IoThink Solutions Privacy Policy

1. INTRODUCTION

Welcome to IoThink Solutions Privacy Policy. This Privacy Policy gives you information about how IoThink collects and uses your personal data through your use of this website, including any data you may provide when you register with us or purchase a product or service.

Controller

IoThink is the controller and responsible for your personal data collectively referred to as “IoThink”, “we”, “us” or “our” in this privacy policy.

IoThink Solutions, having its registered office at Technopolis, Bâtiment P, 5 Chemin des Presses, 06800 Cagnes-sur-Mer, France.

If you have any questions about this privacy policy, including any requests to exercise your legal rights, please contact Us using the information set out in the contact details section.

2. THE TYPES OF PERSONAL DATA WE COLLECT ABOUT YOU

For the purpose of this Privacy Policy, personal data means any information about you which can used to identify you as an individual.

We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

  • Registration Information: We will collect information directly provided by you such as first name, last name, username or similar identifier, company name, title, job role, email address, telephone number, company address for any invoices.
  • Payment and Billing Information: We will collect this information which will be directly provided by you which includes, billing address, delivery address for any purchases, company bank account details or any other payment details which is required when you purchase our products or other similar financial transaction. We may also collect details about payments to and from you and other details of products and services you have purchased from us.
  • Technical Data: We will collect this automatically when you use our website, products and services. This includes your IP address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, device ID and name, and other technology on the devices you use to access our website.
  • Usage Data and Marketing Data: We also collect information about how you interact with and use our website, products and services, and your preferences in receiving marketing and communication from us and our third parties.

We also collect, use and share aggregated data such as statistical which is not personal data as it does not directly (or indirectly) identify you.

3. HOW IS YOUR PERSONAL DATA COLLECTED?

We collect data from you using different methods including:

  • Your interactions with us. You may give us your personal data by filing in online forms or by corresponding with us by post, phone, email or other means. This includes personal data you may provide when you, apply for our products or services, create an account on our website, subscribe to our service or publications, request marketing to be sent to you, enter competition, promotions or survey or give us feedback or contact us.
  • Through your use of our products and services. As you interact with our website, we will automatically collect technical data about your equipment, browsing actions and patterns. We collect this personal data by using cookies and other similar technologies. For further information on cookies, please see below.
  • Third parties or publicly available sources: To enhance our ability to provide relevant marketing, offers, and services to you, we may obtain information about you from other sources, such as public databases, analytics providers (such as Google), advertising networks, joint marketing partners, social media platforms, as well as from other third parties.
  • Offline data gathering: We may collect personal information from you offline in various situations, such as when you attend our events, meet with us in person, speak with a sales representative over the phone, or reach out to our customer service or support teams.

4. HOW WE USE YOUR PERSONAL DATA

We collect and use your personal information to provide, manage and operate our services. For example, we use your personal information for the following purposes:

  • Provide and perform IoThink products and services: We use your personal information to provide, perform and deliver IoThink products and services in accordance with our contractual obligations or the legal basis of legitimate interest.

  • Legitimate interest: We may use your personal data where it is necessary to conduct our business and pursue our legitimate interests, for example, we use your information to prevent fraud and to provide you with the best and most secure experience possible. Before using your personal data for our legitimate business purposes, we carefully consider and balance any potential impact on you and your rights, both positive and negative. We will not use your personal data in ways that could negatively affect you unless we have your consent or are required or allowed to do so by law.

  • Legal obligation: We may use your personal data where it is necessary for compliance with a legal obligation that we are subject to which requires us to collect, use or retain certain personal information.

  • Customer support: We use your personal information to address your inquiries and offer customer support services, helping to enhance your experience with our products and services.

  • Consent: We only rely on your consent when we've received your clear agreement to use your personal data for a specific purpose, like when you sign up for an email newsletter.

  • To Improve Our Products and Services: We may use your personal information to enhance and develop what we offer, such as by analysing how you use our products and services and evaluating their performance

  • For Marketing Purposes: We may, subject to your consent, use your personal information to provide marketing that is tailored to your use of our products and services. This is discussed in more detail in Section 5.

5. MARKETING COMMUNICATION

DIRECT MARKETING

Marketing Communication refers to the various methods we use to inform customers about our products and services for commercial purposes. We may send you marketing emails if you have given your specific consent or if you are an existing customer of similar IoThink products and services. Additionally, we may send offers through regular mail, SMS, social media, coupons, or other communication channels. With your consent, we may use your personal information to provide personalized offers based on your interests and usage of IoThink products, services, and digital channels. For instance, we may analyse your personal preferences based on your use of our services, purchase history, participation in promotions or surveys, and other data obtained voluntarily or automatically.

THIRD-PARTY MARKETING

We will get your express consent before we share your personal data with any third party for their own direct marketing purposes.

OPTING OUT

You can withdraw your consent at any time by opting out of marketing emails using the "unsubscribe" link in those emails. If you wish to opt out of receiving tailored offers through other communication channels, please contact us directly.

