This document sets out the policy of Dappre B.V. in regard to the processing of personal data which takes place when using the Dappre App, DappreConnect and Dappre.com (collectively 'Dappre'). This personal data processing policy statement informs Dappre users on which personal data are processed by Dappre B.V..
This personal data processing policy statement was established on 26 September 2019 (version 2).
When does this personal data processing policy apply?
This policy on processing personal data applies if and to the extent that Dappre B.V. processes personal data of Dappre users. In the Dappre eCard module, no personal data are processed by Dappre. However, it is also possible to create a personal card in the Dappre App. In doing so, users can decide for themselves whether and which personal data they want to share with whom for what purpose and for how long.
Who is responsible for your data?
The limited liability company Dappre B.V. is responsible for the processing of personal data as described in this personal data processing policy:
1077 XV Amsterdam
Registered at the Chamber of Commerce of The Netherlands under number: 72325747
What data do we process and how do we get it?
If you are under the age of 16
If you are under the age of 16 you can use Dappre only if one of your parents or a legal guardian who has read this personal data processing policy has consented to this use on your behalf. This is because by using Dappre you have the opportunity to choose to include personal data in your Dappre App and to share it with others. Therefore, if you are under 16 years of age, we hereby prohibit you from using the Dappre App without this permission.
Use of the Dappre App
When you use the Dappre App we process personal data about you. It concerns personal data that you decide to share with others (individuals, organisations, devices) with the help of Dappre and that you fill in for that purpose in your Dappre profile(s) .
Because you decide what data is in your Dappre profile(s), you also determine what data is stored and shared, with whom or with what and for how long.
Private messages / photos that you exchange 1-on-1 with other Dappre users are always first encrypted on your device before they are sent by us. This encrypted data remains with us (in 'cache') until it is retrieved, but never for a longer period than one month.
Messages exchanged in 'Tribes' are exchanged in an unencrypted format albeit through the secure Tribe servers and are automatically deleted after one month.
There are three reasons why we process personal data as described above:
- we do not want to put too much of a burden on the (limited) storage capacity of your telephone;
- we want to offer you the possibility to restore your data from another device (such as a new device). This concerns your Dappre profile and the library of (secured and encrypted) connections that you made with people, organisations and devices . In this library no data is included that you can access and / or share via those connections, because that data always remains at the source;
- we want people who connect to a 'tribe' to be able to access messages that have been exchanged in that tribe in the month prior to their accession to the tribe.
When you share data from your Dappre profile, messages and / or photos with other users, these users get access to this data. This data may be re-used by other users within other applications (for example by synchronizing this data with an address book). We are not responsible for the processing of your personal data through these other applications. This personal data processing policy does not apply to the use of such applications.
Which data do we process for this?
Because you decide what is in your Dappre profile, you can fully determine for yourself what is being processed by Dappre B.V.. This also applies to messages / photos sent through a 'Tribe'; you decide for yourself what the content of a message is.
How long do we keep your data ?
After you have deleted your data from Dappre, it takes up to 2 months for this data to disappear from the Dappre systems.
Ask a question or submit a complaint
When you ask Dappre B.V. a question regarding Dappre or submit a complaint, or when you contacting Dappre B.V. by telephone, e-mail, social media or by postal mail, we process your data to contact you, as far as necessary for dealing with your question or complaint and in order to ensure that we can also approach you at a later stage with additional information regarding your question or complaint. We only use this personal data for this purpose and your personal data are only accessible to those within Dappre B.V. who deal with the processing of your question or complaint.
Which data do we process for this?
In order to register your question or complaint, we record this in our registration system. Here we then also include contact information such as your name, address, telephone number, email address and / or social media account. You can decide for yourself which contact details you want to share with us for the handling of your question or complaint.
How long do we keep your data for this purpose?
We do not store questions, complaints and contact details for more than 2 years, unless the nature of the question or complaint requires us to keep these for longer. You can always ask us to delete your contact details at any time.
On our website dappre.com we track and process general visitor data. This data is used for analysis of visitor and click behavior on the website. Dappre B.V. uses this information to improve the operation of its website. This data is anonymised as much as possible and not shared with others.
