At Rain-Creative we care about privacy. Therefore, we strictly adhere to all applicable data protection procedures regarding the complete and comprehensive security of your Personal Data.
We are the Rain-Creative – design, software-, application- and website development company that owns and maintains raincreativelab.com (hereinafter – Website).
This Website is used to demonstrate and advertise the Rain-Creative’s services and projects among potential clients and Website visitors (hereinafter – “Visitors”, “you”, “Data Subject”). If you’re reading this Privacy Policy – you are the Visitor. This Privacy Policy explains how we use any personal information provided by or collected from Visitors and what happens to it when Visitors visit the Website.
Basically, the data processing is not our essential and direct purpose to do business. We act as Processors of your Personal Data received from third-parties – Personal Data Controllers, such as Google Corp or any Сlient Rain-Creative engaged in contractual relations. Following this Privacy Policy, you may receive more details about our Visitor’s Personal Data processing.
In addition, we represent that our Privacy Policy regulates processing principles of Data Subjects’ Personal Data we may receive from our Clients to fulfill our contractual obligations.
What do the “Data Subject”, “Processor” and “Controller” mean according to the Privacy Policy and GDPR?
Pursuant to Art. 4 of the Regulation (EU) 2016/679 (“General Data Protection Regulation” or “GDPR”), the “Data Subject” is an identified or identifiable natural person. As far as this Privacy Policy also applies to contractual relations with the Rain-Creative’s Clients, Rain-Creative may receive different types of Data subject’s Personal Data from such Clients to perform our contractual obligations. Usually, we act as a “Processor”, that is, according to Art.4 of the GDPR, a natural or legal person, public authority, agency or other authority processing Personal Data on behalf of the Controller. Therefore, most of Rain-Creative’s Clients act as “Controllers”, that is, according to Art. 4 of the GDPR, the natural or legal person, public authority, agency or other authority which, alone or jointly with others, determines the purposes and means of Personal Data processing.
Given the foregoing, we hereby represent that according to Art.28 of GDPR, Rain-Creative:
- never engages another processor without prior specific or general written authorisation of the Controller;
- informs the Controller of any intended changes concerning the addition or replacement of other processors, thereby giving the Controller the opportunity to object to such changes;
- processes the Personal Data only on documented instructions from the Controller, including with regard to transfers of Personal Data to a third country or an international organization;
- ensures that persons authorized to process the Personal Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality;
- takes into account the nature of processing and assists Controller with appropriate technical and organizational measures, to the extent possible, in performing Controller’s obligation to respond to requests for exercising the data subject’s rights;
- if Controller so decides, deletes or returns all the Personal Data to the Controller after termination of processing-related services, and deletes existing copies, unless applicable law requires the storage of the Personal Data.
At Rain-Creative we adhere strictly to the Personal Data processing principles, as prescribed by GDPR. In terms of Art.5 GDPR, Rain-Creative:
- processes Personal Data lawfully, fairly and in a transparent manner in relation to the Data Subject;
- minimizes the scope of the Personal Data processed;
- will not keep Personal Data longer than necessary;
- ensures appropriate Personal Data security and confidentiality, including access management.
In what way do we use your Personal Data?
We may use your Personal Data to ensure prompt and efficient Website’s performance. The main purpose of your data processing is to ensure comfortable and constant Website experience. In addition, we use your data for other reasons such as safety and security, customer support, communications from Rain-Creative, marketing purposes, compliance with legal obligations, performance of contractual obligations.
What are the legal grounds for Personal Data processing?
Before proceeding to your Personal Data processing we assess and check the data we collect and determine the legal basis for processing. We use the following basis to collect and process your Personal Data: performance of contractual obligations, compliance with legal obligations, our legitimate interest, and your active consent.
Contractual obligations
While doing business, Rain-Creative usually enters into contractual relations with the Clients. To perform high-quality services Rain-Creative may process the Data subject’s Personal Data. To this end, Rain-Creative concludes Data Processing Agreement with the Client that regulates Personal Data Processing during contractual relations between Rain-Creative and such Client.
