This section aims to give you a straightforward summary of how your personal data is handled when you access our website. 'Personal data' refers to any information that could be used to identify you personally. For more comprehensive details on data privacy, we invite you to review our Data Protection Policy, located below this text.
Who manages the data collection on our website? (i.e. the Data Controller)
The data processing on this site is carried out by the website's operator, whose contact details can be found in the section titled “Information About the Controller” in this Privacy Policy.
How is your data collected?
Your data is collected when you provide it to us, which could be data you input on our contact form or newsletter signup form for example. Additionally, other data is collected either automatically by our IT systems or with your consent when you visit our website. This primarily includes technical data (like the type of web browser, operating system, or the time of page visit). This data is collected automatically as soon as you enter our website.
For what purpose do we use your data?
Some of the data is collected to ensure the proper functioning of the website without errors. Other pieces of data can be used to analyze how you use the site and help us improve the overall experience of the website.
What rights do you have pertaining to your data?
At any time, you have the right to obtain free information about your stored data, its origin, its recipients, and the purpose of its collection. You also have the right to request that it be corrected or deleted. If you have given your consent for data processing, you may revoke this consent at any future point. Additionally, under certain circumstances, you may request the restriction of the processing of your data. Moreover, you have the right to file a complaint with the appropriate regulatory authorities. For any questions about data protection, please contact us at any time.
During your visit on our website, there's a chance that your browsing behavior might be statistically evaluated. This is mainly done using what are known as analytics programs. For more specific information regarding these analytics programs, please refer to our Data Protection Policy, which is detailed further below. We do this in order to create a better experience for users and find unreported bugs or errors on our website.
Our website is hosted by Webflow, Inc., located at 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA, commonly referred to as "Webflow". Webflow collects various log files, including your IP address, when you visit our website. Webflow is a platform for creating and hosting websites. It uses cookies or other recognition technologies essential for displaying the website, providing certain functionalities, and ensuring its security (necessary cookies). For more information, refer to Webflow's privacy policy at https://webflow.com/legal/eu-privacy-policy. We use Webflow based on Art.6(1)(f) GDPR, as we have a vested interest in the reliable presentation of our website. If consent has been obtained, processing is exclusively based on Art. 6(1)(a) GDPR, insofar as the consent involves storing cookies or accessing information on the user's device. This consent can also be revoked at any time. Data transfer to the United States is done under the EU Commission's Standard Contractual Clauses driven by the Schrems Ruling. For more information, please visit https://webflow.com/legal/eu-privacy-policy.
Data Processing Agreement
We have also established a Data Processing Agreement (DPA) with Webflow. This agreement is a requirement of data protection legislation and ensures that Webflow processes the personal data of our website visitors according to our directives and in adherence to GDPR standards.
The operators of this website prioritize the protection of your personal data. We treat your personal data confidentially and in accordance with legal data protection regulations as well as this Data Protection Declaration.
Each time you use this website, various personal data is collected. 'Personal data' refers to information that personally identifies you. This declaration details the type of data we collect, the purposes for which we use it, and how and why it is collected.
We want to inform you that data transmission over the Internet (e.g., via email) can have security vulnerabilities. Complete protection of data from access by third parties is not feasible.
The responsible data processing entity on this website is:
Zanubio SRL
Str Sperantei, nr 10, Parter, Sector 2, Bucharest, Romania
E-mail: hi@usetools.design
The responsible entity is the natural or legal person who, alone or jointly with others, decides on the purposes and means of processing personal data (e.g., names, email addresses, etc.).
Unless a more specific storage period is mentioned in our Privacy Policy, your personal data will be retained by us until the purpose for data collection no longer applies. If you request deletion of your data or revoke your consent to data processing, your data will be deleted in a reasonable time, unless we have other legally permissible reasons to store your personal data (e.g., tax or commercial law retention periods); in such cases, deletion occurs after these reasons no longer apply.
