Privacy Policy - ProjectAgora

Privacy Policy

Project Agora is a leading advertising technology company that offers programmatic, native and retail advertising solutions (the “Services”). As a business, Project Agora is committed to respecting and protecting the privacy of all individuals with whom it interacts.

This privacy policy (the “Privacy Policy”) explains the practices of Project Agora Ltd (Arch. Makariou III 214, Limassol, Cyprus) together with its affiliates (“Project Agora”, we”, “us”, or “our”) (i) when it has a contractual relationship with you (a “Customer”); (ii) when a user visits our customers’ websites and digital properties interacting with our Services (an “End User”); and (iii) when a user accesses Project Agora’s website (a “Site Visitor”).

You can access the specific provisions for each of these categories as follows:

Customers

End Users

Site Visitors

 

Customers Privacy Policy

Introduction

This section of the Privacy Policy explains how Project Agora may collect, use, share and secure personal information shared by Customer or prospective customers (referred to as “you” in this policy), when negotiating, entering into or performing a contractual relationship with Project Agora.

Definitions

“Customer” means a media owner or other content provider that has a contractual relationship with Project Agora.

Customer Properties” means owned, exploited or licensed websites or other digital properties of media owners on which Project Agora’s Services are served and via which Personal Data may be collected.

“Data Protection Legislation” means all applicable laws and regulations, including, without limitation, the laws and regulations of the EU applicable to the Processing of Personal Data, such as: (i) the EU General Data Protection Regulation (Regulation (EU) 2016/679) (“GDPR”); (ii) the EU e-Privacy Directive (Directive 2002/58/EC); and (iii) any national data protection laws made under or pursuant to (i) or (ii).

“End User” or “User” means the visitors of our Customers’ websites and digital properties who interacts with our Services.

“Third-Party Vendors” or “Vendors” means Project Agora’s partners, including but not limited to advertisers, demand side platforms, ad exchanges, reporting platforms, agencies, agency trading desks, ad networks and any third party acting on behalf of media buyers.

The terms “Data Controller”, “Data Processor”, “Data Subject”, “Personal Data”, “Processing”, “Sub-processor”, “Third Country” and in general all terms contained in art. 4 of the GDPR have the meaning therein awarded to them.

Customer Information

We collect and process the information shared by our Customers or prospective customers (the “Customer Information”) in order to negotiate, enter into and perform a contractual relationship with you. Furthermore, we may collect any personal data you provide to us to deliver the specific information or service you have requested. Such information may include your contact details and other information (such as name, job title, department, name of organization). Furthermore, we shall collect and process the content of any inquiries you submit to us as well as your account details when, in your capacity as our customer, you register on our Partners Center.

How we use Customers’ Information

We may use the information you provide to us as Data Controllers for the following purposes:

To provide you with our services and to perform our contract

We process personal information you share with us if said processing is necessary for the performance of a contract to which you are a party or in order to negotiate entering into a new contract with us.

To communicate with you

We use information you have shared with us in order to communicate with you about your account in the Project Agora Platform; to contact you about products or services that we think may be of interest to you and to respond to your inquiries, requests, or complaints.

In case the legal basis for any communication with you is your prior consent you can opt-out at any time from receiving any further communication by us by using the dedicated opt-out tool contained in our communications or via email by contacting privacy@projectagora.com.

To comply with our legal obligations

We may process your personal data in order to comply with our legal obligations, arising from the provisions of the legislation, judgments, governmental regulations or decisions.

Complaints and fraud prevention

We may process your personal data in order to investigate complaints, identify and prevent fraud, assess situations relating to possible threats to the security of any person or violations of our policies or terms.

Marketing and advertising

We may use your information to provide you with newsletters, special offers and for other marketing, advertising, and promotional purposes based on your declared preferences or previous purchases.

What is the legal basis for collecting and processing Customer Information

The legal basis for collecting and processing any Personal Data contained in Customer’s Information will depend on the specific Personal Data as well as the purpose for which they were collected and processed.

We shall collect and process your Personal Data solely under the following legal bases (i) in order to negotiate, execute and perform our contract with you (art. 6 § 1b Regulation (EU) 2016/679) (ii) where you have given us your explicit and free consent to collect and process your data in relation to a specific purpose (art. 6 § 1a Regulation (EU) 2016/679), (iii) when the processing is in our or a third party’s legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms (art. 6 § 1f Regulation (EU) 2016/679)  (iv) when we have a legal obligation to collect or process Personal Data in accordance with applicable legislation (art. 6 § 1c Regulation (EU) 2016/679).

