Privacy Policy

Last updated: 6 May 2022

Prior versions

·       22 July 2021

1.      Welcome!

Fidelior™, a trading name of Fidelior Netherlands BV., provides a worldwide SaaS digital service that can help address the growing problem of predatory journals and questionable publishing practices. Fidelior Netherlands BV. cares about the security and privacy of personal data that is entrusted to Us.

This privacy policy, (“Privacy Policy”) and any other documents referred to in it, sets out the basis on which We collect and process your Personal Data as a data controller when you use our Websites or Services. 

We use Your Personal Data only for lawful reasons to provide and improve the Website and Services. By visiting the Websites or using the Services, You agree to the collection and use of Your Personal Data in accordance with this Privacy Policy. This Privacy Policy includes important information about Your Personal Data and We encourage You to read it carefully. 

Please note:

This Privacy Policy does not apply to any data You provide to Us when We process Personal Data on Your behalf as Your data processor i.e. where We process data within the cloud service We provide to You, as Your service provider.

2.      Definitions

In this Privacy Policy, the following capitalized words shall have the following meanings, regardless of whether they appear in the singular or plural.

For the purposes of this Privacy Policy:

·       “Account” means a unique account created for You to access the Services or parts of the Services.

·       “Applicable Data Protection Law” means all worldwide data protection and privacy laws and regulations in any relevant jurisdiction applicable to the collection, use, processing, and disclosure of Your Personal Data, including, where applicable, the EU General Data Protection Regulation (GDPR).

·       “We“, “Us” or “Our” means the company set out below:

o   Fidelior Netherlands BV.

o   For the purpose of EU and UK data protection laws, We are the data controller.

·       “Do Not Track” (DNT) is a concept that has been promoted by US regulatory authorities, in particular the U.S. Federal Trade Commission (FTC), for the Internet industry to develop and implement a mechanism for allowing Internet users to control the tracking of their online activities across websites.

·       “Facebook Fan Page” means the public profile of “Fidelior” on the Facebook social network, accessible from https://www.facebook.com/Fidelior-100928322207242.

·       “LinkedIn Company Page” means the public profile of  “Fidelior” on the LinkedIn social network, accessible from https://www.linkedin.com/company/23562479/admin/. 

·       “Personal Data” or personally identifiable information, means any information about an individual from which that individual can be identified. It does not include anonymous data.

For the purposes of GDPR, Personal Data means any information relating to You such as a name, an identification number, location data, online identifier or one or more factors specific to Your physical, physiological, genetic, mental, economic, cultural or social identity.

For the purposes of the CCPA, Personal Data means any information that identifies, relates to, describes or is capable of being associated with, or could reasonably be linked, directly or indirectly, with You.

·       “Services” means the services made available to You by Us via Websites.

·       “Third-party Social Media Service” refers to any website or any social network website through which a User can log in or create an Account to use the Services.

·       “Twitter Fan Page” is a public profile named Fidelior specially created by Us on the Twitter social network, accessible from https://twitter.com/fidelior.

·       “Websites” means the websites operated by Us at www.fidelior.net, www.fidelior.com, www.fidelior.eu, www.fidelior.in, www.fidelior.us, www.fidelior.asia, www.fidelior.org, www.fidelior.net, www.fidelior.com, www.fidelior.cn, www.fidelior.co.za, www.fidelior.ru, and www.fidelior.uk.

·       “You” means the individual accessing or using the Services or Websites is accessing or using the Services or Website, as applicable.

3.      Legal Basis for Processing

We will only use Your Personal Data when the law allows Us to do so. Most commonly We will use Your Personal Data in the following circumstances:

·       To fulfil Our contractual obligations to You.

·       Where it is necessary for Our legitimate interests (or those of a third party) and Your interests and fundamental rights do not override those interests.

·       To comply with a legal obligation.

To the extent We process Your Personal Data for any other purposes, We ask for Your consent in advance or require that Our partners obtain such consent.

