FIRENET DIGITAL LTD incorporated and registered in Northern Cyprus and under number 622 and whose office is located at Serbest Liman ve Bölge Posta Kutusu no: 610 Gazimağusa/ Northern Cyprus ( “Firenet”, “we”, “our” or “us”) provides the REPORTS+ mobile app to users (“you”).
While providing our services, we recognize the importance of your privacy and carry out our activities in line with the applicable data protection regulation including the EU General Data Protection Regulation (“GDPR”) and other related laws.
Personal Data We Collect
We collect and process your personal data such as:
- identity information including your Instagram username, user ID,
- contact information including your e-mail address (we may request upon our support services),
- online identifiers including Identifier for Vendors (IDFV), Identifier for Advertisers (IDFA) and IP address,
- customer transaction information including your purchase history, payment details, subscription ID, transaction ID, subscription start and end date, receipt of subscription, version of REPORTS+.
The data that we may collect from our partners could include;
- internet or network activity information including your usage activity, language preference, how much time you have spent and your last active time in the REPORTS+,
- marketing information including your push notification device token, information about the campaign (advertisement, Instagram phenomenon etc.) you come from, the ads you see in REPORTS+,
- Data for advertising and analytics purposes, so we can optimise the Services we deliver to you,
- Data we receive if you link a third-party tool with our Services (such as Apple, Google etc.).
As REPORTS+, we never store these personal data on our servers. These personal data are fully isolated from our servers and are stored in user’s own mobile device (client-side).
We do not collect any special categories of personal data or sensitive data such as any information on your health, religious beliefs, political opinions, sexual preferences or orientation.
Collection Method of Your Personal Data
We collect your personal data in a number of ways, including:
- directly from you via e-mail, mobile application,
- from publicly available sources of information,
- from our own records of how you use REPORTS+ services.
Use of Your Personal Data
We may use your personal data to:
- provide you with a better and more personalized level of service;
- review your requests, suggestions and complaints regarding our service;
- fulfil contractual obligations to you and anyone involved in the process;
- send you marketing communications and promotional offers (including push notifications);
- monitor metrics such as total number of visitors, traffic and demographic patterns;
- show you ads that are more tailored to your interests;
- identify and resolve errors, problems or bugs in our products and services;
- meet legal and regulatory requirements including compliance with applicable law; respond to requests from public and government authorities, including authorities outside your country of residence and to meet national security or law enforcement requirement
We collect and process your personal data on the following bases under the GDPR:
- to comply with our contractual obligation (for example, providing you with our service),
- to comply with our legal obligations,
- because of our company’s legitimate interests which include the provision of our mobile application and/or relevant services, provided always that our legitimate interests are not outweighed by any prejudice or harm your rights and freedoms,
- to establish, exercise or defend our legal claims before the courts, arbitrations, authorized data protection authorities or similar legal proceedings,
- because you have explicitly given us your consent to process your personal data in that manner.
We will only provide you with marketing related information after you have, where legally required to do so, opted in to receive those communications and having provided the opportunity for you to opt out at any time.
Disclosure of Your Personal Data
We disclose your personal data
- with our employees, other REPORTS+ users, company executives, representatives, suppliers, service providers, business partners, group/linked companies and solution partners for the purposes specified in Section 3,
- with government and regulatory authorities and other organizations to meet legal and regulatory requirements, or to protect or defend our rights or property in accordance with applicable laws.
For the compliance with the GDPR, we ensure that our suppliers and business or solution partners whether they are located outside the EEA or not, takes appropriate technical and organizational security measures in accordance with applicable data protection laws and use it solely for the purposes specified by us.
If you are from the European Economic Area or in certain countries, you are also entitled (with some exceptions and restrictions) to:
- Access: You have the right to request information about how we process your personal data and to obtain a copy of that personal data.
- Rectification: You have the right to request the rectification of inaccurate personal data about you and for any incomplete personal information about you to be completed.
- Objection: You have the right to object to the processing of your personal information, which is based on our legitimate interests (as described above).
- Deletion: You can delete your account by using the corresponding functionality directly on the service.
