This Policy has been meticulously crafted to serve as a
comprehensive guide outlining the manner in which POTOLO collects,
utilizes, processes, and safeguards the personal information of
its Users. The paramount importance of privacy and data protection
is recognized by the Company, especially in the context of its
app-based services, which encompass a wide array of
functionalities including, but not limited to, ordering food from
kitchen partners, hiring workers for tasks or projects, obtaining
health consultations from certified professionals, accessing gyms
nearby with flexible memberships, managing fleets with smart
solutions, facilitating dry cleaning services with convenient
pickup and delivery options, and selling bus tickets to other
travelers. Given the diverse nature of these services and the
corresponding data collection that includes, but is not limited
to, location data, health information for consultations, and
payment information, this policy delineates the principles and
practices that the Company adheres to in compliance with global
data protection regulations such as the General Data Protection
Regulation (GDPR) and the California Consumer Privacy Act (CCPA),
ensuring the Users' privacy is respected and protected.
The scope of this Policy extends to all personal information
collected by the Company through the app, regardless of the manner
in which Users access or utilize the services. This Policy is
applicable to all platforms, technologies, and devices through
which the app's services are made available to Users. It is
designed to inform Users about their privacy rights and the
choices available to them regarding the collection, use, and
disclosure of their personal information. Furthermore, this Policy
applies to the Company's interactions with its Users and any
information collected directly from Users or through third parties
for the purpose of providing the app's services efficiently and
effectively.
By accessing, downloading, or using the app's services, Users
explicitly agree to the collection, use, processing, and sharing
of their personal information in accordance with the terms
outlined in this Policy. If a User does not agree with any part of
this Policy, they are advised not to use or access the services
provided by the app. Continued use of the app following the
posting of changes or updates to the Policy will constitute the
User's acceptance of those changes. It is the responsibility of
the User to review this policy periodically to stay informed about
how the Company is protecting their personal information.
The Company reserves the right to modify, amend, or update this
Policy at any time and for any reason without prior notice to
reflect changes in legal or regulatory obligations, the evolution
of the app's services, or advancements in privacy practices. The
date of the latest revision will be prominently displayed at the
top of the policy document. Users are encouraged to review the
Policy regularly to stay informed about how their personal
information is being protected. Significant changes to the Policy
will be communicated to Users through the app or other appropriate
channels, ensuring Users are aware of what information is
collected, how it is used, and under what circumstances, if any,
it is disclosed.
2. INFORMATION COLLECTION
2.1. Types of Information Collected
2.1.1. Personal Identification Information
Personal Identification Information encompasses data that allows
for the direct identification of an individual User. This category
includes, but is not limited to, the User's full name, email
address, postal address, and telephone number. Such information is
pivotal for the Company to provide personalized services,
facilitate communication, and ensure the delivery of products or
services requested through the app.
2.1.2. Payment Information
The Company collects Payment Information to process transactions
initiated by Users within the app. This information includes
credit card numbers, bank account details, and any other financial
data required to complete purchases or bookings. The secure
processing of Payment Information is paramount, and the Company
employs robust encryption and security measures to protect this
sensitive data from unauthorized access or misuse.
2.1.3. Health Information
For Users availing of health consultation services through the
app, the Company collects Health Information, which may include
medical histories, treatment information, and other health-related
data. This information is collected to provide tailored health
consultations and services from certified professionals. The
Company is committed to maintaining the highest standards of
confidentiality and privacy with respect to Health Information,
adhering strictly to applicable health data protection
regulations.
2.1.4. Location Data
Location Data is collected to enhance the functionality of
services such as food delivery, gym access, and other
location-based offerings provided by the app. This data enables
the Company to offer personalized recommendations, deliver
services efficiently, and optimize User experience based on
geographical proximity.
2.1.5. Device and Usage Information
To further refine and customize the User experience, the Company
collects Device and Usage Information. This includes data
pertaining to the type of device used to access the app, operating
system, browser type, internet protocol address, mobile network
information, and how the app is utilized. Analyzing this
information assists in improving app performance, diagnosing
technical issues, and tailoring services to User preferences and
device capabilities.