4.      Personal Data We May Collect from You

4.1. Types of Data Collected

We may collect and process Personal Data about You when you use the Websites and Services. We collect, use, store and transfer different kinds of Personal Data about You which We have grouped as follows:

·       Identity Data: includes first name, maiden name, last name, username or similar identifier, marital status, title, date of birth, gender, ID card or passport and bank statement.

·       Contact Data: includes billing address, delivery address, email address and telephone numbers. 

·       Financial Data: includes bank account and payment card details. 

·       Transaction Data: includes details about payments to and from You and other details of products and services You have purchased from Us.

·       Technical Data: includes internet protocol (IP) address, Your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices You use to access the Websites or Services.

·       Profile Data: includes Your username and password, purchases or orders made by You, Your interests, preferences, feedback and survey responses.

·       Usage Data: includes information about how You use the Websites and Services, including the full Uniform Resource Locators (URL) clickstream to, through and from the Websites and Services (including date and time); products You viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page and any phone number used to call Our customer service number and other diagnostic data on how You interacted with Our Website. When You access the Services by or through a mobile device. 

·       Marketing and Communications Data: includes Your preferences in receiving marketing from Us and our third parties and Your communication preferences.

·       Aggregated Data: We also collect, use and share statistical or demographic data for any purpose. This Aggregated Data could be derived from Your Personal Data but is not considered Personal Data in law as this data will not directly or indirectly reveal Your identity. For example, We may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if We combine or connect Aggregated Data with Your Personal Data so that it can directly or indirectly identify You, We treat the combined data as Personal Data which will be used in accordance with this Privacy Policy.

·       Special Category Data: We do not collect, store or use any special category data about You. Special category data includes details about Your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about Your health, and genetic and biometric data. 

We do not collect information about criminal convictions and offences. 

4.2. If You Fail to Provide Personal Data

Where We need to collect Personal Data by law, or under the terms of a contract We have with You, and You fail to provide that data when requested, We may not be able to perform the contract We have or are trying to enter into with You (for example, to provide You with goods or services). In this case, We may have to cancel a product or service You have with Us but We will notify You if this is the case at the time.

4.3. How Personal Data Is Collected

We use different methods to collect data from and about You including via:

·       Direct Interactions: You may give us your Identity, Contact and Financial Data when You fill in forms or correspond with Us by post, phone, email or otherwise. This includes Personal Data You provide when You register to use the Websites, Services or to receive Our newsletter, subscribe to use the Services, create an account to use the Websites or Services, request marketing to be sent to You, search for a product or place an order on the Websites, participate in discussion boards or other social media functions on the Websites, enter a competition, promotion or survey, attend a conference or webinar, give us feedback or contact us and when you report a problem with the Websites or Services.

·       Purchases: If You make purchases via the Websites or within the Services, or register for an event or webinar, We may require you to provide Your Identity, Contact, Financial and Transaction Data.

·       Community: If You register for an online community that we provide, we may ask You to provide Us with Your Identity, Contact, Profile and Technical Data.

·       Automated Technologies or Interactions: As You interact with the Services, Websites or Our emails, We automatically collect Technical Information about Your device, browsing actions, patterns, Location Data and Usage Data. We collect this Personal Data by using cookies, server logs, web beacons, pixels, and similar technologies about Your device, and Your use of the Websites and Services. Please see our Cookie Policy (https://fidelior.com/cookie-policy/) for further details about Our use of cookies. Web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit Us, for example, to count users who have visited pages or opened an email and for other related Website statistics (for example, recording the popularity of a certain section and verifying system and server integrity).

We may also receive Technical Data about You if You visit other websites using Our cookies. 

4.4. Personal Data We Collect from Other Sources

We also collect Personal Data about You from publicly available sources. We may combine this information with Personal Data provided by You. This helps Us update, expand, and analyse Our records, identify new customers, and create more tailored advertising to provide services that may be of interest to You. We also use this for the purposes of targeted advertising, delivering relevant email content, event promotion and profiling, determining eligibility and verifying Contact Data. The Personal Data we collect includes: 

Identity and Contact Data: from publicly available sources such asCompanies House.

Identity, Contact and Profile Data: that is published about You on Your social media profiles on LinkedIn, Facebook, and Twitter.