How we store information and for how long

The information you directly provide to us is stored in our secure databases. We take the appropriate technical and operational measures to ensure that any personal information disclosed to us is kept secure and protected.

The data storage time is decided based on the following specific criteria, as appropriate on each case:

  • When the processing is based on a contractual relationship, your personal data are stored for as long as is necessary to perform the contract and for the establishment, exercise or defense of legal claims in accordance with said contract. Such retention period may not extend to longer than five (5) years after the termination or expiration of the contract. The above provision shall not be applicable to the retention of data, which is required for our compliance with legal obligations under the applicable legal framework, whereupon your personal data will be stored for as long as required by the relevant provisions or in case of continued court proceedings in which your data are required, whereupon your personal data will be stored for the duration of any court proceedings.
  • When the processing is necessary for compliance with legal obligations under the applicable legal framework, your personal data will be stored for as long as required by the relevant provisions. The statute of limitations in accordance with the applicable legislation is 20 years.
  • For marketing purposes, your personal data are stored for up to 5 years or until you request their withdrawal. If the legal basis for the processing of your data is consent, you have the right to withdraw it at any time. The withdrawal of your consent shall not affect the lawfulness of the processing that occurred before its withdrawal.

How we secure the information

The company takes the appropriate technical and organizational measures to ensure compliance with the legislation for the protection of personal data of its Customers. We also ensure that access to any personal data is not given to anyone other than the appropriate authorized persons, and only for the purposes of processing, specified in this policy.

The Company recognizes the importance of the security of your Personal Data and takes all necessary measures, with the most modern and advanced methods, to ensure your maximum security. All information related to your personal information and transactions is secure and confidential. To ensure the confidentiality of data transfers, we use industry’s best practices in accordance with our Information Security Policy.

Recipients of Customer Information

Customer Information may be accessed by third parties pursuant to the Purposes herein described. Any such transfer is subject to the provisions established in this Privacy Policy, our contractual specifications and the purposes herein determined.

In particular, Customer Information may be accessed by the following categories of recipients:

Our employees

Your data may be transferred to our employees who are in charge of assessing your requests, managing and performing your contract (s) with the company, meeting the obligations arising from the contract (s) and the obligations imposed by law. All of our employees have a sufficient and significant level of awareness to protect your personal data and are bound by a confidentiality clause.

Authorities

We may share your personal data with the competent authorities, as long as this is permitted by law, in order to comply with a legal obligation, court order or other legal process as well as to identify or prevent criminal acts and other unlawful activities.

External partners

We may transfer Customer Information to cooperating companies for the purpose of providing our Services. We always ensure that the processors we engage with fulfill the requirements and provide sufficient guarantees to implement appropriate technical and organizational measures in such a manner that processing will ensure the protection of your rights.

Furthermore, in the course of managing court proceedings and for the purposes of investigating, preventing, or taking action regarding illegal activities, suspected fraud, violations of our Terms of Use or this Privacy Policy we may transfer your data to external partners in the event that their assistance is considered necessary for the management of the case and the defense of our rights.

Business transfers

We reserve the right to disclose and/or transfer Information to another entity if we are acquired by or merged with another company, if we sell or transfer a business unit or assets to another company, if we undergo a bankruptcy proceeding, or if we engage in any other similar business transfer.

Aggregated and de-identified Information

We may disclose to our Customers and other third parties aggregated or de-identified User Information to be used for marketing, research, or other legal purposes.

Your rights

In connection with collected personal data, the GDPR awards to Data Subjects the following rights, which you can exercise, as applicable, by contacting us.

Right to withdraw consent: You may withdraw your consent of processing your personal data at any time.

Right of correction/editing: You may ask us to correct your personal data.

Right of limitation: You may ask us to restrict the processing of your personal data if:

  • You question the accuracy of your personal data for the time it will take to verify the accuracy of the personal data;
  • Processing is illegal and you request the restriction of processing instead of the deletion of your personal data;
  • We no longer need your personal data, but you need it to support, exercise or defend legal claims.

