Povio Academy's Privacy Policy
Date of Last Revision: September 20, 2023
1. GENERAL
Controller:
TOKENS d. o. o. ("Tokens")
Dunajska cesta 117
1000 Ljubljana
Slovenia
If you have any questions about this Privacy Policy, please contact us at steklenidvor.tokens@gmail.com. You also have the right to lodge a complaint with a supervisory authority.
This Privacy Policy is meant to help you understand what information we collect, why we collect it, and how you can update, manage, export and delete your information.
At Tokens we respect your privacy, are committed to protecting it, and want you to be informed about the ways we use, share and protect the information that we collect. This Privacy Policy (“Policy”) serves to inform you of our policies and procedures regarding the processing (collection, use, disclosure or other operation) of the information
www.povio.academy (the “Site”) and any other websites, features, applications or online services that are owned or controlled by Tokensand that post a link to this Privacy Policy (together with the Site, the “Services”), as well as any information Tokens collects outside of the Site in connection with the Services or where links to this Privacy Policy. This policy also explains your choices about how we use information about you, how you can object to certain uses of information about you, and how you can access and update certain information about you.
In some cases of personal data processing, the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation, “GDPR”) applies based on the “targeting” criterion. This Policy is compliant with the GDPR.
By accessing or using the Services, you consent to the information collection, disclosure, and use practices described in this Privacy Policy. Please also review our Tokens Websites Terms & Conditions, which apply to your access and use of the Site, including all texts, images, sounds, videos, data, software, and content made available through the Site (the “Content”).
2. INFORMATION WE COLLECT AND PROCESS
At Tokens, we collect and process the information you provide to us, automatically collected information and information received from third parties.
Information you provide to us
You may provide us with information about you when you use our Services:
- Personal Information or Personal Data (“Personal Information”): In the course of using the Services (whether as a Client, Contractor, Site Visitor, Mobile Application user), we may require or otherwise collect information that identifies you as a specific individual and can be used to contact or identify you (“Personal Information”), such as your name and surname, email address, billing address, phone number, location, photos, financial account information.
- Non-Identifying Information: We may also collect other information, information regarding your use of the Services, and general project-related data (“Non-Identifying Information”). If possible, we render Personal Information into a form of Non-Identifying Information referred to as “Pseudonymised information”, in such a manner that it can no longer be attributed to you without the use of additional information.
- Combination of Personal and Non-Identifying Information: Certain Non-Identifying Information would be considered a part of your Personal Information if it were combined with other identifiers in a way that enables your identification. We may combine your Personal Information with Non-Identifying Information and will treat the combined information as Personal Information.
Automatically collected information
We may receive technical information when you use our Services. We use these technologies to analyze how people use our Services, to improve our Site functions, and save your log-in information for future sessions. This information may include the browser and operating system you are using, the Internet Protocol (“IP”) address, or other unique device identifiers (“Device Identifier”) for any device (computer, mobile phone, tablet, etc.) used to access our Services.
Tokens and its partners use cookies or similar technologies to analyze trends, administer the website, and track your movement around the website. The technology used to collect information automatically from Povio Academy Users may include the following:
- Cookies: A cookie is a small file containing a string of characters sent to your computer when you visit a website. When you revisit the website, the cookie allows that site to recognize your browser. Cookies may store user preferences and other information. You can reset your browser to refuse all cookies or to indicate when a cookie is being sent. However, some website features or services may not function properly without cookies. For further information on cookies and how they are used, please visit our Cookie Policy here.
- Embedded Scripts: We may also employ software technology known as an Embedded Script, a programming code designed to collect information about your interactions with the Services, such as the links you click on. The code is temporarily downloaded onto your computer or other device and is deactivated or deleted when you disconnect from the Services.
In addition, we may use a variety of other technologies (such as tags) that collect similar information for security and fraud detection purposes. We may use third parties to perform these services on our behalf.
Information received from third parties
We may collect the information about you from the following third-party sources:
- third parties who license, sell, or otherwise provide data they have collected (“Third-party Data”) or
- publicly available sources, such as via the Internet and social networks (“Public Data”)
As part of the Services, we may combine your Information with Third-party Data and/or Public Data to create more complete data records. If we combine the information we receive from others with information we collect through our Services, we will treat the combined information as described in this Privacy Policy.
