Purpose- and legal basis of data processing
Liverobe Korlátolt Felelősségű Társaság (registered seat: 3181 Karancsalja, 023/2. hrsz., Hungary; registration no.: 12-09-010274; tax number: 26385053-2-12 represented by Angyal Ivett managing director; hereinafter referred to as “Us”, “We”, or “Our”) operates the LiveRobe mobile application (hereinafter referred to as “App”).
The App is a social network-based digital wardrobe and marketplace, a mobile application where anyone can sell and buy pre-loved products and supports up-and-coming designers and local boutiques to sell. The Service shall mean to assure You as user a social network-based marketplace, with less noise and more focus on your target audience, reaching own customers easily and cost-effectively, create own online store with a few clicks. This Service is also including to provide advertisement place and the Service shall also mean to assure You as user the possibility to find only inspiration to wear the favorite skirt the best way possible, regardless whether You as user would like to advertise and/or buy on the surface of the App.
We operate the App as the service determined above and during the service, We are committed to protecting your privacy and personal data as well.
We shall process your personal data as data controller lawfully, fairly and in a transparent manner in relation to you, and only for the Service and the appropriate function of the App. We shall take the necessary technical and organizational measures to ensure the security of your personal data and establish the procedural rules according to the Act CXII of 2011 on Informational Self-determination and Freedom of Information and the REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) and to the Act CXII of 2011 on information self-determination
and freedom of information (hereinafter collectively “Applicable laws”).
We as data controller shall determine the purposes and means of data processing and make decisions regarding the data processing.
You download the App to use Our service provided through the App depending on the purpose(s) why you would like to use the App in particular as follows:
- If you would refresh your wardrobe, you can shop and save money buying cool fashion from other users looking into the digital wardrobe of other users and discover out of stock items from other user’s wardrobes;
- If you only need tips what to wear and what to match the clothes with, you can find inspiration to wear the favorite skirt the best way possible;
- If you can’t fit in your own closet anymore, you can get the clothes more organized and create more space in your own wardrobe by monetizing the unworn items through the App and by using your LookBoard you can inspire your potential buyers by combining or mixing up ‘for sale’ and ‘not for sale’ items together, to sell you can create your own shop or just upload your individual products,;
- If you are designer and local boutique, you can reach your customers easily and cost-effectively, furthermore you can create Your online store with a few clicks and sell more. you can also sell your unsold stock in the name of sustainability;
- If you are or want to be a fashion influencer, you can show who you are and motivate others with your unique looks.
We process your personal data provided by you for providing the service throughout the App.
Downloading the App and providing personal data shall be voluntary in each particular case to establish a use agreement between you and Us regarding the use of the App and its services. Please kindly ask you to provide Us real personal data in each case. You shall be responsible for that the personal data provided by you by setting up an account on the App is complete and correct. As far as permitted by laws, We exclude Our liability for damages arising from inaccurate and/or incomplete personal data provided by you.
Based on these facts and according to the Paragraph (1) point b) of the Article 6 of the Regulation (EU) 2016/679 on General Data Protection Regulation the legal basis of processing personal data by the LiveRobe application shall be the legally binding contract (“processing is necessary for the performance of a contract to which the data subject is party”). Please be informed that based on the Paragraph (3) of Article 13/A of the Act CVIII of 2001 on Electronic commercial services, for the purpose of providing the App, We as the provider of the service are entitled to process the personal data which is technically essential for providing the service.
Personal data means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Data controller means the legal person, agency or other body which (alone) determines the purposes and means of the processing of personal data;
Data processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the data controller;
Third party means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data;
Personal data we collect
There are three basic categories of personal data we collect: i) personal data provided by you during the signing up, ii) personal data provided by you during the use of the App and iii) information collected automatically.
Personal data provided by you during signing up
Using our App requires establishing an account with registration. So, We need to collect a few important details about you, such as when you sign up for using the App, We collect personal data like your e-mail address and password. E-mail addresses as your personal data are used for logging in- and password reset purposes, and also to allow other users to get in touch with you about an outfit you marked as “for-sale”. We don’t send promotional e-mails unless you subscribe for Our newsletter.
