WHAT INFORMATION DOES SHIFT COLLECT?

Personal information Users disclose to us

In Short: As a learning management system providing education services, we collect personal information that Users provide to us such as name, address, contact information, passwords and security data, and payment information.

We collect personal information that Users voluntarily provide to us when they register at the Site and when they participate in the Services, activities on the Site, or otherwise contact us (hereinafter “User Information”).

The User Information that we collect depends on the context of Users’ interactions with us and the Site, the choices Users make, and the Services and features Users use. The User Information we collect can include the following:

Name and Contact Data: We collect Users’ first and last name, email address, postal address, billing address, employer information, phone number, fax number, and other similar contact data.

Credentials: We collect passwords, password hints, and similar security information used for site authentication and account access.

Personal Data: Personal Data may be freely provided by the User, or, in the case of Usage Data, collected automatically when using SHIFT Services. Unless specified otherwise, all Data requested by SHIFT is mandatory and failure to provide this Data may make it impossible for SHIFT to provide the Services you have requested. In cases where SHIFT specifically states that some Data is not mandatory, Users are free to not communicate this Data, without consequence to the availability or the functioning of the Service being provided. Users who are uncertain about which Personal Data is mandatory are welcome to contact SHIFT.

All User Information provided to us must be true, complete, and accurate, and Users must notify us of any changes to such User Information. Any use of Cookies or of other tracking tools by SHIFT, or third-party services used by SHIFT, serve the purpose of providing the Service required by the User, in addition to any other purposes described in the present document and in our Cookie Policy.

Information automatically collected

In Short: Some information - such as IP address and/or browser and device characteristics - is collected automatically when Users visit our Site.

We automatically collect certain information when Users visit, use, or navigate the Site (hereinafter “User Information”). This information does not reveal Users’ specific identity (like Users’ names or contact information) but may include device and usage information, such as a User’s IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when the User uses our Site and other technical information. This information is primarily needed to maintain the security and operation of our Site, and for our internal analytics and reporting purposes.

Like most businesses, we also collect information through cookies and similar technologies.

Information collected from other sources

In Short: We may collect limited data from public databases, marketing partners, and other outside sources.

We may obtain information about Users from other sources, such as public databases, joint marketing partners, as well as from other third parties (hereinafter “User Information”). Examples of the information we receive from other sources include social media profile information; marketing leads and search results, including paid listings (such as sponsored links).

HOW DOES SHIFT USE USERS’ INFORMATION?

In Short: We process User Information for purposes based on legitimate business interests, the fulfillment of our contract with you, compliance with our legal obligations, and/or User consent.

We use User Information for a variety of business purposes described below. We process User Information for these purposes in reliance on our legitimate business interests (“Business Purposes”), in order to perform the Services, with User consent (“Consent”), and/or for compliance with our legal obligations (“Legal Reasons”).

We use the information we collect or receive:

·       To facilitate account creation and the log-in process.

·       To send Users marketing and promotional communications. We and/or our third-party marketing partners may use User Information for our marketing purposes. Users can opt-out of our marketing emails at any time by simply clicking unsubscribe on any such communication or by contacting SHIFT. The forgoing may be limited by applicable law, including, without limitation, European data protection law.

·       To send administrative information to Users. We may use User Information to send Users product, service, and new feature information and/or information about changes to our terms, conditions, and policies.

·       To fulfill and manage your and Users’ orders. We may use User Information to fulfill and manage orders, payments, returns, and exchanges through the Site.

·       To post testimonials. We post testimonials on our Site that may contain User Information. Prior to posting a testimonial, we will obtain User consent to use their name and testimonial. If Users wish to update or delete their testimonial, please contact us at admin@techfirstSHIFT.org and be sure to include the User’s name, the location of the testimonial in question, and their contact information.

·       To deliver targeted advertising to Users. We may use User Information to develop and display content and advertising tailored to Users’ interests and/or location (and work with third parties who do so), and measure its effectiveness.

·       To administer prize drawings and competitions. We may use User Information to administer prize drawings and competitions when Users elect to participate in competitions.

·       To request feedback. We may use User Information to request feedback and to contact Users about their use of our Site.

·       To protect our Site. We may use User Information as part of our efforts to keep our Site safe and secure (for example, for fraud monitoring and prevention).

·       To enforce our terms, conditions and policies.

·       To respond to legal requests and prevent harm. If we receive a subpoena or other legal request, we may need to inspect the data we hold to determine how to respond.

WILL USER INFORMATION BE SHARED WITH ANYONE?

In Short: We only share information with User consent, to comply with laws, to protect User rights, or to fulfill business obligations.

