Ding Logo

DING Privacy Policy

This Policy describes the principles of processing Personal Data that is submitted to Ding or that otherwise becomes available to Ding in connection with the use by the Clients and other users of the Website, Mobile App, and Services. This Policy is an agreement between the Clients and Ding, which states how Personal Data submitted by the Clients is processed by Ding on behalf of the Clients. Please read this Policy carefully to understand the practices that Ding applies regarding Ding processing of Personal Data. This Policy constitutes an integral part of the agreement entered into between the Clients and Ding. By viewing the Website and/or using the Mobile App and Services, the Clients confirm that they have familiarized themselves with this Policy, understood it, and agree to its terms. Upon initial registration with Ding, the Clients also confirm the above-said by clicking on the “Create My Account” button, which declares the Client´s acceptance of and consent to the processing of Personal Data as described in this Policy.

Definitions

Client(s) means legal persons, who register themselves on the Website and use it and the Mobile App in accordance with the Terms and this Policy for the purpose of using the Services.

Data Subjects means all natural persons, whose personal data is submitted to Ding by the Clients natural persons directly in connection with using the Website, Mobile App, and the Services.

Policy means this privacy policy of Ding as amended from time to time.

DPA means the data processing agreement between Ding and the Client incorporated into this Policy.

Personal Data means any information relating to an identified or identifiable natural person (‘data subject’). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Processing means any operation or set of operations that is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

Transfer means (i) a transfer of Personal Data from the Client to Ding; or (ii) an onward transfer of Personal Data from Ding to any Channel owner or between two establishments of Ding.

Restricted Transfer means a transfer of Personal Data to a country, a territory or specified sector within a country that: (i) is not subject to an Adequacy Decision; or (ii) is not subject to any derogations that would permit the transfer of the Personal Data to the country, territory or sector.

Service(s) means the information services offering a capability for generating, acquiring, transforming, processing, retrieving, submitting and making available Content to recipients via third-party communications and information services. Services are rendered via a Website-based online platform or by using the Mobile App and includes the option to use AI Services to enhance the Services.

Mobile App means web-based interface, mobile app, and other downloadable and integrable Mobile App developed and maintained by Ding for the purpose of provision of the Services.

Ding means DING FYI COMMUNICATION TECHNOLOGIES INC., a corporation registered in Ontario Canada

Terms means the terms of service of Ding that establish the terms and conditions of using the Website, Mobile App, and Services by the Clients and other users.

Website means the website of Ding https://ding.fyi

Policy

1. Personal Data that Ding Processes

  • For the purpose of provision of the Website, Mobile App, and the Services, Ding processes the Personal Data that the Clients provide about themselves (i.e. First Name, Last Name, Age Range, Gender and Location) who are the recipients of the Content generated and made available by the Clients via the Services. The types of such data are not restricted and depend on the decision of the Clients on how they want to use the Services.

2. Objectives of Processing of Personal Data

Ding processes the Personal Data upon:

  • Usage of the Mobile App and Services by the Clients, include all data when submitting information to Ding;
  • Communication between Clients and/or Data Subjects and customer support of Ding in connection with the Website, Mobile App, and Services (Ding is acting as Controller).
  • Ding sends messages to the Clients by electronic means with information about improvements to the Website, Mobile App and Services, new proposals, and developments (direct marketing). Ding sends such messages to the contact details provided by representatives of the Clients at the moment of registration or updated later. The Clients confirm hereby and guarantee that contact details provided by representatives of the Clients are at all times company details of the Clients, but not personal contact details of representatives and therefore Ding can use such contact details freely to send its marketing messages without any additional obstacles. The Clients may at any time unsubscribe from the newsletters by clicking on the corresponding specific link contained in each newsletter.

