DOJO APP PRIVACY POLICY STATEMENT

Scope of this Policy

We are TheTriangleLab Limited (Dojo, we, us, our), the company behind the Dojo service (Service). The Service is designed as an online and Smartphone application (App) providing location-based recommendations for services, products and venues including restaurants, bars and events.  The individual or organisation that subscribes to the Service will be referred to as the “Subscriber” or “you”.

This privacy policy (Privacy Policy) sets out the ways in which we collect and use your personal data (your Personal Information) in connection with our business. It also explains what rights you have to access or change your personal data.

For the purposes of the General Data Protection Regulation, we are the data controller.

Contacting Dojo about privacy questions or concerns

If you have any questions about this Privacy Policy, or any queries, requests or complaints in regard to the Service or the use of your Personal Information, please contact Dojo by sending an email to the following address (indicating “PRIVACY REQUEST” in the message line): [email protected].

If you contact Dojo by e-mail, we may keep a record of your correspondence or comments.  We may ask for your name, e-mail address and contact information in order to send you a reply.

Third party information and links

Information may be sourced from third parties by Dojo and/or you in compiling the Service.  Where such third party information forms or may form part of the Service, we have relied on the information provided to us by third parties. We do not guarantee the correctness or completeness of the information provided on the Service.

The Service may contain advertisements (which may be directed to Subscribers based on information you include in your personal profile when using the Service), plug-ins and links to other websites that are owned and operated by third parties. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. The information practices of those websites linking from or to the website are not covered by this Privacy Policy or the Terms of Use, and Dojo is not responsible and cannot be held liable for the content or practices of any third party website. Please consult each website’s privacy policy. The provision of a link on the Service does not constitute an endorsement of that website or related any products or services.  When you leave our website, we encourage you to read the privacy notice of every website you visit.

Sharing directly with third parties

You and other Subscribers may share content on the Service via a number of social media platforms (including, without limitation, Facebook, Twitter, Google+) and email.  When content is shared in this way a link to that content is sent out via the relevant social media channel.

When you share Personal Information through the Service with third parties (including other Subscribers) and via other online services (such as Facebook), that information will remain under the control of the third party or other service in question. Dojo has no control over the use of Personal Information which has been shared with third parties and this Privacy Policy Statement does not relate to such use of the Subscriber’s Personal Information. We recommend that you review the privacy policies of third parties to whom you share Personal Information with via the App.

Please be responsible with personal information of others when using Service. We are not responsible for your misuse of Personal Information, or for the direct relationship between you and others when takes place outside of the Service.

 

“Personal Information”

The Dojo Privacy Policy concerns the use by Dojo of Personal Information. Personal Information, or “personally identifiable information”, as it is sometimes known, is a reference to data that can be linked to or identified with a living individual.

This Privacy Policy does not apply to any data insofar as it is held, processed, disclosed or published in a form which cannot be linked to a living individual (such as anonymised data, aggregated data, or coded data which, in a given form, cannot effectively be used to extract Personal Information) (“Generic Data”). Dojo reserves the right to generate Generic Data out of any databases containing Personal Information and to make such use as it sees fit of any such Generic Data.

Personal Information we may collect about you

We will collect any information that you provide to us when you:

The information you provide to us will include (depending on the circumstances):

 

We also collect the following information about you when you use the Service:

Purposes for which Dojo uses Personal Information and Recipients of your Personal Information

We will use your information for the purposes listed below either on the basis of:

Where we use your information for our “legitimate interests”, we make sure that we take into account any potential impact that such use may have on you. Our legitimate interests don’t automatically override yours and we won’t use your information if we believe your interests should override ours unless we have other grounds to do so (such as your consent or a legal obligation). If you have any concerns about our processing please refer to details of “Your Rights to your Personal Information

Dojo uses Personal Information provided by Subscribers and accessed by the Service for the purposes of:

Except in relation to certain selected partner websites, Dojo will not permit your Personal Information to be used for direct marketing purposes.

In connection with the purposes and on the lawful grounds described above, we will share your Personal Information when relevant with third parties such as:

Other forms in which Personal Information may be used

We may disclose Personal Information to third parties if we believe that such disclosure is reasonably necessary to enforce or apply the Terms of Use that a Subscriber has accepted in relation to the Service or to protect the rights, property, safety and integrity of Dojo or the Service, or otherwise as provided by law or required by any court of competent jurisdiction or any regulatory authority acting under statutory powers.

