Rogue Firefly Media Inc. O/A CrissCross (the “Company”, or “we”, or “us”)
CONSENT AND AGREEMENT TO BE BOUND
YOU MAY ALSO HAVE PROVIDED CONSENT THROUGH THE GOOGLE PLAY STORE AND APPLE APP STORE. There are certain types of device data that the Product cannot access without Your consent. The various application marketplace platforms that Company serves the Product through will notify You the first time the Product requires permission to access certain types of data and will let You decide whether to consent to that request. You further agree to abide by all the terms in the application marketplace platform’s end user licensing agreement, or any other applicable application store (“Digital Distributor”) agreement, so long as such agreement does not conflict with the terms herein or the Agreements.
CHANGES WILL REQUIRE YOUR CONSENT. In the case of a material change to the Product as described in the amendment provision set out in the Agreements, and in accordance with the amendment requirements set out therein, Company will provide written notice to inform You and will obtain consent from You for any new purposes not previously identified.
CONSENT TO COLLECTION AND ANALYSIS OF THE INFORMATION YOU PROVIDE TO US
CONSENT TO PROCESS THIRD PARTY DATA YOU SEND TO US IS YOUR RESPONSIBILITY. Any data sent to the Company for processing by You is considered to be third party data (“Third Party Data”). For all Third Party Data, consent required upon collection of third party data shall be considered obtained by You (“Third Party Data Consent”).
CONSENT TO RECEIVING COMMUNICATIONS FROM US: When You sign up for an account, You are opting in to receive emails from the Product for administrative or technical issues and You may occasionally receive the Company newsletters.
WE WILL NOT REQUEST CONFIDENTIAL PERSONAL INFORMATION: Company will never send email messages to customers requesting confidential information such as passwords, credit card numbers, or social security or social insurance numbers. Please do not act on any such emails as You may compromise Your Personal Information by replying or by following links to a fraudulent website.
If You have questions or concerns regarding Company’s policy or practices, please contact Company’s privacy officer by email at email@example.com or at the following address: 2967 Dundas St. W. #210D, Toronto, ON M6P 1Z2
2. COLLECTION OF USER INFORMATION INCLUDING PERSONAL INFORMATION
DISCLOSURE OF COLLECTION
COLLECTION OF PERSONAL INFORMATION
When You use the Product, Company stores certain information about Your device and Your activities that You provide to Company and that Company automatically collects, including:
REGISTRATION INFORMATION: Your user registration information which includes the following personal information (“Personal Information”): first and last name, email address and photograph if You supply one to Company as Your personal avatar;
TECHNICAL INFORMATION: technical information about Your device such as the type of device, OS version, location, other browser information (e.g., size, connection speed and connection type);
USER PREFERENCES COLLECTED AUTOMATICALLY: Your User Preferences which Company will collect and determine automatically through Cookies and traffic data as described below;
USER PREFERENCES SUPPLIED BY YOU: Your user experience preferences and settings (time zone, language, etc.), as well as content and usage preferences (collectively, the “User Preferences”);
CONTENT SUPPLIED BY YOU: Company collects content that You upload, post, and/or share to Company’s Product which includes Company’s Social Media Services;
DIRECT DATA: When you use our Product, you share information with us, some of which may be used to identify you. When you communicate this information, you accept that some of the data will be visible to the other users of the Product, and therefore made public on the application. We cannot be held liable for data published on our Product and disclosed by a user; and
LOCATION DATA: If you give us permissions, when you access the Product using a web browser or other application/device, we may gather and store certain types of information including: traffic data from your browser, your IP address, location, GPS signals sent by a mobile device, Bluetooth and Wi-Fi connections, cookie information, and the pages/components you visit on the Product (“Location Data”). The collection of your
Location Data may occur in the background even when you are not using the Product if the
permission you gave us expressly permits such collection. If you decline permission for us to
collect your geolocation, we will not collect it. Similarly, if you consent, we may collect your
photos and videos (for instance, if you want to publish a photo, video or streaming on the
services). Location Data is used by the Product for the purposes of providing the services on the Product.
LOCATION OF OTHER MEMBERS:
With your express consent, Your Geographical position is collected (through the Location Data). This will be used to identify when you cross paths with other users who have also agreed to be geolocated.
Unless You have chosen more restrictive settings on your device, the Company will collect your Geographical position regularly.
When the Geographical positions of two users are within a certain radius, the Company pinpoints a Radius of Crossing.
