Privacy Policy
Effective from 14th December 2020.
1. General
Digiotouch OÜ (hereinafter, "Digiotouch", "we", “us" or "our") is committed to protecting and respecting your privacy.
This Privacy Policy explains how we collect, process, and use your Personal Information when You are registering an Account and accessing our Services via our App or otherwise interacting with Digiotouch. "Personal Information" is defined as information that can be used to identify a natural person. This can include, for example, your name, address, e-mail address, information about your activity, etc.
The purpose of this Privacy Policy is to inform You about:
-
who is responsible for the protection of your information;
-
the types of Personal Information we may collect about You and how they may be used;
-
the sources from which we gather information about you;
-
our use of information regarding IP addresses;
-
any disclosure of the Personal Information to third parties;
-
your ability to correct, update, and delete your Personal Information; and
-
the security measures we have in place to prevent the loss, misuse, or alteration of the Personal Information under our control.
When processing your Personal Information, Digiotouch is required to follow the requirements stipulated in the Regulation (EU) 2016/679 of the European Parliament and of the Council (“GDPR”) and other data protection-related legal acts which are applicable in a specific case (“applicable data protection laws”).
2. Who is responsible for the protection of your information?
The controller of your Personal Information is Digiotouch OÜ, registry code: 14507464; Address: Harju maakond, Tallinn, Kesklinna linnaosa, Narva mnt 5, 10117, Estonia, email address: contact@digiotouch.com.
Should You have any questions about how we process your Personal Information, or should You wish to exercise any of your rights as a data subject, You can contact us, using the contact details provided above.
3. Gathering and Use of Personal Information
We may collect your Personal Information if You open an Account and use our Services. The types of Personal Information which we collect may include your:
-
First name and surname
-
User name
-
Date of birth and age
-
Country of residence
-
City of residence
-
Email address
-
IP address(es) and geographical location
-
device and browser information:
-
device model
-
software platform
-
device software version
-
device universally unique identifier (UUID)
-
device manufacturer
-
device serial number
-
4. We may use your Personal Information for the following purposes:
-
to allow You to register and use an Account in order to access our Services. The legal basis for processing your Personal Information in this case is GDPR Art 6(1)(b);
-
to reply to your queries when You have contacted us. The legal basis for processing your Personal Information is either GDPR Art 6(1)(b) or Art 6(1)(f), depending on the circumstances. If the legal basis is GDPR Art 6(1)(f), then we are processing personal data for the legitimate interest of answering queries from potential clients;
-
to analyze the use of our Website and/or our App. The legal basis for processing your Personal Information is GDPR Art 6(1)(f). This is for our legitimate interest in improving our products and services;
-
to allow the Robotic system provided by our partners that is connected with our Services to send You tailored information about such services or provide you access to additional services. The legal basis for processing your Personal Information in this case is GDPR Art 6(1)(b);
-
to provide You with information about products and promotions that may be of interest to you, from ourselves and third parties, although only if You have specifically agreed to receive such information. The legal basis for processing your Personal Information is GDPR Art 6(1)(a);
-
for market research, e.g., surveying the users of our App and other Services about their needs and opinions on our services. The legal basis for processing your Personal Information is GDPR Art 6(1)(a) or 6(1)(f), depending on the circumstances. If the data processing is done based on GDPR Art 6(1)(f), then it is done for the legitimate interest of improving our products and services.
We process your Personal Information only for the purpose(s) for which we have collected the Personal Information. If You object to the processing of your Personal Data that is based on a statutory or contractual basis, you may not be able to access our Services.
5. Sources of Personal Information
We collect information about You from several sources including, but not limited to:
-
information provided by you to us directly;
-
Google Analytics.
6. IP Addresses
We may collect information about your computer or smart devices, including where available, your IP address, operating system and browser type for system administration, and to report aggregate information to our advertisers. We note that this constitutes statistical data about our users' browsing actions and browsing patterns and it is not possible to identify any individuals.
7. Disclosure of Personal Information
We use the Personal Information for the purposes indicated at the time You provide us with such information, and/or otherwise for the purposes set out in this Privacy Policy and/or as otherwise permitted by law. In certain cases, we may make your Personal Information available to our affiliates, agents, representatives, trusted service providers, and contractors.
Whenever we disclose your Personal Information to a third party, there will be a legal basis for this, and we will abide by all relevant rules stipulated in applicable data protection laws. Any third party that receives or has access to the Personal Information shall be required by us to protect such Personal Information and to use it only to carry out the services they are performing for You or for the Website unless otherwise required or permitted by law. We will ensure that any such third party is aware of our obligations under this Privacy Policy and we will enter into contracts with such third parties by which they are bound by terms no less protective of any Personal Information disclosed to them than the obligations we undertake to You under this Privacy Policy or which are imposed on us under applicable data protection laws.
