Effective: 03 June, 2023 Previous versions: 25 May, 2023
The following basic terms and definitions are to be used in this Policy:
The data controller of this App is the Company.
Contact details: email@example.com. Applicability and Acceptance of the Policy
This Policy defines the Personal Data, explains how Personal Data is collected, used, processed, and shared. Policy shall come into effect once accepted by the Personal Data subject.
In the event you disagree with any provision of this Policy or would not like your Personal Data to be processed, you should cease using the App immediately3. Data Processing Legal Grounds; Personal Data Use
We process your personal data under the following legal bases:
According to this legal basis we may, for example, send you marketing emails. You have the right to withdraw your consent by reaching out to us via the contact details indicated in this Policy.
Performance of contract obligations; Under this legal basis we:
We rely on legitimate interests in order to:
The legitimate interest we rely on for this processing is our interest to promote our Service in a measured and appropriate way.
The type of Personal Data we collect depends on how you are interacting with us. In many cases, you can choose whether or not to provide us with your Personal Data. However, but if you choose not to, you may not be able to use the App’s functionality to the full degree. When using the App, you provide us with the following types of Personal Data: (i) Personal Data you give us; (ii) Personal Data we collect automatically in the process of the App’s use; and (iii) Personal Data we obtained from other sources.
The App does not contain any links to other third-party websites or apps that may collect Personal Data about you, including through cookies or other technologies. If you use links submitted by other users via chat to visit other websites, apps or services this Policy will not apply to your use of, and activity on those other websites or apps. You should consult these other websites/apps privacy policies as we have no control over them and are not responsible for any information that is submitted to or collected by these third parties.
Personal Data you give us
You provide us information about yourself when you register for and/or use the Service, for example, your photo, email address, phone number, name, date of birth (age), gender, city, country, weight and height, attitudes towards drinking and smoking preferences, parental status. You can also submit optional information such as education, language skill, areas of interest, and fields of activity. This information will be public to the App users. We may also ask you to answer some questions relating to lifestyle and relationships.
You may also want to share some sensitive data, including your partner preferences, relationship expectations, etc.
By doing so you consent to such data being processed to the degree necessary for the Service’s use.
Additionally, we may offer you to use your social media accounts in order to log into the App. Thus, we will also process your social media ID. We can also ask you to provide some extra information in case we decide to conduct customer surveys and collect feedback on the satisfaction with the Service.
Personal Data We Collect Automatically
Some Personal Data can be collected in the process of the App’s use, including your URL, data obtained from your device (for example, language settings, IP address, location, time zone, type and model of a device, device settings, operating system, Internet service provider, mobile carrier, hardware ID, Spotify, VK ID, Google ID or Apple ID, content of social media posts).
Data obtained from other sources
When you decide to connect your profile in the App with your social media account (for example, Google, VK), we will get personal data from such social media accounts. This includes your name, user ID, profile picture, username, gender, age range, language, country, friend list, email address, and any other information you have made public.
Personal Data Sharing
Recipients we may share your data with may include, for example: - Payment service providers; - Marketing platforms; - Cloud storage providers.
We also use metric programs (Yandex.Metrica, Google Analytics) to measure traffic and analyze user behavior, which helps us to constantly improve our service
In addition, we may transfer aggregated, anonymized or pseudonymized information that cannot be used to identify a specific person by third parties, including the types of third parties listed above, for the purpose of performing or participating in statistical research and/or reports.
Twinby is a global Platform, which means that we work with the data of our users all over the world and can transfer this data to other countries, inter alia, for the purposes of enhancing and updating the services Twinby and its affiliates provide. Additionally, such transfers can also take place within the framework of research Twinby and its affiliates perform. Regardless of the nature of such transfers, they will only be performed on legal grounds in a secure way. Before such a transfer, we will bind the recipients to adopt adequate measures in case it’s required by the law.
We may also transfer your personal data to countries outside the European Economic Area ("EEA"). Including countries which have different data protection standards to those which apply in the EEA.
If this should happen, special safeguards are foreseen to ensure that the protection travels with the data. These safeguards include entering into a contract incorporating the standard data protection clauses adopted by the Commission ("standard contractual clauses") or adopting any of the other instruments set out in the GDPR.
In some cases, for the purposes of the App’s development, its work’s optimization and enhancing its functionality, we can share some of your personal data with our partners, vendors and/or other third parties.
We guarantee that for the purposes of ensuring your personal data’s confidentiality and their processing’s safety, such processing will only be carried out in accordance with the applicable legislation.
