Privacy at REBEL

REBELMAIL INC. PRIVACY POLICY

LAST UPDATED: 05/31/2018

Introduction

This privacy and cookie policy (“ Policy”) describes how Rebelmail Inc. (“ Company,” “ we,” and “ our”) collects, uses and shares personal data when using this website http://www.gorebel.com (the “ Site”) [and/or the Rebel applications(s), (the “ Applications”), together (the “ Services”).] Please read the following information carefully to understand our views and practices regarding your personal data and how we will treat it.

Particularly Important Information

Who we are: For the purpose of applicable data protection legislation, the data controller of your personal data is one of our customers, the data processor of your personal data is Rebelmail Inc. of 200 Park Ave South #1615, NY, NY 10003. Our data protection officer is Devin Torres - devin@rebelmail.com.

Must Read Sections: We draw your attention in particular to the sections entitled “ International Data Transfer” and “ Your Rights.

Changes to this Policy: We will post any modifications or changes to the Policy on [our Site/Application(s)/Services]. We reserve the right to modify the Policy at any time, so we encourage you to review it frequently. The “Last Updated” legend above indicates when this Policy was last changed. If we make any material change(s) to the Policy, we will [notify you via email]/[post a notice on [our Site/Application(s)/Services]] prior to such changes(s) taking effect.

1. PURPOSES OF PROCESSING

What is personal data?

We collect information about you in a range of forms, including personal data. As used in this Policy, “personal data” is as defined in the [UK Data Protection Act 1998/the European Data Protection Directive 95/46/EC/General Data Protection Regulation 2018] and any successor legislation, this includes any information which, either alone or in combination with other information we hold about you, identifies you as an individual, including, for example, your name, postal address, email address and telephone number.

Why do we need your personal data?

We will only process your personal data in accordance with applicable data protection and privacy laws. We need certain personal data in order to provide our customers with access to [the Site/Application(s)/Services]. [If you created a profile/registered with one of our customers, you will have been asked to tick to agree to provide this information in order to [access their services, purchase their products, view their content]. This consent provides us with the legal basis we require under applicable law to process your data. You maintain the right to withdraw such consent at any time. If you do not agree to our use of your personal data in line with this Policy, please do not use our customer’s [Site/Application(s)/Services].

2. COLLECTING YOUR PERSONAL DATA

We receive information about you in the following ways:

Information You Give Us or Our Customers.

This includes:

  • the data you provide when you use [our customer’s Site/Application(s)/Services], including submissions of data via email.

Information We Get from Others.

We may also get information about you from other sources, for example, if you have agreed to share information with one of our partners or customers we may add this to information we get from [our Site/Application(s)/Services].]

Information Automatically Collected.

We automatically log information about you and your computer or mobile device when you access [our Site/Application(s)/Services]. For example, when opening [our emails], we log your computer or mobile device operating system name and version, browser type, access times and information about your use of and actions on [our emails]. We collect this information about you using pixel tags. Please refer to the section on Pixel Tags below.

Automated Decision Making and Profiling.

We do not use your personal data for the purposes of automated decision-making. However, we may do so in order to fulfil obligations imposed by law, in which case we will inform you of any such processing and provide you with an opportunity to object.

3. PIXEL TAGS

We may also use pixel tags (which are also known as web beacons and clear GIFs) on [our Site/Application(s)/Services] to track the actions of users on [our Site/Application(s)/Services]. Unlike cookies, which are stored on the hard drive of your computer or mobile device by a website, pixel tags are embedded invisibly on webpages. Pixel tags measure the success of our marketing campaigns and compile statistics about usage of [the Site/Application(s)/Services], so that we can manage our content more effectively.

4. USING YOUR PERSONAL DATA

We may use your personal data as follows:

  • to operate, maintain, and improve [our Site/Application(s)/Services], products, and services;
  • as we believe necessary or appropriate (a) to comply with applicable laws; (b) to comply with lawful requests and legal process, including to respond to requests from public and government authorities; (c) to enforce our Policy; and (d) to protect our rights, privacy, safety or property, and/or that of you or others; and
  • as described in the “Sharing of your Personal Data” section below.
  • 5. SHARING YOUR PERSONAL DATA

    We may share your personal data as follows:

  • Third Parties Designated by You. We may share your personal data with third parties where you have provided your consent to do so.
  • Our Third Party Service Providers. We may share your personal data with our third party service providers who provide services such as [data analysis, payment processing, information technology and related infrastructure provision, customer service, email delivery, auditing and other similar services]. These third parties are only permitted to use your personal data to the extent necessary to enable them to provide their services to us. They are required to follow our express instructions and to comply with appropriate security measures to protect your personal data.
  • Corporate Restructuring. We may share personal data when we do a business deal, or negotiate a business deal, involving the sale or transfer of all or a part of our business or assets. These deals can include any merger, financing, acquisition, or bankruptcy transaction or proceeding.
  • Other Disclosures. We may share personal data as we believe necessary or appropriate: (a) to comply with applicable laws; (b) to comply with lawful requests and legal process, including to respond to requests from public and government authorities to meet national security or law enforcement requirements; (c) to enforce our Policy; and (d) to protect our rights, privacy, safety or property, and/or that of you or others.
  • 6. ANONYMOUS DATA

    When we use the term “anonymous data,” we are referring to data and information that does not permit you to be identified or identifiable, either alone or when combined with any other information available to a third party.

