THIS APP COLLECTS LOCATION AND PERSONALLY IDENTIFIABLE INFORMATION (SUCH AS NAME, EMAIL, PHONE NUMBER ETC.), AMONG OTHER INFORMATION. PLEASE READ THE ENTIRE DOCUMENT CAREFULLY.
By registering on or using our App or providing your personal information to us or by using other features and functionalities of the App or Site, you are accepting and consenting to the practices described in this policy. Please note that this includes consenting to the processing of any personal information that you provide, as described below.
IF YOU DO NOT AGREE WITH THESE PRACTICES, PLEASE DO NOT USE THE SERVICES OR THE APP OR PROVIDE US WITH ANY OF YOUR PERSONAL INFORMATION.
TABLE OF CONTENTS
1. What personal information about the users do we collect and how do we process it?
a) Information that you provide us: We collect the information you provide when you use our App and our services. This can include Personally Identifiable Information (PII) as well as non-PII information. The examples include your full name, email, phone number, location, messages, your queries etc. We also collect information about how you use our services, such as the content you engage with or the frequency and duration of your activities.
b) Information that we collect when you use the App: We also collect information while you access, browse or use the App. In other words, when you use our App, we are aware of your usage of the App, and gather, collect and record the information relating to such usage, including geo-location information, operating system, make & ID, IP address, device ID and type, App’s settings and characteristics, App crashes, identifiers associated with cookies or other technologies that may uniquely identify a device. This helps us in providing our services to you and making improvements in the App and our services, fixing errors and bugs.
c) Geolocation: The App collects your geolocation with your permission for providing you one of the essential features of our App. For example, this enables you to use the emergency and safety features of the App. If you decline permission for us to collect your precise geolocation, we will not collect it, but then you will not be able to make the most of our services.
d) Information about your activities on the App: Using the App and our services generates data about your activity on our App and services, for instance how you use the App and your interactions with the features of the App.
e) Customer Care: If you contact our customer support through safetravelRX App, or via emails, in those cases, we collect all your interactions with our customer support.
f) Good Judgment: We suggest that you exercise good judgment and caution while providing your personal information.
2. What is the lawful basis for which we use your personal information?
For the purposes of the applicable law, you hereby acknowledge that all processing of your personal information will be justified by a "lawful ground" for processing. In the majority of cases, processing will be justified on the basis that:
- Consent: You have given your consent for processing personal data for one or more specific purposes.
- Performance of a contract: Provision of personal data is necessary for the performance of an agreement with you and/or for any pre-contractual obligations thereof.
- Legal obligations: Processing personal data is necessary for compliance with a legal obligation to which we are subject.
- Vital interests: Processing personal data is necessary in order to protect your vital interests or of another natural person.
- Public interests: Processing personal data is related to a task that is carried out in the public interest or in the exercise of official authority vested in the Company.
- Legitimate interests: Processing personal data is necessary for the purposes of the legitimate interests pursued by the Company.
In any case, we will gladly help to clarify the specific legal basis that applies to the processing, and in particular whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract. Feel free to contact us for this purpose at email@example.com.
3. Exact list of information collected, and how we or our service providers process this information?
The Personal Data is collected for the following purposes and using the following services:
ACCESS TO THIRD PARTY ACCOUNTS
This type of service allows this Application to access Data from your account on a third party service and perform actions with it. These services are not activated automatically, but require explicit authorization by the User.
Twitter account access (Twitter, Inc.)
This service allows this Application to connect with the User's account on the Twitter social network, provided by Twitter, Inc.
The services contained in this section enable the Owner to monitor and analyze web traffic and can be used to keep track of User behavior.
Google Analytics (Google Inc.)
Google Analytics is a web analysis service provided by Google Inc. (\u201cGoogle\u201d). Google utilizes the Data collected to track and examine the use of this Application, to prepare reports on its activities and share them with other Google services.
Google may use the Data collected to contextualize and personalize the ads of its own advertising network.
Personal Data collected: Cookies and Usage Data.
Google Analytics for Firebase (Google Inc.)
Google Analytics for Firebase or Firebase Analytics is an analytics service provided by Google Inc. In order to understand Google's use of Data, consult Google's partner policy.
This Application uses identifiers for mobile devices (including Android Advertising ID or Advertising Identifier for iOS, respectively) and technologies similar to cookies to run the Firebase Analytics service.
