Sign In
Language
Currency


Sign In

Privacy Policy

Effective since: 15.04.2024

Introduction

This Policy is intended to help you understand:

  • why we collect your personal data;
  • how we collect, use and store your personal data;
  • which rights relating to your personal data you have;
  • how you can exercise the rights relating to your personal data;
  • how we use cookies and other tracking technologies;
  • how we share and disclose your personal data;

EduIndustry Sp. z o.o. is located in Poland.

EduIndustry Sp. z o.o. (“we”, “us”, “our”, “Company”, “EduIndustry“, “Repetry“) cares for your privacy and therefore provides you with the information hereunder. On this page, you can learn what information about you we collect while you interact with EduIndustry, what for and how it is used, stored, disclosed etc., as well as how we process personal data you provide us with.

This Privacy Policy (“Policy”) applies between you and EduIndustry. It describes how we handle the data you provide us with through our website https://repetry.com/, mobile application Repetry (“Platform”) when you interact with us via our email address [email protected], chatbots, or on our social media sites, including, but not limited to, Facebook, LinkedIn, Instagram, YouTube, Vimeo (“Social media accounts”), or otherwise provide us with information about yourself.

Such treatment may include, but is not limited to, the following:

  • collection;
  • recording;
  • organization;
  • storage;
  • structuring;
  • adaptation;
  • alteration;
  • retrieval;
  • consultation;
  • use;
  • disclosure by transmission;
  • dissemination or otherwise making available;
  • alignment or combination;
  • restriction;
  • and erasure or destruction.

When processing your personal data, EduIndustry can play different roles under
the GDPR and other applicable laws and regulations. We act as a data controller
under the GDPR, and as a business under the CCPA as amended, respectively.

When you submit your personal data as a user through our Platform, you may be
asked to consent to our processing of the personal data you provide, as explained
in this Policy, to enable us to provide you with the information or service
requested, if no other legal ground can be used.

You can be a website visitor or client (collectively “users”):

  • You are a website visitor when you merely browse our website and provide us with your data via cookies and other tracking technologies, contact us via email, chatbots or our social media accounts, or you leave information about your company and your contact details in the form of partners’ registration on the Platform;
  • You are a client when you submit your personal data through a registration form and create an account on the Platform, contact us via email, chatbots, or our social media accounts for assistance, leave us feedback regarding the provision of services, or otherwise provide us with personal data when you use our services. This term includes a tutor and student registered on the Platform.

Definitions

To facilitate your understanding of this Policy, we explain the usage of the definitions listed here under the GDPR and CCPA as amended.

We use the following definitions in this Policy:

  • data controller” means the natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and how any personal data is processed.
  • data processor” means the natural or legal person who processes personal data on behalf of the data controller.
  • joint controllers” means two or more controllers jointly determining the purposes and means of processing.
  • data subject” is any living individual whose data we collect.
  • personal data” means any information relating to you and helping identify you (directly or indirectly), such as your name, last name, email, photo, etc.
  • processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
  • services” means access and/or use the functionalities of the Platform described in Terms of Use in order to familiarize yourself with and order our services as provided in Terms of Use.

The definitions of terms used within this Policy are taken from the GDPR, considering the definitions established in the CCPA as amended. The group of definitions “personal data” and “personal information”; “controller” and “business”; “processor” and “service provider”; “data subject” and “consumer” may be used interchangeably unless another meaning is mentioned.

Data Collection

We collect and process the information about you or obtained from you in accordance with this Policy.

We collect your information through the forms on the Platform, chatbots, email and through social media accounts.
We collect two basic types of information about you in connection with our Platform and services: client and website visitor data and business data, which relates to website visitors, clients and businesses respectively. In particular, we collect the following.

Client and website visitor data:

(a) Contact Information. When you submit your personal data via our social media, email address or chatbots to contact us, we may collect some information about you. Such data may include, inter alia, your full name (nickname), a phone number for communication via the messenger, email address, links to your social media accounts and any other details you provide to us via available contact options.

(b) Cookies information. On our Platform, we may use cookies and other
tracking technologies to function correctly, for analytics, marketing activities,
remembering your preferences, and other purposes. Such use may involve
transmission of information from us to you and from you to a third-party website
or us. To learn more regarding our use of cookies, please, read the ‘Use of cookies’
section and our Cookies Policy.

(c) Registration information. You can register as a student or tutor on our
Platform.

