From time to time, we may collect or ask you to provide personal information including (without limitation) the following: your name, mobile phone number, email address, password, IP address, unique device identifiers and other identification credentials, biographical details, photographs and/or payment information.
As part of the Services, we may provide functionality allowing you to search for friends by using your Facebook credentials and, when you choose to do so, you will be asked to allow the Common App to access certain information associated with your Facebook account such as your name, profile picture, gender and list of friends. Provided you consent to this, such information will be processed by us in order to identify your Facebook friends who are users of the Common App and to allow you to invite these Facebook friends to install the Common App.
Please note that, with your consent, we will collect information about your location and physical movements in order for the Common App to function properly and monitor and verify forms of eligible movement. You may turn location monitoring on and off from time to time using the settings of your operating system of your mobile device but, if you disable this functionality, we will not be able to collect information relating to your cycling activity, your use of public transportation or modes of transportation and GPS/Cell-ID location, which will prevent tracking and/or conversion of your movement into Green coins.
We work with third party applications to collect data on your physical movements: the third party app will ask you if you agree to send this information to the Common app. If you do so, your activity on the third party app can be converted into Green coins and registered according to Green coin allocation rules.
We work with further third parties from time to time including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers and credit reference agencies, who may provide us with information about your purchase behaviour. This may include your purchase history from business partners who make offers against Green coins in the Common App.
We do not knowingly collect information from children under age 6. If you are under age 6, you are not permitted to use the Service. If you are 6 – 17 years old, you may visit, browse and use the information on the Service but you may not register an account or submit any personal information. If you are 6 – 17 years old, by browsing, using or accessing the Service you confirm that you have the permission of a parent or guardian to do so. If you are a parent or guardian and believe that we may have inadvertently collected personal information from your child, please notify us immediately by following the instructions on our website: https://www.co2mmon.eu or by sending an e-mail to email@example.com
We may use your personal data to:
provide the Services (using our own systems and those of appropriate third party service providers);
verify your physical movement and location and issue Green coins on the basis of this verified data;
analyse the usage of, and improve, our Services;
perform market and customer research;
market our services to you;
correct errors and problems with the Services;
investigate and/or prevent suspected fraud or other criminal activities;
create daily leaderboards of users, comprising all users or users meeting particular criteria as ranked by the number of km of cycling completed or using other criteria;
establish rankings and/or
investigate disputes between users.
Common does not use your data for advertising purposes and will not sell your data to third parties. Your data is solely used to allocate you Green coins and anonymously to create data registers delivered to city administrations or scientific insitutes.
Additionally, we and/or our trusted partners may contact you from time to time with offers that may interest you and/or to inform you of products and services which they offer on Common. Some of your personal data may be shared with other users of the Common App as part of the normal operation of the Services (for example your uploaded profile picture and biographical information will be accessible to all users, and we may publish your total amount of gathered Green coins, your carbon footprint, your contribution to the reduction of CO2 emissions locally or nationally, or other movements, during a particular period). Further, we may, from time to time, expand or reduce our business which may involve the transfer of certain divisions or assets of our company to other parties, and the data we store and use, where relevant, may be transferred to such third parties. From time to time we may transfer the data we store and use to locations outside the European Economic Area, some of which may have different data protection laws to the EU, or no data protection laws at all. In all such cases, we transmit such information only to entities that comply with this policy and applicable law.
Your personal data will be kept only for as long as is necessary. We take reasonable industry-standard care in keeping all our data secure and in preventing any unauthorised access or unlawful use of it. All personal data we store and process is handled strictly in accordance with applicable data protection legislation.
We will not share your personal data with third parties except in the following situations:
a) when you have given us consent to share such personal data. This can for instance be in relation Facebook, Twitter or similar social media (as further described in section 8 below) or other;
b) when necessary for billing purposes or other services/functions performed on our behalf, we share information with the billing provider or other vendor to facilitate billing or other services/functions, respectively. The payment information is stored by the billing provider and not by Common;
c) when we engage third parties to perform services on behalf of us in relation to the Common service, either companies that are affiliated with us or third parties. In such cases we will remain responsible for your personal data and ensure that all handling of the data will be in accordance with this policy and applicable laws; and
d) in response to legal processes, such as a request by law enforcement, a court order or similar, or to protect the integrity of the Service if we believe that a user has committed unlawful or otherwise harmful acts.
We will never sell your personal data to third parties or allow third parties to have access to your data for their own purposes unless you otherwise provide your consent. If all or part of Common is sold, merged or is otherwise transferred to another entity, the information you have provided on or through the Service may be transferred to such entity as part of that transaction.
