For the avoidance of doubt, personal data does not include data from which you cannot be identified (which is referred to simply as data, non-personal data, anonymous data, or de-identified data).
AdHabesha collects and processes personal data needed for the provision of products & services. We may collect and process the following data about you, depending on your relationship with AdHabesha:
- Identity Data includes first name and last name.
- Contact Data includes physical address, email address and telephone numbers.
- Financial Data includes bank account.
- Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access the Website. This data also includes information about how you use our website, products and services, and navigate through the website, and may not necessarily comprise personal data. It may for example include information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from our Website (including date and time), products you viewed or searched for’, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, any phone number used to call our customer service number, and other information. More information on this is contained in our Cookies Policy available at https://adhabesha.com/cookie-policy/.
With the exception of Technical Data and certain Transaction Data, most of the personal data collected is the information you give us by filling in forms on our Website or by corresponding with us by phone, e-mail or otherwise.
We may also collect personal data about you from information we receive from other sources. This may occur if you use any of the other websites we operate or the other services we provide. We are working closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies). We may notify you when we receive information about you from them and the purposes for which we intend to use that information.
If you fail to provide personal data: Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you, and we may not be able to provide our services. In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.When visiting our website
We may collect and process personal data about your use of our website. This data may include Technical Data as described above.
This data may be processed in order to deliver the content of our website correctly, to optimize the content of our website to ensure the long-term viability of our information technology systems and website technology, and to provide law enforcement authorities with the information necessary for criminal prosecution in case of a cyber-attack.
The legal basis for this processing is our legitimate business interests, namely monitoring and improving our website and the proper protection of our business against risks and your consent when agreeing to accept cookies.
Personal Data will be stored in accordance with the time limits of such cookies and how they are set to expire and will be deleted automatically afterwards (normally no more than one year), or de-identified for statistical purposes, and in this latter case shall be kept indefinitely.
We and other organizations may also access and use your personal data to conduct ‘know your client’ (“KYC”) checks, credit checks and checks to prevent fraud, money laundering and terrorist financing (“AML/CFT”). If false or inaccurate information is provided and fraud is identified or suspected, details may be passed to the relevant authorities including credit reference agencies and fraud prevention agencies. We will also record this. Law enforcement agencies may access and use this information. We, and other organizations that may access and use information recorded by such agencies, may do so from other countries.
Other uses of your personal data
We may process any of your personal data where it is necessary to establish, exercise, or defend legal claims. the legal basis for this processing is our legitimate interests, namely the protection and assertion of our legal rights, your legal rights and the legal rights of others.
Further, we may process your personal data where such processing is necessary in order for us to comply with a legal obligation to which we are subject
Contact data can be used for communication purposes, including but not limited to email messaging (system email, marketing email, etc.)
AdHabesha commits to taking all the necessary measures to prevent and secure the data that’s collected and treated, preventing them from being damaged, destroyed or even stolen. However, we don’t control every risk associated with internet usage, so there’re always risks associated with the usage of internet and data sharing online.
No data transmission over the Internet or website can be guaranteed to be secure from intrusion; any transmission is at your own risk. However, we maintain commercially reasonable physical, electronic and procedural safeguards to protect your personal information in accordance with data protection legislative requirements.
All information you provide to us is stored on our or our subcontractors’ secure servers and accessed and used subject to our security policies and standards. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Website, you are responsible for keeping this password confidential and for complying with any other security procedures that we notify you of. We ask you not to share a password with anyone.
Your data may be transferred to third parties for compliance with legal obligations to which the Company is subject based on its activity, or as may be required in order to provide the services that those third parties were hired for. Providers with whom AdHabesha has subscribed will need to enter into confidentiality and data processing agreements that are necessary and mandatory under any applicable privacy legislation. We may permit selected third parties such as business partners, suppliers, service providers, agents and contractors who will be subject to obligations to process such information in compliance with the same safeguards that we deploy, to use your personal information.
