Even though we will comply with all legal privacy collection, storage and usage requirements of your jurisdiction, if you are:
- (a) a resident of a jurisdiction that is a member of the European Union (EU) then we
will at a minimum specifically comply with the obligations set out in the EU’s
General Data Protection Regulation (GDPR), or
- (b) a resident of the State of California in the USA then we will also at a minimum
specifically comply with the obligations of the Californian Consumer Privacy Act
If there is a difference in the compliance obligations between the GDPR and the CCPA then we will comply with the higher standard as regards to the minimum protection of the information collected by us.
In circumstances where there are no applicable local data protection laws, we will still handle your personal information in the manner described below.
It is your responsibility to seek advice regarding the implications of local laws.
1. What is “personal information”?
“Personal information” essentially means information or an opinion about an identified living individual or an individual who is reasonably identifiable:
- (a) whether the information or opinion is true or not; and
- (b) whether the information or opinion is recorded in a material form or not.
The precise definition of “personal information” or “personal data” may vary depending on which law governs the collection of the data. For example, in most jurisdictions, information relating to deceased individuals is not classified as “personal information”, but this is not universally the case.
Furthermore, legislation in some jurisdictions contains exemptions which may impact upon our privacy obligations. For example, in Australia employee records are generally exempt from an organisation’s obligations under the Privacy Act 1988, although we nevertheless
treat such records as confidential.
Note that this policy only applies to our handling of your personal information and does not relate to any aggregated, anonymised or other information which may be developed or created internally by us, provided this other information cannot later be used or combined with other data to identify you in any way.
2. What information do we collect?
The kind of personal information that we collect from you will depend on how you use the website and the ShareRing App. The personal information which we collect and hold about you may include:
- (a) basic user information such as your name, your email address, the unique public key used for your ShareRing address that will be generated via the ShareRing App, and possibly your phone number;
- (b) messages and interactive post information from our website or through the ShareRing App feed, such as messages to other users and information you provide in connection with those activities and events;
- (c) other background, contact and demographic information, and such other interests and self-descriptions you choose to provide.
3. How we collect your personal information?
We do not generally collect personal information about you, except when you provide that personal information voluntarily through the ShareRing App. We do not collect your private key that is generated by the ShareRing App. The private key will correspond to the public key used for your ShareRing address. Your private key will be stored in a secure location embodied in your smartphone.
You will be required to provide certain personal information when you activate the ShareRing App which will be stored by us for future reference and communication. By voluntarily providing us with information about yourself, you are consenting to our use of both the data that you provide and the data that we collect on our websites and online services in accordance with this policy.
When you access or use our Services, we may also automatically collect information about you (which may or may not be protected “personal information”), including:
- (a) Usage Information. This comprises information about your activity through our Services. For example, we may collect information about:
- (I) how you interact with our Services, such as which of our Services you like
or use and how frequent you use such Services;
- (II) how you communicate with other users, such as their names, the time and
date of your communications, the number of messages you exchange, and
your interactions with messages.
- (b) Content Information. This is content that you create on our Services, such as the types of services you like to use, how often you like to use our services, and information about the content you create or provide to us. It also includes the metadata that is associated with the content.
- (c) Location Information: This is information about your location when you access our ShareRing App or website, or otherwise consent to the collection of this information. With your specific additional consent, we may also collect information about your precise location using methods that include GPS, wireless networks, cell towers, Wi-Fi access points.
- (d) Device Information: This is device-specific information collected when you access our Services, including details relating to your hardware model, operating system and version, unique device identifiers, mobile network information, and information about the device’s interaction with our Services, browser type, language and time zone, information about your wireless and mobile network connections, such as mobile phone number, service provider, and signal strength.
- (e) Log Information: This is information relating to how you access or use our Services, including your access times, browser type and language, Internet Service Provider, and Internet Protocol (“IP”) address.
- (f) Information Collected by Cookies and Other Tracking Technologies: the role of cookies is explained in more detail below.
In addition to personal information which we collect directly from you, and information that is automatically collected from you as explained above, we may in some circumstances be provided with information from third parties. In such a case, we will take reasonable steps to ensure that you are made aware of the information provided to us by the third party.
