1. DATA WE MAY COLLECT
We may collect and process the following data about you:
- Personal data including, for example, your name, e-mail address, password, and in certain instances, telephone number, data about your usage of the Products and data collected by tracking technologies as further described in section 4 below that may identify you as an individual or allow online contact with you as an individual.
- Coride does not collect or process credit or debit card (“Payment Card”) data. Apple and Google collect Payment Card data with respect to in-app purchases made through the Apps, and our payment processor collects Payment Card data with respect to purchases made through the Websites. Such payment processors generally provide us with some limited data related to you, such as a unique, anonymous token that enables you to make additional purchases using the data they’ve stored, and your card’s type, expiration date, billing address, and the last four digits of your card number.
- Device information such as operating system version, device type, and system
- Data collected via tracking technologies, as fully described in section 4.
2. CONFIDENTIALITY AND SECURITY
The security of your personal data is important to us. We follow generally accepted standards to protect the personal data submitted to us, both during transmission and once it is received. If you have any questions about the security of your personal data, you can contact us at firstname.lastname@example.org. Except as described under the “Disclosure of Your Data” section 13 below, we do not provide your personal data to any third party without your specific consent, as defined by applicable law.
3. NEWSLETTERS OR OTHER ELECTRONIC COMMUNICATIONS
If you sign up to receive promotional materials from us via email and/or (push notifications) we will use the data you give us to provide the communications you have requested. If you inform us that you wish to cancel email promotional materials by selecting “unsubscribe” at the bottom of such communication or by emailing us at email@example.com, we will remove you from our mailing list. If you no longer wish to receive push notifications, you may turn them off at the device level. If you provide your phone number to us directly or through a third-party for the specific purpose of receiving an SMS message with a link to our Apps, you will receive such SMS message (the “SMS Service”). Standard text message rates will apply.
4. TRACKING TECHNOLOGIES
Coride and our analytics partners use technologies such as cookies, beacons, tags, and scripts to enable a service to recognize your device so you don’t have to provide the same data several times during one task, to recognize that you may have already given a username and password so you don’t need to do it for every web page requested, and to measure how people are using the Products. We use local storage, such as HTML5, to store content data and preferences. Third parties with whom we partner to provide certain features on the Products also use HTML5 to collect and store data. Various browsers may offer their own management tools for removing HTML5. We use third party trackers to let us know when users have visited the Products by “clicking-through” our sponsored advertising or content hosted on third party platforms. The Products use Google Analytics code to gather statistical data. Google Analytics sets cookies to help us accurately estimate the number of visitors to the Products and the volumes of usage of the Products. This is done to ensure that the Products are available when you want them and are fast. For more data on how Google Analytics processes this data, visit www.google.com/analytics. We will acquire consent from you in order to use such trackers to the extent required by applicable law.
5. MOBILE ANALYTICS
We use mobile analytics software to allow us to better understand the functionality of our mobile software on your phone. This software may record data such as how often you engage with the Products, the events that occur within the Products, aggregated usage and performance data, and where the Applications were downloaded from. We may link the data we store within the analytics software to any personal data you submit within the mobile application.
6. LOG FILES
As true of most websites, we gather certain data and automatically and store it in log files. This data may include Internet Protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data. If you receive the HTML-formatted version of our email newsletter, your opening of the newsletter is notified to us and saved. Your clicks on links in the newsletter are also saved. These and the open statistics are used in aggregate form to give us an indication of the popularity of the content and to help us make decisions about future content and formatting.
7. WHERE WE STORE YOUR PERSONAL DATA
All data you provide to us through the Products is stored on our secure servers located in Sweden. Any payment transactions will be encrypted using SSL technology; all payment data is stored with our payment processor and is never stored on Coride’s servers. Where we have given you (or where you have chosen) a password which enables you to access certain parts of the Products, you are responsible for keeping this password confidential. We ask you not to share a password with anyone, and suggest that your change your password frequently. Unfortunately, the transmission of data via the Internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to the Products; any transmission is at your own risk. Once we have received your data, we will use strict procedures and security features to try to prevent unauthorized access.
