In force as of: June 28, 2022 (the “Effective Date”)
Clancy International Inc., its affiliates and subsidiaries (“Clancy”, “we”, “us”, “our”) provides, through its website https://beta.euroreels.clancyworld.com/ (the “Platform”), users of the Platform (“Users”, “User”, “you” or “your”) with the opportunity to purchase, sell, collect, display and play with blockchain distributed ledger technology (“DLT”) digital collectible video play cards (“Collectible Video Cards”)).
Clancy understands that protecting the privacy and confidentiality of information is important to its Users, and is committed to protecting and respecting such information.
This Policy, applies to our Platform and any other online service where this Policy is posted (collectively the “Services”). The Privacy should be reviewed every time you access the Services, and can be updated from time to time, updated terms will be posted here. By using the Platform or Services, you acknowledge that you have read, and agree to this Policy.
Our Policy ensures compliance with processing principles established by: (i) Regulation (EU 679/2016) the General Data Protection Regulation (“GDPR”); (ii) California Consumer Privacy Act (“CCPA”); (iii) EU ePrivacy Directive; (iv) the Personal Information Protection and Electronic Documents Act (“PIPEDA”).
PART 1: USER INFORMATION:
Clancy collects data, including personal information and other information from and about you, in order to provide the Services and operate the Platform effectively, and to enhance your experience on the Platform. Personal information is data that identifies an individual either directly or indirectly. You have choices about the data we collect.
This Part 1 explains what type of User data is collected, how it is used by Clancy and its Customers.
The data we can collect can include the following:
We collect data from you in the following ways:
Clancy collects data from and about you in order to operate the Platform and provide the Services, properly implement contractual arrangements between us, serve your needs, manage our content and advertising, operate efficiently and improve our Services and Platform.
We collect information, and such information can alone or combined with other information collected, be used to:
As noted above, Clancy uses third parties as processors of data. Additionally, we share User data with your consent, or as necessary to make the Platform available to you.
We also share your data:
We may use and share aggregated non-personal information with third parties for marketing, advertising and analytics purposes. We do not sell or trade your personal information to third parties.
We will use a variety of technical and organizational measures to safeguard your personal information and to minimize the likelihood of data breaches, whether pre-emptive or not. Data breaches and protection of data itself comes under the wider umbrella of the data lifecycle.
Secure auditory practices are carried out to ensure standardized operations and encryption practices. New techniques are continually implemented in order to keep our data security ahead of the curve.
Compliance of some of our Services with the Payment Card Industry Data Security Standard (PCI DSS) is in itself an evidence that we are doing our very best to keep our customers’ valuable information safe & secure and out of the hands of people who may fraudulently use that data. PCI DSS ensures technical and operational strengths to raise the bar on our security.
Our systems are on Amazon Web Services (AWS) behind significant levels of firewalls and we run ongoing penetration testing. User profile data is stored in the AWS Cognito platform where it is encrypted both at rest and in transit in accordance with industry standards. Data resilience and security is ensured via the Cognita AWS cloud platform.
The storage location(s) are chosen in order to operate efficiently, to improve performance, and to create redundancies in order to protect the data in the event of an outage or other problem. We take steps to ensure that the data we collect is processed according to the provisions of this Policy and the requirements of applicable law wherever the data is located.
This family of standards help us manage the Data and keep it secure.
We encrypt critical data such as card and personal data in our vault. We have implemented processes to help ensure availability, business continuity and prompt disaster recovery. We are committed to maintaining strong physical and logical access controls and conduct pre-emptive penetration testing.
As the Platform is part of a global network, we may transfer and process information that we collect about you including personal information and may be stored and processed in the United States, Canada or in any other country where Clancy or its affiliates, subsidiaries or service providers maintain facilities, and we may use cloud services whose servers may be anywhere in the world.
Please note that data protection laws of some countries, such as Canada and the United States, may not offer a level of privacy protection equivalent to that within the European Economic Area (EEA) or your home country. If your use of the Platform and Services results in the transfer of personal information from the EEA to non-EEA countries that have not been deemed to offer an adequate level of privacy protection, we may rely on (i) standard contractual clauses approved by the European Commission in our contracts with parties that receive information in such countries, and (ii) adequate supplementary safeguards. By using the Services and the Platform, you expressly consent to such transfers.
To learn more about the European Commission’s decisions on the adequacy of the protection of personal data in the countries where we process personal data, please visit: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en
You have the right to access, update and correct factual inaccuracies in personal information that we collect through the Services, subject to certain exceptions. If you have created an online account, you can access, update, and delete your personal information or request to delete your account by logging in to your account through the Services. Any requests you submit will be reviewed and, if approved, processed by our staff. We may retain certain information as necessary to pursue legitimate business interests or resolve disputes or as required by applicable laws. To protect your privacy and the security of your personal information, we will take reasonable steps to verify your identity before granting access to your personal information or deleting your account.
(b) European Residents
If you are a citizen of an EEA member state, the General Data Protection Regulation (EU) 2016/679 (“GDPR”) provides you certain rights with respect to your personal information. You have the following rights, with certain exceptions:
While we will attempt to fulfill your request to exercise these rights, sometimes, we may have legal grounds or obligations to reject your request. You will not have to pay a fee to exercise any of the aforementioned rights.
If a User is a citizen of an EEA member state, you have the right to lodge a complaint before the competent supervisory authority within the EEA should they believe that their Data is not being processed in accordance with applicable laws or with any concerns you have related to our privacy practices.
