We will only use the personal data gathered through the Acorn as set out in this policy. Below you will find information on how we use your personal data, for which purposes your personal data is used, with whom it is shared and what control and information rights you may have.
I. Summary of our processing activities
Our Acorn solution is an age-friendly smart tablet and associated companion mobile application designed to enable those with limited digital technology skills to be fully empowered and engaged online. The following summary provides you with a quick overview of the processing activities that are undertaken on personal data when providing these services. You will find more detailed information under the indicated sections below.
- In case you register for one of our services, further personal data will be processed in the scope of such services (see III and IV).
- Your personal data may be disclosed to third parties (see IV) that might be located outside your country of residence; potentially, different data protection standards may apply (see V).
- We have implemented appropriate safeguards to secure your personal data (see VI) and retain your personal data only as long as necessary (see VII).
- Under the legislation applicable to you, you may be entitled to exercise certain rights with regard to the processing of your personal data (see VIII).
Personal Data: is any information, relating to a natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, or an online identifer.
Processing: means any operation, which is performed on personal data, such as collection, recording, organisation, structuring, storage, adaptation or any kind of discloure or other use.
III. Registration for our services
When registering the following categories of personal data are collected.
- Information (such as your first name, last name, address, date of birth, user name and email address) that is provided by registration
- Information in connection with an account sign-in facility (e.g. username and password details)
- Communications sent by you (e.g. via e-mail or website communication forms)
We will process the personal data you provide to:
- Identify you at sign-in
- Provide you with the services and information offered through the service or which you request
- Provide localised services such as local news and events
- Administer your account
- Communicate with you
IV. Usage of our Services
When using the Acorn service the following categories of personal data are collected
- Information regarding your usage may be collected (times of use, frequency of use of features and other statistics) and used to provide and improve the service.
- Error log data may also be stored on the device and uploaded. This log data may include information such as your device Internet Protocol (“IP”) address, device name, operating system version, the configuration of the app when utilizing our Service.
Your personal data may be disclosed to third parties. We employ third-party companies and individuals due to the following reasons:
- To facilitate our Service;
- To provide the Service on our behalf;
- To perform Service-related services; or
- To assist us in analyzing how our Service is used.
V. Cross border data transfers
Within the scope of our information sharing activities set out above, your personal data may be transferred to other countries (including countries outside the EEA) which may have different data protection standards from your country of residence. Please note that data processed in a foreign country may be subject to foreign laws and accessible to foreign governments, courts, law enforcement, and regulatory agencies. However, we will endeavour to take reasonable measures to maintain an adequate level of data protection when sharing your personal data with such countries.
In the case of a transfer to a country outside of the EEA, this transfer is safeguarded by EU Standard Contractual Clauses. You can find further information about the aforementioned safeguards under: https://ec.europa.eu/info/law/law-topic/data-protection_en. or by contacting the Data Protection Team at email@example.com
We have reasonable state of the art security measures in place to protect against the loss, misuse and alteration of personal data under our control. For example, our security and privacy policies are periodically reviewed and enhanced as necessary and only authorised personnel have access to personal data. Whilst we cannot ensure or guarantee that loss, misuse or alteration of information will never occur, we use all reasonable efforts to prevent it.
You should bear in mind that submission of information over the internet is never entirely secure. We cannot guarantee the security of information you submit whilst it is in transit over the internet and any such submission is at your own risk.
VII. Data retention
We strive to keep our processing activities with respect to your personal data as limited as possible. In the absence of specific retention periods set out in this policy, your personal data will be retained only for as long as we need it to fulfil the purpose for which we have collected it and, if applicable, as long as required by statutory retention requirements.
VIII. Your rights
Under the legislation applicable to you, you may be entitled to exercise some or all of the following rights:
- require (i) information as to whether your personal data is retained and (ii) access to and/or duplicates of your personal data retained, including the purposes of the processing, the categories of personal data concerned, and the data recipients as well as potential retention periods;
- request rectification, removal or restriction of your personal data, e.g. because (i) it is incomplete or inaccurate, (ii) it is no longer needed for the purposes for which it was collected, or(iii) the consent on which the processing was based has been withdrawn;
- refuse to provide and – without impact to data processing activities that have taken place before such withdrawal – withdraw your consent to processing of your personal data at any time;
- object, on grounds relating to your particular situation, that your personal data shall be subject to a processing. In this case, please provide us with information about your particular situation. After the assessment of the facts presented by you we will either stop processing your personal data or present you our compelling legitimate grounds for an ongoing processing;
- take legal actions in relation to any potential breach of your rights regarding the processing of your personal data, as well as to lodge complaints before the competent data protection regulators;
- require (i) to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and (ii) to transmit those data to another controller without hindrance from our side; where technically feasible you shall have the right to have the personal data transmitted directly from us to another controller; and/or
- not to be subject to any automated decision making, including profiling (automatic decisions based on data processing by automatic means, for the purpose of assessing several personal aspects) which produce legal effects on you or affects you with similar significance. You may (i) exercise the rights referred to above or (ii) pose any questions or (iii) make any complaints regarding our data processing by contacting us using the contact details set out below
IX. Contacting us
The information you provide when contacting us will be processed to handle your request and will be erased when your request is completed. Alternatively, we will restrict the processing of the respective information in accordance with statutory retention requirements.
- record-keeping for the proper and necessary administration of our business
- responding to unsolicited communication from you to which we believe you would expect a response
- protecting and asserting the legal rights of any party
- insuring against or obtaining professional advice that is required to manage business risk
- protecting your interests where we believe we have a duty to do so
X. Amendments to this policy