privacy policy

Last Updated, November 28, 2023

1. LEGAL INFORMATION

This Privacy Policy informs how Obscuro Limited (hereinafter also – ”Controller”, “Owner”,” we”, “us” or “our”) processes information and personal data on the website https://www.obscu.ro/ as well as any other media form, media channel, mobile website or mobile application related, linked, or otherwise connected thereto (hereinafter – Platform).

We strive to protect all personal information that we receive or generate. This Privacy Policy (“Privacy Policy” or “Policy”) explains our data protection practices for our visitors. This Privacy Policy also explains the nature of the personal information we collect, the means by which we collect it, the purposes for which we collect it, and how we use, process, protect, and share it.

Please read this entire Privacy Policy before submitting information to this Platform. By accessing or using this Platform for any purpose and by submitting any of your personal information to us, you are consenting to the terms and conditions of this Policy and to our Terms of Service posted on this Platform. If you disagree with any part of this Privacy Policy or the Terms of Service, please do not use this Platform or any of our other services and do not share any personal information with us.

Data Controller: Obscuro Limited, company incorporated and registered in England and Wales under company number 13873741 with a registered office at Ground Floor, Cromwell House, 15 Andover Road, Winchester, SO23 7BT, UK.

Contact information: e-mail address: terms@obscu.ro

2. DEFINITIONS AND LEGAL REFERENCES

Personal Data (or Data) - Any information that directly, indirectly, or in connection with other information — including a personal identification number — allows for the identification or identifiability of a natural person.

Usage Data - Information collected automatically through this Platform (or third-party services employed in this Platform), which can include: the IP addresses or domain names of the computers utilised by the Users who use this Platform, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server's answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilized by the User, the various time details per visit (e.g., the time spent on each page within the Platform) and the details about the path followed within the Platform with special reference to the sequence of pages visited, and other parameters about the device operating system and/or the User's IT environment.

User - The individual using this Platform who, unless otherwise specified, coincides with the Data Subject.

Data Subject - The natural person to whom the Personal Data refers.

Data Processor (or Data Supervisor) - The natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the Controller, as described in this privacy policy.

Data Controller (or Owner) - The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data, including the security measures concerning the operation and use of this Platform. The Data Controller, unless otherwise specified, is the Owner of this Platform.

This Platform - The means by which the Personal Data of the User is collected and processed.

Service - The service provided by this Platform as described in the relative terms and on this Platform

3. COLLECTING OF DATA

This section explains generally the sources from which, and the means by which, we collect and process personal information.

  • Communicating with us. If you contact us in relation to any of the Services (via email, telephone, post or otherwise), We may collect and retain your contact details and your communication for the purpose of handling your query and keeping records of communications.
  • Submit personal information. When you submit personal information to us voluntarily, including when you communicate with us, pay for our services, or use any of our Services.
  • Visit our Platform. When you visit our Platform, we may collect location and other information from the internet browser you are using;
  • Technology technical information. When your communications with us provide us with certain technical information, such as internet protocol (IP) address, browser type, time zone setting and location, device operating system, and other technologies you may use to access our Platform or otherwise communicate with us.
  • Social media platforms (such as Discord, Twitter (X)). We receive information when you use your social media account while interacting with us on our Discord or Twitter and use our Services.
4. COLLECTED DATA

We collect the following data:

  • Identify and contact information, including your name, postal address, email address and phone number, and any other information you provide to prove you are eligible to use our Services;
  • Communications information, including records of your communications with us and our customer service team (such as records of emails, chat and in-app communications and voice recordings)
  • Social network information, including your interactions with us (such as messages) or our content (such as your likes) on social media (such as Discord or Twitter);
  • Technical information, including device identifiers, IP address, and where you have enabled location services, your GPS location, as well as information on how you use our Platform. This information is mainly collected through cookies and includes: your visits to our platform, the links you click on, through and from our site (including date and time), the services you view or search for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling and clicks), and methods used to browse away from the page; technical information, including the internet protocol (IP) address used to connect your computer to the internet, your log-in information, the browser type and version, the time-zone setting, the operating system and platform, the type of device you use, a unique device identifier (for example, your device identifier, number, or the mobile phone number used by the device), mobile network information, your mobile operating system, the type of mobile browser you use; information stored on your device, including if you give us access to contact information from your address book, photos, videos or other digital content, check-ins. We collect this information from you, when you provide it to us directly or when we collect it through our Platform using technical means, such as cookies.

