Menu
Personal menu
Search
0
Promo text. Edit or remove in the administration.
Close
Close
0 items
You have no items in your shopping cart.
Close
All categories
    Menu

    Privacy & Condition of use Policy

    Privacy & Condition of use Policy for Website and application of InfinitySy  

    Date: 25-09-2024

    1. Information We Collect

    At InfinitySy , we are committed to protecting your personal information. This section outlines the specific types of information we collect from users, the methods of collection, and the purposes behind it.

    1.1 Personal Information

    We collect the following types of personal information:

    • Identifying Information:
      • Name: First and last name
      • Email Address: Valid email for account creation and communication
      • Phone Number: Contact number for support and verification
      • Mailing Address: Street address for billing and service delivery
    • Account Information:
      • Username: Unique identifier for user accounts
      • Password: Encrypted password for account security
      • Profile Details: Additional information users provide for personalization
    • Payment Information:
      • Credit Card Details: Card number, expiration date, CVV (stored securely)
      • Billing Address: Associated address for payment processing
      • Transaction History: Records of purchases and subscriptions
    • Non-Personal Information

    We also collect non-personal information, which includes:

    • Usage Data:
      • Access Times: Dates and times when you access our services
      • Pages Viewed: Specific pages or features you interact with
      • Session Duration: Time spent on our platform during each visit
    • Device Information:
      • IP Address: Numerical label assigned to your device
      • Browser Type: Type of web browser used (e.g., Chrome, Safari)
      • Operating System: OS version (e.g., Windows, macOS, Android)
    • Cookies and Tracking Technologies:
      • Cookies: Small data files stored on your device that track preferences
      • Web Beacons: Small graphic files used to monitor user behavior

    1.2 Methods of Collection

    We utilize several methods to collect information:

    • Direct Collection:
      • Forms: Registration forms, surveys, and feedback forms
      • Communications: Emails, chats, and customer support interactions
    • Automated Tracking:
      • Cookies: Automatically collected data when you visit our site
      • Analytics Tools: Tools like Google Analytics that track user behavior
    • Third-Party Sources:
      • Service Providers: Information from payment processors and marketing partners
      • Public Sources: Data from social media or public databases used for verification

    1.3 Purposes of Information Collection

    We collect information for the following purposes:

    • Service Provision:
      • To create and manage user accounts
      • To provide customer support and address inquiries
    • Communication:
      • To send account-related notifications and updates
      • To inform users about service changes or promotions
    • Marketing:
      • To send newsletters, offers, and promotional materials (with consent)
      • To conduct targeted advertising based on user preferences
    • Research and Development:
      • To improve our services based on user feedback and usage patterns
      • To conduct market research and analysis
    • Compliance:
      • To comply with legal regulations and obligations
      • To protect our rights and prevent fraud

    1.4 User Consent

    By providing your personal information, you consent to our practices:

    • Informed Consent:
      • You acknowledge understanding the types of data we collect and their uses.
    • Withdrawal of Consent:
      • You can withdraw your consent at any time by contacting us, which may limit your access to certain features.

    2. Data Protection

    At InfinitySy, we prioritize the protection of your personal information. This section outlines the measures we take to safeguard your data and ensure compliance with relevant data protection regulations.

    2.1 Data Security Measures

    We implement a variety of security measures to protect your information:

    • Encryption:
      • We use industry-standard encryption protocols (e.g., AES-256) to secure sensitive data during transmission and storage.
    • Access Controls:
      • Access to personal information is restricted to authorized personnel only. We use role-based access controls to ensure that employees can only access data necessary for their job functions.
    • Secure Storage:
      • Personal information is stored on secure servers with firewalls and intrusion detection systems in place to prevent unauthorized access.
    • Regular Security Audits:
      • We conduct periodic security audits and vulnerability assessments to identify and mitigate potential risks.

    2.2 Data Minimization

    We adhere to the principle of data minimization:

    • Limited Collection:
      • We collect only the data necessary to fulfill the purposes outlined in our Privacy Policy.
    • Retention Policy:
      • Personal information is retained only as long as necessary for the purposes for which it was collected or as required by law.

