GDPR POLICY
This Notice is for people who are located in the European Economic Area (“EEA”) and supplements our general Privacy Policy. Our processing of personal data of people who are in the EEA is governed by the General Data Protection Regulation (the “GDPR”), which applies from May 25, 2018. The GDPR requires us to provide certain information to you about your personal data, which we refer to in this notice as your personal information.
INTRODUCTION
This Notice together with the “Purpose” section of our Privacy Policy describes the way in which The Ratio Project Inc. (“The Ratio”) collects, processes and protects the personal data of our users. We aim to be as transparent as possible regarding our collection and use of our users’ personal information. We take our obligations to protect our users’ personal information seriously.
DEFINITIONS
The GDPR defines:
- “personal data” as information that identifies you, or may be used to identify you, such as your name, an identification number, location data, an online identifier, or factors specific to your physical, physiological, genetic, mental, economic, cultural or social identity;
- “controller” as the entity that determines the purposes and means of the processing of personal data;
- “processor” as the entity that processes personal data on behalf of the controller; and
- “data subject” as a natural person who is identified, or can be identified, by reference to his or her personal data.
DATA CONTROLLER
The Ratio is the data controller for our website. For our contact information, see the section in our general Privacy Statement headed “Contact Information”.
PURPOSES OF THE PROCESSING
The information we collect, either through our website or in response to a quiz or questionnaire sent to a user through social media, is personal information provided voluntarily by the user for the purpose of receiving additional information or registering for The Ratio’s services or events. The personal information users may enter through The Ratio’s subscriptions page is used only to provide them with communications they select, such as subscription to newsletters. When users register via our website for an event (such as a webinar), we use the personal information they have provided solely for purposes of contacting them about the event, and to let them know about future events if they have indicated that they would like to receive that information. The Ratio will also collect personal information posted by a user in their social media accounts, where the user consents to such collection. Social Media data is immediately de-aggregated.
We use the information provided by users solely to respond to and process their requests.
LAWFUL BASIS FOR THE PROCESSING
Generally, The Ratio processes personal information provided by its users through our website or in response to a quiz or questionnaire on the basis of a user’s consent.
We may also process personal information on other bases permitted by the GDPR and applicable laws, such as when the processing is necessary for us to comply with our legal obligations.
CATEGORIES OF PERSONAL INFORMATION
We collect the following information when provided voluntarily by users:
- Personal information provided by you: your name, email address, phone number, contact authentication data, and birth information (for example date, location, etc.) and profile pictures
- Payment Data: information necessary to process your payment if you make purchases from us such as billing information (like your credit or debit card’s account number, expiration date and security code; billing address)
CATEGORIES OF DE-IDENTIFIED NON-PERSONAL INFORMATION
- Social Media Information: photographs, uploads and information you post on social media that you permit us to access when you submit a response to forms, surveys, advertisements or quizzes from The Ratio on social media, including professional and employment-related Information: current and previous job title, job duties, employer, location, education, etcetera.
- Inferences drawn from your personal information that reflect your preferences, characteristics and behavior.
INFORMATION WE COLLECT AUTOMATICALLY
We may also collect information automatically through technologies such as web browsers, cookies, and log files. We do not want, or knowingly attempt to solicit or receive, information from children under the age of 13.
We use this information for purposes such as managing advertising, addressing technical issues, preventing fraud or misuse of our services, recognizing you when you return to The Ratio’s website, and conducting data analysis.
Please note that The Ratio will not use your data for selling advertising (generating revenue); but we may use it to communicate with you again online directly or via 3rd Party.
THIRD PARTY PROCESSORS
The Ratio may use third party service providers to service various aspects of the site. Each third-party service provider’s use of your personal information is dictated by their respective privacy policies.
We currently use the following third party service providers:
WordPress – this service provides “front-end” website access between the User and the “back-end” which traffics and stores all data for The Ratio Space inc.
WooCommerce — Personal Information related to account and subscription services are stored by WordPress’s WooCommerce platforms including : Stripe, PayPal, AliPay and WeChat.
ActiveCampaign and Twuilio – Manage email and text message opt-ins and subscriptions with associated Personal Information like first and last name.
CookiePro – Manages cookie preferences via your IP address.
Google Analytics — this service tracks site usage and provides information such as referring websites and user actions on the Website. Google Analytics may capture your IP address, but no other personal information is captured by Google Analytics.
Heroku – this is a cloud platform as a service that has features for a developer to build, run and scale applications in a similar manner across most languages.
Amazon Web Services – this is a cloud service from Amazon, which provides services in the form of building blocks, these building blocks can be used to create and deploy any type of application in the cloud. These services or building blocks are designed to work with each other, and result in applications which are sophisticated and highly scalable. In layman’s terms, data will be stored in Amazon Web Services. Personal data will be partitioned via the aforementioned “blocks”. Amazon Web Services is the industry standard for data storage and has a very high degree of internet security.
At this time, your Personal Information is not shared with any other third-party service providers. This list may be amended from time to time in The Ratio’s sole discretion.
