MiGuide PRIVACY POLICY

Effective January 20, 2020

Introduction

MiGuide respects your privacy and is therefore committed to protecting your personal information. In order to ensure lawful processing and confidentiality of the personal data of our website visitors, we conduct our activities in strict compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of this data (GDPR).

The information on personal data collection and processing provided in this Privacy Policy explains how we protect your personal data collected via this Website www.miguide.io. Please note that any other websites that may be linked to this Website, are not governed by this Privacy Policy. We encourage the visitors of our Website to review each of these other websites’ privacy statements.

By accessing or using any of the functionalities provided to you by our Website you consent to this Privacy Policy.

MiGuide reserves the right to amend this Privacy Policy from time to time and you are encouraged to review it on a regular basis to stay informed on how we are protecting your information. When we make changes to this Privacy Policy, we will amend the revision date at the top of this page, and such modified or amended Privacy Policy shall be effective as to you and your information as of that revision date. If you continue to use our Website after those changes are in effect, you agree to the revised Policy.

The last update of the Privacy Policy is indicated at the top of this document.

Definitions

These definitions should help you understand this Privacy Policy.

When we say “MiGuide”, “we” “us” or “our”, we are referring to MiGuide Ltd., UIC: 206384727, 9 Kiril Shivarov Str., 9000 Varna, Bulgaria. “This Website” or “our Website” means: www.miguide.io

“Our Services” mean interactive multimedia guide software services which we provide to museums and their visitors. Part of our Services is “the MiGuide Management System” accessible only to authorised users.

“Users” are appointed museum staff members who are authorized by us to access the MiGuide Management System through the “Admin Login” functionality on our Website. When we say “You” or “Visitor” we are referring either to a natural person who visits our Website or a person who is reaching to us directly by email or through using our Website “Contact us” form.

“Personal data” means any information relating to identified or an identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as name, location data, online identifier, email address, occupation or other factors, specific to the physical, economic, social or other identity of that natural person.

“Processing” means any operation or set of operations performed on personal data or on sets of personal data, such as, but not limited to, collection, recording, organization, structuring, storage or use.

What personal data we process

1. Data you voluntarily provide to us

A) As a Visitor of our Website, you do not have to submit any personal data, which personally identifies you, in order to access and view our Website.
However, personal data, that is specifically and voluntarily provided by you may be collected when you choose to communicate with us, for example, through our “Contact us” form, integrated on our Website or simply by sending us an email. In this case, you are voluntarily giving us personal information that we collect. That information may include:

  • your name;
  • location;
  • physical address;
  • name of the institution you work for;
  • job position;
  • email address;
  • IP address;
  • other demographic or social information you voluntarily provide us.

By giving us this information, you consent to this information being collected and used, as described in this Privacy Policy.

B) As a User of the MiGuide Management System, in order to be registered and provided with access to it, you will be asked to submit the following personal data:

  • Name;
  • E-mail;
  • Telephone;
  • Country
  • City
  • Post code

2. Log information, cookies and web beacons.

This Website collects standard internet log information, including your IP address, browser type and language, access times and referring website addresses. To ensure that this Website is well managed and to facilitate improved navigation, we or our service providers may also use cookies (small text files stored in a user’s browser) or Web beacons (electronic images that allow this Website to count visitors who have accessed a particular page and to access certain cookies) to collect aggregate data. We do not collect or store any individual (non-aggregated) cookies. We only have an access to aggregate data on cookies for functional purposes. Additional information on how we use cookies and other tracking technologies and how you can control these can be found in our Cookie Policy.

3. Children privacy protection

We understand the importance of protecting children's privacy in the interactive online world. Although our Services may be accessible to and appropriate for use by children under the age of 16 in their capacity as visitors of museums, where MiGuide is offered as interactive multimedia guide, we do not collect and process through our software any children’s personal data. Our Website is not designed for or intentionally targeted at children 16 years of age or younger. It is not our policy to intentionally collect or maintain information about anyone under the age of 16. We, therefore, do not knowingly or intentionally process personal data of children under the age minimum. If we, for any reason, have received or collected personal data of a child, we will promptly delete any personal data belonging to such person and will take further steps to restrict that individual from future access to our Website, unless we are legally obligated to retain such data. Please, contact us right away, if you believe that we have mistakenly or unintentionally collected information from a child.

4. Sensitive personal data protection

No special categories of personal data (sensitive personal data) are collected and processed through our Website or Services.

5. Social media

This Website may host social media applications or services that allow you to share content with other people (collectively “Social Media Applications”). Any personal data or other information that you contribute to any Social Media Application can be read, collected, and used by other users of that Social Media Application over whom we have little or no control. Therefore, we are not responsible for any other Social media user’s use, misuse, or misappropriation of any personal data or other information that you contribute to any Social Media Application.

For what purposes we process your personal data

1. To send you informational or promotional content
If the institution you represent might benefit from using the Services we offer, we may send you an informational email about that. In addition, we may use publically available information we collect in order to advertise our services to you or suggest additional features of our services that you might consider using. You can stop receiving our informational and promotional emails by following the unsubscribe instructions included in every email we send.

2. To communicate with our Users about their account and provide customer support.
As a User of the MiGuide Management System we will need to create your account first and will later on provide you with customer support once you experience any difficulty or might have a question regarding the system and its functionality.