Personal Data collected: Cookies, unique device identifiers for advertising (Google Advertiser ID or IDFA, for example) and Usage Data.
Content performance and features testing (A/B testing)
The services contained in this section allow the Owner to track and analyze the User response concerning web traffic or behavior regarding changes to the structure, text or any other component of this Application.
Firebase Remote Config (Google Inc.)
Firebase Remote Config is an A/B testing and configuration service provided by Google Inc.
Displaying content from external platforms
This type of service allows you to view content hosted on external platforms directly from the pages of this Application and interact with them.
This type of service might still collect web traffic data for the pages where the service is installed, even when Users do not use it.
Gravatar (Automattic Inc.)
Gravatar is an image visualization service provided by Automattic Inc. that allows this Application to incorporate content of this kind on its pages.
Please note that if Gravatar images are used for comment forms, the commenter's email address or parts of it may be sent to Gravatar - even if the commenter has not signed up for that service.
Personal Data collected: email address and Usage Data.
YouTube video widget (Google Inc.)
YouTube is a video content visualization service provided by Google Inc. that allows this Application to incorporate content of this kind on its pages.
Personal Data collected: Cookies and Usage Data.
YouTube video widget without cookies (Google Inc.)
YouTube is a video content visualization service provided by Google Inc. that allows this Application to incorporate content of this kind on its pages. This widget is set up in a way that ensures that YouTube won't store information and cookies about Users on this Application unless they play the video.
Personal Data collected: Usage Data.
Hosting and backend infrastructure
This type of service has the purpose of hosting data and files that enable this Application to run and be distributed as well as to provide a ready-made infrastructure to run specific features or parts of this Application. Some of these services work through geographically distributed servers, making it difficult to determine the actual location where the Personal Data are stored.
Amazon Web Services (Amazon)
Amazon Web Services is a hosting service provided by Amazon.com Inc.
Firebase (Firebase, Inc.)
Firebase is a hosting and backend service provided by Google Inc.
Firebase Hosting (Firebase, Inc.)
Firebase Hosting is a hosting service provided by Google Inc.
Firebase Cloud Functions (Google Inc.)
Firebase Cloud Functions is a hosting and backend service provided by Google Inc.
Firebase Cloud Storage (Google Inc.)
Firebase Cloud Storage is a hosting service provided by Google Inc.
Firebase Realtime Database (Google Inc.)
Firebase Realtime Database is a hosting and backend service provided by Google Inc.
This type of service allows this Application to monitor the use and behavior of its components so its performance, operation, maintenance and troubleshooting can be improved. Which Personal Data are processed depends on the characteristics and mode of implementation of these services, whose function is to filter the activities of this Application.
Firebase Crash Reporting (Google Inc.)
Firebase Crash Reporting is a monitoring service provided by Google, Inc.
Firebase Performance Monitoring (Google Inc.)
Firebase Performance Monitoring is a monitoring service provided by Google, Inc.
Geolocation (This Application)
This Application may collect, use, and share User location Data in order to provide location-based services.
Most browsers and devices provide tools to opt out from this feature by default. If explicit authorization has been provided, the User\u2019s location data may be tracked by this Application.
Personal Data collected: geographic position.
Managing contacts and sending messages
This type of service makes it possible to manage a database of email contacts, phone contacts or any other contact information to communicate with the User.
These services may also collect data concerning the date and time when the message was viewed by the User, as well as when the User interacted with it, such as by clicking on links included in the message.
Twilio (Twilio, Inc.)
Twilio is a phone numbers management and communication service provided by Twilio, Inc.
Personal Data collected: phone number.
Firebase Cloud Messaging (Google Inc.)
Firebase Cloud Messaging is a message sending service provided by Google, Inc. Firebase Cloud Messaging allows the Owner to send messages and notifications to Users across platforms such as Android, iOS, and the web. Messages can be sent to single devices, groups of devices, or specific topics or User segments.
Firebase Notifications (Google Inc.)
Firebase Notifications is a message sending service provided by Google Inc. Firebase Notifications can be integrated with Firebase Analytics to target analytics-based audiences and track opening and conversion events.
Registration and authentication
By registering or authenticating, Users allow this Application to identify them and give them access to dedicated services.