Right of access: You may request from us information about the personal data of yours that we retain, including information about the categories of such personal data, the purpose of their use, where it was collected from, to whom they have been made known. You can obtain from us free of charge a copy of the personal data we keep for you. We reserve the right to charge a reasonable fee for any further copy you may request.

Right of data portability: At your request, we will transfer your data to another controller, where technically feasible, provided that the processing is based on your consent or is necessary for the performance of a contract. Instead of receiving a copy of your personal data, you may ask us to transfer the data to another controller.

Right to delete: You may ask us to delete your personal data if:

  • they are no longer necessary in relation to the purposes for which they were collected or processed,
  • you wish to exercise your right to object to any further processing of your personal data,
  • you withdraw your consent and there is no other legal basis for processing,
  • your personal data has been unlawfully processed unless the processing is necessary (a) to comply with a legal obligation, which requires processing by us or (b) to support, pursue or defend legal claims.

Right to object: You may object – at any time – to the processing of your personal data due to your particular situation, provided that the processing is not based on your consent but on our legitimate interest or on legitimate interests of third parties. In such case, we shall no more process your personal data unless we can prove that such use is justified by a legal reason and a legal right of ours superseding your right to object. If you object to us processing your data you are kindly requested to clarify whether you wish that such data is deleted or limited.

Right to lodge a complaint: In the event of an alleged breach of applicable privacy law, you may lodge a complaint with the competent data protection supervisory authority. You may contact the Cypriot Supervisory authority through the following website (dataprotection.gov.cy).

Limitation of access: In some cases, we may not be able to provide access to all or some of your personal data under legislation. If we refuse your request for access, we will inform you of the reason for this refusal. Also, in some case we may not be able to search for your personal data because the information you provide is inadequate. In such cases, where we cannot identify you as a data subject, we are unable to comply with your request to enforce your legal rights as described in this article, unless you provide us with additional information that allows you to be identified.

Governing Law

The applicable law is Cypriot law, the General Regulation on the Protection of Personal Data 2016/679/EU, and in general the applicable national and European legislative and regulatory framework for the protection of personal data.

Updates

This Privacy Policy is current as of the Effective Date set forth above.

We may update this policy from time to time in order to reflect changes to the functionalities or services provided by our website or for other legal and regulatory reasons. Please check the website regularly for any changes to this Policy.

Transparency & Consent Framework Participation

Project Agora participates in the IAB Europe Transparency & Consent Framework and complies with its Specifications and Policies. Project Agora’s identification number within the framework is 1032.

Contact Us

If you have questions about the privacy aspects of our website, please contact us at privacy@projectagora.com or contact our DPO at: dpo@thinkdigitalgroup.net.

 

End Users Privacy Policy

Introduction

The purpose of this section of the Privacy Policy is to provide transparency around what information we collect, how and why we collect it, how we use, store and secure it and with whom we share it, when End Users (referred to as “you” in this policy) visit our Customers’ websites and digital properties and interact with our Services.

Definitions

Customers” means a media owner or other content provider that has a contractual relationship with Project Agora.

Customer Properties” means owned, exploited or licensed websites or other digital properties of media owners on which Project Agora’s Services are served and via which Personal Data may be collected.

Data Protection Legislation” means all applicable laws and regulations, including, without limitation, the laws and regulations of the EU applicable to the Processing of Personal Data, such as: (i) the EU General Data Protection Regulation (Regulation (EU) 2016/679) (“GDPR”); (ii) the EU e-Privacy Directive (Directive 2002/58/EC); and (iii) any national data protection laws made under or pursuant to (i) or (ii).

End User” or “User” means the visitors of our Customers’ Properties who interact with our Services.

Third-Party Vendors” or “Vendors” means Project Agora’s partners, including but not limited to advertisers, demand side platforms, ad exchanges, reporting platforms, agencies, agency trading desks, ad networks and any third party acting on behalf of media buyers.

The terms “Data Controller”, “Data Processor”, “Data Subject”, “Personal Data”, “Processing”, “Sub-processor”, “Third Country” and in general all terms contained in art. 4 of the GDPR have the meaning therein awarded to them.

User Information

Project Agora does not collect or process any User Information that can be used to directly identify an individual, such as name, address, phone number, email address or government identifiers, unless such data are voluntarily provided in relation to an inquiry or a service a User has requested. Such information may include User’s contact details and the content of its inquiries when the request is submitted.

