Last updated: 12/1/2020
- Who Collects Your Information On Our Service?
We do. Under the CCPA we are a “Business” and pursuant to the GDPR, Palapa is the “Controller” of the PII that you provide to us. We collect information from you on the Service, and we are responsible for protection of your information.
- What Information Do We Collect?
- Requested Information. On various pages on the Site, we may request specific PII about you in order to register you for an account to use the Service, add you to our email list, facilitate your payments for the Service, or fulfill your requests for information. You may choose not to provide your PII, but then you might not be able to take advantage of some of the features of our Site and Service. We collect basic personal data about you as well as certain biometric information as described herein, but no other special types of information (e.g., health-related) as defined in the GDPR. The types of PII we may collect and save include:
- Contact and account registration information such as username and email address;
- Information you provide such as feedback, comments or other messages;
- Social media information, such as your username, age, gender, contacts and other information collected through the Service’s elective social media integration features;
- Technical information collected in our logs, such as standard web log entries that contain your IP address, keystrokes and clicks while using the Service, page URLs, the pages and features accessed most frequently, time spent on a page, how pages and features are used, previous page and referring page URLs, search terms entered, and similar analytics about use of the Site or Service;
- Device information such as mobile phone provider associated with the device you are using to access the Site or Service, your device’s unique identifier, the type of device and its operating system, and screen resolution of the device;
- Location-based information;
- Service Content, as defined herein;
- Data Set Information, as defined herein; and
- Biometric Information, as defined herein.
- Aggregate Information. We may also collect anonymous, non-identifying and aggregate information such as the type of browser you are using, device type, the operating system you are using, and the domain name of your Internet service provider.
- Service Content. As part of the functionality of the Service, the Service may record photos, audio, video, accelerometer, gyroscope, pedometer, magnetometer, barometer, or any other sensor information if you permit such access in order to use certain features of the Service, such as the image recognition feature. The Service may also request permission and access to your photo gallery, camera roll or other device storage area holding your images, audio, videos, accelerometer, gyroscope, pedometer, magnetometer, barometer, or any other sensor information in order for you to upload and transmit them through the Service. Information collected in this manner is referred to as “Service Content.”
- Data Set Information. As part of the functionality of the Service, users may upload data sets for automatic processing by the Service. As such, the Service may collect PII if such PII is included in by users in such data sets to the Service (“Data Set Information”).
- Biometric Information. The Service is not designed to create, collect, capture, store or analyze biometric information. However, the Service automatically processes data sets uploaded by users, and as such, the Service may collect, capture, store or analyze biometric information, specifically fingerprint information, voiceprints, or hand or facial geometry information if certain data sets are uploaded by users to the Service (“Biometric Information”).
- Financial Information. We do not collect financial information from you on the Service. However, we use third party service providers to process payments for the Service and they do collect financial information, such as banking information or credit card number, name, CVV code or date of expiration, from you on the Service.
- It will only be used to access, read, write, modify, or control Gmail message bodies (including attachments), metadata, headers, and settings (“Google Data”) to provide a web email client that allows users to compose, send, read, and process emails;
- Palapa will not transfer this Google Data to others unless doing so is necessary to provide or improve these features, comply with applicable law, or as part of a merger, acquisition, or sale of assets;
- We will not use this Google Data for serving advertisements; and
- Palapa will not allow any individual to access your Google Data unless we have your affirmative consent for specific messages, doing so is necessary for security purposes such as investigating abuse, to comply with applicable law, or for the Palapa's internal operations, and even then only when the Google Data has been aggregated and anonymized.
- Why Is My Information Being Collected?
We need to collect your PII so that we can respond to your requests for information and demonstrations or to be added to our emailing lists, to integrate with social media platforms, and to process your requests for access to and payment for our Service. We also collect aggregate information to help us better design the Site and Service. We collect log information for monitoring purposes to help us to diagnose problems with our servers, administer the Site and Service, calculate usage levels, and otherwise provide services to you.
Service Content is collected for purposes of providing certain functionalities of the Service.
