- Introduction; Purpose of this Privacy Policy
- Information we collect
- How we use the information we collect
- How we share the information we collect
- Cookies and other tracking technologies
- Information collected by third parties
- Email opt-out
- Payment processing
- Security
- Children and COPPA compliance
- Business transitions
- California users consumer rights
- Users located outside of the European Union
- EU users’ rights under the GDPR
- Data retention
- Cooperation with law enforcement; fraud protection
- Changes to this Privacy Policy
- Who we are
Introduction; Purpose of this Privacy Policy
Please read the following policy to understand how your personal information will be treated as you make full use of our Website. When we talk about our Website or our Service, we are referring to beyondcompare.com, any corresponding mobile application(s) and any services provided by us through such website and/or application. When we talk about Beyond Compare, “we”, ‘’our’’ or ‘’us’’ in this policy, we are referring to Optima Media, S.L., the company that provides the Website and Service. If you have any questions, concerns or complaints related to this Privacy Policy or our processing of your personal information, please email us here: [email protected]. This email address is monitored on a regular basis and we aim to respond to your query as soon as possible.
The Privacy Policy has three main purposes:
- Explain the way we use information that you share with us in order to give you a great experience with our Website;
- Ensure that you understand what information we collect with your permission, what we do with it and with whom we share it; and
- Explain your rights under applicable law.
All the information we collect is related to providing our Website or Service. By agreeing to our Privacy Policy, you give us the right to collect your information as detailed in this Privacy Policy and use it for the purposes described in this Privacy Policy. IF YOU DON'T AGREE WITH THE TERMS OF THIS PRIVACY POLICY, THEN PLEASE DON'T USE THE WEBSITE OR SERVICE.
2. Information we collect
The information we collect includes personal identifiers, commercial information, electronic network activity and geolocation data, and can be divided into the following broad categories:
- Technical Dataincludes internet protocol (IP) address, device type, device version, browser type and version, browser plug-ins types, time zone setting and location, traffic data, search criteria, weblogs and other communications data, operating system and platform and other technology on the devices you use to access the Website.
- Usage Dataincludes information about how you use our Website or Service, such as the particular pages you interact with, how often you visit, how long you’re on the Website, surveys, the products and/or services you’re looking at and/or purchase.
- Verification Dataincludes proof of identity and proof of address as further detailed in our Subject Access Request Form
- Financial Datamay include details about your payment history and services or products you have purchased from third parties offering products or services through the Website (collectively, “Offerors”).
- Identity Dataincludes name, address, telephone number, email address.
More specifically, we may collect and store the following information relating to you:
2.1 Anonymous data
When you visit our Website, we collect some basic information that does not identify individual users. This includes which pages are visited and any feedback from our visitors. We then aggregate this information with other pieces of information to improve our Website and make your experience on the Website as valuable and efficient as possible. We may also collect and accumulate anonymous data that will help us understand and analyze the online experience of our Website users. For instance, we may accumulate visitor data relating to referring domain names, the type of browsers used, operating system software, screen resolutions, color capabilities, browser plug-ins, language settings, cookie preferences, search engine keywords and JavaScript enablement.
2.2 Direct Interactions
We collect information from you when you voluntarily submit information directly to us or via our Website. This refers to personal data you provide, for example, by corresponding with us via phone, email or live chat. This personal information may include name, age, address, phone and email, as necessary to address your query. We will not share that information in a manner that identifies you as an individual with any other entity unless we have your permission.
2.3 Tracking technologies
We use “cookies” and similar tracking technologies (as described in Section 5 below and in our Cookie Policy) to track your activities on our Website, and may also receive data about you if you visit other websites employing our cookies.
- Automated technologies or interactions
As you interact with our Website, we may automatically collect technical and usage data about your device, browsing actions and patterns. For example, we collect information which may include your IP address, browser type, your location, language preferences, device information and access times. While an IP address does not identify an individual by name, it may, with the cooperation of the ISP, be used to locate and identify an individual. Your IP address can reveal what geographic area you are connecting from, or which ISP you are using. Finally, other websites you visit have IP addresses, and we may collect the IP addresses of those websites and their pages. We also collect IP addresses for system administration and to report aggregate information to any sponsors. We may also receive information from our web logs, which automatically record anything a web server sees, which may include email addresses you enter into a form or pages viewed by a user at a particular IP address. We collect this personal data by using cookies, pixel tags and other similar tracking technologies. The sole purpose of passively collecting your information is to improve your experience when using our Website.
