Privacy Policy
1. Introduction
FOURPAWS ANIMAL WELFARE is committed to protecting the privacy of its users. This Privacy Policy outlines how we collect, use, disclose, and safeguard your personal information when you use our online platform and mobile applications. This policy applies to all users, including those in India and the European Union.
For Indian Users
Types of Personal Information Collected
To effectively operate the platform and provide its services, Four Paws Animal Welfare will need to collect several types of personal information from its users. This includes basic contact details such as your full name, email address, phone number, and physical address, which you may provide during the registration process, while managing your account, or when processing transactions. User account information, including your chosen username, password, and any specified preferences, will also be stored to manage your individual account.
For financial transactions, the platform will collect payment information related to purchases, even when these are processed through third-party gateways, including details about the payment method, billing address, transaction dates, and amounts. A transaction history will be maintained, recording your purchases of happy points and collectibles, as well as any distributions received through the revenue-sharing mechanism.
Given the platform's emphasis on transparency, on-chain data, which refers to publicly available information about happy points and collectible transactions recorded on the blockchain, will also be considered as relevant user activity data; this may include your cryptocurrency wallet address even when using third-party gateways.
Information about how you interact with the platform, such as the pages visited, features used, and the duration of your sessions, will be tracked as usage data. Additionally, device information, including your IP address, device type, operating system, and browser type, will be collected for both website and mobile app usage to optimize the user experience and for security purposes. We may also collect your location data if location-based features are implemented.
Finally, any other information that you voluntarily provide, such as through support requests or feedback forms, will also be collected and processed. If you choose to connect your social media accounts, we may also collect information from those accounts. As the platform evolves and potentially incorporates direct cryptocurrency handling in the future, compliance with Know Your Customer (KYC) and Anti-Money Laundering (AML) regulations might necessitate the collection of additional personal information to verify user identities and transaction legitimacy.
Methods of Data Collection
Personal information will be collected through various methods. Direct collection occurs when you actively provide information during the registration process, when making purchases, or when utilizing the platform's features. Automated collection involves the use of technologies like cookies, web beacons, and server logs for the website, and device identifiers for the mobile applications. These technologies help track user behavior, preferences, and device-specific information.
Google Play Store policies emphasize the need for in-app disclosure of data collection practices. This means that a concise summary of how user data is accessed, collected, used, and shared must be displayed within the app itself, separate from the comprehensive Privacy Policy or Terms of Service. Third-party sources may also contribute to data collection. For instance, payment gateways will provide details about completed transactions, and affiliate partners might share user data if there are specific collaborations and user consent for such sharing.
Purpose of Collecting Personal Information
The collection of personal information serves several key purposes. It is essential for providing and maintaining the platform's services, ensuring you can access and utilize all features effectively. Processing payments and managing transactions related to the purchase of happy points and digital collectibles is a core function that requires user data. The platform's unique revenue-sharing mechanism with collectible holders necessitates tracking ownership and distributing earnings, which relies on user information.
Personal data is also used to personalize the user experience, offering relevant content and recommendations based on your interactions. Effective communication with users regarding their accounts, transactions, and important platform updates is facilitated through the collected contact information. For customer support, user data helps in addressing inquiries and resolving any issues that may arise.
Monitoring and analyzing how users interact with the platform as usage data allows for continuous improvement and helps in maintaining the security of the platform. Complying with legal and regulatory obligations, such as GST compliance and potential future anti-money laundering requirements, also necessitates the collection and processing of personal information. With user consent where required, personal data may also be used for marketing and promotional purposes, informing users about new features, collectibles, or initiatives.
Disclosure and Sharing of Personal Information
To fulfill the purposes outlined, Four Paws Animal Welfare may need to disclose or share personal information with certain third parties. Third-party payment processors, such as PayPal and Stripe, will receive necessary payment details to process transactions securely. For the platform's on-chain transparency, transaction data related to happy points and collectibles, potentially including your wallet address, will be publicly disclosed on the blockchain.
Affiliate vendors within the marketplace may receive user data, but only as necessary to facilitate transactions initiated by the user and with appropriate consent. Service providers, including those offering hosting, analytics, and customer support services, may have access to user data to perform their functions on behalf of Four Paws Animal Welfare. If required by law or legal process, the organization may also need to share information with legal authorities.
It is important to note that when the platform utilizes third-party payment gateways, especially those that might handle cryptocurrency, the privacy policies of these external entities will also govern the processing of user data by them. You should be informed about these third parties and encouraged to review their respective privacy practices to understand how their data is handled beyond the Four Paws Animal Welfare platform.
Data Security Measures Implemented
Protecting user data is paramount. Four Paws Animal Welfare will implement robust data security measures, including the encryption of sensitive data, such as payment information, both during transmission and at rest, to prevent unauthorized access. Personal information will be stored securely using industry-standard practices.
Regular security audits and vulnerability assessments will be conducted to identify and address potential weaknesses in the platform's security infrastructure. Measures will be in place to prevent unauthorized access, use, or disclosure of data, ensuring that user information remains confidential and protected. Google Play Store policies specifically require handling personal and sensitive user data securely, including transmission over HTTPS and the use of runtime permissions where available. Therefore, the platform will ensure that all data transmission, particularly for sensitive information like payment details, is conducted over secure protocols like HTTPS.
