cookies used to enable you to log in and access the Services; protect against fraudulent logins; and help detect and prevent abuse or unauthorized use of your account.
Functional: cookies that store functional settings (like the volume level you set for video playback).
Session State: cookies that track your interactions with the Services to help us improve the Services and your browsing experience, remember your login details, and enable processing of your Services purchases. These are strictly necessary for the Services to work properly, so if you disable them then certain functionalities will break or be unavailable.
Some of the third-party partners who provide certain features on our site may also use Local Storage Objects (also known as flash cookies or LSOs) to collect and store data.
We use third-party browser and mobile analytics services like Google Analytics, Hotjar, and Intercom on the Services. These services use Data Collection Tools to help us analyze your use of the Services, including information like the third-party website you arrive from, how often you visit, events within the Services, usage and performance data, and where the application was downloaded from. We use this data to improve the Services, better understand how the Services perform on different devices and provide information that may be of interest to you.
2.3 Online Advertising
We use third-party advertising services like Taboola, Facebook, Google’s ad services, and other ad networks and ad servers to deliver advertising about our Services on other websites and applications you use. The ads may be based on things we know about you, like your Usage Data and System Data (as detailed in Section 1), and things that these ad service providers know about you based on their tracking data. The ads can be based on your recent activity or activity over time and across other sites and services and may be tailored to your interests.
Depending on the types of advertising services we use, they may place cookies or other tracking technologies on your computer, phone, or other device to collect data about your use of our Services, and may access those tracking technologies in order to serve these tailored advertisements to you. To help deliver tailored advertising, we may provide these service providers with a hashed, anonymized version of your email address (in a non-human-readable form) and content that you share publicly on the Services.
When using mobile applications you may also receive tailored in-app advertisements. Apple iOS, Android OS, and Microsoft Windows each provide their own instructions on how to control in-app tailored advertising. For other devices and operating systems, you should review your privacy settings or contact your platform operator.
3. What We Use Your Data For
We use your data to do things like provide our Services, communicate with you, troubleshoot issues, secure against fraud and abuse, improve and update our Services, analyze how people use our Services, serve personalized advertising, and as required by law or necessary for safety and integrity.
We use the data we collect through your use of the Services to:
Provide and administer the Services, including to display customized content and facilitate communication with other users;
Process your requests and orders for products, tailored services, information, or features;
Communicate with you about your account by:
Responding to your questions and concerns;
Sending you administrative messages and information, including messages from our experts, notifications about changes to our Service, and updates to our agreements;
Sending you information and in-app messages about your progress in our tailored programs, new services, new features, promotions, newsletters, and other available learning experience (which you can opt out of at any time);
Sending push notifications to your wireless device to provide updates and other relevant messages (which you can manage from the “options” or “settings” page of the mobile app);
Manage your account preferences;
Facilitate the Services’ technical functioning, including troubleshooting and resolving issues, securing the Services, and preventing fraud and abuse;
Solicit feedback from users;
Market and administer surveys and promotions administered or sponsored by Interfima;
Learn more about you by linking your data with additional data through third-party data providers or analyzing the data with the help of analytics service providers;
Identify unique users across devices;
Tailor advertisements across devices;
Improve our Services and develop new products, services, and features;
Analyze trends and traffic, track purchases, and track usage data;
Advertise the Services on third-party websites and applications;
As required or permitted by law; or
As we, in our sole discretion, otherwise determine to be necessary to ensure the safety or integrity of our users, employees, third parties, the public, or our Services.
4. Who We Share Your Data With
We share certain data about you with Interfima experts, companies performing services for us, our business partners, analytics and data enrichment providers, your social media providers, and advertising companies who help us promote our Services. We may also share your data as needed for security, legal compliance, or as part of a corporate restructuring. Lastly, we can share data in other ways if it is aggregated or de-identified or if we get your consent.
With Your Experts: We share data that we have about you (except your email address) with experts for services you enroll in or request information about, so they can improve their services for you and other students. This data may include things like your city, country, browser language, operating system, device settings, the site that brought you to Interfima, and your activities on Interfima. We will not share your email address with experts unless you consent. We also enable our experts to implement Google Analytics on their services pages to track sources of traffic to their services and optimize their services pages.
With our Experts, Contractors, and Agents: We share your data with third-party companies who perform services on our behalf, like payment processing, data analysis, marketing and advertising services (including retargeted advertising), email and hosting services, and customer services and support. These service providers may access your personal data and are required to use it solely as we direct, to provide our requested service.
With Business Partners: We have agreements with other websites and platforms to distribute our Services and drive traffic to Interfima.
With Analytics and Data Enrichment Services: As part of our use of third-party analytics tools like Google Analytics and data enrichment services, we share certain contact information, Account Data, System Data, Usage Data (as detailed in Section 1), or de-identified data as needed. De-identified data means data where we’ve removed things like your name and email address and replaced it with a token ID. This allows these providers to provide analytics services or match your data with publicly-available database information (including contact and social information from other sources). We do this to communicate with you in a more effective and customized manner.
