Privacy Policy

Last Updated: June 14, 2021 – Version 1.0

 

Vidrio Privacy Policy

 

Thank you for visiting www.vidrio.com (the “Site“). The Site is an Internet property of VIDRIO Financial LLC (“Company,” “we,” “our” or “us”). This Privacy Policy (“Privacy Policy“) covers our treatment of personal information and other information that we collect when an end-user visitor to the Site (“User,” “you” or “your“): (a) accesses or uses the Site; (b) accesses and/or views any of the: (i) links to third-party resources and other information (“Third-Party Links“); and/or (ii) text, video and/or other information made available on the Site (the “Informational Content,” and together with the Third-Party Links, the “Content“); (c) accesses any comments sections and/or other interactive features made available on the Site (“Interactive Services“); and/or (d) utilizes the various contact forms and/or contact information made available on the Site as a means to contact directly, or request to be contacted by, Company and/or Company’s third-party service providers and online aggregators (“Third-Party Service Providers”) (collectively, the “Contact Services,” and together with the Site, Content and Interactive Services, the “Site Offerings“).

Users with disabilities who wish to access this Privacy Policy in an alternative format can contact us by calling us at: +1 212-798-6150; emailing us at: support@vidrio.com or sending us mail to: 830 Third Avenue, 6th Floor, New York, NY 10022, USA.

Capitalized terms not defined herein shall have the meanings set forth in the Site Terms and Conditions (“Terms and Conditions“). IF YOU DO NOT AGREE TO TERMS OF THIS PRIVACY POLICY IN THEIR ENTIRETY, YOU MAY NOT ACCESS OR OTHERWISE USE THE SITE OFFERINGS.

If you are party to a separate agreement with Vidrio concerning matters addressed by this Privacy Policy, such separate agreement shall take precedence in the event of any conflict.

 

Your California Privacy Rights

If you are a resident of the State of California, certain other privacy-related rights may apply to you, including the right to opt-out of our sale of your personal information, as well as the right to know what personal information about you we have collected,
whether your personal information was shared with third-parties in the preceding year and, if so, what categories of personal information were shared, as well as the names and addresses of those third-parties. Please see our Provisions for California
Residents below for a more complete description of your rights as a California resident.


Your European Privacy Rights

If you are a resident of the European Union or the European Economic Area, certain other privacy-related rights may apply to you, including the right to have your personal information deleted and to know the identity of the data controller and the legal basis on which the data controller collects and processes your personal
data. Please see our Provisions for E.U. and E.E.A. Residents below for a more complete description of your rights as a resident of the European Union or European Economic Area.


How We Collect Personal Information

For the purposes of this Privacy Policy, “personal information” shall mean individually identifiable information from or about an individual. We collect personal information when you access certain of the Site Offerings and complete the required information request form and/or otherwise provide such information to us. Where a User attempts to utilize the Contact Services, that User may be required to submit, and Company
may collect, some or all of the following information: (a) the User’s e-mail address; (b) the User’s full name; (c) the User’s telephone number; (d) any other information collected via the Contact Services form. 

Upon entering Contact Data and clicking on the applicable submission button on the Site: (i) Company may pass your Contact Data along to one (1) or more of its affiliates (collectively, “Affiliates”) or Third-Party Service Providers; and/or (ii) you may
be contacted by Company and/or one (1) or more of its Affiliates or Third-Party Service Providers regarding your request.. Where Company contacts you in connection with your submission of Contact Data, a Company representative may request additional information including some or all of the following: (A) User date of birth; (B) User mailing address; and (C) any other information requested by the applicable Company representative.


Use of Personal Information
Please see our Provisions for California Residents below for details regarding our uses of personal information. By submitting your personal information by and through the Site Offerings, you agree that we may share or otherwise provide that personal
information to any third-party for any purpose permitted by law.

Without limiting the foregoing, with your permission, we may share your User Data with those Third-Party Service Providers that you request to be contacted by.  These Third-Party Service Providers may use your User Data to offer you products and/or
services, and for any other lawful purposes, subject to any restrictions contained herein. The information that you supply directly to any Third-Party Service Provider shall be governed by the applicable Third-Party Service Provider’s privacy policy.
Where you submit personal information, we use the personal information that you make available to personalize your experience with the Site and to facilitate the delivery of the applicable Site Offerings to you, including to respond to any inquiries made by you.

