DATA PROTECTION
Introduction
​
We take the protection of our website users' data very seriously and are committed to protecting the information that users provide to us in connection with their use of our website. Furthermore, we are committed to protecting and using your data in accordance with applicable law.
This Privacy Policy explains our practices regarding the collection, use, and disclosure of your data through your use of our digital assets (the “Services”) when you access the Services through your devices.
Please read the Privacy Policy carefully and ensure that you fully understand our practices regarding your data before using our Services. If you have read and fully understand this Policy and do not agree with our practices, you must stop using our digital assets and Services. By using our Services, you agree to the terms of this Privacy Policy. Your continued use of the Services constitutes your agreement to this Privacy Policy and any changes to it.
In this Privacy Policy, you will learn:
How we collect data
What data we collect
Why we collect this data
Who we share the data with
Where the data is stored
How long the data is retained
How we protect the data
How we deal with minors
Updates or changes to the Privacy Policy
What data do we collect?
Category: Always
Below is an overview of the data we may collect:
Unidentified and unidentifiable information that you provide during the registration process or that is collected through your use of our services (“non-personal data”). Non-personal data does not allow any conclusions to be drawn about who it was collected from. The non-personal data we collect consists mainly of technical and aggregated usage information.
Individually identifiable information, i.e., any information that can be used to identify you or could be used to identify you with reasonable effort (“personal data”). The personal data we collect through our services may include information requested from time to time, such as names, email addresses, addresses, phone numbers, IP addresses, and more. When we combine personal data with non-personal data, we treat it as personal data for as long as it remains combined.
How do we collect data?
Category: Always
Below are the main methods we use to collect data:
We collect data when you use our services. So when you visit our digital assets and use our services, we may collect, record, and store your usage, sessions, and related information.
We collect data that you provide to us yourself, for example, when you contact us directly via a communication channel (e.g., an email with a comment or feedback).
We may collect data from third-party sources as described below.
We collect data that you provide to us when you sign up for our services through a third-party provider such as Facebook or Google.
Why do we collect this data?
Category: Always
We may use your data for the following purposes:
to provide and operate our services;
to develop, customize, and improve our services;
to respond to your feedback, requests, and preferences, and to offer assistance;
to analyze demand and usage patterns;
for other internal, statistical, and research purposes;
to improve our data security and fraud prevention capabilities;
to investigate violations and enforce our terms and policies, and to comply with applicable law, regulations, or government orders;
to send you updates, news, promotional materials, and other information related to our services. In the case of promotional emails, you can decide for yourself whether you wish to continue receiving them. If not, simply click on the unsubscribe link in these emails.
Who do we share this data with?
Category: Always
We may share your data with our service providers in order to operate our services (e.g., storage of data via third-party hosting services, provision of technical support, etc.).
We may also disclose your data in the following circumstances: (i) to investigate, detect, prevent, or take action against illegal activities or other misconduct; (ii) to establish or exercise our rights of defense; (iii) to protect our rights, property, or personal safety, as well as the safety of our users or the public; (iv) in the event of a change of control at our company or one of our affiliated companies (by way of a merger, acquisition, or purchase of (substantially) all assets, etc.); (v) to collect, store, and/or manage your data using authorized third-party providers (e.g., cloud service providers), to the extent appropriate for business purposes; (vi) to work with third-party providers to improve your user experience. To avoid any misunderstanding, we would like to point out that we cannot transfer or disclose non-personal data to third parties at our own discretion or use it in any other way.
Category: User has a blog or forum
Please note that our services enable social interactions (e.g., publicly posting content, information, and comments, and chatting with other users). Please note that any content or data you provide in these areas may be read, collected, and used by others. We advise against posting or sharing information that you do not want to make public. If you upload content to our digital assets or otherwise make it available in connection with your use of a service, you do so at your own risk. We cannot control the actions of other users or members of the public who have access to your data or content. You acknowledge and agree that copies of your data may remain available on cached and archived pages or after third parties have made a copy/storage of your content, even after it has been deleted.
