WIDGETBOX POLICY
Last modified: December 2nd 2022
This privacy policy (“Privacy Policy” or “Policy”) governs the data processing practices of FireArc(“Company”, “we”, “us”, or “our”) “) when you use our mobile application available for download on App Store: LINK or on Google Play: LINK (“Apps”) and the services and provided through the Apps (collectively the App and the services will be defined herein after as the “Services”).
This Privacy Policy constitutes an integral part of our Terms of Use (“Terms”), and it governs the data collection, process and transfer in respect with our Services, all in accordance with the relevant data protection and privacy laws and regulations, including, if relevant to the user’s jurisdiction, the EU General Data Protection Regulation (“GDPR”), the California Consumer Privacy Act (“CCPA”) and any other applicable privacy laws and regulations. Definitions used herein but not defined herein shall have the meaning ascribed to them in our Terms.
If you are a California or Colorado resident, we recommend you to review our CCPA Privacy Notice.
This Privacy Policy does not cover your interaction with third-party content available in through the Service, this Privacy Policy may be different from third parties’ privacy practices and we shall not be liable or responsible for the acts of those third parties.
POLICY AMENDMENTS:
We reserve the right to amend this Policy from time to time, at our sole discretion. The most recent version of the Policy will always be posted on the website. The updated date of the Policy will be reflected in the “Last Modified” heading. We will provide notice if these changes are material and, where required by applicable law, we will obtain your consent. Any amendments to the Policy will become effective within 30-days upon the display of the modified Policy. We recommend you to review this Policy periodically to ensure that you understand our most updated privacy practices.
CONTACT INFORMATION AND DATA CONTROLLER INFORMATION:
FireArc Ltd. is incorporated under the laws of the State of Israel, is the data controller of (as such term is defined under the GDPR or equivalent privacy legislation).
For any question, inquiry or concern related to this Privacy Policy or the processing of your Personal Data, you may contact our privacy team as follows:
- Data Protection Officer: Eran Heres
10 ABA EVEN Blvd., Building C, Herzliya, 4672528, Israel
Tel: +972-73-2300100
WHAT INFORMATION DO WE COLLECT AND HOW DO WE USE IT?
Non-Personal Data
During your interaction with our Services we may collect aggregated, non-personal non-identifiable information which may be made directly or indirectly through your use of the Services (“Non-Personal Data“). We are not aware of the identity of the user from which the Non-Personal Data is collected. The Non-Personal Data which is being collected may include your aggregated usage information and technical information transmitted by your device, such as: browser version, operating system type and version, mobile network information, internet service provider, mobile carrier, device settings, etc.
Personal Data
We may also collect from you, during your access or interaction with the Services, individually identifiable information, namely information that identifies an individual or may with reasonable effort be used to identify an individual (“Personal Data” or “Personal Information”).
For avoidance of doubt, any Non-Personal Data connected or linked to any Personal Data shall be deemed as Personal Data as long as such connection or linkage exists.
We do not knowingly collect or process any Personal Data constituting or revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning a person’s health or data concerning a person’s sex life or sexual orientation (“Special Categories of Personal Data”).