    2.3 User Rights

    We respect and facilitate the rights of users regarding their data:

    • Access and Rectification:
      • Users have the right to access their personal information and request corrections if inaccuracies are found.
    • Erasure and Restriction:
      • Users can request the deletion of their personal data or restrict its processing under certain circumstances.
    • Data Portability:
      • Users can request their data in a structured, commonly used, and machine-readable format for their use or transfer to another service.

    2.4 Compliance with Regulations

    We comply with applicable data protection regulations based on the National law Regulation for data compliances and regulations

    2.5 Data Breach Response

    In the event of a data breach, we have a response plan in place:

    • Incident Response Team:
      • A dedicated team is responsible for managing data breach incidents and ensuring timely communication with affected users.
    • Notification Procedures:
      • We will notify affected users as soon as possible in the event of a data breach that poses a risk to their rights and freedoms, in compliance with legal requirements.

    3. Acceptable Use Policy

    3.1 Compliance with Laws

    Users of InfinitySy ’s services must comply with all applicable laws and regulations. This includes, but is not limited to:

    • Intellectual Property Laws:
      • Copyrights: Users must not reproduce, distribute, or display copyrighted material without permission from the copyright owner.
      • Trademarks: Users must not use any trademarks or service marks without authorization, and should respect the rights of trademark holders.
      • Un-Customed: Users must not display any items or products that are uncustomed or against trading national law regulations

    Note*

    If any of the above laws are not fully complied with, the risk falls solely on the customer, and the company will not be responsible for any violations.

    • Data Protection Laws:
      • Personal data must be processed lawfully, transparently, and for specific purposes. Users must obtain consent before collecting personal data.
      • Users must be aware of their rights regarding personal data, including the right to know what personal data is being collected and the right to request deletion.
    • Anti-Spam Laws:
      • Users must adhere to the CAN-SPAM Act and similar regulations, which prohibit sending unsolicited commercial emails. Users must provide a clear opt-out option in all communications.
    • Consumer Protection Laws:
      • Users must not engage in misleading or deceptive practices in their communications or transactions.

    3.2 Prohibited Activities

    Users are prohibited from engaging in the following activities when using InfinitySy ’s services:

    • Illegal Activities:
      • Fraudulent activities (e.g., identity theft, credit card fraud).
      • Distribution of illegal substances , materials or against customs law.
      • Engaging in any activities that violate national laws, such as:
    • Harassment and Threats:
      • Cyberbullying: Repeatedly sending offensive, rude, or insulting messages.
      • Stalking: Monitoring or following someone online without their consent.
      • Using the platform to harass, intimidate, or threaten others, including:
    • Spamming and Phishing:
      • Bulk emails promoting products or services without user consent.
      • Phishing attempts to acquire sensitive information (e.g., passwords, credit card numbers) by pretending to be a trustworthy entity.
      • Sending unsolicited emails or messages, including:
    • Malware Distribution:
      • Viruses, worms, or Trojan horses that can harm user devices or networks.
      • Ransomware that locks users out of their devices until a ransom is paid.
      • Introducing malicious software, such as:
    • Impersonation:
      • Creating fake accounts to deceive others.
      • Using another person's identity to gain access to restricted areas.
      • Misrepresenting oneself or falsely claiming affiliation with another person or organization, including:
    • Unauthorized Access:
      • Hacking into accounts or systems.
      • Using automated tools to guess passwords.
      • Attempting to access or use accounts, systems, or networks without authorization, including:
    • Disruption of Services:
      • Denial-of-service attacks aimed at overwhelming servers.
      • Tampering with network traffic or data.
      • Engaging in activities that disrupt or interfere with the normal functioning of services, such as:
    • Sharing of Inappropriate Content:
      • Hate speech, pornographic material, or graphic violence.
      • Content that promotes illegal activities or self-harm.
      • Posting or sharing content that is obscene, offensive, or otherwise inappropriate, including:

    4. User Policies

    4.1 Account Security

    To ensure the security and integrity of user accounts, InfinitySy  implements the following measures and guidelines:

