Last revised on 28/04/2023
Swaplance- (hereinafter “Company”, “us,” our” or “We”) is a controller of the personal data of the visitors and users of the Company's services (hereinafter referred to as "Services") collected through the website https://swaplance.com (hereinafter - "Site")
In providing Services by the Company, as well as collecting and processing data about users of different jurisdictions through the Site, we adhere to the standard of the General Data Protection Regulation (hereinafter – GDPR) as the toughest privacy and security law in the world. By using these standards, we will be able to ensure high-level security of the data subject rights and their confidentiality while they are using the Services we provide.
We may change this Policy from time to time. Your further use of the Site constitutes your consent with the changes to this Policy. If you disagree with the actual version of this Policy, you should immediately cease your using the Site.
Purpose of the personal data processing:
The Company collects and processes personal data of visitors and users of the Site for the following purposes:
• provide services, for which users apply through the Site;
• give marketing solutions: sending messages and letters according to the received contact information, to inform users about new products, promotions and events of the Company;
• improve the work of the Company and our customer service: performance measure, providing the advanced usability and effectiveness of the Site;
• communicate with Users: direct communication with users, response to inquiries, questions and feedbacks; providing support to the users;
• maintain safety and security: protection of the interests of the Company and users, immediate response to any harmful, unauthorized, unethical or illegal activities through interaction with the Site;
• follow legal requirements.
The Company is lawfully processing users’ personal data in the following cases:
- personal data is provided for pre-contractual or contractual relationships.
- the User has given his/her informed consent.
- legal obligations for the processing of personal data according to the services rendered.
PRINCIPLES APPLIED TO THE PERSONAL DATA PROVIDED
· Fairness and transparency principle: prior consent of the subject to process his/her personal data for one or different specific purposes about which he/she are previously informed with absolute transparency is always requested.
· Purpose limitation: data is collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes;
· Data minimization: only those personal data are requested which are strictly necessary in relation to the purposes for which they are processed.
· Accuracy: only accurate personal data are processed and, where necessary, kept up to date.
· Storage limitation principle: personal data are kept for no longer than necessary for the purposes for which they are processed.
· Integrity and confidentiality principle: personal data are processed in a manner that ensures appropriate security and confidentiality of the same. We always take all necessary measures against unauthorized or undue use of our users’ personal data by third parties.
· Accountability: the Company shall be responsible for, and be able to demonstrate compliance with, principles applied.
Types of personal data we process via the Site
We process our Users’ personal data that they provide to us personally or that we receive from public sources, including in whole or in part, including name, surname, country of residence, email, gender, birth date, work experience, specialization, credit card number, billing address, taxpayer identification number, passport information. We reserve the right to request additional information from you to provide services or confirm previously provided information, If necessary.
Communication regarding personal data
Any messages or requests related to personal data can be sent to the user by the Company in a way convenient for the User, using open contact data. We also may notify you about significant changes in the work mode of the Site or any other things we consider necessary while you receive the Company Services.
Period of personal data processing
The Company keeps and processes personal data collected through this Site Personal data for no longer than necessary for the purposes for which they are processed.
The personal data collected through this Site will be stored as long as:
- the contractual relationship is maintained or,
- it is necessary for the fulfillment of a legal obligation or for legal exercise of rights,
- it is not requested to be deleted by the User and should not be deleted as it.
The processing of personal data collected through the Site is carried out in accordance with the principle of equality. All our users enjoy equal rights prescribed the standards we adhere in the field of personal data protection, namely:
- right to access: users can send inquiries to the Company concerning kind, purpose and duration of their personal data processing and then receive relevant information;
- right to correct: users may contact the Company to supplement or change their personal data in order to update them;
- right to delete: users have the right to ask the Company to delete their personal information fully or partially;
- right to restrict processing: users have the right to ask the Company to stop, in whole or in part, the processing of their personal data;
- right to data transfer: users have the right to receive a copy of their personal data and transfer such data to other owners or administrators;
- right to object to the processing of personal data and to withdraw consent to their collection and processing;
- right to appeal: users have the right to file a complaint to the authorities regarding the protection of personal data if they believe that the Company has violated any of their rights.
Data Protection Safeguards
To ensure the security of users' personal data and to prevent their loss, misuse, and unauthorized access, disclosure, alteration or destruction, we take appropriate measures to protect them, namely:
1) follow the standards of the GDPR and any other applicable laws and regulations during their processing, in particular in terms of authorization and authentication of access to personal databases, response to threats and risks to personal data security, etc;
2) review and update the privacy policies of the Site, our Services and internal information security policies of the Company on a regular basis, conduct audits of the personal data protection conditions within the Company;
3) conduct regular trainings and provide instructions to the Company's employees on personal data protection, check the controllers who obtain access to users' personal data for compliance with personal data protection standards, but not lower than those we adhere to, include relevant provisions and guarantees in contracts with them;
4) use licensed software, including anti-virus, high-level protection, regularly update it and ensure proper maintenance of our information security systems;
5) restrict access to users’ personal data only to those employees and managers who need it to perform their duties and provide services and only to the extent necessary for this purpose;
6) cooperate with the authorized bodies in the field of personal data protection, inform them and personal data subjects about leaks or risks of personal data no later than 72 hours after receiving information about them.
Transfer of personal data
The Company does not disclose or transfer users’ personal data to third parties.
To provide services to Users, the Company may transfer them to:
- public and law enforcement agencies, which have authorized to request process such data by law and following their substantiated appeal;
- the contractors who act as personal data processors, subject to the requirements described in the section ”Data Protection Safeguards”.
In all cases, we decide on such a transfer, considering the possible risks to the legitimate rights and interests of our users.
Transfer of personal data to the third countries
Sometimes, to carry out the purposes indicated above, international data transfers can be done to the certain companies and contractors from the third countries that provide services to the Company, could access to your personal data
During these transfers the Company at all times will ensure that whoever has that information to help us provide our Services, it does so with all the guarantees in terms of data protection including GDPR standards.
Users of the Services we provide additionally to this Policy agree to comply with the laws of the host country and to be liable within the limits set by the applicable law. The Company also reserves the right to restrict the content of the Site to any person or specific geographical area at any time without prior notice to the User.
Links to third party websites
The Site contains links to third party websites. We cannot control, and take no responsibility for, the content or privacy practices of such third-party websites. Once you have used these links to leave the Site, any information you provide to these third parties is not covered by this Policy, and we cannot guarantee the safety and privacy of your information. Before visiting and providing any information to any third-party websites, you should inform yourself of the privacy policies and practices (if any) of the third party responsible for that website, and should take those steps necessary to, in your discretion, protect the privacy of your information. We are not responsible for the content or privacy and security practices and policies of any third parties, including other sites, services or applications that may be linked to or from the Site.
Marketing and advertising newsletters
If you subscribe to receive our advertising and marketing newsletters, the data you provided for creating and sending the information letters will be processed until you unsubscribe. To receive the letters from us, you should firstly verify your consent by clicking on the confirmation link in the verification e-mail that we send to you after registering. You can revoke your consent at any time by unsubscribing from the information letter. You will find a link at the end of each newsletter. We delete your data once you unsubscribe from the newsletter. We delete the data, which we need as proof that you have agreed to having the newsletter sent to you, after the limitation period for the corresponding obligations to provide proof has expired.
Should you have any doubt or inquiry about the processing of personal data by the Company, you can contact us using the information below: