At Momento we believe it is important for our customers and users to understand what information we collect, how we use it and who it is shared with. We are therefore committed to protecting your privacy and being transparent about our practices.
Owner and Data Controller
d3i Limited, Newport House, Newport Road, Stafford, Staffordshire, ST16 1DA, England.
Contact email address: firstname.lastname@example.org.
Information we collect and why
In order to provide you with our Services, we collect certain information from you when you use our Services. We will hold the above information for as long as is necessary in order to provide you with our services, deal with any specific issues that you may raise or otherwise as is required by law or any relevant regulatory body.
Information we collect about you:
- Personal Information — By using our Services, we may collect the following categories of personal information ("personal information") you provide to us: name; email address; survey responses; demographics; marketing responses; passwords; contact information and other information you provide through our Services; and other information you may provide about yourself or others through our Services or to which you provide us with access via third-party platform.
- Device Information —When you use our Services or open communications (such as emails) , some information is automatically collected from devices (e.g., mobile, computer, laptop, tablet) used to visit or use our Services including, but not limited to, operating system, access times, unique device identifiers, service provider, IP address, screen resolution, browser type, language, referring site and other data about your device that we use to provide the services or as otherwise described in this Policy (" device information"). We also collect information about your usage and activity on our Services using certain technologies, such as cookies, web beacons and other technologies.
- Location Information — If you use our Services, we may receive and store your generic location (such as city or neighbourhood) for the purposes of analytics. We will collect location information based on, for example, your IP address, to provide anonymous analytical information on the geographical distribution (city level) of our visitors and users around the world.
- Usage Information — We collect certain anonymous analytical information when you use our Services, including information about your interaction with the Services, including the actions you take on the Services.
- Cookies — we may also collect certain information through the use of “cookies”. Cookies are small files that your browser places on your computer. We may use session cookies, persistent cookies, and other tracking technologies to better understand how you interact with our Services, to monitor usage by our users and web traffic routing on our Services, and to improve our Services. Most Internet browsers automatically accept cookies. You can instruct your browser, by editing its options, to stop accepting cookies or to prompt you before accepting cookies from the websites you visit.
- Application Data — "Application Data" is user generated content created using our mobile applications including but not limited to journal entries, photos, videos, imported feed data and settings, collected and stored on your device. We do not store this data on our services or have access to this information. If you have iCloud backups enabled on your device this information will be stored by Apple. When connecting Momento to the available web services (feeds), the application collects the information which is provided to it from the relative service, including a token to authenticate your identity between these accounts. This information may include your name, the names of those you interact with, your username, the usernames of those you interact with, your location (past and present), media (such as photos and videos) and the times and dates the data was originally published, as well as any other information your have shared on these services. Momento accesses your photos and videos to allow you to add photos to a moment. Information from your photos is only stored when you select a photo to include in a moment. Momento will collect precise location information based on, for example, your device's GPS coordinates, unless you configure your operating system settings to prevent our collection of location information. This allows Momento to organise your data by place, provide 'nearby' search results and determine time-zones.
How we use your information
We use information held about you (and information about others) in the following ways:
- to provide you with our services;
- to ensure the content on our website is presented in the most effective manner for you and your computer or mobile device; and
- to notify you about changes to our service.
How we share your information
For our effective operation and to deliver our Services to you we may share information with Third Parties.
What information we share, who we share it with and why
- Personal Information — We use Zendesk for all enquiries directed to us via our support website and our support email accounts. Information collected by Zendesk on our behalf may include your name, email address and correspondence.
- Location Information — Location (on a city or neighbourhood level) is collected and shared with Google Analytics (Google) and Apple Analytics (Apple) to provide us with anonymous analytical information about our users and visitors. Precise location is shared with Foursquare (for searching nearby places and venues - such as shops and restaurants) and Google (for searching nearby places - such as towns and cities).
- Device and Usage information — Device and usage information will be shared with Google Analytics (Google), Apple Analytics (Apple) and Crashlytics (Fabric, a Google company) for analytics and crash reporting. Device and Usage information may also be collected by Third Party SDK's when connecting or interacting with them.
