Privacy Policy

Updated: July, 2020

We at Panibal respect your right to privacy. This privacy policy (“Privacy Policy”) is an integral part of our Terms and Conditions, and applies to all of the processing, collection and transfer of data by Panibal (“Company”, “us” or “our”) associated with users (“user” or “you”) of our Product and Software (as such terms are defined in the Terms and Conditions).

This Privacy Policy is also providing information as required under the EU General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act of 2018 (“CCPA”), to the extent applicable.

Capitalized terms used herein and not defined shall have the meaning ascribed to them in the Terms and Conditions.

The Privacy Policy in a nutshell:

You are not required by law to provide us with any Personal Data (as such term is defined below). Please note, that some of our services require the processing of certain Personal Data, as further described in this Privacy Policy. Without such data we may not be able to provide you with all or part of the services.

Our Software, Product and any related services are intended for users over the age of 16 or equivalent minimum age for providing consent to processing of Personal Data in the relevant jurisdiction. Children under such age are not permitted to use our services nor provide us with any Personal Data.

You may be entitled under applicable laws to review, amend, erase or restrict the processing of your Personal Data. Please review the “Data Subject Right” section below for more information about your rights.

We do not sell, trade, or rent Users' Personal Data to third parties. We only share Personal Data with third parties in connection with the provision of the Product and/or Software to our Users, or other limited circumstances set forth herein.

If you have any queries or you would like to request more information about your Personal Data processed by us or in connection with this Privacy Policy, please contact us via the following email address: support@panibal.com

Collection and Use of Data

The Company collects and processes the following data regarding Users when the use, install and interact with the Product and Software.

“Personal Data” or “Personal Information” (in accordance with applicable law definitions), shall mean information that identifies an individual or may with reasonable effort identify an individual. This may include online identifiers such as IP address, name, emails, etc.,

If we decide to combine Personal Data with Non-Personal Data, we shall treat the consolidated data as Personal Data.

“Non-Personal Data” shall mean technical and aggregated data about you that is non-identifiable and non-personal data (i.e., it cannot identify you).

Lawful Basis for Data Processing under the EU General Data Protection Regulations (GDPR)
The below provides information about which data is processed, how we process it and how we use your data. For that purpose, we would like to clarify the lawful basis for such processing, as required under the GDPR: (i) We process certain Personal Data where you use the Product and we have a legitimate interest in processing such data; (ii) When you contact us, we will process your details and other information you choose to provide us with in order to perform our contract with you (e.g., your contact details); and (iii) We will process certain Personal Data where you have provided based on your consent to do so, to the extent applicable.

According to the GDPR, we act as a Data Controller of Personal Data we collect and detailed herein.

We will collect your Internet Protocol address (“IP”) and/or MAC address when you use the Product and/or Software. Furthermore, we will collect technical data transmitted from your device. Such data includes your type of device, operating system (e.g., IOS), statistical data, type of browser you used, language preference, time and date stamp of your access and use the Product and Software, imprecise geographical location, the URL source which lead you to the Product, and apps installed on your device.

We are using customary practices to anonymize IP addresses immediately following collection, and we store it in an anonymized manner (i.e. in a manner allowing it not to be Personal Data).

The collection of the IP address is necessary for providing the services associated with the Product and Software. Therefore, we may use this data for the purpose of operating and protecting our Product and Software. Additionally, we will use this data for our legitimate interests in order to audit and track installations, security and fraud detection, and business operation (e.g., calculating our business partners considerations).

If you choose voluntarily to contact us through any means of communication available (for instance, be sending us an email), you will be required to provide us with your contact information, such as your name and email address.

We will use the contact details you provided and retain your contact history with us in order to respond to your inquiries, provide you with support, or any other service or assistance you requested. We will save the contact history and correspondence with you, in the event we find it relevant, such as for any future claim, to provide you with support, and to improve our services).

The California Consumer Privacy Act 2018 (“CCPA”)

The Categories of Personal Information Collected and Shared by Us

Please note that the definition of Personal Information under the CCPA does not include: (i) publicly available information from government records; and (ii) de-identified or aggregated consumer information.

