1. Objective and Responsible Authority
1.2. Service provider and the authority responsible for data processing is DomainHub, 340 S Lemon Ave #2178, Walnut, CA 91789, USA
1.3. Contact: [email protected]
2.1. Personally Identifiable Data – This kind of data can be used to uniquely identify, contact, or locate a single person or can be used with other sources to uniquely identify a single individual (e.g. names, e-mail-addresses).
2.2. Pseudonymous Data – The pseudonymous data identifies a holder, that is, one or more human beings who possess but do not disclose their true names (e.g. “user5623”).
2.4. Web beacons – Web beacons (also known as Pixel Tags) are small strings of code that provide a method for delivering a graphic image on a web page for the purpose of transferring information, such as the IP address of the computer that downloaded the page on which the Web beacon appears, the URL (uniform resource locator) of the page on which the Web beacon appears, the time the page containing the Web beacon was viewed, the types of browser that fetched the Web beacon and the identification number of any cookie on the computer previously placed by that server.
2.5. IP Address – An Internet Protocol address (IP address) is a numerical label assigned to each device (e.g., computer, printer) participating in the Internet.
3. Information on Personal Data Processing and Security
3.1. Personal data, in addition to the use expressly named in this agreement and allowed by law, is used for the following purposes:
The provision, maintenance, security and execution of our Service;
Ensuring effective customer Service and technical support
3.2. We will collect, process and use personally identifiable data within the scope of your registration and the Service, and not without your required further consent only to the extent necessary for the conclusion and execution of a contractual relationship, performing requests or for billing purposes.
3.3. We take organizational, contractual and technical security measures to ensure that the provisions of data policy laws are complied with and, as a result, the data managed by us is protected from accidental or intentional manipulations, loss, destruction or access by unauthorized persons. These security measures are monitored on a regular basis and updated according to industry standard as necessary.
3.4. As provided for by applicable provisions we are entitled to disclose and submit data for criminal prosecution and risk prevention purposes.
4. Data Collection
4.1. Data received from Facebook: Once users log into Facebook in order to take a quiz, Yenpu may process the following information, depending on the quiz being taken: full name, profile picture, Facebook User ID, gender, timeline posts (including reactions), photos and list of friends. Yenpu, through Facebook, will only process the necessary data to provide and improve its Service to users. This data is required to provide the User with the Service. Refusal to provide this data will not allow Yenpu to provide the Service to the User.
4.2. Data received from you: Users may provide us voluntarily their Personal Data, such as name, e-mail address and company name when contacting us (through Facebook, Messenger, e-mail or any other channel), your images and profile pictures (if you choose to upload them to our quizzes). Yenpu might also collect meta-data from the User such as their IP address and the date and time of their visit to the Site for purposes including, but not limited to fraud prevention.
4.3. Data automatically collected or generated: Yenpu will obtain data on the User’s usage of the Service either independently or with the help of third party services through the use of “cookies” (as described in Section 1). Such data consists of connectivity, technical or aggregated usage data, such as IP address, non-identifying data regarding the device, operating system, browser version locale and language settings used, the cookies and pixels installed on such device, and the activity (clicks and other interactions) of users of our Services. We do not use such data to learn a person’s true identity or contact details, but mostly to have a better understanding on how our users typically use and engage with our Services. The use of such technical and device data also helps us and our partners to deliver contextual or otherwise more effective advertisements and content; to optimize our ad management and our users’ viewing experience, and to improve the overall user experience and performance of our Services.
5. Registration Through Authentication Services Of Third Parties
5.1. Users can register and log in by using authentication services of Third-party Providers, as far as these are available (hereinafter referred to as „authentication by a third-party“). Particularly Facebook, Google or Twitter can be possible authentication service providers.
5.2. As requirement for the authentication through a Third-party Provider, users should be registered at the respective Third-party Provider and enter the necessary login details in the appropriate web formula or should be already logged in to the Third-party Provider.