We may also provide your information to third-party companies and individuals to perform certain functions on our behalf. Examples include sending direct and electronic mail, removing duplicate information from User lists, analyzing data and providing marketing analysis. The agents performing these limited functions on our behalf shall have access to our Users’ personal information as needed to perform these functions for us, but we do not permit them to use User personal information for other purposes.

 

We will also use your personal information with your permission, for customer service, to provide you with information that you may request, to customize your experience with the Site Offerings and/or to contact you when necessary in connection with your use of the Site Offerings. We may also use your personal information for internal business purposes, such as analyzing and managing our service offerings including, without limitation, the Site Offerings. We may also combine the information we have gathered about you with information from other sources.

 

We reserve the right to release current or past personal information: (A) in the event that we believe that the Site Offerings are being or have been used in violation of the Terms and Conditions or to commit unlawful acts; (B) if the information is subpoenaed; provided, however, that, where permitted by  applicable law, we shall provide you with e-mail notice, and opportunity to challenge the subpoena, prior to disclosure of any personal information pursuant to a subpoena; or (C) if we are sold, merge with a third-party, are acquired or are the subject of  bankruptcy proceedings; provided, however, that if Company is involved in a bankruptcy proceeding, merger, acquisition or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on the Site of any change in ownership or uses of your personal information, as well as any choices that you may have regarding your personal information.

You hereby consent to the disclosure of any record or communication to any third-party when we, in our sole discretion, determine the disclosure to be appropriate including, without limitation, sharing your e-mail address with third-parties for suppression purposes in compliance with applicable law, including the CAN-SPAM Act of 2003, as amended from time to time. Users should also be aware that courts of equity, such as U.S.  Bankruptcy Courts, might have the authority under certain circumstances to permit personal information to be shared or transferred to third parties without permission.

 

Cookies
When a User visits the Site, we may send one (1) or more transient or persistent cookies and/or gif files (collectively, “Cookies“) to assign an anonymous, unique identifier to the applicable User’s computer. A Cookie is a piece of data stored on
your hard drive containing non-personally identifiable information. Cookies have many benefits to enhance your experience at the Site. We use Cookies to improve the quality of the Site Offerings, including for storing User preferences and tracking Site-User trends (such as pages opened and length of stay at the Site).

 

Most Internet browsers are initially set up to accept Cookies, but you can reset your browser to refuse all Cookies or to indicate when a Cookie is being sent. To disable and reject certain Cookies, follow the instructions associated with your Internet browser. Even in the case where a User rejects a Cookie, he or she may still use the Site Offerings; provided, however, that certain functions of the Site Offerings may be impaired or rendered inoperable if the use of Cookies is disabled. We reserve the right to retain Cookie data indefinitely. Company reserves the right to transfer and/or sell aggregate or group data about Users of the Site Offerings for lawful purposes. Aggregate or group data is data that describes the demographics, usage and other characteristics of Site Offerings Users as a group, without disclosing personally identifiable information.

IP Addresses/Browser Type

We may collect certain non-personally identifiable information about you and your desktop or laptop computer and/or mobile device when you visit many of the pages of the Site. This non-personally identifiable information includes, without limitation, the type of browser that you use (e.g., Safari, Chrome, Internet Explorer), your IP address, the type of operating system that you use (e.g., Windows or iOS) and the domain name of your Internet service provider (e.g., Verizon, AT&T). We use the non-personally identifiable information that we collect to improve the design and content of the Site Offerings and to enable us to personalize your Internet experience. We also may use this information in the aggregate to analyze usage of the Site Offerings.


Interactive Services
If you engage in any interaction with Company, other Users or any third-party via the Interactive Services, you should be aware that the personal information that you submit by and through the Interactive Services may be read, collected and/or used by other Users of these services, and could be used to send you unsolicited messages or otherwise to contact you without your consent or desire. We are not responsible for the personal information that you choose to submit via the Interactive Services.


Third-Party Sites
This Site may contain links to third-party owned and/or operated Sites including, without limitation, Sites owned and/or operated by Company’s Third-Party Service Providers and/or Affiliates. Company is not responsible for the privacy practices or the content of such entities and/or Sites. In some cases, you may be able to make a purchase through one of these third-party Sites. In these instances, you may be required to provide certain information, such as a credit card number, to register or complete a transaction at such Site. These third-party Sites and entities have separate privacy and data collection practices and Company has no responsibility or liability relating to them.


Data Security

When Users make personal information available to us, their personal information is protected both online and offline (to the extent that we maintain any personal information offline). Where our registration/application process prompts Users to enter sensitive information (such as financial information or Social Security Number), and when we store and transmit such sensitive information, that information is encrypted with advanced TLS (Transport Layer Security).


