Privacy policy

Date of publication
February 20, 2019
Latest version
https://www.undoze.com/privacy
General
Protecting your privacy and keeping your personal information safe is our highest priority. This privacy statement (“privacy policy” or “policy”) is designed to help you better understand how and to what extent we collect, use, disclose, transfer and store your information.
The policy applies to our websites, mobile apps, software applications, products and services, collectively referred to as “services”.
This privacy policy governs your use of our services regardless of the domain names, operating systems, platforms or devices that are used to access the services, and regardless of whether such access is in connection with an account or not.
As a condition for your use of our services as a customer, user or visitor (collectively referred to as a “user” or as your “use”), you consent to the terms of this policy and you agree that your personal information will be handled as outlined below.
Our principles
We never sell, rent out or trade any of our user’s personal information with third parties for commercial purposes.
We always collect only the minimum amount of personal information necessary to provide our services to you, unless you choose to provide more such information voluntarily.
We encourage you to give us, and, more generally, any provider of digital services, only the amount of data you are comfortable sharing. If in doubt, rather do not share sensitive information.
We offer you simple ways to view, update or delete the data we have collected about you.
Children’s Online Privacy Protection
None of our services are designed for, intended to attract, or directed towards children under the age of 16.
We never knowingly collect any information from children under 16. If you are a child below that age, you may not use any of our services.
If we have any plausible reason to believe that you are a user who is under the age of 16, we will have to prohibit you from continuing your use of our services.
Should you believe that we might have any personal information of a child under the age of 16, in particular a child of your own, please contact us so that the data in question can be deleted, if appropriate. For our contact information, please see further below.
Cookies
Cookies are minimal text files that contain small amounts of data. They are transferred from our servers to your device through your web browser or app. Your web browser or app then sends these small text files back to us whenever you access our services.
These cookies do not necessarily contain any personal or identifying information. They are, however, commonly used to store a unique identifier for every individual user, so that our servers do not lose information on who you are while you are moving through the individual parts of our services.
We may use cookies and similar technologies, such as “Web Storage” (specifically “localStorage”) and “Internal Storage”, to make interactions with our services more convenient, efficient and secure. For example, we may use these technologies to keep you signed in and to remember your preferences with regard to our services.
As such, cookies and the related technologies are essential for the operation of our services. You therefore consent to our use of cookies and related technologies when using our services. Without these technologies, use of our services would not be reasonably possible.
Your web browser or operating system usually provides means to delete such data currently stored on your device. They may even provide methods to disable the use of such technologies completely. You are welcome to make use of these settings and features of your web browser or operating system, but that may prevent our services from working correctly for you. For more information on how to delete such data currently stored on your device, please refer to the manual or help section of your web browser or operating system.
Information we collect and why we collect it
Server logs
Whenever you access our services, including your access of any individual part or section of our services, we record certain information about the nature of your access. That information is never combined with information from other data sources and will not be associated with the identity of any account. However, we reserve the right to review the data retrospectively if there is specific evidence supporting the suspicion of a case of fraud or any other illegal activity or illegal use of our services.
Required: yes
Lawful basis: legitimate interests
We use this information for the provision, maintenance and administration of our services and to monitor and protect the security of our services.
HTTP request method for each access
Required: yes
Maximum retention time: 14 days
HTTP status code for each access
Required: yes
Maximum retention time: 14 days
Internet Protocol (IP) address for each access
Required: yes
Maximum retention time: 14 days
Referring site (URL) for each access
Required: yes
Maximum retention time: 14 days
Amount of data transferred for each access
Required: yes
Maximum retention time: 14 days
Date and time for each access
Required: yes
Maximum retention time: 14 days
Requested page (URL) for each access
Required: yes
Maximum retention time: 14 days
User-agent string for each access
Required: yes
Maximum retention time: 14 days
Mandatory disclosure
Laws in the jurisdictions that we operate in may obligate us to disclose certain personal information or other information that we collect about our users to local law enforcement authorities.
We may be compelled to such disclosure in response to a court order, a warrant or a similar request by a judicial body or a government agency, or when we believe in good faith that the disclosure is reasonably necessary to protect our rights or property, that of any third party, or the safety of the general public.
In any case, we will provide data only to the extent necessary to satisfy the request, and, whenever possible and legally permitted, we will make a reasonable effort to notify affected users of any such disclosure.
Retention and deletion of data
We will retain certain pieces of personal information for as long as you use our services, as long as your account exists, or as long as needed for us to be able to provide our services to you.
In order to prevent loss of data due to human errors or system failures, we keep additional backup copies of data, as most companies and service providers do, which may include some of your personal information. This means that parts of your personal information may temporarily remain on our servers even after deletion or termination of your use of our services.
We may retain and use your personal information and data as necessary to comply with our legal obligations, to resolve disputes, and to enforce our rights and agreements.
Service providers, contractors and agents
From time to time, we may share some information we have collected from you, including personal information, with a limited number of third-party vendors, service providers, contractors, resellers, agents or business partners, solely for the purpose of performing certain functions on our behalf.
