Privacy Policy of www.nothanksit.com

This application collects personal data from its users.

This document can be printed for retention purposes using the “Print” command in the browser.

Provider and Responsible Party

NOTHANKSIT – Zürich, Switzerland

Provider’s email address: info@nothanksit.com

Types of Collected Data

Personal data processed by this application, either independently or through third parties, includes: Usage data; City; Device information; Session statistics; Browser information.

Full details on each type of processed personal data are provided in the respective sections of this privacy policy or through explanatory texts displayed before data collection. Personal data may be voluntarily provided by the user or, in the case of usage data, automatically collected when using this application. Unless otherwise specified, providing all data requested by this application is mandatory. If the user refuses to provide this data, the application might not be able to offer its services. Where this application specifically states that providing personal data is voluntary, users can choose not to provide this data without any consequences regarding the availability or functionality of the service. Users uncertain about which personal data is mandatory can contact the provider. Any use of cookies – or other tracking tools – by this application or third-party service providers used by this application aims to provide the service desired by the user, as well as all other purposes described in this document and, if available, in the cookie policy.

Users are responsible for any third-party personal data obtained, published, or shared through this application and confirm they have obtained consent from third parties to provide their data to this application.

Method and Place of Data Processing

Processing Methods

The provider processes users’ data properly, adopting suitable security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of data. Data processing is carried out using computers or IT-enabled tools, following organizational procedures and modes strictly related to the stated purposes. Besides the provider, in some cases, data may be accessible to certain types of appointed persons involved with the site’s operation (administration, sales, marketing, legal, system administration) or external parties appointed, if necessary, as data processors by the provider (like technical service providers, mail carriers, hosting providers, IT companies, or communication agencies). An updated list of these parties can be requested from the provider at any time.

Legal Basis of Processing

The provider may process personal data related to users if one of the following applies:

  • Users have given their consent for one or more specific purposes. Note: In some jurisdictions, the provider may be allowed to process personal data until the user objects to such processing (“opt-out”) without relying on consent or any other of the following legal bases. However, this doesn’t apply where the processing of personal data is subject to European data protection law.
  • Data collection is necessary for the performance of an agreement with the user and/or for pre-contractual measures.
  • Processing is necessary to comply with a legal obligation the provider is subject to.
  • Processing is related to a task carried out in the public interest or in the exercise of official authority vested in the provider.
  • Processing is necessary for the purposes of the legitimate interests pursued by the provider or a third party. In any case, the provider will gladly help clarify the specific legal basis that applies to the processing and, in particular, whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract.

Place

Data is processed at the provider’s operating offices and in any other place where the parties involved in the processing are located.

Depending on the user’s location, data transfers may involve transferring the user’s data to a country other than their own. To learn more about the place of processing of such transferred data, users can check the section detailing the processing of personal data.

Users also have the right to learn if data is being processed outside the European Union or to an international organization governed by public international law or set up by two or more countries, such as the UN, and about the security measures taken by the provider to safeguard their data.

If such a transfer takes place, users can learn more by checking the relevant sections of this document or inquire with the provider using the information provided in the contact section.

Storage Duration

Personal data is processed and stored for as long as required for the purpose for which it was collected.

Therefore:

  • Personal data collected for the performance of a contract between the provider and the user will be retained until the contract is fully performed.
  • Personal data collected for the provider’s legitimate interests will be retained as long as needed to fulfill such purposes. Users can find specific information regarding the provider’s legitimate interests within this document or by contacting the provider. Furthermore, the provider may be obligated to retain personal data for a longer period whenever required to do so for the performance of a legal obligation or upon order of an authority.

After the retention period expires, personal data will be deleted. Thus, the right to access, the right to deletion, the right to rectification, and the right to data portability cannot be enforced after the expiration of the retention period.

Purposes of Processing

The provider collects personal data about the user to provide its services and comply with its legal obligations, respond to enforcement requests, protect its rights and interests (or those of users or third parties), detect malicious or fraudulent activities, and for the purpose of analytics.

Users can find detailed information about the purposes of processing and the specific personal data used for each purpose in this document’s section titled “Detailed Information on the Processing of Personal Data.”

Detailed Information on the Processing of Personal Data Personal data is collected for the following purposes using the following services:

ANALYTICS:

The services listed in this section allow the provider to monitor and analyze web traffic and track user behavior.

Google Analytics 4 (Google Ireland Limited) Google Analytics 4

is a web analysis service provided by Google Ireland Limited (“Google”). Google uses the collected data to track and examine the use of this application, to prepare reports on its activities, and to share them with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network. In Google Analytics 4, IP addresses are used at the time of collection and then deleted before the data is stored in a data center or on a server. Users can learn more by consulting Google’s official documentation.

