Merchant Privacy Policy
We take privacy issues very seriously at Enigmatic Smile (“we”, “us”, “our”) and we are fully committed to protecting your privacy. Please read this Privacy Policy carefully as it contains important information regarding how we collect, store, process, transfer, share and use information about you, and information regarding our use of cookies and similar technologies.
Please note that any changes to the Privacy Policy will become effective as of the date of posting the revised policy.
For the purposes of EU data protection laws (“Data Protection Legislation”), Enigmatic Smile is the data controller (i.e. the company which is responsible for, and controls the processing of, your personal data).
This Privacy Policy applies to information we collect and use about visitors to the Merchant Portal. Please read this Privacy Policy carefully in order to understand our views and practices regarding your personal data and how we will treat it.
- Collection, use and disclosure of personal data
- We collect personal data about you when you voluntarily submit information directly to us when you access and use the Merchant Portal. This can include information you provide to us when you e-mail us using the links on the Merchant Portal, fill in a form, correspond with us via the Merchant Portal, phone, email or otherwise, subscribe to our mailing lists, newsletters or other forms of marketing communications, respond to surveys or use some other feature of the Merchant Portal as available from time to time.
- If you choose not to provide personal data, we may not be able to provide access to the Merchant Portal to you or respond to your other requests.
- The table at Annex 1 sets out the categories of personal data we collect about you, how we use such information and how it is disclosed. The table also lists the legal basis which we rely on to process the personal data.
- We also automatically collect personal data about you indirectly, including about how you access and use the Merchant Portal and information about the device you use to access the Merchant Portal.
- The table at Annex 2 sets out the categories of personal data we collect about you automatically and how we use that information. The table also lists the legal basis which we rely on to process the personal data.
- We may link or combine the personal data we collect about you and the information we collect automatically. This allows us to provide you with a personalised experience regardless of how you interact with us.
- We may anonymise and aggregate any of the personal data we collect (so that it does not directly identify you). We may use anonymised information for our business purposes including testing our IT systems, research, data analysis, improving the Merchant Portal and developing new products and features. We may also share such anonymised information with others.
- Disclosures of your personal data
- We may have to share your personal data with the following parties for the purposes set out as follows, as further detailed in Annex 1 and Annex 2:
- Service providers and advisors. Personal data may be disclosed to third party vendors and other service providers that perform services for us, on our behalf, which may include identifying and serving targeted advertisements (for example, on Facebook and Twitter), providing payment, mailing or email services, tax and accounting services, data enhancement services, fraud prevention services, web hosting, and/or analytic services.
- Purchasers and third parties in connection with a business transaction. Personal data may be disclosed to third parties in connection with a transaction, such as a merger, sale of assets or shares, reorganisation, financing, change of control or acquisition of all or a portion of our business.
- Law enforcement, regulators and other parties for legal reasons. Personal data may be disclosed to third parties as required by law or if we reasonably believe that such action is necessary to (a) comply with the law and the reasonable requests of law enforcement; (b) to protect the security or integrity of the service; and/or (c) exercise or protect the rights, property, or personal safety of users of the Service or others.
- We may have to share your personal data with the following parties for the purposes set out as follows, as further detailed in Annex 1 and Annex 2:
- Retention periods
- We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for (as set out in paragraph 2.1 above, and in Annex 1 and Annex 2 below), including for the purpose of satisfying and legal, accounting, or reporting requirements.
- To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data, and whether we can achieve those purposes through other means, and the applicable legal requirements.
- In some circumstances, you can ask us to delete your data: see paragraph 5.2.4 below for further information.
- In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
- Storing and transferring your personal data
- Security. We implement appropriate technical and organisational measures to protect your personal data against accidental or unlawful destruction, loss, change or damage. All personal data we collect will be stored on secure servers. All electronic transaction entered into via the Merchant Portal will be protected by SSL encryption technology.
