ShiftMag’s Privacy Policy

This Privacy Notice applies to you when you visit website https://shiftmag.dev/ or interact with us. We believe that the responsible use of personal data supports business growth and builds strong relationships between partners, consumers, and brands. As a business, we are committed to respecting and protecting the privacy of all individuals with whom we interact.

It is very important to us to be transparent about the personal data we collect about you, how we use such data, and with whom we share it. That is exactly what this Privacy Notice contains and it is divided into several sections for easier navigation.

This Privacy Notice describes the activities which Infobip undertakes as controller. Infobip is a controller when we process personal data for our own purposes and do not act on behalf of someone else. We are committed to processing that data as described in this Privacy Notice and respecting all obligations arising from the applicable privacy law.

1. Definitions

We use the following definitions in this notice:

  • The term “Infobip” or “us” or “we” or “our” refers to the company Infobip d.o.o., a company incorporated under the laws of Croatia with company registration number 130004106, whose registered office is at Istarska 157, Vodnjan 52215, Croatia.
  • The term “you” refers to a natural person (an individual) whose personal data Infobip collects and processes.
  • The term “personal data” means any information about you from which you can be identified, directly or indirectly.
  • The term “controller” means the organisation which determines the purposes and means of the data processing and is responsible for processing such data in a manner consistent with the applicable privacy law.
  • The term “processor” means an organisation who processes personal data on behalf of the controller.
  • The term “applicable privacy law” means all laws and regulations applicable to the processing of given personal data (e.g. the General Data Protection Regulation (EU) 2016/679, the UK GDPR, or the UK Data Protection Act 2018). Please see the country-specific addenda for more information.

2. Who is responsbile for your personal data?

The main entity responsible for the processing of personal data as described in this Privacy Notice – the controller – is Infobip d.o.o., a company incorporated under the laws of Croatia with company registration number 130004106, whose registered office is at Istarska 157, Vodnjan 52215, Croatia.

If you have any questions regarding this Privacy Notice or our privacy practices, you may contact our Privacy team and Data Protection Officer via the email address data-protection-officer@infobip.com.

3. How we obtain your personal data?

Most of the personal data we process is provided to us directly by you when you visit our website, subscribe to receive our marketing newsletter with the latest articles, or otherwise communicate with us.

We also receive personal information from other sources, such as in the following situations:

  • If you visit our website, we automatically collect certain information, such as your Internet protocol (IP) address, cookie identifiers, and other unique identifiers, browser or device information, and location information (including approximate location derived from IP address). For more information about how we collect data through cookies please visit our Cookie Policy

4. What personal data do we collect, why and on which and on which legal basis, how do we use it and for how long do we keep it?

4.1. When you contact us via email or other channels:

What personal data do we collect?

We may collect your name and surname, contact details (e.g. email address, phone number, country), and business details (e.g. company’s name and industry and your business role). We will also collect any other information you choose to provide to us, depending on the nature of our communication.

How do we collect it?

Directly from you when you contact us via email or initiate communication through any other communication channel with us.

Why do we collect it, under which legal basis, and how do we use it?

We collect and use this data to: · Communicate with you and answer your inquiries. Conversation with us is completely voluntary and based only on your initiative. Therefore, for a conversation to take place, you will have to contact us, which implies that you are consenting to the processing of your personal data by a clear affirmative act.

How long do we keep it?

Personal data collected for this purpose will be deleted six (6) months after our last communication.

4.2. When we send you our email marketing communications:

What personal data do we collect?

We collect your email address to send you marketing communication. We may also gather simple statistics around email openings and clicks.

How do we collect it?

Directly from you if you subscribe to receive our newsletters “ShiftMag Engineering Newsletter” through the webforms available on our website · Simple statistics around email openings and clicks are generated automatically via industry standard technologies such as clear gifs when you engage with our emails.

Why do we collect it, under which legal basis, and how do we use it?

Our purpose for collecting this data is to:

  • Inform you about our latest articles published on our website.
  • Gather statistics (email opening and clicks) to help us improve our marketing initiatives.

If you subscribe to our email marketing communications, we rely on your consent provided to us when submitting such webform. You may proactively manage your preferences or opt-out of communications (unsubscribe) with Infobip at any time using the unsubscribe link provided in our marketing communication. When you unsubscribe from our marketing communication (i.e. withdraw your consent), we will stop sending you marketing materials.

However, we maintain a so-called “suppression list” that contains only your email address just to be sure that we do not contact you with unwanted content in the future. We retain this information relying on our legitimate interest to respect the choices of our newsletter recipients.

How long do we keep it?

  • Your personal data will be kept for our marketing activities until you unsubscribe.
  • If you unsubscribe we will only keep a suppression list that includes your contact details (email address) to ensure you do not receive any further marketing communication.

4.3. When you visit our website:

What personal data do we collect?

When visiting our website, by placing cookies, we may collect your IP address, your browser type and associated information, the pages you have visited and the order you visited them, as well as whether you are a new or returning visitor.

How do we collect it?

Directly from you when you browse our website by placing cookies on your browser. The cookies are either placed automatically (necessary cookies) or only once you have consented to them (functional, analytical, and advertising cookies). Please review our Cookie Policy for more information.

