+27 711 939 494 connect@flashstoneweb.com

PRIVACY POLICY

INTRODUCTION

The policy describes how we gather, store, utilise, and protect data that can be associated with you or another natural or juristic person, and can be used to identify you or that person. This information will be described in this document as “personal data”.

AUDIENCE

This policy applies to you if you are:

  • a visitor to our website; or
  • a customer who has ordered the goods or services that we provide.

PERSONAL DATA

Personal data includes:

  • Information that we collect automatically when you visit our website.
  • Information collected when you sign up for a FlashStone service.
  • Optional information that you provide to us voluntarily in order for us to build your website.

Personal data excludes:

  • Information that has been made anonymous so that it does not identify a specific person.
  • Non-personal statistical information collected and compiled by us.
  • Information that you have provided voluntarily in an open, public environment or forum including blogs, chat rooms, classifieds, or discussion boards. Once information has been disclosed in a public forum, it is no longer confidential and does not constitute personal data subject to protection under this policy.

TYPES OF PERSONAL DATA

Examples of the types of personal data which we may collect and process include:

  • Identifying information – such as your name or identification / passport number.
  • Contact information – such as your phone number or email address.
  • Your physical and/or postal address

SENSITIVE PERSONAL DATA

Depending on the services that you require, we may also collect sensitive personal data such as your bank account details.

ACCEPTANCE

Acceptance required

It is compulsory to accept the terms of this policy when you sign up for any FlashStone service.

Legal capacity

You may not sign up for any FlashStone service if you are younger than 18 years old or do not have legal capacity to conclude legally binding contracts.

Deemed acceptance

By accepting this policy, you are deemed to have read, understood, accepted, and agreed to be bound by all of its terms.

Your obligations

You may only send us your own personal data or the personal data of another data subject where you have their permission to do so.

CHANGES

We may change the terms of this policy at any time by updating this web page. We will notify you of any changes by sending you an email detailing the changes that we have made and indicating the date that they were last updated. If you do not agree with the changes, then you should notify us and stop using our services. If you continue to use the website or our services following notification of a change to the terms, the changed terms will apply to you and you will be deemed to have accepted those updated terms.

DATA COLLECTION

On Sign-Up:
Once you sign up for a FlashStone service, you will no longer be anonymous to us. You will provide us with certain personal data. This personal data may include:

  • your name and surname
  • your email address
  • your telephone number
  • your company name, company registration number, and VAT number
  • your postal address and/or street address

This data will be used to create your account and provide additional services and information to you as we reasonably think appropriate, and for any other purposes set out in this policy.

From browser:
We automatically receive and record internet usage information on our server logs from your browser, such as your Internet Protocol address (IP address), browsing habits, click patterns, version of software installed, system type, screen resolutions, colour capabilities, plug-ins, language settings, cookie preferences, search engine keywords, JavaScript enablement, the content and pages that you access on the website, and the dates and times that you visit the website, paths taken, and time spent on sites and pages within the website (usage information). Please note that other websites visited before entering our website might place personal data within your URL during a visit to it, and we have no control over such websites. Accordingly, a subsequent website that collects URL information may log some personal data.

COOKIES

We may place small text files called ‘cookies’ on your device when you visit our website. These files do not contain personal data, but they do contain a personal identifier allowing us to associate your personal data with a certain device. These files serve a number of useful purposes for you, including:

  • Tailoring our website’s functionality to you personally by letting us remember your preferences.
  • Improving how our website performs.

Your internet browser generally accepts cookies automatically, but you can often change this setting to stop accepting them. You can also delete cookies manually. However, no longer accepting cookies or deleting them will prevent you from accessing certain aspects of our website where cookies are necessary.

THIRD PARTY COOKIES

Some third party services in use (such as Google Analytics) use their own cookies or widgets on our website. We have no access to or control over them. Information collected by any of those cookies or widgets is governed by the privacy policy of the company that created it, and not by us.

OPTIONAL DETAILS

You may provide additional information to us on a voluntary basis. This includes content that you decide to upload or download from our website or when you enter competitions, take advantage of promotions, respond to surveys, order certain additional goods or services, or otherwise use the optional features and functionality of our website.

RECORDING CALLS

We may monitor and record any telephone calls that you make to us. This may include calls to mobile devices. We will delete the recording at your request, provided the recording does not affect an ongoing dispute.

PURPOSE FOR COLLECTION

We may use or process any services information, or optional information that you provide to us for the purposes that you indicated when you agreed to provide it to us. Processing includes gathering your personal data, disclosing it, and combining it with other personal data. We generally collect and process your personal data for various purposes, including:

  • Providing services to you.
  • Marketing
  • Business purposes:  Internal audits, accounting, business planning, or other transactions.
  • Legal purposes: Handling claims, complying with regulations, or pursuing good governance.