Access to your personal information is strictly limited, and we take reasonable measures to ensure that your personal information is not accessible to the public. Access to our Users’ personal information is restricted in our offices, as well as the offices of our third-party service providers. Only employees or third-party agents who need User personal information to perform a specific job are granted access to User personal information. Our employees are dedicated to ensuring the security and privacy of all User personal information. Employees not adhering to our firm policies are subject to disciplinary action. The servers on which we store User personal information on are kept in a secure physical environment. We also have security measures in place designed to protect against the loss, misuse or alteration of personal information under our control.

 

Please be advised, however, that while we take every reasonable precaution available to protect your data, no storage facility, technology, software, security protocols or data transmission over the Internet or via wireless networks can be guaranteed to be 100% secure. Computer hackers that circumvent our security
measures may gain access to certain portions of your personal information, and technological bugs, errors and glitches may cause inadvertent disclosures of your personal information; note, however, that any attempt to breach the security of the network, our servers, databases or other hardware or software may constitute a crime punishable by law. For the reasons mentioned above, we cannot warrant that your personal information will be absolutely secure. Any transmission of data at or through the Site, other Site Offerings or otherwise via the Internet or wireless networks, is done at your own risk.


In compliance with applicable laws, we shall notify you and any applicable regulatory agencies in the event that we learn of an information security breach with respect to your personal information. You will be notified via e-mail in the event of such a
breach. Please be advised that notice may be delayed in order to address the needs of law enforcement, determine the scope of network damage, and to engage in remedial measures.


Minors
Visitors under eighteen (18) years of age are not permitted to use and/or submit their personal information at the Site. Company does not knowingly solicit or collect information from visitors under eighteen (18) years of age. 


Opt-Out/Unsubscribe

Please see our Provisions for California Residents below for instructions on how California Residents can opt-out of the sharing of their personal information with third parties. To opt-out of receiving e-mail and other forms of communications from us, you can: (a) follow the instructions included in the applicable e-mail message or other communication; or (b) e-mail us at: support@vidrio.com


Notwithstanding the foregoing, we may continue to contact you for the purpose of communicating information relating to your request for Site Offerings, as well as to respond to any inquiry or request made by you. To opt-out of receiving Site Offerings-
related and/or inquiry response-related messages from Company, you must cease requesting and/or utilizing the Site Offerings and/or cease submitting inquiries to Company, as applicable.


Deleting, Modifying and Updating Your Information

At your request, or the request of someone whom you have authorized to make such a request on your behalf, we will: (a) inform you of what personal information we have on file for you; (b) amend the personal information that we have on file for you; and/or (c) remove personal information that you have provided to us, or that we have collected. You may do so by e-mailing us at: support@vidrio.com . We ask individual Users to identify themselves and the information requested to be accessed, corrected or removed before processing such requests, and, to the extent permitted by applicable law, we may decline to process requests that are unreasonably repetitive or systematic, require disproportionate technical effort, jeopardize the privacy of
others or would be extremely impractical (for instance, requests concerning information residing on backup tapes).

Please be advised that deleting your personal information may terminate your access to certain of the Site Offerings. If you wish to continue using the full complement of Site Offerings, you may not be able to delete all of the personal information that we have on file for you.


Please be further advised that, after you delete your personal information, residual copies may take a period of time before they are deleted from our active servers and may remain in our backup systems.


Transfer of Personal Information Internationally

If you are visiting the Site from a country other than the county in which our servers are located, your communications with us may result in the transfer of information across international borders. By visiting the Site and/or otherwise communicating electronically with us, you consent to such transfers. Even if your jurisdiction does not have the same privacy laws as the jurisdiction where our servers are located, we will treat your information as subject to the protections described in this Privacy Policy.


Changes to this Privacy Policy

Company reserves the right to change or update this Privacy Policy at any time by posting a notice on the Site that we are changing our Privacy Policy. If the manner in which we use personal information changes, Company will notify Users by: (a)
sending the modified policy to our Users via email; and/or (b) by any other reasonable means acceptable under applicable state and federal law. You will have a choice as to whether or not we use your information in this different manner and we will only use your information in this different manner where you opt-in to such use. As part of the change management process, the Chief Privacy Officer of Company reviews and approves all new automated disclosures and transmissions to third parties and changes to existing automated disclosures and transmissions.

 

Contact Us

If you have any questions about this Privacy Policy or our privacy practices in general, you may call us at: +1 212-798-6150; email us at: support@vidrio.com or send us mail to: 830 Third Avenue, 6 th Floor, New York, NY 10022, USA.

