Last Updated September 1 st , 2024
This privacy notice, as may be amended from time to time ("Privacy Notice") describes how and why Traveler Innovations Ltd. (“Company”, “we”, “us”, or “our”), will collect, store, use, and/or share or otherwise process (“process”) your Personal Information when you download and use our mobile application ("Doona App" or "App") which is complementary tool to the Company's propriety product known as SensAlert (the "Device").
This Privacy Notice does not apply, however, to non-Company's products, services, or websites you may access through the App or to our other platforms or services who have their separate privacy policies.
Questions or concerns? Reading this Privacy Notice will help you understand Company's privacy and data protection practices in relation to Personal Information that is processed, through the App and your privacy rights and choices. If you do not agree with our policies and practices, please do not use our App and delete it. If you still have any questions or concerns, please contact us at privacy@doona.com
Please note that the use of the App is subject to the Terms and Conditions, as may be amended and/or updated from time to time (“T&C”).
For the purpose of this Privacy Policy, the following terms shall have the respective meanings set forth besides them:
1.1
"Account" means the User’s account on the App.
1.2
"EEA" means European Economic Area.
1.3
"Mobile Device" means the User’s cellular telephone or other smartphone device upon which the App is installed in compliance with the minimum requirement for installation and use under the Terms and Conditions.
1.4
"Personal Information" means (i) information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular person, consumer or household; and (ii) any information relating to an identified or identifiable natural person.
1.5
"Services" shall have the meaning ascribed to it in the T&Cs.
1.6
"User", "you" or "your" means any individual that uses the App and/or the Device.
1.7
"Virtual Stores" means stores where the App is available at, and should be downloaded by a User from, i.e., the “Apple” virtual store called the App Store and/or “Google” virtual store called Google Play.
Identification data or identifier i.e., first and last name and password.
Contact details i.e., phone number and email address.
We collect this Personal Information that you voluntarily provide to us.
To register the User for the App
Managing your contact request
Necessary for the performance of the contract (i.e., the T&C)
Legitimate interest of the Company in managing the contact requests sent to it
10 years
10 years
Social Media Login information i.e., username, email address and password
We may provide you with the option to register with us using your existing social media account details, i.e., your Facebook or Apple account. We collect the Personal Information that you voluntarily provide to such social media platform.
To register the User for the App
Necessary for the performance of the contract (i.e., the T&C)
10 years
Contact details i.e., phone number
We collect this Personal Information that you voluntarily provide to us.
To provide you with the Services
To verify your correct number
To facilitate account creation and authentication
To send you an emergency call in case of danger to the child
To link your Mobile Device and the Device
Necessary for the performance of the contract (i.e., the T&C)
10 years
Geolocation Information, i.e., information about your Device's location
We may request access or permission to track location-based information from your Mobile Device, whether continuously or while you are using our App. If you wish to change our access or permission, you may do so in your device's settings.
To provide you with the Services
To locate your car and the Device
Necessary for the performance of the contract (i.e., the T&C)
10 years
Motion & fitness, i.e., information about your Device’s physical activity, such as stationary, walking, cycling, driving, step count and more
We request access or permission to access this Personal Information. If you wish to change our access or permissions, you may do so in your Mobile Device's settings.
To provide you with the Services
To understand you are driving
Necessary for the performance of the contract (i.e., the T&C)
10 years
Mobile Device Access to your Mobile Device’s Bluetooth and contacts
We request access or permission to access this Personal Information. If you wish to change our access or permissions, you may do so in your Mobile Device's settings.
To provide you with the Services
to ensure the App is connected to the Device
to provide you with additional assistance and technical support
Necessary for the performance of the contract (i.e., the T&C)
10 years
Mobile Device Data i.e., Mobile Device ID, model, manufacturer, operating system, version information and system configuration information, device and application identification numbers, browser type and version, hardware model Internet service provider and/or mobile carrier, Internet Protocol (IP) address (or proxy server), phone network associated with your Mobile Device, information about the features of our application(s) you accessed, language preferences, referring URLs.
Log and Usage Data i.e., service-related, diagnostic, usage, and performance information, including IP address, device information, browser type, and other actions you take such as which features you use), device event information (such as system activity, error reports (sometimes called “crash dumps”), and hardware settings).