Why do we collect it, under which legal basis, and how do we use it?

We collect and use this data to:

  • Maintain and improve our website and overall business.

When doing so, we rely either on our legitimate interest to ensure the functioning of the website (for necessary cookies) or on your consent (for functional, analytical, and advertising cookies).

Please review our Cookie Policy for more information on how you can manage (including to withdraw) your cookie consent.

How long do we keep it?

This depends on the specific types of cookies that were either placed automatically (necessary cookies) or that you have consented to be placed (other categories). Please review our Cookie Policy for more details on the retention periods for specific types of cookies.

5. How and with whom do we share your personal data?

We may engage suppliers (also known as vendors or service providers) to help us in the processing of your personal data for the activities that we conduct as a controller and that we describe in this Privacy Notice. Since we are a global company, we may also share your personal data with our subsidiaries and affiliates as part of our daily operations. Any such sharing within the Infobip Group is regulated by intercompany agreements on personal data processing and transfer.

Before engaging any new supplier, we perform a security and privacy assessment. Where such supplier acts as our processor, we ensure that the processing of personal data is governed by a written data processing agreement.

Notwithstanding the foregoing, as a rule, we do not share personal data with third parties except when strictly necessary and on a need-to-know basis, such as with:

  • Service and technology providers to the extent strictly necessary for them to perform specific actions on our behalf. These might be related to some of the above-listed processes (e.g. utilizing a software provider to send you a marketing newsletter).
  • Advertising partners that we might use as part of our marketing activities. More information is listed in our Cookie Policy along with an explanation of how to adjust your cookie settings when visiting our website.
  • Merger and acquisition stakeholders as part of disclosure in the event of a merger, sale, or other asset transfer. Your information may be transferred as part of such a transaction, as permitted by law or contract.

6. How do we carry our international transfers of your personal data?

We conduct our business operations globally, and sometimes we need to carry out international transfers of your personal data by providing your personal data to the parties specified in the section above. All international transfers are carried out while ensuring the confidentiality and security of your personal data and in line with the applicable privacy law. This might include specific technical, organisational, and contractual measures. For example, in relation to transfers of personal data outside the European Economic Area, we will complete and execute standard contractual clauses for data transfers where required.

7. How do we secure your personal data?

At Infobip, we believe that security and privacy go hand in hand. In order to protect personal data collected and processed by us, we have therefore invested in the development, implementation, and constant improvement of a wide range of technical and organisational security measures. These measures

have been implemented in accordance with ISO 27001:2013 standard requirements, and you can read more about them here. The list of our current and up-to-date certificates can be found here.

We take care to train all our staff in the field of privacy and security, starting from their first day in Infobip through the onboarding process and continuously throughout their stay at Infobip.

Before we engage a supplier, we check their security practices and alignment with the applicable privacy law. Once engaged, we continue to assess them on a regular basis.

8. What are your rights in respect of your personal data?

Depending on the applicable privacy law, you may have certain rights with respect to your personal data.

Where granted by the applicable privacy law, you have the right to:

  • Withdraw your consent to our processing of your personal data (to the extent such processing is based on your consent and consent is the only permissible basis for processing), without affecting the lawfulness of processing based on consent before its withdrawal
  • Request from us to access your personal data, which means requesting a copy of the personal data we hold about you
  • Ask us to rectify (correct) your personal data that you think is inaccurate and to complete your personal data that you think is incomplete
  • Ask us to erase your personal data in certain circumstances
  • Ask us to restrict the processing of your personal data in certain circumstances
  • If we process your personal data by automated means based on your consent or upon a contractual relation with you, you can exercise the right of data portability
  • If we process your personal data upon our legitimate interest, you have the right to object to the processing

If you have any questions on how we use your personal data or if you wish to exercise a certain right or resolve a complaint regarding the processing of your personal data, you can contact our Data Protection Officer by sending an email to the following email address: data-protection-officer@infobip.com.

If applicable to you, you can lodge a complaint with the supervisory authority of the EU member state of your habitual residence, place of work, or place of the alleged infringement. If you want to file a complaint or contact the relevant data protection authority for any other reason, you may find contact details of EEA data protection authorities at https://edpb.europa.eu/about-edpb/board/members_en.

9. Do we conduct automated decision-making that significantly affects you?

No. We do not conduct any operation under which you would be subject to a decision based solely on automated processing that has legal or similarly significant effects for you, including profiling.

10. How long do we keep your personal data?

Your personal data that is processed based on your consent would be collected and saved in our database in accordance with given consent. If you wish to withdraw your consent for the processing of your personal data for any purpose and to delete your data, you can do that at any time by sending an email to data-protection-officer@infobip.com. Regarding your personal data that is not subject to your consent, we

will only keep it for as long as necessary to fulfill the purposes for which it was collected. Specific retention periods are listed under the respective activities in section 4 of this Privacy Notice.

11. How often do we update this privacy notice?

The most current version of this Privacy Notice will govern our practices for collecting, processing, and disclosing personal data. We will provide notice of any modifications on this page. You can always check the date of the last update at the beginning of this Privacy Notice. More information regarding Infobip’s privacy practices are available at Infobip’s Privacy Notice.