Privacy Policy

DATA PROCESSING POLICY

For Experts

GO CONSULTED, 8 The Green STE A, Dover, Kent County, DE 19901, USA
Phone: + 1 302 56 50 146 , Email: [email protected] , [email protected] for the use of the Internet platform and IT solution ExpertBox.io.

WHEREAS

(A) Go Consulted acts as a Data Controller.

(B) Expert acts as a Data Processor.

(C) The Data Controller provides the right to use the ExpertBox platform, which implies the processing of user personal data for the Data Processor.

(D) The Data Controller and the Data Processor seek to implement a data processing policy that complies with the requirements of the current legal framework in relation to data processing and with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), CCPA (California Consumer Privacy Act), The Privacy Act of 1974 (5 U.S.C. 552a) etc) and Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data as it will be amended by its Protocol CETS No. 223.

IT IS AGREED AS FOLLOWS:

Definitions and Interpretation

1.1 Unless otherwise defined herein, capitalized terms and expressions used in this Agreement shall have the following meaning:

1.1.1 "Policy" means this Data Processing Policy;

1.1.2 "Users Personal Data" means any Personal Data processed by the Processor on the ExpertBox platform;

1.1.3 "Contracted Processor" means the Expert;

1.1.4 "Data Protection Laws" means EU and U.S. Data Protection Laws and, to the extent applicable, the data protection or privacy laws of any other country;

1.1.5 "EEA" means the European Economic Area;

1.1.6 "EU Data Protection Laws" means EU Directive 95/46/EC, as transposed into domestic legislation of each Member State The Privacy Act of 1974 (5 U.S.C. 552a) etc) and Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data as it will be amended by its Protocol CETS No. 223 and as amended, replaced or superseded from time to time, including by the GDPR and laws implementing or supplementing the GDPR;

1.1.7 "GDPR" means EU General Data Protection Regulation 2016/679;

1.1.8 "Data Transfer" means:

1.1.8.1 a transfer of Personal Data from users to a Contracted Processor;

1.1.9 "Services" means the services the Expert provides.

1.2 The terms, "Commission", "Controller", "Data Subject", "Member State", "Personal Data", "Personal Data Breach", "Processing" and "Supervisory Authority" shall have the same meaning as in the GDPR, and their cognate terms shall be construed accordingly.

Processing of Users Personal Data

2.1 Processor shall:

2.1.1 comply with all applicable Data Protection Laws in the Processing of users Personal Data; and

2.1.2 Do not process personal data of users, except in accordance with its permission.

2.2 The Controller instructs the Processor to process Users Personal Data.

Processor

3.1 Personnel Processor shall take reasonable steps to ensure the reliability of any employee, agent or contractor of any Contracted Processor who may have access to the Users Personal Data, ensuring in each case that access is strictly limited to those individuals who need to know/access the relevant Users Personal Data, as strictly necessary for consulting purposes, and to comply with Applicable Laws in the context of that individual's duties to the Contracted Processor, ensuring that all such individuals are subject to confidentiality undertakings or professional or statutory obligations of confidentiality.

Security

4.1 Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of Processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, Processor shall in relation to the Users Personal Data implement appropriate technical and organizational measures to ensure a level of security appropriate to that risk, including, as appropriate, the measures referred to in Article 32(1) of the GDPR.

4.2 In assessing the appropriate level of security, the Processor shall take account in particular of the risks that are presented by Processing, in particular from a Personal Data Breach.

Subprocessing

5.1 Processor shall not appoint (or disclose any Users Personal Data to) any Subprocessor unless required or authorized by the Controller.

Data Subject Rights

6.1 Taking into account the nature of the Processing, Processor shall assist the Controller by implementing appropriate technical and organisational measures, insofar as this is possible, for the fulfilment of the Controller obligations, as reasonably understood by Controller, to respond to requests to exercise Data Subject rights under the Data Protection Laws.

6.2 Processor shall:

6.2.1 promptly notify Controller if it receives a request from a Data Subject under any Data Protection Law in respect of Users Personal Data; and

6.2.2 ensure that it does not respond to that request except on the documented instructions of Controller or as required by Applicable Laws to which the Processor is subject, in which case Processor shall to the extent permitted by Applicable Laws.

