This Privacy Policy aims to explain all the basic principles that the provider of the website https://www.rush.app (“the Website”) follows and all the necessary measures taken for the data privacy of its users. The security and proper use of personal data is of utmost importance to us.
This Privacy Policy is an inseparable part of the Terms of Service of located on the website https://www.rush.app. It does not regulate any rights and obligations, but is intended to explain to the users of the website what personal data we process in connection with the provision of goods and services, why and how we process them, including when we need to disclose personal data to third parties.
“Rush” – parcel tracking module that connects User’s e-commerce store with various carriers. “Rush” collects and visualizes tracking information in real time and provides the User with a branded tracking page, Order Lookup and an Import/ Export Orders options that have the goal to make the parcel tracking from various carriers easier and more comfortable for the User and his customers.
This Privacy Policy also provides information about the rights the users have in relation to the processing of personal data by the Provider.
For the convenience of the users, in many places this Privacy Policy outlines examples that illustrate why and/ or how the Provider processes personal data. These examples are not part of this Privacy Policy and are not exhaustive.
We process personal data lawfully, fairly and in a transparent manner in relation to the data subject (“lawfulness, fairness and transparency“);
We process personal data collected for specific, explicit and legitimate purposes and do not further process them in an incompatible with those purposes manner (“purpose limitation“);
The processed personal data are appropriate, relevant and limited to what is necessary in relation to the purposes for which they are processed (“minimization of data”);
The processed personal data may be kept up to date at any time by taking all reasonable measures to ensure the timely erasure or correction of inaccurate personal data, taking into account the purposes for which they are being processed (“accuracy”);
The personal data processed by us are stored in a form that allows the data subject to be identified for no longer than is necessary for the purposes for which the personal data are processed (“storage limitation”);
The personal data processed by us are stored in a manner that ensures an appropriate level of security of personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, by applying appropriate technical or organizational measures (“integrity and confidentiality”);
Data controller is Rush Ltd., having its registered seat and address of management in 13 Knyazhevska Str., block of flats Yuta, entr. B, fl. 2, apt. 14, city of Ruse, Bulgaria, registered in the Trade Register by the Registry Agency of the Republic of Bulgaria with UIC 206094250 and represented by the Managing director Kiril Georgiev Kirilov (referred to in this Privacy Policy as “Provider“).
In the event you have questions about the privacy of the personal data disclosed to us or you want to contact us about a privacy issue, you may contact us at the following e-mail: support@rush.app
This Privacy Policy may be changed in accordance with national and European laws. Any changes will take effect as of the publication on this page. We encourage you to check our website often to see the latest changes. Our privacy policy will not be altered in such a way as to allow less privacy to our customers and users without their consent.
We collect your personal information so that we can provide our goods and services as well as continually improve them.
Here are the types of information we collect:
Information you provide to us: We receive and store any information you provide in connection with the Provider’s Services.
For example: information related to searches on our platform, orders, e-mail, telephone, address, queries, details of requests for access to personal information, etc.
Should a license has been granted to you we shall receive the information that is to be visualized by our Product and which may include personal data of clients of the User’s online store.
Automatic Information: Automatically retrieve and store certain types of information when using https://www.rush.app website.
For example: information on the use of the site, including your interaction with the content and services available through the site.
Like many websites, we use cookies and other unique identifiers and we get certain types of information when your web browser or device has access to the site.
For example: the Internet Protocol (IP) address used to connect your computer or other device to the Internet; computer, device, and connection information, such as device type and application version or browser type, browser plug-ins types and versions, operating system, or time zone settings; the location of your device or computer; Content interaction information such as content downloads, streams, and playback details, including the duration and number of simultaneous streams and downloads, as well as Streaming and Download Quality Network data, including information about your Internet Service Provider; connectivity data and any errors or unsuccessful events; Site metrics (technical errors, interactions with features and service content, setup preferences, and backup information, etc.)
