Focus Bear Pty Ltd (‘the Company’ hereinafter) informs you about its Privacy Policy regarding the protection of your personal data that may be processed by browsing, contacting or contracting services through this website.
The Company guarantees compliance with current regulations on the protection of personal data through the General Data Protection Regulation (EU) 2016/679 (‘the GDPR’ hereinafter).
The objective of this Privacy Policy is to inform the natural persons who provide their personal data, and/or those who act on their behalf, about the purposes of the use of personal data, the legal bases for the processing, who has access to the data, how to exercise the rights guaranteed by the GDPR, the information retention periods, and the security measures used to maintain the confidentiality, integrity and availability of personal data, among others.
The use of this website implies the acceptance of this Privacy Policy as well as the conditions included at Terms of Service.
WHO IS RESPONSIBLE OF DATA PROCESSING?
According to data protection, "Controller" means the entity that determines the purposes and means of the processing of your personal data. In these terms, Focus Bear must be considered the Controller.
Controller – Focus Bear Pty Ltd
ABN - 59 659 843 964
Address - 29 Melrose St, Sandringham VIC 3191 (Australia)
Email – privacy@focusbear.io
WHO IS THE REPRESENTATIVE?
According to data protection, ‘Representative’ means the entity established in the European Union who, designated by the Controller, represents the controller with regard to its respective obligations under the GDPR.
Representative – ‘by Data’
ABN – 33 420 814 429
Postal Address – PO Box 42034 Branch Office 2, Valencia 46017 (Spain)
Email – representative@bydata.eu
Website – www.bydata.eu
WHO IS THE DATA PROTECTION OFFICER?
According to data protection, ‘Data Protection Officer (DPO)’ is the entity who informs and advises the Controller on its obligations under the GDPR and cooperates with the Supervisory Authority.
DPO – ‘by Data’
ABN – 33 420 814 429
Postal Address – PO Box 785 Upper Coomera QLD 4209 (Australia)
Email – dpo@bydata.eu
Website – www.bydata.eu
WHAT PERSONAL DATA DO WE COLLECT?
All information collected by Focus Bear will be processed fairly, lawfully and transparently.
Likewise, the personal data requested in each of the data processing carried out will consist only of those strictly essential to achieve the intended and informed purpose in each case.
In this way, your data collected will be adequate, relevant and not excessive in relation to the purposes for which they are processed in each case. Therefore, your personal data will be collected for certain explicit and legitimate purposes and will not be further processed in a manner incompatible with said purposes. In addition, they will be updated whenever necessary.
Within the framework of the different data processing on activities carried out by the Controller, the following categories of personal data are collected:
Identification Data - Personal data used to contact, identify or register a natural person.
Social Data - Personal data related to personal characteristics and lifestyle.
Academic and Professional Data - Personal data related to academic levels, training, career and working experience.
Commercial and Marketing Data - Personal data related to preferences in Marketing, Activities and Businesses.
Technical Data - Personal data related to technology used to access to websites, applications, software and platforms.
Economic, Financial and Insurance Data - Personal data related to the financial situation and banking details.
Profile Data - Personal data related to purchases, service preferences, feedback and survey.
Aggregate Data - Personal data related to Statistical or Demographic information to websites, applications, software and platforms (as Cookies).
Special Category of Personal Data – Religious beliefs and personal data related to Health.
HOW DO WE COLLECT YOUR PERSONAL DATA?
As a general rule, personal data is always collected directly from you or an agent acting on your behalf (interested party); however, in certain exceptions, the data may be collected through third parties, entities or services other than you.
In this case, this point will be conveyed to the interested party through the information clauses contained in the different ways of collecting information and within a reasonable period or in the first communication made to the interested party.
FOR WHAT PURPOSE DO WE PROCESS YOUR PERSONAL DATA?
Your personal data is processed for the following purposes:
Customer Management
Manage the purchase and sale of goods and services, billing, accounting, subscriptions and user registrations, shipments, collections, non-payments, offers, budgets and quotes, contracts, customer service, contact and commercial relationships.
Customer Service
Manage complaints or queries about products, services and possible breaches of the code of ethics or internal regulations of the organization, acts or conduct that may be contrary to general or specific regulations of the sector, with the purpose of carrying out managing investigations of possible complaints or queries, as well as managing internal information systems related to clients.
Marketing Management
Make contacts, monitor and create business opportunities, manage user registration for newsletters and commercial communications, hold meetings (in person or online) to advise on the products and services offered, conduct surveys and feedback monitoring, organize events and actions related to direct marketing.
Website Management
Respond to requests for information, goods and services sent by website users through established communication channels, manage the registration of web users to access direct sales products and services through the website (e-commerce) and the Analysis of data generated by website visitors.
