Privacy Policy

The introduction.

This Privacy Policy (hereinafter the “Policy”) lays down the terms and conditions of processing of your personal data (hereinafter shall also be referred to as the “data” or “information”) when you visit or use the https://grizyty.com/ (hereinafter the “Website”). In this Policy you can also find the following information:

  • What data are collected from you when you visit or use the Website;
  • For what purposes and under what legal bases these data are collected;
  • How long we will retain your data;
  • With what recipients these data will be shared;
  • What rights you have within the terms of processing of your data by us;
  • Contact details of supervisory authority, with which you can lodge your complaints if you suppose that your data subject`s rights are violated;
  • Information about the usage of cookies on the Website.

 

What data we collect.

Automatically collected data. When you visit the Website, the following data are collected by automated means:

  • The total time you spend on the Website;
  • The time you spend on each page and in what order those pages were visited;
  • What internal links were clicked (based on the URL of the next pageview);
  • The IP address, user agent string(which browser on which operating system is used);
  • So-called “log data”;
  • The referring source, from which you have visited the Website;
  • System configuration information of your device, which you use in order to access the Website.

Automatically collected data are collected with the use of the Services, provided by Google and Cloudflare. To find out more about the usage of Google and Cloudflare Services on the Website, please, visit “recipients of your data” clause, where this information is provided in a transparent manner.

Consent data. We collect information about the status of your consent to receive our Newsletter. This includes the following:

  • Whether you have consented to receive our Newsletter.

You always have an option to unsubscribe from our Newsletter by sending us a request to our e-mail address info@grizyty.com (withdrawal of your consent) or by clicking “unsubscribe” on the text of the Newsletter mail.

Communication data. When you contact us via available contact details or via the interface of the Website, you hereby provide us with the following data:

  • Your name;
  • Your e-mail address;
  • The Service you interested in;
  • You message including all the personal data it may contain.

The purposes of processing as well as legal bases for processing of your data.

To administer the Website and protect it from digital threats and unlawful/illegal activity. We use automatically collected data and communication data for the following purposes:

  • To administer the Website;
  • To protect the Website from DDoS attacks and other cyberattacks;
  • To protect the Website from any illegal or unlawful activity;
  • To diagnose the problems with the Website and the Server,which makes the Website available;
  • Toload balance to the Server, which makes the Website available.

The legal basis for processing: Article 6(1)(f) of the GDPR – processing is necessary for the purposes of the legitimate interests pursued by us and the third party.

To conduct analysis and research about the usage of the Website by its audience and, having known this data, to develop and enhance the Website. We use automatically collected data and communication data for the following purposes:

  • To conduct research and analysis about the usage of the Website by the visitors, and, having known this information, to develop and enhance the Website;
  • To conduct so-called A/B tests (https://en.wikipedia.org/wiki/A/B_testing);
  • To test new features on the Website.

The legal basis for processing: Article 6(1)(f) of the GDPR – processing is necessary for the purposes of the legitimate interests pursued by us and the third party.

To contact you. We use your communication data in order to contact you when the situation may require.

The legal bases for processing:

If you are interested in entering into the business relationships with us: Article 6(1)(b) of the GDPR – processing is necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract. If you a natural person, that is interested in any form of business relationships with us, we need to process your personal data in order to apply pre-contractual measures or in order to enter into contract with you.

If you make data subject`s requests or your request contain another legal issue: Article 6(1)(с) of the GDPR – processing is necessary for compliance with a legal obligation, to which we are subject.

To send you Company`s Newsletter: Article 6(1)(a) of the GDPR – your consent to processing of your data for this purpose.

If you ask general question about us and our products/services: Article 6(1)(f) of the GDPR – processing is necessary for the purposes of the legitimate interests pursued by us and the third party.

To comply with applicable law. We may use your data (including automatically collected data and communication data) for the purposes of compliance with applicable legislation.