5.3. In the context of a registration, we receive a user ID with the information under which the user with this user ID is logged in and an ID that cannot be further used by the Service Provider (so called “user handle”). Whether we receive further data depends only on the user who uses the authentication by a Third-party Provider, the data that is selected to be released in the context of the authentication, and which data has been authorized by the user in the privacy or other settings of the user account at the Third-party Provider. The data can differ, depending on the provider and the selections of the user; normally these are the e-mail address and the user name. In case of Facebook, this is also the – so called – Public Profile Information, that can be seen by everyone. This includes the name, profile and cover picture, gender, networks (i.e. school or working place), user name (Facebook URL) and user identification number (Facebook ID).
5.4. The password that has been entered in the context of the authentication by a Third-party Provider cannot be seen by us, neither can it be saved by the Service Provider.
5.5. The users are asked to keep in mind that their data, which we save, can be compared and synchronized with their user account at the Third-party Provider automatically. There is no obligation however for us to update the data.
5.6. In the case that users decide that they do not wish to further use the connection of their user account at the Third-party Provider for the authentication by a Third-party Provider, they must cancel this connection within their user account at the Third-party Provider. If the users wish to delete their data we save, they must cancel their account at our Service.
6. Data Processing Purposes and Legitimate Legal Basis
6.1. Facilitate, operate, and provide our Services.
6.2. Provide our users with customer care, assistance and technical support services.
6.3. Further develop, customize and improve the Services and your user experience:
We use the information we receive on the user in order to adjust our Service and its contents with user’s demands, expectations or interests. This processed information includes data we receive from users during the registration procedure (e.g. a users’ gender, name or country), as well as the data we receive on a user’s use of our Service (e.g. which parts of our Service are preferably used, recommended, favored or shared with other users).
We may use the requested data anonymously for statistical purposes. I.e., if we may access the data on user’s facebook chronic, posts or likes, we may evaluate how often a posting was shared or liked in order to help us improve our Services and its contents like our quizzes and personality tests. We perform the evaluation anonymously, meaning independently of users’ Personally Identifiable Data we received with the consent of the user (e.g. without the Facebook-ID). These evaluations are just for us only, without any transfers of this data to third parties.
6.5. Support and enhance our data security measures, including for the purposes of preventing and mitigating the risks of fraud, error or any illegal or prohibited activity. IP, browser and OS data will be used as a technical need, in order to conduct operations such as fraud detection and prevention.
6.6. Create aggregated statistical data, inferred non-personal data or anonymized or pseudonymized data (rendered non-personal), which we or our business partners may use to provide and improve our respective services
6.7. The legal basis legitimising the processing of Cookies by Yenpu will be given by users through their explicit consent.
7. Data Retention Policy
7.1. Data facilitated directly by the user will only be processed by Yenpu so far as the user uses the Service.
7.2. Only users’ quiz results (and associated meta-data) will be stored. Results contain a irreversible user hash used in order to identify users’ results upon deletion requests. We delete the quiz results regularly, if they become older than 60 days.
7.3. Finally, information proceeding from cookies will be conserved for a maximum period of 13 months.
8. Data Storage
8.1. The aforementioned data will be stored in servers outside of the European Union, namely by service providers located and operating in the United States. Our providers:
Provide data protection guarantees by means of “Privacy Shield” (a framework for transatlantic exchanges of personal data between the EU and USA). Furthermore, Google is authorized as a trusted processor by the Polish Data Protection Agency.
9. User Rights
9.1. The Data Protection Directive guarantees users with the following rights:
Access (Art. 15 GDPR)
Rectification (Art. 16 GDPR)
Erasure (Art. 17 GDPR)
Restriction (Art. 18 GDPR)
Portability (Art. 20 GDPR)
Object (Art. 21 GDPR)
9.2. Users will be able to exercise their rights by means of written notice to Yenpu contact e-mail. Users will have to provide a scanned copy of their National Identity Card or equivalent and state their request.
9.3. We inform users that the exercise of these rights are subject to the correct identification of the user and the ability to link them with the relevant collected and processed data. This procedure is not always possible (f.e. In the case of IP addresses) unless the user is able to provide enough documentation to certify their identity.
