Terms and Conditions

Privacy Policy

1. Provider provides the Privacy Policy to inform users about policies and processes regarding the collection, use and disclosure of personally identifiable information ("personal information") received from users of Sites and from the Eyeblink application.
2. We do not sell, trade or otherwise transfer your personal information to third parties in any manner that could be harmful, dangerous or violating your privacy. We are here for you and if we are making you uncomfortable about your privacy, it is a feedback we want to hear from you. Please do not hesitate to reach out to us at support@blinkingmatters.com.
3. Information we collect
   We collect and process information from you when you interact with our Sites or start of Eyeblink application.
4. We collect information in the following ways:
   Information we get from your use of Eyeblink. We collect generated unique computer identifier (PCID), eyeblink settings and your blink rate statistics (if enabled).
   Cookies and similar technologies. We and our partners use various technologies to collect and store information when you visit our Sites, and this may include using cookies or similar technologies to identify your browser or device. We also use these technologies to collect and store information when you interact with services offered by our partners and third parties, such as advertising services or user behaviour analytics services. We may offer you services provided by our partners as a part of our Sites, in such case information about you is collected via a third party cookie.
5. Why do we need your information and how we use it
   We use the information we collect from all of our services to provide, maintain, protect and improve them, to develop new ones, and to protect our Sites and our users. We also use this information to offer you tailored content or used anonymized information for reasearch purpose.
   We will ask for your consent before using information for a purpose other than those that are set out in this Privacy Policy.
   Provider processes personal information on servers of our infrastructure provider in Czech republic and we use help of a few other specialized third party service providers as well. Therefore, we may process your personal information on a server located outside the country where you live.
6. Transparency and choice
   People have different privacy concerns. Our goal is to be clear about what information we collect, so that you can make meaningful choices about how it is used. For example:
   Wherever it is optional to collect additional information about you, we transparently inform you about what information we need, why we ask for it and we require your consent to process such information. When you change your mind, there is always a convenient way how to let us know. You can always set your own Cookie preferences and therefore decide whether you agree to be on our radar when it comes to ads or behaviour analytics or not.
   
7. Accessing and updating or deleting your personal information
   We use your personal information only for legitimate business or legal purposes (generating invoice), that is why we can not delete it or update it.
   Statistics/preferences you send us from Eyeblink application are collected for research purpose, they are identified using the PCID. You can enable/disable sending statistics any time within the Eyeblink settings. If you want to delete the already transfered statistics, please email us.
   We aim to maintain our services in a manner that protects information from accidental or malicious destruction. Because of this, after you delete information from our services, we may not immediately delete residual copies from our active servers and may not remove information from our backup systems - such information is completely removed according to our backup retention policy after 7 days.
8. Information we share
   We do not share personal information with companies, organizations and individuals outside of Provider unless one of the following circumstances applies:
   With your consent. We will share personal information with companies, organizations or individuals outside of Provider when we have your consent to do so. We require opt-in consent for the sharing of any sensitive personal information.
   For external processing. We provide personal information to our affiliates or other trusted businesses or persons to process it for us, based on our instructions and in compliance with our Privacy Policy and any other appropriate confidentiality and security measures.
   For legal reasons. We will share personal information with companies, organizations or individuals outside of Provider if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to:
   meet any applicable law, regulation, legal process or enforceable governmental request; enforce applicable Terms of Service, including investigation of potential violations; detect, prevent, or otherwise address fraud, security or technical issues; protect against harm to the rights, property or safety of Provider, our users or the public as required or permitted by law.
   We may share non-personally identifiable information publicly and with our partners like publishers, advertisers or connected sites. For example, we may share information publicly to show trends about the general use of our services.
   If Provider is involved in a merger, acquisition or asset sale, we will continue to ensure the confidentiality of any personal information and give affected users notice before personal information is transferred or becomes subject to a different privacy policy.
9. Information security
   We work hard to protect Sites, our systems, and our users from unauthorized access to or unauthorized alteration, disclosure or destruction of information we hold. In particular:
   We encrypt our services in transit using SSL.
   We review our information collection, storage and processing practices, including physical security measures, to guard against unauthorized access to systems.
10. Compliance and cooperation with regulatory authorities
    We regularly review our compliance with our Privacy Policy. If you feel like we are falling short, please send us a complaint in writing. We value your feedback so we may contact you to ask for more information or to follow up. We work with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints regarding the transfer of personal data that we cannot resolve with our users directly.
    In case you are curious how we have approached the EU General Data Protection Regulation, please see GDPR Commitment section of this page.
11. Changes
    Provider may change this policy from time to time, and if we do we will post any changes on this page. If you continue to use the services after those changes are in effect, you agree to the revised policy.
12. Minors
    Provider is committed to protecting the privacy of young children, and therefore does not knowingly collect or maintain personal information on the Sites or the service from persons under 16 years of age, except in compliance with children's online privacy protection law and buying agreement which is under specific law.
13. Other privacy policies
    At our discretion, we may occasionally include or offer third party products or services on our Sites. As these have separate and independent privacy policies, we have no responsibility and liability for the content and activities of these linked sites. However, we do our best to protect the integrity of our Sites and welcome any feedback about these sites and services.
14. Your consent
    By using our site, you consent to our Site Privacy Policy and the way how and for what purpose we process your personal information.

