MOCA PLATFORM PRIVACY POLICY

(Software-as-a-Service)

Effective from May 25th, 2018

 

WHEN USING MOCA PLATFORM SERVICES, YOU TRUST US YOUR INFORMATION. THE OBJECTIVE OF THIS PRIVACY POLICY IS TO INFORM YOU ABOUT THE DATA WE COLLECT, WHY WE COLLECT IT AND WHAT WE DO WITH IT. THIS INFORMATION IS IMPORTANT, SO WE EXPECT YOU TO DEDICATE THE TIME YOU NEED TO READ IT CAREFULLY.

MOCA is based in the EU and complies with the General Data Protection Regulation ("GDPR") framework as set forth by the EU regarding the collection, use, and retention of personal data from EU member countries. If you are located outside the EU and choose to use the Service or provide your information to us, please note that your information may be transferred, processed and stored by our service providers in other non-EU countries. Privacy laws of the European Union and third countries may not be as protective as those in your jurisdiction. Your agreement to the terms of this Privacy Policy followed by your submission of information in connection with the Service represents your agreement to this practice. If you do not want your information transferred to or processed or stored in the EU or in the United States, you should not use the Service.If you are located in the EU, we guarantee that we will only transfer your data to companies that have signed our Privacy Agreement or that are registered with the Privacy Shield, to ensure a level of data protection compliant with the GDPR.

The following MOCA Platform privacy policy (hereinafter the "Policy") applies to the Terms & Conditions of MOCA Platform Services described in the "MOCA Terms of Service" agreement (in Forward the "Agreement"). Capitalized terms not defined in this document shall have the meaning stipulated in the Agreement.

 

    1.  1 WHAT IS MOCA?

      MOCA is a technology included in third-party mobile or web applications (hereinafter "Customers") used to create more personalized user experiences. MOCA has been developed and operated by INNOQUANT (hereinafter "we"). Applications that use MOCA can use all or just some of its features and data that MOCA can collect. The collection of data by MOCA for a particular application is limited to the characteristics that have been used in that application. In this document, we refer to third party applications or services that have chosen to use MOCA as "Apps" and their end users as "Users".

      This POLICY applies only to MOCA Platform services and not to Apps. Please review the privacy policies of those Apps to understand the privacy practices of such applications. Providers of such applications may collect and / or use your information differently from what we do and MOCA is not responsible for the Apps.

    2.  

      2 MOCA WEBSITE

      MOCA includes the mocaplatform.com website, related sites whose address ends with mocaplatform.com and any other site operated by or owned by INNOQUANT. 

  1.  

    2.1 WHO IS RESPONSIBLE FOR THE PROCESSING OF YOUR PERSONAL DATA?

      1. Identity: InnoQuant Strategic Analytics, S.L. (hereinafter "MOCA"), with VAT B65258212, registered in the Mercantile Registry of Barcelona, Tome 41688 ; page 182; Sheet B-393442, is responsible for the processing of personal data that you provide us.

      2. Postal address: InnoQuant Strategic Analytics, S.L., Esade Creapolis, Av. Torreblanca 57, Sant Cugat del Valles, Barcelona, Spain

      3. Phone: +34 93 504 44 902

      4. Email: privacy@mocaplatform.com

      5.  

        2.2 WHAT IS PERSONAL DATA AND PERSONAL DATA PROCESSING?

  2. Personal data are those data that identify or allow identification of a person. For example, the data that can directly identify a person is the name and surname, while the passport number can identify it. The personal data includes information such as mobile phone, email address, date of birth and gender among others. You could also include the numeric identifiers such as the IP address of your computer, as well as the information obtained through the cookies.

    On the other hand, personal data processing is any operation or set of operations that we perform on your personal data, such as, for example, the collection, registration, conservation, use and communication of your data.

  3.  

    2.3 WHAT TYPE OF PERSONAL INFORMATION DO WE COLLECT?

    1. By browsing our Website MOCA does not collect any information about you, except for the information collected by our cookies in accordance with the Cookies Policy that you can read here.

