Stylemix Themes Portal Sites / Home / Notice to EU/EEA Residents

Notice to EU/EEA Residents

Date of Last Amendment of this Notice: November 18, 2022

This privacy notice only applies to residents of countries in the European Union and Iceland, Liechtenstein, and Norway, together the members of the European Economic Area.

This notice sets out how Stylemix FZ-LLC (“Stylemix,” “we,” “us,” “our”) processes personal data as a data controller. Stylemix’s registered address is VD-G00-187, Building 5, Dubai Media City, Dubai, UAE 72280. Email: [email protected].

Stylemix has designated an appropriate official as its Privacy Compliance Officer. The Privacy Compliance Officer is empowered to ensure Stylemix’s compliance with the EU General Data Protection Regulation (“GDPR”) as well as Stylemix’s confidentiality of personal data obligations in other jurisdictions.

You can contact us at [email protected].

A. Personal Data We Collect

  1. We collect from customers (“customers” are people who have or are in the process of contracting with us for the purchase of a good or service):
    • Name
    • Login and password for our website.
    • Avatar.
    • Email address.
    • Other communication channels if the customer prefers: telephone number, WhatsApp, Skype or similar ID, social media messaging service identifier.
  2. We collect from users of our website:
    • The date and time of the user’s visits.
    • The user’s browser type.
    • The user’s Internet Service Provider.
    • The user’s IP address.
    • The website the user visited before and after our website (“navigation history,” “referring site”).
    • The pages on our site that the user viewed.
  3. “Users”  are people accessing our website. A customer is a user when interacting with our website.
  4. We do not collect special category data as defined in the GDPR.

 B. Data Sources

  1. Users
    Most of the data we collect is provided directly by users when:
    • They create an account on our website (becoming customers) in order to purchase a product or service from us.
    • They sign up to receive newsletters or other communications from us.
    • They schedule a web conference with us to find out more about our products and services before making a purchasing decision.
  2. Use of Our WebsiteThe data identified in section A.2. is collected when users access our website using cookies and related technologies.We collect data directly when users browse our website as disclosed in the Data Collection Technologies section of this Notice.

    We are provided with website usage and search-engine-related data by Alphabet Inc. as disclosed in the Google Analytics and Google Search Console subsection of the Data Collection Technologies section

  3. E-commerce Sites and Payment ProcessorsWhen a customer wishes to purchase a Stylemix product, they are transferred to a third-party e-commerce/payment processing site (Envato Market) or a payment processing site (Freemius), depending on the product they wish to purchase.Our partner e-commerce and payment processing partners do not share credit card numbers or other payment or financial data with Stylemix. We are advised when a payment has been successfully processed.
  4. Other Sources

We receive support from third-party service providers:

  • Active Campaign We use Active Campaign’s MailChimp service.
  • Calendly We offer Calendly’s “quick call” feature in our newsletters.
  • Digital Ocean Digital Ocean is our web host. Digital Ocean adheres to the EU/US “Privacy Shield”, ensuring that data is securely stored and GDPR compliant
  • Mixpanel We use Mixpanel for analytics.
  • Zendesk: We use Zendesk to provide premium support services.

Support may include those third parties providing us with data described in subsections A.1. and A.2. In other cases, the third party processes data that we provided and returns it to us in aggregate so that it can be used for business planning and product development purposes.

C. Our Reasons and Legal Basis for Processing Personal Data

Our reasons for collecting and using personal data are:

  • So that our website works as users expect and provides users with a personalized experience.
  • So that customers can purchase our products and services.
  • So that we can carry out our contractual obligations to customers and take the necessary steps to enter into a contract with a customer.
  • “Carry out our contractual obligations to a customer” means providing Product Updates and Priority Ticket Support.
  • So that we can communicate with users, prospective customers, and customers.
  • To operate our business and our website. This means we collect data that:
    • Allows us to perform everyday business operations including record-keeping and internal reporting and management of resources.
    • Helps us improve our products, services, website, and business processes.
    • Allows us to conduct customer relationship audits and management procedures, as well as carry out marketing initiatives, including meeting the evolving needs of our customers, i.e., identifying product improvements and additional products or services that may be of interest.
    • Helps us better manage and improve the overall relationship our customers have with us so they continue doing business with us, including improving user experience on our website.