4.5. Our Social Media Pages

Facebook Fan Page – As the operator of the Facebook Fan Page https://www.facebook.com/Fidelior-100928322207242, We share Your Personal Data with the operator of the social network Facebook.

We have entered into agreements with Facebook that define the terms for use of the Facebook Fan Page, among other things. These terms are mostly based on the Facebook Terms of Service: https://www.facebook.com/terms.php

Please visit the Facebook Privacy Policy https://www.facebook.com/policy.php  for more information about how Facebook manages Personal Data or contact Facebook online, or by mail: Facebook, Inc. ATTN, Privacy Operations, 1601 Willow Road, Menlo Park, CA 94025, United States.

LinkedIn Company Page – As the operator of the LinkedIn Company Page https://www.linkedin.com/company/23562479/admin/, We share Your Personal Data with the operator of the social network LinkedIn.

We have entered into agreements with LinkedIn that define the terms for use of the LinkedIn Company Page, among other things. These terms are mostly based on the:

·       Commonly Viewed Agreements, Guidelines, Policies, Terms and Conditions https://www.linkedin.com/help/linkedin/answer/4448/commonly-viewed-agreements-guidelines-policies-terms-and-conditions?lang=en

·       LinkedIn User Agreement: https://www.linkedin.com/legal/user-agreement. 

Please visit the LinkedIn Privacy Policy https://www.linkedin.com/legal/privacy-policy for more information about how LinkedIn manages Personal data or contact LinkedIn online at https://www.linkedin.com/help/linkedin?lang=en, or by mail: LinkedIn Ireland Unlimited Company, 70 Sir John Rogerson’s Quay, Dublin 2, Dublin, D02 R296, Ireland.

Twitter Fan Page – As the operator of the Twitter Fan Page https://twitter.com/fidelior We share Your Personal Data with the operator of the social network Facebook.

We have entered into agreements with Twitter that define the terms for use of the Twitter Fan Page, among other things. These terms are mostly based on the Twitter Terms of Service: https://twitter.com/en/tos. 

Visit the Twitter Privacy Policy https://twitter.com/en/privacy for more information about how Twitter manages Personal Data or contact Twitter online, or by mail: Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103 U.S.A (if you live in the United States); Twitter International Company, 26 Fenian St, Dublin, D02 FX09, Ireland (if you live outside of the United States).

4.6. Cookies

Our Websites and Services use cookies. However, non-strictly necessary cookies are automatically disabled for users in California, the EEA and the UK. You can learn more about Our use of cookies in Our Cookie Policy (https://fidelior.com/cookie-policy/). 

5.      Uses Made of Your Personal Data

We have set out in the table below details of all the ways We plan to use Your Personal Data and which of the legal bases We rely on to do so. We have also identified what Our legitimate interests are where appropriate. Note that We may process Your Personal Data for more than one lawful basis depending on the specific purpose for which We are using Your Personal Data.

Purpose/Activity	Type of data	Lawful basis for processing
To register You as a new customer or user	(a) Identity (b) Contact	Performance of a contract with You
To process and deliver Your order including: (a) Manage payments, fees and charges (b) Collect and recover money owed to Us	(a) Identity (b) Contact (c) Financial (d) Transaction (e) Marketing and Communications	(a) Performance of a contract with You (b) Necessary for Our legitimate interests (to recover debts due to Us)
To manage Our relationship with You which will include: (a) Notifying You about changes to our terms, this Privacy Policy, the Websites or Services (b) Asking You to leave a review or take a survey	(a) Identity (b) Contact (c) Profile (d) Marketing and Communications	(a) Performance of a contract with You (b) Necessary to comply with a legal obligation (c) Necessary for Our legitimate interests (to keep Our records updated and to study how customers and users use Our Services)
To enable You to partake in a prize draw, competition or complete a survey	(a) Identity (b) Contact (c) Profile (d) Usage (e) Marketing and Communications	(a) Performance of a contract with You (b) Necessary for Our legitimate interests (to study how customers or users use Our Services, to develop them and grow Our business)
To administer and protect Our business and Websites (including troubleshooting, monitoring, data analysis, testing, system maintenance, support, updates, reporting and hosting of data)	(a) Identity (b) Contact (c) Technical	(a) Necessary for Our legitimate interests (for running Our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise) (b) Necessary to comply with a legal obligation
To deliver relevant Websites and Services content and advertisements to You and measure or understand the effectiveness of the advertising We serve to You	(a) Identity (b) Contact (c) Profile (d) Usage (e) Marketing and Communications (f) Technical	Necessary for Our legitimate interests (to study how customers and users use Our Services, to develop them, grow Our business and inform Our marketing strategy)
To use data analytics to improve Our Websites and Services, marketing, customer and user relationships and experiences	(a) Technical (b) Usage	Necessary for Our legitimate interests (to define types of customers and users for Our Services, to keep Our Websites updated and relevant, to develop Our business and to inform Our marketing strategy)
To make suggestions and recommendations to You about goods or services that may be of interest to You	(a) Identity (b) Contact (c) Technical (d) Usage (e) Profile (f) Marketing and Communications	Necessary for Our legitimate interests (to develop Our Services and grow our business)

