Privacy Statement
This Privacy Statement informs you about the type of personal data that is
collected and received through the application “Renew”, and about
how we use, share, retain and protect such personal data.
Who we are
This app is built and operated by SmashX B.V. (“data controller”, “we”, or “us”) on behalf of the
brand owner. We have our registered office at Bergerstraat 2, 6226 NA
Maastricht, The Netherlands: (KVK) 78620562.
The types of data we may obtain
We may collect and receive the following personal data from you:
-
We temporarily store your IP address to be able to deliver our service
for purposes such as logs. This information is stored for at most 90
days.
-
Anonymous behavioural data such as when you open the app or scan a
color. This does not include any personal identification such as IP
address or other unique identification numbers. This gives us insight in
how our app is being used so we can improve our service. This task is
not executed by a third party service provider. We retain this data for
at most 5 years. This data includes:
- Date and time
- Scanned color
- Matched color
- Coarse location at city level estimated by IP address
- Color scanner serial number
- Device type, OS version and app version
-
To make sure your app installation can identify itself and we can
provide your personal color projects, each installation contains a
unique instance ID. The instance ID will be cleared after deleting the
app.
-
Crash logs. To improve our app, we might send a crash report to our
services. This includes your device specifications and crash details.
We store this information for 30 days.
How we may share your data
We may share the personal data we collect and receive on a need to know
basis with the following third parties:
- The app’s brand owner;
-
Trusted Service providers: Sentry Crash Logging (sentry.io)
-
Competent public authorities or other third parties, if required by law
or reasonably necessary to protect the rights, property and safety of
ourselves or others.
-
We may also transfer your personal data in the event that we sell or
transfer all or a portion of our business or assets on a need to know
basis. Should such a sale or transfer occur, we will use reasonable
efforts to direct the transferee to use personal data you have provided
to us in a manner that is consistent with applicable law and this
Privacy Statement.
Data transfers outside the EEA
We may transfer the personal data we obtain to third parties in countries
outside the European Economic Area (EEA). The laws in those countries may
not offer an adequate level of data protection. In particular, personal
data may be transferred to the United States.
When we transfer your personal data outside the EEA, we will protect your
personal data as described in this Privacy Statement and in accordance
with applicable law, such as by entering into the European Commission’s
Standard Contractual Clauses for the transfer of personal data to a
processor located outside of the European Union.
How we protect personal data
We maintain appropriate technical and organisational security safeguards
designed to protect your personal data against accidental, unlawful or
unauthorised destruction, loss, alteration, access, disclosure or use.
However, due the inherent open nature of the Internet, we cannot guarantee
that communications between you and us or the personal information stored
is absolutely secure. We will notify you of any data breach that is likely
to have unfavourable consequences for your privacy in accordance with
applicable law.
Your Rights
You have the following rights in relation to your personal data:
-
The right to obtain, at reasonable intervals and free of charge,
information on whether or not your personal data are being processed and
to receive the personal data that is being processed in an intelligible
form;
-
The right to request rectification or erasure of personal data or
restriction of or objection to processing of your personal data. You may
also request us to provide you your data in a structured, commonly used
and machine readable format which can be transmitted to another
controller.
-
To exercise these rights, please contact us using our contact details
set out below. We may request you to provide a copy of your ID card or
otherwise evidence your identity. We will respond to your request within
the applicable statutory term.
-
Moreover, subject to this Privacy Statement, you have the right to lodge
a complaint with the competent supervisory authority.
Updates to this Privacy Statement
We may update this Privacy Statement from time to time. We will notify you
of any significant changes to this Privacy Statement on the website or
through other appropriate communication channels. All changes shall be
effective from the date of publication, unless otherwise provided in the
notification.
How to Contact Us
If you have any comments or inquiries about the information in this
Privacy Statement, if you would like us to update your personal data, or
to exercise your rights, please contact us by email at privacy@getudo.com.