OpenMind Technologies Inc., has a position of a ‘Controller’ as defined in EU GDPR and it shall be responsible for, and be able to demonstrate compliance with, the principles relating to processing of personal data. We can be contacted by sending an E-mail to [email protected].
What personal information do we collect from the people that visit our blog, website or app?
When registering on the Website or in the App, as appropriate, you may be asked to enter your name, email address, Facebook credentials or other details to enhance your user experience.
We collect information transmitted by social networking sites or application (e.g. Facebook, LinkedIn, Twitter, Google+, etc.) in any case where you interact with profile held or controlled by Hidden Place on such social networking platforms. Note that these platforms could be governed by other policies regarding personal information which may also be applicable.
We may collect your payment information when you want to use paid services such as Itinerary provided by Hidden Place ambassadors.
Some information is collected automatically while you browse or use the App or Website. This information may include (but not limited to):
- Your computer IP address;
- Your browser settings and operating system;
- Your mobile device settings;
- Location data and geographical coordinates;
- Pages visited, items viewed and clickstream data;
When do we collect information?
We collect information from you when you register on our site, subscribe to a newsletter or enter information on the App or Website.
How do we use your information?
The processing of the information is being performed automatically, without human intervention. However, whenever you contact us through email, or you request Services which require human interaction, your personal information will be handled and processed by a real human in order to provide you the requested services or the answer to the email.
We will use your name based on your consent in order to personalize your experience on the Platform and to address you properly when we contact you.
We will collect your email address on a basis of your consent and in the interest of providing our Services. We will collect your email address in the following cases:
– When you contact us. We will collect your email address whenever you contact us through any of our email addresses or our support contact form. Whenever we collect your email address this way, we will only use it in order to respond to your inquiry.
Date of Birth
We will use your date of birth based on your consent in order to personalize your experience on the Platform, to analyze travel trends, and to provide you with the content that other users of the same age group find interesting.
We will collect your photo from your social media account to personalize your User account on the platform.
Social Media ID
We will collect your social media ID on a basis of your consent and in the interest of providing our Services. When you choose to register with your social media account we will collect your Social Media ID to create an account for you and to connect your Hidden Place account password and email with the right ID.
If you provide consent we will also use your IP address in order to assess your location and provide you with the content that corresponds to your location. If you provide consent we may connect your IP address with other information we have about you in order to provide you with the content we believe you might find interesting. We will collect your IP address on a basis of your consent and in the interest of providing our services.
We will collect your location information on a basis of your consent and in the interest of providing our Services. We will only use this information to provide you with the list of locations and sights that are near you, relevant to your interest, and to provide other information and services which are connected to your location information.
Session information usually does not collect your personal Information. However, if you access the Platform through your User account, we will connect a Session ID to a User account making the session information personally identifiable. This Information is necessary for the performance of the Platform, performance of some Services, and to allow Users to log-in into their accounts.
We will collect your payment information such as your PayPal email in order to process your order for paid Services. We need this information in order to administer contractual obligations and we will not use this information for any other purposes.
How is personal information disclosed to third parties?
We may also disclose personal information to third-parties if compelled by competent authorities or if expressly permitted by law.
Do we use ‘cookies’?
You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off the logging of all cookies through your browser settings. Since each browser is a little different, look at your browser’s Help Menu to learn the correct way to modify your cookies.
If you turn cookies off, some features will be disabled and your experience on the website may be modified.
Storage of Personal Information
We keep collected personal information until concerned individuals request that it be deleted or until such time where it is not required by our activities. However, except as required by applicable laws and regulations, we do not commit to keep any information for a determined length of time.
Collected personal information is stored in electronic format in our servers located in different data center around the world and is protected by commercially reasonable security measures considering the sensitivity of the information. We may store or transfer collected personal information to servers located in countries deemed adequate by the European Commission, or in countries which European Commission has not deemed inadequate, provided that such countries implement appropriate and suitable safeguards regarding the security of personal information.
Occasionally, at our discretion, we may include or offer third-party products or services on our website or app. These third-party sites or plugins have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites or plugins. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites or plugins.
Google’s advertising requirements can be summed up by Google’s Advertising Principles. They are put in place to provide a positive experience for users. https://support.google.com/adwordspolicy/answer/1316548?hl=en
We use Google AdSense Advertising on our website.
We may use Google AdSense Advertising on our website.
We, along with third-party vendors such as Google use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or other third-party identifiers together to compile data regarding user interactions with ad impressions and other ad service functions as they relate to our website.
COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.
We do not specifically market to children under the age of 13 years old.
We abide by the laws and regulations governing unwanted electronic communications. If you no longer wish to receive electronic communications from Hidden Place, you may so advise us at any time in writing at the following address: [email protected].
We will continue to have the right to contact you about you orders, requests for information or about the handling of your personal information.
You may access our personal information and correct erroneous information through the App interface. You may also make a written request to that effect at the following address: [email protected].
We will respond to your written request at the latest within 30 days of receipt and will give you reasonable access to your personal information within what is permitted by applicable law. Fees could apply in certain cases.
We may verify the identity of individual seeking to access personal information. Any information provided for identification purposes will not be recorded nor used for any other purpose.
Users have the right to obtain the erasure of personal Information concerning him or her without undue delay, and we have the obligation to erase personal Information without undue delay where one of the following grounds applies, as long as the processing is not necessary:
The personal Information is no longer necessary in relation to the purposes for which it was collected or otherwise processed.
User withdraws consent to which the processing is based, and where there is no other legal ground for the processing.
User objects to the processing pursuant to Article 21(1) of the GDPR and there are no overriding legitimate grounds for the processing, or User objects to the processing pursuant to Article 21(2) of the GDPR.
The personal Information has been unlawfully processed.
The personal Information must be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject.
The personal Information has been collected in relation to the offer of information society services referred to in Article 8(1) of the GDPR.
Restriction of processing
Users have the right to obtain restriction of processing where one of the following applies:
The accuracy of the personal Information is contested by the User, for a period enabling the controller to verify the accuracy of the personal Information.
The processing is unlawful and the User opposes the erasure of the personal Information and requests instead the restriction of their use instead.
The controller no longer needs the personal Information for the purposes of the processing, but they are required by the User for the establishment, exercise or defence of legal claims.
The User has objected to processing pursuant to Article 21(1) of the GDPR pending the verification whether the legitimate grounds of the controller override those of the data subject.
Right to Data Portability
Users have the right to receive the personal Information concerning him or her, which was provided to a controller, in a structured, commonly used and machine-readable format. Users have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, as long as the processing is based on consent pursuant to point (a) of Article 6(1) of the GDPR or point (a) of Article 9(2) of the GDPR, or on a contract pursuant to point (b) of Article 6(1) of the GDPR, and the processing is carried out by automated means, as long as the processing is not necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
Furthermore, in exercising his or her right to data portability pursuant to Article 20(1) of the GDPR, the User shall have the right to have personal data transmitted directly from one controller to another, where technically feasible and when doing so does not adversely affect the rights and freedoms of others.
Right to object
Users have the right to object, on grounds relating to his or her particular situation, at any time, to processing of personal Information concerning him or her, which is based on point (e) or (f) of Article 6(1) of the GDPR. This also applies to profiling based on these provisions.
We will no longer process the personal Information in the event of the objection, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the User, or for the establishment, exercise or defence of legal claims.
If we process personal Information for direct marketing purposes, the User shall have the right to object at any time to processing of personal Information concerning him or her for such marketing. This applies to profiling to the extent that it is related to such direct marketing. If the User objects to the processing for direct marketing purposes, we will no longer process the personal Information for these purposes.
In addition, Users have the right, on grounds relating to his or her particular situation, to object to processing of personal data concerning him or her for scientific or historical research purposes, or for statistical purposes pursuant to Article 89(1) of the GDPR, unless the processing is necessary for the performance of a task carried out for reasons of public interest.
Right to lodge a complaint with a supervisory authority
Users may without prejudice to any other administrative or judicial remedy, lodge a complaint with supervisory authority, in particular in the EU Member State of his or her habitual residence or place of the alleged infringement if the data subject considers that the processing of personal data relating to him or her infringes the GDPR.
We acknowledge that the safety of your personal information is one of the highest priorities and therefore only authorized processors have access to your information. Although we take all appropriate measures in respect to keeping your information secure, you understand that no data security measures in the world can offer 100% protection. If we ever find or suspect a personal data breach we will without delay, within seventy-two (72) hours after becoming aware of it, notify the appropriate supervisory authority about the breach and Users where necessary.
Changes to this Policy
Any claim, dispute or complaint with respect to the subject matter of this Policy shall be brought before the competent authority sitting in the judicial district of Montreal, hereby excluding any other forum.
For any additional information about our handling of personal information, please contact us at the following address:[email protected]