Third Party Service Providers

1. Provider may engage and use a selected set of third parties to process certain Customer Data in connection with the Service (each, a "Subprocessor"). This page provides all information about the entity, location of processing and role of each Subprocessor.
2. Prior to engaging any Subprocessor, Provider carries out due diligence to evaluate the Subprocessor, focusing on privacy, security and other practices affecting the processing of Customer Data. Provider is responsible for its Subprocessors.
3. Third Party Service Providers
   Why do we need them? As we would like to focus on our mission, we decided not to run our own infrastructure or develop all the features that we need ourselves. Provider have agreed to work with the following companies and incorporated their services as an underlying, integral part of our solution.

VENDOR	SERVICE	DATA	COUNTRY OF PROCESSING
WEDOS Internet, a.s.	web hosting	All customer data (content, contacts, purchases, technical)	Czech republic
Google LLC (Gmail) and WEDOS Internet, a.s.	Emails	Contact data, purchase data	USA, Chile, Ireland, Netherlands, Finland, Belgium, Taiwan, Singapore
HeatMap, Inc. and Google LLC (Analytics)	User behavior analytics	mouse and keyboard interaction, cookies	USA
Tibor Kádek (Company ID 43131361)	System and web administration	All customer data (content, contacts, purchases, technical)	Slovakia

4. How do we update this information?
   From time to time the Subprocessors we engage may also change. We may engage new processor, or change one of the old ones. We will provide the owner of Customer's account with notice of any new Subprocessors to the extent required under the Agreement or by applicable law, along with posting such changes here.

GDPR Commitment

1. Our Commitment
   We are committed to partnering with all Users to help them understand the General Data Protection Regulation (GDPR). The GDPR is the most comprehensive EU data privacy law in decades, and will come into effect on May 25, 2018.
   As well as strengthening and unifying user data privacy across the EU, it also puts new or additional obligations upon anyone that handles EU citizen's personal data, regardless of where they are located.
2. The GDPR's updated requirements are significant and our team is working hard to bring our service offerings and contractual commitments in line. Measures to achieve this include:
   Changes in our product itself. We are changing our user interfaces and service offerings in order to give users more control over the data they submit to / via Eyeblink or Sites.
   Policies. We have already updated our Privacy Policy. We are working on our internal policies and practices to ensure that we are aligned with the GDPR requirements.
   We will also continue to monitor the guidance around GDPR compliance from privacy-related regulatory bodies, and will adjust our plans accordingly if it changes.
3. Stay Updated
   Fulfilling our privacy and data security commitments is important to us. This page will be revised to reflect GDPR-related information as it becomes available. If you have any questions, we hope you will reach out to us at support@blinkingmatters.com.