Data Collection and Processing Policy

The policy was published: 02.12.2022
Current edition: 02.12.2022

At Cloudfresh, we recognize the importance of your Personal Data and are committed to protecting it by complying with this Data Collection and Processing Policy and all applicable laws and regulations. This Data Collection and Processing Policy is intended to help you understand how We process and protect Your Personal Data when You use Our Platform.

The Data Collection and Processing Policy is developed and operates taking into account the General Data Protection Regulation ( General Data Protection Regulation (GDPR)), the General Data Protection Regulation of Great Britain (UK GDPR), the Law of Ukraine “On the Protection of Personal Data”, CCPA, CalOPPA , as well as other regulations and practices on the protection of Personal Data.

We reserve the right to make changes to the Data Collection and Processing Policy at any time and for any reason. You can familiarize yourself with the current version of the Data Collection and Processing Policy by following the link.

By using this Platform, you confirm that:
(I) You have read, understood and agree to this Data Collection and Processing Policy;
(II) You have reached the age from which the legislation of the country of your stay allows you to give your Consent to the Processing of Your Personal Data. In any case, in order to use the Platform, you must be at least 13 years old or one of your legal representatives or guardians has read and agreed to the terms of this Policy on behalf of you. If you do not agree or cannot confirm the above, you must immediately stop using the Platform. In this case, you must (a) contact Us and request the deletion of Your Data; (b) leave the Platform and not use it.

Content of the Policy:

1. Terms used in this Policy
2. Personal Data We Process When You Use Our Platform
3. Whose Personal Data Do We Process?
4. Whose Personal Data Do We Not Process?
5. Purposes of Personal Data Processing
6. Legal basis for Processing Your Personal Data
7. Who can we share your Personal Data with?
8. How can you exercise your right to privacy ?
9. Storage of Personal Data
10. “Сookies” files
11. Sending marketing, informational / advertising materials to the User
12. Links to other sites
13. Additional information for residents of the state of California, USA
14. Additional information for residents of Switzerland
15. Additional information for residents of Canada
16. Additional information for residents of Argentina
17. Additional information for residents of Israel
18. Additional information for residents of Chile
19. Additional information for residents of Australia
20. Additional information for residents of Vietnam
21. Additional information for residents of Hong Kong
22. Additional information for residents of India
23. Additional information for residents of China
24. Additional information for residents of Korea
25. Additional information for residents of Singapore
26. Additional information for residents of Thailand
27. Additional information for residents of Taiwan
28. Additional information for residents of Philippines
29. Additional information for residents of Japan
30. Dispute resolution
31. Update of the Data Collection and Processing Policy
32. Contact Information

1. Terms used in this Policy:

1.1. “Data Collection and Processing Policy ” – this document located at https://cloudfresh.com/en/privacy-policy/ (hereinafter referred to as “Policy”).

1.2. “Cloudfresh” – Cloudfresh Central Europe s.r.o. , company number: 08812519 , location: Slezská 1306/80, Praha 3 Praha 130 00 CZ (hereinafter referred to as “Company”, “We”, “Us”, “Our”).

1.3. “Personal Data” means any information relating to a natural person who is identified or can be identified using this information.

1.4. “Processing of Personal Data” – any action or set of actions, such as collection, registration, organization, structuring, accumulation, storage, adaptation, change, update, use and distribution (distribution, implementation, transfer), restriction, depersonalization, destruction of Personal Data, including including using information (automated) systems.

1.5. “Subject of Personal Data”, or “User” – a person who visits and/or uses the Platform and who coincides with the Subject of Data, unless otherwise specified (“You”, “You”, “You”).

1.6. “Applicant” is a person who visits the Platform in order to search for a vacant position in the Company and has left his Personal Data in the “Career at Cloudfresh” section.

1.7. “Owner (Controller) of Personal Data” – The company, which determines the purposes and means of Personal Data Processing, establishes the composition of this Data and the procedures for its Processing.

1.8. “Administrator (Processor) of Personal Data” – a Company that is authorized by the Owner of Personal Data or by law to Process Personal Data on behalf of the Owner.

1.9. “Platform” – website, https://cloudfresh.com/, all of its content and links that lead to this website .

1.10. “Service” – services provided by the Company. The list of Services provided by the Company can be found in the “Services” section by selecting the required Product.

1.11. “Product” – a software product containing separate services, which can be found through the Platform in the “Products” section.

1.12. “Consent” is a term meaning any freely given, specific, informed and unequivocal indication of the Personal Data Subject’s desire by which he or she, through clear affirmative actions, confirms consent to the Processing of his or her Personal Data.

1.13. “Events” – events and webinars offered for attendance on the Platform.

1.14. “Visitor” – a person who filled out the appropriate registration form for attending the Event.

1.15. “Speaker” is a person who has an appropriate level of knowledge and awareness in a certain field of activity and wishes to share such knowledge with Visitors at the Event.

1.16. “General Data Protection Regulation”  – European Parliament and Council Regulation No. 2016/679 as of 27.04.2016 On the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter – “GDPR”) (далі – “GDPR” ).

