Data Protection Policy

Data Protection Policy

This policy relates to personal data of individuals who have a connection to the European Union, which policy provides appropriate provisions relating to compliance by IMS with the General Data Protection Regulation of the European Union, if applicable.

 

 

  • POLICY INFORMATION
  • Organization
  • IMS Internet Media Services, Inc. (‘IMS’), a corporation under the laws of the State of Florida, United States of America, with its main establishment and registered office at 1441 Brickell Avenue, Suite 1530, Miami, Florida 33131, USA, is responsible as the data controller or processor of your personal data depending on the circumstances relating to the collection of your personal data.
  • In addition, this Data Protection Policy (‘policy’) applies to ‘IMS’ meaning the group of undertakings (being a group of companies) comprised of IMS as the controlling undertaking (being the parent company) and its controlled undertakings (being its subsidiaries and affiliated companies) presently existing or hereafter incorporated. The reference to the word “undertaking” is language from the General Data Protection Regulation of the European Union meaning “company” for our purposes. The reference to IMS, also referred to as ‘we’ or ‘us’, may mean reference to IMS as the data controller of your personal data.
  • IMS cooperates with service providers, such as advertisers, publishers and other partners, accounting and IT services providers, where certain personal data within this business cooperation could be collected, transferred and processed by such service providers.
  • This policy if applicable applies to information we collect when you access or use IMS’ website, or otherwise interact with us as described below. We are compliant with applicable laws in the countries in which we operate. By using our services or interacting with us as described below, you confirm that you are aware of this policy.
  • We may amend this policy from time to time. If we make changes, we will notify you by revising the date at the bottom of this policy, and in some circumstances, we may provide you with additional notice, including, for example, by adding a statement to the IMS’ website or by sending you an email notification. We strongly encourage you to review the policy whenever you access or use our services to stay informed about our information practices and your privacy rights and choices.
  • INTRODUCTION
  • Definitions
  • ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
  • ‘processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
  • ‘controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by the European Union (“EU”) or a Member State law of the EU, the controller or the specific criteria for its nomination may be provided for by the EU or a Member State law;
  • ‘processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
  • ‘third party’ means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data;
  • ‘consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;
  • ‘data concerning health’ means personal data related to the physical or mental health of a natural person, including the provision of health care services, which reveal information about his or her health status;
  • ‘enterprise’ means a natural or legal person engaged in an economic activity, irrespective of its legal form, including partnerships or associations regularly engaged in an economic activity;
  • ‘group of undertakings’ means a controlling undertaking (being the parent company) and its controlled undertakings (being its subsidiaries);
  • ‘General Data Protection Regulation’ means the Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of their personal data and on the free movement of such data, and repealing Directive 95/46/EC.
  • Purpose of policy
  • The purpose of this policy is to give you information about what personal data we collect and why we do it, how we collect, use and disclose that personal data, the legal grounds for processing, and your rights in respect to your personal information.
  • IMS has adopted this policy in order to ensure the protection of your rights in relation to the processing of your personal data as your fundamental right, to further design the processing of personal data to serve both you, IMS’ clients, workers and employees and other individuals, as well as to protect IMS.
  • IMS notably strives to further design this policy in order to be approved as binding corporate rules in accordance with Article 47 of the General Data Protection Regulation.
  • Business activities
  • IMS provides advertising technology services to its clients. Clients use IMS services to provide advertising to end users and we, in return, provide the services to help our clients to provide advertisements to end users. Thus, within its business activities, IMS processes only a very limited scope of end user personal data, wherein the majority of the information we receive when providing services to our clients is considered to be data of enterprises, notably Business Management Data.
  • Types of data
  • IMS may process the following categories of personal data depending on the services:

 