Depending on what is described below, third parties may provide registration and authentication services. In this case, this Application will be able to access some Data, stored by these third party services, for registration or identification purposes.
Foursquare OAuth (Foursquare Labs, Inc.)
Foursquare Oauth is a registration and authentication service provided by Foursquare Labs, Inc. and is connected to the Foursquare network.
Twitter OAuth (Twitter, Inc.)
Twitter Oauth is a registration and authentication service provided by Twitter, Inc. and is connected to the Twitter social network.
Instagram Authentication (Instagram, Inc.)
Instagram Authentication is a registration and authentication service provided by Instagram, Inc. and is connected to the Instagram social network.
Linkedin OAuth (LinkedIn Corporation)
Linkedin Oauth is a registration and authentication service provided by Linkedin Corporation and is connected to the Linkedin social network.
YouTube OAuth (Google Inc.)
YouTube OAuth is a registration and authentication service provided by Google Inc. and is connected to the YouTube network.
Firebase Dynamic Links (Google Inc.)
Firebase Dynamic Links is a social feature provided by Google Inc. Dynamic Links are tracked within Firebase or Google Analytics for Firebase, which informs the Owner about the details of the User journey to and within this Application.
Firebase Invites (Google Inc.)
Firebase Invites is a social feature provided by Google Inc. that enables Users to share this Application. The sharing may contain referral codes, or content from within this Application and may be done via email or SMS. Sharing is tracked with Google Analytics for Firebase, which informs the Owner that the User has opened or installed this Application via invite.
4. How do we use this information?
We use all of the information we have to help us provide, support and improve our services. We use the information collected from you for one or more of the following purposes:
a) To create and update your account;
b) To enable you to get in touch with an emergency responder;
c) To send real time travel alerts;
d) To send you important notifications;
e) To enable you to use and access other features and functionalities of the App;
f) To assess queries, requirements, and process requests for various services;
g) To enhance your user experience, including as a way to recognize you and welcome you to the App;
h) To improve our App and services;
i) To be able to deliver our services, personalize content, and make suggestions for you by using this information to understand how you use and interact with our services and the people or things you’re connected to and interested in on and off our services.
j) We use your information to send you marketing communications, newsletter, communicate with you about our services and let you know about our policies and terms. We also use your information to respond to you when you contact us.
k) We use the information we have to help verify accounts and activity, and to promote safety and security of our services, such as by investigating suspicious activity or violations of our terms or policies.
l) We also use your information to ensure our services are working as intended, such as tracking outages or troubleshooting issues that you report to us. And we use your information to make improvements to our services.
m) We use information to help improve the safety and reliability of our services. This includes detecting, preventing, and responding to fraud, abuse, security risks, and technical issues that could harm safetravelRX, our community, or the public.
n) To respond to summons, court orders, directions or other judicial processes.
o) To provide information to law enforcement agencies or in connection with an investigation on matters related to public safety.
5. Deleting your information
Your information and account that you share or create on our platform is yours. You can at any time delete the same. However, you acknowledge that we will not be able to remove the content that has been shared with third-party service providers, and we may also retain some of the information so deleted for a reasonable period of time in order to comply with legal requests. You can request us to delete your information by writing to us at firstname.lastname@example.org.
6. Sharing of Information
b) We may share some of your personal as well as non-personal information with our third-party hosting service provider.
c) We keep your information safe and do not share your information with any other third party, except as mentioned in Section 3 above. However, if we merge with or are acquired by another company or we sell our App or business unit, or if all or a substantial portion of our assets are acquired by another company, in those cases, your information will likely be one of the assets that would be transferred.
d) We may also share your information in response to legal requests. Please refer to Section 12.
7. Storage and Security of Information
a) Storage: Your data is stored through our third-party hosting service provider’s data storage, databases and servers. We also store some of the information collected by us on our servers and do not share it with any third party, except for the limited purposes as mentioned in the Section 6. The servers and databases in which information may be stored may be located outside the country from which you accessed this App, and in a country where the data protection and other laws may differ (and be less stringent) from your country of residence. You hereby consent to any such cross-border transfer of your personal information.
b) Retention: Personal information that we collect, access or process will be retained only so long as necessary for the fulfilment of the purposes for which it was collected, as necessary for our legitimate business purposes, or as required or authorized by law. Personal information that is no longer required to fulfil the identified purposes will be destroyed, erased or made de-identified or anonymous.
c) Steps taken by us to protect your data: The Data Controller processes your data in a proper manner and takes all appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data. We regularly take the following steps to protect the integrity of your information:
We protect the security of your information while it is being transmitted by using secure connection;
We use computer safeguards such as firewalls to keep this data safe;
We only authorize access to employees and trusted partners who need it to carry out their responsibilities;
We regularly monitor our systems for possible vulnerabilities and attacks, and we carry out penetration testing to identify ways to further strengthen security; and
We will ask for proof of identity before we share your personal data with you.