3. To send you system alert messages.
As a User of the MiGuide Management System, for example, we may need to inform you of temporary or permanent changes to our Services, such as planned system maintenance, new features, version updates, releases, changes to our terms and policies, etc.

4. To bill and collect money owed to us by our partners.
This includes sending emails, invoices, receipts and alerts to appointed by our partners representatives for delayed or missed payments.

5. To protect the rights and safety of our Website visitors,
our users and third parties, as well as our own.

6. To meet legal requirements
This might include complying with court orders, valid subpoenas and other legal mechanisms.

7. To provide information to representatives and advisors
This includes, for example, attorneys and accountants who help us to comply with legal, accounting, or security requirements.

8. To prosecute and defend a court, arbitration, or similar legal proceeding.

9. To respond to lawful requests by public authorities
including to meet national security or law enforcement requirements.

10. To notify you of a business transfer
In the case of a sale, merger, consolidation, liquidation, reorganization, or acquisition, any acquirer will be subject to our obligations under this Privacy Policy, including your rights to access and choice. We will notify you of the change by posting a notice on our Website.

11. To compile aggregated statistics about the Website usage
and to better understand the preferences of our Visitors.

12. To customize content and layout of the Website

Data disclosure to third parties

We do not transfer, sell, trade, rent or give access of third parties to any personal data of our Website visitors and users. Under certain conditions, however, we may have to disclose personal data which we process to third parties:

1. When using Service Providers
We may use third-party service providers to help us operate our business, the Website and the Services we offer (such as analyzing data, hosting data, legal, accounting, postal services, etc.) or administer activities on our behalf (such as sending out newsletters, collecting website analytics, processing payments, legal representation, etc.). All such third parties function pursuant to contracts with us which require them to provide a comparable level of privacy protection as is required by this Privacy Policy.

2. In case of a Business Transfer
If we are involved in a merger, acquisition or sale of all or a portion of our assets, the personal data we collected may be transferred as part of that transaction, as permitted by law to the potential buyer (and its agents and advisors).

3. Legal disclosure
We may have to disclose your personal data to public authorities, regulatory bodies, government agency, court or other third party where we believe disclosure is in response to a lawful request made by such authorities and is necessary to exercise, establish or defend our legal rights or to protect your vital interests or those of any other person.

Legal basis for the processing of personal data

If you are from the European Union or the European Economic Area, our legal basis for processing the Personal Information described above will depend on the type of Personal Information concerned and the specific context in which we collected it.

However, we will normally collect and use Personal Information from you where the processing is in our legitimate interests and not overridden by your data-protection interests or fundamental rights and freedoms. Typically, our legitimate interests include improving, maintaining, providing, and enhancing our technology, services and ensuring the security of the Services and our Website; and for our marketing activities.

If you are a User, we may need the Personal Information to perform a contract with the institution you represent. In some limited cases, we may also have a legal obligation to collect Personal Information from you. If we ask you to provide Personal Information to comply with a legal requirement or to perform a contact with you, we will make this clear at the relevant time and advise you whether the provision of your Personal Information is mandatory or not, as well as of the possible consequences if you do not provide your Personal Information.

Where required by law, we will collect Personal Information only where we have your consent to do so.

Our Security

We take appropriate and reasonable technical and organizational measures to protect personal data from loss, misuse, unauthorized access, disclosure, alteration, and destruction, taking into account the risks involved in the processing and the nature of the personal data. If you have any questions about the security of your data, you can contact us at: info@miguide.io.

The Miguide Management System accounts require Users to have a username and password to log in. All Users must keep their username and password secure, and never disclose it to a third party.

Security Breach Notification

In case of an unauthorized security intrusion that affects your personal data We will notify you as soon as possible and will, within reasonable time, report the action we took in response.

Your Privacy Rights

We provide all Visitors and Users of our Website with the opportunity to request access, rectification, restriction, opposition, erasure and data portability of any personal information that has previously been provided to us in connection with the use of our Website, as required by law.

You can send us an email to info@miguide.io.

We may request specific additional information from you to confirm your identity and will respond to your request within reasonable time.

Visitors of Our Website may at any time withdraw their previously given consent to receive newsletters or other notification emails from us by clicking "Unsubscribe" in any e-mail communications we send to them.

Data retention periods

We retain Personal Information where we have an ongoing legitimate business or legal need to do so. Our retention periods will vary depending on the type of data involved, but, generally, we'll refer to these criteria in order to determine retention period:

1. Whether we have a legal or contractual need to retain the data.

2. Whether the data is necessary to provide our Services.

3. Whether our Users would reasonably expect that we would retain the data until they remove it or until their accounts are terminated.

When we have no ongoing legitimate business need to process your personal data, we will either delete it or anonymize it or, if this is not possible (for example, because your Personal Information has been stored in backup archives), then we will securely store your Personal Information and isolate it from any further processing until deletion is possible.

Contacts

If you have any questions or concerns regarding this Privacy Policy, the processing of your personal data while using this Website or the rights you have as a data subject, please direct them to info@miguide.io.

You may also contact us by postal mail at:

MiGuide Ltd.
9 Kiril Shivarov Str.
9000 Varna, Bulgaria

If contacting us does not resolve your complaint or you feel you haven’t received a timely or satisfactory response from us to your question or complaint, please contact the respective applicable independent recourse:

EU Data Protection Authorities (DPAs)

Swiss Federal Data Protection and Information Commissioner (FDPIC)