To register a student account, you provide us with your personal data that can be
used for communication with you regarding our services and for customer
support, namely:

  • full name;
  • phone number;
  • email address;
  • photo;
  • time zone; and
  • links to your social media accounts (optionally);
  • or any other personal information you provide us when you use our services.

To register a tutor account, you provide us with your personal data that can be
used for communication with you regarding our services and for customer
support, namely:

  • full name;
  • phone number;
  • email address;
  • time zone;
  • date of birth;
  • country;
  • full residential address (including the name of the city, the street name and house or apartment number) ;
  • photo;
  • video (introduction and language-related);
  • education information (name of the educational institution, specialisation, academic degree, year of graduation, photo of the document on completion of education (certificate, diploma), or indication of absence of education);
  • experience information (name of the institution, position, start and end years, or indication of absence of experience);
  • certificate information (name of the certificate, the issuing organisation, date of issue of the document, file (photo or pdf), or indication of absence of certificates);
  • additional information about you as a tutor, such as your experience or teaching techniques; and
  • information about the tutor’s native language;
  • information about the languages the tutor speaks and the level of language proficiency;
  • information about the languages the tutor wants to teach and the level of language proficiency;
  • links to your social media accounts (optionally);
  • or any other personal information you provide us when you use our services.

When acting as a student or tutor, you must enter the above information yourself to create an account unless we receive certain information (only email address and full name) about you from the third-party authentication token when you choose to sign up using the respective ‘Sign Up with’ button (Google, Facebook, Apple ID).

When registering an account on our Platform, you may provide confirmation that
you are at least 18 years old.

(d) Authentication Token Information. When you create an account on the Platform through the ‘Sign Up with’ button, we collect encrypted third-party authentication tokens obtained from your chosen service provider, such as Google LLC, Meta Platforms, Inc., Apple Inc. We can obtain the following information about you via tokens: full name and email address.

(e) Automatically Collected Information. When you create an account, we automatically gather specific information about you and your device, including details such as the browser’s time zone and the location, the device used to access the Platform (device ID), the pages visited on the Platform, and the IP address. We may automatically collect some data related to the client’s activity on the Platform.

(f) Payment Information. If you order services from us and make purchases via the Platform as a student, you will need to provide certain personal details, including payment information, so that the order can be fulfilled.

When you are acting as a tutor we collect some data to provide you with payments. Such data can include but is not limited to the full name, email address and payment card number.

To obtain payment from you as a student, we will use or direct you to a third-party payment processor who will collect this information from you.

Please note that a third-party payment processor is responsible for all collection, processing, and storage of your financial information, and we do not have direct access to or possession of your payment card information or banking information.

(g) Communication Information. We can collect some data about tutors and students when they communicate with each other using our Platform. This data can include the clients’ names and messages exchanged between clients during the learning process. In some cases, it may be necessary for the tutor and/or student to record their communications during lessons, which are provided in conjunction with the services defined in the Terms of Use. Such a record, which may contain personal data of the parties involved, may be transferred to the Company.

Business data:

(h) Lead Generation Information. As part of our lead generation process, we can collect details about other companies, such as their name, website, location, and contact information on our Platform. We can also collect data on how the lead company uses cookies on its website, the lead company’s industry type, and the marketing tools it uses to attract traffic. In some cases, this information may include personal data, for example, the contact person’s full name and job position.

We use your personal data we collected and the personal data you provided us
with only for the purposes listed in this Policy. We may share your personal data
with third parties solely for the purposes listed herein.

We DO NOT sell your data.

We DO NOT use automated decision-making, including profiling, which produces legal effects concerning a data subject or similarly significantly affects a data subject.

We DO NOT intentionally collect and process any sensitive personal data on our Platform. At the same time, biometric data may be collected by our service providers, during the identity verification for KYC/AML compliance. You can read more about the processing of biometric data in Persona’s Privacy Policy.

Grounds for processing

Our grounds for processing your personal data are:

  • your consent;
  • our legitimate interests;
  • performance of a contract;
  • our legal obligations.

We collect and process your personal data in accordance with the provisions of the GDPR.

The GDPR provides an exclusive list of lawful bases allowing us to process your personal data. During personal data processing, we rely only on four of them, namely:

Article 6.1(a): consent

We collect the information you choose to give us, and we process it under your consent. You may withdraw your consent to the processing of your personal data at any time.

