Privacy Policy
Privacy policy according to GDPR
Welcome to Jo & Fred's privacy policy. Jo & Fred respects your privacy and is committed to protecting your personal data. This GDPR Privacy Notice tells you how we protect your personal data when you visit our website (regardless of where you do so from) and explains your privacy rights and legal protections.
1. Important information and who we are
Purpose of this GDPR privacy policy
This GDPR privacy notice is designed to inform you about how Jo & Fred collects and processes your personal data when you use this website, including any information you provide when purchasing a product or service. This website is not intended for unsupervised children, and we do not knowingly collect data from children. It is essential that you read this GDPR Privacy Notice alongside any other privacy notice or fair processing policy we may provide on specific occasions when we collect or process personal data about you. This GDPR Privacy Notice complements other notices and privacy policies and does not supersede them.
Controller
Jo & Fred is the controller of your personal data (collectively referred to as "Jo & Fred", "we", "us" or "our" in this GDPR Privacy Notice). If you have any questions about this GDPR Privacy Notice, including any requests to exercise your legal rights, please contact us using the contact details set out below.
Contact details
If you have any questions about this GDPR Privacy Notice or our privacy practices, please contact us:
Full name of the legal entity: Jo & Fred Web Design L.L.C
Email address: hi@jo-and-fred.com
Postal address: Dubai, P.O. Box 448950
Changes to the GDPR Privacy Notice and your obligation to notify us of changes
We consistently review our GDPR privacy policy. Ensuring the accuracy and currency of the personal data we maintain about you is crucial. Kindly notify us of any changes to your personal data during your association with us.
Links to third-party providers
This website might include links to third-party websites, plugins, and applications. Clicking on these links or enabling these connections may allow third parties to collect or share data about you. We do not oversee these third-party websites and are not accountable for their privacy statements. Upon leaving our website, we advise you to review the privacy policy and other policies of each website you visit.
2. The data we collect about you
Personal data or personal information refers to information about an individual through which that person can be identified. This does not encompass anonymous data where the identity has been stripped away. We may gather, utilize, store, and transfer various types of personal data about you, categorized as follows:
Identity data includes first name, last name, user name or similar identifier, title.
Contact Data includes billing address, delivery address, email address and telephone numbers.
Financial Data includes bank account details and payment information.
Transaction Data includes details about payments to and from you and other details of services you have purchased from us.
Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
Usage Data includes information about how you use our website and services.
Marketing and Communications Data includes your preferences in receiving marketing from us and our third party providers and your communication preferences.
We also gather, utilize, and distribute Aggregated Data, such as statistical or demographic information, for various purposes. Aggregated Data may originate from your personal data but does not legally identify you directly or indirectly. For instance, we might aggregate your Usage Data to determine the percentage of users accessing a specific website feature. However, if we combine Aggregated Data with your personal data in a way that could identify you directly or indirectly, we treat this combined data as personal data and manage it according to this privacy notice under the GDPR. We do not gather any Special Categories of Personal Data about you (including details about your race or ethnic origin, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, genetic and biometric data). Additionally, we do not collect information concerning criminal convictions and offenses.
If you do not provide personal data
If we are required by law or under a contract with you to collect personal data, and you do not provide the requested data, we may be unable to fulfill the contract we have with you or are attempting to enter into (for instance, to provide goods or services). Should this occur, we may need to cancel a service you have requested, but we will inform you accordingly at that time.
3. How is your personal data collected?
We use various methods to collect data from and about you, including through:
Direct interactions. You may provide us with your Identity, Contact and Financial Data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:
Order services;
request marketing;
provide or contact us with feedback.
Automated technologies and interactions: When you engage with our website, we automatically gather Technical Data regarding your device, browsing activities, and behavior patterns. This personal data is collected using cookies and similar technologies. For further information, please refer to our Cookie Policy.
Third parties or publicly available sources. We will receive personal data about you from various third parties as set out below:
Contact, Financial and Transaction Data from providers of technical, payment and delivery services.
