Medalli’ GDPR Policy
Updated December 21st, 2018

The use and collection of personal information

Medalli are able to collect personal data from you. Personal details are information relating to a specific person who is able to, based off the information provided, can indirectly or directly be identified. You might be asked to give your personal information at any time you are in contact with Medalli or a Medalli affiliated company. Affiliates of
Medalli are able to share this information with each other and use it consistently with the Privacy Policy. Medalli are also able to combine this information to provide and improve their products, content, services and advertising. It is not mandatory to provide the personal details that Medalli request. If you chose not to do so, in many cases, they will not be able to provide you the products or services, they will also not respond to any queries you have.

What personal information we collect

When you create an Medalli user account, purchase any item, downloading a software update or contact us, we collect a large amount of data. This includes your name, phone number, mailing address, email address and contact preferences. When the payment or payment information is required, we direct you to submit credit card information through a third-party company such as Stripe.

You, as the Medalli account holder, will acquire information regarding the customers and will upload that information to Medalli. Medalli will store any personal data regarding customers that have been uploaded onto Medalli production servers.

How we use your personal information

Personal information that is collected will allow us to keep you updated on Medallis software updates, announcements or any upcoming events. If you however do not want to be on our mailing list, you will be able to opt out at any time by clicking on the unsubscribe link on the last email you received from Medalli. You will have the option to unsubscribe from specific lists or from all Medalli related lists.

 

We use personal data to be able to create, develop, and improve our products. We also use the data to provide ant-fraud and loss prevention purposes.

We might use information like data of birth to be able to verify identity, assist with identification of account holders to be able to determine the best services. For instance, we might use the date of birth to determine the right age for Medalli account holders.

Every so often, we may use your personal data to send important notices about purchases and any changes to our terms of conditions or policies. This data is important to your involvement with Medalli. You are able to opt out of receiving these type of communications.

We might use personal data for any internal purposes such as analysing data, any audits and research to improve Medalli’s software, services and any customer communications.

Collecting and using non-personal information

We are able to take data in the form that does not identify specific people. We might collect, transfer, use or disclose any non-personal information for any purpose. Examples of any non-personal information that we collect and how we able to use it:

We might collect information such as the zip code, language, area code, business, referral URL and the time zone where the Medalli product is used. This will allow us to improve and better our products since we now have the data and understanding of our customers to be able to improve our advertising and services.

We might be able to collect information regarding the activities of our customers on any of our websites. The information is used to help us provide useful information for our customers and to be able to understand what parts of our products, website and services are the most interested. Aggregated information is non-personal data.

We might collect and store details of how customers use our services. The information could be used to improve the relevancy results for our services.

 

 

 

Other technologies and cookies

Medalli emails, websites and advertisements may use “cookies” and other devices such as re-marketing tags, tracking and the pixels based on context. For instance, a search query on a channel you were reading or interested in. These are able to help us understand user behaviour; explain which parts of our websites people have visited measure how effective our advertisement and web searches are. We treat the data by technologies and cookies as non-personal data. We create and target advertising based off how customers interact with Medalli. If you do not want to receive any advertisements that are targeted towards your interests from Medallis. You are able to choose to limit the advertisement tracking, which will then opt your Medallis ID out of receiving advertisements regardless of which device you are using. You might still advertisements based on the context like a search query or a channel you are currently reading. Medalli and our partners also use technologies and cookies to remember how to use our website or software. The goal is to make your experience with Medalli more convenient and to be able to the best customer service. To limit any advertisement tracking, you are able to opt out by clicking on this tool, which are not directly affiliated to Medalli. You are also able to user your browser settings to disable cookies and other tracking tools. Note that specific features of the Medallis website will not be available when the cookies are disabled.

We automatically gather some information and store it in our log files. The details include IP (Internet Protocol) addresses, type of browser and language, ISP (Internet Service Provider), exit websites, referring and applications, operating system, date/time stamp and click data streaming. We can use this information to administer the site, to learn about user behaviour. This will allow us to improve our services, and gather the demographic information about our user base as a whole. Medallis are able to use this information in our advertising and marketing services.

In many cases, we use the “click-through URL” that is linked to the content on Medalli website. When our customers click on of these URLs, they pass through a separate web server before it arrives at the destination that the page is on our website. Using click-through, we are able to track this data, which can help determine interest in any specific topics and we can then see the effectiveness of our marketing communications. We use it to also account for any affiliate activity and pay affiliate commission bonuses.

 

 

 

Disclosure to third parties

Every so often Medalli may take specific personal information available to strategic partners that work with Medalli to provide services and products that help Medalli market to customers. Personal data will only be shared by Medalli to improve or provide products, services and advertising; this will not be shared with third parties for their marketing purposes.

Affiliates: Medalli will provide customers email addresses to affiliates or users who refer us to them. This can also happen through someone who has created an Medalli account.

Service Providers: Medalli shares personal information with many companies who provide the services such as fulfilling customer orders, processing, delivering any service and assessing interest in any Medalli products. This can also fall into managing and enhancing customer data. Medalli also share your information with financial institutions who provide payment services. Medalli provides personal information with API integrators chosen by users. This can also be third party software services to assist you with any funnels that is directed to us. These companies will be obligated to protect your information and may be located wherever Medalli operates.

Legal: It could be necessary- by litigation, law, or a request from government authorities within or outside your country of residence- for Medalli to disclose your personal information. We are also able to disclose information about you if we determine that for purposes of any law enforcement, national security or other issues of public importance. We can also disclose information about you if we decide that disclosure is reasonably necessary to enforce our terms and conditions or protect our operations or users.