10. Third Persons’ Data Facilitated by Users
10.1. If the user were to facilitate personal data from third persons with any purpose, the user guarantees they have informed previously all concerned parties and have obtained their consent in order to communicate their data to Yenpu.
10.2. The user guarantees that the concerned parties are over 14 years old and the information facilitated is accurate and truthful.
10.3. In case any responsibility arises from the non-fulfillment of these conditions by the user, the user will have to answer to the consequences of the aforementioned non-fulfillment.
11. Server Log-Files
11.1. During every visit of our Service information about IP address, access-provider, referring URL, date/time, browser type and version and operating system, amount and state of transferred data is stored in the web server log files.
11.2. We use the log data without any other personal or pseudonymous profiling as required by law only for the purpose of the operation, security and optimization of our servers.
12. Additional Third-Party Analytics and Marketing Tools
12.1. Within our Service we embed third-party (hereinafter “Marketing Provider”) marketing and ad technology in order to improve the efficiency of our marketing efforts and the relevance of the advertising presented to consumers, as well as for marketing of advertising space within our Service. Marketing Provider might use “Pixel Tags” (small invisible images) to collect information. Through the use of Pixel-Tags simple actions such as the visitor traffic to the Website can be pseudonymously recorded and collected. The pseudonymous information might also be stored in cookies on your device, includes technical information like your Browser or OS, details of how you used our Service and interacted with contents displayed by the Marketing Provider. This information might be combined with such data collected on other sources or used in order to display user tailored advertising content on other websites and within other services.
13. Google Analytics
13.2. Google will use this information on our behalf in order to assess users’ use of our Service, in order to compile reports on the activities within our Service and in order to provide additional services for us associated with the use of our Service and Internet use.
13.3. In case IP-anonymization is activated on this Service, your IP address will be truncated within the area of Member State of European Union or other parties to the Agreement on the European Economic Area. Only in exceptional cases the whole IP address will be first transferred to a Googler server in U.S. and truncated there.
13.4. We use the Analytics features for marketing, Google Display Network impressions, DoubleClick Campaign Manager integration and Google Analytics reports on demographics and user interests. You can prevent Google from using Google Analytics for display ads and customize ads on the Google Display Network at: https://www.google.com/settings/ads.
13.5. The IP address that your Browser conveys within the scope of Google Analytics, will not be associated with other data held by Google. Users can prevent cookies being saved through the appropriate setting on their browser software, however please note that if you do this you may not be able to use the full functionality of this Service. You can opt-out being tracked by Google Analytics with effect for the future by downloading and installing Google Analytics Opt-out Browser Add on for your current web browser: http://tools.google.com/dlpage/gaoptout?hl=en.
14. Use of Google Marketing and ReMarketing Services
14.1. We use the marketing and remarketing services (hereinafter referred to as the “Google Marketing Services”) provided by Google Inc., 1600 Amphitheatre Parkway, Mountian View, CA 94043, USA.
14.2. The Google Marketing Services enable us to display ads for and on our Websites and Service in a more targeted manner so that users are only shown ads which might actually be of interest to them. For this purpose, as soon as the user accesses our Websites, or other websites on which Google Marketing Services have been activated, Google immediately executes a Google code and so called re/marketing tags (invisible graphics or code) are integrated into the Website. With the help of these tags, an inpidual cookie, is stored on the users’ device (comparable technology can be used instead of cookies). The cookies can be set from various domains, including google.com and doubleclick.net. This file keeps a record of which websites the user visits, what content he/she is interested in and which offers he/she has clicked on, as well as technical information about the browser and operating system, referring websites, time of access and other details about the use of the website content. The users’ IP address is also recorded, whereby we, within the context of Google Analytics, would like to point out that, within member states of the European Union or in other countries that are party to the Agreement on the European Economic Area, the IP address is truncated and only transmitted in its entirety to a Google server in the US and truncated there in exceptional cases. The IP address will not be linked with any of the user’s data from other services offered by Google. The aforementioned information can also be combined with equivalent information from other sources. If the user visits other websites afterwards, he/she can only be shown the ads that directly reflect his/her interests.
