Tibble knows that you take your privacy seriously. We do, too. We seek to be transparent about our data practices and give you control over the information we collect about you.
The Services include our Websites (the “Sites”), our mobile applications (the “Apps”), and other online services that we own or control (collectively, the “Services”).
- You Provide To Us
We collect data that you provide to us when you create an account, such as username, full name, email address, phone number, birthday, gender, nationality, the city in which you created your account, and, where applicable, your social media username and other data if you create an account using third party log-in credentials (please see” Data Received From Third Parties” below).
We may also collect other data you provide when you use the Services, including pictures you upload, comments you wrote on your posts, messages you send through the Apps, searches you made, places saved or pinned, users you follow or that follow you, places you visited, badges you collected, groups you created, Smiles you earned and redeemed, Challenges started and completed, Events attended and/or saved, Offers redeemed, demographic information, and any other data you voluntarily provide to us.
For business partners creating their business account, we collect data such as the username, full name, phone number, general email address, and category of the business, as well as the full name, position, email address and phone number of the owner/representatives of the business. We also collect other data you provide when you use the Services.
- Automatically When You Use Our Services
If you opt in to share your location with us, we automatically receive data about your precise location (e.g., latitude-longitude coordinates) whenever you use the Services (e.g., open our mobile apps, visit our websites, etc.). We put a strong effort in making sure that your location data is only collected with your consent, and that you are able to change your mind at any time. You can control the collection of location data at any time through your device settings. To do so, typically, you will be given options that range from never sharing, to being asked to share each time you open an app, to only sharing while using an app, to always sharing (subject to variations depending on your device). If you choose your location data settings to be “always” (i.e., persistent background location is turned “on”), your device’s location data will be shared with us even if you are not actively using our Services. However, turning to “never allow” location-sharing may affect certain features we offer and you might not be able to partially or completely use our Services.
We also collect additional data about you when you use our Services. For example:
- The way you interact with the Services, such as your search words, page views, date and time of interactions, time spent on each page, posts you make, and others;
- Your device information, such as your hardware model, operating system and version, unique ID and device data such as device identifiers, IP address, sensor data, browser type, language, and wireless network, mobile device name, types of mobile apps installed; and
- Received From Third Parties
We may receive data about you from third parties, including:
- Data from other apps or websites owned and managed by DOODA FZCO that you might have used;
- Data from Business partners and Suppliers such as but not limited to the incorporation of location technology (i.e., SDK, APIs);
- Data from Social Media if our apps or websites have been accessed using social media logins (i.e., logging in to our apps using your Facebook or other social media credentials);
The information we obtain from third parties include demographic data, data about how you interact with the third party’s websites, apps and smart TVs and streaming devices, device data (including mobile device and advertising identifiers, such as Apple IDFA or Google Advertising ID), and information from cookies, pixels and other similar technologies. In the event that we obtain data about you from third parties, we will combine all data collected about you into one single profile.
The data we collect about you helps us in providing you with the benefits of our Products and Services all around the world and respect the data privacy of the different jurisdictions which we operate in. We commit to only use your personal data for the following purposes:
- to allow you access to and use of our Services;
- to operate, maintain and improve the Services and our business;
- to conduct ordinary business operations, verifying your identity, conducting business research, auditing, analytics, planning and strategy, corporate reporting, and management;
- to understand you better and customize your experience, including contextual personalization of ads shown to you on our Services;
- to conduct research and development, develop and offer new products and services, and to infer certain details about you, including details about you, your interests and intentions;
- to communicate with you by email, text (if you opt-in), or in our Apps, about new product offerings, updates to the Services, or anything else we think may be of interest to you;
- to enable communication between you and owner/representatives of businesses registered on our Services;
- to provide you with personalized customer service or help when required;
- to detect security threats (e.g., malware or other malicious activities), troubleshoot performance issues and to protect the security and safety of our products, systems, and customers;
- to prevent and protect from fraud, identity theft, activities that violate our policies, terms of services, or the law, or to prevent other criminal activity that compromises our ability to protect our rights and property, secure our services, your data or the safety of our customers, employees and others;
Please note that some information about you is required in order for you to be able to enjoy the full benefits of being a registered user and for us to provide you with relevant offerings from us, our affiliates, and our partners.