  1. Contact Data: personal name, address of permanent or temporary residence, telephone number, e-mail address and fax number, in order to respond to you when you contact us;
  2. End User Data: internet protocol numbers automatically provided to us when the end user posts information through social media sites, plug-ins or other applications depending upon your privacy settings, geolocation information (generally an end user’s latitude and longitude data) for determining geotargeting, cookies on geolocation and frequency for providing advertisements, all in order for us to perform business;
  3. Business Management Data: personal name, address of permanent or temporary residence, telephone and fax number, e-mail address of employees and workers or former employees and workers of contractual partners (enterprises), type of user, profile picture (optional), the company name, address, telephone and fax number, e-mail address, payment details such as bank account number and type, registration and tax number, information on the profit, submitted using special payment application filled out by the user, all in order to provide services and further our business interests;
  4. Human Resources Data: personal data of our employees and workers, maintained in the records of employees regarding information about the employee, information about employee’s work permit, information about the employment contract and other relevant employee information, in the records of labor costs regarding information about the employees, data on salaries and compensations charged to the employer and data on other labor costs and information on statutory social security contributions for an individual worker, in the records of the use of working time, in the records of medical examinations in relation to preventive medical examination and targeted periodic and other targeted preventive health checks of individual groups of employees, in the records of completed training for safe work and tests of the employees’ qualifications, in the records of accidents at work, collective casualties, dangerous occurrences, established occupational diseases and work-related illnesses and their causes, and in the records of students, all in order to comply with statutory provisions;
  5. Candidate Management Data: personal data of candidates for employment, namely personal name, date of birth, place and the country of birth, address of permanent or temporary residence, actual and required education, work experience, diploma certificate and various other certificates used in their applications (certificate of foreign language knowledge, recommendations) or other details you provide to us contained in letters of application and résumés, all in order to process their applications for employment with us and comply with statutory provisions;
  6. Information on Management of Premises: personal data of individuals maintained in the records of entries and exits from the premises, namely the personal name, number and type of personal document, address of residence, employment, type and registration number of the vehicle and date, time and reason for entry to or exit from the premises, all in order to ensure the safety of people and property in our business premise;
  7. Sensitive Information: information of employees and workers in relation to the preventive medical examination with an assessment of the worker’s compliance with specific health requirements for a particular work in the workplace, in relation to the targeted periodic and other targeted preventive health checks of individual groups of workers with a list of examined workers and an assessment of the fulfilment of specific health requirements for a particular work in the work environment, an assessment of the health status of a group of examined workers, an established occupational disease, sickness-related illness or suspicion of an occupational disease, information on the fact and level of intoxication, if the worker was sent to the targeted preventive medical examination, wherein only information whether the worker was under the influence of illicit drugs and other psychoactive substances or not in case testing for illicit drugs and other psychoactive substances, information on accidents at work, collective casualties, dangerous occurrences, established occupational diseases and work-related illnesses and their causes; all only in order for us to comply with regulatory statutory provisions and to the extent permitted by law;
  8. We ask that you avoid submitting us special categories of personal data including sensitive information and data concerning health, unless such information is legally required and/or IMS requests you to submit such information.
  9. IMS has adopted every reasonable step to ensure that personal data are accurate and kept up to date, as well as that inaccurate personal data are erased or rectified without delay; however, IMS cannot assume liability should your information provided to us not be true, incomplete and/or misleading.

 

  • Legal basis for processing
  • As applicable, IMS processes personal data only, if permitted to do so by law.
  • Most commonly, IMS processes personal data about you because the processing is necessary for compliance with a legal obligation to which IMS is subject. Special categories of personal data are processed only on this legal basis and IMS does not process any such data on any other legal basis. Processing of Human Resources Data including Sensitive Information is almost entirely subject to this legal basis.
  • Furthermore, IMS processes some personal data where processing is necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract. Most of the processing employment and work contracts (Human Resources Data), as well as Candidate Management Data is carried out on this legal basis.
  • Moreover, we process some personal data where this is necessary for the legitimate interests pursued by IMS (or by a third party) and your interests and fundamental rights do not override these interests. For example, IMS has a legitimate interest in the processing and transfer of personal data within its group of undertakings (being its companies) for internal business purposes, including centralization of data processing activities, to design lawfully efficient and workable business processes, to allow cross border teams to work together and to make business processes more efficient and cost effective. Moreover, when IMS automatically receives your internet protocol number we rely on our legitimate interest by geotargeting advertisements to end users, which is beneficial to the user as an integral part of the social media site, plug-in or other application the user has consented to use.
  • IMS may also process your personal data when you have given consent to the processing of your personal data for one or more specific purposes. IMS has strived and continues to endeavor to obtain consents, which are given freely, specific, informed and present an unambiguous indication of your wishes by a statement or by a clear affirmative action, signifying agreement to the processing of your personal data.
  • Where IMS relies on your consent to process personal data, you have the right to withdraw or decline your consent at any time and where we rely on legitimate interests, you have the right to object.
  • Use of data
  • As applicable, we process your data for the following purposes:

 

  1. Managing of workforce: notably with respect to Human Resources Data, Candidate Management Data and Sensitive Information;
  2. Communications: enabling response and facilitating communication with you regarding Contact Data;
  3. Compliance: complying with legal requirements, such as record-keeping and reporting obligations, conducting audits, compliance with government inspections and other requests from government or other public authorities, such as subpoenas, pursuing legal rights and remedies, defending litigation and managing any internal complaints or claims, conducting investigations and complying with internal rules, policies and procedures.
  4. Services: IMS processes Business Management and End User Data in order to provide services to clients.