      Likewise, we collect data that you have voluntarily included in the information request forms (‘demo request" or "become a partner"), contact, subscription to the blog or request for documentation and information and are not required to perform such registration, such as:

      • Name and surname

      • E-mail

      • Address

      • City

      • Country

      • Additional information that you wish to provide us

      • Phone.

      • Profession and / or position

 

2.4 THROUGH WHAT MEANS WE ARE RECEIVING YOUR PERSONAL DATA?


      1. You do not need to register on our Website to be able to enjoy and learn about all the services we offer at MOCA. We only receive and process information that you provide us through the following channels:

  • By signing up to try our product for free during a certain period of time

  • The Demo Request Form

  • The form for more information on how to become a member ("Become a Partner")

  • Through the contact form or request for information

  • Through a request for documentation (white papers, ebook, webinar, etc)

  • Through sending emails to our contact, privacy or legal email addresses.

  • By subscribing to our newsletter in order to stay informed about news related to MOCA and its products.

                      1.  

                        2.5 WHAT PROCESSING DO WE DO WITH YOUR PERSONAL DATA AND FOR WHAT PURPOSES?

            1. We want to be transparent with you and inform you about the processing we carry out with your data and the purposes for which we process said data.

              Next, we explain all the processing or operations that we carry out with your personal data:

           

          1. 2.5.1. PROCESSING AND SENDING MARKETING COMMUNICATIONS AND NEWSLETTERS
    1. Sending newsletters, as well as marketing communications, is carried out by MOCA only if, as a user, it has expressly consented to receive them.

      If you have consented to receive marketing communications, we will treat your data in order to send information about MOCA and its products to your email address, as well as news and events related to MOCA and its activity.

      We inform you that at any time you can object to receiving marketing communications by following the instructions in the footer of the email sent by MOCA.

      1.  
          1. 2.5.2. MANAGEMENT AND PROCESSING OF THE REQUESTS COLLECTED THROUGH THE AVAILABLE WEB FORMS
          2. The purposes of said processing are:
            • Process and manage the contact or information requests

            • Manage the association or collaboration requests

            • Communicate the information or documentation required

          3.  
      1. 2.5.3.  STATISTICAL ANALYSIS OF USER NAVIGATION DATA IN ORDER TO IMPROVE THE USER EXPERIENCE OF OUR WEBSITE. FOR MORE INFORMATION ABOUT THIS PROCESSING, CHECK OUT OUR COOKIES  POLICY 

 

2.6 WHICH IS THE LEGITIMACY FOR THE PROCESSING OF YOUR DATA?

 The data protection regulations require that for the processing of your data we have a basis that legitimates such processing. Thus, to process your personal information we rely on the following legal bases depending on the activity or processing that we carry out of your data. The legal bases for the processing of your personal data are:

Your consent:  We may send commercial communications, email about events, products and services that may be of interest to you. Said commercial communications will only be carried out provided that you have previously consented to the processing of your personal data for this purpose. In any case, we inform you that you can withdraw your consent and therefore oppose receiving commercial communications at any time in a simple manner.

Legitimate interest: We may have a legitimate interest in collecting your personal data for statistical purposes as it provides us with the necessary information to improve the browsing experience on our website more effectively. This requires that we carry out an analysis in which we balance our interests in dealing with your personal data, with your rights and freedoms. The result of this analysis will determine whether or not we can use your personal information for the treatments described in this Privacy Policy (except in relation to the treatment related to the sending of commercial communications, for which we require your express consent).

 

2.7  FOR HOW LONG DO WE KEEP YOUR DATA?

We will keep your data as long as you do not request its deletion and, in any case, during the minimum periods stipulated by the applicable regulations regarding the prescription of responsibilities

 

2.8 WHAT ARE YOUR RIGHTS WHEN YOU SHARE WITH US YOUR DATA?

Below, we provide you with the rights that you, as a user of the Website, may exercise:

Right to Access

You have the right to get confirmation from MOCA if they are treating your personal data or not, and in that case, the right to know what data is being processed.

Right to rectification

It consists of the possibility that you can modify the inaccurate or incomplete data. The rectification request must indicate what data you want to be modified.

