Effective Date: October 7, 2018
DESCRIPTION OF SERVICES
Societi is an online application that allows its users to match their wits, knowledge, and skills against other users while viewing popular television programs. When our users compete against each other in certain Challenges, they can win Rewards. We fund those Rewards and our other company functions and profit by selling certain portions of the Data that we gather to advertisers, networks, and other third parties. We only sell Data that has been anonymized in a manner that makes it impossible to relate the Data to you individually, but we may use other categories of data for our business purposes, as we describe in this PrivacyPolicy. The security and privacy of your personal data is important to us, and we agree to limit our use of the Data to the situations we describe here.
The Services are directed solely to persons 13 years of age or older. We do not knowingly gather Data from visitors who are under 13. If we become aware that we have gathered Data from a person under 13, then we will attempt to delete such Data as soon as possible, subject to our obligations under applicable law. If you believe that we have gatheredData from a person under 13, please contact us at firstname.lastname@example.org
INFORMATION WE COLLECT AND HOW WE USE IT
A. Registration Data
Data Description: Registration Data consists of the name, e-mail address, and other contact information you provide us using the Services, both when you register your account and thereafter. Registration Data also includes your username, membership type (e.g., ad-supported or paid membership), and membership end date.
Lawful Basis for Processing: Our lawful basis for processing Registration Data is our contract with you. We can only provide the Services to you if we have the Registration Data, so we need to store and access that Registration Data during the term of our contract.
How We Use It and Who We Share It With: Registration Data is accessible only by us. We use it only to provide the Services to you. At times, we will share the Registration Data with third parties at your request or to fulfill requests that you make to us.
B. Viewing Data
Data Description: Viewing Data consists of all the information we gather about you in the course of your use of the Services that relate specifically to the television programs you view and your interaction with those programs. Viewing Data includes the names of programs you watch and the times you watch, the programs with which you interact using the Services, the answers you provide, results of Challenges, and other data related to your engagement with the programs. Viewing is always anonymized before it is sold to any third party.
Lawful Basis for Processing: Our lawful basis for processing Viewing Data is (1) our contract with you and (2) our legitimate interest in improving our Services based on the Viewing Data we receive from you.
How We Use It and Who We Share It With: Your Viewing Data is accessible only to us, to you, and to the networks or advertisers who purchase it from us. We do not share it with other third parties, except at your specific request, but we may use Viewing Data to make inferences that help us provide and improve the Services. The Viewing Data is stored in an aggregated format that is not identifiable to any individual, and that aggregated information belongs solely to us. To the extent we are required to delete any Viewing Data about you, we may still retain aggregated and anonymized information that may have originated as your Viewing Data.
C. Usage Data
Data Description: Usage Data consists of the following and similar information:
Information about your interactions with the Services which includes the date and time of your use of the Services. This also may include details of your use of Third-Party Applications and advertising you receive.
Technical data which may include URL information, cookie data, your IP address, the types of devices you are using to access or connect to the Services, unique device IDs, device attributes, network connection type (e.g. WiFi, 3G, LTE, Bluetooth) and provider, network and device performance, browser type, language, information enabling digital rights management, operating system, and application version.
Motion-generated or orientation-generated mobile sensor data (e.g. accelerometer or gyroscope) required for the purposes of providing specific features of the Services, if any, to you.
Lawful Basis for Processing: Our lawful basis for processing Usage Data is (1) our contract with you and (2) our legitimate interest in improving our Services based on the Usage Data we receive from you.
How We Use It and Who We Share It With: Usage Data is accessible to us, to you, and to the advertisers and networks who purchase it from us. We do not share it with other third parties, except at your specific request, but we may use Usage Data to make improvements to the Services. The Usage Data is stored in an aggregated format that is not identifiable to any individual, and that aggregated information belongs solely to us. To the extent we are required to delete any Usage Data about you, we may still retain aggregated and anonymized information that may have originated as your Usage Data.
