Opgal Website Privacy Policy

Last updated: May, 2023

This website (the “Website”) provides information about products marketed by Opgal Ltd. and its operations (“Opgal”, “we“, “our”, or “us”, as appropriate). Opgal is committed to protecting and respecting your privacy in accordance with applicable laws. This privacy policy provides comprehensive information about our processing activities in Opgal (the “Privacy Policy”), though the particular processing activities and privacy practices may vary in different companies and jurisdictions.

  1. IMPORTANT INFORMATION AND WHO WE ARE 

This Privacy Policy (together with the Terms of Use) sets out the basis on which any Personal Data (as defined below) we collect from you, or that you provide to us, will be processed, stored and shared by us. We process Personal Data in accordance with “Applicable Data Protection Laws” (which means the Israeli Privacy Protection Law of 1981, the EU General Data Protection Regulation 269/2016 (“GDPR”), the United Kingdom General Data Protection Regulation and any data protection and privacy laws and regulations applicable to us). Please read the following carefully to understand our practices regarding your Personal Data, before you access or use the Website. By browsing this Website, you consent to the processing of your Personal Data as detailed in this Privacy Policy. If you have read this Privacy Policy, and remain opposed to our practices, you must immediately leave this Website, and avoid or discontinue all use of the Website. If you have further questions or concerns regarding this Privacy Policy, please contact us at: Ilana.F@www.opgal.com

This Website is not intended for persons under 18 and we do not knowingly collect data relating to minors under 18. Insofar as Personal Data may be collected based on your consent, you must be above the age of 18. If these age requirements are not met, you are required to avoid using the Website.

  1. WHAT IS PERSONAL DATA? 

Personal Data” means information that can directly or indirectly identify you. Personal Data may include:

  • Identifiers” such as your real name, postal address, unique personal identifier, online identifier, Internet Protocol address, account name, and other similar identifiers; and
  • Contact Details” such as your name, address, email address, and telephone number.

The term Personal Data shall also include and refer to similar terms in Applicable Data Protection Laws.

  1. THE CATEGORIES OF PERSONAL DATA WE COLLECT AND HOW DO WE COLLECT IT 
    • We use different methods to collect data from and about you, including through: 
    • Direct interactions: You may provide us your Personal Data by filling in forms, by requesting information from us or by corresponding with us by post, phone, email or otherwise. 
    • Automated technologies or interactions: As you interact with our Website, we may automatically collect data about your equipment, browsing actions and patterns. We collect this Personal Data by using technologies of third party providers.
    • Cookies and similar technologies: We use cookies (small, often encrypted, text files that are stored on your computer, mobile phone or other electronic device) and similar technologies (“Cookies”) to help collect data. Our Cookie Policy, explains how we use Cookies to collect information about the way you use the Website and how you can control them.
    • When you provide us with data, you are requested not to submit sensitive personal data or health data through the “contact us” form on our Website.
      • We may collect information on the handling of your request and/or the relationship with you and any other Personal Data you voluntarily provide to us; ii) You represent the Personal Data you provide is accurate, complete and up to date and that you are legally authorized to provide it.
  2. HOW WE USE THE PERSONAL DATA AND WHAT ARE THE LEGAL BASES OF PROCESSING?

We collect and use your Personal Data for the following purposes and under the following legal bases:

  • In order to enter into and/or perform a contract with you, we may: provide you with the information that you request from us; and maintain your Contact Details in our customer relations database.
  • For marketing purposes: If you tick the applicable box on the Website, we will use your email address to send you information about our offers, news, events, new products and services, upcoming events or other promotions. You may opt out of receiving such emails by following the instructions contained in each promotional email we send you, or by contacting us at Ilana.F@www.opgal.com

Where required by law (for example, if you are an EU data subject), we will only send you marketing information by email, if you consent to us doing so at the time you provide us with your Personal Data. When you provide us with your consent to be contacted for marketing purposes, you have the right to withdraw your consent at any time by following the instructions to “opt-out” of receiving marketing communication in each marketing email we send you, as mentioned above. In addition, if at any time you do not wish to receive future marketing communications or wish to have your name deleted from our mailing lists, please contact us at Ilana.F@www.opgal.com

  • To analyze, administer, support and improve the use of the Website: We use data relating to your use of the Website to analyze, administer, support and improve your access to and use of the Website functionalities. We may also compile, anonymize and/or aggregate your Personal Data and other data and use such anonymized and/or aggregated data for our business purposes, including sharing it with affiliates and business partners. For EU data subjects, this use of your Personal Data is necessary for our legitimate interests in understanding how the Website is being used by you and to improve your experience of it.
  • To fulfill our legal and regulatory obligations, we may: take action to prevent, investigate and detect crime, fraud or anti-social behavior and prosecute offenders (including working with law enforcement agencies or the regulators).
  • To exercise tasks under our legitimate interests such as to:
  1. enforce our Terms of Use; 
  2. handle customer contacts, queries and complaints or disputes; 
  3. protect our operations;
  4. know who is on-site for security purposes and to check timings and attendance in relation to project works to protect our rights, privacy, safety of property, and that of our group companies, you or others;
  5. allow us to pursue available remedies or limit our damages;
  6. ensure our Website operate effectively; 
  7. to administer our Website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes. 
  8. to improve our Website to ensure that content is presented in the most effective manner for you and for your device. 