The right to object

You have the right to object at any time, for reasons related to your particular situation, to the fact that personal data concerning you are subject to a processing based on the legitimate interest of the company. MOCA will stop treating personal data, unless we accredit legitimate reasons for the treatment that prevail over their interests, rights and freedoms, or for the formulation, exercise or defense of claims.

The right to erasure

This right allows the request or erasure of your personal data at your request, or when there is no legitimate reason for MOCA to keep it. This does not apply when the processing is required for the right of freedom of expression and information, compliance with another legal obligation, in public interest, the official authority or controller or legal claims.

The right to data portability

You have the right to copy and transfer data from our database to another data controller. It is only possible to exercise this right when the processing is based on the execution of a contract or its consent, and the treatment is carried out by automated means.

The right to restrict processing

This right allows you to request suspension the processing of your data when:

  • You challenge the accuracy of the data, while MOCA verifies that accuracy.

  • You have exercised your right of opposition to the processing of your data, while verifying if the legitimate motives of MOCA prevail over yours as an interested party.

Likewise, this right allows you to request MOCA to keep your personal data when:

  • The data processing is unlawful and as data subject you oppose the deletion of your data and request instead a limitation of its use.

  • MOCA no longer needs your personal data for the purposes of the processing, but you need it for the formulation, exercise, or defense of legal claims.

How to exercise these rights?

You can exercise your rights, sending us your request to the following email address [privacy@mocaplatform.com] or by postal mail, by means of a written and signed request, accompanied by a photocopy of ID or passport, addressed to the following address: InnoQuant Strategic Analytics, SL, Esade Creapolis, Av. Torreblanca 57, Sant Cugat del Vallés, Barcelona, Spain - Ref. Data protection. 

Likewise, we inform you that, when MOCA has not correctly satisfied the exercise of its rights, you may file a claim with the Spanish Agency for Data Protection (AEPD). If you want to know more information about this right and how to exercise it, you can contact the AEPD:

http://www.agpd.es

Tel. 901 100 099 y 91.266.35.17

C/Jorge Juan,6  28001-Madrid

 

2.9 TO WHOM DO WE COMMUNICATE YOUR PERSONAL DATA?

MOCA does not disclose the personal information you provide to us through the means described in section four, unless it is necessary to communicate your personal data for the provision of the required service or prior legal requirement or basis that legitimates the communication to courts or agencies of the public administration.

  

2.10 CHANGES IN THIS PRIVACY POLICY 

This Privacy Policy may vary over time due to possible changes in criteria followed by the competent control authority in matters of data protection at any time. MOCA therefore reserves the right to modify this Privacy Policy in order to adapt it to these criteria, as well as to jurisprudential or legislative novelties.

Latest version: May 25th 2018.

 

2.11 CONTACT

If you have any questions about the processing we perform on your personal data, please contact us at: privacy@mocaplatform.com.

 

3 MOCA TECNOLOGY

3.1 WHAT INFORMATION WE COLLECT

    1. INNOQUANT and its Customers can use MOCA technology in their mobile and web applications for their end users. We may collect and use aggregated, de-identified and anonymised information from these applications. Where we collect this information, our collection depends on the characteristics and services of the MOCA technology that have been enabled in the applications and under its approval. Please note that mobile and web applications may choose to collect information outside the scope of MOCA enabled services. We are not responsible for the privacy practices of data collection and use in third-party applications. We recommend that you review the privacy policy of the third-party applications to better understand its practices.

      We collect information based on the features that are enabled by a MOCA or third party application, when you agree or when the information is provided by a third party. The information we collect serves to provide better personalized services to all users of our Customers’ applications: from determining basic information such as the language spoken by the user to more complex data such as physical location or actions taken within applications. MOCA collects information in the following ways:

      • User Profile information provided by the Apps - for example, many Apps require a User to register with an associated account. In this case, the Apps can provide MOCA with the unique identifier of the user along with information of their profile, for example, age, gender, products of interest or other non- personal information. Optionally, Customer may choose to provide MOCA with personal information such as first and last name and email address for storage and processing within MOCA in accordance with the data processing policy defined in Section 2 of the Agreement.

      • User Behavioral Information provided by the Apps - for example, Apps may inform MOCA of specific activities the User has made within Apps, such as viewing a particular product, performing a search, clicking on an advertisement, marking a favorite item or making a purchase.

