Introduction:

This ImmudiPlan Privacy Policy (hereinafter – the Privacy Policy) explains how “ImmudiPlan,” contact information: [email protected] (hereinafter – ImmudiPlan or the Data Controller), collects and uses your (hereinafter – the Data Subject) personal data.

According to the General Data Protection Regulation (EU 2016/679) (hereinafter – GDPR), personal data is considered any information about a natural person whose identity is identified or can be identified based on the processed personal data (hereinafter – Personal Data). Through this notice, in compliance with the GDPR, ImmudiPlan informs the current or prospective Data Subject about the Personal Data processed by ImmudiPlan.

This Privacy Policy describes ImmudiPlan policies and practices regarding its collection and use of your personal data and sets forth your privacy rights. By using the Service, you agree with ImmudiPlan collection, use, and sharing of your personal information in accordance with the terms of this Privacy Policy.

We highly value and prioritize your privacy, therefore we do not knowingly attempt to receive excess information or infringe your right in any other way. Moreover, we recognize that information privacy is an ongoing responsibility, therefore we will from time to time update this Privacy Policy as we undertake new personal data practices or adopt new privacy policies. 

1. Personal Information We Collect

In order to ensure the proper functioning of the website and (or) mobile app and provide you with high-quality services, to enter into and fulfill the contract with you, and to comply with the applicable legal requirements, we may process the following Personal Data:

Purpose	Lawful basis	Personal data categories
User registration	Consent (Article 6(1)(a) of the GDPR)	Name, contact information
Fulfilling customer orders	Contractual necessity (Article 6(1)(b))	Name, contact information, payment information
Provide membership services, including access to website and other content and discounts on purchases; fulfill customer subscriptions	Contractual necessity (Article 6(1)(b))	Name, contact information, payment information
Provide access to purchased training	Contractual necessity (Article 6(1)(b))	Name, contact information, payment information
Correspondence with website visitors	ImmudiPlan legitimate interest (Article 6(1)(f) of the GDPR)	Contact information, communication content, name.
Behavioural advertising	Consent (Article 6(1)(a) of the GDPR)	Name and contact information
Business intelligence	Consent (Article 6(1)(a) of the GDPR)	Cookies data
Improve products and services	ImmudiPlan legitimate interest (Article 6(1)(f) of the GDPR)	Anonymous website usage intelligence
Direct marketing	Consent (Article 6(1)(a) of the GDPR)	Name and contact information

You may access some of ImmudiPlan‘s services without providing personal data, as some information on our website is available to individuals who are not ImmudiPlan members. Certain personal information is necessary for ImmudiPlan to deliver the services you have purchased or requested, and to authenticate your identity, ensuring that we are engaging with you personally and not another individual.

2. Use of the ImmudiPlan Website and App

During your visit to the Site or App, we collect specific information about your device, including details about your web browser, IP address, time zone, and certain cookies installed on your device. As you navigate through the Site or App, we also gather information about the individual web pages or products you view, the websites or search terms that referred you to our Site, and how you interact with the Site or App. We refer to this automatically-collected information as “Device Information.”

As is common with most websites or apps, ImmudiPlan’s website and App collects certain information automatically and stores it in log files. This information may include internet protocol (IP) addresses, the region or general location where your device is accessing the internet, browser type, operating system, and other usage data regarding your interaction with the ImmudiPlan website or App, including a history of the pages you view. We use this information to improve the design and functionality of our Site and App to better meet our users’ needs. We may also use your IP address to diagnose server issues, administer the website, analyze trends, track visitor movements, and gather broad demographic information to understand visitor preferences.

ImmudiPlan has a legitimate interest in understanding how users, customers, and potential customers interact with its Site or App. This helps us offer more relevant products and services, communicate value to our sponsors and corporate members, and ensure we have adequate staffing to meet the needs of our users and customers.

We use the following technologies to collect Device Information:

• Cookies: These are data files placed on your device, often containing an anonymous unique identifier. To learn more about cookies and how to disable them, please visit our cookie notice. ImmudiPlan makes available a comprehensive cookie notice that describes the cookies used on ImmudiPlan website and provides information on how users can accept or reject them. 
• Log Files: These track actions occurring on the Site and collect data such as your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
• Web Beacons, Tags, and Pixels: These are electronic files used to record information about your browsing activities on the Site.

3. Do not Track

Please note that we do not modify our data collection and usage practices in response to Do Not Track signals from your browser.

4. Sharing Your Data With Others

We may disclose your personal data to any member within our group of companies, which includes subsidiaries, our ultimate holding company, and its subsidiaries, to the extent reasonably necessary for the purposes outlined in this notice. This may involve internal administrative purposes, as well as the provision or sharing of IT, payment, marketing services, or data centers within the group. 

We may disclose your personal data to our insurers and/or professional advisers as reasonably necessary for obtaining or maintaining insurance coverage, managing risks, obtaining professional advice, or establishing, exercising, or defending legal claims in court proceedings or other judicial or administrative procedures. 