The legal basis for this processing: Article 6(1)(с) of the GDPR – processing is necessary for compliance with a legal obligation, to which we are subject.

 

Our legitimate interests.

Our legitimate interests consist in:

  • Provision of the Website to its users or visitors;
  • Administration and maintenance of the Website;
  • Protection of the Website from digital threats, cyberattacks, unlawful or illegal activity;
  • Research and analysis on how the Website is used by its audience, and, with the help of these data, to enhance and develop the Website and the services which we provide;
  • Provision of the general public with information about us, our products and services.

 

Processing of minor`s data.

The Website is not intended for individuals under the age of 18 and we do not knowingly process the data of individuals under the age of 13. If you are a parent or a legal guardian and found that your child had used our Website, please contact us via any available communication channel and we will apply appropriate measures.

 

How long we will retain your data.

For automatically collected data – for a period of twenty – eight (28) months starting from the date of your last visit to the Website. For consent data – if you have provided us with your consent – unless you revoke your consent via unsubscription from our Newsletter. For communication data – as long as required by the particular purpose of processing. If you want to know more about the retention period of your data – please, contact us by e-mail address info@grizyty.com.

 

Recipients of your data.

Our affiliates and contractors. The Website and our facilities are maintained and operated by a large number of individuals, which may be in different relationships with us (for example, it may be Company`s affiliates and contractors). Thus, we will share your data with these affiliates and contractors. These transfers are secured by proper contractual arrangements, signed between us and these affiliates and contractors. It means that these recipients are legally obliged to process your data in strict compliance with this Policy.

Host provider, that owns the server, which makes the Website available. Our Website is placed on the Server, operated by third-party. Thus, your data will be shared to this recipient in encrypted form, hence it will be impossible to decrypt your data without encryption keys, which are in our sole possession.

Law enforcement agencies and public authorities. In case of a legal obligation do disclose your data to law enforcement agencies and public authorities, we will perform this disclosure. Please note, that we will respond only to the legal requests, made under the legislation of Estonia or another EU member state.

Google LLC. We use Google Services, provided by Google LLC., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, which include Google Analytics, Google Tag Manager and Google reCAPTCHA. 

  1. Google Analytics.The Website uses Google Analytics, a web analytics service. Google Analytics collects the following information concerning you:
  • The total time you spend on the Website;
  • The time you spend on each page and in what order those pages were visited;
  • What internal links were clicked (based on the URL of the next pageview);
  • The IP address, user agent string;
  • Initial page inspection that analytics.js performs when creating a new tracker object is used to determine your geographic location, what browser and operating system are being used, your device`s screen size and whether flash or java is installed, and the referring site;
  • Wealso use Google Analytics to count pageview hit. Pageview hit is a metric defined as the total number of pages viewed.

The information generated to a Google server in the USA and stored there. Google Analytics Opt-out Browser Add-on provides visitors and users with the ability to prevent their data from being collected and used by Google Analytics. To install Google Analytics Opt-out Browser Add-on, follow this link: https://tools.google.com/dlpage/gaoptout?hl=en.

  1. Google Tag Manager. Google Tag Manager is a tool made by Google that allows Us to integrate and manage tags (snippets of code) into our Website.
  2. Google We use Google reCAPTCHA. reCAPTCHA protects the Website from spam and abuse. This tool is primarily used to distinguish whether an input is made by an individual or robot, algorithm, code, or by any other form of automated processing.

If you want to find out more about how Google processes your data, please, follow Google`s Privacy Policy https://policies.google.com/privacy. Additionally, you can find the information about certification of Google under EU-US and Swiss-US Privacy Shield frameworks https://policies.google.com/privacy/frameworks?hl=en&gl=de.

