PRIVACY POLICY

Last Updated May 2018

Introduction

The Schoox services are offered in the United States and countries outside of the European Union by Schoox Inc., which is located at 98 San Jacinto Blvd, Austin, Texas 78701, United States of America, email info@schoox.com (“Schoox Inc.”), and in countries within the European Union by Pheron, Ltd., a Greek corporation located at 26th October Street 38, Thessaloniki, 54627 Greece (“Pheron”). In countries outside the United States, the Service may be offered on one or more localized websites that may redirect to www.Schoox.com (together with any localized websites, the “Site”). For purposes of this Privacy Policy, Schoox Inc. and Pheron are collectively referred to as “Schoox”, “we” or “us”.

This privacy statement applies to the website available at schoox.com and the mobile applications and websites where this Privacy Policy is posted (collectively, the “Sites”). This Privacy Policy does not pertain to information that is collected offline.

This Privacy Policy has been developed also in accordance with the EU General Data Protection Regulation (GDPR)

Data protection principles

We will comply with data protection law. This says that the personal data, or personal information, we hold about you must be:

  1. used lawfully, fairly and in a transparent way;
  2. collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes;
  3. relevant to the purposes we have told you about and limited only to those purposes;
  4. accurate and kept up-to-date;
  5. kept only as long as necessary for the purposes we have told you about; and
  6. kept securely.

What are personal data?

Personal data, or personal information, means any information about an individual from which that person can be identified. Schoox needs to obtain, collect, and use certain types of personal information about individuals. Such personal data are obtained from customers, clients, users, data subjects – in brief, a wide range of individuals. For purposes of this policy, the term “individual(s)” or “data subject” is used to describe any type of natural person for which “personal data” is obtained and collected from, and then subsequently used by Schoox.

What types of personal data do we collect from you, for what purpose and on what legal basis?

The personal data we collect from you, and the way we collect it from you, includes

Personal data required by various form fields, and/or for purposes of searching, retrieving, and downloading data from schoox.com, such as:

  1. Name
  2. Email Address
  3. Any part of an individual's name that is stored or displayed in conjunction with any of the subsequent listings of data and information deemed PII.
  4. Digital Identifiers, such as usernames, passwords, etc

This information is used in order to take steps to conclude a contract with you, or to provide our services to you, as well as to enable you to use them. We may also use these personal data for our legitimate purpose of contacting you with newsletters, marketing or promotional materials and other information concerning our activities that may be of interest to you. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send or by contacting us.

Information Collected and Stored Automatically (Web Analytics Data)

When you visit schoox.com, we may store some or all of the following:

  1. The IP address from which you access schoox.com.
  2. The date and time of access.
  3. The Internet address of the website from which you linked to schoox.com.
  4. The name of the file or words you searched, items clicked on a page.
  5. The browser and operating system used, and any other related information.

This information is used for our legitimate purpose of measuring the number of visitors to the various sections of our site and identifying system performance or problem areas. We also use this information to help us develop the site, analyze patterns of usage, and to make the site more useful. This information is not used for associating search terms or patterns of site navigation with individual users.

Cookies

When you visit some websites, their web servers generate pieces of information known as cookies. Cookies are commonly used to recognize your computer in the future. schoox.com uses session cookies for its legitimate interest of pursuing technical purposes, such as providing seamless navigation through our site, allow you to carry information across pages of our site and avoid having to re-enter information. These cookies do not permanently record data and they are not stored on your computer’s hard drive. schoox.com’s session cookies are available only during an active browser session. When you close your browser, the session cookie disappears.

schoox.com also uses persistent cookies for a number of legitimate interests, such as to be able to track the number of unique visitors to the site. More specifically, persistent cookies are utilized for helping Schoox recognize you as a unique visitor when you return to schoox.com. Additionally, persistent cookies enable Schoox to tailor content and related subject matter to match your preferred interests and/or for the purposes of not showing you the same content and related subject matter repeatedly.

We may also employ cookies to compile anonymous, aggregated statistics that allow us to understand how users use our site and to help us improve the structure of our website. We cannot identify you personally in this way.

If you'd like to delete cookies or instruct your web browser to delete or refuse cookies, please visit the help pages of your web browser. Please note, however, that if you delete cookies or refuse to accept them, you might not be able to use all of the features we offer, you may not be able to store your preferences, and some of our pages might not display properly.

Browser Information Collected on the Website

Various elements of data sets may be collected to track the usefulness of certain actions and to ultimately improve the value of schoox.com. Please note that Schoox does not gather, request, record, require, collect or track any type of Internet users’ personal data (as listed above) through these processes.

Online Comments

Please be advised that it is in the nature of our services that any comments you provide

We do not envisage that we will carry out any automated decision-making or automated profiling in relation to the personal data relating to you that we will process.

GDPR Data Privacy Rights

If you are an EU resident and Schoox is processing, and/or transmitting your personal data , then you - as an “EU data subject” – benefit from the following rights and privileges under the General Data Protection Regulation (GDPR):

