Privacy Policy

At Biscuit Capital (referred to as “Company,” “Us” or “We”), we recognize that your privacy is important. This Policy discloses the Company’s privacy practices, in connection with your use of the Company’s website or of any products and services We may offer to you (collectively referred to as the “Services”). Additionally, this Policy also covers how personal and other information that we receive or collect about you is treated. Any visitor to our site, or any other user of our Services, shall be referred to as “You” or “Your.”  Please read the information below to learn the following regarding Your use of Our Services.

We reserve the right to change this Privacy Policy from time to time. We encourage You to periodically review this page for the latest information on our privacy practices. We will notify You about significant changes in the way we treat personal information by placing a prominent notice on our web site. Your continued use of our web site our our Services after such modifications will constitute Your: (a) acknowledgment of the modified Policy; and (b) Your agreement to abide and be bound by that Policy. If You do not accept any changes made to this Policy, please discontinue use of the Services.

If You have any questions about this Policy, or if You require more specifics as to what information the Company collects, where the information is sourced from, or whether it is being disclosed or sold and to whom, please feel free to contact us at: info@bcmptr.com.

1.  Types of Information We Collect

In order to provide You with the Services, we may collect two types of information about You: Personally Identifiable Information (“PII”) and Aggregate Information.

Personally Identifiable Information: This refers to information that lets us know the specifics of who You are. When You engage in certain activities, such as visiting our site, clicking on an advertisement or calling a phone number on the site, etc. we may collect PII about You.

Examples of PII may include Your first and last name and or company name, email address, mailing address (including zip code), employer, job title and department, telephone and facsimile numbers and other identifying information.

Aggregate Information: This refers to information that does not by itself identify a specific individual. We gather certain information about You when You visit our site or when You click on advertisements.  This information, which is collected in a variety of different ways, is compiled and analyzed on both a personal and an aggregated basis. For example, and if applicable, this information may include the Website’s Uniform Resource Locator (“URL”) that points to the site You just came from, which URL You go to after clicking on an advertisement, what browser your customer is using, and Your Internet Protocol (“IP”) address.

2.  How We Collect and Use Information and Requests to Opt Out or Delete

We do not collect any PII about You unless You visit and use our site.

We may use PII to deliver information to You and to contact You regarding administrative notices. We may also use Your PII to resolve disputes, troubleshoot problems and enforce our agreements with You, including our Service contract and this Privacy Policy.

You have the right to instruct the Company to delete Your PII at any time. The Company will thereafter delete any such PII within a reasonable time after receipt and review of such request.

Should You desire to opt-out of collection or require the destruction of Your applicable PII, please send a written request to the Company at info@bcmptr.com. Your election to opt-out of collection or to instruct the Company to delete PII shall not affect the right to receive equal service and pricing from the Company.

3.  Cookies

We may store cookies on Your computer in order to collect certain aggregate data about You. A cookie is a small data text file which is stored on Your computers that uniquely identify your browsers. Cookies may also include more personalized information, such as Your IP address, browser type, the server Your computer is logged onto, and the area code and zip code associated with Your computer. We may use cookies to perform tasks such as: monitoring aggregate site usage metrics, storing account preferences that have been set, and personalizing the Services we make available to You.

4.  Release of Information

We will not sell, trade, or rent Your PII to others.

Occasionally we may be required by law enforcement or judicial authorities to provide PII to the appropriate governmental authorities. In such cases, we will disclose PII upon receipt of a court order, subpoena, or to cooperate with a law enforcement investigation. We fully cooperate with law enforcement agencies in identifying those who use our services for illegal activities. We reserve the right to report to law enforcement agencies any activities that we in good faith believe to be unlawful.

5. Security of Your PII

You can be assured that Your PII is secure, consistent with current industry standards. We strive to take appropriate security measures to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of PII. For example:

We also only keep collected information and use it only for the purposes for which it was collected or to comply with any applicable legal or ethical reporting or document retention requirements.

We limit access to PII only to specific employees, contractors and agents who have a reasonable need to come into contact with Your information. For example, we may provide members of our technical support team with limited access to your account in order to allow them to troubleshoot.

Additionally, we also employ a number of physical, electronic, and procedural safeguards to protect PII. Our secure servers and our data centers are protected by industry-standard encryption, and our servers reside behind firewalls and employ high-level password protection.

Unfortunately, no data transmission over the Internett or any wireless network can be guaranteed to be 100% secure. As a result, while we strive to protect PII, you acknowledge that: (a) there are security and privacy limitations inherent to the Internet which are beyond our control; and (b) the security, integrity and privacy of any and all information and data exchanged between you and us through this Site cannot be guaranteed.

6. Miscellaneous

Our policy is that we do not knowingly collect, use or disclose PII about minors.

If You have any questions, concerns or inquiries about our Privacy Policy, or our use of PII, or our privacy practices, please contact us at: info@bcmptr.com.

PROVISIONS SPECIFIC TO EUROPEAN INDIVIDUALS

The following provisions apply only to European individuals.

Who is the data controller?