1.17. “UK GDPR” is a regulation incorporated into the legislation of the United Kingdom of Great Britain and Northern Ireland as amended by the Data Protection, Privacy and Electronic Communications Regulation.

1.18. “CCPA” – California, USA Consumer Privacy Act of 2018.

1.19. “CalOPPA” – The Internet Privacy Protection Act of 2003 of the State of California, USA.

2. Personal Data We Process When You Use Our Platform

2.1. Personal Data that you provide to Us personally

1) When you leave a request in the appropriate form to receive feedback from Us, We, depending on the nature of the request, may process the following Personal Data:

• Your surname, first name and patronymic;
• Your email address;
• Your phone number;
• Your position;
• Indication of the country/region of origin;
• Other Personal Data that may be contained in the resume uploaded by the Applicant;

2) In the case of chatting with Our consultant, you can continue the conversation in the proposed messengers. By communicating with Our consultant in this way, You additionally provide Us with Your phone number.

3) When you place an order in the ” Cloud Store ” on the “Cart” page, you voluntarily provide Us with the following Personal Data:

• Your surname and first name ;
• Your phone number;
• Your email address;
• Your postal address for delivery of the order;
• Information about your card account number, card expiration date, security CVV code (these data are processed only for the purpose of payment).

4) When the Speaker and/or Visitor participates in the Event in accordance with Section 7 of the Cloudfresh Platform Usage Rules , the Speaker and/or Visitor gives Us Consent to the Processing of such Personal Data as voice, image and other identifying characteristics of a person that may be recorded by Us on photos ( screenshots ), recordings (both audio and video).

2.2. Data We Process Automatically

The list of Personal Data that We automatically receive from You when using Our Platform includes:

• Cookies files ;
• IP or MAC address of your device;
• Data about the operating system of your computer / laptop / tablet computer / mobile device and the type of browser, the type of your mobile device, the unique device identifier (UDID) or the mobile equipment identifier (MEID) of your mobile device;
• Domain data;
• Geolocation data to the extent that your device settings allow Us to collect such information;
• Data obtained from shared access to the screen of your device (Processed only at the request of the User to receive the customer support service in the process of obtaining the Company’s Service);
• Data obtained as a result of providing customer support to the User;
• Information about convenient parameters of communication and receiving feedback.

The User and/or the Applicant may provide the Company with additional Personal Data for the purpose of receiving the Service and/or for the purpose of interviewing at the Company. The User and/or the Applicant hereby confirm that they provide such Personal Data on a voluntary basis.

3. Whose Personal Data Do We Process?

We may Process Your Personal Data if:

• You are Our customer (or are interested in becoming one);
• You are a person (or You work for such a person) to whom We want to tell about Our Services or offer them;
• You are an Applicant;
• You are a member of Our customer’s team or anyone using Our Service or Products;
• You registered for Our Events through the Platform.

4. Whose Personal Data Do We Not Process?

We knowingly do not Process Personal Data of children under 13 years of age (applies to Users who are residents of countries with a reduced minimum age for Personal Data Processing) and children under 16 years of age, and we also do not offer Our Service to them. If We become aware that a person who has not reached the age from which it is possible to process their Personal Data has provided Us with their Personal Data without the Consent of a legal representative, guardian or other person authorized to provide such Consent, We will take all necessary measures to delete such data.

5. Purposes of Personal Data Processing

We Process the Personal Data provided by you only for the specific and limited purposes specified below:

Provision of the Service. We use the information provided by you to provide you with timely and high-quality Service.

Making payment for the Service provided by Us. We use the information provided by you in the event that We send an invoice for online payment of Our Service.

Connection. We use the collected Personal Data to contact you after you have submitted an application through the Platform, to send you promotional materials regarding similar Services that you may be interested in, and to inform you of any changes in Services.

Management and improvement of the Platform. All the time We are trying to improve the functions that support the operation of the Platform. This allows Users to smoothly, quickly and efficiently use the Platform and receive feedback about the Service.

User support. Providing the User with effective customer and technical support in case of problems related to the use of the Platform or the Service. Also, Personal Data is used to settle claims from Users arising in connection with the use of the Platform or Service.

Development and maintenance of the security of the Platform. We monitor malfunctions of the Platform and create software solutions to eliminate them, detect violations of the Cloudfresh Platform Terms of Use and the Data Collection and Processing Policy, as well as monitor the use, abuse and potential abuse of the Platform.

6. Legal basis for Processing Your Personal Data

We process your Personal Data for the following reasons:

1. Your Consent to such Processing;
2. Conclusion and execution of the deed to which you are a party;
3. Protection of your vital interests;
4. The need to fulfill the obligation of the Owner of Personal Data, which is provided by law;
5. Legitimate interests pursued by Us, provided that such legitimate interests do not override your interests or fundamental rights and freedoms that require the protection of Personal Data (Article 6 (1) (f) GDPR / UK GDPR). We rely on legitimate interests:

• to analyze your use of the Platform. This is necessary in order to improve your user experience and make the Platform easier and more pleasant to use;
• to send you marketing messages. This is necessary so that you receive Our offers in a timely manner and are aware of updates to Our Platform and/or Service;
• to enforce the Cloudfresh Platform Terms of Use , as well as to prevent and combat fraud.

