PRIVACY POLICY
LUSSY.IO,INC PRIVACY POLICY
Effective as of:
17 October 2019
1. Key Details and Who We Are
1.1. Our Purpose
Here at Lussy.io,INC, Inc. (
“We”, “Us”, “Lussy.io,INC”
) we are deeply concerned about our Users’ (
“You”, “Customer”
) privacy and to that end when you’re visiting Lussy.io,INC or any of its sub-domains (
“Website”
), or using our services (
“Service”
) we process your personal data regardless of point of access or your country of residency. This Privacy Policy (
“Policy”
) informs you about who we are, why we are collecting your Personal Information, to whom we are sharing your information with, our legal basis and reasons for doing so, and finally your rights.
The Personal Information when accessing the Website, signing-up for the Newsletter, signing-up for an account, by using our Service or by contacting us, may differ for each action and Lussy.io,INC using the Policy herein informs you about how we are handling your Personal Information.
It is of utmost importance to read the Policy provided herein in tandem with our Terms of Service to better grasp the key terms provided and explained therein.
If you are a resident of State of California, please see §7.1 and §7.2 titled “California Residents’ Privacy Rights” and; if you are a European Union citizen, see §7.3 titled “Additional Information for European Union Citizens”
1.2. Controller
Lussy.io,INC, Inc., a Delaware – the United States company, residing at ### with register number ###, is a data controller (
“Controller”
) for any and all data processing that occurs through accessing the Website and/or using the Services.
1.3. Contact Details
Our contact details are as follows,
Name of the company
|
Lussy.io,INC
|
Postal address of the company
|
Address 10601 Clarence Drive suite 250, Frisco TX 75033
|
E-mail address
|
support@lussy.io
|
File number
|
7571433
|
EU Representative
|
Oussama Gholmieh
|
2. Definitions
For the Policy the definitions provided herein shall be understood as follows;
CCPA
|
The California Consumer Privacy Act of 2018, signed into law on June 28, 2018 by the State of California |
Controller
|
A natural or legal person who determines the means of and purposes for processing personal data |
Controller
|
A natural or legal person who determines the means of and purposes for processing personal data |
Data Subject
|
A natural personal who can be identified or rendered identifiable through the personal data related to |
GDPR
|
The General Data Protection Regulation, signed into law on May 25, 2018 by the European Union |
Non-Personal Data
|
Information that is collected by Lussy.io,INC that cannot be tracked back to the data subject or rendered untraceable by Lussy.io,INC through the means of anonymization |
Personal Information
|
Information that makes it possible for any other person to identify an individual to whom the data relates to |
Personal Information Breach
|
A breach of security whether accidental or on purpose, resulting in accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data. |
Processing
|
Collecting and manipulating data items to generate meaningful information |
Processor
|
A natural or legal person who processes personal data on behalf of a Controller |
Sensitive Personal Information
|
Personal Information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership and; genetic and biometric information, information concerning data subject’s sex life or sexual orientation |
Third Party
|
Any other natural or legal person that is not part of Lussy.io,INC |
3. Your Personal Information
3.1. Personal Information You Provide to Us
The Personal Information listed hereunder may be collected when you;
- create an account for the Website,
- use our Services,
- provide us with your feedback,
- purchase our Services,
- contact us or,
- request support services.
Categories of Personal Information
|
Types of Personal Information
|
Contact Information |
Email Address |
Financial Information |
Payment Card Details |
Identity Information |
First Name and Last Name |
Marketing and Communication Information |
Preferences for marketing communication such as the Newsletter and how you engage with therewith |
Transaction Information |
Any and all details about payments from you and other related details thereto |
Trial and demo registration information |
Company Name |
3.2. Personal Information Collected by Us
The Personal Information listed hereunder may be collected through automatic means including without limitation cookies, server logs and other technologies of equivalent nature. In cases where a Third Party uses our cookies, we may also receive Personal Information therefrom.
You may see our Cookie Policy to learn more about the types of cookies we use, and other information related thereto.
Categories of Personal Information
|
Types of Personal Information
|
Customer Feedback |
Feedback when prompted automatically by the Website |
Technical Information |
Internet Protocol (IP) address, login data, device and browser type, browser version, time zone settings, browser plug-in type and version, operating system and platform (collectively “Cookie Information”) |
Profile Information |
Password preferences and how you contact our Customer Services |
Usage Information |
The pages that you have visited, and spent time, the frequency of your use of Services, search queries, the links that you access, language preferences |
3.3. How Your Personal Information is Processed
Your Personal Information either given to or collected by us shall only be processed when necessary, to do so we may refer to reasons (
“Processing Reason”
) and a limited number of legal reasons (
“Legal Basis”
) associated therewith.
Your Personal Information may be used;
- to form the contract that we are entering or perform the contract that have entered with you,
- to comply with legal and/or regulatory obligations when required by the law, and
- when it is necessary for our legitimate interests given that your fundamental rights and interests are not violated.
