[Last Amended: 22/08/2024]
This Privacy Policy (“Privacy Policy”), is an integral part of our End User License Agreement (“EULA”), and governs the processing and transfer of personal data collected or processed by CityDrone OU (“Company”, “we”, “us” or “our”) when you accessing or using our mobile application or our services, all as detailed in the applicable EULA (respectively the “App” and “Service”).
Any capitalized terms not defined herein shall have the meaning ascribed to them in the EULA.
This Privacy Policy explains what data we may collect from you, how such data may be used or shared with others, how we safeguard it and how you may exercise your rights related to your Personal Data (as defined below), among others, and where applicable, as required according to the EU General Data Protection Regulation (“GDPR”).
If you have any questions regarding this Privacy Policy or our data practices, you are welcome to contact us at contact@citydrone.eu
This Privacy Policy explains our data collection practices that are applicable to any users of our App or our Services (“you” or “your”).
Table of Contents
I.PRIVACY NOTICE
A. POLICY AMENDMENTS:
We reserve the right to amend this Policy from time to time, at our sole discretion. The most recent version of the Policy will always be posted on the website. The updated date of the Policy will be reflected in the “Last Modified” heading. We will provide notice to you if these changes are material, and, where required by applicable law, we will obtain your consent. Any amendments to the Policy will become effective within 30-days upon the display of the modified Policy. We recommend you review this Policy periodically to ensure that you understand our most updated privacy practices.
B. CONTACT INFORMATION AND DATA CONTROLLER INFORMATION:
Rounds ai incorporated under the laws of Israel, and it is the controller of your Personal Data.
You may contact us and our DPO as follows:
By email: contact@citydrone.eu
By Mail: Lasnamae linnaosa, Lootsa tn 5 Tallinn 11415, Estonia
C. DATA SETS WE COLLECT AND FOR WHAT PURPOSE:
You can find here information regarding the purposes for which we process your personal data as well as our lawful basis for processing, the definition of “personal” and “non-personal” data, and how it is technically processed.
Non-Personal Data
During your interaction with our website and Services, we may collect aggregated, non-personal non-identifiable information, which may be made available or gathered via your access to and use of the Services (“Non-Personal Data “). We are not aware of the identity of the user from which the Non-Personal Data is collected. The Non-Personal Data being collected may include your aggregated usage information and technical information transmitted by your device, such as: the type of browser or device you use, language preference, time and date stamp, country location, etc.
Personal Data
We may also collect from you, directly or indirectly, during your access or interaction with the website or Services, individually identifiable information, namely information that identifies an individual or may, with reasonable effort, be used to identify an individual (“Personal Data”). The types of Personal Data that we collect as well as the purpose for processing and the lawfulness are specified in the table below.
We do not knowingly collect or process any Personal Data constituting or revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning a person’s health or data concerning a person’s sex life or sexual orientation (“Special Categories of Personal Data”).
The table below details the processing of Personal Data, the purpose, lawful basis, and processing operations:
DATA SET |
PURPOSE AND OPERATIONS |
LAWFUL BASIS |
Registration Information: |
This information will be processed for the purpose of performing our contract with you, to set up your account with us and enable you to use our Services. |
The registration information is processed to perform our contract with you and the direct marketing is subject to our legitimate interest. |
Contact Information: |
We will use this data to respond to your inquiry. |
We process such Contact Information subject to our legitimate interest.We may keep such correspondence if we are legally required to. |
GPS Location Information: |
This information will be processed for the purpose of providing the Services as well as for advertising purpose. |
We will process this data solely upon your active explicit consent though in-app notifications. |
Push Notifications: |
This information will be processed to allow us to send push notification to users from our server. |
As the token is Non-Personal Data it does not require a lawful basis. |
In-App Payment Information: |
We use in app payment processors; the registration and payment information are solely processed by the applicable app store provider. We do not store nor process any Personal Data when you process the payment. |
The Payment Information is processed to perform our contract with you to provide you our Services.. |
Log Data and Unique Identifiers: |
In most cases, this data will not include Personal Data, however we treat this information as Personal Data as we may be able to reasonably identify you. |
We process this data set for out legitimate Interest of protecting our App and Services and optimizing the App and Services. |
List of Installed App: |
We use this data in order to maintain, support, improve, protect and manage our App and Services. |
We will base the processing of this data set on your consent through the organic in-app permissions |
Profiling Data: |
Our partners will process this data to manage and deliver advertisements more effectively and personally, including contextual, behavioral and interests-based advertising based on your activity, preferences or other data available to us or to our business partners and advertisers, including for re-targeting purposes. |
We process this information based on your consent as required under your jurisdiction provided through our cookie manager or similar technologies. |