3. Legal Basis for Processing Personal Data

  • Ding processes Personal Data in accordance with the laws of the location of Ding and its affiliates, where the processing of Personal Data is conducted.
  • Ding processes Personal Data submitted to it by the Clients based on the contracts with the Clients for the purpose of using the Website, Mobile App, and Services and to the extent that this data is provided by the Clients.
    • Are fully responsible for the processing of Personal Data that they submit to Ding;
    • Guarantee to Ding explicitly that the Clients in order to use the Website, Mobile App and Services have all the necessary consents and/or other legal grounds from Data Subjects for lawful processing of Personal Data in accordance with this Policy;
    • Confirm that they have obtained from the Data Subjects all the necessary consents for submitting Personal Data to Ding and processing of such data in accordance with the terms of this Policy;
    • Have a full overview of Personal Data that they submit to Ding and guarantee that all such data that they submit is necessary for use by them of the Website, Mobile App, and Services and is kept up-to-date;
    • Oblige to inform Ding immediately of the expiry of legal grounds for the processing, modification, inaccuracy, or change to the Personal Data that the Clients submit to Ding.
  • When using Services for direct marketing, the Clients are responsible for complying with all the legal requirements in connection with direct marketing and data subjects’ rights. Ding is only providing the platform for processing, generating and making available Content to recipients, but the Clients are solely responsible for their Content processed while using the Services. The Clients understand that there are different legal rules for direct marketing in different countries. When the Services are used for direct marketing, the Clients must comply with all requirements for direct marketing of the country, where the receiver of the direct marketing Content is residing.
  • Ding processes the personal data provided by the Client only to the extent necessary to provide the Services in accordance with the Terms and on documented instructions from the Client. Ding shall comply with all applicable Data Protection Laws in the processing of Client Personal Data and not process Client Personal Data other than on the relevant Client’s documented instructions. The Clients insert these instructions by using Services (e.g. inserting command to make available Content to Data Subjects) and by agreeing with the Policy and Terms. The instructions of the Clients for processing of Personal Data must always comply with the applicable Data Protection Laws and Ding reserves to itself the right to refuse to fulfill the instructions that are in the opinion of Ding unlawful. Ding shall promptly inform the Client, if in Ding’s opinion, any of the instructions regarding the processing of Client Personal Data, breach any applicable Data Protection Laws.
  • Ding shall also take steps to ensure that any person acting under the authority of Ding who has access to Client Personal Data shall only process the Client Personal Data on the documented instructions of the Client.
  • Ding shall act as data controller and itself determine the purposes of processing the Clients’ Personal Data only in the limited cases where Ding is processing Personal Data of the Client’s representatives or workers specifically for the purpose of administration and management.

4. Data Subjects’ Rights

  • Taking into account the nature of the processing, Ding shall assist the Clients with appropriate technical and organizational measures.
  • Ding shall assist the Clients in ensuring compliance with the obligations of guarantying security of the processing of Personal Data.

5. Audit Rights

  • Ding shall make available to the Clients all information necessary to demonstrate compliance with the obligations laid down in applicable local and national laws.

6. Transfer of Personal Data to Third Parties

  • In the course of providing the Services and access to the Website and Mobile App, Ding uses different third-party service providers, to whom it may also transfer Personal Data (herein: Third Parties). By virtue of this clause, the Clients are duly informed and expressly authorize, totally or partially, to use the Third-Party service providers detailed in Annex III and transfer Personal Data to them, as it may be required for the purpose of providing the Services.
  • Ding shall inform the Clients of any intended changes concerning the addition or replacement of Third-Party processors by publishing the changes on the Website to this Policy. Ding shall not appoint or disclose Personal Data to any Third-Party service provider, unless required or authorised by the Client. Ding has the right to stop providing Ding Services to the Clients, who object to the change concerning the addition or replacement of Third-Party processors.
  • Ding has entered into individual service provision contracts with some of the Third-Party service providers. With others, the relationships are based on the general terms of service of these service providers. Prior to entering into relationships with Third-Party service providers, Ding makes its best efforts to guarantee that the terms of processing of Personal Data of the Third-Party service providers are in accordance with the principles of this Policy and applicable Data Protection Laws and, if applicable, the EU Standard Contractual Clauses. For this purpose, Ding shall carefully review the terms of processing of Personal Data by the Third-Party service providers. Furthermore, Ding carefully screens the ongoing relationships with Third-Party service providers and in case of their non-compliance shall immediately terminate relationships with them.
  • Additionally, Ding may disclose/transfer Personal Data to Third Parties:
    • Under applicable law, including laws outside the locations of Ding, its affiliates or Data Subjects;
    • To comply with legal processes;
    • To respond to requests from the public and government authorities including public and government authorities outside the locations of Ding and its affiliates;
    • To enforce this Policy or Terms, to protect operations, the rights, privacy, safety, or property of Ding, and/or to pursue available remedies or limit the damages.
  • Ding makes its best efforts to limit the amount of Personal Data that it transfers for processing to Third Parties as it is necessary for the provision of specific Services or to pursue specific goals.
  • The Website and Mobile App may contain links that redirect to other websites. This Policy does not apply to such third-party websites, which Ding does not operate, and Ding does not accept any responsibility or liability for these policies. Ding advises reviewing the privacy policies of those third parties.
  • The Services include the option for the Clients to enhance the Services by using AI Services, which facilitate customer support conversations through the Ding Website and Mobile App, thus aiding the Clients in increasing the efficiency of their customer support agents.

