Privacy Policy
Apricot PC (“Apricot” or “We”) values your privacy and is dedicated to the establishment of a fully transparent relationship between us, with regards to the ways we collect and process your Personal Data. This Policy describes in detail what data we collect and process about the User (the "User" or "You"), the purposes of processing, our processing activities, possible disclosures of your Personal Data to third parties as well as your rights and opt-out options.
1. WHAT INFORMATION ABOUT YOU DO WE COLLECT?
1.1 Account Information. Users register a phone number (or apple id, or google account), their birthday, their first name and a profile photo when they create an Asappien account. Phone numbers are used to provide our Services to you and other Asappien users. You may optionally add other information to your account, such as an email, a profile name (“Asap Tag”), your studies, your nationality and a small bio about yourself. This information shall be visible to all users with whom you will connect, while Apricot processes also such data in terms of access and storage to our server.
1.2 Messages. Apricot cannot decrypt or otherwise access the content of your messages. Apricot queues end-to-end encrypted messages on its servers for delivery to devices that are temporarily offline (e.g. a phone whose battery has died). Your message history is stored on your own devices only for 2 hours after the end of the time zone of an activity that you have participated in.
Additional technical information is stored on our servers, including randomly generated authentication tokens, keys, push tokens, and other material that is necessary to transmit messages. Apricot limits this additional technical information to the minimum required to operate the Services.
1.3 User Support. If you contact our User Support, any personal data you may share with us is kept only for the purposes of researching the issue and contacting you about your case.
1.4 Managing your information. You can manage your personal information in “Asappien edit profile”. For example, you can update your profile information.
1.5 Third Parties. We work with third parties to provide some of our Services. These providers are bound by their Privacy Policies to safeguard that information. If you use other Third-Party Services like Instagram, Google etc. in connection with our Services, their Terms and Privacy Policies govern your use of those services.
1.6 Other instances where Apricot may need to share your data
• To meet any applicable law, regulation, legal process or enforceable governmental request.
• To enforce applicable Terms, including investigation of potential violations.
• To detect, prevent, or otherwise address fraud, security, or technical issues.
• To protect against harm to the rights, property, or safety of Apricot, our users, or the public as required or permitted by law.
However, as messages are encrypted, we will never share these.
1.7 Except of the account information, we store the below information to use for our B2B partners:
• How much time each user spends on the app?
• How many times each activity has been selected?
• How many groups are created for each activity?
• What time of the day each activity is selected?
• Location of the User
• To how many people a business is being displayed through recommendation feature?
2. PURPOSES OF PROCESSING AND LEGAL BASES FOR PROCESSING
2.1 We collect and process your personal data after you have provided consent to us for such collection and processing. Your consent is considered granted when using Asappien application and/or Services. We may further process your data under legal bases other than your consent as stated below.
2.2 Apricot collects, stores and processes your personal data for the following purposes:
(a) to provide to You the agreed Services and to execute our contractual obligations towards you. [Legal basis of processing activity: Your Consent/execution of contract]. From that end we may use your data to deliver interest-based ads or activities or chat groups to the Users in order to optimize their experience.
(b) To manage and protect our business (including in case of reorganization, sale of assets, merger or acquisition, liquidation and similar processes), for improving data security, fraud prevention, troubleshooting data and systems, system maintenance and testing, data hosting, managing our offices and other facilities. [legal basis of processing: legitimate interests]
(c) to comply with the laws in response to a court order, judicial or other government subpoena or warrant, or to otherwise cooperate with law enforcement activity or other legal process. We also reserve the right to disclose data collected by us, as we believe, in good faith, is appropriate or necessary to take precautions against liability; to protect Apricot and others from fraudulent, abusive, or unlawful uses or activity; to investigate and defend ourselves against any claims or allegations; to assist government enforcement agencies; to protect the security or integrity of the Service and our other property; or to protect the rights, property, or safety of us, our users, or other persons or entities. [legal bases of processing: legitimate interests/Legal or regulatory obligation]
(d) for further internal analyses and statistical purposes, related to the interaction between Apricot and its customers [legal base of processing: legitimate interests].
(e) to answer to your requests and satisfy your data protection related rights [legal base of processing: consent/execution of contract/Legal or regulatory obligation].
(f) To attract and maintain our business partners [legal base of processing: legitimate interests].
2.3 We will only use your personal data for the purposes for which we collected it as detailed in Section 2.2 above. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
3. DISCLOSURES OF YOUR PERSONAL DATA
We do not share personalised data, neither of our users, nor of our business partners.
We publicly use absolute numbers such as: Number of people going for a drink in Amsterdam around 8pm – 12pm., Average age of users going to the cinema in London etc.
We share below info to our business partners:
• The number of times their business has been recommended
• Age groups of the users that recommend business
• Most active time zones
• Trending activities
3
4. MANAGEMENT OF YOUR PERSONAL DATA
If you un-register from the Application or if the contract between us expires or is terminated, Apricot shall not further process your Personal Data. However, Apricot may process your personal data as provided by you before de-registration or contract termination for the purposes set-out under clause 2 (c)- (f) of this Policy.
