General information about how Mumoon processes Personal Data in accordance with the General Data Protection Regulation (GDPR)
Mumoon aims to inform users of the website www.mumoonhome.com of the policy adopted for the processing of Personal Data through the site, and to highlight its commitment and attention to safeguarding their privacy. This statement is also provided pursuant to the General Data Protection Regulation (GDPR) (EU2016/679). In accordance with the provisions of the GDPR, the processing operations will comply with the principles of lawfulness, fairness, transparency, purpose and retention limitation, data minimization, accuracy, integrity and confidentiality.
Data owner and controller
The owner of the processing of personal data is:
Mumoon Europe, Kuumsesteenweg 28, 8500 Kortrijk (Belgium).
Contact email: firstname.lastname@example.org.
Types of data collected and purposes of processing
According to the GDPR, Personal Data means any information relating to users that identifies them personally, either alone or in combination with other information. When users visit the website, Mumoon only collects and stores personal data if users actively communicate it via multiple sources. Personal information is collected automatically by the site or received via multiple sources: email requests, social media and other means. Notwithstanding the above basic conditions, however, the web server of the host automatically registers information about accesses to the website (Browsing or Usage Data). Among the types of Personal Data that Mumoon may collect, by itself or through third parties, there are: Email address, various types of data as Usage Data, and Cookies. Mumoon does not require, or collect, any sensitive personal information, that is, according to the provisions of the GDPR (Art. 9), personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, data concerning health or sexual orientation.
The website collects non-sensitive browsing data by automatic means in order to enable and improve user navigation (e.g., IP address, date/time of the visit and its length, any referring URL, the pages visited on the site, the device used and other information). The processing of such information allows users to access the site and fully enjoy its features and services. Furthermore, browsing data may be used to verify that the site is functioning properly. From time to time, browsing data are processed anonymously for statistical purposes. Browsing data are stored only temporarily in compliance with the applicable law. In particular IP address will be processed during the connection process so that Mumoon can make the website available to you. It is based on Art. 6 para. 1 lit. f) GDPR. Mumoon’s legitimate interest is in the stated purpose. Browsing data could be also used to ascertain responsibility in case of hypothetical crimes against the website.
Data provided voluntarily
The optional, explicit and voluntary submission of Personal Data through the website involves the subsequent acquisition of users’ provided data, necessary for the provision of the requested service. In particular, when users contact Mumoon at the email address provided on the website, they at least provide Mumoon with their email address and any other information they may provide in the email. In order to be able to process users’ request, Mumoon must process this data. The legal basis is Art. 6 para. 1 lit. f) GDPR. Mumoon’s legitimate interest lies in the purpose just mentioned.
Detailed information relating to the cookies used on the website can be found at the dedicated page: Cookies Policy.
Connection to third-party websites or platforms
The website may contain links to other third-party websites or platforms, such as social networks like Facebook, Twitter and Pinterest. Mumoon cannot control the usage of cookies or other monitoring technologies of such websites to which this Policy does not apply, so Mumoon cannot be held responsible for their conduct with respect to privacy law. Users are encouraged to read their privacy policies to verify how they collect and process personal information.
Retention of Personal Information
Personal information collected by the website will be kept – for each type of data processed – only as long as it is needed to provide users with the required services or to meet legal or tax obligations or for the minimum period prescribed by the law. In order to determine the appropriate retention period for personal information collected and stored by the website under users’ consent, Mumoon will take into account multiple factors to ensure that personal information is not stored for longer than the necessary or appropriate period, including:
— the purpose for which the website holds personal information;
— legal, tax and regulatory obligations in relation to that personal information;
— any specific request in relation to the deletion of personal information;
— legitimate business interests.
Mumoon will promptly delete or anonymize personal information that is no longer needed or retained according to the law.
Legal basis of processing
The legal basis of the processing of Personal Data is art. 6 of the GDPR, if one of the following applies:
— the consent has been given for one or more specific purposes;
— provision of data is necessary for the performance of an agreement and/or for any pre-contractual obligations thereof;
— processing is necessary for compliance with a legal obligation;
— processing is related to a task that is carried out in the public interest or in the exercise of official authority;
— processing is necessary for the purposes of the legitimate interests.
Mandatory or optional nature of processing
Users have no contractual or legal obligation to provide Mumoon with personal information. So, apart from what is specified for browsing data, users are free to provide personal information optionally, explicitly and voluntarily, according to the above-mentioned purposes. However, failure to provide them may make it impossible to complete users’ request.
Processing methods and security measures
Personal information is processed with IT, automated and electronic tools and, in limited cases, by using documentary means, following organizational procedures and modes strictly related to the purposes indicated. In accordance with the GDPR, Mumoon applies all industry standard security measures to protect users’ personal information as is available within the hosting services, software, plugins and addons this website uses. Specific security measures have been implemented to prevent data loss, unlawful or improper use, and unauthorized access, including data encryption (SSL/TLS) and encrypted transfer of sensitive data submitted by users, and plugins that enable firewall against common types of attacks, and protects the website from known security vulnerabilities, hacks and malware. While Mumoon adopts primary security measures, at the same time it cannot exclude the safety risks that are naturally involved by online transmission of data. Users accept the inherent risks of providing personal information over the internet and will not hold Mumoon responsible for any breach of security, unless this breach is due to negligence or willful default.
Place of processing
Personal Data are processed at Mumoon’s operating offices in Belgium and in any other places where the parties involved in the processing are located.
Communication and transfer of data
Personal Data are processed by Mumoon’s internal staff duly authorized to do so under their respective job duties. Whenever necessary and/or instrumental to the above-mentioned purposes, they may also be processed by third parties, appointed, if necessary, as Data Processors: companies and consultants firms providing assistance and/or consulting or performing related services on behalf of Mumoon, e.g. hosting, maintenance of IT systems, updating of the website. Mumoon will not transfer any personal information outside the European Economic Area (EEA), unless you have explicitly authorized such transfer or the transfer of personal information outside the EEA is allowed by the GDPR on another legal basis. Personal Data shall not under any circumstances be disseminated to unknown persons.
Under the GDPR users are entitled to receive confirmation as to whether Mumoon holds any personal information about them. If users would like to request to review, correct, update, suppress, restrict or delete Personal Information that they have previously provided, or if they would like to request to receive an electronic copy of their personal information for purposes of transmitting it to another company (to the extent this right to data portability is provided by applicable law), they may contact Mumoon by writing at email@example.com. Mumoon will respond to users’ request consistent with applicable law. In the request, users are invited to make clear what personal information they would like to have changed, whether they would like to have your personal information suppressed from the database or otherwise let Mumoon know what limitations they would like to put on the use of their personal information. In any case, users will always be entitled to file a complaint with the competent supervisory authority, pursuant to art. 77 of the GDPR, if they believe that the processing of data violates applicable law.
Additional information about Data collection and processing
System logs and maintenance
For operation and maintenance purposes, Mumoon and any third-party services may collect files that record interaction with the website (System logs) and use other Personal Data (such as the IP Address) for this purpose.