The document was updated on 20/04/2020 to comply with the regulations, and in particular in compliance with EU Regulation 2016/679.
- This section contains information related to the management methods of Bithashex OÜ with reference to the processing of user’s data of the services provided by Bithashex OÜ through the www.bithashex.com and related subdomains *DOMAIN ADDRESS
- The purpose of this document is to provide information about the methods, timing and nature of the information that the data controller must provide to users when connecting to the Bithashex OÜ web pages, regardless of the purpose of the connection, according to the UK and European legislation.
- If the user is under the age of 16, pursuant to the article 8, c.1 EU regulation 2016/679, he/she must legitimize his/her consent through the authorization of his/her parents or guardians.
1. Data Processing
1.1 Data Controller
- The data controller is the natural or legal person, public authority, service or other body that, individually or together with others, determines the purposes and means of processing personal data. This position also deals with safety profiles.
- With regards to this website, the data controller is: Bithashex OÜ , and for any clarification or exercise of the rights of the user he can be contacted at the following email address: firstname.lastname@example.org
1.2 Data Processing Location
- The processing of data, generated by the use of the services provided by Bithashex OÜ through the web portal, takes place at Harju maakond, Tallinn, Kesklinnalinnaosa, Roosikrantsitn 2-1121, 10119.
- In case of need, the data related to the newsletter service can be processed by individuals appointed for this purpose by the Owner, at their respective locations.
2.1 Types of Cookies
- A cookie consists of a reduced set of data transferred from a web server to the user's browser and it can only be read by the server that made the transfer. This is not executable code and does not transmit viruses.
- Cookies do not record any personal information and any identifiable information will not be stored. If you want, you can prevent the saving of some or all cookies. However, in this case the use of the website and the offered services could be compromised. To proceed without changing the options related to cookies, simply continue browsing.
Below there are the types of cookies that are used by the website:
2.2 Technical Cookies
- There are many technologies used to store information on the user's computer, which are then collected by the websites. Among these, the best known and used one is based on HTML cookies. They are used for navigation and to facilitate the access and use of the website to the user. They are necessary for the transmission of communications on the electronic network and for the supplier, to provide the service requested by the customer.
- The settings to manage or deactivate cookies may vary depending on the used internet browser. In any case, the user can manage or request the general deactivation or cancellation of cookies, modifying the settings of his internet browser. This deactivation can slow down or prevent access to some parts of the website.
- The use of technical cookies allows the safe and efficient use of the website.
- From the duration point of view, it’s possible to identify the temporary session cookies, which are deleted automatically at the end of the browsing session and are used to identify the user and thus avoid logging into each visited page, and permanent ones, which remain active in the PC until expiry or cancellation by the user.
- Session cookies may be installed in order to allow the access and the continuity of operations in the reserved area of the platform as an authenticated user.
- They are not permanently stored, but only for the duration of the navigation, until the browser is closed, and disappear when the browser is closed. Their use is strictly limited to the transmission of session identifiers, consisting of random numbers generated by the server and needed to allow the safe and efficient browsing of the website.
2.3 Third-Party Cookies
- Depending on the provenance, it’s possible to identify the cookies that are sent to the browser directly from the website that the user is browsing and those owned by third parties, sent to the computer from other websites and not from the one that the user is browsing.
- Permanent cookies are often third-party cookies.
- The majority of third-party cookies consists of tracking cookies, used to identify online behavior, understand the interests and then customize the advertising proposals for users.
- Third-party analytical cookies may be installed. They are sent from the domains of the aforementioned thirdparties that are external to the website.
- The third-party analytical cookies are used to provide information about the behavior of users on Bithashex OÜ ’s platform. The detection is anonymous, in order to monitor the performance and improve the usability of the website. The third-party profiling cookies are used to create users’ profiles, in order to propose advertising messages that follow the choices expressed by the users.
- The use of these cookies is governed by the rules set by the third parties themselves, therefore, users are invited to read the privacy policies and the indications to manage or disable the cookies, that are published on the related web pages.
2.4 Profiling Cookies
- Profiling cookies are used to create profiles related to the user and they are used in order to send advertising messages that follow the preferences expressed by the user when surfing the net.