2.2. Methods of Collection
The Company may employ various methods to collect personal
information, ensuring transparency and consent in its data
collection practices.
2.2.1. Information You Provide
A significant portion of the data collected by the Company is
provided directly by Users through the app interface or via
communication with customer service. This includes information
entered when registering for an account, completing transactions,
engaging in consultations, or utilizing other services offered
through the app.
2.2.2. Information Collected Automatically
The Company may utilize technologies such as cookies, web beacons,
and similar tracking mechanisms to collect information
automatically as Users interact with the app. This automatic data
collection facilitates the understanding of how the app is used,
helps in customizing the User experience, and improves service
offerings.
2.2.3. Information From Third Parties
In certain instances, the Company may receive personal information
about Users from third-party sources. These sources may include
partners involved in providing services through the app, marketing
affiliates, and publicly available sources. The integration of
this information allows for the enhancement of services provided,
ensuring a comprehensive and User-centric experience.
3. USE OF INFORMATION
3.1. Providing Services
The collection of personal information by the Company is primarily
directed towards the provision of its diversified and multifaceted
app-based services. This encompasses facilitating the ordering of
food from kitchen partners, enabling the hiring of workers for
various tasks or projects, providing health consultations by
certified professionals, offering access to gyms nearby with
flexible memberships, managing fleets with innovative solutions,
arranging for the dry cleaning of clothes with convenient pickup
and delivery, and facilitating the sale of bus tickets to other
travelers. The utilization of Users' personal identification
information, location data, and specific service-related
information enables the Company to tailor and optimize the service
delivery process, ensuring that the services provided are not only
relevant but also of the highest quality and efficiency. The
Company's commitment to enhancing User experience is reflected in
the meticulous use of the collected information to facilitate User
transactions, service requests, and interactions within the app's
ecosystem, thus ensuring a seamless and satisfactory User journey.
3.2. Payment Processing
To ensure the secure and efficient processing of transactions
initiated within the app, the Company employs the collected
payment information, including, but not limited to, credit card
details and bank information. This information is crucial for the
facilitation of purchases, bookings, and other financial
transactions associated with the services offered through the app.
The Company adheres to stringent security standards and protocols
to protect and secure payment information, thereby safeguarding
Users' financial data against unauthorized access, misuse, or any
form of compromise. The trust placed by Users in the Company's
handling of their financial transactions is of paramount
importance, and as such, the Company employs advanced encryption
technology and complies with all applicable financial data
protection regulations to ensure the integrity and confidentiality
of payment processing operations.
3.3. Customer Support
In the context of providing timely and effective customer support,
the Company utilizes personal information to address and resolve
User inquiries, complaints, or feedback. This includes leveraging
personal identification information and relevant service usage
details to understand and respond to User needs, enhance the
quality of customer service, and ensure a responsive and
User-friendly support system. The Company's customer support
operations are designed to be comprehensive, User-centric, and
geared towards fostering positive User experiences, thereby
reinforcing the Company's commitment to excellence in service
delivery and customer satisfaction.
3.4. Marketing and Communications
The Company may engage in marketing and communication activities
to inform Users about new services, promotions, updates, and other
information that may be of interest. This includes the use of
personal identification information and communication preferences
to tailor marketing messages and ensure that Users receive
relevant and personalized information. The Company respects Users'
privacy preferences, including the option to opt-in or opt-out of
receiving marketing communications as per the 10DLC requirements,
thereby empowering Users to control the nature and frequency of
the marketing and communication material they receive. The
strategic use of information for marketing purposes is aimed at
enhancing User engagement, promoting new and existing services,
and building a strong, interactive community around the Company's
app-based offerings.
3.5. Improvement of Services
To continuously enhance and innovate the app's services and
features, the Company may analyze collected data, including device
and usage information, feedback, and User interactions within the
app. This analytical approach enables the Company to identify
trends, User preferences, and areas for improvement, thereby
facilitating the development of new services, optimization of
existing ones, and customization of the User experience. The
Company's dedication to service improvement is driven by a
commitment to offering Users an evolving and dynamic app ecosystem
that not only meets but exceeds their expectations in terms of
functionality, usability, and overall value.