D. Payment Data
1. Data Description: Payment Data is the information necessary for us to process payments both to and from you. Payment Data will vary depending on the payment method you use (e.g. direct via your mobile phone carrier or by invoice) but will include information such as:
Credit or debit card type, expiration date, and certain digits of your card number;
Address and postal code;
Mobile phone number; and
Account number, routing number, andinstitution name for making payments to you
2. LawfulBasis for Processing: Our lawful basis for processing Payment Data is (1) our contract with you and (2) our legitimate interest in improving our Services based on the Payment Data we receive from you.
3. How We Use It and Who We Share It With: We only use Payment Data to facilitate payment, and we only communicate it to those parties who are strictly necessary for that purpose.
E. Supplemental Mobile Data
1. Data Description: Supplemental Mobile Data consists of the following and similar information:
Your precise mobile device location- If you give us permission to access your precise location, this enables us to access your GPS or Bluetooth to provide location-aware functionality in the Services. Please note that this does not include your IP address. We use yourIP address to determine non-precise location, for example, what country you are in to comply with our licensing agreements;
Your voice data – If you give us permission, this enables us to access the voice commands captured via your device microphone to enable you to interact with the Services with your voice.Please note you will always have the ability to turn off the microphone feature; and,
Your contacts – If you give us permission to access your contacts, this enables us to access individual contacts stored on your device to help you find friends who use the Services.
The Societi user profile includes age, gender, and other personal characteristics use for the purpose of delivering certain features.
Your photos – If you give us permission to access your photos or camera, we will only access images that you specifically choose to share with us and metadata related to those images, such as the type of file and the size of the image. We will never scan or import your photo library or camera roll.
2. Lawful Basis for Processing: Our lawful basis for processing SupplementalMobile Data is (1) our contract with you and (2) our legitimate interest in improving our Services based on the Supplemental Mobile Data we receive from you.
3. How We Use It and Who We Share It With: We only use Supplemental Mobile Data when you specifically authorize it, and we only share it with those parties who are strictly necessary for the purpose you have authorized.
SHARING YOUR INFORMATION
Except where a specific limitation is noted above, we may share your Data as follows.
At Your Instruction. If you request us to make your Data available to a third party, and such request furthers the purposes of our Services, we will do so.
Sharing with Vendors and Service Providers. In certain cases, we use the services of third-party vendors and service providers to assist us in providing the Services. We may share your Data with such vendors and service providers solely for that purpose, and we will require those parties to abide by our privacy policies.
Service Providers. We may sometimes use a third party to provide specific Services on our behalf, including sending e-mails to our members, conducting member surveys, processing transactions or performing statistical analysis of our Services. In these cases, we may provide certain personal information, such as your name and e-mail address and other financial information necessary for the service to be provided. However, these third parties are required to maintain the confidentiality of this information and are prohibited from retaining, sharing, storing or using this information for any other purposes.
Business Transitions. In the event that we go through a business transition, such as a merger, acquisition, liquidation or sale of all or a portion of our assets, the information we have about you will, in most instances, be part of the assets transferred. We reserve the right to transfer that information in connection with such transactions without notice to you.
Legal Disclosure. We may disclose your Information if required to do so by law or in the good faith belief that such action is necessary to conform to applicable law, comply with a judicial proceeding, court order or legal process served on us, protect and defend our rights or property, or investigate, prevent or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, or violations of our terms of service.
Publicly Disclosed Data. Certain items of Data are always publicly available, such as your username, people who follow you or whom you may consent to associate with through our application, and those you follow.
If we ever plan to use any Data in the future for any other purposes not identified above, we will only do so after obtaining your specific consent.
TECHNOLOGIES WE USE
The technologies we use for automatic Data collection may include the following:
Flash Cookies. Certain features of our Services may use local stored objects (or Flash cookies) to collect and store information about your preferences and navigation to, from and on our Services. Flash cookies are not managed by the same browser settings as are used for browser cookies.
