# PRIVACY POLICY ISLESYS Website privacy policy This website is operated by ISLESYS. The privacy of our users is extremely important to us and therefore we encourage all users to read this policy very carefully because it contains important information regarding: who we are; how and why we collect, store, use and share personal information; your rights in relation to your personal information; and how to contact us and supervisory authorities in the event that you have a complaint. Who we are ISLESYS ('we', 'us', 'our') collect, use and are responsible for storing certain personal information about you ('you', 'your', 'yours'). The personal information we collect and use Personal information is information which you can be identified from (and does not include any anonymised forms of information). 1. Types of personal information We may process the following types of personal information in relation to you: Users contact information to verify his identity. 2. Types of sensitive information We may also process the following types of sensitive information in relation to you: Payment details and Identity card. How your personal information is collected This section describes how the above types of personal information are collected by us. Your personal information will be collected as follows: 1. Personal information obtained from you directly We will sometimes obtain information from you directly, including when you: While making a payment and Signing up. 2. Changes to the way in which we collect your personal information In the event that we need to obtain personal information in relation to you from any other source than those described above, we shall notify you of this. How we use your personal information 1. General purposes In general, your personal information will generally be processed for the following purposes: The personal information is used to verify identity of the user required to keep track of license agreements. Any sensitive information in relation to you will generally be processed for the following purposes: to verify identity and make regular payments. 2. Fraud prevention We will undertake fraud checks via use of your personal information. This will involve sharing and working with Fraud Prevention Agencies. We do so to protect our own commercial interests (which is encompassed within our own legitimate interests as a business). In general, your information will be used for fraud prevention purposes: while making payments and keeping track of who paid it. Fraud prevention agencies can hold your personal information for different periods of time, the maximum period being six years. Lawful basis for processing of your personal information We have described above the purposes for which we may process your personal information. These purposes will at all times be justified by UK data protection law. 1. General lawful bases The lawful basis upon which we are able to process your personal data are: (1) where we have your consent to use your data for a specific purpose; (2) where it is necessary to enter into a legal contract with you or to perform obligations under a legal contract with you; (3) where it is necessary to enable us to comply with a legal obligation; (4) where it is necessary to ensure our own legitimate interests or the legitimate interests of a third party (provided that your own interests and rights do not override those interests). Wherever we rely upon this basis, details of the legitimate interests concerned shall be provided to you; (5) where we need to protect your own vital interests (or the vital interests of another person); and/or (6) where it is needed in the public interest (or where we are acting in our official functions), provided that the task or function has a clear basis in law. In general, in order to meet the purposes we have described above, we will process your personal information where it is necessary to comply with legal obligations which we are required to adhere to. 2. Lawful bases applicable to sensitive information We have explained above that we may process sensitive personal information in relation to you. We have defined above the general purposes for which we process your personal sensitive information. These purposes are justified by lawful conditions. There are however additional conditions which apply to sensitive personal information. We will therefore only process your sensitive personal information for any or a combination of the following additional lawful reasons, which are: (1) where you have provided us with explicit consent; (2) where it is necessary for employment, social security and social protection (and it is properly authorised by law); (3) where it is necessary for your vital interests or the interests of another person; (4) where the processing is carried out in the course of legitimate activities under a foundation, association or non-for-profit body with a political, philosophical, religious or trade union aim; (5) where the information is made publicly available by you; (6) where the processing is necessary for defending or establishing legal claims or court proceedings; (7) where the processing is necessary for substantial public interest; (8) where the information is necessary for medical or social care reasons; (9) where the information is necessary for reasons of public interests or in the area of public health; and/or (10) where the information is necessary for scientific research, statistical purposes, historical research or archiving purposes in public interest. In general, in order to meet the purposes we have described, we will usually process your sensitive information where: it is