According to the CCPA requirements, below is a table specifying the categories of Personal Information we collect from you:
Category Examples Collected
A. Identifiers A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number, or other similar identifiers. Yes
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code ยง 1798.80(e)). A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories. No
C. Protected classification characteristics under California or federal law. Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). No
D. Commercial information. Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. Yes
E. Biometric information. Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. No
F. Internet or other similar network activity. Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement. No
G. Geolocation data. Category Examples Collected A. Identifiers. A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number, or other similar identifiers. Yes B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code ยง 1798.80(e)). A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories. No C. Protected classification characteristics under California or federal law. Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). No D. Commercial information. Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. Yes E. Biometric information. Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. No F. Internet or other similar network activity. Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement. No G. Geolocation data. Physical location or movements. No H. Sensory data. Audio, electronic, visual, thermal, olfactory, or similar information. No I. Professional or employment-related information. Current or past job history or performance evaluations. No J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. No K. Inferences drawn from other personal information. Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. No No
H. Sensory data. Audio, electronic, visual, thermal, olfactory, or similar information. No
I. Professional or employment-related information. Current or past job history or performance evaluations. No
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. No
K. Inferences drawn from other personal information. Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. No

According to the CCPA requirements, below is information concerning disclosures of Personal Information we made for a business purpose:

In the last twelve (12) months, the Company has disclosed the following categories of Personal Information for a business purpose: (A) Identifiers; and (D) Commercial information.

We have disclosed your Personal Information for a business purpose to the following categories of third parties: (i) Data aggregators; (ii) Service providers; and (iii) Business Partners.

Please note, that Personal Information disclosed by us for a business purpose, is subject to contractual obligations on behalf of the third party, to whom the information was disclosed, not use this information for any purpose except for performing its obligations under the engagement we have with such third party.

According to the CCPA requirements, below is information concerning the sale of Personal Information:

In the last twelve (12) months, the Company did not sell Personal Information.

With Whom We Share Data

We do not sell, trade, or rent our users' Personal Data to other parties. We may share data solely for limited purposes as described below:

We will share your Personal Data, solely to the extent needed to comply with applicable law or regulation (including our policies and agreements);

We will share your Personal Data solely to the extent needed to establish or exercise our rights to defend against legal claims or to prevent harm to the rights, property or safety of us, our users, yourself or any third party or for the purpose of collaborating with law enforcement agencies or in case we find it necessary in order to enforce intellectual property or other legal rights.

We may share your data, in the event of a corporate transaction (for instance, sale of a substantial part of our business, merger, consolidation or asset sale). In such cases, our affiliated companies or acquiring company will assume the rights and obligations as described in this Privacy Policy.

We may share Personal Data with our trusted partners and service providers only to the extent required to fulfill the purposes of providing the services.

We may share online identifiers collected by us (as detailed herein), for the purpose of operating our business, as well as to calculate payments and detect fraud, security or technical issues in connection with the Product and Software;

Privacy Rights

Privacy laws in different jurisdictions provide different rights regarding your Personal Data, such as the right to access your Personal Data; the right to delete Personal Data; the right to opt-out from Personal Data processing, and so on.

Principally, if you are a resident of the European Economic Area (“EEA”) or California state, the provisions of the GDPR and the CCPA, respectively, provide you with the following rights:

The right to be informed: in order to ensure fair and transparent processing of Personal Data, you have the right to be provided with information regarding how we collect information and our privacy practices, as detailed herein.

The right to access data: you have the right to request a confirmation from us that we process your Personal Data, and under certain circumstances, be provided with a copy of the Personal Data we process.

The right to request deletion of you Personal Data: you have the right to require us to delete certain Personal Data, if certain conditions are satisfied (if the personal data is no longer needed for the original purpose it was collected for and there is no new lawful basis for continued processing; if you have exercised your right to withdrawn consent (to the extent applicable), or to object to the processing and we have no overriding grounds for the continued processing; the personal data is processed unlawfully; or erasure of personal data is necessary to comply with applicable legislation. Please note, this right is not absolute. We may reject your request under certain circumstances, including where we have to retain the data in order to comply with legal obligations or defend against legal claims, etc.

