Confidentiality policy

Dear user, we take your privacy seriously. This privacy policy explains who we are and how we collect and use the information we collect.

PRIVACY POLICY

This privacy policy (“Policy”) describes how Tunder. (“Thunder. “, “we”, “our”, or “our”) collects, protects, and uses information (“Information”) that you (“User”, “you”, or “your”) may provide in the Tunder application (“Application” or “Services”).

COLLECTION OF PERSONAL INFORMATION INFORMATION

Under no circumstances does Tunder collect information about your identity (email address, name, phone number, address, credit card information, or other personal information). Some information may be requested directly from you via a questionnaire or via a chat tool or for the generation of official documents.

TYPES OF DATA COLLECTED

The data collected in the application concerns data on the use of the functionalities developed by Tunder. In an effort to ensure the quality and continuous improvement of the application, Tunder collects data on the use of the application, while ensuring the anonymity of users. This is a data collection in order to understand the use of the application.

Any use of Cookies - or other tracking tools - by this Application or by the owners of third party services used by this Application serves to provide the Service required by the User, in addition to any other purpose described in this document and in the Cookie Policy, if available.

DATA PROCESSING METHODS

Treatment methods

The owner takes appropriate security measures to prevent unauthorized access, disclosure, modification, or destruction of the data.

Data processing is carried out using computers and/or computer tools, according to procedures and organizational methods strictly related to the purposes indicated.

Legal basis for processing

The owner may process personal data relating to users if any of the following conditions apply:

- Users have given their consent for one or more specific purposes.

- the provision of data is necessary for the execution of an agreement with the user and/or any related pre-contractual obligation;

- the processing is necessary for compliance with a legal obligation to which the Owner is subject;

- the processing is linked to a mission carried out in the public interest or in the exercise of public authority vested in the owner;

- the treatment is necessary for the realization of the legitimate interests pursued by the owner or by a third party.

In any case, the Owner will gladly help to clarify the specific legal basis that applies to the processing, and in particular whether the provision of personal data is a legal or contractual requirement, or a requirement necessary for the conclusion of a contract.

Location

The data is processed in the owner's offices and in any other location where the parties involved in the treatment are located.

Depending on the location of the user, data transfers may involve the transfer of the user's data to a country other than their own. Users are also entitled to inquire about the legal basis for data transfers to a country outside the European Union or to any international organization governed by public international law or created by two or more countries, such as the United Nations, and about the security measures taken by the Owner to safeguard their data.

If such a transfer occurs, users can find out more by consulting the relevant sections of this document or by inquiring with the owner using the information provided in the contact section.

Shelf life

Personal data is processed and stored for as long as required for the purpose for which they were collected.

Therefore:

- Personal data collected for purposes related to the execution of a contract between the owner and the user are retained until this contract has been fully executed.

- Personal data collected for the purposes of the legitimate interests of the Owner will be retained for as long as necessary to achieve these purposes. Users may find specific information regarding the legitimate interests pursued by the Owner in the relevant sections of this document or by contacting the Owner.

The owner may be authorized to keep personal data for a longer period of time when the user has given consent to such processing, as long as such consent is not withdrawn. In addition, the owner may be obliged to keep personal data for a longer period of time when this is necessary for the execution of a legal obligation or by order of an authority.

Once the retention period has expired, personal data is deleted. Therefore, the right of access, the right to erasure, the right to rectification and the right to data portability cannot be applied after the expiration of the retention period.

PURPOSE OF THE TREATMENT

Data concerning the User is collected to allow the Owner to provide its Services, as well as for the following purposes: Users can find further detailed information on these processing purposes and on the specific personal data used for each purpose in the respective sections of this document.

DEVICE AUTHORIZATIONS FOR ACCESS TO PERSONAL DATA

Depending on the user's specific device, this application may request certain permissions that allow it to access data on the user's device as described below. Once the authorization has been granted, it can be revoked by the User at any time. In order to revoke these permissions, users may refer to the device settings or contact the owner for assistance using the contact information provided in this document.

The exact procedure for checking application permissions may depend on the user's device and software, but revoking these permissions may impact the proper functioning of the application.

If the user grants one of the permissions listed below, the corresponding personal data may be processed (i.e. accessed, modified, or deleted) by this application.

Shooting authorization

Used to access the camera or to capture images and videos from the device.

Authorizing contacts

Used to access contacts and profiles on the user's device, including editing entries.