7. Who can we share your Personal Data with?

In some cases, Personal Data may be available to certain categories of the Company’s responsible persons (officials), whose activities are related to ensuring the proper functioning of the Platform or to third-party organizations (such as independent providers of technical services, postal organizations, hosting service providers, companies – providers of information technologies, communication services), contractors and partners of the Company, whom We entrust to perform the functions of the Administrator of Personal Data if necessary. You can additionally ask Us for a list of the above-mentioned persons.

In addition, the Cloudfresh group includes the representative offices of Our company listed on the Platform. Of course, any processing of your Personal Data within Cloudfresh can take place exclusively within the limits and under the conditions stipulated by the Policy.

IT service providers. We may engage other companies (including foreign ones) that provide administrative and IT services, including hosting services, use of cloud services and databases, which will process the User’s Personal Data on Our behalf in order to provide technical support and proper functioning of the Platform. Such companies may access the User’s Personal Data only if it is necessary to carry out the above purposes and in accordance with the provisions of the agreements with these companies on the non-disclosure of confidential information, and such companies are not entitled to use it for any other purpose.

Financial institutions (banks, payment services / tools). We can involve financial institutions (including foreign ones) that provide financial, banking services, payment services / tools, for the possibility of making payment for the Product. In the event that you are transferring funds for an order placed in the ” Cloud Store ” on the “Basket” page, when you go to the website / form of such a financial institution (bank, payment service / tool), we advise you to familiarize yourself with their Personal Data Processing policy. Currently, online payment on the Platform is made with the help of Revolut Ltd. _ ( registered in England and Wales under company number 08804411 and has its registered office at 7 Westferry Circus , Canary Wharf , London , England , E14 4HD). Read Revolut ‘s Personal Data Processing policy Ltd. _ You can at the link: https://www.revolut.com/privacy-policy/ .

In the event that you provide your Personal Data directly on Our Platform, financial institutions (banks, payment services / instruments) may access your Personal Data only if it is necessary for the above-mentioned purposes, and they are not entitled to use it for any – any other purposes.

We use Google Analytics and other tools for analyzing your Personal Data.

Please note that the data collected by Google and Cloudflare is transmitted to the United States of America. Google LLC. certified under EU-US Privacy Shield Framework is a network that protects the fundamental rights of everyone in the European Union whose Personal Data is transferred to the United States of America for commercial purposes. This allows the free transfer of data to companies that are certified in the US under Privacy Shield . For more detailed information about Privacy Shield , please visit the website Privacy US Department of Commerce Shield : https://www.privacyshield.gov/welcome/ .

To learn how to Google Analytics Processes Your Personal Data, visit the following links:

https://policies.google.com/privacy .

Authorities (of Ukraine, the European Union or other countries). We reserve the right to disclose and/or report any Personal Data of the User, if this is required by any Law of Ukraine or the European Union or other normative legal act, or a confirmed legal requirement of a state authority and/or local authorities, in order to comply with the requirements of the Laws of Ukraine and the legislation of the European Union, to protect the integrity of the Platform, to fulfill the requests of Users, state authorities and/or local authorities, or to facilitate any investigation by law enforcement agencies or an investigation aimed at guaranteeing public (national) security. In some cases, We may also provide the User’s Personal Data to the authorities of the European Union (both national and supranational) and to the authorities of other countries, if such provision of Personal Data is required by law, or in the event of an official request from such an authority as part of a criminal investigation .

8. How can you exercise your right to privacy ?

You are in full control of all Personal Data you provide to Us.

The User has the following rights in relation to the provided Personal Data:

• know about the sources of collection, location of your Personal Data, purposes of their Processing, location of the Company;
• receive information about the conditions for providing access to Personal Data, in particular information about third parties to whom Your Personal Data is transferred;
• access your Personal Data;
• request correction of any false or inaccurate Personal Data about you;
• under certain circumstances (for example, when the need to process individual Personal Data provided by you disappears, or if you withdraw your Consent to Data Processing) request the deletion of the relevant Personal Data (“right to be forgotten”);
• if We Process Your Personal Data on the basis of Your prior Consent to this Processing – withdraw the Consent to the Processing of Personal Data, after which such Processing will cease;
• submit a reasoned request to the Company with an objection to the Processing of your Personal Data, including profiling , for the purpose of sending marketing, informational / advertising materials;
• request restriction of Processing of Your Personal Data;
• request the transfer of Personal Data if you wish to receive your Personal Data in a machine-readable format and transfer such Data to another Controller without interference ;
• contact Us if You have a complaint regarding any Processing of Your Personal Data, or, if You are located in the EU, contact the company’s representative office in the EU (“right to object”);
• if your Personal Data is exclusively processed automatically, including profiling , which may have legal consequences for you – receive protection from an automated decision.

You may withdraw Your Consent to any Processing of Personal Data or exercise your right of access to Your Personal Data by sending Us a corresponding request to the e-mail address: gdpr_compliance@cloudfresh.com.

