Privacy Policy

Last updated at November 20, 2024

Introduction

About Ezra. We provide a SaaS system that is used to structure, monitor, analyze and manage data for affiliate marketing purposes, which is called "Ezra". More information on how the Ezra works is available on our Website https://ezra.software.

Privacy Policy. Protecting Users` privacy is very important to us. This Policy has been prepared to provide the Users with essential information regarding the processing of the Personal Data. Please read this Policy carefully. It complies with the GDPR and explains what Personal Data is processed, the reasons for the processing, how we handle the processing, and how we retain the Personal Data.

Contact The Users can contact us at any time using these details: [email protected]

This Policy. This Policy applies to situations where we act as the Controller (mostly if the User uses the Ezra, visits our Website, or communicates directly with us). This Policy also explains how you can object to certain uses of information about you and how you can access and update certain information about you. If you do not agree with this Policy, do not access or use Ezra or our Website or interact with any other aspect of our business.

Definitions

Definitions. To make the text easier to read, we have prepared definitions of the terms we use in this Policy.

Data Controller: Refers to the individual or entity—whether a natural person, legal entity, public authority, agency, or other body—that determines, either independently or in collaboration with others, the purposes and means of processing personal data. When the purposes and means are defined by European Union or Member State law, the controller or specific criteria for their designation may also be established by the same laws.

Data Processor: A natural or legal person, public authority, agency, or other entity that processes personal data on behalf of the data controller.

Data Subject: Refers to an identifiable natural person who can be recognized directly or indirectly through identifiers.

GDPR: Refers to EU Regulation 2016/679, the General Data Protection Regulation.

Personal Data: Any information related to an individual (the data subject) that can identify them. This includes both direct and indirect identifiers such as physical, genetic, or social characteristics.

Processing: Refers to any operation or set of operations performed on personal data, whether through automated means or not. Examples include collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination, alignment, restriction, erasure, or destruction of personal data.

Ezra, Supplier, We, Us, Website: These terms collectively represent the party responsible for providing the software.

You, Client: Refers to the instance administrator.

How we collect Personal Data

We will collect personal data only through lawful and fair means. We primarily collect your personal data directly from you unless doing so is unreasonable or impracticable. This information may be collected when you:

• Access or use our website;
• Register an account with us;
• Use our products and services;
• Participate in our competitions, giveaways, or other promotions;
• Contact us through any medium, including SMS, MMS, instant messaging, email, social media platforms, postal mail, or telephone.

Why do we collect, hold, use and disclose personal data

We collect and process your personal data based on the following legal grounds:

1. Legal Obligation: We may process your personal data as required by European Union or Member State laws applicable to us.
2. Contractual Necessity: Processing your personal data may be essential to fulfill our obligations under a legally binding contract with you.
3. Legitimate Interest: We may process your personal data for legitimate business or commercial purposes. Before relying on this basis, we carefully evaluate our legitimate interest against your rights and ensure it does not unfairly infringe upon them.

We collect, store, use, and disclose personal data for the following purposes:

• To deliver products and services to you;
• To communicate with you, including sharing information about our products and services;
• To conduct planning, research, promotion, and marketing of our goods and services, including organizing competitions or promotions;
• To create aggregate data on Instance Administrators and their Partners through demographic profiling and statistical analysis of our database, enhancing our products and services and improving business efficiency;
• To validate your good faith;
• To investigate suspected unlawful, fraudulent, or other improper activities related to the use of our products and services.

To whom Personal Data is disclosed

By using our Website and Software and providing your personal data, you consent to its use by us.

We may share your personal data with third parties in the following circumstances:

• Service Providers and Contractors: With our contractors and external service providers involved in operating our business and delivering our services. This includes, but is not limited to, data centers, web hosting providers, payment service providers, advertising agencies, mailing houses, printers, call centers, market research analysts, IT consultants, professional advisors, and consultants.
• Law Enforcement: With law enforcement agencies to assist in preventing criminal activities.
• Government and Regulatory Authorities: With government, regulatory bodies, or other organizations as required or authorized by law.
• Controlling Bodies: With controlling bodies that request information to protect and maintain the integrity of services or to address activities deemed suspicious or unusual.
• Business Transitions: With a successor entity in the event of a business transition, such as a merger, corporate reorganization, or the sale of part or all of our assets. When transferring information to a third party, we will take reasonable measures to ensure the data is protected through appropriate contractual arrangements.

What are your rights?

The rights outlined in this section apply to all users visiting our website and are specifically relevant to users from the European Union, the United Kingdom, and Switzerland. Under the General Data Protection Regulation (GDPR), you are granted the following rights regarding the processing of your personal data:

Right to Be Informed: You have the right to receive clear, concise, and transparent information about how your personal data is processed, free of charge. This Privacy Notice serves this purpose.

Right of Access: You are entitled to confirmation of whether your data is being processed and access to that personal data.

Right to Rectification: You can request correction or completion of your personal data if it is inaccurate or incomplete. We are also obligated to inform any third parties with whom your data has been shared to make the same corrections.

