Straw Technology SARL. (“we,” “us” or “our”) provides this privacy policy (“Privacy Policy”) to explain our practice regarding the collection, use, share and protection of information in relation to its mobile application Dys (“Dys”). This Privacy Policy applies to all visitors, users, and others who access Dys (“Users”, “you”). By accessing or using Dys you signify that you have read, understood and agree to our collection, storage, use and disclosure of your information as described in this Privacy Policy.
We only collect information as stated below. This information is being used for analytical purposes. To the extent information covered by this Privacy Policy is associated with an identified or identifiable natural person and is protected as personal data under applicable data protection laws, it is referred to in this Privacy Policy as “Personal Data”. We do not collect or store any other data (including Personal Data) unless you provide it voluntarily. When provided voluntarily, we will not distribute or share your information with any third party without your consent. We collect the following types of information (hereinafter – “Collected Information”): Analytics information. We use analytical tools of our third party providers (hereinafter – “Third Party Providers”) such as Facebook Analytics, Crashlytics, Firebase and AppsFlyer to help us measure traffic and usage trends for Dys. These tools collect information sent by your device or Dys including log file information, cookies, device identifiers and the web pages you visit when following the links available to you on Dys. Third Party Providers aggregate the collected data so that it cannot reasonably be used to identify any particular individual User. This collected data provides us with analytics and measurement reports so that we can improve Dys. Cookies and similar technologies. When you use Dys, we may use cookies and similar technologies like pixels, web beacons, and local storage to collect information about how you use Dys and provide features to you. We may ask our partners to serve the services to your devices, which may use cookies or similar technologies placed by us or the third party. Log file information. Log file information is automatically reported by Dys each time you make a request to access (i.e., visit) it. It can also be provided when the content of Dys is downloaded to your device. When you use Dys, our Third Party Providers automatically record certain log file information, including your web request, Internet Protocol (“IP”) address, browser type, referring / exit pages and URLs, number of clicks and how you interact with links on Dys, domain names, landing pages, pages viewed, and other such information. The information allows for more accurate reporting and improvement of Dys. Device identifiers. When you use a mobile device like a tablet or phone to access Dys, we may access, collect, monitor, store on your device, and/or remotely store one or more “device identifiers.” Device identifiers are small data files or similar data structures stored on or associated with your mobile device, which uniquely identify your mobile device. A device identifier may be data stored in connection with the device hardware, data stored in connection with the device’s operating system or other software, or data sent to the device by Dys. A device identifier may deliver information to us or to Third Party Provider about how you browse and use Dys and may help us or others provide reports. Some features of Dys may not function properly if use or availability of device identifiers is impaired or disabled. Among others we collect the following device identifiers:
- User Device ID
- Platform (iOS/Android)
- Device OS Version
- App Version
- First request time
- Language
- Region/Country
- Timezone
- Model
- App Version
For use of Dys you may provide us and upload to Dys your question. In order to make possible for you to use certain functions of Dys (as the historique), we will store your questions.
Collected Information is used mainly for analytical purposes in order to constantly improve and maintain our services, including among others, for ensuring the technical functioning of our network, to help preventing fraudulent use of Dys and for developing new services. In addition to some of the specific uses of information we describe in this Privacy Policy, we may use information that we receive (including Personal Data) for the following purposes:
- to provide, improve, test, and monitor the effectiveness of Dys;
- to develop and test new products and features;
- to monitor metrics such as total number of visitors, traffic, and demographic patterns (including via third party services as specified in Section 5 of this Privacy Policy);
- to diagnose or fix technology problems;
- to automatically update Dys application on your device;
- to send you technical notices, updates, security alerts and support and administrative messages;
- to link or combine with information we get from others or (and) from you to help understand your needs and provide you with better service (to use in training of neural networks, artificial intelligence, as well as for any other automated decision-making processing);
- for any other purposes disclosed to you at the time we collect Personal Data or indicated in this Privacy Policy.
We will not process your Personal Data in a way that is incompatible with the purposes for which it has been collected or subsequently authorized by you in accordance with Section 3 of this Privacy Policy or collect any Personal Data that is not required for the mentioned purposes (“purpose limitation principle”). For any new purpose of processing, we will ask your separate consent. To the extent necessary for those purposes, we take all reasonable steps to ensure that Personal Data is reliable for its intended use, accurate, complete, and current. We also undertake to collect only such amount and types of Persona Data that are strictly required for the purposes mentioned in this Section of the Privacy Policy (“data minimization principle”).
Under certain circumstances, Users who are resident in EEA, have rights under the General Data Protection Regulation (the “GDPR”). If you wish to exercise any of the rights set out below, please contact us at [email protected].
- Access. You have a right to access your Personal Data that you provide when using Dys and ask us about what kind of Personal Data we have about you. You can do this by writing to us.
