Privacy Policy

SPINOMENAL PRIVACY POLICY

In order to ensure transparency and give you more control over your personal data, this privacy policy (“Privacy Policy”) governs how we, Panda Bluemoon Ltd. and its affiliates and subsidiaries (collectively, “Spinomenal” “we”, “our” or “us”) use, collect and store Personal Data (as defined below) we collect or receive from or about you (“you”) such as in the following use cases:

 

  1. When you browse or visit our website, https://spinomenal.com(“Site”)
  2. When you contact us;
  3. When you submit your resume for one of the positions offered on our Site;
  4. When you subscribe to our email list / newsletters / blog;
  5. When you attend marketing events and provide us with Personal Data and/or exchange business cards with us; and
  6. When we use the Personal Data of our service providers and suppliers;
  7. When we collect all categories of personal data to comply with a legal obligation to store records of data processing activities; and
  8. When you interact with us on our social media profiles (e.g., LinkedIn).

 

We greatly respect your privacy, which is why we make every effort to provide you with meaningful information concerning our processing of your Personal Data and about our data protection practices in general. Please read this Privacy Policy carefully, so you can fully understand our practices in relation to personal data. “Personal Data” or “Personal Information” means information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with you. Please note that this is a master privacy policy and some of its provisions only apply to individuals in certain jurisdictions. For example, the legal basis in the table below is only relevant for GDPR-protected individuals.

 

Table of contents:

  1. What Information we Collect, WHY we Collect it, and How it is Used
  2. Grounds of processing
  3. Period of Storage of Collected Personal Data
  4. How we Protect your Personal Data
  5. How we Share your Personal Data
  6. Additional Information Regarding Transfers of Personal Data
  7. Your Privacy Rights; How to Delete your Account
  8. Data Protection Authority
  9. Data Protection Officer
  10. Use by Children
  11. Analytic Tools
  12. Specific Provisions Applicable Under California Privacy Law
  13. Changes to the Privacy Policy
  14. Contact us

 

This Privacy Policy can be updated from time to time and, therefore, we ask you to check back periodically for the latest version of this Privacy Policy. If we implement significant changes to the use of your Personal Data in a manner different from that stated at the time of collection, we will notify you by posting a notice on our Site or by other means.

Important note: Nothing in this Privacy Policy is intended to limit in any way your statutory right, including your rights to a remedy or means of enforcement

 

 

 

 

 

 

 

 

  1. WHAT INFORMATION WE COLLECT, WHY WE COLLECT IT, AND HOW IT IS USED 

 

Specific Personal Data We Collect Why is the Personal Data collected and for what purposes? Legal basis (If applicable)  

Consequences of not providing us with the Personal Data

 

When you make use of our Site
·         Cookies, analytic tools, and log files

·         For additional information about our cookie policy, please see here.

·         For the Website to function properly, or for debugging purposes.

·         to  analyze and improve your use of the Website.

 

 

·         Legitimate interests

 

 

 

 

 

·         Cannot collect and store the information.

·         Certain Website features may not be available.

·         We cannot customize your experience on the Site.

 

For marketing purposes

 

·         Consent

 

·         We cannot make available information about any new features, products or services.
When you contact us
·       First name

·       Last name

·       Email

·       Any other information you choose to share with us.

 

·         To process and answer questions.

·         To provide support (e.g., to solve problems, bugs, or other support issues).

·         Necessary to perform a contract or take steps, at your request, to enter into a contract.

 

·         Our legitimate interests (e.g., to respond to your query).

 

·         Cannot process and answer questions.

·         Cannot provide support (e.g., to solve problems, bugs or other support issues).

 

 

·         Cannot enable marketing and sales communications with you.

 

When you submit your resume for one of the positions offered on our Site
·         First name

·         Last name

·         Email

·         Phone number

·         Resume

·       LinkedIn profile

When you choose to upload your resume, or link your LinkedIn profile, so we can get in touch with you with, regarding job offers that we find you suitable. ·         Necessary to perform a contract or take steps to enter into a contract with you.

·         Our legitimate interests (e.g., to evaluate your resume).

 

 

·         We will not be able to contact you in relation to your application.
When you subscribe to our email list / newsletters / blog
·         Full name

·         Email address

 

·         To add you to our mailing list

·         To send newsletters or other relevant communications.

·         Our Legitimate interest (e.g., to send you B2B marketing communications)

·

·         Cannot add you to our mailing list.

·         Cannot send you newsletters or other relevant communications.

When you attend marketing events and provide us with Personal Data and/or exchange business cards with us
·         Full name

·         Email address

·         Phone number

·         Corporate position

·         Any other information that you decide to provide/supply us

·         To establish a business connection

·         To send marketing communications

 

·         Our  legitimate interests (e.g., to send you B2B marketing communications)

·         Consent

 

·         Cannot establish a business connection.

·         Cannot send you marketing communications.

