We are a Slovenian non-profit organisation (“Aromainštitut”, Južna cesta 6A, 6310 Izola – Isola, Slovenia). We provide a platform for essential oils professionals and companies using the model software as a service. We process Personal Data as a Processor on behalf of the Customer.
1.1. “Controller” means an entity that determines the purposes and means of the Processing of Personal Data.
1.2. “Customer” means a person or entity that is registered with Dropsmith to use the free or paid Service.
1.3. “Data Protection Laws” means all data protection and privacy laws and regulations of the EU, EEA and their member states, Switzerland and the United Kingdom, applicable to the Processing of Personal Data.
1.4. “GDPR” means the Regulation (EU) 2016/679 of the European Parliament and the Council of 27 April 2016 on the protection of natural persons with regard to the Processing of Personal Data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation).
1.5. “Personal Data” means any information relating to an identified or identifiable natural person.
1.6. “Processing” means any operation or set of operations which is performed upon Personal Data, whether or not by automatic means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction. “Process”, “Processes” and “Processed” shall be interpreted accordingly.
1.7. “Processor” means a natural or legal person, public authority, agency, or any other body which Processes Personal Data on behalf of the Controller.
1.8. “Services” means any product or service provided by Dropsmith pursuant to Dropsmith’s Terms of Service (“TOS”).
1.9. “We”, “us”, and “our” refer to the Dropsmith.
1.10. “You,” “your,” and “yours” refer to the user.
3. What information we Process
Dropsmith collects both “Personal Data” and “Non-Personal Data” about you and will Process this data for the duration of the Services, as described in the TOS:
3.1. Personal Data:
- Customers information: identification and contact data (name, contact details, username); billing information (billing address, payment information); organization information (name, address, geographic location, area of responsibility, VAT code), IP addresses.
At any time, you may log in and change this information, or remove it. You may decline to provide Personal Data to the Services, however, some of the Personal Data we ask you to provide, for example, full name and email address are mandatory to use our Service. If you decline to provide it, we may not be able to provide that service to you.
Please note, Dropsmith does not process or store your credit card information. Once you make a payment, your credit card information is transferred to our third-party payment processor Stripe. Please find their Privacy statement here.
3.2. Non-Personal Data:
- Browser and device information: location, device type, model, number, type of browser or operating system, the time and date of access, browsing activity, screen resolution, plug-ins, add-ons and the version of the Services you are using, and other information that does not personally identify you.
- Information from your use of the Services and information from other sources: we may receive information about how and when you use the Services, store it in log files or other types of files associated with your account and link it to other information we collect about you. Also, we may obtain information about you or your Subscribers from third-party sources, such as public databases, social media platforms, third-party data providers and our joint marketing partners. This information may include, for example, time, date, browser used, demographic information, device information (such as device type, model, number, type of browser or operating system, IP addresses), location and online behavioral data (such as information about your use of social media websites, page view information and search results and links), actions you have taken, anonymous usage data, referring/exit pages and URLs, preferences you submit and preferences that are generated based on the data you submit and number of clicks.
4. Purposes of Processing
4.1. Dropsmith uses collected information for the operation of the Services, to maintain the quality of the Service, to provide general statistics regarding use of the Service, to promote and analyze the Services, to provide customer support and send information about the Services, to protect the rights and safety of Customers, Subscribers, third-parties and our own, to send customized informational or promotional content and provide suggestions according to marketing preferences, to ensure observance of our TOS and meet the legal requirements, to verify identity and provided information, manage payments, to understand demographics, Customer interests and needs, and other trends among users, and for other business purposes.
5. How we collect your information
5.1. Tracking technologies: in connection with the performance of the Services, Dropsmith uses:
- Web beacons: we include single-pixel gifs (web beacons) in emails we send, which allow us to collect information about when you open the email and your IP address, your browser or email client type, and other similar details. We use the data from those web beacons to create reports about how your email campaign performed and what actions your Subscribers took, to capture the time spent on the Services, pages visited and email campaign performance.
- Unique identifiers and similar tracking technologies: we may use other tracking technologies to administer the Services, track your movements around the Services, analyze trends, track behavior, serve targeted advertisements and gather demographic information, to measure the performance of our email campaigns and to improve our features for specific segments of Customers.
5.2. Log Data monitoring: we may collect log data whenever you access our tool. This data could include things like an IP address, browser type and version, the pages you visit on Dropsmith, and other user statistics. When you access Dropsmith with a mobile device, log data may include the type of device, your mobile unique ID, the IP address of your device, mobile operating system, and other mobile statistics.
6. Transferring to third-party companies
6.2. We may disclose Non-Personal Data for any purpose because this information cannot be used to identify you or another person.
7. Email communications & opting out
7.1. From time to time you may receive, from us, emails related to your use of Dropsmith. Based on the Personal Data that you provide us, we may communicate with you in response to your inquiries to provide the Services you request and to manage your account. We may also use your Personal Data to send you updates and other promotional communications. Every email will contain a link to be able to opt-out of receiving it. We may still send important messages regarding administrative matters, updates, disputes, and customer service issues that are required to provide the Services.
8. Safety of your information
8.1. Dropsmith takes reasonable precautions, technical and organizational security measures to ensure a level of security appropriate to the risk, follows industry best practices in order to protect your Personal Data from any unauthorized or unlawful breach of security that leads to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or access to Personal Data and to preserve the security and confidentiality of the data. However, these measures do not guarantee that your information will not be accessed, disclosed, altered, or destroyed by breach of such precautions. By using our Service, you acknowledge that you understand and agree to assume these risks.
8.2. The customer is responsible for reviewing the information made available by Dropsmith relating to its data security and making an independent determination as to whether the Services meet Customer’s requirements and legal obligations under Data Protection Laws. Also, Customer is responsible for its secure use of the Services, including securing its account authentication credentials, protecting the security of Personal Data when in transit to and from the Services, and taking any appropriate steps to securely encrypt or backup any Personal Data uploaded to the Services.
9. Protecting Customer’s data
9.1. We reserve the right to monitor your content and response data from time to time to make sure they comply with our TOS, we will never share, sell or rent your data to anyone for any reason.
9.2. Our data storage centers are in the United States and Europe and have an information storage security certificate, so you can rest assured that your data is safe with us.
10. Links to other websites
11. Age of consent
By using the Service, you represent that you are at least 16 years of age.
12. Merger or acquisition
13. Dropsmith as a Controller
Dropsmith acts as a Controller of Personal Data of its employees, contractors, candidates, affiliates, and other third parties that are not considered as a Customer. Dropsmith undertakes to comply with legal requirements when processing Personal Data as a Controller and implements appropriate technical and organizational measures to ensure a level of security of Personal Data as required under GDPR and applicable Data Protection Laws.
15. Contacting Dropsmith
- would like to request access to the information we hold about you, correct, modify, delete or update Personal Data that you have provided to us, or
Please contact us any time via email: firstname.lastname@example.org.
Last updated on March 24, 2021.