7. Transfer of Personal Data to Third Countries

  • In connection with providing the Services, as well as some specific development works, troubleshooting of service issues, data storage or other necessary services, Ding may transfer Client Personal Data to Third-Party sub-processors, some of which may not be working or operating in the European Economic Area (hereinafter: Third Countries).
  • Data protection levels in Third Countries might differ from the corresponding level of Canada, and some Third Countries might have a lower level of data protection.
  • Ding shall apply appropriate safeguards when transferring Personal Data to Third Countries. In particular, Ding shall only transfer Personal Data to Third Countries if:
    • the Third-Party sub-processor located in a Third Country is or agrees to be bound by the terms of this agreement.
    • the transfer of Personal Data is necessary for the establishment, exercise or defence of legal claims in the context of specific administrative, regulatory or judicial proceedings; or
    • the transfer of Personal Data is necessary in order to protect the vital interests of the Data Subject or of another natural person.
  • The Client acknowledges that Restricted Transfers of Personal Data may be undertaken in connection with the Services from Ding (as data exporter) to Third-Party sub-processors (as data importers).
  • Ding shall not carry out a Restricted Transfer (as data exporter) to a Third-Party sub-processor unless it obtains prior authorization from the Client for such transfer. The Client hereby provides prior authorisation for Ding to carry out the Restricted Transfers to its Third-Party sub-processors as set out in Annex III to this Policy.
  • In addition to the above, when transferring the Personal Data to the Third Countries, the measures detailed in Annex II shall be applied.

8. Safety Measures for Protection of Personal Data

  • Ding shall implement appropriate technical and organisational measures to protect Personal Data, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of Processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons. This includes (but is not limited to) the following measures:
    • the pseudonymisation and encryption of Personal Data;
    • the ability to ensure the on-going confidentiality, integrity, availability and resilience of processing systems and services;
    • the ability to restore the availability and access to Personal Data in a timely manner in the event of a physical or technical incident;
    • a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing of Personal Data. In assessing the appropriate level of security, account shall be taken in particular of the risks that are presented by the processing of Personal Data, in particular from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to Personal Data processed.
  • Ding shall ensure that all employees, agents, officers and contractors involved in the handling of Personal Data:
    • are aware of the confidential nature of the Personal Data and
    • are contractually bound to keep the Personal Data confidential.

9. Personal Data Breach

  • Ding shall notify the Client without undue delay upon becoming aware of a Personal Data breach affecting Personal Data of the Client, providing the Client with sufficient information to allow the Client to meet any obligations to report or inform Data Subjects of the Personal Data breach under applicable Data Protection Laws.
  • Ding shall co-operate with the Client and take reasonable commercial steps as are directed by the Client to assist in the investigation, mitigation and remediation of each such Personal Data breach.

10. Retention Periods

  • Ding shall preserve Personal Data as long as it is required for the use of the Website, Mobile App and Services by the Clients, but no longer than applicable law permits preservation.
  • The Clients confirm that they agree with the provided retention periods and guarantee to inform and obtain necessary approvals from their clients and representatives for application of such retention periods.

11. Contact Information

  • Should the Clients have any questions regarding this Policy or the processing of Personal Data, they are welcome to contact Ding with all such requests, inquiries or any complaints via e-mail: support@Ding.fyi