Data Set Information and Biometric Information is collected for purposes of training the Service’s artificial intelligence recognition functionality and for producing and refining the Service’s neural network matrices.
- How Do We Use the Information We Collect?
- We use the PII you provide for the purposes for which you have submitted it including:
- Responding To Your Inquiries and Fulfilling Your Requests. We may use your PII to respond to your inquiries and to fulfill your requests for information.
- Creating and Maintaining Your User Account. We use your PII to create and maintain an account for you to allow you to purchase and use the Service.
- Subscribing To and Paying For Our Service. We use your PII to add your subscriptions to our Service, and process your payment for the Service.
- Communicating With You About Our Service. We may use your PII to send you information about new features of the Service and other items that may be of interest to you.
- Social Media Integration. We may use your PII to integrate your social media accounts with the Service, and to provide to you the social media features of the Service.
- We may use anonymous information that we collect to improve the design and content of our Service, and to enable us to personalize your Internet experience. We also may use this information in the aggregate to analyze how the Service is used, analyze industry trends, as well as to offer you programs or services.
- Service Content. We may use your Service Content to provide certain functionalities of the Service, as directed by you, including the image recognition features of the App.
- Data Set Processing. We may use certain PII – Data Set information and Biometric Information – to train the Service’s artificial intelligence recognition functionality and for producing and refining the Service’s neural network matrices.
- Do We Share Your Personal Information?
In general, we will not share your PII except: (a) for the purposes for which you provided it; (b) with your consent, or as you direct; (c) as may be required by law or as we think necessary to protect our organization or others from injury (e.g., in response to a court order or subpoena, in response to a law enforcement agency request, or when we believe that someone is causing, or is about to cause, injury to or interference with the rights or property of another); (d) with other Users, including administrators, of your corporate account, if applicable; or (e) on a confidential basis with persons or organizations with whom we contract to carry out internal site operations, which may include for example, analytical services, or as necessary to render the Service. With your knowledge and consent, we may share your personal information with our business partners, such as our marketing partners and event co-hosts. We may also share aggregate information with others, including affiliated and non-affiliated organizations. Finally, we may transfer your personal information to our successor-in-interest in the event of an acquisition, sale, merger or bankruptcy.
Your payment information may be shared with a third party service provider for purposes of payment processing.
Biometric Information shall not be disclosed to third parties. Biometric Information will be transmitted solely for the purposes described herein, which shall include transmissions for electronic storage purposes.
- Are There Other Ways My Personal Data Could Be Shared?
You may elect to share certain personal information with individuals, with the public, or, at your direction, with other entities with whom you have a service account via your use of the Site, App, or Service. In this case, you will control such sharing via settings that we provide. For example, the Service may make it possible for you to publicly share information via social media such as Facebook or Twitter. Be aware that when you choose to share information with friends, public officials, or with the public at large, you may be disclosing sensitive information, or information from which sensitive information can be inferred. Always use caution when sharing information through the Service. You understand and agree that Palapa is not responsible for any consequences of your sharing of information through and beyond the Service.
- How Can You Access and Control Your Information?
After registering for an account on the Site, you may log-in to the account and edit your PII in your profile. For instructions on how you can further access your PII that we have collected, or how to correct errors in such information, please contact us at email@example.com. We will also promptly stop using your information and remove it from our servers and database at any time upon your e-mail request. To protect your privacy and security, we will take reasonable steps to help verify your identity before granting access, making corrections or removing your information.
- How Do We Store and Protect Your Information?
- After receiving your PII, we will store it on our Service systems for future use. We have physical, electronic, and managerial procedures in place to safeguard and help prevent unauthorized access, maintain data security, and correctly use the information we collect. Unfortunately, no data transmission over the internet or data storage solution can ever be completely secure. As a result, although we take industry-standard steps to protect your information (e.g., strong encryption), we cannot ensure or warrant the security of any information you transmit to or receive from us or that we store on our or our service providers’ systems.
- If you are accessing the Service from outside of the USA, you understand that your connection will be through and to servers located in the USA, and the information you provide will be securely stored in our web servers and internal systems located within the USA.
- We store your PII until you request us to remove it from our servers. We store our logs and other technical records indefinitely.