To protect your personal data and fulfill our legal obligations, we may disclose your personal data to our anti-fraud, risks, and compliance providers. 

For the purposes of processing your payments, transferring funds, and addressing payment-related complaints and queries, we may share your personal data with our payment service providers. We only share service data with our payment services providers to the extent necessary for these purposes. This may include, but is not limited to, transmitting your name, contact details, and payment transaction information to our payment service provider to facilitate payments securely and comply with applicable regulations. Our payment service provider currently is affiliated company 360 Mind, UAB, registered at Švitrigailos g. 11K-109, LT-03228 Vilnius, Lithuania.

In specific cases where it is reasonably necessary to provide particular services, we may disclose your personal data to other service providers. This includes server providers, email service providers, data analysis or marketing service providers, call centers, customer satisfaction surveys, or market research. We take all necessary measures to ensure that these subcontractors implement appropriate organizational and technical measures to safeguard the security and privacy of your personal data.

Additionally, we may disclose your personal data if it is necessary to comply with a legal obligation, protect your vital interests or those of another natural person, or for the establishment, exercise, or defense of legal claims.

The entities mentioned in this section may be located outside the European Union and European Economic Area.

5. Data transfer

The data we collect from you may be transferred to and stored outside the European Economic Area (EEA). In such cases, we will take all reasonable measures to ensure that your data is handled securely and in compliance with this privacy policy. 

If we transfer your personal data to third countries, we will take the necessary measures, as required by applicable legal acts, to ensure the security of your data and the protection of your privacy. These measures may include: (i) transferring your personal data to countries that the European Commission has deemed to provide an adequate level of protection for personal data; (ii) signing standard contractual clauses for data transfer.

6. Data retention period

Your personal data processed for any purpose or purposes will not be retained for longer than necessary. In any case, the data will be kept for no longer than: 

Account data:
Up to 5 (five) years following your last account update.

Service data:
Up to 5 (five) years following the end of service provision.

Purchase or service contracts:
10 (ten) years from the completion of the contract. 

Consent for the processing of personal data:
2 (Two) years after the expiration of the retention period for personal data processed based on consent.

Messaging data:
Up to 2 (two) years following your consent or, in the case of messaging data sent to existing clients to maintain and enhance customer relations, up to 2 (two) years following the end of service provision, unless you withdraw your consent earlier or object to such processing.

Correspondence data:
Up to 6 (six) months following the end of the communication.

In certain cases, it may not be possible for us to specify in advance the exact periods for which your personal data will be retained. For instance, device data will be retained for as long as necessary for the relevant processing purposes. 

Regardless of the other provisions in this section, we may retain your personal data if it is necessary to comply with a legal obligation, protect your vital interests or those of another natural person.

7. Behavioral Advertising

As outlined earlier, we process your Personal Information for the purpose of delivering targeted advertisements or marketing communications that we believe may be of interest to you. Such targeted advertising will only be conducted with your explicit consent. For further information on how targeted advertising operates, we encourage you to visit the Network Advertising Initiative’s (“NAI”) educational page http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.

You have the right to withdraw your consent at any time by selecting this button.

8. Your rights 

8.1. Right to Access Your Personal Data: You have the right to access your personal data and learn how it is being processed.

8.2. Right to Rectify Data: You have the right to request the correction or supplementation of any incorrect, inaccurate, or incomplete personal data.

8.3. Right to Erasure (“Right to be Forgotten”): In certain cases, where not prohibited by law or where there is no obligation for the Data Controller to retain the relevant data, you have the right to request the deletion of personal data related to you.

8.4. Right to Restrict Data Processing: Under certain circumstances, you have the right to request that the Data Controller limit the processing of your personal data.

8.5. Right to Data Portability: Under specific conditions, you have the right to receive the personal data related to you, which you have provided to the Data Controller, and the right to transfer this data to another Data Controller.

8.6. Right to Object: You have the right to object to certain types of data processing and may withdraw any previously given consent regarding the processing of your personal data at any time.

8.7. Right Not to be Subject to Automated Decisions, Including Profiling: You have the right to request that decisions based solely on automated data processing, including profiling, which may have legal effects on you or significantly affect you, are not applied to you.

8.8. Right to Lodge a Complaint: If you believe that our actions or omissions infringe upon your rights or legal obligations, you have the right to lodge a complaint with data protection supervisory authorities. Residents of Lithuania may submit a complaint to the State Data Protection Inspectorate, more information is available at https://vdai.lrv.lt/lt/. If your habitual residence or place of work is in another country, you may file a complaint with the relevant supervisory authority in that country. For more information on data protection authorities in European Union/European Economic Area member states, please visit https://edpb.europa.eu/about-edpb/about-edpb/members_en. However, in all cases, we recommend contacting us first to seek a swift and effective resolution to any issue before submitting an official complaint to the supervisory authority.

9. Minors

The Site is not intended for individuals under the age of 18.

10. Contact Us

For more information about our privacy practices, if you have any questions, or if you wish to file a complaint, please contact us via email at [email protected].