Terms and Conditions
This privacy notice explains how CaaB by GNS LTD and its affiliates (“Company”) collect, use, store and share your personal data in relation to Company’s websites, products, services, and experiences (together, the “Services”).
1.1. This Privacy Notice (“PN”) is in effect as of the date set forth below.
1.2. You (“User”) are not under any legal obligation to submit personal data to Company. However, in case User chooses not to submit personal data to Company, User may not be able to become a User and/or use certain Services.
1.3. Company may change this PN from time to time, therefore User should check back periodically. Company will post any changes to this PN on its websites (the “Site”). If Company makes any changes to this PN that materially affect Company’s practices with regard to the personal data Company previously collected from User, Company will endeavor to provide User with notice in advance of such change by highlighting the change on the Site. Company will seek User’s prior consent to any material changes, if and where this is required by applicable data protection laws.
2.1. Information provided by User.
Company collects any data User provides Company with, including but not limited to:
2.1.1. User’s contact details (e.g. name, postal address, email address, phone number);
2.1.2. User’s payment information (e.g. credit card and bank account information);
2.1.3. User password and other authentication and security credential information;
2.1.4. Any communication between User and the Company, e.g. emails, phone conversations, chat sessions.
2.2. Information collected automatically
Company automatically collects data when User visits, interacts with, or uses the Services, including but not limited to:
2.2.1. Identifiers and information contained in cookies;
2.2.2. User’s settings preferences, backup information;
2.2.3. Uniform Resource Locators (URL) clickstream to, through, and from Company’s website and Services;
2.2.4. Content User viewed or searched for, page response times, and page interaction information (such as scrolling, clicks, and mouse-overs);
2.2.5. Network and connection information, such as the Internet protocol (IP) address and information about User’s Internet service provider;
2.2.6. Computer and device information, such as browser type and version, operating system, or time zone setting; the location of device;
2.3. Information collected by Third parties
Company receives information about User, including but not limited to: marketing, sales generation, search results and links, billing and payment history.
User is advised that the information collected by such third parties is not governed by this PN and that the Company has no control over such third parties’ privacy practices, or the technology used by them in order to collect any information or data. Each User is advised to thoroughly review such third parties’ privacy policies before making any use of their software products, or services.
3.1. The Company processes User’s personal data to operate, provide, and improve the Services, including but not limited to:
3.1.1. creating and managing User profiles;
3.1.2. contacting User by the Company and communicating with User with respect to the Services, e.g. by phone, email, chat; responding inquiries from User;
3.1.3. informing User about updates or offers;
3.1.4. personalizing the Services, i.e. identifying User’s interests and recommending offers that might be of interest to User;
3.1.5. marketing and promoting Company’s Services;
3.1.6. providing assistance and support;
3.1.7. fulfilling User requests; meeting contractual or legal obligations;
3.1.8. protecting Users security, e.g. preventing and detecting fraud;
3.1.9. internal purposes, e.g. troubleshooting, data analysis, testing and statistical purposes.
3.2. The Company may ask for User’s consent to use User’s personal data for a specific purpose which will be provided to User.
3.3. The Company does not use any personal data other than as necessary to execute the Services.
4.1. The Company uses tracking mechanisms such as cookies in order to provide the Services.
5.1. Company may be required to retain or disclose personal information in order to:
5.1.1. comply with applicable laws or regulations;
5.1.2. comply with a court order, subpoena or other legal process;
5.1.3. respond to a lawful request by a government authority, law enforcement agency or similar government body (whether situated in User’s jurisdiction or elsewhere);
5.1.4. engage with third-party service providers and/or subcontractors which provide services for Company’s business operations, a list of which can be received upon request.
5.1.5. disclose to third parties aggregated or de-identified information about Users for marketing, advertising, research, or other purposes;
5.1.6. disclose and/or transfer data to another entity if Company is acquired by or merged with another company, if Company sells or transfer a business unit or assets to another company, as part of a bankruptcy proceeding, or as part of any other similar business transfer;
5.1.7. Company believes release is appropriate to comply with the law, enforce or apply Company’s terms and other agreements, or protect the rights, property, or security of Company, Users, or others. This includes exchanging information with other companies and organizations for fraud prevention and detection and credit risk reduction.
Company has taken appropriate technical and organisational measures to protect the information Company collects about User from loss, misuse, unauthorized access, disclosure, alteration, destruction, and any other form of unauthorized processing. User should be aware, however, that no data security measures can guarantee 100% security.
Subject to the terms set forth herein, Company retains User data, until the earlier of the following:
(i) the time at which User requests to delete User’s data from the Services, in which case Company will delete the User’s data from the Services within 90 days; or
(ii) within 90 days of the time at which Company is entitled to delete User’s data in accordance with the Services (e.g., where access to the Services has been terminated by User or Company for any reason, as set forth in the TOU).
9.1. Legal Basis for Processing of Personal Data
The Company will only process User’s personal data if it has one or more of the following legal bases for doing so:
9.1.2. Legitimate Interest: Company has a legitimate interest to process User’s personal data;
9.1.3. Legal Obligation: processing of User’s personal data is necessary to comply with relevant law and legal obligations, including to respond to lawful requests and orders; or
9.1.4. Consent: processing of User’s personal data with User’s consent.
9.2. User’s Rights regarding Personal Data
9.2.1. Subject to applicable law, User has certain rights with respect to User’s Personal Data, including the following:
18.104.22.168. User may ask whether Company holds personal data about User and request copies of such personal data and information about how it is processed;
22.214.171.124. User may request that inaccurate personal data is corrected;
126.96.36.199. User may request the deletion of certain personal data;
188.8.131.52. User may request the Company to cease or restrict the processing of personal data where the processing is inappropriate;
184.108.40.206. When User consents to processing User’s personal data for a specified purpose by Company, User may withdraw User’s consent at any time, and Company will stop any further processing of User’s data for that purpose.
9.2.1. In certain circumstances, Company may not be able to fully comply with User’s request, such as if it is frivolous or extremely impractical, if it jeopardizes the rights of others, or if it is not required by law, however, in those circumstances, Company will still respond to notify User of such a decision.
9.2.2. User can exercise User’s rights of access, rectification, erasure, restriction, objection, and data portability by contacting the Company at [email protected] In some cases, Company may need User to provide Company with additional information, which may include personal data, if necessary to verify User’s identity and the nature of User’s request.
9.3. Transfer of User’s Personal Data outside of the EEA
9.3.1. The Company transfers data outside the EEA. As data is stored and processed by Company’s Israeli entity, Company relies on adequacy determinations. Data stored and processed by the Company’ flows between the EEA, the United States and Israel and. To ensure that EEA Data is adequately protected when transferred outside the EEA, the Data Protection Directive 95/46/EC and, as of May 25, 2018, the General Data Protection Regulation mandate that such transfers take place using certain legal mechanisms.
9.3.2. When transferring EEA data to Israel, Company relies on the European Commission’s decision that Israel offers adequate data protection for transfers from the EEA. When transferring personal data from the EEA to the US, we rely on the EU-US Privacy Shield.
9.3.3. Note: Company currently stores User data in the Company’s data centers located in the EEA and Israel.
The Company’s Services are not intended for children. Children under 18, may use the Services only with the involvement of a parent or guardian.
If User has any questions about this Privacy Notice or Company data practices generally, please contact us using the following information:
CaaB Computers and Communications Ltd.
Email: [email protected]
Last update: July 26th, 2018.