“Advertising ID” means Apple Identifier for Advertisers (“IDFA”) on Apple and Google Advertising Identity (“GAID”). These are unique identifiers for mobile device that advertisers use for personalized advertising. They are consistent across all mobile applications and thus allow cross-app tracking. Advertising IDs are non-permanent, non-personal identifiers, which are uniquely associated with your device.
“Device identifier” means device type, device model, device maker, device operating system and its language or other technical data like screen size or processor, or combination of this data available from a device for a developer for checking the device compatibility with a particular application.
2. Information collected
2.1 Information We Collect
2.1.1 We do not collect any information which identify or allows to identify You, unless You voluntarily provide Us with such data (in particular, when communicating with Our support team, leaving feedback re Your experience with the Apps) or when certain parts of our Services ask you to provide personal information voluntarily (e.g. we process your email when you submit enquiries via Facemetrics website along with other information you deem necessary to provide or request.
If you leave your email we may send you our updates (marketing communications), unless you opt-out receiving these messages from us by clicking “UNSUBSCRIBE” inside the message.
Some information are collected through cookies or by third party providers as explained further. If we collect your personal data, we shall not associate collected data with other information about you.
2.1.2 In case We start collecting data enabling identification of You or users of Your Devices, We shall first ask for Your express consent for such collection and further processing.
2.1.3 Please note that to enable Apps’ functionalities we shall need your camera to be turned on, as Apps’ functionalities are based on face detection algorithms (we shall ask for your separate permission to turn on the camera). However, all images or other data caught by the camera shall be processed solely on the devices and shall not be sent to our servers, i.e. we shall have no access to such images and data. In some cases (when Nicola App is used) we shall get only statistics data about usage of the devices, i.e. we shall know that someone using your device was reading or playing games within a particular period of time, was visiting certain websites, was opening certain applications and etc. For the avoidance of doubt, we shall not have access to the screen of your Device in any case.
2.1.4 Please note that Apps’ face detection algorithms are not able to identify a specific person and, therefore, generally cannot be considered as collecting biometric information. HOWEVER, IN CASE THE APPLICABLE LAW STIPULATES THAT IMAGES CAPTURED BY THE CAMERA OR FACE GEOMETRY GENERATED BY APPS ARE CONSIDERED AS BIOMETRIC IDENTIFIERS, BIOMETRIC INFORMATION OR SIMILAR LEGAL CATEGORY, HEREBY YOU EXPRESS YOUR INFORMED WRITTEN CONSENT ON THEIR PROCESSING, AS DESCRIBED IN THIS POLICY.
2.2 Information Collected by Third-Party Providers
2.2.1 For the purposes of attribution and tracking the performance of Our applications, including their effectiveness, usage, installations and downloads, We may engage advertising and analytics third party providers (hereinafter – Providers), currently the following Providers are being engaged:
|Provider/ App||Provider’s Data Policy|
2.2.2 The Providers may collect the following personal information about users of the Devices: IP address, device ID, advertising IDs and location data. Such information shall be collected directly by Providers and will not be shared with Us. The Providers may combine such information with other personal information they have in their procession and may be used by them for targeted advertising, i.e. for showing the most relevant ads to You across Internet network.
2.2.4 If you do not wish your data to be processed for receiving a personalized advertising and analytical purposes you may opt out as described in Clause 4.5 or if applicable simply turning off the switcher in the Settings menu in the App or you may send your request via email@example.com. We will erase your personal data and request our providers to do the same within 30 days upon your request.
2.2.5 Besides statistics data collected by the Providers, the data on how You are using the App will be accessible. These data will not be personalized or linked to device You are using. These data are needed to enable proper operation of the App, in particular to identify and fix the problems You are facing when using the App.
2.2.6 To enable operation of the App a specific identifier to the statistics and usage data may be generated by some Providers and though collected by us. This identifier is specific for each App (i.e. it is not the same across multiple applications, like advertising ID). This identifier permits Us solely to identify that events of using the App belong to the same user, however does not let it possible to identify that user.