Please remember that the withdrawal of consent does NOT automatically mean that the processing before the withdrawal is considered unlawful. You may withdraw the consent to the processing of your personal data by sending us an email at [email protected] or by contacting us in any other way convenient for you.

Article 6.1(f): legitimate interest

We process your personal data to protect our legitimate interests, such as:

  • preventing fraud,
  • ensuring the security of our Platform, and
  • providing you with a seamless user experience.

We only collect and use the strictly necessary data to achieve these purposes and do not override your fundamental rights and freedoms.

Article 6.1(b): performance of a contract

When you provide us with personal data to register an account on our Platform, this can be considered as a request to form a contract or to perform a contract between you and us. However, we may ask you for clear consent in case of doubt.

Article 6.1(c): legal obligation

We process your personal data to fulfil our legal obligations, such as complying with tax or regulatory requirements. In case you send us a request to exercise your rights under the GDPR, we may ask you for some personal data we already have to identify you and achieve compliance with the applicable law.

Use of Your Personal Data

When acting as a data controller, we use your personal data for the purposes listed in the table below, where we also detail the type of personal data processed, legal bases we rely on to do so, third parties with whom we may share your personal data and information as the source of such data:

Purpose of processingType of personal dataLegal groundsThird Parties recipientsSource
Account Registration(c) Registration information
(d) Authentication Token Information
(e) Automatically Collected Information
Performance of a contract (Article
6(1)(b))
AWS, Vimeo, YouTube, ContractorsClient, Google, Meta Platforms, Apple
Account Maintenance(c) Registration information
(d) Authentication Token Information
(e) Automatically Collected Information
Performance of a contract (Article 6(1)(b))AWS, Vimeo, YouTube, Stripe, Persona, ContractorsClient, Google, Meta Platforms, Apple
Communication with Clients and Website visitors(a) Contact Information
(c) Registration information
(e) Automatically Collected Information
Your consent (Article 6(1)(a))

Performance of a contract (Article 6(1)(b))
AWS, Meta Platforms, Social Media Platforms, eSputnik, ContractorsClient, Website visitor
Conducting customer surveys(a) Contact Information
(c) Registration information
Your consent (Article 6(1)(a))AWS, Meta Platforms, PowerBI, Social Media Platforms, ContractorsClient
Offering loyalty programs(c) Registration information
(e) Automatically Collected Information
Performance of a contract (Article 6(1)(b))AWS, ContractorsClient
Provision of services(c) Registration information
(g) Communication Information
Performance of a contract (Article 6(1)(b))AWS, ContractorsClient
Analytics and developing of the Platform(a) Contact Information
(b) Cookies information
(c) Registration information
(e) Automatically Collected Information
Your consent (Article 6(1)(a)) Our legitimate interest (Article 6(1)(f))PowerBI, Google Analytics, Hotjar, ContractorsClient, Website visitor
Marketing activities(a) Contact Information
(b) Cookies information
(c) Registration information
Your consent (Article 6(1)(a))Meta Pixel, Power BI, eSputnik, ContractorsClient, Website visitor
Payment processing(f) Payment InformationPerformance of a contract (Article 6(1)(b))AWS, Stripe, PayAdmit, PayPal, Google Pay, Apple Pay, Wise, Payoneer, Visa, Mastercard, ContractorsClient, Stripe, PayAdmit, PayPal, Google Pay, Apple Pay, Wise, Payoneer, Visa, Mastercard
Fraud prevention(b) Cookies information
(c) Registration information
(e) Automatically Collected Information
(f) Payment Information
Our legitimate interest (Article 6(1)(f))AWS, Stripe, PayAdmit, PayPal, Google Pay, Apple Pay, Wise, Payoneer, Visa, Mastercard, ContractorsClient, Website visitor, Stripe, PayAdmit, PayPal, Google Pay, Apple Pay, Wise, Payoneer, Visa, Mastercard
KYC/AML verification(c) Registration information
(f) Payment Information
(e) Automatically Collected Information
Your consent (Article 6(1)(a)) collected by the service provider
Our legitimate interest (Article
6(1)(f))
Persona, ContractorsClient, Persona
Lead generation(h) Lead Generation InformationYour consent (Article 6(1)(a))AWS, PowerBI, ContractorsWebsite visitor
Legal compliance(a) Contact Information
(b) Cookies information
(c) Registration information
(d) Authentication Token Information
(e) Automatically Collected Information
(f) Payment Information
(g) Communication Information
(h) Lead Generation Information
Legal obligation (Article 6(1)(c))AWS, Google Meet, Hotjar, Meta Platforms, Social Media Platforms, PowerBI, Google Analytics, Vimeo, YouTube, Persona, Stripe, PayAdmit, PayPal, Google Pay, Apple Pay, Wise, Payoneer, Visa, Mastercard, eSputnik, ContractorsClient, Website visitor, Google, Meta Platforms, Apple, Stripe, PayAdmit, PayPal, Google Pay, Apple Pay, Wise, Payoneer, Visa, Mastercard, Persona

