SWEETLABS PRIVACY POLICY (English)

SweetLabs, Inc. (“we” or “our” or “SweetLabs”) welcomes you to our websites, software, products, and services. We understand that you care about your privacy, and we take your privacy seriously. To inform you about the ways your information may be collected and used, we have adopted this privacy policy (the “SweetLabs Privacy Policy”), which describes what types of information we collect, how we may use such information, with whom we may share such information, the choices you can make, and how you can contact us about our privacy practices.

1. What our Privacy Policy covers

This SweetLabs Privacy Policy covers our treatment of information we collect when you are accessing our websites, software, products, and services (our “Services”) owned and operated by SweetLabs which post, include or link to this SweetLabs Privacy Policy. By using, downloading, installing or visiting our Services, you acknowledge that you accept the practices and policies outlined in this SweetLabs Privacy Policy.

This policy also explains your choices with regard to how we use the information about you. Your choices include how you can request access, update or object to certain uses of information about you. If you do not agree with this policy, do not access or use our services or interact with any other aspect of our business.

Please note this policy does not apply to (and we are not responsible for) the practices of companies that we do not own or control or to individuals we do not employ or manage. When utilizing third party sites or software products, including apps that may be available through our Service, provided by third parties, or by using Services that access or utilize third party sites or services, you should read the relevant privacy policies of those third parties for information regarding their privacy practices.

2. Information we collect

We collect different types of information from or through our Services when you provide it to us, when you use our services, and when other sources provide it to us, as described below.

We apply a privacy by design approach which includes collecting and processing non-personally identifiable information which may be collected in conjunction with a random, unique identifier to assist us in ensuring effective measurement and reporting internally and to our business partners using aggregate analytics and summary trend reporting. In order to further protect your privacy, we do not store internet protocol addresses (“IP addresses”) and any pseudonymous identifiers required to complete transactions are manipulated at the end of the collection activity so that data stored cannot be used to directly identify you.

a. Information you provide to us

When you use the Service either with an account or by directly interacting with the Service without an account as a user or as a visitor, you may provide and we may collect information about you. Examples of information you may provide include name and email address which are collected when registering and posting in our support portal.

b. Information we automatically collect about you

Use of the Services: We collect certain information when you visit, use, or interact with any of our Services. This information includes features you use, links you click, pages you view, apps you install through our Services, searches you perform, and otherwise how you may interact with our Services.

Our Services automatically collect usage information regarding our software and Services you use, such as the frequency with which the Service has been clicked or opened, and how long the Service remains open. We also collect installation information, which may include information on whether Services have been installed or uninstalled, and how long a Service has been installed or used on your system.

Device and Connection Information: We automatically record certain information from your device or software on your device. This automatically collected information may include IP addresses which are used to determine your country of origin, other unique device identifiers including cookie IDs, web browser type, device type and origin, the web pages or sites visited prior to or immediately after using the website or Service, and the dates and times of the visit, access, or usage of the Service.

Cookies and Other Tracking Technology: When you visit our sites, we may store a cookie or other identifying information in your browser that allows us to uniquely identify it. We may also use other web beacon technologies to send a signal to another service with a unique cookie id in order to track impressions or views or usage of our Services. Where required by applicable law, we obtain your consent for the use of cookies. You may choose to delete or not accept our cookies or those from third parties which we employ, such as for analytics.

Our Services may use third party analytics tools, such as Google Analytics, that use cookies, web beacons, or other similar information gathering technologies to collect standard internet log information and usage information such as the number and frequency of visitors, what pages have been visited, average time spent on pages, and other information which helps us determine which features in our Services are most important to you and working effectively.

We will not associate any information gathered from these tools with any information from any source. We will not use the information collected from these technologies to identify you. See our Cookie Policy for more information.

c. Information from other services

We may receive information about you from other third-party services. For example, we collect information from third party authentication services in connection with your use of them to access the Services.

3. How we use information we collect

We use the information we collect in a variety of ways in providing the Service and operating our business, including the following:

a. Operations

We use the information to operate, maintain, and enhance all features of the Services, to provide the Services, and provide support to users of the Services.

b. Service/software improvements

We use the information to analyze and understand the usage trends and preferences to improve the Services and to develop new products, services, features, and functionality.

c. Communications

We may use a voluntarily provided email address or other contact methods you consent to provide to contact you for customer support, right of privacy inquiries, or other questions about the Services. The contact information may be used for such purposes as improving the content of our sites, customizing and improving our services, and communicating with you about our Services.

d. Security

We may use the information to research fraud claims, malicious, harmful, or illegal behaviors and activities, and respond, protect, or remediate any such behaviors or violations of our Service policies.

e. Usage information

We only use the usage information we collect in aggregate form, that is, as a statistical measure to allow us to improve our Services and provide summary reports to our partners for Services which we cooperate to provide. We do not store the information in our database in a manner in which the usage or Service information can identify you.

