We request in the terms and conditions that users answer yes to 7 questions, if the user does not answer yes to all of these, which include tracking location, enabling gps, wifi and check-in, we block usage of the app, so we guarantee that user has given his consent, before we let people use the app.
The questions are as follows:
- Do you agree that we collect your email and a user name? we only use your email for password recovery cases, and you will only be identified by username and profile picture (if uploaded) in Craft Beer Finder to other users.
- Do you accept that we register your visits to bars, and check you in? We only use you check-ins to give you points and participae in our king of the Bar competition.
- Do you accept we track your precise location (e.g., GPS-level) data, such as latitude, longitude, altitude, speed, heading, this is needed to give you route information and check you into bars so you can win points. We share this data with Location providers such as Google.
- Do you accept we enable your wifi and gather network information and nearby wifi access points (including SSIDs, BSSIDs, signal strengths, and frequencies and IP addresse plus nearby Bluetooth beacons (including scan data and signal strengths) ? We need this information to better establish your location.
- Do you agree that we gather your mobile advertising identifiers (e.g., Apple IDFAs and Google/Android advertising IDs); This does not get any personal information but only an id that we use to serve you ads.
- Do you agree that we get your device information (e.g., device make, device model, and operating system version) and time zone information? We need this data in order to use the location service which comes in the app.
- Do you agree that we get your privacy preferences? We need this in order to use the location service which is used in the app.
We do not display the user’s realtime location to other users, we only register when users enters into a geofence, and if the user stays longer than 15 minutes in the same location, we check in the user. other users can only see can only see information about another in the system if they follow the user and the user has made reviews at a given bar, users only see a username, we do not disclose any personal information to other users in the app.
Craftbeer Admins do not have access to personal information except username in our system.
We gather various types of Personal Data from our users, as explained in more detail below, and we use this Personal Data internally in connection with our Services, including to personalize, provide, and improve our services, to allow you to set up a user account and profile, to contact you and allow other users to contact you, to fulfill your requests for certain products and services, and to analyze how you use the Services. In certain cases, we may also share some Personal Data with third parties, but only as described below.
If you are a resident of the European Union (“EU”), United Kingdom, Lichtenstein, Norway, or Iceland, you may have additional rights under the EU General Data Protection Regulation (the “GDPR”) with respect to your Personal Data, as outlined below. Radar Labs, Inc. may be the controller of your Personal Data processed in connection with the Services. If you have any questions about this section or whether any of the following applies to you, please contact us at msommer@Craftbeerfinder.com. Note that we may also process Personal Data of our customers’ end users in connection with our provision of services to customers, in which case we are the processor of Personal Data. If we are the processor of your Personal Data (i.e., not the controller), please contact the controller party in the first instance to address your rights with respect to such data.
2. End User Information
We refer to the information we collect from End Users automatically through our Services on behalf of our Clients as the “SDK Information.” We only use SDK Information to provide the Services to our Clients, and for no other purpose. We will not sell or provide access to your SDK Information to any third party without your consent. The SDK Information may include, without limitation, the following types of data, some of which may be Personal Data:
Precise location (e.g., GPS-level) data, such as latitude, longitude, altitude, speed, heading
Mobile advertising identifiers (e.g., Apple IDFAs and Android advertising IDs)
Network information and connected wifi access points (e.g., connected SSIDs, BSSIDs, and signal strengths)
Device information (e.g., device make, device model, and operating system version)
Time zone information
We may additionally share the SDK Information with third parties in the following ways:
We share the SDK Information with our Clients in order to provide our Services to them.
We may share the SDK Information with the End User that is the subject of the SDK Information, upon Client’s request.
We share the SDK Information with our integration partners on Client’s behalf and request in order to provide the Services to our Clients.
3. Information We Collect From You
If you are a Client, we collect your Personal Data when you sign up, and register for, the Services (“Client Information”). The Client Information may include, without limitation, the following types of data, some of which may be Personal Data:
First and last name
Web browser information
Page view statistics
Transaction information (e.g., transaction amount, date and time such transaction occurred)
Cookies and other tracking technologies (e.g. web beacons, pixel tags, SDKs, etc.)