Personal Data Breach

7.1 Processor shall notify Controller without undue delay upon Processor becoming aware of a Personal Data Breach affecting Users Personal Data, providing Controller with sufficient information to allow the Controller to meet any obligations to report or inform Data Subjects of the Personal Data Breach under the Data Protection Laws.

7.2 Processor shall cooperate with the Controller and take reasonable commercial steps as are directed by Controller to assist in the investigation, mitigation and remediation of each such Personal Data Breach.

Audit rights

8.1 Processor shall provide reasonable assistance to the Controller with any data protection impact assessments, and prior consultations with Supervising Authorities or other competent data privacy authorities, which Controller reasonably considers to be required by article 35 or 36 of the GDPR or equivalent provisions of any other Data Protection Law, in each case solely in relation to Processing of Users Personal Data by, and taking into account the nature of the Processing and information available to, the Contracted Processors.

Deletion or return of Users Personal Data

9.1 Subject to this section 9 Processor shall promptly and in any event within 10 business days of the date of cessation of any Services involving the Processing of Users Personal Data (the "Cessation Date"), delete and procure the deletion of all copies of those Users Personal Data.

9.2 Processor shall provide written certification to the Controller that it has fully complied with this section 9 within 10 business days of the Cessation Date.

Audit rights

10.1 Subject to this section 10, Processor shall make available to the Controller on request all information necessary to demonstrate compliance with this Policy, and shall allow for and contribute to audits, including inspections, by the Controller or an auditor mandated by the Controller in relation to the Processing of the Users Personal Data by the Experts. 10.2 Information and audit rights of the Controller only arise under section 10.1 to the extent that the Policy does not otherwise give them information and audit rights meeting the relevant requirements of Data Protection Law.

Data Transfer

11.1 If personal data processed under this Agreement is transferred from a country within the European Economic Area to a country outside the European Economic Area, the Data Controller and the Data Processor shall ensure that the personal data are adequately protected. To achieve this, the Data Controller and the Data Processor shall, unless agreed otherwise, rely on EU approved standard contractual clauses for the transfer of personal data.

Governing Law and Jurisdiction

13.1 This Agreement is governed by the laws of the Republic of Estonia.

13.2 Any dispute arising in connection with this Agreement, which the Data Controller and the Data Processor will not be able to resolve amicably, will be submitted to the exclusive jurisdiction of the courts of the Republic of Estonia.

You can reach us under the following contact details:

GO CONSULTED, 8 The Green STE A, Dover, Kent County, DE 19901, USA
Phone: + 1 302 56 50 146 , Email: [email protected] , [email protected]

PRIVACY POLICY FOR CLIENTS

For California residents only

GO CONSULTED INC, 8 The Green STE A, Dover, Kent County, DE 19901, USA
Phone: + 1 302 56 50 146 , Email: [email protected] , for the use of the Internet platform and IT solution ExpertBox.io.

As of 15 July 2020

This CCPA Privacy Policy for California Residents (this “Privacy Policy”) supplements the information contained in Privacy Policy for Non-EU countries ( https://expertbox.io/policies#non-eu ) and applies solely to all visitors, users, and others who reside in the State of California (“users” or “you”).

We adopt this Privacy Policy to comply with the California Consumer Privacy Act of 2018 (CCPA) and any terms defined in the CCPA have the same meaning when used in this Privacy Policy. All other terms, unless otherwise specified in this Privacy Policy, shall have the definitions assigned to them in the Privacy Policy

This Privacy Policy does not apply to employment-related personal information collected from California-based employees, job applicants, contractors, or similar individuals.

Where noted in this Privacy Policy, the CCPA temporarily exempts personal information reflecting a written or verbal business-to-business communication (“B2B personal information”) from some of its requirements.

INFORMATION WE COLLECT

We collect information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household, or device (“personal information”). Personal information does not include:

  • Publicly available information from government records.
  • Deidentified or aggregated user information.

In particular, we have collected the following categories of personal information from consumers within the last twelve (12) months:

Category Examples Collected
Identifiers A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers. Yes
Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories. Yes
Protected classification characteristics under California or federal law. Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). No
Commercial information. Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies Yes
Biometric information. Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. No
Internet or other similar network activity. Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement. Yes
Geolocation data. Physical location or movements. No
Sensory data. Audio, electronic, visual, thermal, olfactory, or similar information. No
Professional or employment-related information. Current or past job history or performance evaluations. No
Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)) Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. No
Inferences drawn from other personal information Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. No

We obtain the categories of personal information listed above from the following categories of sources:

  • Directly from you (e.g. from forms you complete; from products and services you purchase).
  • Indirectly from you.

