Last Updated Sept. 10, 2023
Welcome to RSVP.link and our website at www.rsvp.link. This GDPR Compliance Statement sits in line with our Privacy Policy, is supplemental and applies to all European Union and United Kingdom Citizens that are using our website and online services (our “Services”). Accordingly, RSVP.link proceeds with all data processing procedures (e.g., collection, processing, and transmission) as set out in Regulation (EU) 2016/679 (General Data Protection Regulation) and the the UK's Data Protection Act (both collectively the “GDPR”).
Nothing in this Statement is intended to contradict or limit the applicability of the information provided in our Privacy Policy.
The following provides you, as set out in Art. 13 GDPR, with an overview of the type of data collected and how it is used and passed on, the security measures we take to protect your data and how you can exercise your rights.
The responsible entity according to Art. 24 GDPR is Clever Bytes Inc, registered in Alberta, Canada (“RSVP.link”, “we”, “us”, or “our”).
You may contact us using [email protected] if you:
Please note that deletion of information essential to account management and services may result in termination of services provided to you.
We will make every effort to respond to your requests in the shortest possible time, and always in strict compliance with applicable law. In some cases, requests for deletion may not be honored immediately, due to a legal obligation.
First of all, we would like to inform you about your rights as a data subject. These rights are standardized in Art. 15 - 22 GDPR and include:
To assert these rights, please contact us.
You also have the right to lodge a complaint with a data protection supervisory authority. While Canada has its own Data Protection Supervisory Authority (The Office of the Privacy Commissioner, 30 Victoria Street, Gatineau, Quebec, J8X 0A8, www.priv.gc.ca) you may in accordance with Article 77(1) GDPR complaint to your local Data Protection Supervisory Authority. We would, however, appreciate the chance to deal with your concerns in the first instance.
The processing of your Personal Data may be based on the following legal grounds:
We process and store your Personal Data only for the period of time required to fulfill the purpose of storage or if this has been provided for, in laws or regulations for up to 7 years. After the purpose has ceased to exist or has been fulfilled, your Personal Data will be deleted or blocked.
In the case of blocking, deletion will take place as soon as legal, statutory, or contractual retention periods do not conflict with this, there is no reason to assume that deletion would impair your interests worthy of protection and deletion would not cause a disproportionately high expense due to the special nature of the storage.
The hosting services used for the purpose of operating our website is DigitalOcean, LLC. In doing so DigitalOcean processes all data and communication data of our customers, interested parties and visitors of our website and services that are provided through the website. We use DigitalOcean, on the basis of our legitimate interests (Article 6 (1) lit. f) GDPR) in an efficient and secure provision of the website and services in conjunction with the provision of contractual services and the conclusion of the contract for our services.
Each time you visit our website, a number of general data and information is transmitted - even if you use our website for purely informational purposes. DigitalOcean collects the general data and information that your browser transmits to my website's server. This data and information are collected are technically necessary for the display our website to you and that serve the stability, security and danger or threat prevention in the event of attacks on my website, such as:
This data is deleted after the storage is no longer necessary for error analysis or danger or threat prevention. The legal basis for this data processing is Article 6 (1) lit. b) GDPR, as the collection and storage of this data is necessary for the operation of the website in order to ensure the functionality of the website and to deliver the content of our website correctly.
What cookies are?
On our website we use so-called "cookies". Cookies are small text files that are stored in the memory of your device via your browser. Cookies store certain information (e.g., your preferred language or page settings) which can be sent back to us by your browser when you visit the website again (depending on the lifetime of the cookie).
Which cookies do we use?
We distinguish between two categories of cookies:
Further and as the GDPR also requires a legal basis for the use of personal data in relation to cookies, the use of cookies would then be your consent as well as our legitimate interest.
However, as we think it is important that you should have full control over your privacy online, we refrained from placing optional cookies on our website and as such we are not required to obtain any consents. Nonetheless, this may change, and we ask you to regularly check this policy for any updates.
In order to establish or implement the contractual relationship with our users, it is regularly necessary to process the personal master data and contract data provided to us. The legal basis for this processing is Art. 6 (1) lit. b) GDPR
We also process customer and prospect data for evaluation and marketing purposes. This processing is carried out on the legal basis of Article 6 (1) lit. f) GDPR and serves our interest in further developing our offer and informing you specifically about our offers.
Further data processing may take place if you have consented (Article 6 (1) lit. f) GDPR) or if this serves the fulfillment of a legal obligation (Art. 6 (1) lit. c) GDPR).
We process information of our contractual and business partners, e.g., users and interested parties in the context of contractual and comparable legal relationships as well as related measures and in the context of communication with contractual partners (or pre-contractual), e.g., to answer enquiries.
We process this information to fulfill our contractual obligations, to secure our rights and for the purposes of the administrative tasks associated with this information as well as for business organization. We only disclose the information of our contractual partners to third parties within the scope of the applicable law to the extent that this is necessary for the aforementioned purposes or for the fulfillment of legal obligations or with the consent of the contractual partners (e.g., auxiliary services as well as subcontractors, banks, tax and legal advisers or tax authorities).
Unless otherwise specified the purposes of processing are Contractual performance and service, contact requests and communication, office and organizational procedures, administration, and response to requests, visit action evaluation, interest-based and behavioral marketing. And the Legal bases are Art. 6 (1) lit. b) GDPR, Art. 6 (1) lit. c) GDPR, and Art. 6 (1) lit. f) GDPR.
