This Notice describes the rights of consumers under the European Union General Data Protection Regulation (“GDPR”). Desenio Group Inc. (the “Company”) respects your privacy. This Notice applies solely to visitors, users, registrants, and others who are residents of the European Union (“consumers” or “you”).
INFORMATION COMPANY COLLECTS
The Company collects information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a natural person (“Personal Data”).
In particular, the Company may have collected the following categories of Personal Data from consumers within the last twelve (12) months: names, email address, addresses, phone number, location, IP-addresses, account information, cookies, browsing activity, and credit card information (if you purchase a product from us).
The Company obtains the above categories of Personal Data from the following categories of sources:
- Directly from you if you provide your Personal Data to Company. For example, from online forms you complete or products or services you purchase from the Company or when you create an account with us.
- Directly and indirectly from activity on Company’s Website or engagement with content via your browser’s cookies.
- Directly from Company’s prospects, customers, or their agents.
- Indirectly from Company’s prospects, customers, or their agents. For example, through information Company collects from Company’s customers in the course of providing services to them or from observing their actions on our Website.
INFORMATION COMPANY USES:
The Company may use or disclose the Personal Data Company collects for one or more of the following purposes:
- To fulfill or meet the reason you provided the Personal Data. For example, if you share your name and contact information to request a price quote or ask a question about our products or services, we will use that Personal Data to respond to your inquiry. If you provide your Personal Data to purchase a product or service, we will use that information to process your payment. We may also save your information to facilitate new product orders.
- To provide, support, personalize, and develop Company’s Website, the Content, and other Company IP.
- To create, maintain, customize, and secure your account with Company.
- To process your requests, purchases, transactions, and payments and prevent transactional fraud.
- To provide you with support and to respond to your inquiries, including to investigate and address your concerns and monitor and improve Company’s responses.
- To personalize your experience using the Website, and to deliver Content and other product and service offerings relevant to your interests, including targeted offers and ads through Company’s Website, third-party websites, and via email or text message (with your consent, where required by law).
- To help maintain the safety, security, and integrity of Company’s Website, the Content, Company’s IP, other Company technology assets, and business.
- For testing, research, analysis, and product development, including to develop and improve Company’s Website and the Content.
- To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
- As described to you when collecting your Personal Data or as otherwise set forth in the GDPR.
- To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of the Company’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Data held by Company is among the assets transferred.
The Company will not collect additional categories of Personal Data or use the Personal Data that the Company has collected for materially different, unrelated, or incompatible purposes without providing you notice.
INFORMATION COMPANY SHARES:
We may share your Personal Data by disclosing it to a third party for a business purpose, such as for processing your order or payment, managing your account, or emailing you with special offers on other products or services we think you might like. We require the recipient to keep the Personal Data confidential and prohibit using the disclosed information for any other purpose.
We do not sell Personal Data. In the preceding twelve (12) months, Company has not sold Personal Data. Under the GDPR you have the right to opt out of the Company selling your Personal Data to third parties by writing to the Company at firstname.lastname@example.org.
INFORMATION COMPANY STORES:
The Company securely stores your data in separate databases hosted by third parties, including, Digitalocean, Oderland, and Microsoft Azure. Your data is maintained for a period of twelve (12) months. The databases are subject to change in Company’s sole and absolute discretion.
YOUR RIGHTS AND CHOICES:
The GDPR provides consumers with specific rights regarding their Personal Data. This Section describes your GDPR rights and explains how to exercise those rights.
RIGHT OF ACCESS:
You have the right to request that the Company disclose certain information to you about Company’s collection and use of your Personal Data over the past 12 months (the “Right of Access”). Once the Company receives and confirm your verifiable consumer request, the Company will disclose to you:
- the purposes of the processing;
- the categories of personal data concerned;
- the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations;
- where possible, the intended period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
- the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;
- the right to lodge a complaint with a supervisory authority;
- where the personal data are not collected from the data subject, any available information as to their source;
- the existence of automated decision-making, including profiling and, at least in those cases, meaningful information about the logic involved, as well as the significance and the intended consequences of such processing for you.
RIGHT TO RECTIFICATION:
You have the right to rectify inaccurate Personal Data collected by the Company (“Right to Rectification”).
RIGHT TO ERASURE/RIGHT TO BE FORGOTTEN:
You have the right to request that Company delete any of your Personal Data that Company collected from you and retained, subject to certain exceptions (the “Right of Erasure”). Once Company receives and confirms your verifiable consumer request, Company will delete (and direct Company’s service providers to delete) your Personal Data from Company’s records, unless an exception applies.
Company may deny your deletion request if retaining the information is necessary for Company or Company’s service provider(s) to:
- Complete the transaction for which Company collected the Personal Data or otherwise perform Company’s contract with you; or
- Provide a good or service that you requested; or
- Take actions reasonably anticipated within the context of Company’s ongoing business relationship with you; or
- Fulfill the terms of a written warranty or product recall conducted in accordance with federal law; or
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities; or
- Debug Company IP to identify and repair errors that impair Company’s Company IP functionalities; or
- Exercise free speech ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law; or
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information's deletion may likely render impossible or seriously impair the research's achievement, if you previously provided informed consent; or
- Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us; or
- Comply with a legal obligation; or
- Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
We will delete or de-identify Personal Data not subject to one of these exceptions from our records and will direct our service providers to take similar action.
