''Non-personal Information'' is the first type of data which is information that is non-identifiable and anonymous in nature therefore the Users real identity is not known to us. Any unconcealed information available to us when a User uses the service or the websites is Non-Personal Information. Non-personal information gathered by us includes information technical or behavioural in nature. This may consist of the Internet protocol (IP) address of the User, the Users uniform resource locators (URL), browser type/version, operating system, 'click-flow of the User on the Website and Services, any plug-ins, settings regarding time zone, screen resolution and other behavioural information collect to understand User's usage patterns of the service.
Unlike social media websites, e-commerce or payment sites, the Personal Information we generally collect is basic in nature due to the nature of the Service we offer:
typically attained by us through your use of the service will consist of personal details provided by a customer consciously and voluntarily including the Customer's administrator and End Users. This may include your name (first and last), birth date, gender, job title, phone number(s), the department you work in, country, city, work email address, IP address and other unique identifiers, including other information you may choose to provide to Us.
We do not track or ask for your location when downloading our mobile apps. However, tracking location-based information from your mobile is done only during the use of some of our mobile Apps that require it to deliver features as needed for successful use of the service. The contractual obligation we have to perform the services to you is the GDPR legal basis for processing this information
If you apply for a job through the Sites, you may provide Us with your location information and this is used to offer relevant jobs available in your region. Your consent is The GDPR legal basis for processing this information.
When you express an interest in obtaining additional information about us, our Services, the Site, or Mobile Apps, we may ask you to provide personal contact information, (eg. name, email, phone number, company name, country). The above information is used to communicate with you by providing a response to any of your requests, questions and comments. The legitimate interest in answering your questions and communicating with you is the GDPR legal basis for processing this information.
Access to your device's camera and photo storage may be requested by us while using the Mobile Apps. This enables you to take and upload pictures in conjunction with use of the service and the data is only used in the ways you choose. You may revoke access anytime. We do not access your device's camera and/or photos without your permission. To better understand the functionality of our Mobile Apps on your phone we use mobile analytics software that may record how often the application is used by you, aggregated usage, performance data, actions use undertake within the application or any such information for us to improve the app. Any personal information you submit within the Mobile Apps and the information we store within the usage or performance analytics is not linked by us. In addition, we may collect hardware usage statistics, operating system, versions, etc. The contractual obligation to you to perform the Services is the GDPR legal basis for processing this information.
As a service provider we only collect information as per the Customer's need. Our agreements governs any access, delivery and use of our Mobile Apps, website and Service, including personal collected by us. The Customer has total control over the platform and associated data. For any questions you have about the service, settings or personal information or privacy practices, please contact the Customer's administrator of the wfx service you use. Customer data is only used by us in accordance with the Customer's instructions, applicable terms in our Agreements, Customer's use of the Service's and as required by any applicable law. Under applicable GDPR, World Fashion Exchange is a processor of Customer Data and the Customer is the controller.
Information Shared with Our Service Providers.
We may share your information with any third parties who provide us with services we need. These third parties will be authorized to use your personal information only to the extent which is deemed necessary to provide services to us. These third party services may include but not limited to (A) customer support or service (B) cloud computing infrastructure (C) mapping services (D) email services for marketing communications etc.
Our "Sub-Contractors" are entities and people we contract and employ that perform specific tasks for us, for example, an email service provider who sends emails for us, customer support providers, mapping service providers. In order to provide services to you, we may need at times to share personal information with our Sub-contractors. Unless we mention otherwise, our Sub-contractors do not have any right to use Personal Information and we only share what is necessary to assist us.
In particular situations, we may have to disclose personal information as a response to a lawful request by public authorities, including to meet requirements for national security or law enforcement. We also have the right to access, read, preserve and disclose any information that we understandably believe is essential to
To ensure that all the information security risks pertaining to customer data, and internal company data associated with its operations while providing the products & services to the customers are identified, analyzed, evaluated, and treated and all applicable requirements (legal/ others) related to information security of data are in compliance.
To protect our Information Assets and data from all kinds of threats and vulnerabilities, whether internal or external, deliberate or accidental, taking into consideration the cost-effectiveness and suitability of the counter measures being deployed.
To continually improve our established information security management system by preserving the Confidentiality, Integrity & Availability of business-related information, and to minimize business damage by preventing or minimizing the impact of information security & privacy incidents.
The policy shall be reviewed at periodic intervals (Half Yearly) - to check for its effectiveness and applicability, changes in technology, changes in Risk Levels that may have an impact on Confidentiality, Integrity, Availability of data, and legal & contractual requirements.
Customers can contact us and request information concerning the storage and retention of data (“Audit”) We shall make reasonable efforts to respond to the in a reasonable time and subject to applicable law and to the protection of World Fashion Exchange's trade secrets.
WFX will continue to keep possession of data on behalf of Customers as is required to provide the Service to Customers, enforce its agreements and resolve disputes. Because of system continuity purposes, the data is backed up via a data backup policy.
Each user is responsible for all their data. Any deletion of data any or incorrect data or any database breach is not the responsibility of WFX unless contrarily agreed with Customer.