  • Right of Access: you have the right to obtain from us, as controllers, confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the following personal data and information:
    1. the purposes of the processing;
    2. the categories of personal data concerned;
    3. the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
    4. where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
    5. the existence of the right to request from us rectification or erasure of personal data or restriction of processing of personal data concerning you or to object to such processing; (f) the right to lodge a complaint with a supervisory authority;
    6. where the personal data are not collected from you, any available information as to their source;
    7. the existence of automated decision-making, including profiling, along the lines indicated by Article 22(1) and (4) GDPR, and meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for you.
  • Right to Rectification: you have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
  • Right to Erasure (“Right to be Forgotten): you have the right to obtain from us the erasure of your personal data without undue delay, and we have the obligation to erase personal data without undue delay when: a) your data are no longer necessary for the purposes for which they were collected; b) you had consented to the processing; c) you have objected to the processing, as per below; d) you persona data had been unlawfully collected; e) your personal data need to be erased as a matter of compliance with a legal obligation.
  • Right to Restriction of Processing: you have the right to obtain from us the restriction of processing if you: a) contest the accuracy of the personal data, until this is verified; b) the processing is unlawful but you don’t want erasure; c) we no longer need the persona data, but you require them to establish, exercise fo defend a legal claim; d) you have objected to processing but there is a need to verify whether our legitimate grounds override your rights to object.
  • Right to Data Portability: where your personal data have been provided on the basis of your consent or for the performance of a contract, and their processing occurs in an automated way, you have the right to receive the personal data you have provided to us in a structured, commonly used and machine-readable format and have the right to transmit those data– or have directly transmitted - to another controller.
  • Right to Object: you have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data based on a legitimate ground point (e) or (f) of Article 6(1), including profiling based on those provisions. In this case, we can no longer process your personal data unless we show that there is a compelling legitimate grounds for the processing which override your interests, rights and freedoms or for our establishment, exercise or defence of legal claims.


Site Security

For site security purposes and to ensure that this service remains available to all users, the platform for which schoox.com resides on – commonly known as a “production environment”, utilizes a wide-range of software tools and programs to for the ultimate goal of ensuring its confidentiality, integrity, and availability (CIA) – a concept known as the CIA triad of information security. Tools which are currently in use, or are to be deployed if necessary for the security of schoox.com are to include, but are not limited to, the following: start here

  • • Network Security and Network Monitoring: Tools that assist in securing the network for which schoox.com resides on. Such tools include network and perimeter firewalls, web application firewalls, routers, switches, intrusion detection systems, and other related tools.
  • Network Performance: Tools that assist in monitoring all aspects of schoox.com, such as performance monitoring for website uptime, etc.
  • Other: Additionally, a variety of physical, electronic and procedural safeguards are implemented for helping ensure the safety and security of schoox.com.

Except for authorized law enforcement investigations by local, state, and/or federal agencies, no other attempts are made by Schoox to identify individual users and/or their usage habits on schoox.com.

External Links

schoox.com may contain links to websites created and maintained by other public and/or private organizations. schoox.com therefore provides these links as a service to our users, and when users click on a link to an external website, they are leaving schoox.com and are thus subject to the privacy and security policies/related terms and conditions of these external websites.

Children’s Privacy

schoox.com complies both with the Children’s Online Privacy Protection Act of 1998 (COPPA) and, with regard to EU data subjects, with GDPR. While children under the age of eighteen (18) may use the Site only with the consent of his or her parent or legal guardian, please be advised that this Site is not directed or otherwise promoted for use by children under the age of sixteen (16). By using the Service, you represent that you are at least sixteen (16) years of age. If you are between sixteen (16) and eighteen (18) years of age, you will need to have parental consent to use the Service. If you are below sixteen years of age, you should stop using the Site and Service immediately. Personal data from children under 16 is not knowingly collected, nor are children under 16 knowingly contacted by schoox.com. To be clear, schoox.com does not intend to solicit information of any kind from children under 16. It is possible that schoox.com may receive emails pertaining to children under 16. If this is the case and schoox.com is notified of this, as soon as the information is verified, parental consent will be immediately obtained or the email will be deleted from any services being offered and/or performed by schoox.com.

We will make reasonable efforts to verify in such cases, where appropriate, that consent is given or authorized by the holder of parental responsibility over the child, taking into consideration available technology.

Compliance with Laws

We will disclose your personal information where required to do so by law or subpoena or if we believe that such action is necessary to pursue our legitimate interest of complying with the law and the reasonable requests of law enforcement or of protecting the security or integrity of our services.

Retention period

We will keep your personal data only for as long as necessary to fulfil the purposes for which we are processing it, unless the law permits or requires longer. For example, we might need to keep your personal data for quality assurance of the service we have provided, or we might need to keep it to defend future legal claims or to comply with a legal obligation.

Security: All information accessed through schoox.com is in compliance with the required information security mandates of Article 32 of the GDPR. Specifically, Article 32 mandates the following:

  • Implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including inter alia as appropriate:
    • The pseudonymisation and encryption of personal data
    • The ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services.
    • The ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident.
    • A process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing.

Please note that refusal to provide Personal Information may result in our inability to provide the Services to you, to manage our relationship with you, or to improve the Services.

International Transfers

Your information, including Personal Information, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.

If you are located outside United States and choose to provide information to us, please note that we transfer the information, including Personal Information, to United States and process it there. If you are in the EEA, in transferring your Personal Information to countries outside of the EEA, we will take appropriate steps to make sure that such recipients act in accordance with applicable law. To the extent that we transfer the personal data to recipients who are located outside the European Union or the European Economic Area, we will provide an adequate level of protection of your personal data, including appropriate technical and organizational security measures and through the implementation of appropriate contractual measures to secure such transfer, in compliance with applicable law, and will inform you accordingly. Changes to this Policy

The schoox.com privacy policy is to be revised and updated as necessary for ensuring its adequacy and sufficiency. You are encouraged to visit this page often for the latest information and the effective date of any changes to such policy. If changes are made to this policy, a new schoox.com policy will be prominently posted on our site and you will provided with the relevant information by e-mail, along with a corresponding data of change.

Contact Us

For any questions or requests concerning this Privacy Policy, please contact us at: info@schoox.com