3.6. Legal Obligations
In adherence to legal and regulatory obligations, the Company may
use collected information to comply with laws, regulations, legal
processes, or governmental requests. This includes the use of
personal information in the context of legal proceedings, audits,
security investigations, or other legal or compliance-related
purposes. The Company's approach to fulfilling its legal
obligations is characterized by a commitment to the highest
standards of legal compliance, integrity, and ethical conduct. The
utilization of User information for legal purposes is conducted
with utmost respect for privacy rights and in strict accordance
with applicable data protection laws and regulations. Whether
responding to lawful requests for information from law enforcement
agencies, complying with data protection regulations, or engaging
in efforts to prevent fraud and protect the security and integrity
of the app and its Users, the Company ensures that such uses of
personal information are justified, proportionate, and necessary
for the specified legal purpose.
In fulfilling its legal obligations, the Company remains vigilant
in its duty to protect Users' privacy and personal information,
adhering to principles of transparency and accountability. The
Company's legal team continuously monitors regulatory developments
and legal requirements to ensure compliance and safeguard the
interests of both the Company and its Users. By integrating legal
compliance seamlessly into its operations and decision-making
processes, the Company not only upholds its legal responsibilities
but also reinforces its commitment to operating in an ethical,
responsible, and User-focused manner.
In conclusion, the use of information by POTOLO is multifaceted
and encompasses a broad spectrum of activities essential for the
provision and improvement of its services, customer support,
marketing communications, and compliance with legal obligations.
The Company's policies and practices regarding the use of
information are underpinned by a commitment to privacy, security,
and compliance, ensuring that Users' personal information is
handled with the highest level of care and integrity.
4. INFORMATION SHARING AND DISCLOSURE
4.1. With Service Providers
POTOLO may engage with a variety of third-party service
providers to facilitate the seamless delivery of its app-based
services, which range from food ordering to health
consultations, and from fleet management to ticket sales for
travelers. These service providers perform critical functions on
behalf of the Company, such as payment processing, data
analysis, email delivery, hosting services, customer service,
and marketing assistance. In order to perform these services,
third-party service providers have access to the personal
information necessary to execute their duties effectively.
However, the Company implements stringent contractual
obligations to ensure that these service providers protect the
information and use it solely for the purposes for which they
were engaged, adhering to privacy standards that are as
protective as the Company’s own policies. The Company endeavors
to carefully vet each service provider for compliance with
relevant data protection laws and insists on adherence to
confidentiality agreements and data processing terms that
restrict their use of, access to, and the protection of personal
information.
4.2. For Legal Reasons
The Company reserves the right to share personal information
with third parties if required to do so by law or if such action
is necessary to comply with legal processes, respond to claims,
or protect the rights, property, or safety of the Company, its
Users, or the public. This includes complying with legal
obligations such as court orders, warrants, or subpoenas,
participating in legal proceedings, responding to requests from
public and governmental authorities, enforcing our terms and
conditions, conducting investigations, and protecting against
fraud, security breaches, or technical issues. In such cases,
the Company makes every effort to notify affected Users about
the legal demands for their personal information, unless
providing such notice is prohibited by the legal process itself,
by court order we receive, or by applicable law, or unless the
request is an emergency. In these situations, our commitment is
to protect our Users' privacy and legal rights to the fullest
extent allowed by law.
4.3. Business Transfers
In the event of a merger, acquisition, bankruptcy, dissolution,
reorganization, sale of some or all of the Company’s assets, or
transition of service to another provider, Users' personal
information may be among the assets transferred. This includes
personal identification, payment information, health data,
location data, and device and usage information. The Company’s
practice in such transactions is to notify Users before their
personal information is transferred and becomes subject to a
different privacy policy. The Company commits to ensuring the
confidentiality of personal information is maintained and that
any potential transfer is performed in compliance with
applicable privacy laws and regulations, ensuring a seamless
transition for Users and the continued protection of their
privacy.