The Radius of Crossing will be displayed on your profile, but other users cannot see your exact location. Each user sees his/her location at the time the Radius of Crossing was registered.
During your registration, if you do not provide your consent for geolocation, you must provide the name of your city. This information will enable the Company to suggest profiles of users near you.
[These Radius of Crossings can be displayed as a news feed or on a Map (Mapping).]
If you withdraw your consent by disabling geolocation on your smartphone (which you may do so at any point), your newsfeed will no longer be updated, and you will not be able to see any Radius of Crossing after disabling the geolocation option. [When you have no more profiles to view in your news feed, we will ask you the name of your city to suggest new user profiles near you.]
You can also ask that your profile, and therefore your Radius of Crossing, are no longer displayed on the Map (Mapping). In this case, you will only appear in the news feed of other users. You will no longer be able to see the profiles of users you have crossed paths with on the Map (Mapping); you will only see these profiles on your news feed.
Data required for certain purposes
Data relating to taking part in games and competitions, to your experience and your satisfaction;
Geographical position or at least your city;
Crossing points with other users;
Search preferences – people whom you would like to cross paths with (age and gender);
In-app messages and in-app voice messages sent and received;
Data on Video Calls (the contents of such Calls are not collected); and
Data relating to reports made and requests sent to our customer service.
Professional career and education;
Interests, lifestyle, User Characteristics;
Depending on how you signed up, Your email address and/or telephone number; and
METHODS OF COLLECTION
We may collect electronic information from You from the following sources:
COLLECTION OF INFORMATION AT REGISTRATION. Registration is required if You want to use the Product. You may need to register twice, once to the Digital Distributor and a second time after You have downloaded the Product from the Digital Distributor, using Your electronic device. As part of this registration, Company will require that You submit certain information that is relevant to the purposes of the Product;
COLLECTION THROUGH SOCIAL MEDIA: If You are logged into social media websites or applications (such as Facebook, Instagram, Twitter, among others, and individually and collectively, “Social Media Services”) on pages and/or locations that are related to Company’s Product, Company may receive information from such Social Media Services, in which case Company may collect and store information identifying Your account with the Social Media Services;
COLLECTED AUTOMATICALLY THROUGH ANALYTICS TOOLS: Company may collect and store information (including Personal Information) locally on Your device using mechanisms such as Product data caches, “Cookies” (cookies, pixel tags or other similar technologies which are small data files that are stored on an End-User’s device for record-keeping purposes that track where You travel on the Product and what You look at, on single sessions or accumulated over time. Although Cookies are used by most major Products and are accepted by default by most Products, it may be possible to disable Cookies via Your settings), and through “traffic data” which collects the route and destination of users and information on and through Company’s Product, as well as cookies that are stored temporarily on Your device.
3. DATA MANAGEMENT
VALIDATION OF AND CHANGES TO COMPANY’S END USER-INFORMATION
VALIDATION: Company will validate the Personal Information to the best of its ability. Company will validate Personal Information wherever possible, and any discrepancies discovered shall be corrected.
CLIENTS COLLECTING INFORMATION ON BEHALF OF THEIR END-USERS. In the case that the End-User Personal Information is provided to Company by one of Company’s clients Company will accept that database as verified and accurate. If Company is collecting the data on behalf of Company’s client, Company will work with the Client to ensure that processes will be put in place to ensure that end users are given the chance to review and correct any data issues.
REVIEW OF INFORMATION AND INDIVIDUAL ACCESS. The Company relies on You to ensure that the Personal Information You enter into Company’s system is as accurate, complete and up-to-date as necessary for the purposes for which it is to be used. Until the Personal Information Removal Date (as defined below), You may review or update Your Personal Information by submitting a request to review or update Your Personal Information to firstname.lastname@example.org indicating that You are requesting such review or update, subject to the identity verification process set out below, and with the understanding that the Company may make changes to Your Personal Information to meet the technological requirements of Company’s networks and media. Unless required to comply by law, Company may reject access or modification requests that are unreasonably repetitive, require disproportionate technical effort, risk the privacy of others, or would be extremely impractical. Where Company can provide information access and correction, and when required by law, Company will do so for free.