For the purpose of any legislation or binding local regulations implementing the provisions of Directive 95/46/EC of the European Parliament (the “EU Directive“), the data controller of EEA-based users’ Personal Data (as defined below), if applicable, is typically You. However, in the event that the EU Directive classifies the Company as data controller in respect of Your EEA-based users’ Personal Data the remaining provisions of this Policy shall apply.

Please note that even if the Company is not the data controller of Your EEA-based Personal Data, we will still take reasonable endeavours to ensure that we treat such Personal Data in accordance with both this Policy and our obligations as a data processor of such Personal Data under the EU Directive.

What constitutes Personal Data?

Personal Data” extends the definition of “PII” (as outlined above), to include any information by which an individual can actually be identified or could be identifiable, whether simply from that information alone, or in combination with any other information which is in our control, and includes “personal data” as defined in the EU Directive. Each reference to PII in this Policy shall, for users who are based in the European Economic Area (the “EEA“), be read as a reference to Personal Data.

Acceptance of our Policy and requests to opt out or delete.

Users whose Personal Data and Aggregate information we collect are required to give their consent before we start to collect such information from them by acknowledging the notification. In addition, You may opt-out of such collection at any time by using their browser to block their cookies.

You also have the right to instruct the Company to delete your PII at any time. The Company will thereafter delete any such PII within a reasonable time after receipt and review of such request.

Should You desire to opt-out of collection or require the destruction of your or their PII, please send a written request to the Company at info@bcmptr.com. Your election to opt-out of collection or to instruct the Company to delete PII shall not affect the right to receive equal service and pricing from the Company.

Our policy towards children

In accordance with applicable European Union guidance on the practice, we do not collect or process any Personal Data to target adverts to children. Accordingly, we do not create consumer segments that specifically target children under 13 years old.

We store and process Personal Data outside the EEA.

Personal Data and Aggregate Information that we collect from You will be transferred to, and stored at, a destination outside the EEA. It will also be processed by staff operating outside the EEA who work for us or for one of our suppliers.

You should be aware that the data protection and privacy regulations that apply in countries outside the EEA may not offer the same level of protection as provided for inside the EEA.

PROVISIONS THAT APPLY WHEN INDIVIDUALS ARE BASED IN THE EUROPEAN UNION AND/OR THE UNITED KINGDOM

The following conditions are supplemental to the terms set out above and apply only where individuals are located in the European Union and /or the United Kingdom.

Data Protection Legislation means the General Data Protection Regulation ((EU) 2016/679), the UK Data Protection Legislation and any other directly applicable European Union regulation relating to privacy.

UK Data Protection Legislation means any data protection legislation from time to time in force in the UK including the Data Protection Act 1998 or 2018 or any successor legislation.

Applicable Laws means (for so long as and to the extent that they apply to the Provider) the law of the European Union, the law of any member state of the European Union and/or UK Law.

Data Protection

We will comply with all applicable requirements of the Data Protection Legislation.

Identifying the Data Controller: For the purposes of the Data Protection Legislation, You are the Data Controller and the Company, as the service provider, is the Data Processor (where Data Controller and Data Processor have the meanings as defined in the Data Protection Legislation).

Processing: Sections 2-4 above set out the scope, nature and purpose of processing by the Company, the duration of the processing and the types of personal data and categories of Data Subject.

Personal Data: The Data Protection Legislation extends the definition of PII (as outlined above) to include any information by which an individual can be identified and includes location data and online identifiers. Each reference in this policy to PII shall be taken to refer to Personal Data as defined in The Data Protection Legislation where the individual is in the EU.

Consent: In order for the Company to provide You with the Services, it is necessary that the individuals in the EU have consented to the use and processing of their Personal Data as required for the Company to provide the Services to You. This consent is captured when the individual accepts the cookie notification that is sent to them. Individuals may opt out or withdrawn their consent.

Children: EU guidelines provides that children under 13 years old cannot consent to the use of their Personal Data. Accordingly, we do not create or use or collect identifiers that may be used to identify children under 13 years of age for the purposes of targeting advertisements at that group.

Restrictions on Processing: We shall, in relation to any Personal Data processed by the Company:

  • (a)   process that Personal Data only on Your written instructions and in accordance with the limits on Processing set out above unless we are required by Applicable Laws to otherwise process that Personal Data.

PROVISIONS THAT APPLY WHEN INDIVIDUALS ARE BASED IN THE EUROPEAN UNION AND/OR THE UNITED KINGDOM

Access to Personal Information: We will assist you, at your cost, in responding to any request from a Data Subject for access to its Personal Data and in ensuring compliance with its obligations under the Data Protection Legislation with respect to security, breach notifications, impact assessments and consultations with supervisory authorities or regulators.

We will take all steps reasonably necessary to ensure that EEA-based Personal Data, wherever it is held or processed, is treated securely and in accordance with this Policy and the EU Directive.

Access to information.

The EU Directive gives You the right to access certain information we hold about You.

If any individual to whom the EU Directive applies wishes to request access to the information we hold about them in accordance with the EU Directive, please contact info@bcmptr.com

PROVISIONS SPECIFIC TO BRAZIL

The following conditions are supplemental to the terms set out above and apply to Brazilian individuals or where individuals are located in Brazil.