Log data (e.g., access times, hardware and software information)
4. How We Use Your Personal Data
We process Client Information to operate, improve, understand and personalize our Services. For example, we use Client Information to:
Create and manage Client profiles
Communicate with you about the Services
Contact you about Service announcements, updates or offers
Provide support and assistance for the Services
Personalize website content and communications based on your preferences
Meet contract or legal obligations
Respond to Client inquiries
Fulfill Client requests
Comply with our legal or contractual obligations
Protect against or deter fraudulent, illegal or harmful actions
Enforce our Terms
We will only process your Client Information if we have a lawful basis for doing so. Lawful bases for processing include consent, contractual necessity and our “legitimate interests” or the legitimate interest of others, as further described below.
Contractual Necessity: We process the following categories of Client Information as a matter of “contractual necessity”, meaning that we need to process the data to perform under our Terms of Service with you, which enables us to provide you with the Services. When we process data due to contractual necessity, failure to provide such Client Information will result in your inability to use some or all portions of the Services that require such data.
First and last name
Legitimate Interest: We process the following categories of Client Information when we believe it furthers the legitimate interest of us or third parties.
Examples of these legitimate interests include:
Operation and improvement of our business, products and services
Marketing of our products and services
Provision of customer support
Protection from fraud or security threats
Compliance with legal obligations
Completion of corporate transactions
Consent: In some cases, we process Personal Data based on the consent you expressly grant to us at the time we collect such data, for example marketing and promotional emails. When we process Personal Data based on your consent, it will be expressly indicated to you at the point and time of collection.
Other Processing Grounds: From time to time we may also need to process Personal Data to comply with a legal obligation, if it is necessary to protect the vital interests of you or other data subjects, or if it is necessary for a task carried out in the public interest.
5. With Whom We Share Your Personal Data
Analytics service providers
Email marketing and management service providers
Customer support providers
Hosting service providers
We also share Client Information when necessary to complete a transaction initiated or authorized by you or provide you with a product or service you have requested. In addition to those set forth above, these parties also include:
Third party business partners who you access through the Services
Other parties authorized by you
We also share information with third parties when you have given us consent to do so (as indicated at the point such information is collected). We also share Personal Data when we believe it is necessary to:
Comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies
Protect us, our business or our users, for example to enforce our terms of service, prevent spam or other unwanted communications and investigate or protect against fraud
Maintain the security of our products and services
Last, we share Personal Data with our affiliates or other members of our corporate family.
Furthermore, if we choose to buy or sell assets, user information is typically one of the transferred business assets. Moreover, if we, or substantially all of our assets, were acquired, or if we go out of business or enter bankruptcy, user information would be one of the assets that is transferred or acquired by a third party, and we would share Personal Data with the party that is acquiring our assets. You acknowledge that such transfers may occur, and that any acquirer of us or our assets may continue to use your Personal Data as set forth in this policy.
6. Consumer Control and Opt Out Options
End Users can opt out of sharing their location by turning off location services. On iOS, go to Settings > Privacy > Location Services. On Android, go to Settings > Location. When you opt out of location sharing, the Services no longer collect any location based-data from your device.
End Users can also opt out of sharing their mobile advertising identifiers. On iOS, go to Settings > Privacy > Advertising and turn on “Limit Ad Tracking.” On Android, go to Settings > Google > Ads and turn on “Opt Out of Ads Personalization.”
If End Users opt out of sharing the aforementioned data with us, please note that the Services provided may be affected and some features may be unavailable.
Please note that the instructions above may change.
8. Data Access and Retention
You can contact us at firstname.lastname@example.org if you have any other questions about access to, or correction or deletion of, your Personal Data or SDK Information.
9. Personal Data of Children
As noted in the Terms, we do not knowingly collect or solicit personal information from anyone under the age of 13. Please do not send any personal information about any children under the age of 13 to us. If we learn that we have collected personal information from a child under age 13, we will delete that information as quickly as possible. If you believe that a child under 13 may have provided us personal information, please contact us at email@example.com.
