1. Scope of this Policy
2. What are the key notions of this Policy?
In this Policy the following terms are used consistently and shall have the following meaning.
- "You" (including "Your") or "User" means any person who has access to the application and who has created an account.
- "Blinds 2go" (including "we" or "us") means Blinds 2 Go Ltd, company registration number 03954180, with registered offices at 1 Woodborough Road, Nottingham, NG1 3FG, UK.
- "Controller" shall have the meaning under the GDPR, i.e. "the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law".
- "Processor" shall have the meaning under the GDPR, i.e. "a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller".
- "Subprocessors" means a processor engaged by the Processor to carry out certain processing activities on behalf of the Controller.
- "Third Party" shall have the meaning under the GDPR, i.e. "a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data".
- "Supervisory Authority" shall have the meaning under the GDPR, i.e. "an independent public authority which is established by a Member State pursuant to Article 51" of the GDPR.
- "Personal Data" shall have the meaning under the GDPR, i.e. "any information relating to an identified or identifiable natural person ("data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person".
- "Identification data" : name, email address, country and portal code.
- Electronic identification data: IP addresses.
- (geo-) Location data: the chosen country and postal code as well as the GPS coordinates, latitude, longitude, or similar information regarding the location, collected through the use of the application from the users Mobile Device.
- Non-personal data is information that does not qualify as Personal Data, including non-private and/or aggregated information that does not identify a User, or more generally a data subject (including without limitation anonymous usage data and platform types).
- "application" means the Tuiss SmartView application offered by Blinds 2go that allows users to control and schedule their window treatments.
- "GDPR" means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
- "Processing" shall have the meaning under the GDPR (i.e. "any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction").
- "Standard Contractual Clauses" means sets of standard contractual clauses for transfers as adopted by the European Commission for the international transfer of personal data.
- "Mobile Device" includes without limitation mobile telephones, iPhones, tablets, iPad, Android, and any similar technology or item.
- "UK" means the United Kingdom.
- "EEA" means the European Economic Area.
- "SSL" refers to the industry standard Secure Sockets Layer technology.
3. Who processes what Personal Data about You?
Through the application, Blinds 2go processes Your Personal Data for its own purposes, where it determines itself the purposes and means of such processing. The legal basis for the processing is consent obtained during the subscription process (or, in the case of Anonymzed Application Analytic Data, consent obtained during the on-boarding process). The Personal Data processed, and the source and purpose for which it is processed, includes:
- "Identification data" to send direct marketing communications, sourced from the User through the registration form, only with consent obtained during the subscription process.
- "Identification data" to manage the accounts, sourced from the User through the registration form.
- "Electronic Identification data" to operate the application, sourced directly from the User through the use of the application.
- "(geo-)Location data (time zone)" for Time Keeping and to schedule Scenes to operate, sourced directly from the User through the use of the application.
- "Anonymized Application Analytic Data" to help improve the application usability, sourced directly from the User through the use of the application, only with consent obtained during the on-boarding process.
It is important for you to understand that in order for Blinds 2go to achieve one or more of its purposes and to operate its business, it relies on one or more third party service providers, acting as a (Sub-)processor and processing Your Personal Data on our behalf, under the instructions and authority of Blinds 2go. We, however, require that the (Sub-)Processors enter into a Data Processing Agreement with us and agree to not disclose personal data or use it other than as necessary to perform their services to Blinds 2go.
"Monstarlab" processes analytic data if the user opts into application analytics. This data may include:
- Device Type
- Device Operating System
- (geo-)Location data
- Application Analytic and Usage Data
4. How is Your Personal Data shared with Third Parties?
Blinds 2go will only share or disclose information with Your consent and solely as described in this Policy.
In the event Blinds 2go shares Your Personal Data in accordance with this Policy, Blinds 2go is not responsible for any Third Party's use or disclosure of Your Personal Data.
5. On what basis is Your Personal Data processed?
Your Personal Data is processed by Blinds 2go in the context of the application on the basis of Your consent given in the framework of Your subscription to or use of the application, as detailed in this Policy.
Please note that You are not in any way obligated to provide any information to Blinds 2go. Also, You have the right to withdraw Your consent at any time You choose and on Your own initiative. You however understand that in such cases, certain features of the application may be limited or otherwise impacted.
6. Is Your Personal Data used for direct marketing communications?
If, at one point where you give us personal data, a box is checked indicating that you would like to receive information about special offers and promotions, then Blinds 2go will also use such personal data to send you information that we believe might be of interest to you.
Because we care about your privacy, we will not give your personal data to other marketers or retailers for them to use to contact you about offers or promotions of their own unless a box is checked indicating that we may do so at the point where you give us such personal data.
