WhatDays PRIVACY POLICY
This Privacy Policy has been updated on January 31, 2022
WE RESPECT YOUR PRIVACY!
KrysWay LLC (Legal address: 3013, Little Mill, The Colony, Texas, Taxpayer Identification Number: 75056-6605, registration number: 03978580045) (“KrysWay” “us”, “we” and “our”) understand that your privacy is important to you and are committed to being transparent about the technologies it uses.
This Privacy Policy describes how we collect and use the Personal Data you provide. It also describes the choices available to you regarding our use of your Personal Data and how you can access the information. We respect your privacy and we take protecting it seriously.
Reading Privacy Policy is important so we hope you will give it time and attention.
-
1. INFORMATION
-
1.1 This Policy applies to the following people:
- 1.1.1 people who use the Services (for the purposes of this policy, we define the term “User”, “you”, “your”, “yours” as a person which has registered through our Website, mobile app “WhatDays”);
- 1.1.2 people who make complaints to us by email.
1.2 KrysWay does not sell your Personal Data to third parties. A “sale” of Personal Data under the CCPA is defined broadly to include the “selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means” the Personal Data of a User to another business or third party “for monetary or other valuable consideration.” If we decide to sell the Services, we will inform you about this, so you can forbid us to transfer your Personal Data together with our business. If so, we will delete your data from the databases prior to a business transfer.
-
-
2. PRINCIPLES OF DATA PROCESSING
-
2.1 We adhere to the following principles in order to protect your privacy:
- 2.1.1 principle of purposefulness — we process Personal Data fairly and in a transparent manner only for the achievement of determined and lawful objectives, and they shall not be processed in a manner not conforming to the objectives of data processing;
- 2.1.2 principle of minimalism — we collect Personal Data only to the extent necessary for the achievement of determined purposes and do not keep Personal Data if it is no longer needed;
- 2.1.3 principle of restricted use — we use Personal Data for other purposes only with the consent of the data subject or with the permission of a competent authority;
- 2.1.4 principle of data quality — we update Personal Data shall be up-to-date, complete, and necessary for the achievement of the purpose of data processing;
- 2.1.5 principle of security — security measures shall be applied in order to protect Personal Data from unauthorized or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical and organizational measures;
- 2.1.6 principle of individual participation — the persons shall be notified of data collected concerning him or her, the persons shall be granted access to the data concerning him or her and the persons have the right to demand the correction of inaccurate or misleading data.
-
-
3. DEFINITIONS
-
3.1 The following terms shall have the following meaning:
- 3.1.1 “Registration” — registration at mobile app “WhatDays” by filling out the box with the User’s personal phone number and entering an SMS code or registration on the website by filling out the box with the User’s personal information (name, email address, personal phone number, password);
- 3.1.2 “Service” or “Services” — access to our Website https://whatdays.com/ as well as users’ subscription to and any Use of our Services, applications, mobile app “WhatDays” which available at AppStore, Google Play, tools, offline components and features (individually the “Service” or collectively the “Services”) provided by KrysWay, together with its affiliates, officers, directors, employees, agents, and subsidiaries (hereinafter “WhatDays”, “We”, “Our” or “Us”).
-
-
4. PERSONAL DATA THAT WE COLLECT AND PROCESS
-
4.1 To fulfill our obligations on provision of a license for the Services for you and applicable Terms of Use, we are entitled to ask you to provide us with your Personal Data, including (but not limited):
- 4.1.1 Full Name (Name and Surname);
- 4.1.2 Date of birth;
- 4.1.3 Email address;
- 4.1.4 Personal phone number;
- 4.1.5 Address book.
- 4.2 We also can request from you permission for tracking your actions with another service, website, or app.
- 4.3 KrysWay may collect Personal Data from you in a variety of ways and circumstances, including, but not limited to, installation of mobile app “WhatDays”, subscription to a newsletter, filling out a form, providing us with feedback. KrysWay shall be entitled to combine Personal Data collected in the course of your interaction with different sections of the Service with any other relevant available information.