 

Provisions for California Residents

These Provisions for California Residents (“Provisions”) supplement, and do not limit in any way, the Privacy Policy set forth above.  These Provisions apply solely to residents of the State of California (“CA Users”).    Users with disabilities who wish to access these Provisions in an alternative format can contact us by calling us at: +1 212-798-6150; emailing us at: support@vidrio.com or sending us mail to: 830 Third Avenue, 6 th Floor, New York, NY 10022, USA.


Categories of Information We Collect

We may collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular CA User or device (“personal information”). In particular, we have
collected the following categories of personal information from CA Users within the last twelve (12) months.

 

Category   Collected

A.   Identifiers

A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, telephone number, or other similar identifiers.

YES

B.   Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).

A name, signature, Social Security number, physical characteristics or description, postal address, telephone number, passport number, driver’s license or State identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.

YES

C.   Protected classification characteristi cs under California or federal law.

Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).

NO

F.   Internet or other similar network activity.

Browsing history, search history, information on a User’s interaction with a Site, application or advertisement.

NO

I.   Professional or employment related information.

Current or past job history or performance evaluations.

NO

 

 

 

Personal information does not include:

  • Publicly available information from government records.

  • De-identified or aggregated User information.

  • Information excluded from the CCPA’s scope, such as:

    • health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data;

    • personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA), the California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.

 

We obtain the categories of personal information for which we indicated “YES” above from the following categories of sources.

  • Directly from our CA Users. For example, from online registration forms that our CA Users submit to us related to the products and/or services that we offer by and through the Site.

  • Indirectly from our CA Users. For example, through information we collect from our CA Users in the course of providing our products and/or services to them.

  • Directly and indirectly from activity on the Site. This includes the type of browser that you use (e.g., Safari, Chrome, Internet Explorer), your IP address, the type of operating system that you use (e.g., Windows or iOS) and the domain name of your Internet Service Provider.  In addition, we obtain certain Site usage details and analytics as same are collected automatically by us and our third party partners, such as Google®.

  • From third-parties that interact with us in connection with the products and/or services that we offer to our CA Users. For example, third party entities that assist us in sending direct and electronic mail, removing duplicate information from CA User lists, analyzing data and providing marketing analysis.

 

Use of Personal Information

We may use or disclose the personal information that we collect (including the following specific items of personal information: (a) e-mail address; (b) full name; and (c) telephone number; for one or more of the following business purposes (with the specific categories of personal information indicated in parenthesis) to fulfill or meet the reason for which the information is provided, such as:

  • To provide you with information, products or services that you request from us.

  • To create, maintain, customize and secure your account with us.

  • To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including the Site’s Terms and Conditions.

  • To improve the Site and better present its contents to you. 

  • For customer service purposes and to respond to inquiries from you. 

  • For testing, research, analysis and product development. 

  • As necessary or appropriate to protect our rights, property or safety, and that of our clients or others.

  • To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations. 

  • As described to you when collecting your personal information or as otherwise set forth under applicable law. 

  • To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which personal information held by us is among the assets transferred.

We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated or incompatible purposes without providing you with notice.

 

Sharing Personal Information

Subject to your right to opt-out of such sharing/sale, we may share your personal information with third parties for legitimate business purposes.  The specific items of personal information that we may sell include: (a) e-mail address; (b) full name; and (c) telephone number.  When we disclose personal information to a third party service provider or other entity, we enter into a contractual relationship that describes the purpose for which such third party may use the personal information and requires that third party to both keep the personal information confidential and not use it for any purpose other than the performance of its services under the applicable contract. Please note, we do not collect information from Users that we actually know are less than eighteen (18) years of age and we do not share or sell the personal information of Users that we actually know are less than eighteen (18) years of age.  Without limiting the foregoing, we have not shared or sold the personal information of Users that we actually know are less than sixteen (16) years of age in the preceding twelve (12) months.

 

In the preceding twelve (12) months, we have disclosed the following categories of personal information for a business purpose:


Category A       Identifiers.
Category B       California Customer Records personal information categories.


In the preceding twelve (12) months, we have sold the following categories of personal information to third parties:


NONE


We may disclose your personal information from Category A, B and F for a business purpose to the following categories of third parties (Category A, B, C, F and I)

  • Service providers. (Category A, B, C, F and I)

  • Third parties who provide products and/or services featured on the Site. (Category A, B, C, F and I)

  • Third parties to whom you authorize us to disclose your personal information in connection with the products and/or services that we provide to you. (Category A, B, C, F and I)

In the preceding twelve (12) months, we have NOT: (a) sold personal information (including (i) e-mail address; (ii) full name; or (iii) telephone number; to the third parties who purchase and/or license your personal information for marketing purposes,; or (b) shared your personal information for the business purposes set
forth above. 