For delivering our services we rely on the usage of Third-Party Vendors who collect, through cookies, tags and other similar technologies, certain information about you and your device, each time you visit our Customer’s Properties (the “User Information”). The term “Cookie” is used in this Policy in the broad sense to include all similar techniques and technology. You can find more information on the definition of cookies and how we use them on our Cookie Policy.

User information collected and processed in the context of our Services may include the following information:

Information about your device and operating system, IP address and other online identifiers, the web pages accessed by you within our Customer’s Properties, the link that led you to a Customer’s website, the dates and times a User accesses a Customer’s website, event information (e.g., system crashes), general location information (e.g., city and state), hashed email addresses (when made available by the User). Depending on the provided Services, in-app User behaviors (e.g. online status, browsing activity, and clicks) and implicit non-precise device location inferred from search queries (when enabled by the User) may be collected.

To learn more about the specific data collected through each of our Third-Party Vendors please check their respective privacy policies on the “Third-Party Vendors” section. You can view which of our Vendors are active on a Customer’s Property by viewing their respective Cookie and Privacy Policy.

How we use User Information

  • The information collected each time you visit Customer’s Properties is primarily used in order to sell our Customer’s advertising space to advertisers with the assistance of our Third-Party Vendors. Furthermore, User Information is used in order to deliver advertising targeted on your inferred interests based on your activities across Customer’s Properties.
  • We may also use the information collected
    in order to analyze and report on how you interact with an ad (e.g., tracking of views and click through rates) and the performance of that ad.
  • To protect, investigate and deter against fraudulent, unauthorized or illegal activity.
  • To improve our services and ensure their proper function.

 

What is the legal basis for Processing User Information

Project Agora in its capacity as a Data Controller, insofar as it places cookies and retrieves information that is Personal Data and insofar as it determines the purposes and means of processing of End Users Personal Data to make decisions on the End Users Personal Data, shall process any Personal Data solely subject to a proper legal basis under the conditions established by the applicable Data Protection Legislation.

The legal basis for collecting and processing User Information will depend on the specific Personal Data as well as the purpose for which they were collected and processed. Generally, any processing of your Personal Data in relation to our Services shall be based on your explicit and free consent to collect and process your data in relation to a specific purpose (e.g when you accept marketing cookies on a Customer’s Property) (art. 6 § 1a Regulation (EU) 2016/679). In rare cases we may collect and process your data (i) when the processing is in our or a third party’s legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms (e.g fraud detection) (art. 6 § 1f Regulation (EU) 2016/679) or (ii) when we have a legal obligation to collect or process Personal Data in accordance with applicable legislation (art. 6 § 1c Regulation (EU) 2016/679).

How long is the User Information stored

We do not store any information about you in order to provide our Services. All User Information collected in relation to the Services are stored by our Third-Party Vendors using the highest security standards. To learn more about our Vendors’ retention policies, please check their respective privacy policies on the “Third-Party Vendors” section.

Any information you may directly provide to us (e.g., in case you directly communicate with us) is stored in our secure databases. We take the appropriate technical and operational measures to ensure that your personal information disclosed to us is kept secure and protected in accordance with our Information Security Policy. All User Information collected and stored by us is retained for no longer than necessary for the purpose(s) for which it has been collected and processed. Such period may extend to no longer than five (5) years, unless the continued retention of your data is required for our compliance with legal obligations under the applicable legal framework, whereupon your personal data will be stored for as long as required by the relevant provisions, or in case of continued court proceedings in which your data are required, whereupon your personal data will be stored for the duration of the court proceedings.

Recipients of User Information

User Information may be accessed by third parties pursuant to the Purposes herein described. Any such transfer is subject to the provisions established in this Privacy Policy and the purposes herein determined.

In particular, User Information may be accessed by the following categories of recipients:

Our employees

Your data may be transferred to our employees and the employees of our affiliated companies who are in charge of assessing your requests. All of our employees have a sufficient and significant level of awareness to protect your personal data and are bound by a confidentiality clause.

Authorities

We may share your personal data with the competent authorities, as long as this is permitted by law, in order to comply with a legal obligation, court order or other legal process as well as to identify or prevent criminal acts and other unlawful activities.

