Effective date: October 22, 2019
In order for us to be able to provide the services available on our Website and Services, and to meet any of our related business obligations, you must provide the personal data that is required to do so. Without that data, we are not in a position to do so.
We may also obtain information from other sources and combine that with information we collect through the Website and Services. For example, we may collect information about you from third parties who provide services on our behalf, such as maintaining and monitoring usage of the Website and Services and processing payment transactions.
We may use information about you for various purposes, including the following:
This policy is not intended to place any limits on what we do with data that is aggregated and/or de-identified so it is no longer associated with an identifiable user of the Website or Services. For example, we may use user data to generate, among other things, statistics about users, their profession or industry, or the demographic distribution of users.
Security of all personal data of our users is a primary concern of ours. Thus, we have adopted reasonable security measures to protect the security of our users’ information. We use, where appropriate, industry standard encryption technology utilizing HTTPS protocol and computer server firewalls when transferring and receiving data exchanged with this Website. Passwords are hashed prior to their being stored, so that no plaintext passwords are stored by us. Credit card information is sent directly to our third party payment processor, which processes the payments. The only credit card information that we store are the last four digits of your card’s number, the brand of your card, and the card’s month and year of expiration. Nevertheless, we cannot guarantee complete security of your information inasmuch as no security systems are foolproof. It is also important for you to protect against the unauthorized access to your information as well as to your computer.
We do not seek to collect sensitive Personal Information (also known as special categories of data as defined in Article 9 of the GDPR). If we do so we will always collect the data in accordance with applicable data privacy requirements. If you choose to provide us with unsolicited sensitive Personal Information, you will be asked to consent to our processing of such data on a case-by-case basis by using a specific express consent form.
We will retain your Personal Information for the period of time that is necessary to fulfil the original purposes for which it has been collected. Please keep in mind that, in certain cases, a longer retention period may be required or permitted by law or to allow us to pursue our business interests, conduct audits, comply with our legal obligations, enforce our agreements or resolve any dispute.
The criteria used to determine our retention periods include:
Please note that we are not responsible for storing any information that you provide to us or for any content or information that we provide to you. You are solely responsible for retaining backup files of any information and content that you provide or receive in connection with the Website or Services.
When you sign up to our Website, you agree to receive mobile.fan notifications and promotional e-mails as well as other e-mail special offers. If you change your mind and no longer wish to receive our e-mails, you may opt out at any time simply by sending us an e-mail or by clicking on the unsubscribe link.
When you access or use the Website or Services, we automatically collect information about you, including some or all of the following:
mobile.fan does not own or control any servers or databases. As a result, personal data is only stored on third-party servers, which act as data processors. The data is stored on a dedicated MongoDB Atlas database service hosted by AWS in the U.S. As to your data, it is collected in order to set you up with an Account and to provide the services for which you are contracting. As to your client’s data, it is collected in order to send messages to them. Any additional information that you may upload is stored to be used as merge fields (dynamic variables that get replaced in text messages). The server that runs our application, but does not actually store any data, is hosted by Heroku in the U.S. Twilio, which sends and receives your messages and manages your client’s phone numbers, and thus may need to store some data in order to know who to send the messages to, is located in the U.S. Stripe collects your credit card information for the purpose of collecting payments for our services. The personal data is stored on all of these servers until it is requested to be deleted or until your entire account is deleted, but some data may be retained beyond that time to the extent that the data processors are obliged or authorized to do so in accordance with applicable laws and regulations and/or as necessary to protect their legal rights or for certain business requirements.
You have the right, at any time, to withdraw your consent to the processing of your personal data. The withdrawal of your consent will not affect or invalidate the lawfulness of any data processing based upon your original consent that occurred prior to your withdrawal of that consent.