3. HOW WE USE YOUR INFORMATION
We process your information for the purposes described in this policy, based on the following legal grounds:
- your consent We ask for your consent to the processing of your information for specific purposes. You have the right to withdraw your consent at any time
- when we are providing services We process your data to provide the services you’ve asked for under a contract or service agreement. Such processing is necessary for the performance of our contract or in order to take steps at your requests prior to entering into a contract
- when we are complying with legal obligations We will process your data when we have a legal obligation to do so, for example, if we respond to a legal process or an enforceable governmental request
- when we are pursuing legitimate interests We process your information for our legitimate interests and those of third parties while applying appropriate safeguards that protect your privacy. That means that we process your information for things such as developing new products and features useful to our Services’ users, marketing to inform users about our services, performing research that improves our services, etc
We use the information for the following purposes:
- to provide and improve our Services
- to complete your transactions, address your inquiries
- to verify the information you provide is valid and for compliance and internal business purposes
- to contact you
- to administer and develop our business relationship with you
- for the purposes disclosed at the time you provide your information
- internal accounting, bookkeeping and tax reporting purposes
4. INFORMATION SHARING AND DISCLOSURE
We may share information about you if sharing and disclosure are necessary for the performance of our Services, for compliance with any legal obligations, for the purposes of legitimate interests, or if you give us your consent to do so.
We may employ third parties (companies and individuals) to facilitate or enhance the Services, to provide the Services on our behalf, to assist us in analyzing how the Services are used, and to perform services related to administration of the Services or the Site (such as maintenance, payments, accounting, bookkeeping, tax preparation, legal, hosting and database management services, website analytics and administration). We may share your information with such third-party service providers so that they may perform these tasks on our behalf.
5. DATA RETENTION
We retain personal data for as long as necessary to fulfil the purposes described in this Privacy Policy, subject to our own legal and regulatory obligations.
6. ACCESSING, CHANGING OR DELETING YOUR INFORMATION
Suppose European Union (EU) data protection law applies to the processing of your information. In that case, we provide the controls described in this Privacy Policy so you can exercise the following rights:
- right of access by the data subject
- right to rectification
- right to object
- right to erasure (‘right to be forgotten’)
- right to restriction of processing
- right to data portability
- and explicitly the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal
all in accordance and within the deadlines as set out in GDPR.
You may review, update, correct or delete your Information, if not required to be retained by law or for legitimate business reasons, by making updates to that information through your online account or by contacting Tokens at steklenidvor.tokens@gmail.com. If you request to access, change or delete your personal information, we will respond to your request within 30 days.
We will use all reasonable efforts to honor your request to delete your information; however, certain information will actively persist on the Services even if you close your account/if we delete your information. In addition, your Personal Information may remain in our archives and information you update or delete, or information within a closed account, may persist internally or for our administrative purposes, especially if it is technically impossible to delete. It is not always possible to completely remove or delete information from our databases.
In relation to all procedures relating to the collection, processing and storage of your personal data, you have the right to appeal to the Information Commissioner of the Republic of Slovenia (
https://www.ip-rs.si/o-pooblascencu/osebna-izkaznica/).
7. SECURITY AND DATA BREACH
Because we are very concerned about your information’s confidentiality and security, we employ administrative, physical, and electronic measures designed to protect your information from unauthorized access. We implemented all appropriate technical and organizational measures to ensure a sufficient level of security:
- we use encryption and data pseudonymization
- we use different security features like 2 Step Verification
- we review our information collection, storage, and processing practices, including physical security measures, to prevent unauthorized access
- we restrict access to personal information to our contractors and processors who need that information in order to process it. Anyone with this access is subject to strict contractual confidentiality obligations
- our data access rights and levels are based on job function and role, using the least-privilege and need-to-know concepts to match access privileges to defined responsibilities
In the case of a personal data breach, we implemented appropriate procedures to notify competent authorities and, when the personal data breach is likely to result in a high risk to your rights and freedoms, we will communicate the personal data breach to you in accordance with the legal requirements and without undue delay.
8. INTERNATIONAL TRANSFER OF PERSONAL INFORMATION
We might process and store your information with our contractual partner in the United States. If you are located outside the United States and choose to provide information to us, Tokens transfers Personal Information to the United States for processing. When we transfer your information to the United States, we will protect it as described in this Privacy Policy. Using our Services or providing Tokens with any information, you fully understand and unambiguously consent to this transfer, processing, and storage of your information in the United States.
Tokens protects personally identifiable information from residents of the European Union, other European Economic Area countries, and Switzerland in accordance with applicable law, above all with the GDPR (including, as applicable, reliance upon your consent and EU-approved Standard Contractual Clauses).
9. CHANGES TO THIS POLICY
Tokens reserves the right to change and update this Privacy Policy at any time at its discretion. Tokens will post the changes to this Privacy Policy on the Site and will indicate the date this Privacy Policy was last revised at the top of this page. Any changes will be effective upon posting.