Privacy policy
This Privacy Policy describes the types of information gathered by Plytix SLU (“Plytix”, “us” or “we”) in the process of operating this website (the “Site”), the Plytix Academy platform, associated services, data, information, tools, functionality, updates and similar materials (collectively, the “Service”). It also describes how we use information, with whom it may be shared, what choices are available to you regarding the collection, use and distribution of information and our efforts to protect the information you provide to us through the Service. It is important that you take the time to read this Privacy Policy to understand how we use your personal information.
1. EU & UK Residents
If you are a resident of the European Economic Area (“EEA”) or the United Kingdom (“UK”), your rights as a natural person to privacy are protected under EU and UK law by the General Data Protection Regulation ("GDPR"). Your Personal Data may identify you as a person, and thus may be referred to as Personally Identifiable Information ("PII"). For purposes of the GDPR, Plytix SLU is the “Data “Controller” and you are the “Data Subject” with certain protected privacy rights concerning your “Personal Data.” When exercising your rights under the GDPR we will ask you to provide a piece of government issued identification in order to be able to identify you, protect your data with us and to process your request(s). You may contact the data controller for GDPR related matters at:
Mail to our Office: | By E-Mail: |
Plytix SLU Att: Data Protection (GDPR) Alameda Principal 24, 2º Planta 29005 Malaga / Spain |
gdpr@plytix.com |
We will respond to your request(s) at the latest within one (1) month of receipt. In case your request is i) very complex or ii) we have received numerous requests from you, or both, we have the right under the GDPR to extend the time to respond to you by a further two (2) months upon prior notification to you. Plytix is subject to the authority of the Spanish Data Protection Agency. If at any point you feel that we may have violated your rights under the GDPR you can also file a claim with the Spanish Data Protection Agency (www.aepd.es).
1.1 GDPR Data Subject Rights
As a data subject as defined under the GDPR, you have the rights to:
- Be informed about our identity as a controller and our contact details (see above), the purposes of processing your Personal Data and transfers of your PII to a third country or international organization. As well you have the right to know the source of Personal Data we may have obtained not from you directly.
- Request access to information whether data about you is being processed by us. If that is the case you have the right to information about the purposes of data processing, the categories of data processing and the data storage limits.
- Request rectification of inaccurate Personal Data we hold about you.
- Request the erasure of Personal Data which is no longer required for the purposes it was collected for or your consent for the processing of the data is withdrawn, or the data is being unlawfully processed.
- Restrict processing. This is the right to ask for a temporary halt to processing of your Personal Data, such as in the case where a dispute or legal case has to be concluded, or the data is being corrected.
- Object to processing of your Personal Data if i) the accuracy of your data is contested ii) the data processing is unlawful iii) we no longer need the data for the purposes they were collected for iiii) you objected to the data processing on public interest grounds or our legitimate interests grounds.
- Request data portability of your Personal Data in a structured, commonly used and machine readable format in order to transmit it to another data controller. We reserve the right to provide only one such request after your account closure with Plytix.
- To not be subjected to decision making that is exclusively based on automated processing. Our Service does not engage in any such automated decision making and profiling.
1.2 GDPR Legal basis for processing your PII
The GDPR requires us to explain to you the legal basis on which we process your PII. In accordance with the law we process your Personal Data because:
- You have given us your consent to process it for one (1) or more specific purposes. You have the right to withdraw consent at any time by contacting us via the contact information provided above. We may not stop processing your PII after you withdraw consent in instances where we have another legal basis for such processing (e.g. legal obligations).
- It is necessary in order to perform our contract with you or to take steps to enter into a contract with you upon your request.
- It is necessary to protect your or another natural person's vital interests.
- It is necessary in furthering our legitimate interests of using the data provided by you to us, given your interests and fundamental rights do not override those interests.
- We need to comply with a legal obligation.
2. California Residents
If you are a resident of California / USA your rights to privacy are protected under the California Consumer Privacy Act 2018 [1798.100 - 1798.199.100].
2.1 CCPA Data Subject Rights
When exercising your rights under the CCPA we will ask you to provide a piece of government issued identification in order to be able to identify you, protect your data with us and to process your request(s).
