Privacy policy – XPLORA Watch and services [v.26.10.17 ]

 

Article 1. General Provisions

The XPLORA Watch can, together with the accompanying app and mobile telephone services subscription, collect and transmit data to PepCall AS, such as location data.

Such detailed data collection and use is critical to the successful operation of the XPLORA Watch.

Data collection, storage and use of data will be managed with strict privacy and security measures.

XPLORA App and Platform collect personal information when a user (hereinafter “you” or

“Member”) registers with XPLORA.

“Personal information” is information which identifies or can identify you or your child, such as your name, address, location data, or other data which can be reasonably linked to such information.

We very much appreciate the importance of your personal information complying with all

regulation and Telecommunications act, including but not limited to national Data Protection regulation as well as EU GDPR.

We do our best to protect your personal information by implementing reasonable security standards and hereby inform you of the purposes and methods by which we may use your personal information of and of the actions taken to protect your privacy.

Article 2 Data Controllers and Data Processors. Access, rectification and deletion

For Nordic users (Norway, Sweden, Denmark, Finland and Iceland)  PepCall AS, org. no. 814 499 022, is the Data Controller. PepCall AS can be reached at kundeservice@pepcall.no or kundeservice@xplora.no or kundservice@xplora.se

You are entitled to contact one of these Data Controllers for questions related to your rights of access, rectification and deletion according to GDPR and national personal data legislation.

Infomark Co Ltd, and Amazon Web Services are Data Processors pursuant to data processing agreements between us and these entities.

All your data and personal information collected from you is subject to be processed and stored in Amazon Web Services hosted in Dublin (Ireland) and Frankfurt (Germany) on our behalf and we  sometimes handle transfers from your home country to these services in Dublin (Ireland) and Frankfurt (Germany).

Article 3 Categories of personal data that we collect from you and how we use it

We may, when we provide our services to you, or in relation to our provision of services to you, collect from you and from your devices the following types of information:

-Service usage information, access information, cookie, IP address, mobile device identification numbers (device ID or IMEI), unauthorized or inappropriate access information

-Location information stored on your device or your location information

Other detailed information on data we collect:

Data Detail
Installation information of the

mobile app

Type of device

Device token

Installation ID

Phone number

User information of the

mobile app

Username and password

Phone Number

Devices managed by the user

Installation information

Contact Icon Contact icon image link of phone contact

information

Phone Contact Phone number

Nickname of the phone contact

Device info. of the watch Watch Phone Number

Watch IMEI

IMSI of the SIM card inserted into the

watch

MAC address of the watch

F/W version

Locations

Device Setting Setting values of the watch
Device Status Status value of the watch
Device Token Device token of the watch
Device Icon Watch icon image
Location Coordination and timestamp of a watch

location

 

We may collect data from you through the following channels or methods:

-through the webpage, paper form, fax, telephone, customer service board, email, promotional event application, logistics service

-automatically collect from you executing or using our services

-collected when you voluntarily registers for or use our service

The legal basis for the processing of this data is for the performance of the contract of the provision of our services, entered into between you and us.

In addition we may process personal data if applicable law, regulation, legal process or enforceable governmental request, obliges us to do so, or if GDPR art 6 (1) (f) is applicable, namely in cases where we have legitimate interests that are not overridden by data protection interests.

Article 4 – Information we collect based on actions on your side or if you have consented

We may also collect following personal information in case that you use additional services or personalized services or if you participate in various events we host.

In case you win the an event we will process information required to provide a gift and mailing address

In case you use fee-based services we will process payment information

We do not use your personal information for direct marketing purposes, unless a freely given, specific, informed and unambiguous consent has been obtained from you.

Article 4 [Disclosure of Personal Information – transfer to third parties]

Your personal information will not be shared with third parties other than the ones that need this information to execute the Agreement and will not be provided to third parties or organizations beyond the scope set forth in this Privacy Policy, unless you have given consent.

For the avoidance of doubt, we will not share your personal information with third parties for marketing purposes unless you give us your consent through an opt-in.

However, we may disclose or use your personal information without your consent if there are any applicable law, regulation, legal process or enforceable governmental request that obliges us to do so.

We may also transfer personal data to third parties if GDPR art 6 (1) (f) is applicable, namely in cases where we have legitimate interests that are not overridden by data protection interests. We may therefore pass information about the location of your Device to emergency services.

Furthermore, we may provide location information or any other usage data in a non-personal, aggregate format for statistical and research purposes to third parties. Such data is not considered as personal data.

Article 5 – Data retention policy

In general, we store personal data as long as legitimate interests and/or applicable legislation, justify storage.

Location data

We automatically delete your location history data after 72 hours.

Account data

If you decide to deactivate your account by sending us an email, we keep your data for 45 days from the date of deactivation request. This is called the deactivation period and during this process your data is not accessible.

Within the deactivation period you have the option to reactivate your account, unless there is a separate agreement between you and PepCall AS or XPLORA Technologies Ltd. to begin the process of deleting your data immediately after the deactivation period have started.

After the deactivation period, we will start the process of deleting your account. Deletion from our systems and backups may take up to a week.

Article 6 [Notifications on amendments to this Privacy policy]

In the event of any material change, addition, or deletion to the privacy policy due to related laws, security technology, or due to any other matters, we will notify you of all changes with reasonable time in advance through the text message (SMS) to your mobile phone number that you provided to verify the accompanying app and through our websites, or through e-mail.

Non-material changes will be notified through these websites only.