- When these types of cookies are used, the user must give explicit consent.
3. Processed Data
3.1 Data Processing Mode
The processing of personal data is fulfilled mainly using electronic procedures and supports (database, backend application, etc.) for the time strictly necessary to achieve the purposes for which the data are collected and, in any case, in accordance with the principles of lawfulness, correctness, non-excess and relevance considered by the current privacy legislation.
- This website uses log files where it keeps information collected in an automated manner during users’ browses. The information collected could be the following ones:
- internet protocol (IP) address;
- type of browser and device parameters used to connect to the website;
- name of the Internet service provider (ISP);
- date and time of visit;
- web page that brings visitors to Bithashex OÜ (referral) and exit pages;
- possibly the number of clicks.
- The aforementioned information is processed in an automated way and collected in an exclusively aggregated way, in order to verify the correct operation of the website, and for security reasons. This information will be processed according to the legitimate interests of the data controller.
- For security purposes (email spam filters, firewalls, virus and malware detection), the automatically recorded data may possibly also include personal data such as the IP address, which could be used, in accordance with applicable laws, in order to block attempts to damage the website itself or to damage other users, or in any case of harmful or criminal activities. Such data are never used for the identification or profiling of the user, but only for the protection of the website and its users. This information will be processed according to the legitimate interests of the data controller.
- By registering on the Bithashex OÜ platform, users can create their own personal profile. Through the control panel users can manage the level of 'public visibility' of their data, thus having the ability to decide independently what information they want to make visible to other users of the platform.
- The information, that users of the website will deem to make public through the platform’s services and tools, are provided by the user in a conscious and voluntary manner, exempting this website from any liability regarding any violation of the laws. It is up to the users to verify that they have the permission to add personal data of third parties or contents protected by national and international legislations.
3.2 Purposes of Data Processing
- The personal data of the users, collected through the registration to the platform, are used to guarantee a correct association between the controller and the user, and to offer trust and transparency to the users of the platform.
- Data collected by the website during its operation are used for the purposes indicated in this document and kept for the time strictly necessary to carry out the specified activities, and in any case not later than 5 years.
- Data used for security purposes (block the attempts to damage the website, etc.) are kept for the time strictly necessary to achieve the previously indicated purpose.
3.3 Data Provided by the User
- The Bithashex OÜ platform aims to solve the problem of transparency in humanitarian aid and charity sector: to reach that goal, it uses KYC (Know Your Customer) and Identity Verification Technology.
- Users, individual or corporate may voluntarily or be required to provide some personal and sensitive data, sending identity documents and proof of residence, commercial and trade licenses, establishment records needed for the identification, verification and geolocation procedures. Individual and corporate can decide which data they want to send to the platform to be correctly identified and geolocated, in order to increase their trust level and be approved as a valid client.
- The identified and geolocated users individual and corporates will be able to enjoy more services and benefit from a greater level of trust in the platform and by its users.
- To guarantee identity verification and the correct association and thus be able to offer trust and transparency to the users of the platform, Bithashex OÜ directly manages the verification processes related to the identity and geolocation of the users.
- The verification of the information provided by the user may be transferred to appointed external company or third party such as KYC provider; the verification operations are performed by appointed, specialized personnel internal to Bithashex OÜ or to an appointed third-party, which shall follow rigorous verification procedures.
- All data are used only and exclusively in case that the users, individual or corporate are required to be identified, verified and geolocated, so to verify the correctness of the provided information to perform related services and activities provided by the platform.
- As indicated above, the optional, explicit and voluntary sending of e-mails to the Bithashex OÜ ’semail addresses entails the subsequent acquisition of the sender's address, necessary to respond to the requests, as well as any other personal data included in the message.
- As indicated above, Bithashex OÜ may send newsletter and marketing e-mails to the subscribed users of the platform, this is an option that users can either OPT-IN or OPT-OUT of.
- If necessary, to increase the level of transparency and information regarding specific requests for personal and / or sensitive data and the related processing, specific policy summaries will be shown to the user and they will be progressively reported or displayed on the website pages, predisposed for specific on demand services.