We will only use your Personal Data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your Personal Data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so. Please note that we may process your Personal Data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

  1. NON-PERSONAL DATA WE COLLECT OR GENERATE
    • In addition to the categories of Personal Data described above, we will also process “Non-Personal Information”, meaning information that does not personally and specifically identify a natural person, such as anonymized information, which may be collected through the Website in the following ways:
  2. Information that your browser sends (“Log Data”). This Log Data may include, but is not limited to, non-identifying information regarding the User’s device, operating system, internet browser type, screen resolution, language and keyboard settings, internet service provider, referring/exit pages, date/time stamps, the web page you were visiting, information you search, etc.
  3. We may collect further Non-Personal Information through use of automated devices and applications to evaluate usage of our Website and through cookies. We use these tools to help us improve our Website, performance and user experience. We may also engage third parties to track and analyze data or provide other services on our behalf. Such third parties may combine the Non-Personal Information that we provide about you with other information that they have collected from other sources. This Privacy Policy does not cover such third parties’ use of the data and such use is governed by such third parties’ privacy policies.
  4. As mentioned above, we also use Cookies. Our Cookie Policy 
  5. DATA RETENTION – FOR HOW LONG IS THE DATA STORED? 

We retain Personal Data as long as we are required to keep the information by applicable laws, or in accordance with our contractual obligations or legitimate interests. The information is located in Israel. To determine the appropriate retention period for Personal Data, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements.

  1. WHO MAY THE INFORMATION BE SHARED WITH?

We may share Personal Data that we receive from you with the following third parties:

  • Our Group – companies who are members in our group.
  • Our service providers – such as accountants, auditors, experts, lawyers, credit reference agencies, IT systems providers, support and hosting service providers; printing, advertising, marketing and market research and analysis service providers; document and records management providers; technical engineers; data storage and cloud providers and similar third-party vendors and outsourced service providers that assist us in carrying out business activities.
  • Government or other public authorities – including, but not limited to, law enforcement or other agencies to which we are required to disclose Personal Data by law, or by a warrant, subpoena or court order. 
  • Other third parties – In the event that we sell or buy any business or assets, we may disclose your Personal Data to the prospective seller or buyer of such business or assets. If Opgal or a company which is part of the Opgal’s group or substantially all of its assets are acquired by a third party, Personal Data held by it about its customers will be one of the transferred assets. 
  • We do not sell, share or rent any information collected to third parties except for those detailed in this privacy policy. 
  • Applicable law may require us to disclose your Personal Data if: (i) reasonably necessary to comply with legal process (such as a court order, subpoena or search warrant) or other legal requirements; (ii) disclosure would mitigate our liability in an actual or threatened lawsuit; (iii) necessary to protect legal rights of our Group, our users, customers, business partners or other interested parties; or (iv) necessary for the prevention or detection of crime (subject in each case to applicable law). For residents of the European Economic Area (“EEA”), we will disclose Personal Data only when permitted to do so under applicable European and EU Member States’ national data protection laws and regulations.
  • California Civil Code Section 1798.83 (California Shine the Light Law) permits users who are California residents to obtain from us once a year, free of charge, a list of third parties to whom we have disclosed personal information (if any) for direct marketing purposes in the preceding calendar year. If you are a California resident and you wish to make such a request, please send an e-mail with “California Privacy Rights” in the subject line to [insert link].
  1. SECURITY 
    • We have put in place appropriate security measures to prevent your Personal Data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your Personal Data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your Personal Data on our instructions, and they are subject to a duty of confidentiality. 
    • We have put in place procedures to deal with any suspected “Personal Data Breach” (as this and similar terms are defined in the Applicable Data Protection Laws) and will notify you and any applicable regulator of such Personal Data Breach where we are legally required. 
    • Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your Personal Data, we cannot guarantee the security of your data transmitted to our Website; any transmission is at your own risk and you acknowledge this when you choose to access, visit and/or use our Website. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access. 
  2. MARKETING

If you opt-in (on-line or off-line) to receive on-line marketing and offers, we will add your name and email address to our marketing database. In some jurisdictions, we may also send you on-line marketing messages if you have previously placed an order with us or where you have provided your information for the purpose of contact. You can change your marketing preferences at any time and will always be offered the opportunity to unsubscribe.

We will still contact you regarding your account or orders even if you have opted out of receiving marketing from us.

  1. SOCIAL MEDIA PLATFORMS AND LINKS TO THIRD PARTY WEBSITES

When you use our page on a social media platform and/or when you use social sharing buttons on our Website, or click on any links contained in our Website to the websites of our partner networks, our social media pages, advertisers and affiliates, you do so at your own discretion and subject to the terms and conditions as well as the privacy policies of each social media platform respectively. Please note that we do not accept any responsibility or liability for these policies and that these social media platforms or websites may track your activity. 

