Upinion has created this privacy statement in order to demonstrate our firm commitment to privacy.
Upinion respects your privacy and is committed to protecting it through our compliance with this policy.
DATA PROTECTION CONTACT
Upinion is headquartered in The Hague, in the Netherlands (Fluwelen Burgwal 58, 2511 CJ The Hague).
You may contact Upinion’s internal data protection resource if you have any questions or concerns about Upinion’s policies or practices regarding Personal Data. You can contact us via [email protected].
Since our servers are located in the European Union, your personal information will be stored and processed by us in the European Union.
HOW UPINION WORKS
Our Services offer you the opportunity to initiate Groups and invite people to join these Groups (‘Respondents’). You will be able to start “Conversations” and ask questions, which may be answered by ‘Respondents’. One person is allowed to be both a Group User and a Respondent at the same time.
As a Respondent you will be able to join Groups and answer questions in Conversations. These Conversations are initiated by Group Users in order to share information and collect your answers for research and feedback purposes. Participating in Conversations is at your own discretion. The group user is the controller of your personal data. And therefore is he/she responsible for the processing of your personal data.
COLLECTION OF PERSONAL INFORMATION
Your account details as a Group User
When you create a personal account you provide us with the following information: your name, company name, address, email address, (mobile) phone number, financial information (e.g. a credit card number and expiration date or a bank account number). If you provide us with a billing address, we will register this as the location of the account holder.
Your account details as a Respondent
You will be able to use most features of our apps without registering. However, in order to use certain features within our apps we could ask you to register your account first. When this occurs we may ask for your email address, mobile phone number and in some cases your name.
Your content: We collect the content and other information you provide when you use our Services, including the questions you ask, the given answers, group information, Reward information and contextual data (e.g. testimonials and feedback).
Your content is utilized for research and to gather feedback, or is essential to ensure the optimal performance of our Services.
Asking questions as Group User: with our Services you will be able to create Groups (Group Administrator), invite people to join these Groups (Respondents), send them information messages, ask them questions in Conversations, collect their answers/data, create your own Rewards and give certain users rights to view and/or edit Conversations (Group Users).
Your answers as a Respondent: We collect and store the answers you submit in the Conversations in our app on behalf of the Group Users. The Group User(s) is/are responsible for these data and the management thereof. If you have any questions about a group, a Conversation or the use of your personal information and answers in these Conversations, we advise you to view the information on the specific Group Page in the mobile app or contact the Group Administrator directly, since Upinion is not responsible for this content. You can find the contact details in your Group Page. You can always choose not to answer, skip an answer, leave a group or delete our app. Answering questions is on a voluntary basis.
Device information: We collect personal information from or about the computers, phones or other devices where you install or access our Services. This information includes IP- addresses, the type of your (mobile) device, device locations, including specific geographic locations, time zones and durations of use.
The information obtained from your devices is only used to ensure the optimal performance of our Services, and to enhance security measures (for instance, helping to identify and thwart unauthorized access, combat distributed denial-of-service (DDoS) attacks, and other potential security risks), Monitoring and Performance (utilizing services which offer monitoring tools that record access requests), and for Auditing and Compliance purposes (capturing IP addresses helps us with security audits and compliance evaluations).
Access to the information related to your device is restricted to Group Users unless you have explicitly granted them permission to view such information.
Upinion is dedicated to collaborating with third-party services that maintain ISO 27001 (or equivalent) certification standards to ensure the protection of any data.
Additional information: We also collect additional information such as your default language, time zone and communication preferences (e.g. if you want to receive our newsletter).
Group Users utilize your preferred language and time zone settings to ensure that their communications with you are appropriately timed and in your chosen language.
DISCLOSURE TO THIRD PARTIES
We do not disclose or sell your personal information to third parties, except in the limited circumstances described here:
Your consent: We may share or disclose your (personal) information with your expressed consent.
Service Providers: We engage certain trusted third parties (i.e. payment processors for airtime, data bundles and gift) to perform functions and provide services to us. We may share your personal information with these third parties, but only to the extent necessary to perform these functions and such services. These third parties will not use your personal information for any other purposes than what we agreed upon.
We explicitly require these third parties to establish sufficient security measures to protect your personal information, adhering to ISO 27001 (or equivalent) certification standards to guarantee the safety of your data.
Law and harm: We may disclose your personal information if we believe that it is reasonably necessary to comply with a law, regulation or legal request.
Corporate objectives: We may disclose your personal information to protect our rights and property or in a corporate restructuring or acquisition context. When we intend to do this you will be informed in advance.
NOTIFICATION AND CORRECTION
Personal information: You are entitled to know which personal information Upinion holds in relation to you. Should you desire to review or modify your registered data, you can do so by accessing the Upinion App and navigating to Settings -> Group Privacy and Reward Privacy.
