When using the Services, you entrust us with your personal data and other data that can identify or is associated with you. We take the responsibility to protect and maintain your privacy seriously.
We want to provide you with the most pleasant and personalised experience within the Services. This Policy is intended to explain clearly and transparently how and why we process your personal data when you use the Services and your options and rights in relation to your data.
1. What data do we process?
a. Data you provide
Upon registration. When you sign-up or update your account, we process personal identification data such as your first and last name, email address and phone number, password (in encrypted form) and profile picture.If you choose to register an account using your Google account, read the section "Data provided by our business partners."
By using the Services. We process data about how you use and interact with the Services. We do this to understand which features you use most often and how we can improve the Services.
We automatically collect and process data about how you access the Services, the devices you use to do so, and data provided using cookies or similar technologies. For example: when and from which device you last accessed the Services. Among other things, this helps us provide personalised services and protects you and us against attempts to misuse the Services.
We process the data provided when you send us feedback, report a problem to us regarding the Services, or participate in forums, discussions, comment sections or other media functions within the Services. For example, when you post a comment on our blog or social media pages. Please note that comment sections are public; as a result, the information you include may be read, collected and used by others. Of course, you can always ask us to delete the data you have published in this way, and we will let you know if we can comply with your request.
When making a payment. When you pay to use the Services, we process the data you provide to issue your invoice, and our payment processor processes your payment instrument information.
When you contact us. We process the data you provide when you contact us to provide support by phone, email or through the Services.
We also process the data you provide when you participate in a competition, promotion or when you choose to answer a survey.
b. Data provided by our business partners
We may receive data about you from third parties with whom we conduct business (for example, from social media platforms, advertising agencies, statistical data providers or your employer). The data we may receive from third parties is subject to the agreements you already have with them. Specifically, they receive your data when you visit or use the products and services they make available. Data may include your email address, gender, age and other demographic data. We constantly make reasonable efforts to ensure that these individuals have all the necessary rights to collect and transfer your data.
We may also collect and process data about you from public sources, such as press articles or public registers and databases.
To provide you with a personalised experience of the Services, we may simultaneously combine and use data provided by you and others.
2. What is the legal basis for data processing?
We only process data in accordance with legal provisions.
Execution of the Contract
We process your data to provide you with the Services and comply with our obligations under the Contract.
For example, we need to be able to process personal data such as your name and email address for us to be able to grant you access to the Services.
There are situations where we process your data to pursue our legitimate interests or those of third parties. In these cases, we will implement appropriate security and privacy protection measures.
For example, we will process your personal data to:
– maintain and improve the security of the Services or prevent, detect and remedy security incidents, acts of fraud, abuse or improper use of the Services;
– provide and improve the Services, as well as develop new services and products;
– understand how you use the Services and customise them to provide you with a more pleasant experience;
- carry out research activities in the public interest.
Fulfilling legal obligations
It is our duty to protect the privacy of your data against abusive requests by public authorities or private entities and to contest such unlawful requests. However, we have a legal obligation to cooperate with public authorities and private entities when we have reasonable grounds to believe their request is justified. For example, we process your data to respond to a complaint or to comply with a request from competent authorities.
We request your consent regarding the processing of data for specific purposes.
For example, when we ask whether you want to receive messages for direct marketing purposes or when we organise voluntary surveys, your personal data and the answers you provide are processed based on consent.
Remember that you can withdraw your consent to data processing at any time.
3. For what purpose do we process the data?
Provision of Services
We process your data to be able to provide and customise the Services, such as:
– to be able to grant you access to the Services based on the account created or to be able to store, organise and share your data when you ask us to do so;
– to understand, diagnose and fix problems you have with the Services or to prevent and investigate a possible security problem.
Service development and analysis
We process your data to understand how you use the Services and the features you use most often. We may use the data we collect in an anonymised and aggregated form (so that you cannot be identified) to test the integrity and security of our systems, to support research, analysis, improvement of the Services and development of new products, services or functions.
Investigating acts of fraud and crime
We may process your personal data to confirm your identity and prevent fraud.
For example, to detect, investigate and report irregularities of use that could be considered illegal activities, we may retain the data and disclose it to the competent authorities to investigate the facts.
Communication with you
We use your personal data to communicate by email or otherwise about your use of the Services or to respond to you when you contact us. We may contact you about changes we make related to the Services. Such communications are considered part of the Services. We cannot provide the Services to you if you object to them.
Legal Compliance and Legal Actions
We process your personal data to respond to any complaints or requests from you or competent authorities, to keep administrative and accounting records as required by law and to be able to defend ourselves or file a legal claim or action.
Promotion and commercial offers (marketing)
We offer you the opportunity to use the Services free of charge, within certain limits. This is made possible by our users choosing to pay subscriptions to access certain features of the Services. We will use your data to inform you of products, services and offers that may interest you. With your consent, we may send you promotional or advertising messages to the email address attached to your account or directly within the Services. If you do not want to receive such messages from us, you can object at any time by accessing the "unsubscribe" link included in the messages.
4. What are your rights
The right to be informed
This Policy is intended to inform you about how we process your data. You can also ask us questions about the processing of your data at any time.
The right of access, modification and rectification
You can always request access, modification or rectification of your personal data if you believe it is wrong or incomplete. Please note that you may need to provide us with proof that the new data provided is accurate.
To protect your privacy, we will take commercially reasonable steps to verify your identity when you ask us to access, modify or rectify your data.
