Updated as of March 27, 2020
Scope of This Policy
In this Policy, personal information means information relating to an identified or identifiable natural person. An identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, and online identifier or to one or more factors specific to his/her physical, physiological, genetic, mental, economic, cultural or social identity. The use of information collected through our Service shall be limited to the purpose of providing the Service for which the Customer has engaged.
With the exception of Account and Registration Information (as defined below), Payment Information (as defined below) and other information we collect in connection with your registration or authentication into our Services (as defined below), this Policy does not apply to our security and privacy practices in connection with your access to and use of the Services. These security and privacy practices, including how we protect, collect, and use electronic data, text, messages, communications or other materials submitted to and stored within the Services by you (“Service Data”), are detailed in and governed by our Terms of Service or such other applicable agreement between you and any member of ours relating to your access to and use of such Services (collectively referred to as the “Service Agreement”). For the purposes of this Policy, “Customer” shall refer to an individual or an entity that has entered into a Service Agreement with us for use of our Services.
Customers are solely responsible for establishing policies for and ensuring compliance with all applicable laws and regulations, as well as any and all privacy policies, agreements or other obligations, relating to the collection of personal information in connection with the use of our Services by individuals (also referred to as “data subjects”) with whom our Customers interact. If you are an individual who interacts with a Customer using our Services, then you will be directed to contact our Customer for assistance with any requests or questions relating to your personal information.
We collect information under the direction of our Customers and have no direct relationship with individuals whose personal information we process in connection with our Customer’s use of our Services.
We may be required to transfer personal information to companies that help us provide our Services. Transfers to subsequent third parties for these purposes are governed by the Service Agreements with our Customers.
Information That You Provide to Us
Account and Registration Information
This refers to any information that you voluntarily submit to us and that identifies you personally, including contact information, such as your name, e-mail address, company name, address, phone number, and other information about yourself or your business. Account and Registration Information can also include information about any transactions, both free and paid, that you enter into on the Sites and Applications, and information about you that is available on the internet, such as from Facebook, LinkedIn, Twitter and Google, or publicly available information that we acquire from service providers.
We collect and process payment information from you when you purchase or use Services, including credit cards numbers and billing information, using third-party intermediary PCI-compliant service providers. These intermediaries are not permitted to store, retain, or use your billing information for any purpose except for credit card processing on our behalf.
Information That We Collect from You
When You Visit our Sites or Use our Applications
When you visit our Sites or use our Applications, some information is automatically collected. This may include information such as the Operating System (OS) running on your device, Internet Protocol (IP) address (which may be used to obtain your geolocation), access times, browser type, time zone, and language, and the website you visited before our Sites. We also collect information about how you use our Applications and Services, including the elements you have interacted with, metadata and other details about these elements, clicks, change states and other user actions.
When You Use our Applications
We use mobile analytics software to allow us to better understand the functionality of our Applications on your mobile device. This software may record information such as how often you use the application, the events that occur within the application, aggregated usage, performance data, and where the application was downloaded from. In addition to information we collect on our Sites, when you use our Applications we may also collect your city location, device model and version, device identifier (or “UDID”), and OS version..
We send push notifications from time to time in order to update you about events or promotions. If you no longer wish to receive such communications, you may turn them off at the device level.
Cookies and Other Tracking Technologies
We partner with third parties to either display advertising on the Sites or to manage our advertising on other sites. Our third-party partners may also use technologies such as cookies to gather information about your activities on our Sites and other sites in order to suggest advertisements based upon your browsing activities and interests. If you wish to not have this information used for the purpose of serving you interest-based ads, you may opt-out by sending a your request to email@example.com
Web beacons, tags and scripts may be used on our Sites or in email or other electronic communications we send to you. These assist us in delivering cookies, counting visits to our Sites, understanding usage and campaign effectiveness and determining whether an email has been opened and acted upon. We may receive reports based on the use of these technologies by our third-party service providers on an individual and aggregated basis.
We use Local Storage Objects (“LSOs”) such as HTML5 to store content information and preferences. Various browsers may offer their own management tools for removing HTML5 LSOs. Third parties with whom we partner to provide certain features on our Sites or to display advertising based upon your web browsing activity use LSOs such as HTML5 to collect and store information.
As is true with most websites and services delivered over the Internet, we gather certain information and store it in log files when you interact with our Sites and Services. This information includes internet protocol (IP) addresses as well as browser type, internet service provider, URLs of referring/exit pages, operating system, date/time stamp, information you search for, locale and language preferences, identification numbers associated with your devices, your mobile carrier, and system configuration information. Occasionally, we connect personal information to information gathered in our log files as necessary to improve our Sites and Services. In such a case, we would treat the combined information in accordance with this Policy.
