Effective Date: August 24, 2025
Echoes ("we", "us", "our") run by PRISMA LTD is committed to safeguarding the privacy of our visitors. This Privacy Policy explains how we collect, use, disclose, and protect personal data, aligned with:
International standards like the EU’s GDPR (General Data Protection Regulation); and
Israeli law, particularly the Privacy Protection Law (PPL) as amended by Amendment No. 13 (effective August 14, 2025), including the expanded definitions, obligations, enforcement, and rights introduced.
Personal Data: Any information relating to an identified or identifiable individual—including identifiers such as name, ID number, biometric data, location, online identifier, or data about one’s physical, health, economic, social, or cultural status.
Highly Sensitive Information: Includes biometric, genetic, location (traffic), criminal, personality assessment data, or similar categories.
Controller: The entity that determines the purposes and means of processing personal data (formerly “database owner”).
Processor (Holder): An external entity that processes data on behalf of the controller.
Information you provide: e.g., contact details if you email us, request updates, newsletter subscribe, or submit forms.
Automatically-collected data: such as IP address, cookies, device/browser information, site interactions.
Sensitive or highly sensitive data only when voluntarily provided and with explicit consent.
Consent: Where required (e.g., for marketing or sensitive processing), we obtain freely given, specific, informed, and unambiguously indicated consent—especially for highly sensitive data.
Legitimate interests, performance of a contract, or legal obligations where applicable under GDPR principles.
Provide and personalize services, respond to inquiries, improve our site.
Comply with legal obligations.
Only process highly sensitive data with explicit, informed consent and for necessary purposes.
You may have these rights (subject to conditions and exceptions):
Access, correct, delete your data (“right to be forgotten”), restrict processing.
Object to processing for direct marketing or profiling.
Withdraw consent at any time for processing that depends on it.
Where processing affects rights or freedoms, request data portability or dispute automated decisions.
We may share data with service providers, legal authorities (when required), or in the case of business transactions.
Cross-border transfers: Transfers outside Israel occur only to jurisdictions with adequate protections or under contractual/legal mechanisms. For transfers from the EEA to Israel, we also comply with Israel’s mediation regulations, retaining GDPR-like safeguards.
We implement administrative, technical, and organizational measures—including risk assessments, security testing, encryption, access controls—to safeguard data.
Amendment 13 mandates appointing a DPO (or PPO) for certain types of controllers/processors—for example: public authorities, large-scale processing, systematic monitoring, direct mailing services with >10,000 individuals, or processing sensitive data on a large scale. We do not have a DPO as we don't fall under this category. In any case you may contact us at: info@echoespinkfloyd.com.
In case of a personal data breach affecting rights or security, we will notify affected individuals and the Israeli Privacy Protection Authority (PPA) as required by law, promptly and transparently.
Our services are not directed at minors (under age 18). We do not knowingly collect data from children. If aware of such data, we will delete it promptly.
We may update this Policy to reflect changes in law or practice. The “Effective Date” above reflects this version.
For privacy questions or to exercise your rights, email: info@echoespinkfloyd.com .