Mail to our Office: | By E-Mail: |
Plytix SLU Att: Data Protection (CCPA) Alameda Principal 24, 2º Planta 29005 Malaga / Spain |
privacy@plytix.com |
We will respond to your request(s) at the latest within forty five (45) days of receipt. In case your request is i) very complex or ii) we have received numerous requests from you, or both, we have the right under the CCPA to extend the time to respond to you by a further forty five (45) days upon prior notification to you.
As a “Data Subject” as defined under the CCPA, you have the rights to:
- Request the deletion of your Personal Data. We are legally not obliged to comply with your request to delete your data if the data is necessary for the business in order to a) complete the transaction b) ensure security and integrity c) debug and repair errors d)
exercise free speech e) comply with the California Electronic Communications Privacy Act Ch.3.6 f) engage in public or peer reviewed scientific, historical or statistical research g) enable internal uses reasonably aligned with the consumer relationship h) comply with a legal obligation. - Request correction of incorrect personal information.
- To know what personal information is being collected, including its a) categories b) the
source from which it was obtained c) purpose for collecting and c) the specific pieces of
personal information. - To know what personal information is shared and with whom.
- Opt out of the sharing of personal information.
- Limit the use and disclosure of sensitive personal information.
- To not be discriminated against due to the exercise of your rights.
3. Data collection
3.1 Data minimization. We strive to limit the amount of data we collect from you and only collect the data we need to carry out the agreed processing.
3.2 Data we do not collect. We do not collect and nor process special category data defined by the GDPR as a) race b) ethnicity c) political opinions d) religious beliefs, e) philosophical beliefs, f) trade union memberships g) genetic data h) biometric data i) health data j) sexual orientation.
3.3 What data we collect. During your use of the Plytix Service, we may request specific PII about you in order to add you as a User, add you to our email list, facilitate your payments for the Service, or fulfill your requests for services or information.
3.2 Data we do not collect. We do not collect and nor process special category data defined by the GDPR as a) race b) ethnicity c) political opinions d) religious beliefs, e) philosophical beliefs, f) trade union memberships g) genetic data h) biometric data i) health data j) sexual orientation.
3.3 What data we collect. During your use of the Plytix Service, we may request specific PII about you in order to add you as a User, add you to our email list, facilitate your payments for the Service, or fulfill your requests for services or information.
The types of PII that we collect and save include:
- Contact and account information, such as name, work mailing address, work email address, and work phone number;
- Technical information, collected in our logs and via cookies. Such information may include standard web log entries that contain your device identifiers and information, operating system information, clickstream data, IP address, previous page URL, referring page URL, and timestamps.
- Information you provide such as feedback, comments, or other messages.
- Other information that is collected during your communications with us, such as email messages and “read receipts.”
- Anonymous, non-identifying, and aggregate information such as the type of browser you are using, the type of operating system you are using, the date and time of any request, language preference, referring Site, and the domain name of your internet service provider.
- Anonymized PII and include such anonymous information in sets or collections of aggregate information.
4. Data Usage
4.1 We use the PII you provide solely for the purposes for which you have submitted it including:
- Responding to your inquiries and fulfilling your requests. We may use your PII to respond to your inquiries and to fulfill your requests for information.
- Creating and maintaining your User account. We use your PII to create and maintain an account for you to allow you to purchase and use the Service.
- Subscribing to the Service. We may use your PII to add your subscriptions to our Service.
- Communicating with you about our Services. We may use your PII to send you information about new Services and other items that may be of interest to you, allowing you to opt out at any time.
- Sending administrative emails and promotional emails. We may use your PII to send you emails to (a) confirm your account information and your other PII; (b) process your transactions to purchase our Service; (c) provide you with information regarding the Service; (d) inform you of changes to this Privacy Policy, our Terms of Service, or our other terms, conditions, or policies; or (e) provide you with information on our other Services and products or promotions related to the Service or our other Services and products.
- Serving You Targeted Advertisements. We may use your PII to serve you advertisements with the Service that are targeted to your interests.
- Marketing and Selling to You. We may use your PII in any enquiry you submit to us regarding our content, products and/or services for the purposes of offering, marketing and selling relevant products and/or services to you. The legal basis for this processing is
consent.
