Política de Privacidade

We value your privacy and want to be accountable and fair to you as well as transparent with you with regard to our processing of your personal data.

GENERAL INFORMATION

Degoo Backup AB, company reg. no. 556886-0729, (“we”, “us”, or “our”), owns and operates the https://instabridge.com website and the Instabridge mobile application (the “Service” or “Instabridge”). We are the data controller of the personal data that we collect from you when using the Service (as defined in our Terms of Service: https://instabridge.com/terms-of-service/)

This privacy policy (“Privacy Policy”) contains a policy statement regarding our collection, use and processing of personal data, with whom we may share your personal data and your rights in relation to your personal data. This Privacy Policy tells you what to expect when we collect and use personal data about you that you share with us when using our Service.

PROCESSED DATA

We collect several different types of information for various purposes to provide and improve our Service to you.

Types of Data Collected

When you create a user account on Instabridge, we may ask you for information such as your username, password, email address and picture. If you connect to the Service using credentials from a third party application (e.g., Facebook or Google), you authorise us to collect your authentication information, such as your username, email address and encrypted access credentials. We may also collect other information available on or through your third party application account, including, for example, profile picture, country and hometown, date of birth, gender and networks.

When you use the Service and when the Service is running in the background, certain information will be collected from your online interactions, including but not limited to information about your use of the Service, your IP address, location data, device ID, time, BSSID and SSID (Wi-Fi network name), SIM card identifiers (IMEI), MAC address of access point, signal level, device location, captive portal login steps and other technology on the devices you use to access the Service. We also collect additional points that are interesting in order to measure and analyze network and internet performance. We also collect information such as the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data.

If you have connected your user account with us to a third party application, we may receive similar information related to your interactions with the Service from such channels.

We collect, store and use your personal information including your username and email address and information about how you use and access the Service because it is necessary in order to provide the Service requested by you pursuant to the contract made between you and us. If you do not provide us with this information we will not be able to provide you with the Service.

We do not knowingly collect or store personally identifiable information from anyone under the age of 13 unless or except as permitted by law. BY INSTALLING OR USING OUR APP, YOU REPRESENT AND WARRANT TO US THAT YOU ARE 13 YEARS OF AGE OR OLDER. If we are made aware that we have received personally identifiable information from someone under 13, we will use reasonable efforts to remove that information from our records.

Tracking & Cookies Data

Cookies are files with small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyze our Service. In this policy, we use the term “cookies” for cookies and all such similar technologies.

We use cookies and similar tracking technologies to track the activity on our Service and hold certain information.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.

Examples of Cookies we use and their purposes:

  • Functional cookies: We use functional cookies to operate certain functions of the Website in accordance with your choices, meaning that when you continue to use or come back to the Website, the site will be provided as you have previously requested, e.g. remembering your username and customization of the Website.
  • Analytics cookies: We use analytics cookies to analyze how the Website is accessed, used or is performing. We use the information to maintain, operate and improve the Website.
  • Third party cookies: We may allow our partners to use cookies on the Website for the same purposes identified above. We may also use service providers acting on our behalf to use cookies for the purposes identified above.
  • Security Cookies: We use Security Cookies for security purposes.
  • Advertising Cookies: Advertising Cookies are used to serve you with advertisements that may be relevant to you and your interests.

If you have any questions or comments about our use of cookies, please contact support@degoo.com.

PURPOSES OF PROCESSING AND LEGAL BASIS

We will process the information set out above for the following purposes and based on the following legal basis:

Purpose of the processing

Legal basis for the processing

1.     To administrate your account, to enable and provide the Service and integration with third party services, and to provide, personalize and improve your experience with the Service, and to otherwise provide the Service according to the terms of Service

Necessary for us to fulfil our contract with you.

The processing is necessary in order to provide the Service requested by you pursuant to the contract made between you and us when you agreed to our Terms of Service.

2.     To publish leaderboards on Instabridge

Consent.

When you have given us your consent, we will publish your user name and picture on Instabridge’s leaderboards.

3.     To provide you with marketing of our and our related parties’ products and services

Legitimate interest.

