Genius Digital Agency (GDA Media Ltd) (referred to as “Genius Digital Agency (GDA Media Ltd) ” or “we” or “us” or “our”) is committed to protecting and respecting your privacy and handling your personal data in an open and transparent manner. The personal data that we collect and process may vary depending on the service we provide to you.
- Provides an overview of how Genius Digital Agency (GDA Media Ltd) collects and processes your personal data, and informs you about your rights under the EU General Data Protection Regulation (“GDPR”) and any national law supplementing or implementing the GDPR,
- When we refer to “personal data” we mean data which identifies or may identify you and which may include, for example, your name, address, identification number, telephone number, date of birth, occupation and family status,
- When we refer to “processing” we mean the handling of your personal data by us, including collecting, protecting and storing your personal data, and
- When we refer to our “Website” or our “Platform” we mean www.geniusdigitalagency.com.
Our Data Protection Principles
We adhere to the principles relating to processing of personal data set out in the GDPR which require personal data to be:
- Processed lawfully, fairly and in a transparent manner (Lawfulness, Fairness and Transparency).
- Collected only for specified, explicit and legitimate purposes (Purpose Limitation).
- Adequate, relevant and limited to what is necessary in relation to the purposes for which it is Processed (Data Minimisation).
- Accurate and where necessary kept up to date (Accuracy).
- Not kept in a form which permits identification of data subjects for longer than is necessary for the purposes for which the data is Processed (Storage Limitation).
- Processed in a manner that ensures its security using appropriate technical and organizational measures to protect against unauthorized or unlawful processing and against accidental loss, destruction or damage (Security, Integrity and Confidentiality).
- Not transferred to another country without appropriate safeguards being in place (Transfer Limitation).
- Made available to data subjects and data subjects allowed to exercise certain rights in relation to their Personal Data (Data Subject’s Rights and Requests).
- We are responsible for and must be able to demonstrate compliance with the data protection principles listed above (Accountability).
- Data Controller
1.4 Our Website incorporates privacy controls you can use to specify whether you would like to receive marketing, limit the publication or any other use of your information. You can access such privacy controls via firstname.lastname@example.org
- How we collect your personal data
2.1 We obtain your personal data mainly through any information you provide directly to us or through information provided by third parties. Below is a list of ways in which we collect your personal data.
Personal data collected directly from you, including:
- When you complete our registration forms, which are available on our Website and Landing Pages,
- When you enter and use our Website, and/or performing data obligations, and
- When you contact us for any enquiries, complaints or for any other reason.
Personal data collected from other sources, including:
Via third parties including our business partners, contractors and/or vendors in a manner that is permitted, through tags in websites you use and/or manage or control.
- Personal Data We Use, Purposes and Legal Grounds
We may collect the following personal data from you depending on the service we provide to you. We will only process your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
|Type of information||Purpose||Legal basis of processing|
|Data about your use of our Website.
IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views, website navigation paths, timing, frequency, pattern of your service use.
|To analyse the operation of our Website and services.
|Legitimate interests in monitoring and improving our Website and services.
Your name, address, telephone number, email address, gender, date of birth.
|Operating our Website, providing our services, communicating with you. Fulfilment of KYC/AML procedures.
|Legitimate interests in the proper administration of our Website.
Performing the contract we have with you.
Information that you post for publication on our Website or through our services.
|The publication data may be processed for the purposes of enabling such publication and administering our Website and services.||Legitimate interests for the proper administration of our Website and business.
Performing the contract we have with you.
|The inquiry data may be processed for the purposes of fulfilment of our KYC and AML obligations. The proper performance of our payment obligations to you.||Performing the contract we have with you.
The transaction data your contact details, your card details and the transaction details.
|The transaction data may be processed for the purpose of payments and keeping proper records of those transactions.
|Performing the contract we have with you.
|The notification data may be processed for the purposes of sending you the relevant notifications and/or newsletters.||Consent. Performing the contract we have with you.
The communication content and metadata associated with the communication.
|The proper performance of our contractual obligation before you.
|Consent. Performing the contract we have with you.
|Any of your personal data identified in this policy.
|Exercise or defense of legal claims, whether in court proceedings or in an administrative or out-of-court procedure, the protection and assertion of our legal rights, your legal rights and the legal rights of others.
|Our legitimate interests.
|Any of your personal data identified in this policy
|The obtaining or maintaining insurance coverage, managing risks, or obtaining professional advice.||Our legitimate interests.
- Information We May Provide to Third Parties
4.2 To our insurers and/or professional advisers insofar as reasonably necessary for the purposes of managing risks, obtaining professional advice, or the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.
4.3 Payment services providers we have chosen to support us with financial transactions relating to our Website. We will share transaction data with our payment services providers only to the extent necessary for the purposes of processing your payments, refunding such payments and dealing with complaints and queries relating to such payments and refunds.