The following table describes the Personal Data we may process if you install our Apps and use our Services:
| DATA SETS | PURPOSE AND OPERATIONS | LAWFUL BASIS UNDER THE GDPR |
| Contact Information:If you voluntarily contact us for support or other inquiries, you may be required to provide us with certain information such as your name, email address, etc. | We process such data to provide you with the support you requested or to respond to your inquiry.The correspondence with you may be processed and stored by us in order to improve our customer service and in the event, we believe it is required to continue to store it, for example, in the event of any claims or in order to provide you with any further assistance (if applicable). | We process such information based on our legitimate interest. Unless you are contacting us for support, in which providing support is part of our contractual obligations to you. |
| Online Identifiers:When you install the Apps and use or interact with our Services, we collect your Internet Protocol (“IP”) address or similar unique online identifiers generated, Google or Apple advertising ID, tags (“Online Identifiers”). | We use the unique identifier we assigned to you during the installation to validate you are a person and to know how many individuals install our App. In addition, we process such data to provide you our Services and to enable the operation of the Services and for security and fraud prevention purposes (i.e., to prevent or to be able to address any errors or technical issues in our Services).We use the Online Identifiers, advertising ID, for tracking and provide you with personalized ads. | Where we collect such data for operation and security, we process your data based on our legitimate interest.Where we use the Online Identifiers for personalized ads and tracking it will be based on your consent provided through the App’s organic permissions. You can typically reset these numbers through the settings of your device’s operating system (but we do not control this). |
| Usage Data: When you install the Apps we may further collect information related to your use and interaction with our Service such as referring app or URL (meaning the apps and website you were referred to our App from), pages viewed, access time and date, the features and content you interact with, conversions and your interaction with ads, social media related information, your purchase and transaction history, etc. | The Usage Data is used to operate and improve the Services correct any error in the Apps. We may use such data for internal analytics and measurement to understand how our Services are used, so that we can improve it and to provide you with personalized interface (e.g., we may ask you through questionnaires what is your favorite pose to take a picture in order to analyze your interests and preferences and to offer you next time a personalized feature). We also use data about the ads you interact with to help advertisers understand the performance of their ad campaigns and provide them with reports. | Where we process the Usage Data subject to our contractual obligations with you, to enable the operation of the Apps and to improve our Services. Other purposes, such as operational and security, are based on our legitimate interest.Where we collect such data for analytic and advertising purposes, we process the data based on your consent provided through the onboarding permissions. |
| Location:Based on the IP address or other information we may obtain such as zip code, we can approximately know your location. | We use this information for language preference and contextual advertisement ads based on your general location. | Our legitimate interest. |
| Account Information: To become a premium user you will need to create an account by providing us with your email address. You represent and warrant that you will not provide us with inaccurate, misleading or false information. | We will use this data in order to create you an account, provide you with account management, support and to provide the Services as well as to send you needed information related to our Services and which related to our business engagement (e.g., send you a welcome message, notify you regarding any updates to our Services, send applicable invoices, etc.) and additional occasional communications and updates related to the Services, as well as promotional and marketing emails (“Direct Marketing”). We may also use the information to authenticate you. | We process such data for the purpose of performing our contract with you, to provide the Services and to designate your account. |
| Chat: While using our App or Services, you are able to upload your comments, share your thoughts and communicate with other users via the WidgetBox chat (“Chat Content“). The Chat is produced by you and other users of the Services, as opposed to content generated by us. The Chat may include images, photos, comments, texts, opinions and feedback provided by you and by other users of the App and Services. While we cannot prevent you from doing so, we still do not use Personal Data Chat Content for purposes other than providing our Service. | Fire Arc: is the chat data hashed? Stored? Please advise. | We process such data to perform our contract with you. |
| Transaction Information:When you decide to make a purchase on our App The payment is processed by Apple Pay . We do not keep any payment information, we just know you made the payment. | We will use third party payment processors, any transactions that are processed by these third party payment processors will be governed by their policies. | We process such data for the purpose of performing our contract with you and will enable you to use our Services. |
| Marketing Activities: We may show you advertisements on our Service, and send you emails for marketing purposes. For this we process your email or Online Identifiers, and our third party advertisers will use the tracking technology to personalize the ads. | We process your personal data for our marketing campaigns. As a result, you will receive information about our products, such as, for example, special offers or new features and products available on the Service. | We process such data subject to your consent. You may opt-out at any time through the “unsubscribe” link in the footer within the email or by contacting us directly. |
We use various technologies to collect and store the information listed above, including cookies, pixel tags, local storage, databases and server logs. We use different technologies to process your information listed above, for the purposes listed above.
