Effective Date: October 1, 2024

Introduction

We are committed to collecting, using, processing, and sharing personal data responsibly, in compliance with applicable privacy laws, to protect your data rights. We use technical and organizational measures to ensure compliance with data protection, privacy, and security legislation in the regions where we operate, including the General Data Protection Regulation (GDPR) and the Digital Services Act (DSA). This Privacy Policy describes the key principles governing our handling of your personal data and explains our responsibilities in ensuring your information is protected.

Contact Information

General Contact:

If you have any inquiries regarding our services, feedback, or need assistance related to how DataDirects.com functions, please feel free to reach out to us using the contact form on the Contact Us page or via

• Email: info@datadirects.com

Single Point of Contact for Authorities (EU Member States, European Commission, European Board for Digital Services):

To facilitate direct and efficient communication regarding the application of the Digital Services Act (DSA), we have designated a single point of contact for authorities. All official communications should be directed to

• Email: dsa.garan@datadirects.com

Please note that this contact point is exclusively for communications from the specified authorities. For general user inquiries, data erasure requests, bug reporting etc, please use the address listed in the general contact section above.

 

Our Legal Representative in the EU:

Lionheart Squared (Europe) Limited

• Email: DataDirects-DSA@Lionheartsquared.eu
• Address: Upper Pembroke Street 28-32, Dublin D02 EK84 Republic of Ireland

Rolik Data Directs
Registration number: 516153194
Registered address: 5 Kordova St, Tel Aviv, Israel
Email: info@datadirects.com

Terms Used as Legal Guidelines

We process your personal data based on specific legal grounds, including consent and legitimate interests. Consent is your explicit permission for data processing for a particular purpose, while legitimate interests justify processing where it’s necessary, provided it respects your rights. Additionally, some laws, such as the Digital Services Act, may impose specific legal obligations that require us to process certain data. We comply with all such legal grounds as required.

Consent and Other Legal Bases

If you provide consent, you may withdraw it at any time by contacting us via the appropriate channels; The message form on our “Contact Us” page, or the email address listed above. Upon withdrawal, we will stop processing your data unless another legal basis (e.g., legal obligation, legitimate interest, or contract) justifies its continued use, in line with your rights.

Our Responsibilities

We comply with all applicable privacy laws, including the GDPR and the DSA, when processing personal data, acting as either a data controller or a data processor, as the situation requires.

Your Responsibilities

Please review this Privacy Policy thoroughly to understand your rights. Maintain the confidentiality and security of your personal data. If you provide personal information about others, ensure that you have the proper authorization to do so.

Processed Data

We collect personal data when you use our Platforms, including browsing, subscribing, communicating, using services, receiving notifications, or when required by law. This data may include your browsing history, demographic details, email, and information related to how you use our Platforms.

Please note that our platforms do not host user-generated content such as reviews, comments, or personal profiles. Data processed related to user interactions is primarily for service provision, platform functionality, and compliance.

Recipients of Your Data

Your data may be accessed by authorized personnel within our company, including management, technical, and customer support teams, strictly on a need-to-know basis.

In specific circumstances, and when legally required or permitted, your data may also be disclosed to:

• Third-party service providers and partners: As detailed in the “Data Location and Third-Party Services” section.
• Public authorities and regulatory bodies: This includes EU Member States’ authorities, the European Commission, and the European Board for Digital Services, when we are subject to a legal obligation to respond to legitimate requests, orders for information, or other legal processes as mandated by laws such as the Digital Services Act.
• Our Legal Representative in the EU: For the purpose of receiving and forwarding official communications as required by Article 13 of the DSA.

Purpose and Legal Basis for Data Processing

We process your data for the following purposes and under the following legal bases:

• Providing Services: To operate and maintain our Platform and manage your subscriptions, if any. (Legal Basis: Contract).
• Sending Newsletters or Offers: To send you promotional communications based on your preferences (Legal Basis: Consent or Legitimate Interest, where applicable).
• Maintaining the Platforms: For technical operation, troubleshooting, and ensuring the security and stability of our services (Legal Basis: Legitimate Interests).
• Preventing Fraud and Misuse: To protect our services and users from fraudulent or malicious activities (Legal Basis: Legitimate Interests, Legal Obligation).
• Improving Our Services: To analyze usage patterns and gather feedback to enhance Platform functionality and user experience (Legal Basis: Legitimate Interests).
• Offering Customer Support: To respond to your inquiries and provide assistance (Legal Basis: Contract, Legitimate Interests).
• Compliance with Legal Obligations (including DSA): To comply with applicable laws and regulations, such as responding to valid legal orders or notifications from authorities under the Digital Services Act (e.g., regarding illegal content reports, information requests), and maintaining records of such interactions (Legal Basis: Legal Obligation).

Your Data Subject Rights

You have several rights regarding your personal data under the GDPR, including the right to:

• Access the information we hold about you.
• Correct inaccurate data.
• Object to processing (including profiling) in certain circumstances.
• Request data portability.
• Request erasure of your data (the “right to be forgotten”).
• File a complaint with a supervisory authority regarding data processing.

We strive to respond to all legitimate requests within one month, with possible extensions as allowed by law. To exercise these rights, please contact us via the dedicated user contact channels specified on our “Contact Us” page, or our email.

Data Security

We take appropriate technical and organizational measures to ensure the security of your personal data. However, by using the Platform, you acknowledge that no data transmission over the internet can be guaranteed as 100% secure. You are responsible for keeping your login details (if any) confidential. Please report any privacy concerns or breaches to us immediately via our general user support channels.

Data Location and Third-Party Services

We are based in Israel, with servers hosted by Google Cloud in the USA, certified under the EU-U.S. Privacy Shield Framework. We may link to third-party websites, but our Privacy Policy does not apply to them—please review those sites’ policies before sharing your data. Our third-party partners include:

• Travel and flight websites (for aggregation and linking).
• Analytics providers: Google Analytics, Hotjar.
• Marketing platforms: Google AdSense, AdWords, Remarketing, Bing, Gemini, Facebook, X (formerly Twitter).
• Payment processors (not for the general public)

Data Retention Policy

We retain personal data for as long as necessary to fulfill the purposes for which it was collected, including for the provision of services, compliance with legal obligations (e.g., tax, anti-fraud, and DSA record-keeping requirements), resolution of disputes, and enforcement of our agreements.

Specifically, data related to DSA compliance (e.g., records of illegal content notices, statements of reasons, and appeals) may be retained for specific periods as mandated by the DSA or relevant national laws. Generally, personal data is retained for 18 months, but specific data types may be retained for longer or shorter periods based on type, legal requirements, litigation, intellectual property, contracts, and operational needs.

Cookie Policy

We use cookies and similar tracking technologies to enhance Platform functionality and efficiency. You can manage your cookie preferences in your browser settings.

Transfer of Personal Data

If you reside in the EU/EEA, your data is  processed in Israel and stored on Google Cloud servers in the USA. These international transfers are lawful under GDPR Article 45 (link) and conducted through the EU-U.S. Data Privacy Framework (DPF). These safeguards are in place to ensure that your data remains protected to GDPR standards when transferred outside the EU/EEA.

EU DIGITAL SERVICES ACT (DSA):

In accordance with the EU Digital Services Act (DSA), we are committed to providing a transparent and safe online environment for our users. As part of our regulatory obligations, we provide the following report regarding our content moderation practices and the nature of our services.

https://storage.googleapis.com/tpd-public/DSA.pdf