In the preceding twelve (12) months, we have:

1.  Received 0 requests for access to specific information and to exercise data portability rights.  We have complied with 0 of those requests (in whole or in part) and denied0requests. The median number of days within which we substantively responded to such requests was 0;


2.   Received 0 requests to delete personal information.  We have complied with 0 of those requests (in whole or in part) and denied 0 requests.  The median number of days within which we substantively responded to such requests was 0; and


3.   Received 0 requests to opt-out from the sale of personal information.  We have complied with 0 of those requests (in whole or in part) and denied 0 requests.  The median number of days within which we substantively responded to such requests was 0.

 

Your Rights and Choices

The CCPA provides California residents (CA Users) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.


Opt-Out from the Sale of Your Personal Information You have the right to opt-out of our sale of your personal information to third  parties. To exercise your right to opt-out of our sale of your personal information to third parties, please submit a verifiable CA User request to us by either:

  • Calling us at: +1 212-798-6150;

  • Emailing us at:  support@vidrio.com 

  • Sending us mail to: 830 Third Avenue, 6 th Floor, New York, NY 10022, USA.

Where you make a request to opt-out of the sale of your personal information through an Authorized Agent, we will require that you or the Authorized Agent provide us with a valid written authorization executed by you and that Authorized Agent, with the validity of such document determined by us in our reasonable, good faith discretion.  Please submit such documentation to us by

  • Emailing us at:  support@vidrio.com 

  • Sending us mail to: 830 Third Avenue, 6 th Floor, New York, NY 10022, USA.

We endeavor to act on all opt-out requests as soon as practicable, but in all cases within fifteen (15) days of the receipt of your request.

Access to Specific Information and Data Portability Rights
You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past twelve (12) months. Once we receive and confirm your verifiable CA User request, we will disclose to you:

  • The categories of personal information we collected about you.

  • The categories of sources for the personal information we collected about you.

  • Our business or commercial purpose for collecting or selling that personal information.

  • The categories of third parties with whom we have shared that personal information.

  • The specific pieces of personal information we collected about you (also called a data portability request).

  • If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:

    • sales, identifying the personal information categories that each  category of recipient purchased; and

    • disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.

 

Deletion Request Rights

You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable CA User request, we will delete (and direct our service providers to delete) your personal information from our (their) records, unless an exception applies.


We may deny your deletion request if retaining the information is necessary for us or our service providers to:


1.    Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our obligations in connection with our contract with you.

2.    Detect security incidents, protect against malicious, deceptive, fraudulent or illegal activity, or prosecute those responsible for such activities.

3.    Debug products to identify and repair errors that impair existing intended functionality.

4.    Exercise free speech rights, ensure the right of another CA User to exercise their free speech rights or exercise another right provided for by law.

5.    Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.).

6.     Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed
consent.

7.    Enable solely internal uses that are reasonably aligned with CA User expectations based on your relationship with us.

8.    Comply with a legal obligation.

9.    Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

 

Exercising Access, Data Portability and Deletion Rights

To exercise your access, data portability and/or deletion rights described above, please submit a verifiable CA User request to us by either:

Only you or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable CA User request related to your personal information. Where you make a data deletion request, data portability request and/or information access request through an authorized agent, we will require that you or the authorized agent provide us with a valid written authorization executed by both parties, with the validity of such document determined by us in our reasonable, good faith discretion.  Please submit such documentation to us by:

  • Emailing us at: support@vidrio.com

  • Sending us mail to: 830 Third Avenue, 6 th Floor, New York, NY 10022, USA.

 

You may only make a verifiable CA User request for access or data portability twice within a 12-month period. The verifiable CA User request must:

  • Provide sufficient information that allows us to reasonably verify that you are the person about whom we collected personal information or an authorized representative.