We will not sell or rent Your Personal Data to anyone. We will only use Your Personal Data for the purposes for which We collected it unless We reasonably consider that We need to use it for another reason and that reason is compatible with the original purpose. If You wish to obtain an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact Us (https://fidelior.com/contact-us/).

Please note that We may process Your Personal Data without Your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

3.      Disclosure of Your Personal Data

We may share Your Personal Data with service providers, business partners, suppliers and sub-contractors for the performance of any contract We enter into with them or You to provide services such as IT and system administration services, email communications, hosting services, backup services, credit card processing, research, development, marketing and customer support as set out in more detail below:

• Web hosting (cloud) provider and datacentre – A datacentre is a dedicated space within a building, or a group of buildings used to house computer systems and associated components, such as telecommunications and storage systems. We use a third-party hosting (cloud) providerand datacentre that maintains ISO 27001 certifications, to host Our application and data. We will only use third-party data centres that maintain the aforementioned certifications and/or attestations, or that have other substantially similar or equivalent certifications and/or attestations.

Hetzner – We use Hetzner as Our hosting (cloud) provider and datacentre. See https://www.hetzner.com/legal/privacy-policy for GDPR and cloud provider requirements.

• Email Service Providers – We may use Your Personal Data to contact You with marketing and event-related communications, e.g., newsletters, marketing or promotional materials, invitations to participate in events and surveys, and other information that may be of interest to You, provided that We do so in accordance with Applicable Data Protection Law, including any consent requirements.

For example, when You submit Your contact information to Us or when We collect Your business contact details through Our participation at trade shows or other events, We may use the information to follow up with You regarding an event, send you information that You have requested on Our products and services and, with Your permission, include You on Our marketing information campaigns.

You may opt out of receiving any, or all, of these communications from Us by following the unsubscribe link or instructions provided in any email We send or by contacting Us. We use service providers to send such emails.

Sendinblue – Sendinblue is an email marketing sending service, this holds our audience segmentation and opt-out for marketing related processes. Please see GDPR Policy: https://www.sendinblue.com/gdpr/.

• Payment Service Providers – When You use Our Services to pay for a product and/or service via bank transfer, We may ask You to provide information to facilitate this transaction and to verify Your identity. We will not store or collect Your payment card details. That information is provided directly to Our third-party payment processors whose use of Your personal information is governed by their Privacy Policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information.

Stripe – Their Privacy Policy can be viewed at https://stripe.com/ie/privacy.

• Analytics and search engine Service Providers –  Who assist Us in the improvement and optimisation of the Websites and Services.

Google Analytics – Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of Our Websites and Services. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network.

You can opt out of having made your activity on the Websites and Services available to Google Analytics by installing the Google Analytics opt-out browser add-on. The add-on prevents Google Analytics JavaScript (ga.js, analytics.js and dc.js) from sharing information with Google Analytics about visits activity.

For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy.