We use Google Analytics on our website dappre.com. We have signed a processing agreement with Google. The last octet of the IP address is masked. The “data sharing” option has been disabled in the management environment. We do not use other Google services in conjunction with the Google Analytics Cookies.
Furthermore, we have not given Google permission to use Analytics information obtained via dappre.com for other Google services and otherwise set up Google Analytics in accordance with the recommendations of the Dutch Data Protection Authority.
Google Firebase Services
Our Dappre App uses Google Firebase Services. Firebase gives us insight into the performance and stability of the Dappre App, so that we can solve technical problems and make improvements. Firebase does not collect personally identifiable information (PII), such as names, email addresses or phone numbers.
By default, Firebase’s SDK (“software development kit”) collects “identifiers” for mobile devices (e.g., Android “Advertising ID” and “Advertising Identifier” for iOS). The SDK makes use of technologies that are comparable to cookies. This ‘Advertising ID’ can be reset on the mobile device. If the Advertising ID is not available, the hardware ID of the device, such as the Android ID (SSAID), is collected instead. This alternative Advertising ID generally cannot be reset. We have not granted Google permission to use data obtained through the Dappre App for other Google services.
View, modify, delete or transfer data
Of course you always have the right to view, correct, or delete your personal data. In that case, send an e-mail to email@example.com, or contact us by telephone on +31 20 799 76 14. We will respond as soon as possible to your request, but no later than within 4 weeks. We can send your data to you in an electronic format such as XML or PDF.
If you want us to forward your data directly to another party, we will also do this for you if this is technically possible.
We expect of course that you can prove that you are you.
Dappre via Social Media
Dappre B.V., but also you yourself, can be active on various social media platforms, such as Twitter and Youtube. When you communicate with us via social media (for example when you post comments, upload media or send a personal message, we may receive personal details of you (such as your user name, profile picture, place of residence, email address or your gender). In such a case, we will only process the personal data that we need for the processing of your message, question or complaint as described in this personal data processing policy .
Dappre makes no decisions based on automated processing on matters which produce legal effects concerning you or which similarly significantly affects you. Automated decisions are decisions taken by computer programmes or systems, without human intervention (such as, for example, by a Dappre representative).
Which third parties have access to your data?
Dappre B.V. relies on external processors when carrying out its services and other business activities. To the extent that these processors when running the relevant services and business processes process your data, they do so on behalf of Dappre B.V. and Dappre B.V. will take the legal, technical and organisational measures to ensure that your data is only processed as directed by Dappre B.V..
Only if Dappre B.V. is legally obliged to do so, personal data is provided to monitoring authorities, tax authorities and investigative authorities. In this context, your personal data can also be passed on to recipients in countries outside the European Economic Area. In such cases, Dappre B.V. will take appropriate measures that are reasonably necessary to ensure that your data is protected as well as possible.
How do we protect your data?
Dappre B.V. takes the protection of your data seriously and takes appropriate measures to prevent abuse, loss, unauthorized access, unwanted disclosure and unauthorized modification.
If you have the impression that your data is not secure or there are indications of abuse, please contact us by sending an e - mail to firstname.lastname@example.org or by calling during office hours to +31 20 799 76 14.
Questions and requests for access, a copy, correction, completion, restriction of processing and removal and transfer
You can ask us at any time to access your personal data, correct, supplement, limit the processing or delete your personal data. You also have have the right to withdraw your consent to the data processing or to object to the processing of your personal data by Dappre B.V.. You can also submit a request to us to transfer to you in a machine-readable format personal data that we have on you .
You can send your request or objection regarding the processing of your personal data to email@example.com.
In order to ensure that the request for access has been made by you, we will ask you to identify yourself by means of a driver's license, identity card or passport. This to make sure that the data to which access is requested belongs to the applicant, as well as to prevent a possible personal data breach. We will respond as quickly as possible to your request, but no later than four week after we have received it.
For any questions or complaints, please contact Dappre B.V. by e-mail to firstname.lastname@example.org or by calling during office hours at +31 20 799 76 14.