We collect the following categories of Personal data for the following activities:

ActivityCategories of Personal data
Visiting the Platform
  • Browsing Data
  • Technical Information
Contacting Obscuro Limited support teams
  • Identification Data
  • Contact Data
  • Content of your request
Allowing the visitors and Users to exercise their data protection rights
  • Identification Data
  • Contact Data
  • Content of the request
  • Data necessary to reply to the request addressed to Obscuro Limited
Complying with legal requests or manage litigation
  • Data necessary to prove Obscuro Limited compliance to its obligations and/or manage legal proceedings
Provide our Services on Platform
  • Identification Data
  • Contact Data
Sending you marketing communications or newsletter
  • Contact Data
5. PURPOSE OF DATA COLLECTION

We use the personal information that we collect or receive from our Users for the purposes described in this Policy and for other business purposes allowed by law, including the development, delivery, and performance of our services, sharing with our affiliates for related business purposes, and as follows:

  • To provide and maintain our Service, including to monitor the usage of our Service.
  • For the performance of a contract: the development, compliance and undertaking of the contract for the Services or of any other contract with us through the Service.
  • To contact you: To contact you by email, telephone calls, SMS, or other equivalent forms of electronic communication.
  • To manage your requests: To attend and manage your requests to us.
  • To respond to your requests and questions, resolve disputes, investigate and address your concerns, and monitor and improve our responses;
  • For testing, research, analysis, and a product and service development, including to improve our Platform and services;
  • To respond to law enforcement requests and as required by applicable laws, court orders, or governmental regulations;
  • For other purposes: We may use Your information for other purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns and to evaluate and improve our Service, marketing and your experience.

We process personal data on the following legal basis for the following purposes:

PurposeLegal Basis
If you communicate with us (for example, if you email or call us), we will use your information for dealing with your queries, training and customer service purposes.Contractual necessity: where you provide information that is necessary for us to fulfil our contract with you and provide our Services. Our legitimate interests are to handle your queries and provide you with the requested information, ensure high customer service quality and to train staff in responding to such requests.
To send you marketing communications about our Services (and the products or services of third parties that we make available through our Services), or to send you our newsletter when you sign up to receive this and to monitor whether you open our emails and/or click on URLs in our emails.We rely on your consent, where this is required by law. Otherwise, we rely on our legitimate interest to keep you informed of products and services on our platforms, when we are allowed by law to do so.
To carry out market research and create marketing profiles about our users and understand their preferences in relation to our Services (including the products and services available through these).Our legitimate interest to carry out marketing activities.
To display our advertisements to you on other platforms, such as social media platforms or to display on our website and app advertisements which we think you might like.Your consent, where we obtain this information by using cookies or where otherwise required by law. Otherwise, we rely on our and third parties’ legitimate interests to carry out marketing activities and inform you of products and services we think you might like.
To compile statistics and analysis about the use of our Services and use such statistics to enable us to provide a better service, features, and functionality to you and other users. Your consent, where we obtain this information by using cookies.Our legitimate interests (where consent is not required by law) so as to ensure the smooth and effective functioning of our Services, to make sound business decisions about our products and services and to design, inform and deploy our business strategies.
To respond to legitimate requests for the disclosure of information, made by public authorities, law enforcement or government bodies or under a court order.Legal requirement, to the extent we are obliged under law to process such requests. Our legitimate interests to assist legitimate investigations carried out by official authorities.
To respond to complaints, to protect our legal rights and to establish, exercise or defend legal claims relating to our platforms and/or our products and services.Our legitimate interests to protect our legal rights.
For tax, accounting, record keeping and audit purposes.Legal requirements, to the extent the law requires that we use your information (for example, to comply with our tax obligations).

