Welcome to GETHINS LIMITED, a.s. (“GETHINS”)'s privacy notice (“Privacy Notice”).
GETHINS respects your privacy and is committed to protecting your personal data. This Privacy Notice will inform you as to how we look after your personal data when you visit our website and how Regulation (EU) 2016/679 (i.e., the General Data Protection Regulation or the GDPR) protects you.
Please note that when you are accessing the website without a user account, we do not collect or store or otherwise process personal data, including your IP address, unless you visit our website to: (1) make any payment on web-site; (2) submit a copyright infringement takedown request; (3) submit a copyright counter-notification pursuant to the Terms of Service; or (4) interact with us directly, as further described in this Privacy Notice. Therefore, if you visit our website for the sole purpose of browsing its content and do not create an account or submit any of the Forms described herein or contact us directly, you will not be providing us with personal data and we will not be processing your personal data.
This Privacy Notice, therefore, primarily provides information for those who do not have a user account but visit our website to submit: (1) an abuse reporting form pursuant to paragraph 3 of the Terms of Service; (2) a copyright infringement takedown request pursuant to paragraph 6C of the Terms of Service; or (3) copyright counter-notification pursuant to paragraph 6C of the Terms of Service (together and/or individually referred to as the “Forms”). If you interact with us directly by post, phone, email or otherwise, we also process your personal data for the sole purpose for which you have contacted us.
It is important that prior to submitting any of the Forms, you read this Privacy Notice. We maintain our Privacy Notice under regular review.
It is also important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your interactions with us.
GETHINS LIMITED,a corporate entity existing under the laws of the Republic of Cyprus company registration number: HE 390472, having its principal place of business at Prodromou 75, Oneworld Parkview House, Floor 4, 2063 Nicosia, Cyprus, the provider of the website www.getmynudes.com, is the data controller and is responsible for your personal data.
We have appointed a data protection officer (“DPO”) . If you have any questions about this Privacy Notice or our data protection practices, please contact the DPO.
Our full details are:
Full name of legal entity: GETHINS LIMITED, a.s., Att. of Data Privacy Officer
Email address: firstname.lastname@example.org
Postal address: ONEWORLD PARKVIEW HOUSE, Floor 4, 75 Prodromou Strovolos , 2063 Nicosia, Cyprus
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We will collect, use, store and transfer different kinds of personal data about you as follows:
We collect this personal data only when you submit the Forms pursuant to the Terms of Service in the format provided for in the Terms of Service or when you directly interact with us through our website or by post, phone, email or otherwise. We do not accept that we are a joint controller of personal data of any third parties (other than you) available or contained in any forms submitted by you (“Third Party Personal Data”), and disclaim any and all liability in connection with the Third Party Personal Data.
We only use your personal data for the purpose for which we collected it which includes the following:
We rely on the following two lawful bases to process your personal data for the specific purpose of reviewing an abuse report which you may have filed pursuant to paragraph 3 of the Terms of Service:
i. We may process your personal data in order to comply with our legal obligations under applicable laws, particularly our obligation to remove any material depicting individuals who are underage or to protect individuals against harassment or abuse.
ii. We may also process your personal data to further our legitimate interests as an entertainment business that respects intellectual property rights and to ensure that our users are able to enjoy our website without undue interference to them and their property, including, for example, by removing spamming material or advertisements and to protect our users from online harassment or abuse. For those legitimate purposes, we process your personal data as we deem necessary in order to be able to review the abuse report that you may have filed pursuant to paragraph 3 of the Terms of Service and to allow us to contact you about its content if necessary and appropriate. We consider the processing of your personal data to be proportionate with your interests, rights and freedoms.
Please note that the abuse report can be submitted by email
Although our Company is based outside the United States, we respect the rights of copyright owners and thus have implemented certain policies in an effort to voluntarily comply with laws, such as the Digital Millennium Copyright Act ("DMCA"), which are described further below.
What is the Digital Millennium Copyright Act (“DMCA”)?
The takedown process provided for by the DMCA is a tool for copyright holders to have user-uploaded material that infringes their copyright(s) taken down from our website. The process entails the copyright owner (or the owner’s agent) sending a copyright infringement takedown request to a service provider requesting that the provider remove material that the copyright owner contends is infringing their copyright(s). Once a website is in receipt of the takedown request, it is required to send the takedown request to the addressee of the takedown request. The uploader is subsequently given a chance to respond to the takedown request. The mechanism serves as an initial step for the copyright holder and uploader to resolve any dispute relating to the copyrighted material at issue. For that purpose, GETHINS is required to process and transfer limited personal data between the individuals submitting a takedown request (i.e., the alleged copyright holder) and the uploader.
In compliance with the DMCA, we only accept infringement takedown requests from content owners or someone officially authorized to act on their behalf. To read more about the requirements of a complete request, we invite you to visit https://www.dmca.com/faq/What-is-a-DMCA-Takedown, and consult with your own counsel. (We do not and cannot provide you with legal advice, and none should be implied from this Privacy Notice or anything else on our site.) Information provided for purposes of copyright takedown requests / counter-notifications will be forwarded to the uploader of the material issue.
What lawful basis do we rely upon to process your personal data when you file a takedown request / counter-notification pursuant to the DMCA?
For the specific purpose of our review of your copyright infringement takedown request / counter-notification which you may have filed pursuant to paragraph 6C of the Terms of Service, you are required to provide the information needed to make a valid request, i.e.: (a) takedown webpage URL and (b) statement regarding the ownership of this content. We will process your personal data in order to further our legitimate interests as an entertainment business that respects intellectual property, abides by the law and acts appropriately when reports of copyright infringements are made. For those legitimate purposes, we process your personal data we deem necessary in order to be able to review the takedown request / counter-notification that you may have submitted pursuant to paragraph 6C of the Terms of Service and to allow us to contact you about its content. We consider the processing of your personal data to be proportionate with your interests, rights and freedoms.