Zotero – Zotero is an open-source project committed to providing a research tool. Zotero’s philosophy is that what you put into Zotero is Yours, and one of their founding principles is to make sure You remain in control of Your data and can share it how You like — or choose not to share it at all. Zotero isan independent, non-profit organization and has no financial interest in Your private information.

For more information on the data Zotero collects and privacy practices of Zotero, please visit the Zotero Privacy Policy: https://www.zotero.org/support/privacy.

• Professional Advisors – Who act as service providers to Us about the Websites or Services – including lawyers, bankers, auditors, and insurers who provide consultancy, banking, legal, insurance and accounting services.
• Authorities – Tax authorities, regulators and other authorities who require reporting of processing activities in certain circumstances.
• Advertisers – Advertisers and advertising networks that require the data to select and serve relevant adverts to You and others. We do not disclose Personal Data about identifiable individuals to Our advertisers, but we may provide them with Aggregated Data about Our users. We may also use such Aggregated Data to help advertisers reach the kind of audience they want to target (for example, women living in London). We may make use of the Personal Data we have collected from You to enable Us to comply with Our advertisers’ wishes by displaying their advertisements to that target audience. We partner with third-party advertising networks to either display advertising on Our Websites or manage Our advertising on other sites. When You visit Our Websites, We (and Our service providers) may use Personal Data collected from You and Your device to target advertisements for Our Services to You on Our Websites and other sites You visit (“interest-based advertising”), where allowed by Applicable Data Protection Law, including any consent requirements. Please see Our Cookie Policy (https://fidelior.com/cookie-policy/) for more information. At present, there is no industry standard for recognizing Do Not Track browser signals, so we do not respond to them.

Our ad network partners (which include Google Ads, Microsoft Ads, Facebook, LinkedIn, GetApp, Software Advice, Capterra and G2) use cookies and web beacons to collect non-personally identifiable information about Your activities on our Websites and other websites to provide You targeted advertising based upon Your interests.

If You wish to not have this information used by certain companies to serve you targeted ads, You may opt out by clicking here: http://preferences.truste.com/ (or if located in the European Union, by clicking here: http://www.youronlinechoices.eu/). Please note this does not opt You out of being served advertisements. You will continue to receive generic ads.

• Usage and Performance Service Providers

Invisible reCAPTCHA – We use an invisible captcha service named reCAPTCHA. reCAPTCHA is operated by Google.

The reCAPTCHA service may collect information from You and Your device for security purposes.

The information gathered by reCAPTCHA is held in accordance with the Privacy Policy of Google: https://www.google.com/intl/en/policies/privacy/.

• Credit reference agencies: To assess Your credit score where this is a condition of Us entering into a contract with You.
• For business transfers: We may share or transfer Your Personal Data in connection with, or during negotiations of, any merger, sale of Our assets, financing, or acquisition of all or a portion of Our business to another company.
• With Affiliates: We may share Your Personal Data Our affiliates, in which case We will require those affiliates to honour this Privacy Policy. Affiliates include Our parent company and any other subsidiaries, joint venture partners or other companies that We control or that are under common control with Us.
• With business partners: We may share Your Personal Data with Our business partners to offer You certain products, services or promotions.

Scholarly Horizons (www.scholarlyhorizons.com).

• With other Users: when You share Personal Data or otherwise interact in the public areas with other users, such information may be viewed by all users and may be publicly distributed outside. If You interact with other users or register through a Third-Party Social Media Service, Your contacts on the Third-Party Social Media Service may see Your Contact Data, Identity Data and description of Your activity. Similarly, other users will be able to view descriptions of Your activity, communicate with You and view Your public profile.
• Customer Testimonials: We post customer testimonials and comments on the Websites, which may contain Personal Data, for purposes of marketing Our products and services. If You would like Your testimonial or comments altered or removed from the Websites, please contact Us at https://fidelior.com/contact-us/.
• Public Forums: We offer publicly accessible message boards, blogs, and community forums for You to share Your ideas and enhance the Services and Websites. Please keep in mind that if You directly disclose any information through Our public message boards, blogs, or forums, this information may be collected and used by others. We will correct or delete any Personal Data you have posted on the Websites if You so request in accordance with your rights under Applicable Data Protection Law.
• With Your Consent: We may disclose Your Personal Data for any other purpose with Your consent.

