Privacy Policy of NEARPLATFORMS
Introduction
Owner and Data Controller
NEAR Platforms
3636 Prince Mohammed Bin Salman Ibn
Abdulaziz, 13516 Hiteen, Riyadh, Saudi Arabia
Owner contact email: support@nearplatforms.com
Types of Data Collected
Personal Data may be freely provided by the User, or, in case of Usage Data, collected automatically when using this Application. Unless specified otherwise, all Data requested by this Application is mandatory and failure to provide this Data may make it impossible for this Application to provide its services. In cases where this Application specifically states that some Data is not mandatory, Users are free not to communicate this Data without consequences to the availability or the functioning of the Service.
Users who are uncertain about which Personal Data is mandatory are welcome to contact the Owner. Any use of Cookies – or of other tracking tools – by this Application or by the owners of third-party services used by this Application serves the purpose of providing the Service required by the User, in addition to any other purposes described in the present document and in the Cookie Policy.
Users are responsible for any third-party Personal Data obtained, published, or shared through this Application.
1. General – Common for All Applications
The following personal data types are collected across all NEAR Platforms applications:
Identification Information: This includes first name, last name, date of birth, phone number, email address, username, password, company name, country, state, ZIP/Postal code, city, profile picture, and User ID. These details help identify and authenticate users.
Professional Information: Data such as the number of employees, field of activity, language, name, and profession are gathered to tailor the services to professional needs.
Contact Information: This includes phone number, email address, and physical address, which are necessary for communication and service provision.
Usage Data: Automatically collected when using the application, this includes device logs, device information, app information, trackers, crash data, geographic position, clicks, keypress events, motion sensor events, mouse movements, scroll position, touch events, and product interaction. These data types help monitor and improve service performance and user experience.
Payment Information: Necessary for processing transactions within the application.
User Content: Includes any content generated or provided by the user, such as files, documents, messages, and other materials uploaded or shared within the application.
2. Near Connect
The Near Connect application, being a video conferencing tool, collects additional data types specific to its functions:
Permissions:
Calendar Permission: Access to the user’s calendar is needed to schedule, manage, and join video conferences.
Camera Permission: The application requires access to the camera for video calls.
Microphone Permission: Necessary for audio communication during video conferences.
Phone Permission: This allows the app to manage calls and integrate with the phone’s system.
Storage Permission: Used for saving and accessing conference-related files.
Reminders Permission: Allows setting and receiving reminders for scheduled conferences.
Media Library Permission: Access to the media library is required for sharing music or other media during calls.
Device Data: Information such as geographic position might be collected to enhance meeting features like location-based scheduling or networking.
3. Near Governance
Near Governance focuses on board management, requiring specific data collection to support its functionalities:
Permissions:
Calendar Permission: Needed for scheduling and tracking board meetings and related events.
User Content:
Meeting Notes and Documents: Users may upload or create content within the platform, including meeting notes, agendas, resolutions, and other documents crucial for board management.
Data Communicated While Using the Service: This includes records of meetings, tasks assigned, and resolutions passed during board meetings.
4. Near Chat
Near Chat collects data to support communication and media sharing:
Permissions:
Calendar Permission: For planning and scheduling chats or events.
Camera Permission: Enables users to take photos or videos within the app for sharing.
Microphone Permission: Necessary for recording and sending audio messages.
Phone Permission: Integrates with the phone system for managing calls and syncing contacts.
Storage Permission: Required for saving and accessing chat-related files, including images, videos, and documents.
Media Library Permission: Allows users to access and share media files from their library.
User Content:
Messages and Shared Files: Includes all content users create, send, or receive in the chat, such as text messages, images, audio, and video files.
Tracking Data:
Trackers: These include message read receipts, delivery status, and other interaction metrics that enhance communication efficiency.
Touch Events: Tracks user interactions within the chat interface to improve user experience.
5. Near Sign
Near Sign facilitates document signing and management, requiring specific data types to function effectively:
Permissions:
Calendar Permission: Used to schedule signing deadlines and reminders.
Camera Permission: Allows capturing images of documents to be signed.
Storage Permission: Necessary for saving signed documents and accessing files that need to be signed.
User Content:
Documents and Signatures: This includes all documents uploaded for signing, as well as the digital signatures applied to those documents. Complete details on each type of Personal Data collected are provided in the dedicated sections of this privacy policy or by specific explanation texts displayed prior to the Data collection.
Mode and Place of Processing the Data
Methods of Processing
The Owner takes appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data.
The Data processing is carried out using computers and/or IT-enabled tools, following organizational procedures and modes strictly related to the purposes indicated. In addition to the Owner, in some cases, the Data may be accessible to certain types of persons in charge, involved with the operation of this Application (administration, sales, marketing, legal, system administration) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by the Owner. The updated list of these parties may be requested from the Owner at any time.
Place
The Data is processed at the Owner’s operating offices and in any other places where the parties involved in the processing are located. Depending on the User’s location, data transfers may involve transferring the User’s Data to a country other than their own. To find out more about the place of processing of such transferred Data, Users can check the section containing details about the processing of Personal Data.
Retention Time
Unless specified otherwise in this document, Personal Data shall be processed and stored for as long as required by the purpose they have been collected for and may be retained for longer due to applicable legal obligations or based on the Users’ consent.
The Purposes of Processing
The purpose of processing personal data refers to the specific reasons why an organization collects, uses, and manages personal data. These purposes are defined based on the organization’s activities and the services it provides. For NEARPLATFORMS, the purposes of processing personal data include:
1. Providing and Improving Services
- Service Delivery: Personal data is processed to provide users with access to NEARPLATFORMS’ services, such as video conferencing, board management, chat, calendar, cloud drive, and e-signature. This includes creating and managing user accounts, authenticating users, and enabling the core functionalities of the services.
- Service Enhancement: Data is used to understand how users interact with the services, identify areas for improvement, and develop new features. This helps NEARPLATFORMS enhance the user experience and ensure the services meet user needs.
2. Ensuring Security and Preventing Fraud
- Security Measures: Personal data is processed to implement security measures that protect user accounts and data from unauthorized access, breaches, and other security threats. This includes monitoring for suspicious activity and implementing authentication mechanisms.
- Fraud Prevention: Data is used to detect and prevent fraudulent activities, such as identity theft, account takeovers, and other forms of fraud. This helps maintain the integrity and trustworthiness of NEARPLATFORMS’ services.
3. Personalizing User Experience
- Customization: Personal data is processed to personalize the user experience by tailoring content, recommendations, and features based on user preferences and behaviour. This includes customizing the user interface, providing relevant suggestions, and delivering personalized communications.
- Targeted Advertising: Data is used to deliver personalized advertisements that are relevant to the user’s interests. This involves analysing user behaviour and preferences to display ads that are more likely to be of interest to the user.
4. Complying with Legal Obligations
- Regulatory Compliance: Personal data is processed to comply with legal and regulatory requirements, such as data protection laws, financial regulations, and other applicable laws. This includes maintaining records, reporting to authorities, and fulfilling legal obligations.
- Law Enforcement Requests: Data may be processed to respond to lawful requests from law enforcement agencies, regulatory bodies, and other government authorities. This ensures that NEARPLATFORMS complies with legal requirements and cooperates with authorities.
5. Managing User Relationships
- Customer Support: Personal data is used to provide customer support and respond to user inquiries, requests, and complaints. This includes troubleshooting issues, providing assistance, and improving customer service.
- Communication: Data is processed to communicate with users about their accounts, services, updates, and other relevant information. This includes sending notifications, alerts, and promotional messages.
6. Conducting Research and Analysis
- Usage Analysis: Personal data is used to analyse how users interact with NEARPLATFORMS’ services, identify trends, and gather insights. This helps NEARPLATFORMS make data-driven decisions and improve the overall quality of the services.
- Market Research: Data is processed to conduct market research and understand user needs, preferences, and behaviours. This information is used to develop new products, services, and marketing strategies.