- Information received from our service providers and partners
We may also receive information about you from our service providers and partners, which we use to personalize our Service, to measure ad quality and responses to ads, and to track your purchases from Offerors.
3. How we use the information we collect
We have set out below, in a table format, a description of all the ways we process your personal data, and the legal basis we rely on to do so.
Purpose/Activity |
Type of Data |
Legal Basis |
To allow you to visit the Website |
Technical Data |
Consent |
To manage our relationship with you. For example: general enquiries such as how the Website works, complaints and payment queries |
Any data you choose to share with us or request us to view |
Consent |
To administer and protect the Website (including troubleshooting, fraud prevention, spam prevention, security incident prevention and correction, data analysis, testing, system maintenance, support, reporting and hosting of data), operate the Website (including notifying you of any changes), optimize your user experience, and send you service and support messages such as updates, patches and security alerts |
Financial Data
|
Consent |
To analyze your use of the Website and deliver relevant website content and third-party advertisements, for example by providing customized, personalized, or localized content, recommendations, features, and advertising. |
Usage Data |
Consent |
To enforce this Privacy Policy, our Terms of Use, and any other terms that you have agreed to, including to protect the rights, property, or safety of our users, or any other person, or the copyright-protected content of the Website |
Identity Data a. |
For purposes of legitimate interests |
To maintain and retain records in connection with actual and potential legal claims and regulatory investigations; and for governance & compliance purposes |
Financial Data
|
Necessary for the compliance with a legal obligation to which we are subject |
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason, and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please email us at [email protected]
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
How we share the information we collect
This section describes how the information collected or generated through your use of the Website may be shared by us with third parties. The information we may disclose for a business purpose includes personal identifiers, commercial information, electronic network activity and geolocation data. We do not sell our users’ personally identifiable information.
4.1 Marketing and advertising
We do not provide any personally identifiable information to third-party advertising companies; however, when you click on an Offeror’s link, you consent to our providing your personal information to such Offeror so that they may fulfill your request for products or services.
4.2 Service providers
We may from time to time share your information with third-party service providers to perform functions and process user data and help provide our Website or Service, consistent with this Privacy Policy. For example, we work with analytics providers to help us understand the use of our Website. Where a third-party processes user data on our behalf, it is subject to security and confidentiality obligations consistent with this Privacy Policy and applicable law; we only permit them to process your personal data for specified purposes and in accordance with our instructions. Where a third-party processes user data on its own behalf, its processing is subject to its own Privacy Policy and applicable law.
To provide you with the best experience on our Website, we may use third parties who automatically process your Usage Data on our behalf. Where possible, we will make sure this data is anonymized.
For your information, click here to view some examples of how third parties process your personal data.
5. Cookies and other tracking technologies
A cookie is a small text file that is placed on your computer, mobile phone, or other device when you visit a website. The cookie will help website providers to recognize your device the next time you visit their website. There are other similar technologies such as pixel tags (transparent graphic images placed on a web page or in an email, which indicate that a page or email has been viewed), web bugs (similar to pixel tags), and web storage, which are used in desktop software or mobile devices.
There are also technologies such as mobile device identifiers and SDK integrations to help companies recognize your device when you return to an app or otherwise use a service. Our policy regarding cookies can be found here.
6. Information collected by third parties
Entities that have links on our Website, such as Offerors, may collect personally identifying information about you when you access or utilize those links. We do not control the collection or use of such information, and the practices of those entities are not covered by this Privacy Policy. For instance, if you click on a third-party offer on our Website, you will be taken away to an entirely different site.
Please read these third-parties privacy policies to find out how they collect and process your personal information.
7. Email Opt-out
Users who no longer wish to receive email updates or other notifications may opt out of receiving these communications by following the instructions contained in the applicable email. Please know that such a decision will not stop advertising or content that is generated prior to the time when we can accomplish the removal of your information.