Please note that before providing the information according to your request, We may ask you to provide additional Data to confirm your identity.

9. Storage of Personal Data

9.1. How long do we keep your Personal Data?

We will retain your Personal Data for the period necessary to fulfill the purposes set forth in this Policy. When determining the duration of such periods, We first decide whether We need to collect Personal Data at all, and, if such a need really exists, We keep it only for the period necessary to realize the purposes of collection, but not more than 3 (three) years, except cases when the law establishes a longer storage period, or until the moment you make a corresponding request to delete your Personal Data.

9.2. Where do we store your Personal Data?

We adhere to generally accepted industry standards to protect your Personal Data both during transmission and after receipt. All Personal Data are stored in CRM systems that We use for Personal Data Processing.

Processing of Personal Data is carried out using computers and/or automated means in accordance with procedures and methods that correspond to the purposes of collecting Personal Data.

Your Personal Data that We Process may be transferred to and stored outside of the European Economic Area (EEA). Such Data may also be Processed by Our employees outside the EEA.

We take the protection of your Personal Data very seriously. We take all commercially reasonable measures to prevent unauthorized access to your Personal Data and those data obtained in the process of using the Platform. We strive to protect your Personal Data by various means in order to preserve its confidentiality and integrity, prevent unauthorized use or disclosure of your Personal Data, and protect your Personal Data from loss, misuse, disclosure, alteration and/or destruction. Your Personal Data is sent to Our Google corporate e-mail upon receipt by Us .

Please note that no method of data transmission over the Internet can provide a 100% guarantee of preventing information leakage.

10. ” Cookies “

” Cookies ” are files that are downloaded to the User’s computer or any other device when visiting the Platform. These types of files allow Us to store and examine information about the User’s preferences on Our Platform.

Like most websites , the Cloudfresh Platform uses ” cookies ” files for various purposes in order to improve the conditions of your activity on the Internet. Read more about the Cookie policy here.

11. Sending marketing, informational / advertising materials to the User

From time to time, with the User’s prior consent, We may send marketing, informational/advertising messages and materials regarding the Company’s activities, including Company Events, to the User’s email address.

Consent to receive such messages is given by the User by putting the appropriate mark in the check box to the corresponding form on the Platform (registration form, feedback form), which confirms the User’s will to receive such messages and materials.

In the event that the User did not put the appropriate mark in the check box, We will not send marketing, informational / advertising messages and materials regarding the Company’s activities, including Company Events, to the User, but will only communicate with the User regarding his specific request.

If the User has agreed to receive marketing, informational / advertising messages and materials regarding the Company’s activities, including the Company’s Events, such messages and materials will be sent by Us for any reason that We consider to be in the User’s interests.

At the same time, the User has the right to withdraw the Consent for the further receipt of the above-mentioned materials by submitting an appropriate objection to their receipt by contacting Us at the e-mail address: gdpr_compliance@cloudfresh.com .

12. Links to other sites

We may post active links to sites that are not operated by Cloudfresh. If you visit such linked sites, you should review their data collection and processing policies and operating principles. We are not responsible for the policies and practices of other companies, and any information you provide to such companies is subject to their data collection and processing policies.

13. Additional information for residents of the state of California, USA

This section applies only to residents of the state of California, USA. Pursuant to the CCPA and CalOPPA , below is a brief description of the CCPA and CalOPPA defined categories of Personal Data (defined as Personal Information for the purposes of this section) that We collect, the reasons for which We collect Your Personal Information, the sources from which We obtain Your Personal Information, and third parties to whom We may transfer Your Personal Information.

Please note that the Company does not and will not “sell” your Personal Information.

13.1. Privacy Rights in the State of California, USA

If you are a resident of the state of California, USA, you have rights with respect to your Personal Information, subject to certain exceptions. For example, We may not disclose specific pieces of Personal Information if disclosure would create a substantial, clear, and unreasonable risk to the security of Your Personal Information or the security of Our network systems.

13.2. Access to specific Data and the right to transfer Data

With certain exceptions, if you are a resident of the state of California, USA, you have the right to request a copy of the Personal Information We have collected about you in the 12 months prior to your request. After receiving your request and establishing your identity, we will inform you:

– categories of Personal Information that We have collected about You;

– Our business or commercial purpose for collecting such Personal Information;

– categories of third parties with whom We share this Personal Information.

You also have the right to request that your Personal Information be transferred to another Personal Information Controller for the purpose of its further Processing by such Controller.

13.3. The right to request deletion

You have the right to request that we delete any of Your Personal Information that We have collected about You and stored.

13.4. Non-discrimination

We will not discriminate against You for exercising Your rights related to the Processing of Your Personal Information, as well as Your right to refuse to receive Our Service in the future, or to refuse to receive further marketing, informational / advertising materials from Us.