If you are a resident of the European Union (“EU”), United Kingdom, Lichtenstein, Norway or Iceland, you may have additional rights under the EU General Data Protection Regulation (the “GDPR”) with respect to your information, including your Personal Data (as defined in the GDPR). We will collect and process your information only if we have a lawful basis for doing so. The legal bases depend on the Services you use and how you use them. Such as:

1. Contractual necessity

We may collect some information as a matter of “contractual necessity”, meaning we need to process the data to perform under our Terms of Service with you. When we process data due to contractual necessity, failure to provide such information will result in your inability to use some or all portions of the Services that require such data.

2. Legitimate interest

We may collect and use your information (see the “Information We Automatically Collect” section) when we believe it furthers the legitimate interest of SweetLabs or our business partners (which is not overridden by your data protection interests).

Examples of these legitimate interests include:

In some cases, we process your information based on the consent you expressly granted at the time of collection for a specific purpose.

4. Other processing grounds

From time to time, we may be obligated to process your information to comply with a legal obligation, protection of the vital interests of users, or if it is a necessary task carried out in the public interest.

4. How we share your information

a. Non-personal information

We may make automatically-collected, aggregated, and otherwise non-personally-identifiable information available to third parties (our partners or affiliates) for various purposes, including (i) compliance with various reporting obligations; or (ii) to assist such parties in understanding our users’ usage patterns for certain programs, content, services, and/or functionality available through the Services.

b. Personal information

We work with third party service providers who provide website, application development, hosting, maintenance, and other infrastructure services. These third parties may have access to, or process your information as part of providing those services for us, such as IP addresses. We limit the information provided to these service providers to that which is reasonably necessary for them to operate, and our contracts with them require them to maintain the confidentiality and security of such information.

Other than those service providers providing key services to us, SweetLabs does not share, sell, or market your information collected with third parties, such as ad technology, targeting, and user profiling platforms.

c. Business transfers

If SweetLabs or substantially all of its assets are acquired, or in the unlikely event that SweetLabs goes out of business or enters bankruptcy, user information would be one of the assets that would be transferred to, or acquired by, a third party acquirer. We will use reasonable efforts to direct any acquirer to continue to use your information as set forth in this policy.

d. Where required by law

We may share your information if we have a good faith belief that it is required to: (1) comply with law, regulation, subpoena or court order; (2) detect, prevent or otherwise address fraud, security or technical issues; (3) enforce the provisions of this SweetLabs Privacy Policy, the SweetLabs Terms of Service, and/or any other agreements between you and SweetLabs, including investigation of potential violations thereof; or (4) protect against harm to the rights, property or safety of SweetLabs, its Services, and its visitors, users and/or the public.

5. How we protect your information

a. Data security

We take reasonable, industry accepted and appropriate security measures to guard against unauthorized access to the systems where we store your information. This includes technical and organizational measures such as internal reviews of our data collection, storage, and processing practices and security measures, as well as physical and electronic security measures in compliance with applicable security requirements. In addition, we authorize access to your information only by those of our employees who require it to fulfill their job responsibilities.

b. Data retention

We only retain your information for as long as necessary to fulfill the purposes for which we have collected and processed it, unless otherwise required by law or in the circumstance of an ongoing fraud or Service investigation. IP addresses, which are used to determine your country of origin, are not stored in our database and are deleted as soon as possible after processing. We will either delete or anonymize your information or if this is not possible then we will securely store your information and isolate it from any further use until deletion is possible. After your account is deleted or the software is uninstalled, we may retain some information in an anonymous or aggregated form but not in a way that would identify you personally.

6. Your rights

a. Opting out of collection of information

1. Websites and cookies

You may install or otherwise use cookie blocking techniques built into browsers or as browser add-ons to block cookies and services such as Google Analytics when visiting our websites. You may also choose to cease using or accessing our websites and Services. See our Cookie Policy for more information.