7. Facilitating Business Operations
- Internal Operations: Personal data is processed to support internal business operations, such as accounting, auditing, and administrative activities. This ensures the efficient and effective management of NEARPLATFORMS’ business processes.
- Partnerships and Collaborations: Data may be shared with partners, service providers, and other third parties to facilitate collaborations and partnerships. This helps NEARPLATFORMS deliver its services and achieve its business objectives.
8. Protecting Rights and Interests
- Legal Claims: Personal data is processed to establish, exercise, or defend legal claims. This includes using data as evidence in legal proceedings and protecting NEARPLATFORMS’ rights and interests.
- Risk Management: Data is used to assess and manage risks, such as operational, financial, and reputational risks. This helps NEARPLATFORMS mitigate potential threats and ensure business continuity.
Device Permissions for Personal Data Access
Depending on the User’s specific device, this Application may request certain permissions that allow it to access the User’s device Data as described below.
By default, these permissions must be granted by the User before the respective information can be accessed. Once the permission has been given, it can be revoked by the User at any time. In order to revoke these permissions, Users may refer to the device settings or contact the Owner for support at the contact details provided in the present document. The exact procedure for controlling app permissions may be dependent on the User’s device and software. Please note that the revoking of such permissions might impact the proper functioning of this Application.
If User grants any of the permissions listed below, the respective Personal Data may be processed (i.e., accessed, modified, or removed) by this Application.
- Calendar permission: Used for accessing the calendar on the User’s device, including the reading, adding, and removing of entries.
- Camera permission: Used for accessing the camera or capturing images and video from the device.
- Camera permission, without saving or recording: Used for accessing the camera or capturing images and video from the device. This Application does not save or record the camera output.
- Media Library permission (Music): Allows accessing the User’s Media Library Audio Data.
- Microphone permission: Allows accessing and recording microphone audio from the User’s device.
- Microphone permission, without recording: Allows accessing and recording microphone audio from the User’s device. The recording feature is not used on this Application.
- Phone permission: Used for accessing a host of typical features associated with telephony. This enables, for instance, read-only access to the “phone state”, which means it enables access to the phone number of the device, current mobile network information, or the status of any ongoing calls.
- Reminder’s permission: Used for accessing the Reminders app on the User’s device, including the reading, adding, and removing of entries.
- Storage permission: Used for accessing shared external storage, including the reading and adding of any items.
Detailed Information on the Processing of Personal Data
Personal Data is collected for the following purposes and using the following services:
Beta Testing
This type of service makes it possible to manage User access to this Application, or parts of it, for the purpose of testing a certain feature or the entire Application. The service provider may automatically collect data related to crashes and statistics related to the User’s use of this Application in a personally identifiable form.
- Google Play Beta Testing: Provided by Google LLC or Google Ireland Limited. Personal Data processed: device information; device logs; email address; first name; last name; phone number; Usage Data; username. Place of processing: United States – Privacy Policy; Ireland – Privacy Policy.
- TestFlight (Apple Inc.): Provided by Apple Inc. Personal Data processed: app information; country; Data communicated while using the service; date of birth; device information; email address; first name; gender; last name; phone number; username. Place of processing: United States – Privacy Policy.
Contacting the User
- Contact form (this Application): By filling in the contact form with their Data, the User authorizes this Application to use these details to reply to requests for information, quotes, or any other kind of request as indicated by the form’s header. Personal Data processed: company name; country; email address; first name; last name; number of employees; phone number; physical address; state; User ID; ZIP/Postal code.
Displaying Content from External Platforms
This type of service allows you to view content hosted on external platforms directly from the pages of this Application and interact with them. Such services are often referred to as widgets, which are small elements placed on a website or app. They provide specific information or perform a particular function and often allow for user interaction. This type of service might still collect web traffic data for the pages where the service is installed, even when Users do not use it.
- Fonts.com Web Fonts (Monotype Imaging Inc.): Typeface visualization service provided by Monotype Imaging Inc. Personal Data processed: Trackers; Usage Data. Place of processing: United States – Privacy Policy.
- Google Fonts (Google LLC): Typeface visualization service provided by Google LLC. Personal Data processed: Trackers; Usage Data. Place of processing: United States – Privacy Policy.
Handling Activity Data
This type of service allows the Owner to use the activity or biometric data collected by your device in order for this Application to operate or to provide specific features. This may include movements, heartbeat, change in altitude, or data about the surroundings. Depending on what is described below, third parties may be involved in the activity tracking. Most devices allow for the User to control which Data is accessed or stored.
Further Information about the Processing of Personal Data
1. Legal Basis for Processing NEARPLATFORMS processes personal data based on several legal grounds, including:
- Consent: Users have given their explicit consent for one or more specific purposes.
- Contractual Necessity: Processing is necessary for the performance of a contract to which the user is a party or to take steps at the request of the user prior to entering into a contract.
- Legal Obligations: Processing is necessary for compliance with a legal obligation to which NEARPLATFORMS is subject.
- Legitimate Interests: Processing is necessary for the purposes of the legitimate interests pursued by NEARPLATFORMS or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the user.
2. Data Transfer Outside the EU and UK
NEARPLATFORMS may transfer personal data to countries outside the European Union (EU) and the United Kingdom (UK). When such transfers occur, NEARPLATFORMS ensures that appropriate safeguards are in place to protect the personal data. These safeguards may include:
- Standard Contractual Clauses: NEARPLATFORMS uses standard contractual clauses approved by the European Commission to ensure that personal data transferred outside the EU and UK is protected.
- Adequacy Decisions: Transfers may be made to countries that have been deemed to provide an adequate level of data protection by the European Commission.
- User Consent: In some cases, NEARPLATFORMS may rely on the user’s explicit consent for data transfers.
3. Data Protection Impact Assessments (DPIAs)
NEARPLATFORMS conducts Data Protection Impact Assessments (DPIAs) for processing activities that are likely to result in a high risk to the rights and freedoms of individuals. DPIAs help NEARPLATFORMS identify and mitigate potential risks associated with data processing activities. The DPIA process includes:
- Identifying Risks: Assessing the potential impact of data processing activities on individuals’ privacy and data protection rights.
- Mitigating Risks: Implementing measures to mitigate identified risks and ensure compliance with data protection laws.
- Documentation: Documenting the DPIA process and outcomes to demonstrate accountability and compliance.
4. Automated Decision-Making and Profiling
NEARPLATFORMS may use automated decision-making and profiling in certain circumstances. Automated decision-making involves making decisions based solely on automated processing of personal data, without human intervention. Profiling involves analysing personal data to evaluate certain aspects of an individual’s behaviour, preferences, or interests. Users have the right to:
- Object to Automated Decision-Making: Users can object to decisions made solely based on automated processing if they have a significant impact on them.
- Request Human Intervention: Users can request human intervention in automated decision-making processes.
- Understand the Logic: Users can request information about the logic involved in automated decision-making and profiling, as well as the significance and consequences of such processing.
5. Data Anonymization and Pseudonymization
NEARPLATFORMS may use anonymization and pseudonymization techniques to protect personal data. Anonymization involves removing or altering personal data so that individuals cannot be identified. Pseudonymization involves replacing identifiable information with pseudonyms to reduce the risk of identification. These techniques help NEARPLATFORMS:
- Enhance Privacy: Protect individuals’ privacy by reducing the risk of identification.
- Facilitate Research and Analysis: Use anonymized or pseudonymized data for research and analysis purposes without compromising individuals’ privacy.
6. Data Breach Notification
In the event of a data breach, NEARPLATFORMS has procedures in place to detect, respond to, and mitigate the impact of the breach. Users will be notified of data breaches that are likely to result in a high risk to their rights and freedoms. The notification will include:
- Description of the Breach: Information about the nature of the data breach and the types of personal data affected.
- Consequences: Potential consequences and risks resulting from the data breach.
- Measures Taken: Steps taken by NEARPLATFORMS to address the breach and mitigate its impact.
- Contact Information: Contact details for users to obtain further information and assistance.