When we use the Personal Data of our service providers and suppliers
·         Full name

·         Company name

·         Email address

·         Phone number

·         Any other data you decide to provide/supply.

 

·         To contact our service providers and partners

 

 

·         Performing the obligations included in our agreement with our service providers and partners.

 

·         Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.

 

·         Legitimate interest (e.g., sending contract-related communications).

 

 

·         Cannot communicate with you.

 

·         Cannot perform the agreement/

 

When we use the Personal Data of our customers and prospects (e.g., contact details)
·         Full name

·         Company name

·         Email address

·         Phone number

·         Any other data you decide to provide/supply.

 

·         Providing our products and services.

 

·         Performing our obligations in the customer agreement (e.g., support services).

 

·         Processing is necessary for the performance of a contract to which our customer is a party.

 

·         Compliance with a legal obligation (e.g. tax laws, bookkeeping laws, etc.).

 

·         Legitimate interest (e.g., sending you contract-related communications).

 

·         Cannot provide the services.

 

·         Cannot perform the agreement.

 

When you interact with us on our social media profiles (e.g., LinkedIn)
●        Full name

●        Email address

●        Social media handle

●        Any other data you decide to provide/supply.

 

·         To reply and/or respond to your request or question.

 

·         To establish a first business connection/discussion.

·         Legitimate interest (e.g., send you more information about Illusive). ·         Cannot reply or respond to your request or question.

 

·         Cannot establish a business connection.

 

 

 

Finally, please note that some of the abovementioned Personal Data can be used for detecting, taking steps to prevent, and prosecution of fraud or other illegal activity, to identify and repair errors, to conduct audits, and for security purposes. Our legal basis in these cases is for compliance with a legal obligation (e.g., fraud detection, security and/or debug). Personal Data may also be used to comply with applicable laws, with investigations performed by the relevant authorities, law enforcement purposes, and/or to exercise or defend legal claims. In certain cases, we may or will anonymize or de-identify your Personal Data.

  1. PERIOD OF STORAGE OF COLLECTED PERSONAL DATA 
    • Personal Data. Your Personal Data will be stored until we: (i) no longer need the information and proactively delete it; or (ii) you send a valid deletion request. Please note that we may retain it for a longer or shorter period in accordance with data retention laws.

 

  • Retention of your Personal Data. In addition to the retention periods mentioned in this section, in some circumstances, we may store your Personal Data for longer periods of time, for example (i) where we are required to do so in accordance with legal, regulatory, tax, or accounting requirements, or (ii) for us to have an accurate record of your dealings with us in the event of any complaints or challenges, or (iii) if we reasonably believe there is a prospect of litigation relating to your Personal Data or dealings.

 

  • Cookies. We store identifiers and usage data for the period specified in our Cookie Policy.

 

  1. HOW WE PROTECT YOUR PERSONAL DATA 

We have implemented appropriate technical, organizational, and security measures designed to protect your Personal Data. As the security of information depends in part on the security of the computer, device, or network you use to communicate with us and the security you use to protect your user IDs and passwords, please make sure to take appropriate measures to protect this information. We regularly review our security procedures and policies to consider appropriate new technology and methods.

  1. HOW WE SHARE YOUR PERSONAL DATA 

 

  • With service providers that assist us in providing the Site and the Services, such as AWS;

 

  • With regulators, to comply with all applicable laws, regulations, and rules, and requests of law enforcement, regulatory, and other governmental agencies or if required to do so by court order;

 

  • To the extent necessary, to our employees, contractors, legal advisors, law enforcement, or governmental agencies in order to protect our legal interests and other rights, protect against fraud or other illegal activities, prevent harm, for risk management purposes, or to comply with a legal obligation; and/or

 

  • If in the future, we sell or transfer some or all of our business or assets to a third party, we will (to the minimum extent required) disclose information to a potential or actual third party purchaser of our business or assets. In the event that we are acquired by or merged with a third party entity, or in the event of bankruptcy or a comparable event, we reserve the right to transfer or assign Personal Data in connection with the foregoing events;

 

  1. ADDITIONAL INFORMATION REGARDING TRANSFERS OF PERSONAL DATA

 

  • For transfers to countries that do not fall under requirements of Article 45 of the GDPR on the adequacy of the level of protection, we may transfer your personal data to the third countries outside the EU and the EEA, including the onward transfers of the personal data from the third countries to other third countries, under Article 46 of the GDPR with the appropriate safeguards, including the SCC.

 

  • We disclose your personal data to the countries outside the EU and the EEA, in compliance with the SCC approved by the European Commission in order to adduce adequate safeguards with respect to the protection of privacy and fundamental rights and freedoms of natural and legal persons. We put supplementary technical and organizational measures in place when transferring data outside the EU and the EEA. e.g., prior assessment of the service supplier’s reliability and personal data protection practices, encryption of the transferred personal data, prompt reacting to any threats to confidentiality, integrity, and availability of the personal data, etc.

