Delivery Tech assigns the utmost importance to the security and integrity of your personal data.
In accordance with the GDPR, we commit ourselves daily to take all the necessary precautions to preserve the security of your data and, in particular, to protect them from:
- accidental or illicit destruction;
- accidental or illicit loss;
- accidental or illicit corruption;
- circulation or disclosure to unauthorized persons;
- unauthorized access;
- unlawful processing.
To this end, we have adopted industry-standard technical security measures, including:
- a multilevel firewall;
- proven antivirus and intrusion detection software;
- encrypted transmission of data through SSL / HTTPS / VPN technology.
To protect personal data from unauthorized disclosures, we have used specially developed coding methods, as well as algorithms that ensure the security of transactions, accesses and data backups.
We guarantee the accuracy and correct use of data:
- with appropriate electronic, physical and management procedures in order to safeguard and preserve the data collected through our services;
- with the appropriate training of any staff members who have obtained specific authorization to access the data in compliance with the provisions of the GPDR.
However, there is no absolute defense against piracy attacks or hackers. In the event of a breach of security (a “data breach”), we are committed to informing you without undue delay and will work to the best of our ability to neutralize the intrusion and minimize the impact. In the event that you suffer a loss due to a security breach, we are committed to providing you with all the assistance you need to be able to assert your rights.
If, in an exceptional case, the loss suffered was due to a serious fault by Delivery Tech, we will provide compensation within the limit of liability provided by our General Conditions of Use.
If a user, a subscriber to contact lists or a hacker discovers and takes advantage of a security breach, such a person is responsible for prosecution. Delivery Tech will take all measures, including the filing of a complaint and/or legal action, to preserve the data and rights of its users and ourselves, and to limit any effects.
The aforementioned measures are those that we adopt for the protection of your data. As the user of our services, applications or software, you must perform the following actions:
- check the authentication of people accessing the data;
- use a unique and sufficiently secure password, remembering to change it regularly and to never leave it unattended;
- make sure that you take security measures for data that are processed by Delivery Tech and that you share on non-secure communication channels.
The purpose of these technical measures is to make your data incomprehensible or inaccessible to unauthorized persons.
For any questions related to the security of our services, applications and software, please contact our technical support staff available on our official channels: email, online chat and phone.
Data breach management
Article 33 of the GDPR requires the data controller to notify the control authority of any violation of personal data (a data breach), within seventy-two hours of the moment it becomes known.
We distinguish three types of violations:
- breach of confidentiality— unauthorized or accidental disclosure or access to personal data;
- integrity violation— an unauthorized or accidental alteration of personal data;
- availability violation— the loss, inaccessibility or destruction, whether accidental or unauthorized, of personal data.
If the violation is also related to your data, Delivery Tech, as data processor, will notify you in the following ways:
- personally and directly;
- by means of public communication or a similar and effective measure when direct and personal communication involves disproportionate efforts.
Always keep in mind that you, as a user, are the data controller. It will be your duty to promptly inform your subscribers on the contact lists. You can communicate that violation in the following ways:
- personally and directly to your subscribers;
- with a public or equally effective communication that can reach all of your contacts affected by the data breach.
The direct communication to your subscribers must be distinguished from other messages that you usually send. The notice of the violation must be clear, unambiguous and must draw the attention of the interested party.
In particular, Article 24 and Article 32 of the GDPR require the data controller to:
- implement appropriate technical and organizational measures to ensure compliance with the GDPR;
- be able to demonstrate that the processing of data has been carried out in accordance with the provisions of the GDPR;
- review and update the aforementioned measures when necessary;
- ensure a level of security appropriate to the risk.
Access to authorized data for customer care and technical assistance
The collected data will be used if it is necessary or instrumental for:
- delivering technical assistance to users for the services provided by Delivery Tech that affect data controllers or their contact lists;
- concluding commercial negotiations by telephone or email;
- direct or indirect commercial advice.
Your data may be processed by Delivery Tech employees or third parties who will be appointed as external processors as appropriate. The owner or the data controller will be informed from time to time about the methods of treatment.
Minimization of data processing and archiving
We have prepared technical and organizational measures to guarantee the principle of minimization of data processing. Any data processing will always be adequate, relevant and limited to achieving the stated purposes.
The processing of data for statistical purposes, archiving in the public interest, scientific or historical research is subject to guarantees appropriate to the rights and freedoms of the interested party in accordance with the provisions of the GDPR.
Because we operate servers all over the world, though mainly in the United States and Europe, your information may be processed on servers located outside the country where you live. The laws on the protection of personal data vary from country to country; some countries provide more protection than others.
Regardless of where your data is processed, we apply the same protections described in these policies, and we also comply with certain provisions relating to data transfer, including those provided for by the EU-US Privacy Shield Framework.