- Other users: your authorized friends may see some of your data (e.g. name, profile photo, badges collected and other information you post). When you communicate using the Tibble Apps and Sites, such as when you direct message your friends or collect a badge after your visit in a Location, your friends may see this data. You can control what you want visible to others, including your friends, in your “Settings”.
- Our Group of Companies: we may share information with our affiliates and subsidiaries in order to improve the Services, develop and offer our Products, and to provide you with information about products and services, both travel-related and others, which might interest you.
- Service Providers: we may share your data with our subsidiaries, and service providers that perform services on our behalf, such as but not limited to cloud storage, IT services, marketing, analytics and search engine. These service providers may be located in countries other than the country in which the information originally was collected. We strictly prohibit our service providers to retain, use or disclose the data except as necessary to perform services on our behalf or comply with legal requirements.
- Business Partners: we provide businesses registered on our Services with some of your data when you visit their location in an anonymous way in order for them to assess their business performance. The data shared with the businesses are limited to your age, gender, nationality, residency, number of visits and other data that you provided us when visiting the business location and that don’t allow the businesses to clearly identify you. We do not share your latitude and longitude coordinates with anyone.
- Advertising Networks: we sometimes collect and share information about your interests with advertising networks. We do this so that our partners can serve targeted ads, measure the effectiveness of their ad campaign, perform analytics and/or understand you better based on preferences that we infer about you. Therefore, we may share your mobile advertising identifier or other identifiers with our advertising partners.
- Social Media Sites: in the event that you have accessed our Services using social media logins (i.e., logging in to our apps using your Facebook or other social media credentials) we may share information with third-party social media sites. The information you share will be governed by the privacy policies of those social media sites and the privacy settings you have set with those media websites.
- Legal Authorities: we may share data with legal authorities as follow: (1) if we are required to do so by law or legal process (such as a court order or subpoena); (2) in response to requests by government agencies, such as law enforcement authorities; (3) to establish, exercise or defend our legal rights; (4) when we believe disclosure is necessary or appropriate to prevent physical or other harm or financial loss; (5) in connection with an investigation of suspected or actual illegal activity; (6) to protect the rights, property, or safety of Foursquare and our products and services, our employees, or users and others; or (7) to otherwise comply with legal obligation (i.e., conducting due diligence or screening for compliance purposes). We may also share data as part or in anticipation of a business sale, merger, consolidation, investment, change in control, transfer of substantial corporate assets, reorganization, liquidation, or similar business transaction or corporate event.
You have options with respect to the collection and use of your information. You can access, update and even close your account by visiting your profile page on our Services.
- You may choose the way we communicate with you. You can choose not to provide us with certain information, although it may be needed to have access to certain features offered on our Services.
- You can control the collection of your geolocation information, but note that turning off location sharing may affect certain features of our Services.
- As a registered member, you can at any time modify your marketing subscriptions, including email subscription choices within your profile settings. You are also given the opportunity to unsubscribe from promotional messages, including emails we send.
Protecting your personal data is very important to us but it contains risks.
In order for us to protect personal data we obtain through the Services against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use, we have implemented reasonable and appropriate administrative, technical, and physical security procedures.
We only authorize specific employees to access personal information and they may do so only for permitted business functions. We use encryption when transmitting your information between your system and ours, and between our system and those of the parties with whom we share information. We also employ firewalls and intrusion detection systems to help prevent unauthorized access to your information. However, we cannot guarantee the security of information from unauthorized entry or use, hardware or software failure, or other circumstances outside of our control.