Identity and Contact Data from data brokers or aggregators.
Identity and Contact Data from publicly available sources.
4. How we use your personal data
We will utilize your personal information solely in accordance with legal permissions. Typically, your personal data will be processed under the following circumstances:
Where we need to perform the contract we are about to enter into or have entered into with you.
Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
Where we need to comply with a legal obligation.
Typically, we do not depend on consent as the primary legal justification for handling your personal information. However, we will seek your approval before forwarding promotional messages from third parties via email or SMS. You retain the option to revoke your consent for marketing activities whenever you choose by reaching out to us.
To contact us as a new user
Stored contents:
a. Identity
b. Contact
Basis:
Performance of a contract with you
To manage our relationship with you which will include: Notifying you about changes to our terms or GDPR Privacy policy and Asking you to leave a review or take a survey
Stored contents:
a. Identity
b. Contact
c. Marketing and Communications
Basis:
a. Performance of a contract with you
b. Necessary to comply with a legal obligation
c. Necessary for our legitimate interests (to keep our records updated and to study how users use our Services)
To administer and protect our business and this Website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)
Stored contents:
a. Identity
b. Contact
c. Technical
Basis:
a. Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise)
b. Necessary to comply with a legal obligation
To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you
Stored contents:
a. Identity
b. Contact
c. Usage
d. Marketing and Communications
e. Technical
Basis:
Necessary for our legitimate interests (to study how users use our Services, to develop them, to grow our business and to inform our marketing strategy)
To use data analytics to improve our Website, Services, marketing, user relationships and experiences
Stored contents:
a. Technical
b. Usage
Basis:
Necessary for our legitimate interests (to define types of users for our Services, to keep our /website updated and relevant, to develop our business and to inform our marketing strategy)
To make suggestions and recommendations to you about Services that may be of interest to you
Stored contents:
a. Identity
b. Contact
c. Technical
d. Usage
e. Marketing and Communications
Basis:
Necessary for our legitimate interests (to develop our Services and grow our business)
Marketing
We aim to offer you options regarding the utilization of specific personal data, especially concerning marketing and advertising.
Promotional offers from us
We may analyze your Identity, Contact, Technical, Usage, and Profile Data to determine your potential interests. This helps us identify relevant services for you (known as marketing). If you have requested information from us or purchased services through our website and have not opted out of receiving marketing communications, you will receive them from us.
Marketing by third parties
We will get your express opt-in consent before we share your personal data with third parties for marketing purposes.
Opting out
You can inform us or third parties at any time if you no longer wish to receive marketing communications by contacting us. Opting out of these marketing messages does not affect personal data provided to us in connection with a product purchase, warranty registration, product/service experience, or other transactions.
Cookies
You have the option to configure your browser to reject some or all browser cookies or to receive notifications when websites set or access cookies. However, if you disable or refuse cookies, please be aware that certain parts of this website may become inaccessible or may not function properly. For detailed information about the cookies we utilize, please refer to our Cookie Policy.
Change of purpose
We will strictly use your personal data only for the purposes for which it was collected, unless we reasonably believe that another purpose is compatible with the original one. If you would like an explanation of how the processing for the new purpose is compatible with the original purpose, please reach out to us. If we need to use your personal data for an unrelated purpose, we will notify you and explain the legal basis that allows us to do so. Please be aware that we may process your personal data without your knowledge or consent in accordance with these rules when required or permitted by law.
5. Disclosure of your personal data
We may share your personal data with the parties listed below for the purposes outlined in the table above. We mandate that all third parties uphold the security and lawful treatment of your personal data. We do not permit our third-party service providers to utilize your personal data for their own purposes; they are only authorized to process your personal data for specified purposes and in accordance with our instructions.
6. International transfers
We will only transfer your personal data outside the European Economic Area (EEA) to third parties in compliance with the provisions of this Privacy Policy under the GDPR. Such transfers are solely for purposes including shipping, logistics, web development, and other services requested by you.
