Huge Media takes care of the privacy of its visitors and users and is wholly devoted to the protection of your personal data and their correct usage in accordance with the data protection laws. Huge Media’s management, as well as its employees and externally engaged associates are obliged to safeguard all data which are the property of Huge Media and all data which are used in providing services and are ownership of our clients.
The way we conduct business is in accordance with the GDPR (General Data Protection Regulation) requirements, which was enacted as a law by the European Parliament and has as an objective to return control over personal data to those whose data is collected and to simplify the regulatory environments for international transactions by uniting the regulations within EU.
The way we conduct business is also in accordance with the requirements of the EU-U.S. PRIVACY SHIELD Document.
The way we conduct business is also in accordance with the requirements of the laws and regulations of the Republic of Serbia which regulate this field.
Huge Media takes care of the privacy of its visitors and users and we are fully devoted to the protection of their personal data and correct usage in accordance with the data protection laws.
Data security in Huge Media is based on:
- Data security policies for the employees and externally engaged associates,
- Organizing data security through internal organizing and ensuring security during the usage of the employees’ own devices, remote work and the usage of mobile devices.
- Security of human resources from the point of view of data security, through checking the candidates before employing them, the introduction of data security through education and training during employment and defined responsibilities after the termination of employment,
- Responsibility for data, the classification of the importance of data and treating external associates,
- Control of network access and network services, managing the users’ access, users’ responsibilities, control of system and applications’ access, as well as cryptograph controls,
- Physical security and work environment security and equipment protection,
- Functional security and the security of communications,
- Relationships with the suppliers from the point of view of data security,
- Incident management from the point of view of data security,
- Management from the point of view of business continuity,
- Accordance with the law and agreement obligations.
DIGITAL MARKETING is our main business. We store all data which are used within our providing DIGITAL MARKETING services on a Google Drive server, a Mail Chimp database when regarding the subscribers for receiving our official newsletters, on Google Analytics servers when a visit to our web locations is the issue, on social networks’ servers (Facebook, Instagram and others), as well as on servers which ensure the functioning and distribution of our web locations.
We observe all laws of the Republic of Serbia completely, including those regarding data protection, that is, the GDPR and EU-U.S. PRIVACY SHIELD requirements. We cooperate with the Office of the Commissioner, help our clients to always have their databases in accord with the laws of the Republic of Serbia and we apply the same rules to ourselves.
For all those who want to delete their data from our databases, we have enabled them to do so by sending us an e-mail to this address: firstname.lastname@example.org.
Data security is an obligation of all employees and externally engaged associates.
Please, read this policy and make sure you have completely understood it.
This policy describes our actions – which data about our visitiors and users we collect, how we collect data, what we do with them, how we protect them as well as what your rights regarding data are.
3. Which data do we collect?
We collect two types of data: personal data (which can be used for a unique identification of natural persons - “data subjects”) and non-personal data (which do not identify data subjects).
We collect data relating to our visitors, visitors of our web locations, our clients’ users,
job applicants, which are:
- Unidentified data relating to the visitors or unidentified users, which can be available for us or are gathered automatically. Such non-personal data do not enable us to identify the visitors or users from whom the data are collected. The data we collect are mainly consisted of technical and collective data about service usage, such as the review of the visitors of web location, the review of service users, the “clickstream” activity and others.
- Individual data, that is, the data which identifies a data subject or could lead to the identification of a data subject using reasonable effort, or could be private or of sensitive nature (“personal data”). Personal data which we collect are mainly consisted of contact information (e.g. e-mail address). In order to avoid suspicion, every non-personal datum connected with personal data is considered and treated as personal data from our side. We also collect data given to us from potential candidates when they apply to any open position published on Huge Media’s website or when they register in some other way. Persons under age 18 are not permitted to use our services. No one under age 18 should give us any kind of personal data through any of our services. We do not collect personal data from persons under age 18, and we ask all parents or guardians to watch over their children’s activities at every moment and to explain to them the importance of not giving their personal data to anyone.