Photos and Videos: |
We process such data to provide you with the Services and to enable the editing and animation function that you requested.For example, if you wish to receive altered photographs with animations of Emoji, we will use the original photograph you provided us.We keep the original photo and the animation for as long as you use the Services. |
We process this information based on your consent provided through the organic in-app permissions in order to execute our contract with you and provide you with our services. |
Microphone and audio: |
We use those permissions to provide you with our dialer. The microphone permission needs to be affirmatively enabled through in-app permission or the mobile settings. You may disable the permissions at any time, but depending on the permission you disable, a feature or all features may not function properly. We will process the audio and use the microphone solely for providing you the dialer feature and we will not store any of your audio. |
We process this information based on your consent provided through the organic in-app permissions in order to execute our contract with you and provide you with our services. |
Call log and Contacts: |
We use those permissions to provide you with our dialer and to identify your caller based on your contact list. The Call log and contacts permissions need to be affirmatively enabled through in-app permission or the mobile settings. You may disable the permissions at any time, but depending on the permission you disable, a feature or all features may not function properly. |
We process this information based on your consent provided through the organic in-app permissions in order to execute our contract with you and provide you with our services. |
Bluetooth and Network: |
We use those permissions to provide you with our Services. The permission needs to be affirmatively enabled through in-app permission or the mobile settings. You may disable the permissions at any time, but depending on the permission you disable, a feature or all features may not function properly. |
We process this information based on your consent provided through the organic in-app permissions in order to execute our contract with you and provide you with our services. |
Calendar: |
We will use the calendar permission in order to apply the applicable design for your device and calendar. The permission needs to be affirmatively enabled through in-app permission or the mobile settings. You may disable the permissions at any time, but depending on the permission you disable, a feature or all features may not function properly. |
We process this information based on your consent provided through the organic in-app permissions in order to execute our contract with you and provide you with our services. |
Please note that the actual processing operation per each purpose of use and lawful basis detailed in the table above may differ. Such processing operation usually includes a set of operations made by automated means, such as collection, storage, use, disclosure by transmission, erasure, or destruction. The transfer of personal data to third-party countries, as further detailed in the Data Transfer Section, is based on the same lawful basis as stipulated in the table above.
In addition, we may use certain Personal Data to prevent potentially prohibited or illegal activities, fraud, misappropriation, infringements, identity thefts, and any other misuse of the Services and to enforce the Terms, as well as to protect the security or integrity of our databases and the Services, and to take precautions against legal liability. Such processing is based on our legitimate interests.
We may collect different categories of Personal Data and Non-Personal Data from you, depending on the nature of your interaction with the Services provided through the website and Platform, as detailed above. If we combine Personal Data with Non-Personal Data, the combined information will be treated as Personal Data or for as long as it remains combined.
D. HOW WE COLLECT YOUR INFORMATION:
Depending on the nature of your interaction with us, we may collect the above detailed information from you, as follows:
Automatically, We process this information based on your consent provided through the organic in-app permissions in order to execute our contract with you and provide you with our services..
When you voluntarily choose to provide us with information, such as when you contact us, all as detailed in this Policy.
Provided from third-parties.
E. SDK & TRACKING TECHNOLOGIES:
Our Services and some of our Service Providers utilize “cookies” or “software development kits (“SDK”)” anonymous identifiers and other tracking technologies (collectively, “Tracking Technologies”) which help us provide and improve our Services, personalize your experience and monitor the performance of our activities and campaigns, as well as the usage of our Apps and Services as a whole.
The specific SDK we currently use, the purpose of the SDK, their privacy policy and opt-out controls are set forth in the table below:
NAME |
PURPOSE |
PRIVACY AND OPT OUT |
Google Play |
In-app billing |
Google Play Privacy Policy: https://play.google.com/about/privacy-security-deception |
Firebase |
• Remote Config- data |
Firebase Privacy Policy: https://firebase.google.com/support/privacy |
Advertisers: |
The Advertisers are advertising Service Providers. Their targeted advertising SDKs collect information about your browsing activity across multiple websites and online services in order to provide you with relevant advertisements on the App and Services of third parties. The information collected using these advertising SDK does not disclose your identity, and helps us analyze the effectiveness of our advertising. |
AdMob: https://policies.google.com/privacy?hl=en |
F. DATA SHARING – CATEGORIES OF RECIPIENTS WE SHARE PERSONAL DATA WITH:
We share your data with third parties, including our partners or service providers that help us provide our Services. You can find here information about the categories of such third-party recipients.