8. Payment Processing
Payment processing is only handled by Offerors. We do not collect or store your payment information.
9. Security
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, altered or disclosed, used or accessed in an unauthorized way. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know it. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. However, the transmission of data via the internet is not completely secure and we cannot guarantee that unauthorized parties will not be able to defeat those measures: unauthorized entry or use, hardware or software failure, and other factors may compromise the security of our user information at any time.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
10. Children and COPPA compliance
Our site is not directed to children under the age of 13 and we do not knowingly collect data relating to anyone under the age of 18. We have designed this privacy policy in order to comply with the Children's Online Privacy Protection Act ("COPPA"). We will never knowingly collect any personal information about children under the age of 13. If we obtain actual knowledge that we have collected personal information about a child under the age of 13, that information will be immediately deleted from our systems. Because we do not collect such information, we have no such information to use or to disclose to third parties. If a parent believes that his or her child has submitted personal information to us, he or she can contact us via e-mail or postal mail as listed below. We will promptly delete the information upon learning that it relates to a child under the age of 13. Please note that it is possible some of this information may remain archived in web logs and back-up archives after we delete the information from our active database.
We believe that parents should supervise their children’s online activities and consider using parental control tools available from online services and software manufacturers that help provide a child-friendly online environment. These tools can also prevent children from otherwise disclosing online their name, address and other personal information without parental permission.
11. Business transitions
In the event we go through a business transition, such as a merger, acquisition by another company, or sale of a portion of our assets, users' personal information will, in most instances, be part of the assets transferred. In such instance, the new owners may use your personal data in the same way as set out in this Privacy Policy.
12. California user consumer rights
California residents may choose to opt out of our disclosure of their personal information to third parties for direct marketing purposes. As detailed above, our policy is not to disclose personal information collected online to a third party for direct marketing purposes without your request or approval. If you choose to opt-out at any time after granting approval, email [email protected]
If you are a California resident, you also have the right to:
- request that we disclose to you the categories of personal information we collected about you, including the categories we disclosed to a third party for a business purpose; the categories of sources from which the personal information is collected; the business or commercial purpose for collecting that information; the categories of third parties with whom we share that information; the actual personal information we collected from you. This enables you to receive a copy of the personal data we hold about you.
- request that we delete any personal information we have collected from you. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons and our need to keep appropriate archives for our business operations.
- not be discriminated against for exercising any of the rights granted to you under the California Consumer Privacy Act of 2018.
If you wish to exercise any of the rights set out above, please email us at i[email protected]. We will respond to you within 45 days of receipt of your request. We may need to request specific information from you to help us confirm your identity. This is a security measure to ensure that your personal data is not disclosed to any person who does not have the right to receive it. We may also contact you to ask you for further information, in relation to your request, to speed up our response.
The California Consumer Privacy Act (CCPA) requires that we report on consumer request metrics annually. As of July 1, 2021, we had not received a single consumer request under the CCPA.
California resident may file grievances and complaints with California Department of Consumer Affairs, 400 R Street, STE1080, Sacramento, CA 95814; or by phone at 916-445-1254 or 800-952-5210; or by email to [email protected]. We would, however, appreciate the chance to deal with your concerns before you approach the DCA, so please email us at i[email protected] in the first instance.
13. Users located outside of the European Union
We make an effort to protect the personal information of all users of our Website. If you are unsure whether this privacy policy is in conflict with the rules applicable where you are located, you should not submit your personal information. Users of our Website located in countries outside of the European Union who submit personal information do thereby consent to the transfer of that information to and/or storage of the information in the European Union.
14. EU users’ rights under the GDPR
If you are located in the European Union, or if the EU’s General Data Protection Regulation (“GDPR”) otherwise applies to your data as processed by us, you have the right to:
14.1 request access to your personal data. This enables you to receive a copy of the personal data we hold about you and our full list of third parties who process your data, and to check that we are lawfully processing it.
- request confirmationas to whether or not your personal data is being processed.
- request the correction of your personal data that you consider to be inaccurate. This enables you to have any incomplete or inaccurate data we hold about you corrected. However, we may need to verify your identity and the accuracy of the new data you provide to us.