-
-
5. PERSONAL DATA, COLLECTED IN AN AUTOMATIC WAY
-
5.1 Personal Data collected by or transmitted to the KrysWay in the course of accessing, interacting, and operating of the Service may include, without limitation, the following Personal Data:
- 5.1.1 device information, which may include (but is not limited to) information about the computer or mobile device you use to access the Service, including the hardware model, operating system and version, the web browser you use, and other device identifiers; information such as language;
- 5.1.2 server log information, which may include (but is not limited to) your login details, the date and time of visits, the pages viewed, your IP address, time spent at the Service, and the websites you visit just before and just after the Service;
- 5.1.3 information collected by cookies and other tracking technologies. We and our service providers use various technologies to collect information when you interact with the Service, including cookies and web beacons. ‘Cookies’ are small data files that are stored on your device when you visit a Website, which enables us to collect information about your device identifiers, IP address, web browsers used to visit the Website, pages or features viewed, time spent on the Website, and links clicked. Where required, you will be asked for consent to our use of cookies. To view more information on what cookies we use and how we use them, please review our Cookie Policy
-
-
6. LAWFUL BASIS OF DATA PROCESSING
- 6.1 Under Art. 6 of the GDPR, we only process Personal Data, where we have a lawful basis for doing so.
- 6.2 The processing of Personal Data, described in p. 4.1 of this Privacy Policy is based on contract obligations (Art. 6 (1) lit. (b) GDPR) and is performed only for the purposes specified in this Privacy Policy — to meet your request concerning the Service, to formalize the development of the contractual relationship.
- 6.3 The processing of Personal Data, described in p. 5.1.1 and 5.1.2 of this Privacy Policy is based on a legitimate interest (Art. 6 (1) lit. (f) GDPR) and is performed only for the purposes specified in this Privacy Policy — to contact you about, and conduct, surveys or polls you choose to take part in and to analyze the data collected for market research purposes.
- 6.4 The processing of Personal Data, described in p. 5.1.3 of this Privacy Policy is based on consent (Art. 6 (1) lit. (a) GDPR) and is performed only for the purposes specified in this Privacy Policy — to provide a greater and better experience with us and other related purposes, which is described in detail in our Cookie Policy.
- 6.5 The processing of Personal Data, described in p. 4.2 of this Privacy Policy is based on consent (Art. 6 (1) lit. (a) GDPR) and is performed only for the purposes specified in this Privacy Policy — to personalize your experience with our Service and for marketing and promotion of our Services or related products, including those of a third party’s products which are related to our Services.
-
7. PROFILE
- 7.1 Your profile will include your full name, personal phone number, information relating to the date of birth, and celebrations. Information specified in this paragraph will be available for other Users of the Services.
- 7.2 We also can request from you access to your device’s camera, photo gallery, microphone, and files for providing you with more features of our Service.
- 7.3 It’s your choice whether to give us access and load photos, videos, and other types of files. You are fully responsible for any audio, video, photo downloaded from your device.
-
8. ADDRESS BOOK INTEGRATION
- 8.1 After your registration, you’ll also be asked to allow us access to your mobile device’s address book. After you grant the Service access to your address book, the Service will import your contacts (a copy of the phone numbers and names of all your contacts) from the address book (including those that were added to the address book by synchronizing with messengers such as Telegram, Viber e.t.c.). The aforementioned information from your address book will be collected and stored on our servers, mainly in order for us to be able to enable you and your contacts to connect. The Service cannot make any changes to your address book. Data accessed from your address book will never be shared with third parties, such as third-party service providers and/or advertisers.
- 8.2 KrysWay is in no way responsible for the protection of the information which is stored in your address book.
-
9. USE OF COLLECTED PERSONAL DATA
-
9.1 We may use the information collected from you for a variety of purposes, primarily, relating to providing our Services and information about our Services. We may also use the information for such other purposes as otherwise allowed by law. For example, we (or a supplier or our affiliate company acting on our behalf and only under our instructions) may use your Personal Data, including personally identifiable information, for such purposes, including but not limited to:
- 9.1.1 to provide license and access to the Services;
- 9.1.2 to handle your orders and requests, including requests for technical support and assistance;
- 9.1.3 to properly fulfill tax-related and accounting obligations imposed by applicable laws;
- 9.1.4 to detect, investigate, and prevent illegal activities or conduct that may violate the Terms of Conditions of the Services and this Privacy Policy;
- 9.1.5 personalize your experience with our Service;
- 9.1.6 contact you in relation to, and conduct, surveys or polls you choose to take part in and to analyze the data collected for market research purposes;
- 9.1.7 conduct internal research and development and to improve, test, and enhance the features and functions of our Services;
- 9.1.8 marketing and promotion of our Services or related products, including those of a third party’s products which are related to our Services (if you do not want us to use your data in this way, please let us know by contacting us at: [email protected]);
- 9.1.9 meet our internal and external audit requirements, including our information security obligations;
- 9.1.10 tracking purchases and usage information;
- 9.1.11 any other purpose as we determine, in our sole discretion, to be necessary or required to ensure the safety and/or integrity of our users, employees, third parties, public, and/or our Services, or to comply with requirements of any applicable law.
