This Policy sets out how Citiletter uses and protects any personal data that you provide to Citiletter (including personal data provided through the website www.citiletter.com (“Website”). Policy herein tells you about your privacy rights and how data protection laws protects you. Citiletter collects and processes personal data about individuals when signing up. In addition to this, the Website also collects certain personal data from users, in accordance with this Policy. Citiletter is committed to respecting and protecting the privacy of all personal data received or collected, in strict compliance with data protection legislation. Citiletter has established this Policy so that you can understand the care with which we intend to treat your personal data.
How to contact us
If you have any questions about this Policy, including any requests to exercise your legal rights, please contact us using the details set out below. If you have any questions regarding your personal data and how we may use it, including any queries relating to this Policy, please contact us at firstname.lastname@example.org
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us by emailing email@example.com with any changes.
Personal data and Basis for Collection
Personal data means any data or information about an individual from which that person can be identified. It does not include data where the identity has been removed or masked.
Where Citiletter is acting as a data controller, Citiletter may collect, use, store and transfer different kinds of personal data about you which Citiletter has grouped together as follows:
Identity Data includes first name, last name, country, title, date of birth and gender;
Contact Data includes email address;
Technical Data includes internet protocol address, browser type and versions, time zone setting and location, browser plug-in types and versions and platform and other technology on the devices you use to access our Website;
Profile Data includes your pictures, attented locations, feedback and survey responses;
Usage Data includes information about how you use our Services or submit an enquiry or query through our Website;
Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences;
If you fail to provide personal data
Where Citiletter needs to collect personal data by law, or under the terms of a contract Citiletter has with you and you fail to provide that data when requested, Citiletter may not be able to perform the contract it has or is trying to enter. In this case, Citiletter may have to cancel the Services but it will notify you. Citiletter is trying to implement data minimization techniques in order to enhance the quality and mitigate the risks for personal data that are processed. Therefore, Citiletter solely request the data which are needed to provide it’s services.
How is your personal data collected?
Citiletter uses different methods to collect personal data from and about you including through:
- Direct interactions. You may give us your contact information by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you create a profile through Citiletter; or
- Participation contact if you participate in a survey or other offer that we might make available to you; or
We use collected information internally to improve our marketing efforts, analyse use of the Site and Application, improve our content and product offerings and customize the content of the Site and Application and layout. This allows us to improve the Site, Application and Services and better tailor your online experience.
How Citiletter uses your personal data
Citiletter will only use your personal data when the law allows us to, ie, if we have a legal basis for doing so, as outlined in this Policy or as notified to you at the time we collect your personal data, and for the purposes for which it was collected for, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. All processing activities carried out by Citiletter is legally based on the performance of the membership agreement which is signed between you and Citiletter. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do this. Please note that we may process your personal data without your knowledge or consent, where this is required or permitted by law.
Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data.
How your personal data may be shared
Where we act as the data controller, personal data processed by Citiletter may be shared as follows: Citiletter provides collected information to authorities, as may be appropriate for regulatory purposes, our service providers (e.g. mailing companies companies, hosting services) as reasonably necessary or appropriate to provide the Services. Citiletter servers are hosted by Digital Ocean, LLC and located in London. We also disclose certain information to Mailchimp for mailing purposes. We do disclose information in the aggregate to advertisers and for other marketing and promotional purposes. However, in these situations, we do not disclose information in any form that could be used to identify you personally.; service providers (e.g. mailing companies , hosting services) as reasonably necessary or appropriate to provide the Services.
To fulfil your requests, appropriate personal data will be passed on to the relevant chiefs who need to process your personal data so that your local guides can reach out to you. As providing our services involve bringing together locals and members we need to location data in order to make sure there is no false match between the locals and members.
We require all third parties to respect the security of your personal data and request that chiefs do the same, to treat your personal data in accordance with the law. We do not allow any other third-party service providers that we appoint to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
Some of Our external third parties are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA.