Such third parties help us provide and improve our services. Functions performed by them on our behalf may include payment processing, network data transmission, fraud prevention, customer support management and similar services.
These third parties do not have any right to use the information that we share about you beyond what is necessary to assist us with the specific task at hand.
International data transfers
Some of our external service providers and recipients of personal data are based outside your country and outside our country. This means that the processing of your personal data by those third parties involves an international transfer of your data to a third country. Such third countries may have data protection rules that are different from those in your or our country.
Thus, for any international transfer of data, we ensure that appropriate technical, organizational and contractual measures are in place to guarantee that a similar degree of protection is afforded to your data internationally and that your personal data remains protected to the standards described in this policy.
We verify that at least one of the following safeguards is implemented:
The country of the recipient has been deemed to provide an adequate level of protection for personal data by the European Commission.
The recipient is certified as part of the EU-US and Swiss-US Privacy Shield Frameworks.
Standard Contractual Clauses, as adopted by or approved by the European Commission, are in place.
The recipient has Binding Corporate Rules that guarantee the protection of personal data.
Please contact us if you want further information on the specific mechanisms used by us when transferring your personal data internationally.
Mergers and acquisitions
If we are involved in a merger, an acquisition by another company, or a sale of all or a portion of our business or assets, your information will likely be among the assets transferred.
If any such change of ownership happens, the organization receiving your personal information will have to respect the promises that we have made in any pre-existing privacy policy such as this one.
You will be notified via a prominent notice within our services or by email to the primary email address specified in your account at least 30 days before any such transfer of your personal information. This notification will include help on choices you may have regarding the transfer and treatment of your personal information.
How we secure your information
We take the trust that you place in us very seriously. We have therefore implemented all measures reasonably necessary to protect the personal information of our users from unauthorized access, modification, deletion, disclosure or other misuse.
We follow generally accepted industry standards to protect the data submitted to us, both during transmission and after we have received it, and continue to expand our protections as becomes necessary with changing technology.
In particular, all connections to and from our services are encrypted using Secure Sockets Layer (SSL) and Transport Layer Security (TLS) technologies.
However, please be aware that, despite our best efforts, no method of electronic transmission or storage is perfectly secure and no measures can guarantee absolute security. Hardware or software failure as well as other factors may compromise the security of user information, as is the case with all other providers of digital services.
Apart from that, please recognize that protecting your personal information is, in other parts, also your own responsibility. Especially, you are responsible for safeguarding any passwords and other authentication information that you use to access our services, as well as limiting physical access to the devices used.
You should never disclose your authentication information to any third party and you should notify us immediately of any unauthorized use of your account.
Links to external websites, applications and products
Some parts and sections of our services may contain external links to websites, applications or products owned by and operated by third parties.
We advise you to verify the privacy practices of those third parties individually. We have no knowledge about and are not responsible for the way that those third parties handle any personal information which you provide to them yourself.
We encourage you not to provide any personal information to those third parties before assuring yourself of proper privacy practices on their part.
Your rights
Except as limited under applicable law, you have the following rights with regard to your personal data:
Access your personal data
You have the right to be informed of and request access to the personal data we process about you.
Update your personal data
You have the right to request that we amend or update your personal data where it is inaccurate or incomplete.
Erase your personal data
You have the right to request that we delete your personal data.
Restrict the use of your personal data
You have the right to request that we temporarily or permanently stop processing your personal data.
Export your personal data
You have the right to request a copy of your personal data in electronic and machine-readable form, and the right to transmit that personal data to another service provider.
Object to direct marketing
You have the right to object to your personal data being processed for direct marketing purposes.
Object to the use of your personal data
You have the right to object to us processing your personal data on grounds relating to your particular situation where we no longer have a legitimate reason or legal need to process it.
Object to automated decision-making
You have the right not to be subject to a decision based solely on automated decision-making, including profiling, where the decision would have a legal effect on you or produce a similarly significant effect.
If you have any questions regarding the protection of your data, your rights, or how to exercise them, please contact us. For our contact information, please see further below. Upon verification of your identity, we will respond to your request within a reasonable period of time.
If you are unsatisfied with our response or with the way we are processing your personal data, you may contact your local data protection authority. You may also contact the data protection authority that is responsible for us:
Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen
You are free to file a complaint with the data protection authority.
Changes to this privacy policy
We may change this privacy policy from time to time. Most changes will presumably be minor only and will therefore not affect your rights.
Should there be any substantial changes to this policy with material effects on any of your rights or choices, you will be notified via a prominent notice within our services or by email to the primary email address specified in your account at least 30 days prior to such changes taking effect. This notification will include help on choices you may have regarding the treatment of your personal information.
For any less significant changes to this privacy policy that do not affect your rights or choices in a material way, we encourage all users to check this policy for updated versions periodically.
In general, the applicable version of this policy is the one that is current at the time of your access of our services.
Contact information of the controller
If you have any questions or concerns regarding this policy, our privacy practices or certain aspects of our services, please contact us at any time. We want to help and will be happy to address your concerns. We are responsible for the processing of personal data under this policy.
Click to listen to an accessible audio version