Privacy

Users navigate the Website anonymously, without revealing the identity or contact data. However, when browsing on the Website, the Website does collect particular technical and usage data:
- Users’ IP addresses.
- Time and date of each site visit.
- The first page Users have accessed each time they visited the Website.
- Users’ navigation on the Website.
- The browser and device type and version.

To collect this type of personal data, the Website uses Cookies, a small piece of text sent to Users’ browsers each time Users visit the Website. The cookie file is stored in the User’s browser, allowing the Website to recognize the User next time the User visits the Website, and to adjust the content according to the User’s interest, improving user experience and ensuring User satisfaction. More information about the Cookies and Cookies usage can be found on the page Cookies Policy.

To contact the Company, Users must send an email to hello@growwwkit.com.

The collected personal data Users provide when contacting the Company is stored in the Company email until the Users’ inquiries, suggestions, requests, or complaints are considered as answered or solved.

Personal data is stored as long as it is needed to fulfill the purpose of such data collection, and as long as it is permitted by applicable law.

The Plugin allows the Users to share Products on social networks, such as Facebook, Instagram, Twitter, Pinterest, and even Google. If the User decides to use the plugin, by clicking on the icon, the corresponding social network, will share the content to the chosen social network. For more information on how the plugin and social networks use personal data, Users are advised to read the privacy statements of the plugin and the networks. If the User does not want for their data to be collected using the plugin or by these social networks, the Users should not use the option to share Products on social networks.

When Users decide to purchase Products, they are required to register on the Website, providing first and last names, their email addresses. They are also required to select a payment method (using PayPal or credit/debit card), followed by the billing data, the Website needs to process so the Users can buy the products.

Payment and billing data will be sent to the external payment service provider the User has chosen, which is in charge of processing the payment. When Users decide to purchase the Products using PayPal, they are required to log into their accounts. The Company is not allowed to collect any personal data from the Users that are provided in the PayPal accounts, such as telephone number, information about State, Province, ZIP/Postal code and City Users live in. Accordingly, the Company is not allowed to collect personal data Users provide when choosing to buy the Products using their credit/debit cards, such as credit/debit card number, expiry date, or card code.

Users can, at any given moment, request to deactivate and delete their accounts, by contacting the Company using the Contact page. Following termination of the User account, the Company may retain profile information for a reasonable time, no longer than is necessary and only in cases in which information is accurate and relevant for the Company to use it.

Payment and billing data will be sent to the external payment service provider the User has chosen, which is in charge of processing the payment.

The Company discloses Users’ personal data to third parties only if such action is necessary for the functioning of the Service and the Website. Third parties won’t process personal data for other purposes than the ones mentioned in this document. Personal data disclosure by third parties is managed by the Privacy policy guidelines and applicable law.

Personal data disclosure complies with the Company’s Terms and Conditions. Third parties that the Company shares personal data are:
- Plugin.
- Payment platforms (PayPal and banks).
- Professional advisers such as lawyers, legal and accounting consultancy services, and financial institutions.

There are some third parties that the Company is permitted or obligated by law to share personal data. These third parties include lawyers, legal and accounting services, and financial services.

The Company uses the newsletter to send information related to the Products, such as offers, promotions, discounts, and all news related to the Service itself.

Users may subscribe to Growww newsletter when registering, by checking the “Sign up for our newsletter” checkbox, or by typing in the email address on one of the pages on the Website where the “Sign up for our newsletter” modal or opt-in form is used. Users can, at any given moment, choose not to receive the newsletter emails, by clicking on the link “Unsubscribe” placed at the end of each newsletter content.

All of the previously mentioned personal data, collected through the Website, its subdomains, and sections, is processed by the authorized employees in the Company, the Data Controllers. The Company is obligated to invest and use organizational, technical resources when collecting, processing, storing, and disclosing the collected data from any type of loss, misuse, unauthorized access, disclosure or alteration.

Personal data processing is done according to the EU General Data Protection Regulation (GDPR), and in compliance with legal obligations, and for the purpose of:
- managing Terms and Conditions,
- providing and maintaining the Website,
- making improvements on the Website,
- preventing, detecting and addressing technical issues,
- providing Users with additional features on the website, especially for registered Users,
- providing Users with news, special offers, promotions, and general information about the Products and the Service.

For more information on how the data is collected, Users can send contact the company by filling in the form on the Contact page.

When making a purchase, the Users are required to choose a payment method 一 PayPal or credit/debit card. Payment platforms and banks that are involved in the transaction process collect Users’ personal data to ensure that the transaction is completed successfully.

The User has the right to receive complete and valid information about the personal data processing.

The User has the right to correct inaccurate or incomplete data that is being collected. In such case, the User is required to provide correct data by sending the documentation that confirms that the data the Company collected is inaccurate or incomplete.

The User has the right to request the processing restriction of personal data. The restriction of can be done only if the Company collects and processes the data in an unlawful manner (and the User is against the personal data erasure), and when the Company does not need the personal data for the processing, but for the defense of legal claims.

The User has the right to request the erasure of their personal data collected on the Website. After the erasure request has been received and confirmed by the Data Controller, the data will lead to User’s termination of the profile on the Website and will be erased from the back-up system the next time the back-up is performed.

The User has the right to withdraw their consent for collecting, processing, storing, and securing personal data by the Company at any given moment. To do so, the User is required to contact the Company to hello@growwwkit.com. The revocation of consent does not affect the lawfulness of processing personal data based on consent before its withdrawal.

The User has the right to object to personal data collecting and processing at any given moment. However, the Company is, in particular cases, obligated to continue to collect and process the data, to defend itself of legal claims.

The User has the right to request a copy of the personal data the Company collected in a structured, easily readable form, and legible use. The User can also request that the collected personal data should be sent to another third party.

The Company is obligated to use organization and technical resources that help create strong security controls and prevent personal data loss, misuse, unauthorized access, disclosure or alteration. The Company is required to implement and maintain reasonable security procedures and practices to protect personal data from unauthorized access, destruction, use, modification, or disclosure.

Before Users’ personal data is processed and retained in the database, the data is transferred and maintained on computers located outside of Users’ states, provinces, countries or other governmental jurisdictions, where the data protection laws may differ than those from the ones Users’ jurisdiction. All personal data is transferred to servers that are located in the United States and processed.

The Company takes precautions to protect Users’ personal data, both online and offline. The personal data that Users provide is encrypted and transmitted securely. Additionally, only employees who need the particular personal data to perform a specific job (e.g., customer service) are granted access to personally identifiable information.

If the User does not agree with the process of collecting, processing, storing and securing personal data, the User can contact the company by sending an email to hello@growwwkit.com or the Commissioner for Information of Public Importance and Personal Data Protection.