CATEGORY OF RECIPIENT |
DATA THAT WILL BE SHARED |
PURPOSE OF SHARING |
Advertisers |
Online Identifiers |
Display ads or content that best suit such application, as a part of our Services. |
Service Providers |
All data |
We may disclose Personal Data to our service providers, contractors and third parties, including, but not limited to, our cloud and hosting provider, analytics and marketing providers, payment processors (in app payments), fraud prevention and analytic tools, tracking tools, the service providers are limited by contracts which limit their use of the data, and requires implementing security measures. The service providers process the data solely to provide the needed services. These entities are prohibited from using your Personal Data for any purposes other than providing us with requested services. |
Any acquirer of our business |
All data |
We may share Personal Data, in the event of a corporate transaction (e.g., sale of a substantial part of our business, merger, consolidation or asset sale). In the event of the above, our affiliated companies or acquiring company will assume the rights and obligations as described in this Policy. |
Governmental agencies, or authorized third parties. |
Subject to law enforcement authority request. |
We may disclose certain data to law enforcement, governmental agencies, or authorized third parties, in response to a verified request relating to terror acts, criminal investigations or alleged illegal activity or any other activity that may expose us, you, or any other user to legal liability, and solely to the extent necessary to comply with such purpose. |
When we share information with services providers and partners, we ensure they only have access to such information that is strictly necessary for us to provide the Services. These parties are required to secure the data they receive and to use the data for pre-agreed purposes only while ensuring compliance with all applicable data protection regulations (such service providers may use other non-personal data for their own benefit).
G. DATA RETENTION:
In general, we retain the Personal Data we collect for as long as it remains necessary for the purposes set forth above, all under the applicable regulation, or until you express your preference to optout, where applicable.
Other circumstances in which we will retain your Personal Information for longer periods of time include: (i) where we are required to do so in accordance with legal, regulatory, tax, or accounting requirements, or (ii) for us to have an accurate record of your dealings with us in the event of any complaints or challenges, or (iii) if we reasonably believe there is a prospect of litigation relating to your Personal Data. Please note that except as required by applicable law, we will not be obligated to retain your data for any particular period, and we may delete it for any reason and at any time, without providing you with prior notice if our intention to do so.
H. SECURITY MEASURES:
We take great care in implementing physical, technical, and administrative security measures for the services that we believe comply with applicable regulation and industry standards to prevent your information from being accessed without the proper authorization, improperly used or disclosed, unlawfully destructed, or accidentally lost.
If you feel that your privacy was not dealt with properly or was dealt with in a way that was in breach of our Privacy Policy or if you become aware of a third party’s attempt to gain unauthorized access to any of your Personal Data, please contact us at our email. We will make a reasonable effort to notify you and the appropriate authorities (if required by applicable law) if we discover a security incident related to your Personal Data.
I. INTERNATIONAL DATA TRANSFER:
We use Google Cloud which are located in EU, US and Asia. Further, certain processing activities are conducted in Israel, or other countries. In the event of data transfer out of your jurisdiction, we will take appropriate measures to ensure that your Personal Data receives an adequate level of protection as required under applicable law. Further, when Personal Data collected within the EU is transferred outside the EU (and not to a recipient in a country that the European Commission has decided provides adequate protection) it shall be transferred under the provisions of the standard contractual clauses approved by the European Union. If you would like to understand more about these arrangements and your rights in connection therewith, please contact us at our email.
J. USER RIGHTS
According to data protection and privacy laws may grant you with certain rights with regards to your Personal Data, all according to your jurisdiction. The rights may include one or all of the following: (i) request to amend your Personal Data we store accessing; (ii) review and access your Personal Data that we hold; (iii) request to delete your Personal Data that we hold (as long as we do not have a legitimate reason for retaining the data); (iv) restrict or object to the process your Personal Data; (v) exercise your right of data portability (vi) contact to a supervisory authority in your jurisdiction and file a complaint; and (vii) withdraw consent (to the extent applicable). If you wish to submit a request to exercise your rights, please fill out the Data Subject Request Form (“DSR”) available here and send it to our email at: contact@citydrone.eu
When you contact us and request to exercise your rights regarding your Personal Data, we will require certain information from you in order to verify your identity and locate your data and that the process of locating and deleting the data may take reasonable time and effort, as required or permitted under applicable law. Data privacy and related laws in your jurisdiction may provide you with different or additional rights related to the data we collect from you, which may also apply.
You have the right to lodge a complaint with the EU Member State supervisory authority if you are not satisfied with the way in which we handled the complaint.
K. OPT OUT OPTIONS
Interest-Based Advertising (“IBA”): We do not sell your Personal Data. Some of our Apps may include providing you with advertisements therefor we may “share” your Personal Data with third parties for personalized advertising purposes. If you wish to opt-out from the sharing of your personal data with third parties for the purpose of cross-contextual interest-based advertising there are many way to do so, as further detailed below. Please note that even if you opt-out you may still see personalized ads based on information other companies and ad networks have collected about you, if you have not opted out of sharing with them.
For IBA opt out options on desktop and mobile websites, please visit:
Digital Advertising Alliance (EU) Your Online Choices | EDAA