There may be limited circumstances in which Dojo is obliged to disclose Personal Information to unrelated third parties such as:

·       In response to the following: (1) to satisfy a legitimate government request or direction or in response to a court order or in connection with legal proceedings; (2) in response to a third-party subpoena, if on legal advice such response is required; or (3) if necessary to defend Dojo, or its partners or other Subscribers (for example, in a lawsuit).

·       If you request a specific service or product which is administered by a third party who is working with Dojo, your Personal Information may be shared with such third party in order to respond to the request. The third party in question may also transmit back to Dojo any new information obtained from you.

Dojo will fully co-operate with law enforcement, investigation and security agencies and regulators to identify anyone who uses the Service or software for illegal activities. Dojo reserves the right to report to law enforcement, investigation and security agencies and to regulators any activities that are believed to be unlawful.

Storage  (including international transfers outside of the EEA), Security and Retention of Personal Information

Storage

Personal Information that Dojo collects is stored on its servers (which may be cloud-based and located outside the EEA).  We implement and maintain adequate security measures to protect such information stored on our servers and seek to comply with all local rules in respect of storage of data. 

Whenever we transfer Personal Information  out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following transfer solutions are implemented:

Please contact us using the contact details at the top of this Privacy Notice if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.

Security

We use appropriate technological and operational security measures to protect your information against any unauthorised access or unlawful use such as:

Retention

Dojo also strives to collect no more Personal Information from end-users than is required for the purpose for which it is collected. This, in turn, helps reduce the total risk of harm should data loss or a breach in security occur. We operate a data retention policy and look to find ways to reduce the amount of information we hold about you and the length of time that we need to keep it, For example,

Help keep your information safe

You can also play a part in keeping your information safe by:

 “Sensitive” information

Dojo does not seek to collect “sensitive” Personal Information about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data)  Dojo does not wish to receive any such data and will not request it. If Subscribers voluntarily post such information on the Service or share it with other Subscribers, the Subscriber assumes the risk of such information being accessed, used or distributed by others as such information has been manifestly made public by the Subscriber.

Data on children Persons under the age of 16 should not transfer Personal Information to us unless they have the consent of their parent(s) or guardian(s). We do not knowingly collect, nor do we want to receive, personal information about individuals who are under 13 years of age. If you are under the age of 13, please do not access our Service at any time or in any manner. We will take appropriate steps to delete the Personal Information of persons under the age of 13.

Your Rights to your Personal Information

You have certain rights in respect of the Personal Information that we hold about you, including:

Some upcoming new rights…

From 25 May 2018, in accordance with new data protection laws which will be in force from that date, you will have certain additional rights in respect of the information that we hold about you, including:

How to exercise your rights

You may exercise your rights above by contacting us using the details at the top of this Privacy Policy, or in the case of preventing processing for marketing activities also by checking certain boxes on forms that we use to collect your data to tell us that you don’t want to be involved in marketing or by updating your marketing preferences via your account with us.

What we need from you to process your requests

We may need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Information (or to exercise any of your other rights). This is a security measure to ensure that Personal Information is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

You will need to have created an account in order for us to provide you with your information because without an account, we are not able to connect your data to a verifiable email address.

From 25 May 2018, you will not have to pay a fee to access your Personal Information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances. We will try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

Changes to your Personal Information and unsubscribing from the Service

It is important that the Personal Information we hold about you is accurate and current. Please keep us informed if your Personal Information changes during your use of the Service. You may change the Personal Information that Dojo retains about you by accessing the Service and following the instructions. 

You may unsubscribe from the Service at any time.  When you unsubscribe from the Service (or when it is otherwise terminated) we will permanently and irretrievably delete all Personal Information we hold on your behalf, save that:

(1)  copies of your Personal Information may remain stored for limited periods of time on back-up media which shall be cleansed from time to time;

(2)  Dojo reserves the right to retain records of your Personal Information if we reasonably require to maintain such records for legal purposes, to investigate and respond to complaints, to enforce our Terms of Use or to defend ourselves against any claim or allegation, or if we require to retain such data for other legitimate reasons; and

(3)  Dojo shall be entitled to retain any data in Generic Data obtained from your Personal Information.

Privacy Policy changes

This Privacy Policy was last changed on 25th May 2018. If Dojo makes changes to the Privacy Policy, the new version will be posted on the Service. If material changes are made to the Privacy Policy we will notify you by email.  Dojo may change, modify, add or remove portions of this Privacy Policy at any time, and any changes will become effective immediately upon being posted unless stated otherwise.