External partners

We may transfer User Information to cooperating companies for the purpose of providing our Services. We always ensure that the processors we engage with fulfill the requirements and provide sufficient guarantees to implement appropriate technical and organizational measures in such a manner that processing will ensure the protection of your rights.

Furthermore, in the course of managing court proceedings and for the purposes of investigating, preventing, or taking action regarding illegal activities, suspected fraud, violations of our Terms of Use or this Privacy Policy we may transfer your data to external partners in the event that their assistance is considered necessary for the management of the case and the defense of our rights.

Business transfers

We reserve the right to disclose and/or transfer Information to another entity if we are acquired by or merged with another company, if we sell or transfer a business unit or assets to another company, if we undergo a bankruptcy proceeding, or if we engage in any other similar business transfer.

Aggregated and de-identified Information

We may disclose to our Customers and other third parties aggregated or de-identified User Information to be used for analytics, research and optimization of services purposes.

Third-party Vendors

To provide our Services, we use a variety of third-party partners such as ad networks, supply-side platforms, ad exchanges, ad servers, data exchanges, advertisers and agencies. We also use analytics services supported by Third-party Vendors to perform analytics and track trends. Those third-party companies may use tracking technologies to collect and store usage information about you and may combine this information with information they collect from other sources.

You can find detailed information on the User Information each of our Vendors collects and processes, their retention periods and exercise your rights by accessing their respective policies:

Adagiohttps://adagio.io/privacy
Adformhttps://site.adform.com/privacy-center/platform-privacy/product-and-services-privacy-policy/
Adipolohttps://adipolo.com/privacy-policy
Adnamihttps://www.adnami.io/privacy-policy-services
Adomikhttps://www.adomik.com/adomik-sas-privacy-policy/
Amazonhttps://aps.amazon.com/aps/privacy-policy/
BannerNowhttps://bannernow.com/privacy
Baresquarhttps://baresquare.com/privacy-policy
CitrusAdhttps://www.citrusad.com/privacy-policy
Criteohttps://www.criteo.com/privacy/
E-Planninghttps://www.e-planning.net/privacy-policy.php
Facebookhttps://www.facebook.com/ads/manage/audience_network/publisher_tos/
Freewheelhttps://freewheel.com/privacy-policy
Googlehttps://policies.google.com/privacy
Hotjarhttps://www.hotjar.com/legal/policies/privacy/
Improve Digitalhttps://improvedigital.com/platform-privacy-policy/
Index exchangehttps://www.indexexchange.com/privacy
InMobihttps://www.inmobi.com/privacy-policy
Magnitehttp://rubiconproject.com/rubicon-project-yield-optimization-privacy-policy/
Moathttps://www.oracle.com/legal/privacy/
Nielsenhttps://www.nielsen.com/digitalprivacy
NoBidhttps://www.nobid.io/privacy-policy/
Nova (Polar Mobile Group)https://www.createwithnova.com/privacy
OneTaghttps://www.onetag.com/privacy/
OpenXhttps://www.openx.com/legal/privacy-policy/
Payoneerhttps://www.payoneer.com/legal/privacy-policy/
Pubmatichttps://pubmatic.com/legal/privacy-policy/
RTBHousehttps://www.rtbhouse.com/privacy-center
Sharethroughhttps://privacy-center.sharethrough.com/en/advertising-platform-privacy-notice/
Sizmekhttps://www.sizmek.com/privacy-policy
Smaatohttps://www.smaato.com/privacy/
Smart Ad Serverhttp://smartadserver.com/company/privacy-policy/
Sovrnhttps://www.sovrn.com/legal/privacy-policy/
Taboolahttps://www.taboola.com/privacy-policy
Triple Lifthttps://triplelift.com/privacy/
Video Intelligencehttps://www.vi.ai/privacy-policy/
Vidoomyhttps://www.vidoomy.com/privacypolicy-en.html
Xandrhttps://www.xandr.com/privacy/platform-privacy-policy/
Yandexhttps://yandex.com/legal/confidential/

Exercise your rights

If you are an End User as defined in this Privacy Policy, you may have certain rights and protections under applicable Data Protection Legislation regarding the collection and processing of your information, insofar as it includes certain digital identifiers or other data that may be considered Personal Data under applicable Data Protection Legislation.

Right to withdraw consent: You may withdraw your consent of processing your personal data at any time.

Right of correction/editing: You may ask us to correct your personal data.

