Last updated: 01.04.2020
INTOLIGN LTD (“us”, “we”, or “our”) operates https://www.yourexceptionalrelationship.com (the “Site”). This page informs you of our policies regarding the collection, use and disclosure of Personal Information we receive from users of the Site.
1. Lawfulness of Processing
The processing of personal data shall only be lawful if there is a legal basis for processing. According to article 6, section 1 a – f GDPR, a legal basis can be as follows:
- The data subject has given consent to the processing of his or her personal data for one or more specific purposes;
- processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
- processing is necessary for compliance with a legal obligation to which the controller is subject;
- processing is necessary in order to protect the vital interests of the data subject or of another natural person;
- processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
- processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
2. Information Collection And Use
While using our Site, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. Personally identifiable information may include, but is not limited to your name (“Personal Information”).
Like many site operators, we collect information that your browser sends whenever you visit our Site (“Log Data”).
This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, the pages of our Site that you visit, the time and date of your visit, the time spent on those pages and other statistics.
the collection of personal data – (e-mail, contact form, customer account and online shop)
(1) In the following section, we would like to inform you about the collection of personal data when using our website (contact form, customer account and online shop)
(2) If you contact us by email or using our contact form, we will store the information you provide us with (your name and email address or telephone number) to respond to your query. We will erase the data we collected on this basis when it is no longer required or we will restrict the processing where we have to comply with statutory retention requirements.
(3) If you buy products or services through our site, we collect the data we need for the contract. These can be seen from the respective entry fields for registration or the order form. When ordering, we need at least the mandatory information marked with a *. We use this data in accordance with art. 6, section, 1 clause 1 b GDPR for the execution of contracts and for processing your inquiries.
If you choose to pay via credit card, it is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS).Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted. All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
(4) In addition to credit card payments, we offer other payment methods for the use of the web shop, using different payment service providers with whom we have concluded a data processing agreement. Depending on which payment method you choose, different data will be transmitted to the respective payment service provider. The legal basis for the transfer is article 6(1) clause 1 a, b, f GDPR.
(5) Due to commercial and tax regulations, we are obliged to save your address, payment and order data for a period of ten years if you are a resident of the EEA. However, after two years we will restrict the processing, i.e. your data will only be used to comply with legal obligations. The legal basis for this is article 6 section 1 clause 1 c, GDPR.
3. Use of External Tools on Our Website
We have integrated various tools from different companies into our website, which allow us to evaluate user behavior or to establish links with other websites.
We have integrated the component Google Analytics (with anonymisation function) on this website.
Google Analytics is a web analytics service. Web analysis is the gathering, collection and analysis of data about the behavior of visitors to websites. Among other things, a web analysis service collects data on which website a data subject has come to a website from (so-called referrers), which subpages of the website were accessed or how often and for which period of time a subpage was viewed. A web analysis is mainly used to optimize a website and for the cost-benefit analysis of Internet advertising.
The operator of the Google Analytics component is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.
As IP anonymization is activated on our website, your IP address will be shortened by Google within Member States of the European Union or other states in agreement with the European Economic Area. Only in exceptional cases, the full IP address is sent to and shortened by a Google server in the USA. On behalf of the operator of the website, Google will use this information to evaluate your use of the website, compile reports on website activity and to provide further services related to website and internet use to us. The IP address transferred through your browser to Google Analytics will not be combined with other data held by Google.
In addition, this website uses the Analytics feature UserID to track interaction data. This User ID will be additionally anonymized and encrypted and will not be linked with other data.
You can prevent the storage of cookies by a corresponding setting of your browser software; however, please note that if you do this, you may not be able to use all the features of this website to the fullest extent possible.
In addition, you may prevent the collection of the data generated by the cookie and related to your use of the website (including your IP address) by Google as well as the processing of this data by Google by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=en
In addition, a cookie already set by Google Analytics can be deleted at any time via the Internet browser or other software programs.
Further information and Google‘s applicable privacy regulations can be found at https://policies.google.com/privacy?hl=en and https://marketingplatform.google.com/about/ The following link provides a further explanation of Google Analytics https://marketingplatform.google.com/about/.
Our website also uses Google Analytics performance reports relating to demographics and interests and reports on Google Display Network impressions. You can disable Google Analytics for display advertising and customize the ads on the Google Display Network by visiting the ad settings at this link: https://adssettings.google.com.
Facebook Tracking Pixel
With your consent, we will use Facebook’s “tracking pixel”. This pixel can be used to track user behavior after they have been redirected to our website by clicking on a Facebook and / or Instagram ad. This allows us to record the effectiveness of Facebook and Instagram advertisements for statistical and market research purposes and, if necessary, to take optimization measures. The tracking of users who have landed on our website after clicking on one of our Facebook and Instagram ads can remain active up to 180 days.
The data collected in this way is anonymous for us, i.e. we do not see the personal data of individual users. However, this data is stored and processed by Facebook, about which we will inform you to the best of our knowledge.
Facebook may connect this data to the Facebook account and also use it for its own advertising purposes, according to its data usage policy.
