NUMBR - PRIVACY POLICY

 

Last Updated: January 7, 2020

 

Simplified Explanation of Privacy Policy and Data Collection & Protection
 

Under recent legislation concerning data privacy (General Data Protection Regulation), many types of data have been requalified as Personal Data to catch up with the nature of the digital age. Thus, the legal language used in Terms of Use & Privacy Policy has got stricter and may create an impression that companies are collecting unnecessarily big amounts of Personal Data despite that they are collecting the same data as before but this data is now qualified as personal. Therefore, we need your clearly expressed Consent that we may process this data.

Here are general clarifying statements briefly outlining Smart Record´s attitude towards data collection. For full legal language coverage please check Terms of Use & Privacy Policy below.

 

  • If you are using the App without making purchases, you are an anonymous user to us and we collect only technical information necessary for running and improving the app (iOS version, device model, app usage, crash reports, device timezone) – some of this data has been requalified as Personal Data as well.

  • When you are purchasing services we need to identify your Apple ID

  • We don´t share any information concerning you or your device with any 3rd parties unless it is necessary for running the App, delivering services, our own internal marketing activities or fulfilling legal obligations.

    • Technical 3rd parties are f.e. Apple (app), Amazon Web Services (servers), Graylog (logs), etc..

  • We don´t have access to files on your device

  1. Provider provides this Privacy Policy (hereinafter as “Privacy Policy”) to help Customer to understand, what information Provider collects, how Provider uses the information and the choices Provider offers, including how to access and update collected information. Provider may update this Privacy Policy from time to time, so please check them back periodically.  This Privacy Policy applies to the Application Services, Beta Services and any other related services.

  2. This Privacy Policy particularly explains and regulates (i) a definition of how Provider uses the personal data that Customer shares with Provider and what Provider learns about Customer, (ii) what of the personal data, if any, Provider may share, (iii) the conditions Provider uses to protect Customer’s information, if it must be shared, and (iv) other things Customer should know about the protection sand processing of the personal data and Provider.

  3. Under recent legislation concerning data privacy (General Data Protection Regulation), many types of data have been designated as personal data to catch up with the nature of digital age. The personal data means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name and surname, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. When Customer installs or downloads the App, Provider may collect variety of non-personal data of technical nature (version of the operating system, device model, device language, numbers, dates and times of the communications, name of the country, where the calling party initiates a telephone call and name of the country, where the called party answers a telephone call, time zone, etc.). This data allows Provider f.e. to improve the App´s performance and resolve potential technical issues. Provider may collect also other kinds of data that are considered Personal Data e.g.: contact information (e-mail address and other information supplied to Provider in accordance with his support service), device information (unique device identifier), etc (hereinafter collectively as “Personal Data”), etc. These are used primarily for delivery of Services purchased via the App and optimization of Provider´s internal marketing activities – sending commercial or informative communication relating to Provider’s services (never third-party marketing campaigns).

  4. Provider uses the Personal Data (i) to provide the Application Services, (ii) to maintain and/or (iii) to develop the Application Services. In cases prescribed by law, Provider requires for processing the Personal Data Customer’s consent.

  5. The Personal Data are proceeded both in an automated and a manual way and are stored for as long as is necessary to provide Customer with the App (for the duration of Customer’s use of the App) and for a reasonable period of time after the last use of the App, not exceeding five years.

  6. Provider provides the Personal Data that he collects to trusted partners (hereinafter also as “Processors”) to process them for Provider based on his instructions and in compliance with this Privacy Policy (f.e. Apple, Twilio Inc.,; the list of these partners is available upon request). Provider uses only Processors providing sufficient guarantees to implement appropriate technical and organizational measures in such a manner that processing will meet the requirements of the Customer’s right protection. Personal Data are shared with above specified third parties in an anonymized form. Provider does not share Personal Data with third parties for marketing purposes.

  7. Customer hereby further agrees not to use the Application Services to send sensitive data about him or third person where unauthorized disclosure could cause material or immaterial damage, severe harm or impact to Provider, any data subjects and/or thirds parties. Sensitive data includes, but is not limited to: health data, genetic data, biometric data, data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, data concerning sexual orientation. Customer hereby further agrees to not use Services for personally identifiable information knowingly collected from children under the age of 13 of from online services designated for children. 

  8. The App is not designated for children. By downloading or installing the App, Customer declares that he is older than 13 years old and is solely responsible for any damage or loss that Provider may suffer because of his untruthful declaration.

  9. Access to the Personal Data. Customer has the right to obtain from Provider confirmation as to whether or not the Personal Data concerning him are being processed, and where that is the case, access to the Personal Data and the following information: the purposes of the processing, the categories of the Personal Data concerned the recipient to whom Personal Data have been or will be disclosed; the envisage period for which the Personal Data will be stored (if not possible the criteria used to determine that period), the existence of automated decision-making, including profiling, and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the Personal Data subject.

  10. Customer has the right to request from Provider rectification or erasure of the Personal Data (right to be forgotten) or restriction of processing of the Personal Data concerning Customer or to object to such processing. Customer has also the right to lodge a complaint with supervisory authority (in European Union) and the right to the Personal Data portability

  11. Right to rectification. Customer shall have the right to obtain from Provider without undue delay the rectification of inaccurate the Personal Data concerning him or her. Taking into account the purposes of the processing, the data subject shall have the right to have incomplete Personal Data completed, including by means of providing a supplementary statement.

  12. Right to be forgotten. Customer shall have the right to obtain from the Provider the erasure of the Personal Data concerning him without undue delay and Provider shall have the obligation to erase the Personal Data without undue delay where one of the following grounds applies: (i) the Personal Data are no longer necessary in relation to the purposes for which they were collected or otherwise processed, (ii) the Personal Data have been unlawfully processed, (iii) the Personal Data have to be erased for compliance with a legal obligation in the European Union or Member State law to which Provider is subject, (iv) Customer withdraws consent on which the processing is based  and there is no other legal ground for the processing, and/or (v) Customer objects to the processing and there are no overriding legitimate grounds for the processing. . Provider will not erase the Personal Data, if the processing of the Personal Data is necessary for (i) the exercising the right of freedom of expression and information, (ii) the compliance with a legal obligation which requires processing by the European Union or Member State law to which Provider is subject, (iii) the performance of a task carried out in the public interest or in the exercise of official authority vested in Provider, (iv) the reasons of public interest in the area of public health, (v) the archiving purposes in the public interest, scientific or historical research purposes or statistical purpose in so far as the right to be forgotten is likely to render impossible or seriously impair the achievement of the objectives of that processing, or (vi) the establishment, exercise or defense of legal claims.

  13. Right to the Personal Data portability. Customer shall have the right to receive the Personal Data concerning him, and which Customer has provided to Provider, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from Provider to which the Personal Data have been provided. In exercising Customer’s right to the Personal Data portability, Customer shall have the right to have the Personal Data transmitted directly from one controller to another, where technically feasible.

  14. Customer hereby agrees to comply with all applicable Privacy Policy and the Personal Data protection regulations. Provider may ask Customer to verify Customer’s identity before action to Customer’s request.

  15. If You have any request or question concerning the Privacy Policy or the Personal Data protection/processing, please contact us at any time via e-mail data.protection.officer@apptoro.agency.