4.4. With Your Consent
Aside from the circumstances described above, the Company may
share personal information with companies, organizations, or
individuals outside of POTOLO when we have the explicit consent
of the User to do so. This consent-based sharing is typically
related to services that require the integration of third-party
offerings with those of the Company or to accommodate the User
preferences. This includes the opt-in options for receiving
marketing communications, promotional offers, or information
about third-party services that may be of interest. Users have
the right to withdraw their consent at any time, effectively
halting further sharing of their information under this
provision. The Company places the utmost importance on ensuring
that Users’ choices and consent are respected and acted upon
with transparency and integrity, maintaining the principle that
User information is shared externally only with clear,
affirmative consent from the User.
5. DATA RETENTION AND SECURITY
5.1. Retention Period
POTOLO is committed to retaining personal information only for
as long as necessary to fulfill the specific purposes for which
it was collected and to comply with our legal and regulatory
obligations. This retention period is dependent upon the nature
of the information collected and the purpose for which it is
collected and processed. For instance, transactional records,
including payment information, are retained in accordance with
relevant tax and accounting laws, whereas personal
identification information and health data used for providing
services and customer support are retained for the duration of
the User’s relationship with the Company plus a period
thereafter as dictated by legal, contractual, or ethical
obligations. The Company conducts regular reviews of all
personal information held to determine its continued relevance
and deletes or anonymizes data when it is no longer necessary
for its collected purpose or when the retention period expires,
whichever comes first. In certain cases, Users may request the
deletion of their information before the expiry of the retention
period, in which case the Company will evaluate such requests in
accordance with applicable laws and its data retention policies.
5.2. Security Measures
The security of personal information is of paramount importance
to the Company. To protect User data against unauthorized,
illegal, or unlawful access, alteration, disclosure, or
destruction, the Company employs a comprehensive suite of
security measures that include physical, technical, and
administrative safeguards. These measures are designed to
provide a level of security appropriate to the risk of
processing personal information. Technical safeguards include
the use of encryption, firewalls, and secure server facilities.
Administrative measures involve the implementation of access
controls and least privilege, ensuring only authorized personnel
have access to personal information for approved purposes. The
Company also engages in regular security assessments and audits
to evaluate and enhance its security posture. Employee training
in data protection and privacy is conducted periodically to
reinforce the importance of security and to ensure that all
staff members are aware of and comply with our security
practices and policies.
5.3. Breach Notification
In the unfortunate event of a data breach that is likely to
result in a risk to the rights and freedoms of individuals, the
Company is committed to promptly notifying the affected
individuals and relevant authorities in accordance with
applicable data protection laws. This notification will include,
as far as is reasonably possible, the nature of the data breach,
the categories and approximate number of individuals concerned,
the likely consequences of the breach, and the measures taken or
proposed to be taken by the Company to address the breach,
including, where appropriate, measures to mitigate its possible
adverse effects. The Company’s approach to breach notification
is guided by a commitment to transparency, accountability, and
the protection of the User privacy. Efforts to investigate the
breach will be initiated promptly, with the aim of swiftly
identifying the cause, implementing measures to prevent future
occurrences, and complying with our legal and regulatory
notification and reporting obligations.
6. YOUR RIGHTS AND CHOICES
6.1. Access to Your Information
POTOLO acknowledges and supports the fundamental right of
individuals to access their personal information that the
Company holds. Users have the right to request a copy of their
personal information to understand what information is being
processed and how it is being used. Upon receiving a request for
access, the Company will provide a copy of the personal
information under its control, along with an explanation of the
data processing activities, in a clear and comprehensible
format. The Company is committed to facilitating these requests
in a timely manner, subject to any limitations or exceptions
under applicable laws. This process is designed to ensure that
individuals are fully aware of the personal information that the
Company processes, thereby promoting transparency and trust.
6.2. Correction and Deletion
The accuracy of personal information is paramount to the
Company's operations. Users have the right to request the
correction of inaccurate or incomplete personal information held
by the Company about them. In addition, Users may request the
deletion of their personal information when it is no longer
necessary for the purposes for which it was collected, when
consent is withdrawn and there is no other legal ground for
processing, or when complying with a legal obligation. The
Company will review and accommodate such requests in accordance
with applicable data protection laws, ensuring that Users have
control over their personal information. The Company also
recognizes the importance of this right in empowering Users to
maintain control over their privacy and data security.