We process data in the context of administrative tasks as well as organization of our operations, financial accounting and compliance with legal obligations, such as archiving. In this regard, we process the same data that we process in the course of providing our contractual services. The processing bases are Article 6 (1) lit. c) GDPR, Article 6 (1) lit. f) GDPR. Users, interested parties, business partners and website visitors are affected by the processing. The purpose and our interest in the processing lies in the administration, financial accounting, office organization, archiving of data, i.e., tasks that serve the maintenance of our business activities, performance of our tasks and provision of our services. The deletion of data with regard to contractual services and contractual communication corresponds to the data mentioned in these processing activities. In this context, we disclose or transfer data to the tax authorities, consultants, such as tax advisors or auditors, as well as other fee offices.
Where applicable, we provide our service providers with further information, which they use together with the information necessary for fraud prevention and optimization of our processes This serves to protect our legitimate interests Article 6 (1) lit. f) GDPR in our protection against fraud or in efficient risk management, which outweigh our interests in the context of a balancing of interests.
We process the data of our users and clients in order to enable them to select, purchase or commission the selected services as well as associated activities or to execute or provide them. The required information is identified as such in the context of the service provision, or comparable contract conclusion.
Unless otherwise specified the purposes of processing are Contractual performance and service, contact requests and communication, office and organizational procedures, administration, and response to requests, visit action evaluation, interest-based and behavioral marketing. And, the Legal bases are Contractual performance and pre-contractual inquiries, Legal obligation, and our Legitimate interests. Art. 6 (1) lit. b) GDPR, Art. 6 (1) lit. c) GDPR, and Art. 6 (1) lit. f) GDPR.
Based on Art. 6 (1) lit. c) and Art. 6 (1) lit. f) GDPR, we use and store your Personal Data and technical information to the extent necessary to prevent or prosecute misuse or other illegal behavior on our website, e.g., to maintain data security in the event of attacks on our IT systems. This also takes place insofar as we are legally obliged to do so, for example due to official or court orders, and for the exercise of our rights and claims as well as for legal defence.
When contacting us the Personal Data transmitted will be stored and processed exclusively for the purpose of answering the enquiry. The legal basis for the processing is Art. 6 (1) lit. f.) GDPR or Art. 6 (1) lit. b) GDPR if the enquiry is aimed at concluding a contract. The data will be deleted when the purpose of the processing no longer applies, e.g., the enquiry has been conclusively answered. You can object to the processing of your Personal Data at any time by contacting us.
If you have provided us with your email address when using our Services, we reserve the right to regularly send you email offers for similar services. We do not need to obtain your separate consent for this. In this respect, the data processing is carried out solely on the basis of our legitimate interest Art. 6 (1) lit. f.) GDPR in personalized direct advertising. If you have initially objected to the use of your e-mail address for this purpose, we will not send you any e-mails.
You are entitled to object to the use of your e-mail address for the aforementioned advertising purpose at any time with effect for the future by notifying the responsible person named at the beginning. After receipt of your objection, the use of your e-mail address for advertising purposes will cease immediately. If you wish to object to the data analysis for statistical evaluation purposes, you must unsubscribe from the marketing.
Your Personal Data will only be passed on if there is a legal obligation to do so or to service providers and partner companies that have been carefully selected in advance and are contractually obliged to comply with the requirements of data protection law.
a) Disclosure to service providers according to Art. 6 (1) lit. b) and f) GDPR
For the operation and optimization of our website and our services and for the processing of contracts, various service companies work for us, e.g., for IT services or the hosting of our website, to whom we pass on the data required for the fulfillment of the task.
These companies act for us by way of commissioned processing and may therefore use the data provided exclusively in accordance with our instructions. In this case, we are legally responsible for appropriate data protection precautions at the companies we commission. We therefore agree on specific data security measures with these companies and monitor them regularly.
b) Disclosure to other third parties pursuant to Art. 6 (1) lit. c) and f) GDPR
We will disclose your data to third parties or government agencies within the framework of existing data protection laws if we are legally obliged to do so, e.g., due to official or court orders, or if we are entitled to do so, e.g., because this is necessary for the prosecution of criminal offences or for the exercise and enforcement of our rights and claims.
We take additional measures to ensure an adequate level of data protection for the transfer of Personal Data in accordance with Art. 44 of the GDPR and thus ensure that the transfer is generally permissible and that the special requirements for a transfer to a third country are met (e.g., by concluding EU standard contracts and additional guarantees, supplementary technical and organizational measures such as encryption or anonymization).
We have taken a variety of security measures to protect Personal Data to an appropriate extent and adequately. All information held by us is protected by physical, technical, and procedural measures that limit access to the information to specifically authorized persons in accordance with our Privacy Policy and this Statement.
Our website is using Hypertext transfer protocol secure (HTTPS), which is the primary protocol used to send data between a web browser and a website. HTTPS is encrypted in order to increase security of data transfer.
In addition, only employees who need the information to perform a specific job are granted access to Personal Data. These employees are trained in security and privacy practices and treat your information confidentially.
This Policy Statement was last updated on Sunday, September 10th, 2023, and is the current and valid version. However, we want to point out that from time to time due to actual or legal changes a revision to this Policy Statement may be necessary.
If you have any questions about this policy or our data protection practices, please contact us.