Web Beacons. Pages of the Services and our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs. pixel tags and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an e-mail and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
YOUR CHOICES REGARDING OUR USE AND DISCLOSURE OF YOUR DATA
If you wish to opt-out of our sharing of your information with third parties for the third parties’ direct marketing purposes, or if you wish to receive marketing e-mails from us, please follow the instructions below. (Note that if you are a resident of theEuropean Union, we will never use your personal data for third-party marketing purposes unless you have clicked on a box online to expressly give consent for such use.)
Receiving electronic communications from us: If you no longer want to receive marketing-related emails from us on a going-forward basis, you may opt-out of receiving these marketing-related emails by sending a request for list removal to email@example.com
Our sharing of your Data with unaffiliated third parties for their (or their customers’) direct marketing purposes: If you would prefer that we do not share your information on a going-forward basis with unaffiliated third parties for their direct marketing purposes, you may opt-out of this sharing by emailing firstname.lastname@example.org from the email that you have signed up or used in receiving the Services.
We will try to comply with your request(s) as soon as reasonably practicable. Please also note that if you do opt-out of receiving marketing-related emails from us, we may still send you messages for administrative or other purposes directly relating to your use of the Services, and you cannot opt-out from receiving those messages.
SECURITY AND PRIVACY FOR EU RESIDENTS
For employees and other authorized users operating in their role as administrators or users of our services, our lawful basis is the legitimate interest we have in providing the services to you.
In turn, you, your employees, and your other authorized users agree to be bound by the provisions of the GDPR with respect to any personal data (“Data”) with which you come in contact using Services, including without limitation the personal data belonging to individuals with whom you communicate or whose personal data you access using the Services. Specifically, you agree that you, your employees, or other authorized users will:
A. Never access, process, transfer, view, use, or store any Data of any third party without express authorization, and then only for purposes directly related to fulfilling your contractual obligations under your agreement with any third-party (“Data Secrecy”);
B. Keep all Data strictly confidential and disclose Data only on a strict need-to-know basis to other employees or authorized users only as required for fulfilling an individual’s contractual obligations (“Confidentiality”);however, you agree that you shall not disclose or otherwise make accessibleData under any circumstances to anyone who has not been obliged to Data Secrecy and Confidentiality.
C. Ensure that your obligations of Data Secrecy and Confidentiality are observed forever, both during and after the expiration and/or termination of any agreement with us or any contractual relationship you may have with an employer or other party.
D. Upon our request to provide Company with satisfactory evidence that you have complied with your obligations of Data Secrecy and Confidentiality as set forth in this agreement.
The GDPR also requires us to take appropriate technical and organizational measures to protect the security of Data belonging to residents of Europe. We make commercially reasonable efforts to ensure the privacy and security of the Data of our European visitors and customers, and we are happy to give you a complete description of our most current efforts, if you will write us at email@example.com
The security of your Data is important to us. We use commercially reasonable efforts to store and maintain your Data in a secure environment. We take technical, contractual, administrative, and physical security steps designed to protect Data that you provide to us. We have implemented procedures designed to limit the dissemination of your Data to only such designated staff as are reasonably necessary to carry out the stated purposes we have communicated to you.
SHARING INFORMATION WITH THIRD PARTIES
ACCESS AND ACCURACY
You have the right to access the information we hold about you in order to verify the information we have collected in respect to you and to have a general account of our uses of that information. Upon receipt of your written request, we will provide you with a copy of your information, although in certain limited circumstances we may not be able to make all relevant information available to you, such as where that information also pertains to another user. In such circumstances we will provide reasons for the denial to you upon request. We will endeavor to deal with all requests for access and modifications in a timely manner.
We will make every reasonable effort to keep your information accurate and up-to-date, and we will provide you with mechanisms to update, correct, delete or add to your information as appropriate. As appropriate, this amended information will be transmitted to those parties to which we are permitted to disclose your information. Having accurate information about you enables us to give you the best possible service.
You can help by keeping us informed of any changes such as a change of your personal contact information. If you would like to access your information, if you have any questions, comments or suggestions of if you find any errors in our information about you, please contact us at firstname.lastname@example.org. If you have a complaint concerning our compliance with applicable privacy laws, we will investigate your complaint and if it is justified, we will take appropriate measures.