- Biometric Information. Biometric Information will be retained solely to facilitate the purposes described herein, and will be deleted upon the earliest of (i) immediately after the purpose for capturing the Biometric Information has expired; and (ii) three (3) years from the date of the last interaction the individual who is the subject of such Biometric Information, or his or her legal representative, has with us.
- To enhance your online experience with us, our web pages may presently or in the future use “cookies.” Cookies are text files that our web server may place on your hard disk to store your preferences. We may use session, persistent, first-party and third-party cookies. Cookies, by themselves, do not tell us your e-mail address or other PII unless you choose to provide this information to us. Once you choose to provide PII, however, this information may be linked to the data stored in the cookie.
- We or our service providers may also use “pixel tags,” “web beacons,” “clear GIFs” embedded links, and other commonly used information-gathering tools in connection with some Site pages and HTML-formatted email messages for such purposes as compiling aggregate statistics about Site usage and response rates. A pixel tag is an electronic image (often a single pixel), that is ordinarily not visible to website visitors, and may be associated with cookies on visitors’ hard drives. Pixel tags allow us and our service providers to count users who have visited certain pages of the Site, to deliver customized services, and to help determine the effectiveness of our Site and Service. When used in HTML-formatted email messages, pixel tags can inform the sender of the email whether and when the email has been opened.
- As you use the Internet, you leave a trail of electronic information at each website you visit. This information, which is sometimes referred to as “clickstream data”, can be collected and stored by a website’s server. Clickstream data can reveal the type of computer and browsing software you use and the address of the website from which you linked to the Site. We may use clickstream data as a form of non-personally identifiable information to determine how much time visitors spend on each page of our Site, how visitors navigate through the Site, and how we may tailor our web pages to better meet the needs of visitors. We will only use this information to improve our Service.
- Collection of Information by Others
Our Terms and Conditions document identifies certain third party websites to which we may provide links that you may click on our Site. Please check the privacy policies of these other websites to learn how they collect, use, store and share information that you may submit to them or that they collect.
- Biometric Information
If you are a user who has uploaded data sets containing or consisting of Biometric Information, you consent to our collection, capture, storage, transmission and analysis of Biometric Information as described herein, and release us from any claims that may arise regarding the use of such Biometric Information. In addition, if such data sets include data from which the Biometric Information of other individuals, you represent and warrant that you are the duly authorized legal representative of such individuals, and with respect to the Biometric Information of such individuals, you consent to our collection, capture, storage, transmission and analysis of Biometric Information as described herein, and release us from any claims that may arise regarding the use of such Biometric Information You agree to not include data in the data sets that you upload to the Service containing or consisting of the Biometric Information of individuals for which you are not the legal representative.
- ‘EEA’ Privacy Rights
- If you currently reside in the EEA, the GDPR applies to your Personal Data and you are a Data Subject. The GDPR requires that we, as a Controller, have a legal basis to process your Personal Data.
- We process your Personal Data under one or more of the following legal bases:
- Processing is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests;
- To perform the contract that we are about to enter with you (e.g. our Terms of Service);
- To comply with a legal obligation; and/or
- If we have your consent to do so.
- Under the GDPR, as a Data Subject you have certain rights. They are:
- The right to be informed. This is your right to be informed about what Personal Data they are processing, why, and who else the data may be passed to.
- The right of access. This is your right to see what Personal Data about you is held by us.
- The right to rectification. This is the right to have your Personal Data corrected or amended if what is held is incorrected in some way.
- The right to erasure. This is the right to have your Personal Data to be deleted in the event that such data is no longer required for the purposes it was collected for, your consent for the processing of the data is withdrawn, or the data is being unlawfully processed.
- The right to restrict processing. This is the right to ask for a temporary halt to processing of your Personal Data, such as in the case where a dispute or legal case has to be concluded, or the data is being corrected.
- The right to data portability. This is the right to ask for your Personal Data to be provided to you in a structured, commonly used, and machine-readable format.