Wherever we rely on consent, you will always be able to withdraw that consent at any time, although we may have other legal grounds for processing your data for other purposes, such as those set out above. You have an absolute right to opt-out of direct marketing, or profiling we carry out for direct marketing purposes, at any time. You can do this by clicking on the unsubscribe link in the relevant marketing communication or emailing us at - terms@obscu.ro.

We do not use your personal information to take automated decisions about you which have a legal or similarly significant effect on you

6. METHODS OF DATA PROCESSING

Obscuro Limited takes appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data.

The Data processing is carried out using computers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated. In addition to Obscuro Limited, in some cases, the Data may be accessible to certain types of persons in charge, involved with the operation of this Platform (administration, sales, marketing, legal, system administration) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by Obscuro Limited. The updated list of these parties may be requested from the Owner at any time

7. TRANSFERS AND SHARING OF DATA

Depending on the User's location, data transfers may involve transferring the User's Data to a country other than their own. If any such transfer takes place, Users can find out more by checking the relevant sections of this document or inquire with Obscuro Limited using the information provided in the contact section.

Where we need to transfer your personal data outside the European Economic Area (“EEA”), the United Kingdom or Switzerland, and where this is to a stakeholder or vendor in a country that is not subject to an adequacy decision by the EU Commission, data is adequately protected by EU Commission approved standard contractual clauses or a vendor’s Processor Binding Corporate Rules.

Obscuro Limited may store, process, and/or transfer personal data to countries outside of the European Economic Area (EEA) (including countries where the European Commission has not made a decision of an adequate level of protection of personal data), but in these cases Obscuro Limited will ask for specific consent regarding these data transfers.

In this case, Obscuro Limited processes your data in United Kingdom.

We may share your personal data with following recipients:

  • Internal recipients – your Personal data will only be disclosed to authorised employees that require access to fulfil their obligations (e.g. support teams, developers, etc.). Our employees are specifically trained and made aware of the sensitivity of your Personal data and the requirements necessary to ensure the protection of your right to privacy.
  • Judicial, administrative and other public authorities – Obscuro Limited may have to share or disclose some of your Personal data if it is required to do so by the law, by a request meaning from a competent authority., to comply with a court order, to obtain legal remedies or defend Obscuro Limited’s rights, to contribute with investigations (e.g. fraud, identity theft, etc.).
  • Service providers - We share personal data with third-party service providers, who will process it on our behalf for the purposes identified above. These parties will use your information on our instructions, only in order to provide us with their services. In particular, we use third-party providers of website hosting, maintenance, IT services, mail carriers, customer support, communications and marketing services, identity checking.
  • Social media networks and advertisers - subject to your marketing preferences, we share information with social media networks, such as Twitter, Discord, and advertisers to present our ads to you on other platforms.
  • Business advisers - We share information with our legal advisers, accountants, business consultants, insurers and other business advisers, to the extent it is necessary for them to provide us with their services.
8. RETENTION TIME

We will store your personal information for as long as it is required for us to fulfil the purposes for which we have collected it, as described in this Policy, and for such further period that is necessary to comply with our legal and regulatory obligations, to exercise our legal rights and to protect our business from legal claims. Therefore:

  • Personal Data collected for purposes related to the performance of a contract between the Owner and the User shall be retained until such contract has been fully performed.
  • Personal Data collected for the purposes of the Owner’s legitimate interests shall be retained as long as needed to fulfil such purposes. Users may find specific information regarding the legitimate interests pursued by the Owner within the relevant sections of this document or by contacting the Owner.
  • Obscuro Limited may be allowed to retain Personal Data for a longer period whenever the User has given consent to such processing, as long as such consent is not withdrawn. Furthermore, the Owner may be obliged to retain Personal Data for a longer period whenever required to do so for the performance of a legal obligation or upon order of an authority.
  • Once the retention period expires, Personal Data shall be deleted. Therefore, the right of access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after expiration of the retention period.

