PRIVACY POLICY

1. At KLEVIO we care about data protection and we want you to know what data we collect about you and how it is used and shared. The terms processing, personal data, data controller, data processor, data subject shall have the same meaning as set out in the Data Protection Act 1998 (“DPA”) as amended, extended or re-enacted from time to time and including all subordinate legislation made from time to time under the DPA.

LEGAL BASIS FOR PROCESSING

2. We will process your data on the basis that such processing is necessary in order to enter into and perform these Terms of Service, and perform the Service. Furthermore, as a service provider we have a legitimate interest in processing your data to offer, promote and improve our Service, Site and App. We are committed to carefully assess your interest, fundamental rights and reasonable expectations with regards to our processing of your data.

DATA CONTROLLER

3. For the purpose of these Terms of Service, the data controller is KLEVIO (for details about our company please see the paragraph 1). We are based and mainly operate in the United Kingdom and Slovenia, however this may change due to future expansion of our business. If you have any query regarding our use of your data please contact us at [email protected].

HOW WE USE YOUR DATA

4. We may use your data to provide, promote, develop and improve the Site, App and Service.

5. We use your data to: (a) authenticate you and authorize your access to our Site, App and Service; (b) produce aggregate insights that do not identify you; (c) investigate, respond to and resolve complaints and service issues.

6. We will contact you through email, telephone, notices posted on our Site or App, and other ways. We may contact you about the availability of our services, security, or other service-related issues. We may also send messages about network updates, reminders, and suggestions. You may change your communication preferences at any time using your preference menu available on your Account. Please be aware that as long as you are using our Site, App or Service you cannot opt out of receiving service messages from us, including security and Terms of Services.

INFORMATION YOU GIVE US

7. This is information you provide us when you register to use our Site, App and Service or correspond with us by phone, e-mail or otherwise (e.g. your name, email address, home address, mobile number, and password).

INFORMATION WE COLLECT ABOUT YOU

8. We log your visits and use of our Site, App and Service, your usage data when you visit or otherwise use our Service. We use log-ins, cookies, and internet protocol (“IP”) addresses to identify you and log your use.

9. We collect data through cookies and similar technologies.

10. We use cookies and similar technologies (e.g. web beacons, pixels, ad tags and device identifiers) to recognize you or your device(s). To learn more about how we use cookies please read our cookie policy available at clause 21 of these Terms of Service.

11. We receive data from your devices and networks, including location data.

12. When you visit or leave our Site, we receive the URL of both the site you came from and the one you go to next. We also get information about your IP address, proxy server, operating system, web browser and add-ons, device identifier and features, and/or ISP or your mobile carrier. If you use our website from a mobile device, that device will send us data about your location. Most devices allow you to prevent location data from being sent to us and we respect your settings.

WITH WHO WE SHARE YOUR DATA

13. To provide and develop our services, we may share your personal data with oursubsidiaries, as defined by section 1162 of the Company Act 2006 as amended, extended or re-enacted from time to time, provided that our subsidiaries will be subject to the same terms of this privacy policy (the “Privacy policy”).

14. We may need to use third parties to provide our services (e.g., maintenance, analysis, audit, payments, marketing and development). They will only have access and use your information as reasonably necessary to perform these tasks on our behalf and they will be bound to non-disclosure obligations and to the terms of this Privacy Policy.

15. We do not share your personal data with any third-party advertisers or ad networks for their advertising without your separate permission.

16. We may need to share your data when we believe it is required by law or to protect your or our rights and security. In particular, we may have to disclose your data if is reasonably necessary to: investigate, prevent, or take action regarding suspected or actual illegal activities or to assist government enforcement agencies; enforce our agreements with you; investigate and defend ourselves against any third-party claims or allegations; protect the security or integrity of our Site, App or Service. We will attempt to notify you about legal demands for your personal data when appropriate in our judgment, unless prohibited by law or court order or when the request is an emergency. We may dispute such demands when we believe, in our discretion, that the requests are overbroad, vague or lack proper authority, but we do not promise to challenge every demand.

17. We can also share your personal data as part of a sale, merger or change in control, or in preparation for any of these events. Any other entity which buys us or part of our business will have the right to continue to use your data, but only in the same manner set out in these Terms of Service.

DATA RETENTION

18. We will only keep your personal data for as long as it is necessary to provide our service.

19. We may need to retain part of your personal data even after termination of these agreement with you, if reasonably necessary to comply with our legal obligations (including law enforcement requests), meet regulatory requirements, resolve disputes, maintain security, prevent fraud and abuse, or enforce our Terms of Service.

RIGHTS TO ACCESS

20. We offer access to the personal data we hold about you. Please be aware that the purpose of access requests is to give you the opportunity to confirm the accuracy of personal data we are holding about you, the lawfulness of our processing and to allow you to exercise your rights under the DPA if necessary. Requests manifestly unfounded (e.g. made for other, non-data protection purposes) or excessive, may be rejected.

21. To have access to the personal data we store about you, please contact us.

SECURITY

22. We implement a number of security safeguards designed to protect your data, such as HTTPS. We regularly monitor our systems for possible vulnerabilities and attacks. However, we cannot warrant the security of any information that you send us. There is no guarantee that data may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards.

CROSS-BORDER DATA TRANSFERS

23. We may transfer, store and/or process the personal data that we collect from you at a destination outside the European Economic Area (‘EEA’), provided that we will guarantee that appropriate safeguards are in place beforehand and we will ask for your consent to such transfer beforehand. In case we should transfer, store and/or process your personal data outside the EEA, we will make available on request a copy of the appropriate safeguards taken by us to keep the treatment of your data in line with the DPA.

MATERIAL CHANGES

24. As we are committed to constantly improving our Service, we may change the selection of data and the way we process it. We will notify you of any material change in the way we select and process your personal data. We reserve the right to change or adapt this Privacy Policy.

CONSENT

25. Please be aware that by using our Site or App (e.g. web-browsing), you consent to our use of your data under these Terms of Service.