    • Strong Passwords:
      • Users must create strong passwords that are at least 12 characters long and include a mix of uppercase letters, lowercase letters, numbers, and special characters.
      • Users are encouraged to change their passwords regularly and avoid using easily guessable information, such as birthdays or common phrases.
    • Two-Factor Authentication (2FA):
      • Users are strongly encouraged to enable two-factor authentication for an additional layer of security. This may involve receiving a verification code via SMS or using an authentication app.
    • Account Monitoring:
      • Users should regularly monitor their account activity for any unauthorized access or suspicious behavior.
      • If any unusual activity is detected, users should report it immediately to InfinitySy ’s support team.
    • Confidentiality of Credentials:
      • Users must keep their login credentials confidential and not share them with anyone.
      • If a user suspects that their credentials have been compromised, they should change their password immediately and notify InfinitySy .
    • Device Security:
      • Users should ensure that their devices are secure by using up-to-date antivirus software and enabling firewalls.
      • Avoid accessing accounts on public Wi-Fi networks without a virtual private network (VPN) to protect data from potential interception.

    4.2 Content Responsibility

    Users are responsible for the content they create, share, and post while using InfinitySy ’s services. This includes:

    • Ownership of Content:
      • Users must ensure that they have the right to post any content they share, including text, images, videos, and other materials. This means obtaining necessary permissions if the content is not originally created by the user.
    • Compliance with Laws:
      • Users must comply with all applicable laws and regulations regarding the content they share, including copyright laws, trademark laws, and laws against hate speech or defamation.
    • Prohibited Content:
      • Illegal: Content that violates any national laws.
      • Obscene or Offensive: Material that is pornographic, sexually explicit, or promotes violence and hatred.
      • Misleading or False: Information that is intentionally deceptive or misleading.
      • Users are prohibited from posting or sharing content that is:
    • Respect for Others:
      • Users must respect the rights and feelings of others when posting content. This includes avoiding harassment, threats, or bullying.
      • Users should not share personal information about others without their consent, including addresses, phone numbers, or other sensitive information.
    • Reporting Violations:
      • Users are encouraged to report any content that violates these guidelines or is otherwise inappropriate. InfinitySy will review reports and take appropriate action, which may include removing content or suspending accounts.

    5. Antivirus Measures

    5.1 Purpose

    The purpose of implementing antivirus measures is to protect InfinitySy ’s systems, networks, and user data from malware, viruses, and other cyber threats. These measures are essential for maintaining the integrity, confidentiality, and availability of information.

    5.2 Antivirus Software

    • Selection of Software:
      • InfinitySy utilizes industry-standard antivirus software that is regularly updated to detect and neutralize the latest threats. The software must offer features such as real-time scanning, automatic updates, and malware removal.
    • Installation Requirements:
      • All devices accessing InfinitySy ’s network, including desktops, laptops, and mobile devices, must have approved antivirus software installed and operational.
    • Licensing Compliance:
      • The organization must ensure that all antivirus software is properly licensed and complies with vendor agreements.

    5.3 Regular Updates

    • Automatic Updates:
      • Antivirus software must be configured to receive automatic updates to ensure that the latest virus definitions and security patches are applied without delay.
    • Manual Checks:
      • In addition to automatic updates, users should perform manual checks to ensure that their antivirus software is up-to-date, especially after major software updates or installations.

    5.4 Scheduled Scans

    • Daily Scans:
      • All devices must be set to perform full system scans at least once a day to detect and eliminate any potential threats.
    • On-Demand Scanning:
      • Users should have the capability to run on-demand scans at any time, especially after downloading files from the internet or opening email attachments.

    5.5 User Responsibilities

    • Awareness and Training:
      • Users must receive training on recognizing potential threats, such as phishing emails or suspicious downloads, and the importance of maintaining updated antivirus protection.
    • Reporting Incidents:
      • Users are required to report any detected threats, unusual behavior, or antivirus alerts to the IT department immediately for investigation and response.
    • Avoiding Disabling Antivirus:
      • Users must not disable or uninstall antivirus software without prior approval from the IT department. Any exceptions must be documented and justified.

    5.6 Incident Response

    • Threat Response Protocol:
      • Isolating the affected device from the network to prevent further spread of the malware.
      • Running a full system scan using the antivirus software to remove the threat.
      • Reporting the incident to the IT security team for further analysis and documentation.
      • In the event of a detected malware infection, the organization has a defined incident response protocol that includes:
    • Post-Incident Review:
      • After an incident, a review will be conducted to determine the cause, assess the effectiveness of existing measures, and implement any necessary changes to improve security.