 

  • There may be more than one purpose that justifies our use of your personal data in any particular circumstance.
  • We shall only use your personal data for the purposes for which we collected it. Should we reasonably require using your personal data for an unrelated purpose, we will notify you thereof and explain the legal obligation or that such processing is compatible with the original purpose, which allows us to use it for another reason. If your consent was granted for a specific purpose, which may contain one or more processing activities, we shall not process your personal data for another purpose other than the one for which you consented. Where we intend to perform processing for another purpose on the basis of your initial consent, we shall process your personal data only on the basis of a new consent.
  • Managing of Workforce

 

  1. IMS manages your Business Management, Human Resources, Candidate Management Data and Sensitive Information within its customer relations management software. The software is designed on a need-to-know basis. Furthermore, our internal privacy and security rules are communicated to our employees and workers, instructing them to process personal data in accordance with the respective legislation, internal rules and under highest security processing standards when managing workforce or complying with statutory provisions.

 

  • Services:

 

  1. IMS uses your data to operate lawfully, effectively and provide the best experience with our services.
  2. We use your data to provide customer, technical, and operational support, to manage your account(s), to send you technical notices, updates, security alerts and support and administrative messages and to resolve disputes and enforcing of our rights, to detect and protect against errors, fraud, or other criminal or illegal activities and to enforce our client agreements. This may also include analyzing, customizing, and improving our website, to provide information and analytics to clients, to help our clients to create or enhance their services with respect to marketing or analytics.
  3. You may access certain other portions of our website by submitting the identification form, wherein for certain services it is necessary to create a user account, enabling the user to use certain applications. In these cases, you are required to submit data including Business Management and Contact Data. This information is needed to provide services to clients, including access to the application, display of customized content and advertising, communications, transfer of profit deriving from digital advertising, ensuring the technical functioning of the network, research and analysis in order to maintain and protect our services.
  4. We may also use your data to create interferences about end users geographically categorized in order to enable the subsidiaries within IMS to help clients place advertisement in the respective geographical region. For example, if the End User Data indicates that an end user is located in a certain geographical region or country, then we may place advertisements in such region or country. After this process is done, the internet protocol number of the end user is anonymized in order to prevent subsidiaries from IMS from other regions or countries, clients and third parties to access or retrieve the internet protocol number of the end user. This process also includes anonymizing internet protocol numbers for statistical purposes.

 

  • Cookies

 

  1. We may deploy online cookies to end users in order to better or more accurately target relevant advertisements to end users with respect to its geolocation and frequency of the advertisements. Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. They are typically stored on your computer’s hard drive.
  2. Cookies include such strictly necessary for the normal website functions, which cannot be switched off because the website wouldn’t work properly anymore, nor do they store any personal data.
  3. In order to deliver as relevant advertisements as feasible, IMS may collect data across its website. This enables it to identify likely consumer interest segments. All the data, however, is on completely aggregate basis. We use cookies to improve the quality of our services by storing user preferences and tracking users’ trends, thus providing the most relevant advertisements. Cookies are also used to help advertisers and publishers serve and manage advertisements across the web. We use Google Analytics cookies that enable us to improve user experience on our websites. They help us understand how our users use the website and decide on the functional and material adjustments in order to show as much useful content as possible.
  4. You are free to decline most of our cookies if your browser or browser add-on permits it, but choosing to remove or disable our cookies may interfere with your use and functionality of IMS’ services.
  5. You may delete cookies presently as follows (subject to any updated instructions provided by the specific browser):
    1. Google Chrome – After clicking on the menu icon navigate to settings. On the bottom of the page, expand the settings by clicking on ‘Advanced’. In the ‘Privacy and Security’ panel click on ‘Content settings’ and then ‘Cookies’. You can also type chrome://settings/content/cookies in the browsers address bar.
    2. Mozila Firefox – click on the ‘Menu’ hamburger icon and navigate to preferences. In the ‘Privacy & Security’ tab head to the history section and click on the ‘remove individual cookies’ link.
    3. Safari – in the ‘Privacy’ menu navigation item, there is an option to ‘Block all cookies’ and to remove them all. You can also click ‘Details’ to remove individual cookies.
    4. Edge – Click on the 3-dot icon and select ‘Settings’. Select the arrow keys next to the ‘Advanced settings’ on the top side. You will see an option ‘clear browsing data’ with which you can clear cookies.

 

  • Communications:

 

  1. We use your Contact Data primarily to respond to you when you have contacted us.
  2. In addition, we may use your Contact Data collected from publicly available sources or in the context of the lawful pursuit of our activities including for the purpose of offering goods, services, employment or temporary work by using postal services, telephone calls, electronic mail or other electronic means of communication (direct marketing).
  3. Upon performing direct marketing, we shall communicate to you our identity and contact details, whether we have collected data from publicly available sources or in the context of the lawful performance of business activities and the manner pursuant to which you may exercise your rights to rectification, to object and to request from us to permanently or temporarily cease to use or otherwise process your personal data for the purpose of direct marketing. We shall not perform unsolicited electronic marketing, except where we have obtained your personal data in the course of a sale, or negotiations for a sale of a product or service, wherein the messages shall only market similar products or services and we shall give you simple opportunity to refuse marketing when your details are collected and if you do not opt out at this point, we will give you a simple way to do so in future messages. We shall not disclose this personal data to other users for the purposes of direct marketing.
  4. You may opt out of receiving promotional communications from us by following the instructions in those communications. You may also opt out of receiving our newsletter or certain administrative emails by modifying your communications preferences through the settings feature of your online account. If you opt out of receiving promotional communications, we may still send you transactional or relationship messages, such as those about your account or our ongoing business relations.