Answers as a Respondent: Should you desire to review your answers you can do so by accessing the Upinion App and navigating to Conversations.
Download/backup your Conversation data: As a Group User it is possible to export, share and publish your own (Conversation) data in a variety of formats. This allows you to create your own backups or conduct offline data analysis.
RIGHT TO OBJECT
Delete your account: In order to stop us from collecting and using your personal data you can delete your account. This can be accomplished by visiting the Settings within the Upinion App or by reaching out to our Customer Support team for assistance with account cancellation and deletion. Once your account has been deleted all your personal data will be deleted as well. As a result thereof all Conversation data is disconnected from your personal account.
We will respond to any appropriate request to delete your personal information within the time period specified by law (if applicable) or without excessive delay. Once your identity has been verified by us we will promptly fulfill requests to delete personal data; unless the request is technically not feasible or such data is required to be retained by law (in which case we will block access to such data).
If you, as a Respondent, are part of a Group and remain inactive for 180 days, you will typically be removed automatically, and your personal data associated with that Group will be erased. If you are not linked to any group, your account will consequently be deleted. With the deletion of your account, all your personal data will also be permanently removed.
As a Group User generally retain your data for as long as you have an account with us, to comply with our legal obligations, resolve disputes and enforce our agreements.
Data that has been deleted from our servers may remain temporarily as residual copies on offsite backup media in order to complete certain Conversations in a reliable manner, such as giving the Respondents the Rewards they have earned.
LEGAL BASIS FOR THE PROCESSING OF PERSONAL INFORMATION FROM EEA RESIDENTS
If you reside within the European Economic Area (EEA), our processing of your personal information will be legitimized as follows:
(i) Whenever we require your consent for the processing of your personal information such processing will be justified pursuant to Article 6(1) lit. (a) of the General Data Protection Regulation (EU) 2016/679 (“GDPR”). This article in the GDPR describes when processing can be done lawfully.
(ii) If the processing of your personal data is necessary for the performance of a contract between you and UPINION or for taking any pre-contractual steps upon your request, such processing will be based on GDPR Article 6(1) lit. (b).”). If this data is not processed, UPINION will not be able to execute the contract with you.
(iii) Where the processing is necessary for us to comply with a legal obligation, we will process your information on basis of GDPR Article 6(1) lit. (c), for example complying in the fields of tax law.
(iv) And where the processing is necessary for the purposes of UPINION’s legitimate interests, such processing will be made in accordance with GDPR Article 6(1) lit. (f), for example to detect fraud.
Site features and services: Cookies or similar technologies help you log in by pre-filling the username field or help store your preferences. For example, when you use the ‘Remember me’ feature when you sign into your account.
ADDITIONAL INFORMATION FOR SOUTH AFRICAN USERS
We are committed to the principles for electronically collecting personal information recorded in the Electronic Communications and Transactions Act 25 of 2002 (“ECTA”). We are also committed to ensuring that consumer rights as recorded in the Consumer Protection Act 68 of 2008 are respected (“CPA”). Insofar as any of our marketing strategies may be construed to amount to direct marketing as contemplated in the CPA you confirm that the ability to deregister or stop using the Services and excuse us from any adverse consequence contemplated by the CPA
ADDITIONAL INFORMATION FOR UNITED STATES USERS
In the US there are exceptions to the opt-out rule. For example, consumers cannot opt out when nonpublic personal information is shared with a nonaffiliated third party to respond to judicial process or to comply with federal, state, or local legal requirements.
SAFETY OF CHILDREN AND COPPA
Our Services are not intended for and may not permissibly be used by individuals under the age of 13. Upinion does not knowingly collect personally identifiable data from persons under the age of 13 of COPPA (The Children’s Online Privacy Protection Act). If it comes to our attention that we have collected personal data from such a person, we may delete this information without notice. If you are a parent of a child under 13, and you believe that your child has provided us with information about him or herself, please contact us at [email protected].
We are committed to handle and store your personal information with integrity and care. For this reason we maintain technical and organizational security measures in order to guarantee your personal information is protected from loss, incorrect modifications and unauthorized third-party access. We ensure, to the greatest extent possible, that only authorized persons have access to your personal information and only to the extent that it is necessary in the scope of the aforementioned purposes. If you want more information about our security measures please contact us via [email protected]
QUESTIONS, CONCERNS OR COMPLAINTS
Should you have any reservations or grievances concerning your privacy or the management of your personal information, please reach out to us at [email protected].
You also have the option to convey concerns or complaints to our executive board (anonymously) through the use of our Incident Report Form.
In the event that you are dissatisfied with the resolution of your complaint, you are entitled to file a complaint with the data protection authority in your area.