After a balancing of interests where we have pursued the following legitimate interest:

    • Instabridge’s interest of offering products and services that meet the needs and desires of its customers.
4.     To inform you about updates of the Service or the Terms of Service and to send you alerts or messages by email regarding changes to the Service

Necessary for us to fulfil our contract with you.

The processing is necessary in order to provide the Service requested by you pursuant to the contract made between you and us when you agreed to our Terms of Service.

5.     To, either directly or through one of our service providers, communicate with you for participation in surveys via notifications or other messages

Legitimate interest.

After a balancing of interests where we have pursued the following legitimate interest:

    • Instabridge’s interest of knowing what you think about the Service in order for us to improve the Service.
6.     To improve and develop the Service or new services and products and to analyse your use of the Service

Legitimate interest.

After a balancing of interests where we have pursued the following legitimate interest:

    • Sometimes our use of your personal data is for purposes which are ancillary to the provision of the Service. In those circumstances, we believe we have a legitimate interest in handling your personal data, and believe that the benefits of this storage and use of your personal data will outweigh any potential impact on you and not unduly prejudice your rights or freedoms.
7.     To ensure the technical functioning of the Service and to prevent use of the Service in breach of the terms of use

Necessary for us to fulfil our contract with you.

The processing is necessary in order to provide the Service requested by you pursuant to the contract made between you and us when you agreed to our Terms of Service.

8.     To process your purchases and transactions.

Necessary for us to fulfil our contract with you.

The processing is necessary in order to provide the Service requested by you pursuant to the contract made between you and us when you agreed to our Terms of Service.

9.     To conduct Partner promotions.

Legitimate interest.

After a balancing of interests where we have pursued the following legitimate interest:

    • It is in our legitimate interests to provide you with partner promotions in which you may be interested.
10.  To allow third-party advertisers to use tracking technologies on our Services.

Legitimate interest.

After a balancing of interests where we have pursued the following legitimate interest:

    • it is in our legitimate interests to target advertisements so that users see relevant advertisements in furtherance of our Service and our business operations.
11.  To share processed data with our advertising partners, selected third parties and trusted partners.

Consent.

When you have given us your consent, we will share some information we collect, with third parties under licensing or other arrangements. Such information may include but not limited to: Hardware and Software Information; Profile Information (excluding all data points that could reveal your personal identity); Location and Distance Information; Mobile App Usage Data; Cookies; Log Files and Other Tracking Technologies. Also, additional Personal Data we receive about you, including: Third-Party Tracking Technologies.

Those third parties may use that information for research and commercial purposes, including advertising and mobile network and hotspot performance testing.

12.  To provide or show advertising based on the Personal Data you provide or that we collect through the Service.

Consent

When you have given us your consent, we will provide personalized advertising.

13.  To enforce the terms of Service, including protecting our rights, property and safety and also the rights, property and safety of third parties if necessary

Legitimate interest.

After a balancing of interests where we have pursued the following legitimate interests:

    • our interest of investigating suspicion of and taking measures against misuse of or damage to our Service;
    • our and/or third party’s interest of investigating and producing evidence regarding criminal activity, fraud and other threats against its interest;

Swedish or foreign authority’s interest of conducting law enforcement activities and collecting evidence for such purposes.

14.  To fulfil requirements by law and/or to comply with requests from regulatory bodies or law enforcement agencies

Necessary in order to comply with our legal obligations.

DISCLOSURE OF PERSONAL DATA

We may share and disclose your personal data to the following parties under the following circumstances:

Third party applications

If you connect your Instabridge account to a third party application or use a third party application to login to Instabridge, we may automatically share your activity and activity, your events (including generic application events (such as application installation and application launch) and other standard logging for product metrics), your user ID and activity-related stories with that service. You understand and agree that that such information may be attributed to your account on the third party application.

You understand and agree that a third party application’s use of information collected from you is governed by the third party application’s privacy policies and your settings on the relevant service, and Instabridge’s use of such information is governed by this Privacy Policy and your Instabridge account settings.

Third party service providers

We will share information with third party service providers to facilitate our provision of the Service or in order for such third party service provider to provide certain services on our behalf. This will include:

  • IT infrastructure companies that facilitate our provision of the Services to you; and
  • other third party service providers, such as hosting providers or other IT service providers for the purpose of providing the Service or tracking your use of the Service and advertising and survey service providers to help us in our communication with you and to better understand your use of the Service.

