1. GENERAL INFORMATION
1.2 Owner of Adoric. Adoric are owned and operated by Adoric Technologies LTD having a registered business address at 26 Elifelet Street, Tel-Aviv, Israel, and the company registration number 515460376 (“we”, “us”, or “our”).
1.3 Our role as a data controller and data processor. We act in the capacity of a data controller and a data processor with regard to the personal data processed through Adoric in terms of the applicable data protection laws, including the EU General Data Protection Regulation (GDPR). Our role depends on the specific situation in which personal data is handled by us, as explained in detail below:
- Data controller. We are responsible for the collection of your personal data through Adoric and their further use. We make decisions about the types of personal data that should be collected from you and purposes for which such personal data should be used. Therefore, we act as a data controller with regard to the personal data collected directly through Adoric (e.g., when you contact us or order our services). We comply with the data controller’s obligations set forth in the applicable laws.
- Data processor. We act in the capacity of a data processor in situations when our clients collect certain personal data from individuals and submit that personal data for processing to Adoric (the “Service Data”). The Service Data may include information about individual’s purchases, online behaviour, and usage statistics. We do not own, control, or make decisions about the Service Data. We process the Service Data only in accordance with the instructions issued by a respective data controller (our client). To ensure that the Service Data is processed in accordance with the strictest data protection standards, we have drafted and offer for conclusion a data processing agreement (the “DPA”) that you can receive by contacting us.
1.5 Minors. Adoric is not intended for use by children (i.e., persons who are minors in their country of residence). Therefore, we do not knowingly collect minors’ personal data. If you, as a parent or a legal guardian of a child, become aware that the child has submitted his/her personal data to us, please contact us immediately. We will delete your child’s personal data from our systems without undue delay.
2. WHAT PERSONAL DATA DO WE COLLECT AND FOR WHAT PURPOSES DO WE USE IT?
2.1 Sources of personal data. We obtain your personal data from the following categories of sources:
- Directly from you. For example, if you submit certain personal data directly to us when contacting us;
- Directly or indirectly through your activity on Adoric. When you use Adoric, we automatically collect technical information about your use of Adoric; and
- From third parties. We may receive information about you from third parties to whom you have previously provided your personal data, if those third parties have a legal basis for disclosing your personal data to us.
- Sign up. When you sign up on our website, we collect your full name, email address, and password. We use such information to register you, contact you (if necessary) and maintain our business records. The legal bases on which we rely are ‘performing a contract’ and ‘pursuing our legitimate business interests’ (to administer Adoric). We store such data until you delete your user account.
- Demo request. When you request a demo, we collect your full name, website, email address, phone number, and company size. We use such information to provide you with the requested demo. The legal bases on which we rely are ‘performing a contract’ and ‘pursuing our legitimate business interests’ (to promote Adoric). We store such data until the demo is delivered.
- Inquiries. When you contact us by email or through the contact form available on our website, we collect your full name, email address, and any information that you decide to include in your message. We use such data to respond to your inquiries. The legal bases on which we rely are ‘pursuing our legitimate business interests’ (grow and promote Adoric) and ‘your consent’ (for optional personal data). We store such data until you stop communicating with us.
- Payment processing. When you make a payment, we collect your full name, email address, address, phone number, and payment information (name on your card, card number, and expiration date). We use such data to process your payment, provide you with the requested services, contact you (if necessary), and keep our business records. The legal bases on which we rely are ‘performing a contract with you’ and ‘pursuing our legitimate business interests’ (i.e., to administer our business and comply with the applicable laws). We retain such data for as long as necessary for accounting purposes.
2.3 Sensitive data. We do not collect or have access to any special categories of personal data from you, unless you decide, at your own discretion, to provide such data to us. Sensitive data is information that relates to your health, genetics, biometrics, religious and political beliefs, racial origins, membership of a professional or trade association, sex life, or sexual orientation. If you decide, at your sole discretion, to include the said sensitive data into the Service Data, we will process such data for the purpose of fulfilling our contractual obligations.
2.4 Processing of the Service Data. When you submit, upload or create the Service Data through Adoric, we process the Service Data as requested by you in order to (i) provide you with the requested services and (ii) perform our contractual obligations. The legal basis on which we rely is ‘performing a contract with you’. The duration of processing is the term of your service contract with us.
