Idoru Privacy Policy

Last Updated: May, 26, 2022

 

INTRODUCTION


This Privacy Policy pertains to the Idoru website, application and other services (the “Idoru Services”) which are made available by Idoru, Inc. (“Idoru”, “we”, “our”, “us”), a corporation registered in Delaware, with a registered office at 24A Trolley Square #1304 Wilmington, DE 19806. This Privacy Policy is intended to inform our users (“user(s)”, “you”, or “your”) about how we may collect and use the personal information that you provide through your use of and access to the Idoru Services, the manner in which we may use such information, how we protect it, and the choices available to you regarding our use of your personal information.


We may modify or supplement this Privacy Policy from time to time by posting those changes on this page. Any changes will become effective as of the date of posting. Please review this Privacy Policy often so you are always fully informed of any changes.

 

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us or if you are aware that any personal data, we hold is inaccurate.


This Privacy Policy is binding on all those who access, visit, and/or use the Idoru Services, whether acting as an individual or on behalf of an entity.  If you do not agree to be bound by this Privacy Policy, then do not access or use the Idoru Services.


This Privacy Policy is part of our Terms of Use, which govern your use of the Idoru Services. By using the Idoru Services, contacting us to inquire about the Idoru Services, or otherwise providing us with information, you consent to our Privacy Policy and agree to our Terms of Use.


The Idoru Services may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave the Idoru Services, we encourage you to read the privacy policy of every website you visit.


If you have any questions about this Privacy Policy, please contact us as directed below.


CHILDREN’S DATA PROTECTION AND PARENTAL RESPONSIBILITY


We recognize the importance of children’s safety and privacy. The Idoru Services are not designed to attract children and are not intended for use by any children under the age of 13. We do not request, or knowingly collect, any personally identifiable information from children under the age of 13. If you are the parent or guardian of a child under 13 who has provided her or his information to us, please contact us at legal@idoru.world to request the deletion of that information.


THE DATA WE COLLECT ABOUT YOU


Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).


We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

Identity Data includes (but is not limited to) first name, last name, username or similar identifier, title, and year of birth.

  • Contact Data includes (but is not limited to) billing address, residential address, email address and telephone numbers.
  • Transaction Data includes (but is not limited to) details about payments to and from you and other details of products and services you have purchased from us.
  • Technical Data includes (but is not limited to) internet protocol (IP) address, unique mobile device identification numbers, type of device, login data, browser type and version, time zone setting and geo location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access the Idoru Services.
  • Profile Data includes (but is not limited to) your login details, purchases or orders made by you, preferences, feedback, and survey responses.
  • Usage Data includes (but is not limited to) information about how you use the Idoru Services.
  • Marketing and Communications Data includes (but is not limited to) your preferences in receiving marketing from us and our third parties, news about our products and your communication preferences.


If you decide to make a payment for any of our products and services, your Financial Data, which includes your bank account and payment card details, will be collected and processed by our external payment service provider. We will not have access to, collect, use, store or transfer your Financial Data.


We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data by law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific feature of the Idoru Services. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this Privacy Policy.


We may collect Special Categories of Personal Data about you (this includes details about your race or ethnicity and sexual orientation, ) if you choose to provide this information to us. This information is used as part of our impact model. While you may choose to provide this information, it is completely optional to do so and your use and enjoyment of the Idoru Services will not be impacted if you choose not to provide this information. Any use of this information by us will be in an anonymized and aggregated form. If you have any questions about our collection or use this information, please feel free to contact us.


We use mobile analytics software to allow us to better understand the functionality of our mobile software on your device. This software may record information such as aggregated usage and performance data. We do not link the information we store within the analytics software to any personal information you submit within the Idoru Services.


Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you. In this case, we may have to cancel a product or service you have with us.


HOW YOUR DATA IS COLLECTED


We use different methods to collect data from and about you including, but not limited to:


Direct interactions. You may give us your Identity Data, Contact Data and Financial Data by filling in forms or by corresponding with us by mail, phone, email or otherwise. This includes personal data you provide when you:

– make purchases in the Idoru Services;

– create an account;

– subscribe to our newsletter or other publications;

– request marketing to be sent to you;

– request support for the Idoru Services;

– enter a competition, promotion or survey; or

– give us feedback.


Automated technologies or interactions. As you interact with the Idoru Services, we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, pixels, server logs and other similar technologies. We may also receive Technical Data about you if you visit other websites employing our cookies.


Third parties or publicly available sources. We may receive personal data about you from various third parties and public sources as set out below:

Technical Data from analytics providers, advertising networks and search engine providers.


Contact and Transaction Data from providers of technical, payment and delivery services.


Identity and Contact Data from data brokers or aggregators.


Identity and Contact Data from publicly availably sources.


HOW WE USE YOUR DATA


We will only use your personal data as allowed by law. Most commonly, we will use your personal data in the following circumstances:


Providing the Idoru Services: To provide the Idoru Services, which may include using your personal data for customizations and recommendations, customer support and to manage our relationship with you for purposes of contractual obligations and the ongoing administration of the Idoru Services.

Continuing to Develop and Improve the Idoru Services: To develop, test and improve the Idoru Services, including adding or improving new features and performing troubleshooting activities.


Marketing the Idoru Services: To enable us and our third party marketing partners to use aggregated and anonymized information to develop marketing strategies for the Idoru Services. We will not send you ads within the Idoru Services.