13.5. Refusal of sale

We do not and will not “sell” your Personal Information, but We recognize that the CCPA defines “Personal Information” in such a way that providing access to identifiers associated with you may be considered a “ sale ”. In the event that these identifiers and inferences about visitors to the Platform can be determined as a sale under the CCPA, please use the “Do not sell my Personal Information” setting on the main page of the Platform. After receiving your request through the “Do not sell my Personal Information” setting, the Company makes a corresponding entry in its database of Personal Information / Platform Users, which indicates that the Company is aware of the impossibility of further selling your Personal Information.

14. Additional information for residents of Switzerland

This section only applies to residents of Switzerland. The Company Processes Personal Data in accordance with the Federal Data Protection Act of 1992 (“FADP”).

In addition to the rights listed in section 8 of this Policy, You also have the right to access Your Personal Data, to receive free copies of Your Personal Data in any form convenient for You that We Process.

In order to make a request about what Personal Data We Process about you, please contact Us at : s@cloudfresh.com . Upon request, We will inform You of all available Data about You, including available information about the source of the data, as well as disclose the purpose and, if applicable , the legal basis for the Processing, as well as the categories of Personal Data Processed, about third parties that have access to the Data.

We may refuse, limit or delay the provision of information if this is required by law or is required to protect the interests of third parties.

We take all necessary security measures to prevent any unauthorized or illegal Processing of Personal Data, as well as intentional or accidental loss, damage or destruction of Personal Data, technical errors, falsification, theft and illegal use, unauthorized access, modification, copying or other forms of unauthorized Processing.

We may disclose Personal Data to third parties located outside of Switzerland for the purposes set out in this Data Collection and Processing Policy, as well as for the purpose of fulfilling Our contractual obligations and subject to the assurance that Personal Data will be protected with the highest standards of confidentiality and security during the transportation of Personal Data abroad. We ensure the appropriate level of integrity and protection of Personal Data when transferred to Third Parties, which is required by the provisions of the FADP, by concluding agreements with such companies, which provide for the limitation of the use of Personal Data by the Third Party exclusively for the purposes provided for in the agreement. We ensure that Third Parties involved in the Processing of Personal Data Process such Data in accordance with the instructions provided by Us.

15. Additional information for residents of Canada

This section applies only to residents of Canada. The Company processes Personal Data in accordance with the Law “On the Protection of Personal Information and Electronic Documents” (hereinafter – “PIPEDA”).

In addition to the rights listed in section 8 of this Policy, You also have the right to submit a request to Us to find out what Personal Data We collect, the right to withdraw Your Consent to the Processing of Personal Data, the right to challenge Our compliance with the provisions of PIPEDA to the Office of the Ombudsman of Canada (OPC).

In order to submit a request regarding exactly which of Your Personal Data We Process, please contact Us at : s@cloudfresh.com . In case of receiving your request for access to Personal Data, We will try to respond as soon as possible, but no later than 30 (thirty) days from the date of receipt of the request.

We have the right to extend the 30-day period for providing an answer to the request for another 30 (thirty) days in the event that:

• providing a response within the initial 30 (thirty) days may be considered unreasonable interference in Our activities;
• We need additional time for consultations;
• We need additional time to convert Personal Data into a readable format.

You have the right to file a complaint with the Office of the Privacy Commissioner of Canada (OPC) if we do not respond to your request within the first 30 days.

In the event of a leak of Your Personal Data, We will promptly notify You of such a case and the degree of threat to Your Personal Data. In accordance with PIPEDA, We will immediately notify the Office of the Privacy Commissioner of Canada (OPC) and keep a record of the leak that has occurred.

We may disclose Personal Data to third-party service providers and related corporations located outside of Canada for the purposes set forth in this Data Collection and Processing Policy. The Company’s policy requires that the Company share your Personal Data abroad in a manner that requires the highest standards of confidentiality and security when transporting Personal Data abroad. Please note that when Personal Data is transferred abroad, it may be accessed by courts, law enforcement agencies, and national security agencies. Before disclosing Personal Data, We will assess possible risks that may adversely affect the protection of Personal Data. We ensure the appropriate level of integrity and protection of Personal Data when transferred to third parties, which is required by the provisions of PIPEDA, by entering into agreements with such companies, which provide for the limitation of the use of Personal Data by the Third Party solely for the purposes provided for in the agreement.

16. Additional information for residents of Argentina

This section applies only to residents of Argentina. The Company processes Personal Data in accordance with the Argentina Law “On personal data protection” № 25,326 (“PDPL”), Directive № 1558/2001, provisions and resolutions issued by the Agency of Access to Public (hereinafter – “AAAPI”).

In addition to the rights listed in section 8 of this Policy, You also have the right to obtain access to Your Personal Data, receive copies of Your Personal Data that We Process, request correction and update of Personal Data about You, withdraw Consent to the Processing of Personal Data, delete Personal Data and to object to certain actions We take on Your Personal Data for direct marketing purposes.

You also have the right to file a complaint with the relevant state authority – AAAPI, as the supervisory authority of PDPL, which has the right to consider complaints filed in connection with violations of the rules on the protection of Personal Data. Of course, we encourage you to contact us first at the address s@cloudfresh.com to answer your request.