7. User Feedback and Complaints
NEARPLATFORMS values user feedback and is committed to addressing privacy-related concerns. Users can provide feedback or lodge complaints through the following channels:
- Email: Users can contact NEARPLATFORMS at support@nearplatforms.com to provide feedback or file complaints.
- Supervisory Authority: Users have the right to lodge a complaint with a supervisory authority if they believe that their data protection rights have been violated.
8. Changes to the Privacy Policy
NEARPLATFORMS may update this privacy policy from time to time to reflect changes in data processing practices, legal requirements, or business operations. Users will be notified of significant changes through email or other communication channels. The updated privacy policy will be posted on the NEARPLATFORMS website, and the effective date will be clearly indicated.
User Rights and How to Exercise Them
NEARPLATFORMS is committed to ensuring that users can exercise their rights regarding their personal data. Users have the following rights:
1. Right to Access
Users have the right to obtain confirmation as to whether or not personal data concerning them is being processed, and, where that is the case, access to the personal data and the following information:
- The purposes of the processing.
- The categories of personal data concerned.
- The recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations.
- Where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period.
- The existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing.
- The right to lodge a complaint with a supervisory authority.
- Where the personal data are not collected from the data subject, any available information as to their source.
- The existence of automated decision-making, including profiling, and meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
2. Right to Rectification
Users have the right to obtain from NEARPLATFORMS without undue delay the rectification of inaccurate personal data concerning them. Taking into account the purposes of the processing, users have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
3. Right to Erasure (“Right to be Forgotten”)
Users have the right to obtain from NEARPLATFORMS the erasure of personal data concerning them without undue delay and NEARPLATFORMS has the obligation to erase personal data without undue delay where one of the following grounds applies:
- The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
- The user withdraws consent on which the processing is based and where there is no other legal ground for the processing.
- The user objects to the processing and there are no overriding legitimate grounds for the processing.
- The personal data have been unlawfully processed.
- The personal data have to be erased for compliance with a legal obligation in Union or Member State law to which NEARPLATFORMS is subject.
- The personal data have been collected in relation to the offer of information society services.
4. Right to Restriction of Processing
Users have the right to obtain from NEARPLATFORMS restriction of processing where one of the following applies:
- The accuracy of the personal data is contested by the user, for a period enabling NEARPLATFORMS to verify the accuracy of the personal data.
- The processing is unlawful and the user opposes the erasure of the personal data and requests the restriction of their use instead.
- NEARPLATFORMS no longer needs the personal data for the purposes of the processing, but they are required by the user for the establishment, exercise, or defence of legal claims.
- The user has objected to processing pending the verification whether the legitimate grounds of NEARPLATFORMS override those of the user.
5. Right to Data Portability
Users have the right to receive the personal data concerning them, which they have provided to NEARPLATFORMS, in a structured, commonly used, and machine-readable format and have the right to transmit those data to another controller without hindrance from NEARPLATFORMS, where:
- The processing is based on consent or on a contract.
- The processing is carried out by automated means.
6. Right to Object
Users have the right to object, on grounds relating to their particular situation, at any time to processing of personal data concerning them which is based on legitimate interests or the performance of a task carried out in the public interest or in the exercise of official authority, including profiling based on those provisions. NEARPLATFORMS shall no longer process the personal data unless NEARPLATFORMS demonstrates compelling legitimate grounds for the processing which override the interests, rights, and freedoms of the user or for the establishment, exercise, or defence of legal claims.
7. Right to Withdraw Consent
Users have the right to withdraw their consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
8. Right to Lodge a Complaint
Users have the right to lodge a complaint with a supervisory authority if they believe that the processing of personal data relating to them infringes the applicable data protection laws.
How to Exercise These Rights
Users can exercise their rights by contacting NEARPLATFORMS through the following methods:
Procedure
- Request Submission: Users should submit a request specifying the right they wish to exercise and providing sufficient information to verify their identity.
- Verification: NEARPLATFORMS may request additional information to verify the user’s identity and ensure the security of the data.
- Response Time: NEARPLATFORMS will respond to requests within one month of receipt. This period may be extended by two further months where necessary, taking into account the complexity and number of the requests. Users will be informed of any such extension within one month of receipt of the request, together with the reasons for the delay.
- Outcome: NEARPLATFORMS will provide information on the action taken on a request to the user. If no action is taken, NEARPLATFORMS will inform the user of the reasons for not taking action and the possibility of lodging a complaint with a supervisory authority and seeking a judicial remedy.
Cookies and Tracking Technologies
Use of Cookies and Tracking Technologies
NEARPLATFORMS uses cookies and similar tracking technologies to enhance user experience, analyze usage patterns, and provide personalized services. Cookies are small text files that are stored on the user’s device when they visit a website. Tracking technologies may include web beacons, pixel tags, and other similar technologies.
Types of Cookies Used
NEARPLATFORMS uses the following types of cookies:
- Essential Cookies
These cookies are necessary for the functioning of the services and cannot be switched off in our systems. They are usually set in response to actions made by the user, such as setting privacy preferences, logging in, or filling out forms. Without these cookies, some parts of the services may not function properly.
- Performance Cookies
These cookies collect information about how users interact with the services, such as which pages are visited most often and if users receive error messages from web pages. These cookies do not collect information that identifies a user. All information collected by these cookies is aggregated and therefore anonymous. It is used only to improve how the services function.
- Functional Cookies
These cookies allow the services to remember choices users make (such as their username, language, or the region they are in) and provide enhanced, more personalized features. These cookies can also be used to remember changes made to text size, fonts, and other parts of web pages that users can customize. The information these cookies collect may be anonymized and they cannot track browsing activity on other websites.
- Targeting Cookies
These cookies are used to deliver advertisements more relevant to users and their interests. They are also used to limit the number of times users see an advertisement as well as help measure the effectiveness of the advertising campaign. They are usually placed by advertising networks with the website operator’s permission. They remember that users have visited a website and this information is shared with other organizations such as advertisers. Quite often targeting or advertising cookies will be linked to site functionality provided by the other organization.
Managing Cookies
Users can manage their cookie preferences through their browser settings. Most web browsers allow users to control cookies through their settings preferences. Users can set their browsers to accept or reject all cookies, or to notify them when a cookie is set. Each browser is different, so users should check the “Help” menu of their browser to learn how to change their cookie preferences.
Examples of Managing Cookies
- Google Chrome: Users can manage cookies by clicking on the three dots in the upper right corner, selecting “Settings,” then “Privacy and security,” and finally “Cookies and other site data.”
- Mozilla Firefox: Users can manage cookies by clicking on the three horizontal lines in the upper right corner, selecting “Options,” then “Privacy & Security,” and scrolling down to the “Cookies and Site Data” section.
- Safari: Users can manage cookies by clicking on “Safari” in the upper left corner, selecting “Preferences,” then “Privacy,” and finally “Manage Website Data.”
Third-Party Cookies
NEARPLATFORMS may also use third-party cookies, which are cookies set by a domain other than the one being visited by the user. These cookies are used for various purposes, such as tracking user behavior, providing targeted advertisements, and integrating with social media platforms. Third-party cookies are subject to the privacy policies of the respective third parties.
Examples of Third-Party Cookies
- Google Analytics: Used to collect information about how users interact with the services, such as the number of visitors, the pages they visit, and the time they spend on the site. This information is used to improve the services and provide a better user experience.
- Facebook Pixel: Used to track user interactions with advertisements and measure the effectiveness of advertising campaigns. This information is used to deliver more relevant advertisements to users.
Tracking Technologies
In addition to cookies, NEARPLATFORMS may use other tracking technologies, such as web beacons and pixel tags. These technologies are used to understand user behavior, track conversions, and measure the effectiveness of marketing campaigns. Web beacons are small graphic images or other web programming code that may be included in our services or emails. They are used to count the number of users who have visited certain pages or opened an email, and to generate statistics about how our services are used.
User Choices and Consent
Users will be informed about the use of cookies and tracking technologies when they first visit the NEARPLATFORMS website. Users can choose to accept or reject cookies through the cookie consent banner. Users can also manage their cookie preferences at any time through their browser settings or by using the cookie management tool provided on the NEARPLATFORMS website.