      • Mobile device information - MOCA automatically collects device-specific information such as hardware model, operating system version, unique device identifiers for announcements (i.e. IDFA or Google Advertising ID), mobile network operator information, screen resolution or the preferred language and country of the User.

      • Apps information - MOCA automatically collects information specific to Apps such as the app name, version, vendor name and status of our Software Development Kit ("SDK") such as the version and the information if it is enabled or disabled.

      • Usage data - every time a User uses the Apps, MOCA collects the information about the use of the Apps. This particular information is obtained from the Apps and is stored in the MOCA server logs automatically. These data include:

        • Detailed information about user sessions with the Apps (for example, the dates and duration of interaction of the User with the Apps in the foreground)

        • Information regarding the connectivity status of the device, such as the type of Internet connection (WiFi, 3G, 4G, LTE, Bluetooth, no connectivity), temporary IP address, or current mobile network operator name.

        • Information about privacy preferences such as whether the user has accepted to receive push notifications or allowed the use of its physical location.

      • User Physical Location Data - when the User has explicitly allowed the use of its physical location to the Apps, MOCA may collect and process information about such locations. MOCA uses different technologies to determine the location, such as the identification of the IP address, the GPS system, and the use of other sensors that can provide MOCA, for example, information about nearby devices, Wi-Fi access points, Bluetooth beacons, mobile phone antennas and the phone's own sensors such as the accelerometer or gyroscope.

      • Unique Installation Numbers - when a User installs an App that uses MOCA on its device, a unique identifier of that installation is automatically established. This identifier can be sent to MOCA to indicate the installation of the App and its use.

      • Local Storage - MOCA can collect and store information (including personal information) locally on the User's device using mobile application data caches.

      • Cookies and similar technologies - MOCA uses different technologies to collect and store information when a user accesses a web service that uses MOCA, including the use of cookies or similar technologies to identify a web browser.

      We may collect information that the user chooses to provide to an application that uses MOCA technology, such as when the user designates a place in the third-party application (e.g. "my office"). In addition, we may collect information if the user participates in a survey, provides comments, interacts with our marketing campaigns, or submits questions to us.

      We may obtain information from other companies owned or operated by us, or any other third party company, and combine that with the information we collect through our services.

    2.  

      3.2 HOW WE USE YOUR INFORMATION

      We have no direct relationship with the end users of a mobile application or website of our Customers or third parties. We may use your information to support our products and services, as well as to create new relevant offers. Our use of data collected includes:

        1. Respond to you when you contact us;

        2. Notify you about relevant events, promotions or other interesting content;

        3. Verify your identity and avoid fraud or other unauthorized or illegal activity;

        4. Provide mobile applications or third-party websites with information associated with the particular location, such as when you arrive or leave a designated location;

        5. Provide personalized content to the end users of the mobile application or the website of our Customers or third parties;

        6. Monitor and analyze aggregate trends and usage;

        7. Create aggregated or unidentified audience segments for commercial purposes, as well as for other analytical purposes such as attribution, segmentation, deduplication and re-targeting;

        8. Make reference to your comments or other comments on our advertising, marketing or promotional materials;

        9. Process and send orders for INNOQUANT products and / or services;

        10. And any other use we describe at the point where we collect data or information with your consent.

        11.  

          3.3 HOW WE SHARE INFORMATION

          We do not share personal information with companies, organizations or individuals that are not related to INNOQUANT, unless one of the following circumstances occurs:

          • Constent. We will share your personal data with companies, organizations or individuals outside of INNOQUANT when you have given us your consent to do so. Your consent will be required to share specially protected personal data.

          • Account Administrators. If your MOCA account is managed by a MOCA Customer account manager, that MOCA administrator and third parties assisting your organization's users will have access to your MOCA account information (including your email address and other data). The account administrator may:

            • View statistical data about your account such as, for example, mobile applications associated with your MOCA account,

            • Change the password of your account,

            • Suspend or cancel access to your account,

            • Access data stored in connection with your account or keep such data,

            • Obtain information from your account to comply with any requirement provided by applicable law or regulations or to meet any requirement of an administrative or judicial body,

            • Limit your ability to delete or edit data or privacy settings.

