What personal data we collect and why we collect it
Who we are
We are the folks behind a variety of products and services. Our website address is: https://estamos.in/.
We reserve the right to change this policy at any time, and if we do so, we will post changes and updates to this page. Please refer to this policy periodically to inform yourself if changes have been made.
Information we may collect
We collect the following Personally Identifiable Information from users who buy our products and services: name, email address, telephone number, address, and credit card number.
Additional information from or about you may also be collected in other ways, including responses to customer surveys and any communications with our customer service team.
We use “cookies” so that our Website can remember you and provide you with the information you’re most likely to need. For instance, when you return to the Website, cookies identify you and prompt the site to provide your username (not your password), so you can sign in more quickly. Cookies also allow our Website to remind you of your past usage and to suggest similar products and services. Finally, we use information gained through cookies to compile statistical information about use of our Website, such as the time users spend at the site and the pages they visit most often. Those statistics do not include PII.
Our Use of Personally Identifiable Information
We use your Personally Identifiable Information to create your account, to communicate with you about products and services you’ve purchased, to offer additional products and services, and to bill you. We also use this information to the extent necessary to enforce our Website terms of service and to prevent imminent harm to persons or property.
When you use the Service, including accepting a payment, contacting customer service or requesting technical support, in addition to many other interactions with Estamos.In, we will apply the information that we have collected. Knowing this information allows us to verify your identity, communicate with you and enforce our agreements with you, as well as secure the best possible experience for all Estamos.In customers by ensuring compliance with applicable US state and federal laws and our own policies. We may also use this information to improve and enhance our offerings to you.
Estamos.In may use certain information about you without identifying you as an individual to third parties. We do this for purposes such as analyzing how the Service is used, diagnosing service or technical problems, maintaining security, and personalizing content.
Protecting Personal information
Information that can be used to identify a person is “Personally Identifiable Information”. This does not include information that has been aggregated or made anonymous. All information is securely stored on our servers in the United States. We employ the highest in industry standards to protect Personally Identifiable Information, as well as any information provided relating to your invoiced customers.
Third-party client and customer information, provided to Estamos.In by users, shall be considered confidential and shall not be disclosed to any third party, unless required to do so by law or subpoena or if we believe that such action is necessary to conform to the law, or comply with legal process served on us. Such information shall be utilized only for the purpose for which Estamos.In was created, which is to facilitate the billing and collection process for electronic billing of customers and clients.
Although Estamos.In utilizes the highest reasonable levels of data security in the industry, we cannot guarantee the security of PII or other information provided to us. By using our Website, you acknowledge and agree that we make no such guarantee, and that you use our Website at your own risk.
Sharing Personal information
As we develop our business, we may buy or sell assets or business offerings. Customer, transaction, email, and visitor information is generally one of the transferred business assets in these types of transactions. We may also transfer such information in the course of corporate divestitures, bankruptcy, mergers, or dissolution.
Compromise of Personal Information
Estamos.In shall not be liable for the transfer of any personal identification information resulting from loss or distribution of data, the delineation or corruption of storage media, power failures, natural phenomena, riots, acts of vandalism, sabotage, terrorism or any other event beyond Estamos.In’s control.
Your Choices About Your Information
You may, of course, decline to submit personally identifiable information through the Service, in which case Estamos.In may not be able to provide certain services to you. You may update or correct your account information at any time by logging in to your account. You can review and correct the information about you that Estamos.In keeps on file by contacting us as described below.
Information relating to minors
Estamos.In does not knowingly collect or solicit personal information from anyone under the age of 18 or knowingly allow such persons to register with our Service. If you are under 18, please do not send any information about yourself to us, including your name, address, telephone number, or email address. No one under age 18 is allowed to provide any personal information to or on Estamos.In. In the event that we learn that we have collected personal information from a minor under age 18 without verification of parental consent, we will delete that information as quickly as possible. If you believe that we might have any information from or about a child under 18, please contact us as described below.
Links to Other Web Sites
It is our policy to provide notifications, whether such notifications are required by law or are for marketing or other business related purposes, to you via email notice, written or hard copy notice, or through conspicuous posting of such notice on our website, as determined by Estamos.In in its sole discretion. We reserve the right to determine the form and means of providing notifications to you.
Information we collect
When you register to the Site, use it, complete forms, or register to our affiliate or influencer or similar program, we collect the personal information provided by you. We also collect information about your communications with us as well as communication with other users from this site. In addition, we collect information while you access, browse, view, or otherwise use the Site.
Service Usage Data may include:
Device information: We collect information about the device and applications you use to access the Service, such as your IP address, your operating system, your browser ID, and other information about your system and connection. If you are using our Mobile App, we may also collect information about the cellular network associated with your mobile device, your mobile device’s operating system or platform, the type of mobile device you use, your mobile device’s name and unique device ID, and information about the features of our Mobile App that you accessed.
Log data: Our web servers keep log files that record data each time a device accesses those servers and the nature of each access, including originating IP addresses and your activity in the Service (such as the date/time stamps associated with your usage, pages and files viewed, searches and other actions you take (for example, which features you used)), device event information (such as system activity, error reports (sometimes called ‘crash dumps’)), and hardware settings. We may also access metadata and other information associated with files that you upload into our Service.