Corporate Change: In the event of any merge, reorganisation, or sale of Medalli we may also transfer any personal information we collect to the third party.

 

 

 

 

Protection of personal information

Medalli take security of your personal information extremely seriously when your personal data by Medalli. We use our systems with the limited access housed in facilities using physical security measures. When you use our Medalli services and products that by nature are public facing. This can be when you post onto Medalli forums. The personal information and content that is shared is visible to others and is collected or read by them. You are responsible for any personal information you choose to submit or share in these types of situations. For instance, if you decide to list your name and email address in a forum posting. Always be self-aware when you using these features.

Retention of personal information

Medalli will retain any personal information as long as you have an Medalli account. After your Medalli account is terminated, we will retain any of your personal data for as long as necessary to fulfil purposes outlined in this privacy policy unless the retention period is important and called for by the law.

Access to personal information

You are able to help ensure that your contact information and preferences are accurate, complete, and up to date by logging in to your account at https://medalli.com/user/. For other personal data we hold, we will provide the access upon request. We might decline to process request that we deem jeopardize the privacy of others, is extremely impractical, or for which access is not otherwise required by the local law. Any access corrections or deletion requests can be made by simply contacting us at info@medalli.com.

Education and children

It is important to understand the extra precautions to protect the privacy and safety of children using Medalli products and services. Children that are under the age of 18 are not permitted to create their own Medalli IDs; the parent must obtain the account and provide the parent’s information to Medalli. Any information that we realise is collected by a child is deleted as soon as possible.

 

 


Third party sites and services

Medalli websites, products, applications and services may have links to third-party products, websites and services. Our services and products may also use or offer products from third parties. The information taken by third parties is governed by their privacy practices. We strongly encourage that you learn about the privacy practices for third parties.

Your rights under the GDPR

If you happen to be resident, citizen, or a resident of a country in the European Union, the GDPR allows you the following rights:

Access to your personal data: You as the user have a right to receive a copy of your personal information that is subject to processing by Medalli. Usual requests will be granted without any charge to you within one month of when you make the request. In case of unreasonable, unnecessary or repeated requests, Medalli may charge a fee and it could require additional time to grant the request. Medalli might use reasonable means to identify who you are before granting any request for data to prevent granting any fraudulent requests. To a request a copy of your personal information, contact us my email at info@medalli.com.

Having your data corrected: If your data happens to be outdated or insignificant, you will be able to have it corrected as it is in your rights. To be able to do so, please contact us at Medalli via email at infoinfo@medalli.com, or log in to your account at https://medalli.com/user/.

To be forgotten: As a user, as a customer you have every right to be forgotten by Medalli. You can exercise this right by emailing us at info@medalli.com. We will be able to comply with your request within a month by completely deleting your account along with any personal data that is subject to Medalli. After we granted your request, you will no longer have access to Medalli products or services unless you open a new Medalli account. We may use reasonable means to confirm your identity.

 

 


Restricting the process of your data: You can request your data to not be processed by Medalli partners. You are able to make a request by emailing us at info@medalli.com and if you want, you can even specify which third parties to restrict from processing your data. We can respond to your request at no charge within 30 days from when you make the request. Be advised that some of our partners like Stripe are essential to Medalli; if this is blocked then the Medalli services will unavailable to you.

Portability: All users have the right to receive a copy of their personal data that is subject to processing by Medalli in a portable format. This can be directly transferred from Medalli to another party. Regular requests will be granted without charge to customers within a month of when the request is made. Medalli are able to use reasonable means to confirm user’s identity for granting any request to transfer data to the user or another party to prevent fraudulent requests. To request for a copy of your personal data, just email us at info@medalli.com.


Your responsibility under GDPR

If you are an Medalli user, then you are most likely a business owner, using the Medalli software to sell your service to customers. With the respect to customer data, you provide Medalli, Medalli processes data and will comply with obligations under the GDPR; but with respect to your customers. You are likely to be a data controller and if any of your customers is a resident or citizen of a country in the European union, then you must make sure that you abide with your obligations as a data controller under the GDPR policy; in particular, you must ensure that you afford your customers the rights in the section (a) which is above. Medalli sells software; it does not provide the legal services or legal advice, it does not sell a “done for you” GDPR compliance package either. Please speak to a legal counsel of your own choosing on what you need to do in order to comply with the GDPR policy.

Our company wide commitment to your privacy

To ensure your personal information is secure and private, we communicate our privacy and security guidelines to Medalli employees. We also enforce privacy safeguards within the company.

 

 


Privacy questions

If you have any concerns or questions about Medallis’ privacy policy or data processing or if by any chance you would like to make a complaint about a possible breach of local privacy laws, please email us at info@medalli.com. When a question about privacy or an access or download request is received, we have a team of dedicated to making sure they address the specific concern, which you are seeking to raise. In responding to your request, we may need to request more data from you. If you are by chance unsatisfied with the response given, you are able to refer your complaint to a relevant regulator in your jurisdiction. If you tell us, we will then provide you with information about the relevant complaint avenues, which may be applicable to your current circumstances. If you live in the United Kingdom, European Economic area or Switzerland, and you wish to contact us regarding questions just email us at info@medalli.com.

Updates to the policy

Medalli are able to update their privacy policy and this GDPR policy every so often, as posted on our website.