6.3. Data Portability
Data portability allows Users to receive the personal
information they have provided to the Company in a structured,
commonly used, and machine-readable format. Furthermore, it
enables Users to transmit this information to another entity
without hindrance from the Company, where technically feasible.
This right is particularly relevant in contexts where the
processing is based on the User’s consent or on a contract, and
the processing is carried out by automated means. The Company
supports this right by providing Users with the means to easily
request and receive their data, thereby enhancing User autonomy
and control over personal information.
6.4. Opting Out of Communications
The Company offers Users the option to opt-in to receive
marketing communications, including text messages, in compliance
with the Ten Digit Long Code (10DLC) standards and other
applicable regulations. Users who have previously opted in may
choose to opt-out of receiving such communications at any time.
To facilitate this, the Company provides clear and simple
mechanisms for Users to withdraw their consent, such as
unsubscribe links in emails or instructions in text messages.
The Company ensures that opting out is as easy as opting in,
respecting Users’ preferences regarding communication and
engagement.
6.5. Restrictions on Processing
Users have the right to request restrictions on the processing
of their personal information under certain circumstances, such
as when the accuracy of the information is contested, when the
processing is unlawful, or when the Company no longer needs the
personal information for processing but the individual requires
the data for the establishment, exercise, or defense of legal
claims. The Company will assess such requests on a case-by-case
basis and implement restrictions accordingly, ensuring that
processing is limited to necessary operations as dictated by the
User's request and applicable laws.
6.6. Withdrawing Consent
At any time, Users have the right to withdraw their consent for
the processing of their personal information when such
processing is based on consent. Withdrawal of consent does not
affect the lawfulness of processing based on consent before its
withdrawal. The Company is committed to ensuring that
withdrawing consent is a straightforward process, enabling Users
to effectively exercise their right to dictate the terms of
their personal information's processing. Upon receipt of a
withdrawal request, the Company will cease processing the
personal information for the purposes for which consent was
originally obtained, unless another legal basis for processing
exists.
7. COOKIES AND TRACKING TECHNOLOGIES
7.1. Use of Cookies
POTOLO may employ cookies and similar tracking technologies to
enhance User experience on its app, facilitate efficient
navigation, personalize and improve our services, and analyze
how our app is used. Cookies are small data files stored on your
device by a web server, primarily used to identify Users as
unique visitors by storing User preferences and tracking User
trends and patterns. The Company utilizes both session cookies,
which expire once you close your web browser, and persistent
cookies, which remain on your device for a set period or until
manually deleted, to provide a personalized experience. These
technologies help the Company understand User behavior within
the app, including which parts of the app Users find most useful
or engaging, thereby enabling the customization of content and
advertisements, and improving the overall service offered. The
use of cookies and tracking technologies is standard across the
digital services industry, and they play a critical role in the
ongoing development and optimization of our services.
7.2. Managing Cookies
Users retain full control over the use of cookies and similar
technologies. Most web browsers provide options to accept,
reject, or delete cookies, which can usually be found in the
browser's "Settings" or "Preferences" menu. It is important for
Users to be aware that disabling or rejecting cookies may limit
the functionality of the app, affecting the User's ability to
engage with some services fully. For those wishing to not have
their data collected through cookies, the Company provides
guidance and information on how to manage browser settings to
either block all cookies automatically or receive warnings
before a cookie is stored. Furthermore, Users may also use
third-party tools to manage the collection and use of
information by these technologies.
7.3. Third-Party Tracking
Beyond the Company's use of cookies and similar technologies,
third-party services and advertisers may also employ such
technologies to collect information regarding your activities on
the Company's app and other websites over time. This information
may be used by these third parties to provide advertising and
services targeted towards your interests based on your browsing
activities and preferences. The Company does not control these
third-party tracking technologies or how they may be used. For
information about managing your privacy and security settings
for cookies and other tracking technologies used by these third
parties, Users are encouraged to directly consult the privacy
policies of these third parties. The Company is committed to
transparency regarding the use of third-party tracking
technologies and endeavors to work with third parties that
adhere to similar standards of privacy and data protection as
the Company itself.
