1.1. This website creates a temporary session cookie to facilitate basic operation of the website. The session cookie does not contain any personally identifying information and is set to be deleted by the browser as soon as you leave the website.
2. Your personal information
2.1. Feedback forms can be either "generic" or "personal". The type of the form, from which you came to this page by clicking the appropriate link, is specified at the top of this document (unless you came by this page by some other means).
2.2. Generic forms are anonymous and are not associated with any personally identifying information, except as explicitly provided by you.
2.3. Personal forms are associated with your phone number or email address ("contact"), which is already stored on our servers by the time you received an invitation to fill the form (via email, text message, or other means). This contact has been passed to us by the place of business where you made the purchase ("your seller"), the purchase that generated this feedback form. We use your contact only to send you an invitation to fill in the form, and not for any other purpose. We will NOT send you any follow-up messages without your explicit approval. We will NOT share your contact with anyone without your explicit approval, unless required to do so by legal authorities.
2.4. A feedback form of any type may ask you to provide additional personal details, including phone numbers and/or email addresses. All the information you provide via the feedback form, including said details, will be securely stored on our servers and securely shared only with the form's owner. A form's owner is specified inside the form (for a personal form this would typically be your seller). We will NOT share any of your answers with anyone else without your explicit approval, unless required to do so by legal authorities.
2.5. Upon your visit on the form page we store only the basic information about your browser and operating system, as specified in the User Agent identifier string sent by your browser. We do NOT store your IP address.
2.6. If you receive an invitation from us to fill in a form on behalf of a seller, you can prevent any future invitations to you on behalf of the given seller or from any seller, by using the unsubscribe form via the link provided in the invitation. The unsubscribe option is available for at least 30 days after receiving the invitation. You may also request to be unsubscribed at any moment by sending such request to firstname.lastname@example.org (in this case we may need to verify your identity in order to unsubscribe you, and it may take up to 24 hours after verification until you are unsubscribed). Please note that our phone and email records are separate, so if you unsubscribe your phone number, you may still receive emails, and vice versa.
2.7. You may request that all your personal information on our servers, including your contact details and the answers you provided, be permanently deleted from our servers. You may send such request to email@example.com at any time. Please note that we may need to verify your identity in order to fulfil your request and that it may take a few days to complete this request after such verification. Please also note that we will not be physically able to honor your unsubscribe requests, if any, after your contact details are deleted.
3. Information security
3.1. Our servers are located within the borders of the state of Israel in a secure facility with 24/7 surveillance.
3.2. All communications between you and our servers is encrypted via the HTTPS protocol, with the SSL certificate being updated approximately once a month.
3.3. Our servers are protected by firewall and antivirus programs, as well as any other appropriate security measures.
3.4. Full access to the server data requires credentials, which are known only to the system administrator. These credentials are regularly changed and kept in a secure undisclosed location.
3.5. Partial access to the server data requires administrator login credentials, which are known only to a few of our most trusted team members. These credentials are changed regularly. The passwords are stored in a one-way encrypted format according to the current industry standards.
3.6. Limited access to the server data (mostly read-only) requires client login credentials. Each client has limited access only to the data associated with the forms that this client owns. Clients are contractually required to keep their credentials safe and secret. These credentials will be annulled if there is any suspicion that they were compromized.
שינוי אחרון בתאריך 05/02/2021