Information Collected from Other Sources
Information from Third Party Services
We may also obtain other information, including personal information, from third parties and combine that with information we collect through our Sites and Applications. For example, we may have access to certain information from a third party social media or authentication service if you log into our Services through such a service or otherwise provide us with access to information from the service. Any access that we may have to such information from a third party social media or authentication service is in accordance with the authorization procedures determined by that service. By authorizing us to connect with a third-party service, you authorize us to access and store your name, email address(es), current city, profile picture URL, and other personal information that the third-party service makes available to us, and to use and disclose it in accordance with this Policy. You should check your privacy settings on these third-party services to understand and change the information sent to us through these services. For example, you can log in to the Services using sign-in services provided by Google or an Open ID provider, as further described below.
You can log into certain Services using sign-in services provided by Facebook, Twitter, Google, LinkedIn, Microsoft or an Open ID provider. These services will authenticate your identity, provide you with the option to share certain personal information (such as your name and email address) with us, and pre-populate our registration form. Services like those provided by Facebook give you the option to post information about your activities in the Services to your profile page to share with others within your network.
How We Use Information That We Collect
We may use the information we collect about you (including personal information, to the extent applicable) for a variety of purposes, including to (a) provide, operate, maintain, improve, and promote the Services; (b) enable you to access and use the Services; (c) process and complete transactions, and send you related information, including purchase confirmations and invoices; (d) send transactional messages, including responses to your comments, questions, and requests; provide customer service and support; and send you technical notices, updates, security alerts, and support and administrative messages; (e) send promotional communications, such as providing you with information about products and services, features, surveys, newsletters, offers, promotions, contests, and events; and provide other news or information about us and our partners. You can opt-out of receiving marketing communications from us by contacting us at firstname.lastname@example.org or following the unsubscribe instructions included in our marketing communications; (f) process and deliver contest or sweepstakes entries and rewards; (g) monitor and analyze trends, usage, and activities in connection with the Sites, Applications and Services and for marketing or advertising purposes; (h) investigate and prevent fraudulent transactions, unauthorized access to the Services, and other illegal activities; (i) personalize the Sites, Applications and Services, including by providing features or advertisements that match your interests and preferences; and (j) for other purposes for which we obtain your consent.
Legal Basis for Processing (EEA only)
If you are an individual from the European Economic Area (EEA), our legal basis for collecting and using the personal information will depend on the personal information concerned and the specific context in which we collect it. However, we will normally collect personal information from you only where: (a) we have your consent to do so, (b) where we need the personal information to perform a contract with you (e.g. to deliver the services you have requested), or (c) where the processing is in our or a third party’s legitimate interests (and not overridden by your data protection interests or fundamental rights and freedoms). In some cases, we may also have a legal obligation to collect personal information from you, or may otherwise need the personal information to protect your vital interests or those of another person.
Where we rely on your consent to process the personal information, you have the right to withdraw or decline your consent at any time. Please note that this does not affect the lawfulness of the processing based on consent before its withdrawal.
How We Share and Disclose Information
Third Party Service Providers and Partners
We share information, including personal information, with our third-party service providers that we use to provide hosting for and maintenance of our Sites, application development, backup, storage, payment processing, customer support, technical support, analytics and other services for us. These third-party service providers may have access to or process your personal information for the purpose of providing these services for us. We do not permit our third-party service providers to use the personal information that we share with them for their marketing purposes or for any other purpose than in connection with the services they provide to us.
Compliance with Laws and Law Enforcement Requests; Protection of Our Rights
In certain situations, we may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We may disclose personal information to respond to subpoenas, court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims. We may also share such information if we believe it is necessary in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our Terms of Service, or as otherwise required by law.
With Your Consent
We may share personal information with third parties only when we have consent to do so.
In the Event of Merger or Sale
In the event that Interdictum is acquired by or merged with a third-party entity, or undergoes a change of control or any form of sale or transfer of some or all of its assets, we reserve the right, in any of these circumstances, to transfer or assign the information that we have collected from users as part of that merger, acquisition, sale, or other change of control.