8. YOUR DATA RIGHTS
As you may know, a recent European Union law called the General Data Protection Regulation (“GDPR”) give certain rights to applicable individuals in relation to their personal data. Accordingly, we have implemented transparency and access controls to help such users, including residents of the EU, Switzerland, and the United Kingdom exercise those rights. As required under applicable law, the rights afforded to you are:
- A right of access: you have the right to obtain (i) confirmation as to whether personal data concerning you are processed or not and, if processed, to obtain (ii) access to such data and a copy thereof.
- A right to rectification: you have the right to obtain the rectification of any inaccurate personal data concerning you. You also have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
- A right to erasure: in some cases, you have the right to obtain the erasure of personal data concerning you. Upon request, Coride will permanently and irrevocably anonymize your data such that it can never be reconstructed to identify you as an individual. However, this is not an absolute right and Coride may have legal or legitimate grounds for keeping such
- A right to restriction of processing: in some cases, you have the right to obtain restriction of the processing of your personal data.
- A right to data portability: you have the right to receive the personal data concerning you which you have provided to Coride, in a structured, commonly used and machine-readable format, and you have the right to transmit those data to another controller without hindrance from Coride. This right only applies when the processing of your personal data is based on your consent or on a contract and such processing is carried out by automated means.
- A right to object to processing: you have the right to object at any time, on grounds relating to your particular situation, to processing of personal data concerning you when such processing is based on the legitimate interest of Coride. Coride may, however, invoke compelling legitimate grounds for continued processing. When your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of such data. You may, in particular, exercise that right by clicking on the “unsubscribe” link provided at the bottom of any messages received, or by managing your privacy preferences by logging in to your Coride account and following the instructions here.
- A right to lodge a complaint with the competent supervisory authority: you have the right to contact the supervisory authority to complain about Coride’s personal data protection A right to give instructions concerning the use of your data after your death: as required by applicable law, you may have the right to give Coride instructions concerning the use of your personal data after your death. To exercise one or more of these rights, you can email firstname.lastname@example.org.
You may access your personal data to modify or update at any time via an online account, or by emailing email@example.com. We will respond to your request in a reasonable timeframe in accordance with applicable law.
9. USES MADE OF THE DATA
We use information held about you in the following ways:
- To provide you with the Products.
- To answer your questions or requests for information or handle your complaints.
- To ensure that content provided by the Products is presented in the most effective manner for you and for your computer or other device.
- To provide you with promotional communications, such as email, to the extent that you have provided consent to receive such communications under applicable law.
- To carry out our obligations arising from any agreements entered into between you and us.
- To allow you to participate in interactive features of the Products, when you choose to do so.
- To notify you about updates or changes to Product features and content.
- To understand your broad, non-specific geographic location to help us identify groups of users by general geographic market (such as zip code, state or country).
- To account for applicable sales taxes based on zip codes provided to our payment processors for purchases made through the Website.
- To serve our advertisements to you through third party platforms, such as Google, on other sites and apps or across your devices, to the extent that you have provided consent for such uses under applicable law.
- To provide you with the SMS Service to the extent that you have provided consent for such practices under applicable law.
- We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them.
- To manage your payments and orders.
If you are an existing customer, we will only contact you by electronic means (e-mail or in-Product communication) with information about products and services similar to those which were the subject of a previous sale to you, except if you opt-out to such communications.
10. LEGAL BASES OF PERSONAL DATA PROCESSING
In accordance with GDPR, Coride provides the following information regarding its Article 6 legal bases for personal data processing:
The performance of the contract (the Coride Terms & Conditions) between you and Coride for the data processing relating to your use of Coride’s Products (including your orders and payments); Coride’s legitimate interest, more specifically:
- Our business interest in providing you with emails and push notifications for timely introductory materials and information about your Coride account, our Product features and updates, and offers to upgrade your free account to a subscription account.
- Our financial interest in providing you with promotional offers and/or discounts with respect to paid subscriptions and special offerings.
- Our business interest in offering you particularized or adapted content based on your usage of the Products.
- Our business interest in collecting data regarding your general usage activities for the purpose of improving our Coride user experience.
- Our business interest in requesting that you partake in Product surveys in order to better understand your needs and expectations.
- Our financial interest in providing you the opportunity to purchase Coride subscriptions for the benefit of a third party.
- Our business interest in collecting data related to unplanned downtime or errors in the Products.
- Our business interest in complying with our legal obligations, such as maintaining accurate financial records.