-
-
10. CONSENT TO PERSONAL DATA PROCESSING
-
10.1 EU Persons Consent to Personal Data processing
- 10.1.1 If you are an EU Person and to process your Personal Data we need to receive your consent, as it is prescribed by GDPR, we will process your Personal Data only in the case we have received from you a freely given, specific, informed, and unambiguous indication of your wishes by which you signify agreement to the processing of your Personal Data ("Consent").
- 10.1.2 You may give your Consent by registering with our Service. In the case of your registration with our Service, you irrevocably and unconditionally consent and agree that KrysWay shall be entitled to process your Personal Data as it is indicated by your Consent.
- 10.1.3 Your Consent covers all processing activities with your Personal Data carried out for the same purpose or purposes. When the processing has multiple purposes, your Consent should be deemed given for all of them.
- 10.1.4 You have the right to withdraw your Consent at any time. You can submit such a request by sending us an email to [email protected]. Your withdrawal of Consent shall not affect the lawfulness of your Personal Data processing based on Consent before its withdrawal.
- 10.1.5 Except as required or enabled by law we will not use or disclose your Personal Data for any purpose for which you refuse Consent or later withdraw your Consent. If you withdraw Consent, you agree that in spite of this withdrawal, we may continue to use those Personal Data previously provided to us to the extent that we are contractually or otherwise legally obliged to do so and to the extent necessary to enforce any contractual obligation you may have towards KrysWay or in any other way permitted by law.
-
10.2 Non-EU Persons Consent to Personal Data processing
-
10.2.1 If you are not an EU Person, by transferring to us your Personal Data via the Services or otherwise, you irrevocably and unconditionally consent and agree that the KrysWay shall be entitled, in accordance with this Policy:
- 10.2.1.1 to Process in any manner, including to collect, store, use, disclose, share and transfer (including cross-border), your Personal Data so provided to us, as well as your Personal Data, collected from your use of the Services (i.e. your Personal Data which we collect automatically and/or from other sources); and
- 10.2.1.2 to use cookies and web beacons (pixel tags) to collect your Personal Data.
-
-
-
11. COMPLIANCE WITH GENERAL DATA PROTECTION REGULATION (GDPR), CALIFORNIA CONSUMER PRIVACY ACT (CCPA) AND OTHER LAWS
- 11.1 If you are located in the European Economic Area (EEA) privacy rights are granted and all processing of Personal Data is performed in accordance with regulations and rules following the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data, known as the General Data Protection Regulation (“GDPR”).
- 11.2 If you are located in California, all processing of Personal Data is performed in accordance with regulations and rules following the California Consumer Privacy Act, Cal. Civ. Code § 1798.100 et seq. (“CCPA”).
- 11.3 If you are located in Brazilia, all processing of Personal Data is performed in accordance with regulations and rules following the Lei Geral de Proteção de Dados (“LGPD”).
- 11.4 If you are located in the United Kingdom, all processing of Personal Data is performed in accordance with regulations and rules following the Data Protection Act 2018 (“DPA 2018”) and UK General Data Protection Regulation (“UK GDPR”).
- 11.5 If you are located in Australia, all processing of Personal Data is performed in accordance with regulations and rules following the Privacy Act 1988 .
- 11.6 If you are located in Canada, all processing of Personal Data is performed in accordance with regulations and rules following Personal Information Protection and Electronic Documents Act (S.C. 2000, c. 5) (“PIPEDA”).
- 11.7 If you are located in New Zealand, all processing of Personal Data is performed in accordance with regulations and rules following Privacy Act 2020.
- 11.8 If you are located in the Russian Federation, all processing of Personal Data is performed in accordance with regulations and rules following the Federal Law of July 27, 2006, No. 152-FZ “On Personal Data”.
- 11.9 The Child Online Privacy and Protection Act (“COPPA”) regulates the online collection of information from persons under the age of 13 (covered person). Covered persons are required to obtain parental consent before providing Personal Data via the Service. If you are a parent of a COPPA-covered person, you have the option to agree to the collection and use of your COPPA-covered person’s information. You may revoke your consent, review your COPPA-covered person’s Personal Data, ask to have it deleted, and/or refuse to allow any further collection or use of your COPPA-covered person’s information at any time, contact us at [email protected].