Whenever we transfer your personal data to countries outside of the EEA as a data controller to other people or companies it will based on the performance of a contract. Where we do so, Citiletter shall take all steps to ensure that any country to which the personal data has been transferred has suitable protection mechanisms in place to protect personal data, including (if applicable) use of EU Model Clauses in any contract with that third party for steps to be taken to keep personal data secure.
We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising. We may use your Identity, Contact, Technical, Usage and Profile Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (We call this marketing). Therefore we use Facebook Marketing Analytics for marketing purposes and you will only receive marketing communications from Citiletter if you have either requested information from us, and you have not opted out of receiving that marketing.
Cookies are small pieces of data that are stored by a user’s web browser on the user’s hard drive for a period of time. Cookies may record information a user accesses on one webpage to simplify subsequent interactions with that website by the same user, or to use the information to streamline the user's transactions on related webpages. Cookies make it easier for a user to move from webpage to webpage and to complete transactions over the Internet.
We use “cookies” to make Citiletter easier for you to use and to make our advertising better.
Citiletter also uses “cookies” to store and sometimes track information to make your online experience easier and more personalized. We collect the abovementined technical data via cookies based on the legal basis of performance of a contract.
Most major web browsers are set up so that they will initially accept cookies, but you may modify your computer's preferences to issue you an alert when a cookie is downloaded, or to disable the ability of third parties to download a cookie to you. If you choose to reject all cookies, there might be areas of the Site and Application that may not function properly.
You can opt-out of receiving marketing communications from Us at any time by contacting us via the following methods.
Email Us at firstname.lastname@example.org providing your full name, address and postcode and the email address which you would have originally used.
You can also be removed from Our email database by clicking the Unsubscribe link located in the footer of all marketing email communications from us.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. Third party processors will only process your personal data on our instructions and they are subject to a duty of confidentiality. We have implemented penal clauses to our data processor agreements in order to effectively supervise the third party processing activities.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Other than in relation to government / public authorities (over whom We have no control), We take appropriate steps to ensure that anyone to whom We pass your personal data for any reason agrees to keep it secure, only uses it for the purposes of providing their services and does not collect any personal data from you in the course performing their services.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where We are legally required to do so.
Personal Data Retention
We will keep your information for as long as we need it for the purpose it is being processed for. Each data category and relevant retention period is provided below:
Name: During the period of Citiletter membership
Surname: During the period of Citiletter membership
Email: During the period of Citiletter membership
Country: During the period of Citiletter membership
Birthday: During the period of Citiletter membership
Gender: During the period of Citiletter membership
Title: During the period of Citiletter membership
Name: During the period of your Citiletter membership
Surname: During the period of your Citiletter membership
Email: During the period of your Citiletter membership
Country: During the period of your Citiletter membership
Birthday: During the period of your Citiletter membership
Gender: During the period of your Citiletter membership
Title: During the period of your Citiletter membership
We will actively review the information we hold and delete it securely, or in some cases anonymise it, when there is no longer a legal, business or customer need for it to be retained.
Data Subject’s Rights
You can do the following at any time by contacting us via the email address or phone number given on our website: (i) see what data we have about you, (ii) change/rectify any data we have about you, (iii) have us delete any data we have about you, (iv) express any concern you have about our use of your data and (v) withdraw your consent for processing of personal data.
Children and Minors
The Website is not intended for children and Citiletter will not knowingly collect any personal data from persons under the age of 18. Where, as part of the Services being provided we may collect information about children from you to perform such Services and we will treat such information securely.
If you would like to make a complaint in relation to how Citiletter may have stored, used or processed your personal data, you have the right to make a complaint at any time to the supervisory authority for data protection issues of the country you reside in.
We use reasonable security measures to help protect and prevent the loss, misuse, and alteration of the information under our control. No method of transmission over the Internet, or method of electronic storage, is completely secure, however we have implemented all reasonable measures to mitigate the risks of a data breach. Therefore, we cannot guarantee it’s absolute security