2.5 Refusal to provide personal data. If you refuse to provide us with your personal data when we ask to, we may not be able to perform the requested operation and you may not be able to use the full functionality of Adoric or get our response. Please contact us immediately if you think that any personal data that we collect is excessive or not necessary for the intended purpose.
3. HOW DO WE COMMUNICATE WITH YOU?
3.1 Commercial communication. If we have your email address, we may, from time to time, send you information about Adorics. You will receive our newsletters in the following instances:
- If we receive your express (“opt-in”) consent to receive marketing messages; or
- If you ask us to send you information about Adoric; or
- If we decide to send you information closely related to services already used by you.
3.2 Opting-out. You can opt-out from receiving our commercial communication at any time free of charge by clicking on the “unsubscribe” link included in our emails or by contacting us directly.
3.3 Service-related notices. We send you important transactional emails, such as confirmation receipts, invoices, technical notices, and other administrative updates. Please note that such messages are sent on an “if-needed” basis and they do not fall within the scope of commercial communication that may require your prior consent. You cannot opt-out from service-related notices.
4. HOW LONG DO WE KEEP YOUR PERSONAL DATA?
4.2 Retention as required by law. In certain cases, we are required by law to store your personal data for a certain period of time (for example, for accounting or business records purposes). Thus, we may keep your personal data for the time period stipulated by the applicable law and securely delete it as soon as the required storage period expires.
5. HOW DO WE SHARE AND DISCLOSE YOUR DATA?
5.1 Disclosure to data processors. From time to time, your personal data is disclosed to our service providers with whom we cooperate (our data processors). For example, we share your personal and non-personal data with entities that provide certain technical support services to us, such as hosting and email distribution services. We do not sell your personal data to third parties. The disclosure is limited to the situations when your personal data is required for the following purposes:
- Ensuring the proper operation of Adoric;
- Ensuring the delivery of the services ordered by you;
- Providing you with the requested information;
- Enforcing our rights, preventing fraud, and security purposes; or
- If you provide your prior consent to such a disclosure.
- Our hosting service provider Google Cloud located in the United States;
- Our database service provider MongoDB located in the United States;
- Our marketing, sales, customer service provider Hubspot located in the United States;
- Our payment service provider BlueSnap located in the United States;
- Our analytics service provider Google Analytics located in the United States; and
- Our independent contractors and consultants.
5.3 Legal requests. If we are contacted by a public authority, we may need to disclose information about you to the extent necessary for pursuing a public interest objective, such as national security or law enforcement.
5.5 Selling personal data. We do not directly sell your personal data to third parties.
5.6 International transfers. Some of our data processors listed above are located outside the country in which you reside. For example, if you reside in the European Economic Area (EEA) or the UK, we may need to transfer your personal data to jurisdictions outside the EEA. In case it is necessary to make such a transfer, we will make sure that the jurisdiction in which the recipient third party is located guarantees an adequate level of protection for your personal data or we conclude a data processing agreement with the respective third party that ensures such protection. We will not transfer your personal data internationally if no appropriate level of protection can be granted.
6. HOW DO WE PROTECT YOUR PERSONAL DATA?
6.1 Our security measures. We implement organisational and technical information security measures to protect your personal data from loss, misuse, unauthorised access, and disclosure. The security measures taken by us include:
- Anti-virus scanning;
- Internal vulnerability scanning;
- Access control;
- Secured networks; and
- Carefully selected data processors.
6.2 Security breaches. Although we put our best efforts to protect your personal data, given the nature of communications and information processing technology and the Internet, we cannot be liable for any unlawful destruction, loss, use, copying, modification, leakage, and falsification of your personal data that was caused by circumstances that are beyond our reasonable control. In case a serious breach occurs, we will take reasonable measures to mitigate the breach, as required by the applicable law. Our liability for any security breach will be limited to the highest extent permitted by the applicable law.
7. WHAT RIGHTS DO YOU HAVE WITH REGARD TO YOUR PERSONAL DATA?
7.1 The list of your rights. You have the right to control how your personal data is processed by us by exercising the rights listed below (unless, in very limited cases, the applicable law provides otherwise):
- Right of access: you can get a copy of your personal data that we store in our systems and a list of purposes for which your personal data is processed;
- Right to rectification: you can rectify inaccurate personal data that we hold about you;
- Right to erasure (‘right to be forgotten’): you can ask us to erase your personal data from our systems;
- Right to restriction: you can ask us to restrict the processing of your personal data;
- Right to data portability: you can ask us to provide you with a copy of your personal data in a structured, commonly used and machine-readable format and move that personal data to another processor;
- Right to object: you can ask us to stop processing your personal data;
- Right to withdraw consent: you have the right to withdraw your consent, if you have provided one; or
- Right to complaint: you can submit your complaint regarding our processing of your personal data.