8. Links to other Apps/Sites
9. Rights of EU, EEA and UK Users
ALL YOUR USER INFORMATION WILL BE COLLECTED, STORED, PROCESSED AND SHARED STRICTLY IN ACCORDANCE, IN LINE AND FULL COMPLIANCE WITH REGULATION (EU) 2016/679 (SIMPLY CALLED “GDPR”) AND DIRECTIVE 2002/58/EC (SIMPLY CALLED “E-PRIVACY DIRECTIVE, 2002”) OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL (HEREINAFTER COLLECTIVELY REFERRED TO AS THE “EU REGULATION”).
Under applicable EU regulation, you have the following rights in respect of your personal information:
- Right to obtain information: to obtain information about how and on what basis your personal information is processed and to obtain a copy;
- Right to rectification: You have the right to have any incomplete or inaccurate information we hold about you rectified and corrected.
Right of Erasure: to erase your personal information in limited circumstances where (a) you believe that it is no longer necessary for us to hold your personal information; (b) we are processing your personal information on the basis of legitimate interests and you object to such processing, and we cannot demonstrate an overriding legitimate ground for the processing; (c) where you have provided your personal information to us with your consent and you wish to withdraw your consent and there is no other ground under which we can process your personal information; and (d) where you believe the personal information we hold about you is being unlawfully processed by us;
Right of restriction: to restrict processing of your personal information where: (a) the accuracy of the personal information is contested; (b) the processing is unlawful but you object to the erasure of the personal information; (c) we no longer require the personal information for the purposes for which it was collected, but it is required for the establishment, exercise or defense of a legal claim or (d) you have objected to us processing your personal information based on our legitimate interests and we are considering your objection;
Right to object: to object to decisions which are based solely on automated processing or profiling;
Right to ask for a copy: where you have provided your personal information to us with your consent, to ask us for a copy of this data in a structured, machine-readable format and to ask us to share (port) this data to another data controller; or to obtain a copy of or access to safeguards under which your personal information is transferred outside of the EEA.
Right to withdraw your consent. You have the right to withdraw your consent on using your personal data. If you withdraw your consent, we may not be able to provide you with access to certain specific functionalities of our services.
Request the transfer of your Personal Data. We will provide to you, or to a third-party you have chosen, your personal data in a structured, commonly used, machine-readable format. Please note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
Under certain circumstances, you may have the right to object, on grounds relating to your particular situation, to the processing of your personal data by us and we may be required to no longer process your personal data. Moreover, if your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing. In this case your personal data will no longer be processed for such purposes by us.
In addition to the above, you have the right to lodge a complaint with a supervisory authority for data protection. Please note that the right of access and the right to erasure do not constitute absolute rights and the interests of other individuals may restrict your right of access or erase in accordance with local laws.
We will ask you for additional data to confirm your identity and for security purposes, before disclosing data requested by you. We reserve the right to charge a fee where permitted by law. We will decline to process requests that jeopardize the privacy of others, are extremely impractical, or would cause us to take any action that is not permissible under applicable laws. Additionally, as permitted by applicable laws, we will retain where necessary certain personal information for a limited period of time for record-keeping, accounting and fraud prevention purposes.
To make such requests, please contact us at email@example.com.
10. California Resident Rights
Categories of Personal Information Collected
We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device. The following is a list of categories of personal information which we may collect or may have been collected from California residents within the last twelve (12) months.
Please note that the categories and examples provided in the list below are those defined in the CCPA. This does not mean that all examples of that category of personal information were in fact collected by us, but reflects our good faith belief to the best of our knowledge that some of that information from the applicable category may be and may have been collected. For example, certain categories of personal information would only be collected if you provided such personal information directly to us.
Category A: Identifiers.