If you have provided us with your email address or your phone number, we will only use this information to communicate with you in matters relevant to the Service. Such information includes receipts for payment, information about changes in the Service, changes in the GTCs and this Policy. We will not use this information to send you information about third party services unless you otherwise provide your consent. Providing us with this information in response to our communications to you shall be considered consent from you to use this information to send you information about third party services. If the legal statutory requirements are met or if you have opted in, we will send you our newsletter and similar information. You can at any time give us notice that you no longer want to receive such information.
Usage of the Service may be logged in the server log files. These log files include the IP address of the device that accessed the Service together with the time of the use and which resource that was requested, as well as user identification information. The log file of the Service is used to create anonymous usage statistics that are used to settle with the owners of the content, to analyse the usage of the Service, and for the purposes of system administration.
The types of cookies we may use include:
Analytical/Tracking Cookies, which allow us to recognise and count the number of visitors and analyse use of the Services, as well as to verify transactions; and
Advertising and Retargeting Cookies, which allow us to generate appropriate advertising directed to you on the Common Website as well as on the Common App and other third party websites.
We use a number of industry-standard data analytics tools, such as Google Analytics and Facebook Analytics. These collect certain information about you, such as your device’s IP address and browsing and usage behaviour, and are used to allow us to track and monitor the traffic visiting the Common App and the Common Website.
Google Analytics: We may use Google Analytics from Google (Google Inc, US) on our web pages to create anonymous usage statistics. If you have concerns relating to the usage of Google Analytics, it is possible to block Google Analytics by installing a plug-in to your browser. A plug-in for the most common browsers can be found here: http://tools.google.com/dlpage/gaoptout
We store your data in a secure manner on restricted and protected equipment. Only a limited number of personnel have access to this equipment and only persons with a legitimate reason have access to your personal data. While we take reasonable precautions for protection of personal data, no security measures are completely secure, and we do not guarantee the security of personal data.
We will retain your personal information only for the period necessary to fulfill the purposes outlined in this policy. When it is no longer necessary to store the data it will be deleted or made anonymous in a safe and permanent manner or the access to it will be blocked to the extent that statutory data retention requirements apply.
The General Data Protection Regulation (GDPR) gives you the right to access certain information held about you. Your right of access can be exercised in accordance with the Act.
Our site allows you to connect with third party sites, such as Facebook and Twitter to share contents and pages. If you use any of these sites, please note that they will have their own privacy policies, which are entirely outside of our control. We do not accept any responsibility or liability for such policies. Please check these policies carefully before you submit any personal data to such sites.
You have the right to ask us not to process your personal information for marketing purposes. You can exercise your right to prevent such processing (i.e. “opt out”) by clicking ‘unsubscribe’ at the bottom of our marketing emails or by emailing firstname.lastname@example.org, with the subject ‘unsubscribe’.
You have the right to ask us about the personal information we hold about you and to request a copy of your personal information. You can exercise your right to access this information by emailing email@example.com, with the subject ‘data access request’.
If there is suspicion of misuse of the Service, we might combine data collected in accordance with this Policy with other information in order to investigate the extent of the misuse and who is responsible.
We will at all times treat personal data as set out in this Policy and at all times comply with applicable data protection legislation and regulations.
The Service is subject to constant improvement and future changes may influence what data we store and how we process it. This Policy might be updated to reflect such changes, changes in legal framework or improvements in how we handle personal data. Such changes or updates are effective immediately after we give notice of the change or update, which we may do by revising the “Date of Last Revision” date of this Policy or by otherwise posting on the Service, or by email and/or by any other means which provides reasonable notice. Your use of the Service after such notice is posted means that you accept these changes or updates. You agree that Common shall not be liable to you for any damages that might result from any changes to this Policy, if any. The current version of this Policy can be found at our website: https://www.co2mmon.eu/privacy
Common may process information about its users on computers and servers located in a number of countries, any of which may be located outside of your state, province, country, or other governmental jurisdiction and where the privacy laws may not be as protective as those in your jurisdiction. If you are visiting from the European Union or other regions with laws governing data collection and use, please note that you are agreeing to the transfer of your personal data to/from the EEA, EU and/or United States. By providing your personal data, you consent to any transfer and processing in accordance with this policy. You acknowledge that the laws of the united states, the EU and/or the country you reside in treat your information in a manner that may be substantially different from, and less protective than, the treatment required under the laws of other countries and jurisdictions. If you do not want your information transferred to the united states, the EU, or the EEA, you should not share your information with us, or make use of the service. To the extent allowed by the law of the country in which you are located, you expressly waive any right you may have to require us to treat your identifying information in accordance with the laws of any country or jurisdiction other than the united states. However, the foregoing waiver may not be legally binding in some countries, such as the member states of the European union. To the extent it is not legally binding in the country in which you are located, this foregoing waiver does not apply to you.