Privacy Policy

Privacy policy

Updated as of: 24/05/2018
Privacy Policy
365 Careers Ltd.

1. Introduction

 

365 Data Science (and its parent company 365 Careers Ltd.) provides a learning platform for website visitors who are interested in the field of data science. At 365 Data Science the privacy and security of our customers, respondents and visitors are of paramount importance. 365 Data Science is committed to protecting the data you share with us. This privacy policy explains how 365 Data Science processes information that can be used to directly or indirectly identify an individual (“Personal Data”) collected through use of its website and platform.

Any information stored on 365 Data Science’s platform is treated as confidential. All information is stored securely and is accessed by authorized personnel only. Our team implements and maintains appropriate technical, security and organisational measures to protect Personal Data against unauthorized or unlawful processing and use, and against accidental loss, destruction, damage, theft or disclosure.

2. Collection and use of information


2.1. General

The following sections cover the specifics of each of the three groups from which data is collected: website visitors and course subscribers.

2.2. What personal information do we collect from the people that visit our website?

When subscribing to our newsletter, you may be asked to enter your name and email address.

2.3. When do we collect information?

We collect information from you when you visit our website or subscribe to our newsletter.

2.4 Website Visitors

If you are a Visitor to our website only, and not a person taking our courses on Teachable (https://teachable.com), then this section is relevant for you.

By visiting this website, you consent to the collection and use of your Personal Data as described herein. If you do not agree with the terms set out herein, please do not visit this website. If required by applicable law, we will seek your explicit consent to process Personal Data collected on this website or volunteered by you. Kindly note that any consent will be entirely voluntary. However, if you do not grant the requested consent to the processing of your Personal Data, the use of this website may not be possible.

365 Data Science may collect, record and analyze information of Visitors to its website. We may record your IP address and use cookies. 365 Data Science may add information collected by way of pageview activity. Furthermore, 365 Data Science may collect and process any Personal Data that you volunteer to us in our website’s forms, such as when you register for events or sign up for information and newsletters. If you provide 365 Data Science with your social media details, 365 Data Science may retrieve publicly available information about you from social media.

Such Personal Data may comprise your IP address, first and last name, your postal and email address, your telephone number, your job title, data for social networks, your areas of interest, interest in 365 Data Science products, and certain information about the company you are working for (company name and address), as well as information as to the type of relationship that exists between 365 Data Science and yourself.

365 Data Science gathers data about visits to the website, including but not restricted to numbers of Visitors and visits, Geo-location data, length of time spent on the site, pages clicked on or where Visitors have come.

Thank you for choosing to learn with our site (www.365datascience.com). Your personal information is important to us, and we are committed to keeping it safe and disclosing transparently everything we do with it.

2.4.1 Purpose of processing personal data

365 Data Science uses the collected data to communicate with Visitors, to customize content for Visitors, to show ads on other websites to Visitors, to follow-up after correspondence (live chat and email), and to improve its website by analyzing how Visitors navigate its website.

2.4.2 Sharing personal data

365 Data Science does not share your personal information with anyone else.

2.4.3 Cookies

Cookies are small pieces of information sent by a website to a Visitor’s hard disk. Cookies cannot be used to run programs or deliver viruses to your computer. By continuing to visit the website, you agree to the placement of cookies on your device. If you choose not to accept our cookies, we cannot guarantee that your experience will be as fulfilling as it would otherwise be. The use of cookies is widespread and benefits the surfer. For further information, see 365 Data Science’s Cookie Policy.

2.4.4 Links to other sites

Please be aware that while visiting our site, Visitors can follow links to other sites that are beyond our sphere of influence. 365 Data Science is not responsible for the content or privacy policy of these other sites.

2.5 Course subscribers

Currently, 365 Data Science’s courses are hosted on Teachable (Teachable Inc.), which is one of the largest MOOC platforms enabling authors to create and sell online courses. As constructed, 365 Data Science’s website (365datascience.com) has direct links to Teachable’s (teachable.com) gateway for registration and payment processing. The product 365 Data Science provides to its course subscribers has been created by the 365 Data Science team. Teachable is the environment where course subscribers can access our paid content. The links from our website will direct you to Teachable’s gateway. All of the information and potential payments collected after you leave our website are processed through Teachable.

Please be aware that Teachable have established their own terms of use and privacy policies. You are encouraged to read those documents as we have no control over their provisions and said documents may differ greatly from our terms and privacy policy.

2.6 Compliance with the GDPR

For Users with accounts located in 365 Data Science’s European Data Region, all processing of Personal Data is performed in accordance with privacy rights and regulations following the EU Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 (the Directive), and the implementations of the Directive in local legislation. From May 25th, 2018, the Directive and local legislation based on the Directive will be replaced by the Regulations (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data, known as the General Data Protection Regulation (GDPR), and 365 Data Science’s processing will take place in accordance with the GDPR.

2.7 Data processing in the EEA

365 Data Science processes Personal Data as a Processor, as defined in the Directive and the GDPR. All user data collected by 365 Data Science will be stored through third party entities compliant with the GDPR and certified with a Privacy Shield. 365 Data Science has chosen the services of entities who have ensured compliance with the Directive. All hosting is performed in accordance with the highest security regulations. All transfers of data internally in the EEA is done in accordance with this data processing agreement.

2.8. How do we protect your information?

We do not use vulnerability scanning and/or scanning to PCI and GDPR standards. An external PCI compliant payment gateway handles all CC transactions. We use regular Malware Scanning.

Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.

We implement a variety of security measures when a user enters, submits, or accesses their information to maintain the safety of your personal information.

All transactions are processed through a gateway provider and are not stored or processed on our servers.

2.9 Physical storage of data

We do not keep physical records of users’ Personal Information in any form.