International Transfer of Information Collected
We may transfer your personal information to countries other than the one in which you live. We deploy the following safeguards if we transfer personal information originating from the European Union or Switzerland to other countries not deemed adequate under applicable data protection law:
International Data Localization Obligations
If you reside in a jurisdiction that imposes “data localization” or “data residency” obligations (i.e., requiring that personal information of its residents be kept within the territorial boundaries of such jurisdiction), and we become aware of that, we may maintain your personal information within such territorial boundaries, if we are legally obligated to do so. For example, if we learn that you reside in the Russian Federation, we may be required to maintain your personal information there, whether independently or with a local data storage and processing provider.
You acknowledge and agree that while doing so, we may continue to collect, store and use your personal information elsewhere as explained above.
Retention of Information
We will retain your personal information for no longer than necessary for the purposes for which it is processed, unless a longer retention period is required or permitted by law (such as tax, accounting or other legal requirements). When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
For personal information that we process on behalf of our Customers, we will retain such personal information in accordance with the terms of our agreement with them, subject to applicable law.
Your Privacy Rights
Upon request we will provide you with information about whether we hold, or process on behalf of a third party, any of your personal information. To request this information please contact us at email@example.com. Our Customers may update or change their personal information by going to Account Settings or by contacting firstname.lastname@example.org for more detailed instructions. To make a request to have personal information maintained by us returned to you or removed, please email email@example.com. Requests to access, change, or remove your information will be handled within thirty (30) days.
An individual who seeks access to, or who seeks to correct or, amend inaccuracies in, or delete personal information stored or processed by us on behalf of a Customer should direct his/her query to the Customer (the data controller). Upon receipt of a request from one of our Customers for us to remove the data, we will respond to their request within thirty (30) days. We will retain personal information that we store and process on behalf of our Customers for as long as needed to provide the Services to our Customers. We will retain and use this personal information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
If you are a Customer or otherwise provide us with personal information in connection with your use of our Sites, Applications or Services, we will delete this information upon your request, provided that, notwithstanding such request, this information may be retained for as long as you maintain an account for our Services, or as needed to provide you with our Services, comply with our legal obligations, resolve disputes and enforce our agreements.
Additional Rights for EEA and Certain Other Territories
If you are from certain territories (such as the EEA), you may have the right to exercise additional rights available to you under applicable laws, including:
Right of erasure: In certain circumstances, you may have a broader right to erasure of personal information that we hold about you – for example, if it is no longer necessary in relation to the purposes for which it was originally collected. Please note, however, that we may need to retain certain information for record keeping purposes, to complete transactions or to comply with our legal obligations.
Right to object to processing: You may have the right to request that Interdictum stop processing your personal information and/or to stop sending you marketing communications.
Right to restrict processing: You may have the right to request that we restrict processing of your personal information in certain circumstances (for example, where you believe that the personal information we hold about you is inaccurate or unlawfully held).
Right to data portability: In certain circumstances, you may have the right to be provided with your personal information in a structured, machine readable and commonly used format and to request that we transfer the personal information to another data controller without hindrance.
If you would like to exercise such rights, please contact us at firstname.lastname@example.org. We will consider your request in accordance with applicable laws. To protect your privacy and security, we may take steps to verify your identity before complying with the request.
You also have the right to complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority. A list of contact details for the EU data protection authorities is available here.
Children’s Personal Information
We do not knowingly collect any personal information from children under the age of 18. If you are under the age of 18, please do not submit any personal information through our Sites, Applications or Services. We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce this Policy by instructing their children never to provide personal information through the Sites, Applications or Services without their permission. If you have reason to believe that a child under the age of 18 has provided personal information to us through the Sites, Applications or Services, please contact us at email@example.com, and we will use commercially reasonable efforts to delete that information.
We implement security measures designed to protect your personal information against unauthorized access or unauthorized alteration, disclosure or destruction. Other measures include internal reviews of our data collection, storage and processing practices and security measures, as well as physical security measures to guard against unauthorized access to systems where we store personal information.
We endeavor to restrict access to personal information to our employees, contractors and agents who need to know that information in order to operate, develop or improve our services. These individuals are bound by confidentiality obligations and are required to meet these obligations.
If we learn of a security systems breach, then we may attempt to notify you electronically so that you can take appropriate protective steps. We may post a notice on the website if a security breach occurs. Depending on where you live, you may have a legal right to receive notice of a security breach in writing. To receive a free written notice of a security breach you should notify us at firstname.lastname@example.org.
Changes and Updates to this Policy
Please contact us with any questions or comments about this Policy, your personal information, and our third-party disclosure practices or your consent choices by email: email@example.com, or at:
10115, Berlin, Germany
We will respond to your inquiry within 21 days of its receipt.
Updated as of March 27, 2020