    5.7 Compliance and Auditing

    • Regular Audits:
      • The organization will conduct regular audits of antivirus software installations, configurations, and compliance with these policies to ensure effectiveness and adherence.
    • Policy Review:
      • This antivirus measures policy will be reviewed annually or whenever there are significant changes in technology or threat landscapes to ensure its continued relevance and effectiveness.

    6. Network Security

    6.1 Purpose

    The purpose of network security measures is to protect the integrity, confidentiality, and availability of data transmitted over InfinitySy ’s network. This involves implementing various strategies and technologies to safeguard against unauthorized access, data breaches, and other cyber threats.

    6.2 Network Security Policies

    • Access Control:
      • Only authorized personnel should have access to sensitive network resources. Access privileges must be assigned based on the principle of least privilege, ensuring that users only have the permissions necessary for their roles.
    • Network Segmentation:
      • The network should be segmented into distinct zones (e.g., guest, internal, and sensitive data zones) to limit access and minimize the risk of data breaches. Each segment should have its own security controls.

    6.3 Firewalls

    • Implementation of Firewalls:
      • Firewalls must be deployed at network boundaries to monitor and control incoming and outgoing network traffic based on predetermined security rules.
    • Configuration Management:
      • Firewalls should be configured to block unauthorized access while allowing legitimate traffic. Regular reviews and updates of firewall rules must be conducted to adapt to new threats.

    6.4 Intrusion Detection and Prevention Systems (IDPS)

    • Deployment of IDPS:
      • Intrusion detection and prevention systems should be implemented to monitor network traffic for suspicious activity and automatically respond to potential threats.
    • Alerting and Reporting:
      • The IDPS should be configured to send alerts for detected intrusions or anomalies, and a reporting mechanism must be in place for incident response teams.

    6.5 Virtual Private Network (VPN)

    • VPN Usage:
      • A Virtual Private Network (VPN) should be used to secure remote access to the organization’s internal network. The VPN encrypts data transmitted over the internet, protecting it from interception.
    • User Authentication:
      • Strong authentication methods (e.g., multi-factor authentication) should be employed for users connecting via VPN to ensure that only authorized individuals can access the network.

    6.6 Wireless Network Security

    • Secure Wi-Fi Protocols:
      • All wireless networks must use secure protocols (e.g., WPA3) to encrypt data transmitted over the air. Open or weakly secured networks must be avoided.
    • Guest Network Isolation:
      • A separate guest network should be established for visitors, with no access to internal network resources. This network must have its own security measures.

    6.7 Data Encryption

    • Encryption of Sensitive Data:
      • Sensitive data transmitted over the network must be encrypted using strong encryption standards (e.g., AES-256) to protect it from unauthorized access.
    • End-to-End Encryption:
      • Where applicable, end-to-end encryption should be used to secure communications between users and services.

    6.8 Monitoring and Logging

    • Network Traffic Monitoring:
      • Continuous monitoring of network traffic must be conducted to detect suspicious activity, unauthorized access attempts, and other security incidents.
    • Logging and Retention:
      • Logs of network activity should be maintained for a specified period (e.g., 90 days) to facilitate incident investigations and compliance audits. Log data should be protected against tampering.

    6.9 Incident Response

    • Incident Response Plan:
      • An incident response plan must be established to outline procedures for responding to network security incidents. This includes identification, containment, eradication, recovery, and lessons learned.
    • Regular Drills:
      • Regular drills and simulations should be conducted to test the effectiveness of the incident response plan and ensure that personnel are familiar with their roles during an incident.

    6.10 Compliance and Auditing

    • Regular Security Audits:
      • Conduct regular security audits and assessments of network infrastructure to identify vulnerabilities and ensure compliance with security policies.
    • Policy Review:
      • The network security policy should be reviewed and updated annually or as needed in response to changes in technology, regulations, or threat landscapes.