- request erasure of your personal data. This enables you to ask us to delete or remove personal data, for example: i) where there is no good reason for us continuing to process it; ii) where you have successfully exercised your right to object to processing (see below); iii) where we may have processed your information unlawfully; iv) where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons and our need to keep appropriate archives for our business operations. These reasons will be notified to you at the time of your request. In addition, as explained in Section 2.3, certain information may always be publicly available to others and other information is made publicly available to others by default.
- object to processing of your personal data. This enables you to object to the processing of your personal data if you feel it impacts on your fundamental rights and freedoms. For example, this can be where we are processing your personal data for direct marketing purposes. In some cases, we may have compelling legitimate grounds to process your information which can override your right to object.
- request restriction of processing of your personal data. This gives you the option to ask us to suspend the processing of your personal data in the following scenarios: i) if you want us to establish the data’s accuracy; ii) where our use of the data is unlawful but you do not want us to erase it; iii) where you need us to hold the data, even if we no longer require it e.g. to establish or defend legal claims; or iv) you have objected to our use of your data but we need to verify whether we have overriding legitimate ground to use it.
- request transfer of your personal data. If you request us to do so, we will provide to you, or a third party of your choice, your personal data in a commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use, or where we have used the information to perform a contract with you.
- withdraw consent to the processing of your data. If you request us to do so, we will no longer process your data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide our Service for you. Also, we will advise you of this at the time you withdraw your consent.
- not have a decision made about you based solely on automated processing.
If you wish to exercise any of the rights set out above or request details about the specific legal basis we are relying on to process your personal data, please email us at i[email protected] using the Subject Access Request Form.
We will respond to you within 30 days of receipt of your request. Occasionally it may take us longer than 30 days if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise your other legal rights). This is a security measure to ensure that your personal data is not disclosed to any person who does not have the right to receive it. We may also contact you to ask you for further information, in relation to your request, to speed up our response.
You will not have to pay a fee to access your personal data (or to exercise any of your other legal rights). However, we may charge a reasonable fee (or refuse to comply) if your request is clearly unfounded, repetitive or excessive.
You have the right to make a complaint at any time to the Agencia Española de Protección de Datos (“AEPD”), the Spanish supervisory authority for data protection issues (www.aepd.es). We would, however, appreciate the chance to deal with your concerns before you approach the AEPD so please email us at i[email protected] in the first instance.
15. Data retention
If you are located in the European Union, or if the GDPR otherwise applies to your data as processed by us, we will only retain your personal data for as long as necessary to fulfil the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or internal reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances we may anonymize your personal data (so that it can no longer be associated with you) for compliance, governance, legal and/or regulatory purposes in which case we may use this information indefinitely without further notice to you.
16. Cooperation with law enforcement; fraud protection
We fully cooperate with law enforcement agencies in identifying those who use our Website or Service for illegal activities. We reserve the right to disclose information about users who we believe are in violation of applicable laws or regulations, or as required to respond to a subpoena, court orders or other legal process requiring such disclosure. We also reserve the right to report to law enforcement agencies any activities that we reasonably believe to be unlawful and to exchange information with other companies and organizations for fraud protection.
17. Changes to this Privacy Policy
Occasionally we may, in our discretion, make changes to this Privacy Policy. When we make material changes to this Privacy Policy, we’ll provide you with prominent notice as appropriate under the circumstances, e.g. by displaying a notice within the Website or by sending you an email. You are responsible for reviewing any changes, as posted on the Website. YOUR CONTINUED USE OF THE WEBSITE AFTER SUCH POSTING OR NOTIFICATION WILL CONSTITUTE YOUR ACCEPTANCE OF THE CHANGES.
Please note that if you opt out of receiving notices from us, change notices will still govern your use of the Website, and you are responsible for reviewing such legal notices for changes, as posted on the Website.
18. Who we are
For the purposes of the GDPR, Optima Media, S.L., located at Av. de Josep Tarradellas 38 - 08029 Barcelona, Spain, is the Data Controller and is responsible for your personal data. This means that we determine the purposes and ways of the processing of your personal data.
When you provide personal information directly to an Offeror, the Offeror is the Data Controller, and if Optima Media, S.L. handles such data on behalf of the Offeror, it does so as Data Processor under the GDPR.
