מדיניות פרטיות

Data Location & Retention

‍Data Location:
‍
We and our authorized Service Providers (defined below) maintain, store and process personal data in Israel, Europe, the UK, the US and other locations as reasonably necessary for the proper performance and delivery of our Services, or as may be required by applicable law.

ehouse is headquartered in Israel, a jurisdiction which is considered by the European Commission, the United Kingdom Secretary of State, and the Swiss Federal Data Protection and Information Commissioner (FDPIC), to be offering an adequate level of protection for personal data of individuals residing in the European Economic Area (EEA), the UK and Switzerland, respectively. We transfer data from the EEA, the UK and Switzerland to Israel on this basis. 

While privacy laws vary between jurisdictions, ehouse and its Service Providers are each committed to protecting personal data in accordance with this Privacy Policy, customary and reasonable industry standards, and such appropriate lawful mechanisms and contractual terms requiring adequate data protection, regardless of any lesser legal requirements that may apply in the jurisdiction to which such data is transferred. For data transfers from the EEA, the UK and Switzerland to countries which are not considered to be offering an adequate level of data protection, we enter into Standard Contractual Clauses as approved by the European Commission, UK Information Commissioner’s Office, and the FDPIC (as appropriate). You can obtain a copy of these clauses by contacting us as indicated in Section 12 below. 

Data Retention:
We may retain your personal data for as long as it is reasonably needed in order to maintain and expand our relationship and provide you with our Services and offerings; in order to comply with our legal and contractual obligations; or to protect ourselves from any potential disputes (i.e. as required by laws applicable to log-keeping, records and bookkeeping, and in order to have proof and evidence concerning our relationship, should any legal issues arise following your discontinuance of use), all in accordance with our data retention policy and at our reasonable discretion. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of such data, the potential risk of harm from unauthorized use or disclosure of such data, the purposes for which we process it, and the applicable legal requirements. If you have any questions about our data retention policy, please contact us by email at support@joinehouse.com.

4. Data Disclosure
‍We may disclose personal data in the following instances:
‍
‍Service Providers:
We may engage selected third-party companies and individuals to perform services on our behalf or complementary to our own. Such service providers include logistics service providers (including for storage, packaging, transportation or payment), hosting services, data security services, billing and payment processing services, fraud detection and prevention services, web and product analytics, e-mail distribution and monitoring services, session or activity recording services, remote access services, performance measurement, data optimization and marketing services, social and advertising networks, voicemails, support, enablement and customer relation management systems, and our legal, financial and compliance advisors (collectively, “Service Providers“). Our Service Providers may have access to personal information, depending on each of their specific roles and purposes in facilitating and enhancing our Services, and may only use the data as determined in our agreements with them.
‍
‍Service Integrations:
‍You may choose to integrate third-party services with our Services such as eCommerce platforms or payment solutions (provided that such integration is supported by our Services). The provider of this integrated third-party service may receive certain relevant data (that may include personal data) from our Services, or share certain relevant data from such third-party provider’s service with our Services, depending on the nature and purpose of such integration. Note that we do not receive or store your passwords for any of these third-party services (but do typically require your API key in order to integrate with them).

‍Legal Compliance:
We may disclose or allow government and law enforcement officials access to your personal data, in response to a subpoena, search warrant or court order (or similar requirement), or in compliance with applicable laws and regulations. Such disclosure or access may occur if we believe in good faith that: (a) we are legally compelled to do so; (b) disclosure is appropriate in connection with efforts to investigate, prevent, or take action regarding actual or suspected illegal activity, fraud, or other wrongdoing; or (c) such disclosure is required to protect our legitimate business interests, including the security or integrity of our products and services.

‍Protecting Rights and Safety:
We may share personal data with others if we believe in good faith that this will help protect the rights, property or personal safety of ehouse, any of our Users or Members, or any members of the general public.

‍ehouse Subsidiaries and Affiliated Companies:
We may share personal data internally within our group, for the purposes described in this Privacy Policy. In addition, should ehouse or any of its subsidiaries or affiliates undergo any change in control or ownership, including by means of merger, acquisition or purchase of substantially all or part of its assets, personal data may be shared with or transferred to the parties involved in such an event. We may disclose personal data to a third-party during negotiation of, in connection with or as an asset in such a corporate business transaction. Personal data may also be disclosed in the event of insolvency, bankruptcy or receivership.