    7. Third-Party Data Sharing

    7.1 Service Providers

    • Definition and Purpose:
      • InfinitySy  may share personal data with third-party service providers who assist in delivering services, performing tasks, or supporting business operations. These providers may include cloud storage services, payment processors, IT support, and marketing vendors.
    • Due Diligence:
      • Prior to sharing any data, InfinitySy  conducts due diligence to ensure that the service providers have adequate security measures in place to protect personal information. This includes reviewing their data protection policies, security certifications, and compliance with relevant regulations.
    • Data Processing Agreements:
      • The purpose of data processing.
      • The types of data shared.
      • Security measures to protect the data.
      • Data retention and deletion policies.
      • All service providers must enter into Data Processing Agreements (DPAs) that outline the terms of data sharing, including:
    • Limitation of Use:
      • Service providers are only authorized to use personal data for the specific purposes outlined in the DPA and must not use the data for their own purposes or share it with others without consent.

    7.2 Legal Compliance

    • Compliance with Laws:
      • Court orders.
      • Subpoenas.
      • Government investigations.
      • InfinitySy  may share personal data with third parties as required by law or in response to valid legal requests. This includes compliance with:
    • Protecting Rights:
      • Preventing fraud.
      • Responding to claims or legal disputes.
      • Personal data may also be shared to protect the rights, property, or safety of InfinitySy , its users, or others. This includes:
    • Notification:
      • Whenever possible, InfinitySy  will notify users of any legal requests for their data, unless prohibited by law or in cases of emergencies.

    7.3 Business Transfers

    • Mergers and Acquisitions:
      • In the event of a merger, acquisition, or sale of all or a portion of InfinitySy ’s assets, personal data may be transferred as part of that business transaction. Users will be notified of any such change in ownership or use of their personal data.
    • Due Diligence in Transfers:
      • During business transfers, InfinitySy  will ensure that adequate protections are in place to safeguard personal data. This includes conducting risk assessments and ensuring that the acquiring party adheres to strong data protection standards.
    • User Rights:
      • Users will be informed of any changes to the handling of their personal data as a result of business transfers, including their rights regarding data access, correction, and deletion.

    8. Data Backup

    8.1 Purpose

    The purpose of data backup procedures is to ensure the integrity, availability, and recoverability of critical data in the event of data loss due to accidental deletion, hardware failure, cyberattacks, or natural disasters.

    8.2 Backup Policy

    • Scope of Backup:
      • All critical data, including user data, system configurations, application data, and business records, must be included in the backup process. This applies to both on-premises and cloud-based data.
    • Backup Frequency:
      • Daily Backups: Incremental backups of all data to capture changes made since the last backup.
      • Weekly Backups: Full backups of all data to ensure a complete dataset is available for recovery.
      • Backups should be performed regularly according to the following schedule:
    • Retention Period:
      • Backup data should be retained for a specified period, typically ranging from 30 days to 1 year, depending on regulatory requirements and business needs. After this period, backups should be securely deleted.

    8.3 Backup Methods

    • On-Site Backups:
      • Local backups should be stored on secure, dedicated servers or storage devices within the organization’s premises. These backups allow for quick recovery in the event of data loss.
    • Off-Site Backups:
      • Off-site backups should be maintained in a secure location separate from the primary data center to protect against physical disasters (e.g., fire, flood). This can include cloud storage or dedicated backup facilities.
    • Cloud Backups:
      • Utilizing cloud-based backup solutions can enhance data redundancy and ease of access. Data should be encrypted during transmission and storage to protect sensitive information.

    8.4 Backup Security

    • Encryption:
      • All backup data must be encrypted to safeguard against unauthorized access. This includes both data at rest and data in transit.
    • Access Control:
      • Access to backup systems and data should be restricted to authorized personnel only. User permissions must be managed to ensure that only those who require access for their roles can retrieve or modify backup data.

    8.5 Testing and Validation

    • Regular Testing:
      • Backup systems and processes must be tested regularly (e.g., quarterly) to ensure that data can be successfully restored. This includes performing test restores of critical data to verify integrity and accessibility.
    • Validation Procedures:
      • Procedures should be in place to validate that backups are complete and free of errors. This may involve checking logs, performing checksum validations, and confirming data integrity.

    8.6 Incident Response and Recovery

    • Restoration Procedures:
      • Steps for identifying the loss.
      • Procedures for initiating the recovery process.
      • Communication protocols for informing stakeholders.
      • Clear procedures must be defined for data restoration in the event of data loss. This includes:
    • Downtime Management:
      • Strategies should be established to minimize downtime during recovery. This may involve prioritizing critical systems and data for restoration to ensure business continuity.