2.2.7 Other data about Your Devices that do not permit direct association with You or other individuals, such as the operating system, settings, language, wireless network, mobile network information, software and hardware attributes may be also collected by our Providers.
2.2.8 We do not collect personally identifiable information about Your online activities over time and across third-party websites or online services, but such information is collected by Our Providers. Our Providers generally do not respond to Do Not Track (DNT) signals or other mechanisms that provide You with the ability to exercise choice regarding the collection of such information. Nevertheless, if You want Us not to use, or to stop using, such Providers in relation to You, please do not give or withdraw Your consent mentioned in Clause 2.2.3.
2.3.1 We also use various third party cookies to help us improve our website. Cookies are files with small amount of data, which are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. Cookies are stored on your computer’s hard drive.
2.3.2 You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some options of our Service (more details are set out in our Terms).
3. Basis for processing
3.1 The legal bases that we rely upon when processing your personal data are as follows:
3.1.1 Processing of your data, mentioned in Clause 2.1.3., is required for the provision of Services to You.
3.1.2 Processing of your personal data as described in Clauses 2.1.1. (serving your request and sending marketing communications), 2.2.2. (data processing for analytics and ads personalization) and 2.3. (cookies) is our legitimate interest to improve the performance of our business and provide you with information and services you request, as well as the best possible website we can, incl. ensuring our website is kept secure.
We pay special attention to your data protection rights making sure that your data protection rights are not overridden by our legitimate interests.
These legitimate interests are: (a) to ensure effective administration and management of your relationship with us; (b) to understand how you use our Services and how we can improve the customers usage experience; (c) understand and respond to your feedback; (d) to prevent, detect, or investigate unauthorised use of our Services; (e) ensure we comply with law and our policies; and (f) manage any disputes and accidents and take legal or other professional advice.
3.1.3 Contractual necessity covers information that is processed by us in order to provide you with service that you have requested – and that we have agreed – to provide to you.
3.1.4 Legal obligation covers information that is processed by us to comply with a legal obligation.
3.1.5 We will ask for your separate permissions to use your camera, as well as for sending push notifications to you. If you change your mind re permissions granted, you will be able to revoke them at any time afterwards by changing settings on your Device. However, please note that rejecting or switching off these permissions shall negatively affect the use of Apps, which will lose their full functionality.
4. Purposes of processing
- delivering the Services to You (including, maintaining and monitoring the proper operation of the App, fixing any problems in its operation);
- ensuring and protecting the safety and security of the App, protecting Our Intellectual Property Rights and other rights;
- conducting statistical and analytical surveys and researches, in particular for improving the Services and Your user experience.
- displaying advertisement, i.e. showing the most relevant ads to you across Internet network;
- attribution and tracking the performance of Our advertising campaigns and applications, including their effectiveness, usage, installations and downloads.
4.2 Personal data mentioned in Clause 2.2.2 shall be processed by Our Providers for the purposes of:
- attribution and tracking the performance of Our advertising campaigns and applications, including their effectiveness, usage, installations and downloads;
- targeted advertising, i.e. for showing the most relevant ads to users of the Devices across Internet network.
4.3 In case You voluntarily provide Us with any personal data, We shall process these data solely for the purposes for which they were provided to Us and for no longer they are needed to fulfil such purposes.
4.5 Information collected under Clause 2.2.2. via the App shall be used for automated decision making, as Our Providers perform their advertising and analytics services based on automated analysis of Your browsing behaviour. As a consequence of automated decision making You will receive advertisements throughout the Internet which the system considers the most relevant to You.
4.6 In case You don’t want to be subject to automated decision making, You can always limit collection of Your data used for targeting by managing Your mobile devices:
On Your iPhone, iPad, or iPod touch:
- Go to Settings > Privacy > Advertising.