The legal bases for our processing (collection and use) of personal data are:

  • It is necessary for the performance of our contracts with customers in order to deliver the products and services purchased, or in order to take steps prior to entering into contracts with customers.
  • It is necessary for compliance with legal obligations, e.g. if Stylemix is required to disclose personal data by Court order or operation of law (e.g., receipt of a subpoena or summons). Unless legally prevented from doing so, we will first attempt to advise the customer that we have received an order or direction to disclose personal data so that the customer can challenge the order if they see fit.
  • It is in the public interest, e.g., necessary to report criminal or probable criminal activity including fraud against us or one of our customers or generally to protect the security of our customers and their property, including their intellectual property.
  • It is necessary for our pursuit of legitimate business interests.
  • Examples of our legitimate interests are:
    • Sending communications including marketing or communicating benefits, features, or other details about our products or services, where this is necessary to pursue our legitimate interests to promote our products and services to customers and prospective customers.
    • Taking steps that provide or could provide customers and prospective customers with additional or better value.
    • Promoting our brand and business to customers and prospective customers. Examples here include conducting market research and analyzing data we hold about customers and prospective customers where this is necessary to pursue our legitimate interests in promoting our brand and business.
    • Taking steps (1) to insure or otherwise protect our interests in our products and services (including intellectual property interests), (2) to manage our credit, business, and other risks to protect our company and operate it effectively, efficiently, and financially prudently.
  • A legitimate interest will only apply where we consider that it is not outweighed by users’ or customers’ protection of personal data interests or rights under the GDPR. Users or customers requiring further information regarding our legitimate interests as applied to personal data may contact us at [email protected].
  • Express consent is an additional basis for processing personal data when, for example, a user or customer opts into receiving newsletters or marketing materials from us by completing a form on our website and checking the “I consent” box. Recipients of marketing materials can unsubscribe at any time.
  • There are some circumstances in which it will be necessary for a user or customer to provide personal data to us. We will make it clear if and when this situation arises. This need will arise where there is a requirement under law for Stylemix to obtain specific data from a user or customer, or where it is necessary to obtain certain information in order for us to enter into a contract with a user or to provide a customer with products and services under a contract. If a user or customer declines or fails to provide necessary data, this may result in the termination of a contract between the customer and us or alternatively will mean that Stylemix will not be able to provide the product or service to a user or customer or the company or organization they represent.
  • Stylemix is a B2B company. Therefore, we do not conduct business with or collect personal data from or about minors (children). If a user has not reached the age of majority where they live, the user must not (1) enter any personal data in any form on our website, (2) provide personal data in any other way, (3) transact or attempt to transact business with Stylemix, or (4) continue to browse our website.
  • Where we have reasonable grounds to suspect that a user or customer is a minor is an example of a circumstance in which it will be necessary for a user or customer to provide personal data to us (data that establishes they have reached the age of majority in the country in which they live).

D. Sharing Personal Data

Stylemix shares data, which may include personal data, with the following service providers for the purposes enumerated, each of which we have determined to be a legitimate basis for processing personal data:

  •  Active Campaign We use Active Campaign’s MailChimp service.
  • Alphabet Inc.
    • We use Google Analytics. Google (Alphabet Inc.) uses cookies to help us better understand how our website is being used including the number of users, session statistics (the pages visited, how long users stay on the site), approximate geolocation, and browser and device information.
    • We use Google Search Console, a tool that provides search-engine-related data to help us optimize traffic to our site. Examples of search-engine-relate data include user queries and the number of times our site URLs appear in search results (impressions), along with post-click data about site engagement like bounce rates and e-commerce conversion rates.
    • Google policies require that no data be passed to Google that Google could use or recognize as personal information. More information about Google’s policies is here.
    • Calendly We offer Calendly’s “quick call” feature in our newsletters.
    • Digital Ocean Digital Ocean is our web host. Digital Ocean adheres to the EU/US “Privacy Shield”, ensuring that data is securely stored and GDPR compliant.
    • Envato We offer products for sale on the Envato marketplace for WordPress themes (Themeforset).  Envato is a payment processor and payment for some of our products is made on this site.
    • Freemius Premium versions of our plugins are stored with this service. Freemius is a payment processor and payment for some of our products is made on this site.
    • Mixpanel We use Mixpanel for analytics.
    • Zendesk: We use Zendesk to provide premium support services.

E. International Transfer of Personal Data

Our web servers and CDN service are hosted in the US by DigitalOcean. Therefore, our processing of data involves the transfer of data outside the European Economic Area (EEA). 

Digital Ocean adheres to the EU/US “Privacy Shield”, ensuring that your data is securely stored and GDPR compliant.

Data may also be transferred outside the European Economic Area (EEA) when we use the services of the other third-party providers disclosed in section D. Sharing Personal Data. In most cases, the countries outside the EEA to which we send data have data protection laws which are less stringent than the GDPR. We take steps to ensure that appropriate safeguards are in place to protect your data. We have in place standard data protection clauses under Article 46 of the GDPR. You can request a copy of the standard contractual clauses which relate to transfers of your personal data by contacting us at [email protected].