If you have any questions about how we share your personal data or if you want the information appropriate safety measures we have, please contact us.
How can you affect our processing of your personal data?
According to data protection legislation, you are entitled to a variety of rights to affect our processing of your personal data. Read more below.
RIGHT TO RESTRICTION OF PROCESSING:
You have the right to restrict the processing of your Personal Data where one of the following applies (the “Right to Restriction of Processing”):
- You have contested the accuracy of the Personal Data, for a period enabling the Company to verify the accuracy of the Personal Data;
- The processing of the Personal Data is unlawful and you oppose the erasure of the Personal Data and request the restriction of its use instead;
- The Company no longer needs the Personal Data for the purposes of the processing, but it is required for the establishment, exercise or defense of legal claims;
- You have objected to processing pursuant to your Right to Object (defined below), pending the verification whether the legitimate grounds of the Company override yours.
RIGHT TO DATA PORTABILITY:
You have the right to your Personal Data in a structured, commonly used and machine-readable format and the right to transmit those data to another controller without hindrance from the Company, where the processing is based on consent or is carried out by automated means (the “Right to Data Portability”).
RIGHT TO OBJECT:
You have the right to object at any time the processing of your Personal Data based on (“Right to Object”):
- necessary processing for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Company;
- necessary processing for the purposes of the legitimate interests pursued by the Company or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
EXERCISING YOUR RIGHTS:
To exercise your Right of Access, Right to Rectification, Right of Erasure, Right to Restriction of Processing, Right to Data Portability, and Right to Object as described above, please submit a verifiable consumer request to Company at:
Via Email: On our Contact us page or at email@example.com.
Via Mail: Desenio Group Inc, 150 North Michigan Avenue, Suite 1950, Chicago, IL 60601
Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your Personal Data.
You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:
- Provide sufficient information that allows Company to reasonably verify you are the person about whom Company collected Personal Data or an authorized representative; and
- Describe your request with sufficient detail that allows Company to properly understand, evaluate, and respond to it.
Company cannot respond to your request or provide you with Personal Data if Company cannot verify your identity or authority to make the request and confirm the Personal Data relates to you.
Making a verifiable consumer request does not require you to create an account with Company. Company will only use Personal Data provided in a verifiable consumer request to verify the requestor's identity or authority to make the request.
RESPONSE TIMING AND FORMAT:
The Company will endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt of such request. If the Company requires more time, the Company will inform the requestor of the reason and extension period in writing, which may be extended for up to an additional forty-five (45) days (90 days in total from the date of receipt of the verified consumer request).
If you have an account with us, the Company will deliver our written response to that account. If you do not have an account with us, the Company will deliver a written response via email, if your request is either made via email or an email address is provided in a verified consumer request that is mailed; provided however, the Company will provide a written response via regular postal mail to the address you provided in the consumer verified request if a response by mail is expressly requested in the consumer verified request.
Any disclosures the Company provides will only cover the 12-month period preceding the verifiable consumer request's date of receipt. The response the Company provides will also explain the reasons the Company cannot comply with a request if that is the case. For data portability requests, Company will select a format to provide your Personal Data that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
The Company does not charge a fee to process or respond to your verifiable consumer request, unless it is excessive, repetitive, or manifestly unfounded and unreasonable. If the Company determines that a fee is warranted for your request, the Company will inform you the reasons under which the Company has warranted such fee and provide you with an estimated cost of such fee prior to completing your request.
The Company will not discriminate against you for exercising any of your GDPR rights. Unless permitted by the GDPR, the Company will not:
- Deny you goods or services; or
- Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties; or
- Provide you a different level or quality of goods or services; or
- Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
However, the Company may offer you certain financial incentives as part of a financial incentive program (“Program”) permitted under the GDPR that could alter the prices, rates, or quality levels of the goods or services you receive. Any GDPR-permitted Program that the Company offers will reasonably relate to your Personal Data’s value and contain written terms describing the material details of such Program. Your prior “opt in” consent, which you may revoke at any time, is required to participate in any such Program.
PRIVACY NOTICE CHANGES:
The Company reserves the right, in its sole discretion, to update, change, modify, add, or remove portions of this Notice from time to time and without notice. No amendment, modification, extension, limitation, waiver, or termination of this Notice by you shall be valid except with the written consent of the Company. The Company encourages you to periodically review this page for the latest information regarding the Company’s Notice. Your continued use of the Website and other Company IP is subject to the most current effective version of Company’s Notice. If you object to this Notice after it becomes effective for you, you may no longer use or access the Company IP, including the Website.
If you have any questions or comments about this notice, the ways in which the Company collects and uses your Personal Data described here, your choices and rights regarding such use, or wish to exercise your rights under European Union law, please do not hesitate to contact the Company on our Contact Us page or at firstname.lastname@example.org.