8. INTERNATIONAL DATA TRANSFER
8.1. Transfer Mechanisms:
POTOLO may operate on a global scale, which may necessitate
the transfer of personal information across international
borders. Such transfers may be essential for the seamless
delivery of the Company's services, including, but not limited
to, ordering food, hiring workers, health consultations, gym
access, fleet management, dry cleaning services, and bus
ticket sales. To ensure the lawful transfer of personal
information from the European Economic Area (EEA), the United
Kingdom (UK), and other jurisdictions with data protection
laws to countries that may not have equivalent legal
frameworks for privacy and data protection, the Company shall
rely on various transfer mechanisms recognized and authorized
under data protection laws. These mechanisms include the use
of Standard Contractual Clauses (SCCs) approved by the
European Commission, adherence to the EU-U.S. Privacy Shield
Framework (to the extent it is recognized and applicable), and
obtaining explicit consent from Users for specific
international transfers as and when required. The Company is
committed to ensuring that all international transfers of
personal information are conducted in compliance with
applicable data protection laws and that the information
remains protected to the standards described in this privacy
policy.
8.2. Safeguards:
Recognizing the importance of maintaining the security and
integrity of personal information during and after its
transfer across international borders, the Company shall
implement robust safeguards. These safeguards shall be
designed to protect personal information irrespective of the
country to which it is transferred or stored. This shall
include the encryption of data in transit and at rest,
conducting regular privacy impact assessments for
international data transfers, and ensuring that all
third-party service providers and partners who have access to
personal information are bound by confidentiality agreements
and are obligated to maintain adequate data protection
measures. Furthermore, the Company continuously monitors and
assesses the legal and regulatory changes in data protection
laws to adapt its data transfer practices accordingly. In
cases where the data protection laws of the receiving country
do not afford an equivalent level of protection as those in
the User’s country, the Company takes additional measures,
such as implementing supplementary data protection contractual
clauses or adopting more stringent internal privacy policies,
to ensure that Users' personal information is treated securely
and in accordance with this privacy policy.
9. CHILDREN'S PRIVACY
POTOLO places paramount importance on the protection of
children's privacy and is committed to complying with all
applicable laws and regulations designed to protect children's
personal information. Recognizing the sensitivity of
children’s information, the Company does not knowingly
collect, use, or disclose personal information from children
under the age of thirteen (13) or the applicable age limit set
by legislation in various jurisdictions (collectively referred
to as "children"). The services offered by the Company are not
directed to children, and the Company does not intentionally
design its app to appeal to children. In the event that the
Company becomes aware that it has inadvertently collected
personal information from children without verifiable parental
consent, prompt steps shall be taken to remove such
information from the Company’s records. This includes
conducting a thorough review of our data processing practices
to prevent such occurrences and implementing stringent
measures to identify and block the inadvertent collection of
children’s information. Furthermore, the Company strongly
encourages parents and guardians to take an active role in
their children's online activities and interests. In cases
where the Company's services are utilized by minors, the
Company relies on parents or guardians to provide consent for
the collection, use, and sharing of personal information of
their children, in accordance with applicable laws. The
Company provides parents and guardians with the means to
review the information collected from their children, request
the deletion of such information, and refuse to allow any
further collection or use of their children's information. To
exercise these rights, parents or guardians can contact the
Company directly through the contact information provided in
this Privacy Policy. Upon receiving such a request, the
Company will take the necessary steps to verify the identity
of the requester to ensure that they have the authority to
make such a request on behalf of the child. Once verified, the
Company will promptly comply with the request in accordance
with this Privacy Policy and applicable data protection laws.
The Company's commitment to ensuring the privacy and safety of
children’s information reflects our broader dedication to
safeguarding all Users' privacy and security. Through
continuous evaluation and improvement of our privacy
practices, the Company strives to maintain a safe and secure
environment for all Users, with special consideration given to
the protection of children's privacy.