We may collect Personal Data from your public profile, including, name, photo and other information you make available to us when you like, post or otherwise interact with our social media pages, such as LinkedIn.

  1. YOUR RIGHTS
    • Different privacy rights may apply in various jurisdictions. In some jurisdictions, you may have a right to receive information about the processing of your Personal Data by us, the right to rectify your Personal Data and/or to request deletion of your Personal Data.
    • General conditions for complying with Personal Data inquiries: When you contact us about your Personal Data, we may need to ask you to provide us certain credentials to make sure that you are who you claim you are, to avoid disclosure to you of Personal Data related to others and to ask you questions to better understand the nature and scope of data that you request to access. We may redact from the data which we will make available to you, any Personal Data related to others. In addition, we may delete your Personal Data, if required by Applicable Data Protection Laws.
    • At any time, you may contact us at: Ilana.F@www.opgal.comin order to inquire about your Personal Data rights. We will make good-faith efforts to assist you as we are required under the Applicable Data Protection Laws. EU data subjects and California residents may have additional rights concerning the access and updating of their Personal Data (see Sections 12 and 13 below).
    • If you think that the processing of Personal Data by us violates Applicable Data Protection Laws, you can lodge a complaint with the regulator at your jurisdiction. We may provide the details of the regulator upon request.
  2. INFORMATION FOR EU DATA SUBJECTS
    • Data Location and International Data Transfers

Your Personal Data may be stored on our servers outside the EEA and may be processed by Opgal, our group companies and service providers outside the EEA. Whenever we transfer and process your Personal Data out of the EEA, we ensure a similar degree of protection is afforded to it by using a solution that enables lawful transfer of personal data to a third country in accordance with Article 45 or 46 of the GDPR (including the European Commission Standard Contractual Clauses, as may be amended from time to time). For additional information on the mechanisms used to protect your Personal Data, please contact us at Ilana.F@www.opgal.com  

  • Your EU Privacy Rights
    1. Residents of the EEA may be entitled to other rights under the GDPR. These rights are summarized below. We may require you to verify your identity before we respond to your requests to exercise your rights. If you are entitled to these rights, you may exercise these rights with respect to your Personal Data that we collect and store: 
  • Erasure of Personal Data;
  • Access of Personal Data;
  • Request of a copy of Personal Data;
  • Correction of any inaccuracies in your Personal Data;
  • Objection to the processing of Personal Data;
  • Withdrawal of consent to data processing at any time;
  • Restriction of processing of Personal Data; and
  • Portability of Personal Data – to receive the Personal Data you have provided to us in a structured, commonly used and machine-readable form and transmit it to another data controller. 

These rights will be exercisable subject to limitations as provided for by the GDPR. Any requests to exercise the above listed rights may be made to: Ilana.F@www.opgal.com

  1. In some instances, our legal obligations may override your rights under data protection laws. We are also legally required to identify you before we process your request.
  2. Normally, you will not have to pay a fee to access your Personal Data (or to exercise any of your rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances. 
  3. We try to respond to all legitimate requests within one (1) month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated. 

If you are an EU data subject, you have the right to lodge a complaint with a Data Protection Authority about how we process your Personal Data.

  1. INFORMATION FOR CALIFORNIA RESIDENTS
    • “Do Not Track” Signals under the California Online Protection Act (CalOPPA): “Do Not Track” is a preference you can set in your web browser to inform websites that you do not want to be tracked. We do not support “Do Not Track”. If such technology is available by virtue of our email service or website platform, we are neither aware of it, nor utilize it. You can enable or disable “Do Not Track” by visiting the Preferences or Settings page of your web browser. You should know that you can also opt out of internet-based advertising by installing a plug-in for your browser. Such plug-ins are available from third parties.
    • California Civil Code: California Civil Code permits customers of Opgal who are California residents to request certain information regarding its disclosure of Personal Information to third parties for their direct marketing purposes. To make such a request, please send an email to Ilana.F@www.opgal.com. Please note that we are only required to respond to one request per customer each year.
    • CCPA: Under the California Consumer Privacy Act 2018 (“CCPA“), you have the right to request that we disclose certain information to you about our collection and use of your personal information over the past twelve (12) months.

To exercise your rights, please submit a verifiable consumer request to us by email to Ilana.F@www.opgal.com. Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.

You may only make such a request for access or data portability twice within a 12-month period. The verifiable consumer request must provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative and describe your request with sufficient detail that allows us to properly understand, evaluate and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. We will deliver our written response electronically. Any disclosures we provide will only cover the 12-month period preceding the receipt of the verifiable consumer request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

We will not discriminate against you for exercising any of your CCPA rights.

  1. CHANGES TO OUR PRIVACY POLICY 

We may revise this Privacy Policy from time to time. Any changes we may make to our Privacy Policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our Privacy Policy. Any changes will be effective immediately upon being posted, unless otherwise stated in the change. We will update the “Last updated” date above to indicate the date on which the most recent changes to the Privacy Policy became effective.

  1. CONTACT US

Questions, comments and requests regarding this Privacy Policy are welcomed and should be addressed to: Ilana.F@www.opgal.com.