DATA RETENTION & TRANSFER:
Our Services are intended for a general audience and are not directed at children under the age of 13. We do not knowingly collect personal data online from individuals under the age of 13 or such other age as may be directed by applicable law.
What are Cookies & Similar Technologies?
Cookies are small pieces of data that are stored on your computer, mobile phone or other devices. They are generally used to remember you and your preferences, for one visit (through a “session cookie”) or multiple visits (using a “persistent cookie”). The cookies that we set are known as “first-party cookies.” Cookies set by third parties, such as companies who serve content, provide advertising or perform analytics are known as “third party cookies.”
Other tracking technologies such as web beacons or pixels can be found in both websites and HTML emails. Web beacons and pixels are small blocks of code on web pages and in emails that enable us to perform analytics, and are often used in connection with cookies. However, web beacons and pixels are not stored in the same ways as cookies. As a result, if you disable cookies, web beacons may still load, but their functionality will be restricted.
- Strictly Necessary. These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, remember language settings, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site may not work.
- Performance & Analytics. These cookies allow us to count visits and traffic sources as well as to collect analytics data so we can measure and improve the performance of our site. They help us to know which pages are the most and least frequently visited and see how visitors interact with the site. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.
- These cookies allow us to provide enhanced functionality and personalization. They may be set by us or by third party providers whose services we have added to our platform. If you do not allow these cookies then some or all of these services may not function properly.
- These cookies may be used to build a profile of your interests and show you relevant advertisements on other sites. We may work with advertisers or other partners and advertising service providers like Google to serve ads or services that may be relevant to you based on your inferred interests or location (or both) to computers, mobile phones or other devices, which may use a device ID, cookie, pixel or other similar technology placed by Tibble or the third party (although we would not share any additional information that identifies you with an advertiser) on our services, or on a third-party website or app. Placing these cookies, pixels, or other technologies on your device may enable you to be identified across multiple websites. You should review our Privacy Policies and the privacy policies of our advertisers, partners, and advertising service providers to understand how they collect and use your data.
- Social Media. These cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.
We all work with advertisers or other partners to help them determine the effectiveness of an advertising campaign by providing them with pixels that they place on their websites or advertisements. We work with service providers such as Tapad to help us match these pixels with a corresponding device ID, which is then matched against data we maintain.
Can Cookies be Turned Off?
Nowadays, most web browsers provide an option to customize your cookie settings. For example, you can adjust your permission settings to block all cookies, or only third party cookies. Please be aware that limiting the ability of websites to set cookies may worsen your overall user experience, and in some cases if you delete your cookies, your access to some functionality and areas of our Services might be restricted.
EUROPE DATA PROTECTION – GDRP
General Data Protection Regulation Privacy Statement (“GDPR Statement”)
Your rights under GDPR:
You have certain rights regarding your personal data.
Your rights with respect to your own personal data include the following:
- The right to request access to your personal data. This enables you to receive a copy of the personal data we hold about you.
- The right to request to correct your personal data if it is inaccurate. You may also supplement any incomplete personal data we have, taking into account the purposes of the processing.
- The right to request deletion of your personal data if:
- your personal data is no longer necessary for the purposes for which we collected or processed them; or
- you withdraw your consent if the processing of your personal data is based on consent and no other legal ground exists; or
- you object to the processing of your personal data and we do not have an overriding legitimate ground for processing; or
- your personal data is unlawfully processed; or
- your personal data must be deleted for compliance with a legal obligation.
- The right to object to the processing of your personal data. We will comply with your request, unless we have a compelling overriding legitimate interest for processing or we need to continue processing your personal data to establish, exercise or defend a legal claim.
- The right to restrict the processing of personal data, if:
- the accuracy of your personal data is contested by you, for the period in which we have to verify the accuracy of the personal data; or
- the processing is unlawful and you oppose the deletion of your personal data and request restriction; or
- we no longer need your personal data for the purposes of processing, but your personal data is required by you for legal claims; or
- you have objected to the processing, for the period in which we have to verify overriding legitimate grounds.