Processed personal data: Browser information; Device information; Usage data; Session statistics; City.

Processing location: Ireland – Privacy Policy – Opt Out.

User Rights

Users can exercise specific rights regarding their data processed by the provider.

Specifically, users have the right to do the following, to the extent permitted by law:

  • Withdraw consent at any time. If the user has previously consented to the processing of personal data, they can withdraw their consent at any time.
  • Object to the processing of their data. The user has the right to object to the processing of their data if the processing is carried out on a basis other than consent. Further details are provided below.
  • Access their data. The user has the right to know whether the provider processes the data, to understand specific aspects of the processing, and to obtain a copy of the data.
  • Verify and seek rectification. The user has the right to verify the accuracy of their data and request its update or correction.
  • Restrict the processing of their data. Users have the right to restrict the processing of their data. In this case, the provider will not process the data for any purpose other than storage.
  • Have their personal data deleted or otherwise removed. Users have the right to request the deletion of their data from the provider.
  • Receive their data and have it transferred to another controller. Users have the right to receive their data in a structured, commonly used, machine-readable format, and, if technically feasible, to have it sent to another controller without hindrance.
  • Lodge a complaint. Users have the right to file a complaint with the competent supervisory authority.

Details about the right to object to processing

If personal data is processed in the public interest, in the exercise of an official authority vested in the provider, or for the legitimate interests pursued by the provider, users can object to such processing by providing a reason related to their particular situation.

Users are informed that they can object to the processing of personal data for direct marketing purposes at any time without giving a reason. If the user objects to the processing for direct marketing purposes, their personal data will no longer be processed for these purposes. Whether the provider processes personal data for direct marketing purposes can be learned from the respective sections of this document.

How to exercise these rights

All requests to exercise user rights can be directed to the provider using the contact details provided in this document. These requests can be made free of charge and will be addressed by the provider as soon as possible and always within one month. The provider will notify all recipients to whom the personal data has been disclosed of any rectifications or erasures or restrictions on processing carried out unless this proves impossible or involves disproportionate effort. The provider will inform the user about these recipients if the user requests it.

Additional information about user’s personal data

In addition to the information provided in this privacy policy, this application may provide the user with additional contextual information upon request regarding specific services or the collection and processing of personal data.

System logs and maintenance

For operational and maintenance purposes, this application and third-party services may collect files that record interaction with this application (system logs) or use other personal data (e.g., IP address) for this purpose.

Information not contained in this policy

Further details about the collection or processing of personal data can be requested from the provider at any time using the contact details provided.

How “Do Not Track” requests are handled

This application does not support “Do Not Track” requests from web browsers. To determine whether any third-party services used support the “Do Not Track” protocol, please consult their respective privacy policies.

Changes to this privacy policy

The provider reserves the right to make changes to this privacy policy at any time by informing users on this page and possibly within this application and/or – as far as technically and legally feasible – by sending a notice to users via any contact information available to the provider. Users are therefore encouraged to regularly check this page, referring in particular to the date of the last modification listed at the bottom.

If changes affect data usage based on user consent, the provider will, if necessary, seek new consent.

Definitions and legal references:

Personal Data (or Data)

Any information that directly, indirectly, or in connection with other information allows for the identification of a natural person.

Usage Data

Information collected automatically through this application (or third-party services used in this application), which includes: IP addresses or domain names of computers used by users who utilize this application, URI addresses (Uniform Resource Identifier), the time of the request, the method used to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server’s answer (successful outcome, error, etc.), the country of origin, the features of the browser and operating system utilized by the user, the various time details per visit (e.g., time spent on each page within the application) and details about the path followed within the application, especially the sequence of pages visited, and other parameters about the device operating system and/or the user’s IT environment.

User

The individual using this application, unless otherwise specified, who corresponds to the Data Subject.

Data Subject

The natural person to whom the personal data refers.

Data Processor (or Data Supervisor)

Natural or legal person, public authority, agency or other body that processes personal data on behalf of the controller, as described in this privacy policy.

Controller (or Provider, sometimes also Owner)

The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data and the tools used for it, including security measures concerning the operation and use related to this application. Unless otherwise specified, the controller is the natural or legal person through which this application is offered.

This Application

The hardware or software tool through which the personal data of the user is collected and processed.

Service

The service provided by this application, as described in the relevant terms and conditions (if available) and on this website/application.

European Union (or EU)

Unless otherwise stated, all references in this document to the European Union refer to all current member states of the European Union and the European Economic Area (EEA).

Legal Notice

This privacy policy was drawn up based on provisions of various legislations, including Art. 13/14 of Regulation (EU) 2016/679 (General Data Protection Regulation).

This privacy policy applies exclusively to this application unless otherwise stated in this document.


Last Update: 21 July 2023