- Rectification of Personal Data and Restriction of Processing. You are responsible for ensuring the accuracy of the Personal Data that you voluntarily submit to Real Labs, Inc. or Dys. If you believe that your Personal Data is inaccurate, you have a right to contact us and ask us to correct such Personal Data. You shall also have the right to obtain restriction of processing of your Personal Data, if you contest the accuracy of the Personal Data which inaccuracy is verified by us.
- Erasure of your Personal Data. If you believe that your Personal Data is no longer necessary in relation to the purposes for which it was collected or otherwise processed, or in cases where you have wihdrawn your consent or object to the processing of your Personal Data, or where the processing of your Personal Data does not otherwise comply with the GDPR, you have the right to contact us and ask us to erase such Personal Data as described above.
- Right to object processing of your Personal Data. You can object processing your Personal Data and stop us from processing your Personal Data. Please be aware that erasing Personal Data inserted by you may affect your ability to use Dys.
- Notification requirements. We commit to notify you promptly and the data protection authority applicable to you within the timeframe specified in applicable law (72 hours) about any Personal Data breaches.
- Data Protection Authorities. Subject to the GDPR, you also have the right to (i) restrict our use of Personal Data and (ii) lodge a complaint with your local data protection authority about any of our activities that you deem are not compliant with the GDPR.
Please keep in mind that in case of a vague access, erasure, objection request or any other request in exercise of the mentioned rights we may engage you in a dialogue so as to better understand the motivation for the request and to locate responsive information. In case this is impossible, we reserve the right to refuse granting your request. Following the requirements of the GDPR we might also ask you to prove your identity (for example, by requesting an ID or other proof) in order for you to invoke the mentioned rights. This is made to ensure that no right of third parties are violated by your request, and the mentioned rights are exercised by an actual Personal Data subject or an authorized person. Please note that we will grant your request within 30 days after receiving it, but it may take up to 90 days in some cases, for example for full erasure of your Personal Data stored in our backup systems - this is due to the size and complexity of the systems we use to store data.
We will not rent out or sell Collected Information if it is Personal Data to third parties outside Ticket to the Moon, Inc. (or the group of companies of which Straw Technologies SARL. is a part of) without your consent, except as parties with whom we may share information in accordance with this Policy. Parties with whom we may share Collected Information. We may share Collected Information (including but not limited to, information from cookies, log files, device identifiers and usage data) with businesses that are legally part of the same group of companies where Straw Technologies SARL. is a part of, or that become part of the group (“Affiliates”). Affiliates may use this information to help provide, understand, and improve Dys (including by providing analytics information) and Affiliates’ own services (including by providing you with better and more relevant experiences). We also may share Collected Information from tools like cookies, log files, and device identifiers with Third Party Providers. The parties we share your Personal Data with are either EU-based or compliant with the EU-US Privacy Shield Framework that ensures that European data privacy requirement are met. We also utilize standard contractual clauses and other contractual safeguards in order to protect your privacy and insure that all transfers of your Personal Data are safe and compliant with applicable laws.
Data Storage and Processing. Collected Information (including Personal Data) may be stored and processed in the United States or any other country in which Straw Technologies SARL., its Affiliates or service providers (processors) maintain facilities. Straw Technologies SARL., its Affiliates, or service providers may transfer Collected Information (including Personal Data) across borders and from your country or jurisdiction to other countries or jurisdictions around the world. If you are located in the European Union or other regions with laws governing data collection and use that may differ from U.S. law, please note that we may transfer information, to a country and jurisdiction that does not have the same data protection laws as your jurisdiction. Data security. We use reasonable and appropriate information security safeguards to help keep Collected Information (including Personal Data) secured.
General age limitation. Straw Technologies SARL. does not knowingly collect or solicit any information from anyone under the age of 13. Dys and its content are not directed at children under the age of 13. In the event that we learn that we have collected personal information from a child under age 13 without parental consent, we will delete that information as quickly as possible. If you believe that, we might have any information from or about a child under 13, please contact us. Age limitation for EU residents. Due to requirements of the GDPR you shall be at least 16 years old in order to use Dys. To the extent prohibited by applicable law, we do not allow use of Dys by the EU residents younger than 16 years old. If you are aware of anyone younger than 16 using Dys, please contact us at [email protected] and we will take required steps to delete such information.
We are not responsible for the practices employed by any websites or services linked to or from Dys, including the information or content contained within them. Please understand that this Privacy Policy applies only to information and Personal Data we collect from you. Where we have linked to a third-party website or service, you should read the privacy policy stated on that third-party website or service.
General contact details. If you have any questions about this Privacy Policy or Dys, please contact us via email on [email protected] or to our mailing address: Straw Technologies SARL. 8 rue Faubourg Poissonnière, 75010 Paris
Real Labs Technology, I. may modify or update this Privacy Policy from time to time, so please review it periodically. We may provide you additional forms of notice of modifications or updates as appropriate under the circumstances. Your continued use of Dys after any modification to this Privacy Policy will constitute your acceptance of such modification. In some cases, we may require you to expressly accept new privacy policy in order to continue using Dys (for example if we expand types of Collected Information or introduce new purposes of collection and processing).