Impact of Disabling Cookies
Disabling cookies may affect the functionality of the services. Some features of the services may not work properly if cookies are disabled. For example, users may not be able to log in, access certain parts of the services, or use personalized features.
Contact Information
For more information about the use of cookies and tracking technologies, users can contact NEARPLATFORMS at support@nearplatforms.com.
This detailed section on cookies and tracking technologies ensures that NEARPLATFORMS is transparent about the use of cookies and provides users with the information they need to manage their cookie preferences. If you need further customization or additional details, please let me know!
How Cookies Are Used for Personalized Ads
1. What Are Cookies?
Cookies are small text files that are stored on a user’s device when they visit a website. They contain information about the user’s browsing activity and preferences. Cookies can be set by the website the user is visiting (first-party cookies) or by third parties (third-party cookies) that provide content or services on the website, such as advertising networks.
2. Types of Cookies Used for Personalized Ads
- Targeting Cookies: These cookies are specifically used to deliver advertisements that are more relevant to the user’s interests. They track the user’s browsing habits and gather information about their preferences.
- Third-Party Cookies: These cookies are set by third-party advertisers and ad networks. They collect data across multiple websites to build a profile of the user’s interests and deliver targeted ads.
3. How Cookies Collect Data for Personalized Ads Cookies collect various types of data to personalize ads, including:
- Browsing History: Information about the websites and pages the user has visited.
- Search Queries: Data on the search terms the user has entered into search engines.
- Interaction Data: Information about the user’s interactions with ads, such as clicks and views.
- Device Information: Data about the user’s device, such as IP address, browser type, and operating system.
- Location Data: Information about the user’s geographic location, often derived from the IP address.
4. How Personalized Ads Are Delivered
- Data Collection: When a user visits a website, cookies collect data about their browsing activity and preferences.
- Profile Building: The collected data is used to build a profile of the user’s interests and behaviour. This profile is often anonymized and aggregated with data from other users.
- Ad Targeting: Advertisers use the profile to deliver ads that are tailored to the user’s interests. For example, if a user frequently visits websites about travel, they may see ads for airlines or vacation packages.
- Ad Delivery: When the user visits a website that participates in the ad network, the ad server selects and displays ads based on the user’s profile.
5. Benefits of Personalized Ads
- Relevance: Personalized ads are more relevant to the user’s interests, making them more likely to engage with the ads.
- Improved User Experience: Users see ads that match their preferences, which can enhance their overall browsing experience.
- Higher Conversion Rates: Advertisers benefit from higher conversion rates as personalized ads are more effective in reaching the target audience.
6. User Control and Privacy
- Cookie Consent: Users are informed about the use of cookies and can choose to accept or reject them through cookie consent banners.
- Managing Preferences: Users can manage their cookie preferences through their browser settings or by using cookie management tools provided by websites.
- Opt-Out Options: Many ad networks provide opt-out options that allow users to opt out of personalized ads. This can usually be done through the ad network’s privacy settings or industry opt-out pages.
Examples of Managing Cookies for Personalized Ads
- Google Ads Settings: Users can manage their ad preferences and opt out of personalized ads through their Google account settings.
- Facebook Ad Preferences: Users can control the types of ads they see on Facebook by adjusting their ad preferences in their account settings.
Impact of Disabling Cookies Disabling cookies may affect the delivery of personalized ads. Users may still see ads, but they will be less relevant to their interests. Additionally, some features of websites may not function properly if cookies are disabled.
Contact Information For more information about how cookies are used for personalized ads, users can contact NEARPLATFORMS at support@nearplatforms.com.
Certainly! Here’s a detailed explanation of how cookies are used for personalized ads:
How Cookies Are Used for Personalized Ads
1. What Are Cookies? Cookies are small text files that are stored on a user’s device when they visit a website. They contain information about the user’s browsing activity and preferences. Cookies can be set by the website the user is visiting (first-party cookies) or by third parties (third-party cookies) that provide content or services on the website, such as advertising networks.
2. Types of Cookies Used for Personalized Ads
- Targeting Cookies: These cookies are specifically used to deliver advertisements that are more relevant to the user’s interests. They track the user’s browsing habits and gather information about their preferences.
- Third-Party Cookies: These cookies are set by third-party advertisers and ad networks. They collect data across multiple websites to build a profile of the user’s interests and deliver targeted ads.
3. How Cookies Collect Data for Personalized Ads Cookies collect various types of data to personalize ads, including:
- Browsing History: Information about the websites and pages the user has visited.
- Search Queries: Data on the search terms the user has entered into search engines.
- Interaction Data: Information about the user’s interactions with ads, such as clicks and views.
- Device Information: Data about the user’s device, such as IP address, browser type, and operating system.
- Location Data: Information about the user’s geographic location, often derived from the IP address.
4. How Personalized Ads Are Delivered
- Data Collection: When a user visits a website, cookies collect data about their browsing activity and preferences.
- Profile Building: The collected data is used to build a profile of the user’s interests and behaviour. This profile is often anonymized and aggregated with data from other users.
- Ad Targeting: Advertisers use the profile to deliver ads that are tailored to the user’s interests. For example, if a user frequently visits websites about travel, they may see ads for airlines or vacation packages.
- Ad Delivery: When the user visits a website that participates in the ad network, the ad server selects and displays ads based on the user’s profile.
5. Benefits of Personalized Ads
- Relevance: Personalized ads are more relevant to the user’s interests, making them more likely to engage with the ads.
- Improved User Experience: Users see ads that match their preferences, which can enhance their overall browsing experience.
- Higher Conversion Rates: Advertisers benefit from higher conversion rates as personalized ads are more effective in reaching the target audience.
6. User Control and Privacy
- Cookie Consent: Users are informed about the use of cookies and can choose to accept or reject them through cookie consent banners.
- Managing Preferences: Users can manage their cookie preferences through their browser settings or by using cookie management tools provided by websites.
- Opt-Out Options: Many ad networks provide opt-out options that allow users to opt out of personalized ads. This can usually be done through the ad network’s privacy settings or industry opt-out pages.
Examples of Managing Cookies for Personalized Ads
- Google Ads Settings: Users can manage their ad preferences and opt out of personalized ads through their Google account settings.
- Facebook Ad Preferences: Users can control the types of ads they see on Facebook by adjusting their ad preferences in their account settings.
Impact of Disabling Cookies
Disabling cookies may affect the delivery of personalized ads. Users may still see ads, but they will be less relevant to their interests. Additionally, some features of websites may not function properly if cookies are disabled.
Contact Information For more information about how cookies are used for personalized ads, users can contact NEARPLATFORMS at support@nearplatforms.com.
Data Backup Policy
1. Purpose
The purpose of this Data Backup Policy is to ensure the integrity, availability, and security of NEAR PLATFORMS’ data by implementing comprehensive backup procedures and protocols. This policy aims to protect against data loss, ensure business continuity, and comply with regulatory requirements.
2. Scope
This policy applies to all data managed by NEAR PLATFORMS, including but not limited to customer data, operational data, and any other critical information. It covers all employees, contractors, and third-party entities involved in data handling and management.
3. Definitions
- Backup: A copy of data stored separately from the original to protect against data loss.
- Recovery: The process of restoring data from a backup.
- Critical Data: Data essential to the operation and integrity of NEAR PLATFORMS.
4. Backup Procedures
4.1 Data Identification
- Identify and classify critical data that requires regular backups.
- Prioritize data based on its importance to business operations.
4.2 Backup Frequency
- Perform daily backups of critical data to ensure minimal data loss.
- Conduct weekly full backups and daily incremental backups for non-critical data to optimize storage and recovery times.
4.3 Backup Storage
- Implement the 3-2-1 backup strategy:
- Maintain three copies of data (one primary and two backups).
- Store backups on two different media types (e.g., disk and cloud) to mitigate risks associated with a single storage medium.
- Keep one backup copy offsite to protect against physical disasters.
