Personal data by the Flatfy Catalog application (hereinafter referred to as the Application) is collected for the following purposes and using the following services:

Full text of the policy

Data controller

Company Flatfy OÜ, a legal entity registered and operating under the laws of Estonia.

Categories of Data Collected

The categories of Personal Data collected by the Application (independently or through third parties) include: Permission to access the Memory and geographic coordinates. A detailed description of the Personal Data collected is provided in the relevant sections of this Privacy Policy for personal data or in a special explanatory text displayed in the context of data collection. Personal data can be provided by the User independently or, their collection can be carried out automatically by the service. The provision of all data requested by the Application is mandatory. In the event of their non-submission, the operation of the Application is not guaranteed. Unless otherwise indicated, the use of cookies or other tracking tools by the Application or the owners of third-party services enabled by the Application, incl. in addition to the purposes listed in this document, is carried out in order to provide the services requested by the User. The User is responsible for the Personal data of third parties published or provided to other persons by means of the Application, and confirms the authority to publish or distribute them, relieving the Owner of any liability in this regard with respect to third parties.

Method and place of data processing

Processing method

Data processing is carried out with the use of computers and (or) tools with the support of information technology (IT) in accordance with organizational procedures and methods strictly related to the specified objectives. In some cases, the Data may be available, in addition to the Data Controller, to certain categories of responsible persons related to the maintenance of the site (administration, sales, marketing, legal, system administrators), or to third-party organizations (such as third-party technical service providers, postal organizations, hosting service providers, information technology providers, communications services), which the Owner instructs, if necessary, to perform the functions of a Data Processor.

A place

The data is processed in the operational offices of the Data Controller and in any other places where the parties involved in their processing are located.

Longevity of data storing

The data is stored for the time required to provide the service requested by the User, or determined by the objectives described in this document, and the User may at any time apply to the Data Controller with a request to suspend the use of the data or delete them.

Use of collected data

The collection of data relating to the User is carried out in order to enable the Owner to provide services, as well as for the following purposes: Registration and Authentication, Permissions to access data stored on the User’s device and Location-based Interaction. Personal data used for each purpose is described in the relevant sections of this document.

Permissions to access data stored on the User device

Depending on the user's specific device, the Application may request certain permissions that will allow it to access the User's Device Data, as described below. These permissions are granted by the User prior to the processing of any information. After granting access permission, it can be canceled by the User at any time. To revoke the permission, the User can use the system settings or contact the Owner in accordance with the contact information specified in this document. The procedure for controlling access permissions may vary depending on the devices and software used by the User. Note that revoking one or more access permissions may affect the correct functioning of the Application.

Memory Access Permission

Used to access shared external storage devices.

Detailed information about the processing of personal data

Personal data is collected for the following purposes and with the following services:

Location-based interactions

Geolocation (application)

The Application may collect, use and transfer to other parties the Location Data of the User in order to provide services based on determining its location. Most web browsers (browsers) and devices provide the means to drop this feature by default. In case of granting the corresponding permission explicitly, the application may record the data about the location of the User. Personal data collected: geographical coordinates.

Permissions to access data stored on the User device

The use of the Application implies the granting by the User of individual permissions for access to the Information stored on his device under the following conditions. Use of the service The application assumes that the User grants separate permissions to access the Information stored on his device on the conditions in this document. Personal Information Collected: permission to Access the Memory.

Registration and Authentication

As a result of the User’s registration or authentication procedure, the application receives permission to identify them and provide them access to specialized services. Depending on the following, third parties may provide registration and authentication services. In this case, the application is able to access some Data that is stored on the servers of these third-party services for the purpose of registration and authentication.

Google OAuth (Google Inc.)

Google OAuth is a registration and authentication service provided by Google Inc. and related to the Google Network. Collected Personal Data: various categories of Data specified in the privacy policy when using the service.

Additional information about collecting and processing data

System logs and maintenance

In order to ensure the operation of the system and its maintenance, the application and any third-party services may keep files in which the interaction of the Application with the Users is logged (system logs) or use other Personal data (in particular, the IP address) for this purpose.

Information not found in these rules

Additional information regarding the collection or processing of Personal Data may be requested at any time from the Data Controller. See the contact information at the beginning of this document.

User Rights

Users have the right to find out at any time whether their Personal Data has been saved, and can contact the Data Controller to find out their content and origin, check their authenticity, or ask them to add, cancel, update or correct or convert to an anonymity format. or block any data stored in violation of the law, as well as oppose their processing for any and all legal grounds. The application does not support requests “Do Not Track” without impairing its functional abilities.

Changes to this privacy policy

The data controller reserves the right to make changes to these privacy rules at any time by posting a notice.

Definitions of terms and references

Personal Data (or Data)

Any information about a natural or legal person, institution or association that is determined or may be determined based on any other information, including a personal identification number.

Network Resource Usage Data

Information that is automatically collected by the application or third-party services that the application uses), in particular: IP-addresses or domain names of the computers of the Users who use the application, URI-addresses (universal resource codes), time of request, method of addressing the request the server, the size of the file received in response, a numeric code indicating the status of the server’s response (successful outcome, error, etc.), country of origin, characteristics of the web browser (browser) and the operating system used by the User Lemma, a variety of information about the time of each visit, and information about navigation within the application with a separate indication of the order of visited pages, as well as other parameters of the device's operating system and (or) computing and information among users.

User

An individual using an application that must coincide with the Data Subject or be authorized by the latter and to which the Personal Data applies.

Data subject

Legal or natural person to whom Personal Data relates.

Data Processor (or Data Manager)

A natural or legal person, a state administrative body or any other bodies, associations or organizations authorized by the Data Controller to process Personal Data in accordance with these rules for ensuring the confidentiality of personal data.

Data controller

An individual or legal entity, state administrative body or any other body, association or organization with the right (also jointly with another Data Controller) to make decisions regarding the purposes and methods of collecting Personal data and the means used (including security measures) that concern how the application functions and is used. Unless otherwise specified, the Data Controller is the Owner, i.e. the person who owns the application.

Application

Hardware or software that is used to collect User Personal Data.

Legal information

Note to European Users: this privacy statement has been prepared pursuant to the obligations stipulated in the EU Regulation No 2016/679 of April 27, 2016, as well as EU Directive No. 95/46 / EC, Directive 2002/58 / EC, as amended, introduced by Directive 2009/136 / EC. These privacy policies apply exclusively to the application.