- International Transfers of your Personal Data. Your personal data may be transferred to, and processed and stored in, countries outside of the jurisdiction you are in where we and our third party service providers have operations. If you are located in the European Economic Area (“EEA”), your personal data may be processed outside of the EEA, including, for example, in the United States (an “International Transfer”). Any International Transfers of your personal data are made either:
(a) to a country or territory ensuring an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data as determined by the European Commission;
(b) to a third party that is a member of a compliance scheme recognised as offering adequate protection for the rights and freedoms of data subjects as determined by the European Commission, such as the EU-U.S. Privacy Shield; or
(c) pursuant to appropriate safeguards, such as the Standard Contractual Clauses (processors) approved by European Commission Decision C(2010)593 or any subsequent version thereof released by the European Commission. If you wish to enquire further about these safeguards used, please contact us using the details set out at the end of this Policy.
- Your rights in respect of your personal information
- This section applies to you if you are located in the EEA.
- In accordance with applicable privacy law, you have the following rights in respect of your personal information that we hold:
- Right of access. You have the right to obtain:
- confirmation of whether, and where, we are processing your personal information;
- information about the categories of personal information that we are processing, the purposes for which we process your personal information, and information as to how we determine applicable retention periods;
- information about the categories of recipients with whom we may share your personal information; and
- a copy of the personal information we hold about you.
- Right of portability. You have the right, in certain circumstances, to receive a copy of the personal information you have provided to us in a structured, commonly used, machine-readable format that supports re-use, or to request the transfer of your personal data to another person.
- Right to rectification. You have the right to obtain rectification of any inaccurate or incomplete personal information that we hold about you without undue delay.
- Right to erasure. You have the right, in some circumstances, to require use to erase your personal information without undue delay, if the continued processing of that personal information is not justified.
- Right to restriction. You have the right, in some circumstances, to require us to limit the purposes for which we process your personal information if the continued processing of the personal information in this way is not justified, such as where the accuracy of the personal information is contested by you, for a period enabling us to verify the accuracy of that personal information.
- Right of objection. You have a right to object to processing of your personal information, based on legitimate interests and direct marketing.
- Right of access. You have the right to obtain:
- If you wish to exercise one of these rights, please contact us using the contact details at the end of this Privacy Policy.
- You also have the right to lodge a complaint to your local data protection authority. Further information about how to contact your local data protection authority is available at https://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.
- Cookies and similar technologies
- The Merchant Portal uses cookies and similar technologies to distinguish you from other users of the Merchant Portal. This helps us to provide you with a good experience when you browse the Merchant Portal and also allows us to improve the Merchant Portal.
- Cookies are pieces of code that allow for personalisation of the Merchant Portal experience by saving your information such as user ID and other preferences. A cookie is a small data file that we transfer to your device’s hard disk (such as your computer or smartphone) for record-keeping purposes.
- We use the following types of cookies:
- Strictly necessary cookies. These are cookies that are required for the essential operation of the Merchant Portal such as to authenticate users and prevent fraudulent use.
- Analytical/performance cookies. These allow us to recognise and count the number of visitors and to see how visitors move around the Merchant Portal when they are using it. This helps us to improve the way the Merchant Portal works, for example, by ensuring that users are finding what they are looking for easily.
- Functionality cookies. These are used to recognise you when you return to the Merchant Portal. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
- Targeting cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it, and the marketing messages we send to you more relevant to your interests. We may also share this information with third parties who provide a service to us for this purpose.
- Third party cookies. Please be aware that advertisers and other third parties may use their own cookies tags when you click on an advertisement or link on our website. These third parties are responsible for setting out their own cookie and privacy policies.
- The cookies we use are designed to help you get the most from the Merchant Portal but if you do not wish to receive cookies, most browsers allow you to change your cookie settings. Please note that if you choose to refuse cookies you may not be able to use the full functionality of the Merchant Portal. These settings will typically be found in the “options” or “preferences” menu of your browser. In order to understand these settings, the following links may be helpful, otherwise you should use the “Help” option in your browser for more details.
- We participate in interest-based advertising and use third party advertising companies to serve you targeted advertisements based on your online browsing history and your interests. To do this, we or our advertising partners may collect information about how you use or connect to the Merchant Portal, or the types of other websites, social media services, content and ads that you (or others using your device) visit or view or connect to the Merchant Portal. Typically, this information is collected through cookies and similar tracking technologies.
