Who we are
Our website address is: https://www.realvisits.org.
What personal data we collect and why we collect it
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select "Remember Me", your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
Who we share your data with
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
Your contact information
Will be used only by us and only related to RealVisits.org.
How we protect your data
Encryption/SSL - Connection: TLS 1.2 AES_256_GCM ECDHE_RDS (23)
This Policy describes the principles of processing of Personal Data that is submitted to RealVisits or that otherwise becomes available to RealVisits in connection with use by the Clients and other users of the Website, Software and Services.
This Policy is an agreement between the Clients and RealVisits , which states how Personal Data submitted by the Clients is processed by RealVisits on behalf of the Clients.
Please read this Policy carefully to understand the practices that RealVisits applies regarding processing of Personal Data.
This Policy constitutes an integral part of the agreement entered into between the Clients and RealVisits . By viewing the Website and/or using the Software and Services, the Clients confirm that they have familiarized themselves with this Policy, understood it and agree to its terms. Upon initial registration with RealVisits , the Clients (via their authorized representatives) also confirm the above-said by clicking on the “Create My Account” button, which declares the Client´s acceptance of and consent to the processing of Personal Data as described in this Policy.
This Policy also constitutes an agreement between the Clients (as controllers of Personal Data) and RealVisits (as processor of Personal Data) in the meaning of article 28 of GDPR (General Data Protection Regulation (EU) No 2016/679 of the European Parliament and Council).
RealVisits shall be entitled to unilaterally review and amend this Policy from time to time. Therefore, RealVisits advises to periodically review the Policy in the case of any changes to it. Continued use of the Website, Software and Services means the consent to any such changes.
If the Client or other users do not agree with any or all terms of this Policy or any possible changes to it, then they should immediately close the Website and cease using the Software and Services.
RealVisits has drafted this Policy in cooperation with its legal advisers in accordance with the requirements of GDPR. RealVisits does its best to ensure that processing of Personal Data is in full compliance with applicable legal requirements.
- Client(s) means legal persons, who register themselves on the Website and use it and the Software in accordance with the Terms and this Policy for the purpose of using the Services.
- Data Subjects means all natural persons, whose personal data is submitted to RealVisits in connection with using the Website, Software and the Services, including recipients of the Services (clients of the Clients).
- GDPR means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC.
- Personal data means any information relating to an identified or identifiable natural person (‘data subject’). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
- Processing means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
- Service(s) means a business text-messaging service for sending notifications, alerts, reminders, confirmations and SMS marketing campaigns. Service is rendered via a Website-based SMS platform or by using the Software.
- Software means web-based interface, mobile app and other downloadable and integrable software developed and maintained by RealVisits for the purpose of provision of the Services.
- Terms means the terms of service of RealVisits that establish the terms and conditions of using the Website, Software and Services by the Clients and other users.
- Website means the website of RealVisits www.realvisits.org.
Personal Data that RealVisits Processes. Objectives of Processing of Personal Data
- For the purpose of provision of the Website, Software and the Services, RealVisits processes the Personal Data that the Clients provide about their own clients, who are the recipients of the Services. The types of such data are not restricted and depend on the decision of the Clients how they want to use the Services and generally include the name, contact telephone number, but may also include e-mails, avatars, country, addresses etc.
- RealVisits keeps the register of the Personal Data that it processes in accordance with this Policy.
- RealVisits processes the Personal Data upon:
- usage of the Software and Services by the Clients, including when they submit to RealVisits information about their clients;
- communication between Clients and/or Data Subjects with customer support of RealVisits in connection with the Website, Software and Services;
- RealVisits works closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies) and may receive Personal Data from them;
- RealVisits sends messages to the Clients by electronic means (e-mail or SMS) with information about improvements of the Website, Software and Services, new proposals and developments (direct marketing). RealVisits sends such messages to the contact details provided by representatives of the Clients at the moment of registration or updated later. The Clients confirm hereby and guarantee that contact details provided by representatives of the Clients are at all times company details of the Clients, but not personal contact details of representatives and therefore RealVisits can use such contact details freely to send its marketing messages without any additional obstacles. The Clients may at any time unsubscribe from the newsletters by clicking on the corresponding specific link contained in each newsletter.