3.4h3 Support in Configuring Your Browser
- Users can manage cookies also through the setting options of their browser. However, deleting cookies from their browser, they may remove the preferences they have set for the website.
- For further information and support, it is possible to also visit the specific help page of the web browser:
- Internet Explorer:http://windows.microsoft.com/en-us/windows-vista/block-or-allow-cookies
- Firefox: https://support.mozilla.org/en-us/kb/enable-and-disable-cookies-website-preferences
- Safari: http://www.apple.com/legal/privacy
- Opera: http://www.opera.com/help/tutorials/security/cookies/
3.5 Plugin Social Network
- The collection and use of information obtained thanks to the plugins are governed by the respective social networks’ privacy policies, to whom it is required to refer:
- Facebook: https://www.facebook.com/help/cookies
- Twitter: https://help.twitter.com/en/rules-and-policies/twitter-cookies
- Pinterest: https://policy.pinterest.com/en/privacy-policy
- Instagram: https://help.instagram.com/402411646841720
- Linkedin: https://www.linkedin.com/legal/cookie-policy
4. User Rights
- The Bithashex OÜ website therefore informs the user about the existence of:
- the right of the interested party to ask to the data controller the access to personal data their updating, the rectification, integration or the limitation of processing that is related to them or to oppose, for legitimate reasons, to their treatment, in addition to the right to data portability;
- the right to request cancellation, the transformation into anonymous form or blocking of processed data in violation of the law, including those whose retention is unnecessary for the purposes where the data have been collected or subsequently processed;
- the right to obtain the attestation that the operations of updating, rectification, integration of data, cancellation, blocking of data, transformation have been brought to the attention, also in relation to their content, of those that received or managed those data, except in the case where such fulfillments are not possible to deliver or they require a manifestly disproportionate effort in comparison with the protected right
- Requests can be made directly through the user’s personal control panel in the Bithashex OÜ ’swebsite, or alternatively via email addressed to the Data Controller, without formalities or, alternatively, using the model provided by the Data Protection Supervisor, or sending an email to: SUPPORT@BITHASHEX.COM
- If the treatment is based on express consent to the use – or to express consent to the use of genetic, biometric, health-related data, that reveal religious beliefs, philosophical or union membership, that reveal racial or ethnic origin, political opinions - the user has the right to revoke the consent at any time without compromising the lawfulness of the treatment, based on the consent given prior to the revocation.
- Likewise, in case of violation of the law, the user has the right to complain about it to the Data Protection Supervisor, as it is the authority responsible for monitoring the data processing in the US.
5. Data Transfer To Extra Eu Countries
- This website may share some of the collected data with services located outside the European Union. In particular with Google, Facebook and Microsoft (LinkedIn) through social plugins and the Google Analytics service. The transfer is authorized and strictly regulated by Article 45, paragraph 1 of EU Regulation 2016/679, so no further consent is required. The companies mentioned above guarantee their participation in the Privacy Shield.
- Data may be transferred to third countries that may not comply with the conditions set out in Article 45 of the EU Regulation.
6. Security About Provided Data
- This website processes the data of users in a lawful and correct manner, adopting appropriate security measures to prevent unauthorized access, disclosure, modification or unauthorized destruction of data.
- Processing is carried out using IT and/or cloud service tools, with organizational methods and with techniques strictly related to the indicated purposes. The data provided by the users individual and corporates for identification, verification and geolocation are sent in encrypted form between the individual and corporates and the web platform, and through a daily procedure are transferred and offline stored in an isolated, safe and protected environment, in accordance with the current legislation.
- In addition to the Data Controller, in some cases, other employees involved in the website’s and cloud operations (administrative, commercial, marketing, legal department or system administrators) or external subjects (as suppliers of third-party technical services, courier and postal services, hosting providers, IT companies, communication agencies) may have access to the data.
7. Changes To This Document
- It may be subject to changes or updates. In case of significant changes and updates, users will be notified about these actions.
- The document was updated on 24/05/2018 to comply with the latest regulations, and in particular in compliance with EU Regulation 2016/679.