REMOVAL OF YOUR PERSONAL INFORMATION BY US OR BY YOU: At any time and up to 365 days after Your Agreements with Company have been terminated or the maximum time period allowed by Applicable Law as described below, whichever is longer (this is the “Personal Information Removal Date”) the End User may request a copy of all of the End-User’s User Data from the Product. After the Personal Information Removal Date, or upon Your specific request to email@example.com to delete the Personal Information, such Personal Information shall be deleted by Company within a reasonable period, unless:
INFORMATION MAY BE RETAINED UNTIL A SYSTEM-WIDE BACKUP IS PURGED: such data may continue to temporarily persist in Company’s system-wide business recovery back-ups (if any) until such time as the system-wide business recovery backup is deleted and replaced with data that does not include data collected during Your agreement term; however, You have no expectation of data retention whatsoever and acknowledge that backing up of Your own data is Your responsibility; or
INFORMATION MAY BE RETAINED IF REQUIRED TO COMPLY WITH LAW: such data may continue to temporarily persist to the extent that such information is required to be retained for compliance with Applicable Law (for example, to prevent, investigate, or identify possible wrongdoing in connection with the Product or to comply with legal obligations) and until such time as such information is no longer required for this purpose, however, You acknowledge that recovery of data is not permitted by You from within this system under these circumstances unless Company is required and compelled to do so by law, and in such event, at Your sole expense.
CHANGE REQUESTS MAY REQUIRE IDENTITY VERIFICATION ON YOUR PART: When updating Your Personal Information, Company may ask You to verify Your identity before Company can act on Your request.
TRACKING YOUR PREFERENCES. Company will capture and manage all End-User and Client privacy preferences. The preferences will be tracked in the database and attached to Your End-User records. If the preferences are changes, the modifications will be incremental, and added to an audit log. Tracking of Your consent to the collection, storage and use of Your Personal Information will also be recorded for the purposes of an audit log for consent. To ensure that the data is traceable, the source of the data will be logged, as well as a timestamp for the transaction.
STORAGE AND RETENTION
OF NON-PERSONAL INFORMATION: Data that is non-Personal Information may be kept by Company for an indefinite period however, this does not constitute a guarantee that Company will keep the data indefinitely. If a User or Client would like to ensure that data is indefinitely kept, that can be requested, upon written agreement of the parties of a custom services plan. This data will primarily be used in aggregate and anonymized format to drive business intelligence and analytics.
OF PERSONAL INFORMATION: Personal Information data will be kept until the Personal Data Removal Date (as defined above), with such deletion to be initiated by Company or by the User, in the manner described above in the section entitled “Removal of Personal Information By Company or by You.”
DATA RECOVERY BY YOU: Other than information that Company is required to retain and provide to You by law, You should have no expectation of data retention whatsoever. From time to time the Company will create a backup of all data in the Company’s system. This backup is for use by the Company only in the case of disaster recovery or to maintain business operations in the case of an emergency. No data will be backed up (except for such disaster recovery purposes and Company’s internal usage). Backing up of Your own data is Your responsibility.
DATA RESTORES: The Company will not restore data unless it is available and then only if the Company determines, in its sole discretion, that a data recovery is necessary.
PERIODIC AUDIT. Company will perform routine audits at its sole discretion or on a schedule as required by Applicable Law to confirm deletion of the data has occurred in the manner described above in the section entitled “Removal of Personal Information By Company or By You.”
SECURITY MEASURES: The Company takes your privacy very seriously. If You have a security related concern, please contact Company at the contact details provided above. Company will work closely with You to ensure a quick and personal response to Your concerns. In addition, Company restricts unauthorized access through protective policies, procedures, and technical measures, including:
SAFEGUARDS PROVIDED BY YOU: To keep Your Personal Information secure, You are required to safeguard Your End-User name and password information in accordance with the Agreements.
SAFEGUARDS PROVIDED BY US: Company will provide physical and electronic safeguards with regard to the storage of Personal Information as required by law, however, and pursuant to disclaimer provided in the Agreements, You understand that in order for the Company to operate the Product, End-User Data may be transmitted by You to the Company over the internet, public networks or otherwise, and You acknowledge that that no such data transmission can be guaranteed to be completely secure, and that, beyond Company’s requirements to provide a warranty on information security as required by law, Company cannot warrant the security of any information You transmit to us, and that You do so at Your own risk.
