’Personal information’ means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
For the purposes of this Policy, ‘Customer’, as the term is used here, refers to an individual or an entity that registers to use our Services.
Biyo is committed to protecting the privacy of the individuals on Biyo websites, mobile applications, products and services, (collectively, “Services”).
Customer Information, being personal information relating to our Customers (where applicable). We collect this information so that we can provide our Services to those Customers. For the purposes of GDPR in the European Union, we are the ‘data controller’ (where applicable) of this Customer Information and we collect and store it for the purposes of providing our Services to Customers and maintaining records and contact details relating to those Services and Customers. This policy sets out how Biyo process your information as a Customer.
Consumer information, being personal information relating to consumers with whom our Customers interact (such as consumers of their products or services) including their email address, phone number or other information.
Employee information, being personal information relating to employees of our Customers, including email address, phone number or other information.
What information we collect
We collect information about you when you provide it to us, when you use our Services. The ways we collect it can be broadly categorized into the following:
INFORMATION YOU DIRECTLY PROVIDE TO US:
Account and profile information. We collect following information about you when you register for an account, create or modify your profile, set preferences, sign-up for or make purchases through the Services:
Contact information such as name, email address and country
Profile information such as business phone number
Preferences information such as notification and marketing preferences
Operational data. We also store information you upload to or send through our Services, including:
Information about products and services the Customer sells (including inventory, pricing, sale, transaction, tax, and other data)
Information about the Customer or the Customer’s business (employees, consumers and suppliers)
Information you provide through our support channels. The Services also include customer support, where you may choose to submit information regarding a problem you are experiencing with a Service . Whether you designate yourself as a technical contact, speak to one of our representatives directly or otherwise engage with our support team, we may ask you to provide contact information, a summary of the problem you are experiencing, and any other documentation, screenshots or information that would be helpful in resolving the issue.
Payment Information: We collect certain payment and billing information when you subscribe for certain paid Services. For example, we ask you to designate a billing representative, including name and contact information. You might also provide payment information, such as payment card details, which we collect via secure payment processing services.
Other submissions. We ask for and collect personal information from you when you submit web forms on our websites or when you participate in any interactive features of our Services, participate in a survey, promotion, activity or event, request customer support, communicate with us via third party social media sites, or otherwise communicate with us.
INFORMATION WE COLLECT AUTOMATICALLY WHEN YOU USE THE SERVICES:
Analytics information. We collect analytics information when you use our Services to help us improve our products and services. We are always aiming to make Services a better experience for retailers and customers alike, and your information really helps us to do this! This analytics information consists of the function and feature of the Services being used, and the Customer’s username and IP address of the individual who is using the function or feature (which will include any personal information incorporated into the username), and other information needed to detail the operation of the function and the parts of the Services that are being affected.
Analytics information derived from operational data. Analytics information also consists of data we collect as a result of running queries against Operational Data across our user base for the purposes of generating Usage Data. “Usage Data” is aggregated data about a category or group of features, services, or users that is not of itself personal information. It is also data about our Customers and their business.
We may incidentally come across personal information when we compile Usage Data.
INFORMATION WE RECEIVE FROM OTHER SOURCES
We collect information from other sources, such as our business partners. We do not control, supervise or respond for how the third parties providing your information process your personal data, and any information request regarding the disclosure of your personal information to us should be directed to such third parties.
Legal justification for processing
We collect and process information about you only where we have legal bases for doing so under applicable EU laws. The legal bases depend on the Services you use and how you use them. This means we collect and use your information only where:
We need it to provide you the Services, including to operate the Services, provide customer support and personalized features and to protect the safety and security of the Services;
It satisfies a legitimate interest (which is not overridden by your data protection interests), such as for research and development, to market and promote the Services and to protect our legal rights and interests;
You give us consent to do so for a specific purpose; or
We need to process your data to comply with a legal obligation.
If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already taken place. Where we are using your information because we or a third party (e.g. your employer) have a legitimate interest to do so, you have the right to object to that use though, in some cases, this may mean no longer using the Services.
How we use your information
We are continually striving to improve Services. Being able to identify how retailers are using our product plays a big part in helping us to make our software better. We may use information about you for purposes such as:
Enabling you to access and use our Services
Displaying historical sale information
Sending you marketing, advertising, educational content and promotional messages and other information that may be of interest to you, including information about us, our Services, or general promotions for business partner campaigns and services. You can unsubscribe or opt-out from receiving these communications described below under “How You Can Protect Your Information”
In the case of retail stores, to share the name of the retail store with potential customers to encourage them to use our Services
Measuring, customising and improving the Services and developing new products
Sending to you service, support and administrative messages, reminders, technical notices, updates, security alerts and information requested by you
Investigating and preventing fraudulent transactions, unauthorised access to Services, and other illegal activities
With your consent: We use information about you where you have given us consent to do so for a specific purpose not listed above. For example, we may publish testimonials or featured customer stories to promote the Services, with your permission.
Where we need your personal information for any other purposes, it will be obvious from the circumstances as to the purposes for which we require that personal information from you.
Sharing & disclosure of your information
When you use the Services, we may share your information only as described below:
SERVICE PROVIDERS, BUSINESS PARTNERS AND OTHERS
We use and work with third party service providers and our trusted Business Partners to provide application development, hosting, website, infrastructure, maintenance, backup, payment processing, customer relationship management, marketing, accounting, human resources, business intelligence and analytics, data enrichment, customer support and other services for us. These service providers may have access to or process your information for the purpose of providing those services for us. Some of our pages use white-labelling techniques to serve content from our service providers while providing the look and feel of our site. Please note that you are providing your information to these third parties acting on behalf of Biyo These third parties are located in countries which may be outside of your location.
