Privacy Policy

Methods of Data Collection

Personal information will be collected through various methods. Direct collection occurs when you actively provide information during the registration process, when making purchases, or when utilizing the platform's features. Automated collection involves the use of technologies like cookies, web beacons, and server logs for the website, and device identifiers for the mobile applications. These technologies help track user behavior, preferences, and device-specific information.

Google Play Store policies emphasize the need for in-app disclosure of data collection practices. This means that a concise summary of how user data is accessed, collected, used, and shared must be displayed within the app itself, separate from the comprehensive Privacy Policy or Terms of Service. Third-party sources may also contribute to data collection. For instance, payment gateways will provide details about completed transactions, and affiliate partners might share user data if there are specific collaborations and user consent for such sharing.

Purpose of Collecting Personal Information

The collection of personal information serves several key purposes. It is essential for providing and maintaining the platform's services, ensuring you can access and utilize all features effectively. Processing payments and managing transactions related to the purchase of happy points and digital collectibles is a core function that requires user data. The platform's unique revenue-sharing mechanism with collectible holders necessitates tracking ownership and distributing earnings, which relies on user information.

Personal data is also used to personalize the user experience, offering relevant content and recommendations based on your interactions. Effective communication with users regarding their accounts, transactions, and important platform updates is facilitated through the collected contact information. For customer support, user data helps in addressing inquiries and resolving any issues that may arise.

Monitoring and analyzing how users interact with the platform as usage data allows for continuous improvement and helps in maintaining the security of the platform. Complying with legal and regulatory obligations, such as GST compliance and potential future anti-money laundering requirements, also necessitates the collection and processing of personal information. With user consent where required, personal data may also be used for marketing and promotional purposes, informing users about new features, collectibles, or initiatives.

Disclosure and Sharing of Personal Information

To fulfill the purposes outlined, Four Paws Animal Welfare may need to disclose or share personal information with certain third parties. Third-party payment processors, such as PayPal and Stripe, will receive necessary payment details to process transactions securely. For the platform's on-chain transparency, transaction data related to happy points and collectibles, potentially including your wallet address, will be publicly disclosed on the blockchain.

Affiliate vendors within the marketplace may receive user data, but only as necessary to facilitate transactions initiated by the user and with appropriate consent. Service providers, including those offering hosting, analytics, and customer support services, may have access to user data to perform their functions on behalf of Four Paws Animal Welfare. If required by law or legal process, the organization may also need to share information with legal authorities.

It is important to note that when the platform utilizes third-party payment gateways, especially those that might handle cryptocurrency, the privacy policies of these external entities will also govern the processing of user data by them. You should be informed about these third parties and encouraged to review their respective privacy practices to understand how their data is handled beyond the Four Paws Animal Welfare platform.

Data Security Measures Implemented

Protecting user data is paramount. Four Paws Animal Welfare will implement robust data security measures, including the encryption of sensitive data, such as payment information, both during transmission and at rest, to prevent unauthorized access. Personal information will be stored securely using industry-standard practices.

Regular security audits and vulnerability assessments will be conducted to identify and address potential weaknesses in the platform's security infrastructure. Measures will be in place to prevent unauthorized access, use, or disclosure of data, ensuring that user information remains confidential and protected. Google Play Store policies specifically require handling personal and sensitive user data securely, including transmission over HTTPS and the use of runtime permissions where available. Therefore, the platform will ensure that all data transmission, particularly for sensitive information like payment details, is conducted over secure protocols like HTTPS.

Data Retention and Deletion Policies

Four Paws Animal Welfare will establish clear policies regarding how long different types of personal information will be retained. The retention period will be determined based on the necessity of the data for the stated purposes, legal requirements, and business needs.

You will have the right to request the deletion of your data, and the platform will outline the process for submitting such requests and the conditions under which data will be deleted when it is no longer necessary. In compliance with Google Play Store requirements, if the platform allows users to create accounts, it must also provide a straightforward and easily accessible mechanism for users to request the deletion of their accounts and associated data, both within the mobile application and through a web-based resource. Developers are also required to complete the account deletion section of the Data Safety form for the Google Play Store.

