Xossip (“Xossip“) operates xossip.in and may operate other websites. It is Xossip’s policy to respect your privacy regarding any information we may collect while operating our websites.
Like most website operators, Xossip collects non-personally-identifying information of the sort that web browsers and servers typically make available, such as the browser type, language preference, referring site, and the date and time of each visitor request. Xossip’s purpose in collecting non-personally identifying information is to better understand how Xossip’s visitors use its website. From time to time, Xossip may release non-personally-identifying information in the aggregate, e.g., by publishing a report on trends in the usage of its website.
Xossip also collects potentially personally-identifying information like Internet Protocol (IP) addresses for logged in users and for users leaving comments on xossip.in blogs/sites. Xossip only discloses logged in user and commenter IP addresses under the same circumstances that it uses and discloses personally-identifying information as described below, except that commenter IP addresses and email addresses are visible and disclosed to the administrators of the blog/site where the comment was left.
Gathering of Personally-Identifying Information
Certain visitors to Xossip’s websites choose to interact with Xossip in ways that require Xossip to gather personally-identifying information. The amount and type of information that Xossip gathers depends on the nature of the interaction. For example, we ask visitors who sign up at xossip.in to provide a username and email address. Those who engage in transactions with Xossip are asked to provide additional information, including as necessary the personal and financial information required to process those transactions. In each case, Xossip collects such information only insofar as is necessary or appropriate to fulfill the purpose of the visitor’s interaction with Xossip. Xossip does not disclose personally-identifying information other than as described below. And visitors can always refuse to supply personally-identifying information, with the caveat that it may prevent them from engaging in certain website-related activities.
Xossip may collect statistics about the behavior of visitors to its websites. Xossip may display this information publicly or provide it to others. However, Xossip does not disclose personally-identifying information other than as described below.
Protection of Certain Personally-Identifying Information
Xossip discloses potentially personally-identifying and personally-identifying information only to those of its employees, contractors and affiliated organizations that (i) need to know that information in order to process it on Xossip’s behalf or to provide services available at Xossip’s websites, and (ii) that have agreed not to disclose it to others. Some of those employees, contractors and affiliated organizations may be located outside of your home country; by using Xossip’s websites, you consent to the transfer of such information to them. Xossip will not rent or sell potentially personally-identifying and personally-identifying information to anyone. Other than to its employees, contractors and affiliated organizations, as described above, Xossip discloses potentially personally-identifying and personally-identifying information only in response to a subpoena, court order or other governmental request, or when Xossip believes in good faith that disclosure is reasonably necessary to protect the property or rights of Xossip, third parties or the public at large. If you are a registered user of an Xossip website and have supplied your email address, Xossip may occasionally send you an email to tell you about new features, solicit your feedback, or just keep you up to date with what’s going on with Xossip and our products. If you send us a request (for example via email or via one of our feedback mechanisms), we reserve the right to publish it in order to help us clarify or respond to your request or to help us support other users. Xossip takes all measures reasonably necessary to protect against the unauthorized access, use, alteration or destruction of potentially personally-identifying and personally-identifying information.
If Xossip, or substantially all of its assets, were acquired, or in the unlikely event that Xossip goes out of business or enters bankruptcy, user information would be one of the assets that is transferred or acquired by a third party. You acknowledge that such transfers may occur, and that any acquirer of Xossip may continue to use your personal information as set forth in this policy.
We are committed to ensuring that our users’ information is secure. To avoid any illegal divulgation, we have introduced and supervised suitable managerial strategies to shield and screen the information we collect on the Internet via any medium.
What We Collect
We may collect the following information: Demographic information such as preferences, location, age and interests Other information relevant to customer surveys and/or offers
What we do with the information we gather?
We require this information to understand your needs and provide you with a better service, and in particular for the following reasons: Internal record keeping. We may use the information to improve our products and services. We may periodically send promotional emails about new products, special offers or other information which we think you may find interesting using the email address which you have provided. From time to time, we may also use your information to contact you for market research purposes. We may contact you by email, phone, fax or mail. We may use the information to customise the website according to your interests.
We at Xossip use traffic log cookies to identify the web pages users visit. This information further helps us analyse the data and customise our services according to users’ interest. The information collected is strictly used for statistical analysis purposes only. The data is removed from the system once we are done with our purpose. Users must acknowledge that a cookie in no way gives us the access to users’ personal devices and the information it store and Xossip does not receive users’ personal info until they choose to share with us
Controlling your personal information?