Information you choose to share socially
Our Services may allow you to share your Application Data and information publicly or with friends. Our Services may also allow you to connect with us on, share on, and use third-party platforms, including those on which We have a presence. Please be mindful of your personal privacy needs and the privacy needs of others as you choose whom to connect with and what to share and make public. We cannot control the privacy or security of information you choose to make public or share with others. We do not control the privacy practices of third-party platforms.
We may disclose your personal information to any partner of Momento and/or a member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.
We may also disclose your personal information to third parties:
- in the event that we sell or buy any business or assets;
- if Momento or substantially all of its assets are acquired by a third party; or
- if we are under a duty to disclose or share your personal data in order to comply with any legal obligation or to protect the rights, property, or safety of Momento, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection.
Third Party Services
In addition to the Services we provide directly, we also use third party service providers (collectively referred to as “Third Party Services”) who operate their own Privacy Policies. The Third Party Services we use we deem important to our effective operation.
So you can find out more about the services we use, and in turn those you may use whilst using and interacting with our Services, we have compiled a list for your reference.
The Third Party Services we use:
- Google Analytics — for the collection of anonymous analytical data to help us better understand how our customers and users use our Services.
- Zendesk — for the provision of support desk services, helping us track and manage correspondence with our customers and users.
- Fabric — for the capture and collection of crash logs to help us identify bugs in our Services.
- Apple iCloud — (if enabled by user) for the storage of your Momento data (if enabled).
- Apple Analytics — (if enabled by user) for the collection of anonymous analytical data to help us better understand how our customers and users use our Services.
Third Party SDK's (Software Development Kit):
- Fabric SDK — provides us with the ability to capture and collect crash logs through the Crashlytics service and interact with the Twitter Platform for integration with Twitter if and when you choose to connect your Twitter account.
- Facebook SDK — provides us with the ability to interact with the Facebook Platform for integration with Facebook if and when you choose to connect your Facebook account.
- Foursquare SDK — provides us with the ability to provide nearby venue (place) information, and interact with the Foursquare Platform if and when you choose to connect your Foursquare account.
Third Party API's (Application Programming Interface):
- Facebook API — provides us with the ability to interact with Facebook Platform for integration with Facebook if and when you choose to connect your Flickr account.
- Flickr API — provides us with the ability to interact with Flickr Platform for integration with Flickr if and when you choose to connect your Flickr account.
- Foursquare API — provides us with the ability to provide nearby venue (place) information, and interact with the Foursquare Platform if and when you choose to connect your Swarm account.
- Google Places API — provides us with the ability to provide nearby place information when tagging a place in a moment.
- Instagram API — provides us with the ability to interact with Instagram Platform for integration with Instagram if and when you choose to connect your Instagram account.
- Moves API — provides us with the ability to interact with Moves Platform for integration with Moves if and when you choose to connect your Moves account.
- Spotify API — provides us with the ability to interact with Spotify Platform for integration with Spotify if and when you choose to connect your Spotify account.
- Uber API — provides us with the ability to interact with the Uber Platform for integration with Uber if and when you choose to connect your Uber account.
- YouTube API — provides us with the ability to interact with YouTube Platform for integration with YouTube if and when you choose to connect your YouTube/Google account.
- Goodreads API — provides us with the ability to interact with the Goodreads Platform for integration with Goodreads if and when you choose to connect your Goodreads account.
All application data (that is the data you create and add to Momento) is only stored locally on your devices and, if enabled, on iCloud. We have no way to access application data and therefore cannot read, recover or share data for or on behalf of any person or organisation.
Data we collect
Information about you may be transferred to, or accessed by, entities located around the world as described in this Policy. Some of these entities may be located in countries that do not provide an equivalent level of protection as your home country. By using our Services, and providing us information about you, you consent to the international transfer of information about you to the above parties.
We take reasonable measures to protect any personal information we may hold about you in an effort to prevent loss, misuse, and unauthorised access, disclosure, alteration, and destruction. However, despite our efforts, no security measures are perfect or impenetrable and no method of data transmission can be guaranteed against any interception or other type of misuse.
Sensitive information sent between your browser and our website, and your device and Third Party Services, is transferred in encrypted form using Secure Socket Layer ("SSL"). When transmitting sensitive information, you should always make sure that your browser can validate the SSL certificate.