 

  1. YOUR PRIVACY RIGHTS; HOW TO DELETE YOUR ACCOUNT

 

  • EU Residents: If our processing of your Personal Data is subject to GDPR, you are entitled to the following rights (which may be subject to certain exemptions or derogations):
  • You have a right to access Personal Data held about you. Your right of access may normally be exercised free of charge; however, we reserve the right to charge an appropriate administrative fee, where permitted by applicable law;
  • You have the right to request that we rectify any Personal Data we hold that is inaccurate or misleading;
  • You have the right to request the erasure/deletion of your Personal Data (e.g., from our records). Please note that there may be circumstances in which we are required to retain your Personal Data, for example for the establishment, exercise, or defense of legal claims;
  • You have the right to object, to or to request restriction, of the processing;
  • You have the right to data portability. This means that you may have the right to receive your Personal Data in a structured, commonly used and machine-readable format, and that you have the right to transmit that data to another controller;
  • You have the right to object to profiling;
  • You have the right to withdraw your consent at any time. Please note that there may be circumstances in which we are entitled to continue processing your data if the processing is required to meet our legal and regulatory obligations. Also, please note that the withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal;
  • You also have a right to request certain details of the basis on which your Personal Data is transferred outside the European Economic Area, but data transfer agreements and/or other details may need to be partially redacted for reasons of commercial confidentiality;
  • You have a right to lodge a complaint with your local data protection supervisory authority (i.e., your place of habitual residence, place or work or place of alleged infringement) at any time or before the relevant institutions in your place of residence. We ask that you please attempt to resolve any issues with us before you contact your local supervisory authority and/or relevant institution.

 

  • You can exercise your rights by contacting us at compliance@spinomenal.com. Subject to legal and other permissible considerations, we will make every reasonable effort to honor your request promptly in accordance with applicable law or inform you if we require further information in order to fulfil your request. When processing your request, we may ask you for additional information to confirm or verify your identity and for security purposes, before processing and/or honoring your request. We reserve the right to charge a fee where permitted by law, for instance, if your request is manifestly unfounded or excessive. In the event that your request would adversely affect the rights and freedoms of others (for example, would impact the duty of confidentiality we owe to others) or if we are legally entitled to deal with your request in a different way than initially requested, we will address your request to the maximum extent possible, all in accordance with applicable law.

 

  1. DATA PROTECTION AUTHORITY

 

  • We kindly invite you to share your concerns with us in the first place regarding any issue related to your personal data processing. You may use the following channels to address your inquiries: compliance@spinomenal.com.
    In some cases, you have the right to lodge a complaint about our use of your personal data with a data protection authority. For more information, please contact your national data protection authority. We will cooperate with the appropriate governmental authorities to resolve any privacy-related complaints that cannot be amicably resolved between you and us.

 

  • In case of any questions regarding data protection, you can apply to the Supervisory Authority. You can find the full list of EU supervisory authorities through the link.

 

 

  1. USE BY CHILDREN

 

  • The Site and our games are not suitable for or target individuals under the age of 18. If we learn that an individual under the age of 18 has provided us with personal information, we will take steps to delete the information and terminate their account if any. If you become aware that an individual under the age of 18 has provided us with personal information without parental consent, please contact us by email at compliance@spinomenal.com.
  1. ANALYTIC TOOLS

 

  • Google Analytics. The Site uses a tool called “Google Analytics” to collect information about the use of the Site. Google Analytics collects information such as how often users visit this Site, what pages they visit when they do so, and what other websites they used prior to coming to this Site. We use the information we get from Google Analytics to maintain and improve the Site and our products. We do not combine the information collected through the use of Google Analytics with personal information. Google’s ability to use and share information collected by Google Analytics about your visits to this Site is restricted by the Google Analytics Terms of Service, available at https://marketingplatform.google.com/about/analytics/terms/us/, and the Google Privacy Policy, available at http://www.google.com/policies/privacy/. You may learn more about how Google collects and processes data specifically in connection with Google Analytics at http://www.google.com/policies/privacy/partners/. You may prevent your data from being used by Google Analytics by downloading and installing the Google Analytics Opt-out Browser Add-on, available at https://tools.google.com/dlpage/gaoptout/. We reserve the right to remove or add new analytic tools.

 

 

  1. CHANGES TO THE PRIVACY POLICY

 

  • This Policy may be changed from time to time due to the implementation of new technologies, laws’ requirements, or for other purposes. We will send notice to you if these changes are dramatic and where required by applicable laws, we will obtain your consent. Also, we encourage you to regularly review this Policy to check for any changes.

 

  1. CONTACT US

 

  • If you have any questions, concerns or complaints regarding our compliance with this notice and the data protection laws, or if you wish to exercise your rights, we encourage you to first contact us at: info@spinomenal.com.