10. LINKS TO OTHER SITES
In the pursuit of providing a comprehensive and enriched User
experience, POTOLO may include links within its app to
external websites, platforms, and services that are operated
by third parties. These links are provided to offer additional
information, services, or products that may be of interest to
the Users of the Company’s app. It is important for Users to
acknowledge and understand that these third-party sites
operate independently from the Company and are not under the
control of POTOLO. Consequently, these external sites may have
their own privacy policies, terms of service, and data
collection practices that are distinct from those of the
Company. The Company makes no representations or warranties
regarding the policies or business practices of any
third-party websites and advises Users to review the privacy
policies and terms of service of any site they visit through
links provided by the Company’s app. The inclusion of any link
does not imply endorsement, authorization, sponsorship, or
affiliation by the Company with respect to such site, its
owners, or its providers. When Users choose to follow a link
to an external site, they must be aware that they are leaving
the Company’s app and that the protections afforded by the
Company’s Privacy Policy no longer apply. Any information
Users provide to these external sites will be governed by the
privacy policies of those specific sites, not by POTOLO’s
Privacy Policy. This includes information collected by
cookies, pixels, and other tracking technologies that may be
employed by third-party sites to collect and use information
about Users in a manner that is different from the Company.
The Company encourages Users to be cautious when leaving the
app and to read the privacy statements of any other site that
collects personally identifiable information. This clause is
designed to inform Users about the potential risks and
considerations associated with navigating to third-party
websites and to encourage informed and cautious engagement
with these external sources of information and services. In
conclusion, while the Company strives to provide valuable and
vetted links to useful and ethical websites, it has no control
over the content and nature of these sites. Users should
exercise caution and look at the privacy statement applicable
to the website in question. The Company’s goal in including
links to other sites is to enhance User experience and provide
additional value, but User privacy and data protection remains
of paramount consideration. In cases where the Company's
services are utilized by minors, the Company relies on parents
or guardians to provide consent for the collection, use, and
sharing of personal information of their children, in
accordance with applicable laws. The Company provides parents
and guardians with the means to review the information
collected from their children, request the deletion of such
information, and refuse to allow any further collection or use
of their children's information. To exercise these rights,
parents or guardians can contact the Company directly through
the contact information provided in this Privacy Policy. Upon
receiving such a request, the Company will take the necessary
steps to verify the identity of the requester to ensure that
they have the authority to make such a request on behalf of
the child. Once verified, the Company will promptly comply
with the request in accordance with this Privacy Policy and
applicable data protection laws.
11. COMPLIANCE WITH GLOBAL REGULATIONS
11.1. GDPR Compliance:
POTOLO is fully committed to compliance with the General Data
Protection Regulation (GDPR), which sets forth the principles
and requirements for the processing of personal data of
individuals within the European Union (EU) and European
Economic Area (EEA). In adherence to GDPR, the Company ensures
lawful, fair, and transparent processing of personal data,
maintaining strict purposes for processing while limiting data
collection, storage, and usage to what is necessary and
consented to by the individuals. The Company recognizes the
importance of implementing appropriate technical and
organizational measures to ensure and demonstrate that any
data processing is performed in accordance with the GDPR. This
includes ensuring data security, offering robust data subject
rights, executing Data Protection Impact Assessments (DPIAs)
where processing operations present high risks to the rights
and freedoms of natural persons, and appointing a Data
Protection Officer (DPO) where required. The Company's GDPR
compliance is further underpinned by its commitment to
facilitating Users' rights such as access, rectification,
erasure, restriction of processing, data portability,
objection to processing, and not being subject to automated
decision-making including profiling.
11.2. CCPA Compliance:
In alignment with the California Consumer Privacy Act (CCPA),
the Company takes proactive steps to respect and protect the
privacy rights of California residents. The CCPA provides
California residents with the right to know about the personal
information collected about them, the purposes for which it is
used, and to whom it is disclosed. It also grants them the
right to request deletion of personal information, to opt-out
of the sale of their personal information, and to receive
equal service and price, even if they exercise their privacy
rights. In compliance with CCPA, the Company has established
processes to respond to verifiable consumer requests related
to their personal information within the stipulated timelines.
The Company ensures transparency in its data collection and
processing practices, providing detailed information in this
Privacy Policy and facilitating the exercise of consumers'
rights through designated channels.
