3DWORLD LTD (hereinafter - “we”, "our", “us”, and “3DWORLD”) is a Cyprus company that operates the service “3dsky” (after that — “Service”) that allows authors of 3D models to share their works and sell them to customers who wish to buy 3D models via the Service on the website.
1. DATA CONTROLLER
1.1. While carrying out our activities, we collect, store, disclose, and/or otherwise process personal data. In accordance with applicable data protection and privacy legislation, the relevant 3DWORLD with which you are in contact is deemed the controller concerning the personal data we process.
2. TERMS AND DEFINITIONS
3. PRINCIPLES OF PERSONAL DATA PROCESSING
3.1. We adhere to the following principles in order to protect your privacy:
3.1.1. principle of purposefulness — we process Personal Data fairly and in a transparent manner only, aiming to achieve determined and lawful objectives, and they shall not be processed in a manner not conforming to the objectives of data processing;
3.1.2. principle of minimalism — we collect Personal Data only to the extent necessary to achieve determined purposes. We do not keep Personal Data if it is no longer needed;
3.1.3. principle of restricted use — we use Personal Data for all other purposes only with the consent of the data subject or if permitted by a competent authority;
3.1.4. principle of data quality — we always keep Personal Data up-to-date and complete in order to achieve the end purpose of the data processing more efficiently;
3.1.5. principle of security — security measures shall be applied in order to protect Personal Data from unauthorized or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical and organizational measures;
3.1.6. principle of individual participation — our Customers and Visitors shall be notified of data collected in connection to them. They shall be granted access to their Personal Data and have the right to demand a correction of inaccurate or misleading data.
4. DATA WE COLLECT
4.1. SITE VISITORS
4.1.1. We may collect, record, and analyze information on Visitors to our Site.
4.1.2. We collect names and email addresses only when the Visitor wants to contact us and fills out our contact form. We use the collected Personal Data only to communicate with you. If you don’t want us to collect your Personal Data, please do not use our contact form and don’t give your consent for it.
4.1.3. While processing the Personal Data of our Visitors, we rely on your consent to the processing of your Personal Data for the purpose of communicating with you. We use such Personal Data in ways you would reasonably expect and which have a minimal privacy impact. You can withdraw your consent at any time by sending us an email to email@example.com with your withdrawal request, and your Personal Data will be deleted within seventy-two (72) hours.
4.1.4. We collect the Personal Data you give us in order to reply with the information you need. We may record your request and our reply in order to increase the efficiency of the organization of our support service. We keep personally identifiable information associated with your message, such as your name and email, so as to be able to track our communications with you in order to provide you with high-quality service.
4.1.5. We also record Usage Data. It is information collected automatically through the 3DWORLD Site (or third-party services employed by 3DWORLD), which may include: the IP addresses or domain names of the computers utilized by the Visitors who use the 3DWORLD Site, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server's answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilized by the Visitor, the various time details per visit (e.g., the time spent on each page) and the details about the path followed with particular reference to the sequence of pages visited, and other parameters about the device operating system and/or the Visitors’ IT environment.
4.1.6. We use this information in the aggregate to assess the popularity of the web pages on our Site and how we perform in providing content to you. When combined with other information we know about you from previous visits, the data could possibly be used to identify you personally, even if you are not signed in to our Site. We use Google Analytics and Yandex Metrika to analyze data. Information collected this way is stored for no longer than one year.
4.1.7. Processing of Usage Data relies on our legitimate interests. It is necessary for managing and running our business efficiently and effectively, providing quality services, including Site support, developing and improving products, and determining who may be interested in them.
4.2.1. In order to provide services to our Customers, we collect their personally identifiable information.
4.2.2. When you create an account on our Site, a contract is formed between you and us. In order to carry out our obligations under such a contract, we must process the information you give us.
4.2.3. During the creation of your account on our Site, you provide us with your email address. This information is used by us to identify our Customers and provide you with services, billing, mailings, notification, and support.
4.2.4. After the confirmation of your email, you may enter your information in your profile for other Visitors to see. This information may include your name (first and last name), occupation, specialty, work experience, type of employment, education, professional skills, place of residence, desired salary level, telephone number, email, skype, Viber, WhatsApp, Telegram, website address, etc. You may also add information about yourself in different parts of our Site, such as blogs, comments, etc. Please note that it’s not required to do so and that such information can be seen by other Customers or Visitors. We only store such information as part of our Site. We don’t process it in any other way.
4.2.5. We may verify Your identity by asking You to submit scanned copies of Your documents. We process this information on the basis that there is a contract between us and our legitimate interests (prevention of fraud and infringements of intellectual property rights). We use such information to identify our Customers, prevent and detect improper use of intellectual property objects available on the Site, respond to any Customer complaints, and comply with any laws and regulations that apply to us. We use such data in ways you would reasonably expect and which have a minimal privacy impact.
4.2.6. We may obtain your Personal Data from third parties, such as payment service providers, whose services we use. We may receive your name, telephone number, and other payment information.
4.2.7. We process this information on the basis there is a contract between us or that you have requested, we use the information before we enter into a legal contract.
4.2.8. Payment information is never taken by us or transferred to us either through our Site or otherwise. Our employees and contractors never have access to it. At the point of payment, you are transferred to a secure page on the Site of Bluesnap or PayPal payment service provider.
4.2.9. Processing of Personal Data for marketing purposes has also relied on the consent obtained from you. We use data in ways you would reasonably expect and which have a minimal privacy impact.
5. COMPLIANCE WITH THE GENERAL DATA PROTECTION REGULATION (GDPR)
5.1. For Visitors and Customers located in the European Economic Area (after that — “EEA”), privacy rights are granted, and all processing of Personal Data is performed in accordance with regulations and rules of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data, known as the General Data Protection Regulation (GDPR).