Right to Erasure: Also known as the “right to be forgotten,” you can request the deletion of your personal data and prevent further processing. However, this right is not absolute and may not apply in certain circumstances, such as where data retention is legally required. We will notify any third parties with whom your data has been shared about your request.

Right to Restrict Processing: You can request the limitation or suppression of the processing of your personal data. While processing may be restricted, the data can still be stored for future reference. Third parties with access to your data must also be informed of this restriction.

Right to Data Portability: You have the right to obtain and transfer your personal data for use across different services securely and without compromising its usability.

Right to Object: You can object to the processing of your personal data for specific purposes, including processing based on legitimate interests, tasks carried out in the public interest, direct marketing (including profiling), and scientific or historical research and statistics.

Rights Related to Automated Decision-Making and Profiling: You can object to decisions made solely through automated means, request human intervention, express your perspective, and challenge such decisions.

Right to Withdraw Consent: If you have provided explicit consent for processing your personal data, you can withdraw this consent at any time. This includes withdrawing consent for marketing communications.

Right to Lodge a Complaint: You can file a complaint directly with us or with a relevant supervisory authority. Contact details for supervisory authorities can be found here .

Security of Personal Data

Your information is securely stored on protected servers. Personal data may also be retained in telephone recordings and physical formats, such as hard copy or paper files.

We take all reasonable measures to safeguard the personal data we collect and to ensure its accuracy, completeness, and currency.

Our employees, agents, and contractors are bound by confidentiality obligations to protect all personal data.

Access to and correcting Personal Data

We take reasonable steps to ensure that the personal data we collect is accurate, up-to-date, and complete. Similarly, we strive to ensure that any personal data we use or disclose is accurate, current, complete, and relevant.

If we determine that your personal data needs to be updated or corrected, we will take reasonable actions to make the necessary changes, which may include reaching out to you for the most up-to-date information.

You have the right to request access to and correction of the personal data we hold about you. To process such requests, we may ask you to verify your identity and specify the information you are seeking.

We are committed to safeguarding the confidentiality of your personal data necessary for providing our services. If we become aware of any potential or actual breach of the security of your personal data, we will notify you promptly.

Personal Data retention

We recognize the importance of security and employ advanced techniques to safeguard your information. All personal data provided directly by you is stored in a secure database within our protected network, safeguarded by state-of-the-art firewall software. Additionally, we do not store or process payment card credentials.

The duration for which we retain your information depends on the purpose for which it was provided. Your data is not kept indefinitely but only for as long as necessary to fulfill legitimate business purposes (e.g., providing our services or other reasons outlined above) and to meet our legal and regulatory obligations.

Personal data collected during an application process, whether through our website or via an affiliate’s platform, is retained for a minimum of five years after the end of the relationship. This retention ensures we can address any disputes or complaints that may arise.

If you request that we stop contacting you for advertising or marketing purposes, we will retain your information to record and respect your preferences.

Data processing clause

When using our software, you will act as a data controller, determining the scope of personal data collection for your Partners and Advertisers. In these scenarios, we operate as a data processor, with the specific boundaries and purposes of processing defined in the applicable Data Processing Addendum (DPA).
The party initially collecting personal data from a data subject is responsible for obtaining any required consents (as per Data Protection Laws) and providing necessary information to the data subject before collection. This responsibility does not exempt the other party from its obligations under Data Protection Laws, such as ensuring transparency and enabling the data subject to exercise their rights related to personal data processing. You may designate subcontractors, including Affiliates, to process personal data within our software (“Sub-Processors”). These Sub-Processors must meet data protection standards equivalent to those in this Privacy Notice and the Data Processing Addendum. Ensuring compliance with these standards is solely your responsibility, and you will be fully liable for any actions or omissions of your appointed Sub-Processors. Any party with access to or processing personal data must:

Process Personal Data: Adhere strictly to Data Protection Laws applicable to Data Controllers and maintain accurate records of processing activities as required by these laws.

Provide Information to Data Subjects: Fulfill obligations to inform data subjects and enable them to exercise their rights under Data Protection Laws. Offer reasonable cooperation and assistance to other parties to meet these requirements.

Ensure Security Measures: Implement and maintain appropriate physical, technical, and organizational security measures to protect personal data from accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access during processing, storage, or transmission, in compliance with Data Protection Laws.

Manage Breach Notifications: Comply with notification obligations to supervisory authorities and data subjects in case of a personal data breach, as required by Data Protection Laws.

Notify Breaches Promptly: Inform the other party of any breach incidents without undue delay and within 24 hours of becoming aware.

These responsibilities ensure compliance with Data Protection Laws and safeguard the rights and security of data subjects.

Notices

All inquiries and requests regarding your personal data should be directed to the following email address: [email protected]
Upon receiving your request, we will acknowledge receipt within ten (10) business days. A verifiable consumer request will be addressed within thirty (30) days of receipt. If additional time is required (up to a maximum of 90 days), we will inform you in writing, explaining the reason for the extension.
We do not charge fees for processing or responding to verifiable consumer requests unless the request is excessive, repetitive, or clearly unfounded. If a fee is deemed necessary, we will provide an explanation and a cost estimate before proceeding with your request.