DATA USAGE POLICY
This privacy policy is designed to describe how we approach your privacy as an internet user interacting with websites that have implemented our technology.
1. GENERAL INFORMATION
We are a marketing company that provides permission-based communication services to companies in various industries. Our role is to provide companies with an effective tool to send relevant messages related to their products or services via email or SMS. Our messages are personalized, meaning they are based on information from your previous online activity with a company to which you have previously given consent to communicate via email or SMS. Our messages are related to purchase history, items placed in the cart, and/or products viewed on the company’s website, to which you have previously given communication consent.
To deliver personalized messages, we process certain information related to your online activity, which helps us understand your current shopping interests and allows us to display messages and analyze how they work. While doing so, we aim to ensure the highest level of privacy protection and transparency. We strictly comply with all applicable privacy laws, particularly the EU General Data Protection Regulation (GDPR), as well as best practices in digital marketing.
2. HOW WE COLLECT DATA
To collect your data, we use cookies, which are text files placed in your web browser when you visit websites or applications of companies. They allow us to record certain activities you engage in on those websites or applications.
We operate under the domain analytics.7w.ro and/or pa.7w.ro while providing our services. We store three cookies under this domain: a unique ID for the browser you are using, the lifespan of the cookie, and the data of the last access.
3. WHAT DATA WE PROCESS
We process the following three main groups of data:
(a) Information related to your browsing activity on companies’ websites or applications - this helps us understand what kinds of products and services interest you, and consequently, determine which messages should be displayed to match your current shopping interests. We process this data on behalf of the companies for which we implement email or SMS communication processes, specifically for the purpose of creating user profiles.
(b) Information that you enter on the company’s website or application. We process this data on behalf of the companies for which we implement email or SMS communication processes, specifically for the purpose of creating user profiles.
(c) Information regarding interaction with the messages sent (e.g., whether you opened the received emails, clicked on a link). We process this information as a data controller to determine relevant messages, for ad measurement, and product development.
You can find a complete list of categories of data we process as a data controller in our GDPR privacy notice (see section 5 below).
4. HOW WE USE YOUR DATA
While visiting a company’s website or application (e.g., an online store), we collect certain information related to your activity, such as items you viewed, added to the cart, and purchased. These browsing patterns on the company’s website or application help us understand what kinds of products and services interest you currently and allow us to send you certain messages that we consider to be in line with these interests.
For example, if you recently visited our client’s online store looking for running shoes, we may send you a message with the same running shoes you saw there and similar running shoes or complementary products, such as running apparel offered by that company.
Moreover, we do not use your browsing data from a company’s website in relation to another company. This means that browsing activity from a company’s website or application does not affect the messages from other companies. For instance, if you searched for swimming gear in an electronic store of our client "A," this information will be used strictly for client A.
We use the information related to sent messages and interactions with them to analyze how our messages work, create statistical reports for the client company regarding the delivery of their messages, subsequently for attribution and billing purposes. We also process this data to control the frequency of messages displayed to you (frequency capping) and for product development purposes.
Our platform is integrated with companies’ websites through matching our technical identifiers, e.g., cookie IDs. This allows us to consolidate the collected data and associate it with an identifiable user via an email address or phone number provided through a form on the client company’s website.
We do not purchase data from third-party data providers for the purpose of optimizing services, nor do we sell the data we process to third parties.
5. PROCESSING PERSONAL DATA (GDPR)
The data we collect online is considered by GDPR as online identifiers and falls into the category of pseudonymous data. This data is associated with personal identification data (email/phone number) to enable individual communications via email/SMS. Therefore, in cases where GDPR applies to our services, we ensure compliance with all the requirements set by this regulation.
We have also appointed a Data Protection Officer, whom you can contact if you have any further questions. They can be reached at dpo@whiteimage.ro.
As mentioned above, the data we use to provide services is processed only as a data processor, meaning on behalf of the companies.
6. DATA SECURITY MEASURES
We have implemented organizational and technical measures to ensure an adequate level of security for your data. We have carried out procedures for every aspect of data processing and carefully select the technologies used for such processing and any data recipients.
Your data is protected against human interactions, equipment failures, internal or external attacks, loss, or misuse. We store it in top-tier multi-tenant data centers operated by market-leading companies with appropriate data security certifications (especially ISO 27001). To ensure the confidentiality and continuous availability of your data, we use backup mechanisms.
We constantly monitor the security measures implemented and continuously develop awareness and knowledge about privacy and personal data protection within our company.