Overview
Impact Host Ltd. (We, Impact Shared) strongly believes that it's important to be as transparent as possible,
regarding how we collect, process, store, share and use the personal information we gather through our website, web
services and all other matters. We also believe that our subscribers and users should clearly understand how we
handle
their data. This privacy policy will outline all of the above and does not apply to information collected by
third-party
websites. Same policy will be updated periodically.
As a company, based in the EU, Impact Shared is commited in being fully compliant with the General Data Protection
Regulation
(GDPR). GDPR is an European privacy law, which is into effect as of 25th May 2018. It will replace EU Data
Protection
Directive and will become the single data protection law through the whole EU and it's members.
Information we collect automatically
When our users visit our website, use our services or fill a specific form, related to our offerings, some data is
automatically collected (logged) by our servers. The collected information includes, but is not limited to the
following:
- Domain Name/Hostname.
- IP Address
- Timestamp (Date and time) of your visit
- Browser information
- Operating System and other information, regarding your computer or mobile device
- Information from third parties
- Cookie information
Information you provide voluntarily
In order to use our services or to conduct business with us, in any other means, our users will be prompted to
provide
certain personal information:
Users who sign up for our services, will be required to provide their real name, address, country, post code,
telephone
number, company name (where aplicable), VAT/TAX ID (where aplicable) and email address.
Users, who complete different subscription / marketing opt-in forms will be prompted to provide their email address
Users, who fill out different forms on our website will be required to provide email and name.
Information we gather through other sources
If we deem appropriate or otherwise needed, we may source additional information from Fraud and high risk scoring
web
services, namely - Maxmind and FraudRecord.
Cookies
Impact Shared uses a couple of different kind of cookies - functional cookies, analytics and statistics cookies,
advertising
cookies and 'other kind' of cookies. The functional cookies are required for our website to function properly and as
intended and at the same time - make the user experience better. Analytics and statistics cookies are cookies from
web
services such as Google Analytics, which help us analyze the performance of our marketing and remarketing campaigns,
as
well as the user behavior on our website. Advertising cookies are used in our advertising campaigns, such as
remarketing
tags and similar use cases.
It is your right to refuse accepting all or some of our cookies. You can do this, by adjusting the settings of your
browser, according to your needs.
Payment Data Processing
Impact Shared Utilizes 3 different payment gateways:
PayPal - When a transaction request is made, Impact Shared passes the information to PayPal, the user gets redirected
to
PayPal's website and the transaction is made on PayPal's website. No identifying payment information is stored on
Impact Shared's servers.
BrainTreePayments (by PayPal) - When a transaction is made, Impact Shared passes the information to BrainTreePayments.
Our
servers store only a special token, issued by BrainTreePayments, for the sole purpose of processing future payments
automatically. The said token does not contain any kind of identifying payment data.
BitPay - For processing BitCoin payments. When a transaction request is made, Impact Shared passes the information to
BitPay,
the user gets redirected to BitPay's website and the transaction is made on their website. No identifying payment
information is stored on Impact Shared's servers.
Considering no payment data is stored on Impact Shared's (Impact Host Ltd's) servers, we are not enforced by law
to be PCI-DSS compliant. We do ensure that all of our payment processors are PCI-DSS compliant and fully fulfilling
their obligations, required by law.
How we use your personal data
All data processing handled by Impact Shared is done for a specific reason or purpose. We do not process our user's
data
without justification in any case. In most of the cases, we process and use the personal information on the
following
basis:
For accounting purposes and records - Impact Shared issues VAT invoices to all of our clients. We are required by law
to fill
them up with certain personal or company information.
For forming a contract - When our users sign up for our services, we enter in a Contract, requiring some
personal
information to be processed.
For providing the services, for which the specific user has signed up for
For providing pre-purchase or post-purchase support
For providing product-related support
For providing custom sales quotes or contracts
For marketing our upcomming services (If consent is given)
For sending news and information about upcomming events or upgrades
For all other lawful purposes, which are in our legitimate interest and do not put in danger your fundamental
rights
Disclosure of personal data
Impact Shared will take all possible and reasonable measures to protect it's users' personal information safe from any
unauthorized 3-rd party individuals or companies. We may share your personal information in various cases, including
some of the following:
When required by law or law enforcement or similar legal entities
To satisfy government entities requests
To cooperate with law enforcement
With our Contractors or Sub-Contractors, when needed to provide you with certain services and support.
With your consent - when you explicitly give us consent to share certain information
In case of business acquisition
Retention of personal data
Impact Shared will keep personal data for as long as it's required to fulfill the purpose for which it was collected -
providing services, subscribing to our mailing list and others. We are required by law to keep paper copies of
invoices
issued to fulfill our accounting requirements, as well as tax requirements, for 10 years after the date of issue or
5
years after the date of completion of an external government audit.
Transfer of personal data
If by any reason, we need to transfer your personal data to other service provider, contractor or sub-contractor, as
well as affiliate of Impact Shared, we will ensure that it will be properly handled and receive the same level of
protection,
as if it remained with us and the new data processor will be fully GDPR compliant as we are.
Children
Impact Shared's services are not suitable, neither designed to be used by children under the age of 18 years. Our
services
are strictly forbidden for such persons and We do not knowingly collect, store or share any personal information,
belonging to children under 18 years. If you are under the age of 18 and provided Impact Shared with your personal
information, please ask your parent or guardian to contact us immediately, so we can delete all related data.
Marketing emails and campaigns
Impact Shared may send marketing emails to users, who are in our opt-in lists. Such emails may contain information,
however,
not limited to - future services, promotions and upcomming events, in which we will take part in.
Your Choices
You may unsubscribe at any time from all promotional emails from us. You may disable your cookies to ensure no data
is
being stored in them and later - processed.
Your Rights
You can easily modify, access, correct or update your account information via our customer panel
You can request deletion of your account and personal data, by sending a written ticket, requesting it.
You can opt-out of all marketing emails
You can withdraw your consent for us to process your personal data
You can inform a data protection authority, in case you believe your information was mis-handled
Data portability - you can request all your personal information to be provided to you in a machine-readable
format
And all other means and rights, specified in the GDPR act.
Changes to our privacy policy
Impact Shared reserves the right to change, revise, modify, update or amend this Privacy policy at any time and in any
matter. You should periodically check for updates.
GDPR Data Processing Agreement
Customers, who require a DPA, may view and download our DPA after requesting a direct link via a ticket.
By agreeing to our Terms of Service on sign up, you automatically accept our DPA.
Contacts
If you have any further questions please, feel free to send us an email.
support@impactvps.com