Last Updated: April , 2021
This website (the “Website”) is the property of and operated by Caja Elastic Dynamic Solutions Ltd.
(hereinafter “CAJA”, “we”, “our”, “us”), and processes Personal Data (as defined below)
which we receive or collect in relation to your access and use of the Website.
The purpose of this privacy statement (the "Privacy Statement") is to provide details and information on CAJA's practices and policy with respect to the use and collection of information on participants and visitors of the Website or other interactions with CAJA (the "User(s)”, “Data Subject”, “You”).
The term, “Personal Data” or “Personal Information”, as used in this Privacy Statement means information relating to an identified or identifiable natural person.
The term, “Processing”, as used in this Privacy Statement means any action taken in respect of Personal Data.
CAJA may, at its sole discretion, update this Privacy Statement from time to time to reflect any legal or practical requirements. Any modifications will become valid with immediate effect and Users are therefore required to periodically review the Privacy Statement and be updated with the terms applicable to their interests.
Automatic Collection of Personal Information
When you visit the Website, we will automatically collect from you the following information:
- Placement of cookies, including third party cookies
- IP address
- Information about your web browser
- Referring URL or source (which referred you to our Website)
- Other information automatically sent by your browser and contained in HTTP Headers
- Facebook Pixel ID
- Site activity (including what you click on
We will use the foregoing data for analysis of Website activity, protecting the security of the Site; enable site functionality,
identifying unique users, track user activity on the site, and unique website views and display and personalization of advertisements.
The legal basis for collecting such date is legitimate interest (e.g., essential cookies) or your consent and we may share such data with Google Analytics and with Facebook.
Collection of Personal Information Provided by Users
If any User wishes to contact us through the Website, it will fill in the contract us form in the Website and fill in the required details. Such details include your first and last name, company name, email address and country, and any additional details that you may include, as part of the message that you send us. By providing us such information, you give us your consent to collecting and processing such information. We will use such information for contacting you and will keep it for a period of one year unless the parties will enter into any commercial agreement.
Use and Disclosure of Personal Information
CAJA will not disclose personal information collected through its Website or otherwise with third parties
unless lawfully disclosed on a "need to know" basis, with the same level of confidence required and for the
purposes described herein, or unless otherwise is specifically provided herein.
Any transfer of Personal Date will be executed solely to the required extent and in compliance with the applicable data protection laws.
Retention of Personal Date will be applied to the extent necessary for the purpose of the collection of the personal information and in accordance with the legal obligations and the minimum retention periods provided in them.
Any information provided to CAJA which is not identified as personal or sensitive information will not be treated as Personal Data and CAJA may choose to disclose it under its sole discretion. User's disclosure of such information to CAJA serves as its full acknowledgement and confirmation for CAJA's use of the information with no obligation to User and with no binding relationship created between User and CAJA which requires otherwise.
Protection of Personal Information
CAJA assumes various actions both digitally and physically to protect User's personal information through reasonable and acceptable efforts. Nevertheless, there is no guarantee for full security against system penetrations or transmissions' interceptions over the web.
Third Party Websites
stored on User's device through its web browser and provide information to
the websites that enabled the Cookies and other third parties, to the extent
there are any, which receive data that is collected from these websites.
The Cookies are used by the websites to collect and store information on the
User's web browsers, mainly on the User, its device, and preferences. Cookies
do not run programs on the User's computer or distribute viruses.
Third party Cookies may be applied, inter alia, through Google Analytics, DoubleClick, YouTube, other affiliates of Google and social medias as Facebook, LinkedIn and etc., of which CAJA makes use.
Cookies have several purposes. They are mainly designated to help personalize User's experience while using the websites. It recalls the specific information previously provided by the User and retrieves it when the User returns to the website.
Cookies are also used for marketing purposes as they monitor the User's behaviour and interests while using the websites and provide them with relevant commercial and professional content. These Cookies also provide data on the efficiency of marketing campaigns and advertisements.
Cookies may be deleted by the User at any time. User may also accept or decline the usage of Cookies. Declining Cookies is made through User's web browser settings, but it may also hold effects on the user experience on the Website and its features. For third party Cookies, such as enabled through Google Analytics, and social medias, User is encouraged to review the specific Cookies policies provided by these parties. Note that most web browsers accept Cookies automatically.
Google Web Fonts
For uniform representation of fonts, this page uses web fonts provided by Google.
When you open a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly.
For this purpose, your browser has to establish a direct connection to Google servers. Google thus becomes aware that our web page was accessed via your IP address. The use of Google Web fonts is done in the interest of a uniform and attractive presentation of our website.
