Privacy Policy
This Privacy Policy describes how Afterhope S.R.L. (“Afterhope,” “we,” “us” or “our“) collects, uses, and transfers your personal data.
Afterhope respects your privacy.
This Privacy Policy is effective as of the date set forth above. This policy may be changed because of changes in legislation, the requirements of the authorities or to reflect changes in our practices concerning the processing of personal data. The revised policy will be posted on our Site and will be effective immediately upon being posted.
Essentially, this Privacy Policy is about your personal data handled by us.
—
Afterhope is a Romanian limited liability company headquartered in Bucharest, 11-13 Ion Creangă Street, having the EU Identification Number ROONRC.J40/1722/2020.
Afterhope holds all title, rights and interests over the acaza® application (hereinafter the “App”) and over the [www.acaza.app] website (the “Site”). The App and the Site will hereinafter be collectively referred to as the “Services”.
Our Data Protection Officer may be contacted via dpo@[acaza].app and will handle any questions about our Privacy Policy or privacy practices.
The online services associated with the Services are hosted within EEA based cloud environments of Amazon Web Services, respectively Google Firebase Services.
—
We treat any data that relates to an identified or identifiable individual or that is linked or linkable to them by or Services as “Personal Data”. This means that data that directly identifies you — such as your name — is personal data, and also data that does not directly identify you, but that can reasonably be used to identify you — such as the serial number of your device — is personal data.
This Privacy Policy covers how we handle personal data whether you interact with us on our Site, through our App, or in person (including by phone or by e-mail).
—
The App is intended to be a safety and tracking application for Android devices (hereinafter, the “Device”), whose main purpose is to enhance the security of children (hereinafter collectively, the “Protected”) being in a dangerous situation, such as disappearing, kidnapping or runaways (hereinafter, the “Trigger Event”).
The App will be installed on the Device operated by the Protected, as well as on the mobile phones of their parent or legal guardian (hereinafter, the “Guardian”).
The Device having the App installed and running will safely and temporarily scan for, collect, encrypt, transfer, store and remove the unique identifiers shared by other devices (MAC address) when connecting to the System’s Wi-Fi, Bluetooth Classic (4.0) and Bluetooth Low Energy (5.0) protocols, and the GPS location of the Protected Devices (“Third Party Data”).
Any Third Party Data will be at rest in an encrypted and temporary manner until (i) permanently and automatically deleted after three days after having been uploaded to the Amazon Web Services, or until (ii) frozen and transferred to the Guardian, when an alert for Trigger Event is issued.
—
Afterhope may obtain your personal data from various sources, such as:
The use of our App or of some if its core functionalities require that you provide us with some personal data relating to another individual; when you do that, you should make sure that this sharing with us and our further use as described to you from time to time are in line with applicable laws; thus, for example, you should duly inform that individual about the processing of her/his personal data and obtain her/his consent, as may be necessary under applicable laws.
The personal data under our processing enables us to personalize, improve and continue to operate the Services. In connection with certain aspects of the Services, we may request, collect and/or display some of your personal data.
—
Related to the account:
When you create an account on our Services, you will provide information that represents your personal data, such as:
Related to the subscription:
Related to location:
The following data will be processed:
Technical Information
Technical Information is collected automatically through the interaction with our Services and includes:
We may collect some Device-specific information if you access our Services using a mobile device. It may include but is not limited to:
Usage Information
This includes how you use our Services and data gathered through the operation of the Services, such as:
Marketing and Communications Data
This includes your preferences in receiving marketing communications from us. You may unsubscribe from these messages through your Account settings, although we, regardless, reserve the right to contact you when we believe it is necessary, such as for account recovery purposes.
Processing of Children Personal Data
As described above in the Core Functionalities, the App is designated to locate the Protected Device, its location and its interactions with other devices. If a Guardian will install the App and its Core Functionalities in order to use the Core Functionalities, the Guardian can receive information about the child’s Device and information about the child’s location. Additionally, the Guardian can configure parameters such as Safe Zones and specific limits for the child’s location until prompting an alert. Afterhope does not collect children’s data beyond the framework of the aforementioned features.
Aggregated Information
We collect statistical or demographic information about how both unregistered and registered users, collectively, use our Services. This information might include, but is not limited to, for example, session information, Account settings, and parental controls activities. Some of this information may be derived from Personal Data but it is not considered Personally Identifiable Information, as it cannot be used to identify you.
—
AFTERHOPE WILL ONLY PROCESS PERSONAL DATA FOR PARTICULAR, PRE-DETERMINED PURPOSES THAT ARE LEGITIMATE WITH REGARD TO APPLICABLE LAW, AND THAT ARE RELEVANT TO OUR BUSINESS. Basically, such scopes for processing the personal data are the following:
Legal Bases for Data Processing
The legal basis we use depend on the purpose of processing personal data, which may be the following:
Please see the table below for the specific purposes that we have identified, the legal basis and what our legitimate interests are where appropriate:
Purpose/Activity |
Type of data |
Lawful basis for processing including basis of legitimate interest |
To register you as a new customer |
Identity Contact |
Performance of a contract with you |
To manage our relationship with you which will include: (a) Notifying you about changes to our terms or privacy policy (b) Asking you to leave a review or take a survey or provide feedback |
Contact Credentials Marketing and Communications |
(a) Performance of a contract with you (b) Necessary to comply with a legal obligation (c) Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services) |
To manage and protect our business and the Services (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data) |
Identity Contact Technical |
(a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganization or group restructuring exercise) (b) Necessary to comply with a legal obligation |
To deliver relevant content on our Services and advertisements to you and measure or understand the effectiveness of the advertising we serve to you |
Identity Contact Usage Marketing and Communications Technical |
Necessary for our legitimate interests (to study how customers use our services, to develop them, to grow our business and to inform our marketing strategy) |
To use data analytics to improve our website, services, marketing, customer relationships and experiences |
Technical Usage |
Necessary for our legitimate interests (to define types of customers for our services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy) |
To make suggestions and recommendations to you about new updates and functionalities of our Services that may be of interest to you |
Identity Contact Technical Usage |
Necessary for our legitimate interests (to develop/improve our products/services and grow our business) |
To operate the Services |
Technical Usage Credentials |
Performance of a contract with you |
To approach new customers, to inform about new products or services not similar to our Services, to perform automatic decisions including profiling (discussed below) |
Usage |
Consent |
Please contact us if you need more details about the above description.
