SWYM

PRIVACY POLICY

LAST UPDATED: July 24, 2023

We are delighted that you have shown interest in the services of SWYM, a native app platform which allows users to create their personal profile, create a geo-locked dating/networking pool and/or join a geo-locked dating/networking pool if the user is physically at the location of such pool, operated by Novel Ground Ventures, LLC based in 132-01 Roosevelt Avenue PMB 818181, Flushing, New York, USA 11354 (hereinafter referred to as “SWYM” or “We” or “Us” etc.), such services are provided via https://www.swymapp.com/ (the “Website”) and SWYM Mobile Application available for iOS and Android devices (the “App”). Website and App are collectively referred to as the “Platform”. Data protection is a particularly high priority for the management of SWYM. The use of the Platform is possible without any indication of personal data; however, if a data subject wants to use Services via our Platform, processing of personal data may become necessary. If the processing of personal data is necessary, and there is no statutory basis for such processing, we generally obtain consent from the data subject. This Privacy Policy applies to websites, apps, events and other services we operate under the SWYM brand. For simplicity, we refer to all of these as our “Platform” in this Privacy Policy.

The processing of personal data, such as the name, address, e-mail address, or phone number of a data subject shall always be in line with the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA) and in accordance with the country-specific data protection regulations applicable to SWYM. Utilizing this data protection declaration, our enterprise would like to inform the general public of the nature, scope, and purpose of the personal data we collect, use and process. Furthermore, data subjects are informed through this data protection declaration, of the rights to which they are entitled.

As the controller, SWYM has implemented numerous technical and organizational measures to ensure the complete protection of personal data processed through the Platform. However, Internet-based data transmissions may in principle have security gaps, so absolute protection may not be guaranteed.

1.  Definitions

The data protection declaration of SWYM is based on the terms used for the adoption of General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA) and country-specific data protection regulations applicable to SWYM. Our data protection declaration should be legible and understandable for the general public, as well as our customers and business partners. To ensure this, we would like to first explain the terminology used. In this data protection declaration, we use, among other things, the following terms:

A)  Personal data

Personal data means any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

B)  Data subject

Data subject is any identified or identifiable natural person, whose personal data is processed by the controller responsible for the processing.

C)  Processing

Processing is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

D)  Restriction of processing

Restriction of processing is the marking of stored personal data with the aim of limiting their processing in the future.

E)  Profiling

Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.

F)   Pseudonymization

Pseudonymization is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

G)  Controller or controller responsible for the processing

Controller or controller responsible for the processing is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by the controller or the specific criteria for its nomination may be provided for by law.

H)  Processor

Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

I)   Recipient

Recipient is a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.

J)   Third party

Third party is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

K)  Consent

Consent of the data subject is any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

  1. Name and Address of the controller

    Controller related to data is Novel Ground Ventures, LLC based in 132-01 Roosevelt Avenue PMB 818181, Flushing, New York, USA 11354

  2. Name and Address of the Data Protection Officer

    Any data subject may, at any time, contact our Data Protection Officer directly with all questions and suggestions concerning data protection:

    Terrence Liverpool, Co-Founder of SWYM.

    Email: [email protected]

  3. Cookies

    The Platform uses cookies. Cookies are text files that are stored in a computer system via an Internet browser or directly in a mobile device.

    Through the use of cookies, SWYM can provide the users of the Platform with more user-friendly services that would not be possible without the cookie setting.

    By means of a cookie, the information and offers on our Platform can be optimized with the user in mind. Cookies allow us, as previously mentioned, to recognize our Platform users. The purpose of this recognition is to make it easier for users to utilize our Platform. The Platform user that uses cookies, e.g. does not have to enter access data each time the Platform is accessed, because this is taken over by the Platform, and the cookie is thus stored on the user’s computer system or mobile device. Another example is the cookie of a shopping cart in an online shop. The online store remembers the articles that a customer has placed in the virtual shopping cart via a cookie.

  4. Collection of general data and information

    The Platform collects a series of general data and information when a data subject or automated system calls up the Platform. The goal of any data collection for the platform is to support connections in the SWYM App. We gather information such as basic profile details and the types of people you’d like to meet. We also collect information about your use of our services such as access logs, as well as information from third parties, like when you access our services through your social media account or when you upload information from your social media account to complete your profile. General data and information are stored in the server log files. Collected may be (1) the device types and versions used, (2) the operating system used by the accessing system, (3) the location of the accessing system, (4) the date and time of access to the Platform, (5) an Internet protocol address (IP address), (6) the Internet service provider of the accessing system, and (7) any other similar data and information that may be used in the event of attacks on our information technology systems.