Please, note that upon processing of payments using the services of a payment processor, such payment provider may collect certain personal data it considers as necessary for the provision of services. Such collection of personal data is regulated under the rules and policies of payment processors. We advise you to access the payment processors’ websites carefully and always check payment processors’ policies and rules regarding the collection of your personal data. You can read payment processors’ Privacy Policies, which outline their commitment to protecting your personal information, by following the links listed in the ‘Data Sharing and Disclosure’ section of this Policy.

Use of cookies

Cookies are small text files containing information that websites send to your browser. They are stored on your device, which might be a personal computer, a mobile phone, a tablet or any other device. We use them for various purposes, as you can read more about in this section.

We use cookies and other tracking technologies on our Platform for some purposes, including enabling the functionality of the Platform, enhancing user experience, understanding the online behaviour of people who interact with our Platform, and delivering relevant interest-based advertising to you on third-party websites.

We do not use cookies to identify you directly. We only use cookies for the following purposes:

Necessary: these cookies and other tracking technologies are essential for your use of the Platform and our compliance with applicable data protection laws. We can use them for certain purposes, such as checking if your browser supports cookies and determining whether you have accepted the cookie consent box.

Analytics: these cookies help us to understand how you interact with our Platform (e.g., page visits and page load speed) by collecting information anonymously to avoid your identification. Their sole purpose is to improve Platform functions.

Marketing: these cookies and other tracking technologies deliver relevant online advertising on other websites. These cookies can be placed by us and selected third parties and enable adverts to be presented to you on third-party websites.

For further information on cookies, we kindly refer you to review our Cookies Policy.

Data Security, Integrity and Retention

We will store and process your personal data for as long as needed to provide you or other users with the services.
Also, you may request erasing of your personal data by contacting us in any way convenient for you.

As a data controller, we store and process your personal data until we do not need it for any of the purposes defined in this Policy unless longer storage is required or expressly permitted by law.

We store Registration Information, Authentication Token Information, and Automatically Collected Information for the entire period when the client uses our services and for 2 years after his/her last activity on the Platform.

We store Cookie Information for the period specified in our Cookie Policy.

We may not delete or anonymize your data if we are compelled to keep it under the GDPR and other applicable laws.

Notwithstanding any of the aforementioned periods of data storage, you may request to delete your personal data by sending us an email at [email protected] or contacting us in another way convenient for you.

We have implemented appropriate organizational, technical, administrative, and physical security measures designed to protect your personal data from unauthorized access, disclosure, use, and modification. We regularly review our security procedures and policies to consider appropriate new technology and methods.

Social Media Accounts

We may collect your personal data through interactions on our official social media accounts, such as following, commenting, reacting to our content, or contacting us to leave feedback or for assistance.

We manage the Company’s official pages on various social media sites including, but not limited to, Facebook, LinkedIn, Instagram, YouTube, and Vimeo. We can collect the information for marketing purposes when you interact with us via our social media accounts by following our official pages, posting comments, or reacting to our content.

When you contact us via our social media accounts for assistance or leave us feedback regarding the provision of services, we can collect this information for further communication purposes. You can find a detailed description of the personal information that we may collect from you above in the ‘Use of Your Personal Data’ section of this Policy.

Please note that depending on the social media platform, additional processing operations may be conducted by the operators of these platforms. We advise checking social media platforms’ privacy policies and rules regarding the collection of your personal data on their side.

Data Sharing and Disclosure

We only transfer your personal data to third parties according to the requirements of GDPR.
Where possible, we always enter into data processing agreements (DPAs) and NonDisclosure Agreements (NDAs) with our third parties.
We may disclose the personal data to third parties, including those outside the EU and EEA, provided that proper safeguards are put in place, and the applicable local laws do not put your rights at risk.

We may share your personal data as a data controller with other sole controllers, joint controllers and data processors in accordance with the provisions specified hereafter.