11.3. Other Applicable Laws:
The Company recognizes that its operations and services are
accessed globally, and as such, commits to complying with
other applicable privacy laws and regulations in jurisdictions
where its Users reside. This commitment involves adapting and
aligning its data protection and privacy practices with
diverse legal requirements, including but not limited to,
obtaining necessary consents for data processing, providing
notices and disclosures, ensuring data subject rights, and
implementing data security measures across different
jurisdictions. The Company continually monitors legal
developments in data protection and privacy laws around the
world to adjust its policies, practices, and procedures
accordingly. The Company's approach to global compliance is
based on a foundation of respect for individual privacy rights
and the principle of providing clear, concise, and effective
communication to its Users regarding their personal data.
Through its comprehensive efforts to comply with GDPR, CCPA,
and other applicable laws, POTOLO demonstrates its unwavering
commitment to data protection and privacy, ensuring that its
practices not only meet but exceed global standards for
privacy and data protection. This dedication to compliance is
a cornerstone of the Company’s operations, fostering trust and
confidence among its Users and stakeholders.
12. CONTACT INFORMATION
12.1. How to Contact Us:
POTOLO is committed to the protection of personal data and
respects the privacy concerns of all Users of its app. We
understand the importance of transparent communication and the
need for Users to have a clear channel for queries, requests,
and concerns related to their personal information and privacy
rights. Users seeking information about their personal data,
wishing to exercise their rights under applicable data
protection laws, or having any questions or concerns regarding
the Privacy Policy or data protection practices of the
Company, are encouraged to contact us directly. Our dedicated
customer support team can be reached through the following
means:
- Email: [INSERT EMAIL ADDRESS]
- Postal Mail: [INSERT POSTAL ADDRESS]
- Phone: [INSERT PHONE NUMBER]
-
Contact Form: As may be available on the app and/or the
website.
We strive to respond to all queries and requests promptly and
effectively, ensuring that your concerns are addressed in a
timely and respectful manner. For specific requests related to
personal information, please provide sufficient detail to
allow us to identify your information and process your request
accurately. The Company is devoted to maintaining open and
constructive communication with its Users, upholding the
principles of transparency and accountability in all
interactions.
12.2. Data Protection Officer:
To reinforce our commitment to data protection and privacy,
the Company has appointed a Data Protection Officer (DPO)
responsible for overseeing the Company’s compliance with
global data protection regulations, including but not limited
to GDPR and CCPA. The DPO plays a critical role in advising
the Company on data protection obligations, monitoring
compliance with data protection laws, being a point of contact
for data subjects, and cooperating with supervisory
authorities. Should you have any inquiries specifically
related to data protection, or wish to exercise your rights
directly related to data privacy, our Data Protection Officer
can be contacted at:
- Email: [INSERT DPO’S EMAIL ADDRESS]
- Postal Mail: [INSERT DPO’S POSTAL ADDRESS]
The Data Protection Officer is equipped to provide the
necessary support and guidance regarding the processing of
your personal data and to address any concerns relating to
privacy matters. We encourage you to reach out to our DPO for
matters specifically concerning data protection and privacy
rights. The Company ensures that all communications with the
DPO are treated with the highest level of confidentiality and
professionalism.
13. POLICY UPDATES
In a digital environment that is constantly evolving, the
Company acknowledges the necessity for periodic updates to its
Privacy Policy to accommodate new legal requirements,
technological advancements, and changes in our business
operations. Such updates are essential to maintain alignment
with best practices in data privacy and protection, ensuring
the continuous safeguarding of User information. Should there
be any amendments to this Privacy Policy, the Company pledges
to provide Users with clear and conspicuous notice of such
changes prior to their implementation. This may include
notifications through the app, email communications, or any
other method deemed appropriate to ensure Users are informed
in a timely and effective manner. The updated policy will be
made available on the Company’s app and website, with the
revision date clearly indicated to aid Users in identifying
the most current version. Users are encouraged to review the
Privacy Policy regularly to stay informed about how their
personal information is being protected. Continued use of the
Company’s services after any updates to the Privacy Policy
will constitute acceptance of the revised terms. Should Users
disagree with any changes to the policy, they have the option
to discontinue use of the Company’s services and may contact
the Company through the provided contact information to
express concerns or seek further clarification.