4.4 Governmental and regulatory bodies, including law enforcement authorities, in connection with enquiries, proceedings or investigations by such parties or in order to enable Propeller to comply with its legal and regulatory requirements.
4.5 Partners, contractors and/or vendors in order to perform contract we have with you.
- Your data protection rights
You have the following rights in terms of the personal data we hold about you:
|The right to access.
|This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it. You can obtain a copy of your data from us free of charge. If you are interested in other copies, we reserve the right to charge for the additional copies.|
|The right to correction (rectification).
|You can request that we correct your data. We will initiate appropriate measures to keep the data of yours that we continuously process correct, complete, and up to date, based the latest information available to us.|
|The right to erase
(The right to be forgotten).
|You can request that we delete your data provided the legal requirements have been met. In accordance with Article 17 the GDPR, this can be the case if:
· the data are no longer required for the purposes they were acquired or otherwise processed;
· you revoke your consent, which is the basis of the data processing, and there is no other legal basis for the processing;
· you object to the processing of your data and there are no legitimate reasons for the processing or you object to data processing for the purposes of direct advertising;
· the data have been processed illegally.
Where the processing is not necessary:
· To ensure adherence to a legal obligation that requires us to process your data
· In particular with regard to legal retention periods
· To assert, exercise or defend against legal claims
|The right to restrict processing.
|You can request that we restrict the processing of your data if
· You dispute the correctness of the data – for the period of time we need to check the correctness of the data;
· The processing is illegal but you do not wish to have your data deleted and request a restriction of use instead;
· We no longer need your data, but you need them to assert, exercise or defend against legal claims;
· You have filed an objection to the processing, though it has not yet been decided whether our legitimate grounds outweigh yours.
|The right to data portability.
|At your request, we will transfer your data– where technically possible – to another responsible entity.
However, this right only applies if the data processing is based on your consent or is required to fulfill a contract. Instead of receiving a copy of your data, you can ask us to send the data directly to another responsible entity that you specify.
|The right to object.
|You can object to the processing of your data at any time for reasons that arise from your special situation provided the data processing is based on your consent or our legitimate interest or that of a third party. In this case, we will no longer process your data. The latter does not apply if we are able to prove there are compelling, defensible reasons for the processing that outweigh your interests or we require your data to assert, exercise or defend against legal claims.|
|The right to withdraw consent.||Withdraw the consent you gave us with regard to the processing of your personal data for certain purposes, such as to allow us to promote our products and services to you.|
|The right to complain.
|Genius Digital Agency (GDA Media Ltd) takes your rights very seriously. However, if you are of the opinion that we have not dealt with your complaints adequately, you have the right to submit a complaint to the data privacy protection authorities responsible.|
We endeavour to address all of your requests promptly.
- International Transfers of Your Personal Data
6.1 We do not envisage that any of your personal data will be transferred to countries outside the European Economic Area (EEA) as our offices, facilities, subcontractors and other third parties with which we work are all located within the EEA.
6.2 In the event that this changes in the future and one or more recipients of your personal data are located outside the EEA, where data protection laws may be of a lower standard than in the EEA, we will impose the same data protection safeguards that we deploy inside the EEA to ensure that your personal data are always protected.
- Retaining and Deleting Personal Data
7.1 We will keep your personal data for as long as is necessary for the purpose for which we initially collected them. Once such period has ended, we will keep your personal data for the longest of the following periods: a) any retention period set out in our retention policy which is in line with regulatory requirements relating to retention; or (b) the end of the period in which legal action or investigations might arise in respect of the services provided.
7.2 Once the retention period of your personal data lapses, we will ensure that your personal data are either irreversibly anonymized or securely destroyed.
- Confidentiality and Security
8.1 We deploy various security measures such as encryption and authentication tools in line with the current state of the art to protect and maintain the security, integrity and availability of your personal data.
8.2 100% protection against unauthorized access in the case of data transfers across the internet or a website cannot be guaranteed, but we and our service providers and business partners do our utmost to protect your personal data in line with the prevailing data protection legislation by means of physical and electronic physical precautions. Among other things, we use the following measures:
- Strict criteria for authorization to access your personal data on a “need-to-know” basis only and exclusively for the specified purpose;
- Transfer of acquired data in secured form;
- Storage of confidential data in our secure servers;
- Firewall safeguarding of IT systems to provide protection against unauthorized access, and
- Continuous monitoring of access to IT systems to detect and prevent the misuse of personal data.
8.3 If you have received a password from us in order to be able to access certain parts of our Website, you are responsible for keeping this password confidential and for compliance with all other security procedures which we make you aware from time to time. We ask you not to share your password with anyone.
10.3 We may notify you of changes to this policy by email or through the private messaging system on our Website.