- Automated decision-making: You have the right to object a decision made about you that is based solely on automated processing if that decision produces legal or similarly significant effects concerning you.
- Restriction: You have the right to ask us to restrict our processing of your personal data, so that we no longer process that personal data until the restriction is lifted.
- Portability: You have the right to receive your personal data, which you have provided to us, in a structured, commonly used and machine-readable format and to have that personal data transmitted to another organization in certain circumstances.
- Complaint: You have a right to lodge a complaint with the authorized data protection authority if you have concerns about how we process your personal data. The data protection authority you can lodge a complaint with notably may be that of your habitual residence, where you work or where we are established.
You may, at any time, exercise any of the above rights, by contacting us via firstname.lastname@example.org/ together with a proof of your identity, i.e. a copy of your ID card, or passport, or any other valid identifying document.
In some cases, we may not be able to give you access to your personal data that we hold, if making such a disclosure would breach our legal obligations to our other customers or if prevented by any applicable law or regulation.
Residents of the State of California (USA)
Pursuant to the California Consumer Privacy Act of 2018 (“CCPA”), California residents have certain rights in relation to their personal information, subject to limited exceptions. For personal information collected by us during the preceding 12 months that is not otherwise subject to an exception, California residents have the right to access and delete their personal information.
We will not discriminate against any customer that asserts their rights under the CCPA. We will not: (1) deny you goods or services; (2) charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties; (3) provide you a different level of qualify of goods or services; or (4) suggest that you may receive a different price or rate for goods or services or a different level of quality of goods or services.
If you are a California resident, you have the right to request certain information from us regarding our information-sharing practices with third parties for direct marketing purposes. To the extent that we share your personal information for direct marketing purposes, you may receive the following information: (1) the categories of information and sources of information that we disclosed to third parties for direct marketing purposes during the preceding year; and (2) the names and address information of third parties that received such information, or if the nature of their business cannot be determined from the name, the examples of the products or services marketed.
To the extent that we sell your personal information to third parties, you also have the right to request that we disclose to you: (i) the categories of your personal information that we sold, and (ii) the categories of third parties to whom your personal information was sold. You also have the right to direct us not to sell your personal information.
California residents may also designate an authorized agent to make a request to access or delete on your behalf. Your authorized agent must submit proof that you have provided them with power of attorney pursuant to Probate Code sections 4000 through 4465. We may deny a request from a purported authorized agent who does not provide proof of authorization to act on your behalf.
Right to withdraw consent
If you have provided your consent to the collection, processing and transfer of your personal data, you have the right to fully or partly withdraw your consent. To withdraw your consent please follow the opt-out links on any marketing message sent to you or contact us via email@example.com/
Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose(s) to which you originally consented unless there are compelling legitimate grounds for further processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
Collection of Children’s Personal Data
We attach great importance of protecting children’s privacy. Therefore, we make an effort to not collect personal data of any children under the age of 13. If you have any concerns about your child’s privacy with respect to our services, or if you believe that your child may have provided his/her personal data to us, please contact us using the details provided below. We ensure to delete such personal data from our records immediately.
Security of Your Personal Data
We take appropriate and reasonable technical and organizational measures to protect your personal data from loss, misuse, unauthorized access, disclosure, alteration, and destruction, taking into account the risks involved in the processing and the nature of the personal data. Such technical and organizational measures include:
- Protecting our data servers with state-of-the-art anti-virus programs and similar software.
Retention of Your Personal Data
We will only retain your personal data for as long as necessary to fulfil our collection purposes, including for the purposes of satisfying any legal, accounting, or reporting requirements, and where required for our company to provide services, until the end of the relevant retention period.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. Upon expiry of the applicable retention period, we will securely delete, destroy or anonymize your personal data in accordance with applicable laws and regulations.
Links to Third Party Sites
We reserve the right to update and change this Policy from time to time in order to reflect any changes to the way in which we process your personal data or changing legal requirements. Any changes we may make to our Policy in the future will be posted on this page and, where appropriate, notified to you by e-mail or push notification. Please check back frequently to see any updates or changes to our Policy.