Data Protection Legislation means the Brazilian General Data Protection Law (Law No. 13,709/2018).

Applicable Laws means (for so long as and to the extent that they apply to the Company) any other laws of Brazil.

Data Protection: The Company will comply with all applicable requirements of the Data Protection Legislation.

Identifying the Data Controller: For the purposes of the Data Protection Legislation, You are the Data Controller and the Company, as the service provider, is the Data Processor (where Data Controller and Data Processor have the meanings as defined in the Data Protection Legislation).

Processing: Sections 2-4 above set out the scope, nature and purpose of processing by us, the duration of the processing and the types of Personal Data and categories of Data Subject.

What Constitutes Personal Data?

Personal Data” extends the definition of “PII” (as outlined above), to include any information by which an individual can actually be identified or could be identifiable, whether simply from that information alone, or in combination with any other information which is in our control, and includes “personal data” as defined in the Data Protection Legislation. Each reference to PII in this Policy shall, for users who are based in Brazilian territory, be read as a reference to Personal Data.

Acceptance of Our Policy and Requests to Opt Out or Delete.

Users whose Personal Data and Aggregate information we collect are required to give their consent before we start to collect such information from them by acknowledging the notification. In addition, You may opt-out of such collection at any time by using their browser to block their cookies.

You also have the right to instruct the Company to delete Your PII at any time. The Company will thereafter delete any such PII within a reasonable time after receipt and review of such request.

Should You desire to opt-out of collection or require the destruction of your or their PII, please send a written request to the Company at info@bcmptr.com. Your election to opt-out of collection or to instruct the Company to delete PII shall not affect the right to receive equal service and pricing from the Company.

Our Policy Towards Minors

Our Services are not intended for children under 18, so we do not knowingly collect or process Personal Data from minors. Parental or guardian permission must be granted prior to knowingly collecting, using or disclosing Personal Data from minors.

If you have reason to believe that a minor has provided Personal Data to us without a parental or guardian permission, please contact us at info@bcmptr.com, and we will use commercially reasonable efforts to delete that information.

Restrictions on Processing

The Company shall, in relation to any Personal Data processed by us in connection with the performance of our obligations under a Services agreement:

  • process that Personal Data only on Your written instructions and in accordance with the limits on Processing set out above unless we are required by Applicable Laws to otherwise process that Personal Data;
    • ensure that we have in place appropriate technical and organisational measures to protect against unauthorised or unlawful processing of and against accidental loss or destruction of, or damage to, Personal Data appropriate to the harm that might result from the unauthorised or unlawful processing or accidental loss, destruction or damage and the nature of the data to be protected, having regard to the state of technological development and the cost of implementing any measures;
    • ensure that all personnel who have access to and/or process Personal Data are obliged to keep it confidential;
    • notify You without undue delay upon becoming aware of a Personal Data breach;
    • at Your written direction, delete any Personal Data and copies thereof upon termination of the Services agreement unless we are required by Applicable Laws to store the Personal Data; and
    • maintain complete and accurate records and information to demonstrate its compliance with the above.

Transfer Outside Brazil

In order to provide You with the Services it will be necessary that Personal Data and Aggregate Information collected from individuals be transferred to and stored by us or our suppliers outside Brazil. Whenever we transfer your Personal Data out of the Brazilian territory, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

  • We will only transfer Your Personal Data to countries that have been deemed to provide an adequate level of protection for Personal Data by the Brazilian Data Protection Authority.
    • Where we use certain service providers, we may use specific contracts approved by the Brazilian Data Protection Authority which give Personal Data the same protection it has in Brazil.
    • Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to Personal Data shared between Brazil and the US.

Access to Personal Information

We will assist You, at Your cost, in responding to any request from a Data Subject for access to its Personal Data and in ensuring compliance with its obligations under the Data Protection Legislation with respect to security, breach notifications, impact assessments and consultations with supervisory authorities or regulators.

We will take all steps reasonably necessary to ensure that Your Personal Data, wherever it is held or processed, is treated securely and in accordance with this Policy and the Data Protection Legislation.

Accessing, Updating or Deleting information

The Data Protection Legislation gives You the right to access, update or delete certain information we hold about You.

If any individual to whom the Data Protection Legislation applies wishes to request access, update or deletion of the information we hold about them in accordance with the Data Protection Legislation, this request may be subject to a fee of US $10 to meet our reasonable costs in providing them with details of the information we hold. If You wish to make such a request, please contact info@bcmptr.com.

Please note, however, that we may need to retain certain information for record keeping purposes, to complete transactions or to comply with our legal obligations in accordance with Applicable Laws.

Other Data Protection Rights

If You wish to exercise any other data protection rights that are available to You under the Data Protection Legislation (such as the right to data portability or data restriction) then please send Your request to info@bcmptr.com and we will respond to Your request in accordance with the Data Protection Legislation.

You have the right to complain to Your local data protection authority if You are unhappy with our data protection practices.