    When using this general data and information, SWYM does not draw any conclusions about the data subject. Rather, this information is needed to (1) deliver the content of our Platform correctly, (2) optimize the content of our Platform as well as its advertisement, (3) ensure the long-term viability of our information technology systems and Platform technology, and (4) provide law enforcement authorities with the information necessary for criminal prosecution in case of a cyber-attack. Therefore, SWYM analyses anonymously collected data and information statistically, with the aim of increasing the data protection and data security of our enterprise, and to achieve an optimal level of protection for the personal data we process. The anonymous data of the server log files are stored separately from all personal data provided by a data subject.

    • You choose to give us certain information when using our services. This includes:

      • When you create an account, you provide us with at least your email address, as well as some basic details necessary for the service to work, such as your gender, date of birth, and who you’d like to connect with.

      • When you complete your profile, you have the option to share your sexual orientation with us. Where you provide such elements to us, you consent to us using it for the purposes identified and as laid out in this Privacy Policy. You can also share additional information with us, such as details on your bio and your interests, as well as content such as photos. To add certain content, like pictures, you may allow us to access your camera or photo gallery.

      • When you make a purchase directly from us (rather than through a platform such as iOS or Android), you provide us with information related to the purchases you make and our payment processors with information such as your debit or credit card number or other financial information.

      • When you choose to participate in our promotions, events or contests, we collect the information that you use to register or enter.

      • If you contact our customer care team, we collect the information you give us during the interaction.

      • If you share with us information about other people (for example, if you use contact details of a friend for a given feature), we process this information on your behalf in order to complete your request.

      • Of course, we also process your chats with other members as well as the content you publish to operate and secure the services, and to keep our community safe.

    • In addition to the information you may provide us directly, we receive information about you from others, including:

      • Members: Members may provide information about you as they use our services, for instance as they interact with you or if they submit a report involving you.

      • Social Media: You may decide to share information with us through your social media account, for instance if you decide to create and log into your account via your social media or other account (e.g., Facebook, Google or Apple) or to upload onto our services information such as photos from one of your social media accounts.

      • Partners: We may receive information about you from our partners where our ads are published on a partner’s service (in which case they may pass along details on a campaign’s success). Where legally allowed, we can also receive information about suspected or convicted bad actors from third parties as part of our efforts to ensure our members’ safety and security.

        Information generated or automatically collected when you use our services

        When you use our services, this generates technical data about which features you’ve used, how you’ve used them and the devices you use to access our services. See below for more details.

      • Usage Information: Using the services generates data about your activity on our services, for instance how you use them (e.g., when you logged in, features you’ve been using, actions taken, information shown to you, referring webpages address and items that you interacted with) and your interactions with other members (e.g., members you connect and interact with, and when you matched and exchanged messages with them).

      • Information collected by cookies and similar technologies: We use and may allow others to use cookies and similar technologies (e.g., web beacons, pixels, SDKs) to recognize you and/or your device(s).

      • Some web browsers (including Safari, Internet Explorer, Firefox and Chrome) have a “Do Not Track” (“DNT”) feature that tells a website that a user does not want to have his or her online activity tracked. If a website that responds to a DNT signal receives a DNT signal, the browser can block that website from collecting certain information about the browser’s user. Not all browsers offer a DNT option and DNT signals are not yet uniform. For this reason, many businesses, including ours, do not currently respond to DNT signals.

      • Other information with your consent:

        • Precise geolocation data: If you give us your consent, we can collect your precise geolocation (latitude and longitude) from your device. The collection of your geolocation may occur in the background even when you aren’t using the services if the permission you gave us expressly permits such collection. If you decline permission for us to collect your precise geolocation, we will not collect it, and our services that rely on precise geolocation may not be available to you.

        • Other information: We may collect other information with your permission, such as photos (for instance, if you want to publish a photo or participate in streaming features on our services).

  5. Contact possibility via the Platform

    The Platform contains information that enables a quick electronic contact to our enterprise, as well as direct communication with us, which also includes a general address of the so-called electronic mail (e-mail address). If a data subject contacts the controller by e-mail or via a contact form, the personal data transmitted by the data subject are automatically stored. Such personal data transmitted on a voluntary basis by a data subject to the data controller are stored for the purpose of processing or contacting the data subject. There is no transfer of this personal data to third parties.

    Deletion of data: Users may request to have their profiles/data deleted in multiple ways, these include:

    1.  Contact [email protected] to delete your profile from the app/platform.

    2. When logged into the SWYM App visit the ‘Settings’ section and tap the ‘Delete Account’ button and follow the prompts to initiate deletion of your profile.