Other than the provisions above in case such transferring is partially or entirely carried out in states not ensuring an adequate level of personal data protection from the perspective of applicable legislation, such transferring shall only be performed in accordance with all the provisions of the law and only in case there are applicable and solid legal grounds.5.Protection of Personal Data. Security Measures
We take appropriate security, administrative and technical measures to protect any Personal Data you provide regarding the collection, storage and processing of Personal Data, as well as security measures to protect your Personal Data against unauthorized access, modification, disclosure or destruction.
Personal Data is safeguarded from unauthorized access and unlawful processing or disclosure, as well as accidental loss, modification or destruction, through state-of-the-art technical and organizational measures. These are adjusted and updated continuously paired with technical developments and organizational changes. Additionally, Personal Data protection audits and other control measures are carried out on a regular basis. While we take reasonable precautions against possible security breaches, member database and records no service or internet transmission is completely secure and we cannot guarantee that unauthorized access, hacking, data loss, or other breaches will never occur. We urge you to take steps to keep your personal data safe and to log out of your account after use. If you or another service provider that you use suffer a data breach and you have used the same credentials with that service provider as you have with Twinby, your personal data may be compromised. If that happens, please report it to firstname.lastname@example.org.Retention of Information
Right to access
You have the right to obtain from the controller confirmation as to whether or not personal data are being processed by Twinby, and, where that is the case, access to the personal data and the following information: (i) the purposes of the processing; (ii) the categories of personal data concerned; (iii) the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations; (iv) where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period; (v) the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing; (vi) the right to lodge a complaint with a supervisory authority; (vii) the existence of automated decision-making, including profiling, and meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
Right to rectification
If you consider your personal data are inaccurate or incomplete, you have the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her. Your right to rectification only applies to the personal data you have provided to Twinby and not to data resulting from Twinby actions (e.g. performance reviews). Right to erasure To the extent legally admissible, you have the right to obtain from Twinby the erasure of your personal data without undue delay and Twinby shall have the obligation to erase personal data without undue delay where one of the following grounds applies: (i) the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed; (ii) you have withdrawn consent on which the processing is based according to point (a) of Article 6(1) GDPR, or point (a) of Article 9(2) GDPR, and where there is no other legal ground for the processing; (iii) you have objected to the processing pursuant to Article 21(1) GDPR and there are no overriding legitimate grounds for the processing, or you have objected to the processing pursuant to Article 21(2) GDPR; (iv) the personal data have been unlawfully processed (v) the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which Twinby is subject; (vi) the personal data have been collected in relation to the offer of information society services. Right to erasure does not apply if the processing is (i) for exercising the right of freedom of expression and information; (ii) for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; (iii) for reasons of public interest in the area of public health in accordance with points (h) and (i) of Article 9(2) GDPR as well as Article 9(3) GDPR; (iv) for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) GDPR in so far as the right referred to in paragraph 1 is likely to render impossible or seriously impair the achievement of the objectives of that processing; or (v) for the establishment, exercise or defence of legal claims. After the exercise of the right of erasure in the terms legally admissible your personal data will be deleted. Right to restriction of processing You shall have the right to obtain from the controller restriction of processing where one of the following applies: (i) the accuracy of the personal data is contested, for a period enabling the controller to verify the accuracy of the personal data; (ii) the processing is unlawful and you have opposed to the erasure of the personal data and have requested the restriction of their use instead; (iii) the controller no longer needs the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims; (iv) you have objected to processing pursuant to Article 21(1) pending the verification whether the legitimate grounds of the controller override yours. Right to data portability You have the right to receive your personal data provided by you, in a structured format, in common use and automatic reading. You also have the right to ask Twinby to transmit this data to another controller, as long as this is technically possible, where applicable under Article 20 GDPR. Right to object You shall have the right to object, on grounds relating to your particular situation, at any time to processing of personal data which is based on point (e) or (f) of Article 6(1), including profiling based on those provisions. Twinby shall no longer process the personal data unless it demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims. Right to lodge complaints with the supervisory authority You have the right to file complaints with the competent supervisory authority regarding matters related to the processing of your personal data.8.Children's Privacy
The minimum age of the App’s users must be at least 18 years. The Company will not knowingly collect Personal Data from individuals under this age.9.Amendments to the Policy
Should you have any requestions regarding this Policy in general or any personal data processing procedure Twinby carries out, please don’t hesitate to reach out to us via email@example.com