Therefore, the actual processing operation per each purpose of use and lawful basis detailed in the table above, may differ. Such processing operation usually includes set of operations, made by automated means, such as collection, storage, use, disclosure by transmission, erasure or destruction. Transfer of Personal Data to third party countries as further detailed in the International Data Transfer section is based on the same lawful basis as stipulated in the table above.
In addition, we may use certain Personal Data to prevent potentially prohibited or illegal activities, fraud, misappropriation, infringements, identity thefts and any other misuse of the Services and to enforce our policies and agreements, as well as to protect the security or integrity of our databases and the Services, and to take precautions against legal liability. Such processing is based on our legitimate interests.
HOW WE COLLECT INFORMATION
Depending on the nature of your interaction with the Services, we may collect information as follows:
- Automatically – we may collect directly or indirectly (i.e., by getting access permissions to certain process and information stored in your mobile device) gather information automatically, such as Non-Personal Information as well as Online Identifiers.
- Provided by you voluntarily – we will collect Personal Data if you choose to register or if you contact us for support, make a purchase or any information you uploaded to the App by you.
TRACKING TECHNOLOGIES
We use “cookies” and similar tracking technologies such as software developer kits (“SDK“) on our App and Services. A cookie is a small text file that a website places and stores on your device while you are viewing a website. Cookies are very helpful and can be used for various purposes. These purposes include: (i) allowing you to navigate between pages efficiently; (ii) enabling automatic activation of certain features; (iii) remembering your preferences; and (iv) making the interaction between you and our services quicker and easier. The SDKs create the opportunity to enhance t App with more functionality
| Cookie/SDK | Purpose | Privacy Policy |
| Google Analytics | Analytical & Measurement | www.google.com/policies/privacy/partnershttps://policies.google.com/technologies/managing?hl=en https://tools.google.com/dlpage/gaoptoutFor additional information regarding our use of Google products, click here. |
| Amplitude | Analytical & Measurement | https://amplitude.com/privacy |
| Appsflyer | Analytical & Measurement | https://www.appsflyer.com/legal/privacy-policy/ To opt out: https://www.appsflyer.com/legal/opt-out/ |
| Amazon | Operational & Essential | https://www.amazon.com/gp/help/customer/display.html?nodeId=GX7NJQ4ZB8MHFRNJ |
| Apple | Operational & Essential | https://www.apple.com/legal/privacy/en-ww/ |
| Meta Platforms | Analytical & Measurement & Marketing | https://www.facebook.com/privacy/policy/ |
| RevenueCat | Analytical & Measurement | https://www.revenuecat.com/privacy/ |
| FireBase | Operational & Essential | https://firebase.google.com/support/privacy/ |
SHARING DATA – CATEGORIES OF RECIPIENTS WE SHARE PERSONAL DATA WITH:
We share your Personal Data with third parties, including with business partners or service providers that help us provide our Services. You can find here information about the categories of such third-party recipients.