We may disclose Personal Data to third party service providers and related corporations located outside of Argentina for the purposes set forth in this Data Collection and Processing Policy. The Company’s policy requires that the Company share your Personal Data abroad in a manner that requires the highest standards of confidentiality and security when transporting Personal Data abroad.

17. Additional information for residents of Israel

This section applies only to residents of Israel. The Company processes Personal Data in accordance with the Israel Law “On confidentiality protection” № 5741-1981 and corresponding laws and regulations having the data transition and security as its subject of matter.

In addition to the rights listed in Section 8 of this Policy, You also have the right to review Your Personal Data We Process. For this, please contact Us at : s@cloudfresh.com .

Your access to Personal Data may be subject to certain restrictions and We may redact certain information from the copy of the relevant files provided to You to protect:

• trade secrets and business information belonging to Us and/or any third party with respect to whom We have an obligation of confidentiality by deed or law, and
• confidentiality of any subject of Personal Data.

If, after reviewing Your Personal Data that We Process, You believe that such Data is inaccurate, incomplete or incorrect, You may contact Us at s@cloudfresh.com and request correction or deletion of Personal Data. We reserve the right, after accepting your request, to approve or reject it in accordance with applicable law. We will notify you of our decision in any case no later than 30 (thirty) days after receiving your request.

We may disclose Personal Data to third party service providers and related corporations located outside of Israel for the purposes set forth in this Data Collection and Processing Policy. The Company’s policy requires that the Company share your Personal Data abroad in a manner that requires the highest standards of confidentiality and security when transporting Personal Data abroad.

18. Additional information for residents of Chile

This section applies only to residents of Chile. The Company processes Personal Data in accordance with the Law № 19,628 «On confidentiality protection» (hereinafter – “CLPPL”).

In addition to the general provisions of the Policy regarding the legal grounds for the Processing of Your Personal Data, we inform you that Your Consent is not required if:

• Your Personal Data was collected from open sources; or
• Your Personal Data is processed exclusively for the benefit of the Company for statistical purposes, or for pricing purposes, or for its general good.

In addition to the rights listed in section 8 of this Policy, You also have the right to obtain access to Your Personal Data, to receive free copies of Your Personal Data that We Process, to request correction and update of Personal Data about You, to withdraw Consent to the Processing of Personal Data, destruction and blocking of the Processing of Your Personal Data.

We may disclose Personal Data to third party service providers and related corporations located outside of Chile for the purposes set forth in this Data Collection and Processing Policy. The Company’s policy requires that the Company share your Personal Data abroad in a manner that requires the highest standards of confidentiality and security when transporting Personal Data abroad.

In order to submit a request regarding which of your Personal Data We Process, please contact Us at : s@cloudfresh.com .

Additional information for the APAC region

19. Additional information for residents of Australia

This section only applies to residents of Australia. The Company Processes Personal Data in accordance with the Australian Data Protection Act 1988 (“APA”) and the Data Breach Notification Guidelines (2018).

Before Processing Your Personal Data, the Company will inform You about the controller of Personal Data, the basis and purpose of the Processing, regarding the transfer of Your Personal Data outside of Australia. The Company will not Process “sensitive data” without Your prior Consent.

The Company will not send you marketing emails without your consent. For more information on the rules for sending marketing emails, see section 11 of the Policy.

We may disclose Personal Data to third party service providers and related corporations located outside of Australia for the purposes set out in this Data Collection and Processing Policy. The Company’s policy requires that the Company share your Personal Data abroad in a manner that requires the highest standards of confidentiality and security when transporting Personal Data abroad.

In the event of a leak of Your Personal Data, We will promptly notify You of such a case and the degree of threat to Your Personal Data. In accordance with the APA, we will immediately report such a leak to the Office of the Australian Privacy Commissioner (OAIC).

In order to submit a request regarding which of your Personal Data We Process, please contact Us at : s@cloudfresh.com .

20. Additional information for residents of Vietnam

This section applies only to residents of Vietnam. The Company Processes Personal Data in accordance with the Law on Cybersecurity (as amended on June 12, 2018).

We may disclose Personal Data to third party service providers and related corporations located outside of Vietnam for the purposes specified in this Data Collection and Processing Policy. The Company’s policy requires that the Company share your Personal Data abroad in a manner that requires the highest standards of confidentiality and security when transporting Personal Data abroad.

In order to submit a request regarding which of your Personal Data We Process, please contact Us at : s@cloudfresh.com .

21. Additional information for Hong Kong residents

This section applies to Hong Kong residents only. The Company Processes Personal Data in accordance with the Personal Data Protection ( Privacy ) Act of 1996, as amended on 04/20/2018 (hereinafter “PDO”).

The Company will not send you marketing emails without your prior consent. For more information on the rules for sending marketing emails, see section 11 of the Policy.

We may disclose Personal Data to third party service providers and related corporations located outside of Hong Kong for the purposes set out in this Data Collection and Processing Policy only with your prior consent. The Company’s policy requires that the Company share your Personal Data abroad in a manner that requires the highest standards of confidentiality and security when transporting Personal Data abroad.