We also share your contact information with select trusted Business Partners, such as our partners who integrate with Services, to enable them to contact you about their services (as they relate to your Services). We also obtain contact information from select Business Partners to better understand your preferences and to deliver you more personalised marketing.
LINKS TO THIRD PARTY SITES
SOCIAL MEDIA WIDGETS
COMPLIANCE WITH LAWS AND PROTECTION OF RIGHTS
In certain situations, we may be required to use and disclose your information (including personal information) to a third party if we believe the disclosure is reasonably necessary:
To comply with any applicable law, legal process (for example, subpoenas and warrants) or governmental request
To protect the property, rights, and safety of Biyo, our Customers or the public from harm or illegal activities
For fraud prevention, risk assessment, investigation, customer support, product development or debugging purposes
To protect the rights, property or personal safety of Biyo, its users or members of the public
To establish or exercise our legal rights or defend ourselves against any third-party claims or allegations
NON-IDENTIFYING OR AGGREGATED DATA
We may share aggregated or other non-personal information that does not directly identify you with third parties in order to improve our Services.
Your Privacy Rights
Updating your Personal Information via the Services: You may access, change, or correct information about you by logging into your Biyo account at any time or by making a request to us using the contact details below, in which case we may need to verify your identity before granting access or otherwise changing or correcting your information.
ACCOUNT INFORMATION AND DEACTIVATING YOUR ACCOUNT
If you wish to deactivate your Biyo account, you may do so by emailing us using the contact details provided below.
OPTING OUT OF PROMOTIONAL COMMUNICATIONS
You may opt out of receiving promotional communications from Biyo by using the unsubscribe link within each email or contacting us via our home page or sales team. Even after you opt out from receiving promotional messages from us, you will continue to receive transactional messages from us regarding Services (e.g., account verification, purchase and billing confirmations and reminders, technical and security notices).
YOUR EUROPEAN PRIVACY RIGHTS
In addition to the rights listed above, you have rights to:
Information about the processing of your personal data;
Obtain access to the personal data held about you;
Request that personal data be erased when it’s no longer needed or if processing it is unlawful;
Object to the processing of your personal data for marketing purposes or on grounds relating to your particular situation;
Request the restriction of the processing of your personal data in specific cases;
Receive your personal data in a machine-readable format and send it to another controller (‘data portability’);
Request that decisions based on automated processing concerning you or significantly affecting you and based on your personal data are made by natural persons, not only by computers. You also have the right in this case to express your point of view and to contest the decision.
If you are an individual who interacts with a Customer using our Services – for instance if you’re an employee or consumer – that Customer is the controller of your information. If this is the case, please direct your data privacy request and questions to that controller, as your use of the Services is subject to that controller’s policies. We are not responsible for the privacy or security practices of such controllers, which may be different from this policy.
If you’re not happy with how we are processing your personal information, you have the right to complain to your local information protection authority. Your local data protection authority will be able to give you more information on how to submit a complaint.
You can request to exercise these rights by emailing [email protected]. We may need to verify your identity before granting access or otherwise changing or correcting your information.
COOKIES AND ADVERTISING
You may opt out of receiving cookies by instructing your browser to stop accepting cookies or to prompt you before accepting a cookie from websites you visit, by changing your browser options. Please read carefully our Cookies Policy.
You also can learn more about cookies by visiting www.allaboutcookies.org, which includes useful information on cookies and how to block cookies on different types of browsers and mobile devices.
Please note, however, that by blocking or deleting cookies used in Services, you may not be able to use all aspects of our Services.
Our global operations (including transfers of data from your home country to another)
To bring you Services, we operate globally. In order to do so, your personal information may be transferred to, and processed in countries other than the country you live in, outside of your home country, including to Germany and the United States. These countries may have laws different to what you’re used to. Rest assured, where we disclose personal data to a third party in another country, we put safeguards in place to ensure your personal data remains protected.
Specifically, Biyo hosts data with Amazon Web Services in the Germany. If you are a non-EU resident, this means that your personal information will be transferred to the Germany. The servers on which personal information is stored are kept in a controlled environment.
European Economic Area (EEA) users: This means that your information may be transferred outside of the EEA. Where your personal information is transferred outside the EEA, it will only be transferred to countries that have been deemed to provide adequate protection for EEA information (like US), or to a third party where we have approved transfer mechanisms in place to protect your personal information – i.e., by entering into the European Commission’s Standard Contractual Clauses, or by ensuring the entity is Privacy Shield certified.
How long we retain your information
We generally retain your information only as long as reasonably necessary to provide you the Services or to comply with applicable law.
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise it.
Children’s use of the services
Services are not directed to individuals under 16. We do not knowingly collect personal information from children under 16. If we become aware that a child under 16 has provided us with personal information, we will take steps to delete such information. If you become aware that a child has provided us with personal information, please contact us at the address listed below.
We have adopted technical, administrative and physical procedures to collect, manage, maintain and store information in a manner designed to help protect your information from loss, misuse, unauthorised access, and alteration. Unfortunately, no security system is impenetrable and due to the inherent nature of the Internet as an open global communications vehicle, we cannot guarantee that information, during transmission through the Internet or while stored on our systems or otherwise in our care, will be absolutely safe from intrusion by others, such as hackers.
Where data is transferred over the Internet as part of the Services, the data is encrypted using industry standard TLS (HTTPS).
Do You Have Questions?
Biyo Limited Liability Company
1027 Hudson Ave
Ridgefield, NJ 07657