ThyCart ("Company") is engaged in the business of providing Ecommerce Solutions ("Services") to clients all over the world ("Clients"). Personal information is collected by the Clients and provided as input data for the Company in order to provide the Services. Given the nature of the Company's business, the Company does not collect Personal Information (as defined below).
For the purposes of this Policy, "Personal Information" means data about an identified or identifiable individual received by the Company from any Client and recorded in any form and includes Sensitive Information. "Sensitive Information" shall mean Personal Information specifying medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership or information specifying the sex life of the individual.
Notice: Given the nature of its business, the Company does not collect Personal Information from any person. However, the Company may, for the purpose of rendering Services, receive Personal Information collected by Clients all over the globe. The Company does not disclose Personal Information to any third party except to subsidiaries and even that under obligations of confidentiality. The Company enters into non-disclosure agreements with all employees who may deal with Personal Information in the course of rendering Services. For any inquiries and complaints related to this Policy, the Company's officer identified in the Enforcement clause below may be contacted.
Choice: As stated earlier in this Policy, the Company does not collect Personal Information from any person. The Company reasonably presumes that the Clients who transmit Personal Information to the Company have obtained appropriate consents, including affirmative consents in respect of Sensitive Information, from those to whom the Personal Information belongs or relates to.
Onward Transfers: The Company may, in order to perform the Services for Clients, transmit the Personal Information onward to its subsidiaries. The Company shall have entered into contractual arrangements requiring them to provide the same privacy protection as incorporated in the Safe Harbor Principles read with this Policy. If any person has any inquiries in this regard or any complaints as regards onward transfer by the Company, or chooses not to have his or her Personal Information so transmitted onward, the person may please contact the Company officer mentioned above.
Access: If any person requests access to his or her Personal Information held by the Company, including for the purpose of correct, amend, or delete that information where it is inaccurate, the Company shall provide such access within a reasonable time after informing the relevant Client of such request. Alternately, the Company shall request the relevant Client to provide access to the Personal Information directly to the requestor. This obligation shall not apply if in a given instance, the burden or expense of providing access would be disproportionate to the risks to the requestor's privacy in the case in question, or where the rights of persons other than the requestor would be violated.
Security: The Company shall take all reasonable precautions to protect Personal Information from loss, misuse and unauthorized access, disclosure, alteration and destruction.
Data Integrity: Personal Information received by the Company shall be relevant for the purposes for which it is to be used. The Company shall not process Personal Information in a way that is incompatible with the purposes for which it has been collected or subsequently authorized by the Client and/or individual. The Company shall take reasonable steps to ensure that the reliability of the Personal Information for its intended use, or its accuracy, completeness and currency, are not affected.
Enforcement: For any inquiries and complaints, please email at firstname.lastname@example.org
All inquiries and complaints shall be looked into promptly and without charging any fee to the inquirer / complainant. Since the Company merely receives Personal Information from Clients and does not collect the Information itself, the Company shall keep informed and cooperate with the Client from whom the Information related to the inquiry / complaint was received. The Company shall also cooperate with the Data Protection authorities of the European Union in the investigation and resolution of complaints in relation to the treatment of Personal Information under this Policy. The Company will comply with any advice given by such authorities in relation to any complaint.