USE OF PERSONAL INFORMATION

We may use or disclose the personal information we collect for one or more of the following purposes:

  • To fulfill or meet the reason you provided the information. For example, if you share your name and contact information to request a price quote or ask a question about our products or services, we will use that personal information to respond to your inquiry. If you provide your personal information to purchase a product or service, we will use that information to process your payment and facilitate delivery. We may also save your information to facilitate new product orders or process returns.
  • To provide, support, personalize, and develop our websites, products, and services.
  • To create, maintain, customize, and secure your Account.
  • To process your requests, purchases, transactions, and payments and prevent transactional fraud.
  • To provide you with support and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses.
  • To help maintain the safety, security, and integrity of our websites, products and services, databases and other technology assets, and business.
  • For testing, research, analysis, and product development, including to develop and improve our websites, products, and services.
  • To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
  • As described to you when collecting your personal information or as otherwise set forth in the CCPA.
  • To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us about our websites’ users is among the assets transferred.

We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

YOUR RIGHTS AND CHOICES

The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.

ACCESS TO SPECIFIC INFORMATION AND DATA PORTABILITY RIGHTS

You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable user request (see EXERCISING ACCESS, DATA PORTABILITY, AND DELETION RIGHTS), we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.

  • The categories of personal information we collected about you.
  • The categories of sources for the personal information we collected about you.
  • Our business or commercial purpose for collecting or selling that personal information.
  • The categories of third parties with whom we share that personal information.
  • The specific pieces of personal information we collected about you (also called a data portability request).
  • If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:
    • sales, identifying the personal information categories that each category of recipient purchased; and
    • disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.

We do not provide these deletion rights for B2B personal information.

DELETION REQUEST RIGHTS

You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable user request (see EXERCISING ACCESS, DATA PORTABILITY, AND DELETION RIGHTS), we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.

We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:

  • Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you.
  • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
  • Debug products to identify and repair errors that impair existing intended functionality.
  • Exercise free speech, ensure the right of another user to exercise their free speech rights, or exercise another right provided for by law.
  • Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
  • Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
  • Enable solely internal uses that are reasonably aligned with user expectations based on your relationship with us.
  • Comply with a legal obligation.
  • Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

We do not provide these deletion rights for B2B personal information.

EXERCISING ACCESS, DATA PORTABILITY, AND DELETION RIGHTS

To exercise the access, data portability, and deletion rights described above, please submit a verifiable user request to us by either:

Only you, or someone legally authorized to act on your behalf, may make a verifiable user request related to your personal information. You may also make a verifiable user request on behalf of your minor child.

You may only make a verifiable user request for access or data portability twice within a 12-month period. The verifiable user request must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.

Making a verifiable user request does not require you to create an account with us.

We will only use personal information provided in a verifiable user request to verify the requestor’s identity or authority to make the request.

RESPONSE TIMING AND FORMAT

We endeavor to respond to a verifiable user request within forty-five (45) days of its receipt. If we require more time (up to 45 or 90 days), we will inform you of the reason and extension period in writing.

Any disclosures we provide will only cover the 12-month period preceding the verifiable user request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily usable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable user request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

NON-DISCRIMINATION

We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

  • Deny you goods or services.
  • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
  • Provide you a different level or quality of goods or services.
  • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your personal information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt in consent, which you may revoke at any time.

OTHER CALIFORNIA PRIVACY RIGHTS

California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our websites that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to [email protected] or [email protected]

CHANGES TO THIS PRIVACY POLICY

We reserve the right to amend this Privacy Policy at our discretion and at any time. When we make changes to this Privacy Policy, we will post the updated Privacy Policy on the Website and update the Privacy Policy effective date. Your continued use of our websites following the posting of changes constitutes your acceptance of such changes.

CONTACT INFORMATION

If you have any questions or comments about this Privacy Policy, the ways in which Go Consulted collects and uses your information described here and in the Privacy Policy, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us at:

Phone: + 1 302 56 50 146

Website: https://expertbox.io

Email: [email protected]

Postal Address: 8 The Green STE A, Dover, Kent County, DE 19901, USA

PRIVACY POLICY FOR CLIENTS

For Non-European Union countries (excluding Great Britain, Switzerland, Norway, Iceland, Liechtenstein and California state)

GO CONSULTED, 8 The Green STE A, Dover, Kent County, DE 19901, USA
Phone: + 1 302 56 50 146 , Email: [email protected] , for the use of the Internet platform and IT solution ExpertBox.io.