Sharing data with sole controllers

When you use our Platform, your data can be shared and disclosed to other sole data controllers:

  • PayPal (PayPal Holdings, Inc, USA): to process user payments. You may read its Privacy Statement here;
  • Vimeo (Vimeo.com, Inc., USA): to upload the tutor’s video (introduction and language-related) while registering on the Platform. You may read its Privacy Policy here;
  • YouTube (Google, LLC, USA): to upload the tutor’s video (introduction and language-related) while registering on the Platform. You may read its Privacy Policy here.

Sharing data with joint controllers

In some cases, we may act as a joint controller jointly with other joint controllers, for example, while using Meta Pixel. With respect to this case of personal data processing, we are the party to the Facebook Controller Addendum. In such a case, a data subject may exercise their rights under the GDPR and applicable privacy laws in respect of and against other joint controllers and us.

Sharing data with data processors

There are many features necessary to provide you with our services that we cannot complete ourselves; thus, we seek help from third parties. We may grant some service providers access to your personal data, in whole or part, to provide the necessary services.

Therefore, we may share and disclose your personal data to other data processors
(“service providers”):

  • Amazon Web Services, AWS (Amazon.com, Inc., USA): to provide secure transfer and storage of personal data on the servers. You may read its Privacy Policy here;
  • Apple ID (Apple, Inc., USA): to log in to our Platform using your Apple ID. You may read its Privacy Policy here;
  • Apple Pay (Apple, Inc., USA): to process user payments. You may read its Privacy Policy here;
  • Google Analytics (Google, LLC, USA): for analytics purposes. You may read its Privacy Policy here;
  • Google Account (Google LLC, USA): to log in to our Platform using your Google account. You may read its Privacy Policy here;
  • Google Pay (Google LLC, USA): to process payments. You may read its privacy policy here;
  • Facebook Account (Meta Platforms, Inc., USA): to log in to our Platform using your Facebook account. You may read its Privacy Policy here;
  • Hotjar (Hotjar Ltd, Malta): to explore the user’s experience while using the Platform. You may read Hotjar’s Privacy Policy here;
  • Mastercard (Mastercard Europe SA, Belgium): to process user payments. You may read its Privacy Notice here;
  • PayAdmit (FIX IDEA LTD, UK): to process user payments. You may read its Confidentiality And Data Protection Policy here;
  • Payoneer (Payoneer, Inc., USA): to process user payments. You may read its Privacy Policy here;
  • Persona (Persona Identities, Inc., USA): to collect, verify, and manage user identities. You may read its Privacy Policy here;
  • PowerBI (Microsoft Corporation, USA): for analytics purposes. You may read its Privacy Policy here;
  • Stripe (Stripe, Inc., USA): to process user payments. You may read its Privacy Policy here.
  • Wise (f/k/a TransferWise) (Wise Europe SA, Belgium): to process user payments. You may read its Privacy Policy here;
  • Visa (Visa, Inc., USA): to process user payments. You may read its Privacy Notice here;
  • eSputnik (Retention Yes Sp. z.o.o., Poland): for marketing and communications purposes. You may read its Privacy Policy here.

As part of our business operations, we may engage various specialists who may receive your personal data, including technical, sales, legal and marketing professionals, to provide you with better client service and ensure the accuracy and transparency of our business. Collectively, these specialists and partner websites are referred to as Contractors.

We may transfer your personal data to countries outside the European Union (EU) and the European Economic Area (EEA) that are not deemed to provide an adequate level of data protection under Article 45 of GDPR (adequacy decision).

In such cases, we will ensure that appropriate safeguards are implemented in accordance with the GDPR to protect your personal data.

When we transfer your personal data to third parties, we always comply with the requirements of the GDPR. Where possible, we always enter into Data Processing Agreements (DPAs) and Non-Disclosure Agreements (NDAs) with these third parties to ensure that your personal data is adequately protected. If a Contractor has an appropriate data processing agreement, we may join that agreement. If so, the Company and the Contractor may regulate the transfer of the personal data to such Contractor by means of such data processing agreement.