  6. Routine erasure and blocking of personal data

    The data controller shall process and store the personal data of the data subject only as long as we need it for legitimate business purposes and as permitted by applicable law, or regulations to which the controller is subject. Note that we will close your account automatically if you are inactive for a period of one year. After your account is closed, we will delete your personal information, as laid out below:

    1. To protect the safety and security of our members, we implement a safety retention window of three months following account closure, or one year following an account ban. During this period, we keep your information in the event that it might be necessary to investigate unlawful or harmful conducts. The retention of information during this safety retention window is based on our legitimate interest as well as that of potential third-party victims.

    2. Once the safety retention window elapses, we delete your data and only keep limited information for specified purposes, as laid out below:

      1. We maintain limited data to comply with legal data retention obligations: in particular, we keep transaction data to comply with tax and accounting legal requirements, credit card information for the duration the user may challenge the transaction and “traffic data” / logs for one year to comply with legal data retention obligations. We also keep records of consents members give us for five years to evidence our compliance with applicable law.

      2. We maintain limited information on the basis of our legitimate interest: we keep customer care records and supporting data as well as imprecise location of download/purchase to support our customer care decisions, enforce our rights and enable us to defend ourselves in the event of a claim, information on the existence of past accounts and subscriptions, which we delete three years after the closure of your last account to ensure proper and accurate financial forecasting and reporting, profile data for one year in anticipation of potential litigation, for the establishment, exercise or defence of legal claims, and data necessary to prevent members who were banned from opening a new account, for as long as necessary to ensure the safety and vital interests of our members.

      3. Finally, we maintain information on the basis of our legitimate interest where there is an outstanding or potential issue, claim or dispute requiring us to keep information (in particular if we receive a valid legal subpoena or request asking us to preserve data (in which case we would need to keep the data to comply with our legal obligations) or if data would otherwise be necessary as part of legal proceedings)

  7. Data protection provisions about the application and use of Facebook

    On the Platform, the controller has integrated components of the enterprise Facebook. Facebook is a social network.

    A social network is a place for social meetings on the Internet, an online community, which usually allows users to communicate with each other and interact in a virtual space. A social network may serve as a platform for the exchange of opinions and experiences or enable the Internet community to provide personal or business-related information. Facebook allows social network users to include the creation of private profiles, upload photos, and network through friend requests.

    The operating company of Facebook is Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, United States. If a person lives outside of the United States or Canada, the controller is the Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

    With each call-up to one of the individual pages of this Platform, which is operated by the controller and into which a Facebook component (Facebook plug-ins) was integrated, the device of the data subject is automatically prompted to download display of the corresponding Facebook component from Facebook through the Facebook component. An overview of all the Facebook Plug-ins may be accessed under https://developers.facebook.com/docs/plugins/.  During the course of this technical procedure, Facebook is made aware of what specific section of our Platform was visited by the data subject.

    If the data subject is logged in at the same time on Facebook, Facebook detects with every call-up to our Platform by the data subject—and for the entire duration of their stay on our Platform—which specific section of our Platform was visited by the data subject. This information is collected through the Facebook component and associated with the respective Facebook account of the data subject. If the data subject clicks on one of the Facebook buttons integrated into our Platform, e.g. the “Like” button, or if the data subject submits a comment, then Facebook matches this information with the personal Facebook user account of the data subject and stores the personal data.

    Facebook always receives, through the Facebook component, information about a visit to our Platform by the data subject, whenever the data subject is logged in at the same time on Facebook during the time of the call-up to our Platform. This occurs regardless of whether the data subject clicks on the Facebook component or not. If such a transmission of information to Facebook is not desirable for the data subject, then he or she may prevent this by logging off from their Facebook account before a call-up to our Platform is made.

    The data protection guideline published by Facebook, which is available at https://facebook.com/about/privacy/ provides information about the collection, processing and use of personal data by Facebook. In addition, it is explained there what setting options Facebook offers to protect the privacy of the data subject.

  8. Data protection provisions about the application and use of Google Analytics (with anonymization function)

    On the Platform, the controller has integrated the component of Google Analytics (with the anonymiser function). Google Analytics is a web analytics service. Web analytics is the collection, gathering, and analysis of data about the behaviour of visitors to Platform. A web analysis service collects, inter alia, data about the Platform from which a person has come (the so-called referrer), which sections were visited, or how often and for what duration a section was viewed. Web analytics are mainly used for the optimisation of a Platform and in order to carry out a cost-benefit analysis of Internet advertising.

    The operator of the Google Analytics component is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, United States.