    8.7 Compliance and Auditing

    • Regulatory Compliance:
      • Backup practices must comply with relevant laws and regulations, including data protection and privacy laws.
    • Audit Trails:
      • Maintain logs of backup operations, including dates, times, and personnel involved in the backup and restoration processes, to facilitate audits and ensure accountability.

    8.8 Continuous Improvement

    • Review and Update:
      • The data backup policy should be reviewed and updated regularly (at least annually) to incorporate improvements based on technological advancements, business changes, and lessons learned from incidents.

    9. Physical Security

    9.1 Purpose

    The purpose of physical security measures is to protect the organization’s physical assets, including facilities, equipment, and sensitive data, from unauthorized access, damage, theft, and other risks.

    9.2 Access Control

    • Authorized Access:
      • Access to physical facilities must be restricted to authorized personnel only. This includes employees, contractors, and visitors who have a legitimate reason to enter secure areas.
    • Identification Badges:
      • All personnel must wear identification badges that are clearly visible while on the premises. Badges should include the individual’s name, photo, and access level.
    • Visitor Management:
      • A visitor log should be maintained to track non-employee access. Visitors must be signed in and out, and they should be escorted by authorized personnel while on site.

    9.3 Facility Security

    • Perimeter Security:
      • Physical barriers, such as fences, gates, and walls, should be installed around the facility to deter unauthorized access. Surveillance cameras should monitor these areas.
    • Entry Control Systems:
      • Access points should be equipped with electronic access control systems (e.g., key cards, biometric scanners) to monitor and restrict entry to sensitive areas.
    • Security Personnel:
      • Trained security personnel should be present on-site to monitor access points, respond to incidents, and conduct regular patrols of the facility.

    9.4 Environmental Controls

    • Fire Safety Measures:
      • Fire alarms, smoke detectors, and fire suppression systems should be installed and regularly maintained. Emergency exit routes must be clearly marked and accessible.
    • Climate Control:
      • Environmental controls, such as heating, ventilation, and air conditioning (HVAC) systems, should be implemented to protect sensitive equipment from damage due to excess heat or humidity.
    • Flood and Water Damage Prevention:
      • Facilities should be designed and maintained to mitigate risks from flooding. This includes proper drainage, waterproofing, and positioning critical equipment away from potential water sources.

    9.5 Equipment Security

    • Secure Storage:
      • Sensitive equipment and data storage devices (e.g., servers, backup drives) must be kept in secure areas with limited access. Lockable cabinets or server rooms should be used.
    • Asset Tracking:
      • An asset management system should be in place to track the location and status of physical assets. Regular inventory checks should be conducted to ensure accountability.

    9.6 Data Disposal

    • Secure Disposal Procedures:
      • Procedures must be established for the secure disposal of physical media containing sensitive information. This includes shredding documents and wiping or physically destroying hard drives.
    • Documentation of Disposal:
      • A log should be maintained documenting the disposal of sensitive data and equipment, including dates, methods of destruction, and personnel involved.

    9.7 Incident Response

    • Emergency Procedures:
      • Clear emergency procedures must be established for responding to physical security incidents, including theft, vandalism, and natural disasters. This includes evacuation plans and communication protocols.
    • Reporting Incidents:
      • Employees must be trained to report any suspicious activity or security breaches immediately. A clear process should be in place for documenting and investigating reported incidents.

    9.8 Training and Awareness

    • Security Awareness Training:
      • Regular training sessions should be conducted to educate employees about physical security policies, procedures, and best practices. Topics should include access control, emergency response, and recognizing suspicious behavior.
    • Continuous Improvement:
      • Feedback from training sessions and incident responses should be used to continuously improve physical security measures and policies.

    9.9 Compliance and Auditing

    • Regular Audits:
      • Regular audits of physical security measures should be conducted to assess compliance with policies and identify areas for improvement.
    • Policy Review:
      • The physical security policy should be reviewed and updated at least annually or as needed in response to changes in the organizational environment or emerging threats.

    10.  User Rights

    10.1 Right to Access

    • Overview:
      Users have the right to request access to their personal data held by InfinitySy . This includes information about what data is being processed, the purpose of processing, and who it is shared with.
    • Request Procedure:
      Users can submit a written request to access their personal data. InfinitySy  will respond within a specified timeframe (e.g., 30 days) and provide a copy of the data, along with relevant details about its processing.
    • Restrictions:
      Access may be denied in certain circumstances, such as when it compromises the privacy of others or if the request is deemed excessive.