4.4 Data Encryption
- Encrypt all backup data using industry-standard encryption methods to protect against unauthorized access and ensure data confidentiality.
4.5 Backup Testing
- Regularly test backups to ensure data integrity and recoverability.
- Conduct quarterly recovery drills to validate the effectiveness of the backup process and identify any potential issues.
5. Data Retention
- Retain daily backups for 30 days to allow for recent data recovery.
- Retain weekly backups for 6 months to provide a longer-term recovery option.
- Retain monthly backups for 1 year to ensure historical data is available for compliance and analysis.
6. Responsibilities
- Assign a Data Backup Administrator responsible for managing and monitoring the backup process, ensuring compliance with this policy.
- Ensure all employees are trained on the importance of data backups and their role in maintaining data integrity.
7. Compliance and Review
- Ensure compliance with relevant data protection regulations and industry standards, including GDPR, HIPAA, and others as applicable.
- Review and update the backup policy annually or as needed to address new risks, technologies, and regulatory changes.
8. Incident Response
- In the event of data loss, initiate the data recovery process as per the incident response plan.
- Document and analyze the incident to identify root causes and implement measures to prevent future occurrences.
9. Privacy Considerations
- Adhere to privacy policies and regulations, ensuring that backup data is handled in accordance with NEAR PLATFORMS’ privacy policy and relevant legal requirements.
- Ensure that personal data included in backups is protected and processed in compliance with applicable data protection laws.
Further Information for Users
1. Data Protection Officer (DPO)
NEARPLATFORMS has appointed a Data Protection Officer (DPO) to oversee compliance with data protection laws and address any concerns or questions users may have about their personal data. Users can contact the DPO for privacy-related inquiries and assistance.
Contact Information for the DPO:
- Email: dpo@nearplatforms.com
- Address: NEAR Platforms, 3636 Prince Mohammed Bin Salman Ibn Abdulaziz, 13516 Hiteen, Riyadh, Saudi Arabia
2. Data Protection Impact Assessments (DPIAs)
NEARPLATFORMS conducts Data Protection Impact Assessments (DPIAs) for processing activities that are likely to result in a high risk to the rights and freedoms of individuals. DPIAs help identify and mitigate potential risks associated with data processing activities.
3. Automated Decision-Making and Profiling
NEARPLATFORMS may use automated decision-making and profiling in certain circumstances. Automated decision-making involves making decisions based solely on automated processing of personal data, without human intervention. Profiling involves analysing personal data to evaluate certain aspects of an individual’s behaviour, preferences, or interests.
User Rights Related to Automated Decision-Making and Profiling:
- Right to Object: Users can object to decisions made solely based on automated processing if they have a significant impact on them.
- Right to Request Human Intervention: Users can request human intervention in automated decision-making processes.
- Right to Understand the Logic: Users can request information about the logic involved in automated decision-making and profiling, as well as the significance and consequences of such processing.
- Data Anonymization and Pseudonymization
NEARPLATFORMS may use anonymization and pseudonymization techniques to protect personal data. Anonymization involves removing or altering personal data so that individuals cannot be identified. Pseudonymization involves replacing identifiable information with pseudonyms to reduce the risk of identification.
- Data Breach Notification
In the event of a data breach, NEARPLATFORMS has procedures in place to detect, respond to, and mitigate the impact of the breach. Users will be notified of data breaches that are likely to result in a high risk to their rights and freedoms.
Notification Details:
- Description of the Breach: Information about the nature of the data breach and the types of personal data affected.
- Consequences: Potential consequences and risks resulting from the data breach.
- Measures Taken: Steps taken by NEARPLATFORMS to address the breach and mitigate its impact.
- Contact Information: Contact details for users to obtain further information and assistance.
- User Feedback and Complaints
NEARPLATFORMS values user feedback and is committed to addressing privacy-related concerns. Users can provide feedback or lodge complaints through the following channels:
- Changes to the Privacy Policy
NEARPLATFORMS may update this privacy policy from time to time to reflect changes in data processing practices, legal requirements, or business operations. Users will be notified of significant changes through email or other communication channels. The updated privacy policy will be posted on the NEARPLATFORMS website, and the effective date will be clearly indicated.
- User Consent and Preferences
Users have the right to manage their consent and preferences regarding the processing of their personal data. NEARPLATFORMS provides tools and options for users to control their data processing preferences.
Managing Consent and Preferences:
- Account Settings: Users can manage their consent preferences through their account settings on the NEARPLATFORMS website or application.
- Contacting Support: Users can also manage their preferences by contacting NEARPLATFORMS support at support@nearplatforms.com.
- International Data Transfers
NEARPLATFORMS may transfer personal data to countries outside the user’s country of residence. When such transfers occur, NEARPLATFORMS ensures that appropriate safeguards are in place to protect the personal data.
Safeguards for International Transfers:
- Standard Contractual Clauses: NEARPLATFORMS uses standard contractual clauses approved by relevant authorities to ensure that personal data transferred outside the user’s country is protected.
- Adequacy Decisions: Transfers may be made to countries that have been deemed to provide an adequate level of data protection by relevant authorities.
- User Consent: In some cases, NEARPLATFORMS may rely on the user’s explicit consent for data transfers.
10. Data Retention NEARPLATFORMS retains personal data for as long as necessary to fulfil the purposes for which it was collected, as outlined in this privacy policy. The retention periods vary depending on the type of data and the purposes of processing.
Retention Periods:
- Account Information: Retained for the duration of the user’s account and up to 6 months after account deletion to comply with legal obligations and resolve disputes.
- Usage Data: Retained for up to 2 years to analyse usage patterns and improve services.
- Transaction Data: Retained for 7 years to comply with financial and tax regulations.
- Communication Data: Retained for up to 1 year to manage customer support inquiries and improve service quality.
Secure Deletion: Once the retention period expires, NEARPLATFORMS will securely delete or anonymize personal data to prevent unauthorized access and use.
Transfer of Personal Data Outside of the European Union
1. General Information
We may transfer your personal data to countries outside of the European Union (EU) and the European Economic Area (EEA). These countries may not have the same data protection laws as your country of residence. However, we are committed to ensuring that your personal data is protected and that any transfer complies with applicable data protection laws, including the General Data Protection Regulation (GDPR).
2. Adequacy Decisions
When transferring personal data to countries outside the EU/EEA, we may rely on adequacy decisions made by the European Commission. These decisions recognize that certain countries provide an adequate level of data protection, ensuring that your personal data is safeguarded.
3. Standard Contractual Clauses
In the absence of an adequacy decision, we may use standard contractual clauses (SCCs) approved by the European Commission. These clauses are contractual commitments between us and the recipient of your personal data, ensuring that your data is protected with the same level of security and privacy as within the EU/EEA.
4. Binding Corporate Rules
For intra-group transfers within our organization, we may implement binding corporate rules (BCRs). BCRs are internal policies that ensure all entities within our organization adhere to the same high standards of data protection, regardless of where the data is processed.
5. Additional Safeguards
In addition to the measures mentioned above, we may implement additional safeguards to protect your personal data, such as:
- Encryption: Ensuring that your data is encrypted during transfer to prevent unauthorized access.
- Access Controls: Limiting access to your personal data to authorized personnel only.
- Regular Audits: Conducting regular audits and assessments to ensure compliance with data protection standards.
6. Your Rights
You have the right to request more information about the safeguards we have in place for transfers of your personal data outside of the EU/EEA. You can contact us at [contact information] for further details. Additionally, you have the right to lodge a complaint with a supervisory authority if you believe that your data protection rights have been violated.
Transfer of Personal Data Outside of the United Kingdom
1. General Information
We may transfer your personal data to countries outside of the United Kingdom (UK). These countries may not have the same data protection laws as the UK. However, we are committed to ensuring that your personal data is protected and that any transfer complies with applicable data protection laws, including the UK General Data Protection Regulation (UK GDPR).
2. Adequacy Decisions
When transferring personal data to countries outside the UK, we may rely on adequacy decisions made by the UK government. These decisions recognize that certain countries provide an adequate level of data protection, ensuring that your personal data is safeguarded.