Legal Basis for Processing Personal Data
- RealVisits processes Personal Data in accordance with the laws of the location of RealVisits and its affiliates, where the processing of Personal Data is conducted.
- RealVisits processes Personal Data submitted to it by the Clients based on the contracts with the Clients for the purpose of using the Website, Software and Services and to the extent that this data is provided by the Clients.
- In accordance with Article 4 (7) of GDPR the Clients are the controllers of Personal Data that they submit to RealVisits for the purpose of using the Website, Software and Services, including the data regarding clients of the Clients that the Clients submit to send and receive SMSs to and from their clients as recipients. According to Article 4 (8) of GDPR RealVisits acts as the processor on the Client’s behalf when processing the Personal Data submitted by the Clients. Therefore, the Clients:
- are fully responsible for the processing of Personal Data that they submit to RealVisits ;
- guarantee to RealVisits explicitly that the Clients in order to use the Website, Software and Services have all the necessary consents and/or other legal grounds from Data Subjects for lawfull processing of Personal Data in accordance with this Policy;
- confirm that they have obtained from the Data Subjects all the necessary consents for submitting of Personal Data to RealVisits and processing of such data in accordance with the terms of this Policy;
- have a full overview of Personal Data that they submit to RealVisits and guarantee that all such data that they submit is necessary for use by them of the Website, Software and Services and is kept up-to-date;
- oblige to inform RealVisits immediately of the expiry of legal grounds for processing, modification, inaccuracy or change to the Personal Data that the Clients submit to RealVisits .
- When using Services for direct marketing, the Clients are responsible for complying with all the legal requirements in connection with direct marketing and data subjects’ rights. RealVisits is only providing the platform for sending messages, but the Clients are solely responsible for the content of messages sent using the Services. The Clients understand that there are different legal rules for direct marketing in different countries. When the Services are used for direct marketing, the Clients must comply with all requirements for direct marketing of the country, where the receiver of the direct marketing message is residing. For instance, in EU countries the Clients are obliged to send with direct marketing a message with the information on how the Data Subject can waive from direct marketing and there are also certain requirements for the content of commercial messages.
- RealVisits processes the personal data only on documented instructions from the Clients. The Clients insert these instructions by using Services (e.g. inserting command to send messages to its clients) and by agreeing with the Policy and Terms. The instructions of the Clients for processing of Personal Data must always comply with the applicable laws and RealVisits reserves to itself the right to refuse to fulfil the instructions that are in the opinion of RealVisits unlawful.
- Taking into account the nature of the processing, RealVisits shall assist the Clients by appropriate technical and organisational measures, insofar as this is possible, for the fulfilment of the Clients´ obligation to respond to requests for exercising of Data Subject’s rights laid down in GDPR, including the right of access to Personal Data by Data Subjects, right to rectification, right to be forgotten, right to restriction of processing etc. RealVisits shall accept instructions for fulfilment of the rights of Data Subjects only from the Clients. Should the Data Subjects approach RealVisits with the requests for fulfilment of their rights, RealVisits shall inform the Clients and act according to instructions from the Clients. Obligation to delete the data of Data Subjects shall always remain with the Clients and RealVisits shall not undertake deletion for and on behalf of the Clients, unless otherwise explicitly stipulated in the Policy or Terms.
- RealVisits shall assist the Clients in ensuring compliance with the obligations of guarantying security of processing of Personal Data as established by GDPR while taking into account the nature of processing and the information available to RealVisits . Inter alia RealVisits undertakes to:
- apply appropriate technical and organisational measures aimed to insure security, confidentiality and integrity of data. More precisely the applicable security measures by RealVisits are described in section 6 below;
- periodically monitor its internal processes and the technical and organisational measures to ensure that processing of Personal Data is in accordance with the applicable law. RealVisits shall also monitor the processing of Personal Data conducted by Third Parties as much as possible (see clause 4.3 below);
- notify the Clients in the most expedient time possible under the circumstances and without unreasonable delay and, where feasible, not later than 72 hours after having become aware of any accidental, unauthorised, or unlawful destruction, loss, alteration, or disclosure of, or access to, Personal Data (herein: Security Breach). In consultation with the Clients, RealVisits shall take appropriate measures to secure the data and limit any possible detrimental effect on the Data Subjects;
- cooperate with the Clients and provide them with information and assistance, where reasonably possible, in connection with Security Breaches, including in communication with supervisory authorities and Data Subjects;
- cooperate and assist the Clients in conducting processing impact assessments, if applicable.