    We may create anonymous data from the personal data we receive about you and other individuals whose personal data we collect. Anonymous data might include analytics information and information collected by us using cookies.  We make personal data into anonymous data by excluding information (such as your name) that makes the data personally identifiable to you.  We use this anonymous data to analyses usage patterns in order to make improvements to [our Site/Application(s)/Services].

    7. THIRD PARTY SITES

    [Our Site/Application(s)/Services] may contain links to third party websites and features. This Policy does not cover the privacy practices of such third parties. These third parties have their own privacy policies and we do not accept any responsibility or liability for their websites, features or policies. Please read their privacy policies before you submit any data to them.

    8. USER GENERATED CONTENT

    You may share personal data with us when you submit user generated content to [our Site/Application(s)/Services], We urge you to be very careful when deciding to disclose your personal data, or any other information, on [our Site/Application(s)/Services]. Such personal data and other information will not be private or confidential once it is published on [our Site/Application(s)/Services].

    9. INTERNATIONAL DATA TRANSFER

    Your information, including personal data that we collect from you, may be transferred to, stored at and processed by us [and our affiliates and other third parties] outside the country in which you reside, including, but not limited to the United States, where data protection and privacy regulations may not offer the same level of protection as in other parts of the world. By using [our Site/Application(s)/ Services], you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Policy.

    10. SECURITY

    We seek to use reasonable organizational, technical and administrative measures to protect personal data within our organization. Unfortunately, no transmission or storage system can be guaranteed to be completely secure, and transmission of information via the internet is not completely secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised), please immediately notify us of the problem by contacting us using the details in Section 20 below.

    11. RETENTION

    We will only retain your personal data for the duration of our relationship with our customer unless a longer retention period is required or permitted by law (for example for regulatory purposes).

    12. OUR POLICY ON CHILDREN

    Our [Site/Application(s)/Services] is/are not directed to children under 16. If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us using the details in Section 20 below. We will delete such information from our files as soon as reasonably practicable.

    13. SENSITIVE PERSONAL DATA

    Subject to the following paragraph, we ask that you not send us, and you not disclose, any sensitive personal data (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or trade union membership) on or through [the Site/Application(s)/Services] or otherwise to us.

    If you send or disclose any sensitive personal data to us when you submit user generated content to [our Site/Application(s)/Services], you consent to our processing and use of such sensitive personal data in accordance with this Policy. If you do not consent to our processing and use of such sensitive personal data, you must not submit such user generated content to [our Site/Application(s)/Services].

    14. Your Rights

    • Opt-out. You may contact us anytime to opt-out of: (i) any new processing of your personal data that we may carry out beyond the original purpose; or (ii) the transfer of your personal data outside the EEA. Please note that your use of some of the [Site/Application(s)/Services] may be ineffective upon opt-out.
    • Access. You may access the information we hold about you at any time by contacting us directly.
    • Amend. You can also contact us to update or correct any inaccuracies in your personal data.
    • Move. Your personal data is portable – i.e. you to have the flexibility to move your data to other service providers as you wish.
    • Erase and forget. In certain situations, for example when the information we hold about you is no longer relevant or is incorrect, you can request that we erase your data.

    If you wish to exercise any of these rights, please contact us using the details in Section 20 below. In your request, please make clear: (i) what personal data is concerned; and (ii) which of the above rights you would like to enforce. For your protection, we may only implement requests with respect to the personal data associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will try to comply with your request as soon as reasonably practicable and in any event, within one month of your request. Please note that we may need to retain certain information for recordkeeping purposes and/or to complete any transactions that you began prior to requesting such change or deletion.

    15. COMPLAINTS

    We are committed to resolve any complaints about our collection or use of your personal data. If you would like to make a complaint regarding this Policy or our practices in relation to your personal data, please contact us at: hello@rebelmail.com. We will reply to your complaint as soon as we can and in any event, within 45 days. We hope to resolve any complaint brought to our attention, however if you feel that your complaint has not been adequately resolved, you reserve the right to contact your local data protection supervisory authority, which for the UK, is the Information Commissioner’s Office.

    16. CONTACT INFORMATION

    We welcome your comments or questions about this Policy. You may contact us in writing at hello@rebelmail.com or 200 Park Ave South #1615 NY, NY, 10003.

    17. EU-U.S. PRIVACY SHIELD

    Rebel Inc. is currently undertaking the self-certification process for EU-U.S. Privacy Shield compliance.

    18. EMPLOYEE PERSONAL DATA

    Rebel Inc. commits to cooperate with the panel established by the EU data protection authorities (DPAs) and comply with the advice given by the panel with regard to human resources data transferred from the EU in the context of the employment relationship. Please contact us to be directed to the relevant DPA contacts.