Privacy Policy

Privacy Statement – how we protect your data

General Statement

This Privacy Statement describes our collection, use, disclosure, retention, and protection of your personal information. It applies to any reflys.com site where this Privacy Statement appears in the footer, and to any reflys application, service, or tool (collectively “Services”) where this Privacy Policy Statement is referenced, regardless of how you access or use them, including through mobile devices.

By using our Services, applications, and/or registering for an account with us, you are accepting the terms of this Privacy Policy Statement and you are consenting to or acknowledging our collection, use, disclosure, retention, and protection of your personal information as described in this Privacy Policy Statement. If you do not provide the information we require, we may not be able to provide all of our Services to you.

What does this privacy statement cover?

This Privacy Policy statement is to inform you regarding the use of your personal information which is collected during your visit to one of our websites or registration to Reflys app.

This Privacy Policy statement applies to our websites and mobile applications.

Who is the data controller?

Co-controllers of your data (i.e. entities that jointly determine purposes and ways of processing data) are Reflys in Sheridan (hereunder referred to as “we”).We have appointed a data protection officer, who is a person who can provide you with detailed information about your data processing.

Contact us: support@reflys.com

Facebook permissions asked by this Application

This Application may ask for some Facebook permissions allowing it to perform actions with the User’s Facebook account and to retrieve information, including Personal Data, from it. This service allows this Application to connect with the User’s account on the Facebook social network, provided by Facebook Inc.

For more information about the following permissions, refer to the Facebook permissions documentation and the Facebook privacy policy.

The permissions asked are the following:

Basic information

By default, this includes certain User Data such as id, name, picture, gender, and locale. Certain connections of the User, such as the Friends, are also available. If the User has made more of their Data public, more information will be available.

Insights

Provides read access to the Insights data for pages, applications, and domains the user owns.

Personal information

“Personal information” is information that can be associated with a specific person and could be used to identify that specific person whether from that data or from that data and other information that we have or are likely to have access to any personal information that you volunteer to us will be treated with the highest standards of security and confidentiality.

Collection and use of personal information

We collect, process, and retain personal information from you and any devices (including mobile devices) you may use when you: use our Services, register for an account with us, provide us information on a web form, update or add information to your account, or dispute resolution, or when you otherwise correspond with us regarding our Services.

The personal information we collect includes the following:

Personal information you give us when you use our Services or register for an account with us

  • Identifying information such as email, .com account name when you register for an account with us,
  • Other content that you generate or that is connected to your account.
  • You may also provide us other information through a web form, by updating or adding information to your account, dispute resolution, or when you otherwise correspond with us regarding our Services.

Personal information we collect automatically when you use our Services or register for an account with us

  • We also collect information about your interaction with our Services, and your communications with us. This is the information we receive from the devices (including mobile devices) you use when you use our Services, register for an account with us, provide us information on a web form, update or add information to your account, participate in community discussions, chats, or dispute resolution, or when you otherwise correspond with us regarding our Services. This information comprises the following: name, address, e-mail, social media account(s) data
  • Computer and connection information such as statistics on your page views, traffic to and from the sites, referral URL, ad data, IP address, browsing history and web log information

Personal information we collect using cookies, web beacons, and similar technologies

We use cookies, unique identifiers, and similar technologies to collect information about the pages you view, all necessary information about cookies other technologies, and purposes is available at Cookie Policy.

Why are we processing your data?

Above all, we are processing your data because it is necessary to execute the binding agreement between us. We are processing your data to enable you to use services offered in the scope of the Reflys app and to contact you about the provided services.

Should the legal regulations require us to do so – we will also process your data for tax and accounting purposes.

Additionally, we are processing your data based on our legitimate interest which is the necessity to conduct analyses and statistics aimed at – on one hand – improvement of app functionalities and features and – on the other – ensuring security and efficiency of usage thereof.

We will process your data to inform you about Reflys news – we will do so based on our legitimate interest, being direct marketing.

We can also process your data to conduct proceedings related to your complaints and other claims. Such processing is based on our legitimate interest being an ability to defend ourselves against claims or to enforce our claims.

Our legitimate interest will also be the processing of your data to detect fraud and abuse conduct activities of a preventive character and ensure safety in the Service.

Should the legal regulations require us to do so – we will also process your data for tax and accounting purposes.

Data retention period

We retain your personal information as long as it is in line with applicable laws and necessary and relevant for our operations. In addition, we may retain personal information from closed accounts to comply with national laws, prevent fraud, collect any fees owed, resolve disputes, troubleshoot problems, assist with any investigation, enforce our Agreement, and take other actions permitted or required by applicable national laws. After it is no longer necessary for us to retain your personal information, we dispose of it securely according to our data retention and deletion policies.

If you discover that We hold inaccurate information about you, you can request the US to correct that information. Such a request must be in writing or via e-mail.