4. Purpose of collection
The purpose for which we collect personal information is to provide you with the best service possible when you use our website or the ShareRing App.
It is not possible for us to provide our service to you as intended unless basic user information, interactive messages, relevant background material, and debit/credit card details, as described above, are collected directly from you.
With respect to personal information, which is automatically collected, as described above, the reason for collection is to improve and refine our service delivery to you. The specific ways in which personal information may be used to improve and refine our service delivery to you include the following:
- (a) developing, operating, improving, delivering, maintaining, and protecting our products and services;
- (b) sending you communications, including by email. For example, we may use email to respond to support inquiries or to share information about our products, services, and promotional offers that we think may interest you;
- (c) monitoring and analysing trends and usage;
- (d) personalising our services by, among other things, or profile information, or customising the content we show you, including ads;
- (e) contextualize your experience by, among other things, tagging post content using your precise location information (if, of course, you’ve given us permission to collect that information) and applying other labels based on the content;
- (f) providing and improving ad targeting and measurement, including through the use of your precise location information (but only if you have given us permission to collect that information), both on and off our services;
- (g) enhancing the safety and security of our products and services;
- (h) verifying your identity and reduce the risk of fraud or other unauthorized or illegal activity;
- (i) using the information we have collected from cookies and other technology to enhance our services and your experience with them; and
- (j) enforcing our Terms of Service and other usage policies.
As noted above, your personal information may be disclosed to third parties to the extent this is necessary and consistent with the purpose of collection. In addition, it may be shared as follows:
- (a) With service providers. We may share information about you with service providers who perform services on our behalf. This may include maintenance and support personnel acting in the normal course of their duties; and
- (b) With business partners. We may share information about you with business partners that provide services and functionality that may require the creation of any ShareRing ID that can later be used by us in the provision of any future services. In addition, prior to any sharing any of your personal information we will advise as to who and when such sharing shall occur.
- (c) With third parties for legal reasons. We may share information about you if we reasonably believe that disclosing the information is needed to:
- (I) comply with any valid legal process, governmental request, or applicable law, rule, or regulation.
- (II) investigate, remedy, or enforce potential Terms of Service violations.
- (III) protect the rights, property, and safety of us, our users, or others.
- (IV) detect and resolve any fraud or security concerns.
- (d) With third parties as part of a merger or acquisition. If we get involved in a merger, asset sale, financing, liquidation or bankruptcy, or acquisition of all or some portion of our business to another company, we may share your information with that company before and after the transaction closes.
- (e) With outsourcers. In the event that we outsource part of our infrastructure, it is possible that the entity we engage for this purpose may also have access to your personal information.
- (f) With advertisers. We may also share with third parties—such as advertisers—aggregated, non-personally, or de-identified information, which cannot reasonably be identified as you.
We may be required to disclose your personal information if such disclosure is:
- (a) required by law (e.g. the relevant taxation authorities);
- (b) is authorised by law (e.g. to protect our interests or where we have a duty to make such disclosure); or
- (c) you have consented for us to disclose the information about you.
Except as provided above, your personal information will not be shared with other parties unless:
- (a) you are fully informed prior to such transference and you have agreed to such transference, or
- (b) we are required by law to transfer the information to an authorised organisation. In this regard, you acknowledge that for the purposes of “Know You Customer” obligations imposed upon us in order to comply with any Anti-money Laundering and Counter-Terrorism laws you permit us to share your personal information with any organisation that we engage to meet such obligations.
6. Accuracy and Security
We take reasonable steps to ensure your personal information is accurate, up-to-date, and complete. To help us achieve this:
- (a) you should ensure that if there is any change to any of the details you have provided to us, you promptly advise us; and
- (b) if it comes to your attention that we possess certain information about you that is not correct, accurate, complete, or up-to-date, then contact us and we will use all reasonable efforts to ensure any agreed inaccuracies are rectified. You acknowledge that it is your responsibility and onus of proof to establish that any information about you is not correct, accurate, complete, or up-to-date.