Security: To ensure authentication of users and accounts and to review, research and address security issues.


Communications: To contact you about the Idoru Services, including updates, issues relating to your account, and changes to our policies, as well as to respond to questions or comments you may send to us directly.


Legal Obligations: Where we need to use or share your personal data in order to comply with a legal or regulatory obligation.


Marketing

We provide you with choices regarding our use of your personal data for marketing and advertising purposes. You will receive marketing communications from us if you have subscribed for an account with us or purchased goods or services from us and you have not opted out of receiving that marketing. All of our marketing communications to you contain an opt out option and you can opt out at any time. Please note that the opt out will not affect the lawfulness of processing that has taken place before the opt out.


Third-Party Marketing

We will get your explicit opt-in consent before we share your personal data with any company outside of Idoru for marketing purposes.


Opting Out

You can ask us to stop sending you marketing messages at any time by contacting us at info@idoru.world at any time.


Opting Out of Geolocation

If you have previously allowed us to access your geolocation data, you can stop making geolocation available to us by visiting your mobile device’s settings for the Idoru Services or the “settings” page for the Idoru Services.


Opting Out of Other Communications

When you install the Idoru Services on your mobile device you can choose to receive push notifications, which are messages the Idoru Services send you on your mobile device even when the mobile app is not on. You can turn off notifications by visiting your mobile device’s “settings” page.


Cookies

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly.


DATA SECURITY


We incorporate commercially reasonable safeguards to help protect and secure your personal information. However, no data transmission over the Internet, mobile networks, wireless transmission, or electronic storage of information can be guaranteed 100% secure. As a result, we cannot guarantee or warrant the security of any information you transmit to or from the Idoru Services, and you provide us with your information at your own risk.


If you have any questions about security on the Idoru Services or if you become aware of any unauthorized use of an account or suspect a security breach, notify us immediately via email at legal@idoru.world. If our security system is breached, we will notify you of the breach only if and to the extent required under applicable law.


DATA RETENTION


We will only retain your personal data for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.


To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.


In some circumstances we may anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.


YOUR DATA PROTECTION RIGHTS UNDER THE GENERAL DATA PROTECTION REGULATION (GDPR)


If you are a resident of or located within the European Economic Area (EEA), Switzerland or the UK, you have certain additional data protection rights. These rights include:


– The right to access, update or delete the information we have on you. Whenever made possible, you can access, update or request deletion of your personal information directly within your account settings section.

– The right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete.

– The right to object. You have the right to object to our processing of your personal information.

– The right of restriction. You have the right to request that we restrict the processing of your personal information.

– The right to data portability. You have the right to be provided with a copy of the information we have on you in a structured, machine-readable and commonly used format.

– The right to withdraw consent. You also have the right to withdraw your consent at any time where we relied on your consent to process your personal information.

– To exercise any of the above rights, please contact us at legal@idoru.world. In order to comply with such requests, we may require additional information from you in order to confirm your identity.


Should you wish to raise a concern about our use of your information (and without prejudice to any other rights you may have), you have the right to do so with your local supervisory authority; however, we hope that we can assist with any queries or concerns you may have about our use of your personal information first.


For more information, please contact your local data protection authority.


Legal Basis for Processing Personal Information Under GDPR


Our legal basis for collecting and using the personal information described in this Privacy Policy depends on the personal information we collect and the specific context in which we collect it.


We may process your personal information because:

– We need to perform a contract with you;

– You have given us permission to do so;

– The processing is in our legitimate interests and it is not overridden by your rights; or

– To comply with the law.


Transfer of Information


Your information, including personal information, may be transferred to – and maintained on – computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.


If you are located outside the United States and choose to provide information to us, please note that we transfer the data, including personal information, to the United States and process it there.


Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.


We will take all the steps reasonably necessary to ensure that your personal information is treated securely and in accordance with this Privacy Policy and no transfer of your personal information will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.


YOUR CALIFORNIA PRIVACY RIGHTS


California Consumer Privacy Act


Under the California Consumer Privacy Act of 2018 (CCPA), California residents may have the following rights:

– Right to Know: The right to request the personal data that we collect, use or disclose and information about our data practices;

– Right to Request Deletion: The right to request that we delete the personal data we have collected about you; and

– Right to Non-Discrimination: The right to not be discriminated against for exercising any of these rights. 


To request further information pursuant to your “right to know” or to request deletion of person data pursuant to your “right to request deletion”, please email legal@idoru.world.


We will acknowledge receipt of your request within 10 business days, and provide a substantive response within 45 calendar days, or inform you of the reason and extension period (up to 90 days) in writing.


Under the CCPA, only you or an authorized agent may make a request related to your personal data. Note that to respond to your requests to access or delete personal data under the CCPA, we must verify your identity.


California’s Shine the Light Law


California Civil Code Section 1798.83 permits California residents to request and obtain a list of what personal information (if any) that we disclosed to third parties for direct marketing purposes in the preceding calendar year and the names and addresses of those third parties.  Requests may be made only once a year and are free of charge. Under Section 1798.83, California residents are entitled to request and obtain such information, by e-mailing a request to legal@idoru.world.


CHANGES IN THIS PRIVACY POLICY


We reserve the right to modify and update this Privacy Policy at any time by posting an amended version of the statement on the Idoru Services.  Please refer to this policy regularly. If at any time we decide to use personal information in a manner different from that stated at the time it was collected, we will notify you either on the Idoru Services or via email.