5. DATA RETENTION
We may retain your Personal Data to fulfill the purposes outlined in this Policy for as long as required in order to provide our Services to you, in order to comply with applicable law, in order to protect our business and legal interests and in order to fulfill internal client/business record keeping purposes. Users have the option to delete their account and all its information.
6. TRANSMISSION OF DATA
We are using servers in different countries and your information may be processed on servers located outside of the country where you live. Regardless of where your information is processed and although that in principle we do not proceed with transmission of data outside the European Union, rest assured that we apply the same protections described in the Privacy Policy. We also comply with certain legal frameworks relating to the transfer of data, such as the conclusion of Standard contractual clauses (SCCs) as adopted of the European Commission and the Adequacy Decisions of the European Union determining that certain countries outside of the European Economic Area (EEA) adequately protect personal data, which means that data can be transferred from the European Union (EU) and Norway, Liechtenstein, and Iceland to that third country without any further safeguard being necessary as well as the Adequacy Decisions adopted by the UK and Switzerland.
7. APPRICOT AND THE GDPR
Apricot processes Personal Data in accordance with the GDPR and UK- GDPR requirements. In particular Apricot processes personal data only in accordance with GDPR data protection principles and GDPR data protection provisions. Apricot also implements appropriate technical and organizational measures and demonstrates compliance and ensures that both in the planning and implementation of processing activities, data protection principles and appropriate safeguards are addressed and implemented (data protection by design and default). For more information you can visit our specifically GDPR-dedicated page: (…..).
8. YOUR PRIVACY RIGHTS
8.1 In your capacity as a data subject whose data is collected and processed by Apricot, we inform you that you have the following rights:
(a) the right to withdraw your consent at any time and without detriment, without affecting the lawfulness of processing based on consent before its withdrawal, by notifying such withdrawal to us.
(b) the right to request from Apricot access to and rectification or erasure of personal data or restriction of processing concerning you and to object to processing as well as the right to data portability;
(c) the right to receive notification regarding rectification or erasure of your personal data or restriction of processing that is takes place following your request;
(d) the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, and
4
(e) to lodge a complaint with a supervisory authority.
We reserve the right to not satisfy in whole or in part a request under this section 8.1, if such non-satisfaction is grounded on the provisions of the GDPR (for EU citizens)
Without limiting the foregoing, we may not satisfy a request for data erasure in the following cases: under the GDPR, for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest in the area of public health, for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes and for the establishment, exercise or defense of legal claims
8.2 As regards your rights to specific information and data portability, you are informed of the following: once we receive a verifiable data access request from you, we will disclose to you all and any information you request from us to disclose to you, without any time limitations (e.g. we will disclose to you all information we collected and processed about you, not only for the preceding 12months or other limited preceding time period but for the whole time-period extending from the date of collection to the date of request). According to request and among other information you may request to be provided to you, disclosures will include the following information: the categories and the specific pieces of personal information we collected about you (including copies of data processed), the categories and the identity of sources for the personal information we collected about you, the business or commercial purpose for collecting or selling that personal information. Finally, information disclosed to you, shall include, according to request, the appropriate safeguards pursuant to Article 46 of the GDPR relating to the transfer of data outside the EEA.
8.3 We will respond to a data request according to section 8.2 of this Policy, without undue delay, and in any event within one month of receipt of the request. That period may be extended by two further months where necessary, taking into account the complexity and number of the requests. We will inform you of any such extension within one month of receipt of the request, together with the reasons for the delay. Where you make the request by electronic form means, the information shall be provided to you by electronic means where possible, unless otherwise requested by you.
9. CONTACT US
To exercise your rights under section 8.1 of this Privacy Policy please submit a verifiable request to us by either:
Sending us an e-mail at: [[email protected]]
Please describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. For verification purposes we may request from you to provide to us sufficient additional information. Making a verifiable request does not require you to create an account with us. We will only use personal information provided in a verifiable request to verify the requestor's identity or authority to make the request.
10. FURTHER APPRICOT CONTACT INFO/REPRESENTATIVE IN THE EU/DATA PROTECTION OFFICER
5
Please contact us with any questions or comments about this Policy, your personal information, our third-party disclosure practices, or your consent choices by email: [email protected]
Apricot designates as its representative in the EU, who acts on Apricot’s behalf and who may be addressed by any supervisory authority and be subject to enforcement proceedings in the event of non-compliance with the GDPR by Apricot, ……………., who can be contacted at the following address: Miaouli 4, Chalandri 15232. Apricot remains fully liable under the GDPR.
Apricot appoints as a Data Protection Officer ……………, who can be contacted at the following address: Miaouli 4, Chalandri 15232
11. CHANGES AND UPDATES TO THIS POLICY
Apricot reserves the right to modify the terms and conditions of the present Agreement or alter or end its Services at any time at its sole discretion. You are responsible for ensuring that you will regularly review the present Agreement. If you choose to continue using Apricot Services after any modifications to the present terms are made, you will be considered to have fully and unconditionally accepted the aforementioned modifications to this Agreement.