Cloudflare, Inc. We use the services, provided by Cloudflare, Inc. 101 Townsend St, San Francisco, CA 94107 USA. Сloudflare provides web optimization and security services we use to improve and protect the Website, including a reverse proxy, pass-through security service. Cloudflare may collect the log data from the visitors of the Website. Additionally, we deployed a Cloudflare`s cookie file for security purposes (see Cookies Policy to find out more). To find out more about processing of the data by Cloudflare, please follow https://www.cloudflare.com/privacypolicy/. Additionally, you can find Cloudflare’s Privacy Shield Framework Statement via the link https://www.cloudflare.com/privacyshield/

The legal basis for the usage of Google LLC. and Cloudflare, Inc. services: Article 6(1)(f) of the GDPR – processing is necessary for the purposes of the legitimate interests pursued by us and the third party.

 

Transfer of the data by Google LLC. and Cloudflare, Inc. to the U.S. under the EU – U.S. Privacy Shield Framework.

Google LLC. and Cloudflare, Inc. have certified under EU-U.S. Privacy Shield Framework – this framework protects the fundamental rights of anyone in the EU whose personal data (any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly) is transferred to the United States for commercial purposes. It allows the free transfer of data to companies that are certified in the US under the Privacy Shield. For more information on the Privacy Shields, please visit the U.S. Department of Commerce’s Privacy Shield website at: https://www.privacyshield.gov/welcome.

 

Your rights under this Privacy Policy.

As the data subject, you have several rights, which you can implement by contacting us via email info@grizyty.com.

These rights are:

The right to withdraw consent. If you previously consented (under Article 6(1)(a) of the GDPR) to processing of your data, you have the right to withdraw this consent at any time. It means that we shall stop processing of the personal data, for processing of which the consent was required, starting from the date of the withdrawal. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

The right to access. You have the right to obtain from us confirmation as to whether or not the data concerning you are being processed, and, if we indeed process your personal data, to receive a copy of the personal data undergoing processing.

The right to rectification. You have the right to obtain from us the rectification of inaccurate personal data concerning you.

The right to erasure/to be forgotten. You have the right to obtain from us the erasure (removal) of your personal data. Upon your request, your personal data shall be removed. This right shall be applied if: i) your personal data are no longer needed for the purposes, for which these data were collected; ii) you have withdrawn your consent (if you have provided this consent) and there are no other legal bases for further processing ; iii) we do not need to keep your personal data for the purposes of compliance with the legislation; iv) the data were processed unlawfully; v) there are no any restrictions of this right by the applicable legislation; vi) in other cases, when the erasure (removal) is required or permitted by the applicable law.

The right to object to processing. You have the right to object, on grounds relating to your particular situation, to processing of your personal data, if the grounds of this processing were necessary for the purposes of the legitimate interests pursued by us (Article 6(1)(f)). Additionally, you have the right to object to processing of your personal data for direct marketing purposes (if applicable).

The right to restriction of processing. You have the right to obtain from us restriction of processing, in case if one of the following applies: i) you contested to the accuracy of the personal data – for a period enabling the controller to verify the accuracy of the personal data; ii) processing is unlawful and you oppose the erasure of the personal data and requests the restriction of their use instead; iii) we no longer need the personal data for the purposes of processing, but they are required by you for the establishment, exercise or defence of legal claims; iv) you have objected to processing on the basis of your right to object pending to verification whether your legitimate grounds override those of us.

The right to data portability. You have the right to receive from us the data, which were collected from you, in a structured, machine-readable format and have the right to transmit those data to another controller (simply, to another company). Nevertheless, this rule applies only to processing, which:

  • Was carried out by automated means;
  • Isbased on Articles 6(1)(a) and 9(2)(a) of the GDPR (consent) or is based on Article 6(1)(b) of the GDPR- processing which was carried out under the contract between you and us.

Please note, that these rights are applicable with some restrictions:

  • If we are not sure about the identity of the requestor,we shall verify the identity of a user/visitor who requests for implementation of any of the rights before the implementation of this right.
  • We may restrict the rights, specified above, or deny in implementation of any of the rights, if this restriction or denial is grounded on the legislation, to which we are subject. In this case, we will specify to you the reason for the denial in the reply to your request.

