I. The type of personal information we collect, purpose and legal ground.
While using Our Services, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. The most common types of information we collect may include, but are not limited to: user names (first name and last name), email address, phone number, address, state, province, ZIP/postal code, city, usage data, IP addresses, photos, payment information. This data is collected for the purposes of providing the services you access (free or paid), of optimizing and improving our website as well as our online services. The processing is legally based on the contract we have for providing the services and also on our legitimate interest to protect our Website and to improve the quality of our services. For the marketing purposes the legal ground can be your consent.
II. How we collect personal information
We collect personal information directly when you provide it to us, automatically as you navigate through the Website, or through other people when you use the Services which are associated with the Website.
We collect your personal information when you provide it to us, when you subscribe to a newsletter, email list, submit feedback, fill out a survey or send us a communication.
✓ LOG FILES
Log files are used. Internet Protocol (IP) addresses, browser type, Internet Services Provider (ISP), date/time stamps, referring/exit pages, clicked pages, and any other information your browser is sending to our Services are all included in the log files. Such data is used by us to spot patterns, manage the website, follow users around the site, and compile demographic data.
✓ INFRASTRUCTURE MANAGEMENT TOOLS
· AWS - Our Platform uses computing, storage and networking services from Amazon Web Services, Inc. (subsidiary of Amazon).
· MongoDB Atlas - We use MongoDB Atlas as one of our cloud databases for storing information.
✓ ANALYTICS AND MARKETING TOOLS
· Google Analytics - The Website uses Google Analytics to collect information about use of the Website. Google Analytics collects information such as how often users visit this Website, what pages they visit when they do so, and what other websites they used prior to coming to this Website. We use the information we get from Google Analytics to maintain and improve the Website and our products. We use IP anonymization.
· Overloop – Overloop is a multi-channel outbound marketing platform which we use for the management of our outbound marketing campaigns in order to provide You with news, special offers and general information about other goods, services, and events which we offer that are similar to those that you have already purchased or enquired about, unless You have opted not to receive such information.
The personal data we collect through Overloop (name, e-mail address, social media account information such as Linkedin) is public information found on Your social media profiles or Websites or data which You have provided to us by contacting us (via Website, e-mail etc.).
· Hotjar (hotjar.com) is a tool that we use on https://eyeris.io and https://app.eyeris.io to understand user behavior, to identify problems in user experience and improve the overall experience of using the Website and/or the Services. The data we collect through Hotjar concerns the following: what actions you take on a page, what elements of a page you click or ignore, what you enjoy, where you struggle. With this insight, We can then make changes that improve and facilitate your experience.
We collect data about your interactions with the Website without tracking IP/MAC addresses and without collecting information that relates to the device you use or any other personal data.
· Pendo (pendo.io) is a tool that we use to understand how users experience our Website and to guide them when using our Services in order for them to get the outcome they sought. Pendo is focused on the Users’ activities within the Website and combines User’s activity analytics with personalized in-app messaging.
We use Pendo Analytics to evaluate how our Services are used (e.g. which pages, buttons or functionalities are mostly accessed and for how long) and which features need improvement, all in order to improve the journey on our Website for our users.
We use Pendo In-app guides in order to guide our users on how to use certain features on our Website, announce them when updates are coming or make them aware of any issues that might impact their experience on our Website.
We collect data about your interactions with the Website without tracking IP/MAC addresses and without collecting information that relates to the device you use or any other personal data.
· Segment (segment.com) – We use Segment to identify certain User activities and events (e.g. creating an account, creating a video etc.) that might require a response from our side in order to facilitate your experience on our Website and consequently improve our Services altogether.
· Customer.io (customer.io)– We use Customer.io to communicate with you through messages so that your experience on our Website is as smooth as possible. Customer.io is a tool that we use to send e-mails to you whenever you need support, confirmation of a certain activity or simply to inform you on our newest features.
· OpenAI(openai.com) – We use Davinci and ChatGPT, chats developed by OpenAI, in order to generate marketing messages that we automatically integrate in the Creative Assets based on the product description that you provide in your Shopify platform.
NOTE: AI technology comes with tremendous benefits, along with serious risk of misuse. You can read more about the OpenAI Charter, which guides every aspect of their work to ensure that we prioritize the development of safe and beneficial AI, here and their approach to alignment research here.
III. Personal information we collect about you from others.
Although we generally collect personal information directly from you, on occasion, we also collect certain categories of personal information about you from other sources. We collect data via Third Parties APIs (API stands for Application Programming Interface). We are located in EU and the infrastructure runs on AWS Frankfurt datacenter.
We collect product metadata (images, description, price information etc.) via Shopify API from the merchant’s Shopify online shop. Additionally, we use shop locale information to localize information. This data is used in order for us to be able to provide the Services to the user and for our Services functionalities to be carried out as intended.