This Personal Information is automatically collected or generated from the App and the Device, including extracted by the App from the Mobile Device and the Device.
Improving Services
Supporting and enhancing data security measures of the Services
to monitor and analyze your use of the App and Device
to develop, customize and improve the App and Device
research and further development, analysis and statistics.
to prevent and mitigate the risks of fraud, error or any illegal or prohibited activity
technical administration and troubleshooting of the App and Device
to diagnose and repair Services errors, and, in cases of abuse, track and mitigate the abuse.
Legitimate interest of the Company to improve and enhance its App, Device and User's experience.
Legitimate interest of the Company to secure its App, Device and User's experience.
10 years
10 years
Additional purposes. In addition, please note that we may use the Personal Information described above to:
(i) - manage any litigation, for example to manage any dispute or litigation involving you with respect to the App, and/or Device, establish, protect, or exercise our legal rights as required, enforce the T&Cs or other contracts and defend against legal claims or demands. Such processing is based on our legitimate interest in defending its rights and interests. The retention period is 10 years or as required under applicable law.
(ii) - comply with legal and regulatory obligations, for example to perform any reporting and notifications obligations we may be subject to, to competent governmental agencies and authorities, process your requests to exercise your rights, detect, investigate, prevent, or take action against illegal activities, fraud, or situations involving potential threats to the rights. Such processing is based on legal and regulatory obligations to which we are subject. The retention period is 10 years or as required under applicable law.
Sensitive Personal Information. We do not process sensitive Personal Information.
Push Notifications. We may request to send you push notifications regarding your Account or certain features of the App. If you wish to opt out from receiving these types of communications, you may turn them off in your Mobile Device's settings.
In Short: We share Personal Information in specific situations described in this section and/or with the following third parties:
Business Transfers. We may share or transfer your Personal Information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
When we use Google Maps Platform API's. We share your Personal Information with certain Google Maps Platform API's (i.e. Google Maps API, Places API). To find out more about Google's Privacy Policy, please refer to this link. We use certain Google Maps Platform APIs to receive certain information when you make location-specific requests. This includes: Location; and other similar information. You may revoke your consent anytime by contacting us at the contact details provided at the end of this document.
Affiliates. We share your Personal Information with our affiliates who are providing some of the Services and for internal administrative purposes. Affiliates include our parent company and any subsidiaries, joint venture partners, or other companies that we control or that are under common control with us.
Service Providers and Business Partners, including data hosting services, data security services, fraud detection and prevention services, product and data analytics services, session or activity recording services, remote access services, content transcription and analysis services, performance measurement, content and data enrichment providers, insurers. We share Personal Information with selected third-party companies and individuals we engage to perform the Services on our behalf. We only provide such service providers and business partners with Personal Information so they can perform their required functions on our behalf.
Governmental, Administrative or Judiciary Authorities. We will disclose or allow government and law enforcement officials access to certain Personal Information, exclusively in response to a subpoena, search warrant or court order (or similar requirement), or in compliance with applicable laws and regulations. Such disclosure or access may occur with or without notice to you, if we have a good faith belief that we are legally compelled to do so, or that disclosure is appropriate in connection with efforts to investigate, prevent, or take action regarding actual or suspected illegal activity, fraud, or other wrongdoing.
Lawyers and Interested Parties. We will share Personal Information exclusively in case of the management of possible disputes and other legal matters where appropriate, including with respect to the App and/or the Device; to establish, protect, or exercise our legal rights; as required to enforce the T&Cs or other contracts; to defend against legal claims or demands; to detect, investigate, prevent, or take action against illegal activities, fraud, or situations involving potential threats to the rights.
Virtual Stores. To the extent required, we will share certain Personal Information with Virtual Stores, in order to comply with our contractual obligations pertaining to the use of the Virtual Stores.
In the last twelve (12) months, the Company does not have sold, and has never sold, Personal Information that identifies who you are to anyone. Although permitted by federal law, the Company does not disclosure your name and address to non-government entities such as charities or businesses, for their own marketing purposes.
In Short: If you choose to register or log in to our App using a social media account, we will have access to Personal Information.