3. Standard Contractual Clauses
In the absence of an adequacy decision, we may use standard contractual clauses (SCCs) approved by the UK Information Commissioner’s Office (ICO). These clauses are contractual commitments between us and the recipient of your personal data, ensuring that your data is protected with the same level of security and privacy as within the UK.
4. Binding Corporate Rules
For intra-group transfers within our organization, we may implement binding corporate rules (BCRs). BCRs are internal policies that ensure all entities within our organization adhere to the same high standards of data protection, regardless of where the data is processed.
5. Additional Safeguards
In addition to the measures mentioned above, we may implement additional safeguards to protect your personal data, such as:
- Encryption: Ensuring that your data is encrypted during transfer to prevent unauthorized access.
- Access Controls: Limiting access to your personal data to authorized personnel only.
- Regular Audits: Conducting regular audits and assessments to ensure compliance with data protection standards.
6. Your Rights
You have the right to request more information about the safeguards we have in place for transfers of your personal data outside of the UK. You can contact us at [contact information] for further details. Additionally, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you believe that your data protection rights have been violated.
Further Information for Users in Switzerland
1. General Information
We are committed to protecting the privacy and personal data of our users in Switzerland. This section provides additional information on how we handle personal data in compliance with the Swiss Federal Act on Data Protection (FADP).
2. Data Transfers
Your personal data may be transferred to countries outside of Switzerland. These countries may not have the same data protection laws as Switzerland. However, we will ensure that any transfer of your personal data complies with applicable data protection laws and that your data is protected as described in this Privacy Policy.
3. Adequacy Decisions
When transferring personal data to countries outside Switzerland, we may rely on adequacy decisions made by the Swiss Federal Data Protection and Information Commissioner (FDPIC). These decisions recognize that certain countries provide an adequate level of data protection, ensuring that your personal data is safeguarded.
4. Standard Contractual Clauses
In the absence of an adequacy decision, we may use standard contractual clauses (SCCs) approved by the FDPIC. These clauses are contractual commitments between us and the recipient of your personal data, ensuring that your data is protected with the same level of security and privacy as within Switzerland.
5. Binding Corporate Rules
For intra-group transfers within our organization, we may implement binding corporate rules (BCRs). BCRs are internal policies that ensure all entities within our organization adhere to the same high standards of data protection, regardless of where the data is processed.
6. Additional Safeguards
In addition to the measures mentioned above, we may implement additional safeguards to protect your personal data, such as:
- Encryption: Ensuring that your data is encrypted during transfer to prevent unauthorized access.
- Access Controls: Limiting access to your personal data to authorized personnel only.
- Regular Audits: Conducting regular audits and assessments to ensure compliance with data protection standards.
7. Your Rights
You have the right to access, correct, or delete your personal information. You can also object to or restrict the processing of your information. Additionally, you have the right to lodge a complaint with the FDPIC if you believe that your data protection rights have been violated.
Further Information for Users in Brazil
This section of the document integrates with and supplements the information contained in the rest of the privacy policy and is provided by NEARPLATFORMS and, if applicable, its parent, subsidiaries, and affiliates (collectively referred to as “we”, “us”, “our”). This section applies to all Users in Brazil (referred to below as “you”, “your”, “yours”), according to the “Lei Geral de Proteção de Dados” (the “LGPD”), and for such Users, it supersedes any other possibly divergent or conflicting information contained in the privacy policy. This part of the document uses the term “personal information” as it is defined in the LGPD.
The Grounds on Which We Process Your Personal Information
We can process your personal information solely if we have a legal basis for such processing. Legal bases are as follows:
- Your consent to the relevant processing activities;
- Compliance with a legal or regulatory obligation that lies with us;
- The carrying out of public policies provided in laws or regulations or based on contracts, agreements, and similar legal instruments;
- Studies conducted by research entities, preferably carried out on anonymized personal information;
- The carrying out of a contract and its preliminary procedures, in cases where you are a party to said contract;
- The exercising of our rights in judicial, administrative, or arbitration procedures;
- Protection or physical safety of yourself or a third party;
- The protection of health – in procedures carried out by health entities or professionals;
- Our legitimate interests, provided that your fundamental rights and liberties do not prevail over such interests; and
- Credit protection.
Categories of Personal Information Processed
To find out what categories of your personal information are processed, you can read the section titled “Detailed information on the processing of Personal Data” within this document.
Why We Process Your Personal Information
To find out why we process your personal information, you can read the sections titled “Detailed information on the processing of Personal Data” and “The purposes of processing” within this document.
Your Brazilian Privacy Rights, How to File a Request, and Our Response to Your Requests
Your Brazilian Privacy Rights
You have the right to:
- Obtain confirmation of the existence of processing activities on your personal information;
- Access your personal information;
- Have incomplete, inaccurate, or outdated personal information rectified;
- Obtain the anonymization, blocking, or elimination of your unnecessary or excessive personal information, or of information that is not being processed in compliance with the LGPD;
- Obtain information on the possibility to provide or deny your consent and the consequences thereof;
- Obtain information about the third parties with whom we share your personal information;
- Obtain, upon your express request, the portability of your personal information (except for anonymized information) to another service or product provider, provided that our commercial and industrial secrets are safeguarded;
- Obtain the deletion of your personal information being processed if the processing was based upon your consent, unless one or more exceptions provided for in art. 16 of the LGPD apply;
- Revoke your consent at any time;
- Lodge a complaint related to your personal information with the ANPD (the National Data Protection Authority) or with consumer protection bodies;
- Oppose a processing activity in cases where the processing is not carried out in compliance with the provisions of the law;
- Request clear and adequate information regarding the criteria and procedures used for an automated decision; and
- Request the review of decisions made solely on the basis of the automated processing of your personal information, which affect your interests. These include decisions to define your personal, professional, consumer, and credit profile, or aspects of your personality.
You will never be discriminated against, or otherwise suffer any sort of detriment, if you exercise your rights.
How to File Your Request
You can file your express request to exercise your rights free from any charge, at any time, by using the contact details provided in this document, or via your legal representative.
How and When We Will Respond to Your Request
We will strive to promptly respond to your requests. In any case, should it be impossible for us to do so, we’ll make sure to communicate to you the factual or legal reasons that prevent us from immediately, or otherwise ever, complying with your requests. In cases where we are not processing your personal information, we will indicate to you the physical or legal person to whom you should address your requests, if we are in the position to do so.
In the event that you file an access or personal information processing confirmation request, please make sure that you specify whether you’d like your personal information to be delivered in electronic or printed form. You will also need to let us know whether you want us to answer your request immediately, in which case we will answer in a simplified fashion, or if you need a complete disclosure instead.
In the latter case, we’ll respond within 15 days from the time of your request, providing you with all the information on the origin of your personal information, confirmation on whether or not records exist, any criteria used for the processing, and the purposes of the processing, while safeguarding our commercial and industrial secrets.
In the event that you file a rectification, deletion, anonymization, or personal information blocking request, we will make sure to immediately communicate your request to other parties with whom we have shared your personal information in order to enable such third parties to also comply with your request – except in cases where such communication is proven impossible or involves disproportionate effort on our side.
Transfer of Personal Information Outside of Brazil Permitted by the Law
We are allowed to transfer your personal information outside of the Brazilian territory in the following cases:
- When the transfer is necessary for international legal cooperation between public intelligence, investigation, and prosecution bodies, according to the legal means provided by international law;
- When the transfer is necessary to protect your life or physical security or those of a third party;
- When the transfer is authorized by the ANPD;
- When the transfer results from a commitment undertaken in an international cooperation agreement;
- When the transfer is necessary for the execution of a public policy or legal attribution of public service;
- When the transfer is necessary for compliance with a legal or regulatory obligation, the carrying out of a contract or preliminary procedures related to a contract, or the regular exercise of rights in judicial, administrative, or arbitration procedures.