4.2 We may use anonymous information that we collect to improve the design and content of our platform and to enable us to personalize your internet experience. We also may use this information in the aggregate to analyze how our platform is used, as well as to offer you programs or Services.
4.3 We may use your Content to provide certain functionalities of the Service, as directed by you. We may also anonymize your Content and use it for purposes of improving the design and content of our Service, analyzing how the Service is used, and performing analytics and benchmarking, and for general business purposes.
4.3 We may use your Content to provide certain functionalities of the Service, as directed by you. We may also anonymize your Content and use it for purposes of improving the design and content of our Service, analyzing how the Service is used, and performing analytics and benchmarking, and for general business purposes.
5. Data Sharing
5.1 We will never sell your PII data. We will also not share your PII, except:
(a) for the purposes for which you provided it (if applicable);
(b) with your consent; or
(c) as required by law or with external legal counsel to protect our organization or others from harm (e.g., in response to a court order or subpoena, in response to a law enforcement agency request, or when we believe that someone is causing, or is about to cause, harm to or interference with the rights or property of another).
(b) with your consent; or
(c) as required by law or with external legal counsel to protect our organization or others from harm (e.g., in response to a court order or subpoena, in response to a law enforcement agency request, or when we believe that someone is causing, or is about to cause, harm to or interference with the rights or property of another).
Finally, we may transfer your PII to our successor-in-law in the event of a company acquisition, sale, merger, or bankruptcy.
5.2 Plytix engages certain sub-controllers and processors in providing the Service. These third parties are listed below, with a description of their services and the location where data is hosted. The list contains processors which may, in part, only process data not containing PII. This list may be updated by Plytix from time to time as the need arises:
5.2 Plytix engages certain sub-controllers and processors in providing the Service. These third parties are listed below, with a description of their services and the location where data is hosted. The list contains processors which may, in part, only process data not containing PII. This list may be updated by Plytix from time to time as the need arises:
Third party | Location | Description of Service |
LearnWorld | Cyprus | Cloud Platform for Plytix Academy |
Google Analytics | USA | Webpage usage data |
HubSpot, Inc. | USA and Ireland | Marketing automation and sales tool for US & EU Plytix customer data respectively only |
Tinybird | EU | Database for analytics data storage |
EU | Behavioral advertising and analytics | |
USA | Behavioral advertising and analytics | |
Capterra | EU | Conversion tracking |
Crozdesk | UK | Conversion tracking |
G2 Crowd | USA | Conversion tracking |
YouTube | USA | Embedded videos |
Pendo.io | USA | Product usage analytics and in-tool communication |
5.3 Should at some point in time the need to transfer PII to a data processor in a third country arise, Plytix will only transfer PII data with your consent to such third countries and apply the EU Standard Contractual Clauses (SCC) as a precondition for such transfer.
6. User Data Residency & Transfers
The servers containing user data on the Plytix Academy Platform are under control by LearnWorld in Cyprus, who is the sub-processor engaged on behalf of Plytix to provide the cloud based Plytix Academy Platform.
LearnWorlds Ltd
Email: gdpr@learnworlds.com
Phone: +44 11 6464 9900
Address: Gladstonos 120, Foloune Building, 2nd Floor, B1, 3032, Limassol, Cyprus.
LearnWorlds Ltd. may transfer user’s personal data onwards to sub-processors in the US in order to facilitate the functioning and operation of their cloud based platform. By opening an account on the Academy platform you, in accordance with Art. 49 (1) (a) GDPR, explicitly agree to the specific transfers of your personal data to the following sub-processors contracted by LearnWorlds Ltd.:
LearnWorlds Ltd
Email: gdpr@learnworlds.com
Phone: +44 11 6464 9900
Address: Gladstonos 120, Foloune Building, 2nd Floor, B1, 3032, Limassol, Cyprus.
LearnWorlds Ltd. may transfer user’s personal data onwards to sub-processors in the US in order to facilitate the functioning and operation of their cloud based platform. By opening an account on the Academy platform you, in accordance with Art. 49 (1) (a) GDPR, explicitly agree to the specific transfers of your personal data to the following sub-processors contracted by LearnWorlds Ltd.:
- Google Cloud EMEA Limited (1) and Google, LLC (2).
Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 9404, USA.
- The Rocket Science Group LLC (aka “MailChimp”).
675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA.
- Freshworks, Inc
Freshworks Inc., 2950 South Delaware St., 2nd Floor, San Mateo, CA 94403, USA.
In line with our legal obligations under the Art. 49 (1) (a) GDPR, we inform you that the United States have not obtained an adequacy decision from the European Union in regards to their data protection laws and practices and do not offer appropriate data protection safeguards either. Before opening an account on the Plytix Academy website, provided using software from LearnWorlds, please consider the risks of the absent data protection provisions in the US and also the possibility that your personal data may potentially be subject to US Government surveillance and storage. By setting the check mark during the sign-up process and creating an account on this website you expressly agree to the above explained data transfers. You can withdraw your consent at any time by closing your Academy account and sending a request using this form to gdpr@plytix.com to start the process of your data erasure from the Plytix and LearnWorld systems.
7. Data Retention & Processing Periods
7.1. Customer Data Retention
If you have been a paying customer of Plytix we store your PPI for a period of six (6) years in order to be able to fulfill our documentary obligations towards the Spanish Tax Agency (Agencia Estatal de Administración Tributaria) for our Spanish entity Plytixs SLU and towards the Internal Revenue Service (IRS) for our US entity Plytixs.com Inc.
7.2 Plytix Academy Account Holders Only
Plytix will process your data while you maintain an account on the Plytix Academy Platform. After you have deleted your account from the Academy Platform, your PII Data is subject to the following automated deletion schedule:
● Hourly backup - deletion within 2 days
● Daily backup - deletion within 7 days
● Weekly backup - deletion within 4 weeks
● Monthly backup - deletion within 12 months
8. Data Breaches
In the unlikely event of a PII data breach we will fully comply with our legal obligations under the GDPR and cooperate with the local data protection authority. Amongst other things this means we will notify the authority within 72 hours of the breach occurring and work closely with their established protocols to address the situation. We will also communicate a data breach to you directly if the breached data contained unencrypted PII or the data protection authority directs us to do so.
9. Cookies and third parties
9.1 Enhancing the user experience. To enhance your online experience with us, our web pages may use "cookies."
Cookies are text files that our web server may place on your hard disk to store your preferences. Cookies, by themselves, do not tell us your PII unless you choose to provide this information to us. Once you choose to provide PII, however, this information may be linked to the data stored in the cookie. Certain features of the Service may not function properly without the aid of cookies.
Cookies are text files that our web server may place on your hard disk to store your preferences. Cookies, by themselves, do not tell us your PII unless you choose to provide this information to us. Once you choose to provide PII, however, this information may be linked to the data stored in the cookie. Certain features of the Service may not function properly without the aid of cookies.
You can find more information about the individual cookies we use on the Service and the purposes for which we use them in the table below:
Cookie name | Purpose |
MUID | This cookie is widely used by Microsoft as a unique User identifier for targeting and advertising purposes. |
MUIDB | This cookie carries out information about how the User uses the website and any advertising that the User may have seen before visiting the said website. |
__cfduid | Cookie associated with Sites using CloudFlare, used to speed up page load times. It does not contain any User PII. |
_fbp | Used by Facebook to deliver a series of advertisement products such as real-time bidding from third-party advertisers. |
_ga | This cookie name is associated with Google Universal Analytics, which is a significant update to Google's more commonly used analytics service. This cookie is used to distinguish unique Users by assigning a randomly generated number as a client identifier. It is included in each page request in a Site and used to calculate visitor, session, and campaign data for the Site's analytics reports. |
_gat_gtag_UA_59556455_1 | This cookie name is associated with Google Universal Analytics. It stores and updates a unique value for each page visited. |
_gid | This cookie name is associated with Google Ads. It stores and updates a unique value for each page visited. |
_hjid | This cookie is associated with web analytics functionality and services from Hot Jar, a Malta-based company. It uniquely identifies a visitor during a single browser session and indicates they are included in an audience sample. |