We only share and disclose User Information in the following situations:

·       Compliance with Laws. We may disclose User Information where we are legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process, such as in response to a court order or a subpoena (including in response to public authorities to meet national security or law enforcement requirements).

·       Viral Interests and Legal Rights. We may disclose User Information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person and illegal activities, or as evidence in litigation in which we are involved.

·       Vendors, Consultants and Other Third-Party Service Providers. We may share User Information with third-party vendors, service providers, contractors or agents who perform services for us or on our behalf and require access to such information to do that work. Examples include payment processing, data analysis, email delivery services, hosting services, and customer service and marketing services. We may allow selected third parties to use tracking technology on the Site, which will enable them to collect data about how Users interact with the Site over time. This information may be used to, among other things, analyze and track data, determine the popularity of certain content and better understand online activities. Unless described in this Policy, we do not share, sell, rent or trade any of the User Information with third parties for their promotional purposes.

·       Business Transfers. We may share or transfer User Information in connection with, or during negotiations of any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.

·       Affiliates. We may share User Information with our affiliates, in which case we will require those affiliates to honor this Privacy Policy. Affiliates include our parent company and any subsidiaries, joint venture partners or other companies that we control or that are under common control with us.

·       Business Partners. We may share User Information with our business partners to offer Users certain products, services, or promotions.

·       With Users’ consent. We may disclose User Information for any other purpose with such User’s consent.

DOES SHIFT USE COOKIES AND OTHER TRACKING TECHNOLOGIES?

In Short: We may use cookies and other tracking technologies to collect and store User Information.

We may use cookies and similar tracking technologies (like web beacons and pixels) to access or store User Information. Specific information about how we use such technologies and how Users can refuse certain cookies is set out in our Cookie Policy.

HOW LONG DOES SHIFT KEEP USER INFORMATION?

In Short: We keep User Information for as long as necessary to fulfill the purposes outlined in this Privacy Policy unless otherwise required by law.

We will keep User Information for as long as it is necessary for the purposes set out in this Privacy Policy, unless a longer retention period is required or permitted by law (such as tax, accounting or other legal requirements).

When we have no ongoing legitimate business need to process User Information, we will either delete or anonymize it, or, if this is not possible (for example, because User Information has been stored in backup archives), then we will securely store User Information and isolate it from any further processing until deletion is possible. Therefore, the right to access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after expiration of the retention period.

HOW IS USER INFORMATION PROTECTED?

In Short: We aim to protect User Information through a system of organizational and technical security measures.

We have implemented appropriate technical and organizational security measures designed to protect the security of any User Information we process. However, please also remember that we cannot guarantee that the internet itself is 100% secure. Although we will do our best to protect User Information, transmission of User Information to and from our Site is at each User’s own risk. User should only access the Services within a secure environment.

Place of data processing

User Information is processed at SHIFT’s operating locations and in any other places where the parties involved in the processing are located.

Depending on the User’s location, data transfers may involve transferring the User Information to a country other than their own. To find out more about the place of processing of such transferred Data, Users can check the section containing details about the processing of Personal Data.

Users are also entitled to learn about the legal basis of Data transfers to a country outside the European Union or to any international organization governed by public international law or set up by two or more countries, such as the UN, and about the security measures taken by SHIFT to safeguard User Information.

If any such transfer takes place, Users can find out more by checking the relevant sections of this document or inquire with SHIFT at info@simply-home.com.

DOES SHIFT COLLECT INFORMATION FROM MINORS?

We do not knowingly collect data from or market to children under 18 years of age except in cases of fulfilling contracted, legitimate business purposes where consent has first been given by a parent or other legal guardian.

We do not knowingly solicit data from or market to children under 18 years of age. By using the Site, User represents that the User is at least 18 or that User is the parent or guardian of such a minor and consent to such minor dependent’s use of the Site. If we learn that User Information from Users less than 18 years of age has been collected without such consent, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we have unknowingly collected from children under age 18, please contact us at admin@techfirstshift.org.

WHAT ARE USERS’ PRIVACY RIGHTS?

In Short: User may review, change, or terminate User’s account at any time.

Users may exercise certain rights regarding their Data processed by SHIFT. Except as limited by applicable law, Users have the right to do the following:

·     Withdraw their consent at any time. Users have the right to withdraw consent where they have previously given their consent to the processing of their Personal Data.

·     Object to processing of their Data. Users have the right to object to the processing of their Data if the processing is carried out on a legal basis other than consent. Further details are provided in the dedicated section below.

·     Access their Data. Users have the right to learn if Data is being processed by SHIFT, obtain disclosure regarding certain aspects of the processing, and obtain a copy of the Data undergoing processing.