- Turn on Limit Ad Tracking.
On Your Android:
- Open your device's Settings app > Google, or open the Google Settings app (differs depending on your device).
- Under “Services,” select Ads.
- Turn on “Opt out of Ads Personalization” by moving the switch to the right until it turns blue.
Note: If you clear your cache, you'll lose your opt-out setting.
Once you've turned off personalization, Google will no longer use your info to personalize your ads. Ads can still be targeted with info like your general location or the content of the website you’re visiting.
5. Sharing of data
5.1 As We do not collect, store or process Your personal data in any manner, We do not share Your personal information with other parties. However, information collected by our Providers as described in Clause 2.2 when this is needed for the purposes of processing may become available for the following categories of recipients:
- the companies being in the same corporate group with Us;
- data storage, networking and security providers;
- advertising and analytics third party providers (upon Your consent only);
- providers assisting Us with client support;
- any other providers assisting Us with delivering and improving the Services for You.
5.2 We may also share Your data when it is required by law and/or any regulatory authority. In such circumstances, We will expressly inform the third party of the confidential nature of the data shared.
5.3 Our third-party providers which directly collect such data via integration with the App may be located in non-EEA countries, where data protection and privacy regulations may be different from Your home country and offer even lower level of protection. You acknowledge and give Your consent to such transfer and processing of Your data out of EEA to the countries where data protection and privacy regulations may be different from Your home country and offer even lower level of protection. To safeguard Your interests when transferring Your personal data out of EEA to the countries which do not provide an adequate level of data protection, We will use standard data protection clauses adopted by the European Commission or Our supervisory authority.
5.4 All the third parties with which We may share Your data only get the minimum amount of data that are reasonably required in order for them to provide their service to Us and therefore to You. The use of the shared information by such third parties is strictly limited to the purposes of processing outlined in Section 4 and is not permitted for any other purpose. All third parties with which We share Your data are required to protect such data in accordance with all relevant laws and regulations and in a manner similar to the way We protect the same.
5.5 We will not share Your data with third parties which are considered as not being able to provide its clients and potential clients with the required level of protection.
6. Your rights
6.1 With respect to Your personal data We process (if any) You have the right:
- to obtain from Us the information regarding Our processing of Your personal data;
- to obtain from Us without undue delay the rectification of inaccurate personal data concerning You;
- to obtain from Us the erasure of Your personal data your ‘right to be forgotten’);
- to restrict Our processing of Your personal data, when it is permitted under applicable law;
- to obtain from Us Your personal data in a structured, commonly used and machine-readable format and to transmit those data to another controller without any obstacle on Our side;
- to lodge a complaint against Us with a supervisory authority for GDPR purposes – Cyprus Data Protection Commissioner’s Office.
Please contact us via firstname.lastname@example.org to execute any of the rights as stated above.
7. Protecting children’s privacy
7.1 We do not knowingly collect or process personal data from or with respect to children under the age of 13, and you must be 13 years of age or older in order to use Services.
7.2 If you are a parent or legal guardian and believe that your child under the age of 13 has submitted his or her personal data or other data without your consent, permission, or authorization – please let us know immediately, and we will promptly act to remove your child’s data from our database, cease the use of such data and inform any other party we suspect to have access to such data to do the same.
8. Period of processing
8.1 Records of email are retained (in case having any) for no longer they are needed for the purposes for which You provided them to Us, unless You we have a bases to further process your data as described in the Section 3 of this Policy.
8.2 If you request erasure of your data or you unsubscribed from our marketing communications we erase your data from our servers and request our providers to do the same within 30 days upon your request.
8.3 With respect to non-personal data We are not limited by any particular retention period.
10. Questions and complaints
10.2 If You consider that Our collection, usage, disclosure and/or storage of Your personal information violate any applicable data protection laws We are bound by, please refer Your complaints to email@example.com. We will consider them within reasonable time and provide You with an answer.