lang | This cookie is used to store language preferences, to serve up content in the stored language. |
lidc | This is a Microsoft MSN 1st party cookie that ensures the proper functioning of this website. |
_gat | Google Tag Manager, to store and track visits across websites. |
_uetsid | Google Tag Manager, to store and track visits across websites. |
_uetvid | Google Tag Manager, to store and track visits across websites. |
_fbp | Facebook, to store and track visits across websites. |
_hjTLDTest | Hotjar, to track User behavior across the Site. |
messagesUtk | Hubspot, to store browser details and store performed actions on the website. |
_hjFirstSeen | Hotjar, to identify a new User’s first session. |
_hjid | Hotjar, to store a unique User ID. |
__cfruid | CloudFlare, functional purpose. |
__cfduid | CloudFlare, to Identify trusted web traffic. |
9.2 Plytix or our service providers may also use "pixel tags," "web beacons," "clear GIFs," or similar means (collectively, "Pixel Tags") in connection with some Plytix Site pages and HTML- formatted email messages for purposes of, among other things, compiling aggregate statistics about website usage and response rates. A Pixel Tag is an electronic image, often a single pixel (1x1), that is ordinarily not visible to website visitors and may be associated with cookies on visitors’ hard drives. Pixel Tags allow us and our service providers to count Users who have visited certain pages of the Plytix Site, to deliver customized services, and to help determine the effectiveness of promotional or advertising campaigns. When used in HTML-formatted email messages, Pixel Tags can inform the sender of the email whether and when the email has been opened.
9.3 As you use the internet, you leave a trail of electronic information at each website you visit. This information, which is sometimes referred to as "clickstream data,” can be collected and stored by a website's server. Clickstream data can reveal the type of computer and browsing software you use and the address of the website from which you linked to the Plytix Site. We may use clickstream data as a form of non-personally identifiable information to determine how much time visitors spend on each page of our Site, how visitors navigate through the Site, and how we may tailor our web pages to better meet the needs of visitors. We will only use this information to improve our Site.
9.4 Do Not Track. At present, the Site does not specifically respond to browser do-not-track signals.
10. Minors
In order to use the Plytix Academy Platform the User needs to have contractual capacity. We do not knowingly collect any information from any minors, and we comply with all applicable privacy laws including the GDPR, USA Children's Online Privacy Protection Act (“COPPA”), and associated Federal Trade Commission (“FTC”) rules for collecting personal information from minors. Please see the FTC's website (www.ftc.gov) for more information.
If you have concerns about this Site, wish to find out if your child has accessed our Services, or wish to remove your child's personal information from our servers, please contact us at privacy@plytix.com.
Our Site will not knowingly accept personal information from anyone aged 16 years or younger in violation of applicable laws or without the consent of a parent or guardian. In the event that we discover that a child aged 16 or younger has provided PII to us, we will make all reasonable efforts to delete the child’s information in accordance with the GDPR and COPPA. If you believe that your child under 16 has gained access to our Site without your permission, please contact us immediately at privacy@plytix.com.
11. Links to other websites
Please check the privacy policies of other websites we link to in order to learn how they collect, use, store and share information that you may submit to them or that they collect. We do not accept responsibility for 3rd party websites.
12. Changes to the policy
Because our business needs may change over time, we reserve the right to modify this Privacy Policy. If at any time in the future we plan to use your PII in a way that differs from this Privacy Policy, we will revise this Privacy Policy as appropriate.
In the event of a change to our Privacy Policy, we will email the updated policy to the email address that you provided to us. Your continued use of the Plytix Service following our notice of changes to this Privacy Policy means you accept such changes. Please refer to the “Effective Date” below to see when this Policy was last updated.
Effective Date:
This policy was last updated on 10 May 2023
Copyright © 2023, Plytix SLU. All rights reserved. The Site and Service are the property of Plytix, and are protected by United States and international copyright, trademark, and other applicable laws. This includes the content, appearance, and design of the Site and Service, as well as the trademarks, product names, graphics, logos, service names, slogans, colors, and designs.
Terms and Conditions | Privacy Policy | Cookie Policy Copyright Plytix.com Inc. - 2023