EduIndustry had adjoined the publicly available data processing agreements of the following Contractors:

ContractorData Processing Agreement
Amazon Web Serviceshttps://d1.awsstatic.com/legal/aws-gdpr/AWS_GDPR_DPA.pdf
eSputnikhttps://esputnik.com/data-processing-agreement
Google (Google Analytics)https://support.google.com/tagmanager/answer/7207086?hl=en
Facebookhttps://www.facebook.com/legal/Workplace_GDPR_Addendum
Hotjarhttps://www.hotjar.com/legal/support/dpa/
Mastercardhttps://www.mastercard.com/global/en/vision/corp-responsibility/commitment-to-privacy/data-processing-privacy.html
Payoneerhttps://www.payoneer.com/legal/payoneer-data-processing-addendum/
PayPalhttps://www.paypal.com/cz/webapps/mpp/ua/bt-data-protection?locale.x=en_CZ
Microsoft Corporationhttps://www.microsoft.com/licensing/docs/view/Microsoft-Products-and-Services-Data-Protection-Addendum-DPA
Stripehttps://stripe.com/legal/dpa
Visahttps://www.visaacceptance.com/en/become-a-partner/merchant-agreement.html

Transferring your personal data outside of the European Economic Area

We may transfer your personal data to third countries outside the European Union (EU) and the European Economic Area (EEA) under Article 46 of the GDPR with appropriate safeguards, including the Standard Contractual Clauses (SCC).

We may need to transfer your personal data to countries outside the EU and EEA that do not meet the requirements of Article 45 of GDPR on the adequacy of data protection. In such cases, we will transfer your personal data to third countries under Article 46 of GDPR with the appropriate safeguards, including Standard Contractual Clauses (SCC).

We follow internal procedures when disclosing your personal data to countries outside the EU and EEA to ensure adequate safeguards for protecting your privacy and fundamental rights and freedoms.

We take additional technical and organizational measures when transferring data outside the EU and the EEA, such as assessing the reliability and personal data protection practices of the service provider, encrypting the transferred personal data, promptly responding to any threats to confidentiality, integrity, and availability of personal data, and conducting Transfer Impact Assessments (TIA) when necessary, etc.

Your Rights under the GDPR

You may exercise the following rights under the GDPR:

  • right of access;
  • right to rectification;
  • right to erasure;
  • right to restriction of processing;
  • right to object to processing;
  • right to data portability;
  • right to consent withdrawal;
  • right to lodge a complaint.

You may exercise the following rights by submitting your request at [email protected].

Rights under the GDPR

  • right of access means that you may ask us to send you a copy of your personal data collected together with information regarding the nature, processing and disclosure of that personal data;
  • right to rectification means that you may ask us to update and correct the false data, missing or incomplete personal data.
  • right to erasure (“right to be forgotten”) means that you may ask us to delete your personal data collected, except insofar it is prohibited by appropriate laws.
  • right to restriction of processing means that you may ask us to restrict processing where:
    • your personal data is not correct or outdated;
    • the processing is unlawful.
  • right to object to the processing means that you may raise objections on
    grounds relating to your particular situation;
  • right to data portability means that you may ask us to transfer a copy of
    your personal data to another organisation or you;
  • right to withdraw the consent when your personal data processed on a basis of your consent;
  • right to lodge a complaint with the supervisory data protection authority pertaining to the processing of your personal data. You may submit the complaint to the supervisory authority of your place of residence within the EU or to the data protection authority stated in this Policy.

Please, note that we may need to confirm your identity to process your requests to exercise your rights under the GDPR. Thus, we may not be able to satisfy your request if you do not provide us with sufficient detail to allow us to verify your identity and respond to your request.

Data Protection Authority under the GDPR

We kindly ask you to contact us directly so that we can quickly answer your question.

We kindly invite you to share your concerns with us in the first place regarding any issue related to your personal data processing. You may use the following channels to address your inquiries: [email protected].

In some cases, you have the right to lodge a complaint about our use of your personal data with a data protection authority. For more information, please contact your national data protection authority. We will cooperate with the appropriate governmental authorities to resolve any privacy-related complaints that cannot be amicably resolved between you and us. You can find a full list of EU supervisory authorities through this link.

California Residents: Your Rights under the CCPA and the CPRA

This section applies to the processing of the personal information of California residents.

Under the California Consumer Privacy Act (the “CCPA”) and the California Privacy Rights Act (the “CPRA”, “CCPA, as amended”), California residents have certain rights regarding the collection, use, and sharing of their personal information.

We may collect various categories of personal information when you use and/or access our Platform, including information you provide when you want to receive our services, provide us with any additional information, and automatically collect data (regarding your interactions with our Platform).