14.3. Within the scope of Google Marketing Services, the users’ data is processed pseudonymously. This means that Google does not, for example, store and process the users’ name or e-mail address, instead processing the relevant data on the basis of the cookies within pseudonymous user profiles. In other words, from Google’s point of view, the ads are managed and displayed for the cookie owner, regardless of who the cookie owner is, rather than for a specifically identified person. This shall not apply where the user has expressly permitted Google to process the data without this pseudonymization. The information collected about the users via “DoubleClick” shall be transmitted to Google and stored on Google’s servers in the US.
14.7. If you wish to object to the collection of data by Google Marketing Services, you can use the settings and opt-out functions provided by Google: http://www.google.com/ads/preferences.
15. Facebook Remarketing
15.1. Our Service uses social plugins („plugins’) provided by the social network Facebook, which is operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or if you live in the European Union, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland („Facebook“). The plugins are usually identifiable by a Facebook logo (e.g. letter f on blue background or a thumb up icon). For a full list of all social Plugins please see https://developers.facebook.com/docs/plugins/.
15.2. When you visit a page of our Service that contains a social plugin, your browser establishes a direct connection to Facebook servers. Facebook directly transfers the plugin content to your browser that embeds the latter into the Service, enabling Facebook to receive information about you having accessed the respective page of our Service. Thus, we have no influence on the data gathered by the plugin and inform you according to our state of knowledge: The embedded plugins provide Facebook with the information that you have accessed the corresponding page of our Service. If you are logged into Facebook, your visit can be assigned to your Facebook account. If you interact with the plugins, for example by clicking „Like”, or entering a comment, the corresponding information is transmitted from your browser directly to Facebook and stored by it. Even if you are not logged into Facebook, there is possibility that the plugins transmit your IP-address to Facebook.
15.4. In case you want to opt out of being subject to Facebook’s use of your data for marketing purposes please use Facebook’s opt-out settings provided within your user profile:https://www.facebook.com/settings?tab=ads or the opt-out possibilities on the websites http://www.aboutads.info/choices or for users from the EU http://www.youronlinechoices.com. Your choices are irrespective of platforms and devices and will be considered while using desktop or mobile devices.
16. Facebook Marketing
16.1. Within our Service we use the “Facebook Pixel“, the “App Analytics” functions and advertising contents of the Audience Network (hereinafter jointly referred to as the “Facebook Marketing Functions”) provided by the social network Facebook, which is operated by Facebook Inc. The Facebook Marketing Functions allow us and Facebook to determine the relevant target audiences, in order to display advertisements (hereinafter referred to as “Facebook-Ads’) in reference to potential interests of the users, as well as to users with similar attributes (so called “Lookalike Audiences”). We use the Facebook Marketing Functions, because we want to display Facebook-Ads only to users, who displayed an interest in our Service. The Facebook Marketing Functions allow us and Facebook to determine, whether our Ads were effective and satisfactory for users by being able to comprehend users’ actions, after they were forwarded to our Service by clicking a Facebook-Ad.
16.2. When you visit our Service or other websites that are member of Facebook’s Audience Network and display Ads, that include or use Facebook Marketing Functions, your browser establishes a direct connection to Facebook servers. Facebook directly transfers the Facebook Marketing Functions content to your browser which embeds the latter into our Service, enabling Facebook to receive the relevant information and storing a cookie (or similar device related characteristics, especially for the App Analytics functions) on your device. The cookie allows Facebook to store the relevant information within your device and retrieve it for the above-mentioned purposes, whereby user profiles may be created.
16.4. In case you want to opt out of being subject to our and Facebook’s use of Facebook Marketing Functions for marketing purposes please use Facebook’s opt-out settings provided within your user profile: https://www.facebook.com/settings?tab=ads or for users from the EU http://www.youronlinechoices.com. Your choices are irrespective of platforms and devices and will be considered while using desktop or mobile device.
17.2. Please check back periodically, and especially before you provide any new personally identifiable information.