Last updated: July 17, 2023
Welcome to FeeL!
We value your privacy and security and actively work to collect as little of your Personal Data (as defined below) as possible. Nonetheless, any company providing publicly available services on the Internet will inevitably collect information about those who it interacts with or those who utilize its services ("Users") through its normal business operations.
This Policy explains how we collect (if applicable), store, use, handle, and protect Personal Data collected through our normal business operations. Access to any or all of the Platform’s functionalities and Services, including those accessible on the Website or through the Applications, those provided during contact with the Company Parties through direct communication, those provided by interacting with the Company Parties on social media, you acknowledge and agree to this Policy.
In the event you disagree with any provision of this Policy or would not like to provide your consent for Processing (as defined below) of your Personal Data, you shall cease using the Platform or any of the Services immediately.
LEGAL GROUNDS FOR PERSONAL DATA PROCESSING 2
CONSENT TO PERSONAL DATA PROCESSING 4
§1. EU Persons Consent to Personal Data Processing 4
COLLECTION OF PERSONAL DATA 5
§1. Personal Data You Provide to Us 5
§2. Personal Data We Collect Automatically 6
USE OF PERSONAL DATA 7
DISCLOSURE OF PERSONAL DATA 8
TRANSMISSION OF PERSONAL DATA 9
PROTECTION OF PERSONAL DATA. SECURITY MEASURES 9
EU PERSONS' 10
ALTERATIONS TO POLICY 11
DATA PROTECTION OFFICER 11
1.1. In addition to the definitions contained elsewhere in the text of this Policy, the following terms and expressions shall have the following meaning ascribed to them for use in this Policy:
"Company Parties" means the Company and its respective past, present, and future employees, officers, directors, contractors, consultants, attorneys, accountants, financial advisors, equity holders, suppliers, vendors, service providers, parent companies, subsidiaries, affiliates, agents, representatives, predecessors, successors and assigns. "Company Party" means one of the foregoing, as the case may be.
"Consent" has the meaning set out for this term in Article 4.1 hereof.
"EU Persons" means Personal Data subjects who are in the European Union.
"GDPR" means Regulation (EU) 2016/679 of the European Parliament and the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
"Personal Data" means any information relating to an identified or identifiable natural person (data subject); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
"Processing" means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. "Process", "Processed" and other similar terms shall be construed accordingly.
3.1. Processing of Personal Data is permitted only on the following legal grounds:
3.1.1.Consent to Personal Data Processing, when the data subject has given Consent to the Processing of his or her Personal Data for one or more specific purposes;
3.1.2. contractual relationships, where the Personal Data Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
3.1.3. controller's legal obligation, when the Processing is necessary for compliance with a legal obligation to which the controller is subject;
3.1.4. vital interests protection, when the Processing is necessary in order to protect the vital interests of the data subject or of another natural person;
3.1.5. public interests compliance, when the Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
3.1.6. controller's legitimate interests, when the Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of Personal Data, in particular where the data subject is a child.
3.2. We Process your Personal Data on the basis that it is:
3.2.1. necessary for the performance of a contract, therefore, where we have a contract with you, we will process your Personal Data in order to fulfil that contract (in particular, to provide you with the Services);
3.2.2. authorized by your Consent, which you give us as it is set out in Article 4 (Consent to Personal Data Processing) hereof;
3.2.3. necessary for compliance with our legal obligation, in particular, when we are obliged to respond to a court order or a regulator;
3.2.4. necessary for the performance of our legitimate interests, as it is more detailed described in Article 3.3 hereof; or
3.2.5. permitted by applicable legislation, if the respective legal ground for Personal Data Processing is not mentioned in, or contradicts, the provisions of this Policy.
You are welcome to contact us for further information on the legal grounds that we rely on in relation to any specific Processing of your Personal Data.