7.3 Requests regarding the Service Data. If we receive a request from a data subject asking to exercise data subject’s rights with regard to the Service Data, we will forward such a request to the respective data controller (our client).
7.4 Complaints. If you would like to launch a complaint about the way in which we process your personal data, we kindly ask you to contact us first and express your concerns. If we receive your complaint, we will investigate it and provide you with our response as soon as possible. If you are not satisfied with the outcome of your complaint, you have the right to lodge a complaint with your local data protection authority.
7.5 Non-discrimination. We do not discriminate against you if you decide to exercise your rights. It means that we do not (i) deny any goods and services, (ii) charge you different prices, (iii) deny any discounts or benefits, (iv) impose penalties, or (v) provide you with lower quality services.
8. NON-PERSONAL DATA
8.1 What non-personal data do we collect? In order to analyse Adoric, we automatically collect certain technical non-personal data about your use of Adoric. Such non-personal data does not allow us to identify you. The non-personal data includes the following information:
- The device type that you use;
- Your operating system; and
- The webpages that you visit.
8.2 Your feedback. If you contact us, we may keep records of any questions, complaints, recommendations, or compliments made by you and the response, if any. Where possible, we will de-identify your personal data (i.e., we will remove all personal data that is not necessary for keeping such records).
8.3 How do we use non-personal data? We will use non-personal data for the following purposes:
- To analyse what kind of users visit and use Adoric;
- To examine the relevance, popularity, and engagement rate of the content available on Adoric;
- To investigate and help prevent security issues and abuse; and
- To develop and provide additional features to Adoric.
8.4 Aggregated and de-identified data. In case your non-personal data is combined with certain elements of your personal data in a way that allows us to identify you, we will handle such aggregated data as personal data. If your personal data is aggregated or de-identified in a way that it can no longer be associated with an identified or identifiable natural person, it will not be considered personal data and we may use it for any business purpose.
8.5 Disclosure of technical (non-personal) data. Your non-personal data may be disclosed to third parties for any purpose. For example, we may share it with prospects or partners for business or research purposes, for improving Adoric, responding to lawful requests from public authorities or developing new products and services.
9. SHOPIFY APP DATA
Merchants data Adoric process:
- Store currency
- Store Domain
Shoppers data Adoric process:
- Visitors types (New / Returned user)
- Traffic sources
- Operating systems
- Geo locations (Country and city)
- Current site location
- Orders data
10.1 About cookies. When you browse our website, we may collect your cookie-related data. A cookie is a small piece of data typically consisting of letters and numbers. When you visit a website, the website may send a cookie to your browser. Subsequently, the browser may store the cookie on your computer or mobile device for certain period of time. Cookies are designed to allow the recognition of your device and collection of certain information about your use of a website. Thus, over time, cookies allow websites to “remember” your actions and preferences. There are several types of cookies, namely, (i) persistent cookies, which remain valid until deleted by you, (ii) cookies that remain valid until their expiration date, and (iii) session cookies that are stored on a web browser and remain valid until the moment the browser is closed. Cookies may also be (i) first-party cookies (set by the website itself) and (ii) third-party cookies (placed by third-party websites).
10.2 The types of cookies that we use. We may different types of cookies on our website, including:
- Essential (functional) cookies that are essential to ensure the correct functioning of our website and to provide the services requested by you;
- Marketing cookies that allow us to create, implement, and examine our marketing campaigns. Such cookies allow us to reach the right customers, analyse the productivity of our marketing campaigns, and offer you personalised advertisement; and
- Statistics cookies that allow us to generate statistical reports about how you use our website.