As of 15 July 2020

The responsible party within the meaning of the applicable data protection laws is: GO CONSULTED, 8 The Green STE A, Dover, Kent County, DE 19901, USA
Phone: + 1 302 56 50 146 , Email: [email protected] , for the use of the Internet platform and IT solution ExpertBox.io. Last updates as of: 27.06.2020

  1. General

    1.1. Go Consulted respects your privacy, and we will protect any information you give to us. We have developed this privacy policy to explain our practices, and this policy is incorporated into, and subject to, our Privacy Policy and Terms of Use.
    You will find out what information is available when using the services of Go Consulted including the use of the ExpertBox website ( https://expertbox.io ) ("Website") and App ( https://app.expertbox.io ) ("App") that are collected, processed or used.

    1.2. Go Consulted will process and use the data provided by the user as part of the registration on the ExpertBox Platform and/or the use of the services solely for the purpose of providing services (contract performance) and in accordance with US (The Privacy Act of 1974 (5 U.S.C. 552a) etc) and Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data as it will be amended by its Protocol CETS No. 223.

    1.3. For the use of our services, only these data protection provisions, supplemented by our terms of use, in the most recent version, are relevant.

    1.4 All data stored by us or any order processor will be best protected against unauthorized access, loss, destruction, deletion, alteration or dissemination of your data by unauthorized persons using current security standards.

    1.5. All personal data collected by us are processed exclusively within https://aws.amazon.com/aup/ and Stripe https://stripe.com/privacy for providing payments and are, therefore, subject to appropriate data protection provisions. Transmission of data to companies outside the United States of America will not take place without your explicit consent. This also applies to service Providers commissioned by us for data processing. The servers on which the personal data of our customers are stored are located in USA.

  2. Scope of data processing

    2.1 GO CONSULTED, 8 The Green STE A, Dover, Kent County, DE 19901, USA operates a web-based software solution called ExpertBox ("ExpertBox"), which offers service Providers ("experts") a digital customer interaction opportunity. This includes appointment management and booking, execution of video calls as well as payment and invoicing. Visitors ("visitors") as well as customers ("customers") of the service Providers ("experts") thus have the opportunity to book appointments with experts online and to process them using ExpertBox's software solution.

    2.2 In addition to the ExpertBox website and app, the software solution is also available via integration on websites of experts and on existing platforms.

  3. Data retention

    When you access ExpertBox services as a visitor, even without logging in or logging in, server log files are sent from your server to ExpertBox's web server, which is technically necessary for accessing information. The following data is collected as part of the server log files:

    • IP address
    • The content of ExpertBox you have requested
    • The previously visited website that referred to the ExpertBox application
    • Browser type and browser version
    • Screen resolution
    • Transmitted amount of data
    • Message about successful call
    • Operating system used
    • End device used
    • Date and time of the server request

    This data can not be assigned to specific persons for ExpertBox and a merger of this data with other data sources will not be made. ExpertBox has no influence on the automatic transmission of this data. However, you can set this automatic data transfer directly in your device or browser and restrict it if necessary. The o.g. Server log files are stored for 12 days, after which all collected IP addresses are anonymized and used only for quality assurance, web site optimization and statistical purposes.

    We retain your information for as long as needed for our functions or activities or to comply with our legal obligations (such as reporting to regulatory authorities), to resolve disputes and to enforce our rights. We also may retain your information to support our business operations and develop our Services. The criteria used to determine our data retention periods include: (i) how long the personal data is needed to provide the services and operate the business; (ii) the type of personal data collected; and (iii) whether we are subject to a legal, contractual or similar obligation to retain the data (e.g., mandatory data retention laws, government orders to preserve data relevant to an investigation, or data that must be retained for the purposes of litigation or disputes.) When we no longer need to use your information, we will take steps to properly anonymize or destroy it. We may retain information that is not personally identified to an individual User, including without limitation anonymized data and aggregate information, in our discretion.

    Under certain circumstances, you have rights under data protection laws in relation to your personal data. You have the right to:

    Request access to your personal data. This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
    Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us. Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which overrides your rights and freedoms.

    Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data`s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.

    Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data. Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent. You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

    We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

    We try to respond to all legitimate requests within 45 days. Occasionally it may take us longer than 45 days if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated. Maximum response time 90 days.

    To exercise your rights, please contact us at [email protected] , [email protected]

    The Company works only with individuals who are at least 18 years old.

  4. Use of cookies

    This website uses cookies to better the user experience of its visitors. Where applicable, this website uses a cookie control system, allowing users to allow or disallow the use of cookies on their computer/device on their first visit to the website. This complies with recent legislative requirements for websites to obtain explicit consent from users before leaving behind or reading files such as cookies on a user’s computer/device.

    Cookies are small files saved to a user’s computer/device hard drive that track, save, and store information about the user’s interactions and website use. They allow a website, through its server, to provide users with a tailored experience within the site.

    Users are advised to take necessary steps within their web browser security settings to block all cookies from this website and its external serving vendors if they wish to deny the use and saving of cookies from this website to their computer’s/device’s hard drive.

    This site uses the Lucky Orange analytics system to help improve usability and the customer experience. Lucky Orange may record mouse clicks, mouse movements, and scrolling activity. Lucky Orange may also record keystroke information that is voluntarily entered on this website. Lucky Orange does not track this activity on any site that does not use the Lucky Orange system. You can choose to disable the Lucky Orange service at https://www.luckyorange.com/disable.php Note that doing so will disable other features of the Lucky Orange system that this site employs, such as one-to-one support chat.

  5. Using Facebook Pixel

    On our website (but not our app) Facebook pixels are implemented in order to present advertisements ("Facebook Ads") to prior visitors of our website as part of the Facebook Newsfeed. These Facebook pixels create a direct connection to the Facebook servers when visiting our website. It is transmitted to the Facebook server that you have visited our website. Facebook assigns this information to your personal Facebook user account. For more information on the collection and use of data by Facebook, as well as your rights in this regard and ways to protect your privacy, please refer to the privacy policy of Facebook at https://www.facebook.com/about/privacy

    Alternatively, you can opt out of Facebook's remarketing feature by following this link: https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen This requires registration on your personal Facebook profile.

  6. Use of Google AdWords

    We use the advertising tool "Google-Adwords" to promote our website. As part of this, we use the Google Analytics Conversion Tracking analytics service on our website, 1600 Amphitheater Parkway, Mountain View, CA 94043 USA. When you reach our website through a Google ad, a cookie is placed on your device. These so-called "conversion cookies" are only valid for 30 days. If you visit certain pages of our website within this validity period, we and Google may recognize that you as a user clicked on one of our ads placed with Google and were redirected to our site. Any "conversion cookies" are only placed on our landing pages, but not on our app. The "conversion cookies" are used to generate visit statistics for our website, which informs us about the total number of users who have clicked on our ad. In addition, we learn which pages of our website were called up by the respective user afterwards. However, we do not receive any information that may conclude your personal identification.

    You can prevent the transmission of data via "conversion cookies" in your browser settings and disable the automatic setting of cookies in general or just block the cookies from the domain "googleadservices.com". For more information about Google Adwords services and Google's privacy policy, please visit: https://policies.google.com/privacy

  7. Contact & Communication

    Users contacting this website or its owners do so at their own discretion and provide any personal details requested at their own risk. Your personal information is kept private and stored securely until such time that it is no longer required or has no use. Every effort has been made to ensure a safe and secure form to email submission process, but users are still advised that using such form to email processes are done at their own risk.

    This website and its owners use information submitted to provide you with further information about the products and services they offer and to assist you in answering any questions or queries you may submit. This includes using your details to subscribe you to any email newsletter program the website operates, but only if this was made clear to you and your express permission was granted when submitting a form to email process or when you, the consumer, have previously purchased from or enquired about purchasing from the company a product or service that the email newsletter relates to. This is by no means an entire list of your user rights with regard to receiving email marketing material. Your details are not passed on to any third parties.

  8. Email Newsletter

    This website operates an email newsletter program to inform subscribers about products and services supplied by this website. Users can subscribe through an automated online process should they wish to do so at their own discretion. Some subscriptions may be manually processed through prior written agreement with the user.

    Subscriptions are made in compliance with spam laws of the visitor’s country. All personal details relating to subscriptions are held securely and in accordance with the current data protection laws of the visitor’s country. No personal details are passed on to third parties or shared with companies or people outside of the company that operates this website.