We process your personal data based on your consent (Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR for special data categories as per Art. 9(1) GDPR). If consent is given for the transfer of personal data to third countries, it's based on Art. 49(1)(a) GDPR. Consent for storing cookies or accessing information in your end device (e.g., device fingerprinting) can be revoked anytime. We process data for contract fulfillment or pre-contractual measures based on Art. 6(1)(b) GDPR, and for legal obligation fulfillment on Art. 6(1)(c) GDPR. We may also process data based on our legitimate interest (Art. 6(1)(f) GDPR). Specific legal bases for each case are detailed in subsequent sections of this policy.
We use tools from entities in the United States and other non-EU countries where data protection may not be equivalent to EU standards. This means your personal data may be processed in these countries. We must highlight that US entities may be obliged to surrender data to security agencies without your rights to legal recourse. Thus, there's a risk of US agencies processing, analyzing, and permanently archiving your personal data for surveillance purposes. We have no influence over these processing activities. If you want to find out more about this check out the Schrems II ruling.
Many data processing activities can only occur with your explicit consent, which you can revoke at any time. This does not affect the legality of data processing before the revocation.
If data is processed based on Art. 6(1)(e) or (f) GDPR, you have the right to object to the processing of your personal data for reasons arising from your particular situation, including profiling. Consult this Privacy Policy to identify the legal basis for processing. Upon objection, we will cease processing your personal data unless we have compelling legitimate grounds overriding your interests, rights, and freedoms, or for the establishment, exercise, or defense of legal claims (objection under Art. 21(1) GDPR). You can object to the processing of your data for direct advertising purposes at any time, which also applies to profiling associated with such advertising. Upon objection, your personal data will no longer be used for direct advertising (objection under Art. 21(2) GDPR).
In the event of the GDPR being violated, you have the right to lodge a complaint with a supervisory authority, particularly in the member state of your habitual residence, place of work, or place of the alleged violation.
You are entitled to request that data we process automatically based on your consent or in fulfilment of a contract be transferred to you or to a third party in a standard, machine-readable format. If you request the direct transfer of this data to another data controller, it will be done only if technically possible.
As per current legal regulations, you can request information about your stored personal data, its origin, recipients, and the purpose of its processing at any time. You also have the right to request the correction or deletion of your data. For any inquiries about this or other personal data-related issues, please contact us at your convenience and we will try to reply to you in a reasonable time.
You have the right to request limitations on the processing of your personal data. You can make such a request at any time. This right applies in the following circumstances:
- If you contest the accuracy of the data we hold about you, we may need time to verify this claim. During this period, you can request that we restrict the processing of your personal data.
- If your data has been processed unlawfully, you can opt to restrict the processing of your data rather than having it deleted.
- If we no longer need your personal data, but you require it to exercise, defend, or establish legal claims, you have the right to request that we restrict the processing of your data instead of deleting it.
- If you have lodged an objection under Art. 21(1) GDPR, there needs to be a balance between your rights and ours. Until it is determined whose interests prevail, you can request a restriction on the processing of your personal data.
- Should the processing of your personal data have been restricted, aside from storage, it can only be processed with your consent or for the establishment, exercise, or defense of legal claims, to protect the rights of another natural or legal person, or for reasons of significant public interest of the EU or a member state.
For security reasons and to protect the transfer of confidential content, such as orders or inquiries you send to us as the site operator, this website uses SSL or TLS encryption. You can identify an encrypted connection by the change in the browser's address line from "http://" to "https://" and the lock symbol in your browser's address bar.
When SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.
We expressly object to the use of contact information, which is published as part of our mandatory website notice, for sending us promotional and informational material that we have not explicitly requested. We reserve the right to take legal action in the case of the unsolicited sending of promotional information, such as through spam emails.
Our website uses what are commonly known as “cookies.” These are small text files that do not harm your device. They are stored temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your device. Session cookies are automatically removed after your visit ends, while permanent cookies stay on your device until you delete them or they are cleared by your web browser.Sometimes, third-party cookies might be stored on your device when you visit our site.