    10.2 Right to Rectification

    • Overview:
      Users have the right to request the correction of inaccurate or incomplete personal data. This ensures that the information held is accurate and up to date.
    • Request Procedure:
      Users can submit a request to rectify their data, specifying the inaccuracies and providing any necessary documentation. InfinitySy  will process these requests promptly and notify users once the corrections are made.
    • Limitations:
      Rectification requests may be denied if the data in question is accurate or if the request is unfounded.

    10.3 Right to Deletion

    • Overview:
      Users have the right to request the deletion of their personal data when it is no longer necessary for the purposes for which it was collected, or if they withdraw consent on which processing is based.
    1. Request Procedure:
      Users can submit a deletion request, and InfinitySy will evaluate the request in accordance with applicable laws and regulations. If approved, the data will be deleted securely. Through the Account Deletion Page: https://InfinitySy .com/customer/deleteAccount
    • Exceptions:
      Deletion requests may be denied if the data is required for compliance with legal obligations or for the establishment, exercise, or defense of legal claims.

    10.4 Right to Restrict Processing

    • Overview:
      Users have the right to request the restriction of processing their personal data under certain conditions, such as when they contest the accuracy of the data or object to its processing.
    • Request Procedure:
      Users can submit a request to restrict processing, and InfinitySy  will evaluate and confirm whether processing can be restricted. During this period, the data will not be processed except for storage.
    • Duration of Restriction:
      The restriction will remain in place until the issue is resolved or the user requests to lift the restriction.

    10.5 Right to Data Portability

    • Overview:
      Users have the right to receive their personal data in a structured, commonly used, and machine-readable format and to have that data transferred to another controller, where technically feasible.
    • Request Procedure:
      Users can submit a request for data portability, specifying the data they wish to transfer. InfinitySy  will provide the data in the requested format when possible.
    • Scope of Portability:
      This right applies only to data that users have provided directly to InfinitySy  and that is processed based on consent or a contract.

    10.6 Right to Withdraw Consent

    • Overview:
      Users have the right to withdraw their consent for the processing of their personal data at any time, where processing is based on consent.
    • Withdrawal Procedure:
      Users can submit a written request to withdraw consent, and InfinitySy  will cease processing their data unless there is another legal basis for processing.
    • Impact of Withdrawal:
      Users will be informed of the implications of withdrawing consent, including any potential loss of services that rely on the processing of their data. 

    11. Changes to This Privacy Policy

    11.1 Purpose of Updates

    The purpose of this section is to inform users about the circumstances under which changes may be made to the privacy policy, ensuring transparency and ongoing compliance with relevant laws and regulations.

    11.2  Notification of Changes

    • User Communication:
      Users will be notified of any significant changes to the privacy policy through various communication channels, including:
      • Email notifications to registered users.
      • Notices on the organization’s website or user dashboard.
      • Updates on social media platforms.
    • Timing of Notifications:
      Notifications will be provided in a timely manner, ideally at least [insert time frame, e.g., 30 days] before the changes take effect, allowing users to review the new policy.

    11.3 Review Period

    • User Right to Review:
      Users are encouraged to review the privacy policy regularly, especially after receiving notifications of changes. The updated policy will be accessible on the organization’s website.
    • User Acceptance:
      Continued use of the services after the effective date of the updated policy constitutes acceptance of the changes. Users who do not agree with the modifications should discontinue use of the services and may request deletion of their personal data.

    11.4 Documenting Changes

    • Version Control:
      Each version of the privacy policy will be documented with a version number and effective date. This record will be maintained to track the history of changes made to the policy.
    • Summary of Changes:
      A summary of material changes will be provided alongside the updated policy to highlight what has changed and how it may impact users.

    11.5 Regulatory Compliance

    • Legal Requirements:
      Changes made to the privacy policy will comply with applicable laws and regulations, including data protection laws and industry standards. The organization will ensure that any modifications align with legal obligations regarding user rights and data handling.