          • External treatment. We may share your personal information with our affiliates, contractors or other trusted service providers to carry out their processing by INNOQUANT, following our instructions and in accordance with our Privacy Policy, and taking other security and confidentiality measures appropriately. These companies are authorized to use your personal information only when necessary to provide these services.

          • Legal reasons. We will share your personal data with companies, organizations or individuals outside of INNOQUANT if we consider in good faith that there is a reasonable need to access or use, retain or disclose such data for:

            • Comply with any applicable legislation or regulations, or comply with legal requirements or governmental requests,

            • Comply with the provisions of the current MOCA Terms of Service, including investigation of possible infractions,

            • Detect or prevent any fraud or technical or security incident or otherwise confront them,

            • Protect the rights, property or safety of INNOQUANT, our users or the general public to the extent required or permitted by applicable law.

          We may share non-personally aggregated information publicly and with our partners, including publishers, advertisers, and related websites. For example, we may share information publicly to show trends about the general use of our services.

          If INNOQUANT participates in a merger, acquisition or sale of assets, we will ensure the confidentiality of the personal data and inform affected users before their personal data are transferred or subject to a different privacy policy.

       

      1. 3.4 HOW LONG WE KEEP INFORMATION

        We retain information only for as long as necessary to:

        • Provide products and services to the Customer;

        • Perform or fulfill our contractual obligations;

        • Comply with our legal obligations;

        • Resolve disputes; and

        • Enforce our agreements.

        By default, we store information on your mobile device for up to 12 months and on our servers for up to 2 years. You can shorten or extend these time periods by contacting the MOCA Support Center available via email address at support@mocaplatform.com.

      2.  

        3.5 ACCESS TO YOUR DATA

        Whenever you use our services, our goal is to provide you with access to your personal information. If this information is not correct, we strive to provide you with ways to eliminate or update it quickly, unless we have to maintain that information for legitimate business or legal reasons. By updating your personal information, we may ask you to verify your identity so we can process your request.

        We may reject requests that are more repetitive than reasonable, require a disproportionate technical effort (for example, develop a new system or radically change an existing practice), that endanger the privacy of other users or that are not practical (For example, requests that refer to information stored in backup systems).

        When we can offer you the possibility to access your personal data and modify them, we will do it for free, unless it requires a disproportionate effort. By providing our services, we will protect your data by ensuring that they cannot be accidentally or intentionally deleted. For this reason, even if you delete your data from our services, we may not immediately destroy the residual copies stored on our active servers or the data stored in our security systems.

        As for the mobile applications and third party websites, we have no direct relationship with the people whose personal data we process. A person seeking access, or attempting to correct, amend or delete inaccurate data should direct their query to our Customer (the data controller). If data removal is requested, we will respond within a reasonable time. In certain circumstances, we may be required by law to retain your personal information, or we may need to withhold your personal information in order to continue providing a service.

    3.  

      4 USER CHOICES AND PRIVACY PROTECTIONS

      User Choices. To protect the privacy of end users of mobile applications, we allow the features of the MOCA technology to be enabled or disabled (i.e. "opted-in") by the App at any time. For example, we allow the user at any time to enable or disable the collection of data on their physical location. However, keep in mind, that disabling location services does not affect information that was previously collected. Check the privacy policies of the third- party mobile applications or web sites to better understand their corresponding privacy practices.

      Protecting your data. To protect your privacy, we limit the amount of data that is sent to our servers. We take reasonable steps to help protect your personal information stored on your device and transmitted to our servers. If you have any questions about the security of your personal information, you can contact us at privacy@mocaplatform.com.

      Transfer of your data across borders. We may transfer your personal information outside of your country of residence to countries or jurisdictions where we have facilities (i.e. data centers with a cloud environment) or to contract with third parties to provide services for the purposes described in this Privacy Policy. Information collected in the European Economic Area (EEA) can, for example, be transferred to countries outside the EEA. These countries may not have the same level of data protection as in your country. If we make such transfer, we will use commercially reasonable efforts to ensure that your personal information is protected.