Right of limitation: You may ask us to restrict the processing of your personal data if:

  • You question the accuracy of your personal data for the time it will take to verify the accuracy of the personal data;
  • Processing is illegal and you request the restriction of processing instead of the deletion of your personal data;
  • We no longer need your personal data, but you need it to support, exercise or defend legal claims.

Right of access: You may request from us information about the personal data of yours that we retain, including information about the categories of such personal data, the purpose of their use, where it was collected from, to whom they have been made known. You can obtain from us free of charge a copy of the personal data we keep for you. We reserve the right to charge a reasonable fee for any further copy you may request.

Right of data portability: At your request, we will transfer your data to another controller, where technically feasible, provided that the processing is based on your consent or is necessary for the performance of a contract. Instead of receiving a copy of your personal data, you may ask us to transfer the data to another controller.

Right to delete: You may ask us to delete your personal data if:

  • they are no longer necessary in relation to the purposes for which they were collected or processed,
  • you wish to exercise your right to object to any further processing of your personal data,
  • you withdraw your consent and there is no other legal basis for processing,
  • your personal data has been unlawfully processed unless the processing is necessary (i) to comply with a legal obligation, which requires processing by us or (ii) to support, pursue or defend legal claims.

Right to object: You may object – at any time – to the processing of your personal data due to your particular situation, provided that the processing is not based on your consent but on our legitimate interest or on legitimate interests of third parties. In such case, we shall no more process your personal data unless we can prove that such use is justified by a legal reason and a legal right of ours superseding your right to object. If you object to us processing your data you are kindly requested to clarify whether you wish that such data is deleted or limited.

Right to lodge a complaint: In the event of an alleged breach of applicable privacy law, you may lodge a complaint with the competent data protection supervisory authority. You may contact the Cypriot Supervisory authority through the following website (dataprotection.gov.cy).

Limitation of access: In some cases, we may not be able to provide access to all or some of your personal data under legislation. If we refuse your request for access, we will inform you of the reason for this refusal. Also, in some case we may not be able to search for your personal data because the information you provide is inadequate. In such cases, where we cannot identify you as a data subject, we are unable to comply with your request to enforce your legal rights as described in this article, unless you provide us with additional information that allows you to be identified.

Additionally, you can opt-out of receiving interest-based advertising by either the Third-Party Vendors we work with or other advertising companies by visiting the following links:

Please note that the above platforms allow you to opt out of interest-based advertising delivered by registered members on the current browser you are using.
Opting out from one or more companies listed on the above links will opt you out from those companies’ delivery of targeted content or ads to you, but it does not mean you will no longer receive any advertising. You may continue to receive advertisements, for example, based on the particular website that you are viewing (i.e., contextually based ads).
Please note the following important information related to opting out:

The opt-out only applies to the browser in the device in which you set it. For example, if you set the opt-out while using the Firefox browser, then the opt-out applies only to the Firefox browser on the device where it was set, not other browsers or devices.
To opt out from other browsers and devices, you will need to repeat the opt-out process in such browsers and devices.
If you block the opt-out cookie or your browser is configured to block third-party cookies, then your opt-out may not be effective.
If you delete your cookies, you will need to opt out again. You may download a browser extension that will help preserve the opt-out preferences you set by visiting www.aboutads.info/PMC.

Transparency & Consent Framework Participation

Project Agora participates in the IAB Europe Transparency & Consent Framework and complies with its Specifications and Policies. Project Agora’s identification number within the framework is 1032.

Contact Us

If you have questions about the privacy aspects of our Services, please contact us at: privacy@projectagora.com.

In order to exercise your rights, you may contact our appointed DPO at: dpo@thinkdigitalgroup.net.

Updates

This Privacy Policy is current as of the Effective Date set forth above.

We may update this policy from time to time in order to reflect changes to the functionalities or services provided by our website or for other legal and regulatory reasons. Please check the website regularly for any changes to this Policy.

 

Website Users Privacy Policy

Introduction

The purpose of this section of the Privacy Policy is to provide transparency around what information we collect, how and why we collect it, how we use, store and secure it and with whom we share it when Site Visitors (referred to as “you” in this policy) visit our Website (projectagora.com).

By accessing or using our website or dealing with the functionalities offered through it, you agree to the terms of this Privacy Policy.