You have the right, in certain situations and, with respect to the CCPA, upon our receipt of a verifiable request from you, to have your personal data corrected, erased, to terminate the further dissemination of your personal data, or to have third parties cease processing your personal data. In the event that you desire to revoke your previously granted consent to our Website collecting any personal data, and/or wish to have such information corrected, amended or deleted, and/or to terminate the further dissemination of your personal data or to have third parties cease processing your personal data, you can do so by contacting us at: Dmitry Petrov, Seer Assets, LLC, 3753 Hylan Blvd. Staten Island, NY, 10308, [email protected]
You are entitled to receive a copy of your personal data free of charge so long as your request is not manifestly unfounded or excessive. With respect to the CCPA, you are entitled to receive, within 45 days of our receiving a verifiable request from you, a copy of your personal information that we have collected in the past twelve months, which may be delivered either by mail or electronically. The 45 day time period can be extended for an additional 45 days upon written notice to you. We are not required to provide such personal information to you more than twice in a twelve month period. With respect to the GDPR, we must provide the requested information within one month of our receipt of your request, which time period can be extended by two additional months if necessary, so long as we inform you of the extension within one month of receiving your request and of the reasons for the delay. In addition, California law permits users who are California residents to request and obtain from us once a year, free of charge, a list of the third parties to whom we have disclosed their personal information (if any) for their direct marketing purposes in the prior calendar year, as well as the type of personal information disclosed to those parties. If you are a California resident and would like to request this information, please submit your request in an email to [email protected]
We may transfer Personal Information that we collect from you to third-party data processors in countries that are outside the United States. For example, this might be required in order to fulfil your order, process your payment details or provide support services. If we do this, we have procedures in place to ensure your data receives the same protection as if it were being processed inside the United States. For example, our contracts with third parties stipulate the standards they must follow at all times. If you wish for more information about these contracts please contact our compliance department. Any transfer of your Personal Information will follow applicable laws and we will treat the information under the guiding principles of this Privacy Notice.
By using our services or providing your Personal Information to us, you expressly consent to the processing of your Personal Information by us or on our behalf. Of course, you still have the right to ask us not to process your data in certain ways, and if you do so, we will respect your wishes.
Sometimes we’ll need to transfer your Personal Information between countries to enable us to supply the Services you’ve requested. In the ordinary course of business, we may transfer your Personal Information from your country of residence to ourselves and to third parties located in and outside the United States.
By dealing with us, you are giving your consent to this overseas use, transfer and disclosure of your Personal Information outside your country of residence for our ordinary business purposes.
This may occur because our information technology storage facilities and servers are located outside your country of residence, and could include storage of your Personal Information on servers in the United States or in other countries.
We’ll ensure that reasonable steps are taken to prevent third parties outside your country of residence using your Personal Information in any way that’s not set out in this Privacy Notice. We’ll also make sure we adequately protect the confidentiality and privacy of your Personal Information.
To the extent that we may collect your personal data for the purposes of conducting profiling or direct marketing, you have the right to object to the processing of your personal data for those purposes. In the event that you object to processing for those purposes, we will no longer process your personal data for those purposes. Please note that even if you opt out from receiving marketing communications, we may still send you administrative communications, such as technical updates for our Services, order confirmations, notifications about your Account activities, and other important notices.
You have the right to receive your personal data in a commonly used and machine-readable format and to have your personal data transmitted to another information technology environment if it is technically feasible to do so.
We do not respond to web browser “do not track” signals. As a result thereof, any navigation of our Website may be tracked as part of the gathering of quantitative user information described above. If you arrive at our Website through the use of a link originating from a third party site that responds to “do not track” requests, the recognition of any “do not track” request you may have initiated will end upon your reaching our Website.
mobile.fan will not discriminate, provide different services or suggest that it will discriminate against any California resident exercising their rights under the CCPA.
In the event of a data breach that is likely to result in a risk to your rights and freedom, within 72 hours of our becoming aware of the breach we are required by the GDPR to report it to you and the appropriate authorities.
You have the right to lodge a complaint with the appropriate supervisory authority (Data Protection Authority) of a member state of the EU that is your habitual residence, your place of work, or the place of the alleged infringement of your rights.