Social Media Management
Manage follower data on social networks and offer multimedia content through publications and interactions with them.
The categories of personal data, the conditions of use, the privacy policies and the rules of access to Social Media Networks, can be consulted at the following links:
In no case the Company will use the profiles of followers in social networks to send advertising individually.
Service Providers Management
Manage purchases, accounting, payments, management of delivery notes and orders, acquisition of materials, products, services and assets through service contracts for the Company, its clients, contacts and business relationships.
Personnel Management
Hiring (own personnel, trainees or through External Companies), payroll management, taxes and social services, occupational risk prevention, health surveillance, expense and cost control, access and schedule control, training, insurance and social benefits, as well as Human Resources Administration.
Security Breach Management
Assess, manage and report personal data security breaches in accordance with the GDPR.
Exercise of Data Subjects’ Rights
Respond to and manage requests from interested parties in the exercise of the rights granted in the GDPR in compliance with data protection regulations.
However, all the explicit purposes for which each of the processing are carried out are included in the information clauses incorporated in each of the data collection methods (as web forms, informative notes, invoices, delivery notes, contracts and other documents containing personal information).
LAWFULNESS OF DATA PROCESSING
As a general rule, prior to the processing of your personal data, the Company informs you of the legal basis by which it establishes the legitimacy of the processing of your personal data.
The processing of your personal data is lawful because it applies:
Consent: There is processing based on the express and unequivocal consent of the interested party, through the incorporation of information clauses in the different personal data collection systems, authorizing consent through a clear and affirmative statement or action. Additionally, we inform you that we will only use personal information under this Privacy Policy and, in general, we will request your consent for purposes other than those for which you initially granted them.
Execution of a Contract: for the prior management of a contracted service or product, development of the execution of a contract or subsequent procedures derived from said contract between the Controller and the Interested Party.
Compliance with Legal and Regulatory Obligations: general and specific laws and regulations are applied to the processing of your personal data in relation to business activity, as well as regulations on data protection, which authorize or require the processing of personal data of the interested party and will be shown in the corresponding information clause.
Legitimate interest: data processing based on the legitimate interest of the Controller will be established for the general activity of the business and for the sending of communications or commercial events about products or services similar to those contracted (direct marketing). This processing will only be valid when the interested party has not expressly denied it at the time of collecting their personal data or in any of the communications made.
HOW LONG DO WE STORE YOUR DATA?
Your personal data is stored for the time necessary to fulfill the purpose for which it was collected, as long as the provision of the service, employment or contractual relationship is maintained, there is a mutual interest or for the time provided for in the corresponding regulations.
The following criteria may be applied to the data storage time:
The period established by law, or
Until you exercise the right to Erasure, or
The period necessary for the purposes for which we collect your personal data, including to satisfy any legal, accounting or reporting requirements.
The data may be stored longer that the time necessary to fulfill the purpose for which they were collected for statistical purposes, for which the appropriate security measures and data minimization criteria will be applied to guarantee data confidentiality.
WITH WHOM DO WE SHARE YOUR PERSONAL DATA?
When you connect and interact with this website or send an email to Focus Bear, you are providing personally identifiable information for which the Company is responsible.
By providing this information, you give your consent for your personal data to be collected, transferred to us and may be stored by:
To fulfill the purposes described above, when you interact with the Company, your personal data can be shared with:
Judicial Authorities, State Agencies or Public Bodies (if mandatory);
Professional advisers acting as Processors including lawyers, consultants, auditors and insurers;
Service providers acting as Processors who provide Information Technology (IT) and system administration services on our behalf and companies included in the Information Society Services.
PROCESSORS
Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the Controller.
The following companies process personal data on behalf of the Company, acting as Processors:
INTERNATIONAL TRANSFERS OF YOUR DATA
International Data Transfer means any personal data transferred from a European Union country to a third country or international organisation outside the European Economic Area (EEA)*.
(EEA*: Composed of the 27 EU Member States plus Norway, Iceland and Liechtenstein).
Your personal data is collected directly from outside the European Economic Area with your explicit consent, accepting this Privacy Policy.
WHAT RIGHTS CAN YOU EXERCISE?
According to the GDPR, the Rights that assist you are the following:
Right of Access, right to request information from the controller about whether your personal data is being processed. This allows you to receive a copy of the Personal Data we hold about you and to check that we are legally processing it.
Right to Rectification, a right that allows the affected party to request the modification of personal data that is inaccurate or incomplete.
Right to Erasure (‘right to be forgotten’), right to delete or remove the personal data of the interested party. This enables you to ask us to delete or remove your personal data where you have successfully exercised your right to Object (see below), where we may have processed your information unlawfully or where we are required to erase your data to comply with local law.