These enable either you or us to utilize specific services provided by the third party (e.g., cookies for processing payment services).Cookies serve various functions. Some are vital for the website's operation as they enable functionalities like the shopping cart or video displays. Others might be used to analyze user behavior or display advertising. Cookies essential for electronic communications, or for certain functionalities you wish to use (e.g., the shopping cart), or those that optimize the website (e.g., cookies providing insights into the web audience), are stored based on Art. 6(1)(f) GDPR, unless stated otherwise.
The website operator has a legitimate interest in storing these cookies for the technically error-free and optimized delivery of services. Consent for storing cookies and similar technologies is based on Art. 6(1)(a) GDPR, and can be revoked at any time. You can configure your browser to inform you about the setting of cookies and allow cookies only in specific instances. You can also disable cookies in certain situations or generally and activate automatic deletion of cookies when closing the browser. Disabling cookies may limit this website’s functionality. If third-party cookies are used or if cookies are used for analytical purposes, we will inform you separately in our Data Protection Policy and, if necessary, seek your consent.
When you contact us by email, telephone, or fax, we store and process your request, including all personal data (name, request), for handling your inquiry. This information is not shared without your consent.
This data processing is based on Art. 6(1)(b) GDPR if your inquiry is related to contract fulfilment or necessary for pre-contractual actions. In other cases, processing is based on our legitimate interest in effectively handling inquiries (Art. 6(1)(f) GDPR) or on your consent (Art. 6(1)(a) GDPR) if obtained; consent can be withdrawn at any time.
Data from contact inquiries is retained until you ask us to delete it, revoke your consent for storage, or the purpose for data storage ceases (e.g., after your request has been fulfilled). Mandatory legal provisions, especially retention periods, remain unaffected.
We utilize Google Tag Manager, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. This tool helps us implement tracking and statistical tools, as well as other technologies on our website. Google Tag Manager itself does not create user profiles, store cookies, or conduct independent analyses. It only facilitates the management and execution of integrated tools. However, it does collect your IP address, which may be sent to Google's headquarters in the United States. We use Google Tag Manager based on Art. 6(1)(f) GDPR, reflecting our legitimate interest in efficiently managing various tools on our website. If consent is provided, processing occurs solely based on Art. 6(1)(a) GDPR, covering consent for cookies or access to information on the user’s device (like device fingerprinting). Consent can be withdrawn anytime.
Our website employs Google Analytics, a web analysis service by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics allows us to analyze our website visitors' behavior. We receive various user data, like page visits, duration of stay, operating systems, and user origins. This data is compiled under a user ID and attributed to the visitor's device. Google Analytics tracks things like mouse movements, scrolls, and clicks. It uses models to enhance data sets and applies machine learning for data analysis. Google Analytics uses technologies like cookies or device fingerprinting for user recognition and behavioral analysis. The collected data is generally sent to a Google server in the U.S. for storage. Usage of these services is based on your consent according to Art. 6(1)(a) GDPR, which can be revoked at any time. Data transfer to the U.S. follows the Standard Contractual Clauses (SCC) of the European Commission. More details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/
IP Anonymization
We enable IP anonymization on our website. Your IP address is shortened by Google within the European Union or other EEA states before being sent to the U.S. Only in exceptional cases is the full IP address sent to a Google server in the U.S. and shortened there. Google uses this information to analyze your website use, compile reports on website activities for us, and provide other services related to website and internet usage. Your browser's IP address, as part of Google Analytics, is not merged with other Google data.
Demographic Data in Google Analytics
Our website uses Google Analytics’ “demographic characteristics” to display ads within Google’s network based on age, gender, and interests of our visitors. This data comes from Google's interest-based advertising and third-party visitor data. It cannot be attributed to any specific individual. You can disable this feature anytime in your Google account settings or generally forbid Google Analytics from collecting your data as outlined in the "Objection to Data Recording" section.
Browser Plug-in
To prevent Google from recording and processing your data, download and install the browser plugin available here: https://tools.google.com/dlpage/gaoptout?hl=en. For more information on Google Analytics' data handling, see Google’s privacy policy: https://support.google.com/analytics/answer/6004245?hl=en.