Examples: A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, driver's license number, passport number, or other similar identifiers.
- Category B: Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).
Examples: A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.
- Category C: Protected classification characteristics under California or federal law.
Examples: Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).
- Category D: Commercial information.
Examples: Records and history of products or services purchased or considered.
- Category E: Biometric information.
Examples: Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.
- Category F: Internet or other similar network activity.
Examples: Interaction with our Service or advertisement.
Category G: Geolocation data.
Examples: Approximate physical location.
Category H: Sensory data.
Examples: Audio, electronic, visual, thermal, olfactory, or similar information.
- Category I: Professional or employment-related information.
Examples: Current or past job history or performance evaluations.
- Category J: Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).
Examples: Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.
- Category K: Inferences drawn from other personal information.
Examples: Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
We use the personal information that we collect or receive for the business purposes as described above. We may disclose the above listed categories of personal information to third parties for business purposes as described above. As previously mentioned in this Policy, we do not “sell” (as such term is defined in the CCPA) personal information.
You are entitled to the following specific rights under the CCPA in relation to personal information related to you:
You have a right to request that we will disclose certain information to you about our collection and use of personal information related to you over the past 12 months, including: (i) The categories of personal information that we collect about you; (ii)The categories of sources from which the personal information is collected; (iii) The purposes for collecting, using, or selling that personal information. (iv) The categories of personal information that we disclosed for a business purpose or sold, and the categories of third parties to whom we disclosed or sold that particular category of personal information. (v) The specific pieces of personal information that we have collected about you.
- You also have a right not to be discriminated against for exercising your rights under the CCPA.
You also have a right to submit your request via an authorized agent. If you use an authorized agent to submit a request to access or delete your personal information on your behalf, the authorized agent must: (1) be a person or business entity registered with the California Secretary of State to conduct business in California; (2) provide proof of such registration; and (3) provide documentation or other proof indicating that they are authorized to act on your behalf. We may also require you to verify your identity directly with us, and directly confirm with us that you provided the authorized agent permission to submit the request.
You have a right to request that we delete personal information related to you that we collected from you under certain circumstances and exceptions.
To make such requests, please contact us at firstname.lastname@example.org
We will verify your request using the information associated with your account, including email address. Government identification may also be required.
A request for access can be made by you only twice within a 12-months period. Any disclosures that we provide will only cover the 12-months period preceding receipt of your request. We do not charge a fee to process or respond to your verifiable User request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will inform you of the reasons for such a decision and provide you with a cost estimate before processing further your request.
11. Notice for Nevada Residents
Under Nevada law, certain Nevada residents may opt out of the sale of “personally identifiable information” for monetary consideration to a person for that person to license or sell such information to additional persons.
“Personally identifiable information” includes first and last name, address, email address, phone number, social security number, or an identifier that allows a specific person to be contacted either physically or online.
To opt out, please email us at email@example.com.
12. How do we respond to legal requests?
We may access, preserve and share your information in response to a legal request (like a search warrant, court order or subpoena) if we have a good faith belief that the law requires us to do so. This may include responding to legal requests from law enforcement agencies, courts, tribunals and government authorities. We may also access, preserve and share information when we have a good faith belief it is necessary to: detect, prevent and address fraud and other illegal activity; to protect ourselves, you and others, including as part of investigations; or to prevent death or imminent bodily harm. We also may retain information from accounts disabled for violations of our terms for at least a year to prevent repeat abuse or other violations of our terms.
13. Children Privacy
Protecting children's privacy is important to us, and therefore our App is not intended for children. We do not direct the App to, nor do we knowingly collect any personal information from, such children. If you are not of majority (or above) as per the law of jurisdiction that applies to you, you are not authorized to use our App without your parents/legal guardian’s prior express consent. If we learn that a child has provided personally identifiable information to us, we will use reasonable efforts to remove such information from its database. Please contact us at firstname.lastname@example.org if you believe we knowingly or unknowingly collected information described in this Section.
14. How can I withdraw my consent? (OPT-OUT)
If you sign up, you will automatically start receiving promotional emails and direct mail from us. If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at any time, by contacting us at email@example.com.
15. Governing law and Dispute Resolution
- Name: (please add name)
- Email: (please add an email)
17. Updates to this Policy
18. Welcoming of suggestions
Last updated on July 20, 2022.