Right to Object, the right of a person to oppose the processing of their personal data or the cessation of it.
Right to Restriction, right to suspend the processing of the interested party's personal data in certain cases: where you want exercise the right to Rectification, where data processing is unlawful, where you need us to hold the data to establish, exercise or defend legal claims; or you have objected to use your data while the verification is still pending.
Right to data Portability, the right to request that the Company will provide to another Controller your personal data in a structured, commonly used, machine-readable format.
Right to Object, the right of the interested party to oppose the processing of their personal data or the cessation of it. You also have the right to object where we are processing your personal data for direct marketing purposes.
Automated individual decision-making, the right not to be subject to a decision based solely on automated processing, including profiling, that produces legal effects on the affected party or significantly affects them in a similar way.
Right to lodge a complaint with a Supervisory Authority if you consider that the data processing does not comply with current regulations.
Right to withdraw consent at any time where the processing is relying on your consent. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent.
HOW TO EXERCISE YOUR RIGHTS?
The applicant may exercise their rights through the following means:
Email to privacy@focusbear.io providing documentation that proves the identity of the applicant (copy of a Photo ID).
Postal mail to Level 13, Freshwater Place, 2 Southbank Boulevard, Southbank VIC 3006 (Australia) providing documentation that proves the identity of the applicant (copy of a Photo ID).
Focus Bear will respond to your request as soon as possible and the maximum period for the resolution of the application is 30 days from receipt, it can be extended for a maximum of 2 months whenever necessary, but you will be notified about it.
COMPLAINT TO A SUPERVISORY AUTHORITY AND SEEKING A JUDICIAL REMEDY
You have the right to lodge a complaint with a Supervisory Authority.
You may submit a complaint if you do not receive a response to your request for the execution of your rights or if you consider that the processing of your personal data breaks the law, and it could affect your rights and freedoms.
You may lodge a complaint with:
The Office of the Australian Information Commissioner (OAIC) www.oaic.gov.au for Australian residents and interested parties.
The Spanish Data Protection Agency (AEPD, acronym in Spanish) www.aepd.es as it is the European Supervisory Authority chosen by the Controller for data protection issues.
All affected parties may submit a complaint to any of the European Supervisory Authorities established by the European Commission.
WHAT COULD THE CONSEQUENCES OF NOT PROVIDING INFORMATION BE?
All interested parties guarantee that the information transmitted or provided, in any of the forms or collection media, is true, accurate and corresponds to the data of the legitimate owner.
If you do not provide true or accurate information when requested, we may not be able to provide you with the required services or perform the contract we have or are trying to enter into with you. In these circumstances we have the right to cancel or refuse our services, but we will notify you if this is the case at the time.
Our services are not intended for minors, so registration is only permitted for people over 16 years of age. Otherwise, please note that any possible liabilities that may arise as a result of the use of our services will be the responsibility of the parents or guardians of the minor.
AUTOMATED DECISION-MAKING
The Company processes your personal data to make automated decisions about our services offered to you. The result of this automated decision-making could affect the final decision to approve or deny your enquiry, or affect the service provided.
The logic involved in determining the result is as follows:
User ranking by usage streaks.
Positive consequences: Motivational factors.
Negative consequences: Sharing users’ usage streaks with other users (under a pseudonym).
However, you will have the right not to be subject to a decision based solely on automated processing, including profiling, that has legal effects on you or significantly affects you in a similar way.
FURTHER DATA PROCESSING FOR DIFFERENT PURPOSE
The Company will not process your personal data for a different purpose that was collected for.
However, in case that the Company has the intention to use your personal data for another purpose, we will contact you, prior to further processing, to provide the information on that other purpose and with any relevant further information.
SECURITY OF YOUR PERSONAL DATA
The security measures adopted by Focus Bear are those required, in accordance with the provisions of Article 32 of the GDPR.
The Company, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of the processing, as well as the risks of varying probability and severity for the rights and freedoms of individuals physical, has established the appropriate technical and organizational measures to guarantee the level of security appropriate to the existing risk.
The Company has sufficient mechanisms implemented to:
Ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services.
Restore availability and access to personal data quickly, in the event of a physical or technical incident.
Verify, evaluate and assess, on a regular basis, the effectiveness of the technical and organizational measures implemented to guarantee the security of the data processing.
These Technical and Organisational measures are available for consultation by the Judicial and Supervisory Authorities, and are under continuous review and audits in data protection and privacy.
CHANGES IN THE PRIVACY POLICY
Focus Bear reserves the right to modify this Privacy Policy to adapt it to legislative or jurisprudential developments, as well as industry practices.
These policies will be in force until they are modified by others duly published.