Device authorization

Used to access a host of typical features associated with the device. This allows, for example, read-only access to the status of the device, that is, it allows access to the device's phone number, current network information, or the status of any calls in progress.

Storage authorization

Used to access shared external storage, including reading and adding anything.

DETAILED INFORMATION ON THE PROCESSING OF PERSONAL DATA (DATA)

Personal data is collected for the following purposes and using the following services:

- Access to third party accounts: This type of service allows this application to access your account data on a third-party service and to perform actions with it.

These services are not activated automatically, but require explicit user authorization.

- Personal Data collected: Camera Authorization, Contact Authorization, Device Authorization, Social Media Account Authorization, and Storage Authorization.

- Registration and authentication. By registering or authenticating themselves, Users allow this Application to identify them and to give them access to dedicated services.

Depending on what is described below, third parties may provide registration and authentication services. In this case, this Application may access certain Data, stored by these third party services, for registration or identification purposes.

- Crisp: Crisp is a user database management service provided by Crisp. Crisp may also be used as a means of communication, either by email or by messages within the framework of this application: Cookies, email address, usage data and various types of data as specified in the service's privacy policy: France - Privacy Policy.

ADDITIONAL INFORMATION ON PERSONAL DATA

Push notifications: This application can send push notifications to the user.

Access the address book: This application may request access to your address book.

Unique device identification: This application can track users by registering a unique device ID, for analysis purposes or to record user preferences.

USER RIGHTS

Users may exercise certain rights regarding their data processed by the Owner, in particular the following rights

- withdraw their consent at any time. Users have the right to withdraw their consent when they have previously given their consent to the processing of their personal data.

- Oppose the processing of their data. Users have the right to object to the processing of their data if the processing is carried out on a legal basis other than consent. More information is provided in the dedicated section below.

- Access their data. Users have the right to know whether the Data is being processed by the Owner, to obtain information on certain aspects of the processing, and to obtain a copy of the Data being processed.

- To check and request the correction of the data. Users have the right to check the accuracy of their data and to request that they be updated or corrected.

- Restrict the processing of their data. Users have the right, under certain circumstances, to restrict the processing of their data. In this case, the Owner will not process their Data for purposes other than storing them.

- Have their Personal Data deleted or otherwise removed. Users have the right, in certain circumstances, to obtain the deletion of their Data from the Owner. To request the deletion of data, contact Tunder via the contact form on the website https://tunder.co/contact.

- Receive their data and have them transferred to another controller. Users have the right to receive their data in a structured, commonly used and machine-readable format and, if technically possible, to have them transmitted to another controller without any hindrance. This provision is applicable provided that the data is processed by automated means and that the processing is based on the consent of the user, on a contract to which the user is a party or on pre-contractual obligations arising from it.

Details on the right to object to treatment

When personal data is processed in the public interest, in the exercise of official authority granted to the owner, or for the purposes of legitimate interests pursued by the owner, users may object to such processing by providing a reason related to their particular situation to justify the objection.

Users should be aware that, however, if their personal data is processed for direct marketing purposes, they can object to this processing at any time without having to provide any justification. To find out whether the Owner processes personal data for direct marketing purposes, users can refer to the relevant sections of this document.

How to exercise these rights

Any request to exercise the rights of the user may be sent to the owner at the contact details indicated in this document. These requests can be exercised free of charge and will be sent by the Owner as soon as possible and always within one month.

ADDITIONAL INFORMATION ON DATA COLLECTION AND PROCESSING

Legal action

The user's personal data may be used for legal purposes by the owner in court or in the steps leading to possible legal action arising from the inappropriate use of this application or related services.

The User declares to be aware that the Owner may be required to reveal personal data at the request of public authorities.

Additional information on the user's personal data

In addition to the information contained in this Privacy Policy, this application may provide the user, upon request, with additional and contextual information concerning particular services or the collection and processing of personal data.

System logs and maintenance

For operational and maintenance purposes, this application and any third party services may collect files that record interaction with this application (system logs) and use other personal data (such as IP address) for this purpose.

Information not included in this policy

Further details regarding the collection or processing of personal data may be requested from the owner at any time. Please refer to the contact information at the beginning of this document.

How are “Do Not Track” requests handled?

This request does not support “Do Not Track” requests.

To determine whether the third-party services it uses comply with “Do Not Track” requests, please read their privacy policies.

Changes to this privacy policy

The Owner reserves the right to make changes to this privacy policy at any time by warning its Users on this page and possibly as part of this Application and/or - as far as technically and legally possible - by sending a notice to Users via any contact information available to the Owner. It is strongly recommended that you consult this page often, referring to the date of the last modification indicated at the bottom.

