PRIVACY POLICY

Shopnil-IT LLC. (hereinafter, “We,” “Us,” and “Our”) respect your privacy and has instituted this Privacy Policy to protect you (hereinafter “You” and “Your”) in Your capacity as a user of the site located at www.shopnilit.com, or any other website owned or operated by Us that does not post a different privacy policy (hereinafter, the “Site”).

Please read on to learn how We collect and use information obtained from the Site. If You have any questions about Our Privacy Policy or the Terms and Conditions, feel free to contact Us at [email protected].

When You access and use the Site, We process, store and use certain information in accordance with the principles set out in this Privacy Policy. We will limit the collection and use of Your information to a minimum. We will only collect such information as is required to help You use the Site or to keep You informed about the services offered by Us or Our affiliates. The information You provide may also be used for analytical and statistical purposes, as specified herein.

WHAT PERSONAL DATA DO WE COLLECT AND WHAT DO WE USE IT FOR?

Personally identifiable information (hereinafter “Personal Data”) is any information that can be used to identify and contact You, including Your e-mail address, full name, and/or telephone number. We collect such Personal Data about You in order for Us to be able to deliver Our services to you, administrate Our business and ensure Our legal compliance.

If We have gathered your consent to do so, We may periodically send You details via e-mail about the products and services that We offer. You may opt out of receiving these e-mails, and hereby withdraw your consent, at any time by ticking the ‘opt out’ box provided in the promotional e-mail.

We will only use your Personal Data needed:

• to provide the service;
• to manage your company’s account;
• to enable the processing of payments; and
• for marketing purposes and to inform you about developments and changes to our services / products.

We will not share Personal Data with third parties without your prior consent except where Bright River is required to do so by law or as is necessary to perform our services. If we process Personal Data on your behalf we comply with all obligations under the EU General Data Protection Regulation and ensure that our use complies with our commitments to you.

SECURITY OF PERSONAL DATA

We take reasonable, industry standard steps to safeguard the security and confidentiality of any information You provide to Us, including Your Personal Data. When Your Personal Data is stored with Us, We use systems with limited access, located at facilities with technical, physical and administrative security measures, to protect against unauthorized access to, use or disclosure of Personal Data We collect or store.

Any password and user name allocated to You by Us must be kept secret and must not be disclosed to anyone, unless We have given You our prior written permission.

WHOM DO WE SHARE YOUR PERSONAL DATA WITH?

We are a global company and any Personal Data that we collect or that You provide to Us may be shared and processed by any of Our entities.

We may also share Personal Data with a variety of the following categories of third parties if necessary, such as:

• Our professional advisors such as lawyers and accountants
• Governments or regulatory authorities
• Insurers
• Tax authorities
• Third parties to whom We outsource certain services such as IT systems or software providers, hosting service providers, payment service providers, document processing, and translation services, etc.
• Third party service providers who assist Us with customer insight analytics

In some cases, We thus appoint sub-contractors as required to deliver Our services to You. These sub-contractors process Personal Data on Our behalf. We ensure contractual documentation in relation to any sub-contractor to make sure that they process Personal Data according to Our legal and regulatory obligations.

In order to provide Our services, we may need to transfer Your Personal Data to locations outside the jurisdiction in which You provide it.

If You are based within the European Economic Area (EEA), please note that where necessary to deliver the services We will transfer personal information to countries outside the EEA.

All Shopnil-IT LLC. entities have signed a data sharing agreement which is based on the EU standard contractual clauses to ensure that We comply with Our legal and regulatory obligations in relation to Personal Data, including having a lawful basis for transferring Personal Data.

Log Data

Like many site operators, we collect and use information that your browser sends whenever you visit our website (“Log Data”) that is not personally identifiable such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, the pages of our site that you visit, the time and date of your visit, the time spent on those pages and other statistics.
In addition, we may use third-party services such as Google Analytics and Hotjar that collect, monitor and analyze this. The information we share will not include Personal Data such as your name and your email address.

Visual Content Data

Shopnil-IT LLC. may store and use Visual Content Inputs (e.g. image and video inputs) processed by the service solely to provide and maintain the service and to improve and develop the quality of our machine-learning/artificial-intelligence technologies and the training of our designers. The use of your content is necessary for continuous improvement of our services, including the development and training of related services. Except for the features belonging to visual content (such as the models included in the visual content), we do not store or use any personally identifiable information that may be contained in your Visual Content Inputs.

Your rights concerning your Personal Data

Please be aware that you shall have the right to obtain confirmation as to what Personal Data are being processed and where that is the case and, if applicable, to rectify or to erase your Personal Data or to transmit those data to another controller. Besides this, you shall have the right to object, on grounds relating to your particular situation, at any time to the processing of Personal Data that concerns you.

Security Measures

We operate sufficient technical and organisational measures to protect your Personal Data against unlawful and unauthorised processing and against accidental loss, destruction or damage. In particular we take the following security measures to protect your privacy:

• We pseudonyme and encrypt Personal Data for our production facilities outside the EU;
• Client accounts are encrypted (using MD-5 Encryption);
• Access to Personal Data is protected;
• Secured connections for internal and external data transfers;
• Secured communication with the server (HTTPS / SSL);
• Data is stored on secured servers;
• Physical access to the servers and company premises where data is stored, is limited to authorized persons;
• We only use up-to-date licensed software and up-to-date (Internet) security software;
• For cloud solutions we have 2-step or 2-factor authentication in use;
• To ensure the compliance to our security goals we conduct the following tests periodically:
  • Weekly security tests;
  • Monthly vulnerability tests;
  • Regular penetration tests;
  • Periodic monitoring of data security protocol;
  • Periodic monitoring of access control systems.

Changes to this Privacy Policy

Our Privacy Policy may change from time to time. Any minor changes in this Privacy Policy will be posted on the Site. You will receive notification on any significant changes prior to these changes entering into force.

Last updated June 2018.