NEWOLDSTAMP process Customer Data only for the purpose to deliver NEWOLDSTAMP Services to Customers.
NEWOLDSTAMP normally collects or uses information from you or others only where we have your consent to do so, where we need the information to perform a contract with you, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may have a legal obligation to collect or retain personal information or may need the personal information to protect your vital interests or those of another person.
The terms “Personal Data,” “Process/Processing,” “Controller,” “Processor,” “Subprocessor,” and “Data Subject” will have the meanings ascribed to them in the EU Data Protection Directive.
We collect information about how you use our Services and the computers or other devices, such as mobile phones or tablets, you use to access our Services, i.e information we collect from you:
You provide us with information about yourself when you:
When our Customers use our Services, we process and store certain information on their behalf as a data processor. For example, in NEWOLDSTAMP Services when a Customer (or the customer’s Authorized Users) upload contacts or other information for review, we act primarily as a data processor and process information on the Customer's behalf and in accordance with their instructions. In those instances, the Customer as the data controller is responsible for most aspects of the processing of the information. If you have any questions or concerns about how information is processed in these cases, including how to exercise your rights as a data subject, we recommend contacting the relevant Customer. Customer, as the data controller confirms that:
a) these Terms along with your use and configuration of NEWOLDSTAMP Services are your complete and final instructions to us for the processing of Customer Data. We will immediately inform you, if in our opinion your instructions may infringe the GDPR or other data protection laws;
b) Customer Data was and will be obtained in accordance with applicable laws, including the GDPR and that all required consents (if necessary) from people whose personal data are processed using NEWOLDSTAMP Services were collected and all information duties fulfilled.
We, as a data processor, undertake:
a) to only process Customer Data and relay Customer Emails through NEWOLDSTAMP Services to make it possible for you to make use of NEWOLDSTAMP Services, solely on the basis and under the conditions specified in these Terms and applicable provisions of law;
b) not to record, register, store, back up, or physically access the content of Customer emails.
SCOPE OF PERSONAL DATA AND CATEGORIES OF DATA SUBJECTS. “Customer Data” encompasses the following categories of personal data: names, email addresses, company contact details and job titles, social networks profiles links, and other personal profiles links of people who have accounts in NEWOLDSTAMP Services. These people are those who will be concerned by this Terms.
NEWOLDSTAMP Services are not designed for and are not marketed to people under the age of 18 (“minors”). We do not knowingly collect or ask for information from minors. We do not knowingly allow minors to use our Services. If you are a minor, please do not use our Services or send us your information. We delete information that we learn is collected from a minor without verified parental consent. Please contact us using the email address at firstname.lastname@example.org if you believe we might have information from or about a minor.
If you have questions about or need further information concerning the lawful basis on which we collect and use your personal information, please contact us at email@example.com.
We share information as follows:
Your information may also be shared as described below:
SUBPROCESSING. We use third party’s (vendors) to provide services in connection with NEWOLDSTAMP Services to you. This means that Customer Data will be processed by datacenters providers, appointed on our sole discretion.
COPIES AND DISCLOSURE OF DATA. We will not create copies or duplicates of any data without your knowledge, except for backup copies concerning the following types of data:
These backup copies are necessary to ensure smooth functioning of services associated with NEWOLDSTAMP Services. All backup copies are automatically created. We will not use these backup copies outside of our environment or for any other purposes than those specified above.
We will not disclose Customer Data to law enforcement unless required by law. If law enforcement contacts us with a request for Customer Data, we will attempt to redirect the law enforcement agency directly to you. If compelled to disclose Customer Data to law enforcement, we will promptly notify you and provide a copy of the demand unless we are legally prohibited from doing so.
We will always refuse all requests to disclose Customer Emails to law enforcement as we do not record, register, store, back up, or physically access the content of Customer Emails.
Assistance in fulfillment of the rights of data subjects. We will help you fulfill your duty to respond to the requests of data subjects, particularly in relation to:
provided that you inform us immediately of any requests from data subjects that require our assistance. In any event, you should inform us of any requests that you received no later than 3 (three) business days from its receipt. Contact us at firstname.lastname@example.org. We have the right to refuse your request if it is forwarded to us later than 3 (three) business days from its receipt by you and if the request is difficult or impossible to fulfill. A request may be difficult or impossible to fulfill especially when it is too complex, evidently unjustified, excessive or impossible to fulfill because of technical limitations.
We will confirm the receipt of your request within 3 (three) business days from its receipt. Within the next 4 (four) business days we will let you know if we are able to assist you and we will inform you of the expected deadline to fulfill your request. In any event, the deadline may not be shorter than 2 (two) weeks. If we receive a request from your data subject to exercise one or more of its rights under the GDPR, we will redirect the data subject to make its request directly to you.
SECURITY. Considering the risk of violation of the rights and freedoms of individuals and the state of technical knowledge, implementation costs, scope, nature, context and purposes of processing personal data, we declare that in accordance with art. 32 of the GDPR, we have implemented appropriate technical and organizational measures to secure the processing of Customer Data.
We undertake to protect Customer Data from unauthorized access, unauthorized removal, damage or destruction and we will take all necessary steps to keep personal data confidential and to protect it in accordance with the provisions of the GDPR.
We declare that all our employees and independent contractors who are authorized to process personal data, are bound to confidentiality and undergo regular trainings regarding data protection provisions relevant to their work.
We regularly monitor all internal processes and the technical and organizational measures to ensure that processing is in accordance with the requirements of applicable data protection laws and the protection of the rights of the data subject.
We are entitled to implement alternative, suitable measures, especially due to technical advances and developments. Such measures must not fall below the security level of those described above.
SPECIFIC DATA PROCESSING TERMS. If you are a California resident, you may ask for a list of third parties that have received your information for direct marketing purposes during the previous calendar year. This list also contains the types of information shared. We provide this list at no cost. We do not share your information with third parties for their own marketing purposes.
If you are in Switzerland or the European Economic Area (EEA), you may have additional rights under data protection law.
Transfers to the U.S. and third countries. If you are established in Switzerland or the European Economic Area ("EEA"), you understand and acknowledge that NEWOLDSTAMP may transfer your personal data outside of Switzerland and the EEA for processing.
A customer is entitled to act to change or limit the collection or use of its information, as follows:
DATA BREACHES. We will notify you without undue delay after becoming aware of a personal data breach. Such notice will, at a minimum:
a) describe the nature of the personal data breach including where possible, the categories and approximate number of data subjects concerned, and the categories and approximate number of personal records concerned;
b) communicate the name and contact where more information can be obtained;
c) describe the likely consequences of the personal data breach; and
d) describe the measures taken or proposed to be taken by you to address the personal data breach, including, where appropriate, measures to mitigate its possible adverse effects.
PERIOD OF PROCESSING AND RETURN OF DATA. You acknowledge and understand that we will start the processing of Customer Data after you are associated with NEWOLDSTAMP Services.
We will process personal data that you entrust to us for the duration of your Subscription Plan (including Free Plan and Special Offer).
If your Plan is terminated or expires, we will erase Customer Data from NEWOLDSTAMP Services within 90 days after you cancel your subscription with us, unless the law requires that this data is processed for a longer period.
After termination or expiration of your license we will not perform any operations on Customer Data, except for storing it within NEWOLDSTAMP Services, unless we are required to do otherwise by law.
You should inform us without undue delay of any control or audit performed by competent supervisory authorities if it relates to Customer Data.
We will inform you immediately of any inspections and measures conducted by the supervisory authorities if they relate to NEWOLDSTAMP Services or Customer Data.