    Email marketing campaigns published by this website or its owners may contain tracking facilities within the actual email. Subscriber activity is tracked and stored in a database for future analysis and evaluation. Such tracked activity may include: opening of emails, forwarding of emails, clicking of links within email content, and times, dates, and frequency of activity. This list of tracked activities is not comprehensive.

    Information tracked in emails is used to refine future email campaigns and supply users with more relevant content based on their activity.

    Subscribers are given the opportunity to unsubscribe at any time through an automated system. This process is detailed at the footer of each email campaign. If an automated unsubscribe system is unavailable, clear instructions on how to unsubscribe will be detailed instead.

  9. Registered users

    In order to properly use ExpertBox's services, you must register and provide specific information. In addition to these data required for use and generated by the use of the Services, you may voluntarily provide further information about yourself.
    There will be no data transfer to third parties, except for the transmission of the credit card data to the processing payment service Provider Mangopay for the purpose of processing any payments (payments to experts, monthly fees by experts, payments by customers) and to our tax advisor to fulfill our tax obligations.

    Upon cancellation of the registration or booking process, the data stored with us will be deleted. If a user requests a deletion of his ExpertBox account, the personal data will be deleted unless they have to be retained due to legal obligations (for example, seven years under tax law according to § 132 Abs 1 BAO).

  10. Data processing by customers

    When using ExpertBox to book appointments with experts, ExpertBox collects and uses the following personal information during the registration process.

    • First and Last Name
    • Email address
    • Selected expert
    • Selected unit length
    • Selected type of service

    The button raises the o.g. Data, as they are required for the booking of dates for services of experts and for the proper handling of these. In the case of a scheduled appointment booking, the button transmits the customer's data to the respective expert. The button uses the data collected from customers anonymously for the production of statistics and for the internal development of the offered software services. ExpertBox reserves the right to submit anonymous data to experts for statistical purposes. When booking appointments with an expert, ExpertBox also collects the following data in order to carry out the payment processing, which is forwarded directly to the payment service manager Stripe.

    • Credit card information
  11. Experts

    For service Providers who use ExpertBox to process their customer interaction, ExpertBox also collects and uses the following personal data for the purpose described below.
    If you only use ExpertBox's appointment management solution as an expert, the following data is collected:
    First and Last Name
    Email address
    Password
    Telephone number (optional)
    Location (optional)
    Offered unit lengths of service
    Website (optional)
    Profile picture (optional)
    Occupation (optional)

    However, if you also use ExpertBox's accounting and payment processes, the following additional personal data will also be collected, which are required for the purpose of adequate accounting and payment processing and which comply with the required KYC regulations:

    • Company name
    • Prices of services per unit length
    • Applicable VAT rate
    • Applicable cancellation polic
    • Billing address
    • Bank account connection
    • TAX number

    The o.a. Data is required to provide the services offered by ExpertBox. The expert agrees that much of the o.g. Data, in particular first and last name, email address, telephone number, website, title, profile picture, unit lengths and prices of the offer, address of the service provision, occupation and cancellation conditions are displayed publicly in the respective expert profile. When an invoice is created by ExpertBox, all invoice relevant data are also shared with the respective customer, in particular the billing address, the VAT rate, and any UID number. Certain data, in particular nationality, date of birth and address are collected on the basis of the statutory KYC regulations and passed on to our payment service Provider together with all other payment-relevant data.

  12. Payment processing

    In order to offer you all the functions of ExpertBox, we use selected service Providers who process their data in our order and name. In the process, we only pass on data to a service Provider that has been carefully selected by us and authorized in writing within the scope of a legally permissible order processing. Go Consulted and thus the ExpertBox solution uses a secured electronic payment system of the financial service Provider Stripe (Stripe, 510 Townsend Street, San Francisco, CA 94103, USA Attention: Stripe Legal) for the settlement of all payment services and cash flows. By registering on ExpertBox, the user expressly agrees to the possible ExpertBox monthly fee, the underlying pricing models and the following terms and conditions of payment and payment terms of Stripe. For the accuracy, completeness and security of the processes that are performed by Stripe, Go Consulted, and thus ExpertBox, assumes no liability.
    In the event that a booking has been made incorrect, duplicate or unauthorized, Go Consulted can be contacted at [email protected] or [email protected] and a refund requested. If the Go Consulted or ExpertBox and/or Stripe terms and conditions are violated, the user may be denied the right of recourse. Go Consulted also reserves the right to post payments in this case or in the event of a breach of law.