Personal data provided by you during the use
We may also receive and protect personal data that you voluntarily add to your profile, such as your name (or pseudonym), profile picture to be able to create your persona.
We may also receive and protect personal data that you voluntarily add to your profile, such as photos of outfits you upload either to your digital wardrobe, or to your personalized shop. Please be informed that you are responsible for your uploaded photos, therefore uploading your photos which represent you is considered to be absolutely voluntary. In case of your uploaded photos represent another person, you are responsible to obtain the approval/consent to use this photo from this person who are represented on the photo.
Information collected automatically
Usage information – We collect information about your activity through Our service such as search queries you submit. When you access the service by or through a mobile device, we may collect certain information automatically.
We use online service providers to help Us analyze – in the event of a malfunction – when and why the LiveRobe application might have misbehaved. We have an account at Sentry.io (Functional Software, Inc. dba Sentry, with the registered seat: 132 Hawthorne Street, San Francisco, CA 94107; e-mail address: firstname.lastname@example.org; web: https://sentry.io/welcome/) and we comply with this application’s Terms of Service. We are not using any of these third-party services to track, collect or upload any personal data that personally identifies you for any profiling purposes.
Log information – We also collect log information when you use the App, including among other things:
- details about how you have used Our service;
- pages and users viewed;
- IP address.
Storing your personal data
We are based in Hungary, Europe. First of all, We store the personal data you provide on computer servers in a controlled, secure environment, however We use also cloud-based web-storage services to store your data and content. We and Google Firebase (Google LLC with the registered seat: 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States; web: https://firebase.google.com/support/privacy/#firebase_is_gdpr-ready) do comply with the applicable regulations, i.e. the Applicable laws when we collect, save or use your personal data, however, to provide you the App and its services we need to transfer your data to the United States.
How we use the personal data we collect
We use the personal data and information we collect to operate and improve the App and its services and customer support. We do not share personal information with outside parties except to the extent necessary to accomplish Our functionality. We may share anonymous, aggregate statistics with outside parties, such as how many people see the related product with the App.
We may disclose your personal data and information in response to subpoenas, court orders, or other legal requirements; to exercise Our legal rights or defend against legal claims; to investigate, prevent, or take action regarding illegal activities, suspected fraud or abuse, violations of Our policies; or to protect Our rights and property.
In the future, We may sell to, buy, merge with, or partner with other businesses. In such transactions, user information may be among the transferred assets.
We use a variety of security technologies and procedures to protect your personal data from unauthorized access, use or disclosure. We secure the personal data you provide on computer servers in a controlled, secure environment, protected from unauthorized access, use or disclosure. All personal data and information is safeguarded using appropriate physical, technical and organizational measures.
Retention of personal data
How long We keep the personal data We collect about you depends on the type of the personal data – as described in further detail below. After such time, We will either delete or anonymize your personal data or, if this is not possible, then We will securely store your personal data and isolate it from any further use until deletion is possible.
In general, We retain personal data that you provide to Us until i) the accepted General Terms and Conditions as legally binding agreement concluded by and between you and Us exists; ii) we have an ongoing legitimate (business) interest to retain it i.e. as long as required to contact you regarding the Service or as necessary to comply with our legal obligations, resolve disputes and enforce Our agreements, etc.
When We have no ongoing legitimate (business) interest to process your personal data, We securely delete the personal data or anonymize it or, if this is not possible, then We will safely store your personal data and isolate it from any further processing until deletion is possible.
In case of the consent-based data processing, We delete personal data if you request it: in this case We store the personal data until your consent shall be withdrawn. However please note that having regard the priority of the contract- based data processing, in most cases you do not have the right to withdraw your consent.
How we share information we collect
We use Google Firebase (Google LLC with the registered seat: 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States; web: https://firebase.google.com/support/privacy/#firebase_is_gdpr-ready), Sentry.io (Functional Software, Inc. dba Sentry, with the registered seat: 132 Hawthorne Street, San Francisco, CA 94107; e-mail address: email@example.com; web: https://sentry.io/welcome/) and Algolia (Algolia Inc. with registered seat: 301 Howard St, 3rd floor, San Francisco, CA 94105 United States; web: https://www.algolia.com/). We don’t use any other tracking measures, not even Analytics, nor social buttons, widgets. Only We and Our staff as data controller and Our IT (application developer) company and its staff as data processor shall be entitled to access personal data based on contractual relationship and to the extent required for the appropriate operation of the App.