Such corrections may take time as we will only correct such information once we have verified that the new information is correct, and we have verified that it is you who have asked for the alteration.
We undertake to use our reasonable endeavours to protect your personal information from misuse, interference and loss, and from unauthorised access, modification and disclosure.
Subject to the foregoing, we do not guarantee or warrant the security of your personal information. No system is 100% secure. The Services that we provide use industry standard Secure Sockets Layer (SSL) technology to allow for the encryption of personal information related to debit and credit card numbers which is transmitted between you and us. We also encrypt all other data in accordance with industry standard encryption technology.
To maximize security, we will not retain your personal information when it is no longer required in connection with the original purpose of collection, unless we are under a legal obligation to the contrary.
7. Notification of Security breaches
If you are:
- (a) a resident of a jurisdiction that is a member of the European Union and the GDPR applies to your Personal Data, then we will without undue delay after becoming aware of a Data Breach and where feasible within 72 hours notify the Office of the Information and Data Protection Commissioner for Malta (the Malta Supervisory Authority) in writing of the Data Breach unless the Data Breach is unlikely to result in risk to your rights and freedoms. Further we will attempt to notify you within a reasonable time after becoming aware of the Data Breach if the Data Breach involves your Personal Data; and
- (b) not a resident of a jurisdiction that is a member of the European Union and the GDPR does not apply to your personal information, then we will without undue delay after we become aware of a Data Breach notify the applicable regulator if and to the extent required by law to do so.
8. Access and correction
If you request us to provide you with access to personal information, we hold about you, then we will generally provide such information in a timely manner to you after we have verified that such access has been requested by you. There may, however, be legal grounds upon which we may, or must, withhold access in response to a request. Forexample, we may legally withhold any requested access if we honestly believe that such access could potentially harm a third party.
If you use our services, you consent to the receipt of ShareRing direct marketing material. We may send direct marketing material concerning any new services that we intend to introduce as part of our business operations. We will only use your personal information for this purpose if we have collected such information directly from you. We do not use sensitive personal information in direct marketing activity. Our direct marketing material will include a simple means by which you can request not to receive further communications of this nature. An alternative means of opting out is to contact us as set out below and simply request that you receive no further such communications.
You can withdraw your consent at any time – if you are subject to the GDPR, see the “Specific Consent” segment below.
10. International transfer and foreign laws
For purposes of operational efficiency, your personal information may be disclosed to recipients in another jurisdiction. You consent to this in the knowledge that if your personal information is mishandled in another jurisdiction, we disclaim responsibility and you may not have a remedy under the law of your home jurisdiction.
11. Individual rights
Even if you are located outside Europe or the UK, the European Union General Data Protection Regulation (GDPR) and the UK equivalent may in some circumstances provide you with additional rights. Where and to the extent this is the case, we will not handle your personal information in a manner inconsistent with that law.
Where you are subject to the GDPR (or UK equivalent), or in circumstances where we have contractually committed to handle your personal information in accordance with GDPR principles, your additional individual rights will include:
- (a) a right to erasure (“right to be forgotten”);
- (b) a right to restriction of processing;
- (c) a right to data portability; and
- (d) a right to object (to automated individual decision-making).
We use “cookies” to collect information.
A cookie is a small data file that most major web sites write to your hard drive for record keeping purposes when you visit them. Cookies allow us to measure activity on the web site and to improve your user experience, for example by remembering your passwords and viewing preferences, thus allowing you to visit various member-only parts of the web site without re-registering. Cookies are used by us to measure activity on the web site and through our ShareRing App and make improvements and updates based on which areas are popular and which are not.
13. Amendments to this policy
14. How to contact us about privacy
If you have a complaint concerning the manner in which we maintain the privacy of your personal information, please contact us as set out below. All complaints will be considered by our privacy officer and we may seek further information from you to clarify your concerns. If we agree that your complaint is well-founded, we will, in consultation with you, take appropriate steps to rectify the problem. If you remain dissatisfied with the outcome, you may wish to refer the matter to the regulator or seek independent legal advice.
you can contact firstname.lastname@example.org.