F. Safeguards

We use industry-standard administrative, electronic (HTTP over TLS encryption), and physical security measures to prevent unauthorized access to personal data.

G. Data Breaches

While we take commercially reasonable steps to secure personal data, no security measures are perfect or impenetrable, and no method of data storage or transmission can be guaranteed against any interception or other misuse. In particular, any data stored online is vulnerable to interception and misuse by unauthorized parties.

In the event of a data breach that poses a real risk of significant harm to users and customers, we will take the following steps:

  • Notify users and customers of the breach if their personal data was or may have been accessed or affected.
  • If known, advise users and customers of the specific personal information that was or may have been accessed or affected.
  • Advise users and customers of steps they can take to reduce the risk of harm from the breach, e.g., changing passwords or monitoring accounts.
  • Advise users and customers when the breach has been addressed and the risk to data has abated.
  • Advise applicable government authorities of the breach if required to do so by law.

 H. Marketing

We periodically send information about our products and services to users and customers, including those who have not expressly consented to receive such information by, for example, opting into receiving newsletters or marketing materials by completing a form on our website and checking the “I consent” box. 

Recipients of marketing materials sent by email can unsubscribe at any time. Otherwise, recipients no longer wishing to be contacted for marketing purposes may contact us at [email protected].

We do not sell data to third parties so that those parties can market to our users and customers.

I. Retention of Personal Data

When we sell a product, we sell a license to use the product. Our licenses permit customers to use our products indefinitely (i.e., product licences do not expire). However, products are updated or upgraded from time to time and we retain customers’ personal data indefinitely so that we can advise them of available updates or upgrades. We may also advise them of the availability of similar or related products they may wish to purchase in the future. Retention also allows us to provide ongoing Product Updates and Support.

We retain users’ personal data as long as we continue to market to them. Users who have not purchased a product or service from us will know that we no longer retain their personal data when they no longer receive marketing material from us.

When we dispose of personal data, we do so in a way that prevents a privacy breach, i.e., by securely shredding paper files and completely and permanently deleting electronic records. Any data retained purely for statistical purposes will be rendered anonymous and no longer personal data.

If instructed to do so by a user or customer, we will dispose of personal data. Users and customers may contact us at [email protected] if they wish to have their personal data deleted from our records.

J. Data Protection Rights

Users and customers have certain rights in relation to their personal data.

The availability of these rights and the ways in which they can be used are set out below in more detail. Some of these rights only apply in certain circumstances. A user or customer wishing to exercise or discuss any of these rights may contact us at [email protected], and provide sufficient information to allow the Officer to understand the scope of the request.

Rights in relation to personal data are:

  • Consent: If our processing is based solely on consent, users and customers can withdraw their consent by contacting us at [email protected]. When processing is not based solely on consent, we will most likely stop processing data if requested to do so.
  • Access: Users and customers are entitled to ask if we are processing their data and, if we are, they can request access to their personal data. This enables them to receive a copy of the personal data we hold about them and certain other information about it. To access personal data, contact us at [email protected].
  • Correction: Users and customers are entitled to request that any incomplete or inaccurate personal data we hold be corrected. To request a correction, contact us at [email protected].
  • Erasure: Users and customers are entitled to ask us to delete or remove personal data in certain circumstances. There are exceptions where we may refuse a request for erasure, for example, where the personal data is required for legal compliance or in connection with claims. To request a personal data erasure, contact us at [email protected].
  • Restriction: Users and customers are entitled to ask us to suspend the processing of certain of their personal data; for example, if a user or customer wants us to establish the accuracy of data or our reason for processing it. To request a suspension of our processing of personal data, contact us at [email protected].
  • Transfer: Users and customers may request the transfer of certain personal data to another party. Contact us at [email protected] to request the transfer of personal data.
  • Objection: Where we are processing personal data based on a legitimate interest, a user or customer may challenge this. However, we may be entitled to continue processing data based on our legitimate interests or where the data is relevant to legal claims. Users and customers also have the right to object when we process personal data for direct marketing purposes. To object to our processing of personal data, contact us at [email protected].
  • Automated decisions: Users and customers may contest any automated decision made about them where this has a legal or similar significant effect and ask for it to be reconsidered. Contact us at [email protected] to request reconsideration of an automated decision. (Note that, at present, Stylemix does not use an automated decision-making system.)

K. Data Collection Technologies

Each time a user visits our website or otherwise connects with us electronically, we collect data using technology. This data might be about the user’s preferences or device and is mostly used to make our website work as users expect it to. The data does not usually personally identify the user (although it might), but it does allow for a more personalized web experience.