Last update: June 2020
Thank you for visiting our website!
The website www.beyondcompare.com (the “Website”) is operated by Optima Media, S.L. (“us”, “we”, “Optima”). This Privacy Policy applies:
- To your use of the Website;
- To the communications we may exchange together, such as through e-mails;
- To our commercial services which consists of indexing offers from commercial partners.
(together, the “Services”)
This Privacy Policy also refers to cookies but we encourage you to consult our Cookie Policy to learn more about how we use cookies.
This Privacy Policy does not apply:
- To the services performed by the organizations which we compare through this Website, including their websites, goods and services;
- To any links towards third-party services, websites or applications.
We encourage you to review the privacy practices of these third parties prior to use their respective websites or purchase their goods or services.
If you have any questions, concerns or inquiries about how we process your personal data or this Privacy Policy, or for the exercise of your rights, you can reach us to us at:
Attention: Data Protection Officer
E-mail: [email protected]
Mailbox: Optima Media S.L, Av. de Josep Tarradellas 38 - 08029 Barcelona, Spain
- What is the purpose of this Privacy Policy?
- What personal data do we collect about you?
- For which purposes do we process your personal data?
- Do we disclose your personal data to third parties?
- How long do we retain your personal data?
- Where do we store your personal data?
- Do we use cookies and other tracking technologies?
- How do we protect your personal data?
- Do we process personal data of children?
- I live in California, do I have rights over my personal data?
- I live in the European Union, do I have rights over my personal data?
- I live in Canada, do I have rights over my personal data?
- Can we modify this Privacy Policy?
- What roles and responsibilities do we have under European laws?
What is the purpose of this Privacy Policy?
This Privacy Policy aims at:
- Providing you with more information about how we process your personal data, including why we are collecting it, with whom we are sharing it and how long we will keep them.
- Providing you with more information about your rights, and how to exercise them.
In this Privacy Policy, we refer to the term “personal data” to imply any data that can directly or indirectly identify you. We retain this definition to be as transparent as possible, however, some of the data that we described in this Privacy Policy may not be considered personal data under the laws that apply to our collection, use or disclosure of your personal data, and you may not be able to enforce your rights under the law or this Privacy Policy if the relevant data are not protected by the legislation applicable to you. We are located in the European Union, and we are required to comply with the General Data Protection Regulation when providing our services to you. For this reason, this Privacy Policy contains references to the European legislations. However, we intend to provide the Services exclusively in the United States and Canada. This means that the offers from our commercial partners are intended to be purchased and available in the United States and Canada, not in the European Union.
What personal data do we collect about you?
The personal data that we collect can be divided in the following categories:
- Electronic Data include personal data that are collected automatically by the Services, such data relating to referring domain names, the type of browsers that you are using, your operating system software, screen resolution, color capabilities, browser plug-ins, language settings, cookie preferences, search engine keywords and JavaScript enablement. These are automatically collected by our Services from your use of our Services or transmitted to us through cookies when you are using third-party services. Electronic Data are generally found in web logs, which automatically record anything that a web server sees, including IP addresses.
For example, our Services automatically collect your IP address. While an IP address does not identify an individual by name, it may, with the cooperation of your Internet Service Provider, be used to locate and identify an individual. Your IP address can reveal what geographic area you are connecting from, or which Internet Service Provider you are using. - Analytic Data include data about how you use our Services, such as the particular pages you interact with, how often you visit, how long you are on the Website, and the offers from our commercial partners that are popular. For instance, we can see whether our users have purchased any goods or services from our commercial partners. However, Analytic Data are traffic data that do not allow us to identify you individually. We do not know what you bought from our commercial partners or at what prices, for instance. We can see traffic and trends through token IDs or IP addresses, in some cases. Analytic Data are generally obtained through the use of cookies. Please refer to our Cookie Policy for more information about our use of cookies.
- Verification Data include identification data and governmental ID, which we may be required to collect to validate your identity if you exercise your rights regarding your personal data;
- Communication Data refer to the personal data that you provide when you interact with us through e-mails, phones or otherwise and may include your e‑mail, name, and any data you share with us.
We collect such personal data either through direct interactions or as a result of your use of the Services.
For which purposes do we process your personal data?