For the avoidance of doubt, ehouse may share personal data in additional manners, pursuant to your explicit approval, or if we are legally obligated to do so, or if we have successfully rendered such data non-personal, non-identifiable and anonymous. We may transfer, share or otherwise use non-personal and non-identifiable data at our sole discretion and without the need for further approval.

5. Cookies and Tracking Technologies 
‍Our Services (including some of our Service Providers) utilize “cookies”, anonymous identifiers, pixels, container tags and other technologies in order for us to provide and monitor the use of our Services and Sites, to ensure that they perform properly, to analyze our performance and marketing activities, and to personalize your experience. Such cookies and similar files or tags may also be temporarily placed on your device. Certain cookies and other technologies serve to recall personal data, such as an IP address. To learn more about our practices concerning cookies and tracking, please see our Cookie Policy. 

You can manage your cookies preferences, and accept, remove or entirely block cookies, through your browser settings. If you choose to opt-out of certain cookies, this will typically generate a new cookie which will preserve your choice, and indicate it to our Services in your next visits so that the cookies you opted-out of will not be utilized. 

Certain web browsers may transmit “Do Not Track” signals to websites with which the browser communicates. However, due to differences in how web browsers interpret this feature and send those signals, and lack of standardization, we do not change our practices in response to such “Do Not Track” signals. 

6. Communications
‍We engage in Services and promotional communications, through email, phone, SMS and notifications.
‍
‍Services Communications:
We may contact you with important information regarding our Services. For example, we may send you notifications (through any of the means available to us) of changes or updates to our Services, billing issues, log-in attempts or password reset notices, etc. 
‍
‍Promotional Communications:
We may also notify you about new features, additional offerings, and special opportunities or any other information we think you will find valuable. We may provide such notices through any of the contact means available to us (e.g. phone, mobile or email), through the Services, or through our marketing campaigns on any other sites or platforms. If you do not wish to receive such promotional communications, you may notify us at any time by sending an email to support@joinehouse.com, or by following the “unsubscribe”, “stop”, “opt-out” or “change email preferences” instructions contained in the promotional communications you receive.
‍
‍Data Security
‍In order to protect your personal data held with us, we use industry-standard physical, procedural and technical security measures, including encryption as appropriate. However, please be aware that regardless of any security measures used, we cannot and do not guarantee the absolute protection and security of any personal data stored with us or with any third parties as described in Section 4 above. 
‍
‍Data Subject Rights
‍Individuals have rights concerning their personal data. Please contact us by e-mail at support@joinehouse.com if you wish to exercise your privacy rights under any data protection law applicable to you, including the EU or UK General Data Protection Regulation (GDPR). 

Such rights may include – the right to request access to (specific pieces of personal data collected; categories of personal data collected; categories of sources from whom the personal data was collected; purpose of collecting personal data; categories of third parties with whom we have shared personal data), rectification or erasure of your personal data held with ehouse, to restrict or object to the processing of such personal data, or to port such personal data. If you are a GDPR-protected individual, you also have the right to lodge a complaint with the relevant supervisory authority in the EU or the UK, as applicable.

If you are a Receiver and would like to make any requests or queries regarding your personal data that we process as a Data Processor on our Member’s behalf, including exercising your right to access, correct, or delete your data, please contact your merchant directly, which is the Data Controller of such data. 

Please note that when you ask us to exercise any of your rights under this Privacy Policy or applicable law, we may need to ask you to provide us with certain information to verify your identity, in order to avoid disclosure to you of personal data related to others and to better understand the nature and scope of personal data that you request to access. We will not fulfill your request unless you have provided sufficient information that enables us to reasonably verify that you are the individual about whom we collected the personal data, or that such data is processed on behalf of any of our Members, so that we may forward it to such Member for their further handling. Such additional information may be then retained by us for legal purposes (e.g., as proof of the identity of the person submitting the request, or proof of request fulfillment), in accordance with Section 3 above.