2. SweetLabs software, including Pokki and App Explorer

You may uninstall or cease using our software at any time. The software is simple to uninstall by visiting “Add/Remove Programs” or “Apps and Features” and removing all software made by SweetLabs or Pokki.

b. EU Residents

As mentioned above, if you are a resident of the EU, United Kingdom, Lichtenstein, Norway or Iceland, the GDPR gives you a range of rights in connection with our processing of your information.

These rights include:

We are required to assess and attempt to act on your request, though in some circumstances, we may not be able to fully comply with your request, such as if it is frivolous or extremely impractical, if it jeopardizes the rights of others, or if it is not required by law, but in those circumstances, we will still respond to notify you of such a decision.

For current software and website users, please contact us directly at .

If you have any questions about this Privacy Policy or your rights under the GDPR, you can contact our EU-based representative at: DP-Dock GmbH, Ballindamm 39, 20095 Hamburg, Germany; Phone: +49 (0) 40 99999 - 3430; Fax: +49 (0) 172 918 22 22; Email: .

7. Children’s privacy

SweetLabs’ websites, products, and Services are intended for adults and not for children under the age of 16. In compliance with the US Children's Online Privacy Protection Act (COPPA) and the GDPR, we will not knowingly collect information about children under the age of 16. We encourage parents and legal guardians to be familiar with the websites, software, products and Services that their children use or visit. If we learn that we have collected personal information from a child, we will delete that information as quickly as possible. If you believe that a child may have provided us personal information, please contact us at .

Please note this Privacy Policy does not apply to (and we are not responsible for) third party websites, products or services, including apps or services that may be provided by third parties. Such third party websites, products or services may be subject to additional or different requirements with respect to collection of information about children, and are governed by the applicable third party privacy policies of such third party websites, products or services.

8. Transfers of information internationally

SweetLabs utilizes many technologies to provide our Services. Some of our Services are hosted and operated in the United States (“U.S.”) either directly through SweetLabs or our service providers. If you do not reside in the U.S., laws in the U.S. may differ from the laws where you reside. By using the Services, you acknowledge that any information about you, regardless of whether provided by you either directly or automatically or obtained from a third party, is being provided to SweetLabs in the U.S. and may be stored on U.S. servers. By using our software and Services, you consent to the transfer of your data to the U.S. pursuant to E.U.-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework, the details of which are further set forth below.

9. Privacy Shield

SweetLabs complies with the E.U.-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. SweetLabs has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. For more information about the Privacy Shield Program, and to view our certification, please visit https://www.privacyshield.gov. SweetLabs is committed to the Privacy Shield Principles of (1) notice, (2) consent, (3) accountability for onward transfer, (4) security, (5) data integrity and purpose limitation, (6) access and (7) recourse, enforcement and liability with respect to all personal information received from within the EU in reliance on the Privacy Shield. The Privacy Shield Principles require that we remain potentially liable if any third party processing of personal information on our behalf fails to comply with these Privacy Shield Principles (except to the extent we are not responsible for the event giving rise to any alleged damage). SweetLabs’s compliance with the Privacy Shield is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.

In compliance with the Privacy Shield Principles, SweetLabs commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact SweetLabs at . If you do not receive timely acknowledgment of your Privacy Shield-related complaint from us, or if we have not resolved your complaint, you may also resolve a Privacy Shield-related complaint through JAMS, an alternative dispute resolution provider located in the U.S. You can visit https://www.jamsadr.com/file-an-eu-us-privacy-shield-or-safe-harbor-claim for more information or to file a complaint, at no cost to you. Under certain conditions, you may also be entitled to invoke binding arbitration for complaints not resolved by other means.

10. Changes and updates

We may make changes to this policy from time to time. If we make material changes in the way we use your information, we will notify you by posting an announcement on our site or sending you an email and indicating the date of the latest changes to our policy. Users are bound by any changes to the SweetLabs Privacy Policy when he or she uses our site or services after such changes have been first posted, or in the case of substantial changes, 30 days upon posting those changes.

11. Contact

SweetLabs, Inc. is the entity responsible for the processing of your information under this SweetLabs Privacy Policy. SweetLabs, Inc is not responsible for the practices of any third party whose services and products you may use. If you have feedback, questions or concerns about this SweetLabs Privacy Policy, contact us at Privacy, c/o SweetLabs, Inc., 510 Market St, Ste 301, San Diego, CA 92101 or email us at .

Effective Date of this SweetLabs Privacy Policy: July 12, 2018