The information we collect

We may collect some or all of the following personal information in case you voluntarily provide it to us when you use this website:

  • Private contact information (such as name, postal or e-mail address, and phone number); or
  • Business contact and other information (such as name, job title, department, name of organization).

Cookies:

We use cookies to collect and store analytics data and other information when visitors enter our website. Cookies are small text files sent and stored on your device that allow us to recognize visitors to the website, to facilitate its use and to create aggregate information about our visitors. This helps us improve our services and better serve our visitors. Cookies will not harm your device or files. We use cookies to customize our services and the information we provide according to the personalized choices of our users.

You have the right to withdraw at any time, without affecting the legality of the processing carried out based on your consent prior to its withdrawal. Please note that some parts of the Website may not function properly if the use of certain cookies is rejected.

You can also manage your cookie preferences and opt-out from the collection and management of your data through the following websites:

http://www.aboutads.info/choices

http://www.youronlinechoices.eu/

For further information regarding cookies, please see our Cookie Policy.

How and why we collect information

We collect this information through Project Agora’s website (projectagora.com). The reason why we may collect the personal data you provide to us is to optimize the functions of our website and deliver the specific information or services you have requested. For example, if you request to contact us via the “Get in touch with us” form, we shall need your email or telephone in order to contact you.

How we use your information

We collect the personal data that you voluntarily provide to communicate with you and in some cases in order to provide you with information, special offers, services or information in accordance with your expressly expressed wishes.

In more detail, we may use Site Visitor Information for the following reasons:

PurposeLegal basis of processing
To respond to your inquiries.Legitimate Interest – we may use your personal information to respond to your inquiries, requests, or complaints.
To provide you with information that you have requested e.g., a newsletter.Consent – we only use your personal information for this purpose if you have asked us to do so. You can withdraw your consent at any time.
To improve our services and protect our business interests.Our legitimate interests – we use your personal information to improve the services we provide to you and other Website users, we may also use a User’s personal information under this basis to investigate complaints, identify and prevent fraud, assess situations relating to possible threats to the security of any person or violations of our policies or terms.
To serve personalized ads on our Website, to measure and optimize the performance of advertisements and the display of more relevant advertisements.Consent – The processing will always be carried out on the condition that we have previously received your consent, which you have the right to withdraw at any time, without affecting the legality of the processing carried out based on your consent prior to its withdrawal.
To comply with our legal obligations.Compliance with a legal requirement – We may process your personal data in order to comply with our legal obligations, arising from the provisions of the legislation, judgments, governmental regulations or decisions. We may also process your personal data in order to investigate complaints, identify and prevent fraud, assess situations relating to possible threats to the security of any person or violations of our policies or terms.

How we store information and for how long

The information you directly provide to us is stored in our secure databases. We take the appropriate technical and operational measures to ensure that your personal information disclosed to us is kept secure and protected.

The information you provide to us through the “Get in touch with us” section is stored by our Partner “Active Campaign” and is secured based on Active Campaign’s applicable privacy policy. We use Active Campaign’s API through SSL to ensure that data are safely transferred.

We will only retain your information for as long as is necessary for the purposes described in this Privacy Policy. This means that the retention periods will vary according to the type of information and the reason that we have collected the information in the first place.

When the processing is necessary for compliance with legal obligations under the applicable legal framework, your personal data will be stored for as long as required by the relevant provisions. The statute of limitations in accordance with the applicable legislation is 20 years.

Any User Information that has been collected through the use of Cookies and other similar technologies shall be retained solely for the period specified in our Cookie Policy.

How we secure the information

We take the appropriate technical and organizational measures to ensure the protection of the personal data of our website visitors. The company also ensures, through the above measures that access to personal data is not given to anyone other than the appropriate authorized persons, and only for the purposes of processing, specified in this policy.

The Company recognizes the importance of the security of your Personal Data and takes all necessary measures, with the most modern and advanced methods, to ensure your maximum security. All information related to your personal information and transactions is secure and confidential. To ensure the confidentiality of data transfer, we use proper encryption protocols.

With whom we share the information

Site Visitor Information may be accessed by third parties pursuant to the Purposes herein described. Any such transfer is subject to the provisions established in this Privacy Policy and the purposes herein determined.