- The right to object. This is the right to object to further processing your Personal Data if such processing is inconsistent with the primary purposes for which it was collected. This right may also be exercised by withdrawing your consent, which you may do at any time, if applicable.
- Rights in relation to automated decision making and profiling. This is the right to not be subject to a decision based solely on automated processing. The service does not engage in automated decision making and profiling.
- California Privacy Rights
- The CCPA applies to our practices with respect to Personal Information of California residents. Under the CCPA, Consumers have certain rights regarding their Personal Information.
- California Consumers have the right to request that we disclose Personal Information we have collected about them in the previous 12 months including, but not limited to, the categories of information collected by us, the source(s) of such information by category, and the purpose for collecting such information. This right may not be exercised more than twice in a 12 month period.
In the previous 12 months, we have collected the following categories of Personal Information about Consumers:
- Identifiers, such as your email address, unique personal identifiers, account names, and similar information;
- Personal Records Under the California Consumer Records Law (Cal. Civ. Code §1798.80) (“CCRLPI”);
- Characteristics of Protected Classifications to the extent included in Data Set Information;
- Commercial Information includes records of personal property, products or services purchased, obtained or considered, or other purchased or consuming histories or tendencies;
- Biometrics to the extent included in Data Set Information;
- Internet/Network Activity, which can includes browsing history, cookies, search history and a Consumer’s interaction with a website;
- Geolocation data;
- Audio, electronic, visual data to the extent users use certain features of the Service; and
- Inferences drawn from any other category of personal information.
- As a California Consumer, you also have the right to request that we tell you which of your Personal Information we have disclosed for a business purpose, or sold, in the previous 12 months, if any. In the past 12 months, we have disclosed Personal Information falling under the following categories of personal information: Identifiers and Internet/Network Activity.
- You also have the right to request the deletion of Personal Information that we have collected from you at any time. However, we may not be required to comply such request under several circumstances including, but not limited to, when the data is necessary for the underlying transaction, to comply with applicable law, to detect security incidents, to debug glitches, and for our internal purposes.
- In the event that you exercise one of your rights under the CCPA, you will not be discriminated against by Palapa in any way, whether it is through the denial of goods/services, providing you a different level of goods/services, or charging (or suggesting that we will charge) you different prices for the goods/services unless such change in price is reasonably related to the value you receive from your Personal Information.
- How do you exercise your rights under the CCPA?
Because we offer the Service exclusively online, you may submit requests to exercise your rights under the CCPA by contacting us at firstname.lastname@example.org, please include “Request for Privacy Information” in the subject line. You can also submit requests by calling us toll-free at [201-691-7223].
We will acknowledge receipt of your request within 10 days of receiving it, and use best efforts to respond within 45 days of receipt of your request, but in no event will our response come more than 90 days after your request. If we are unable to provide our response within the first 45 days following your request, we shall notify you as soon as we become aware of the possible delay and provide an explanation of why additional time is needed to respond.
Before we respond to any CCPA based requests relating to your personal information, we may take steps to reasonably verify the identity of the person making the request to make sure it’s you, or your authorized agent (in either case, the “Requestor”). We do this to this avoid disclosing your information to third parties and bad actors, not to inconvenience you in any way. For purposes of verifying identity, we will ask the Requestor to confirm at least two pieces of information that we have in our files. If an agent is acting on behalf of the Consumer, we will also need to verify the agent’s identity and their authority to act on the Consumer’s behalf. As the sensitivity of the information being requested increases, we will ask the Requestor to provide more information to verify their identity and/or authority to make the request. If the identity of the Requestor cannot be reasonably verified, either as the Consumer or their agent, then in order to protect that Consumer, we may not disclose or delete the personal information that is the subject of the request.
- Children and Privacy
We do not knowingly permit users to register for our Service if they are under 13 years old, and therefore do not request Personal Information from anyone under the age of 13. If we become aware that a customer is under the age of 13 and has registered without prior verifiable parental consent, we will remove his or her personally identifiable registration information from our files. If you are the parent or guardian of a person under the age of 13 who has provided Personal Information to us without your approval, please inform us by contacting us at the e-mail address below and we will remove such information from our database.
- Contact Information