The right to data deletion
You can request that we delete your personal data at any time if:
– the personal data is no longer necessary to fulfil the purposes for which they were collected or processed;
– you have withdrawn your consent based on which the processing takes place;
– you objected to the processing of personal data;
– we processed your personal data illegally;
– we have a legal obligation to delete the data.
Please note that we may have to refuse your data deletion request. For example, even if you withdraw your consent or object to data processing, another legal basis (such as compliance with legal obligations) may compel us to continue processing your data.
The right to object to the processing of personal data for marketing purposes
You can request that we stop processing your personal data for marketing purposes at any time. You can exercise this right by using the "unsubscribe" link in marketing messages.
Please note that you will still receive communications related to the Services (such as changes to the Contract or emails that are part of the Service's features).
The right to object to the processing of personal data based on our legitimate interests or those of third parties
You can request at any time that we stop processing your personal data based on our legitimate interest or that of a third party. Please note that the processing of your data may continue under another legal basis that may prevail (such as the fulfilment of a legal obligation).
Also, if you object to the processing of your personal data necessary to provide the Services, we will have to close your account or restrict your access to certain features of the Services to satisfy your request.
The right to request the restriction of the processing of personal data
You can request the restriction of the processing of your personal data at any time if:
– you ask us to investigate whether the personal data is accurate;
– the processing of personal data is illegal, but you do not want us to delete the data;
– we no longer need the personal data, but you ask us to keep it for you to use in a legal action;
– you have objected to processing your personal data (according to the rights above), but we need to check whether another legal basis prevails over your rights.
The right to portability of personal data
You can request at any time that we transfer your personal data that we process. If we have the necessary means and this is not prohibited by law or by the disposition of the competent authorities, we will transfer your data in a structured, currently used and automatically processable format.
The right to withdraw your consent to the processing of personal data
You can withdraw your consent to processing your personal data at any time. The withdrawal of consent does not affect the legality of the processing carried out beforehand.
5. How to exercise your rights
You may exercise the rights described above through the Services or by emailing us firstname.lastname@example.org. You can also find complete information on contacting usby mail on our Contact page.
For security reasons, we will need to verify your identity to respond to your request (for example, we may ask you to provide us with an identity document).
If you are still dissatisfied with how we have handled your personal data, you can always file a complaint with the National Supervisory Authority for the Processing of Personal Data.
6. How we share your data
We transfer your data in the following ways:
a. Within the Services
We may share or make your personal data publicly available within the Services for you to access certain features of the Services. For example, we may share your name or other personally identifiable information if you choose to appear on leaderboards or engage with other public-facing features of the Services.
If you are an End User, the person or organisation that invited you to use the Services may modify or restrict access to your data.
b. To third parties
We do not and will never sell your data.
Third-Party Providers. We contract third-party providers to enable us to provide and improve the Services. These third parties have access to your data based on your consent or another legal basis, which they process only for the purposes indicated by us. We constantly assess whether these third parties have implemented and maintained adequate technical and organisational measures regarding data security and privacy. You can find the complete list and the role of each of them on our Third Party Providers page.
– companies that provide us with the technical, organisational and analytical infrastructure necessary to provide you with the Services, such as our data storage and hosting, IT services and customer support providers;
c. To comply with laws, lawful requests, or to prevent hard
In certain situations, we may be required to transfer your data to law enforcement authorities, following their express requests, as required by law.
We may also process and transfer your data when we reasonably believe this is necessary to detect, combat, remediate or respond to fraud, unauthorised use of the Services or violations of our terms and policies. We do this to protect ourselves, you and others during investigations by competent authorities or legal action.
If we terminate your account because you have violated our terms or policies, please be aware that we will need to continue storing your data for the time necessary to prevent and reduce the risk of repeated or new abuse violations.
7. Data transfers
The data we collect may be transferred, stored and processed outside your country of residence or even outside the European Economic Area, in the locations where our third-party providers carry out their operations. We make reasonable efforts to ensure that they have implemented adequate data protection and security measures so that your data benefits from at least the same level of protection as required by European law and the General Data Protection Regulation. We have entered into Data Processing Agreements with each of our third-party providers, which include, among other things, their contractual obligation to implement and maintain appropriate data protection procedures and measures.
When we transfer your data outside the European Economic Area, we do so in consideration of a legal basis and taking into account several legal mechanisms such as the Standard Contractual Clauses approved by the European Commission and the provider's certification under the EU-US Privacy Shield.
8. Data Retention and Account Deletion
In principle, we only store your data for as long as it is necessary to provide the Services, until your account is deleted or until we are able to comply with a request from you to delete your data – whichever comes first. However, we retain specific personal data even after these situations, such as when processing is based on legitimate interest or compliance with a legal obligation.
For example, if we must confirm your identity, we will delete the necessary data no later than 30 days after we have completed this operation, and we retain the data required for invoicing even after the deletion of your account to comply with our accounting obligations.
You can delete your account at any time. However, please note that you will not be able to recover the data contained within it.
9. Modification of this Policy
If we change this Policy, we will post the updated version here. We recommend that you check this page regularly.
10. How to contact us
The controller of your personal data isMCTECHNOLOGIES VENTURES SRL a legal entity established in Romania, identified byCUI 41057063
Concerning your personal data, you can contact us by email email@example.com. You can also contact us with any other questions or concerns using the information available on the Contact page.