These companies are authorised to use your personal data only as necessary to provide these services to us.

Interest-based advertising

We and our third-party partners also collect information about Users and their mobile devices and networks, including for purposes such as interest-based advertising. When you install our App, and as you use our App, upon your explicit consent, we collect and may share with trusted partners certain personal information in hashed or obfuscated form such as (a) your email address, (b) your Google, Facebook, or other social networking profile, to the extent available, (c) your age range, (d) your country and language, (e) device-based advertising identifiers, and (f) information about your mobile device such as type of device, operating system version and type, device settings, time zone, carrier and IP address, if applicable, MAC address of your mobile device, and (g) the name of your mobile carrier and speed test information about the performance of your mobile network.

While our App is installed on your mobile device, whether or not you are using our App, we regularly track your precise geographical location. As you use our App, we collect your search queries, including cities and venues that you search for.

All User payments for the pay version of our App are handled through the portal established by the publisher of the operating system for the User’s mobile device (iOS App Store, Google Play, etc.).

Most mobile platforms (iOS, Android, etc.) have defined certain types of device data that apps cannot access without your consent, and have various permission systems for obtaining your consent. The iOS platform will alert you the first time our App wants permission to access certain types of data and will let you consent (or not consent) to that request. Android devices will notify you of the permissions that our App seeks before you first use the App, and by using the App you consent to those permissions.

We and our third-party partners may use the information we collect to:

  • provide, maintain and improve our services, develop new features and send product updates and administrative messages;
  • perform internal operations, including troubleshooting, data analysis, testing and research;
  • send you, or recommend, advertisements and other communications we think will be of interest to you and otherwise personalize our services, also known as interest-based advertising.
  • to recognize you across different channels and platforms, including but not limited to, computers, mobile devices, and Smart TVs, over time for advertising, analytics, attribution, and reporting purposes. To opt-out of the use of your mobile device ID for targeted advertising, please see http://www.aboutads.info/appchoices.”

To opt out of interest-based advertising, please see the following instructions on using your device settings to opt out:

iOS/Applehttps://support.apple.com/en-us/HT202074
Android/Googlehttps://support.google.com/ads/answer/2662922?hl=en

Please note that if you opt out of Interest-Based Advertising, you may continue to receive contextual ads based on other non-personal information, such as ads related to the content of the Product you are using.

Precise location data

Upon your explicit consent, we may share the information we collect, including WiFi hotspot information, precise location information (such as your GPS coordinates), relative location information (from WiFi signals or Bluetooth Low Energy devices in your proximity, for example), and other relevant processed data (excluding personally identifiable information) and with third parties under licensing or other arrangements. We and those third parties may use that information for mobile network and hotspot performance testing, as well as for research and commercial purposes, including interest-based advertising, e.g. (a) to customize ads in this or other apps; (b) to measure effectiveness of those ads; (c) for disease prevention and research, security, anti-crime and law enforcement; or (d) market, civic or other research regarding aggregated traffic patterns.

You can opt-out from sharing location data with our trusted partners by disabling “data collection” in the app settings (app settings > disable data collection). This will not have any effect on the app functionality but only restrict location data sharing with our trusted partners. Your mobile device may also allow you to opt out of the collection of Precise Location Data by the Third Party Advertiser in the Product, as further described below.

iOS (iOS 8 or later) – In order to disable the collection of Precise Location Data on iOS, you may turn Location Services off for the applicable Product via the menu “Settings > Privacy > Location Services”. Then select the applicable Product and set the “Share My Location” status to “Never”. Please see additional information from Apple here: https://support.apple.com/en-us/HT203033.

Android (6.0 / Marshmallow and higher) – In order to disable the collection of Precise Location Data on Android, you may turn Location off for the applicable Product via the menu “Settings > Apps > [applicable Product] > Permissions > Location”. Then turn off the “Location” button.

VPN Data Collection

When You Use Our VPN Service

We only keep the following data associated with your account:

  • Total amount of bytes transferred in a 30 day period.
  • Timestamp of your last activity on our VPN network.