We may also use device IDs, cookies, and other device, application, and web page technologies to collect browsing, usage, or other technical information for the purpose of preventing fraud.
Information from other sources: We may receive information for you from other sources:
For example: information about the number of page views.
In order to provide our services and provide you with any of the products offered on the site, we use cookies. For more information about cookies and how we use them, please read our Cookie Policy.
We collect and process your personal data legally and in accordance with this Policy and the Terms of Service of the website. We process data when you explicitly consent to the processing of personal data, or the processing is necessary for the performance of a contract to which you are a party or for taking steps on your own initiative prior to the conclusion of a contract (such a step is the simple use of the site without having to make a purchase request/ conclude a license agreement). The processing of the data is also necessary for the purposes of our legitimate interest, namely: when without processing a certain type of data we could not provide our services and enter into a contract for providing each of the services on the website, serving our customers and bringing value to our users.
For example: collecting information about site searches, using and analyzing this data is our legitimate interest because it is a basic method of determining the quality of the services we provide and a vital means of improving them.
Due to the above grounds for collecting and processing personal data, in the event that you do not wish to provide the Provider with the personal data that is needed to enter into contractual relationship, the Provider shall be in a factual inability to provide you with the services and products at https://www.rush.app.
We process your personal data in order to provide and improve the goods and services on the website. These purposes include:
Purchase and providing of SaaS. We use your personal information to handle your order, provide our Product and services, make payments, and communicate with you in relation to the licensed SaaS, and in certain cases after your explicit consent, to send promotional offers, bulletin, news, etc.
Provide, troubleshoot, and improve Provider’s services. We use your personal information to provide functionality, analyze performance, correct errors, and improve usability and site and product performance.
Recommendations and personalization. In some cases we may use your personal information to recommend features, products, and services that may be of interest to you, identify your preferences, and personalize your site/ product experience.
Implementation of statutory obligations. In some cases, we have a legal obligation to collect and process your personal data.
For example: We process personal data to fulfill obligations arising from accounting and tax legislation.
To communicate with you. We may use your personal information to communicate with you in relation to the products and services we provide through various channels (e.g., by phone and e-mail).
Prevention of fraud and credit risks. We process personal information to prevent and detect fraud and abuse to protect the security of our clients.
Purposes for which we seek your consent. We may also request your consent to process your personal data for a particular purpose that we are reporting to you. When you agree to process your personal information for a particular purpose, you may withdraw your consent at any time and we will terminate its processing. However, this does not apply if the processing is necessary for another legitimate purpose.
Information about the User is an important part of our business and we do not sell it to third parties. We may share personal information of our Users (or part of it) only as described below and with third parties who observe practices that are at least as protective as those described in this Privacy Policy.
We can share personal information of our Users with third parties who are Data processors. Data processors are persons who process personal data on behalf of us on the basis of a written agreement. They are not allowed to process the personal data they have been provided with for purposes other than the performance of the work assigned to them by us. Data Processors are required to follow all of our instructions.
We take the necessary steps to ensure that the engaged processors strictly adhere our personal data protection policies and instructions and that they have taken appropriate technical and organizational measures to protect personal data.
Examples of Data processors are:
We may share personal information of our Users with attorneys, account houses, or other consultant service providers in case of dispute or for optimization purposes;
We can share personal information of our Users with banks and payment institutions. In connection with the servicing of consumer payments made by bank transfer or through a payment institution, it is necessary to exchange data between the Provider and the respective bank or payment institution.
Third persons in connection with a transformation (e.g. merger or acquisition) or transfer of an enterprise. In the event of Provider’s transformation, as well as in the event of transfer of assets in accordance with the applicable law, it is possible that the personal data of the Users administered by us may be provided to a third person who is the legal successor.
Authorities. The legislation of the Republic of Bulgaria requires form us to store certain User personal data for a certain period of time. Where legally established preconditions exist, such personal data processed by us should be provided to the competent authorities.