‍Data Controller/Processor
‍Certain data protection laws and regulations, such as the GDPR, typically distinguish between two main roles for parties processing personal data: the “Data Controller”, who determines the purposes and means of processing; and the “Data Processor”, who processes such data on behalf of the data controller. Below we explain how these roles apply to our Services, to the extent that such laws and regulations apply.

‍Ehouse is the “Data Controller” of Member, User and Prospect Data, as detailed in Section 1 above. Accordingly, we assume the responsibilities of a Data Controller (solely to the extent applicable under law), as set forth in this Privacy Policy. 

‍Ehouse is the “Data Processor” of Receiver Data that we process on behalf of our Members (who are the Data Controllers of such data) and in accordance with their reasonable instructions, subject to our Terms, our Data Processing Addendum (to the extent applicable) and other commercial agreements with them. Therefore, our Members are responsible for handling requests to exercise privacy rights from Receivers or other individuals whose data they process through the Services.

‍Requirements under US State Privacy LawsThis Privacy Policy describes the categories of personal information we may collect and the sources of such information (in Section ‎1 above), and our retention (Section ‎3) and deletion (Section 8) practices. We also included information about how we may process your information (in Sections ‎1 through ‎7), which includes “business purposes” under the CCPA and similar state laws, as applicable. We do not “sell” or “share” your personal information for the intentions and purposes of the CCPA, nor disclose personal information that we “control” to any third party for their direct marketing purposes. We may disclose personal data to third parties or allow them to collect personal data from our Services as described in Sections ‎4 and 5 above, if those third parties are our Members (in respect of Receiver Data processed on their behalf) or our authorized Service Providers who have agreed to our contractual limitations as to their retention, use, and disclosure of such personal data, or if you integrate the Services of third parties, or direct us to disclose your personal data to third parties, or as otherwise described in Section 4 above. You may also designate an authorized agent, in writing or through a power of attorney, to request to exercise your privacy rights on your behalf. The authorized agent may submit a request to exercise these rights by emailing us. We will not discriminate against you by withholding our Services from you or providing a lower quality of service to you for requesting to exercise your rights under the law.

If you have any questions or would like to exercise your rights under any applicable US State privacy laws, you can contact support@joinehouse.com.

‍Additional Notices & Contact Details

‍Updates and Amendments:
We may update and amend this Privacy Policy from time to time by posting an amended version on our Services. The amended version will be effective as of the date it is published. When we make material changes to this Privacy Policy, we will give notice as appropriate under the circumstances, e.g., by displaying a prominent notice within the Services or by sending an email. Your continued use of the Services after the changes have been implemented will constitute your acceptance of the changes. 

‍Third Party Websites and Services:
Our Services may include links to third-party websites, and allow integrations with third-party services. Such websites and third-party services, and any information you process, submit, transmit or otherwise use with or to such websites and services are governed by such third party’s terms and privacy practices and policies, and not by this Privacy Policy. We encourage you to carefully read the terms and privacy policies of such websites and third-party services. 

‍Our Services are not directed to children under the age of 16:
We do not knowingly collect personal data from children and do not wish to do so. If we learn that a person under the age of 16 is using the Services, we will attempt to prohibit and block such use and will make our best efforts to promptly delete any personal data stored with us with regard to such child. If you believe that we might have any such data, please contact us by email at support@joinehouse.com.

‍EU Representative:  eHouse Space GmbH has been designated as ehouse’s representative in the EU/EEA for data protection matters pursuant to Article 27 of the GDPR. eHouse Space GmbH may be contacted on matters related to the processing of personal data of residents of the EU/EEA by email at support@joinehouse.com or by post at Charlottenburger Str. 62, Berlin.

‍UK Representative: JOIN EHOUSE LTD has been designated as ehouse’s representative in the EU/EEA for data protection matters pursuant to Article 27 of the UK GDPR. JOIN EHOUSE LTD may be contacted on matters related to the processing of personal data of UK residents by email at support@joinehouse.com or by post at 95A Rye Ln, London

‍Questions, concerns or complaints: If you have any comments or questions regarding our privacy policy or practices, or if you have any concerns regarding your personal data held with us, or if you wish to make a complaint about how your personal data is being processed by ehouse, please contact ehouse’s at support@joinehouse.com. 

Last updated: July 2023