- If you only want to limit third party advertising cookies, you can turn such cookies off by visiting the following links (please bear in mind that there are many more companies listed on these sites than those that drop cookies via our website):
- We also use clear gifs in HTML-based emails sent to our Customers to track which emails are opened and which links are clicked by recipients. The information allows for more accurate reporting and improvement of the Merchant Portal. You can set your e-mail options to prevent the automatic downloading of images that may contain these technologies that would allow us to know whether you have accessed our e-mail and performed certain functions with it.
- If you would like to find out more about cookies and other similar technologies, please visit allaboutcookies.org or the Network Advertising Initiative’s online resources at networkadvertising.org.
- Links to third party sites
The Merchant Portal may, from time to time, contain links to and from third party services. If you follow a link to any of these services, please note that these services have their own privacy policies and that we do not accept any responsibility or liability for their policies. Please check the individual policies before you submit any information to those services.
- Our policy towards children
The Merchant Portal is not directed at persons under 18 and we do not knowingly collect personal data from persons under 18.
- Changes to this policy
We evaluate our privacy policies and procedures to implement improvements and refinements from time to time. Accordingly, we may update this Privacy Policy from time to time, and so you should review this page periodically. If we make material changes to this Privacy Policy, we will update the “last updated” data at the start of this Privacy Policy. Changes to this Privacy Policy are effective when they are posted on this page.
- Notice to you
If we need to provide you with information about something, whether for legal, marketing or other business related purposes, we will select what we believe is the best way to get in contact with you. We will usually do this through email or by placing a notice on the Merchant Portal. The fact that we may send notices to you will not stop you from being able to opt out of certain types of contact as described in this Privacy Policy.
- Contacting us
Questions, comments and requests regarding this Policy are welcome and should be addressed to hello@fidelapi.com.
Annex 1
Personal information we may collect when you use the merchant portal
Category of personal information | How we use it | Legal basis for the processing |
---|---|---|
Contact information and basic personal details such as your first name, last name, phone number, and e-mail address. | We use this information to operate, maintain and provide to you the features of the Merchant Portal. We use this information to communicate with you, including sending Merchant Portal-related communications (such as invoices and information about updates to the Merchant Portal, and any news, alerts and marketing communications (in line with your settings and options)). We use this information to deal with enquiries and complaints made by or about you relating to the Merchant Portal. | The processing is necessary for our legitimate interests, namely administering the Merchant Portal, for marketing purposes and communicating with users. |
Information provided by third parties. From time to time, we may receive information about you from third parties and other users. We may obtain information from third parties to enhance or supplement our existing user information. We may also collect information about you that is publicly available. | We may combine this information with the information we collect from you directly. We use this information to contact you, to send you advertising or promotional materials or to personalise our Merchant Portal, to pre-populate online forms, and to better understand the demographics of our users. | The processing is necessary for our legitimate interests, namely to tailor our Merchant Portal to the user and to improve our Merchant Portal generally. |
All personal information set out above. | We will use all the personal information we collect to operate, maintain and provide to you the features and functionality of the Merchant Portal, to communicate with you, to monitor and improve our Merchant Portal and business, and to help us develop new products and services. | The processing is necessary for our legitimate interests, namely to administer and improve the Merchant Portal. |
Annex 2
Personal information collected automatically
Category of personal information | How we use it | Legal basis for the processing |
---|---|---|
Information about how you access and use the Merchant Portal including, for example, how frequently you access the Merchant Portal, the time you access the Merchant Portal and how long you use the Merchant Portal for, whether you access the Merchant Portal from multiple devices, the website from which you came and the website to which you go when you leave the Merchant Portal, and other actions you take on the Merchant Portal. | We use this information to present the Merchant Portal to you on your device. We use this information to administer the Merchant Portal for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes, and to help us develop new products and services. We use this information to detect and prevent fraud. | The processing is necessary for our legitimate interests, namely to tailor the Merchant Portal to the user and improve the Merchant Portal generally. The processing is necessary for our legitimate interests, namely communicating with users and responding to queries, complaints, and concerns, and for developing and improving the Merchant Portal. The processing is necessary for our legitimate interests, namely the detection and prevention of fraud. |
All personal information set out above. | We will use all the personal information we collect to operate, maintain and provide to you the features and functionality of the Merchant Portal, to monitor and improve our Merchant Portal and business, and to help us develop new products and services. | The processing is necessary for our legitimate interests, namely to administer and improve the Merchant Portal. |