necessary in order to protect the vital interests of you or the interests of another person. This shall only apply where the person whose vital interests are to be protected is unable to consent (for example to urgent medical treatment). Sharing of your personal information On any occasion where any of your personal information is shared with any third party, we shall only permit them to process such information for our required purposes, under our specific instruction, and not for their own purposes. We are required to enter into a formal legal agreement to enable such sharing to take place. We do not anticipate that we will need to share your personal information with any third party. We will notify should this position change. How long your personal information will be kept Your personal information will only be kept for the period of time which is necessary for us to fulfil the above purposes. We envisage that your personal information shall be retained by us as follows: Until you are user of website. After the period described above, your information shall be properly deleted or anonymised. Keeping your information secure We will ensure the proper safety and security of your personal information and have measures in place to do so. We will also use technological and organisation measures to keep your information secure. These measures are as follows: We encrypt all data. We are ISO 27001 certified. This certification assists us in ensuring the safety of your personal information. We have proper procedures in place to deal with any data security breach, which shall be reported and dealt with in accordance with data protection laws and regulations. You shall also be notified of any suspected data breach concerning your personal information. Use of your information outside of the United Kingdom We have described above the purposes and lawful bases for which we process your personal information. In order to meet those needs, we may transfer your personal information outside of the United Kingdom. Your personal information may be transferred to: India & United States. The recipient country or countries listed above have been deemed by the United Kingdom to have adequate protection in place so that the security of your personal information can be maintained. Children Our website is not intended for children (anybody under the age of 18). We do not intend to collect data from children. Your rights Under the UK General Data Protection Regulation you have a number of important rights free of charge. In summary, those include rights to: (1) fair processing of information and transparency over how we use your use personal information; (2) access to your personal information and to certain other supplementary information that this Privacy Statement is already designed to address; (3) require us to correct any mistakes in your information which we hold; (4) require the erasure of personal information concerning you in certain situations; (5) receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit this information to a third party in certain situations; (6) object at any time to processing of personal information concerning you for direct marketing; (7) object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you; (8) object in certain other situations to our continued processing of your personal information, or ask us to suspend the processing procedure in order for you confirm its assurance or our reasoning for processing it; (9) object to processing our your personal information where we are doing so in reliance upon a legitimate interest of our own or of a third party and where you wish to raise to an objection to this particular ground; (10) otherwise restrict our processing of your personal information in certain circumstances; (11) claim compensation for damages caused by our breach of any data protection laws; and/or (12) in any circumstance where we rely upon your consent for processing personal information, you may withdraw this consent at any time. For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner's Office (ICO) on your rights under the General Data Protection Regulations. If you would like to exercise any of these rights please contact SUPPORT in the following manner: ________ 8255 828585222228 52 225 82585 8822 2588 228882 82 5222525 225252 (225 2552282: 55582, 85522 25822, 8558882) 282582 8222582 58 58822 252 5225888 82828. Complaints procedure 22 5222 2552 82 852 5282882 522 85252 25 8228252 225 55882 58252 255 582 22 2255 82225252822. 552 55 2222558 8525 2522282822 8225852822 5882 28828 225 58252 22 82522 5 822285822 8825 252 85225888252 552525822. 552 85225888252 552525822 82 252 528225 5822522 88 252 52225252822 822288882225. Changes to the privacy policy This privacy policy was published on ________ and last updated on ________. We may change this privacy policy from time to time and will notify you of any changes by: ________ Contacting us The relevant person to contact regarding your personal information is: SUPPORT. Any requests or questions regarding the use of your personal information should be made to the above named person using the following method: ________ Sources of further Information This policy provides key information to you regarding the processed of your information. For certain areas of our information processing, we have further comprehensive details contained in other documentation. This information can be located as follows: Our policy regarding the use of your sensitive data entitled WE DO NOT SHARE YOUR INFORMATION FOR ANY PURPOSE BEYOND SAID. can be located at: https://github.com/dipesious/Myriad-Undertakings/blob/main/TERMS-OF-SERVICE