10. Data Security
We have administrative, technical, and physical safeguards in place in our physical facilities and in our computer systems, databases, and communications networks that are intended to protect information contained within our systems (including SDK Information) against unauthorized loss, misuse, or alteration. However, no method of electronic transmission or storage is 100% secure. Therefore, we cannot guarantee absolute security of your personal information and other information and data.
11. Third-Party Websites and Applications
12. EU Residents
If you are a resident of the European Union (“EU”), United Kingdom, Lichtenstein, Norway, or Iceland, you may have additional rights under the EU General Data Protection Regulation (the “GDPR”) with respect to your Personal Data, as outlined below.
For this section, we use the terms “Personal Data” and “processing” as they are defined in the GDPR, but “Personal Data” generally means information that can be used to individually identify a person, and “processing” generally covers actions that can be performed in connection with data such as collection, use, storage and disclosure. Company will be the controller of your Personal Data processed in connection with the Services.
What Personal Data Do We Collect From You? Please see the Section “Information We Collect From You” above for details of the Personal Data we collect.
Information we collect directly from you: We receive Personal Data directly from you when you provide us with such Personal Data.
How Do We Use Your Personal Data? Please refer to the Section “With Whom We Share Your Personal Data” above for details on how we use and process your Personal Data.
How Long Do We Retain Your Personal Data? We retain Personal Data about you for as long as you have an open account with us or as otherwise necessary to provide you Services. In some cases we retain Personal Data for longer, if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, or is otherwise permitted or required by applicable law, rule or regulation. Afterwards, we retain some information in a depersonalized or aggregated form but not in a way that would identify you personally. We also may retain your information during the period of time needed for us to pursue our legitimate business interests, conduct audits, comply with our legal obligations, resolve disputes and enforce our agreements. The personal data we store is stored within the EU.
What Rights Do You Have Regarding Your Personal Data? You have certain rights with respect to your Personal Data, including those set forth below. For more information about these rights, or to submit a request, please contact us at firstname.lastname@example.org. Please note that in some circumstances, we may not be able to fully comply with your request, such as if it is frivolous or extremely impractical, if it jeopardizes the rights of others, or if it is not required by law, but in those circumstances, we will still respond to notify you of such a decision. In some cases, we may also need to you to provide us with additional information, which may include Personal Data, if necessary to verify your identity and the nature of your request.
Access: You can request more information about the Personal Data we hold about you and request a copy of such Personal Data. You can also access certain of your Personal Data by going into your account and going into the account settings and preferences tab and adjust your preferences and see our Personal Data.
Rectification: If you believe that any Personal Data we are holding about you is incorrect or incomplete, you can request that we correct or supplement such data. You can correct some of this information directly by going into your account and going into the account settings and preferences tab and adjust your preferences and see our Personal Data.
Erasure: You can request that we erase some or all of your Personal Data from our systems.
Withdrawal of Consent: If we are processing your Personal Data based on your consent (as indicated at the time of collection of such data), you have the right to withdraw your consent at any time. Please note, however, that if you exercise this right, you may have to then provide express consent on a case-by-case basis for the use or disclosure of certain of your Personal Data, if such use or disclosure is necessary to enable you to utilize some or all of our Services.
Portability: You can ask for a copy of your Personal Data in a machine-readable format. You can also request that we transmit the data to another controller where technically feasible.
Objection: You can contact us to let us know that you object to the further use or disclosure of your Personal Data for certain purposes.
Restriction of Processing: You can ask us to restrict further processing of your Personal Data.
Right to File Complaint: You have the right to lodge a complaint about Company’s practices with respect to your Personal Data with the supervisory authority of your country or EU Member State.
13. Questions, Concerns, or Complaints
If you have any questions or concerns regarding privacy using the Services or about our Privacy Shield Certification, please send us a detailed message to email@example.com, and we will make every attempt to resolve your concerns.
14. Contacting Us