You may choose to restrict the collection or use of your personal information in the following ways:
Whenever you are asked to fill in a form on the website, look for the box that you can click to indicate that you do not want the information to be used by anybody for direct marketing purposes.
If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by writing to us.
We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so. We may use your personal information to send you promotional information about third parties which we think you may find interesting if you tell us that you wish this to happen. If you would like a copy of the information held on you please contact us on [email protected] If you believe that any information we are holding on you is incorrect or incomplete, please write to or email us as soon as possible, at the above address. We will promptly correct any information found to be incorrect.
Disclosure of Information of third Parties?
How we use collected Information?
Xossip may collect and use Users personal information for the following purposes:
- To improve products and services.
- To personalise user experience.
- To improve website.
- To process payments.
- To run promotion, contest or survey.
- To send periodic e-mails.
- In any case, if user likes to unsubscribe to discontinue with us, feel free to write to us on [email protected]
How we protect your Information?
We follow appropriate data collection, security measures, storage and processing practices to protect your information against unauthorized access, alteration, disclosure or destruction, including your username, password, transaction information and data stored on our site.
Sharing your personal Information
We may share the information regarding visitors and users with our business partners, trusted affiliates and advertisers for the purposes outlined above.
This site, like many others, uses small files called cookies to help us customise your experience. Find out more about cookies and how you can control them.
This page contains information on what cookies are, the cookies used by the Xossip’s website, how to switch cookies off in your browser, how to specifically switch off advertising cookies, and some useful links for further reading on the subject.
What are cookies?
Cookies are small text files that are stored by the browser (for example, Internet Explorer or Safari) on your computer or mobile phone. They allow websites to store things like user preferences. You can think of cookies as providing a ‘memory’ for the website, so that it can recognise you when you come back and respond appropriately.
A visit to a page on the Guardian’s website may generate the following types of cookie:
- Anonymous analytics cookies
- Geotargetting cookies
- Advertising cookies
- Third party advertising cookies
Anonymous analytics cookies:
Every time someone visits our website, software provided by another organisation generates an “anonymous analytics cookie”. These cookies can tell us whether or not you have visited the site before. Your browser will tell us if you have these cookies and, if you don’t, we generate new ones. This allows us to track how many individual users we have, and how often they visit the site. Unless you are signed in to the Xossip, we cannot use these cookies to identify individuals. We use them to gather statistics, for example, the number of visits to a page. If you are logged in, we will also know the details you gave to us for this, such as your username and email address.
These cookies are used by software which tries to work out what country you are in from the information supplied by your browser when you click on a web page. This cookie is completely anonymous, and we only use it to help target our content – such as whether you see our UK or US home page – and advertising.
These cookies allow us to know whether or not you’ve seen an advert or a type of advert, and how long it is since you’ve seen it.
We also set anonymous cookies on certain other sites that we advertise on. If you receive one of those cookies, we may then use it to identify you as having visited that site if you later visit the Xossip. We can then target our advertising based on this information.
Third party advertising cookies
A lot of the advertisements you see on the Xossip are provided by other organisations. Some of these organisations use their own anonymous cookies to track how many people have seen a particular ad, or to track how many people have seen it more than once.
The companies that generate these cookies have their own privacy policies, and we have no access to read or write these cookies. These organizations may use their cookies to anonymously target advertising to you on other websites, based on your visit to the Xossip.
Other third party cookies
On some pages of our website, other organisations may also set their own anonymous cookies. They do this to track the success of their application, or to customise the application for you. Because of how cookies work, our website cannot access these cookies, nor can the other organisation access the data in cookies we use on our website.
For example, when you share an article using a social-media sharing button (for example, Facebook) on the Xossip, the social network that has created the button will record that you have done this.
How do I turn cookies off?
It is usually possible to stop your browser accepting cookies, or to stop it accepting cookies from a particular website. However, we cannot tell if you are signed in without using cookies, so you would not be able to post comments.
All modern browsers allow you to change your cookie settings. You can usually find these settings in the Options or Preferences menu of your browser. To understand these settings, the following links may be helpful, or you can use the Help option in your browser for more details.