4.      Personal Data Shared with Third Parties

We may share Your Personal Data with the following third parties:

• Corporate Transaction: If We enter into, or intend to enter into, a transaction that alters the structure of Our business, such as a reorganisation, merger, sale, joint venture, assignment, transfer, change of control, or other disposition of all or any portion of Our business, assets or stock, Your Personal Data may be shared with or transferred to third parties in connection with such transaction. Any other entity which buys Us or part of Our business will have the right to continue to use Your Personal Data. We will provide notice before Your Personal Data is transferred and becomes subject to a different Privacy Policy.
• Legal Obligation: If We are under a duty to disclose or share Your Personal Data to comply with any legal obligation, or in order to apply Our terms and conditions, terms of use and/or any other legal agreements; or to protect Our rights, property, safety, Our customers or users or others. This includes exchanging information with other companies and organisations for the purposes of fraud credit risk reduction.
• Aggregated Data: We may share Aggregated Data in the normal course of operating Our business; for example, with other Website or Services users, Our customers or publicly to show trends or benchmark the general use of the Websites and Services.

5.    Data Security

We have put in place appropriate security measures to prevent Your Personal Data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. For example, all information You provide to us is stored on our secure servers. Any credit card information or payment transactions will be encrypted using SSL technology. Where We have given You (or where You have chosen) a password that enables You to access certain parts of the Websites or Services, You are responsible for keeping this password confidential. We ask You not to share any password with anyone. In addition, We limit access to Your Personal Data to those employees, agents, contractors and other third parties who have a business need to know. They will only process Your Personal Data on Our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with Personal Data breaches and will notify You and any applicable regulator of a breach where we are legally required to do so.

Unfortunately, the transmission of information via the Internet is not completely secure. Although We will endeavour to protect Your Personal Data, we cannot guarantee the security of Your Personal Data transmitted to the Websites or the Services. Any transmission is at Your own risk. Once We have received Your Personal Data, We will use strict procedures and security features to try to prevent unauthorised access.

6.      International Transfers of Personal Data

We are a global business. Personal Data may be processed and/or stored in any country where We have operations, our staff are located or where we engage services providers engaged in among other things, the fulfilment of your order, the processing of payment details, the provision of our Services or the provision of support services. This will involve a transfer of Your Personal Data to countries outside of Your country of residence, where data protection rules are different from those of Your country of residence.

When transferring data across borders, We take measures to comply with Applicable Data Protection Laws related to such transfer. Officials (such as law enforcement or security authorities) in those other countries may be entitled to access Your Personal Data. Processing of Your Personal Data will involve a transfer of data to countries outside the European Economic Area (“EEA“), Switzerland or the UK.

We will take all steps reasonably necessary to ensure that Your Personal Data is treated securely and in accordance with this Privacy Policy. In particular, this means that Your Personal Data will only be transferred to a country that provides an adequate level of protection (for example, where the European Commission or the UK Data Commissioner has determined that a country provides an adequate level of protection) or where the recipient is bound by standard contractual clauses according to conditions provided by the European Commission (“Standard Contractual Clauses”).

The Websites and Services are accessible via the internet and may potentially be accessed by anyone around the world. Other users may access the Websites or Services from outside the EEA, Switzerland or the UK. This means that where You chose to post Your Personal Data on the Websites or within the Services, it could be accessed from anywhere around the world and therefore a transfer of Your Personal Data outside of the EEA, Switzerland or the UK may be deemed to have occurred.

7.      Links to Other Websites

The Websites and Services may contain links to other websites that are not operated by Us. If You click on a third-party link, You will be directed to that third party’s site. We strongly advise You to review the privacy policy of every site You visit.