  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

 

We endeavor to respond to all verifiable CA User requests within forty-five (45) days of the receipt thereof.  If we require more time (up to ninety (90) days), we will inform you of the reason and extension period in writing.  We will deliver our written response by mail or electronically, at your option.  Any disclosures we provide will only cover the twelve (12) month period preceding the receipt of your verifiable request.  The response we provide will also explain the reasons we cannot comply with a request, if applicable.   For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable CA User request unless it is excessive, repetitive, or unfounded.  If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

 

Non-Discrimination

We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

  • Deny you goods or services;

  • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties;

  • Provide you a different level or quality of goods or services; and/or

  • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

 

Changes to these Provisions

We reserve the right to amend these Provisions in our discretion and at any time. When we make changes to these Provisions, we will notify you by email or through a notice on the Site’s homepage.

 

Contact Information

If you have any questions or comments about these Provisions, the Privacy Policy, the ways in which we collect and use your personal information, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us by either:

  • Calling us at: +1 212-798-6150;

  • Emailing us at: support@vidrio.com;

  • Sending us mail to: 830 Third Avenue, 6 th Floor, New York, NY 10022, USA.

 

Provisions for E.U. and E.E.A. Residents

Under the General Data Protection Regulation (Regulation 2016/679) (“GDPR”),  Vidrio is considered the “data controller” for its Site, and each user is a “data subject.”
The following agreement applies solely to personal data held within the Site.

1.    Lawful Basis for Processing

The lawful bases for processing data are:

  • the data subject has given consent to the processing of his or her personal data for one or more specific purposes.

  • processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.

  • processing is necessary for compliance with a legal obligation to which the controller is subject.

  • processing is necessary in order to protect the vital interests of the data subject or of another natural person.

  • processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

  • processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

For use of the Site, you as the data subject give us your consent to the use of your personal data to provide information that you have requested, and agree that the processing is needed for the performance of the contract between you and us to deliver the Site Offerings.


2.    Responsibility and accountability

It is the responsibility and liability of Vidrio to implement effective measures and be able to demonstrate the compliance of its data processing activities even if the processing is carried out by a data processor on behalf of Vidrio.

 

3.    Consent

You hereby confirm that you consent to Vidrio’s use of the following personal information in connection with the Site:

  • Customers purchasing Services from us will have their name, email address, physical address, phone number, and IP address stored in our customer database for the purposes of providing their Service and communicating service updates and other contractual information with them.

  • Users submitting help desk tickets through the support section of our Site will have their name, email address, and country stored in our support web site. In addition, any user-provided information relevant to the resolution of the support issue will also remain in our support system.

4.    Right of access

As described in section (3) above, depending on how you interact with the Site, and what consent you have given, we may store and maintain the following personal data about you:

  • First, Last Name, Middle Initial

  • Email Address

  • Country

  • IP Address

  • Mailing Address

  • Phone Number

     

 

5.    Right of erasure

If you as a User of our Site request that we delete your personal data in writing by means of our Site, upon verification of the request being genuine, we shall erase or render illegible all requested personal data within a reasonable time (not to exceed five (5) business days). Should this request result in the inability for us to provide a contracted service (for example providing access to our software) we will inform you of the potential impact prior to performing the erasure.

In addition, visitors to the Site who are not contracted customers, will have their personal data erased automatically after two (2) years if they do not continue to interact with the Site.

 

6.    Data portability

If you as a User of our Site request that we provide you a copy of your personal data in writing by means of our Site or support help desk, upon verification of the request being genuine, we will provide your personal information in an industry standard
format that will allow you to use it somewhere else.
 
7.    Records of processing activities

Vidrio will maintain records of its data processing activities in connection with the Site, including the purposes of carrying out such processing, the categories of data involved and the expected time limits on retention and use of the data. Vidrio will make these records available to the applicable supervisory authority on request.

 

8.    Data breaches

In the event of a data breach affecting the Site, Vidrio will report the breach to the relevant supervisory authority within 72 hours, and will notify affected users promptly.


9.    Data Protection Officer

We do not as our core activity, handle the data processing of operations that require regular and systematic monitoring of data subjects, therefore we do not have a formal Data Protection Officer for our Site.

 

10.    GDPR Representative

As set forth in Article 27 (4), GDPR, in the case where Vidrio or its data processor is not established in the EU, Vidrio shall designate a GDPR representative in one of the Member States where the relevant data subjects reside. The contact information for
Vidrio’s GDPR representative is: 

 

Lorenza Massone; Lorenza.massone@vidrio.com

 

11.    How to contact the appropriate authority

Should you wish to report a complaint or if you feel that Vidrio has not addressed your concerns under the GDPR in a satisfactory manner, you may contact the Information Commissioner’s Office as follows:


Italian Data Protection Authority
Piazza Venezia 11 - 00187 Roma
 
Phone: +39 06.696771

Email address: protocollo@gpdp.it