Trade name “Eureekkaa” relates to one or any number of legal entities, including its subsidiaries and affiliates, within the group of Yeesshh Ltd, a limited liability company, registered under the laws of the State of Spain.
These privacy policies are part of the General Conditions for the use of Eureekkaa.com under Yeesshh LTD . All personal information provided to Eureekkaa.com, Yeesshh LTD or Yeesshh Servicios Online Barcelona S.L. (hereinafter Yeesshh) through the Website or through any other electronic means made available to users will be handled with the utmost confidentiality. We are committed to protecting and respecting the privacy of our partner data and the one of their final customers.
- About Eureekkaa.com : Eureekkaa is a service and brand of Yeesshh LTD.
- About Yeesshh : we are a B to B operator and has such may collect information form our business partners (customers or providers) in order to conduct business with them. We do not collect personally identifiable data about the viewer of ads we promote. We do, however, record and use information that is not personally identifiable, including but not limited to the following: the IP address of the viewer device, to do geo-targeting, to identify mobile operator, connection type, and other details; the ‘user agent’ of the browser or application, and other relevant request headers, to help us identify your the device type; the date and time of the ad delivered a unique identifier, such as an HTTP cookie or an device advertising identifier, that enables us not to show the same ad over and over again.
- Rights of affected parties: Yeesshh commits itself to respecting and facilitating interested parties exercising their rights recognized by regulations in matters of data protection and, in particular, the rights to access, rectify, cancel and oppose data. Said rights may be exercised by sending a request at email@example.com, attaching a photocopy of ID and specifying the right being exercised.
- Security measures: Yeesshh states and guarantees that it maintains security levels for the protection of personal data in conformity with current legislation and that it has implemented all the technical means available to it to avoid loss, misuse, alteration, unauthorized access and theft of the data provided by users.
- Commercial communications: Our partners may manifest the desire not to receive future commercial communication at any time by sending an email to firstname.lastname@example.org, also, by following the instructions at the end of each commercial communication through the unsubscribe link.
- Cookies used: While visiting our Website, third-party cookies are generated. Said third parties may set their own cookies with the purpose of customizing the application and measuring its functionality. Because of how these cookies function, Yeesshh cannot access them, in the same fashion that third parties cannot access the data of cookies used by us. Therefore, we recommend that you visit the websites of said third parties to understand their operation.
DATA PROCESSING AGREEMENT
This Data Processing Agreement ( DPA) is between Partner and Yeesshh (as defined under the Terms and Conditions) and forms an integral part of Terms and Conditions available at https://www.yeesshh.com/legal and to the user agreement https://my.yeesshh.com/advertiser/agreement (if applicable). Partner and Yeesshh are hereinafter jointly referred to as the “Parties”. In the event of any conflict between this DPA and the Terms and Conditions, the terms of this DPA shall prevail. This Agreement only applies to the extent that the EU Data Protection Law applies to the Processing of Personal Data under this Agreement, including if (a) the Processing is carried out in the context of the activities of an establishment of either Party in the European Economic Area (“EEA”), and/or (b) the Personal Data relates to Data Subjects who are in the EEA and the Processing relates to the offering to them of goods or services or the monitoring of their behavior in the EEA.
- DEFINITIONS : “Controller” or “Data Controller” means the entity that determines the purposes and means of the Processing of Personal Data.“Processor” or “Data Processor” means the entity which Processes Personal Data on behalf of the Data Controller. “Data Subject” means the individual to whom Personal Data relates, including End Users.“End User” means the end user of an internet connected device, such as a visitor to a web page, a user of a mobile app, or a user of an IoT device, or a visitor on advertisement or campaign webpage.“GDPR” means Regulation (EU) 2016/679 of the European Parliament and the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (also known as “General Data Protection Regulation”).“Personal Data” means any information relating to an identified or identifiable person as defined in Article 4.1 of the GDPR.“Processing” means any operation or set of operations which is performed upon Personal Data, whether or not by automatic means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction (“Process”, “Processes” and “Processed” shall have the same meaning).“Sub-Processor” means any Data Processor engaged by the Processor.“Services” means services provided by the Yeesshh in accordance with the general legal terms mentioned above.
- RIGHTS OF DATA SUBJECTS : Yeesshh shall notify Partner via e-mail if he receives a request from a Data Subject in the subject of access to, correction, amendment, deletion of or objection to the processing of that Data Subject’s Personal Data. Yeesshh shall not respond to any such Data Subject request without Partner’s prior written consent, except in order to confirm that the request relates to the Partner.To the extent that Partner responds to any such Data Subject request, Yeesshh shall provide Partner, to the extent required by law, with commercially reasonable cooperation and assistance in relation to handling of a Data Subject’s request, to the extent legally permitted.Yeesshh reserves the right to charge additional fees in relation to the cooperation with the Partner in regard to this DPA.Yeesshh’s staff: Yeesshh shall ensure that its personnel engaged in the Processing of Personal Data is informed of the confidential nature of the Personal Data, has received appropriate training on their responsibilities and is subject to obligations of confidentiality. Such obligations shall survive the termination of that individual’s engagement with the Yeesshh.Yeesshh shall ensure that access to Personal Data is limited only to those members of personnel who require that access in order to fulfil Yeesshh’s obligations under the Terms and Conditions.