| CATEGORY OF RECIPIENT | DATA THAT WILL BE SHARED | PURPOSE OF SHARING |
| Within the Company group | All types of data | We may share information about you with other members within the Company group as part of internal engagements and the related entities (applications, extensions, website, etc.) where we believe, for example, your inquiry is applicable to such entity or where required to meet our legal and regulatory obligations around the group or to offer relevant services and products that may interest you. |
| Advertisers | Advertising ID | We share this data with our advertising partners, so they will be able to place ads that best suit such user. |
| Service providers | All types of Personal Data | We employ other companies and individuals to perform functions on our behalf. Examples include: sending communications, processing payments, assessing credit and compliance risks, analyzing data, providing marketing and sales assistance (including advertising and event management), identifying errors and crashes, conducting customer relationship management, and providing training. These third-party service providers have access to Personal Data needed to perform their functions, but they are prohibited from using your Personal Data for any purposes other than providing us with requested services. |
| Compelled disclosure | Subject to your request | We may share Personal Data, in the event you request us to do so. In such event, the provisions of your Personal Data will be subject to such third parties’ policies and practices only. |
| Enforcement Of Our Rights and Security Detections. | All types of Personal Data | We may disclose Personal Data to enforce our policies and agreements, as well as defend our rights, including the investigation of potential violations thereof, alleged illegal activity or any other activity that may expose us, you, or other users to legal liability, and solely to the extent required. In addition, we may disclose Personal Data to detect, prevent, or otherwise address fraud, security, or technical issues, solely to the extent required. |
| Any Acquirer of Our Business | All types of Personal Data | We may share Personal Data, in the event of a corporate transaction (e.g., sale of a substantial part of our business, merger, consolidation or asset sale). In the event of the above, our affiliated companies or acquiring company will assume the rights and obligations as described in this Policy. |
Where we share information with services provider and agents, we ensure they only have access to such information that is strictly necessary in order for us to provide the Services. These parties are required to secure the data they receive and to use the data for pre-agreed purposes only, while ensuring compliance with all applicable data protection regulations (such service providers may use other non-personal data for their own benefit).
YOUR RIGHTS:
We acknowledge that different people have different privacy concerns and preferences. Our goal is to be clear about what information we collect so that you can make meaningful choices about how it is used. We allow you to exercise certain choices, rights, and controls in connection with your information. Depending on your relationship with us, your jurisdiction and the applicable data protection laws that apply to you, you have the right to control and request certain limitations or rights to be executed.
For California and Colorado residents, please see our CCPA Notice.
For detailed information on your rights and how to exercise your rights, please see the Data Subject Request Form (“DSR”) available Here.
Certain rights can be easily executed independently by you without the need to fill out the DSR Form:
- You can correct or delete the Contact Information or Account Information at any time, through the account settings on the Apps;
- You can you can opt-out from receiving our marketing emails by clicking “unsubscribe” link;
- you can withdraw consent for processing Personal Data for analytics or marketing purposes, by using the settings on your device, or as detailed in the section Opt Out Options below:
NOTE THAT DELETING THE APP FROM YOUR DEVICE WILL NOT RESOLVED IN DELETING YOUR PERSONAL DATA IF YOU WISH TO DELETE YOUR PERSONAL DATA GO TO THE APP SETTINGS AND CLICK “DELETE ACCOUNT DATA” AFTER YOU RECEIVE CONFIRMATION YOU CAN PROCEED AND DELETE THE APP.
OPT OUT OPTIONS:
To provide our Services we collect certain Personal Data and we act as an independent controller or “business” as such term are defined by applicable laws. Subject to this definition we are required to provide you with disclosure, consents and options to opt out. Therefore, please notice the following table mapping your options to opt out in different ways and with accordance to the device in you possession:
| INTERFACE | HOW TO OPT OUT |
| Apple Interface: iOS Settings. | You may opt out or influence personalized advertising iOS: On your iPhone or iPad, go to Settings > Privacy > Apple Advertising and deselect Personalized Ads. To learn even more about how to affect advertising choices on various devices and different versions, please look at the information available here. |
| MacOS Interface. | On your MacBook, you can disable personalized ads: go to System Preferences > Security & Privacy > Privacy, select Apple Advertising, and deselect Personalized Ads. |
You may opt-out directly from third party retargeting cookies or other ad-technology trackers through self-regulatory services. For more information, please visit:
Digital Advertising Alliance (US) HERE
Digital Advertising Alliance (Canada) HERE
Digital Advertising Alliance (EU) HERE
Network Advertising Initiative HERE
Digital Advertising Alliance AppChoices HERE
Use the Global Privacy Control (“GPC”) signals.
You can also opt out of interest-based advertising with some of the service providers we use, such as Google HERE, Google Analytic HERE.
