This is our Privacy and Data Protection Policy for all smartgb.com services. By signing up or using our services you acknowledge that you understand and accept our Privacy and Data Protection Policy.
The General Data Protection Regulation, GDPR, is a European legislation to protect the privacy and personal information of individuals living in the European Union. As a European company we follow GDPR. Some of the rights include the right to be informed about which personal data is collected and the right to erase or rectificate data.
We will act as data controller for the data we manage about you as a customer or visitor. If you use our services to manage any data for your customers or visitors, then you are the data controller and we are the data processor for this data. Please contact us if it is unclear if we are the data controller or data processor for your personal data.
Collecting and processing information
We collect personal information, such as name, email and website address when you register for a guestbook account, make a purchase or contact us.
We will also collect automatic information like IP-address and web browser for each visit and event on our website.
Information about your payment is stored at our secure payment service providers.
In some cases we also let third-party organizations collect and track data when you browse our website.
When you contact us, the personal data you enter will be saved. This includes all information in the email or contact form. We will save the data to provide you with a good and friendly support service for future contact occasions.
We collect and handle personal information in cases where it is necessary for us to deliver a functioning service and good experience to you, or to fulfill legal and contractual obligations.
We also use the collected information to display ads, stop abuse, analyze and improve our services and communicate with you as a customer.
For some services that we provide, like guestbooks, the data (like message text, name and email) collected from visitors will also be published on the Internet or presented to our customers.
The data is stored as long as we need them to meet the above requirements or as long as we are required by law.
The right of access:
Our customers are entitled to receive information about the personal data we process about the customer (registry extract) once a year. The customer should specify the categories of information the customer wants to request.
The right to rectification:
We are responsible for ensuring that the personal information we process is accurate and up to date. The customer is entitled to request that we correct incorrect information or supplement the customer's information.
The right to erasure:
The customer is entitled to request that the personal data of the customer be deleted. In some cases, it may not happen, for example, if the personal information is still needed for the purposes we have collected and processed. Keep in mind that we according to accounting laws, the personal data might have to be saved even after such a request has been handled.
The right to restrict processing:
The customer is, in some cases, entitled to require that the processing of their personal data is limited. In that case the personal data will be marked so that in the future they can only be processed for certain limited purposes.
The right to object:
The customer has the right to object to the processing of their personal data as we do based on interest-weighting. In that case, the customer needs to specify what treatment the customer is facing. In order to continue processing your personal information, we must then report that there are legitimate reasons why personal data must be treated as weighing heavier than the client's interests.
The right to data portability:
In some cases, the customer is entitled to obtain and use their personal information elsewhere (data portability). An example is when customers want to move their personal information to another service provider. The right to data portability refers only to personal data provided by the customer to us and which we process with the agreement of the customer or to fulfill the agreement we have with the customer.
Please note that we can only issue, delete or correct any information that we know with certainty belongs to the customer. All requests according to the above points must be made in writing and be signed by the customer. The request can be sent to us by e-mail or postal letter. The customer must attach a copy of valid ID document. The copy will be destroyed right away after it has been verified. Handling time is usually 30 days. If, for some reason, we can not meet your request or need more time, we will provide an explanation.
We have an Anti-Spam Policy, which means that we do not send unsolicited emails to any of the email addresses our system manages. If you believe you have received an unwanted email from us or our system, please contact us for a detailed report of who initiated the mail. We can also ensure that your email address will not receive any further emails from us in the future.
We do not rent, sell, or share your personal information with other people or non-affiliated parties except when needed in order to provide the services you have requested or with your express permission. This does not apply to organizations working close to us, such as our web hosting provider, server provider, Internet service provider or in a cases where we purchase a service from a third-party. We may also respond to valid legal processes, subpoenas, court orders or similar, when establishing or exercising our legal rights or defend against legal claims. We may also transfer personal information about you in case of a merge or acquisition.
You can delete your account at any time. Just log in to your account and access the Security setting menu.
We reserve the right to send you information related to our services, such as service announcements or security notices.
We may update this policy and we therefore ask you to review this policy at regular intervals.