11. DISCLOSURE OF YOUR DATA
We may disclose your personal data to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries. We may also disclose your personal data to third parties as follows: In some circumstances, based on your specific requests, we may need to disclose your personal data to a third party so that it can provide a service you have requested from such party, or fulfill a request for data from such party. An example of this is the SMS Service. In some circumstances, we may disclose the personal data that you have provided to Coride to a third party that offers and/or provides goods or services complementary to our own for the purpose of enhancing our users’ experiences by offering you integrated or complementary functionality, complementary services or bundled pricing options. If Coride’s service providers (like hosting, IT maintenance, market analytics, and payment service providers) require this data to provide services to Coride. Coride requires each of its service providers to agree to maintain the confidentiality and security of your personal data.
In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets. If Coride or substantially all of our assets are acquired by a third party, in which case personal data held by us about our customers will be one of the transferred assets. If we are under a duty to disclose or share your personal data in order to comply with any legal obligation such as to comply with a subpoena, bankruptcy proceedings, similar legal process, or in order to enforce or apply our agreements with you; or to protect the rights, property, or safety of Coride, our customers, or others. This includes exchanging data with other companies and organizations for the purposes of fraud protection and credit risk reduction
12. DATA RETENTION
The retention periods applied by Coride comply with applicable legislation in effect on the date hereof, namely: For data relating to your account: such data will not be retained beyond your request that your account be deleted. For transactional data relating to your purchases: such data is kept for the entire period of the contractual relationship, then in accordance with legal obligations and applicable statute of limitation periods. Please note that this data does not include Payment Card information, which is processed by our third-party payment processors, and not Coride. For data collected based on your consent to receive our marketing communications: we will use such data until you withdraw consent or applicable law requires that such data is no longer used. When your data are collected in the context of requests/queries: such data are kept for the period necessary to process and reply to such requests or queries.
When cookies or other trackers are placed on your terminal, they are kept for a period of 12 months. Other data will be kept as long as necessary for the purposes pursued and in compliance with our legal obligations, including the applicable statute of limitations.
13. WITHDRAWAL OF CONSENT FOR PROCESSING ACTIVITIES
To the extent that you have provided appropriate consent under applicable law to certain processing activities, such consent can be withdrawn at any time by emailing firstname.lastname@example.org.
14. LINKS TO THIRD PARTY SITES
The Products may, from time to time, contain links to and from the Products of our partner networks, advertisers and affiliates. If you follow a link to any of these external websites,
please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these websites or their policies. Please check these policies
before you submit any personal data to these external websites.
15. SOCIAL MEDIA WIDGETS
Our Products include social media features, such as the “Share This” button, or interactive mini-programs. These features may collect your Internet protocol address, which page you are visiting on or Products, and may set a cookie to enable the feature to function properly. Social media features and widgets are hosted by a third party or hosted directly on our Products. Your interactions with these features are governed by the privacy statement of the company providing it.
specified in your account) or by means of a notice in the Products prior to the change becoming effective. We encourage you to periodically review this page for the latest data on
our privacy practices.
17. CONTACT AND EEA REGISTERED AGENT
18. TRANSMISSION TO OTHER COUNTRIES
The subsidiaries, service providers or other third parties listed above to whom Coride may disclose your personal data may be domiciled abroad, and in particular outside the
European Union, Switzerland, and the United Kingdom. In such case, Coride will require them to take, in accordance with applicable legislation, all organizational and technical measures that permit ensuring an adequate level of protection of your personal data, such the use of Standard Contractual Clauses approved by the European Commission and/or ensuring certification with the EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield Frameworks. Moreover, we participate in and have certified our compliance with the EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield Frameworks (https://www.privacyshield.gov/).
Coride is committed to subjecting all personal data received from European Union (EU) member countries, Switzerland, and the United Kingdom, in reliance on the Privacy
Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List.
Coride is responsible for the processing of personal data it receives, under the Privacy Shield Framework, and subsequent transfers to a third party acting as an agent on its behalf.
Coride complies with the Privacy Shield Principles for all onward transfers of personal data from the EU, Switzerland, and the United Kingdom, including the onward transfer
liability provisions. For personal data covered by Privacy Shield, you have the ability to opt-out of whether such personal data is disclosed to a third-party (apart from service providers) or is to be used for a purpose that is materially different for the purpose for which it was originally collected or subsequently authorized. You can contact Coride at email@example.com in order to make such choices.