Below is a table which describes our purposes for processing your Personal Data, the concerned type of data, and the legal basis for processing.
The legal basis indicated hereunder are based on the requirements in the European Union for lawful processing of personal data. These legal basis may not be available or valid in your jurisdiction. If you have questions on the legal basis applicable in your jurisdiction, please reach out to us.
Purpose |
Type of Data |
Legal Basis |
To provide you with the Services, including to administer and secure the Services (e.g. bug fixes, troubleshooting, etc.) or to obtain payment from our commercial partners for our Services. |
Electronic Data |
Legitimate Interests |
To respond to your inquiries. |
Communication Data |
Legitimate Interests |
To analyze the performance of our Services, such as understanding the pages that are popular. |
Electronic Data |
Legitimate Interests |
To enforce our rights and obligations, and protect our liabilities, including by enforcing our Terms of Use. |
Communication Data As well as any other data needed for this purpose. |
Legitimate Interests |
If we are required under applicable laws or pursuant to a valid court order. |
Any data needed for this purpose. |
Compliance with a legal obligation |
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
We may also process your personal data if required in the context of a business transaction, based on our legitimate interests.
Do we disclose your personal data to third parties?
We do not sell your personal data to third parties such as data brokers. We share your personal data with the categories of recipients indicated in the table below and for the reasons indicated in the table below:
Category of Recipient |
Purpose |
Type of Personal data |
IT Service Providers, such as our hosting company. |
We share your personal data with IT Service Providers to provide you with the Services and related functionalities. |
All types of data |
Commercial Partners |
We share your personal data with our partners that offer services and products through our website. |
Electronic Data |
Analytic Partners |
We use analytic and marketing partners, such as cookies, to understand the pages, advertising, products and services that are popular. We also use cookies to track you through our partners’ Website and understand your behavior. |
Electronic Data |
Law Enforcement |
If we receive a valid and licit request from law enforcement, we may be required by law to disclose your personal data. We also reserve our right to disclose your personal data if you are in breach of applicable law, such as if you are involved in any activities that we reasonably believe to be unlawful through our Services. |
Depending on the requests |
To Affiliates |
We may disclose your personal data to our affiliates for internal purposes and for the conduct of our commercial activities. |
Analytic Data |
Prior to disclosing your personal data to third parties, we take reasonable measures to ensure that these third parties process your personal data in a manner that is appropriate for the sensitivity of the personal data. We also enter into agreements with such third parties in accordance with applicable laws when such third parties are our service providers. Some of these third parties are not our service providers, and we encourage you to verify their privacy policies. For instance, the goods and services advertised on our Website are provided by third parties. Once you are transferred to their Website, you are subject to their respective privacy practices.
In the event we go through a business transition, such as a merger, acquisition by another company or sale of a portion of our assets, users’ personal data will, in most instances, be part of the assets transferred. In such instance, the new owners may use your personal data in the same way as set out in this Privacy Policy.
How long do we retain your personal data?
We only retain your personal data for as long as necessary to fulfil the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or internal reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances, we may anonymize your personal data (so that it can no longer be associated with you) for compliance, governance, legal and/or regulatory purposes, in which case we may use this information indefinitely without further notice to you.
Where do we store your personal data?
Your personal data may be processed in any country where we have facilities or in which our service providers are located. Our Services are hosted on Amazon Web Services in the European Union. This means that different data protection rules and different data protection supervisory authority may have authority over your personal data, which are different than those of your country of residence. However, such use or processing of your personal data remain governed by this Privacy Policy. Your rights on your personal data continues to apply even if your personal data are processed outside of your country of residence. Your personal data are also protected by our own obligation to comply with the local laws of the country where we process, use or transfer your personal data.
Do we use cookies and other tracking technologies?
Yes, we do! A cookie is a small text file that is placed on your computer, mobile phone or other device when you visit a website. The cookie will help website providers to recognize your device the next time you visit their website. There are other similar technologies such as pixel tags (transparent graphic images placed on a web page or in an e-mail, which indicate that a page or e-mail has been viewed), web bugs (similar to pixel tags) and web storage, which are used in desktop software or mobile devices.
Our Cookie Policy can be found here.
How do we protect your personal data?
