1. Information we may collect from you
From time to time, we may collect or ask you to provide personal information including (without limitation) the following: your name, mobile phone number, email address, password, IP address, unique device identifiers and other identification credentials, biographical details, photographs and/or payment information.
As part of the Services, we may provide functionality allowing you to search for friends by using your Facebook credentials and, when you elect to do this, you will be asked to allow the Kora App to access certain information associated with your Facebook account such as your name, profile picture, gender and list of friends. Provided you consent to this, such information will be processed by us in order to identify your Facebook friends who are users of Kora App and to allow you to invite those Facebook friends to install the Kora App.
Please note that, with your consent, we will collect information about your location and physical movements in order for the Kora App to function properly and monitor and verify forms of eligible movement. You may turn location monitoring on and off from time to time using the settings of your operating system of your mobile device but, if you disable this functionality, we will not be able to collect information relating to your step-count, use of public transportation, use of flights or and another mode of transportation and GPS/Cell-ID location which will prevent tracking and/or conversion of your movement into Kora.
We work with third parties from time to time (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers and credit reference agencies) who may provide to us information about you. This may include your purchase history from business partners who supply you with rewards made available via the Kora App.
2. Children and privacy
We do not knowingly collect information from children under age 6. If you are under age 6, you are not permitted to use the Service. If you are 6 – 17 years of age, you may visit, browse and use the information on the Service but you may not register an account or submit any personal information. If you are 6 – 17 years old, by browsing, using or accessing the Service you confirm that you have the permission of a parent or guardian to do so. If you are a parent or guardian and believe that we may have inadvertently collected personal information from your child, please notify us immediately by following the instructions on our website: https://kora.app
or by sending an e-mail to firstname.lastname@example.org
3. Use of personal data
We may use your personal data to:
- provide the Services (using our own systems and those of appropriate third party service providers);
- verify your physical movement and location and issue Koras on the basis of this verified data;
- analyse the usage of, and improve, the Services;
- perform market and customer research;
- market our services to you;
- correct errors and problems with the Services;
- investigate and/or prevent suspected fraud or other criminal activities;
- create daily leaderboards of users, comprising all users or users meeting particular criteria as ranked by the number of steps completed or using other criteria;
- operate the Kora Marketplace; and/or
- investigate disputes between users.
- the developer requests permission to read and write heath data from the Health App.
- Kora does not use Health Kit data for advertising purposes and will not sell Health Kit data.
Additionally, we and/or our trusted partners may contact you from time to time with offers that may interest you and/or to inform you of other products and services. Certain of your personal data may be shared with other users of the Kora App as part of the normal operation of the Services (for example your uploaded profile picture and biographical information will be accessible to all users, and we may publish your total verified steps, your carbon footprint, your carbon reduction, or other movement, during a particular period to other users from time to time). Further, we may, from time to time, expand or reduce our business which may involve the transfer of certain divisions or assets of our company to other parties, and the data we store and use, where relevant, may be transferred to such third parties. From time to time we may transfer the data we store and use to locations outside the European Economic Area, some of which may have different data protection laws to the EU, or no data protection laws. In all such cases, we transmit such information only to entities that comply with this policy and applicable law.
Your personal data will be kept only for as long as is necessary. We take reasonable industry-standard care in keeping all our data secure and in preventing any unauthorised access or unlawful use of it. All personal data we store and process is handled strictly in accordance with applicable data protection legislation.
4. Sharing information with third parties
We will not share your personal data with third parties except in the following situations:
a) when you have given us consent to share such personal data. This can for instance be in relation Facebook, Twitter or similar social media (as further described in section 8 below) or other;
b) when necessary for billing purposes or other services/functions performed on our behalf, we share information with the billing provider or other vendor to facilitate billing or other services/functions, respectively. The payment information is stored by the billing provider and not by Kora;
c) when we engage third parties to perform services on behalf of us in relation to the Kora service, either companies that are affiliated with us or third parties. In such cases we will remain responsible for your personal data and ensure that all handling of the data will be in accordance with this policy and applicable laws; and
d) in response to legal processes, such as a request by law enforcement, a court order or similar, or to protect the integrity of the Service if we believe that a user has committed unlawful or otherwise harmful acts.
We will never sell your personal data to third parties or allow third parties to have access to your data for their own purposes unless you otherwise provide your consent. If all or part of Kora is sold, merged or is otherwise transferred to another entity, the information you have provided on or through the Service may be transferred to such entity as part of that transaction.
If you have provided us with your email address or your phone number we will only use this information to communicate with you in matters relevant to the Service. Such information includes receipts for payment, information about changes in the Service, changes in the GTCs and this Policy. We will not use this information to send you information about third party services unless you otherwise provide your consent. Providing us with this information in response to our communications to you shall be considered consent from you to use this information to send you information about third party services. If the legal statutory requirements are met or if you have opted in, we will send you our newsletter and similar information. You can at any time give us notice that you no longer want to receive such communication.
6. Server log files
Usage of the Service may be logged in the server log files. These log files include the IP address of the device that accessed the Service together with the time of the use and which resource that was requested, as well as user identification information. The log file of the Service is used to create anonymous usage statistics that are used to settle with the owners of the content, to analyse the usage of the Service, and for the purposes of system administration.