If your browser does not support web fonts, a standard font is used by your computer.
The usage of Google Web Fonts is used in interest of having a consistent representation for our online presence.
Subscription to our newsletters
On our website, Users are given the opportunity to subscribe to our newsletter. The input mask used for this purpose determines what Personal Data are transmitted.
The newsletter may only be received by the Data Subject if (1) the User has a valid e-mail address and (2) the Data Subject registers voluntarily for the newsletter delivery. A confirmation e-mail will be sent to the e-mail address registered by a Data Subject for the first time for newsletter delivery, for legal reasons, in the double opt-in procedure. This confirmation e-mail is used to prove whether the owner of the e-mail address as the Data Subject is authorized to receive the newsletter.
During the registration for the newsletter, we also store the IP address of the computer system assigned by the Internet service provider (ISP) and used by the Data Subject at the time of the registration, as well as the date and time of the registration. The collection of this data is necessary to understand the (possible) misuse of the e-mail address of a Data Subject at a later date, and it therefore serves the aim of the legal protection of Caja.
The Personal Data collected as part of a registration for the newsletter will only be used to send our newsletter. In addition, subscribers to the newsletter may be informed by e-mail, as long as this is necessary for the operation of the newsletter service or a registration in question, as this could be the case in the event of modifications to the newsletter offer, or in the event of a change in technical circumstances. There will be no transfer of Personal Data collected by the newsletter service to third parties. The subscription to our newsletter may be terminated by the Data Subject at any time. The consent to the storage of Personal Data, which the Data Subject has given for delivery the newsletter, may be revoked at any time. For the purpose of revocation of consent, a corresponding link is found in each newsletter. It is also possible to unsubscribe from the newsletter at any time directly on the website of the controller, or to communicate this to the controller in a different way.
Your GDPR Rights
Subject to certain exceptions and exclusions, the following rights apply to individuals who are located in an EU member states or otherwise protected by the EU General Data Protection Regulation (“GDPR”), as further described below. If you are such a person, then:
- Right of Access. You may request that we confirm to you whether or not we store Personal Information about you and to receive a copy of the Personal Information we maintain about you and information about: (a) the purposes of the Processing of the Personal Information; (b) the categories of Personal Information being Processed; (c) the names of the recipients or the categories of recipients to whom the Personal Information have been or will be disclosed, in particular recipients in third countries or international organizations; (d) if possible, the period we believe we will store the Personal Information, or the criteria we use to determine that period; (e) the sources of the Personal Information, if not collected from you; and (f) whether we use automated decision-making, including profiling, and meaningful information about the logic involved, as well as the significance and the envisaged consequences of such Processing for you.
- Right to Rectify. You may request that we correct any Personal Information about you that we maintain that is incorrect. Depending on the purpose for which the data is used, you may also request to complete incomplete Personal Information we maintain.
- Right to Erasure (“Right to be Forgotten”). You may request that we erase or suppress Personal Information that relates to you in the following cases: the data is no longer needed by us; the data was collected and is used on the basis of your consent and you withdraw that consent; when you have a right to object to our use of the data (as described below under, “Right to Object”); we are not lawfully Processing the data; or we are otherwise required by law to delete the data. However, there may be circumstances in which we may retain your data or we may refuse your request, for example, when we review the data to defend ourselves or make legal claims or exercise are own rights. In addition, this right may not apply to the display or access of your Personal Information outside of the European Union.
- Right to Restrict Processing. You may request that we restrict our use or Processing of your Personal Information if: you claim the Personal Information is inaccurate, during the time we investigate your claim; our Processing of the Personal Information was unlawful; we no longer require the Personal Information; we Processed the Personal Information for our legitimate interests and you object to this use (as you are permitted to do under Article 21(1) of the GDPR), during the time that we investigate whether our legitimate interests override your request. However, there may be circumstances in which we are legally entitled to refuse your request.
- Right to Data Portability. You may request that we provide you with your Personal Information that we Process based on your consent or to fulfill a contract with you or that we Process using automated means, in a structured, commonly used and machine-readable format, and to transfer your Personal Information to another entity or have us transfer it directly to such entity.
- Right to Object. You may, based on reasons specifically relating to you, object to our Processing of your Personal Information, when: (i) the data is used for our legitimate interests and our interests in Processing the data does not override your interests, rights and freedoms and we do not require use of the data for the establishment, exercise or defense of our legal claims or rights; and (ii) we use the data for direct marketing purposes or profiling for direct marketing purposes.