Your rights

About personal data processing, you can execute the following rights: access, rectify, restrict processing, and erasure of your data. You can also obtain information on the basic content of arrangements between us (co-controllers) related to the fulfillment of our obligations resulting from personal data security regulations.

Additionally, you have a right to object to the processing of your data, if we are processing them:

  • or the purpose of direct marketing or
  • based on our legitimate interest and you – as a result of your extraordinary situation – do not agree to that anymore.

You also have the right to data portability. It means that you can obtain from us your data in a structured, commonly used, and machine-readable format. You can send such data to another controller or demand that we do that for you. We will only send such data to another controller, provided that it is technically possible. To execute your rights mentioned above, please contact our data processing officer (you can find contact details above).

If we ask you to grant your consent for personal data processing, you will always be entitled to withdraw such consent (and it will be as simple as granting such consent). Withdrawal of your consent shall not affect the lawfulness of personal data processing based on the consent before such withdrawal.

You also have the right to file a claim to a supervising authority competent in the scope of personal data protection.

Disclosure

We transfer your data to other entities if it is necessary to provide the service or enable you to take part in the campaigns, required by binding provisions of law or justified by operational necessity (e.g. hosting provider). It means that we can transfer your data to:

  • our (co)workers and (co)workers of other companies from our capital group;
  • our clients,
  • courier company,
  • banks and entities providing payment services,
  • our other subcontractors provided that we entrust them the execution of activities requiring transfer of your data (such entities will act solely based on the agreement we have concluded with them)
  • relevant authorities, if it is required by binding provisions of law.

Transfer of data outside the European Economic Area (EEA)

We transfer your data only for the execution of the campaign you want or could take part in. Your data can be transferred to an Advertiser outside the EEA only if you are taking part in a campaign outside this area. Since Reflys operates all over the world, it happens sometimes that providers of daily operation services (necessary for our operational and technological activities), including for instance servers, hosting, project management platforms, software, bookkeeping platforms, etc., are located outside the EEA and they also receive (or may receive) your data, if that is necessary

All transfers outside the EEA are based on, so-called, standard contractual clauses, approved by the European Commission, which ensure appropriate security standards by binding provisions of law.

Informing Users About Your Automated Experience

When required by applicable law, automated chat experiences must disclose that a person is interacting with an automated service:
  • At the beginning of any conversation or message thread.
  • After a significant lapse of time.
  • When a chat moves from human interaction to an automated experience.
Automated chat experiences serving the following groups should pay special attention to this requirement:
  • California market or California users
  • German market or German users
Disclosures may include, but are not limited to: “I’m the [Page Name] bot,” “You are interacting with an automated experience,” “You are talking to a bot,” or “I am an automated chatbot.”
Even when not legally required, we recommend informing users when they’re interacting with an automated chat as a best practice. This helps manage user expectations about their interaction with your messaging experience.

Standard Messaging Window

The Standard Messaging Window is the 24-hour time period in which you are allowed to send a message to a person. When a person sends a message to your Page or Instagram Professional account, or starts a conversation via a web plug-in, your app has up to 24 hours to send a message. Messages sent within the 24-hour window may contain promotional content.

User Actions that Open the Standard Messaging Window:

The following user actions open the 24-hour standard messaging window:
  • A person sends a message to your Page or Instagram Professional account.
  • A person clicks a call-to-action button, like “Get Started,” within a conversation.
  • A person clicks on a Click-to-Messenger ad and then sends a message to your Page or Instagram Professional account.
  • A person sends a message to a Page via a plugin, such as the Send to Messenger or Checkbox plugin.
  • A person clicks on an m.me link that takes them to an existing conversation between the person and the Page.
  • A person clicks on an ig.me link that takes them to an existing conversation between the person and the Instagram Professional account.
  • A person reacts to a message, such as a marketing message.
  • A person comments on a post on your Page or Instagram Professional account.
  • A person publishes a visitor post on your Page.
We know people expect a prompt response, so we highly encourage you to respond as soon as possible within this 24-hour window. People have the option to block or mute a conversation at any time.

Complaints about data processed via the website

If you are concerned about how personal data are processed via this website, please do not hesitate to bring such concerns to the attention of the Company at the contact details below: support@reflys.com

Collection and use of technical information

We may automatically collect non-personal information about you such as the type of internet browsers you use or the website from which you linked to our website. You cannot be identified from this information and it is only used to assist us in providing an effective service on this website.

Security

We protect your information using technical and administrative security measures to reduce the risks of loss, misuse, unauthorized access, disclosure, and alteration. Some of the safeguards we use are firewalls and data encryption, physical access controls to our data centers, and information access authorization controls. If you believe your account has been abused, please contact us.

Changes to this policy

From time to time we may make changes to this Privacy Policy statement. If we make any substantial changes to this Privacy Policy statement and how we use your data we will post these changes on this page and will do our best to notify you of any significant changes. Please check our Privacy Policy statement regularly.

Scroll to Top