3.3. We Process the Personal Data for a number of legitimate interests, including to provide and improve the Platform, administer our relationship with you and our business, for marketing and in order to exercise our rights and responsibilities. In particular, we Process the Personal Data to:
3.3.1. administer our relationship with you, our business and our third-party providers (e.g., to send invoices);
3.3.2. deliver and suggest tailored content such as news, research, reports and business information. We analyse the way you use our Platform to make suggestions to you for features or Services that we believe you will also be interested in, and so that we can make our Platform more user-friendly;
3.3.3. share your Personal Data across our Services so that we can make all of the Services we deliver to you more intuitive (e.g., rather than requiring you to enter the same data many times);
3.3.4. contact you in relation to, and conduct, surveys or polls you choose to take part in and to analyse the data collected for market research purposes;
3.3.5. conduct internal research and development and to improve, test and enhance the features and functions of our Platform;
3.3.6. provide you with marketing as permitted by law;
3.3.7. meet our internal and external audit requirements, including our information security obligations;
3.3.8. exercise, protect and/or enforce our rights, privacy, safety, networks, systems and property, or those of other persons;
3.3.9. prevent, detect or investigate a crime, fraud or other breach of law or requirement;
3.3.10. prevent or detect any loss incurred by Company Parties or third persons;
3.3.11. comply with requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, including where they are outside your country of residence;
3.3.12. defend Company Parties from claims;
3.3.13. comply with laws and regulations that apply to us or third parties with whom we work.
Where we rely on legitimate interests as a lawful ground for Processing your Personal Data, we balance those interests against your interests, fundamental rights and freedoms. For more information on how this balancing exercise has been carried out, please contact us by sending an email to firstname.lastname@example.org
3.4. The Company Parties do not knowingly collect personally identifiable information from children under the age of sixteen. If you are under the age of sixteen, you must ask your parent or guardian for permission to use the Website and the Services.
4.1. If you are an EU Person and to Process your Personal Data we need to receive your consent, as it is prescribed by GDPR, we will process your Personal Data only in the case we have received from you a freely given, specific, informed and unambiguous indication of your wishes by which you signify agreement to the processing of your Personal Data ("Consent").
4.2. You may give your consent by ticking a box when visiting different sections of the Platform. In the case you tick the respective box, you irrevocably and unconditionally consent and agree that the Company Parties shall be entitled to Process your Personal Data as it is indicated in your Consent.
4.3. Your Consent covers all Processing activities with your Personal Data carried out for the same purpose or purposes. When the Processing has multiple purposes, your Consent should be deemed given for all of them.
4.4. You have the right to withdraw your Consent at any time. You can submit such a request by sending us an email to email@example.com. Your withdrawal of Consent shall not affect the lawfulness of your Personal Data Processing based on Consent before its withdrawal.
4.5. Except as required or enabled by law (including, for the avoidance of doubt, the laws of the member states of the European Union), we will not use or disclose your Personal Data for any purpose for which you refuse Consent or later withdraw your Consent. If you withdraw Consent, you agree that in spite of this withdrawal, we may continue to use those Personal Data previously provided to us to the extent that we are contractually or otherwise legally obliged to do so and to the extent necessary to enforce any contractual obligation you may have towards the Company Parties or in any other way permitted by law.
5.1. The Platform is designed to collect as little of your information as possible. The Platform does not have user accounts, and it collects very little identifying information in our systems. Private keys, encryption passwords, and all other information necessary to operate our Platform are owned, controlled, managed, and possessed by Users (unless they opt to utilize another service or product which would be completely outside of our control), and never touch our servers or systems.
5.2. The Platform never records nor transmits any of your private keys or encryption passwords. All information is entered and processed by your device, so Company Parties, its employees, and its servers never have the opportunity to collect your private key, encryption password, or other related information.
5.3. The Company prides itself in its frequent contact with Users and the community. These two-way communications may occur via telephone, email, in-person, Slack, Telegram, Reddit, text message, voicemail, Signal, Wickr, Facebook (and/or Messenger), Twitter, written letter, or any other method. Records of these conversations may be kept in written, recorded, or digital form, as permitted by law, in a manner that is reasonably necessary for us to perform our business operations effectively.
5.4. The Company relies on social media as a primary means of communicating with its community and Users. We do not generally delete communications and other information shared on social media, though we reserve the right to do so for any reason without warning. We also do not generally save these communications offline, though we reserve the right to do so for any reason or no reason, and without warning.
5.5. You may always refuse to supply your Personal Data, though this may prevent you from engaging in certain Platform-related activities and/or obtaining certain Services.
5.6. The Platform contains links to other third-party websites that may collect Personal Data about you, including through cookies or other technologies. If you use our links to visit other websites, you will leave the Platform and this Policy will not apply to your use of and activity on those other websites. You should consult these other websites' privacy policies as we have no control over them, and are not responsible for any information that is submitted to or collected by these third parties.