- SECURITY : Pursuant to Article 28, Section 3(c) of the General Data Protection Regulation, the Yeesshh shall take the measures required by the Article 32 of the GDPR. Yeesshh shall provide sufficient guarantees of implementation of the appropriate technical and organizational measures in a manner that the processing will meet the requirements of the GDPR and ensure the protection of the rights of the Data Subject. Yeesshh imposes appropriate contractual obligations upon its personnel that engages in the Processing of Personal Data, including relevant obligations regarding confidentiality, data protection and data security. Yeesshh ensures that its applicable personnel has been properly informed of the confidential nature of the Personal Data, has received appropriate training and has executed written confidentiality agreements. Yeesshh will further ensure that such confidentiality agreements will survive the termination of employment or another form of engagement of its personnel.
- AUDIT RIGHT : to the extent that the applicable law requires Partner to be in a position to monitor the adequate Processing of Personal Data, Partner as the Partner have the right to request an audit from Yeesshh to the extent necessary to review whether Yeesshh and our Sub-Processors are compliant with the following regulations: (i) any provisions of the Law, (ii) the terms of this DPA, and (iii) Partner’s instructions.Yeesshh may provide Partner with a copy of its most recent third-party audits or certifications issued by an independent, third-party auditor, as applicable, or any summaries thereof in order to fulfil Partner audit rights. If an audit is required by law and where its requirements cannot be fulfilled by the provision of such certification, Partner may conduct, either by Partnerself or through a third party independent contractor selected by Partner at Partner expense, an on-site audit of the Yeesshh. Such audit may be conducted subject to the following terms: (i) the audit will be pre-scheduled in writing with Yeesshh at least 30 days in advance and will be performed once a year at most; (ii) if applicable, all of Partner personnel performing the audit, whether employed or contracted by Partner, will execute a Yeesshh’s standard non-disclosure agreement prior to the initiation of the audit, and a third party auditor will in addition execute a non-competition undertaking; (iii) Partner will undertake all necessary measures to ensure and verify that the auditors do not access, disclose or compromise the confidentiality and security of Personal Data other than Partner Personal Data on Yeesshh’s information and network systems; (iv) Partner will take all necessary measures to prevent any damage or interference with Yeesshh or its service providers’ information and network systems; (v) Partner will bear all costs and assume responsibility and liability for the audit and for any failures or damage caused as a result thereof; and (vi) any audit activities on Yeesshh’s third-party service providers’ information systems will be pre-scheduled and agreed on with the applicable providers; (vii) Partner will keep the audit results in strict confidentiality, use them solely for the specific purposes of the audit under this Section 6 and the GDPR will not use the results for any other purpose, or share them with any third party, without the Yeesshh’s prior explicit written confirmation; (viii) If Partner are required to disclose the audit results to a competent authority, Partner will provide the Yeesshh with a prior written notice, explaining the details and necessity of the disclosure, as well as provide all further necessary assistance to prevent such disclosure.
- SECURITY BREACH MANAGEMENT AND NOTIFICATION : if Yeesshh becomes aware of any accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or access to any Personal Data transmitted, stored, or otherwise Processed on Yeesshh’s equipment or in Yeesshh’s facilities (“Security Breach”), Yeesshh will promptly: (i) notify the Partner of the Security Breach; (ii) investigate the Security Breach and provide Partner with all relevant information about the Security Breach; and (iii) take all commercially reasonable steps to mitigate the effects and minimize any damage resulting from the Security Breach.
- SUBPROCESSING AND TRANSBORDER DATA TRANSFERS : Partner authorizes Yeesshh to appoint Sub-Processors in order to provide the Services. Yeesshh may continue to use the Sub-Processors already engaged by the Yeesshh according to this DPA. Yeesshh may integrate the Partner’s services with external service providers’ platforms for the purpose of providing its Services, on Partner’s behalf and for the purposes of serving the Partner’s interests, where such external service providers may be Sub-Processors, which Partner hereby agrees to. A full list of such Sub-Processors is available upon the Partner’s written request directed to the Yeesshh. Notwithstanding the provisions above, Partner hereby authorize Yeesshh to subcontract the Processing to the Sub-Processors based outside of the European Economic Area (EEA) to the extent necessary to duly perform the Service(s), under the condition that the Sub-Processors will provide sufficient guarantees in relation to the required level of data protection, e.g. through a Privacy Shield certification according to the EU Commission Decision 2016/1250, or a subcontracting agreement based on the standard contractual clauses launched by virtue of the EU Commission Decision on standard contractual clauses for the transfer of personal data to processors established in third countries under Directive 95/46/EC or GDPR (the “Model Contract Clauses”), or based on other applicable transborder data transfer mechanisms.
- OTHERS TERM : This Agreement shall become effective as of May 25, 2018. Partner authorizes Yeesshh to retain Personal Data for a period of 3 months from the date of its collection on Partner’s behalf and for the purpose of serving its interests, including for fraud prevention, ad security services, reporting services, complaints or chargebacks handling. This data may be deleted from Yeesshh’s servers after this retention period and/or after the termination of Agreement or earlier, at Partner written request. Notices: If Partner wish to make any inquiries about this Agreement, please contact support@Yeesshh.com Liability: Partner shall indemnify and hold Yeesshh, its officers, directors, employees, contractors, and agents harmless from and against all claims, liabilities, administrative fines, suits, judgments, actions, investigations, settlements, penalties, fines, damages and losses, demands, costs, expenses, and fees including reasonable attorneys’ fees and expenses, arising out of or in connection with any claims, demands, investigations, proceedings, or actions brought by data subjects, legal persons (e.g., corporations and organizations), or supervisory authorities under the data protection laws that apply to Yeesshh in respect of processing of Personal Data on behalf of Partner through Services. The liability of each party under this Agreement shall be subject to the exclusions and limitations of liability set out in the legal terms.Governing law: This Agreement shall be governed by, and is construed in accordance with, the laws of the State of Spain, without giving any effect to any choice of law and provisions thereof that would cause the application of the laws of any other jurisdiction.