HOW WE PROCESS AND PROTECT YOUR PERSONAL DATA
The Ratio complies with its legal obligations, including its obligations under the GDPR, when applicable, by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorized access and disclosure and by ensuring that appropriate physical, technical and administrative safeguards are in place to protect personal data. The Ratio has implemented measures designed to secure your personal information from accidental loss, and from unauthorized access, use, alteration, and disclosure. All information you provide to us is stored on our secure servers, behind firewalls.
Any payment transactions will be encrypted using SSL technology.
Unfortunately, transmission of information over the Internet is not completely secure at all times. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to The Ratio. Any transmission of personal information is therefore at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on The Ratio’s website.
In addition, the security of your data also depends on you. You are responsible for keeping your password confidential. We ask you not to share your password with anyone.
LEGAL BASIS FOR PROCESSING YOUR PERSONAL DATA
Article 6 of the GDPR serves as The Ratio’s legal basis for processing your personal data, as follow:
- to provide you with information you request or subscribe to;
to comply with a relevant legal obligation, such as keeping accounting records;
- as necessary for the purposes of The Ratio’s legitimate interests to use user data to conduct and develop our business activities while limiting the use of their personal data to purposes that support the conduct and development of our business. Those purposes include: administering The Ratio’s website, including for troubleshooting, data analysis, testing, research and statistical purposes; obtaining or deploying resources aimed at keeping the website safe and secure; displaying content on the website in a manner most effective for you and your device; operating, evaluating, maintaining, improving and developing the website (including by monitoring and analyzing trends, access to, and use of the website for advertising and marketing); evaluating, improving and developing our products and services generally; customizing our website to users’ needs; corresponding with users to resolve queries or complaints; managing, protecting against and investigating fraud, risk exposure, claims and other liabilities, including but not limited to violation of contract terms, laws, or regulations; and sharing users’ personal data with third parties in connection with potential or actual sale of The Ratio or any of its assets, in which case personal data held by us about our users may be one of the transferred assets.
HOW LONG IS YOUR PERSONAL DATA KEPT?
The Ratio will keep your personal data for as long as there is a continuing need to keep it.
- If you have subscribed to any of The Ratio’s newsletters, your personal data will be kept while you are receiving such information and for five years after you have unsubscribed from the last subscription in order to defend against legal claims.
- The Ratio will retain your personal data for other periods of time where we are required to do so in accordance with legal, tax, and accounting requirements, or, if required to do so by a legal or government entity that has authority to make the request, for so long as required.
TRANSFER OF PERSONAL DATA OUTSIDE THE EEA
The Ratio is located in Puerto Rico, and its service providers, including processors, may be located outside the European Economic Area (“EEA”). In some cases, personal information will be transferred to them. Personal information may be transferred outside the EEA with the consent of the user, or to satisfy the legitimate business interest of The Ratio in regards to contractual arrangements with its users.
YOUR RIGHTS
You have rights under the GDPR, which are set forth in Chapter 3 of the GDPR and which are enumerated below. The Ratio will always fully respect your rights regarding the processing of your personal data, and has provided below information for contacting The Ratio if you have any concerns or questions regarding how what data we process, how we process your data, or if you wish to exercise any rights you have under the GDPR.
The rights you have are as follows:
- The right to be informed, meaning that anyone processing your personal data must make clear what they are processing, why, and who else the data may be passed to.
- The right of access, which is your right to see what data is held about you by a data Controller.
- The right to rectification – the right to have your data corrected or amended if what is held is incorrect in some way.
- The right to erasure: under certain circumstances you can ask for your personal data to be deleted. This is also called ‘the Right to be Forgotten’. This would apply if the personal data is no longer required for the purposes it was collected for, or your consent for the processing of that data has been withdrawn, or the personal data has been unlawfully processed.
- The right to restrict processing, which gives you the right to ask for a temporary halt to processing of personal data, such as in the case where a dispute or legal case has to be concluded, or the data is being corrected.
- The right to data portability: you have the right to ask for any data supplied directly to the data Controller by him or her, to be provided in a structured, commonly used, and machine-readable format.
- The right to object: you have the right to object to further processing of your data which is inconsistent with the primary purpose for which it was collected, including profiling, automation, and direct marketing.
- Rights in relation to automated decision making and profiling: you have the right not to be subject to a decision based solely on automated processing.
CONTACT INFORMATION
If you have any questions or comments about this GDPR Notice, the ways The Ratio collects and uses your personal information, your choices and rights concerning such use, or wish to exercise your rights under the GDPR, please contact us at:
- Website: https://theratio.space/
- Email: Privacy@TheRatio.Space
- Postal Address: The Ratio
- 1607 Ave. Ponce de León GM6 #21
- San Juan, PR 00909
- Attn: Privacy Officer
UPDATES TO GDPR PRIVACY NOTICE
The Ratio reserves the right to change the content of this Notice at any time. We will notify you of significant changes to this Notice by placing a prominent notice on our site. Unless the law requires otherwise, significant changes will go into effect 30 days following such notification. Non-material changes or clarifications will take effect immediately. You should periodically check the Site and this GDPR Notice page for updates.