Updated: January 1, 2023
Our Commitment to Your Privacy
Welcome to Vegpal, an application (the “App”) operated by Vegpal Inc (the “Company”).
“Company” means Vegpalapp LLC, 437 Lincoln Ave, PO Box 1437, Saugus, MA 01906, USA
“GDPR” means the General Data Protection Regulation Act. (This is a law that applies in the European Economic Area (EEA).)
“Data Controller” means the natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal information are, or are to be, processed. The Company is the Data Controller for the personal data you submit via the App.
“Data Processor” means any natural or legal person who processes the data on behalf of the Data Controller.
Data Subject is any living individual who is using our App.
Principles for Processing Personal Data
Our principles for processing personal data under the GDPR are:
● Fairness and lawfulness. When we process personal data, the individual rights of the Data Subjects must be protected. All personal data must be collected and processed in a legal and fair manner.
● Restricted to a specific purpose. The personal data of Data Subject must be processed only for specific purposes.
● Transparency. The Data Subject must be informed of how his/her data is being collected, processed and used.
● Accuracy. We take reasonable steps to ensure that personal data will be accurate, and that any mistakes are rectified or erased without delay.
● Storage Limitation. We will not keep personal data for longer than we need it. (However, we may keep anonymized data for an indefinite term.)
● Confidentiality and Integrity. We use appropriate measures to maintain the confidentiality and integrity of personal data.
What information do we collect?
When you install the App, you'll be asked to provide certain information about yourself, such as your name, phone number, email address, birthday, height, location, and photo(s).
Information Sent by Your Mobile Device
We collect certain information that your mobile device sends when you use our App, like a device identifier, user settings and the operating system of your device, as well as information about your use of our App and Services.
When you use our App, we may collect and store information about your location by converting your IP address into a rough geo-location or by accessing your mobile device’s GPS coordinates or coarse location if you enable location services on your device. We may use location information to improve and personalize our Services for you. If you do not want us to collect location information, you may disable that feature on your mobile device.
Where do we store your information?
Your information may be stored in our own servers or in servers owned by third-party cloud storage providers.
How do we use your information?
Information we collect from you might be used:
· To provide you with Services
· To notify you about changes to our App and Services
· To respond to your messages and comments
· To provide customer support
Legal Basis for Collecting and Processing Personal Data
Our legal basis for collecting and using the personal data described in this Policy depends on the personal data we collect and the specific context in which we collect the information:
· We need to perform a contract with you.
· You have given us permission to do so.
· Processing your personal data is in our legitimate interests.
· We need to comply with the law.
Please be aware that if you do not provide personal data we may be unable to provide some Services to you.
Do we transfer your data to other countries?
We may transfer to, and store the data we collect about you in, countries other than the country in which the data was originally collected, including the United States, Canada or other destinations outside the European Economic Area (“EEA”). Those countries may not have the same data protection laws as the country in which you provided the data. When we transfer your data to other countries, we will protect the data as described in this Policy and comply with applicable legal requirements providing adequate protection for the transfer of data to countries outside the EEA.
If you are located in the EEA, we will only transfer your personal data if:
· the country to which the personal data will be transferred has been granted a European Commission adequacy decision;
· the recipient of the personal data is located in the US and has certified to the US-EU Privacy Shield Framework; or
· we have put in place appropriate safeguards in respect of the transfer, for example we have entered into EU standard contractual clauses with the recipient, or the recipient is a party to binding corporate rules.
You may request more information about the safeguards that we have put in place in respect of transfers of personal data by email@example.com.
How long do we store your information?
We will retain your personal information only for as long as is necessary for the purposes set out in this Policy.
We will retain and use your information to the extent necessary to comply with our legal obligations, resolve disputes, and enforce our policies.
We intend to store some of your information and User Content indefinitely.
What about links to other websites?
We may provide links to or compatibility with websites. However, we’re not responsible for the privacy practices employed by those websites or the information or content they contain.
How do we protect your information?
We use appropriate physical, electronic, and other procedures to safeguard and secure the information we collect. However, please be aware that the Internet is an inherently unsafe environment, and that hackers are constantly working to defeat security measures.
Thus, we cannot guarantee that your information will not be accessed, disclosed, altered or destroyed, and you accept this risk.
How can you protect your information?
We urge you to take steps to keep your personal information safe by not sharing it with others or posting it online.
Do we disclose any information to outside parties?
We do not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information (PII) for commercial or marketing purposes.
We may share your PII with third-party processors, which can include:
· Providers of email management and distribution tools
· Providers of security and fraud prevention services
· Providers of date aggregation and analytics software
We will, if required by a valid court order, provide your personal information in a civil or criminal proceeding.
We will not share any PII that we have collected from or regarding you except as described below.
Information Disclosed in Connection with Business Transactions. If we are acquired by a third party as a result of a transaction such as a merger, acquisition or asset sale or if our assets are acquired by a third party in the event we go out of business or enter bankruptcy, some or all of our assets, including your PII, may be disclosed or transferred to a third party acquirer in connection with the transaction.
Information Disclosed for Our Protection and the Protection of Others. We cooperate with government and law enforcement officials or private parties to enforce and comply with the law. We may disclose any information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate: (i) to respond to claims, legal process (including subpoenas); (ii) to protect our property, rights and safety and the property, rights and safety of a third party or the public in general; and (iii) to stop any activity that we consider illegal, unethical or legally actionable activity.
The Company works with certain third-parties to provide specific functionality within the App.
By using the App, you also authorize the engagement of these third parties as sub-processors of your data.
If you object to the sub-processors’ handling of your data on the terms indicated at the links, please terminate your use of the App.
Entity Name: Firebase
Subprocessing Activities: Application development Software
Entity Country: USA
Entity Name: MongoDB
Subprocessing Activities: Cloud Service Provider
Entity Country: USA
You may contact these sub-processors directly to have any information they store about you erased.
Not Intended for Children
Our App is not intended for children under the age of 18. We do not knowingly or specifically collect information from or about children under the age of 18.
Notice for Minors
If you are under the age of 18, and If our App publicly displays your content, at any time you can delete or remove your content using the deletion or removal method within our App. If you have questions about how to remove your content, or you need assistance, you can contact us at firstname.lastname@example.org. Although we offer deletion capability, you should be aware that your removal of your content may not ensure complete or comprehensive removal of the content or information posted through the App, especially if it has been shared by others. Also, there may be circumstances in which the law does not require or allow removal even if requested.
Data Protection Rights
If you are a resident of the European Economic Area (EEA), you have certain data protection rights. If you wish to be informed what personal data we hold about you and if you want it to be removed from our systems, please contact us at email@example.com.
In certain circumstances, you have the following data protection rights:
· The right to be informed of your rights
· The right to access, update or to delete the information we have on you
· The right of rectification (to correct mistakes)
· The right to erasure (known as “the right to be forgotten”)
· The right to restrict processing of your data
· The right to data portability
· The right to withdraw consent
If you are resident in the European Economic Area and you believe we are unlawfully processing your personal information, you also have the right to complain to your local data protection supervisory authority. You can find their contact details here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.
If you wish to withdraw your consent to process your personal data, please contact us at firstname.lastname@example.org If you withdraw your consent, this will not make processing which we undertook before you withdrew your consent unlawful.