- RealVisits shall make available to the Clients all information necessary to demonstrate compliance with the obligations laid down in Article 28 of GDPR and allow for and contribute to audits, including inspections, conducted by the Clients or another auditor mandated by the Clients (all at the expense of the Clients). On-site audits and inspections must be agreed with RealVisits in advance, be conducted during normal working hours and not unreasonably disturb the everyday activity and business of RealVisits . Right to audits and inspections does not extend to the facilities and premises of Third Parties.
Transfer of Personal Data to Third Parties
- In the course of providing the Services and access to the Website and Software, RealVisits uses different third party service providers, to whom it may also transfer Personal Data (herein: Third Parties). By virtue of this clause the Clients are duly informed and expressly authorize, totally or partially, to use the corresponding Third Party service providers and provide Personal Data to them, as it may be required. These service providers include the following:
- Server service providers;
- Providers of safety measures, including fraud protection, protection and encryption of RealVisits traffic, email domain authority detection tool;
- E-mail service providers;
- SMS sending/receiving service providers;
- Communication service providers;
- Bookkeeping and payment service providers;
- Customer support service providers;
- Data processing service providers.
- RealVisits shall inform the Clients of any intended changes concerning the addition or replacement of Third Party processors and give the Clients the opportunity to object to such changes. RealVisits has the right to stop providing Services to the Clients, who object to the change concerning the addition or replacement of processors.
- RealVisits has entered into individual service provision contracts with some of the service providers. With others the relationships are based on the general terms of service of these service providers. Prior to entering into relationships with third party service providers RealVisits makes its best efforts to guarantee that the terms of processing of Personal Data of its partners are in accordance with the principles of this Policy and applicable laws. For this purpose RealVisits shall carefully review the terms of processing of Personal Data by its partners. Furthermore, RealVisits carefully screens the on-going relationships with Third Party service providers and in case of their non-compliance shall immediately terminate relationships with them.
- RealVisits discloses Personal Data to its affiliate in the European Union, which is TM OPS OÜ (registry code 12395423, registered seat in Tallinn, Estonia) that processes Personal Data on behalf of RealVisits in accordance with this Policy and applicable law.
- Additionally, RealVisits may disclose/transfer Personal Data:
- under applicable law, including laws outside the locations of RealVisits , its affiliates or Data Subjects;
- to comply with legal processes;
- to respond to requests from the public and government authorities including public and government authorities outside the locations of RealVisits and its affiliates;
- to enforce this Policy or Terms, to protect operations, the rights, privacy, safety or property of RealVisits and/or to pursue available remedies or limit the damages.
- RealVisits makes its best efforts to limit the amount of Personal Data that it transfers for processing to Third Parties as it is necessary for the provision of specific services or to pursue specific goals.
- The Website and Software may contain links that redirect to other websites. For example, when accessing services of a third party such as PayPal when making a payment. This Policy does not apply to such third party websites, which RealVisits does not operate, and RealVisits does not accept any responsibility or liability for these policies. RealVisits advises to review the privacy policies of those third parties.
Transfer of Personal Data to Third Countries
- In connection with some specific development works, troubleshooting of service issues, data storage or other necessary services, RealVisits may transfer Personal Data to RealVisits's contractors, some of which may not be working or operating in the European Economic Area (i.e. 28 European Union countries + Iceland, Liechtenstein and Norway), herein: Third Countries).
- Data protection levels in Third Countries might differ from the corresponding level of the European Economic Area, and some Third Countries might have a lower level of data protection. Therefore, in case of the transfer of Personal Data to the Third Countries, the risk of loss, misuse or becoming public of Personal Data may be higher in comparison to the European Economic Area. However, RealVisits has taken all reasonable measures to protect Personal Data in Third Countries. Our contractors, who process personal data in Third Countries, are contractually obliged to obey the same data protection level as in the European Union.