We may use your usage information for the purposes described above as well as:

  • monitoring website usage metrics such as total number of visitors and pages accessed, and
  • tracking your entries, submissions, and status in any promotions or other activities in connection with your usage of the website.

CONSENT

We will obtain your consent to collect personal data:

  • In accordance with applicable law
  • When you provide us with any personal / company information or optional information.

NEW PRODUCTS OR SERVICES

When we decide to develop a new product or start a new service that involves the processing of personal data, we take the privacy and data protection laws and principles into account and try to build them into the product or activity.

USE

Our obligations:
We may use your personal data to fulfil our obligations to you.

Messages and updates:
We may send administrative messages and email updates to you about our service. In some cases, we may also send you primarily promotional messages. You can choose to opt-out of promotional messages.

SHARING

We may share your personal data with:

  • Our service providers under contract who provide hosting and other services, including fraud prevention, bill collection, marketing, technology services (our contracts dictate that these goods suppliers or service providers only use your information in connection with the goods they supply or services they perform for us and not for their own benefit).
  • Credit bureaus to report account information, as permitted by law.
  • Banking partners as required by credit card association rules for inclusion on their list of terminated merchants (in the event that you utilise the services to receive payments and you meet their criteria).

REGULATORS

We may disclose your personal data as required by law or governmental audit.

LAW ENFORCEMENT

We may disclose personal data if required:

  • by a subpoena or court order;
  • to comply with any law;
  • to protect the safety of any individual or the general public; and
  • to prevent violation of our terms of service.

SELLING OF YOUR DATA

We will not sell personal data under any circumstances. No personal data will be disclosed to anyone except as provided in this privacy policy.

EMPLOYEES

We may need to disclose personal data to our employees who require this data to perform their duties. These include our responsible management, human resources, accounting, audit, compliance, information technology, or other personnel. Any of our employees or personnel that handle your personal data will have signed non-disclosure and confidentiality agreements.

CHANGE OF OWNERSHIP

If we undergo a change in ownership, or a merger with, acquisition by, or sale of assets to, another entity, we may assign our rights to the personal data we process to a successor, purchaser, or separate entity. We will disclose the transfer via email. If you are concerned about your personal data migrating to a new owner, you may request us to delete your personal data.

UNAUTHORISED DISCLOSURE

We cannot accept any liability whatsoever for unauthorised or unlawful disclosure of your personal data by third parties who are not subject to our control.

SECURITY

FlashStone will always do our best to comply with applicable data protection laws. We will implement and maintain appropriate measures to protect the security and confidentiality of your personal data. We host on a secure server environment that uses a firewall and other advanced security measures to prevent interference or access from outside intruders. All personal data is securely stored in our customer database. We authorize access to personal data only for those employees who require it to fulfil their job responsibilities. We implement disaster recovery procedures where appropriate.

SUPERVISORY AUTHORITY IN THE EU

We currently do not supply services to any clients in the EU and have no representative in the EU.

UPDATING OF DATA

We will try to keep the personal data we collect as accurate, complete and up to date as is necessary for the purposes defined in this policy. From time to time we may request you to update your personal data. You are able to review or update any of your personal data that we hold, by emailing us. Please note that in order to better protect you and safeguard your personal data, we may take steps to verify your identity before granting you access to your account or making any corrections to your personal data. Throughout your interaction with us you retain the right to rectify personal data that is incorrect or inaccurate.

RETENTION

We will only retain your personal data for as long as it is necessary to fulfil the purposes explicitly set out in this policy, unless:

  • retention of the record is required or authorised by law, OR
  • you have consented to the retention of the record.

During the period of retention, we will continue to abide by our non-disclosure obligations and will not share or sell your personal data.

TRANSFER TO ANOTHER COUNTRY

We may transmit or transfer personal data outside of the country in which it was collected to a foreign country and process it in that country. Personal data may be stored on servers located outside the country in which it was collected. You consent to us processing your personal data in a foreign country whose laws regarding processing of personal data may be less stringent.

UPDATING OR REMOVING

You may choose to correct or update the personal data you have submitted to us by contacting us via email. You are entitled to a right to be forgotten. We will delete any personal data that you don’t want us to have.

RESTRICTION OF PROCESSING

You may request that we restrict the use of your personal data. When we restrict your personal data, we still have the right to store it but not use it.

DATA PORTABILITY

If you want to transfer your data from us to another data controller we will facilitate this transfer. We will pass on the relevant personal data to the data controller. This excludes sensitive data such as banking details, debit order mandates and data specific to your FashStone account.

DATA BREACHES

We will notify our customers of any confirmed data breaches that has occurred. It is our customers’ responsibility to notify relevant supervisory authority and any affected data subjects of the data breach.

LIMITATION

We are not responsible for, give no warranties, nor make any representations in respect of the privacy policies or practices of linked or any third-party websites.

ENQUIRIES

If you have any questions or concerns arising from this privacy policy, please email us at info@flashstoneweb.com.