- The right to data portability. You may request that we send this personal data to a third-party, where feasible. You only have this right if it relates to personal data you have provided to us where the processing is based on consent or necessity for the performance of a contract between you and us, and the processing is conducted by automated means.
- You also have the right to lodge a complaint before your national data protection authority.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights described in this Statement). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. In an effort to speed up our response, we may also contact you to ask you for further information in relation to your request. You can exercise several of your rights through the personal information section of your account. To exercise your other rights you can file a request by clicking here.
We will only use your personal data when the law allows us to.
Pursuant to GDPR, we will use your personal data in one or more of the following circumstances:
- Where we need to perform the contract we are about to enter into or have entered into with you
- Where it is necessary for our legitimate interests (or those of a third-party) and your interests and fundamental rights do not override those interests
- Where we need to comply with a legal or regulatory obligation
- With your consent
Your personal data may be stored or transferred to countries outside the EEA for the purposes described in this Statement. When we store or transfer your personal data outside the EEA, we take the following precautions to ensure that your personal data is properly protected.
Whenever we store or transfer your personal data outside the EEA, we will do so in accordance with applicable law and we will ensure a similar degree of protection is afforded to it by implementing appropriate safeguards. Transfers of personal data are made:
- to a country recognized by the European Commission as providing an adequate level of protection; or
- to a country which does not offer adequate protection but whose transfer has been governed by the standard contractual clauses of the European Commission or by implementing other appropriate cross-border transfer solutions to provide adequate protection.
By using our services, you understand that your personal data may be transferred to our facilities and those third-parties with whom we share it as described in this Statement.
CALIFORNIA DATA PROTECTION – CCPA
California Consumer Privacy Act Privacy Statement (“CCPA Statement”)
Your rights under CCPA:
As of January 1 2020, California law permits residents of California to request certain details about how their personal information is shared with third-parties or affiliated companies for direct marketing purposes.
California residents may also take advantage of the following rights:
- You may request, up to two times each year, that we disclose to you the categories and specific pieces of personal information that we have collected about you, the categories of sources from which your personal information is collected, the business or commercial purpose for collecting your personal information, the categories of personal information that we disclosed for a business purpose, any categories of personal information about you that we sold, the categories of third-parties with whom we have shared your personal information, and the business or commercial purpose for selling your personal information, if applicable.
- You may request that we delete any personal information that we have collected from or about you. As described in more detail in our Statement, there are some reasons we will not be able to fully address your deletion request, such as if we need to complete a transaction for you, to detect and protect against fraudulent and illegal activity, to exercise our rights, or to comply with a legal obligation. You can also access, update, and remove your information by visiting the Member Profile page on our website.
- You may request to opt out of our sale of your personal information to third-parties for their direct marketing purposes. This means that, if you opt out, going forward, we will not share your information with such third-parties to use for their purposes unless you later direct us to do so. To effect the opt out, please submit a request in writing to the contact information below.
To take advantage of your disclosure and deletion rights, please contact us via our dedicated privacy portal by clicking here. We may need to verify your identity to enable us to process your request. We value your privacy and will not discriminate in response to your exercise of privacy rights. We will respond to your request within 45 days of receipt of your request, after proper verification, unless we need additional time, in which case we will let you know.
For purposes of compliance with the CCPA, in addition to the further details as described in the Statement, we make the following disclosures:
- We collect the following categories of personal information: Identifiers/Contact Information, transactional information, Internet or other electronic network activity information, geolocation, visual and audio information, and inferences drawn from the above.
- We sell the following categories of personal information: Identifiers/Contact Information, Internet or other electronic network activity information, and inferences drawn from the above.
- We disclose the following categories of personal information for a business purpose: Identifiers/Contact Information, commercial information, Internet or other electronic network activity information, geolocation, visual and audio information, and inferences drawn from the above.