Obscuro Limited may be allowed to retain Personal Data for a longer period whenever the User has given consent to such processing, as long as such consent is not withdrawn. Furthermore, the Owner may be obliged to retain Personal Data for a longer period whenever required to do so for the performance of a legal obligation or upon order of an authority.

Once the retention period expires, Personal Data shall be deleted. Therefore, the right of access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after expiration of the retention period

9. RIGHTS UNDER GDPR

Users may exercise certain rights regarding their Data processed by Obscuro Limited. In particular, Users have the right to do the following:

  • Withdraw consent at any time. Users have the right to withdraw consent where they have previously given their consent to the processing of their Personal Data.
  • Object to processing of Data. Users have the right to object to the processing of their Data if the processing is carried out on a legal basis other than consent. Further details are provided in the dedicated section below.
  • Access Data. Users have the right to learn if Data is being processed by the Owner, obtain disclosure regarding certain aspects of the processing and obtain a copy of the Data undergoing processing.
  • Verify and seek rectification. Users have the right to verify the accuracy of their Data and ask for it to be updated or corrected.
  • Restrict the processing of their Data. Users have the right, under certain circumstances, to restrict the processing of their Data. In this case, the Owner will not process their Data for any purpose other than storing it.
  • Have their Personal Data deleted or otherwise removed. Users have the right, under certain circumstances, to obtain the erasure of their Data from the Owner.
  • Receive their Data and have it transferred to another controller. Users have the right to receive their Data in a structured, commonly used and machine readable format and, if technically feasible, to have it transmitted to another controller without any hindrance. This provision is applicable provided that the Data is processed by automated means and that the processing is based on the User's consent, on a contract which the User is part of or on pre-contractual obligations thereof.
  • Lodge a complaint. If you have unresolved concerns, you have the right to complain to the data protection authority, which in the UK is the Information Commissioner’s Office.

Any requests to exercise User rights can be directed to Obscuro Limited through the contact details provided in this document. These requests can be exercised free of charge and will be addressed by the Owner as early as possible and always within one month.

If user has any issues regarding data processing done by Obscuro Limited, user can send request to the Information Commissioner’s Office

ADDITIONAL INFORMATION ABOUT DATA COLLECTION AND PROCESSING

  • Legal action. The User's Personal Data may be used for legal purposes by Obscuro Limited in Court or in the stages leading to possible legal action arising from improper use of this Platform or the related Services.
  • System logs and maintenance.For operation and maintenance purposes, this Platform and any third-party services may collect files that record interaction with this Platform (System logs) use other Personal Data (such as the IP Address) for this purpose.
  • Information not contained in this policy.More details concerning the collection or processing of Personal Data may be requested from Obscuro Limited at any time. Please see the contact information at the beginning of this document.
  • Visiting Third-Party Platforms.Our Platform may contain links or references to third party websites. These websites are outside of our control, and the privacy policies of these sites may differ from our own. Please be aware that we have no control over these third-party websites and our Privacy Policy does not apply to such websites. We encourage you to check the terms of use and privacy policies of such sites before disclosing any personal information via such sites. The privacy policy of the third party site will govern how information collected from you is used by the owner of the website. You can always know what Platform you are on by checking the Uniform Resource Locator (URL) in the location bar within your browser.

CHANGES TO THIS PRIVACY POLICY

Obscuro Limited reserves the right to make changes to this privacy policy at any time by notifying its Users on this page and possibly within this Platform and/or - as far as technically and legally feasible - sending a notice to Users via any contact information available to Obscuro Limited. It is strongly recommended to check this page often, referring to the date of the last modification listed at the bottom.

Should the changes affect processing activities performed on the basis of the User’s consent, Obscuro Limited shall collect new consent from the User, where required