5.7. Company Parties shall be entitled to collect Personal Data only in the course of your accessing, interacting and operating of the Website (but not of the Applications), which may include, without limitation, the following Personal Data:
5.7.1. device information, which may include (but is not limited to) information about the computer or mobile device you use to access the Platform, including the hardware model, operating system and version, the web browser you use, and other device identifiers;
5.7.2. usage information and browsing history, such as, information about how you navigate within the Platform, your browsing history and which elements of the Platform or which Services you use the most;
5.7.3. location data, for Services with location-enhanced features. If we need your consent to collect geolocation data, we will collect this separately;
5.7.4. demographic information, such as your country, and preferred language;
5.7.5. server log information, which may include (but is not limited to) your login details, the date and time of visits, the pages viewed, your IP address, time spent on the Platform and the websites you visit just before and just after the Platform;
5.7.6. telemetry information. If you use any of our open-source software, we may collect bandwidth upload and download speeds, the amount of free and used storage space on your device and other statistics about your device;
5.7.7. information collected by cookies and other tracking technologies. We and our service providers use various technologies to collect information when you interact with the Platform, including cookies and web beacons. Cookies are small data files that are stored on your device when you visit a website, which enable us to collect information about your device identifiers, IP address, web browsers used to access the Platform, pages or features viewed, time spent on pages, mobile app performance and links clicked. Web beacons are graphic images that are placed on a website or in an email that is used to monitor the behaviour of the user visiting the website or sending the email. They are often used in combination with cookies.
6.1. We use Personal Data to provide and improve the Platform and for other purposes that are in our legitimate interests, as well as for compliance purposes.
6.2. We will use the Personal Data for purposes of:
6.2.1. providing, maintaining, delivering or improving the Platform or other products or services provided through the Platform;
6.2.2. analysing and tracking Personal Data to determine the usefulness or popularity of certain content, and to better understand the online activity of the Platform Users;
6.2.3. fulfilling our legal or regulatory requirements;
6.2.4. providing you with the information, products or services that you have requested;
6.2.5. answering your inquiry or responding to a communication from you;
6.2.6. developing new products or services;
6.2.7. sending you technical notices, support or administrative notifications;
6.2.8. communicating with you about news, products, Services, events and other information we think will be of interest to you;
6.2.9. monitoring and analysing trends, usage and activities in connection with the Platform;
6.2.10. protecting the rights and property of the Company Parties and others;
6.2.11. linking, connecting or combining information we collect from or about you with other information; and
6.2.12. carrying out any other purpose or reason for which Personal Data was collected.
7.1. The Company Parties treat Personal Data as confidential and may not pass on or use any such data without valid legal grounds.
7.2. We will only disclose your Personal Data in the following ways:
7.2.1. with your Consent or at your instruction;
7.2.2. with our current or future Company Parties and with other companies under common control or ownership with us or our offices internationally;
7.2.3. with third parties or service providers that perform work for us;
7.2.4. in connection with a merger or sale of our company assets, or if we do a financing or are involved in an acquisition, or any other situation where Personal Data may be disclosed or transferred as one of our business assets;
7.2.5. in response to a request for information if we believe disclosure is in accordance with, or required by, any applicable law, regulation or legal process;
7.2.6. if we believe your actions are inconsistent with our user agreements, policies or legislation, or to protect the rights, property and safety of any assets of the Company Parties or third parties;
7.2.7. with third parties where aggregate Personal Data is disclosed which cannot reasonably be used to identify you.
7.3. Company Parties may without limitations share aggregated or de-identified information, which cannot reasonably be used to identify you.
8.1. The transmission of Personal Data or any other information (including communications by e-mail) over the Internet or other publicly accessible networks is not one hundred percent secure. Company Parties are not liable for the security of any Personal Data or any other information you are transmitting over the Internet, or third-party content.
8.2. Transmission of Personal Data of EU Persons to recipients, both internally or externally, is subject to the authorisation requirements and pursuant to defined purposes. Personal Data of EU Persons transmitted to a recipient outside the European Economic Area must be subject to protection at least equivalent to that sought by the GDPR. Intragroup transfers of Personal Data of EU Persons to third countries are subject to the safeguards provided by the by-laws of the Company Parties.
9.1. We take appropriate security, administrative and technical measures to protect any Personal Data you provide regarding the collection, storage and Processing of Personal Data.
9.2. Personal Data is safeguarded from unauthorized access and unlawful Processing or disclosure, as well as accidental loss, modification or destruction, through state-of-the-art technical and organizational measures. These are adjusted and updated continuously in tandem with technical developments and organizational changes. Additionally, Personal Data protection audits and other controls are carried out on a regular basis.
