Privacy Policy

The present Privacy Policy ("Policy") contains a description and refers to the personal data collected on members.ip-api.com.

Purpose

"Personal data" or "personal information" is any element that allow us to identify you as a person. Personal data processing is governed by Regulation 679/2016 regarding personal data protection ("GDPR") and completed in Romania by Law no. 190/2018.

We take very seriously the personal data privacy and protection of our clients, and this document shows:

  1. the personal data that we are collecting from you
  2. how we intend to use this data
  3. what rights you have related to these data and their processing

Who controls your personal data and how can you contact us?

According to the legislation, our company, Artia International S.R.L., is a personal data controller. We have made every effort to implement reasonable measures to protect your personal information.

As per legal provisions, you, as an individual, beneficiary of our services or in any type of relationship with our company, are a "target person", meaning a natural person identified or identifiable. In order to be transparent in personal data processing and to allow you to easily exercise, in any moment, the rights, we have implemented measures to facilitate communication between us, the data controller and you, target person.

Contact information

Name Artia International S.R.L.
Address Bld. Decebal 28, Bucharest, Romania
Trade Register reg. number J40/12390/2011
VAT code RO29237219
Email dpo@ip-api.com

If you have any concerns, comments or complains about us or the personal data that we process for you, you may always send us an email at the address above.

Supervisory authority data

If you think there is a problem with the processing of your personal data, we ask you to send us a request at the above address first – we will do our best to amicable resolve your request as soon as possible.
Also, you may file a request to the supervisory of personal data authority. For Romania, you may find the contact data below:

Name The National Supervisory Authority for Personal Data Processing
Address Blvd. G-ral. Gheorghe Magheru no. 28-30, 1st District, Bucharest, 010336, Romania
Phone +40.318.059.211 or +40.318.059.212
Email anspdcp@dataprotection.ro

What information we collect from you?

We collect from you the following information with the purpose of processing your order:

  • When ordering as a company:
      Company name
      VAT code
  • Full name
  • Email address
  • Billing address
  • Payment data
  • IP address

Regarding the payment data, please be informed that we do not store your payment information (such as full credit card numbers). When placing an order, for the sole purpose of processing payments, we will transmit your billing data (company name, full name, email address and postal address) to our payment processors.

We may ask for additional information or documents (such as a photo of your legal ID) to verify your identity and to prevent fraud. This additional information or documents will be deleted from our systems after we've verified your identitiy.

How we collect the data?

We collect the personal data directly from you, when you create an account on this site, members.ip-api.com

What are the legal bases for the processing of personal data?

We will use your personal information/data having the following the legal bases:

Personal Data Purpose Legal Ground
Company name
VAT code
Full name
Email address
Billing address
Payment data
To create the account on this site, members.ip-api.com
Transactional email regarding your account
To issue invoices
We need this information in order to fulfill our contractual obligations (to deliver the service)
IP address Fraud prevention
Security of your account
We need this information in order to prevent fraud and to keep your account secure

If you do not want to provide this information?

You do not need to provide us your personal data. However, if you choose not to do so, we will not be able to create the user account and provide the service.

How we protect this information?

We understand the importance of personal data security and take the necessary steps to protect our customers and other people whose data we process from unauthorized access to personal data and the unauthorized modification, disclosure or destruction of the data we process in our current activity.
We have implemented the following technical and organizational security measures for personal data:

Minimize data. We ensure that your personal data that we process is limited to what is necessary, appropriate and relevant for the purposes stated in this policy.

Restrict access to data. We try to restrict as much as possible the access to the personal data we process to the minimum necessary: ​​employees, collaborators and other people who need to access this data in order to process and perform a service. Our partners and collaborators are subject to strict confidentiality (either statutory or legal) obligations.

Specific technical measures. We use technologies to ensure the security of our customers, always trying to implement the most optimal data protection solutions. We also do periodic encrypted data backups to recover them in the event of an incident.

Ensure the accuracy of your data. Sometimes we may ask you to confirm the accuracy of your data to make sure they reflect reality.

Staff training. We constantly train and test our employees and collaborators on legislation and best practices in the field of personal data processing.

Anonymization of data. Wherever we can, we try as much as possible to anonymize / pseudonymize the personal data we process, so that we can no longer identify the people they are referring to.

To whom we share the personal data?

Depending on the payment method you chose, the following payment processors will have access to your personal information:

Payment Method Provider Links
Credit Card, BTC/ETH Netopia S.R.L. privacy policy
PayPal PayPal privacy policy
Alipay (CN) Payssion privacy policy

For the purpose of processing the transaction email we send to you, the following providers will have access to your personal information and information contained in the emails you send to us:

Provider Links
Postmark Security and Privacy
Rackspace GDPR FAQ

We may be required to provide personal information to others in limited circumstances:

  • External Consultants (as lawyers)
  • Public authorities or judicial bodies.

At any time, if we will decide to give your personal data access to someone else, we will ensure that there are adequate security methods in place to protect your privacy

Will personal data be transferred outside of EEA?

If you are located in a country in the European Economic Area (EEA), we may need to transfer your personal data outside of the EEA, for example when our storage facilities are located in another country.
In such a case, we will implement appropriate and approved procedures to ensure the protection of your data, fundamental rights and freedoms while your personal data is located outside the EEA. If you would like more information about this, please contact us at the details provided in Contact section above.

How long we store the personal data?

The information we collect for the purpose of creating the user account is stored until we receive an account closure request or until a 1-year period of non-use (subscription inactive) of the account is reached.

We collect and store basic information about your requests to this website (such as IP address, browser agent, referring site, date and time of each request and other activities) for the duration of your subscription, and for up to 1 year after your subscription has ended.

Purchase processing and payment information will be retained for a period of 5 years from the date of payment. We need to store these data in accordance with the payment processor's instructions and in the event of disputes regarding the order and payment.

Sometimes we may need to keep a copy of your personal data for a longer period of time in case of a dispute, for example, to investigate security breaches or to comply with legal obligations. We will never store your personal data for longer than necessary. In all cases, your personal information will be destroyed in a secure way once the storage period described above has expired.

What are your rights?

You have certain rights with respect to your personal data that we process, including:

  • the right to be informed about how we collect and use this data (information you find in this privacy policy)
  • the right to have access to the information we hold about you
  • the right to rectify the data if you consider it to be incorrect / inaccurate / incomplete
  • the right to ask us to delete the data (only if we rely on your consent for processing)
  • the right to receive a copy of any information we hold about you
  • the right to oppose the processing of your personal data for the purposes listed above. However, you have to keep in mind that it is not an absolute right, but it has certain limitations

Cookies

We use cookies strictly to keep track of authenticated clients. We do not set any third-party cookies.

Changes to this information policy

To the extent we believe that a change to the privacy policy is required, we will publish those changes on this page to inform you of the types of information we collect and how we use them. Please check this page periodically to stay up-to-date with the latest changes.

Last modification date: 2019-11-18