Please note that, if you opt out of interest-based advertising, some information will still be collected for other purposes, such as research, analytics, and internal operations. You will also continue to receive contextual advertisements, but they may be less relevant to your interests.
Ad choices settings and options will vary depending on your browser and device settings, and this is not an exhaustive list. Please note that your opt-out choices will only apply to the specific browser or device from which you opt out. We encourage you to explore your device and browser settings to better understand your choices.
DATA RETENTION:
In general, we retain the Personal Data we collect for as long as it remains necessary for the purposes set forth above, all under the applicable regulation, or until you will express your preference to opt-out, where applicable.
The retention periods are determined according to the following criteria:
- For as long as it remains necessary in order to achieve the purpose for which the Personal Data was initially processed. For example: if you contacted us, we will retain your contact information at least until we will address your inquiry.
- To comply with our regulatory obligations. For example: transactional data will be retained for up to seven years (or even more under certain circumstances) for compliance with our bookkeeping obligations purposes.
- To resolve a claim we might have or a dispute with you, including any legal proceeding between us, until such dispute will be resolved, and following, if we find it necessary, in accordance with applicable statutory limitation periods.
Other circumstances in which we will retain your Personal Data for longer periods of time include: (i) where we are required to do so in accordance with legal, regulatory, tax or accounting requirements, or (ii) for us to have an accurate record of your dealings with us in the event of any complaints or challenges, or (iii) if we reasonably believe there is a prospect of litigation relating to your Personal Data. Please note that except as required by applicable law, we will not be obligated to retain your data for any particular period, and we may delete it for any reason and at any time, without providing you with prior notice if our intention to do so.
SECURITY MEASURES:
We work hard to protect Personal Data we process from unauthorized access or unauthorized alteration, disclosure or destruction. We have implemented physical, technical and administrative security measures for the Services that comply with applicable laws and industry such as: encryption using SSL, we minimize amount of data that we store on our servers, restrict access to Personal Data to Company’s employees, contractors and agents, etc. Note that, we cannot be held responsible for unauthorized or unintended access that is beyond our control, and we make no warranty, express, implied or otherwise, that we will always be able to prevent such access.
Please contact us at: [email protected] if you feel that your privacy was not dealt with properly, in a way that was in breach of our Privacy Policy or if you become aware of a third party’s attempt to gain unauthorized access to any of your Personal Data. We will make a reasonable effort to notify you and the appropriate authorities (if required by applicable law) in the event that we discover a security incident related to your Personal Data.
INTERNATIONAL DATA TRANSFER:
Our data servers in which we host and store the information are located in the US. The Company’s HQ are based in Israel in which we may access the information stored on such servers or other systems such as the Company’s ERP, CRM and other systems. In the event that we need to transfer your Personal Data out of your jurisdiction, we will take appropriate measures to ensure that your Personal Data receives an adequate level of protection as required under applicable law. Furthermore, when Personal Data that is collected within the European Economic Area (“EEA“) is transferred outside of the EEA to a country that has not received an adequacy decision from the European Commission, we will take necessary steps in order to ensure that sufficient safeguards are provided during the transferring of such Personal Data, in accordance with the provision of the standard contractual clauses approved by the European Union. Thus, we will obtain contractual commitments and or assurances from the data importer to protect your Personal Data, using contractual protections that EEA and UK regulators have pre-approved to ensure your data is protected (known as standard contract clauses), or rely on adequacy decisions issued by the European Commission. Some of these assurances are well recognized certification schemes.
ELIGIBILITY AND CHILDREN PRIVACY:
The Services are not intended for use by children (the phrase “child” shall mean an individual that is under the age defined by applicable law which with respect to the EEA is under the age of 16 and with respect to the US, under the age of 13) and we do not knowingly process children’s information. We will discard any information that we receive from a user that is considered a “child” immediately upon our discovery that such a user shared information with us. Please contact us at: [email protected] if you have reason to believe that a child has shared any information with us.
