Privacy

1. Introduction

This Privacy Policy applies to the website, https://getsub.dev, (hereinafter the “website”) published by the company Cofoundly (hereinafter “the company” or “we”) and its other services and products where personal data is shared with the company. Please read this Privacy Policy carefully as it explains how the company uses your personal data and how to exercise your rights. This Privacy Policy supplements the Terms & Conditions or any documents or notices that may refer to this Privacy Policy. Should you have any questions, you may directly contact the company by sending an email to shaun@getsub.dev.

2. Definitions

DATA means data about a living individual who can be identified from those data (or from those and other information either in our possession or likely to come into our possession).

USAGE DATA is data collected automatically either generated by the use of Service or from Service infrastructure itself (for example, the duration of a page visit).

COOKIES are small files stored on your device (computer or mobile device).

DATA CONTROLLER means a natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed. For the purpose of this Privacy Policy, we are a Data Controller of your data.

DATA PROCESSORS (OR SERVICE PROVIDERS) means any natural or legal person who processes the data on behalf of the Data Controller. We may use the services of various Service Providers in order to process your data more effectively.

DATA SUBJECT is any living individual who is the subject of Personal Data.

THE USER is the individual using our Service. The User corresponds to the Data Subject, who is the subject of Personal Data.

3. Legal context

We adhere to the guidelines provided by the relevant authorities and have established an organization to ensure our compliance with the regulatory framework outlined in the General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR) and any other applicable laws or regulations related to personal information.

4. What is our role?

Under the GDPR, we are classified as a data controller. This designation means that we determine the reasons and methods for processing your personal information. For instance, when you visit our website, we are responsible for specifying the purposes and the necessary methods to manage the personal information of our users that we collect from it.

Depending on the specific activity involving your data, we may also act as a data processor. In this scenario, you, as an end user of our customer, are the data subject, and we process your data according to our customer's instructions, who is regarded as the data controller. The data controller establishes the objectives and methods for the processing activity, and we comply with and deliver our services in alignment with these instructions.

5. What kind of personal information do we process?

We collect and process only relevant and adequate personal information, paying special attention to its accuracy and timely updates. Personal information encompasses various types of data, including:

  • Connection data: Examples include IP addresses, logs, terminal and connection identifiers, timestamps, etc.

  • Internet data: This category comprises cookies, tracers, navigation data, audience metrics, etc.

  • Identification data: Such as first name, last name, picture, birth date, etc.

The collection of this information may be mandatory to provide our service, or it could be optional, aimed at enhancing your experience and left to your discretion. When we collect your data, we clearly indicate whether it is mandatory or optional.

Please note that if you refuse to provide mandatory information, we may not be able to offer you our full range of services, and you might experience inconveniences. Your understanding and cooperation are appreciated.

6. When do we collect your personal information?

We gather your personal information on different occasions through various sources:

  • Website or Software Visit: When an individual browses our website or uses our software solutions, certain data is collected to enhance user experience and provide relevant services.

  • Billing Form: When an individual completes a payment checkout, we collect necessary information to process the transaction securely and efficiently.

Rest assured, we handle this information with utmost care and in compliance with applicable data protection laws.

7. How do we use your personal information?

We want to assure you that your personal information will never be used for purposes that are incompatible with the reasons it was initially collected. We adhere to strict guidelines, collecting and processing personal information only for specified, explicit, and legitimate purposes, such as:

  • Website Audience Measurement: Gathering analytics on website traffic to enhance user experience and content relevance.

  • Payment & Billing Management: Processing financial transactions to fulfill contractual obligations.

To ensure compliance with the principle of lawfulness, we carefully determine the legal basis for each data processing activity, as outlined in Article 6 of the GDPR. Importantly, we do not process your data or use automated decision-making processes without your knowledge, and we never sell or rent your personal information without your explicit consent. Your privacy and trust are paramount to us.

8. Who can access your personal information?

We want you to know that we choose recipients for your personal information carefully. They receive this data for legitimate purposes, essential for our business operations and to provide you with high-quality service. Here's how we categorize them:

  • Subprocessors: Entities like Stripe, Inc. assist us in payment processing. These entities act as data processors under Article 28 of the GDPR. We rigorously review their handling of personal information and ensure they implement appropriate safeguards for its protection.

  • Authorized Third Parties: Some recipients are considered authorized third parties under Article 4 of the GDPR. We share your personal information with them when necessary to meet legal obligations, respond to lawful requests, and comply with legal processes (such as subpoenas or requests from government or tax authorities).

Rest assured, your privacy and the security of your data remain our top priority.

9. Where do we transfer your personal information?

We strive to process your personal information within the European Union whenever possible. However, some of our service providers may operate in countries where you are a resident or outside the European Union.

When we transfer your personal information to a recipient located outside the European Union, we ensure your data's safety by implementing sufficient guarantees as outlined in Articles 44 to 50 of the GDPR. This may include storing it in a country with adequate privacy protection or establishing Data Protection Agreements to safeguard your information.

Here are the details of our subprocessors and the adopted safeguards:

  • Subprocessor: [Name of the subprocessor]

  • Location: [Location outside the European Union]

  • Adopted Safeguard: [Brief description of the safeguard implemented]

Your privacy and the security of your data are of utmost importance to us.

10. How long do we store your personal information?

In our role as a data controller under the GDPR, we establish retention periods for your personal information based on the purposes for which it was collected and our legal obligations. When we act as a data processor for our customers, we retain their end users' personal information for the duration specified in our terms and conditions and as necessary to provide the subscribed services. Once these purposes are fulfilled or upon your request, your personal information is either archived, erased, or anonymized, ensuring your data's security and privacy.

11. How do we protect your personal information?

We prioritize the safety of your personal information and have implemented rigorous technical and organizational security measures to maintain its confidentiality, integrity, and availability. Our efforts are aimed at minimizing risks to your rights and freedoms. To achieve this, we carefully adhere to the recommendations provided by competent authorities regarding security. Your trust and the security of your data are of utmost importance to us.

12. What are your rights and how to exercise them?

In accordance with Articles 12 to 23 of the GDPR, we respect your rights over your personal information, and you can:

  • Request access to your personal information and obtain a copy of it.

  • Ask us to modify your personal information if it is obsolete, inaccurate, or incomplete.

  • Object to the processing of your personal information based on our legitimate interest in certain circumstances.

  • Request to restrict the processing for a limited period in certain circumstances.

  • Opt-out from consent already given; this withdrawal does not affect the lawfulness of prior processing operations.

  • Request the personal information you provided, or have it communicated to a third party, where technically feasible.

  • Ask us to delete your personal information if it meets applicable legal grounds.

These rights can be exercised directly and at any time by sending an email to [your email address] or visiting our Data Requests page at [link to the Data Requests page]. If you are our customer's end user, please note that such requests will be forwarded to and addressed by them directly.

13. Children's privacy

Our Services are not intended for use by children under the age of 13 ('Children'). We do not knowingly collect personally identifiable information from Children under 13. If you become aware that a Child has provided us with Personal Data, please contact us immediately. If we discover that we have collected Personal Data from Children without parental consent verification, we take prompt steps to remove that information from our servers. We are committed to ensuring the privacy and safety of all users, especially children.

14. Policy changes

This Privacy Policy may be modified in the future to ensure its alignment with legal requirements and developments. Any changes will be communicated to you through a special mention on this page or via personalized notifications, such as email alerts, to keep you informed.

15. Contact us

If you have any questions about this Privacy Policy, please contact us via email at shaun@getsub.dev.

Last Updated: 9 December 2023