Please note that you cannot opt out of receiving important administrative messages, such as notifications from the User Console and email notifications regarding your account.

6. COOKIES

Create cookie policy

We collect other types of information through cookies like browser information, time of visit, referring site, etc. For more information, please read our Cookie Policy.

7. DISCLOSURES OF YOUR PERSONAL DATA

We may need to share your personal data to fulfil the purposes described in section 4.

Legal Obligations: We may share your personal information with authorised government bodies, regulatory agencies, tax authorities, and similar entities if required by law or in response to a valid government request. The legal basis for this disclosure is our need to comply with a legal obligation.

Third Party Providers: In accordance with applicable data protection laws, we may share your personal information with our affiliates, agents, service providers, and subcontractors for the purposes outlined in this Privacy Policy. This may include authorised third-party companies involved in processing payments on our website or other parties that help us fulfil the purposes listed here, such as operating our websites or hosting our data. Where required by law, we may disclose personal information when it is necessary to serve our legitimate interests, such as providing our services to you efficiently and cost-effectively.

Business Transfers: We may buy or sell assets or businesses, and in these transactions, user information is usually one of the assets that gets transferred. We may share personal information with a third party in the event of a reorganisation, merger, sale, joint venture, assignment, transfer, or other disposal of all or part of our business, assets, or stock (including during bankruptcy or similar proceedings). The legal basis for processing personal information in these cases is that it is necessary to fulfil our legitimate interests in being able to buy or sell assets or businesses.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

8. INTERNATIONAL TRANSFERS

Personal information processed by us may be transferred or accessed by entities within the IoThink Group. This will involve transferring your data outside the EU and UK to our overseas offices around the world. We may transfer your personal information between the data controllers specified in this Privacy Policy as well as to other subsidiaries, affiliates and related companies.

Whenever we transfer your personal data out of the EU to countries which have laws that do not provide the same level of data protection as the EU law, we always ensure that a similar degree of protection is afforded to it by ensuring that the following safeguards are implemented:

  • Intra-Group Transfers: We ensure your personal data is protected by requiring all our group companies to follow the same set of rules when processing your personal data under “binding corporate rules”.
  • Standard Contractual Terms: We use specific standard contractual terms approved for use in the EU which give the transferred personal data the same protection as it has in the EU, namely the International Data Transfer Addendum to the European Commission’s standard contractual clauses for international transfers.
  • International Transfers: For the international transfer of any personal information from the European Economic Area, the United Kingdom and Switzerland, we have entered into agreements with each affiliate, which include data protection Model Clauses to contractually protect your personal information.

Please contact us if you have any questions.

9. DATA SECURITY

We have implemented robust security measures to protect your personal data from accidental loss, unauthorized access, misuse, alteration, or disclosure. Access to your data is restricted to employees, agents, contractors, and other third parties who need it for business purposes. They will process your data only according to our instructions and are bound by confidentiality obligations.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

10. HOW LONG WILL YOUR DATA BE RETAINED FOR?

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

In some circumstances you can ask us to delete your data: see paragraph 11 below for further information.

11. YOUR RIGHTS

You have a number of rights in relation to your personal data including:

  • A right to access your personal data.
  • A right to correct your personal data that we hold about you.
  • A right to request erasure of your personal data in certain circumstances. Note, we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of the request.
  • A right to object or withdraw consent to processing of your personal data. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your right to object.
  • A right to request restriction of processing of your personal data. 
  • A right to request transfer or receive a copy of your personal data in a usable and portable format.

If you wish to exercise any of the rights set out above, please contact us as described in ‘How to Contact Us’ below.

Please note that we may refuse to comply with your request, in which case we will provide you with our reasons. We may also request specific information from you to help us confirm your identity and ensure your right to access your personal information (or to exercise any of your other rights). This is a security measure to ensure that personal information is not disclosed to any person who has no right to receive it.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.

Timeframe

We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

12. THIRD-PARTY LINKS

This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.

13. CONTACT DETAILS

If you have any questions about this Privacy Policy or about the use of your personal data or want to exercise your privacy rights, please contact us in the following ways:

  • Email address: support@kheiron.io
  • Postal address: TECHNOPOLIS, 5 Chemin Des Presses Bâtiment P, Cagnes-Sur-Mer, 06800, FR
  • Telephone: +33 (0)9 52 03 64 40 

14. COMPLAINTS

If you are dissatisfied with our processing of your personal information, you may have the right to lodge a complaint with your local data protection authority. We would, however, appreciate the chance to deal with your concerns before you approach the local regulator so, please contact us in the first instance. If you wish to know more about this process, please contact us and we will endeavour to provide you with information about relevant complaint avenues which may be applicable to your circumstances.

15. CHANGES TO THE PRIVACY POLICY AND YOUR DUTY TO INFORM US OF CHANGES

We may update this Privacy Policy from time to time, for example. To reflect changes to data protection laws. Any changes to this Privacy Policy will become effective when we publish the revised Privacy Policy. Material changes in our Privacy Policy will be notified 30 days before they are effective.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us, for example a new address or email address.