We request that you contact us first, by email, at firstname.lastname@example.org if you have any complaints, so we can attempt to investigate and resolve your concerns.
(c) California Residents
If you are a resident of California, the California Consumer Protection act provides you with certain rights. You have the following rights:
For clarity, Clancy does not sell (as defined in the CCPA) personally identifiable information to any third parties.
To exercise the rights described above, you must, in addition to being a resident of California, send us a request that provides sufficient information,
Each request that meets all of these criteria, and which is confirmed via email verification, will be considered a “Valid Request.” We may not respond to requests that do not meet these criteria.
We will use commercially reasonable efforts to determine whether a request may be for harmful, fraudulent, deceptive, threatening, harassing, defamatory, obscene, or otherwise objectionable purposes, and we reserve the right not to respond to such request.
We will only use your personal data provided in a Valid Request to verify your identity and complete your request. You do not need an account on the Platform to submit a Valid Request.
We will work to respond to your Valid Request within 45 days of receipt. We will not charge you a fee for making a Valid Request unless your Valid Request(s) is excessive, repetitive or manifestly unfounded. If we determine that your Valid Request warrants a fee, we will notify you of the fee and explain that decision before completing your request.
You may submit a request using the following methods:
Email us at: email@example.com
You may also authorize an agent (an “Authorized Agent”) to exercise your rights on your behalf. To do this, you must provide your Authorized Agent with written permission to exercise your rights on your behalf, and we may request a copy of this written permission from your Authorized Agent when they make a request on your behalf.
The GDPR requires that we inform you of the legal bases we rely on to process your personal information. The legal bases for processing are set forth below:
We may retain your Personal Information so long as you continue to use the Platform, or for as long as is necessary to satisfy the purposes described in this Policy, or to otherwise satisfy legal, regulatory, tax accounting or reporting requirements, and for legitimate and lawful business purposes. In some cases, we may anonymize your personal information for research or statistical purposes, in which case we may use the information indefinitely without further notice to you
The Data will be hosted on AWS and Google Cloud Platform which servers are located in Frankfurt, Germany.
We encourage parents and guardians to spend time online with their children and to participate and monitor the interactive activities of their children. We will never knowingly collect any personal information about individuals under eighteen (18) years of age. If we obtain actual knowledge that it we have collected personal information about an individual under eighteen (18) years of age, we will take steps to delete such information.
Clancy reserves the right to modify this Policy at any time, so please review it frequently. If we decide to amend our Policy, we will post the updated version, together with an updated Effective Date, on this page. Any changes to the Policy will be effective as of the date they are posted. We encourage you to check this page periodically for any changes. If there are material changes to the Policy or in how we will use your personal data, we will notify you either by prominently posting a notice of such changes prior to their taking effect or by sending you a notification directly. Your continued use of the Platform following the posting of an updated Policy will constitute your acceptance of any and all changes.
Address: Clancy International Inc.
125 Don Hilock Drive
Aurora, ON L4G 0H8
Attention: Privacy Officer
We will endeavour to respond to questions or concerns within 30 days.
Please be advised that, although we take every reasonable precaution available to protect your data and personaI information, no data transmission over the Internet can be guaranteed to be 100% secure. Therefore, we cannot warrant that your information will be absolutely secure. Any transmission of data at or through our Platform is at your own risk.
Cookies are small files that websites or apps place on your computer or mobile device as you browse the web or access an app. Cookies and similar technologies are used by your computer's browser to store your preferences. Cookies, by themselves, do not tell us your e-mail address or other personally identifiable information. Most web browsers automatically accept cookies. You can instruct your browser, by changing its settings, to stop accepting cookies or to prompt you before accepting a cookie from the websites you visit. However, some sites may not function properly if you disable cookies. We may request your consent for the use of certain cookies, in accordance with the current applicable legislation to cookies.
Different types of cookies are used for different functions and have different characteristics. Persistent cookies remain on your device for a longer period of time and allows a site to recognize you as an existing user, and are activated when you return to the Platform. Session cookies are temporary and last for a session.
We generally use the following types of cookies and other technologies, such as GIF files, pixel tags or web beacons for the following purposes:
Click Here for a list of the types of cookies currently being use on the Platform.
Some of the cookies used on our Platform, as noted above, are managed for us by third parties. Where this is the case we don't allow the third party to use the cookies for any purpose other than those listed above.
Please note that as third party relationships may change, this list may not always be comprehensive. Not all technologies listed may be used for all of the Services or in all jurisdictions.
Cookies in and of themselves do not require or hold personal information. They cannot personally identify an internet user. However, personal data can be collected by using cookies to facilitate certain user features, improving the Internet browsing experience. Such data is encrypted in a way that does not allow unauthorized people to access them. If a cookie processes personal data, we will ensure that the processing is done in accordance with applicable law and the GDPR.
You can control whether or not these cookies are used, by adjusting your browser settings to reject cookies, but preventing them may mean we cannot offer you some Services, and will reduce the support we can offer you on the Platform. Such choices are browser and device specific. It is also possible that preventing these cookies will stops us from remembering that you didn't want a specific service. If you clear cookies from the browser on your devices, your opt-in choices will need to be reset on the Platform.
All browsers allow the User to accept, reject or delete Cookies by selecting the appropriate settings in the respective browser:
To learn more about using cookies by advertisers, use the following links: European alliance for Interactive Digital Advertising (EU) https://edaa.eu; , Advertising Standards Canada https://adstandards.ca