Data Protection

Introduction

We (“we”, “us”, “our”) take the protection of the users’ (“user” or “you”) data of our website and/or our mobile app (the “Website” or the “Mobile App”) very seriously and are committed to protecting the information users provide us in connection with the use of our Website and/or Mobile App (together: “digital assets”). Furthermore, we are committed to protecting and using your data in accordance with applicable law.

This Privacy Policy explains our practices regarding the collection, use, and disclosure of your information through your use of our digital assets (the “Services”) when you access the Services via your devices.

Please read this Privacy Policy carefully and make sure you fully understand our practices regarding your data before using our Services. If you have read and fully understood this policy and do not agree with our practices, you must cease using our digital assets and Services. By using our Services, you acknowledge the terms of this Privacy Policy. Continued use of the Services constitutes your acceptance of this Privacy Policy and any changes thereto.

In this Privacy Policy, you will learn:

• How we collect data

• What data we collect

• Why we collect this data

• Whom we share the data with

• Where the data is stored

• How long the data is retained

• How we protect the data

• How we handle minors

• Updates or changes to the Privacy Policy

What Data Do We Collect?

Below is an overview of the data we may collect:

Non-identified and non-identifiable information that you provide during the registration process or that is collected through your use of our Services (“non-personal data”). Non-personal data does not allow us to identify the individual from whom it was collected. Non-personal data we collect mainly consists of technical and aggregated usage information.

Individually identifiable information, i.e., information that identifies or could reasonably be used to identify an individual (“personal data”). Personal data we collect through our Services may include information such as names, email addresses, addresses, phone numbers, IP addresses, and more. If we combine personal and non-personal data, we treat the combined data as personal data for as long as it remains combined.

How Do We Collect Data?

The main methods we use to collect data include:

• We collect data when you use our Services. When you visit our digital assets and use our Services, we may collect, record, and store usage, session, and related information.

• We collect data you provide to us directly, for example, when you contact us directly through a communication channel (e.g., an email with a comment or feedback).

• We may collect data from third-party sources as described below.

• We collect data when you sign in to our Services through a third-party provider such as Facebook or Google.

Why Do We Collect This Data?

We may use your data for the following purposes:

• To provide and operate our Services;

• To further develop, customize, and improve our Services;

• To respond to your feedback, requests, and inquiries and to provide support;

• To analyze usage and demand patterns;

• For other internal, statistical, and research purposes;

• To enhance our data security and fraud prevention capabilities;

• To investigate violations and enforce our terms and policies, and to comply with applicable laws, regulations, or government requests;

• To send you updates, news, promotional materials, and other information related to our Services. For promotional emails, you can choose whether to continue receiving them—just click the unsubscribe link in those emails.

Who Do We Share This Data With?

We may share your data with our service providers to operate our Services (e.g., data storage via third-party hosting services, technical support, etc.).

We may also disclose your data in the following circumstances:

(i) to investigate, detect, prevent, or address illegal activities or misconduct;

(ii) to establish or exercise our rights of defense;

(iii) to protect our rights, property, or personal safety, or the safety of our users or the public;

(iv) in the event of a change of control at our company or an affiliate (e.g., merger, acquisition, or sale of substantially all assets);

(v) to collect, hold, and/or manage your data through authorized third parties (e.g., cloud service providers) as appropriate for business purposes;

(vi) to collaborate with third parties to enhance your user experience.

Please note that we may transfer or share non-personal data at our sole discretion.

Cookies and Similar Technologies

When you visit or access our Services, we authorize third parties to use web beacons, cookies, pixel tags, scripts, and other technologies and analytics services (“tracking technologies”). These tracking technologies may allow third parties to automatically collect your data to enhance your navigation experience on our digital assets, optimize their performance, provide a tailored user experience, and for security and fraud prevention purposes.

To learn more, please see our Cookie Policy.

Advertising Partners/Networks

We do not share your email address or other personal data with advertising companies or advertising networks without your consent.

Where Do We Store the Data?

Non-Personal Data

Our company and trusted partners and service providers are located around the world. For the purposes explained in this Privacy Policy, we store and process all non-personal data we collect in various jurisdictions.

Personal Data

Personal data may be maintained, processed, and stored in the United States, Ireland, South Korea, Taiwan, Israel, and other jurisdictions as required for the proper provision of our Services and/or by law.

How Long Do We Retain Data?

We retain collected data for as long as necessary to provide our Services, comply with our legal and contractual obligations to you, resolve disputes, and enforce our agreements.

We may correct, complete, or delete inaccurate or incomplete data at our sole discretion at any time.

How Do We Protect the Data?

The hosting service for our digital assets provides us with the online platform that allows us to offer you our Services. Your data may be stored via our hosting provider’s data storage, databases, and general applications. They store your data on secure servers behind a firewall and provide secure HTTPS access to most areas of their services.

Despite the measures and efforts we and our hosting provider have taken, we cannot and do not guarantee the absolute protection and security of the data you upload, post, or otherwise share with us or others.

Therefore, we encourage you to set strong passwords and avoid sharing sensitive information with us or others if you believe its disclosure could cause significant or lasting harm. Since email and instant messaging are not considered secure communication methods, please do not share sensitive information via these channels.

We will only use your personal data for the purposes stated in this Privacy Policy if:

• The use of your personal data is necessary to perform or enter into a contract (e.g., to provide the Services or support);

• The use of your personal data is necessary to comply with legal or regulatory obligations;

• The use of your personal data is necessary to support our legitimate business interests (provided this is done proportionately and respects your privacy rights).

As an EU Resident, You May:

• • Request confirmation of whether or not personal data concerning you is being processed and access your stored personal data and certain additional information;

  • Request to receive personal data you provided in a structured, commonly used, and machine-readable format;

  • Request the correction of your personal data held by us;

  • Request the deletion of your personal data;

  • Object to the processing of your personal data;

  • Request restriction of the processing of your personal data;

  • File a complaint with a supervisory authority.

Please note, however, that these rights are not absolute and may be subject to our legitimate interests and regulatory requirements.

For any general questions about the data we collect and its use, please contact us using the details below.

In the course of providing our Services, we may transfer data across borders to affiliates or other third parties from your country/jurisdiction to others around the world. By using the Services, you consent to the transfer of your data outside the EEA.

If you reside in the EEA, your personal data will only be transferred to locations outside the EEA if we are satisfied that an adequate or comparable level of data protection exists. We will take appropriate steps to ensure we have adequate contractual arrangements in place with third parties to ensure appropriate safeguards are implemented to minimize the risk of unlawful use, modification, deletion, loss, or theft of your personal data and ensure that these third parties act at all times in compliance with applicable laws.

California Consumer Privacy Act (CCPA) Rights

If you are a California resident using the Services, you may have the right under the California Consumer Privacy Act (CCPA) to request access to and deletion of your personal data.

To exercise your right to access or delete your data, please contact us using the information below.

We do not sell users' personal data for CCPA purposes.

Updates or Changes to the Privacy Policy

We may revise this Privacy Policy at our sole discretion from time to time, and the version published on the Website is always current (see “Last updated” date). We encourage you to review this Privacy Policy regularly for changes. In case of material changes, we will post a notice on our Website. Continued use of the Services after such notice will constitute your acknowledgment and consent to such changes and your agreement to be bound by the updated terms.

Contact

If you have any general questions about the Services or the information we collect about you and how we use it, please contact us at:

Name: Octagonware UG (haftungsbeschränkt)

Address: Franz-Xaver-Honold-Str. 6

Email: info@octagonware.com