If You no longer want to receive email marketing from Blinds 2go, please let us know by sending an email or unsubscribe from our marketing emails by clicking on the unsubscribe link in the emails sent to you.
7. How long is Your Personal Data stored?
Your Personal Data will be stored for the duration of Your use of the application and then put beyond use 5 years after your last use of the application if you did not close your account; or 1 year after closing Your account.
8. Is Your Personal Data transferred outside the UK?
In the context of the provision of the application and for the purposes described in this policy, Your Personal Data may be transferred outside the UK to the EEA. When such a transfer happens, we ensure that it takes place in accordance with this Policy and that the necessary safeguards are put in place such as in particular ensuring that the transfer is regulated by Standard Contractual Clauses approved by the European Commission as ensuring an adequate protection for Users; or ensuring that the transfer to the EEA is done to an organisation that complies with the Data Protection Act 2018.
9. What are Your rights?
Once You have provided Your Personal Data, several rights are recognized under the GDPR, which You can in principle exercise free of charge, subject to statutory exceptions. In particular, You have the following rights:
- Right to withdraw consent. You have the right to withdraw Your consent at any time You choose and on Your own initiative. You can do so by deleting your account via an email to firstname.lastname@example.org, setting out the request delete your account. The withdrawal of Your consent will not affect the lawfulness of the collection and processing of Your data based on Your consent up until the moment where You withdraw Your consent.
- Right to access, review, and rectify Your data. If You wish to review or rectify any information like Your name, email address, passwords and/or any other preferences, You can easily do so by changing Your settings under the 'My Account' section in the application.
- Right to erasure. You have the right to erasure of all the Personal Data processed by Blinds 2go in case Blinds 2go no longer needs it for the purposes for which the Personal Data was initially collected or processed, in accordance with the GDPR.
- Right to restriction of processing. Under certain circumstances described in the GDPR, You may ask for a restriction of processing of Your Personal Data, such as when You have contested the accuracy of the Personal Data, for the period we need to verify the accuracy of this data.
- Right to data portability. You have the right to receive the Personal Data processed in a format which is structured, commonly used and machine-readable and to transmit this data to another service provider.
- Right to object to processing. Where Your Personal Data is processed for direct marketing purposes, You may object to such processing.
- Right to lodge a complaint with a Supervisory Authority. We are always available for any questions or complaints You may have. However, if You were to have any trouble with the way Your Personal Data is being handled in the context of the application, You may contact the Supervisory Authority to lodge a complaint.
10. To what extent is Non-Personal Data used by Blinds 2go?
It is important for you to understand that this Policy does not apply to our use or disclosure of Your non-personal data. By using our application, You understand and agree that we may compile and freely use and disclose non-personally identifiable information.
Examples of how we use and disclose non-personal data include among others measuring and analysing application usage, system administration, improving our application and providing it to third party consultants, clients, advertisers, vendors and researchers.
11. What security measures are put in place by Blinds 2go?
Blinds 2go implements, and undertakes that its (Sub-)Processors implement, appropriate technical and organisational measures to ensure an appropriate level of security of Your Personal Data, including but without limitation:
- Socket Layer Technology ("SSL"). SSL is used to protect the security of Your information. SSL encryption is a method by which information is encrypted while being transmitted over the internet.
- Passwords are stored in a non-reversible encrypted format.
- In the event personal information is compromised as a result of a security breach and where the breach is likely to result in a high risk to the rights and freedoms, we will promptly notify those Users as required under the GDPR.
12. Does a disclaimer of warranties apply?
Unfortunately, no data transmission over the Internet can be guaranteed to be 100% secure.
To the largest extent permitted under applicable law, the application is provided "AS IS". As a result, while we are committed to protecting your personal data, we make no warranty, express or implied, concerning the security or integrity of any User data. All implied warranties, including without limitation the implied warranties of merchant-ability or fitness for a particular purpose, are hereby disclaimed to the largest extent permitted under applicable law.
13. What rules apply to children?
The application is not intended for use by anyone under the age of eighteen. Blinds 2go does not knowingly collect or solicit Personal Data from anyone under the age of eighteen years or knowingly allow such persons to register for the application. In the event Blinds 2go learns that it has collected Personal Data from a child under the age of eighteen years without verification of parental consent, steps will be undertaken promptly to remove that information. If You believe that we have or may have information from or about a child under eighteen years of age, please contact Blinds 2go at email@example.com.
Our site contains links to other sites, including, among others, those of some of our customers. Those other sites may have privacy policies that may be different from ours. Visitors using such links should consult the privacy notices associated with those links. Our policies do not extend to anything that is inherent in the operation of the Internet, and therefore beyond our control. We take no responsibility for information collected by third parties.
15. What happens if we make modifications to this Policy?
16. How can You contact Blinds 2go?