This data is used to enforce free tier limitations, prevent abuse and weed out inactive accounts.

The following data is NOT stored:

  • Source IP
  • Sites you visited
  • Historical record of VPN sessions

When You Are Actively Connected to a Server
For the duration of your connection the following is stored in server’s memory.

This data is immediately discarded when you disconnect:

  • OpenVPN/IKEv2 username
  • Time of connection
  • Amount of data transferred

The following data is stored in a central location:

  • Number of parallel connections at any given time to prevent rampant abuse and account sharing.
    A counter is incremented that stores the total number of bytes downloaded/uploaded in a 30 day period.
  • Anything that is not mentioned above is not stored.

Our bespoke system eliminates the need to store data entirely. This data resides only in server’s memory while you’re connected, and is immediately discarded by the VPN server when you disconnect. Since it doesn’t get logged into a permanent database, there is nothing to delete.

To opt out of our use of the personal information that we collect about you for advertising purposes, please contact us at support@degoo.com with a request that we not use your personal information for advertising purposes, and we will honor that request.

Compliance with laws and legal proceedings

When we respond to court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims. When we believe in our sole discretion it is necessary to share information in order to investigate, prevent or take actions against illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our Terms of Service, or as otherwise required by law.

Merger or acquisition

When we need to transfer information about you if we are acquired by or merged with another company. If we are involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified afterwards via e-mail and/or a prominent notice on our Service of any change in ownership or uses of your personal data, as well as any choices you may have regarding your personal data.

Other users

Your user name and picture may be disclosed to other users of the Service.

We may use your personal information without your knowledge or consent where we are permitted or required by applicable law or regulatory requirements to do so.

INTERNATIONAL TRANSFERS OF YOUR PERSONAL DATA

If you are located in the European Union (“EU”) then we may transfer personal data that we collect from you to third party suppliers and trusted partners located in countries that are outside of the EU and the European Economic Area (“EEA”) (including to the USA) or to our partners/related third parties in connection with the above purposes. The same rule applies for users outside the EU, that is your data may be transferred outside of the country from which it was originally collected. Please be aware that countries which are outside the EU/EEA may not offer the same level of data protection as the EU/EEA, although our collection, storage and use of your personal information will continue to be governed by this privacy policy.

When transferring personal data outside the EU/EEA, we will ensure that the country in which your personal data will be handled has been deemed “adequate” by the EU Commission under Article 45 of the General Data Protection Regulation (“GDPR”) or if your personal data will be transferred to a country which the EU Commission does not consider to have an adequate level of protection for personal data, we will take all necessary steps required under applicable law in order for such transfer of information across borders to be compliant with applicable law. We will only transfer your personal data to a country outside the EU/EEA where; (i) the transfer is being safeguarded by the use of EU model clauses (under Article 46.2 in the GDPR) or (ii) where the recipient is certified under the US-EU Privacy Shield Framework (under Article 45 in the GDPR).

By installing or using the App, you consent to those transfers of information to other countries and to service providers.

You can find further information about the rules on data transfers outside the EU/EEA, including the mechanisms that we rely upon, on the European Commission website (https://ec.europa.eu/info/law/law-topic/data-protection_en).

DATA RETENTION

We will keep your data for as long as you have an account in the Service or for as long as we need to keep any personal data to comply with our legal obligations, resolve disputes, or enforce our agreements. After this your personal data will be deleted.

LINKS TO OTHER WEBPAGES

Please note that the Service and our Website contain links and pages to other websites operated by third parties. Please note that this Privacy Policy applies only to the personal data that we collect through the Service and our Website and we cannot be responsible for personal data that third parties may collect, store and use through their website when you are directed to such other websites. The privacy policy of each such third party website will govern the information collected from you on that third party website; therefore, you should always read the privacy policy of each such website you visit carefully.

SECURITY

We take all reasonable technical and organisational measures in order to protect your personal data against accidental or unlawful destruction, accidental loss or alteration, unauthorised disclosure or access and any other unlawful forms of processing.
Whilst we take appropriate technical and organisational measures to safeguard the personal data that you provide to us, no transmission over the Internet can ever be guaranteed secure. Consequently, please note that we cannot guarantee the security of any personal information that you transfer over the Internet to us.

