PIRR Privacy Policy
For Users of Pirr, updated January, 2023
Pirr is committed to protecting your privacy and the secure handling of your personal data. Pirr strives to limit the processing of personal data as far as possible and does not collect personal data beyond what is necessary.
All processing of personal data, including the collection, registration, storing and general handling is governed by applicable privacy legislation, including the General Data Protection Regulation (GDPR). Pirr strives to make sure that the processing of personal data done by Pirr, as the data controller, is done in accordance with applicable legislation.
Should you have any questions related to privacy and/or your rights, you can contact us at privacy@pirr.me. Below you will also find detailed information on how we process your personal data, on your rights and how you can exercise them.
Who Are We?
When Pirr processes your personal data in accordance with this Privacy Policy, we are the “data controller” of your data as defined by the GDPR and other applicable legislation.
Our contact details are:
PIRR AB
Odengatan 37
113 51 Stockholm, Sweden
Company Registration Number: 559293-3187
E-mail: privacy@pirr.me
Our email address for all matters related to privacy is: privacy@pirr.me
When does this privacy policy apply?
This Privacy Policy applies when we collect, use, or otherwise process personal data about Users of our app in relation to a usage of our app hosted by Pirr. This includes personal data processed when you sign up for the app, enter data into the app etc.
Our website may contain links to other websites. We are not responsible for the content of other companies’ websites or their practices in collecting personal data. When you visit other websites, you are advised to read the owner’s policy for the protection of personal data and other relevant policies.
What personal data do we process, for what purposes, and based on which legal grounds?
| Data Asset | Data Domain | Purpose of processing |
|---|---|---|
| Username | identity | Maintain app functionality - data collected through sign-up and usage necessary for providing the Service Username is shared with other users that observe others stories (if user opts in) |
| identity | Communications and password reset | |
| Age if 18+ (assessment if user is an adult) | identity | Comply with regulation of 18 years or older due to adult content |
| Device information |
identity | Maintain app functionality - data collected through sign-up and usage necessary for providing the Service Communications - notifications - Data analytics - e.g. usage data is used to improve your UX and customizing the service for you - Predictive analytics - e.g. usage data is used to improve your UX and customizing the service for you |
| Location information (City/Country/IP address) | identity | - Maintain app functionality - data collected through usage necessary for providing the Service - Data analytics - e.g. usage data is used to improve your UX and customizing the service for you - Predictive analytics - e.g. usage data is used to improve your UX and customizing the service for you |
| Personal settings | App use |
- Maintain app functionality - data collected through usage necessary for providing the Service - Data analytics - e.g. usage data is used to improve your UX and customizing the service for you - Predictive analytics - e.g. usage data is used to improve your UX and customizing the service for you |
| The time, frequency and duration of your activities in the app | App use | - Maintain app functionality - data collected through sign-up and usage necessary for providing the Service - Data analytics - e.g. usage data is used to improve your UX and customizing the service for you - Predictive analytics - e.g. usage data is used to improve your UX and customizing the service for you - Communications - notifications |
| Content that you create with the AI | App use | - Maintain app functionality - data collected through usage necessary for providing the Service - Data analytics - e.g. usage data is used to improve your UX and customizing the service for you - Predictive analytics - e.g. usage data is used to improve your UX and customizing the service for you |
Whom may we share your personal data with?
We may share your personal data with the categories of recipients listed below, for the purposes listed below. When we share your personal data, we take all reasonable measures to ensure that your personal data is treated with an adequate level of protection and in accordance with applicable laws.
Suppliers, subcontractors and partners
We share personal data with suppliers, subcontractors and partners to maintain functionality. Suppliers and subcontractors are companies who are only entitled to process the personal data they receive from us on our behalf, as data processors. Examples of such suppliers and subcontractors are Google Cloud and Google Analytics. We ensure that the suppliers, providers and subcontractors comply with the applicable legislation related to personal data processing.
Data you share with other users while using Pirr app
When using the app you might choose to share your user activity (your stories) and your username with other users. We offer settings when you can choose whether to allow or disallow sharing your username and user activity with other users. Please note that by default your username and user activity might be visible for other users. You can opt out from making your information visible to other users by changing to closed mode in the settings meny in “create” mode.
Public Authorities
We disclose necessary personal data to public authorities such as tax agencies or other public authorities if we are required to do so by law (Art. 6(1)(c)), or under some circumstances if you have requested us to do so. One example of such legally required disclosure is for tax purposes.
For how long will we store your personal data?
We store your personal data for the period necessary to fulfill one or more of the purposes outlined in this Privacy Policy. When your personal data is no longer relevant for one or more of the purposes for which it has been collected, but for no longer than 10 years after the information was shared with us, we erase it or it may be stored and processed in anonymised form.
Where do we process your personal data?
Our aim is to process your personal data within the EU/EEA. In some situations, such as when we share your personal data with a supplier or subcontractor located outside the EU/EEA, your personal data may however be transferred to, and processed in, a destination outside of the EU/EEA.
We ensure that an adequate level of protection is maintained, and that suitable safeguards are adopted. This means that such transfer will be based on an adequacy decision by the European Commission or by entering into the European Commission’s standard contractual clauses.
Your rights
Under the GDPR you have certain rights you may exercise concerning the processing of your personal data. The following rights may be applicable for you.
Right to access: You have the right to obtain confirmation as to whether we are processing your personal data and, if this should be the case, access to that personal data.
Right to rectification: You have the right to obtain rectification of inaccurate or incomplete personal data concerning you.
Right to erasure (“right to be forgotten”): Under certain circumstances you have the right to obtain the erasure of personal data concerning you.
Right to restriction: Under certain circumstances you have the right to obtain the restriction of processing.
Right to data portability: Under certain circumstances you have the right to receive a copy of the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and the right to transmit this data to another controller.
Right to object: Under certain circumstances you have the right to object to the processing of personal data concerning you. This includes but is not limited to the right to object in cases in which we process your personal data based on legitimate interest.
Right to lodge a complaint: If your case is not resolved by us and you wish to proceed with the case, you may lodge a complaint with the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten, Box 8114, 104 20 Stockholm, +46 (0)8 657 61 00, e-mail: imy@imy.se, if you consider that Pirr’s processing of personal data about you, infringes the GDPR
Right to withdraw consent: If a processing of your personal data is based on your consent as set out you have the right to withdraw your consent at any time.
Right to not be subject to a decision based solely on automated processing: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
Inquiries
If you have any questions in relation to this privacy policy or wish to exercise any of your rights in connection with our processing of your personal data, please notify us at privacy@pirr.me so that we may consider and respond to your request in accordance with applicable law.
How we protect your personal data
We are committed to protecting your personal data. We have implemented appropriate technical and organisational security measures to ensure the protection of your personal data.
Changes to this Privacy Policy
This policy may be changed from time to time by Pirr AB. The date of the last modification is stated at the top of this document. The applicable privacy policy will be available on our website https://pirr.me/privacy-policy/