Cookies and similar technologies
When you visit or access our services, we authorize third parties to use web beacons, cookies, pixel tags, scripts, and other technologies and analytics services (“tracking technologies”). These tracking technologies may enable third parties to automatically collect your data in order to improve the navigation experience on our digital assets, optimize their performance, and ensure a customized user experience, as well as for security and fraud prevention purposes.
To learn more, please read our Cookie Policy.
Category: The user is NOT connected to an advertising service
We will not share your email address or other personal data with advertising companies or advertising networks without your consent.
Category: The user is connected to an advertising service, a campaign manager, or Facebook Ads
We may serve ads through our services and digital assets (including websites and applications that use our services) that may be tailored to you, such as ads based on your recent browsing activity on websites, devices, or browsers.
To deliver these ads to you, we may use cookies and/or JavaScript and/or web beacons (including clear GIFs) and/or HTML5 local storage and/or other technologies. We may also use third parties, such as network advertisers (i.e., third parties who display advertisements based on your website visits), to serve targeted advertisements. External advertising network providers, advertisers, sponsors, and/or website traffic measurement services may also use cookies and/or JavaScript and/or web beacons (including clear GIFs) and/or Flash cookies and/or other technologies to measure the effectiveness of their advertisements and to customize advertising content for you. These third-party cookies and other technologies are subject to the specific privacy policy of the respective third party and not this one.
Where do we store the data?
Category: Always
Non-personal data
Please note that our companies and our trusted partners and service providers are located around the world. For the purposes described in this Privacy Policy, we store and process all non-personal data we collect in various jurisdictions.
Category: User collects personal data
Personal data
Personal data may be maintained, processed, and stored in the United States, Ireland, South Korea, Taiwan, Israel, and, to the extent necessary for the proper provision of our services and/or as required by law (as further explained below), in other jurisdictions.
How long is the data retained?
Category: Always
Please note that we retain the data we collect for as long as necessary to provide our services, comply with our legal and contractual obligations to you, resolve disputes, and enforce our agreements.
We may correct, supplement, or delete inaccurate or incomplete data at any time at our sole discretion.
How do we protect the data?
Category: Always
The hosting service for our digital assets provides us with the online platform through which we can offer you our services. Your data may be stored via our hosting provider's data storage, databases, and general applications. It stores your data on secure servers behind a firewall and provides secure HTTPS access to most areas of its services.
Category: User accepts payments/eCom
All payment options offered by us and our hosting provider for our digital assets comply with the PCI DSS (Payment Card Industry Data Security Standard) regulations of the PCI Security Standards Council (Payment Card Industry Security Standards Council). This is a collaboration between brands such as Visa, MasterCard, American Express, and Discover. PCI DSS requirements help ensure the secure handling of credit card data (including physical, electronic, and procedural measures) by our store and service providers.
Category: Always
Notwithstanding the measures and efforts taken by us and our hosting provider, we cannot and do not guarantee absolute protection and security of the data you upload, publish, or otherwise share with us or others.
For this reason, we ask that you set secure passwords and, where possible, refrain from sharing confidential information with us or others that you believe could cause you significant or lasting harm if disclosed. Since email and instant messaging are not considered secure forms of communication, we also ask that you refrain from sharing confidential information via these channels.
How do we deal with minors?
Category: User does NOT collect data from minors
The Services are not intended for users who have not reached the legal age of majority. We will not knowingly collect data from children. If you are not of legal age, you should not download or use the Services or provide us with any information.
We reserve the right to request proof of age at any time so that we can verify whether minors are using our Services. In the event that we become aware that a minor is using our Services, we may prohibit such users from accessing our Services and block them, and we may delete any data we have stored about such users. If you have reason to believe that a minor has provided us with data, please contact us as described below.