CALIFORNIA PRIVACY  RIGHTS (FOR CALIFORNIA RESIDENTS ONLY)

Under California Civil Code Section 1798.83, if you are a California resident and your business relationship with us is primarily for personal, family or household purposes, you may request certain data regarding our disclosure, if any, of information to third parties for the third parties’ direct marketing purposes. To make such a request, please send an email to support@degoo.com with “Request for California Privacy information” in the subject line. You may make such a request up to once per calendar year. If applicable, we will provide to you via email a list of the categories of information disclosed to third parties for their direct marketing purposes during the immediately-preceding calendar year, along with the third parties’ names and addresses. Please note that not all personal data sharing is covered by Section 1798.83’s requirements.

As of January 1, 2020, California residents also have the following rights provided to them under the California Consumer Privacy Act of 2018, Civil Code §1798.100 et seq. (CCPA):

  1. Right to Know About Personal Information Collected.  California residents have the right to request that a business disclose to them the Personal Information it collects, uses, discloses, and sells, subject to certain exceptions and limitations.  Please consult our PROCESSED DATA and PURPOSES OF PROCESSING AND LEGAL BASIS sections above which contain a list of categories of Personal Information collected, used, disclosed and/or sold to third parties for a business or commercial purpose as well as explaining the legal basis of processing.
  2. Right to Request Deletion of Personal Information. California residents also have the right to request the deletion of their Personal Information collected or maintained by Degoo Backup AB, subject to certain exceptions and limitations.
  3. Right to Opt-Out of the Sale of Personal Information. California residents have the right to opt-out of the sale of their Personal Information. Under the CCPA, the “sale” of Personal Information broadly includes any communication of Personal Information to any business that is deemed to be a “third party” (as defined in the CCPA) for monetary or other valuable consideration, subject to certain exceptions and limitations.  For more information, please consult our Notice of Right to Opt Out of the Sale of Info (https://www.instabridge.com/do-not-sell/) <insert link>.
  4. Authorized Agent.  California residents may use an authorized agent to exercise certain privacy-related requests and rights on their behalf.  The authorized agent’s exercise or request on your behalf sent by mail shall include a power of attorney or a notarized statement properly signed by you appointing such authorized agent for such purpose.  If your authorized agent submits the exercise to support@degoo.com, a copy of the power of attorney or the original notarized statement shall be mailed to the following address: Vasagatan 16, 111 20 Stockholm; Attention: Privacy, within five (5) days after sending the email request, or we may in our discretion otherwise verify the agent’s authority to our reasonable satisfaction.
  5. Right to Non-Discrimination for the Exercise of a Consumer’s Privacy Rights. California residents have a right not to receive discriminatory treatment by a business in the event that the California resident exercises one or more of their privacy rights conferred by the CCPA.
  6. How to Submit Your Request. Degoo Backup AB offers California consumers (or their authorized agent) two (2) ways to submit requests concerning their California privacy rights under the CCPA: (i) by emailing request to support@degoo.com,or (b) by mailing your request to the following address: Degoo Backup AB, Vasagatan 16, 111 20 Stockholm, Sweden, Attn: California Privacy Rights. Degoo Backup AB will review all properly-submitted requests and respond in a timely manner in accordance with the CCPA and applicable regulations thereunder. As part of this process, and to prevent unauthorized use of your Personal Information, you may be asked to verify your identity so that we can match you to a person in our systems.  The verification methods we use may include requests to disclose your first name, last name, email address, location information, security question, Service activity and other information; such verification may be conducted by a third-party on our behalf. TO ENSURE THAT YOUR CCPA REQUESTS ARE EFFECTIVE AND RESPONDED TO IN A TIMELY MANNER, YOU MUST USE THE EMAIL ADDRESS OR MAILING ADDRESS SPECIFIED IN THIS SECTION. PRIVACY REQUESTS SENT TO US BY ANY OTHER METHOD OF COMMUNICATION WILL NOT BE VALID AND MAY NOT BE RECEIVED BY OUR PERSONNEL AS WE CANNOT MONITOR ALL CHANNELS OF COMMUNICATION NOR CAN WE VERIFY THE AUTHENTICITY OF PRIVACY REQUESTS SENT VIA ANY OTHER CHANNELS.
  7. Publication of CCPA Statistical Data. Starting January 1, 2021, and updated each year thereafter (if and as required by the CCPA), Degoo Backup AB will publish a summary of statistical data pertaining to the following categories of California-resident consumer privacy requests: (1) “Requests to Know”, (2) “Requests to Delete”, and (3) “Requests to Opt-Out of Sale” in our Notice of Collation of Info.  The statistical data Degoo Backup AB will publish will include: (A) the number of requests Degoo Backup AB received in each category of California-resident consumer privacy request, (B) the number of such requests that Degoo Backup AB complied with in (in whole or in part), (C) the number of such requests which Degoo Backup AB denied and (D) the median number of days within which such requests were responded to.