We strive to implement appropriate security measures to prevent your personal data from being accidentally lost, altered or disclosed, copied, modified, used or accessed in an unauthorized way. We have put in place procedures to deal with any suspected personal data breach.
Despite these security measures, the transmission of data via the Internet is not completely secure and we cannot guarantee that unauthorized parties will not be able to defeat those measures: unauthorized entry or use, hardware or software failure, and other factors may compromise the security of our user information at any time. If you have reason to believe that the security of any information that you provided to us has been compromised or that your interaction with us is no longer secure, please contact us immediately at [email protected].
Do we process personal data of children?
Our Services is not directed to minors under the age of 18 and we do not knowingly collect data relating to anyone under the age of 18, including any personal data which would be subject to the Children’s Online Privacy Protection Act (“COPPA”).
We will never knowingly collect any personal data about children under the age of 13. If we obtain actual knowledge that we have collected personal data about a child under the age of 13, that personal data will be immediately deleted from our systems. Because we do not collect such personal data, we have no such personal data to use or to disclose to third parties. If a parent believes that his or her child has submitted personal data to us, he or she can contact us via e-mail or postal mail as listed below. We will promptly delete the data upon learning that it relates to a child under the age of 13. Please note that it is possible some of this personal data may remain archived in web logs and back-up archives after we delete the personal data from our active database.
We believe that parents should supervise their children’s online activities and consider using parental control tools available from online services and software manufacturers that help provide a child-friendly online environment. These tools can also prevent children from otherwise disclosing online their name, address and other personal data without parental permission.
I live in California, do I have any rights over my personal data?
California residents may choose to opt out of our disclosure of their personal data to third parties for direct marketing purposes. As detailed above, our policy is not to disclose personal data collected online to a third party for direct marketing purposes without your request or approval. If you choose to opt out at any time after granting approval, e-mail [email protected].
If you are a California resident, you also have the right to:
- Request that we disclose to you the categories of personal data we collected about you, including the categories we disclosed to a third party for a business purpose; the categories of sources from which the personal data is collected; the business or commercial purpose for collecting that information; the categories of third parties with whom we share that information; and the actual personal data we collected from you. This enables you to receive a copy of the personal data we hold about you.
- Request that we delete any personal data we have collected from you. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons and our need to keep appropriate archives for our business operations.
- Not be discriminated against for exercising any of the rights granted to you under the California Consumer Privacy Act of 2018.
If you wish to exercise any of the rights set out above, please email us at i[email protected]. We will respond to you within 45 days of receipt of your request. We may need to request specific information from you to help us confirm your identity. This is a security measure to ensure that your personal data is not disclosed to any person who does not have the right to receive it. We may also contact you to ask you for further information, in relation to your request, to speed up our response.
California residents may file grievances and complaints with California Department of Consumer Affairs, 400 R Street, STE1080, Sacramento, CA 95814; or by phone at 916-445-1254 or 800-952-5210; or by e-mail to [email protected]. We would, however, appreciate the chance to deal with your concerns before you approach the DCA, so please email us at i[email protected] in the first instance.
I live in the European Union, do I have any rights over my personal data?
If you are located in the European Union, or if the EU’s General Data Protection Regulation (“GDPR”) otherwise applies to your data as processed by us, you have the right to:
- Request access. to your personal data. This enables you to receive a copy of the personal data we hold about you and our full list of third parties who process your data, and to check that we are lawfully processing it.
- Request as to whether or not your personal data is being processed.
- Request the correction. of your personal data that are inaccurate, incomplete, or ambiguous. However, we may need to verify your identity and the accuracy of the new data you provide to us.
- Request erasure of your personal data. This enables you to ask us to delete or remove personal data, for example: (i) where there is no good reason for us continuing to process it; (ii) where you have successfully exercised your right to object to processing (see below); (iii) where we may have processed your information unlawfully; (iv) where we are required to erase your personal data to comply with local law. Note, however, that we may refuse your request for erasure where we need to keep your personal data to comply with the law and our need to keep appropriate archives for our business operations. These reasons will be notified to you at the time of your request. In addition, certain information may always be publicly available to others and other information is made publicly available to others by default.