User Rights under Indian Law

While India's comprehensive data protection law is still under development, existing legal frameworks provide certain rights to users regarding their personal information. You have the right to access your personal information held by the platform and to request a copy of it. You also have the right to correct any inaccuracies in your personal information to ensure the data is accurate and up-to-date.

The Consumer Protection (E-Commerce) Rules, 2020 in India mandate that e-commerce entities must provide transparent information about their legal name, address, and contact details. This information should be readily available within the privacy policy to ensure transparency and accountability. You also have the right to grievance redressal, and the platform will designate a grievance officer with clearly provided contact details to address any complaints or concerns related to the processing of their personal information, as mandated by Indian e-commerce rules.

Contact Information for Privacy Concerns and Grievance Officer Details

To ensure users can easily reach out with any privacy-related questions or concerns, the privacy policy will clearly display the name and contact details of the designated grievance officer, as required under Indian e-commerce regulations. This will typically include an email address and potentially a phone number. Additionally, a general email address or other means will be provided for users to contact the organization with any other inquiries related to their privacy or the platform's data handling practices.

Legal Basis for Processing Personal Data

GDPR mandates that all processing of personal data must be based on a valid legal basis. Four Paws Animal Welfare will identify and clearly articulate the legal basis for each processing activity. Consent will be obtained explicitly for specific processing purposes, such as for marketing communications where users actively opt-in to receive such information.

Contractual necessity will serve as the basis for processing data that is essential to fulfill the contract with the user, such as providing access to the platform's features, processing payments for happy points and collectibles, and facilitating the revenue-sharing mechanism. The organization may also process data based on its legitimate interests, such as for improving the platform's services, ensuring security, and conducting business analytics, provided that these interests do not override the fundamental rights and freedoms of the users. Finally, processing may be necessary to comply with legal obligations to which Four Paws Animal Welfare is subject.

Information on Data Controller and Data Processor

Under GDPR, it is essential to identify the roles of data controller and data processor. Four Paws Animal Welfare will be the data controller, as it determines the purposes and means of processing personal data. Any data processors that the organization engages, such as third-party payment gateways (e.g., PayPal, Stripe) and hosting providers, will be listed, and their specific roles in processing user data on behalf of Four Paws Animal Welfare will be clearly defined.

Detailed Explanation of Data Subject Rights

GDPR grants several rights to individuals regarding their personal data. The privacy policy will provide clear and concise explanations of each of these rights in user-friendly language. These rights include the right to be informed about the collection and use of their personal data; the right to access the personal data held about them; the right to rectification to correct any inaccurate or incomplete personal data; the right to erasure, also known as the "right to be forgotten," allowing users to request the deletion of their data under certain circumstances; the right to restriction of processing, enabling users to temporarily limit the processing of their data; the right to data portability, allowing users to receive their personal data in a structured, commonly used, and machine-readable format and to transmit it to another controller; the right to object to the processing of their data in certain situations, such as for direct marketing purposes; and rights related to automated decision-making and profiling, ensuring users are not subject to decisions based solely on automated processing that produce legal effects or similarly significantly affect them.

Procedures for Exercising GDPR Rights

The privacy policy will outline the specific procedures that EU users can follow to exercise their GDPR rights. This will include clear instructions on how to submit requests for access, rectification, erasure, restriction, portability, or to object to processing. Contact information specifically for GDPR-related inquiries will be provided, ensuring users know who to reach out to for assistance with their rights. Additionally, users will be informed about their right to lodge a complaint with a supervisory authority in their member state if they believe that the processing of their personal data infringes the GDPR.

Cross-border Data Transfers

If Four Paws Animal Welfare needs to transfer personal data of EU users outside the European Economic Area (EEA), the privacy policy will provide information about such transfers. This will include details about the countries to which data may be transferred and the safeguards in place to ensure data protection during these international transfers. These safeguards may include the use of Standard Contractual Clauses (SCCs) approved by the European Commission or reliance on other legally recognized transfer mechanisms to ensure that the data receives an equivalent level of protection as within the EU.