  13. Video conversation

    For the video calls handled via ExpertBox, our own self-hosted video system, which is based on the open source technology WebRTC and is encrypted, is used in the first place. To prevent any connection difficulties with certain end devices or software environments, we provide the user with a backup to either one of our two Providers, Tokbox (TokBox, Inc., 501 2nd Street, Suite 310, San Francisco CA 94107) or Twilio (Twilio Inc., 375 Beale Street, Suite 300, San Francisco, CA 94105). Both Providers are DSGVO compliant. Each time you connect to the video chat server, a unique session ID is created that allows both parties to connect. In this process, no personal information is sent to the respective Provider.

  14. Mailings, SMS and notifications

    As an email we use the SendGrid https://www.twilio.com/legal/privacy Go Consulted will send automated notifications via email to users from the moment of registration at ExpertBox, which serves to facilitate the successful and easier handling of the ExpertBox functions. Emails sent via include, for example, registration confirmations, notifications of appointment requests or received messages, appointment confirmations, appointment reminders and invoice deliveries.

  15. Web Analysis

    Because we're committed to protecting your privacy, we do not use third-party web analytics systems, such as Google Analytics. Instead, we use a self-hosted system based on open source software for statistical analysis of visitor access and log files. Cookies are used and stored on your computer, which gives us the opportunity to analyze the use of our website by you. The IP address is anonymized immediately after processing and stored on our own servers. The data are for quality assurance and statistical purposes only.

  16. Order data processing

    Go Consulted also provides companies with the software as a white label solution. If ExpertBox collects personal data in this context on behalf of the company, this is done only on behalf of and on the basis of a separate agreement on data processing in the order. In this case, the contracting entity, as the data protection officer, is responsible for compliance with data protection rules.

  17. Disclosures Of Your Personal Data

    We may share your personal data with the parties set out below:

    Third parties (including service providers and subcontractors) to aid us with improving, analyze and secure the Services and to develop and offer new products and services.
    Third parties (including service providers and subcontractors) working on behalf of or with the Company to provide (i) information about our products or services, or (ii) the products or services requested by you. These third parties are subject to confidentiality agreements and do not have any independent or legal right to share your personal data.
    Company reserves the right to disclose personal data it collects: (i) if Company believes it is necessary to do so in order to investigate, prevent or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of the Service's Terms and Conditions, Agreements between us or as otherwise required by law; (ii) when Company believes that disclosure is necessary to protect its legal rights and/or to comply with a judicial proceeding, court order or legal process served on Company; or (iii) to transfer information in the event of a merger, acquisition, transfer of assets, or other organizational restructuring or change of control.

    We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.

    If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

    Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

    Withdrawing Your Consent

    If you have given us consent to process your personal data, you have the right to withdraw your consent at any time.

  18. Duration of data storage

    We store your data for the duration of your ExpertBox account. However, you can cancel or block your ExpertBox account at any time. We will then delete your data, unless we are legally obliged to further storage or retention. If the data is still required to settle outstanding transactions, the deletion will take place at the earliest after the settlement of these transactions.

  19. Your rights and complaint options

    You are entitled in principle to free information, correction, deletion, limitation of processing, data portability, revocation and opposition. You can claim all of these rights by contacting us at [email protected] The button is also available for other questions about data protection and the processing of your data under [email protected]
    All specified user data can also be updated independently in your own profile. This does not apply to the email address, which is used for identification purposes and therefore can only be changed on request by email to [email protected]

  20. Adjustments to the privacy policy

    ExpertBox reserves the right to change and supplement this privacy policy at any time. Any adjustments will be posted on www.derbutton.com and on the App and will apply from the date of publication. Therefore, you should periodically retrieve these privacy notices to keep up to date with the latest developments. By continuing to use, you agree to the most recent version with the applicable changes and/or additions.

You can reach us under the following contact details:

GO CONSULTED,
8 The Green STE A, Dover, Kent County, DE 19901, USA
Phone: + 1 302 56 50 146 ,
Email: [email protected] , [email protected]

This website uses cookies to ensure you get the best experience on our website.

Learn more