Examples of the data we collect or may collect using technology include the date and time of a visit or connection, the user’s browser type, the user’s Internet Service Provider and IP address, the site the user visited before or after our website (“navigation history,” “referring site”), and the pages on our site that were viewed. In isolation, a single piece of such data does not necessarily identify a user but in some cases, it could be used in combination with other data to identify an individual user, particularly if the user provided us with personal data at the time of their visit or connection.

In addition to using this data to optimize our website, we use it for our internal security audit log, usage and trend analysis, system administration, and to gather aggregate demographic information about our user base for market identification and related purposes, including how customers use our products. We share this data, including personal data, with third parties that provide services to us, including analysis, storage, and data aggregation/organization services.

Because such data could be used to identify an individual, we treat it as personal data. This means we only use it for legitimate purposes of operating our business and advancing our commercially reasonable business objectives, including understanding how customers use our products. We do not use it for any other purpose.

By using our website or otherwise connecting with us electronically, users acknowledge that they understand that we collect data of the nature described. If a user objects to our gathering data of this type, it is recommended that the user not use our website or connect with us electronically.

Cookies

Cookies are small text files that are placed on users’ computers by websites. They are widely used to allow websites to work properly and be more user-friendly, remember user preferences, improve user experience, and provide the website’s owner with information it can use for legitimate purposes in its business. A description of what cookies are and how they work can be found here.

We use cookies for all of the reasons listed.

Some cookies placed by our website are from third-party companies that provide us with analytics and other services. The data collected helps us understand how users interact with our website and, in some cases, how customers use our products so that we can identify new products to offer and enhancements to existing products that will add value for our customers (e.g., upgrades).

Google Analytics and Google Search Console

We use Google Analytics. Google (Alphabet Inc.) uses cookies to help us better understand how our website is being used including the number of users, session statistics (the pages visited, how long users stay on the site), approximate geolocation, and browser and device information.

We also use Google Search Console, a tool that provides search-engine-related data to help us optimize traffic to our site. Examples of search-engine-relate data include user queries and the number of times our site URLs appear in search results (impressions), along with post-click data about site engagement like bounce rates and e-commerce conversion rates.

Google policies require that no data be passed to Google that Google could use or recognize as personal data. More information about Google’s policies is here.

Other Service Providers

In addition to Google, the following companies provide services to us:

  • Active Campaign We use Active Campaign’s MailChimp service.
  • Calendly We offer Calendly’s “quick call” feature in our newsletters.
  • Digital Ocean Digital Ocean is our web host. Digital Ocean adheres to the EU/US “Privacy Shield”, ensuring that data is securely stored and GDPR compliant.
  • Envato We offer products for sale on the Envato marketplace for WordPress themes (Themeforset).  Envato is a payment processor and payment for some of our products is made on this site.
  • Freemius Premium versions of our plugins are stored with this service. Freemius is a payment processor and payment for some of our products is made on this site.
  • Mixpanel We use Mixpanel for analytics.
  • Zendesk: We use Zendesk to provide premium support services.

We provide these service providers with personal data. We acknowledge that as data controller we are ultimately responsible for the security of personal data provided to us. We are satisfied that these providers properly protect and lawfully use the personal data in their possession. You can read each company’s privacy policy by clicking on their names.

‍Other User-Tracking Technologies

We use web beacons (sometimes called trackers). Web beacons allow the owner of a website to count the number of users who click on an advertisement for its product or service on a third-party site (in order to assess the value of advertising on that third-party site). Web beacons collect only specific information, such as a cookie number, time and date of visit, and a description of the page on which the web beacon is installed. Personal information is not collected.

It is not possible to opt out of web beacons used on web pages. However, because web beacons are used together with cookies, their use can be limited by deleting cookies or changing a browser’s cookie settings.

Managing Cookies Settings

Users can manage their cookies settings to clear or block specific cookies or all cookies. However, if all of the cookies that we use are blocked, it may affect user experience or result in the website becoming unusable. Users can access your cookie settings via their browser settings. Please keep in mind that by clearing all cookies, website preferences will be lost.

L.   Privacy Policies of Other Websites

Our website contains links to other websites. Our privacy policy applies only to our website and operations, so if you go to another website, you should read their privacy policy.

M.   Compliance

A user or customer who believes we are not processing their personal data as required by the GDPR is invited to raise their concern in the first instance with us at [email protected].

Users and customers have the right to have concerns reviewed fairly and impartially, and to be advised of the outcome of the review and any steps taken to address a concern, including any amendments to this Policy or any changes to our practices.

Users and customers also have the right to lodge a complaint with the GDPR Data Protection Authority in their country. The Data Protection Authorities in the member states of the EEA (and their contact information) can be found here.

N. Amendments to this Notice

We amend this Notice to UE/EEA Residents from time to time. If the Date of Last Amendment of this Notice is later than the last time you read it, please review this Notice again.

 

 

 

 

 

BACK-END DEMO