2.10. California Online Privacy Protection Act

CalOPPA is the first state law in the USA to require commercial websites and online services to post a privacy policy. The law’s reach stretches well beyond California to require any person or company in the United States (and conceivably the world) that operates websites collecting Personally Identifiable Information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals or companies with whom it is being shared.

See more at: http://consumercal.org/california-online-privacy-protection-act-caloppa/#sthash.0FdRbT51.dpuf

2.10.1. According to CalOPPA, we agree to the following:

Users can visit our site anonymously.

Once this privacy policy is created, we will add a link to it on our home page or as a minimum, on the first significant page after entering our website.

Our Privacy Policy link includes the word ‘Privacy’ and can easily be found on the page specified above.

You will be notified of any Privacy Policy changes:

  • On our Privacy Policy Page
  • By receiving an email

Can change your personal information by emailing us.

2.11. How does our site handle Do Not Track signals?

We honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.

2.12. Does our site allow third-party behavioral tracking?

It’s also important to note that we allow third-party behavioral tracking.

2.13. COPPA (Children Online Privacy Protection Act)

When it comes to the collection of personal information from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.

We do not specifically market to children under the age of 13 years old.

Do we let third-parties, including ad networks or plug-ins collect PII from children under 13?

2.14. Fair Information Practices

The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.

In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:
We will notify you via email within 7 business days.

We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.


3. Retention and deletion

365 Data Science will not retain data longer than is necessary to fulfil the purposes for which it was collected or as required by applicable laws or regulations. When a user’s account is terminated or expired, all Personal Data collected through the platform will be deleted, as required by applicable law.

All of 365 Data Science’s e-mail subscribers have the option to unsubscribe from our services through an “unsubscribe” button.


4. Your rights

You may request from us confirmation as to whether or not your personal data is being processed by us, a copy of your personal data and/or to correct it. In certain circumstances, you have the right to require us to erase your personal data or, based on the right to portability, to ask us to transfer some of your personal data to you or to other entities. You also have rights to object to some processing of your personal data (for example, to the use of processing for direct marketing purposes or to certain decisions made solely by automated processing (including profiling). Where we have asked for your consent to process your personal data, you have the right to withdraw this consent without having negative impacts on you. Where we process your personal data because we have a legitimate interest in doing so (as explained above), you also have a right to object to this. You also have the right to restrict processing of your personal data in certain circumstances.

Please note that your rights described above may be limited in some situations and are subject to applicable data protection laws and regulations; for example, your right to object to the processing of your personal data may be limited where we can demonstrate that we have compelling legitimate grounds to process your personal data that may override your interests. You will need to verify your identity and provide us with other details to help us to respond to your request. We will not charge a fee in responding to your request unless permitted by law, and, where such fee is charged, it will be reasonable and proportionate to your request. If you wish to exercise these rights, please contact us via the contacts mentioned below. We hope that we can satisfy any queries that you may have about the way we process your personal data. However, you also have the right to complain to the relevant data protection authorities. You can bring the complaint in the Member State where you reside, where you work or where the alleged infringement of data protection law occurred.

Article 13 Information to be provided where personal data are collected from the data subject

4.1. Where personal data relating to a data subject are collected from the data subject, the controller shall, at the time when personal data are obtained, provide the data subject with all of the following information:

(a) the identity and the contact details of the controller and, where applicable, of the controller’s representative;

(b) the contact details of the data protection officer, where applicable;

(c) the purposes of the processing for which the personal data are intended as well as the legal basis for the processing;

(d) where the processing is based on point (f) of Article 6(1), the legitimate interests pursued by the controller or by a third party;

(e) the recipients or categories of recipients of the personal data, if any;

(f) where applicable, the fact that the controller intends to transfer personal data to a third country or international organisation and the existence or absence of an adequacy decision by the Commission, or in the case of transfers referred to in Article 46 or 47, or the second subparagraph of Article 49(1), reference to the appropriate or suitable safeguards and the means by which to obtain a copy of them or where they have been made available.

4.2. In addition to the information referred to in paragraph 1, the controller shall, at the time when personal data are obtained, provide the data subject with the following further information necessary to ensure fair and transparent processing:

(a) the period for which the personal data will be stored, or if that is not possible, the criteria used to determine that period;

(b) the existence of the right to request from the controller access to and rectification or erasure of personal data or restriction of processing concerning the data subject or to object to processing as well as the right to data portability;

(c) where the processing is based on point (a) of Article 6(1) or point (a) of Article 9(2), the existence of the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal;

(d) the right to lodge a complaint with a supervisory authority;

(e) whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether the data subject is obliged to provide the personal data and of the possible consequences of failure to provide such data;

(f) the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

4.3. Where the controller intends to further process the personal data for a purpose other than that for which the personal data were collected, the controller shall provide the data subject prior to that further processing with information on that other purpose and with any relevant further information as referred to in paragraph 2.

4.4. Paragraphs 1, 2 and 3 shall not apply where and insofar as the data subject already has the information.


5. Acceptance of these Conditions

We assume that all Visitors of our website (365datascience.com), have carefully read this document and agree to its contents. If someone does not agree with this privacy policy, they should refrain from using our website and platform. We reserve the right to change our privacy policy as necessity dictates. Continued use of 365 Data Science’s website and platform after having been informed of any such changes to these conditions implies acceptance of the revised privacy policy. This privacy policy is an integral part of 365 Data Science’s terms of use.

 

6. 365 Data Science’s Data Protection Officer

365 Data Science has a “Data Protection Officer” who is responsible for matters relating to privacy and data protection. This Data Protection Officer can be reached at the following address:

365 Data Science
Attn: Data Protection Officer
Hristo Belchev 1
Sofia 1000
Bulgaria
dataprotectionofficer@365datascience.com