Data Retention and Deletion Policies
Four Paws Animal Welfare will establish clear policies regarding how long different types of personal information will be retained. The retention period will be determined based on the necessity of the data for the stated purposes, legal requirements, and business needs.
You will have the right to request the deletion of your data, and the platform will outline the process for submitting such requests and the conditions under which data will be deleted when it is no longer necessary. In compliance with Google Play Store requirements, if the platform allows users to create accounts, it must also provide a straightforward and easily accessible mechanism for users to request the deletion of their accounts and associated data, both within the mobile application and through a web-based resource. Developers are also required to complete the account deletion section of the Data Safety form for the Google Play Store.
User Rights under Indian Law
While India's comprehensive data protection law is still under development, existing legal frameworks provide certain rights to users regarding their personal information. You have the right to access your personal information held by the platform and to request a copy of it. You also have the right to correct any inaccuracies in your personal information to ensure the data is accurate and up-to-date.
The Consumer Protection (E-Commerce) Rules, 2020 in India mandate that e-commerce entities must provide transparent information about their legal name, address, and contact details. This information should be readily available within the privacy policy to ensure transparency and accountability. You also have the right to grievance redressal, and the platform will designate a grievance officer with clearly provided contact details to address any complaints or concerns related to the processing of their personal information, as mandated by Indian e-commerce rules.
Contact Information for Privacy Concerns and Grievance Officer Details
To ensure users can easily reach out with any privacy-related questions or concerns, the privacy policy will clearly display the name and contact details of the designated grievance officer, as required under Indian e-commerce regulations. This will typically include an email address and potentially a phone number. Additionally, a general email address or other means will be provided for users to contact the organization with any other inquiries related to their privacy or the platform's data handling practices.
For EU Users (GDPR Compliance)
For users residing within the European Union, Four Paws Animal Welfare will adhere to the regulations set forth by the General Data Protection Regulation (GDPR). This requires a more detailed and specific approach to data handling and user rights.
Legal Basis for Processing Personal Data
GDPR mandates that all processing of personal data must be based on a valid legal basis. Four Paws Animal Welfare will identify and clearly articulate the legal basis for each processing activity. Consent will be obtained explicitly for specific processing purposes, such as for marketing communications where users actively opt-in to receive such information.
Contractual necessity will serve as the basis for processing data that is essential to fulfill the contract with the user, such as providing access to the platform's features, processing payments for happy points and collectibles, and facilitating the revenue-sharing mechanism. The organization may also process data based on its legitimate interests, such as for improving the platform's services, ensuring security, and conducting business analytics, provided that these interests do not override the fundamental rights and freedoms of the users. Finally, processing may be necessary to comply with legal obligations to which Four Paws Animal Welfare is subject.
Information on Data Controller and Data Processor
Under GDPR, it is essential to identify the roles of data controller and data processor. Four Paws Animal Welfare will be the data controller, as it determines the purposes and means of processing personal data. Any data processors that the organization engages, such as third-party payment gateways (e.g., PayPal, Stripe) and hosting providers, will be listed, and their specific roles in processing user data on behalf of Four Paws Animal Welfare will be clearly defined.
Detailed Explanation of Data Subject Rights
GDPR grants several rights to individuals regarding their personal data. The privacy policy will provide clear and concise explanations of each of these rights in user-friendly language. These rights include the right to be informed about the collection and use of their personal data; the right to access the personal data held about them; the right to rectification to correct any inaccurate or incomplete personal data; the right to erasure, also known as the "right to be forgotten," allowing users to request the deletion of their data under certain circumstances; the right to restriction of processing, enabling users to temporarily limit the processing of their data; the right to data portability, allowing users to receive their personal data in a structured, commonly used, and machine-readable format and to transmit it to another controller; the right to object to the processing of their data in certain situations, such as for direct marketing purposes; and rights related to automated decision-making and profiling, ensuring users are not subject to decisions based solely on automated processing that produce legal effects or similarly significantly affect them.
Procedures for Exercising GDPR Rights
The privacy policy will outline the specific procedures that EU users can follow to exercise their GDPR rights. This will include clear instructions on how to submit requests for access, rectification, erasure, restriction, portability, or to object to processing. Contact information specifically for GDPR-related inquiries will be provided, ensuring users know who to reach out to for assistance with their rights. Additionally, users will be informed about their right to lodge a complaint with a supervisory authority in their member state if they believe that the processing of their personal data infringes the GDPR.
Cross-border Data Transfers
If Four Paws Animal Welfare needs to transfer personal data of EU users outside the European Economic Area (EEA), the privacy policy will provide information about such transfers. This will include details about the countries to which data may be transferred and the safeguards in place to ensure data protection during these international transfers. These safeguards may include the use of Standard Contractual Clauses (SCCs) approved by the European Commission or reliance on other legally recognized transfer mechanisms to ensure that the data receives an equivalent level of protection as within the EU.
Contact Us
If you have any questions about this Privacy Policy, please contact us at:
Email: privacy@fourpaws.org
Phone: +91 88741 61111
Address: 25/15, Main Branch Rd, Darbaripur, Sector 75, Gurugram, Haryana 122101
Last Updated: July 16, 2024