The following API scopes are used: "read_products", "read_price_rules", "read_locales". The shop data (and product information) and user data (email, name etc.) are deleted once the application is uninstalled (once we receive the requests from Shopify to delete the data).
When You choose to publish the Creative Assets on your social media account, eyeris.io integrates with the social media account and has access to the profile information (which We shall not use for any other mean other than facilitating the intended action of content publishing in the User’s account).
IV. How we use personal information
We will use your personal information where this is necessary for purposes which are in our, or third parties as stated in Chapter I. These interests include:
· operating the Website;
· providing you with Services described on the Website;
· verifying your identity when you sign in to any of our Website;
· helping facilitate the resolution of any disputes;
· updating you with operational news and information about our Website and Services, e.g. to notify you about changes to our Website, website disruptions or security updates;
· carrying out technical analysis to determine how to improve the Website and Services we provide;
· managing our relationship with you, e.g. by responding to your comments or queries submitted to us or asking for your feedback or whether you want to participate in a survey;
· managing our legal and operational affairs (including, managing risks relating to content and fraud matters);
· training eyeris.io staff about how to best serve our user community;
· improving our products and services;
· providing general administrative and performance functions and activities.
Where you give us consent:
· providing you with marketing information about our Services which we feel may interest you;
· for purposes which are required by law, to responding to requests by government, a court of law, or law enforcement authorities conducting an investigation.
From time to time, we may send you emails regarding the Services you acquired or similar products and services for which Your data was initially collected. You can always opt out of these emails by clicking the ‘unsubscribe’ button, free of charge.
V. When we disclose your personal information
We use third-party vendors who may have access to your personal data. These third-party vendors collect, store, use, process, and transfer information about your activity on our Services in accordance with their Privacy Policies.
We will disclose personal information to the following recipients:
- companies that are in the eyeris.io group which are located in EU.
- authors of any items or services made available to you, so they can facilitate support, who may be located in any of the countries which Services are available in.
- subcontractors and service providers who assist us in connection with the ways we use personal information (as set out above), in particular: website hosting providers which are located in EU; technical and customer support services which are located in EU; marketing and analytics services which are located in the EU and US; security and fraud prevention services which are located in the EU; subscription management services which are located in the EU; identification verification services located in the EU; and operational tooling services which are located in the UE and US. Noting that our subcontractors and services providers may also transfer and access such information from other countries in which they have operations.
- our professional advisers (lawyers, accountants, financial advisers etc.) which are located in EU and US.
- regulators and government authorities in connection with our compliance procedures and obligations.
- a third party to respond to requests relating to a criminal investigation or alleged or suspected illegal activity.
- a third party, in order to enforce or defend our rights, or to address financial or reputational risks.
- a rights holder in relation to an allegation of intellectual property infringement or any other infringement.
- other recipients where we are authorized or required by law to do so.
VI. Where we transfer and/or store your personal information
We are based in Romania so your data will be processed in Romania, EU and the EE Area. To protect your information, we take care where possible to work with subcontractors and service providers who we believe maintain an acceptable standard of data security compliance.
VII. How we keep your personal information secure
We store personal information on secure servers that are managed by us and/or our service providers. Personal information that we store or transmit is protected by security and access controls, including username and password authentication, two-factor authentication, and data encryption where appropriate.
VIII. How you can access your personal information
You can access the personal information that we collect about you trough your account when you choose to make one or by making a request to access other personal information we hold about you. You can also request us to correct of any errors in that data. To make an access or correction request, contact us using the contact details at the end of this policy.
IX. Marketing Choices regarding your personal information
Where we have your consent to do so (e.g., if you have subscribed to one of our e-mail lists or have indicated that you are interested in receiving offers or information from us), we send you marketing communications by email about products and services that we feel may be of interest to you. You can ‘opt-out’ of such communications if you would prefer not to receive them in the future by using the “unsubscribe” facility provided in the communication itself.
You also have choices about cookies, as described below. By modifying your browser preferences, you have the choice to accept all cookies, to be notified when a cookie is set, to customize the cookie settings or to reject all cookies. If you choose to reject cookies some parts of our Website may not work properly in your case.
X. Cookies and web analytics
1. General information
For more general information on cookies, see: http://www.allaboutcookies.org/
When you visit our Website, there’s certain information that’s recorded which is generally anonymous information and does not reveal your identity but it helps distinguish you from other users on the Website. If you’re logged into your account some of this information could be associated with your account. This helps us provide you with a good experience, improve our service and to personalize ads and content to you while you use the Website. We’re talking about some of the following details:
– your IP address or proxy server IP address;
– the domain name you requested;
– the name of your internet service provider is sometimes captured depending on the configuration of your ISP connection;
– the date and time of your visit to the Website;
– the length of your session;
– the pages which you have accessed;
– the number of times you access our site within any month;
– the file URL you look at and information relating to it;
– the website which referred you to our Website;
– the operating system which your computer uses.
This Cookies section describes the types of cookies we use on the Website and our purposes for using them. If you have questions about this Cookies section, please contact us at email@example.com.