Cookie settings in Internet Explorer
Cookie settings in Firefox
Cookie settings in Chrome
Cookie settings in Safari web and iOS.
If you are primarily concerned about third party cookies generated by advertisers, you can turn these off by going to the Your Online Choices site.
You can also visit the trade body representing these advertising platforms for more information:Network Advertising Initative
They have provided a site where you can control all third-party online advertising. Please note that there are many more networks listed on this site than those that we use at Xossip.
If you would like to find out more about cookies and their use on the Internet, you may find the following links useful:
Microsoft Cookies guide
All About Cookies
The IAB has provided the following website to give information specifically about privacy issues around Internet advertising:
For further legal information about privacy issues, you may find these links useful:
Data Protection Act 1998
The Information Commissioner’s Office
General Data Protection Regulation
It’s important to define the roles played by you and any 3rd party with whom you rely on to process EU personal data:
- • GDPR distinguishes between data “controllers,” ”processors,” and “subprocessors.”
- • A data controller is a “natural or legal person…which, alone or jointly or with others, determines the purposes and means of the processing of personal data.”
- • A data processor is any person (other than an employee of the data controller) who processes data on behalf of the data controller.
- • You may be a controller for some purposes and a processor for other purposes (for example, controller of any EU employee data and processor of customer data).
Keep record of the following :
- Purpose: For what purposes is it collected?
- Data Subjects: Who does the personal data relate to?
- Categories of Personal Data: What personal data is received?
- Recipients: To whom is it sent?
- Data Transfers: Where is it sent? Where is it stored?
- Retention Periods: For how long is it kept?
- Technical and Organizational Measures: How is it protected?
GDPR requires data controllers to execute data processing agreements (DPAs) with each of its processors. Processors are obligated to put DPAs in place with sub-processors that will be further processing the controller’s data.
In a DPA, data processors commit to:
- • Maintain security procedures that protect the confidentiality of personal data and ensure staff with access to personal data maintain confidentiality;
- • Limit access to personal data to those required to have access;
- • Permit audit by data controller to confirm GDPR compliance;
- • Notify the data controller of security breaches;
- • Return or delete customer data upon request at the end of the contractual relationship; • Be liable for any actions of its sub-processors; and
- • Allow data controllers the right to refuse to allow additional sub-processors to have access to their data.
Most important to get Consent
- • GDPR requires consent to be, “specific, informed, unambiguous, active and freely given.”
- • One alternative to consent is establishing the existence of a “legitimate interest” to process data.
- • Further guidance is expected on both consent and legitimate interest.
LEGITIMIZE CROSS BORDER DATA TRANSFER
Publishers and app developers outside of the EU must also have an approved mechanism for transmitting any EU personal data outside of the EU. For many, Privacy Shield certification will be the simplest method to implement.
- • If Privacy Shield certification isn’t possible or personal data is transferred from the EU to non-US countries consider the EU standard contractual clauses.
- • Check out OpenX’s guide on how to become Privacy Shield certified
CREATE/UPDATE POLICIES AND PROCEDURES
- • GDPR requires more detailed disclosures in privacy policies and terms and conditions.
- • Consumer-facing privacy policies should, among other things, provide information about data subjects’ rights.
- • Security Policy
- • Data Breach Policy
- • Data Retention Policy (and shorten existing retention periods where possible)
- • Employee training on confidentiality, privacy and security
- • Evaluate whether you need to designate a Data Protection Officer.
- • Confirm you have means to correct inaccuracies, delete personal data (the “right to be forgotten”) or, if applicable, deliver personal data upon request.
- • Review your policies and procedures regularly and make sure GDPR ownership (and awareness!) is shared with key internal stakeholders (engineering, product, HR, finance)
LIVE “PRIVACY BY DESIGN” Work with internal teams to ensure that going forward:
- • The minimum amount of personal data is collected.
- • The purposes for data collection are clearly disclosed.
- • Services are designed with data security in mind.
- • Personal data is kept for the minimum time necessary to accomplish the purpose it was collected for.
- • Be agile as further guidance or enforcement require modifications to your GDPR approach. Know your partners!
- • GDPR imposes joint and several liability on controllers and processors.
- • Smaller companies without a serious commitment to GDPR compliance and the resources to get and stay compliant put your company at serious financial risk.
- • Choose to work only with established partners you trust and carry out thorough diligence on new partners.