If you want to disable cookie storage for Facebook, you can do so via your browser settings.
Facebook communication tools
We also use Facebook communication tools, especially the “Custom Audiences” and “Website Custom Audiences” products. Basically, a non-reversible and non-personal checksum (hash value) is generated from your usage data, which can be transmitted to Facebook for analysis and marketing purposes.
If you want to refuse the usage of Facebook’s “Website Custom Audiences”, you can do so by following this link: https://www.facebook.com/ads/Webseite_custom_audiences/.
In addition, we use Customer Match Lists within the framework of our Facebook advertising activities, for instance for “Lookalike Audiences” and remarketing. To use Customer Match, lists of encrypted user data are uploaded to Facebook. After the upload, the system checks which data is already known and places these users in a list. After creating the customer match lists, the encrypted customer data is automatically deleted. Facebook does not gather new addresses in this way (encryption).
To prevent Pinterest from associating your visit to our website with your Pinterest account, you must log out of your Pinterest account before visiting our site.
We may use your Personal Information to contact you with newsletters, marketing or promotional materials and other information that …
(1) With your consent, you can subscribe to our newsletter, with which we inform you about our current interesting offers. The advertised goods and services are named in the declaration of consent. The legal basis is article 6, section 1, clause 1 a, GDPR.
(2) We use the so-called double-opt-in-process for the registration to our newsletter. This means that after your registration we will send you an e-mail to the given e-mail address, in which we ask you for confirmation that you wish the newsletter to be sent. If you do not confirm your registration within 24 hours, your information will be blocked and automatically deleted after one month. In addition, we will store your IP addresses and times of registration and confirmation. The purpose of the procedure is to confirm your registration and, if necessary, to clarify any possible misuse of your personal data.
(3) After your confirmation, we will save your e-mail address for the purpose of sending you the newsletter.
(4) You can revoke your consent to the transmission of the newsletter at any time and unsubscribe from the newsletter. You can declare the cancellation by clicking on the link provided in each newsletter e-mail.
(5) We use the external service provider Get Response as a processor for the transmission of the newsletter. We have concluded a separate data processing agreement with the service provider to ensure the protection of your personal data. More information about Get Response can be found on the website http://getresponse.com/.
(6) Information for marketing campaigns will be stored outside the European Economic Area on our third-party mailing list provider’s servers. Please contact getresponse with questions or concerns about this.
(7) We use technologies such as tracking pixels (small graphic files) and tracked links in the emails we send to allow us to assess the level of engagement our emails receive by measuring information such as the delivery rates, open rates, click through rates and content engagement that our emails achieve.
(8) In compliance with the CAN-SPAM Act, all e-mails sent from our organization will clearly state who the e-mail is from and provide clear information on how to contact the sender. In addition, all e-mail messages will also contain concise information on how to remove yourself from our mailing list so that you receive no further e-mail communication from us.
Cookies are files with small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a web site and stored on your computer’s hard drive.
Because we care about the safety and privacy of children online, we comply with the Children’s Online Privacy Protection Act of 1998 (COPPA). COPPA and its accompanying regulations protect the privacy of children using the internet. We do not knowingly contact or collect information from persons under the age of 18. The website is not intended to solicit information of any kind from persons under the age of 18.
It is possible that we could receive information pertaining to persons under the age of 18 by the fraud or deception of a third party. If we are notified of this, as soon as we verify the information, we will, where required by law to do so, immediately obtain the appropriate parental consent to use that information or, if we are unable to obtain such parental consent, we will delete the information from our servers. If you would like to notify us of our receipt of information about persons under the age of 18, please do so by contacting us by using the details at the top of this policy.
7. Do Not Track
Please note that we do not alter our Site’s data collection and use practices when we see a Do Not Track signal from your browser. As previously outlined, you can change the collection of data by changing the cookie settings.
The security of your Personal Information is important to us, but remember that no method of transmission over the Internet, or method of electronic storage, is 100% secure. While we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security.
10. Your Data Protection Rights (European Residents)
(1) Right of information, article 15 GDPR
According to article 15, section 1 GDPR, you have the right to be informed of whether we process your personal data. If that is the case, you are entitled to further information (article 15, section 2 GDPR).
(2) Right of rectification, erasure or restriction of processing, article 16, 17 and 18 GDPR
According to article 16 GDPR, you have the right to demand – with immediate effect – the rectification of incorrect data and the completion of incomplete data – including by means of providing a supplementary statement.
In accordance with article 17 of the GDPR, you have the right to deletion of your personal data, especially if the processing of your personal data is not or no longer permissible.
(3) Right to object, article 21 GDPR
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning yourself which is based on point (e) or (f) of article 6(1), including profiling based on those provisions. We will then no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms.
You can exercise your right to object at any time by contacting us via one of the contact opportunities mentioned in our legal notice.
(4) Right to lodge a complaint with a supervisory authority
In addition, without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you is unlawful.
Please contact us first so that we can try to help.
11. Contact Us
Suite C, Level 7, World Trust Tower,
50 Stanley Street, Central, Hong Kong