7. Cookies and similar technologies
The types of cookies we may use include:
- Analytical/Tracking Cookies, which allow us to recognise and count the number of visitors and analyse use of the Services, as well as to verify transactions; and
- Advertising and Retargeting Cookies, which allow us to generate appropriate advertising directed to you on the Kora Website(s) as well as on the Kora App and other third party websites.
We use a number of industry-standard data analytics tools, such as Google Analytics and Facebook Analytics. These collect certain information about you, such as your device’s IP address and browsing and usage behaviour, and are used to allow us to track and monitor the traffic visiting the Kora App and Kora Website(s).
8. Integration with third party services
Google Analytics: We may use Google Analytics from Google (Google Inc, US) on our web pages to create anonymous usage statistics. If you have concerns relating to the usage of Google Analytics, be informed that it is possible to block Google Analytics by installing a plug-in to your browser. A plug-in for the most common browsers can be found here: http://tools.google.com/dlpage/gaoptout
9. Integration with third party websites
10. Safeguarding of personal data
We store your data in a secure manner on restricted and protected equipment. Only a limited number of personnel have access to this equipment and only persons with a legitimate reason have access to your personal data. While we take reasonable precautions for protection of personal data, no security measures are completely secure, and we do not guarantee the security of personal data.
11. Retention of personal data
We will retain your personal information only for the period necessary to fulfil the purposes outlined in this policy. When it is no longer necessary to store the data it will be deleted or made anonymous in a safe and permanent manner or the access to it will be blocked to the extent that statutory data retention requirements apply.
12. Your rights
The General Data Protection Regulation (GDPR) gives you the right to access certain information held about you. Your right of access can be exercised in accordance with the Act.
Our site allows you to connect with third party sites, such as Facebook and Twitter to share contents and pages. If you use any of these sites, please note that they will have their own privacy policies, which are entirely outside of our control. We do not accept any responsibility or liability for such policies. Please check these policies carefully before you submit any personal data to such sites.
You have the right to ask us not to process your personal information for marketing purposes. You can exercise your right to prevent such processing (i.e. “opt out”) by clicking ‘unsubscribe’ at the bottom of our marketing emails or by emailing email@example.com, with the subject ‘unsubscribe’.
You have the right to ask us about the personal information we hold about you and to request a copy of your personal information. You can exercise your right to access this information by emailing firstname.lastname@example.org
, with the subject ‘data access request’.
13. Detection of misuse of service
If there is suspicion of misuse of the Service, we might combine data collected in accordance with this Policy with other information in order to investigate the extent of the misuse and who is responsible.
We will at all times treat personal data as set out in this Policy and at all times comply with applicable data protection legislation and regulations.
15. Amendments to policy
The Service is subject to constant improvement and future changes may influence what data we store and how we process it. This Policy might be updated to reflect such changes, changes in legal framework or improvements in how we handle personal data. Such changes or updates are effective immediately after we give notice of the change or update, which we may do by revising the “Date of Last Revision” date of this Policy or by otherwise posting on the Service, or by email and/or by any other means which provides reasonable notice. Your use of the Service after such notice is posted means that you accept these changes or updates. You agree that Kora shall not be liable to you for any damages that might result from any changes to this Policy, if any. The current version of this Policy can be found at our website: https://kora.app/privacy
16. International users
Kora may process information about its users on computers and servers located in a number of countries, any of which may be located outside of your state, province, country, or other governmental jurisdiction and where the privacy laws may not be as protective as those in your jurisdiction. If you are visiting from the European Union or other regions with laws governing data collection and use, please note that you are agreeing to the transfer of your personal data to/from the EEA, EU and/or United States. By providing your personal data, you consent to any transfer and processing in accordance with this policy. YOU ACKNOWLEDGE THAT THE LAWS OF THE UNITED STATES, THE EU AND/OR THE COUNTRY YOU RESIDE IN TREAT YOUR INFORMATION IN A MANNER THAT MAY BE SUBSTANTIALLY DIFFERENT FROM, AND LESS PROTECTIVE THAN, THE TREATMENT REQUIRED UNDER THE LAWS OF OTHER COUNTRIES AND JURISDICTIONS. IF YOU DO NOT WANT YOUR INFORMATION TRANSFERRED TO THE UNITED STATES, THE EU, OR THE EEA, YOU SHOULD NOT SHARE YOUR INFORMATION WITH US, OR MAKE USE OF THE SERVICE. TO THE EXTENT ALLOWED BY THE LAW OF THE COUNTRY IN WHICH YOU ARE LOCATED, YOU EXPRESSLY WAIVE ANY RIGHT YOU MAY HAVE TO REQUIRE US TO TREAT YOUR IDENTIFYING INFORMATION IN ACCORDANCE WITH THE LAWS OF ANY COUNTRY OR JURISDICTION OTHER THAN THE UNITED STATES. HOWEVER, THE FOREGOING WAIVER MAY NOT BE LEGALLY BINDING IN SOME COUNTRIES, SUCH AS THE MEMBER STATES OF THE EUROPEAN UNION. TO THE EXTENT IT IS NOT LEGALLY BINDING IN THE COUNTRY IN WHICH YOU ARE LOCATED, THIS FOREGOING WAIVER DOES NOT APPLY TO YOU.
with subject line “enquiry”.
Last updated: April 15, 2020