NOTICE OF CHANGES

If we make changes to this Privacy Policy we will notify you by publication on our webpage. If the changes are material, we will provide you additional, prominent notice as appropriate under the circumstances and, where required under applicable law, ask for your consent.

YOUR RIGHTS

You have the right to, at any time, receive a copy of the personal data that we hold about you and information about the processing.

You have the right to, without undue delay, have incorrect or irrelevant personal data about you corrected and taking into account the purposes of the processing, you have the right to have incomplete personal data about you completed.

You have the right to have your personal data deleted without undue delay and we are obliged to delete your personal data without undue delay if, for example one of the following grounds applies: the personal data are no longer necessary in relation to the purpose for which they were collected or otherwise processed, or if you withdraw consent on which the processing is based and where there is no other legal ground for the processing. Please note that we are not obliged to delete the personal data if we can show that the processing is necessary, for example, for compliance with a legal obligation to which Instabridge is subject, such as book-keeping rules or the establishment, exercise or defence of a legal claim, or when there are other legitimate grounds to keep the data.

Furthermore, you have the right to request that Instabridge restricts the processing of your personal data under certain conditions, for example if you contest the accuracy of the personal data, the processing may be restricted for a period enabling Instabridge to verify the accuracy of the personal data or if Instabridge no longer needs the personal data for the purposes of the processing but you require the personal data for the establishment, exercise or defence of legal claims.

You have the right to object, on grounds relating to your particular situation, at any time to Instabridge’s processing of your personal data if the processing is based on, for example, legitimate interests, including marketing and/or profiling based on a legitimate interest. If you object to such processing, Instabridge will no longer be entitled to process your personal data based on such legal basis, unless Instabridge can demonstrate compelling legitimate grounds for the processing which overrides your interests, rights and freedom or if it is conducted for the establishment, exercise or defense of a legal claim.

You have, under certain conditions, the right to receive the personal data concerning you and which you have provided to Instabridge, in a structured, commonly used and machine-readable format and have the right to transmit such personal data to another data controller without Instabridge trying to prevent this, where Instabridge’s processing of your personal data is based on your consent or on a contract and the processing is carried out by automated means. You have in such case the right to request that the personal data from Instabridge shall be transmitted directly to another data controller, where technically feasible.

You also have the right to, at any time, withdraw your consent given to Instabridge for the processing of your personal data e.g. for marketing purposes. If you withdraw your consent, please note that this does not affect the lawfulness of the processing based on your consent before its withdrawal and that Instabridge may, under certain circumstances, have another legal ground for the processing and therefore may be entitled to continue the processing.

If you are unhappy with our processing of your personal data and/or consider it to be in contrary to applicable legislation you may lodge a complaint with a competent supervisory data protection authority (“DPA”) (such as with the DPA in your country of residence, the DPA in the country of your place of work or the DPA in the country where the alleged infringement has occurred).

To exercise the aforementioned rights please contact us at the following address: support@degoo.com or Degoo Backup AB, Vasagatan 16, 111 20 Stockholm. In order to ensure that you receive a swift response, please state in your letter your full name and, if applicable, your address, user name and the email address used for registration. We may request you provide us with information necessary to confirm your identity before responding to any request you make.

LANGUAGE

This Privacy Policy was written in English. If you are reading a translation and it conflicts with the English version, please note that the English version controls.

Trusted Partners