5.2. We process Personal Data as a Controller, as defined in the GDPR:
5.2.1. 3DWORLD, with which you, as a Customer, had entered into an agreement when you created your account at the 3DWORLD Site, will be the Controller of Customer Data, as outlined above in the “Customer” section.
5.2.2. Also, 3DWORLD will be the Controller for Visitor Data, as outlined above in the “Visitor” section.
6.1. Visitors and Сustomers can review, correct, update, delete, or transfer their personally identifiable information. For that, contact us directly via firstname.lastname@example.org. We will acknowledge your request within seventy-two (72) hours and handle it promptly and as required by law.
6.2. Right to object to the processing of your Personal Data. Visitors and Customers have the right to object to the processing of their Personal Data by us.
6.3. Right to access your Personal Data. Visitors and Customers have the right to learn if Personal Data is being processed by the Data Controller, obtain disclosure regarding certain aspects of the processing, and obtain a copy of the Personal Data undergoing processing.
6.4. Right to verify and seek rectification. Visitors and Customers have the right to verify the accuracy of their Personal Data and ask for it to be updated or corrected.
6.5. Right to restrict the processing of your Personal Data. Visitors and Customers have the right, under certain circumstances, to restrict the processing of their Personal Data. In this case, the Data Controller will not process their Personal Data for any purpose other than storing it.
6.6. Right to have your Personal Data deleted or otherwise removed. Visitors and Customers have the right, under certain circumstances, to obtain the erasure of their Personal Data from the Data Controller.
6.7. Right to receive your Personal Data and have it transferred to another controller. Visitors and Customers have the right to receive their Personal Data in a structured, commonly used, and machine-readable format and, if technically feasible, to have it transmitted to another controller without any hindrance.
6.8. You can withdraw your consent at any time by replying to the email with your withdrawal request, and your Personal Data will be deleted within seventy-two (72) hours.
6.9. Also, you have the right to lodge a complaint with a supervisory authority if you think that we violate your rights. But we kindly ask you to contact us first so that we can help you.
6.10. When we receive any request to access, edit, or delete personally identifiable information, we shall first take reasonable steps to verify your identity before granting you access or otherwise taking any action. This is important to safeguard your information.
7. DATA RETENTION
7.1. Personal Data shall be processed and stored only for as long as required for the purpose they have been collected.
7.3. Information obtained via contact forms is deleted on an annual basis. Your information will be deleted if you do not communicate with the support team for more than twelve (12) months.
7.4. Any Usage Data collected for the purpose of analytics will be deleted in not more than twelve (12) months after being collected.
7.5. Once the retention period expires, Personal Data shall be deleted. Therefore, the right to access, the right to erasure, the right to rectification, and the right to Personal Data portability cannot be enforced after the expiration of the retention period.
7.6. Please note that you cannot unsubscribe from certain email correspondence from us, such as messages relating to your account transactions, purchases, software updates, and instructions.
8. INFORMATION SECURITY
8.1. We care to ensure the security of your Personal Data. We follow generally accepted industry standards to protect the information submitted to us, both during transmission and once we receive it. We maintain technical, physical, and administrative security measures to provide reasonable protection for your Personal Data. When we or our contractors process your information, we also make sure that your information is protected from unauthorized access, loss, manipulation, falsification, destruction, or unauthorized disclosure. This is done through appropriate administrative, technical, and physical measures.
8.2. There is no 100% secure method of transmission over the Internet or electronic storage. We, therefore, cannot guarantee its absolute security.
8.3. We never process any kind of sensitive data and/or criminal offense data. Also, we never undertake profiling of Personal Data.
9.1. We work with third-party service providers that provide Site development, hosting, maintenance, sending emails, marketing, technical support and assistance, processing credit card payments, IT and cyber security services, fraud checking services, customer service, and other services for us. These contractors may have access to or process Personal Data on our behalf or as part of providing those services to us. We limit the information provided to these service providers to the extent it is reasonably necessary for them to perform their functions.
9.6. For more detailed information about the international information transfers to our business partners, service providers, and developers outside of the EU/EEA, please contact us using the details given in the “Contact us” section below.
9.8. We may need to share your Personal Data with the third parties that provide those services. Where your Personal Data are transferred outside of the European Economic Area (“EEA”), we require that appropriate safeguards are in place. These contractors may have access to or process Personal Data on behalf of us, as part of providing those services to us. We limit the information provided to these service providers to the extent it is reasonably necessary for them to perform their functions.
10. INFORMATION RELATING TO CHILDREN
10.1. Our Service is not intended for persons under the age of 16. We do not knowingly collect or store information about anyone under the age of 16.
10.2. If, when collecting information, we determine that a User is under that age, we will not use or store their Personal Information without parental/guardian consent. If we become aware that we have unknowingly collected Personal Information about a child under the age of 16, we will use reasonable efforts to remove such information from our records.
10.3. We also encourage parents to monitor their children's online activities and to learn and use software or other tools that will help their children enjoy online activities without jeopardizing their personal safety or allowing them to use the Internet according to their parent/guardian's preferences.
11.2. Please be aware while visiting our Site. Our Site contains links to other websites. Once redirected to another website, this Policy is no longer applicable. We are not responsible for these other websites' content or privacy policies.
14. CONTACT US!
14.1. If you have any questions about the practices of this Site or your dealings with this Site, please contact us at email@example.com.
14.2. Data Controller’s info: 3DWORLD LTD, Company number HE 403245, registered in Cyprus, 7-9 Riga Feraiou, LIZANTIA COURT, Office 310, Agioi Omologites, 1087, Nicosia, Cyprus.