—
IF YOU CHOOSE NOT TO PROVIDE DATA THAT IS NECESSARY IN ORDER FOR OUR SERVICE OR A FEATURE TO WORK, YOU MAY NOT BE ABLE TO USE THAT SERVICE OR FEATURE.
—
Through our Services, Afterhope never processes “sensitive” personal data such as religion, political views, sexual preference or health, or other special categories of personal data. We do not wish to receive any such data and will not request it from you.
Our App must be installed and used by an adult. Children may use the Protected Device and the designated App module for Protected where the App was installed only with permission from their Guardian. Except for the processing described under Processing of Children Personal Data Section above, we do not intend to process personal data of children, nor do we want to receive such personal information of children.
—
We will not rent or sell any Personal Data.
In order to ensure the Core Functionalities, we may share the Personal Data collected by the Protected Device in case of a Trigger Event with the Police and other relevant authorities.
We will share only the legally mandatory and strictly necessary Personal Data with other third parties in order to comply with the law, to execute our contract or to protect our legitimate interests. Such third parties may be our accountants and the Fiscal Authorities (during the payment, billing and cash collection process), third party technicians (during the tech support sessions), third party marketing companies to advertise and promote our new features, legal counsel (with regard to individual legal actions).
—
We care about the security of your Personal Data and we use commercially reasonable physical, administrative, technological and procedural safeguards to preserve the integrity, resilience, availability and security of all information under our processing and to protect the information against loss, misuse, damage or modification and unauthorized access or disclosure.
When you use our Services, any Personal Data (including any data collected by the Protected Device) is securely encrypted in transit and at rest. We have also put in place security measures and access control mechanisms to ensure that any information is prevented from loss and only accessed in an authorized manner.
We store and process Personal Data by using the latest industry-standard techniques. However, we cannot guarantee or warrant that such techniques will provide complete security of your Personal Data. Any transmission is at your own risk.
Your Account information will be protected by a password for your privacy and security. You need to prevent unauthorized access to your Account and Personal Data by selecting and protecting your password appropriately and limiting access to your computer, browser, Device and App.
—
As stated above we only collect Personal Data that is needed for the purposes specified in this Privacy Policy and we only retain Personal Data for as long as it is necessary.
Any data collected by the Protected Device will be automatically deleted after three days after having been uploaded to the Amazon Web Services.
Upon termination of the contract, Personal Data is deleted from live systems within 30 days and from the backup systems after 12 months following the date of the account termination or request.
—
You have certain rights regarding your Personal Data. We also offer you certain options about what personal data you provide to us, how we use that information, and how we communicate with you.
In most cases you can choose not to provide personal data to us when you use our Services. You may also refrain from submitting information directly to us. However, if you do not provide personal data when requested, you may not be able to benefit from the Services’ functionalities and we may not be able to provide you with information about our products, services and promotions.
You can at any time choose not to receive marketing communications by email, if you have previously subscribed to receive them, by clicking on the unsubscribe link within the marketing emails you receive from us.
To the extent provided by applicable law, you may withdraw any consent you previously provided to us or object at any time, on legitimate grounds, to the processing of your personal data. We will apply your preferences going forward. In some circumstances, withdrawing your consent to Afterhope’s use or disclosure of your personal data will mean that you cannot take advantage of certain functionalities embedded in the Services.
Subject to applicable law, you may have the following rights:
The right to access personal data may be limited in some circumstances by the requirements of local law or technological measures, including where the data has been anonymized and therefore does not relate to an identified or identifiable natural person. If you wish to exercise these rights, you may at any time directly contact us at dpo@acaza.app.
If you wish to object to data processing or withdraw your consent in cases where you use our free functionalities, you must stop using and/or uninstall the Service. If you wish to exercise your right to remove the already sent data, please contact us directly to request deletion via dpo@acaza.app.
If we fall short of your expectations in processing your personal data or you wish to make a complaint about our privacy practices, please relate this to us, as it gives us an opportunity to fix the problem. You may contact us by using dpo@acaza.app. To assist us in responding to your request, please give full details of the issue. We attempt to review and respond to all complaints within a reasonable time.
—
Personal data processing at Afterhope is based on the following principles:
Consent and choice
Purpose legitimacy and specification
Data processing limitation
Use, retention and disclosure limitation
Accuracy and quality
Openness, transparency and notice
Individual participation and access
—
If you have any questions or comments about this Privacy Policy, our privacy practices or if you would like us to update or remove information or preferences you provided to us, please contact our Data Protection Officer at dpo@acaza.app.