 

  • Disclosure of data
  • We share personal data with the following unaffiliated third person:

 

  1. Social integrations such as Twitter for campaign settings, advertisement group targeting settings for advertisements, and with other providers such as Snapchat and LinkedIn only for campaign statistics import at present;
  2. Other service providers, such as advertisers, publishers and other partners, accounting and IT services providers;
  3. Public and Governmental Authorities: entities that regulate or have jurisdiction over IMS such as regulatory authorities, public bodies, and judicial bodies, including to meet national security or law enforcement requirements.

 

  • Transfer of personal data
  • IMS may transfer personal data to a third country or an international organization in case of an adequate decision in accordance with Article 45(1) of the General Data Protection Regulation, without a special permit. In the absence of an adequate decision, IMS shall provide appropriate safeguards in accordance with Article 46 of the General Data Protection Regulation. In the absence of an adequacy decision pursuant to Article 45(3) of the General Data Protection Regulation or of appropriate safeguards pursuant to Article 46 of the General Data Protection Regulation, including binding corporate rules, a transfer or a set of transfers of personal data to a third country or an international organization shall take place only on one of the conditions in Article 49(1) of the General Data Protection Regulation.
  • Data retention
  • Generally, we retain personal data for as long as necessary to fulfil purposes described in this policy subject to our own legal and regulatory obligations.
  • Our employees and workers processing personal data are instructed to verify the respective national statutory provisions and internal binding rules regarding data retention when processing data.
  • When personal data is no longer needed, we either irreversibly anonymize the data (and we may further retain and use the anonymized information) or securely destroy the data.
  • Your rights
  • IMS enables you to exercise the following rights as determined under the General Data Protection Regulation and the respective national jurisdiction:

 

  1. Right to access: you may obtain confirmation from IMS to whether or not your personal data are being processed, and where that is the case, access to personal data and information;
  2. Right to correct: you may request from IMS to rectify inaccurate personal data concerning and incomplete personal data completed;
  3. Right to erasure: you may obtain erasure of your personal data that we hold as a data controller;
  4. Right to restriction of processing: you may obtain from IMS the restriction of processing your personal data;
  5. Right of information: we shall communicate any rectification or erasure of personal data or restriction of processing to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort. We shall inform you about those recipients if you request it.
  6. Right to data portability: you may request from IMS to receive personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and may also request us to transmit those data to another controller without our hindrance;
  7. Right to object: you may object, on grounds relating to your particular situation, at any time to processing of personal data concerning based on our legitimate interests. In this case, we shall no longer process the personal data unless we demonstrate compelling legitimate grounds for the processing which overrides your interests, rights and freedoms, or for the establishment, exercise or defense of our legal claims;
  8. Right to object to direct marketing: you may object at any time to processing of personal data concerning you for marketing purposes. Should you object to processing for direct marketing purposes, we shall no longer process your personal data for such purposes;
  9. We guarantee your right not to be subject to a decision based solely on automated processing;
  10. Right to be informed of a breach: we shall notify you that there has been a breach of the protection of your personal data where the infringement of the protection of personal data is likely to pose a high risk to your rights and freedoms;
  11. Right to file a complaint: You have the right to lodge a complaint with a supervisory authority. However, we hope that you will first consult with us, so that we may work with you to resolve any complaint or concern you might have.

 

  • You may exercise the abovementioned rights by contacting: imsprivacy@imscorporate.com.
  • Security
  • We have implemented reasonable and effective technical and organizational measures and procedures designed to implement data-protection principles, such as data minimization, and integrated necessary safeguards into the processing in order to meet the requirements of the General Data Protection Regulations.
  • We protect your information by using reasonable physical, technical and administrative security measures, including limiting access to your personal information to employees and workers on a need-to-know basis. To make sure your personal data is secured, we communicate our internal privacy and security rules to all of our employees and workers, strictly enforce privacy safeguards within IMS and have also designed our internal software in order to meet our high security processing standards.
  • Contact
  • Should you have any questions or concerns regarding this policy, please contact us at imsprivacy@imscorporate.com.

 

2.13. Effective Date

2.13.1. This policy was prepared by IMS management and approved on May 25, 2018 as the effective date of this policy.