For the purposes of GDPR DRIM is the "controller", i.e. the person which determines the purposes and means of the processing of your personal data.
This Policy addresses to all natural persons which wish to contract with us or to establish a business relationship, Clients, Client’s ultimate beneficial owners/directors/shareholders/secretaries/authorized bank signatories/attorneys (attorneys appointed by virtue of powers of attorneys), and/or members of another legal entity and/or natural persons who have a business relationship with DRIM and/or with Clients of DRIM.
"Affiliates" shall mean any company or other business entity controlled by, controlling, or under common control with DRIM, either within or outside the European Economic Area.
“Client” or “Partner” shall mean a natural and/or legal person that using the system “DRIM”.
“Personal Data” means any information about you, that could identify you directly or indirectly, such as the personal information described in paragraph 3.1. below.
“Processing” means any operation or set of operations which is performed on Personal Data, by automated means or otherwise, including collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
“System “DRIM” means the software DRIM for the promotional activities.
“Advertiser” means natural or legal person that is registered in the system “DRIM” aimed to promote a product, service or event in order to target customers.
1. Who we are?
Kemp House 152 160 City Road, London, EC1V 2NX, UK
Data Protection Officer (DPO): E-mail: [email protected]
2. Our sources of collecting
We process Personal Data that you provide to us in the course of our advertising services and promotional activities. For this purpose, we process and collect Personal Data that we receive from you and/or the Authorised Officials appointed from you and/or our Affiliates and/or third parties authorised or instructed by you. We may also collect and process Personal Data from databases and/or sources that are publicly accessible, such as the press, the media and/or third parties in order to enable us to comply with our regulatory obligations. Please note that the data we collect vary among the different services we provide.
2.1. Personal Data and the Personal Data we process
We collect personal information about you when you use the DRIM System. Without it, we may not be able to provide you with all services requested. This information includes:
Contact Information, Account, Profile Information. Such as your first name, last name, phone number, postal address, email address, date of birth, gender, some of which will depend on the features you use.
2.2. Information you choose to give us
You can choose to provide us with additional personal information. This information may include:
Additional Profile Information. Such as preferred language(s) and personal description. Some of this information as indicated in your account settings is part of your public profile page and will be publicly visible.
Other Information. Such as when you fill in a form, add information to your account, respond to surveys, post to community forums, participate in promotions, or share your experience with us.
2.3. Information Automatically Collected by Using the DRIM System
When you use the DRIM System, we automatically collect personal information. This information may include:
Geo-location Information. Such as precise or approximate location determined from your IP address or mobile device’s GPS depending on your device settings. We may also collect this information when you’re not using the app if you enable this through your settings or device permissions.
Log Data and Device Information. Such as details about how you’ve used the DRIM System (including if you clicked on links to third party applications), IP address, access dates and times, hardware and software information, device information, device event information, unique identifiers, crash data, cookie data, and the pages you’ve viewed or engaged with before or after using the DRIM System. We may collect this information even if you haven’t created an account or logged in.
Cookies and Similar Technologies.
3. The purpose for processing your Personal Data and the legal ground of this processing
We collect and process Personal Data in full compliance with the provisions of the Regulation as well as the national legislation.
In the paragraphs below (3.1 to 3.4) there is a more detailed analysis of the purposes and the legal ground of the processing.
3.1. For the performance of a contract (Article 6 (1) (b))
The processing of Personal Data is necessary in order for us to be able to provide our advertising services to you in accordance with our engagement letter/contact and/or to fulfill your orders and/or to provide you with related services.
The purposes of the processing are adjusted according to the nature of the service provided.
3.2. For the purposes of the legitimate interests pursued by us or by a third party (Article 6 (1) (f))
Except for the above case, either we or third parties, process your Personal Data when necessary, except if your fundamental rights and freedoms override the below interests.
The main purposes of processing your Personal Data are the following:
• Identification your personality in the use the system “DRIM”,
• Granting you the access to the system “DRIM”,
• Contacting you in case of necessity including sending notifications, requests
and information concerning the usage of the system “DRIM”, rendering
services and processing requests and orders from you,
• Detect and prevent fraud, spam, abuse, security and safety incidents, and
other harmful activity,
• Conduct security investigations and risk assessments,
• Verify or authenticate information provided by you,
• Improvement the quality of the system “DRIM”, the usability and the
• Personalize, measure, and improve our advertising,
• Administer referral programs, rewards, surveys, contests, or other
promotional activities or events sponsored or managed by DRIM or its
• Send you promotional messages, marketing, advertising, and other
information based on your preferences and social media advertising through
social media platforms,
• Analyze characteristics and preferences to send you promotional messages,
marketing, advertising and other information that we think might be of
interest to you, and
• Participation in the enabling activities of the system “DRIM”/Clients.
3.3. Data collection methods
DRIM uses the following data collection methods:
1. Direct interaction. You are entitled to provide your Personal Data by filling
the form or contacting us via e-mail, phone or through other means as the
• Registration in the system “DRIM”,
• Conclusion of the contracts with DRIM;
• Filing requests or complaints,
• Interaction with DRIM via social media,
• Subscription on services or mailings of DRIM,
• Requests of adverting information,
• Participation in promotional events or surveys,
• Placement of comments.
3. Analysis of published sources. DRIM collects the data from public information sources.
3.4. Cookies and similar technologies
You should be aware that when you access or use our content, products and services, we may collect information from the devices you use to receive DRIM service content, products and services by using “cookies”.
3.4.1. How do cookies work?
Cookies are small bits of text that are downloaded onto the devices you use to receive DRIM service content, products and services and access online information. Your browser makes these cookies available every time you visit the website. This allows it to identify you and tailor what you see on your device.