Compliance with legal obligations
Rain-Creative needs to process Personal Data to comply with its legal obligation. For example, Rain-Creative will disclose Data Subject details to fiscal authority, in case such Data Subject is the Rain-Creative’s employee; or, a court order may require Rain-Creative to process Personal Data for a particular purpose, which also qualifies as a legal obligation.
Legitimate interest
We rely on our legitimate interest to ensure the security of our Website, fraud prevention when processing your Personal Data.
Active consent
We will proceed with your Personal Data processing once you have read this Policy and given your consent. We ask for your consent via a pop-up, which you can see on your screen after you visit our Website.
We need your consent to grant you with further access to our Website and ensure the robust and consistent Website performance, as well as to comply with legal requirements. We will not collect and (or) process your Personal Data until you give us clear and active consent. Your Personal Data processing starts after you click on the “I agree” button on the relevant pop-up.
Where we may transfer your Personal Data?
Rain-Creative may process Personal Data, including through third-party Sub-processors, outside the country, where the Client and/or the Data Subject is located, as permitted under the GDPR. As far as Rain-Creative is established in Ukraine, the country, that has not been acknowledged by the European Union as a safe country with an adequate level of data protection under Art. 45 GDPR, in order to meet GDPR requirements, Rain-Creative and Client sign the Standard Contractual Clauses, where the cross-border transfer of Personal Data is expected.
What categories of Personal Data do we collect?
We may collect and process personal information from you in the course of our business, including through your use of our website; when you communicate with us via email or other channels; when you sign up for or request us to send you newsletters, alerts, or other materials; when you sign up for a meeting while submitting an application for a position with us; when you engage our services or as a result of your relationship with one or more of our staff and clients; and when you respond to our communications or requests for information.
The personal information that we may collect and process includes:
- Basic information, such as your name (including name prefix or title), the company you work or worked for;
- Contact information, such as your postal address, email address and phone number(s);
- Financial information, such as payment-related information;
- Technical information, such as information from your visits to our website or applications or in relation to materials and communications we send to you electronically;
- Information you provide to us for the purposes of attending meetings and events;
- Identification and background information provided by you or collected as part of our business processes from third party Clients (e.g. your preferences, your payment data).
Third party services like Google, Facebook, Twitter may provide us with certain information about you when you link/connect/login to any third party provider. The extent of information may vary and can be/is controlled by that service provider or by you via privacy settings controls available in the account settings of relevant service provider.
How do we share and disclose your data?
At Rain-Creative we may disclose your Personal Data to third parties to the extent necessary to:
- comply with a government request, a court order or applicable law;
- defend ourselves against third-party claims;
- assist in fraud prevention or investigation;
- execute your request on such disclosure or transmission;
- during the performance of contractual obligations;
- manage and administer our relationship with you, including feedbacks and maintaining our list of contacts;
- assess the quality of our services and effectiveness of our promotional campaigns, and publications.
Rain-Creative will never sell your Personal Data to any company or legal entity. However, we may transfer your Personal Data to a successor entity upon a merger, consolidation or other corporate reorganization we may participate in, or to a purchaser or acquirer of all or substantially all of our assets to which this Website relates. However, this Privacy Policy does not apply to your information collected by any third party, including through any content that may link to, or be accessible through our Website.
We may share your Personal Data with some service providers, which may process data on our behalf. For example, third-party developers, accountants, subjects operating applicable payment systems, etc. We may transfer your Personal Data only to the subjects located in countries, where the Government authority confirmed an adequate level of data protection. You may find the list of such countries by clicking here. We conscientiously and carefully select and review authorized third parties, to the extent practicable, and review their privacy and security policies. These authorized third parties may be engaged, inter alia, in processing technology support for our business. Limited members of Rain-Creative employees, contractors or the employees working for these third parties may also access and otherwise process your Personal Data to fulfill their labour responsibilities or contractual obligations.
