Privacy policy
1. Introduction and applicable regulations
This privacy policy (the "
Privacy Policy") explains how we process your personal data within the scope of providing the services offered in the website
www.domestika.org and the Domestika mobile app (the "
Platform"), such as the sale and subscription to courses, creating your profile at the Platform, communications, etc. (the "
Services").
Pursuant to applicable data protection laws, bear in mind that:
a. If you live in California, collection of your personal data shall be governed according to the privacy laws of the state of California. In particular, the California Consumer Privacy Act (the "
CCPA"). You can obtain additional information in this regard
here.
b. If you live in a country that is a member of the European Economic Area, the way your data is processed and the current Privacy Policy shall be governed by the Regulation (EU) 2016/679 (the "
GDPR") and any local data protection regulations that may be applicable.
c. If you live in a country outside the European Economic Area or the State of California, your data will be processed according to the privacy regulations applicable in such territories.
All regulations will be jointly referred to as "
Applicable Data Protection Regulations" for the purposes of this Privacy Policy.
2. Who is the data controller?
In accordance with current Applicable Data Protection Regulations, hereby the data subject is informed that the Personal Data provided (the "
Personal Data") will be processed by Domestika Inc. ("
Domestika") as the owner of the Platform and data controller of the Personal Data provided therein, whose contact details are as follows:
- Registered Office: 2001 Addison St., Suite 300 Berkeley, CA, 94704, United States.
- DPO/Data Protection e-mail Address: dataprotection@domestika.org.
3. For what purposes will your Personal Data be processed by Domestika and under what legal basis?
The purpose under which Domestika will process your Personal Data varies depending on whether you are a student, teacher, creative, affiliate, or candidate (the "
Users") and how you provide us with the information. Below, we list all the purposes (and their legal basis) under which we may process your Personal Data.
Use of the Domestika Platform as a registered or non-registered user of the Platform
- To attend to requests, incidents (including access to the Platform) and suggestions of the Users through the contact forms available in the Platform, including interactions with our chatbot, e-mail address or social media platforms, on the legitimate basis of the precontractual or contractual relationship between the User and Domestika.
- To manage your registration, onboarding and your user account (including payments of courses, subscriptions and refunds) in the Platform, on the legitimate basis of the precontractual or contractual relationship between the User and Domestika, including all communications that Domestika may send in order to manage the contractual relationship.
- To manage the communication (private or public) with Teachers, through the means provided in the Platform, being the contractual relationship the legitimate basis of the processing.
- To manage the follow-up and the accesses of the Users during the courses, as well as for the corresponding projects, and to issue the relevant certificates, being the contractual relationship the legitimate basis of the processing.
- To manage the User’s participation in our contests, on the basis of the User’s consent.
- To control access of Users (or other data subjects) to the Platform (including the control of illicit or any other unauthorized accesses that may derive from the activities of the Users) and their activity, as well as to give them access to the Services. The basis for processing will be the legitimate interest of Domestika.
- To send the Users personalised information about products, services and/or events in which Domestika participates or organises, unless the User has exercised his/her right to oppose the sending of such communications to the address dataprotection@domestika.org or by the specific channels provided by Domestika (e.g., "Unsubscribe" options in the emails), being the basis for the processing the legitimate interest of Domestika.
- To create a User profile, based on the use of the Services and on the processing of all the information to which we have access to (i.e.: courses in which the User shows interest, courses acquired, members the User follows, payment methods and any other activity on the Platform), in order to offer the User an optimal and personalised Services, being the legitimate interest of Domestika on improving its User receptivity of the Services being offered.
A profiling is a data processing that consists on the analysis of User’s personal data to which Domestika has access due to User’s use of the Services and activity within the Platform, to determine how Domestika can improve the Services offered to the User. The profiling is necessary in order to make personalised offers to the Users, to facilitate their acquisition of preferred products and similar alternatives, as well as to offer them products that are considered to be potentially interesting for them based on their profile (for this, automated decisions may be made). Additionally, the profiling is necessary for Domestika to improve the Services offered and the functionalities of the Platform.
Therefore, the User will benefit from offers adapted to their preferences, manifested through their activity or deducted according to the characteristics of their profile as well as an optimal use of the Platform.
In order to carry out this processing, Domestika’s interest in providing personalised information to Users analysing their behaviour, has been weighed against the User’s expectation to privacy. To make the processing more secure, the information related to the User’s profile will be processed in a secure and confidential way, being processed only in the systems that analyse the information obtained in an automated way. On the other hand, the User may, at any time, express her/his right not to be subject to this processing, exercising their right to object to it, as defined below.
- To carry out quality and satisfaction surveys concerning the Platform and its catalogue of Services to optimise and make modifications on the service. The basis for processing will be the legitimate interest of Domestika.
- Cookies – you can find information about how we process personal data through cookies in the Cookie Policy.
- To produce anonymous statistical reports on the access habits and activity carried out by the Users on the Platform, based on the legitimate interest of Domestika
- To evaluate ideas for carrying out internal solution operations, data analysis, research and service developments which the User may raise through the improvements channel, on the basis of Domestika’s legitimate interest.
