Privacy Policy
1. Introduction
This privacy notice is for you if you visit our website at https://myicor.com/ or engage with us in any other way, including any sales, marketing, or events.
The data controller is Paperless Movement, S.L., which operates the myICOR platform and membership. We are committed to protecting your personal data and respecting your privacy. This privacy notice describes how we collect, use, and share your personal data and your rights in relation to the data we hold.
2. Contact Details
Paperless Movement, S.L.
Email: support@myicor.com
If you have any questions about this privacy notice or our data practices, please contact us using the details above.
3. What Data Do We Collect
We may collect, use, store, and transfer different kinds of personal data about you, which we have grouped together as follows:
Communication Data
This includes any communication that you send to us, whether through the contact form on our website, through email, social media, or any other communication channel. We process this data for the purposes of communicating with you, for record keeping, and for the establishment, pursuance, or defense of legal claims. The lawful ground for this processing is our legitimate interests, which are to reply to communications sent to us, to keep records, and to establish, pursue, or defend legal claims.
Customer Data
This includes data relating to any purchases of goods and/or services such as your name, title, billing address, delivery address, email address, phone number, contact details, purchase details, and card details. We process this data to supply the goods and/or services you have purchased and to keep records of such transactions. The lawful ground for this processing is the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract.
User Data
This includes data about how you use our website and any online services, together with any data that you post for publication on our website or through other online services. We process this data to operate our website and ensure relevant content is provided to you, to ensure the security of our website, to maintain backups of our website and/or databases, and to enable publication and administration of our website and other online services. The lawful ground for this processing is our legitimate interests, which are to enable us to properly administer our website and our business.
Technical Data
This includes data about your use of our website and online services such as your IP address, login data, browser details, time zone setting, operating system, and other technology on the devices you use to access our website. We process this data to analyze your use of our website and other online services, to administer and protect our business and website, to deliver relevant content and advertisements to you, and to understand the effectiveness of our advertising. The lawful ground for this processing is our legitimate interests, which are to enable us to properly administer our website and our business and to grow our business and inform our marketing strategy.
Marketing Data
This includes data about your preferences in receiving marketing from us and our third parties and your communication preferences. We process this data to enable you to partake in our promotions, to deliver relevant website content and advertisements to you, and to measure or understand the effectiveness of this advertising. The lawful ground for this processing is our legitimate interests, which are to study how customers use our products/services, to develop them, to grow our business, and to inform our marketing strategy.
4. Sensitive Data
We do not collect any sensitive data about you. Sensitive data refers to data that includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data. We do not collect any information about criminal convictions and offenses.
We do not carry out automated decision-making or profiling using your personal data.
5. How We Collect Your Data
We collect data about you through a variety of means including:
- Directly from you: when you fill in forms on our website, correspond with us by email, phone, or other means, purchase products or services, create an account, subscribe to our newsletter, or request marketing materials
- Through cookies: our website uses cookies and similar tracking technologies to collect data about your browsing activities. See our Cookies section below for more details.
- From third parties: we may receive data about you from third parties such as Google (analytics data), Mighty Networks (community platform data), and Active Campaign (email marketing data)
6. Marketing Communications
We may send you marketing communications where you have consented to receive such communications, or where we have another lawful basis for doing so (such as legitimate interests).
You can opt out of receiving marketing communications from us at any time by clicking the "unsubscribe" link in any marketing email, or by contacting us at support@myicor.com.
7. Disclosures of Your Personal Data
We may share your personal data with the following categories of recipients:
- To yourself, at your request
- Service providers who provide IT, system administration, payment processing, and other services to us
- Professional advisers including lawyers, bankers, auditors, and insurers
- Government bodies and regulatory authorities that require reporting of processing activities in certain circumstances
- Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets, including in the context of a merger, acquisition, or similar transaction
8. International Transfers
Some of our service providers are based outside the European Economic Area (EEA), so their processing of your personal data may involve a transfer of data outside the EEA.
Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by implementing appropriate safeguards, such as standard contractual clauses approved by the European Commission, or by relying on the EU-US Privacy Shield framework where applicable.
9. Data Security
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors, and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.
10. Passwords
You are responsible for keeping your password confidential. We ask you not to share your password with anyone. We are not responsible for any unauthorized access to your account that results from your failure to keep your password secure.
11. Data Retention
We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
For tax purposes, we are required to retain basic information about our customers (including contact, identity, financial, and transaction data) for a period of five (5) years after they cease being customers.
12. Your Legal Rights
Under certain circumstances, you have rights under data protection laws in relation to your personal data, including the right to:
- Request access to your personal data
- Request correction of your personal data
- Request erasure of your personal data
- Request restriction of processing of your personal data
- Request transfer of your personal data
- Object to processing of your personal data
- Right to data portability
- Right to withdraw consent at any time (where we are relying on consent to process your data)
If you wish to exercise any of the rights set out above, please contact us at support@myicor.com.
You also have the right to make a complaint at any time to the "Agencia Espanola de Proteccion de Datos" (AEPD), the Spanish supervisory authority for data protection issues.
13. Third-Party Links
Our website may include links to third-party websites, plug-ins, and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.
15. Assignment of Rights
The Company may assign or transfer its rights and obligations under this privacy notice without your prior consent. You may not assign or transfer your rights or obligations under this privacy notice without the Company's prior written consent.
16. Notification of Changes
We may update this privacy notice from time to time. We will notify you of any changes by posting the new privacy notice on this page and updating the "Last Updated" date. You are advised to review this privacy notice periodically for any changes.
17. Questions
If you have any questions about this privacy notice or our data practices, please contact us at support@myicor.com.