Some of these personnel and authorized third parties (e.g. payment processors) may transfer data outside Ukraine or European Union. We always take appropriate steps to ensure that Personal data remains within jurisdictions with adequate level of protection and ensure that our recipients of such Personal Data are bound to confidentiality terms, where relevant or appropriate. Where this is not possible, we rely on data minimization, the selection of trusted companies with privacy policies and auditable processes we have reviewed, and ensure available adequate safeguards in place to protect the data transferred (e.g. Standard Contractual Clauses).
How do we handle your Personal Data?
We provide and implement industry-standard physical, electronic, and procedural safeguards to protect Personal Data we collect, process and maintain. For example, data we receive is available only to authorized employees and those subcontractors, who concluded Data Protection Agreement and Non-disclosure Agreements.
In addition, we undertake at Rain-Creative a Data Protection Impact Assessment where any processing of Personal Data is “likely to result in a high risk” to the rights and freedoms of Data Subjects. The Data Protection Impact Assessment, therefore, serves as a tool to help Rain-Creative to identify, evaluate and mitigate risks to the Data Subjects arising as a result of their Personal Data processing.
If you have any doubts or reason to believe that your interaction with our Website is no longer secure and safe, please notify us immediately in writing at [email protected]
We retain your Personal Data for as long as necessary to fulfill the purposes described in this Privacy Policy unless otherwise provided for by legal requirements.
How can you manage your Personal Data?
In case you would like to access, review, update, rectify, and delete any Personal Data we received and hold about you, or exercise any other rights such as a right to object or restrict processing and a right to data portability, or the right to fall into oblivion, you can email us directly to [email protected]. In case you wish to change the way we handle your data, you have a right to lodge a complaint with a supervisory authority. You may find your National Personal Data Authority at this link.
Minors Policy
We do not collect, purposefully or knowingly, or solicit Personal Data from anyone under the age of 16 (sixteen). In case you are under 16 years of age, please do not attempt to send any of your Personal Data to us. If we learn that we have collected Personal Data from a child under the age of 16, we will delete that data as prompt as possible. If you believe or have any suspicious or reasons to believe that a minor has disclosed data to us, please contact us at [email protected].
Do we use Cookies?
A cookie is a piece of data stored on the user’s hard drive containing information about the user. Cookies generally do not permit us to identify you personally.
You can choose to turn off all cookies. The links below provide information about cookies settings for different browsers, such as: Internet Explorer, Firefox, Microsoft Edge, Chrome, Safari.
However, we inform you that turning off cookies may result in some of our Website tools becoming unavailable for you.
Just in case you are interested in the type of cookies third parties or we use on our Website, please look at this Cookies report. It will answer most of your questions.
How do we update this Privacy Policy?
Applicable law and our practices may change over time. If we decide to update our Privacy Policy, we will publish the changes on our Website. If we materially and substantially change the way we collect, process or store your Personal Data, we will provide you with prior notice, or where legally required, request your personal consent prior to implementing such changes. We strongly encourage you to read our Privacy Policy and keep yourself informed of our practices.
DISCLAIMER
At Rain-Creative we don’t implement any form of automated Personal Data processing, which provides for using of personal data to evaluate certain personal aspects related to a natural person, in particular, to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements. However, we may evaluate certain personal aspects of a natural person, and manually create the databases with CVs of our candidates and potential clients.
Legal Background
At Rain-Creative, while collecting and processing your Personal Data, we adhere to the principles and rules stipulated under the General Data Protection Regulations. We invite you to review GDPR by clicking here. In case you have any questions related to our Privacy Policy, please, do not hesitate and contact us by mail: [email protected].
However, we don’t have the Data Protection Officer. We usually engage the Privacy expert to audit our organizational and technical measures and provide us with advice on handling Data Subjects requests. Usually, it takes up to 1 (one) month to respond to your request.
In addition, we are implementing appropriate policies for our management. According to abovementioned policies, Rain-Creative’s director is held accountable for violations of the privacy policy and applicable laws.