- There are two concepts at work here: the Personal Data Controller (PDC) and Personal Data Processor (PDP). The first one is the landing page owner. He has to have consent on a so-called data processing agreement with data processors – subjects that will process these data. In the context of landing pages, the processor will be the Landingi company for example, but also every other company creating marketing software that works somehow with a created landing page (e.g MailChimp, Zapier, Intercom, etc.). It also concerns every other company that has personal data that we then share.
- You have to put a checkbox on the landing page that will be visible next to a text informing that every person handing over personal data has to agree on processing them. You can also place a text informing that you have a data processing agreement with MailChimp, for example, for the purpose of sending newsletters. You don’t have to mention the specific tool, but you have to list the specific tool category; email automation software for example.
- In the document there should be listed information about what data is processed and how it’s being stored.
- There are two categories of personal data – common and vulnerable. Common can be categorized by name, surname, a Social Security Number, email address, etc. Among vulnerable are: information on criminal record, health state, genetic data. Regulations on common data are placed in Article 6 of the GDPR, whereas information about vulnerable data is gathered under Article 9. You have to inform landing page users of the legal basis under which data is gathered with your landing page.
1. General Provisions
1. The administrator of personal data is [company’s namwebcollection.org, with the headquarters in [city, addreswebcollection.org, registered under the number [number]. The corresponding court for the company is [court’s name, city, the name of department, company’s identification numberwebcollection.org. Personal data security is handled according to the restrictions of the law and their storage takes place on secured servers.
4. We respect the privacy law and care about data security. That’s why we use the Secure Sockets Layer (SSL) protocol.
5. Personal data given in the form on a landing page are treated as private and as such they are not visible to unauthorized personnel.
2. The Data Administrator
6. The service provider is the administrator of customers data. It means that, if you have an account on our website, we may process your data such as: name, surname, email address, telephone number, professional title, the company you work for, an IP address.
7. The service provider is also the administrator for people enrolled in for [for examplwebcollection.org a newsletter or a webinar.
8. Personal data are processed:
a) according to the law on the protection of personal data
c) for the purpose necessary for agreement creation and shaping its contents, changes in it and finally revoking it and for the purpose of services performed digitally
d) for the purpose necessary for fulfillment of legally-backed interests and goals and the processing does not affect the disputes and freedoms of the person whose data is concerned
e) within the boundaries of the purpose of our agreement if you (for example) signed up for newsletter
f) within the boundaries of the purpose Â of our agreement if you (for example) signed up for a webinar
9. Every person which handed over his or her data (if we are this person’s administrator) has the right to access the data, edit, delete or limit its processing. Also, the right to objection and the right to litigation in front of a supervisory authority.
10. Contact with the person overseeing the processing of the personal data in the organization of the contractor is possible via email: [addreswebcollection.org.
11. We reserve the right to process your data after the contract dissolution or the agreement withdrawal only in the field of pursuing the potential claims before the court or if the local, European or international law obligates us to data retention.
12. The service provider has the right to hand over a user’s personal data or other data to the authorized organizations that have the right to view them (police for example).
13. Deleting the personal data can happen when the user withdraws his or her consent or present a legally-binding objection for personal data processing.
14. The service provider does not share personal data with other organizations unless they are authorized to view them based on the local law.
15. We have put pseudonymization, data encryption and access control in place to minimize the impact of a possible security breach.
16. Personal data are processed by the authorized personnel or outside personnel that we closely cooperate with.
The information collected relates to the IP address, the type of browser used, language, operating system type, internet service provider, information about the time and date, location, and information sent to the site via a contact form.
18. The collected data are used to monitor and determine how users use our websites, to improve the functioning of the service in order to ensure more efficient and seamless navigation. Monitoring of information about users is performed with use of the Google Analytics tool that registers user behavior on a site.
20. The data are stored and processed in accordance with [country’s namwebcollection.org law. We respect the privacy of our users, therefore the stored data are confidential and not shared with third parties. Their security is a high priority for us, that is why they are collected on safe and protected servers.
Cookies can not access data on a user’s disk, nor are they able to establish a user’s identity. Also, they do not track user’s activities after leaving our site.
21. On our site we use the following types of cookies:
a) essential cookies which allow the use of services available on the website, such as authentication cookies used for services that require authentication through the website
b) cookies used to ensure safety, such as the ones used for detection of fraud in authentication through the website
c) performance cookies for collecting information about the use of the website
d) functional cookies for saving user-selected settings and customizing the user interface, as regards (for example) language or region of origin of the user, font size, website appearance, etc.
e) advertising cookies that provide users with advertising content more tailored to their interests
21. Users can at any time disable or enable the option of cookie collection by modifying the settings in their browser.