Teachers, Creatives and Affiliates
- To contact Teachers, Creatives and Affiliates that may have an interest in collaborating with Domestika. Such processing is based on the legitimate interest of Domestika in contacting new teachers, creatives and affiliates.
- To manage your relationship with Domestika as a Teacher, Creative or Affiliate, in order to comply with the obligations arising therefrom. Domestika will need to process the relevant Personal Data for contacting you in order to organize courses, materials or campaigns, process the payment of your fees, etc. Such data processing is based on the contractual relationship you have with Domestika.
Employment
- To manage applications of the Users that have applied for an employment offer in Domestika either directly through our job vacancies published in our Platform or through our job advertisements in LinkedIn, on the basis of the precontractual relationship.
- To manage applications of the Users through the employment offers of third parties published in the Employment section of the Platform, on the basis of the contractual relationship as a User of Domestika. You may obtain additional information regarding how these third parties process your data directly contacting with such entities.
Fraud prevention
- Payment behavioural analysis and Users' trends in order to analyse payment methods and products implemented by Domestika and for fraud prevention purposes, based on the legitimate interest of Domestika.
- To identify any malicious software or activity and protect the User from fraud and misuses of their Personal Data, we may collect information about the User’s activity and interaction within our Platform or Domestika Services (e.g., we may evaluate the User’s computer, mobile phone or other access device), on the basis of our legitimate interest.
- To comply with the laws or regulations on the basis of Domestika’s legal obligations, including all the Personal Data processing for anti-money laundering and counter-terrorism purposes as set out in the applicable anti money laundering regulations.
4. What categories of Personal Data will be processed?
The categories of data that can be processed will be determined, in each case, according to the authorisations and requirements held by each User and the information necessary for each purpose. Such data may include:
a.
Non-registered Users:
- Identification data: IP address, device ID.
b.
Registered Users:
- Identification data: name and surname, IP-address, device ID, Domestika User ID.
- Contact details: e-mail address and postal address.
- Others: date of birth, nationality, geolocation, navigation data, personal interests that may be provided by the User in the registration form, academic data, historical data regarding the activity in the Platform as a Student, image, user name, payment data and payment behaviour, bank account number, credit card number.
c.
Teachers, Affiliates and Creatives
- Identification data: name, surname, National Identity Card, image, voice, social media user name.
- Contact details: e-mail address, postal address, telephone number.
- Data on personal characteristics: date of birth, nationality.
- Academic and professional data: studies, occupation, professional experience, CV.
- Others: tax identification data, general information provided by the User.
d.
Employment applicants
- Identification data: name, surname.
- Contact details: e-mail address, telephone number
- Academic and professional information: CV, current company, social media profile.
More information about how we process Personal Data such as IP-address and navigation data can be found in our
Cookie Policy.
5. Sources from which we obtain User’s Personal Data
Personal Data processed by Domestika is directly provided by the User or obtained from browsing behaviour and activity within the Platform.
Additionally, Personal Data may be obtained from third parties such as social media platforms (e.g., Facebook, Google, LinkedIn or Instagram). The Personal Data we may receive varies by site and is controlled by such third parties.
By associating an account managed by a third party with your Domestika account and authorizing Domestika to have access to this information, you agree that Domestika may collect, store and use this information in accordance with this Privacy Policy. For more information about how such third parties process your Personal Data, please review their privacy policies.
6. For how long will Domestika process User’s Personal Data?
On a general basis, Domestika will retain the Personal Data of Users only for the time necessary to carry out the purposes for which they were collected (e.g., managing the contractual relationship as a registered User of the Platform). In any case, Users may at any time revoke the consents granted, as well as exercise their right of opposition to those processing which are based on the legitimate interest of Domestika.
Subsequently, if necessary, Domestika may keep the information blocked for the legally established time periods, until the expiration of the liabilities arising from the respective data processing. Under such circumstances, Personal Data will only be processed in the event that this is required by the competent judicial or administrative authorities in the cases expressly established in the Applicable Data Protection Regulations.
7. Who are the recipients of your Personal Data?
User’s data may be shared with:
- The relevant tax authorities for the fulfilment of Domestika’s tax obligations, as well as any other public administration that may legally require information.
- Judges and Courts in the cases provided for by applicable law.
Likewise, the Personal Data may be accessed by providers of Domestika (i.e., data processors) if such access is necessary for the adequate fulfilment of legal obligations and/or for the purposes indicated above regulated by the relevant agreements. These suppliers will not process your Personal Data for their own purposes but to comply with Domestika’s. Such services may include hosting and cloud Services providers, IT Support Services, analytics, CRM, mailing Services providers, etc.
Some of these data processors are located outside the European Economic Area (EEA). We ensure, through contractual regulations, that these service providers, including entities of Domestika Group, process Personal Data in accordance with Applicable Data Protection Regulations, and in particular, with GDPR, to guarantee a high level of protection, even if the Personal Data is transferred to a country where another level of data protection is applied.
