The purpose of this Privacy Policy (hereinafter referred to as "Policy") is to provide the most comprehensive information possible concerning the processing, use and transfer of data stored by Wanderhouse LLC (registered office: 1931 CORDOVA RD #1012 FORT LAUDERDALE, FL 33316; e-mail address: office@bee-ecosystem.io, tax identification number: 35-2694117; hereinafter referred to as " Data Controller") on the websites bee-ecosystem.io, bee-cash.io and about the registration of this data with the Data Controller.
Terminology:
● Data set: the set of data managed in a registry system,
● Data processing: the performance of technical tasks related to data management operations, regardless of the method and tool used to perform the operations and the location of application,
● Data processor: a natural or legal person or an unincorporated body which carries out the processing of personal data on behalf of the controller, including by virtue of a legal act,
● Processing: any operation or set of operations which is performed upon personal data, regardless of the procedure used, such as collection, recording, indexing, organisation, storage, alteration, use, disclosure, transmission, alignment or combination, blocking, erasure and destruction, and prevention of further use of the data. Processing also includes the taking of photographs, audio or video recordings and the recording of physical characteristics that can be used to identify a person (e.g. fingerprints, palm prints, DNA samples, iris scans),
● Data controller: the natural or legal person or unincorporated body who or which determines the purposes for which personal data are processed, takes and executes decisions regarding the processing (including the means used) or has the processing carried out by a processor on its behalf;
● Data destruction: the total physical destruction of data or of the medium on which the data are stored,
● Data transfer: where the data are made available to a specified third party,
● Data erasure: rendering data unrecognisable in such a way that their recovery is no longer possible,
● Data blocking: making it impossible to transfer, access, disclose, transform, amend, delete, erase, combine or harmonise and use the data permanently or for a specified period of time,
● Third party: a natural or legal person or an unincorporated body other than the data subject, the controller or the processor.
● Consent: a voluntary and explicit expression of the data subject's wishes, based on appropriate information, by which he or she gives his or her unambiguous consent to the processing of personal data concerning him or her, either in full or in relation to specific operations,
● Sensitive data: data revealing racial or ethnic origin, membership of a national or ethnic minority, political opinions or political parties, religious or philosophical beliefs, membership of an interest group, health, pathological or sex life, or data concerning a criminal offence,
● Disclosure: when the data are made available to any person,
● Registration: the provision to the controller of identification data necessary and sufficient to identify the recipient of the service
● Personal data: data that can be associated with any identified or identifiable natural person (hereinafter referred to as "data subject"), and the inference that can be drawn from the data concerning the data subject. The personal data shall retain this quality during the processing for as long as its link with the data subject can be re-established. In particular, a person may be regarded as identifiable where he or she can be identified, directly or indirectly, by reference to a name, an identification mark or to one or more factors specific to his or her physical, physiological, mental, economic, cultural or social identity;
● Objection: a statement by the data subject objecting to the processing of his or her personal data and requesting the cessation of the processing or the erasure of the processed data
Rules on data management and processing:
• Personal data may be processed only if the data subject consents, or if it is required by law or by an ordinance of a local authority, on the basis of the law and within the scope specified therein.
● The data provided by the customer concerned during registration, as necessary and sufficient identification data for the identification of the service user, shall be processed by the service provider in accordance with the CVIII Act of 2001 for the purpose of creating, defining the content, amending and monitoring the performance of the contract, invoicing the resulting consideration and enforcing claims in connection therewith.
No sensitive data is processed by the Data Controller.
● The law may order the disclosure of personal data in the public interest, by expressly indicating the scope of the data. In all other cases, disclosure requires the consent of the data subject, or in the case of special categories of data, written consent. In case of doubt, it shall be presumed that the data subject has not given his or her consent. The consent of the data subject shall be deemed to have been given in respect of the data communicated by him or her in the course of his or her public activities or transmitted by him or her for the purpose of disclosure. In proceedings initiated at the request of the data subject, his or her consent to the processing of his or her necessary data shall be presumed. This fact shall be brought to the attention of the data subject.
● Based on the above, the Data Controller processes the following data of the data subjects: name, e-mail address, address, telephone number, billing data, order data.
● For the purpose of invoicing the consideration resulting from the contract for the provision of the service, the service provider shall process personal data relating to the use of the service which are essential for the purposes of determining the consideration and invoicing, in particular data relating to the time, duration and place of use of the service. In addition to the above, the provider shall process personal data which are technically necessary for the provision of the service. The service provider also processes data relating to the use of the service for the purposes of increasing the efficiency of its service, the delivery of electronic advertising or other targeted content to the user, market research, and the user has expressly consented to this by registering.
● Prior to and during the use of the service, the Data Controller shall ensure that the procession of data for the purpose of increasing the efficiency of its service, the delivery of electronic advertisements or other targeted content to the user or market research may be prohibited by the user.
● By registering, the user gives his/her consent to the transfer of his/her data to other service providers cooperating with the service provider (hereinafter: third party) for the purposes for which the service provider is entitled to process the data. If the provider's right to process data for a purpose ceases, it shall notify the third party thereof.
● In the event of termination of the data processing right, the service provider shall delete the data of the service user. The service provider shall ensure that the recipient of the service can find out at any time before and during the use of the service which types of data are processed by the service provider and for which data processing purposes.