The right to object: you have the right to object the processing of Personal Data, in the event the basis for our processing activity is based on our legitimate interests, however, we will be permitted to continue the processing if our legitimate interests override your rights, or when processing is necessary to establish, exercise or defend a legal claim or right, etc.

The right to restrict processing: you may ask us to restrict the processing your Personal Data, when: the accuracy of the data is contested; processing is unlawful and you requests restriction instead of erasure; the Personal Data is no longer needed for the original purpose it was collected, however the retention of data is still required to establish, exercise or defend legal rights; or is there are overriding grounds in the context of an erasure request.

Rectification (in the event you are an EEA resident): you have the right to require to update or amend Personal Data which is not correct.

Portability: you have the right to have your Personal Data "port" to a third-party, subject that: the Personal Data was provided by you; the Personal Data is processed automatically; and the Personal Data was processed on the legal bases of contract or consent;

The Right to Non-Discrimination (in the event you are a California resident):you have the right not to be discriminated against for having exercised your rights under the applicable laws. In particular, we cannot not: deny the consumer goods or service, charge the consumer different prices for goods or services, whether through denying benefits or imposing penalties provide the consumer with a different level or quality of goods or services to the consumer.

We provide you with the option to exercise certain choices and controls in connection with our treatment of your Personal Data, depending on your relationship with us. If you wish to exercise any or all of the above rights, please send your request, in detail, to our privacy team at: support@panibal.com

Where we are not able to provide you with the information or exercise the rights for which you have asked, we will endeavor to explain the reasoning for this and inform you of your rights, including the right to complain to the supervisor authority (in the event you are EEA resident). We reserve the right to ask for reasonable evidence to verify your identity prior to providing you with any such information in accordance with applicable law.

Third Party Services

This Privacy Policy does not cover third-party services or polices third party providers or third party websites content. The third party’s data protection practices and policies may be different from ours, and are not under our control. Given the above, we will not be responsible or liable for any privacy practices of the third party and you are advised to carefully review the applicable third-party’s privacy policy.

Children’s Data

The Product and Software are not intended or directed for children, as such term is defined under applicable law, and specifically under the age of 16 (or any equivalent age). We do not knowingly collect or solicit information from children. If we later obtain actual knowledge that we process a child's Personal Data, we will take necessary steps to delete the applicable data.

Security and Retention Policy

Since your privacy is important to us we are committed to protecting your Personal Data from unauthorized access, use or disclosure. We have implemented physical, technical and administrative security measures that comply with applicable laws and industry standards.

We will take necessary measures to minimize the Personal Data that is stored on our servers in the first place. In the event of a data breach, in which we discover your Personal Data may be at risk, we will take reasonable efforts to notify you and the applicable authority (if required, subject to applicable laws).

We retain the data we have collected for as long as needed to provide the Product and Software, carry out our business purpose and to comply with our legal obligations, resolve disputes and enforce our agreements, in accordance and compliance with applicable laws, or until you request us to delete your Personal Data, as detailed above.

Transfer of Data

We may process or store Personal Data within the European Economic Area ("EEA"), US, and internationally. We will take appropriate safeguards to ensure that your Personal Data receives an adequate level of data protection as required under applicable data protection laws.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time, and if required under applicable laws. Thus, we encourage you to check this Privacy Policy once in a while to be updated with the most recent Privacy Policy. The most recent and updated version of this Privacy Policy referred in the "Updated" heading in the preamble. If a material change occurs, we will make our best efforts to provide you with the updates, in accordance with the requirements of the applicable law.

Do Not Track Signals

Please note that Do Not Track signals are not responded. See: http://www.allaboutdnt.com/, for more information

Contact Information.

If you have any questions about this Privacy Policy, please contact us at:
+1 (833) 953-2941
support@panibal.com