If the changes affect the processing activities carried out based on the User's consent, the Owner will obtain new consent from the User, if applicable.

Definitions and legal references

Personal Data (or Data): Any information that, directly, indirectly, or in connection with other information - including a personal identification number - allows the identification or identifiability of a natural person.

Usage Data: Information collected automatically through this application (or third party services employed in this application), which may include: the IP addresses or domain names of computers used by users who use this application, the URI (Uniform Resource Identifier) addresses, the time of the request, the time of the request, the method used to submit the request to the server, the method used to submit the request to the server, the method used to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server response (positive result, error, etc.)), the country origin, the characteristics of the browser and the operating system used by the user, the various details of time per visit (for example, the working time, the duration of the visit, etc., the time spent on each page of the application) and the details about the path followed in the application with particular reference to the sequence of pages visited, and other parameters concerning the operating system of the device and/or the user's computer environment.

User: the person who uses this application and who, unless otherwise specified, coincides with the person concerned.

Data subject: The natural person to whom the personal data refers.

Data controller (or data controller): The natural or legal person, legal person, public authority, agency or other body that processes personal data on behalf of the controller, as described in this privacy policy.

Data controller (or owner): The natural or legal person, public authority, agency or other body that, alone or jointly with others, determines the purposes and means of the processing of personal data, including security measures regarding the operation and use of this application. The Data Controller, unless otherwise specified, is the Owner of this Application.

This application: The means by which the user's personal data is collected and processed.

Service: The service provided by this application as described in the relative terms (if available) and on this site/application.

European Union (or EU): Unless otherwise stated, all references made in this document to the European Union include all current member states of the European Union and the European Economic Area.

Legal Information: This privacy statement has been prepared based on the provisions of several legislations, including art. This privacy policy relates only to this application, unless otherwise specified in this document.

COLLECTION OF NON-PERSONAL DATA

When you open the app, our servers automatically record the information that your device sends. This data may include information such as your device's IP address and location, device name and version, operating system type and version, language preferences, information you search for in our application, access times and dates, and other statistics.

USE AND PROCESSING OF THE INFORMATION COLLECTED

Any information we collect from you may be used to personalize your experience, improve our application, improve our application, improve customer service and respond to questions and emails from our customers, process transactions, send notification emails such as password reminders, updates, etc. The non-personal information collected is only used to identify potential cases of abuse and to establish statistical information regarding the traffic and use of the application. We may process personal information about you if any of the following conditions apply: (i) You have given their consent for one or more specific purposes. Note that some laws allow us to process information until you object (by refusing), without having to rely on consent or on any of the following legal bases; however, this does not apply when the processing of personal information is subject to European data protection law; (ii) the provision of information is necessary for the performance of an agreement with you and/or any related pre-contractual obligations; (iii) the treatment is necessary for compliance with a legal obligation to which you are subject; (iv) the processing is related to a task carried out in the public interest or in the exercise of official authority granted to us; (v) the processing is necessary for the purposes of the legitimate interests pursued by us or by a third party. In any case, we will be happy to clarify the specific legal basis that applies to the processing, and in particular whether the provision of personal data is a legal or contractual requirement, or a requirement necessary for the conclusion of a contract.

INFORMATION TRANSFER AND STORAGE

Depending on your location, data transfers may involve the transfer and storage of your information in a country other than your own. You have the right to inquire about the legal basis for transfers of information to a country outside the European Union or to any international organization governed by public international law or created by two or more countries, such as the United Nations, and about the security measures we take to protect your information. If such a transfer occurs, you can find out more by consulting the relevant sections of this document or by contacting us using the information provided in the contact section.

ADDITIONAL USER RIGHTS

You can exercise certain rights with respect to the information we process. In particular, you have the right to do the following: (i) you have the right to withdraw your consent when you have previously given your consent to the processing of your information; (ii) you have the right to object to the processing of your information if the processing is carried out on a legal basis other than consent; (iii) you have the right to know whether information is being processed by us, to obtain the disclosure of certain aspects of the processing and to obtain the disclosure of certain aspects of the processing and to obtain a copy of the information being processed; (iv) you have the right to verify the accuracy of your information and to request that it be updated or corrected; (v) you have the right, under certain circumstances, to restrict the processing of your information, in which case we will not process your information for purposes other than storing it; (vi) you have the right, under certain circumstances, you have the right, in certain circumstances, to obtain from us the erasure of your personal information; (vii) you have the right to receive your information in a format other than storing it; (vi) you have the right, in certain circumstances, to have your personal information deleted from us; structured, commonly used and machine-readable and, if technically possible, to have them transmitted without hindrance to another controller. This provision is applicable provided that your information is processed by automated means and that the processing is based on your consent, on a contract of which you are a party or on related pre-contractual obligations.