Our App offers you the ability to register and log in using your third-party social media account details (currently your Apple and Facebook logins). Where you choose to do this, we will receive certain profile information about you from your social media provider (currently Apple and Facebook). The profile information we receive may vary depending on the social media provider concerned, but will often include your name, email address, friends list, and profile picture, as well as other information you choose to make public on such a social media platform.
We will use the Personal Information we receive only for the purposes that are described in this Privacy Notice. Please note that we do not control, and are not responsible for, other uses of your Personal Information by your third-party social media provider. In the event that you interact with the Company on social media websites or app, that may cause your Personal Information to be published to those social media networks. On those parts of the Company's website with social network functionality, a social network may be able to collect information about you.. To control this sharing of information, you should review the privacy policy of the relevant social network.
In Short: We transfer, store, and process your Personal Information in countries other than your own.
Our servers are located in the United States. By using the App, you hereby provide your informed consent to the use, processing, hosting, storage and/or transfer of the Personal Information to countries outside your jurisdiction or country, if such informed consent is required under applicable privacy and data protection law.
The recipient countries may not necessarily have data protection laws or other similar laws as comprehensive as those in your country. However, we will take all necessary measures to protect your Personal Information in accordance with this Privacy Notice and applicable law.
In Short: We keep your Personal Information for as long as you use our Services.
We will only keep your Personal Information for as long as it is necessary for the purposes set out in this Privacy Notice, unless a longer retention period is required or permitted by applicable law (such as tax, accounting, or other legal requirements), if we reasonably believe there is a prospect of litigation, if we need such Personal Information to prevent fraud, troubleshoot problems, assist with any investigations or enforce our legal terms.
When we have no ongoing legitimate business need to process your Personal Information, we will either delete or anonymize such information.
In Short: We aim to protect your Personal Information through a system of organizational and technical security measures.
We have implemented appropriate and reasonable technical and organizational security measures designed to protect the security of any Personal Information we process. Doona stores the information collected on trusted and leading E-commerce platforms. These platforms offer robust security measures to protect the data against unauthorized access, disclosure, or loss. The aforementioned platforms are designed to meet industry-leading security standards, including encryption, access controls, and regular security audits. Doona validates each platform to ensure it meets the highest regulatory privacy standards. Additionally, Doona requires every third-party partner to comply with relevant applicable privacy and data protection laws and regulations.
Doona implements robust technical and organizational measures to protect Personal Information against unauthorized access, disclosure, alteration, and destruction. These measures include encryption, access controls, security audits, etc.
However, despite our safeguards and efforts to secure your Personal Information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your Personal Information nor do we have any control over the security measures incorporated by the Virtual Stores where the App is hosted. Although we will do our best to protect your Personal Information, transmission of Personal Information to and from our Services is at your own risk. You should only access the Services within a secure environment.
If you have found a vulnerability or would like to report a security incident, you may send an email to privacy@doona.com
In Short: In some jurisdictions (like the EEA, UK and Canada), you have certain rights under applicable data protection laws. In most cases, you can exercise such rights free of charge. When you ask us to exercise any of your rights under this Privacy Notice and the applicable privacy and data protection laws, we may need to ask you to provide us with certain credentials to make sure that you are who you claim you are, to avoid disclosure to you of Personal Information which is related to others that you are not authorized to receive, and to ask you questions to better understand the nature and scope of Personal Information that you request. You can make such a request by contacting us by using the contact details provided in the section “HOW CAN YOU CONTACT US ABOUT THIS PRIVACY NOTICE” below.
EEA/UK Users: if you are based in the EEA/UK, you have the following rights:
You have the right to access your Personal Information in order to obtain clear, transparent and understandable information on how we process your Personal Information and on your rights (as provided in this Privacy Notice), as well as a copy of your Personal Information.
You have the right to rectify your Personal Information in case your Personal Information is obsolete, inaccurate or incomplete.
You have the right to object the processing of your Personal Information when the processing is based on Company's legitimate interest. The Company will no longer process your Personal Information unless the Company demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms, such as the respect of a legal obligation (e.g. legal obligation involving the retention of documents), or for the establishment, exercise or defense of legal claims.