We work hard to protect the security of your information during the transmission by using a Secure Sockets Layer (SSL) certificate that encrypts the information you enter.
In addition, we maintain physical, technical and procedural guarantees regarding the collection, storage and disclosure of your personal information. Our security procedures mean that we can sometimes ask for proof of identity before disclosing personal information to you.
Devices that store your personal data offer security features to protect against unauthorized access and data loss.
Please note that it is also important to protect yourself against unauthorized access to your own computers and devices.
We store personal information of our Users for as long as necessary to meet the purposes set out in this Privacy Policy or to comply with legal requirements.
For example: In order to meet our tax and accounting obligations, purchasing of a license data is stored for a period of 11 years.
Upon the expiration of the deadlines for the processing of personal data, they are anonymized or deleted/ destroyed unless:
We make all efforts to ensure that processed User data is updated (and corrected if necessary) and that unnecessary data is not being stored.
We take actions at the request of an individual to exercise the rights under this section only if we are able to identify the person concerned.
Only persons who can be identified by us have the ability to exercise their rights under this section. If the purposes for which we process the personal data do not require or no longer require the identification of an individual, we are under no obligation to maintain, obtain or process additional information to identify the person for the sole purpose of taking action on at the request of that person.
We provide individuals with information on the actions taken in connection with their requests for exercising rights under this Section without undue delay and in any event within one month of receipt of the request. If necessary, this period may be extended by a further two months, taking into account the complexity and the number of requests. We inform the person concerned of any such extension within one month of receipt of the request, indicating the reasons for the delay.
In the event of a rejection, we notify the individuals concerned of their rights.
If we do not take action at the request of an individual, we shall notify him/ her without delay within one month of receipt of the request for the reasons not to act and of the possibility of filing a complaint to the Commission for Personal Data Protection and seeking legal protection.
If we have reasonable concerns about the identity of the individual submitting a claim under this section, we may request the provision of additional information necessary to verify the identity of the individual.
The actions taken by us regarding claims for exercising rights under this section are completely free to individuals unless their claims are manifestly unfounded or excessive. When a person’s claim is manifestly unfounded or excessive (for example because of its repeatability), we shall be entitled, in our sole discretion: (a) to refuse to execute the request; or (b) require the payment of a reasonable fee, determined on the basis of the administrative costs necessary to provide the requested information or to take the requested action.
Users have the right to obtain information on whether personal data relating to them is being processed. If so, users have the right to access the relevant data.
In the event that personal data is inaccurate or out of date, users are entitled to require us to correct them.
Users have the right to request the deletion of personal data related to them in the following cases:
Users have the right to request from us to restrict the processing of personal data related to them in the following cases:
Users have the right to obtain the personal data provided by them in a structured, widely used and machine readable format, as well as to transfer this data to another Controller without hindering the Provider, in so far as:
Users have the right to request the Provider to transfer their personal data directly to another Controller when this is technically feasible.
Users are entitled, at any time and on grounds relating to their particular situation, to object to the processing of personal data relating to them when the Provider processes their data to protect their legitimate interests.
In certain cases, this right is unconditional and we will always discontinue the processing of data upon User objection.
For example, these are the cases where we process personal data for direct marketing purposes.
In other cases, depending on the nature of the objection and the circumstances exposed by the User, we will conduct an internal review of the objection and will rule thereon in accordance with this section by: (a) informing the consumer that it will cease processing of his/ her personal data; or (b) reasonably refusing to discontinue the processing of his/ her personal data, provided there is a legitimate reason for doing so.
You have the right to access, correct, delete, restrict, and limit your access to your personal information, and your portability through our built-in GDPR module.
Users have the right to file complaints or alerts with the Commission for Personal Data Protection (CPDP) if they believe we violate the respective privacy laws. Instructions for submitting complaints are posted on the CPDP website: https://www.cpdp.bg.
Users may also submit complaints to other supervisory authorities within the European Union as provided for in Regulation (EC) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (General Data Protection Regulation) or also called “GDPR”.