4.How do we collect data?
There are two main methods which we use in collecting data:
- We receive data from our clients to whom we provide services of direct marketing and to whom you have given data voluntarily. You submit these data to our clients, for example, when you directly register for their services, or through the services of a third party, such as Facebook or Google and/or when you directly contact them via any channel of communication. We have signed NDAs (Non-disclosure agreements) regarding the safeguarding of data with our clients, and the exact procedure of receiving, processing and erasing of data is described in the business procedures of Huge Media.
- We also collect data when you visit our website or use our services, including browsing web pages. In that case, the data is collected, that is, a recording of using services and websites is been made (independently or with the help of independent services), including the usage of “cookies” and other monitoring technologies, as it is described in detail in the following.
- We also collect data from third parties, as it is described in the following.
5. Why do we collect data?
All non-personal and personal data are collected for the following purposes:
- In order to ensure providing our services and managing this providing;
- In order to further develop, adapt and improve our services, on the basis of mutual or individual affinities of the visitors and users, their experiences and difficulties;
- To provide our users with continual data;
- So that we could contact our visitors and users with general or personalized notifications and promotional notice regarding the services;
- To collect and statistically process data through non-personal data which we or our business partners may use for providing and improving adequate services;
- To improve our capabilities of data protection and prevent fraud;
- In order to observe the laws of the countries on which territories we do business.
We use your personal data only for the purposes quoted in this policy whereby we are convinced that usage of your data is necessary in order to:
- Observe corresponding law and regulatory obligations which we have,
- Support legitimate interests we have in doing business – to maintain and improve our services by indentifying the users’ trends and effectiveness of campaigns. All this is done provided that at every moment, it is conducted in a way which is appropriate and respects your privacy rights.
6. Where do we store your data?
We store the data we possess on Huge Media’s infrastructure, which is located in a physically safe environment. All data are organizationally and technically protected according to the standard requirements of GDPR, EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework. Because of the nature of our work, we keep our databases on Google Drive, Google Analytics servers, Facebook servers, MailChimp servers and servers of other companies (mainly social networks) with whom we do business and which enable us to provide digital marketing services or provide the functioning and distribution of our web locations (hosting server, Play Store server, App Store server and others).
The service providers who process your personal data on Huge Media’s behalf are obliged to safeguard and secure your data in accordance with NDA requirements. In other cases, we do business with companies which determine the terms of safeguarding and usage of data, owing to their size and effect on digital marketing, and have their own Privacy Policies in accordance with GDPR. We do not do business with any company unless this is the case.
Huge Media is responsible for the processing of personal data it receives.
Furthermore, Huge Media does business in accordance with the GDPR for all further transfers of personal data from EU, as well as data transfers to third countries when our activities are not within EU, including the regulations regarding responsibilities for additional transfers.
In some cases, Huge Media may be asked to reveal personal data as a response to legal requirements of state authorities, including the fulfillment of national security requirements and requirements for enforcing the law. Huge Media will do such only if local data protection regulations allow this.
On your request, Huge Media will provide you with information whether we are keeping any of your personal data. You may get informed with all data we have about you, rectify them or ask for deletion of your personal data by sending us an e-mail to: email@example.com. We shall respond to your request within the time limit specified by local regulations or within a reasonable time frame.
Please bear in mind that permanent deletion removes all of your data from Huge Media’s databases. After having done this process, you will not be able to use some of our services, your user account and all of its data will be permanently removed, and Huge Media will not be able to restore your user account nor take over your data in the future. If you contact our technical support at a future time, the system will not recognize your account.
If you have any dilemmas relating to keeping your data, please send us an e-mail to: firstname.lastname@example.org We shall reply to you as soon as possible.