We will keep your Personal Data excluded for the period necessary to fulfill the purposes set out in this Policy. In the event that such purposes have been achieved and further storage of Your Personal Data is not required, We will delete all Your Personal Data collected by Us.

If you have any comments, doubts or questions about this Policy, please contact us at the email address s@cloudfresh.com . We will try to answer you as soon as possible, but no longer than 40 (forty) calendar days.

22. Additional information for residents of India

This section applies only to residents of India. The Company processes Personal Data in accordance with the Law “On the Right to Information” of 2005 (hereinafter – the “Law”).

The Company does not Process Personal Data that pose a particular risk. For the purposes of this clause, Personal Data that poses a particular risk includes information related to password, financial information regarding bank account, credit card, etc., physical, psychological and mental health status, sexual orientation, medical records and history, biometric information , any similar data provided to a legal entity for the provision of services or received by it for Processing are stored and Processed on the basis of a transaction or other appropriate basis. Personal data or information that poses a particular risk does not include any information that is freely available and/or information provided under the Act or under any other law. The person who provided such information has the opportunity to withdraw / view / change the provided information.

We may disclose Personal Data to third party service providers and related corporations located outside India for the purposes set out in this Data Collection and Processing Policy. The Company’s policy requires that the Company share your Personal Data abroad in a manner that requires the highest standards of confidentiality and security when transporting Personal Data abroad.

In order to submit a request regarding which of your Personal Data We Process, please contact Us at : s@cloudfresh.com .

23. Additional information for residents of the People’s Republic of China

This section applies only to residents of the People’s Republic of China (“PRC”). The Company Processes Personal Data in accordance with the Cyber Security Act 2017, the Data Protection Act 2021, the Personal Data Protection Act 2021.

The Company does not Process Your Personal Data based on its own or the legitimate commercial purposes of its partners and third parties.

In addition to the rights listed in section 8 of this Policy, you also have the right to obtain access to your Personal Data, request correction and update of Personal Data about you, withdraw your Consent to the Processing of Personal Data, destroy and block the Processing of your Personal Data.

In the event of leakage, falsification or loss of Your Personal Data, as well as in the event of reasonable assumptions that such circumstances may happen to Your Personal Data, We will promptly notify the Cyberspace Administration of the PRC and You of such a case and the degree of threat to Your Personal Data.

We may disclose Personal Data to third-party service providers and related corporations located outside the PRC for the purposes specified in this Data Collection and Processing Policy. The Company’s policy requires that the Company share your Personal Data abroad in a manner that requires the highest standards of confidentiality and security when transporting Personal Data abroad.

The Company will not transfer beyond the borders of the PRC without prior informing and obtaining Your Consent and agreement with the Cyberspace Administration of the PRC:

• critical information;
• personal information for which a mandatory assessment of the degree of risks of disclosure and transfer of such information is required.

The Company will not disclose your Personal Data at the request of foreign authorities or by the decision of a foreign court without first obtaining the consent of the Cyberspace Administration of the People’s Republic of China.

In order to make a request about what Personal Data We Process about you, please contact us at : s@cloudfresh.com.

24. Additional information for residents of the Republic of Korea (South Korea)

This section applies only to residents of the Republic of Korea. The Company Processes Personal Data in accordance with the Personal Information Protection Act of 2011 (“PIPA”) and other industry laws.

We may disclose Personal Data to third-party service providers and related corporations located outside of South Korea for the purposes set forth in this Data Collection and Processing Policy. The Company’s policy requires that the Company share your Personal Data abroad in a manner that requires the highest standards of confidentiality and security when transporting Personal Data abroad.

In addition to the rights listed in section 8 of this Policy, you also have the right to obtain access to your Personal Data, the right to be forgotten, to request the correction of Personal Data about you, to object to direct marketing and profiling.

The Company implements appropriate methods to ensure the security of Personal Data, track its use and comply with the law.

In the event of a violation of the procedure for handling Personal Data or its leakage, loss, etc., the Company will notify you and the Commission for the Protection of Personal Information about such an incident within 24 hours, regardless of the size of the violation. If the breach occurred with respect to more than 1,000 data subjects, the Company will immediately notify the Commission for the Protection of Personal Information.

In order to submit a request regarding which of your Personal Data We Process, please contact Us at : s@cloudfresh.com.

25. Additional information for residents of Singapore

This section applies to residents of Singapore only. The Company Processes Personal Data in accordance with the Personal Data Protection Act 2012 (hereinafter referred to as the “PDPA”), the Cyber Security Act 2018, and the Personal Data Privacy Regulations 2021.

In addition to the rights listed in section 8 of this Policy, you also have the right to obtain access to your Personal Data, to request correction of Personal Data about you, to withdraw your Consent to the Processing of Personal Data.

We may disclose Personal Data to third party service providers and related corporations located outside of Singapore for the purposes set out in this Data Collection and Processing Policy. The Company’s policy requires that the Company share your Personal Data abroad in a manner that requires the highest standards of confidentiality and security when transporting Personal Data abroad.

The Company will notify PDPC within 3 days if it is likely to result in significant harm to an individual, relates to the Personal Data of more than 500 individuals or relates to said Personal Data. Notices to individuals The Company will try to make “as soon as possible”.