10.3 Our cookie list. Below, you can find a list of cookies that we use on our website, including their purpose and expiration time:
|Essential (functional) cookies
|End of session
|This cookie is set by Hubspot. According to their documentation, whenever HubSpot changes the session cookie, this cookie is also set to determine if the visitor has restarted their browser. If this cookie does not exist when HubSpot manages cookies, it is considered a new session.
|End of session
|This cookie is set by Visual Website Optimiser and is a session cookie generated to detect if the cookies are enabled on the browser of the user or not.
|This cookie is set by HubSpot. The purpose of the cookie is to keep track of sessions. This is used to determine if HubSpot should increment the session number and timestamps in the __hstc cookie. It contains the domain, viewCount (increments each pageView in a session), and session start timestamp.
|This cookie is set by linkedIn. The purpose of the cookie is to enable LinkedIn functionalities on the page.
|This cookie is set by LinkedIn and used for routing.
|End of session
|The cookie is used to register a unique ID to keep statistics of what YouTube videos you have seen.
|The cookie is used to estimate your bandwidth on pages with integrated YouTube videos.
|The cookie is used to check if your browser supports cookies.
|The cookie is used by Google DoubleClick to register and report your actions after viewing or clicking one advertising with the purpose of measuring the efficacy of the advertising and deliver you targeted advertising.
|The cookie is set by Facebook to show relevant advertisments to the users and measure and improve the advertisements. The cookie also tracks the behavior of the user across the web on sites that have Facebook pixel or Facebook social plugin.
|This cookie is set by Facebook to deliver advertisement when they are on Facebook or a digital platform powered by Facebook advertising after visiting this website.
|This cookie is used by Google Analytics to understand user interaction with the website.
|This cookie is installed by Google Analytics.
|This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.
|This cookie is set by Visual Website Optimiser and is used to measure the performance of different versions of web pages.
|3 months 8 days
|This cookie is set by Visual Website Optimiser and is used to detect if the user is new or returning to a particular campaign.
|This cookie is set by Hotjar. This cookie is set when the customer first lands on a page with the Hotjar script. It is used to persist the random user ID, unique to that site on the browser. This ensures that behavior in subsequent visits to the same site will be attributed to the same user ID.
|This is set by Hotjar to identify a new user’s first session. It stores a true/false value, indicating whether this was the first time Hotjar saw this user. It is used by Recording filters to identify new user sessions.
|This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visted in an anonymous form.
|This cookie is set by Google and is used to distinguish users.
|1 year 24 days
|This cookie is set by Hubspot and is used for tracking visitors. It contains the domain, utk, initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session).
|1 year 24 days
|This cookie is used by HubSpot to keep track of the visitors to the website. This cookie is passed to Hubspot on form submission and used when deduplicating contacts.
|This cookie is installed by Google Analytics.
|These cookies are set via embedded youtube-videos. They register anonymous statistical data on for example how many times the video is displayed and what settings are used for playback.No sensitive data is collected unless you log in to your google account, in that case your choices are linked with your account, for example if you click “like” on a video.
10.4 Cookie consent. When you visit our website for the first time, we will ask you to provide us with your consent to our use of all cookies via a cookie consent banner. If you do not provide your consent, we will not serve you our non-essential cookies. Please note that we may not be able to provide you with the best possible user experience if not all cookies are enabled.
10.5 Disabling cookies. When we ask you to provide your consent to our use of non-essential cookies, you have the freedom not to provide such consent. If you would like to refuse our use of non-essential cookies later, you can do it at any time by declining cookies in your browser or device. For more information, you can consult the cookie management instructions of your browser:
- Apple Safari: https://support.apple.com/en-gb/guide/safari/manage-cookies-and-website-data-sfri11471/mac
- Google Chrome: https://support.google.com/chrome/answer/95647
- Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
- Opera: https://blogs.opera.com/news/2015/08/how-to-manage-cookies-in-opera
- Microsoft Edge: https://support.microsoft.com/en-us/help/4468242/microsoft-edge-browsing-data-and-privacy-microsoft-privacy
10.6 Google ReCAPCHA. We use reCAPCHA, the service provided by Google, to verify whether you are a human being and not a robot. It helps to protect our website against spam and abuse. The reCAPTCHA analysis takes place in the background. When you use reCAPCHA, Google will collect some personal and non-personal data from you, such as:
- All cookies set to your browser by Google in the last 6 months;
- Information about your mouse clicks;
- CSS information;
- Browser language;
- Any plug-in installed in the browser; and
Postal address: Adoric Technologies LTD having a registered business address at 26 Elifelet Street, Tel-Aviv, Israel