- 11.10 We process Personal Data as a Controller, as defined in the GDPR.
-
12. DATA ACCESS, DATA CORRECTION, DATA DELETION, DATA PORTABILITY, AND WITHDRAWAL OF THE CONSENT
-
12.1 You can review, correct, update, delete or transfer your personally identifiable information. For that, contact us directly at [email protected]. We will acknowledge your request within seventy-two (72) hours and handle it promptly and as required by law.
- 12.1.1 Right to access. You may contact us to get confirmation as to whether or not we are processing your Personal Data. When we process your Personal Data, we will inform you of what categories of Personal Data we process regarding you, the processing purposes, the categories of recipients to whom Personal Data have been or will be disclosed, and the envisaged storage period or criteria to determine that period.
- 12.1.2 Right to withdraw consent. In case our processing is based on the Consent granted, you may withdraw the Consent at any time by contacting us or by using the functionalities of our Services. You can withdraw your Consent at any time by replying to the email with your withdrawal and your Personal Data will be deleted in 48 hours. Withdrawing Consent may lead to fewer possibilities or the impossibility to use our Services. Notwithstanding any Consent granted beforehand for direct marketing purposes, you have the right to prohibit us from using Personal Data for direct marketing purposes, by contacting us or by using the functionalities of the Services or unsubscribe possibilities in connection with our direct marketing messages.
- 12.1.3 Right to object. In case our processing is based on our legitimate interest to run, maintain and develop our business, you have the right to object at any time to our processing. We shall then no longer process your Personal Data unless for the provision of our Services or if we demonstrate other compelling legitimate grounds for our processing that override your interests, rights, and freedoms or for legal claims.
- 12.1.4 Right to restriction of the processing. You have the right to obtain from us restriction of processing of your Personal Data, as foreseen by applicable data protection law, e.g. to allow our verification of the accuracy of Personal Data after your contesting of accuracy or to prevent us from erasing Personal Data when Personal Data is no longer necessary for the purposes but still required for your legal claims or when our processing is unlawful. Restriction of processing may lead to fewer possibilities or the impossibility to use our Services.
- 12.1.5 Right to data portability. You have the right to receive your Personal Data from us in a structured, commonly used, and machine-readable format and to independently transmit those data to a third party, in case our processing is based on your Consent and carried out by automated means.
- 12.1.6 How to use these rights. To exercise any of the above-mentioned rights, you should primarily use the functions offered by our Services. If such functions are however not sufficient for exercising such rights, you shall send us a letter or email to the address set out below under Contact, including (but not limited to) the following information: full name, phone number, email address. We may request additional information necessary to confirm your identity. We may reject requests that are unreasonably repetitive, excessive, or manifestly unfounded, but it does not deprive you of the right to retry your request.
-
-
13. STORING OF INFORMATION AND DELETION
- 13.1 We store your Personal Data for as long as needed to provide you with our Services. We may store data longer, but only in a way that it cannot be tracked back to you. When Personal Data is no longer needed, we delete it using reasonable measures to protect the data from unauthorized access or use.
- 13.2 EU Territory. We store Personal Data as long as it is needed for the provision of our Services. Traffic information is erased or made anonymous when it is no longer needed for the purpose of the transmission or, in the case of payable services, up to the end of the period during which the bill may lawfully be challenged or payment pursued. Direct marketing and provision of value-added services information (including traffic information used for these purposes) are stored as long as the same is necessary for the provision of these activities, or up to the time when a User opts out from such use in accordance with this Privacy Policy. Other information is stored for as long as we consider it to be necessary for the provision of our Services. This Section shall not prevent any technical storage or access to information for the sole purpose of carrying out the transmission of a communication or as strictly necessary in order for us to provide the Service you requested.
- 13.3 As explained in the GDPR statement, we strive to anonymize the data when possible. If you decide to exercise your right to erasure we will also inform our Providers to delete all your data.
- 13.4 US Territory. We will retain collected information for the period necessary to fulfill the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by applicable legislation.
- 13.5 Storing might be different depending on the territory of collecting the information and the applicable legislation, but we always strive to store the information only as long as it is needed for the purposes of providing, improving, or personalizing our Services.