- Right to Object to Automated Decision Making. You may request that you not to be subject to a decision based solely on automated Processing, including profiling, when the decision produces legal effects concerning you or significantly affects you.
- Right to Withdraw Consent. Where we Process Personal Information relating to you based on your consent (such as by clicking a check box adjacent to a statement of consent), you may withdraw your consent and request that we cease using your Personal Information for the purpose for which you have your consent, or altogether, depending on the situation.
- Right to Make a Complaint. You may file a complaint regarding our practices with the data protection authority in your place of habitual residence, place or work, or the place of the alleged infringement. For a list of data protection authorities in the European Economic Area, please see here: https://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080.
You can exercise your rights that apply to us by contacting us by email at [email protected] We may be permitted by law (including the GDPR and local national laws) to refuse or limit the extent to which we comply with your request. We may also require additional information in order to comply with your request, including information needed to locate the information requested or to verify your identity or the legality of your request. To the extent permitted by applicable law, we may charge an appropriate fee to comply with your request.
Transfers of Personal Information to other Countries outside the EU or EEA
We transfer Personal Information we receive in or from the European Union (and other locations) to the following countries outside the EU and European Economic Area. If Personal Information from the EU is transferred outside the EU to our affiliates or to third-party service providers, to countries which the European Commission has not determined to adequately protect Personal Information, we take steps to ensure that such Personal Information receives the same level of protection as if it remained within the EU. This includes entering into data transfer agreements and using the European Commission approved Standard Contractual Clauses.
- Israel, where we are located. As of the date of this Privacy Statement, the European Commission has determined that the State of Israel adequately protects personal information. (A list of countries which the European Commission has determined to adequately protect Personal Date can be found, as of the date of this Privacy Statement, here: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en).
- The United States, where Amazon Web Services, Google, Facebook, SalesForce store information they receive from us.
If you are an individual protected by the GDPR, you may contact us in order to obtain additional information regarding the basis for the transfer of Personal Information relating to you to countries outside the European Economic Area. Please note that information or copies of documents we may provide to you in connection with such requests may be limited or redacted in order to protect the rights of third parties or to comply with contractual obligations we may have (such as obligations of confidentiality).
Your California Privacy Rights
If you are a California resident you have the right under California law to make certain requests in connection with our use of Personal Information relating to you, as described below. To make such a request, please contact us by email at [email protected] Please note that certain exceptions may apply.
- Disclosure of Direct Marketing Practices (“Shine the Light”). Under California Civil Code Section 1798.83, one time per year you may request the following information regarding our disclosure of your Personal Information to third parties for their direct marketing purposes: a list of the categories of the Personal Information disclosed to such parties during the Preceding calendar year, the names and addresses of such third parties, and if the nature of the parties’ businesses is not clear from their names, examples of the products or services marketed by such third parties. This right only applies if our relationship is primarily for your personal, family or household purposes and related to the purchase of our products and services.
- Removal of Public Information of Minors. If you are under the age of 18 and have an account with us, under California Business and Professions Code Section 22581, you may request the removal of content or information you have publicly posted on our services that is identified with you or your account. Please be aware that certain exceptions may apply and we may not be able to completely remove all such information.
Personal Information of Children
Our Services are not intended for, and we do not knowingly collect Personal Information from persons under the age of eighteen (18). If you believe that a person under the age of eighteen (18) has provided us with Personal Information, or if we have received the Personal Information of such person, please contact us at [email protected]
We do not treat information we collect or receive which is not or cannot reasonably be connected to any particular person or which is anonymized or aggregated such that it can no longer be connected to or used to identify any particular person as “Personal Information”, even if it was originally linked to or stored with Personal Information. Such anonymous information is not subject to this Privacy Statement and we may use it for a variety of purposes, may share it with third parties or even publish it for any reason.
Legal and Regulatory Requirements
CAJA may be required by law, court of other competent administrative order to disclose Personal Information to legal or regulatory authorities.
Such information will be disclosed taking in consideration the required volume of protection and while assuming the possible measures to ensure that the Personal Information remains protected following its disclosure, to the extent reasonably possible.
You may contact CAJA for any purpose, including the request to update or correct its Personal Information as provided by You to CAJA through the Website or other means or to request to opt-out from CAJA's mailing systems and other services that You may have signed up for.
CAJA would appreciate any form of feedback, including questions and comments relating to this Privacy Statement and the Website. Any approach will be considered in due course.
Kindly contact us at [email protected]