7. Data security
We have implemented suitable security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized manner, altered, or disclosed. Additionally, we limit access to your personal data to employees, agents, contractors, and other third parties who have a legitimate business need to access this information. They will process your personal data solely according to our instructions and are bound by confidentiality obligations.
Furthermore, we have established procedures to address any suspected personal data breaches. If legally mandated, we will notify you and relevant regulators of any breaches.
8. Data storage
How long do we use your personal data for?
We will retain your personal data only for as long as necessary to fulfill the purposes for which we collected it, including meeting legal, regulatory, tax, accounting, or reporting requirements. If there is a possibility of a complaint or litigation related to our relationship with you, we may retain your personal data for a longer period.
To determine the appropriate retention period for personal data, we take into account factors such as the amount, nature, and sensitivity of the personal data, the potential risk of unauthorized use or disclosure of your personal data, the purposes for which we process your personal data, whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting, or other requirements. By law, basic information about our customers (including Contact, Identity, Financial, and Transaction Data) must be kept for six years after the end of the customer relationship for tax purposes.
In some circumstances, you can request the deletion of your data (see "Your legal rights" below for more information). We may also anonymize your personal data for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
What we may need from you
We may require certain information from you to verify your identity and ensure that you have the authority to access your personal data (or to exercise any other rights). This is a security measure aimed at preventing the disclosure of personal data to individuals who are not entitled to receive it. Additionally, we may reach out to you to request further details related to your request in order to expedite our response.
Response time
We aim to address all legitimate requests within one month. However, if your request is particularly complex or if there are multiple requests, it may occasionally take longer than a month. If this is the case, we will notify you and keep you informed of the progress.
9. Glossary
Legal basis
Legitimate Interest refers to our business's interest in operating and managing our business to provide you with the best service and a secure experience. We ensure that we carefully consider any potential impact on you (both positive and negative) and your rights before processing your personal data for our legitimate interests. We will not use your personal data for activities where our interests are overridden by the impact on you, unless we have obtained your consent or are otherwise required or permitted by law to do so. For more details on how we balance our legitimate interests with any potential impact on you regarding specific activities, please contact us.
Performance of a contract involves processing your data when it is necessary to fulfill a contract to which you are a party or to take steps at your request before entering into a contract.
Compliance with a legal obligation means processing your personal data when it is necessary to comply with a legal obligation to which we are subject.
Your legal rights
You have the right to
Request access to your personal data (commonly known as the 'data subject's right of access'). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
Request rectification of the personal data we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we will need to verify the accuracy of the new data you provide to us.
Request erasure of your personal data. This allows you to request the deletion or removal of personal data where there is no compelling reason for us to continue processing it. You also have the right to request the deletion or removal of your personal data where you have exercised your right to object to processing successfully (see below), where we may have processed your information unlawfully, or where we are obligated to erase your personal data to comply with a legal obligation. Please note that we may not always be able to comply with your request for erasure due to specific legal reasons, which will be communicated to you, if applicable, at the time of your request.
Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object to the processing of your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
Request the restriction of the processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios:
If you want us to check the accuracy of the data.
If our use of the data is unlawful but you do not want us to delete it.
If you want us to keep the data even if we no longer need it because you need it to establish, exercise or defend legal claims.
If you have objected to the use of your data but we need to verify whether we have overriding legitimate grounds to use it.
Request the transfer of your personal data to you or a third party. We will furnish you, or a third party of your choosing, with your personal data in a structured, commonly used, machine-readable format. Please note that this right applies only to automated information that you initially consented to us using or where we used the information to fulfill a contract with you.
Withdraw your consent at any time where we are relying on consent to process your personal information. However, withdrawing your consent will not affect the legality of any processing conducted before your consent was withdrawn. If you do withdraw your consent, we may no longer be able to provide you with certain products or services. We will inform you if this situation arises at the time of withdrawal.