The right to lodge a complaint with the supervisory authority. You can always contact us for any issue with regard to processing of your data, including complaints. Nevertheless, if you suppose that your rights under applicable data protection legislation have been violated, you can lodge a complaint either:

  • With Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon). The Website of the Inspectorate: https://www.aki.ee/et;or
  • With the data protection authority of the country of your habitual residence. You can find the list of all EU Data Protection Authorities on the Website of the European Data Protection Board https://edpb.europa.eu/about-edpb/board/members_en.

 

Third-party Websites.

This Website may contain the links to the Websites, owned and operated by the third parties. For example, links/hyperlinks to third-party`s websites. You follow those links/hyperlinks at your own risk. We bear no liability for the content of any third-party`s websites and bears no responsibility for anything, what can happen as a result of your visit to those third-party`s websites. We recommend you to visit “Privacy Policy” or “Data Policy” or another privacy document on any of these third-party`s websites before submitting any information to the latter.

 

Changes to this Policy.

We may change, amend or modify this Privacy Policy from time to time. If we do this, the we will let you know by revising the date of this Privacy Policy. We encourage you to review the Privacy Policy whenever you access our Website.  By continuing to use our Website after Privacy Policy changes go into effect, you agree that you have read, understood and agree with the new version of the Policy.

 

Legal and contact information.

The Website is owned and operated by Grizyty Marketing OÜ, a company incorporated under the laws of the Republic of Estonia, with its registration number 14892321, with its registered address at Majaka tn 26, 11412, Tallinn (hereinafter “we”, “us”, “our”). E-mail address for correspondence: info@grizyty.com. Telephone number: +37259330318.

 

Cookies Policy.

The Website uses cookies. A cookie is a small file of letters and numbers that placed on your electronic device. We use these cookies for various purposes.

We use cookies in order to:

  • Protect this Website from the cyberattacks or any form of abuse (“security cookies”);
  • Some cookies are essential in order to provide you with the Website. If these cookies are disabled, the Website will not work (“essential cookies”);
  • Distinguish you from other visitors and users of the Website, which helps us to provide you with a good experience when you browse the Website and allows us to improve the Website (“analytics cookies” and other applicable).

 

Cookies used by the Website.

Essential and Security Cookies. These Cookies are essential and enable you to use the Website and provide access to the features of the Website. Security cookies are used in order to protect this Website. These cookies cannot be disabled.

Name of the cookie Source Expiration time Purpose of use
__cfduid The Website. 1 month. This cookie is a security feature deployed by us in order to protect this Website. The _cfduid does not allow for cross-site tracking. It also does not allow for Cloudflare to follow visitors from site to site by merging various _cfduid identifiers into a profile. Rather, Cloudflare places the _cfduid cookie in a visitor’s web browser after the user has met certain security requirements. The _cfduid is a one-way hash of certain values and cannot be used to personally identify the individual.
cookies_settings 1 month. This cookie remembers your cookie preferences on the Website.

 

Analytics cookies. We use analytics cookies to collect information about how visitors use our Website. You can always disable these cookies through our cookie consent bar.

Name of the cookie Source Expiration time Purpose of use
_ga Google Analytics. 2 years. These cookies are used to collect information about how visitors use the Website. We use this information in order to improve and enhance our Website.
_gid 2 hours.
_gat_gtag_UA_159557187_1 1 minute.
_gat 1 minute.
This website uses cookies to remember users and understand ways to enhance their experience.

The Website uses cookies. A cookie is a small file of letters and numbers that placed on your electronic device. We use these cookies for various purposes. We use cookies in order to:

Your choice regarding cookies on this site The Website uses cookies. A cookie is a small file of letters and numbers that placed on your electronic device. We use these cookies for various purposes. More info.
Ok Decline Cookie Preferences
cookie-icon