ACTIONS IN THE EVENT OF DATA BREACH. A “Data Breach” is defined as any non-authorized access to the storage locations of the data, or access to a storage location by an individual that is potentially suspected of having performed non-authorized activities. In the case where a Data Breach has occurred, if the Company believes that the breach creates a real risk of significant harm to the end-users, the End-User and Client will be notified in the manner as required by law, and all details regarding the impact to the End-User and Client will be shared.
TRAINING COMPANY’S STAFF IN DATA MANAGEMENT:
TRAINING OF COMPANY’S STAFF FOR HANDLING PERSONAL INFORMATION: Company’s employees and contractors are required to adhere to standards and policies to ensure that Personal Information is secure and treated with the utmost care and respect. Furthermore, Company limits access to Your Personal Information to those employees or contractors who Company reasonably believe need to come into contact with that information in order to do their jobs and Personal Information will only be reviewed if anonymized or otherwise accessed on a “need-to-know” basis.
4. DATA USAGE SCHEDULE TO THE AGREEMENT
USE AND DISCLOSURE OF PERSONAL INFORMATION. Company will not use or disclose Personal Information other than the purposes identified below (individually and collectively, the “Purpose”):
TO COMMUNICATE WITH YOU AND TO PROVIDE CUSTOMER SERVICE: To Provide Customer Service and support, administrative messages, updates, and security alerts, to resolve disputes, and to troubleshoot problems;
TO IMPROVE COMPANY’S PRODUCT: To fulfill Your requests or Company’s product roadmap for certain features of the Product, to customize, measure, and improve the Product including by analyzing trends, tracking user movements on the Product, gathering demographic statistics about Company’s user base as a whole, and to assist Company to measure Company’s performance and effectiveness of Company’s content, and to share Company’s performance information with others;
TO IMPROVE COMPANY’S CONTENT: Company may post Your social media content, testimonials, and other information provided by You;
TO FULFILL COMPANY’S BUSINESS GOALS: to directly or indirectly offer or provide You with products and services that are based on Company’s analysis of Your needs as determined by Company’s analytics and the analytics of Company’s third-party processors, unless You opt out;
IN THE EVENT OF AN ACQUISITION OF OUR COMPANY. In the event that the Company, or all or a portion of Company’s business, or one or more of its divisions, is acquired by one or more third parties as a result of an acquisition, merger, sale, reorganization, consolidation, liquidation or another similar transaction, Your Personal Information shall be one of the transferred assets. To the extent that Company is required to do so by law, You will be notified of any changes in ownership or uses of Your Personal Information;
TO PROCESS PAYMENTS: To use certain services on the Product, Company may require debit or credit card account information (“Debit or Credit Card Information”). By submitting Your Debit or Credit Card Information through the Product, You expressly consent to share of Your information with third-party payment processors and other third-party service providers; and
And to fulfill other purposes related to Company’s Product, subject to Your explicit consent if consent is required by law.
RIGHTS TO CONTENT PROVIDED BY THE END-USER
FOR INFORMATION YOU PROVIDE. By posting content on the Product (the “User Data”), the End-User and Client jointly hereby grants to the Company a worldwide, non-revocable, non-exclusive, perpetual, royalty-free, and sub-licensable right to use, create derivative works of, modify, and to distribute (including without limitation, distribution online, through multiple channels, and bundled with other applications or materials) such content, and further, the above agrees to waive any moral rights to such User Data, and agrees that the Company may modify or adapt the User Data in order to transmit, display or distribute it over other applications and in various media. The Client and/or End-User agrees that the Client and/or End-User will individually and jointly defend, indemnify and hold harmless the Company from and against any Claims (as defined in the Agreements) arising from the nature of the content submitted and/or the ownership of User Data and any claims of infringement of third party intellectual property related to such User Data.
FOR INFORMATION WE AUTOMATICALLY COLLECT. Company Collection and Analysis of Data. The Company creates benefit to all of its Clients and End-Users by analyzing the Company Data for the purposes of Product improvements. The Client and/or End-User agrees that the Company shall have the right to collect and analyze data and other information relating to the provision, use and performance of various aspects of the Company products and related systems and technologies, and the Company will be free (during and after the Initial Term or subsequent Renewal Term) to (i) use such information and data to improve and enhance the Company products generally, (ii) for other development, diagnostic and corrective purposes in connection with the Products and Services, and (ii) disclose such data solely in aggregate, anonymous, and non-identifiable form that is in no way connected Client and/or End-User or its business.
5. LIST OF THIRD PARTY PROVIDERS AND END-USER DATA STORAGE PROVIDERS