We have no control over and accept no responsibility or liability for the content, privacy policies or practices of any third-party sites or services. Please check these policies before you submit any personal data to these websites

8.      Use of Blogs, Forums and Chat Rooms

Any information that You post to areas of the Websites or Services that are viewable by others (for example, to a blog, forum or chat room) will not be treated as proprietary, private, or confidential. We have no obligation to monitor such posts to the Websites or Services or to exercise any editorial control over such posts; however, We reserve the right to review such posts and to remove any material that, in Our judgment, is not appropriate. Posting, transmitting, promoting, using, distributing or storing content that could subject Us to any legal liability, whether in tort or otherwise, or that is in violation of any applicable law or regulation, or otherwise contrary to commonly accepted community standards, is prohibited, including without limitation information and material protected by copyright, trademark, trade secret, nondisclosure or confidentiality agreements, or other intellectual property rights.

9.      Retention of Your Personal Data

We retain Your Personal Data only for as long as is necessary to fulfil the purposes for which it was collected as set out in this Privacy Policy. We will also retain and use Your Personal Data to the extent necessary to satisfy any legal, regulatory, tax, accounting or reporting requirements. We may retain Your Personal Data for a longer period in the event of a complaint, if We reasonably believe there is a prospect of litigation in respect to Our relationship with You, to comply with law enforcement requests, maintain security, prevent fraud and abuse, resolve disputes, enforce Our legal agreements, or fulfil Your request to “unsubscribe” fromfurther messages from Us.

To determine the appropriate retention period for Personal Data, We consider the amount, nature and sensitivity of the Personal Data, the potential risk of harm from unauthorised use or disclosure of Your Personal Data, the purposes for which We process Your Personal Data and whether We can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements. This will be for as long as We provide access to the Websites or Services to You, Your Account with Us remains open for any period set out in any relevant contract You have with Us. After You have closed your Account or ceased using the Services for at least 24 months, We usually delete Personal Data.

We will retain some anonymised information after Your Account has been closed and We may use this for research or statistical purposes, in which case We may use this information indefinitely without further notice to You.

Please note: After You have closed Your account or deleted information from Your Account, any information You have shared with others will remain visible. We do not control data that other users may have copied from the Websites or Services. Your profile may continue to be displayed in the services of others (e.g. search engine results) until they refresh their cache.

10.  Your Privacy Rights

We take the protection of Personal Data very seriously. As an individual, you have specific rights depending on Your geographic location or residency and are subject to Applicable Data Protection Law in Your location regarding the collection, use, disclosure of Personal Data, and the explicit right to exercise these rights.

For example, these data protection laws provide You with rights in the following jurisdictions:

• The General Data Protection Regulation (EU GDPR), for persons located in an EU Member State;

The UK GDPR, the UK version of the EU GDPR for persons located in the UK;

• The California Consumer Privacy Act (CCPA), a data privacy model for California;
• The General Personal Data Protection Law (Lei Geral de Proteção de Dados Pessoais), Brazil’s version of the GDPR;
• The Protection of Personal Information Act (POPIA), South Africa’s version of the GDPR.
• The Personal Data Protection Act (PDPA), Thailand’s version based on the GDPR.
• The Privacy Act 1988 (as amended) – Australia’s data protection law.
• The Personal Data Protection Bill (PDPB), Indonesia’s version of the GDPR.

13.1.     EU and UK Data Protection Rights

Data Access Requests

You have the right under EU and/or UK data protection law, free of charge, to request:

• Access to Your Personal Data.
• Rectification or deletion of Your Personal Data.
• A restriction on the processing of Your Personal Data.
• Object to the processing of Your Personal Data.
• A transfer of Your Personal Data (data portability) in a structured, machine-readable and commonly used format.
• Withdraw Your consent to Us processing Your Personal Data, at any time.

If You are located in the EU or the UK and wish to exercise any of the above rights, please contact Us as set out at the end of this Privacy Policy. We will respond to such queries within 30 days and deal with requests We receive from You, in accordance with the provisions of EU and/or UK data protection law. Occasionally it could take Us longer if Your request is particularly complex or You have made several requests. In this case, we will notify You and keep you updated.

You will not have to pay a fee to access Your Personal Data (or to exercise any of the other rights). However, We may charge a reasonable fee if Your request is unfounded, repetitive or excessive. Alternatively, We could refuse to comply with Your request in these circumstances.