2. Cookie Definitions
A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your device, which is like computer memory.
First and third-party cookies: whether a cookie is 'first' or 'third' party refers to the domain placing the cookie.
i. First-party cookies are those set by a website that is being visited by the user at the time (e.g. cookies placed by our website domain).
ii. Third-party cookies are cookies that are set by a domain other than that of the website being visited by the user. If a user visits a website and another entity sets a cookie through that website, this would be a third-party cookie. Occasionally, we will use third party advertising companies to serve ads based on prior visits to our Website. For example, if you visit our Website, you may later see an ad for our services when you visit a different site.
Persistent cookies: these cookies remain on a user’s device for the period specified in the cookie. They are activated each time that the user visits the website that created that cookie.
Session cookies: these cookies allow website operators to link the actions of a user during a browser session. A browser session starts when a user opens the browser window and finishes when they close the browser window. Session cookies are created temporarily. Once you close the browser, all session cookies are deleted.
3. What Cookies Do We Use and Why?
iv. Marketing or Targeting.
Necessary cookies help make the Website usable by enabling basic functions like page navigation and access to secure areas of the Website. Without these cookies, we cannot provide the requested services. We use these Necessary cookies to:
· Identify you as being logged in to the Website and to authenticate you;
· Make sure you connect to the right service on the Website when we make any changes to the way it works;
· For security purposes.
* Used for app.eyeris.io only.
Preferences cookies or Functionality cookies enable the Website to remember information that changes the way the Website behaves of looks, like the region that you are in. We use Preference cookies for such purposes as:
· Remember settings you've applied such as layout, text size, preferences and colors;
· Remember if we’ve already asked you if you want to fill in a survey;
· Remember if you have engaged with a specific component or list on the Website so that it won’t repeat;
· Show you when you’re logged in to the website;
· To provide and show embedded video content.
Statistics cookies or Performance Cookies help us understand how visitors interact with the Website by collecting and reporting information anonymously, e.g. which pages you visit, if you experience any errors. These cookies are used only to help us improve how the Website works, understand the interests of our users and measure the effectiveness of our advertising. We use these cookies fuch such purposes as:
· Carry out web analytics: Provide statistics on how the website is used;
· Perform affiliate tracking: Provide feedback to affiliated entities that one of our visitors also visited their site;
· Obtain data on the number of users of the website that have viewed a product or service;
· Help us improve the website by measuring any errors that occur;
· Test different designs for the website.
* Used for app.eyeris.io also.
Marketing or Targeting cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.
*Used for app.eyeris.io also.
XI. Information you make public or give to others
XII. How long we keep your personal information
We retain your personal information for as long as is necessary to provide the Services to you and others, and to comply with our legal obligations. If you no longer want us to use your personal information or to provide you with the eyeris.io services, you can request that we erase your personal information and close your eyeris.io account.
In the event of using our Services through E-commerce platforms, your personal information shall be erased as soon as we receive an uninstall notification from the E-commerce platform you use.
XIII. When we need to update this policy
We will need to change this policy from time to time in order to make sure it stays up to date with the latest legal requirements and any changes to our privacy management practices.
When we do change the policy, we’ll make sure to notify you about such changes, where required. A copy of the latest version of this policy will always be available on this page.
XIV. How you can contact us
If you have any questions about our privacy practices or the way in which we have been managing your personal information, please contact us on our website: https://eyeris.io/contact
● Via email: firstname.lastname@example.org
● By phone: +40 786 802 514
● At our address: 31 Emanoil Porumbaru St., District 1, Bucharest, Romania
XV. Your rights on your personal information
As a data subject, you can contact us at any time with a notification under the contact information mentioned above to make use of your rights. These rights are the following:
• The right to receive information about the data processing and a copy of the processed data;
• The right to demand the rectification of inaccurate data or the completion of incomplete data;
• The right to demand the erasure of personal data;
• The right to demand the restriction of the data processing;
• The right to receive the personal data concerning the data subject in a structured, commonly used and machine-readable format and to request the transmittance of these data to another controller;
• The right to object to the data processing;
• The right to withdraw a given consent at any time to stop a data processing that is based on your consent;
• The right to file a complaint with the competent supervisory authority: The National Supervisory Authority for Personal Data Processing.
These rights are limited in some situations – for example, we can demonstrate that we have a legal requirement to process your personal information. In some instances, this means that we may retain some data even if you withdraw your consent.
Where we require your personal information to comply with legal or contractual obligations, then provision of such data is mandatory: if such data is not provided, then we will not be able to manage our contractual relationship with you, or to meet obligations placed on us. In all other cases, provision of requested personal information is optional.
If you have unresolved concerns, you also have the right to complain to data protection authorities. The relevant data protection authority will be the data protection authority of the country: (i) of your habitual residence; (ii) of your place of work; or (iii) in which you consider the alleged infringement has occurred.