    The purpose of the Google Analytics component is to analyse the traffic on our Platform. Google uses the collected data and information, among other things, to evaluate the use of our Platform and to provide online reports, which show the activities on our Platforms, and to provide other services concerning the use of our Platform for us.

  9. Payment Method: Data protection provisions about the use of Google’s Play store Apple’s App Store, and Square as a payment processor

    On the Platform, the controller has integrated payment components of Google’s Play store, Apple’s App Store and Square payment service. Google’s Play store and Apple’s App Store are well-known app marketplace for Android OS devices and iOS devices respectively and also provide online payment services. Payments are processed via so-called Google and Apple accounts, which represent virtual private or business accounts. Users must have Google or Apple account in order to process payment with these services. We also enable Square as a payment processor and have implemented the Square SDK and services. A Google and Apple account is managed via an e-mail address, which is why there are no classic account numbers. Google and Apple makes it possible to trigger online payments to third parties or to receive payments. Google and Apple also accepts trustee functions and offers buyer protection services.

    If the data subject chooses “Google” and/or “Apple” as the payment option in the event process, we automatically transmit the data of the data subject to Google and/or Apple. By selecting this payment option, the data subject agrees to the transfer of personal data required for payment processing. If the data subject chooses Square we transmit the data of the data subject to Square.

    The personal data transmitted to Google, Apple and/or Square is usually first name, last name, address, email address, IP address, telephone number, mobile phone number, or other data necessary for payment processing. The processing of the purchase contract also requires such personal data, which are in connection with the respective order.

    The transmission of the data is aimed at payment processing and fraud prevention. The controller will transfer personal data to Google, Apple and/or Square in particular, if a legitimate interest in the transmission is given. The personal data exchanged between Google, Apple, and/or Square and the controller for the processing of the data will be transmitted by to economic credit agencies. This transmission is intended for identity and creditworthiness checks.

  10. How We Use Information

    The main reason we use your information is to deliver and improve our services. Additionally, we use your info to help keep you and our community safe, and to provide you with advertising that may be of interest to you. Read on for a more detailed explanation of the various reasons for which we use your information, together with practical examples.

    • To administer your account and provide our services to you

      o   Create and manage your account

      o   Provide you with customer support and respond to your requests

      o   Communicate with you about our services

      o   Personalize pricing, offer discounts and other promotions, and complete your transactions

      o   Administer contests

    • To help you connect with other users

      o   Recommend you to other members and recommend other members to you

      o   Show members’ profiles to one another

      o   Enable members to search for and connect with members

    • To ensure legal compliance

      o   Comply with legal requirements

      o   Assist law enforcement

  11. Data Protection Provisions about the use of other third-party service providers

    The Controller may allow other third-party service providers to collect data of Data Subjects which may include but are not limited to Google, Facebook, Google Maps, Square, Amazon Web Services, Google Analytics, Squarespace, Email providers, Website hosting providers etc. The sole purpose of allowing such third-party providers to integrate into the Platform is to provide efficient and reliable services and/or to monetize the services.

  12. Cross-Border Data Transfers

    Sharing of information discussed in this privacy policy involves cross-border data transfers to the United States of America and other jurisdictions that may have different laws about data processing. When we transfer personal information outside of the EEA, the United Kingdom, Switzerland or other countries which data protection laws have been deemed adequate by the European Commission or other competent governmental body, we use standard contract clauses (standard contractual clauses are commitments between companies transferring personal data, binding them to protect the privacy and security of your data) or other appropriate transfer mechanism.

  13. The legitimate interests pursued by the controller or by a third party

    Our legitimate interest is to carry out our business in favor of the well-being of all our employees and the shareholders.

  14. Protection for Children

    The use of the Platform is intended for and directed to adults. Platform Services are not directed to minors and SWYM does not knowingly collect personal information from minors. If at any time in the future we plan to collect personal data from children under 13, such collection and use, to the extent applicable, shall, when required, be done in compliance with the Children's Online Privacy Protection Act ("COPPA") and appropriate consent from the child's parent or guardian will be sought where required by COPPA. When we become aware that personal data from a child under 13 has been collected without such child's parent or guardian's consent, we will use all reasonable efforts to delete such information from our database.

  15. Changes to this Privacy Policy

    We reserve the right, at our discretion, to change, modify, add, or remove portions from this Privacy Policy at any time. However, if at any time in the future we plan to use personal data in a way that materially differs from this Privacy Policy, including sharing such information with more third parties, we will post such changes here and provide you the opportunity to opt-out of such differing uses. Your continued use of the Service and our services following the posting of any changes to this Privacy Policy means you accept such changes.

    Contact:

    Please contact us with any questions or comments about this Privacy Policy by email at: [email protected].