Category: User collects data from minors
Children may use our services. However, if they wish to access certain features, they may be required to provide certain information. Some data (including data collected via cookies, web beacons, and other similar technologies) may be collected automatically. If we knowingly collect, use, or disclose data collected from a child, we will notify the child's parents and obtain their consent in accordance with applicable law. We do not require a child to provide more contact information than is reasonably necessary to participate in an online activity. We use the data we collect only in connection with the services requested by the child.
We may also use a parent's contact details to communicate about the child's activities on the Services. Parents can view the data we have collected from their child, prohibit us from collecting further data from their child, and request that all data we have collected be deleted from our records.
Please contact us to view, update, or delete your child's data. To protect your child, we may ask you to provide proof of your identity. We may deny you access to the data if we believe your identity is questionable. Please note that certain data cannot be deleted due to other legal obligations.
Category: Always
We only use your personal data for the purposes set out in the Privacy Policy and only if we believe that:
the use of your personal data is necessary to fulfill or conclude a contract (e.g., to provide you with the services themselves or customer service or technical support);
the use of your personal data is necessary to comply with relevant legal or regulatory obligations, or
the use of your personal data is necessary to support our legitimate business interests (provided that this is always done in a manner that is proportionate and respects your privacy rights).
As an EU resident, you may:
request confirmation as to whether or not personal data concerning you is being processed, and request access to your stored personal data and certain additional information;
request the receipt of personal data you have provided to us in a structured, commonly used, and machine-readable format;
request the rectification of your personal data stored by us;
request the deletion of your personal data;
object to our processing of your personal data;
request the restriction of the processing of your personal data; or
file a complaint with a supervisory authority.
Please note, however, that these rights are not unlimited and may be subject to our own legitimate interests and regulatory requirements. If you have general questions about the personal data we collect and how we use it, please contact us as indicated below.
In the course of providing the Services, we may transfer data across borders to affiliated companies or other third parties and from your country/jurisdiction to other countries/jurisdictions worldwide. By using the Services, you consent to the transfer of your data outside the EEA.
If you are located in the EEA, your personal data will only be transferred to locations outside the EEA if we are satisfied that an adequate or comparable level of protection for personal data exists. We will take appropriate steps to ensure that we have adequate contractual arrangements in place with our third parties to ensure that appropriate safeguards are in place to minimize the risk of unlawful use, alteration, deletion, loss, or theft of your personal data and that these third parties act in accordance with applicable laws at all times.
Rights under California Consumer Privacy Act.
If you use the Services as a California resident, you may be entitled to request access to and deletion of your data under the California Consumer Privacy Act (“CCPA”).
To exercise your right to access and delete your data, please see below for how to contact us.
Category: The website does not sell its users' data.
We do not sell users' personal data for the purposes and intentions of the CCPA.
Category: Websites with a blog or forum.
Users of the Services who are California residents and under the age of 18 may request and obtain the deletion of their published content by emailing us at the address provided in the “Contact” section below. These requests must all be labeled “California Removal Request.” All requests must include a description of the content you wish to have deleted and sufficient information to help us locate the material. We will not accept notifications that are not labeled or submitted properly, and we may not be able to respond if you do not provide sufficient information. Please note that your request does not guarantee that the material will be completely or comprehensively deleted. For example, material you have published may be republished or reposted by other users or third parties.
​
​
Updates or changes to the privacy policy
Category: Always
We may revise this privacy policy from time to time at our discretion; the version published on the website is always the current one (see “Status” information). We encourage you to review this Privacy Policy regularly for changes. If we make material changes, we will post a notice on our website. If you continue to use the Services after notification of changes to our website, this shall be deemed your confirmation and consent to the changes to the Privacy Policy and your agreement to be bound by the terms of such changes.
Contact
Category: Always
​
If you have general questions about the services or the data we collect about you and how we use it, please contact us at:
Name: OBERLECHNER HOLZ GMBH
Address: Via Centro 22/C, 39030 Selva dei Molini, Italy
Email address: info@oberlechner-holz.com