● The obligation of the customer concerned to provide data is voluntary, however, in the absence of necessary and sufficient data, the service provider cannot fulfil the orders of the customer concerned. Therefore, for the purpose of providing our service and under the conditions set out in this policy, we ask you to provide the necessary and sufficient data on a "mandatory" basis. The term "mandatory" in this case does not refer to the mandatory nature of the data collection, but to the fact that there are some records without which the registration cannot be completed successfully, so that the failure to complete certain fields or the inadequate completion of certain fields may lead to the rejection of the registration.
● By registering, the user of the service acknowledges that he/she has voluntarily given his/her unambiguous and prior consent to the sending of electronic advertising by the service provider and other service providers operating in conjunction with the service provider. This declaration of consent may be withdrawn at any time, without restriction and without giving reasons, and free of charge. In this case, the name of the declarant shall be immediately deleted by the service provider from the register required by law and no further electronic advertising shall be sent to him/her. When sending an electronic advertisement, the advertiser shall inform the addressee of the electronic mail address and other contact details where he/she can notify his/her request to prohibit the sending of electronic advertisements using a service.
● In the case of our subscription-based services, we send our customers periodic information circulars about our new services, special offers, etc. If our customers no longer wish to receive such promotional mailings, even though they have not previously indicated their intention to do so, they may opt-out in the same way and through the same channel as they used to request the service.
● By registering, the user as a customer acknowledges that he/she has read and accepted the service provider's data processing rules and has made the declarations set out therein, and his/her registration constitutes consent to the processing of data.
● The data controller undertakes that, in the event of any changes to its principles and practices regarding the processing of personal data, it will notify visitors to its website of such changes in advance so that they are always aware of the data processing principles and practices applicable throughout the entire portal of the data controller. This Policy on the processing and protection of personal data always reflects the principles and practices actually applied.
● If we intend to use personal data in a way that would be different from the principles and purposes for which the personal data were collected, we will notify the data subject in advance by e-mail and offer them the opportunity to decide whether they agree to the new conditions for processing their personal data in a different way.
● Anonymous information that is collected in a way that excludes personal identifiability and cannot be linked to a natural person, and demographic information that is collected in a way that does not link it to the personal data of identifiable persons and thus cannot be linked to a natural person, are not considered personal data.
● Personal or other data provided by data subjects will not be supplemented or combined with data or information from other sources. Should such a combination of data from different sources take place in the future, this will only be done after appropriate information has been given and with the prior consent of the data subject concerned.
● If the competent authorities request the provider to provide personal data in the manner required by law, the data controller shall provide the requested and available information in compliance with its legal obligation.
● Where our customers provide us with personal data, we will take all necessary steps to ensure the security of such data, both during network communication (i.e. online processing) and during storage and retention (i.e. offline processing).
● Personal data may only be accessed by persons holding the relevant job functions.
● The data controller does not currently offer a service specifically for children under 14 years of age and hereby declares that it does not collect or process personal data from children under 14 years of age. In the event of a request for the processing of personal data of a child under the age of 14, such data may only be collected if we have duly executed parental or other legal representative consent in a verifiable form. In the absence of such authorisation, we will not collect children's personal data (even if the service cannot be used without it).
Rights of Data Subjects:
● The data subject may request information about the processing of his or her personal data and may request the rectification or, except for processing required by law, the erasure of his or her personal data.
● At the request of the data subject, the controller shall provide information about the data processed by the controller or by a processor to whom the data are disclosed, the purposes, legal basis and duration of the processing, the name and address (registered office) of the processor and the activities of the processor in relation to the processing, as well as the recipients and purposes for which the data are or have been obtained. The controller shall provide the information in writing and in an intelligible form within the shortest possible time from the date of the request, but not later than 30 days.
● The controller may refuse to provide information to the data subject only if it is restricted by law, in the interests of the external and internal security of the State, such as defence, national security, crime prevention or law enforcement, or in the financial interests of the State or local government, or for the protection of the rights of the data subject or of others. The controller shall provide the data subject with the reasons for the refusal to disclose. The controller shall notify the DPO annually of any refused requests.
● The Data Controller shall rectify any inaccurate data.
● The personal data must be deleted if:
○ Unlawful processing,
○ The data subject requests,
○ It is incomplete or inaccurate and cannot be lawfully rectified, provided that erasure is not excluded by law,
○ The purpose of the processing has ceased to exist or the time limit for the storage of the data laid down by law has expired,
○ If ordered by a court or the Data Protection Officer.
● Rectification and erasure must be notified to the data subject and to all those to whom the data were previously disclosed for processing. Notification may be omitted if this does not harm the legitimate interests of the data subject in relation to the purposes of the processing.
● The data subject may object to the processing of his or her personal data if:
○ The processing (transfer) of personal data is necessary solely for the purposes of the exercise of a right or legitimate interest pursued by the controller or the recipient, unless the processing is required by law,
○ The use or transfer of personal data for direct marketing, public opinion polling or scientific research purposes,
○ The exercise of the right to object is otherwise permitted by law.
● The Data Controller shall examine the objection within the shortest possible time from the date of the request, but not later than 15 days, and inform the applicant in writing of the outcome of the examination, with the simultaneous suspension of the processing. If the objection is justified, the controller shall be obliged to terminate the processing, including further recording and transmission, and to block the data, and to notify the objection or the action taken on the basis of the objection to all those to whom the personal data concerned by the objection have been previously disclosed and who are obliged to take measures to enforce the right to object. If the data subject disagrees with this decision of the controller, he or she may challenge it in court within 30 days of its notification.
● The controller may not erase the data of the data subject if the processing is required by law. However, the data may not be transferred to the data recipient if the controller has consented to the objection or if the court has ruled that the objection is justified.
● The data subject may take the controller to court if his or her rights are infringed.