Definition of Personal Data
Collection of your Personal Data
XERA collects personal data in a number of ways. We collect your personal data, when you:
- visit, browse, and use our Website;
- fill in registration and other forms;
- provide full name and other requested information during ID verification;
- send us an email with personal data;
- contact us with any enquiries;
- use any Services of XERA;
- chat with us in customer support form or via email;
- provide any information to XERA using other methods;
- subscribe or unsubscribe to our newsletters.
XERA may receive the following personal data:
- information provided by the User during account registration, including, user name and email address;
- your ID/passport details, proof of address;
- information about your purchases that you conduct on the Website;
- any other personal data which you directly provide to XERA; and
- any other personal data requested or required by the Website.
Our Website can be visited anonymously. The Website processes anonymous metadata through cookies such as the URL of the requested file, the amount of data transferred, the date and time of the request from the User, Internet browser information, operating system type, the IP address of the used device, the Internet service provider, reference links such as user clicks on certain links. This metadata cannot be used by the Website to obtain personally identifiable information. This information is only used for general purposes, such as technical improvements, statistical and marketing analysis.
When you visit our Website and use our Services, we may automatically receive some information that identifies, for each page accessed:
- the type of browser and operating system you have used;
- the IP (Internet Protocol) address of the device which has accessed it (example PC, tablet);
- the date and time of your visit to the Website;
- the pages accessed and documents downloaded;
- your top-level domain name (for example .com, .co.uk, .eu, etc.);
- the address of your server;
- the previous website visited;
- the average duration of page view;
- the navigation behaviour and preferences of the User.
XERA collects and processes personal data about Users and customers only if XERA has lawful basis. Lawful basis includes:
- consent (where you have given consent);
- legitimate interests.
Where we rely on your consent to process personal data, you have the right to withdraw or decline your consent at any time and where we rely on legitimate interests, you have the right to object.
The legitimate interests are:
- analysing and understanding your behaviour on the Website;
- performing our Services;
- conducting ID verification;
- making improvements to the Website and Services;
- enabling us to enhance, customise or modify our Services and communications;
- improving data security;
- determining whether marketing campaigns are effective.
If you have any questions about the lawful basis upon which we collect and use your personal data, please contact our Data Protection Officer at firstname.lastname@example.org. Please put “DPO” in the subject of your email.
XERA does not knowingly provide Services and collect personal information from anyone under 18 years of age. Our Services are available only to the Users over 18 years old. If we learn that we have collected the personal information of a child under 18, or equivalent minimum age depending on jurisdiction, we will take steps to delete the information as soon as possible.
Sharing your Personal Data
XERA may share your information with:
- service providers we work with to deliver some Services;
- legal and regulatory authorities, as required by applicable laws and regulations;
- our employees;
- our auditors, lawyers, accountants, consultants and other professional advisors, where it is reasonably necessary for obtaining advice, professional services, or managing legal disputes;
Use of Personal Data
Personal data will be collected, held, used and disclosed for the following purposes jointly and/or severally:
- to provide you with Services requested;
- to verify your identity as described in the Terms;
- to process registration and log in to our Website;
- to provide you with newsletters you subscribed to;
- to process your purchases;
- to perform marketing analysis and to conduct market research;
- to the extent permissible or necessary by law, for any other purpose as may be deemed reasonably necessary by XERA in the circumstances;
You may access your personal data held by us to correct, update and remove inaccurate or incorrect data. You have the following rights:
- delete some or all personal data that we held about you;
- change or correct your personal data that we held about you;
- object to, or limit or restrict, use of your personal data;
- right to access and/or take your personal data: you can ask us for a copy of your personal information in machine readable form;
- block cookies in your browser by changing its settings;
- access information we hold about you.
If you want your personal data to be corrected, updated or removed, please contact our Data Protection Officer at email@example.com. Please put “DPO” in the subject of your email.
Security of Personal Data
We use certain technologies to ensure the confidentiality of your personal data. XERA uses several security measures, including, without limitation, SSL method, two-factor authentication and other industry-leading measures to protect your data.
While we strive to use commercially acceptable means to protect your personal data, no method of transmission over the Internet, or method of electronic storage, is completely secure, and we cannot guarantee absolute security of your personal data.
We process information both inside and outside of the European Union and rely on legally-provided mechanisms to lawfully transfer information across borders. Countries where we process information may have laws which are different, and potentially not as protective, as the laws of your own country.
We retain your personal data for as long as your account is in existence or necessary to fulfil the purposes for which we collect it or as needed to provide you with the services, except if required otherwise by law. However, when you terminate your account, we will still retain your personal data for a period of time. Usually, we will store your personal data for a period of 3 (three) years after you cease being a User of our Services, beginning at the date your account is closed.
Retention periods may be changed from time to time based on regulatory requirements.
Our Website sometimes will be sending you communication via email, examples of such emails may include a welcome email, verification emails, or any other emails that are required to operate your account.
Users can subscribe to our newsletters, this communication includes information such as promotion emails, updates and news from us. You may unsubscribe from these notifications any time by visiting an opt-out page.
Merge of Company
To communicate with our Data Protection Officer, please contact us at firstname.lastname@example.org. Please put “DPO” in the subject of your email.