In particular, depending on actual circumstances, we may collect the following categories of personal information specified in the CCPA when you access our Platform:

  • Category A – Identifiers;
  • Category B – Personal information categories listed in the Cal. Civ. Code § 1798.80(e);
  • Category C – Protected classification characteristics under California or federal law;
  • Category D – Commercial information;
  • Category F – Internet or other similar network activity;
  • Category G – Geolocation data;
  • Category K – Inferences drawn from any of the information identified above to give you a more personalized web experience (i.e., this may involve the use of cookies in accordance with our Cookies Policy).

You can find a detailed description of the personal information that we may collect from you above in the ‘Data Collection’ section of this Policy. The purposes of the collection and/or use of personal information are stated in the ‘Use of Your Personal Data’ section of this Policy. Note that in the ‘Data Sharing and Disclosure’ section of this Policy, you can review the categories of third parties with whom we may share your personal information. The terms used within those sections of this Policy are taken from the GDPR in consideration of the definitions established in the CCPA as amended.

If you are a California resident, to the extent provided for by the CCPA and subject to applicable exception, you have the following rights in relation to the personal information we have about you:

  • Right to obtain information. You can request information about what personal information has been collected about you and how we have used that personal information during the preceding 12 months.
  • Right of access. You can request a copy of the personal information we collected about you during the preceding 12 months.
  • Right to deletion. You can request us to delete the personal information that we have collected from you unless it is necessary for us to maintain your personal information in certain cases under the CCPA, such as protection against malicious, deceptive, fraudulent, or illegal activity.
  • Right to be free from discrimination relating to the exercise of any of your privacy rights.

The CPRA amended the CCPA and added new additional privacy protection rights for California residents, such as:

  • Right to correct inaccurate personal information. You can request us to correct the inaccurate personal information about you.
  • Right to limit the use and disclosure of sensitive personal information. This right allows you to limit the use and disclosure of your sensitive personal information by the company. We don’t intentionally collect any sensitive personal information about you.

We do not sell your personal information to third parties for monetary or other valuable consideration. Additionally, we do not offer any financial incentives associated with our collection, sharing, or retention of your personal information

We take the protection of your privacy seriously, so in no way will we discriminate against you for exercising any of your rights granted by the CCPA, as amended.

You can exercise your rights under the CCPA, as amended, by sending us an email by any other means of communication convenient for you, including those listed in the ‘How to Contact Us’ section of this Policy.

Please note that we may need to confirm your identity to process your requests to exercise your rights under the CCPA, as amended. Thus, we may not be able to satisfy your request if you do not provide us with sufficient detail to allow us to verify your identity and respond to your request. You may exercise the following rights by submitting your request at [email protected].

Data Subject Age under the GDPR and COPPA

We undertake the best possible efforts to secure the processing of personal data belonging to the underage.

Our Platform and services are intended for general audiences and are not directed to children under the age of 18.

By submitting your personal data to us, you acknowledge that you have reached the age of 18, and under the laws of your country of residence, you have all rights to provide us with your personal data for processing.

Under the GDPR, we do not knowingly collect any personal information from children under the age of sixteen (or a lower age if provided by EU member state law, provided that such lower age is not below 13 years).

We do not knowingly collect any personal information from children under the age of 13 without seeking any required parental approval in accordance with applicable legal and regulatory obligations, such as the U.S. Children’s Online Privacy Protection Act (“COPPA”).

If you know that a child has provided us with personal information without parental consent, please contact us at [email protected].

Changes to the Privacy Policy

We may change this policy occasionally due to the different purposes. We will notify you of such material changes through the means available to us.

This Policy may be changed from time to time due to the implementation of new updates, technologies, laws’ requirements or for other purposes. We will send notice to you if these changes are dramatic, and where required by applicable laws, we will obtain your consent for the subsequent processing. In any case, we encourage you to review this Policy to check for any changes regularly.

Such notification may be provided via your email address, announcement published on the Platform and/or by other means consistent with applicable law.

How to Contact Us

Please contact us if you have any questions about our processing activities, this Privacy Policy, or your rights.

If you have a question related to this Privacy Policy, our processing activities, or your data subject rights under the GDPR, CCPA, as amended and other applicable laws, you can contact our Data Protection Officer directly using the following details:

External Data Protection Officer
Privacity GmbH
Germany, Hamburg,
Neuer Wall 50, 20354
Email: [email protected]

You may also contact us directly, using the following details: