In this section we will explain everything that, as our User, you need to
would also like to inform you that we are completely GDPR-compliant, so
your data is as safe with us as it can be.
Please take a moment to read the following paragraphs. They are important as they concern you.
2. What is the GDPR and what does it say?
GDPR stands for General Data Protection Regulation. It's a new European rule that ensures a high level of protection of personal data when any operation is performed on it (processed) by the companies and businesses.
The GDPR requires us to inform you about which data do we collect, how we manage it, handle and process it, and what your rights are in this regard.
2.1 Which personal data do we collect?
We only ask you for the data that we deem necessary in order to provide you with the best service, and in particular:
- your full name
- email address
- (Company) details that need to be included on the invoice
As for the financial details, we collect and store:
- credit card issuer
- last four digits of the credit card number
- credit card country
We do not hold the full credit card number nor any other financial data. Stripe, our payment processor, holds a GDPR-compliant certification.
We rely on your express consent to process all the above mentioned data.
2.2 How do we manage your data?
Once you provide us with your personal data, we include it in a secure database. Then we use it for the following purposes:
- Identify the User that is signing up to our service
- Users log in service
- Add, edit and delete URLs and settings
- Store the user's preferences
- Contact the User with payment and subscription info
- Send invoices
- Provide you with transactional notifications such as (un)subscribing, registration confirmations, confirmation of account changes, or emails relating to a User's account or changes in the site terms or policies.
In addition, we would like to make you aware of the fact that upon certain events, such as sign up or the e-mail exchange when you contact us we collect that data as well.
Only the Chief Executive Officer and the Chief Technical Officer of Stillio can access your personal data, and they would only do so if it is strictly necessary.
2.3 What are your rights as our User?
The GDPR grants you the following rights.
You have the right to:
- ask us whether your personal data is being used or processed by us and which type (e-mail, full name, address, etc.), for which purpose, and if we're disclosing it or we will in the future it and to whom.
- have the inaccurate data that concerns you rectified.
- "be forgotten": this means that we will erase your personal data, and you can request us to do so if:
- we don't need it anymore,
- you withdraw your consent,
- it has been unlawfully processed,
- there is such a legal obligation upon us, which arises from a national or EU norm.
- restrict the processing of your personal data if:
- you think that the data that we hold or process is inaccurate (only during the time that would take us to verify and fix the issue),
- the processing of your personal data is unlawful, and you prefer to restrict the use instead of erasing it,
- we no longer need your personal data, but you need us to have it for the establishment, exercise or defence of legal claims.
- object to the processing your personal data: we will no longer be able to use your personal data for the purposes for which we collected them. You can also object to the use of your personal data for direct marketing purposes.
- to not be subject to a decision based solely on automated processing: if a decision that has binding effects and concerns you is made, you have the right of this not to happen.
- be informed, in case of personal data breach (security breach in our systems), of what happened and which measures we have implemented to fix or alleviate the problem.
- lodge a complaint with a supervisory authority. Each Member State of the European Union appoints an institution as the supervisory authority, and you can address them concerning a complaint.
Furthermore, if you make use of the above mentioned rights, we have to provide you with a response within one month.
We would like you to know that your personal data will be automatically erased from our databases after 3 years in case of inactivity of if you cancel your subscription with us.
3. Third parties
In order to provide you with a better service, we work with the following parties, out of which, some collect data for us. All of them hold a GDPR compliant certification:
We do not disclose your personal data with any third party without your express consent.
4. Further questions?
Do you have any further questions about how your data is handled, or you would like to know more about your rights and how you can exercise them? Contact us via our official web form and we will get back to you shortly.