For Advertising: If we decide to offer advertising in the future, we may use and share certain System Data and Usage Data with third-party advertisers and networks to show general demographic and preference information among our users. We may also allow advertisers to collect System Data through Data Collection Tools (as detailed in Section 2.1), and to use this data to offer you targeted ad delivery to personalize your user experience (through behavioral advertising) and undertake web analytics. Advertisers may also share with us the data they collect about you. To learn more or opt out from participating ad networks’ behavioral advertising, see Section 6.1 (Your Choices About the Use of Your Data) below. Note that if you opt out, you’ll continue to be served generic ads.
For Security and Legal Compliance: We may disclose your data to third parties if we (in our sole discretion) have a good faith belief that the disclosure is:
During a Change in Control: If Interfima undergoes a business transaction like a merger, acquisition, corporate divestiture, or dissolution (including bankruptcy), or a sale of all or some of its assets, we may share, disclose, or transfer all of your data to the successor organization during such transition or in contemplation of a transition (including during due diligence).
After Aggregation/De-identification: we can disclose or use aggregate or de-identified data for any purpose.
We use appropriate security based on the type and sensitivity of data being stored. As with any internet-enabled system, there is always a risk of unauthorized access, so it’s important to protect your password and to contact us if you suspect any unauthorized access to your account.
Interfima takes appropriate security measures to protect against unauthorized access, alteration, disclosure, or destruction of your personal data that we collect and store. These measures vary based on the type and sensitivity of the data. Unfortunately, however, no system can be 100% secured, so we cannot guarantee that communications between you and Interfima, the services, or any information provided to us in connection with the data we collect through the services will be free from unauthorized access by third parties. Your password is an important part of our security system, and it is your responsibility to protect it. You should not share your password with any third party, and if you believe your password or account has been compromised, you should change it immediately and contact firstname.lastname@example.org with any concerns.
6. Your rights
6.1 In this section, we have summarized the rights that you have under EU data protection law. Some of the rights are complex, and not all of the details have been included in our summaries. Accordingly, you should read the relevant laws and guidance from your local regulatory authority for a full explanation of these rights.
6.2 Your principal rights under data protection law are:
(a) the right to access;
(b) the right to rectification;
(c) the right to erasure;
(d) the right to restrict processing;
(e) the right to object to processing;
(f) the right to data portability;
(g) the right to complain to a supervisory authority; and
(h) the right to withdraw consent.
6.3 You have the right to confirmation as to whether or not we process your personal data and, where we do, access to the personal data, together with certain additional information. That additional information includes details of the purposes of the processing, the categories of personal data concerned and the recipients of the personal data. Providing the rights and freedoms of others are not affected, we will supply to you a copy of your personal data. The first copy will be provided free of charge, but additional copies may be subject to a reasonable fee.
6.4 You have the right to have any inaccurate personal data about you rectified and, taking into account the purposes of the processing, to have any incomplete personal data about you completed.
6.5 In some circumstances you have the right to the erasure of your personal data without undue delay. Those circumstances include: the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed; you withdraw consent to consent-based processing; you object to the processing under certain rules of applicable data protection law; the processing is for direct marketing purposes; and the personal data have been unlawfully processed. However, there are exclusions of the right to erasure. The general exclusions include where processing is necessary: for exercising the right of freedom of expression and information; for compliance with a legal obligation; or for the establishment, exercise or defence of legal claims.
6.6 In some circumstances you have the right to restrict the processing of your personal data. Those circumstances are: you contest the accuracy of the personal data; processing is unlawful but you oppose erasure; we no longer need the personal data for the purposes of our processing, but you require personal data for the establishment, exercise or defence of legal claims; and you have objected to processing, pending the verification of that objection. Where processing has been restricted on this basis, we may continue to store your personal data. However, we will only otherwise process it: with your consent; for the establishment, exercise or defence of legal claims; for the protection of the rights of another natural or legal person; or for reasons of important public interest.
6.7 You have the right to object to our processing of your personal data on grounds relating to your particular situation, but only to the extent that the legal basis for the processing is that the processing is necessary for: the performance of a task carried out in the public interest or in the exercise of any official authority vested in us; or the purposes of the legitimate interests pursued by us or by a third party. If you make such an objection, we will cease to process the personal information unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the establishment, exercise or defence of legal claims.
6.8 You have the right to object to our processing of your personal data for direct marketing purposes (including profiling for direct marketing purposes). If you make such an objection, we will cease to process your personal data for this purpose.
6.9 You have the right to object to our processing of your personal data for scientific or historical research purposes or statistical purposes on grounds relating to your particular situation, unless the processing is necessary for the performance of a task carried out for reasons of public interest.
6.10 To the extent that the legal basis for our processing of your personal data is:
(a) consent; or
(b) that the processing is necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract, and such processing is carried out by automated means, you have the right to receive your personal data from us in a structured, commonly used and machine-readable format. However, this right does not apply where it would adversely affect the rights and freedoms of others.
6.11 If you consider that our processing of your personal information infringes data protection laws, you have a legal right to lodge a complaint with your local authority responsible for data protection. You may do so in the EU member state of your habitual residence, your place of work or the place of the alleged infringement.
6.12 To the extent that the legal basis for our processing of your personal information is consent, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing before the withdrawal.
6.13 You may exercise any of your rights in relation to your personal data by contacting us at email@example.com, in addition to the other methods specified in this Section 6.