      Data protection in the EU. We collect, process and store information in third-party data centers, for example, at Amazon Web Services ("AWS") facilities. In any case, both INNOQUANT and our suppliers comply with EU Directive 95/46 / EC on the protection of personal data in relation to the processing of personal data and the free movement of such data.

      For more information on AWS compliance, please visit the following link:http://www.cnpd.public.lu/en/actualites/international/2015/03/AWS/index.html

    4.  

      5 DATA SECURITY

      We strive to protect INNOQUANT and our customers from any unauthorized modification, disclosure or destruction of the data we retain or against unauthorized access to them. In particular:

      1. We encrypt all our services through the SSL protocol (including communication between MOCA SDK integrated in the third-party mobile applications and the MOCA cloud)

      2. We review our policy on data collection, storage and processing in the cloud, including security measures to prevent unauthorized access to our systems. In particular, our cloud environment vendors, e.g. Amazon Web Services, have certifications with stringent security standards such as ISO 27001, SOC 1/2/3 and PCI DSS Level 1.

      3. We limit the access of INNOQUANT contractors, agents and employees to the personal information they are required to process for INNOQUANT and we ensure that they comply with strict contractual confidentiality obligations and are subject to the relevant disciplinary conditions or dismissal if they do not fulfill those obligations.

      4.  

        6 WHEN THIS PRIVACY POLICY APPLIES

        Our Privacy Policy applies to all services offered by INNOQUANT, including MocaPlatform.com, the services that MOCA technology provides on iOS / Android mobile devices and services provided on other websites (such as our Personalized Recommendations Service), but excludes those services that are subject to independent privacy policies that do not incorporate this Privacy Policy.

        Our Privacy Policy does not apply to services provided by other companies or individuals, including products, mobile applications or sites that may include INNOQUANT services or that are accessed from such services. Our Privacy Policy does not regulate the data processing activities of other companies and organizations that advertise our services and may use cookies and other technologies to publish and offer relevant content.

      5.  

        7 NOTIFICATIONS

        Any notice or communication of resolution or breach of this Policy must be made in English or in Spanish by means of a letter addressed to INNOQUANT Legal Department and sent to the address of Av. Torreblanca 57, 08172 Sant Cugat del Valles, Barcelona, Spain or to the email address privacy@mocaplatform.com, or in any case to any other address provided by INNOQUANT. The notifications will be understood delivered at the moment of their receipt as a result of the corresponding physical or electronic acknowledgment (as applicable in each case). Any other communication must be made in English or in Spanish by writing to the main contact of the other party and sent to the postal address or email of the latter in force at that time.

      6.  

        8 APPLICABLE LAW

        Any dispute arising out of the interpretation or execution of this Privacy Policy or any of its eventual modifications, as well as any breach thereof, shall be construed in accordance with Spanish law.

        In order to resolve any controversy related to the provisions of this Privacy Policy or in execution thereof, INNOQUANT and the CLIENT expressly submit to the Courts and Tribunals of Barcelona, with waiver of any other jurisdiction that may correspond to them. The language to be used will be Spanish.

      7.  

        9 COMPLIANCE AND COLLABORATION WITH AUTHORITIES

        At INNOQUANT, we review compliance with our Privacy Policy on a regular basis. When we receive formal written complaints, we contact the person who made the claim to follow up. We also work with the relevant regulatory authorities, including local data protection authorities, to resolve any complaints related to the transfer of personal data that we have not been able to resolve directly with Customers.

      8.  

        10 MODIFICATIONS

        Our Privacy Policy may be modified at any time. We will not limit your rights under this Privacy Policy without your express consent. We will post all modifications to this Privacy Policy on this page and, if significant, we will make a more noticeable notification (for example, we will send you an email notification if the modification affects certain services). In addition, we will archive the previous versions of this Privacy Policy so that you can consult them.

      9.  

        11 CONTACT

        Do not hesitate to contact us with any comments, questions or suggestions you may have about privacy practices. You can contact us by email at privacy@mocaplatform.com, or by writing to us at:


        MOCA PLATFORM
        To the attention of: Legal Advisor
        Av. Torreblanca 57
        08172 Sant Cugat del Valles
        Barcelona, Spain