In order to make a request about what Personal Data We Process about you, please contact us at : s@cloudfresh.com.

26. Additional information for residents of Thailand

This section applies only to residents of Thailand. The Company processes Personal Data in accordance with the Personal Data Protection Act BE 2562 of 2019 (hereinafter referred to as the “Thai PDPA”).

In addition to the rights listed in section 8 of this Policy, you also have the right to obtain access to your Personal Data, the right to be forgotten, to request the correction of Personal Data about you, to object to direct marketing and profiling.

We may disclose Personal Data to third party service providers and related corporations located outside of Thailand for the purposes set forth in this Data Collection and Processing Policy. The Company’s policy requires that the Company share your Personal Data abroad in a manner that requires the highest standards of confidentiality and security when transporting Personal Data abroad.

In order to submit a request regarding which of your Personal Data We Process, please contact Us at s@cloudfresh.com.

27. Additional information for residents of Taiwan

This section applies only to residents of Taiwan. The Company Processes Personal Data in accordance with the Personal Data Protection Act of 2015 (“PDPA”) with implementing regulations from the Ministry of Justice.

In addition to the rights listed in section 8 of this Policy, you also have the right to obtain access to your Personal Data, the right to be forgotten, to request the correction of Personal Data about you, to withdraw your Consent to the Processing of Personal Data.

We may disclose Personal Data to third-party service providers and related corporations located outside of Taiwan for the purposes specified in this Data Collection and Processing Policy. The Company’s policy requires that the Company share your Personal Data abroad in a manner that requires the highest standards of confidentiality and security when transporting Personal Data abroad.

In addition, the Company implements additional appropriate measures for protection, including Personal Data mapping, risk assessment, incident response plan with Personal Data security personnel.

The Company will notify individuals as appropriate if an individual’s Personal Data has been stolen, leaked or illegally altered, or any other breach incident has occurred.

In order to make a request about what Personal Data We Process about you, please contact us at : s@cloudfresh.com.

28. Additional information for residents of the Philippines

This section applies only to residents of the Philippines. The Company processes Personal Data in accordance with the Personal Data Protection Act 2012 (hereinafter referred to as the “DPA”).

Before Processing Your Personal Data, the Company will inform you about the controller of Personal Data, the grounds and purposes of the Processing. The Company will not Process “sensitive data” without Your prior Consent.

We may disclose Personal Data to third party service providers and related corporations located outside the Philippines for the purposes set forth in this Data Collection and Processing Policy only with your prior consent. The Company’s policy requires that the Company share your Personal Data abroad in a manner that requires the highest standards of confidentiality and security when transporting Personal Data abroad.

In the event of a leak of Your Personal Data, as well as in the presence of a high probability of such a leak, We will notify You and the National Commission for Personal Data of such a case and the degree of threat to Your Personal Data within 72 hours.

In order to submit a request regarding which of your Personal Data We Process, please contact Us at :  s@cloudfresh.com.

29. Additional information for residents of Japan

This section applies only to residents of Japan. The Company processes Personal Data in accordance with the Personal Information Protection Act of 2003, as amended from June 1, 2022.

Before Processing Your Personal Data, the Company will inform you about the controller of Personal Data, the grounds and purposes of the Processing. The Company will not Process “sensitive data” without Your prior Consent.

We may disclose Personal Data to third-party service providers and related corporations located outside of Japan for the purposes specified in this Data Collection and Processing Policy only with your prior consent. The Company’s policy requires that the Company share your Personal Data abroad in a manner that requires the highest standards of confidentiality and security when transporting Personal Data abroad.

In the event of a leak of Your Personal Data, as well as in the presence of a high probability of such a leak, We will promptly notify the Committee for the Protection of Personal Information about such a case and about the degree of threat to Your Personal Data. If it is necessary to apply additional mechanisms for the protection of your Personal Data, we will notify you in a timely manner.

In order to submit a request regarding which of your Personal Data We Process, please contact Us at : s@cloudfresh.com.

30. Dispute Resolution

Before filing a claim in court in disputes arising from the relationship between the User and Us, it is mandatory to submit a claim (a written proposal for voluntary settlement of the dispute). The recipient of the claim shall, within 30 (thirty) calendar days from the date of receipt of the claim, notify the applicant of the claim in writing about the results of the consideration of the claim.

In case of failure to reach a compromise, the dispute will be referred to the competent court of the Czech Republic. Current legislation of the Czech Republic applies to this Policy and the relationship between the User and the Platform.

31. Update of the Data Collection and Processing Policy

We have the right to make changes to this Policy at any time and for any reason by posting a new version of the Policy at the above link. We strongly recommend that you check the Policy and the date of the last change from time to time to stay informed of the latest changes.

If you do not agree with any changes made to the Policy, you must stop using the Platform, and you can also request the deletion of your Personal Data.

32. Contact information

If you have any comments, doubts or questions about this Policy, please contact us at the email address s@cloudfresh.com .

We will try to answer you as soon as possible, but no longer than within 30 (thirty) calendar days.