-
14. INFORMATION RELATING TO CHILDREN
- 14.1 We do not intentionally collect or maintain information from persons under the age of 13, however, according to each country and its laws, the processing of the Personal Data of a child will be lawful where the child is at another age.
- 14.2 If we determine upon collection that a user is under this age, we will not use or maintain his/her Personal Information without the parent/guardian’s consent. If we become aware that we have unknowingly collected personally identifiable information from a child under the age of 13, we will make reasonable efforts to delete such information from our records. If you believe that we might have any information from or about a child under 13 years of age please contact us at [email protected].
- 14.3 We also recommend that parents monitor their children’s Internet activities and learn and employ software or other tools that can help their children enjoy their online experience without compromising their personal safety or allowing them to use the Internet in a manner inconsistent with their parent/guardian’s preferences.
-
15. INFORMATION SECURITY
- 15.1 We care to ensure the security of Personal Data. We follow generally accepted industry standards to protect the information submitted to us, both during transmission and once we receive it. We maintain technical, physical, and administrative security measures to provide reasonable protection for your Personal Data. When we or our contractors process your information, we also make sure that your information is protected from unauthorized access, loss, manipulation, falsification, destruction, or unauthorized disclosure. This is done through appropriate administrative, technical, and physical measures.
- 15.2 There is no 100% secure method of transmission over the Internet or method of electronic storage. Therefore, we cannot guarantee its absolute security. We never process any kind of sensitive data and criminal offense data. Also, we never undertake to profile Personal Data.
-
16. CONTRACTORS
- 16.1 We work with third-party service providers who provide website, application development, hosting, maintenance, and other services for us. They may be located outside of the EEA. These contractors may have access to, or process Personal Data on behalf of us as part of providing those services for us. We limit the information provided to these service providers to that which is reasonably necessary for them to perform their functions.
- 16.2 Any purchases in WhatDays are processed directly by AppStore, Google Play and regulated by the rules of these marketplaces.
- 16.3 We may share your Personal Data with our insurers, our professional advisors (lawyers, bankers, auditors, corporate financiers, and brokers) in connection with the services they provide to us. If we share your Personal Data with those processors, we will require the recipient to keep it confidential and secure. To provide you (or your organization) with our Services, we may provide Personal Data to the courts, to lawyers advising the other parties to a matter, or other professionals (such as overseas law firms, patent agents, forensic accountants, or barristers).
- 16.4 All data transfers are performed in accordance with the highest security regulations. Transfer of Personal Data to countries outside of the European Economic Area may be possible only in the case when we have obtained your consent for it.
- 16.5 All data processed by us is stored exclusively in secure hosting facilities provided by Hetzner Online GmbH.
- 16.6 We use Firebase. Firebase is Google's mobile application development platform that helps to build, improve, and grow the Service. For more information on the privacy practices of Firebase, please visit the Privacy Policy: https://firebase.google.com/support/privacy
- 16.7 We use Google Analytics to create detailed statistics of our Website visitors. The statistics are collected on Google's server; the User only places JS code on the pages of his or her site. The tracking code is triggered when the User opens the page in his or her web browser. For more information on the privacy practices of Google Analytics, please visit the Privacy Policy: https://policies.google.com/privacy?hl=en-US s-privacy-policy/
- 16.8 We use Bitrix24. Bitrix24 is a project management, collaboration, website builder service that helps us to manage our work and provide quality services. For more information on the privacy practices of Bitrix24, please visit the Privacy Policy: https://www.bitrix24.uk/privacy/
-
17. OPT-OUT
- 17.1 You can deactivate local notifications by changing the notification settings in accordance with the instructions of the operating system running on the Users’ device.
-
18. APPLICATION OF THIS PRIVACY POLICY
- 18.1 This Privacy Policy is applicable to our Services. Once redirected to another service, website, or app, this Privacy Policy is no longer applicable.
-
19. ACCEPTANCE OF THESE CONDITIONS
- 19.1 We assume that all Users have carefully read this document and agree to its content. If one does not agree with this Privacy Policy, they should refrain from using the Services.
-
20. CHANGES AND UPDATES TO OUR PRIVACY POLICY
- 20.1 From time to time, we may update this Privacy Policy. We encourage you to periodically check back and review this Policy so that you always will know what information we collect, how we use it, and with whom we share it.
-
21. CONTACT US!
- If you have any questions, suggestions, or requests, please contact us at [email protected].