What lawful basis do we rely upon to transfer your personal data to the addressee of the takedown request / counter-notification pursuant to the DMCA?
In line with the mechanism provided for under the DMCA, explained above, we will also share with the takedown request claimant or the counter-notification claimant the following personal data to comply with and follow the prescribed steps under the DMCA: your name, your contact information, as well as the contents of your takedown request or your counter-notification. We rely on your consent to transmit your personal data to the addresses of your takedown request or counter-notifications. By submitting a copyright infringement takedown request, you consent to your data being transmitted to the uploader of the material in question in line with and for the reasons explained above and detailed in our Terms of Service. Without your consent, we are unable to process your takedown request or counter-notifications as prescribed under the DMCA.
When you contact us directly through our website or by post, phone, email or otherwise, including for the purposes of exercising your rights under the GDPR or to file any complaints, we will rely on the following two bases to process your personal data:
i. We will rely on our legitimate interests as a customer-friendly entertainment business that wants to improve the experience of the customers in using our website, to resolve satisfactorily any complaints made by our customers, or to respond to any requests for further information. We will process your personal as data we deem necessary for these legitimate interests. Additionally, in rare cases where we reasonably determine that your direct communications with us or our staff are or have become abusive, amount to harassment or otherwise are illegal under the applicable laws, we may also process your personal data for these purposes and pass it onto the relevant governmental authorities. We consider the processing of your personal data to be proportionate with your interests, rights and freedoms.
ii. We may also need to rely on our legal obligations to process your personal data in cases where the applicable law compels us to communicate your personal data exchanged in direct communications with us to the responsible governmental authorities.
For the specific purpose of reviewing and processing a copyright infringement takedown request or a counter-notification, which you may have filed pursuant to paragraph 6C of the Terms of Service, and to safeguard our legitimate business interests and the legitimate interests of our users, and following receipt of your consent, we will share your personal data with the takedown request / counter-notification claimant. We will share the following personal data: your name, your contact information, and the contents of your takedown request / counter-notification.
We undertake to transmit any such personal data exclusively to the takedown request / counter-notification claimant for the sole purpose of following the prescribed steps under the DMCA, which we follow in order to protect our legitimate interests as an entertainment business that respects intellectual property. We will notify the recipient of the personal data of its confidential and sensitive nature and provide it in an encrypted form. However, please note that we are unable to control the use of your personal data by the recipient, and do not accept that we are in the position of being a joint controller of personal data sent to the recipient and we do not accept any associated liability for any breaches.
We may be required by law to share your personal data with relevant law enforcement agencies to allow them to contact you about any abuse report you may have submitted.
We will not share your personal with any third party when your directly interact with us, unless we are required to do so by law or have reasonably determined that your direct contact with us is or has become abusive, amounts to harassment, or otherwise illegal under the applicable laws.
We will only retain your personal data for as long as is reasonably necessary to fulfil the purposes we collected it for as set out in Clause 3 above, including for the purposes of satisfying any legal, regulatory, or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you or the material at issue. To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means.
Please contact us if you want further information on the details of retention periods for different aspects of your personal data.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed, including for example through encryption and firewalls. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who need to know that information in order to process it. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We may transfer, store and process your personal data outside the European Economic Area (“EEA”), for example where the copyright infringement takedown request or counter notification claimant resides outside the EEA.
Where we transfer, store and process your personal data outside of the EEA, we will do so on the basis of EU Model Clauses and/or adequacy decisions issued by competent European authorities. If we are unable to rely on these two bases, we will transfer your personal data outside the EEA to the extent doing do is: (a) necessary for the performance of a contract between you and us; (b) necessary for the conclusion or performance of a contract concluded for your interest between us and another natural or legal person; (c) necessary for the establishment, exercise or defence of legal claims, such as when you file the Forms; or (d) any other bases listed in Article 49 of the GDPR if applicable, such as seeking your consent.
Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
Under certain circumstances, you have rights under data protection laws in relation to your personal data including the right to receive a copy of the personal data we hold about you, request a correction of your personal data, erase your personal data, object to the processing of your personal data, request a restriction of your personal data, request a transfer of your personal data, or withdraw any consent, although the withdrawal of your consent will not affect the legality of processing prior to the withdrawal. More information about these rights is available on http://www.dataprotection.gov.cy. If you wish to exercise any of the rights set out above, contact us at:
GETHINS LIMITED, a.s., Att. of Data Privacy Officer
Postal address: ONEWORLD PARKVIEW HOUSE, Floor 4, 75 Prodromou Strovolos , 2063 Nicosia, Cyprus
Email address: email@example.com
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request in order to process your request or expedite our response. We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
You also have the right to make a complaint at any time to competent data protection authorities either in your country of residence if that country is a member of the EEA or with the Cyprus Protection Office, where GETHINS is headquartered. More information about the Cyprus Protection Office is available at http://www.dataprotection.gov.cy. We would, however, appreciate the opportunity to address your concerns before you approach the Cyprus Protection Office so please contact us in the first instance.
For more information on how we process your personal data including on data security, data retention and lawful processing bases, please contact us at:
GETHINS LIMITED, a.s. Att. of Data Privacy Officer
Postal address:ONEWORLD PARKVIEW HOUSE, Floor 4, 75 Prodromou Strovolos , 2063 Nicosia, Cyprus
Email address: firstname.lastname@example.org
LAST UPDATED ON: 01/10/2021