7. Data we receive from our clients
Huge Media receives non-personal and personal data from its clients, who collect data from their users. For example, each of our users is able to import their contacts from other services such as Gmail or to collect them using their own users’ website. Such contacts can then be submitted to Huge Media.
In this case, Huge Media is regarded as “the processor”, and not “the controller” (since both of these terms are defined in the GDPR) of such client’s data. Clients who control or manage such users’ web locations are considered as “controllers” of such data considering their users and are responsible for the observance of all laws and regulations which can be applied on collecting and controlling of such data, including all data and privacy protection laws of all relevant jurisdictions.
Huge Media does not provide legal advice to its clients or users whose data have been submitted to Huge Media from its clients.
Huge Media is in permanent contact with its clients and, on a regular basis, we recommend those who collect data from their users to publish and maintain clear and comprehensive privacy policies on their users’ web locations in accordance with the laws and regulations in effect. We also recommend our clients to ensure that all users carefully read those guidelines and provide evidence that the users agree with them.
If you are a visitor or user of some of our clients, Huge Media states that:
- Huge Media does not have direct contact with individual clients’ users whose personal data it processes. If you are a visitor or user of some of our clients and you wish to submit any kind of requests or queries relating to your personal data, please, contact our clients directly.
- If you wish to access, rectify, alter or delete incorrect data which Huge Media processes on behalf of its clients, please, submit your request to our client to whom you have submitted these data (who is the “controller” of these data).
- If Huge Media is asked to remove personal data of a user, we shall respond to such a request as soon as possible.
8. Job applications
When Huge Media publishes job openings, the candidates are asked to send their contact details and his/her CV.
We understand that privacy and discretion are important for our applicants and we are focused on having the applications held in secrecy, that is, the sent data is used exclusively for Huge Media’s needs in order to hire employees (including candidate’s identification, assessment of their applications, decision making regarding hiring and contacting the applicant via phone or in writing). We use such data exclusively for employment in Huge Media.
Huge Media may retain an applicant’s data which have been submitted to it two years at the longest after the position has been filled or closed. This has been introduced in order to be able to reconsider the applications if a possibility of employment in Huge Media occurs.
If you have previously submitted your data to Huge Media, and now you would like to have an insight into them, update or delete them from Huge Media’s system, please send us an e-mail to: email@example.com.
9. Sharing personal data with third parties
Huge Media cooperates with many chosen service providers whose services and solutions complement, facilitate and improve our ones. These matters include hosting services, server services as well as networks for communication and content delivery, services of data recording, cyber security, web analytics, distribution and monitoring of e-mail, remote control services, measurement of web location's performances, data optimization and marketing services.
Within these services, third parties may receive or, in some other way, have access to personal data fully or partially – depending on each of their specific roles in facilitating and improving our services and business and may be used only for predefined purposes.
10. Application of law, legal requests and obligations of Huge Media
We may share data relating to our visitors, clients and clients’ users with different third parties, which includes authorities for the application of law.
When local data protection laws permit it, Huge Media may reveal or, in some other way, enable access to your personal data in accordance with a legal request such as a judicial warrant, judicial proceedings and search warrant or in accordance with some other laws in effect.
11. Social networks
Our services include some particular functions of social networks and applications, such as “Facebook Connect” or “Google Login”, the “Like” button, the “Share” button or some other interactive mini programs (social media functions). These social networks’ functions may collect data such as your IP address or the page you visit on our web location and may set a cookie in order to enable their proper functioning. Social networks’ functions are hosted by third parties or directly hosted on social networks’ servers. Your interactions with social networks’ functions are regulated by their policies.
12. Usage of cookies and other monitoring technologies
Huge Media, together with its partners for marketing, analytics and technology, uses particular monitoring technologies such as cookies, beacons, pixels, tags and scripts. These technologies are used in order to maintain, provide and improve services on a permanent basis and to enable better services to our clients and their users. For example, thanks to these technologies, we are able to respect users’ wishes, identify technical issues, users’ trends, the effectiveness of campaigns and monitor and improve the overall performances of our services.