We use Hotjar, provided by Hotjar Ltd., Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe (website: https://www.hotjar.com). Hotjar helps us understand our users' behavior on our website, like mouse movements, scrolling, and clicks. It also identifies how long the cursor remains in one spot, creating Heatmaps to show preferred website sections.We also determine how long you stay on a page and when you leave, including where you stop filling out contact forms (conversion funnels).Hotjar uses technologies like cookies or device fingerprinting for user recognition and pattern analysis.If consent is given, the use of Hotjar is based on Art. 6(1)(a) GDPR. Consent can be revoked anytime. Without consent, it's based on Art. 6(1)(f) GDPR, reflecting our interest in optimizing our website and advertising.
Deactivating Hotjar
To deactivate Hotjar data recording, follow these instructions: https://www.hotjar.com/policies/do-not-track/. Remember to deactivate Hotjar separately for each browser and device. For more details on Hotjar and its data practices, see their privacy policy: https://www.hotjar.com/privacy.
Data Processing
We have a data processing agreement (DPA) with the above-mentioned provider. This legally mandated contract ensures they process data from our website visitors in accordance with our instructions and GDPR compliance.
To subscribe to our website's newsletter, we need your email address and confirmation that you own the email address and agree to receive the newsletter. Other data may be provided voluntarily. We use specific newsletter service providers, detailed below, for managing our newsletters.
Our website sends newsletters via Mailchimp, a service of the Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA. Mailchimp helps organize and analyze newsletter distribution. When you register for our newsletter, your details (like your email address) are stored on Mailchimp servers in the USA. Mailchimp allows us to track the performance of our newsletter campaigns. Opening an email sent through Mailchimp (which includes a web-beacon) connects to their servers in the USA. This process helps us understand if a newsletter message was opened and which links were clicked. The technical information collected (like access time, IP address, browser type, and operating system) is not linked to individual newsletter recipients but is used for statistical analysis of newsletter campaigns to better align future newsletters with recipient interests. If you do not wish for your data to be analyzed by Mailchimp, you must unsubscribe from the newsletter, which can be done through a link provided in every newsletter. Processing of this data is based on your consent (Art. 6(1)(a) GDPR), which can be withdrawn at any time, without affecting the lawfulness of processing based on consent before its withdrawal. The data you provide for newsletter subscription is retained until you unsubscribe from the newsletter and is removed from the newsletter distribution list thereafter. Data stored for other purposes remains unaffected. Data transfer to the US follows the Standard Contractual Clauses (SCC) of the European Commission. More details can be found at Mailchimp's data transfer statement and legal data processing addendum. (https://mailchimp.com/eu-us-data-transfer-statement/ and https://mailchimp.com/legal/data-processing-addendum/#Annex_C_-_Standard_Contractual_Clauses)
Upon unsubscribing, your email address may be stored in a blacklist by us or the newsletter service provider to prevent future mailings. This blacklist data, used solely for this purpose, is not merged with other data. This is to comply with legal requirements for newsletter distribution (legitimate interest under Art. 6(1)(f) GDPR) and is stored indefinitely. You may object to this storage if your interests outweigh our legitimate interest. For more information, refer to Mailchimp’s Privacy Policy. (https://mailchimp.com/legal/terms/)
Data Processing
We have entered a data processing agreement with the provider to ensure compliance with data privacy laws and GDPR standards.
This website uses Adobe Fonts, provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, for consistent display of fonts. When you access our website, your browser loads the necessary fonts directly from Google to display them correctly on your device, establishing a connection to Google's servers in the USA. Google thus knows that our website was accessed via your IP address. No cookies are stored for font provision according to Google. Data processing for fonts is based on Art. 6(1)(f) GDPR, reflecting our legitimate interest in uniform font presentation. If consent is provided, processing is exclusively based on Art. 6(1)(a) GDPR, covering consent for cookies or access to information on the user’s device. Consent can be revoked anytime. Data transfer to the US adheres to the SCC of the European Commission. More details can be found at Google's EU data transfer page. Read more about Google Fonts in their policy and Google's Privacy Policy.