This is a description of how your personal data is collected, used and deleted while you visit our website www.fyma.ai, register your account and using Fyma Video Analytics Comparison Platform. Additional data protection agreement for business clients, please read here.
The Controller of your personal data is Fyma OÜ, a company organized and existing under the laws of Estonia, registered under number 14319403, address Veerenni 38, Tallinn 10135, Estonia (“we”, “us”).
How we get the personal information?
The personal information we process is provided to us directly by you in order to register your unique account to our Platform and also when you upload video files to our Platform in order to use our video analytics tool.
Please be aware that any video files, containing personal data, that you upload to Fyma Platform, you are entirely responsible of having sufficient legal basis to do this and you have informed persons, identifiable on the video file, that you share their personal data with third-party (Fyma). Sharing personal data to third-parties makes it no longer private use and according to law you must inform concerned individuals beforehand.
In addition, we may also collect your personal data indirectly. When visiting our website, we and our service providers, may collect certain data using tracking technologies like cookies, web beacons and similar technologies. You may decline from such processing on our cookie banner.
Indirectly collected data may fall under the terms of third-party privacy policies while they act as an independent data controller. Please read those separately.
What kind of data is processed and why?
|Processing activity||Data categories||Purpose||Legal basis|
|User account subscription||Name, email||User account creation||Contract|
|Video file processing by AI analytics tool||Uploaded video files containing identifiable persons’ image||Data analytics||Contract|
|Website and related service maintenance and quality||IP address of the device, Device screen size, Device type (unique device identifiers), Browser information, Geographic location (country only)||Providing the web Platform, Cookies and Sessions||Contract|
|User request resolving||Name, E-mail, User request and communication||Customer support||Contract|
|Processing for accounting when paid services||Transaction documents||Fulfilling accounting law||Legal obligation|
|Web visitor analytics||Online identifiers (including cookie identifiers and IP addresses)||Website visitor statistics||Consent|
|Newsletters and offers||E-mail address||Marketing||Consent|
Sharing your personal data
Any data you provide will not be publicly displayed or shared to other Users. Our employees and business partners have access to personal data to the extent necessary for the performance of their work duties.
We use third party processors to help provide our service.
Why and with whom we share your personal data?
|Categories of recipients||Purpose|
|Service providers||We work with service providers that work on our behalf which may need access to certain personal data to provide their services to us. These companies include those we have hired to operate the technical infrastructure that we need to provide service and assist in protecting and securing our systems and services. For more detailed information about our service providers, please send us an e-mail firstname.lastname@example.org|
|Payment providers||For paid services you interact directly to payment service providers available on our Platform, who process your data as data controllers and thus their privacy notice applies.|
Some of our processing is cloud based so your personal information might be sent outside the European Economic Area. In such instances we will ensure that the transfer of your personal data is carried out in accordance with applicable privacy laws and that appropriate contractual, technical, and organisational measures are in place.
Ensuring the security of personal data
We have taken necessary technical and organizational security measures to protect your personal data against accidental or unlawful destruction, loss or alteration and against the unauthorized disclosure, abuse or other processing in violation of applicable law.
This includes: Identity and access management; Preventing unauthorized viewing of personal data; deliberately set password requirements; structurally safe network design; encryption system; data loss prevention and other relevant continuously updated security measures.
Retention and deletion of personal data
The storage period of personal data depends on whether we have legal obligations to store data (i.e accounting regulations), contractual obligations, legitimate interest to provide best services or your explicit consent.
|Data Type||Purpose||Retention Time|
|Date, E-mail||User account subscription||Until account deletion|
|Uploaded video files containing identifiable persons’ image||Providing analytics service||Until analytical outcome is achieved/account deletion/file deletion by user|
Freemium product: by default 30 days after file upload
|Information necessary for accounting||Fulfilling accounting law||7 years + current fiscal year after transaction|
|Email address, Newsletter consent||Marketing||Until withdrawal of consent|
|IP address of the device, Device screen size, Device type (unique device identifiers), Browser information, Geographic location (country only),||Providing the website service||A session for 15 days|
Cookies data for 3 days
Device and usage data on the server for 5 days
|Online identifiers (including cookie identifiers and IP addresses)||Website visitor statistics||Until withdrawal of consent|
Your rights and preferences
Under data protection law, you have rights including:
1) Right to be informed and to access. You may get information regarding your personal data processed by us.
2) Right to data portability. You have the right to receive your personal data from us in a structured, commonly used and machine-readable format and to independently transmit those data to a third party.
3) Right to erasure. You have the right to have personal data we process about you erased from our systems if the personal data are no longer necessary for the related purposes.
4) Right to object and restrict. You have the right to object to the processing of your personal data and restrict it in certain cases.
5) Right to rectification. You have the right to make corrections to your personal data.
6) Right to withdraw consent. When you have given us consent to process your personal data, you may withdraw said consent at any time.
To exercise any of the abovementioned rights, please contact email@example.com. We will respond to your requests within 30 days.
Other important information
Newsletter and direct marketing campaigns
With your explicit consent, we may send you our newsletter and marketing offers. You may opt out of these messages. Please note that email marketing messages include an opt-out mechanism within the message itself (e.g. an unsubscribe link in the emails we send to you). Clicking on the link in an email will opt you out of further messages. You may also opt-out on your account settings in case this option is available. We may also use social media tools to market our products and services. As social media and web analytics providers act as joint processors, there might be consent or opt-out requirements also on their side (Google Ads, Facebook Ads).
If you have questions or concerns about our use of your personal information, please feel free to contact us at firstname.lastname@example.org. You may lodge a complaint to the supervisory authority, the Estonian Data Protection Inspectorate, email@example.com
This Privacy Notice was updated November 2021.