We do not rely on consent for our legal basis except for the Newsletter sent, you can withdraw your consent at any time via support@lussy.io
Personal Information Category
|
Personal Information
|
Processing Reason
|
Legal Basis
|
Identity |
First Name and Last Name |
Creation of an account |
Entering into a contract |
Contact |
Email Address |
Creation of an account |
Entering into a contract |
Email Address |
Notifying you about changes to our Policy |
Necessity to comply with a legal obligation |
Email Address |
Delivery of the Newsletter |
Entering into a contract |
Financial Information |
Payment Card Details |
Processing the payment |
Performance of a contract |
Transaction Information |
Payment History |
In the event of a dispute |
Legitimate interest to keep our records updated |
Trial and Demo Registration Information |
Company Name |
Creation of an account |
Entering into a contract |
Marketing and Communications Information |
Marketing Preference |
Personalized offers and services |
Consent |
Customer Feedback |
Feedback |
Improvement of the Website and the Services offered |
Legitimate interest to improve our Website/Services |
Profile Information |
Password |
Creation of an account |
Entering into a contract |
Usage Information |
Use of the Website |
Improvement of the Website and the Services offered |
Legitimate interest to study how our Users use the Website/Services |
Technical Information |
IP Address |
Accessing the Website |
Necessity to comply with a legal obligation |
Cookie Information |
Improvement of the Website and the Services offered |
Legitimate interest to analyze how our Website is performing |
3.4. Marketing and Promotions
As mentioned above, we rely on your explicit and informed consent to contact our Customers regarding Promotions based on data including without limitation, Technical Information, Usage Information, Customer Feedback and Transaction Information.
3.4.1. Third-Party Marketing
In the event of your Personal Information becoming a subject for third-party marketing services, Lussy.io,INC shall ask for our Customers’ explicit and informed consent to share the information therein with third-party marketing services.
3.4.2. Opting-Out
Withdrawing your consent to opt-in (
“Opting-out”
) to our Marketing and Promotions Services and third-party marketing services shall mean your exclusion from our personalized content tailored based on Personal Information and that of third-party marketing services.
That being said, such opt-out shall not apply to your Transaction Information prior to opting-out.
3.5. Changes to our Processing Reasons
We shall only process your Personal Information in according to Processing Reasons listed under §3.3, in the event a Processing Reason changes but remains compatible with the original reason listed thereunder, we may use the new Processing Reason for your Personal Information. If you want to learn more about new Processing Reason, please do not hesitate in contacting us.
If it is necessary for us to process your Personal Information unrelated to the original Processing Reason listed thereunder, Lussy.io,INC shall update §3.3 accordingly and notify you of the changes.
3.6. Exemptions and Exclusions to Your Personal Information
Additional information may be used, collected and/or shared by Lussy.io,INC as Aggregated Data including statistical data on use of the Website/Services. Even though the information hereunder may be derived from your personal information as given thereunder in §3.1 and §3.2, they can no longer be linked back to you nor identify you thus can no longer be considered as Personal Information.
Sensitive Personal Information
are not collected by automatic means nor provided to us based on your explicit and informed consent.
3.7. Failure to Provide Personal Information
Your failure to provide Personal Information where,
- its necessity arises out of law and/or any secondary act of legislation related thereto,
- it is needed by our Terms of Service or the reasons stipulated thereunder to enter into a contract and/or provide you with our Services
shall result with your access to our Services and/or Website being ceased upon your notification.
4. Third Party Sites and Services
We may share your Personal Information only when your explicit and informed consent is acquired to do so.
Your Personal Information that may be disclosed or under the circumstances during which your Personal Information may be disclosed without your explicit consent are underlined hereunder:
4.1. Payment Information
Lussy.io,INC and our payment gateway partner have access to your financial information. We will not share this information with any other 3rd party.
Law Enforcement and other Judiciary Authorities
We may be compelled to disclose your Personal Information whether given to or collected by us when compelled to do so when required by the law including without limitation legal claims, legal investigations, lawful requests or legal processes.
5. Information Security
We have enacted appropriate security measures to ensure the safety, protection and the encryption of your Personal Information such that we may prevent accidental or unauthorized destruction, loss, theft or; unauthorized use, alteration and disclosure.
To do so, we limit the accessibility of your Personal Information to our employees, agents, contractors, affiliates, directors and other relevant third parties on a need-to-know basis. Any legal or natural person processing your Personal Information shall be under the duty of confidentiality and shall act with fiduciary care.
In addition, any case of Personal Information Breach or reasonable suspicion of the breach shall be handled according to our internal documents detailing how to act under such circumstances.
6. Children’s Privacy
Our Website is not intended for those under the age of 18 (a
“Minor”
) as stipulated in our Terms of Service, as a result of this Lussy.io,INC does not knowingly collect and/or is provided with Personal Information belonging to a Minor.