We may get contractual relationship with third party companies and individuals to facilitate our service (hereinafter referred to as “Service Providers”), to provide the service on our behalf, to perform service-related services or to assist us in analyzing how Our service is used. These third parties may have access to your personal data only to perform these tasks on Our behalf and are obligated not to disclose or use it for any other purpose.
In case We get contractual relationship with third party companies and individuals to facilitate our service, We shall be obliged to use only data processors providing sufficient guarantees to implement appropriate technical and organizational measures in such a manner that processing will meet the requirements of the applicable data protection laws and ensure the protection of your rights.
Disclosure of personal data
We may disclose your personal data in the good faith belief that such action is necessary to:
– in order to achieve the purpose of the App;
- comply with legal obligation;
- protect and defend Our rights or property;
- prevent or investigate possible wrongdoing in connection with the App;
- protect the personal safety of users of the App;
- protect against legal liability.
We and the App or its services do not address anyone under the age of 18. We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your children has provided us with personal data, please contact Us. If We become aware that We have collected personal data from children without verification of parental consent, we take steps to remove that information from Our servers as soon as possible.
You as data subjects have the following rights:
Right of access
You as data subject shall have the right to obtain from Us confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data and the following information: the purposes of the processing; the categories of personal data concerned; the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries; the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period; the existence of the right to request from Us rectification or erasure of personal data or restriction of processing of personal data concerning you or to object to such processing; the right to lodge a complaint with the national supervisory authority. In case of personal data are transferred to a third country, you shall have the right to be informed of the appropriate safeguards relating to the transfer.
We shall provide a copy of the personal data undergoing processing. For any further copies requested by you, We may charge a reasonable fee based on administrative costs. Where you makes the request by electronic means, and unless otherwise requested by you, the information shall be provided in a commonly used electronic form.
Right to rectification
You shall have the right to obtain from Us without undue delay the rectification of inaccurate personal data concerning you. Taking into account the purposes of the processing, you shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
Right to erasure – right to be forgotten
You shall have the right to obtain from Us the erasure of personal data concerning you without undue delay and We shall have the obligation to erase personal data without undue delay where one of the following grounds applies: the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed; you withdraw consent on which the processing is based, and where there is no other legal ground for the processing; you object to the processing and there are no overriding legitimate grounds for the processing; the personal data have been unlawfully processed; the personal data have to be erased for compliance with a legal obligation in European Union or Hungarian aw to which We are subject.
Please also be informed that the above mentioned shall not apply to the extent that processing is necessary for compliance with a legal obligation which requires processing by European Union or Hungarian law to which We are subject or for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes or for the establishment, exercise or defence of legal claims.
Right to restriction of processing
You shall have the right to obtain from Us restriction of processing where one of the following applies: the accuracy of the personal data is contested by you, for a period enabling Us to verify the accuracy of the personal data; the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead; We no longer need the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims.
Right to data portability
You shall have the right to receive the personal data concerning you, which you have provided to Us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from Us to which the personal data have been provided, where: the processing is based on consent or on a contract and the processing is carried out by automated means.
Right to object (automated individual decision-making)
Where personal data are processed for direct marketing purposes, you shall have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing. Where you object to processing for direct marketing purposes, the personal data shall no longer be processed for such purposes.
You shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
You have the right to withdraw your LiveRobe application related consent to the data processing at any time. Deletion of the LiveRobe application shall mean the withdrawal of your consent. Your rights can be exercised in accordance with the Act V of 2013 on Civil Code and the relevant, applicable data protection related regulations. In case of any problems related to your personal data processed by Us you may also ask for assistance from the Hungarian National Authority for Data Protection and Freedom of Information (H- 1122 Budapest, Szilágyi Erzsébet fasor 22 / C.), however before contacting the authority please kindly ask you to do not hesitate to cooperate with Us.
We also inform you that, in the event of a violation of the law on data processing or if We have failed to comply with any of your requests, you can appeal to the competent court.
By email: firstname.lastname@example.org