We may also use third party applications and software for the purposes of creation and maintenance of mailing lists, webform collection, and transmission of social media links. We are not responsible for the privacy practices and policies of such third party service providers and you are strongly encouraged to review such policies in order to ensure you agree to the processing of your personal data by third parties in the manner described therein. We will however, to such extent as reasonably possible, ensure that third parties we use keep your information secure and agree not to use it for their own direct marketing purposes.
In addition, we may transfer your personal information to a third party as part of a sale of some, or all, of our business and assets or as part of any business restructuring or reorganisation, or if we are under a duty to disclose or share your Personal Data in order to comply with any legal obligation. However, we will take steps to ensure that your privacy rights continue to be protected.
Finally, as described in the previous section, relevant authorities including credit reference agencies and fraud prevention agencies may be given access to your personal data in connection with our relevant KYC and AML/CFT obligations.
We do not use automatic decision-making or profiling when processing personal data. This means decisions are not made by robots or computers, and therefore not ‘automated’. However, certain third parties may use certain automated decision-making tools or software. We are not responsible for the privacy practices of others and will take reasonable steps to bring such automated decision-making to your attention, but you are encouraged to become familiar with the privacy practices of any third parties you enter into any agreements with.
We will retain your personal information for as long as is necessary for the processing purpose(s) for which it was collected and any other permitted linked purpose (for example certain transaction details and correspondence may be retained until the time limit for claims in respect of the transaction has expired or in order to comply with regulatory requirements regarding the retention of such data). So if information is used for two purposes we will retain it until the purpose with the latest period expires, but we will stop using it for the purpose with a shorter period one that period expires.
We restrict access to your personal information to those persons who need to use it for the relevant purpose(s). Our retention periods are based on business needs and your information that is no longer needed is either irreversibly anonymized (and the anonymized information may be retained) or securely destroyed.
Any social media channels connected to the Website and third party applications will be subject to the privacy and cookies policies and practices of the relevant platform providers which, unless otherwise indicated, are not affiliated or associated with us
If you have questions or concerns regarding this statement, you should first contact us through email. You can address your general questions and comments by e-mail to [email protected].
You have certain rights under applicable legislation, and in particular under the GDPR. We explain these below.
To exercise any of the below rights please contact us in the first instance on the above contact details.
Requests are free of charge, unless manifestly unfounded or excessive in which case we may charge a reasonable fee. Alternatively, we may refuse to comply with your request in these circumstances.
Requests will be processed within one month of receipt but this might be extended to two months in case of a complex request, where you have made a number of requests, or if the identity of the requestor cannot be verified. In such cases, we will notify you and keep you updated, and may seek additional information to allow us to understand your request.
Please note that the Company may be subject to legal and regulatory obligations which may limit or restrict the enforcement of your rights on some occasions.
We are happy to provide you with details of the personal data that we process about you. To protect our customers' personal information, we follow strict storage and disclosure procedures, which means that we will require proof of identity from you prior to disclosing such information. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.
Right to rectification You have the right to have any inaccurate personal data rectified and to have any incomplete personal information about you completed.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us. If we do hold personal data and you believe it is incorrect, you may submit a request to us to correct any alleged mistakes.
We shall communicate any rectification of personal data to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort, and shall inform you about such recipients if you request it.
Right to erasure (‘right to be forgotten’) You have the general right to request the erasure of your personal information in the following circumstances:
- the personal information is no longer necessary for the purpose for which it was collected
- you withdraw your consent to consent based processing and no other legal justification for processing applies
- you object to processing for direct marketing purposes;
- we unlawfully processed your personal information; and/or
- erasure is required to comply with a legal obligation that applies to us.
We will proceed to comply with an erasure request without delay unless continued retention is necessary for:
- Exercising the right of freedom of expression and information;
- Complying with a legal obligation under EU or other applicable law;
- The performance of a task carried out in the public interest;
- Archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes, under certain circumstances; and/or
- The establishment, exercise, or defence of legal claims.
We shall communicate any erasure of personal data to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort, and shall inform you about such recipients if you request it.