·     Verify and seek rectification. Users have the right to verify the accuracy of their Data and ask for it to be updated or corrected.

·     Restrict the processing of their Data. Users have the right, under certain circumstances, to restrict the processing of their Data. In this case, SHIFT will not process their Data for any purpose other than storing it.

·     Have their Personal Data deleted or otherwise removed. Users have the right to obtain the erasure of their Data from SHIFT. Please note: In this circumstance, SHIFT cannot guarantee the continuation of services provided by SHIFT

·     Receive their Data and have it transferred to another controller. Users have the right to receive their Data in a structured, commonly-used and machine-readable format and, if technically feasible, to have it transmitted to another controller without any hindrance. This provision is applicable provided that the Data is processed by automated means and that the processing is based on the User’s consent, on a contract which the User is part of or on pre-contractual obligations thereof.

·     Lodge a complaint. Users have the right to bring a claim before their competent data protection authority. If User is a resident in the European Economic Area and User believe we are unlawfully processing User Information, Users also have the right to complain to User’s local data protection supervisory authority. User can find their contact details here: http://ec.europa.eu/iustice/data-protection/bodies/authorities/index en.htm.

Account Information: If User would at any time like to review or change the information in their account or terminate their account, User can contact us using the contact information provided in the next section. Upon User’s request to terminate User’s account, we will deactivate or delete User’s account and information from our active databases. However, some information may be retained in our files to prevent fraud, troubleshoot problems, assist with any investigations, enforce our Terms of Use and/or comply with legal requirements.

Cookies and similar technologies: Most web browsers are set to accept cookies by default. If User prefer, User can usually choose to set User’s browser to remove cookies and to reject cookies. If User chooses to remove cookies or reject cookies, this could affect certain features or services of our Site.

Opting out of email marketing: User can unsubscribe from our marketing email list at any time by clicking on the unsubscribe link in the emails that we send or by contacting us using the details provided below. User will then be removed from the marketing email list - however, we will still need to send User service-related emails that are necessary for the administration and use of User’s account. To otherwise opt-out, User may contact us using the contact information provided in the next section.

HOW CAN USER REVIEW, UPDATE, OR DELETE THE DATA SHIFT COLLECTS?

Based on the laws of some countries, User may have the right to request access to the User Information we collect, change that information, or delete it in some circumstances. To request to review, update, or delete User Information, please submit a request form by emailing admin@techfirstshift.org. We will respond to User’s request within 30 days.

Legal action

The User’s Personal Data may be used for legal purposes by SHIFT, in Court, or in the stages leading to possible legal action arising from improper use of SHIFT Services or the related Services. The User declares to be aware that SHIFT may be required to reveal personal data upon request of public authorities.

Additional information about User’s Personal Data

In addition to the information contained in this privacy policy, SHIFT Services may provide the User with additional and contextual information concerning particular Services or the collection and processing of Personal Data upon request.

System logs and maintenance

For operation and maintenance purposes, SHIFT Services and any third-party services may collect files that record interaction with SHIFT Services (System logs) and/or use other Personal Data (such as the IP Address) for this purpose.

Information not contained in this policy

More details concerning the collection or processing of Personal Data may be requested from SHIFT at any time. Please see the contact information at the beginning of this document.

How “Do Not Track” requests are handled

SHIFT Services does not support “Do Not Track” requests. To determine whether any of the third-party services that SHIFT uses honor the “Do Not Track” requests, please read their privacy policies.

Changes to this privacy policy

SHIFT reserves the right to make changes to this privacy policy at any time by giving notice to its Users through any reasonable means of notice. Should the changes affect processing activities performed on the basis of the User’s consent, SHIFT shall collect new consent from the User, where required.

Definitions and legal references

Personal Data (or Data): Any information that directly, indirectly, or in connection with other information — including a personal identification number — allows for the identification or identifiability of a natural person.

Usage Data: Information collected automatically through SHIFT Services (or third-party services utilized by SHIFT Services), which can include: the IP addresses or domain names of the computers utilized by the Users who use SHIFT Services, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server’s answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilized by the User, the various time details per visit (e.g., the time spent on each page within the Application) and the details about the path followed within the Application with special reference to the sequence of pages visited, and other parameters about the device operating system and/or the User’s IT environment.

European Union (or EU): Unless otherwise specified, all references made within this document to the European Union include all current member states to the European Union and the European Economic Area.

Cookies: Small sets of data stored in the User’s device.

Legal Information: This privacy statement has been prepared based on provisions of multiple legislations, including Art. 13/14 of Regulation (EU) 2016/679 (General Data Protection Regulation).