- Given the above said, the Clients hereby explicitly confirm their awareness of the named possibility to transfer Personal Data to Third Countries and the possible risks of such transfers. The Clients hereby explicitly confirm that they have also obtained the explicit consent from all Data Subjects, inter alia their clients, who are recipients of the Services, and their own representatives, as required by legislation to transfer their Personal Data to Third Countries.
- Some of the Third Party providers of RealVisits are also located in the United States of America. Some of them, but not all are certified by the EU-US Privacy Shield Program agreed to by the U.S. Department of Commerce and the European Union with respect to Personal Data. For additional information regarding the EU-US Privacy Shield Program, see the U.S. Dept. of Commerce website at www.privacyshield.gov. Transfer of Personal Data by RealVisits to those service providers, who are not certified by the EU-US Privacy Shield, is subject to the explicit consent for transfer of Personal Data to the Third Countries, as stated above.
- RealVisits shall apply appropriate safeguards when transferring Personal Data to the Third Countries.
Safety Measures for Protection of Personal Data
- RealVisits takes the appropriate legal, organizational and technical measures to protect Personal Data consistent with applicable privacy and data security laws. Security measures shall be applied to protect Personal Data from involuntary or unauthorized processing, disclosure or destruction.
- RealVisits stores all Personal Data on secured servers. The security measures include:
- Access to the servers is protected with individual accounts, usernames and passwords for each authorized person (employees/subcontractors);
- RealVisits is keeping track and a log of all activities on the servers;
- RealVisits can immediately close access to the servers to any authorized persons;
- Access to the servers is restricted in terms of (a) persons, who have access to it, (b) information, to which authorized persons have access according to the essence of their working duties, (c) actions that authorized persons can perform with Personal Data stored on the servers;
- RealVisits keeps reviewing, who of the authorized persons are actually required to have access to Personal Data and, if access is not required, will withdraw the right of access.
- Access for the Clients to the personal cabinets on the Website is protected with individual usernames and passwords. The Clients are responsible for keeping passwords confidential. The Clients are obliged not to share passwords with anyone. In case of suspicion of unauthorized access to personal cabinets of the Clients and/or Personal Data, the Clients are obliged to immediately inform RealVisits thereof.
- RealVisits shall ensure that all its employees, contractors, agents, suppliers and consultants, who have access to the Personal Data are fully aware of and abide by their legal duties and responsibilities.
- Employees and other contractors of RealVisits are obliged by binding agreements not to disclose or make available for use to anyone other than RealVisits during their agreement with RealVisits and eternally after its termination any Personal Data that they may have access to during their agreements with RealVisits .
- RealVisits has door locks and/or door access cards in offices from where Personal Data can be accessed.
- RealVisits shall preserve the Personal Data as long as it is required for the use of the Website, Software and Services by the Clients, but no longer then applicable law permits preservation.
- RealVisits shall delete the Personal Data submitted by the Clients according to the following principles:
- Personal contact data provided by the Clients and messages of the Clients shall be preserved for 60+60 days after the Client has filed a claim to delete such data;
- Initial data files submitted by the Clients shall be deleted after 60 days since data is imported to the system of RealVisits ;
- Attachments that the Clients submit to be sent together with SMSs shall be preserved for a maximum of 60 days and then shall be deleted. As attachments the Clients may not upload any Personal Data;
- Log files with the activities of the Clients on the Website shall be preserved for a maximum of 1 month and audit log files shall be preserved for 2 years;
- In case of closing an account, the Clients must accept the deletion of contacts and messages.
- Contacts will be deleted after 60 days and messages after 60+60 days since the Client has given acceptance for closing an account or RealVisits has decided to close the Client’s account.
- The Clients shall have an opportunity to renew their accounts at any time (except deleted contacts and messages).
- The Clients confirm that they agree with the provided above retention periods and guarantee to inform and obtain necessary approvals from their clients and representatives for application of such retention periods.
- Should the Clients have any questions regarding this Policy or the processing of Personal Data, they are welcome to contact RealVisits with all such requests, inquiries or any complaints via e-mail: firstname.lastname@example.org.
Published: September 2018