In particular, Site Visitor Information may be accessed by the following categories of recipients:

Our employees

Your data may be transferred to our employees and the employees of our affiliated companies who are in charge of assessing your requests and communicating with you. All of our employees have a sufficient and significant level of awareness to protect your personal data and are bound by a confidentiality clause.

Authorities

We may share your personal data with the competent authorities, as long as this is permitted by law, in order to comply with a legal obligation, court order or other legal process as well as to identify or prevent criminal acts and other unlawful activities.

External partners

We may transfer User Information to cooperating companies for the purpose of providing our Services. We always ensure that the processors we engage with fulfill the requirements and provide sufficient guarantees to implement appropriate technical and organizational measures in such a manner that processing will ensure the protection of your rights.

Furthermore, in the course of managing court proceedings and for the purposes of investigating, preventing, or taking action regarding illegal activities, suspected fraud, violations of our Terms of Use or this Privacy Policy we may transfer your data to external partners in the event that their assistance is considered necessary for the management of the case and the defense of our rights.

Business transfers

We reserve the right to disclose and/or transfer Information to another entity if we are acquired by or merged with another company, if we sell or transfer a business unit or assets to another company, if we undergo a bankruptcy proceeding, or if we engage in any other similar business transfer.

Aggregated and de-identified Information

We may disclose to our Customers and other third parties aggregated or de-identified User Information to be used for analytics, research and optimization of services purposes.

Your rights

The GDPR awards to Data Subjects the following rights, which you may exercise by contacting us.

Right to withdraw consent: You may withdraw your consent of processing your personal data at any time.

Right of correction/editing: You may ask us to correct your personal data.

Right of limitation: You may ask us to restrict the processing of your personal data if:

  • You question the accuracy of your personal data for the time it will take to verify the accuracy of the personal data;
  • Processing is illegal and you request the restriction of processing instead of the deletion of your personal data;
  • We no longer need your personal data, but you need it to support, exercise or defend legal claims.

Right of access: You may request from us information about the personal data of yours that we retain, including information about the categories of such personal data, the purpose of their use, where it was collected from, to whom they have been made known. You can obtain from us free of charge a copy of the personal data we keep for you. We reserve the right to charge a reasonable fee for any further copy you may request.

Right of data portability: At your request, we will transfer your data to another controller, where technically feasible, provided that the processing is based on your consent or is necessary for the performance of a contract. Instead of receiving a copy of your personal data, you may ask us to transfer the data to another controller.

Right to delete: You may ask us to delete your personal data if:

  • they are no longer necessary in relation to the purposes for which they were collected or processed,
  • you wish to exercise your right to object to any further processing of your personal data,
  • you withdraw your consent and there is no other legal basis for processing,
  • your personal data has been unlawfully processed unless the processing is necessary (a) to comply with a legal obligation, which requires processing by us or (b) to support, pursue or defend legal claims.

Right to object: You may object – at any time – to the processing of your personal data due to your particular situation, provided that the processing is not based on your consent but on our legitimate interest or on legitimate interests of third parties. In such case, we shall no more process your personal data unless we can prove that such use is justified by a legal reason and a legal right of ours superseding your right to object. If you object to us processing your data you are kindly requested to clarify whether you wish that such data is deleted or limited.

Right to lodge a complaint: In the event of an alleged breach of applicable privacy law, you may lodge a complaint with the competent data protection supervisory authority. You may contact the Cypriot Supervisory authority through the following website (dataprotection.gov.cy).

Limitation of access: In some cases, we may not be able to provide access to all or some of your personal data under legislation. If we refuse your request for access, we will inform you of the reason for this refusal. Also, in some cases we may not be able to search for your personal data because the information you provide is inadequate. In such cases, where we cannot identify you as a data subject, we are unable to comply with your request to enforce your legal rights as described in this article, unless you provide us with additional information that allows you to be identified.

Governing Law

The applicable law is Cypriot law, the General Regulation on the Protection of Personal Data 2016/679/EU, and in general the applicable national and European legislative and regulatory framework for the protection of personal data.

Updates

This Privacy Policy is current as of the Effective Date set forth above.

We may update this policy from time to time in order to reflect changes to the functionalities or services provided by our website or for other legal and regulatory reasons. Please check the website regularly for any changes to this Policy.

Contact Us

If you have questions about the privacy aspects of our website, please contact us at privacy@projectagora.com or contact our DPO at: dpo@thinkdigitalgroup.net.