    11.6 Contact Information

    • Inquiries and Feedback:
      Users are encouraged to contact the organization with any questions or feedback regarding changes to the privacy policy. Contact information will be provided in the policy, including:
      • Email address for privacy-related inquiries.
      • Phone number for customer support.

    12. Use of Cookies

    12.1 Introduction to Cookies

    Cookies are small text files placed on your device by websites you visit. They are widely used to enhance your browsing experience by enabling the website to remember your actions and preferences (such as login information and language settings) over a period of time.

    12.2 Types of Cookies We Use

    • Essential Cookies:
      These cookies are necessary for the website to function properly. They enable basic features such as page navigation and access to secure areas of the website. Without these cookies, certain functionalities cannot be provided.
    • Performance Cookies:
      These cookies collect information about how visitors use our website, such as which pages are visited most often and if users receive error messages. This information helps us improve the website’s performance.
    • Functionality Cookies:
      These cookies allow the website to remember choices you make (such as your username, language, or the region you are in) and provide enhanced, more personal features.
    • Targeting/Advertising Cookies:
      These cookies are used to deliver advertisements relevant to you and your interests. They may also limit the number of times you see an advertisement and help measure the effectiveness of advertising campaigns.

    12.3 Purpose of Using Cookies

    • Enhancing User Experience:
      Cookies help us provide a personalized experience by remembering your preferences and settings, making it easier for you to navigate our website.
    • Analytics and Performance Improvement:
      We use cookies to analyze how users interact with our website, allowing us to improve functionality and address any issues that arise.
    • Marketing and Advertising:
      Cookies enable us to serve personalized ads based on your browsing behavior, ensuring that you receive offers and information that are relevant to you.

    12.4 User Consent

    • Cookie Consent Mechanism:
      When you visit our website for the first time, you will see a cookie consent banner informing you about our use of cookies. This banner will provide options to accept all cookies, reject non-essential cookies, or manage your cookie preferences.
    • Options for Consent:
      You can choose to:
      • Accept All Cookies: Allow all cookies for a full experience on our website.
      • Decline Non-Essential Cookies: Accept only essential cookies necessary for the website to function.
      • Manage Preferences: Access additional settings to customize your cookie choices.

    12.5 Managing Cookies

    • Browser Settings:
      You can manage cookie settings through your web browser. Most browsers allow you to refuse or accept cookies, delete cookies, and notify you when a cookie is being sent.
    • Opt-Out Options:
      For third-party cookies, you can opt out of targeted advertising through various online tools and industry opt-out programs. We provide links to these resources for your convenience.

    12.6 Third-Party Cookies

    • Third-Party Services:
      Our website may utilize third-party services (e.g., analytics and advertising) that set their own cookies. We recommend reviewing their respective cookie policies for more information on how they use cookies.

    12.7 Changes to Cookie Policy

    • Periodic Updates:
      We may update this cookie policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. Significant changes will be communicated to users through appropriate channels.

    12.8 Contact Information

    • Inquiries and Feedback:
      If you have any questions or concerns about our use of cookies or this cookie policy, please contact us at support@InfinitySy .com

    13. Contact Us

    13.1 Purpose

    This section provides users with the necessary information to contact InfinitySy  regarding any questions, concerns, or requests related to the privacy policy, data practices, or user rights.

    13.2 How to Reach Us

    If you have any inquiries or feedback regarding our privacy practices, please feel free to contact us using the following methods:

    • Email:
      For general inquiries, you can reach us at:
      info@InfinitySy .com
    • Phone:
      For immediate assistance, you can call our customer support at:
      0988111090
    • Mailing Address:
      If you prefer to reach us by mail, you can send your correspondence to:
      InfinitySy
      Damascus-Syria
      Masrouaa Dumar
      Jazeera 10 Buil. 74

    13.3 Response Time

    We strive to respond to all inquiries as promptly as possible. Generally, you can expect a response within 1-3 business days. For complex requests or inquiries, it may take longer, and we appreciate your patience.

    13.4 Feedback

    We value your feedback regarding our privacy practices. If you have suggestions for improvement or specific concerns, please include those in your communication.

    13.5 User Rights Inquiries

    For questions specifically related to your data rights, including access, rectification, deletion, or other user rights described in this privacy policy, please clearly indicate your request in your communication.

    Information
    Customer service
    Copyright © 2024 Infinity SY Store. All rights reserved.