No other transfer of Personal Data to other recipients takes place, except where we are required by law to do so. For more information on appropriate safeguards for international data transfers or a copy of them, please contact us at dataprotection@domestika.org.
8. Data security
Domestika has implemented the necessary technical and organisational measures to guarantee the security of your Personal Data and to prevent its alteration, loss, or unauthorised access or processing, taking into account the state of the art, the nature of the data and the risks to which it is exposed. However, please note that measures on the Internet, due to their nature and global character, are not impregnable.
9. What rights do Users have?
Users have the data protection rights recognised in the Applicable Data Protection Regulations. In particular, the following may apply:
- Rectify inaccurate or incomplete Personal Data.
- Request the erasure of their Personal Data when, among other reasons, the data is no longer necessary for the purposes for which they were collected.
- Obtain from Domestika the limitation of data processing when any of the conditions set out in the data protection regulations are met.
- Request the portability of their data.
- Object to the processing of their data.
- File a complaint with the relevant data protection authority when the User considers that Domestika has violated the rights recognised by the Applicable Data Protection Regulations.
- Where a processing operation is based on the consent of the User, the User may withdraw his/her consent at any time. Likewise, where the processing is based on the legitimate interest of Domestika, the User may execute his/her right to object at any time to such data processing, by clicking the unsubscribe link at the bottom of the communication submitted or by submitting their objection to dataprotection@domestika.org. However, the withdrawal of the consent and the objection of the User will not affect the lawfulness of the processing carried out prior to that moment.
You may contact Domestika by sending a statement accompanied by a photocopy of your ID or otherwise proving your identity to the address dataprotection@domestika.org.
10. Responsibility of the User
The User:
- Warrants that is over 16 years old when registering in the Platform. The registration and the acquisition of courses is only for people over 16. Users who do not comply with these requirements will not be allowed to register in the Platform.
- Warrants that the Personal Data he/she provides to Domestika are true, exact, complete and updated. In this sense, the User is responsible for the truthfulness of all the data he/she communicates and will provide updated information, in a way that responds to his / her actual situation.
- Warrants that he/she has informed third parties (e.g., when inviting a friend to join the Platform) whose data has been provided, if any, of the aspects contained in this document. You also guarantee you have obtained his/her authorization to provide their data to Domestika for the purposes indicated.
- Will be responsible for false or inaccurate information provided through the Platform and for direct or indirect damages which may be caused to Domestika or to third parties.
- All Personal Data requested are mandatory unless expressly stated otherwise so that the refusal to provide them will result in the impossibility of providing the service.
- We reserve the right to ask Users for any information (e.g., a copy of his/her ID card) that we deem appropriate to verify the characteristics of the User, as well as to delete or deactivate any account of a User who does not meet the conditions stated or who does not provide the requested documentation in due time and form.
11. Changes to this Privacy Policy
If the User chooses to use Domestika’s Services, the use and any dispute over privacy is subject to this Policy and our
Terms of Use. If you have any concern about privacy at Domestika, please contact us through our address dataprotection@domestika.org with a thorough description, and we will try to resolve it. Our business and technology changes constantly, and our Privacy Policy will change also. The User should check our Platform frequently to see recent changes. Unless stated otherwise, our current Privacy Policy applies to all Personal Data that we have about you and your account.
12. User rights under California Consumer Privacy Act (CCPA)
This notice complements and provides Users with additional information, to such established in our Privacy Policy, regarding privacy, and only applies to residents of the State of California and, therefore, CCPA is applicable to them. The CCPA is a privacy law that gives residents of the state of California the right to prevent businesses from selling their personal information.
CCPA defines personal information more broadly, ensures greater transparency, accountability and provides consumers with extended rights as to the processing of their personal information. Specifically, under the CCPA, Domestika is required to inform whether it sells personal information.
Domestika wishes to inform you about such
do not sell my data requirement established under CCPA. In this sense, considering the Services provided by Domestika and its global presence, in some scenarios your data could be sold (according to the "selling" definition under CCPA) to third parties in the context of our Services. Users have the right to "
opt out" of such sale of personal information to "third parties" (as defined in the CCPA).
The definition under the CCPA of the term "sell" is defined to include not just selling in exchange for money, but also sharing or transferring personal information for different purposes that have previously been informed. Certain activities are not considered "sales," including when (i) personal information is shared with a service provider just for the provision of services or (ii) when the consumer has directed a company to disclose the personal information.
Do not sell my data
In order to comply to the "do not sell my data" requirement, User may opt-out to the data processing that may imply such selling according to the following.
You can
also allow, block, or delete the cookies installed on your computer by the setting options of your browser, as explained in our
Cookie Policy.
Regarding the personal data provided to Domestika or informed by you as a User,
you may also send an email to dataprotection@domestika.org asking about the processing of your personal data or request a
do not sell my data order. Please be informed that we will need to identify you properly to process your petition, so additional information may be requested for that purpose.
You may also exercise any other right recognized by the CCPA to the extent it is applicable to you, by sending an email to the above email address.