3.4.2. What cookies are used for?
Cookies are an important part of the internet. They make using devices and accessing online information much smoother and affect lots of the useful features of websites. There are many different uses for cookies, including:
• The provision of content, products or services that you have requested.
• To act as an essential component in helping devices download or stream information, or so you can move around websites and use their features. Without these cookies, content, products or services you've asked for, these actions can't be provided.
• Remembering if you have already filled in a survey, so you're not asked to do it again.
• Restricting the number of times you're shown a particular advertisement. This is sometimes called 'frequency capping'.
Giving you access to content provided by social-media sites like Facebook, Google, Youtube.
3.4.3. Sharing information collected by cookies
3.4.4. Controlling my cookies. How can I choose not to receive Online Behavioral Advertising and other tracking cookies?
In addition to the controls available on your computer, there are other ways of choosing not to receive Online Behavioral Advertising and other tracking cookies. Please note, that most of these choices work by setting a cookie that overrides the behavioral advertising cookie. If you clear all your cookies, you will also clear these opt-out cookies, therefore changing your preferences. In this instance you would need to choose again.
4.1. Who we share your data with?
Where you provide consent, we share your information as described at the time of consent, such as when authorizing a third-party application or website to access your account or participating in promotional activities by DRIM partners or third parties.
In the course of DRIM’s operation, the relevant employees responsible for the performance of our contractual and legal obligations receive the necessary data. Moreover, we might share your Personal Data within Advertisers and our Affiliates, if this is necessary for the performance of our services and/or to fulfill your orders and/or comply with our regulatory obligations.
Under Article 28 of the Regulation, we have the right to designate a processor.
In such a case, it is likely that the processor will receive your Personal Data for the above purposes. For example, we might designate as processors, as well as companies that provide organizing and filing services or licensed service providers. Furthermore, DRIM is legally obliged and/or may need to transfer your Personal Data in the course of the provisions of our services to various government authorities and/or semi-governmental and/or services and/or organisations.
It is possible for us to share your Personal Data to other people/companies/organisations, other than the above, in the course of the provisions of our services to you or if you have given us your express consent for such transfer.
5. How long your Personal Data will be kept for?
We will hold your Personal Data during our contractual relationship. After the termination of our contractual relationship, we hold your Personal Data for the period required by the applicable AML law and according to the other applicable law. Sometimes DRIM is obliged to process your Personal Data for an extended period for specific purposes, for example, in case of the requests of law-enforcement authorities for tax and legal purposes.
6. Transfer of your Personal Data outside the EEA or to an international organization
We may transfer your Personal Data to third parties which are located outside the European Economic Area (EEA), only if the transfer is necessary to perform our contractual obligations and/or to fulfill your orders.
In any case, the processors in third countries are obliged to apply the Regulation in the same manner as the companies which are located within the European Economic Area.
7. Keeping your Personal Data secure
We have appropriate security measures in place to prevent Personal Data from being accidentally lost or used or accessed in an unauthorized way. We limit access to your Personal Data to those who have a genuine business need to have access to it. Those processing your information will do so only in an authorized manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
8. Your rights
You have a number of important rights, under the Regulation. Specifically:
(a) right to access your Personal Data (Article 15): meaning you might receive information and/or copy of the Personal Data we hold free of charge.
(b) right to rectification (Article 16): you might ask us to correct any mistakes in your information which we hold.
(c) right to erasure (“right to be forgotten”) (Article 17): you might ask us to erase the Personal Data concerning you.
However, we reserve the right to deny the erasure, if the processing is necessary for compliance with a legal obligation, for reasons of public interests or for the establishment, exercise or defense of legal claims.
(d) right to restriction of processing (Article 18): you might require us to restrict our processing of your Personal Data if you contest the accuracy of your Personal Data, the lawfulness of the processing, or you have objected to processing (according to article 21, see below) and you wait for our reply whether we have legitimate grounds which override yours.
(e) right to data portability (Article 20): you have the right to request and receive the Personal Data concerning you which you have provided to us, in a structured, commonly used and machine-readable format and you have the right to transmit those data to a third party under certain circumstances.
(f) right to object (Article 21): you have the right to object at any time to processing of Personal Data concerning you which is based on performance ofa task carried out in the public interest or for the purposes of the legitimate interest pursued by us or third parties (article 6 (1) (e) and (f) of the Regulation).
You also have the right to object at any time to processing of Personal Data concerning you for direct marketing or decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you.
In case you exercise this right, we shall no longer process your Personal Data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claim.
(g) right to withdraw your consent: you reserve the right to withdraw your consent at any time. However, the withdrawal of the consent does not affect the lawfulness of the processing based on consent before its withdrawal.
If you wish to exercise any of the above rights or to ask any questions or clarifications, please do not hesitate to contact us at [email protected].
If you like to exercise any of those rights, please:
• email or write to us;
• let us have enough information to identify you;
• let us have proof of your identity and address;
• let us know the information to which your request relates.
9. Managing, reviewing, and updating your information
When you are signed in, you can always review and update information by visiting the services you use.
10. How to complain?
We hope that DRIM can resolve any query or concern you raise about our useof your information.
However, the Regulation also gives you right to logde a complaint with the supervisory authority.
11. Are you obliged to provide us with your Personal Data?
You are required to provide your Personal Data to the extent that it is necessary to conclude, perform or terminate the engagement letter and/or contract between us and third parties and to fulfill your mandates.
Furthermore, we are obliged by the anti-money laundering legislation to collect and hold your Personal Data to the “know your client” principle. In case you refuse to give us your Personal Data, we will not be able to provide and/or continue to provide our services to you.
12. Automated Individual decision- making
As a rule, DRIM does not make automated decisions. If we make use of automated decision-making, you will be properly informed if this is necessary on the basis of the relevant legislation.