In certain circumstances under GDPR, you have the right to restrict the processing of some of Personal Information during a limited period of time.
In certain circumstances under GDPR, you have the right to request data portability, meaning that you can receive the Personal Information originally provided by you in certain cases in a structured and commonly used format or that you can request the transfer of the Personal Information you provided to another data controller.
In certain circumstances under GDPR, you have the right to delete your Personal Information (also known as the right to be forgotten).
If applicable to the Services, you may request not to be subject to a decision based solely on automated processing, including profiling, if such profiling produces a legal effect concerning you or similarly significantly affects you and if automated processing is used.
If you believe we are unlawfully processing your Personal Information, you also have the right to complain to your local data protection supervisory authority. If you have a complaint about how we use your Personal Information, we will always prefer you to contact us first. If you are unsure which data protection authority to contact, please contact us at privacy@doona.com If you are located in Switzerland, the contact details for the data protection authorities are available here: https://www.edoeb.admin.ch/edoeb/en/home.html
Withdrawing your consent: If we are relying on your consent to process your Personal Information, you have the right to withdraw your consent at any time. You can withdraw your consent at any time by contacting us by using the contact details provided in the section “HOW CAN YOU CONTACT US ABOUT THIS NOTICE” below or updating your preferences. However, please note that this will not affect the lawfulness of the processing before its withdrawal nor, when applicable law allow, will it affect the processing of your Personal Information conducted in reliance on lawful processing grounds other than consent.
If you would at any time like to review or change the information in your Account or terminate your Account, you can log in to your Account and update your User Account. Upon your request to terminate your Account, we will deactivate or delete your account and information from our active databases. However, we will retain some information longer in our files to prevent fraud, troubleshoot problems, assist with any investigations, enforce our legal terms, comply with applicable legal requirements and/or if we reasonably believe there is a prospect of litigation.
Most web browsers and some mobile operation systems and mobile applications include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference not to have information about your online browsing activities monitored and collected. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this privacy notice.
If you are under 18 years of age, reside in California, and have a registered account with Services, you have the right to request removal of unwanted data that you publicly post on the Services. To request removal of such information, please contact us using the contact information provided below and include the email address associated with your account and a statement that you reside in California. We will make sure the data is not publicly displayed on the Services, but please be aware that the data may not be completely or comprehensively removed from all our systems (e.g. backups, etc.)
The California Code of Regulations defines a “resident” as:
1.
Every individual who is in the State of California for other than a temporary or transitory purpose and
2.
Every individual who is domiciled in the State of California who is outside the State of California for a temporary or transitory purpose
What categories of Personal Information do we share with third parties, other than service providers?
We have shared the following categories of Personal Information in the past twelve (12) months with third parties, other than service providers:
A
Identifiers
Contact details, such as real name, alias, postal address, telephone or mobile contact number, unique personal identifier, online identifier, Internet Protocol address, email address, and account name
YES
B
Personal information categories listed in the California Customer Records statute
Name, contact information, education, employment, employment history, and financial information
YES
C
Protected classification characteristics under California or federal law
Gender and date of birth
NO
D
Commercial information
Transaction information, purchase history, financial details, and payment information
NO
E
Biometric information
Fingerprints and voiceprints
NO
F
Internet or other similar network activities
Browsing history, search history, online behavior, interest data, and interactions with our and other websites, applications, systems, and advertisements
NO
G
Geolocation data
Device Location
YES
H
Audio, electronic, visual, thermal, olfactory, or similar information
Images and audio, video or call recordings created in connection with our business activities
NO
I
Professional or employment-related information
Business contact details in order to provide you our Services at a business level or job title, work history, and professional qualifications if you apply for a job with us
NO
J
Education information
Student records and directory information
NO
K
Inferences drawn from other personal information
NO
How do we use and share your Personal Information?
More information about our use and sharing of your Personal Information can be found in section 3 of this Privacy Notice.
Will your Personal Information be shared with anyone else?
We disclose your Personal Information with third parties, as described in section 3 of this Privacy Notice.
The Company has not disclosed or sold any Personal Information to third parties for a business or commercial purpose in the preceding twelve (12) months. The Company will not sell Personal Information in the future belonging to website visitors, users, and other consumers.