Bear in mind that removing the cookies or disabling future cookies and monitoring technologies may prevent access to some particular areas or features of our services or will negatively affect your user experience in some other way.
Advertisements for particular services may be shown by advertising on some specific web locations, and the managing of advertising is done by software which is located on a totally different location. Some particular technologies of monitoring are sometimes used for advertising, in order to collect data about your activities and interests. These data are then sent to software for advertisement managing in order to provide you with targeted advertising based on your interests. You may chose not to receive such advertisements from particular advertisers and advertising networks by clicking, or refusing to click a clearly specified place during visiting web locations. Bear in mind that this does not mean that you will not receive any kind of advertisements, but your choice will be only relating to a specific advertising. You will continue to receive advertisements for which you have not made statements.
We may receive data about you from other sources, including publicly available databases, or a third party from which we have collected data, and combine these data with the data about you we already have. This helps us to update, extend and analyse our records, identify new buyers and provide goods and services which may be of interest to you. When we receive your personal data from our clients, we ensure that the agreement parties have obliged to have informed you that your personal data will be revealed to third parties and that they have your consent for this. We take steps in order to ensure the correctness of your personal data before we use them. If you give us personal data about somebody else, or if somebody gives us your data, we shall use it only for the purposes for which we have received data.
We do not change our practices in response to the “Do not Track” signal from the browser.
You may block, disable or in some other way manage the monitoring technologies by adjusting the browser or some other software solution by yourself, but bear in mind that this may negatively affect the way you receive our services.
13. Promotional messages
We may use your personal data to send you promotional contents and messages via email, text messages, direct text messages, marketing calls and similar forms of communication.
If you do not wish to receive such promotional messages or calls, you may inform Huge Media about this at any time or follow the instructions for cancelling included in promotional communications you receive.
We take steps to limit the promotional content we have sent to a reasonable and proportional level and to send you data we find interesting or important to you, on the basis of your data we have received.
14. Rights relating to your personal data
Huge Media has taken technical and organizational measures in order to ensure you insight, receiving copies, updating, alteration, deletion or limitation on using your personal data.
Before revealing the requested personal data, we may ask you for additional data in order to confirm your identity and for security reasons.
You have the right to lodge a complaint to your local supervisory authority for data protection, whereby we recommend you to contact us first.
If you wish to ask us for insight, to rectify your personal data we keep or wish to ask for a list of personal data (if any) which we have revealed to third parties for direct marketing purposes, please send us an e-mail to: firstname.lastname@example.org.
We shall make all reasonable efforts to process your request immediately.
15. Data retention limitations
We may retain your personal data (as well as data about our clients’ users) until your user account is active or if this is needed for providing our services.
We may continue to retain such personal data even after the deactivation of your user account and/or cessation of using particular services, for no longer than is reasonably necessary in order to observe legal obligations, to settle disputes with our clients or their users, primarily because of possible fraud and abuse.
When your personal data are not necessary any more, we shall ensure that they are safely deleted.
At Huge Media, security measures are implemented in such a way so that the data you share with us are protected and they include physical, technical and organizational measures. We monitor our systems on a regular basis because of possible vulnerabilities and attacks, and we seek for new ways and services from third parties regularly, in order to achieve further security improvement of our services and improvements in privacy protection of our visitors and users.
In spite of the measures Huge Media takes and the efforts it makes, we cannot and do not guarantee absolute protection and safeness of your personal data, data considering clients’ users or any other content we receive.
This is why we ask you to put strong passwords on your user account and user’s web location and to avoid submitting data which has some sensitive content and for which you consider that their revealing might cause significant or irreparable damage, to us or anyone else. We also encourage you not to share any personal data in any of these places.
If you have any questions regarding the security of our services, do not hesitate to contact us at: email@example.com.
17. Updating and interpretation
18. Contact us