If a Customer chooses to discontinue the service, upon termination of the service by customer and fulfilling all obligations as per our agreements, Customer data will be permanently deleted.
Personal information and other data about an end-user might be retained by the customer which is owned by the controller (Customer or the Customer's administrator) and the end-user might not have access to it. Any question regarding this data should be raised directly by you to the customer if it pertains to the right to retain and process your personal information. You hereby agree not to assert any claim against World Fashion Exchange or its' affiliates in this regard and waive any rights regarding such Data and Personal Information including the right to view and control such Data and Information.
While all Customer data will be deleted, some data not be deleted will be kept in an anonymized manner. We collect and retains metadata and statistical information concerning the use of the Service which is not subjected to the deletion procedures in this policy and may be retained for no more time than required. Any of our third-party service providers may retain some of your data in accordance with their retention policies. Any of your metadata or statistical information that is retained by the third-party service providers, will not be identifiable.
Anonymized aggregated data may be retained by World Fashion Exchange for as long it is required to provide its services. Contracts and billing information may be retained as required by World Fashion Exchange for at least 5 years from termination or expiration of the relationship with the Customer or entity.
The data collected is typically stored on AWS (Amazon Web Services) or at another infrastructure provider. They provide advanced security features and are compliant with ISO 27001 standards.
In providing your Personal Information to us, your Personal Information will be sent to any location which enables us to successfully provide a reliable services (Singapore, US , India, Ireland, Hong Kong etc). Any European Union data protection law that is applicable will be adhered to and laws regarding the transfer of personal information from European Union territory to any other Non-EU territory will be strictly followed.
We take great care in implementing, enforcing and maintaining the security of the service and the personal information of our Users. We have security policies that are maintained, implemented and enforced in regards to prevention of unauthorized or accidental access, or destruction, loss, modification, use or disclosure of personal data and compliance of such policies are monitored on an ongoing basis by our internal security and infrastructure team.
World Fashion Exchange shall act in accordance with its policies to promptly notify Customer in the event that any personal data processed by us on behalf of a Customer is lost, stolen, or in case of any unauthorized access to it, subject to applicable law and instructions from any agency or authority. Furthermore, in case of any breach The company will cooperate with the customer regarding the investigation and remedying of any such security breach. In the event of a security breach that involves any form of Personal Information, we would promptly take remedial measures not limited to but including measures to restore the security of the Personal Information and limit unauthorized or illegal dissemination of the Personal Information or any part thereof.
World Fashion Exchange maintains documentation regarding compliance with the requirements of the law, including without limitation documentation of any known breaches and we hold reasonable insurance policies with respect to data security.
We do not take responsibility for the operation, privacy policies or the content of any links to external sites that may be found from time to time in the service.
If we are storing your personal information, you will have the subsequent rights to your information on the basis of the services and your region.
In the event that you have provided Personal Information to Us, on our website or we will provide you with information about whether we actually hold any of your Personal Information. Contact Us at email@example.com regarding the requests for the access, correction and deletion of any personal information. You can expect a response from us within a reasonable timeframe.
When acting as a service provider of our Customer, WFX has no direct relationship with the individuals whose Personal Information is provided through the Services so any request should be directed at the Customer’s administrator who is the controller of such data.
Regarding your personal information we directly collected from you and that we control, you have the following rights if you are located in the European Economic Area ("EEA").
You may request details of any personal information we may hold of you. Along with a confirmation on whether we are processing your personal information, there will be a disclosure about additional information such as the types of personal information, source of origin, the purpose and safeguards concerning the data transfer to non-EEA countries and the expected retention period, subject to the limitations set out in applicable laws and regulations.
You may request correction of any of your personal information we hold, subject to verification of the accuracy of the newly supplied information.
Your personal information will be deleted by us at your request provided that:
We will restrict processing your Personal Information at your request if
We may continue to store your Personal Information to the extent required to ensure that your request to restrict processing is respected going forward.
We will provide you with a structured, commonly used and machine-readable format of your personal information, free of charge at your request provided that
Where we rely based on our legitimate interests (or the legitimate interests of a third party) to process your Personal Information, If you feel the processing of the information impacts your rights and freedoms or on the grounds of your particular situation, you have the right to object to it. Unless we have compelling and a legitimate ground that processing your personal information will supersede your rights and freedoms, or the processing of the information is in connection with the establishment, to exercise or defend legal claims, we will comply. Any objection to the processing of personal information for direct marketing purposes will be complied with.
You will not be subjected to decisions based solely on the automated processing of your Personal Information that have a legal or significant effect (which includes profiling) unless we have been given your consent or is necessary in order to fulfil a contract with us.
You have the right to withdraw any consent you may have given us in the past at any time. We might need to ask for certain identifying information in order to ensure security of your Personal data if you wish to exercise your right to withdraw consent. Please contact us at firstname.lastname@example.org if you wish to exercise any of the above mention rights. You can expect a response within 30 days or we will provide reasons for any delay.
If you exercise any of your rights usually a fee is not charged. Although, a fee is chargeable in case your request is unfounded or excessive, for example, because of its repetitive character and reasonable related administrative costs in complying with your request will be charged. In case we refuse your request, the relevant reasons will be notified to you.
Last Revised: November 10, 2021