Updated December 4, 2017
1. Categories and sources of personal data
Personal data means any information relating to an identified or identifiable natural person ("Data Subject"), including any information on his/her personal characteristics or personal circumstances, where these are identifiable as concerning him/her or the members of his/her family or household.
Vizor collects two types of information from the Users: (i) User Data; and (ii) Technical Data. As a rule, the personal data processed by Vizor is provided by the User in context of the Service. Vizor may also collect data on the use of the Service for the purpose of developing the Service and disclosing necessary data to Vizor's cooperation partners. Such data shall, however, be anonymized. Although Vizor does not normally use Technical Data to identify individuals, sometimes individuals can be recognized from it, either alone or when combined or linked with User Data. In such situations, Technical Data can also be considered to be personal data under applicable laws and Vizor will treat the combined data as personal data.
Vizor may collect and process for example the following User Data from Users when a User signs up for the Service and uses the Service: (i) first and last name; (ii) address details, (iii) telephone number, (iv) e-mail address, (v) information that Users provide when rating Vizor's services or giving feedback on Vizor's services; (vi) other personal data Users provide and/or upload themselves; and (vii) other necessary information collected by Vizor to identify the User and enable the use of the Service.
The specific kind of User Data collected will depend on how the Service is used. User Data is received directly from Users.
Technical Data may include for example the following data: (i) the User's IP address; (ii) browser type and version; (iii) geographic location using IP address or the GPS, wireless, or Bluetooth technology on the User's device; (iv) operating system and computer platform; (v) the full Uniform Resource Locator (URL) clickstream to, through, and from Vizor's Service, including date and time; and (vi) areas of the Service the User has visited.
2. The purpose of the processing of personal data
There are several purposes for the processing of personal data by Vizor. Vizor processes personal data in the first place to be able to offer the Service to Users and to run, maintain and develop its business. In some cases, personal data may be processed in order to carry out Vizor's contractual obligations towards the User. Vizor may use the data for example to offer functionalities of the Service and to provide access to the Service. If the User contacts Vizor's customer support, Vizor will use the provided information for answering questions and solving possible issues.
Vizor may process personal data for the purpose of contacting Users regarding Vizor's services and to inform Users of changes in its services. Data may also be used for research and analysis purposes in order to improve Vizor's services.
Vizor may process information regarding the use of the Service to improve the quality of its services e.g. by analyzing any trends in the use of the Service. When reasonably possible, Vizor will do this using only aggregated, non-personally identifiable data.
3. Transfer to countries outside Europe
Vizor may use subcontractors when providing the Service. When necessary and to the extent required for the provision of the Service, personal data may be transferred outside of the European Union or European Economic Area. In such occasion, Vizor shall take steps to ensure that the Users' personal data receive an adequate level of protection in the jurisdictions in which Vizor processes it.
4. Legitimate grounds for processing of personal data
Vizor processes personal data to perform its contractual obligations towards Users and to comply with legal obligations. Furthermore, Vizor processes personal data to pursue its legitimate interest to run, maintain and develop its business.
5. Communication of personal data to third parties
As a rule, Vizor does not transfer personal data to third parties. Personal data may, however, be disclosed to authorized service providers of Vizor or other third parties when the disclosure is based on an obligation under applicable law or a need to defend the legitimate interests of Vizor in accordance with applicable law, with explicit consent of the User or to the extent otherwise permitted by applicable laws. Further, for clarification, Vizor notes that content and material uploaded by the User to the Service may be disclosed to third parties.
6. Data security
The personal data contained in the User Register is protected against unauthorized access, against accidental or unlawful destruction, manipulation, disclosure and transfer and against other unlawful processing by reasonable technical and
Should despite the security measures, a security breach occur that is likely to have negative effects to the privacy of the Users, Vizor will inform the relevant Users and other affected parties, as well as relevant authorities when required by applicable data protection laws, about the breach as soon as reasonably possible.
8. Storage period
Vizor does not store personal data longer than is legally permitted and necessary for the purposes of providing the Service or any other services or the relevant parts thereof.
The storage period depends on the nature of the information and the purposes of processing. The maximum period may therefore vary.
Typically, Vizor will store the User's personal data for as long as the User is a User of Vizor's Service or for as long as Vizor has another purpose to do so and, thereafter, for no longer than is required or permitted by law or reasonably necessary for internal reporting and reconciliation purposes.
In general, personal data of a User is deleted within a reasonable time after the User no longer uses any services provided by Vizor or when the User makes a request regarding deletion of the User's personal data.
9. Quality of data
10. Users' rights
Right to access
Vizor offers access for the Users to the personal data processed by Vizor. This means that Users may contact Vizor and it will inform the User what personal data Vizor has collected and processed regarding the said User and the purposes such data are used for.
Right to withdraw consent
In case the processing is based on a consent granted by the User, the User may withdraw the consent at any time. Withdrawing a consent may lead to fewer possibilities to use the Service.
Right to correct
Users have the right to have incorrect, imprecise, incomplete, outdated, or unnecessary personal data Vizor has stored about the User corrected or completed.
Right to deletion
Users may also ask Vizor to delete the User's personal data from Vizor's systems. Vizor will comply with such request unless Vizor has a legitimate ground to not delete the data. Vizor may not immediately be able to delete all residual copies from its servers and backup systems after the active data have been deleted. Such copies shall be deleted as soon as reasonably possible.
Right to object
Users may object to the certain use of personal data if such data are processed for other purposes than purposes necessary for the performance of Vizor's services to the User or for compliance with a legal obligation.
Users may also object any further processing of personal data after prior given consent. If the User objects the further processing of personal data, this may lead to fewer possibilities to use the Service.
Right to restriction of processing
Users may request us to restrict certain processing of personal data. This may, however, lead to fewer possibilities to use the Service.
Right to data portability
Users have the right to receive their personal data from Vizor in a structured and commonly used format and to independently transmit those data to a third party.
How to use the rights
11. Lodging a complaint
In case a User considers Vizor's processing of personal data to be inconsistent with the applicable data protection laws, a complaint may be lodged with the local supervisory authority for data protection.