DATA PROTECTION POLICY
ShrtFly respects your privacy and is deeply committed to protecting your personal data and empowering you to control how it is used.
This Data Protection Policy (hereafter “Policy”) applies to residents of EU states and certain other customers in states whose governments adopt Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regards to the processing of personal data and on the free movement of such data “General Data Protection Regulation” (“GDPR”). This Policy is intended to ensure that Customer Personal Data (defined as “any information relating to an identified or identifiable natural person”) is collected, maintained and used in accordance with the GPDR and associated data protection and privacy laws.
This Policy describes what kinds of Personal Data ShrtFly will collect from our European Customers, and how ShrtFly maintains and uses our Customers’ Personal Data in connection with the services we provide to them.
Personal Data ShrtFly may collect from its Customers.
ShrtFly collects Personal Data as described in the Contract, in particular from application forms, contact forms, and/or other interactions with Customer.
The customer should be aware that application fields are mandatory fields because ShrtFly needs this information to comply with statutory, legal or contractual requirements, internal procedures or to respond to Customer requests.
Fields: ShrtFly may request include but are not limited to Email, Mobile Phone number, Name, Home address, and other. If Customer contacts ShrtFly, ShrtFly will keep a record of that correspondence for the legally required retention period.
Personal Data that Customers provide to ShrtFly should not include any of the following data types, and Customers hereby expressly warrant that they will not provide any of the following:
- racial or ethnic origin;
- political opinions;
- religious or philosophical beliefs;
- trade union membership;
- genetic data;
- biometric data;
- private health data concerning a Customer;
- data concerning a natural person's sex life or sexual orientation.
ShrtFly may use Customer Personal Data to send direct marketing to our Customers via e-mail only when Customer has given express prior consent in the relevant contact form. Customer may at any time withdraw approval to receive marketing communications by expressly withdrawing consent via their individual ShrtFly interface.
ShrtFly will not rely solely on automated Customer onboarding processes or transaction monitoring, including profiling, with respect to its decisions regarding a Customer’s ability to transact business via ShrtFly.
How does ShrtFly use Customer Personal Data?
Customer Personal Data is collected and handled by ShrtFly for the following purposes:
- to deliver ShrtFly services (including to respond to Customer requests or questions, to investigate or respond to potential incidents and complaints);
- to comply with applicable statutory, legal and regulatory obligations (including but not limited to the fight against money laundering and terrorist financing).
Does ShrtFly transfer European Customer Personal Data outside the European Union?
We do not transfer any European Customer Personal Data to anyone. We take your privacy first.
ShrtFly will retain Customer Personal Data for as long as (i) necessary for the respective purpose, (ii) necessary to deliver services and carry out ShrtFly business relationship with Customer in accordance with the Contract, (iii) Customer has consented to, and/or (iv) required by applicable retention laws.
IP addresses and cookies.
ShrtFly collects information about a Customer’s computer