9.3. We take reasonable steps to protect the security of the Personal Data communicated through the Platform. However, no computer security system is entirely foolproof and the Internet is not a secure method of transmitting information. As a result, we do not assume any responsibility for the Personal Data you submit to or receive from us through the Internet, or for any unauthorized access or use of that information, and we cannot and do not guarantee that information communicated by you to us or sent to you by us will be received, or that it will not be altered before or after its transmission to us. You agree to not hold any Company Party liable for any loss or damage of any sort incurred as a result of any misappropriation, interception, modification, deletion, destruction or use of information provided through the Platform.
9.4. Personal Data provided to us is stored in accordance with applicable laws of the jurisdiction of the respective Company Party. The period for which the Personal Data will be stored is determined by the applicable laws of the jurisdiction of the respective Company Party. The Company Parties have ensured that appropriate security standards are in place regarding the safeguarding, confidentiality and security of Personal Data.
10.1. In accordance with applicable laws and as needed to provide the Services to our users, Company Parties may hold your Personal Data. This requirement is conditioned by a need to comply with legal obligations and resolve possible disputes.
10.2. Company Parties may retain your Personal Data so long as you continue to use the Platform. Moreover, your Personal Data may be held beyond the abovementioned period until it is indispensable for Company Parties to have relevant information to respond to any issues that may arise later.
11.1. The Company Parties value protection of all Users' rights relating to their Personal Data, hence, the Company Parties are committed to making sure you can exercise your respective rights effectively and free of charge. The Company will ensure each your request related to your Personal Data be reviewed in a timely fashion.
11.2. EU Persons shall acknowledge that their rights relating to Personal Data are provided in the GDPR and other applicable laws of the member states of the European Union. In particular, EU Persons have the following rights relating to their Personal Data:
11.2.1. right to access. You can request access to your Personal Data and obtain a copy of such Personal Data in a format acceptable to you (e.g. PDF, DOC, DOCX, etc.). You can submit such a request by sending an email to firstname.lastname@example.org. After your request is received, our privacy team reviews the form and conducts the requestor's identity verification without undue delay. Upon successful verification, you are provided with a copy of your Personal Data;
11.2.2.right to data portability . You have the right to receive your Personal Data, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another service provider (controller) without hindrance from us;
11.2.3. right to erasure ("Right to be forgotten") and right to rectification.You are entitled to request the erasure or rectification of your Personal Data by sending us a respective request to email@example.com. We will handle requests for Personal Data to be rectified or deleted unless there is a legal requirement that prohibits such request to be fulfilled. When a request is fulfilled, you will be informed that your Personal Data is changed or erased and is not-longer collected, however, to fulfil our legal requirements the Company Parties will store information about each requestor for the purposes of providing evidence that a request has been fulfilled;
11.2.4. right to object. At all times, you are entitled to object to the Processing of your Personal Data. Right to object can be exercised by sending an email to firstname.lastname@example.org. Upon receipt of the request, the Company Parties cease the Processing, unless there is a legal or statutory ground for such Processing;
11.2.5. right to be informed. If you are inquiring about Processing activities conducted with respect to your Personal Data, the Company Parties, without undue delay, will provide information about: (i) purposes of Processing; (ii) categories and types of Personal Data; (iii) retention period; (iv) source of the relevant Personal Data; (v) privacy rights and information on Data portability. However, all information about the Personal Data and Processing operations categories conducted by Company Parties is available in this Policy; and
11.2.6. the right to lodge a complaint with a supervisory authority. The supervisory authority is an independent public authority established by an EU member state pursuant to Article 51 GDPR.
12.1. We have the right, at our discretion, to update this Policy at any time. We recommend that you frequently check this Policy to find any changes and stay informed about how we help protect Personal Data.
12.2. By using the Platform, you acknowledge and agree that it is your responsibility to periodically review this Policy and be aware of the changes.
12.3. The subsequent use of the Platform after changes to this Policy will also be considered as your acceptance of these changes.
12.4. This Policy may from time to time be translated into other languages. To the extent that any discrepancy may exist between the English version of this Policy and its version in another language, the English version prevails.
13.1. The Company may appoint an expert on data privacy who works independently to ensure that the Company is adhering to the policies and procedures set forth in the GDPR (data protection officer). Data protection officer assists the Company to monitor internal compliance, inform and advise on data protection obligations, provide advice regarding data protection impact assessments (DPIAs) and acts as a contact point for data subjects and the supervisory authorities.
13.2. In the case the Company appoints such data protection officer, it will publish its contact details on the Platform.
14.1. We welcome your questions and suggestions with respect to the implementation or amendment of this Policy. Please use this email to communicate with us: email@example.com