Your rights with respect to your Personal Information
If our processing of your Personal Information is subject to the California Consumer Privacy Act of 2018, as amended by the California Privacy Right Act of 2020 ("CCPA"), you are entitled to the following rights:
You have the right to request the deletion of your Personal Information that we collect or maintain, subject to certain exceptions.
Depending on the circumstances, you have a right to know:
1.
Whether we collect and use your Personal Information,
2.
The categories of Personal Information that we collect,
3.
The purpose for which the collected Personal Information is used,
4.
The categories of sources from which the Personal Information is collected,
5.
Whether we sell or share your Personal Information to third parties,
6.
The categories of Personal Information that we sold or disclosed for a business purpose,
7.
The categories of third parties to whom the Personal Information was sold or disclosed for a business purpose, and
8.
The business or commercial purpose for collecting or selling Personal Information, and
9.
the specific pieces of Personal Information we have collected about you
You may request correction of your Personal Information if it is incorrect.
You may request to opt out from selling of your Personal Information to third parties. Upon receiving an opt-out request, we will act upon the request as soon as feasibly possible, but no later than fifteen (15) days from the date of the request submission.
Right to Opt-Out of the Use of Automated Decision Making. In certain circumstances and to the extent applicable, you have the right to opt-out of the use of automated decision making in relation to your Personal Information.
Right to Limit the Use or Disclosure of Sensitive Personal Information. Under certain circumstances, if we use or disclose SPI, you have the right to limit the use or disclosure of SPI.
Right to Data Portability. You may request to receive a copy of your Personal Information, including specific pieces of Personal Information, including, where applicable, to obtain a copy of the Personal Information you provided to us in a portable format.
Right to Non-Discrimination for the Exercise of a Consumer's Privacy Rights. We will not discriminate against you if you exercise your privacy rights.
Verification process. Upon receiving your request, we will need to verify your identity to determine you are the same person about whom we have the Personal Information in our system. These verification efforts require us to ask you to provide information so that we can match it with information you have previously provided us. For instance, depending on the type of request you submit, we may ask you to provide certain information so that we can match the information you provide with the information we already have on file, or we may contact you through a communication method (e.g., phone or email) that you have previously provided to us. We may also use other verification methods as the circumstances dictate. We will only use Personal Information provided in your request to verify your identity or authority to make the request. To the extent possible, we will avoid requesting additional information from you for the purposes of verification. However, if we cannot verify your identity from the information already maintained by us, we may request that you provide additional information for the purposes of verifying your identity and for security or fraud- prevention purposes. We will delete such additionally provided information as soon as we finish verifying you.
In accordance with applicable law, we are not obligated to provide or delete consumer information that is de- identified in response to a consumer request or to re-identify individual data to verify a consumer request.
To exercise these rights, you can contact us or by referring to the contact details at the bottom of this document. If you have a complaint about how we handle your Personal Information, we would like to hear from you.
Only you may make a request related to your Personal Information. If you are a California resident a request can be made by a person registered with the California Secretary of State that you authorize to act on your behalf, in such event you must provide us with signed documentation that you have authorized an agent to act on your behalf.
In Short: Yes, we will update this Privacy Notice as necessary to stay compliant with relevant laws.
The Company retains the right to change this Privacy Notice at any time and without prior notice to you to reflect changes in Personal Information practices or relevant laws. If the changes are significant, we may provide a more prominent notice which may include email notification of changes to our Privacy Notice changes. The effective date of the change will appear on the top of the Privacy Notice. The practices and policies contained in this Privacy Notice replace all previous notices or statements with respect to the same subject. Your access, use, or interaction with us, our third-party providers or our App following the posting of such changes or the updated Privacy Notice will constitute your affirmative consent to and acceptance of any such changes. We encourage you to review this Privacy Notice frequently to be informed of how we are protecting your Personal Information.
If you have questions, comments or request about this Privacy Notice, you may contact us by email at privacy@doona.com.
If you are a resident in the EEA or United Kingdom, please note that the “data controller” of your Personal Information is Traveler Innovations Ltd. You can contact it at: privacy@doona.com