Further Information for Users in the United States
This section of the document integrates with and supplements the information contained in the rest of the privacy policy and is provided by NEARPLATFORMS and, if applicable, its parent, subsidiaries, and affiliates (collectively referred to as “we”, “us”, “our”). This section applies to all Users in the United States (referred to below as “you”, “your”, “yours”), according to the applicable state privacy laws, and for such Users, it supersedes any other possibly divergent or conflicting information contained in the privacy policy. This part of the document uses the term “personal information” as it is defined in the relevant state privacy laws.
Notice at Collection
The following Notice at Collection provides you with timely notice about the categories of personal information collected or disclosed in the past 12 months so that you can exercise meaningful control over our use of that information. The categories of personal information we collect include:
- Identifiers (e.g., name, email address, phone number)
- Commercial information (e.g., transaction history)
- Audio, electronic, visual, thermal, olfactory, or similar information
- Employment-related information
- Inferences drawn from other personal information
- Internet or other electronic network activity information
- Geolocation data
Sources of Personal Information
We collect the above-mentioned categories of personal information, either directly or indirectly, from you when you use our services. For example, you directly provide your personal information when you submit requests via any forms on our platform. You also provide personal information indirectly when you navigate our platform, as personal information about you is automatically observed and collected. Additionally, we may collect your personal information from third parties that work with us in connection with the service or with the functioning of our platform and features thereof.
Your Privacy Rights Under US State Laws
You may exercise certain rights regarding your personal information. In particular, to the extent permitted by applicable law, you have:
- The right to access personal information: You have the right to request that we confirm whether or not we are processing your personal information. You also have the right to access such personal information.
- The right to correct inaccurate personal information: You have the right to request that we correct any inaccurate personal information we maintain about you.
- The right to request the deletion of your personal information: You have the right to request that we delete any of your personal information.
- The right to obtain a copy of your personal information: We will provide your personal information in a portable and usable format that allows you to transfer data easily to another entity, provided that this is technically feasible.
- The right to opt out from the sale of your personal information: We will not discriminate against you for exercising your privacy rights.
- The right to non-discrimination: You have the right to not be discriminated against for exercising your privacy rights.
Additional Rights for Users Residing in California
In addition to the rights listed above common to all Users in the United States, as a User residing in California, you have:
- The right to opt out of the sharing of your personal information for cross-context behavioural advertising.
- The right to request to limit our use or disclosure of your sensitive personal information to only that which is necessary to perform the services or provide the goods, as is reasonably expected by an average consumer. Please note that certain exceptions outlined in the law may apply, such as when the collection and processing of sensitive personal information is necessary to verify or maintain the quality or safety of our service.
Additional Rights for Users Residing in Virginia, Colorado, Connecticut, Texas, Oregon, and Montana
In addition to the rights listed above common to all Users in the United States, as a User residing in Virginia, Colorado, Connecticut, Texas, and Oregon, you have:
- The right to opt out of the processing of your personal information for targeted advertising or profiling in furtherance of decisions that produce legal or similarly significant effects concerning you.
- The right to freely give, deny, or withdraw your consent for the processing of your sensitive personal information. Please note that certain exceptions outlined in the law may apply, such as when the collection and processing of sensitive personal information is necessary for the provision of a product or service specifically requested by the consumer.
Additional Rights for Users Residing in Utah
In addition to the rights listed above common to all Users in the United States, as a User residing in Utah, you have:
- The right to opt out of the processing of your personal information for targeted advertising.
- The right to opt out of the processing of your sensitive personal information. Please note that certain exceptions outlined in the law may apply, such as when the collection and processing of sensitive personal information is necessary for the provision of a product or service specifically requested by the consumer.
How to Exercise Your Privacy Rights Under US State Laws
To exercise the rights described above, you need to submit your request to us by contacting us via the contact details provided in this document. For us to respond to your request, we must know who you are. We will not respond to any request if we are unable to verify your identity and therefore confirm the personal information in our possession relates to you. You are not required to create an account with us to submit your request. We will use any personal information collected from you in connection with the verification of your request solely for verification and shall not further disclose the personal information, retain it longer than necessary for purposes of verification, or use it for unrelated purposes. If you are an adult, you can make a request on behalf of a child under your parental authority.
How to Exercise Your Rights to opt Out
In addition to what is stated above, to exercise your right to opt out of the sale or sharing and targeted advertising, you can also use the privacy choices link provided on our platform. If you want to submit requests to opt out of sale or sharing and targeted advertising activities via a user-enabled global privacy control, such as the Global Privacy Control (GPC), you are free to do so and we will abide by such request in a frictionless manner.
How and When We Are Expected to Handle Your Request
We will respond to your request without undue delay, but in all cases within the timeframe required by applicable law. Should we need more time, we will explain to you the reasons why and how much more time we need. Should we deny your request, we will explain to you the reasons behind our denial (where envisaged by applicable law you may then contact the relevant authority to submit a complaint). We do not charge a fee to process or respond to your request unless such request is manifestly unfounded or excessive and in all other cases where it is permitted by the applicable law. In such cases, we may charge a reasonable fee or refuse to act on the request. In either case, we will communicate our choices and explain the reasons behind them.
Additional Information for Users in the United States
Collection of Personal Information about California Consumers Aged 13 to 16
We collect personal information of consumers between the age of 13 and 16 and won’t sell or share their personal information unless those consumers have opted in.
Additional Information about Data Collection and Processing
Legal Action
Your personal data may be used for legal purposes by us in court or in the stages leading to possible legal action arising from improper use of our platform or the related services. You declare to be aware that we may be required to reveal personal data upon request of public authorities.
Additional Information about Your Personal Data
In addition to the information contained in this privacy policy, we may provide you with additional and contextual information concerning particular services or the collection and processing of personal data upon request.
System Logs and Maintenance
For operation and maintenance purposes, our platform and any third-party services may collect files that record interaction with our platform (system logs) or use other personal data (such as the IP address) for this purpose.
Information Not Contained in This Policy
More details concerning the collection or processing of personal data may be requested from us at any time. Please see the contact information at the beginning of this document.
Changes to This Privacy Policy
We reserve the right to make changes to this privacy policy at any time by notifying you on this page and possibly within our platform and/or – as far as technically and legally feasible – sending a notice to you via any contact information available to us. It is strongly recommended to check this page often, referring to the date of the last modification listed at the bottom. Should the changes affect processing activities performed on the basis of your consent, we shall collect new consent from you, where required.
Further Information for Users in Saudi Arabia
This section of the document integrates with and supplements the information contained in the rest of the privacy policy and is provided by NEARPLATFORMS and, if applicable, its parent, subsidiaries, and affiliates (collectively referred to as “we”, “us”, “our”). This section applies to all Users in Saudi Arabia (referred to below as “you”, “your”, “yours”), according to the Personal Data Protection Law (PDPL) of the Kingdom of Saudi Arabia, and for such Users, it supersedes any other possibly divergent or conflicting information contained in the privacy policy. This part of the document uses the term “personal information” as it is defined in the PDPL.
Responsibilities as Data Controller and Processor
As an organization operating within or providing services to individuals in the Kingdom of Saudi Arabia, we assume dual roles as both Data Controller and Data Processor under the PDPL:
- Data Controller: We determine the purposes and means of processing personal data, ensuring it is collected for specific, explicit, and legitimate purposes and not further processed in a manner incompatible with those purposes.
- Data Processor: We act on behalf of and under the instruction of the Data Controller, implementing appropriate technical and organizational measures to safeguard personal data and ensuring processing activities meet the requirements of the PDPL.
Legal Basis for Processing Personal Data
Under the PDPL, personal data may only be processed when there is a lawful basis to do so. We process personal data based on the following legal grounds:
- Consent: We obtain explicit consent from individuals before processing their personal data unless the processing is necessary for the performance of a contract or is required by law. Consent is sought in a clear and transparent manner, allowing individuals to make an informed decision.
- Contractual Necessity: Processing is necessary for the performance of a contract to which the data subject is a party, including fulfilling contractual obligations such as delivering services or products requested by the individual.