We may need to request specific information from You to help us confirm Your identity and ensure Your right to access Your Personal Data (or to exercise any of Your other rights). This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We may also contact You to ask You for further information concerning Your request to speed up Our response.

Marketing

• Marketing: We may use your Identity, Contact, Technical, Usage and Profile Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing).
• Promotional Offers from Us: We will send You marketing emails if You “opt in” to receive marketing emails when registering on the Websites or for the Services, or if You have enquired about, or purchased any of Our goods or services from Us and You have not opted out of receiving such marketing.
• Third-Party Marketing: We will get Your express opt-in consent before We share Your Personal Data with any third party for marketing purposes.
• Opt out: Please note that, if You change your mind about being sent marketing emails You can “opt out” at any time by clicking the “unsubscribe” link at the bottom of any marketing email. Once You “opt out”, You will no longer receive any marketing emails from Us. We will continue to communicate with You regarding Your service billing and support via email and where We send push notifications from time to time to update You about any Services or Website updates, events and promotions We may be running. If You no longer wish to receive these communications, please disable these in the settings on Your device.

13.2.     CCPA Data Protection Rights for California Residents

We will not disclose Social Security numbers, driver’s license numbers or other government-issued identification numbers, financial account numbers, any health insurance or medical identification numbers, account passwords, or security questions and answers in any data access request. In that case, We can inform You that We have this information generally, but We may not provide the specific numbers, passwords etc. to You for security and legal reasons. Please note that You may only submit two access requests within a 12-month period.

Lodging a Complaint

If you would like to exercise any of Your rights, please contact us at:

• Email: [email protected].
• Website: https://fidelior.com/contact-us/.

In addition to contacting Us and You are dissatisfied with Our handling of any complaint You raise under this Privacy Policy, You may, where applicable by law, wish to contact Your local data protection supervisory authority of the location of Your habitual residence, place of work or place of the alleged infringement if You consider that the processing of Your Personal Data infringes Applicable Data Protection Law. Hereby, we provide a non-exhaustive list of contacts for some supervisory authorities:

Australia – Office of the Australian Information Commissioner (https://www.oaic.gov.au/).

European Union (EU) – Our lead supervisory authority for all EU complaints is the Data Protection Commission, 21 Fitzwilliam Square South, Dublin 2, D02 RD28, Ireland.

United Kingdom (UK) – The Information Commissioner’s Office at, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, England, (https://ico.org.uk/global/contact-us/email/).

Brazil – The Brazilian Data Protection Authority via https://www.gov.br/anpd/pt-br.

Mexico – The National Institute of Transparency for Access to Information and Personal Data Protection (Instituto Nacional de Transparencia, Acceso a la Información y Protección de Datos Personales) (INAI) via https://home.inai.org.mx/ and the Ministry of Economy (Secretaría de Economía) via https://www.gob.mx/se.

South Africa – Submit Form 1 of the POPIA Regulations to the responsible Information Regulator via https://www.justice.gov.za/inforeg/contact.html.

Thailand – Lodge a complaint relating to Personal Data protection to the expert committee(s).

11.  Children’s Privacy

Our Websites and Services are not intended for and shall not be used by anyone under the age of 16. We do not knowingly collect personally identifiable information from anyone under the age of 16. If You are a parent or guardian and You are aware that Your child has provided Us with Personal Data, please contact Us. If We become aware that We have collected Personal Data from anyone under the age of 16 without verification of parental consent, We will take steps to remove that information from Our servers.

If We need to rely on consent as a legal basis for processing Your information and Your country requires consent from a parent, We may require Your parent’s consent before We collect and use that information.

12.  Changes to this Privacy Policy

Any changes We may make to this Privacy Policy in the future will be posted on this page and, where appropriate, notified to You by email or within the Services. Please check back frequently to see any updates or changes to this Privacy Policy.

This Privacy Policy was last updated on the insert date and this version replaces any other Privacy Policy previously applicable from this date.

13.  Contact Us

If you have any questions about this Privacy Policy, You can contact us:

• By email: [email protected].
• By visiting this page on Our website: https://fidelior.com/contact-us/.