- Object to processing of your personal data. This enables you to object to the processing of your personal data if you feel it impacts on your fundamental rights and freedoms or based on a legitimate interest. For example, this can be where we are processing your personal data for direct marketing purposes. In some cases, we may have compelled legitimate grounds to process your information which can override your right to object.
- Request restriction of processing of your personal data. This gives you the option to ask us to suspend the processing of your personal data in the following scenarios: (i) if you want us to establish the data’s accuracy; (ii) where our use of the data is unlawful but you do not want us to erase it; (iii) where you need us to hold the data, even if we no longer require it e.g. to establish or defend legal claims; or (iv) you have objected to our use of your data but we need to verify whether we have overriding legitimate ground to use it.
- Request transfer of your personal data. If you request us to do so, we will provide to you, or a third party of your choice, your personal data in a commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use, or where we have used the information to perform a contract with you.
- Withdraw consent to the processing of your data. If you request us to do so, we will no longer process your data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide our Services for you. Also, we will advise you of this at the time you withdraw your consent.
- Not have a decision made about you based solely on automated processing. You have the right to contest any automated decision made where this has a legal or similar significant effect and ask for it to be reconsidered.
If you wish to exercise any of the rights set out above or request details about the specific legal basis, we are relying on to process your personal data, please email us at i[email protected] using the Individual Rights Request Form.
We will respond to you within 30 days of receipt of your request. Occasionally it may take us longer than 30 days if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise your other legal rights). This is a security measure to ensure that your personal data is not disclosed to any person who does not have the right to receive it. We may also contact you to ask you for further information, in relation to your request, to speed up our response.
You will not have to pay a fee to access your personal data (or to exercise any of your other legal rights). However, we may charge a reasonable fee (or refuse to comply) if your request is clearly unfounded, repetitive or excessive.
You have the right to make a complaint at any time to a data protection supervisory authority, in the country where you reside, where we are based, or where an alleged violation has taken place. We would, however, appreciate the chance to deal with your concerns before you approach any data protection supervisory authority so please email us at i[email protected] as soon as you believe that a violation has taken place.
I live in Canada, do I have any rights over my personal data?
You generally have the right to access your personal information and to correct your personal information if inaccurate, in certain circumstances.
If you want to exercise your rights, you can contact us at i[email protected]. You can also reach out to us by mail at the following address:
Optima Media - Attention: Privacy Officer
Av. de Josep Tarradellas 38 - 08029 Barcelona, Spain
We will respond to your request within 30 days. If we can’t comply with your request, we will tell you why.
If you are located in Canada, note that the Office of the Privacy Commissioner of Canada drafted this FAQ to help you access your personal information when it is held by a business. You can also contact the Office of the Privacy Commissioner of Canada’s Information Center:
Telephone
9:00 am to 4:00 pm EST
Toll-free: 1-800-282-1376
Mailing address
Office of the Privacy Commissioner
30 Victoria Street
Gatineau, Québec
K1A 1H3
You can also use this online form.
If you have any issue with how we collect, use or disclose your personal information, or how we responded to your request, please let us know at i[email protected]. We will do our best to improve our processes to make certain that it does not happen again. We will also provide you with additional information about our practices if you would like us to do so.
If you are still not satisfied, you can lodge a complaint to the Office of the Privacy Commissioner of Canada using this online form, or to your local privacy regulators.
Can we modify this Privacy Policy?
Occasionally we may, in our discretion, make changes to this Privacy Policy. Please refer to the latest update date above, and make sure you review this Privacy Policy frequently. When we make material changes to this Privacy Policy, we will provide you with prominent notice as appropriate under the circumstances, e.g. by displaying a notice within the Website.
What roles and responsibilities do we have under European laws?
For the purposes of the GDPR, Optima Media, S.L., located at Av. de Josep Tarradellas 38 - 08029 Barcelona, Spain, is the Data Controller and is responsible for your personal data. This means that we determine the purposes and ways of the processing of your personal data.
When you provide personal data directly to one of our commercial partners, this commercial partner is the Data Controller, and if Optima Media, S.L. handles such data on behalf of the commercial partner, it does so as Data Processor under the GDPR. In certain circumstances, we and our commercial partners may be Joint Controllers.