THE RIGHT TO OBJECT TO TREATMENT

Where personal information is processed in the public interest, in the exercise of official authority granted to us, or for the purposes of legitimate interests that we pursue, you can object to this processing by providing a reason related to your particular situation to justify the objection. You should be aware that, however, if your personal data is processed for direct marketing purposes, you can object to this processing at any time without having to provide any justification. To find out whether we process personal information for direct marketing purposes, you can refer to the relevant sections of this document.

How to exercise these rights

INVOICING AND PAYMENTS

In the case of services that require payment, we ask for information about the credit card or other payment accounts, which will be used only for payment processing. Data relating to your purchase transaction is only kept for as long as necessary to complete your purchase transaction. Once the transaction is complete, your purchase transaction information is removed. All direct payment gateways adhere to the most current security standards managed by the PCI Security Standards Council, which is a joint effort of brands such as Visa, MasterCard, American Express, and Discover. The exchange of sensitive and private data takes place through a secure SSL communication channel and is encrypted and protected by digital signatures.

CHILDREN'S PRIVACY

If you are under 13, please do not submit personal information through our application or service. We encourage parents and legal guardians to monitor their children's use of the Internet and to contribute to the application of this policy by asking their children to never provide personal information through our application or service without their permission. If you have reason to believe that a child under the age of 13 has provided us with personal information through our application or service, please contact us.

NEWSLETTERS

We offer electronic newsletters that you can subscribe to voluntarily at any time. You can choose to stop receiving our newsletter or marketing emails by following the unsubscribe instructions included in these emails or by contacting us. However, you will continue to receive essential transactional emails.

LINKS TO OTHER APPLICATIONS

Our application contains links to other applications that are not owned or controlled by us. Please note that we are not responsible for the privacy practices of these other applications or third parties. We encourage you to be vigilant when leaving our application and to read the privacy statements of each application that may collect personal information.

INFORMATION SECURITY

We secure the information you provide on computer servers in a controlled and secure environment that is protected from unauthorized access, use, or disclosure. We maintain reasonable administrative, technical, and physical protections in an effort to protect against unauthorized access, use, modification, and disclosure of personal information under our control and custody. However, no data transmission over the Internet or over a wireless network can be guaranteed. Therefore, while we strive to protect your Personal Information, you acknowledge that (i) there are security and privacy limitations on the Internet that are beyond our control; (ii) the security, integrity, and confidentiality of all information and data exchanged between you and our Application cannot be guaranteed; and (iii) such information and data may be accessed or altered in transit by a third party, despite all efforts made.

DATA BREACH

In the event that we become aware that the security of the application has been compromised or that users' personal information has been disclosed to unrelated third parties as a result of external activity, including, but not limited to, security attacks or fraud, we reserve the right to take reasonably appropriate measures, including, but not limited to, an investigation and report, as well as a notification to the authorities responsible for law enforcement and cooperation with them. In the event of a data breach, we will make reasonable efforts to notify affected individuals if we believe there is a reasonable risk of harm to the user as a result of the breach or if notification is otherwise required by law. In this case, we will post a notice in the app and send you an email.

LEGAL DISCLOSURE

We will disclose any information we collect, use, or receive if required or permitted by law, such as to comply with a subpoena or similar legal process, and when we believe in good faith that disclosure is necessary to protect our rights, keep you or others safe, protect you or others, investigate fraud, or respond to a government request. In the event of a business transition, such as a merger or acquisition by another company, or the sale of some or all of its assets, your user account and personal data will likely be among the assets transferred.

CHANGES AND AMENDMENTS

We reserve the right to change this application or service policy at any time, with effect upon the publication of an updated version of this policy in the application. In this case, we will send you an email to let you know. Continued use of the Application after such changes constitutes your consent to such changes.

ACCEPTANCE OF THIS POLICY

You acknowledge that you have read this policy and that you agree to all of its terms. By using the application or its services, you agree to be bound by this policy. If you do not agree to abide by the terms of this policy, you are not authorized to use or access the application and its services.

CONTACT US

If you have any questions about this policy, please contact us. This document was updated on February 20, 2022