Specifically, when it is needed and permitted by applicable data protection laws, we can share information about You with the following parties:
-
acquiring and card-issuing banks;
-
payment processing partners;
-
our service providers;
-
banks or other financial institutions when disputing claims or chargebacks;
-
government and regulatory authorities, when requested;
Please note that we cooperate with partners in different countries, hence your Personal Information might be processed and stored in different jurisdictions, taking into account all the requirements pursuant to applicable data protection laws.
We are committed to ensuring the safety of your Personal Information at all times by using secured data transfer channels, contractual obligations, and other means (i.e. working with only trusted partners that have implemented adequate data protection measures).
8. No Automated Decision Making
Digiotouch does not carry out automated decisions regarding users. However, we will notify You in writing if this position changes.
9. Your rights as a data subject
You have the following rights as a data subject, considering the relevant conditions stipulated in applicable data protection laws:
-
right to access – your right to obtain from Digiotouch a confirmation as to whether or not Personal Information concerning You is being processed, and, where that is the case, access to the Personal Information;
-
right to the erasure of your Personal Information (“right to be forgotten”);
-
right to the correction of any inaccurate Personal Information;
-
right to the restriction of our processing of your Personal Information;
-
right to data portability;
-
right to object to the processing of your Personal Information, including, but not only, to data processing for marketing purposes;
-
right to withdraw your consent for data processing, in cases where the legal basis for the processing of your Personal Information is your consent.
You can exercise the above-mentioned rights by sending an email to us at: contact@digiotouch.com.
You may also request the deletion of your Account and Personal Information by sending an email to us at: contact@digiotouch.com. Digiotouch will accept your request only when this is not inconsistent with its legal and regulatory obligations.
In addition to the above, you have the right to file a claim with your local supervisory authority or with a competent court, if You believe that Digiotouch has infringed your rights as a data subject. Information and contact details about local supervisory authorities can be found here: https://edpb.europa.eu/about-edpb/board/members_en.
10. Data Transfers
Digiotouch will not transfer personal data to a third country outside the EEA where data protection laws may be different from the requirements under the GDPR, except if appropriate safeguards such as the model clauses (i.e. standardized clauses approved by the European Commission) are in place, or if You have clearly consented to such transfer.
11. Security
We have implemented appropriate technical and organizational measures to ensure the confidentiality of your Personal Information and to protect your Personal Information from loss, misuse, alteration, or destruction. Only authorized personnel of Digiotouch have access to your Personal Information, and these personnel are required to treat the information as confidential.
The security measures in place will, from time to time, be reviewed in line with legal and technical developments.
12. Retention of Personal Information
We will hold your Personal Information only for as long as it is necessary for us to do so, having regard to the purposes described in this Privacy Policy and our own legal and regulatory requirements. In certain cases, for example, in the case of accounting documents, the retention periods are stipulated in the law.
We may store your Personal Information for a period of 5 years if this is required by agreements which we have concluded with third parties (including, but not limited to, European Union funding agreements).
13. Links
There may be links from our App or website to other websites and resources provided by third parties. This Privacy Policy applies only to our Services. Accessing third-party websites or sources requires You to leave our Website. We do not control third party Websites or any of the content contained therein and You agree that we are in no way responsible or liable for any of those third-party Websites, including, without limitation, their content, policies, failures, promotions, products, services or actions and/or any damages, losses, failures or problems caused by, related to or arising from those Websites. This Privacy Policy does not cover how third parties process personal data. We encourage You to review all policies, rules, terms, and regulations, including the privacy policies, of each Website that You visit.
14. Cookies
Digiotouch uses the following cookies on its website:
-
functional cookies;
-
Google Analytics Cookies.
Please note that functional cookies are necessary for you to access and use the website properly. According to applicable law, strictly functional cookies may be used without Your consent. Functional cookies are required to identify the user after signing in on Digiotouch’s website. Google Analytics Cookies are used to measure how the users are interacting with Website content.
Google Analytics Cookies will be deployed into your browser only if you have given your consent to this. You can manage your cookie consents at any time in your browser. Google Analytics Cookies have different storage times, depending on the specific function of the cookie. The maximum period for storing a Google Analytics Cookie in your browser is 2 years.
15. Changes
Digiotouch may amend this Privacy Policy from time to time. If we change this Privacy Policy, we will take steps to notify all users about the amendments and we will post the amended Privacy Policy on the website.