For information on how your iOS device encrypts and secures application data please see https://support.apple.com/en-gb/HT202064. For information on how data is protected on iCloud, please see https://support.apple.com/en-gb/HT202303.
Data Choices, Access and Correction
- Email — If you do not want to receive marketing and promotional emails from us, you may click on the "unsubscribe" link in the email to unsubscribe and opt-out of marketing email communications. Alternatively, to the extent that applicable law requires your prior opt-in consent to receive marketing and promotional emails, you can choose not to opt-in. Please note that even if you opt-out of receiving marketing communications from one or all of our Services, we may need to send you service-related communications.
- Application Data — If you no longer want to use Momento and would like to delete all associated Application Data then delete the Momento application from your device and any application data stored in iCloud. As we do not have access to your application data, we cannot do this for you.
Data Access and Correction
If you believe we are storing information that you would like access to or information corrected, please contact us on email@example.com.
Our Services are not for use by children under 13 and we do not knowingly collect personal information from children under 13. If we learn that we have collected personal information of a child under 13, we will delete such information.
Residents of the EU and UK
If you are a resident of the European Union ("EU") or the United Kingdom (“UK”), you may have certain additional rights, as detailed below. For purposes of this notice, "personal data” has the meaning ascribed in the EU General Data Protection Regulation ("GDPR").
To process your personal data, we rely on the following legal bases:
- For the performance of a contract we have with you (for example, if you use our Services).
- For compliance with a legal obligation to which we are subject (such as when we are obliged to comply with lawful requests from competent authorities such as law enforcement).
- For the purposes of our legitimate interests (such as tailoring your experience on our Services), provided that such processing does not outweigh your rights and freedoms.
To the extent a specific element of our processing of your personal data relies upon your consent, you may withdraw such consent at any time with future effect. Such a withdrawal will not affect the lawfulness of the processing prior to the consent withdrawal.
If you wish to object to the processing of your personal data on the basis of legitimate interest and no opt-out mechanism is available to you directly, please contact firstname.lastname@example.org.
Additional Data Privacy Rights
You may have these rights under applicable law:
- Access — You may request that we confirm whether or not we are processing your personal data. If we are, you may request a copy of your personal data, which we will provide free of charge, together with information about the processing, such as the purposes of the processing and the categories of personal data concerned. However, this is not an absolute right and the interests of other individuals may restrict your right of access. We may decline or charge a reasonable administrative cost for requests which are excessive, particularly if repetitive.
- Rectification — You may edit some of your personal data when you have access to do so. You may also ask us to change, update or fix your personal data in certain cases, particularly if it’s inaccurate.
- Erasure — You may request the erasure of your personal data.
- Restrict Processing — You may ask us to restrict the processing of your personal data under certain circumstances, such as if your Personal Data is inaccurate or unlawfully held.
- Data portability — You may ask for a copy of the personal data you provided to us in a structured, commonly used and machine-readable format and you may have the right to transmit this data to another entity.
- Object — You may object to the processing of your personal data on grounds relating to your particular situation under certain circumstances , for example for direct marketing. If you have a right to object and you exercise this right, your personal data will no longer be processed for such purposes by us, unless there are overriding compelling legitimate grounds for the processing or as otherwise provided under applicable law.
Please note that we may need to retain certain information for recordkeeping purposes, to complete any transactions that you began prior to your request, or for other purposes as required or permitted by applicable law.
Personal data may be transferred to and processed by recipients that are located inside or outside the European Economic Area (" EEA"). For recipients located outside of the EEA, some are certified under the EU-U.S. Privacy Shield and others are located in countries with adequacy decisions and, in each case, the transfer is thereby recognised as providing an adequate level of data protection from a European data protection law perspective. Other recipients might be located in countries which do not provide an adequate level of protection from a European data protection law perspective and for which we will base the transfer on appropriate safeguards, such as standard data protection clauses adopted by the European Commission or by a supervisory authority, approved codes of conduct together with binding and enforceable commitments of the recipient, or approved certification mechanisms together with binding and enforceable commitments of the recipient.
Changes to this Policy