If we learn that any Personal Information processed by us, belongs to a Minor we shall take the appropriate measures to delete such Personal Information.
7. Your Rights
7.1. California Residents’ Privacy Rights
Our Customers and those who visit our Website residing in the State of the California have the right to contact us to be informed about their Personal Information, if any processed by us or shared by us with third parties.
If you satisfy the conditions listed hereunder, you may contact us at support@Lussy.io,INC
7.2. California and Delaware “Do Not Track” Disclosures
As per California and Delaware State Laws, Lussy.io,INC honors the “Do Not Track” settings in the Browsers that turn-off targeted advertising.
7.3 Additional Information for European Union Users
Any and all references to Personal Information in this Policy shall be read as
“Personal Data”
under GDPR.
7.3.1. Controller
Lussy.io,INC, Inc. is the data controller under the relevant provisions of GDPR as set forth in §1.2.
7.3.2. Principles
Your Personal Data listed under §3.3 shall be processed,
-
lawfully, fairly and in a transparent manner in relation to the Data Subject (
“lawfulness”, “fairness” and “transparency”
)
-
accurately and where necessary, kept up to date (
“accuracy”
)
-
for specific, explicit and legitimate purposes (
“purpose limitation”
),
-
relevant, limited and proportionate to the purposes for which they are processed (
“data minimization”
), and
- in a manner that ensures appropriate security of the Personal Data and kept in a form which allows identification of Data Subjects for no longer than is necessary for the Processing Reasons.
7.3.3. Legal Bases
Legal Bases for processing Personal Data listed thereunder §3.3 shall be understood as listed under GDPR Art. 6 as;
Entering into a contract |
Processing your Personal Data such that we can enter into a contract to provide you access to our Services, i.e. signing up for an account |
Performance for a contract |
Processing your Personal Data such that we can honor our obligations arising out of the contract between you and us, i.e. providing you with a Persona |
Necessity to comply with a legal obligation |
Processing your Personal Data because of a valid European Law, i.e. logging your IP address |
Legitimate interest |
Processing your Personal Data for the security concerns or development of the Services, i.e. your Transaction History |
Consent |
Giving us permission to use your Personal Data in accordance with our Processing Reasons via an opt-in mechanism |
7.3.4. Your Rights
The rights under the GDPR for our Users who are European Union Citizens are listed below,
Right to be informed |
Providing you with clear and concise information about company, your Personal Data collected by or given to us, generally our Policy |
Right of access |
Your request to learn your Personal Data collected by or given to us (
“subject access”
)
|
Right of rectification |
Your request to rectify or complete, if incomplete, your Personal Data in relation with Art. 5 (1)(d) of GDPR |
Right to erasure |
Your request to have your Personal Data erased (
“the right to be forgotten”
)
|
Right to restrict processing |
Your request to limit the way your Personal Data is used |
Right to data portability |
Your request to receive your Personal Data in a machine-readable format and/or request us to transfer your Personal Data to another Controller |
Right to objects |
Your request for us to stop processing your Personal Data |
Rights in relation to automated decision making |
In the cases where we process your Personal Data via automated decision making (where no human is involved, i.e. sending you personalized marketing offers based on your Transaction Information), you may request us to stop doing so |
Unless extenuating circumstances apply, we shall respond to your requests in one calendar month after your request has reached us, and we shall do so free of charge notwithstanding extraordinary efforts on our part.
In cases where we take longer due to the number of requests, we shall notify you and keep you updated of the process.
We may also need identity-proving documentation on your part such that we can verify the identity of the requester, we may also contact you about your request in order for us to hasten the process.
7.3.5. Retention
We shall only keep your Personal Data in accordance with Principles under §7.3.2, specifically Data Minimization to the satisfaction of our relevant Legal Bases.
In determining your Personal Data retention, we consider the nature, amount, the potential risks associated with in case of Personal Data Breach, our Processing Reasons and whether or not such reasons can be achieved in a different manner.
We keep your Personal Data for different amounts of time and by exercising your right to access listed under §7.3.4, you can learn in detail our data retention policy.
8. International Transfers
Personal Information given to or collected by us may be sent out of the United States and/or the European Economic Area to be processed by us in our facilities or on the cloud services offered by our service providers.
We shall always protect your Personal Information regardless of where processing takes place.
9. Cross-Border Transfer
If we transfer your Personal Information out of the United States, we shall ensure the safety and security of your Personal Information and in cases where we are required to comply with different sets of regulations concerning your Personal Information, we shall do so.
10. Changes to the Policy
Lussy.io,INC reserves the right to update the Policy and other related notices thereto, and herein Policy shall be understood in a manner such that the Policy supplements and complements any and notices and overrides any past notices.
The date on which herein Policy becomes effective (
“Effective Date”
) is given on the top of the page and any changes to thereto shall be understood as an update to the herein Policy.