- Legal Obligations: We may process personal data when it is necessary to comply with legal obligations imposed by the laws of the Kingdom of Saudi Arabia, including processing related to employment, tax, or regulatory requirements.
- Public Interest or Official Authority: Processing may be carried out if it is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us, such as processing for purposes related to public safety, health, or governmental functions.
Rights of Data Subjects under the PDPL
The PDPL grants data subjects specific rights regarding their personal data. We are committed to upholding these rights and providing mechanisms for individuals to exercise them effectively:
- Right to Access: Data subjects have the right to request and obtain information about the personal data we hold about them, including details about the data we process, the purposes of processing, and any third parties with whom the data is shared.
- Right to Rectification: Individuals can request the correction of inaccurate or incomplete personal data. We will take prompt action to rectify any errors or inaccuracies to ensure that the data we hold is accurate and up-to-date.
- Right to Erasure (Right to be Forgotten): Data subjects have the right to request the deletion of their personal data when it is no longer necessary for the purposes for which it was collected, or when consent has been withdrawn. We will comply with such requests unless there is a legitimate reason to retain the data, such as legal obligations.
- Right to Restrict Processing: Individuals can request the restriction of processing in certain circumstances, such as when they contest the accuracy of the data or object to the processing. During the period of restriction, we will limit the processing of the data to storage unless consent is provided for further processing.
- Right to Object: Data subjects have the right to object to the processing of their personal data, particularly in cases involving direct marketing or processing based on legitimate interests or public interest. We will cease processing the data unless there are compelling legitimate grounds to continue.
Transfer of Personal Data Outside the Kingdom of Saudi Arabia
The PDPL imposes strict conditions on the transfer of personal data outside the Kingdom of Saudi Arabia. To ensure compliance with these conditions, we adhere to the following practices:
- Adequate Protection: Before transferring personal data to a foreign country, we ensure that the recipient country has an adequate level of data protection comparable to the PDPL. This involves assessing the data protection laws and practices of the recipient country.
- Data Transfer Agreements: In cases where the recipient country does not offer adequate protection, we enter into legally binding agreements with the receiving party to ensure that appropriate safeguards are in place. These agreements are designed to protect the rights and freedoms of data subjects and ensure compliance with the PDPL.
- Explicit Consent: When necessary, we obtain explicit consent from the data subject before transferring their personal data outside the Kingdom. This consent is obtained after informing the individual of the potential risks associated with the transfer.
Data Breach Notification and Response
In the event of a personal data breach that could result in harm to data subjects, the PDPL requires us to take immediate action. Our data breach response procedures include:
- Incident Detection and Reporting: We have implemented systems and processes to detect potential data breaches promptly. Once a breach is identified, it is reported to our data protection team for investigation.
- Notification to Authorities: If the breach is likely to result in serious harm to data subjects, we are required to notify the competent authorities in the Kingdom of Saudi Arabia without undue delay. We will provide detailed information about the breach, including its nature, the categories of data affected, and the steps taken to mitigate its impact.
- Communication with Affected Individuals: We will notify the affected data subjects if the breach is likely to result in significant harm to them. This communication will include details about the breach, potential consequences, and recommended measures to protect themselves.
Data Retention and Deletion Policies
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected or as required by law. Our data retention practices include:
- Purpose Limitation: Personal data is retained only for the duration necessary to achieve the purposes for which it was collected. Once the data is no longer needed, it is securely deleted or anonymized.
- Legal Requirements: In some cases, we may be required to retain personal data for a longer period to comply with legal obligations, such as record-keeping, tax, or regulatory requirements. In these instances, the data will be protected with appropriate security measures.
- Data Deletion Requests: Data subjects have the right to request the deletion of their personal data. We will assess such requests on a case-by-case basis and take appropriate action in accordance with the PDPL.
Updates and Revisions to This Section
We may update this section of our Privacy Policy to reflect changes in the Kingdom of Saudi Arabia’s PDPL, our data processing practices, or as required by law:
- Notification of Changes: Any updates or revisions to this section will be communicated to data subjects in a timely and transparent manner. We may do this through email notifications, website updates, or other appropriate means.
- Review and Compliance: We regularly review our data protection practices to ensure ongoing compliance with the PDPL. This includes assessing our policies, procedures, and controls to address any new legal requirements or emerging risks.
Additional Information about Data Collection and Processing
1. Types of Data Collected
NEAR Platforms collects a wide range of personal data to provide and enhance its services. The types of data collected include:
- Account Information: This includes names, contact details, account IDs, billing and transaction information.
- Profile and Participant Information: Usernames, display names, email addresses, phone numbers, job information, and user IDs.
- Usage Data: Information on how users interact with the platform, including device information, IP addresses, and activity logs.
- Contact Information: Details added by users to create contact lists or imported from third-party apps.
- Settings and Preferences: Audio and video settings, screen sharing settings, and other configuration details.
- Registration Information: Data provided during registration for services, such as names, contact details, and responses to registration questions.
2. Methods of Data Collection
Data is collected through various means:
- Directly from Users: When users provide information through forms, account creation, or direct communication.
- Automatically: Through the use of cookies, tracking technologies, and during the use of the platform’s services.
- Third-Party Integrations: Data imported from third-party applications or services integrated with NEAR Platforms.
3. Purposes of Data Processing
The collected data is processed for multiple purposes, including:
- Service Provision: To provide and improve NEAR Platforms’ services, ensuring a seamless user experience.
- Security and Compliance: To maintain the security of the platform and comply with legal obligations.
- Personalization: To tailor the user experience based on individual preferences and usage patterns.
- Communication: To send notifications, updates, and respond to user inquiries.
4. Data Sharing and Disclosure
NEAR Platforms may share personal data with:
- Service Providers: Third-party vendors who assist in providing services, such as hosting, data analysis, and customer support.
- Legal Authorities: When required by law or to protect the rights and safety of users and the platform.
- Business Transfers: In the event of a merger, acquisition, or sale of assets, user data may be transferred to the new entity.
5. Data Security and Retention
NEAR Platforms implements robust security measures to protect personal data from unauthorized access, disclosure, or destruction. Data is retained only as long as necessary to fulfill the purposes for which it was collected or as required by law. Users have the right to request the deletion or correction of their data.
6. User Rights and Choices
Users have several rights regarding their personal data, including:
- Access and Correction: The right to access their data and request corrections.
- Deletion: The right to request the deletion of their data.
- Objection and Restriction: The right to object to data processing or request restrictions.
- Data Portability: The right to receive their data in a portable format.
7. International Data Transfers
Data may be transferred to and processed in countries outside the user’s home country. NEAR Platforms ensures that such transfers comply with applicable data protection laws and that appropriate safeguards are in place.
8. Specific Data Collection Practices
- Cookies and Tracking Technologies: NEAR Platforms uses cookies and similar technologies to collect data about user interactions with the platform. This helps in improving the service and providing personalized experiences.
- Third-Party Services: Data may be collected through third-party services integrated with NEAR Platforms, such as payment processors and analytics providers.
- User-Generated Content: Information provided by users in forums, chats, or other interactive features may be collected and processed.
9. Legal Basis for Processing
The processing of personal data by NEAR Platforms is based on several legal grounds, including:
- User Consent: Data is processed based on the user’s explicit consent.
- Contractual Necessity: Data processing is necessary for the performance of a contract with the user.
- Legal Obligations: Data is processed to comply with legal requirements.
- Legitimate Interests: Data processing is carried out to pursue legitimate interests of NEAR Platforms, provided these interests do not override the user’s rights.
10. Data Protection Measures
NEAR Platforms employs various technical and organizational measures to ensure the security of personal data. This includes encryption, access controls, and regular security assessments.
11. Data Breach Response
In the event of a data breach, NEAR Platforms has procedures in place to promptly address and mitigate the impact. Users will be notified if their data is affected, and appropriate measures will be taken to prevent future breaches.
12. Updates to Privacy Practices
NEAR Platforms may update its privacy practices from time to time. Users will be informed of significant changes through notifications on the platform or via email.