Usage data: We collect usage data about you whenever you interact with our Service, which may include the dates and times you access the Service and your browsing activities (such as what portions of the Service you used). We also collect information regarding the performance of the Service, including metrics related to the deliverability of emails and other communications you send through the Service. If you are using our Mobile App, we may collect information about how often you use the Mobile App and other performance data. This information allows us to improve the content and operation of the Service and facilitate research and analysis of the Service.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
If you leave a comment on our site, you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
Industry regulatory disclosure requirements
Comply with all applicable privacy, data security, and data protection laws, directives, regulations, and rules.
Access, use or process EU Personal Information only for purposes that are consistent with the consent obtained from the individual to whom the EU Personal Information relates.
Implement appropriate organizational and technical measures to protect EU Personal Information against loss, misuse, and unauthorized or unlawful access, disclosure, alteration, and destruction; and
Provide the same level of protection as is required by the
Data Protection and GDPR
Estamos.In is committed to protecting the privacy of our users and their customers. We stay appraised of developments in data protection laws to ensure that you can be confident in your safety while using our platform.
This page is intended to explain what the rules are, how they apply to your use of the Estamos.In platform and the steps we have taken to comply.
General Data Protection Regulation (GDPR)
Regulation (EU) 2016/679, more commonly known at the General Data Protection Regulation (GDPR) is an EU regulation aimed at harmonizing data protection and privacy laws across the EU. The provisions of the GDPR apply wherever personal data of an EU data subject is involved.
The GDPR is focused on giving individuals more control over how their data is used by companies and making the collection and processing of data more transparent.
The GDPR was incorporated directly into UK law following the end of the Brexit transition period, meaning that UK businesses still have to comply with its provisions through the ‘UK GDPR’.
Basic GDPR concepts
Controller and processor
The GDPR imposes various obligations on a person depending on whether they are a controller or a processor of personal data.
A controller is an entity which decides to process personal data and makes decisions regarding the basis of processing and the methods which will be used. Controllers have certain obligations regarding personal data, which you should familiarize yourself with before collecting personal data from your customers.
A processor is an entity which processes data for and on behalf of a controller. They make no independent decisions regarding the data or its processing, as they only process it on behalf of the controller and must comply with all instructions given by the controller.
When you use the Estamos.In service, you are a controller. You are in control of the data you upload to the Estamos.In system, what you do with that data, and why. As a result, you are responsible for ensuring that you have a legal basis on which to process the data, and that you do not retain the data for any longer than is necessary.
You should ensure that you understand your obligations as a controller and update your own systems and policies to allow the lawful transfer of personal data to Estamos.In. Estamos.In is a data processor. We, through the Estamos platform, store and manage the data you have collected under your instructions. We will never use any personal data which you have uploaded to the Estamos.In system for our own purposes or without your instruction.
Legal basis for processing
Personal data may only be collected and processed if there is a legal basis for doing so. The allowable legal bases are set out in the GDPR.As a processor, Estamos.In relies on our customers to select the correct basis under which they will be collecting and processing personal data, and to put the appropriate notices and consents in place. Before you use the Estamos.In service, you should take time to identify which legal bases may be available to you, and only collect and retain personal data to the extent necessary to carry out that basis. You should not change the basis under which you have collected personal data without very good reason, so it is important to understand the requirements of the different bases and make sure you select the right one at the start.
Data subject access rights
The GDPR grants data subjects (i.e. your customers) certain rights relating to their personal data, including the right to access, correct and/or delete any data relating to them.
Estamos.In has put in place easy systems for you to inform us if you receive such a request from a data subject, and for us to inform you if we receive such a request. We will ensure that, following your instructions, these requests are promptly complied with. You should familiarize yourself with the obligations which will be imposed on you, including relating to any personal data you hold on your own systems, or services other than Estamos.InTransfers of data to the USA
Personal data may not be transferred outside the EEA other than under specific circumstances. We utilize the Standard Contractual Clauses as part of our Data Processing Agreement which we sign with all of our customers.
We have put in place strong security safeguards and measures to ensure that any personal data we hold is stored securely. We regularly test our products for bugs and vulnerabilities.
We ensure that we have regular back-up systems in place and ensure that we have data recovery and data integrity systems and processes to minimize risk of corruption to or loss of personal data.
Steps we have taken to ensure GDPR compliance
We take our duties as a processor very seriously. We have put in place a number of procedures and taken a number of steps in order to ensure that we remain compliant with the GDPR and that you are able to lawfully send personal data collected by you to us, for example:
Our data processing agreement utilizes the Standard Contractual Clauses to ensure that you are able to lawfully send personal data to us in the USA.
- We are able to detect personal breaches and to inform our customers as soon as possible.
- We are able to deal with subject access requests and rights of erasure requests, and ensure that we inform you when a data subject has made such a request to us.
- We have assessed and documented the personal data processed by us on your behalf.
- We have assessed our security and upgraded this where necessary to ensure that it is appropriate for the level of risk we face in relation to a data breach.
Contact: Please contact us with any questions or concerns regarding our policy.
Privacy Support Team: [email protected]