logo

Sora Union Data Protection Policy

1. Introduction

This Data Protection Policy outlines Sora Union’s commitment to protecting the privacy of individuals whose personal data we collect, use, and disclose. This policy is designed to comply with applicable data protection laws and regulations, including General Data Protection Regulation (GDPR) and other applicable data protection laws and regulations.

2. Definitions

Personal Data: Any information relating to an identified or identifiable natural person, such as name, email address, phone number, or identification number (e.g., social security number).

Data Subject: The individual to whom the personal data relates.

Processing: Any operation or set of operations performed on personal data, whether or not by automated means.

Controller: A person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of processing personal data. For example, Sora Union when it decides how and why personal data is processed.

Processor: A person, public authority, agency, or other body which processes personal data on behalf of the controller. For example, a cloud services company used by Sora Union to store customer data.

3. Data Collection

We collect personal data for various purposes and in several ways, including:

Information you provide directly: This may include contact information like name, email address, phone number, and any other data you submit through our website, forms, applications, or interactions with our customer service team.

Information collected automatically: As you interact with our website or services, we may collect data about your device, browsing activity, and usage patterns. This data may include IP address, browser type, operating system, referring URL, pages visited, and time spent on our platform.

4. Legal Basis for Processing

We will only process your personal data when we have a lawful basis to do so. This may include:

Consent: In some cases, we will obtain your explicit consent before processing your personal data for marketing purposes or other activities not covered by contractual necessity or legitimate interests. For example, we will seek your consent before sending promotional offers or newsletters via email.

Contractual Necessity: When necessary to fulfill a contract with you, such as providing a service you have requested.

Legitimate Interests: We may process your data to pursue our legitimate interests, such as improving our website, sending you promotional offers, or preventing fraud. We will always balance our interests against your data protection rights.

5. Data Use and Disclosure

We will only use your personal data for the purposes for which it was collected and in accordance with this Policy. We may disclose your data to third-party service providers, such as cloud hosting providers, payment processors, or background check services like Sanction Scanner, who assist us in operating our business and providing our services. These third parties are contractually obligated to implement appropriate security measures to protect your data and are prohibited from using your data for any other purpose.

We will not sell or rent your personal data to third parties. We may disclose your data if required by law, subpoena, or court order or to protect our rights or safety.

6. Data Retention

We will retain your personal data for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, or resolve disputes. We will then securely delete or anonymize your data.

7. Your Data Subject Rights

You have certain rights regarding your personal data, including:

Right to Access: You have the right to request access to your personal data and receive a copy.

Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data.

Right to Erasure: You have the right to request that we delete your personal data under certain circumstances.

Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data.

Right to Object: You have the right to object to the processing of your personal data for marketing purposes.

8. Security

We take appropriate technical and organizational measures to protect your personal data from unauthorized access, disclosure, alteration, or destruction. However, no security measures are 100% perfect, and we cannot guarantee the complete protection of your data.

9. Children’s Privacy

We do not knowingly collect personal data from children under the age of 18 without verifiable parental consent, in compliance with the Children’s Online Privacy Protection Act (COPPA). If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately so we can delete it and take appropriate action.

10. Changes to this Policy

We may update this Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any changes by posting the updated Policy on our website.

11. Contact Us

If you have any questions about this Policy or your data protection rights, please contact us at legal@soraunion.com.