SoMon Privacy Policy
At SoMon, your privacy is very important to us. SoMon (“SoMon”, “we”, or “us”) is committed to protecting the privacy of our customers, and this Privacy Policy applies when you use our websites, mobile applications, and other online products and services that links to this Privacy Policy(collectively, “SoMon Services”), engage with us on social media, or otherwise interact with us and shall form part of the Terms of Use. This Privacy Policy will describe how SoMon and its affiliates (referred to as “we”, “our” or “us” in this policy) will collect, make use of and share (i.e. “process”) your personal data in connection with the SoMon websites, mobile apps and services.
We may change this Privacy Policy from time to time. If we make changes, we will notify you by revising the date at the top of this policy and, in some cases, we may provide you with additional notice (such as adding a statement to our website or providing you with a notification). We encourage you to review this Privacy Policy regularly to stay informed about our information practices and the choices available to you.
What personal data do we process?
We process personal data about you when you interact with us, our websites, our apps or our services. This may include:
● your name, email address, username, password and other login and/or security details (e.g. app passcode, two-factor authentication token seed record, public PGP key), and login records;
● your payment details, including your wallet address(es);
● your account preferences;
● any personal data you submit for ID verification purposes, and your self-reported location (including browser location and other proof of address information) plus the geolocation of the IP address you connect from;
● your marketing and other communication preferences, and a record of any consents you have given us;
● information related to the browser or device you use to access our website or apps, as well as data that tells us which features of the website or app are popular, or suffer from issues we need to fix;
● the content and details (e.g. date) of messages you send us (e.g. customer support queries); and
● customer service notes and other records.
We also collect, use and share Aggregated Data such as statistical or
demographic data for any purpose. Aggregated Data may be derived from your
personal data but is not considered personal data in law as this data does not
directly or indirectly reveal your identity. For example, we may aggregate your
Usage Data to calculate the percentage of users accessing a specific website
feature. However, if we combine or connect Aggregated Data with your personal
data so that it can directly or indirectly identify you, we treat the combined
data as personal data which will be used in accordance with this privacy
notice.
We will aim to mark data fields as optional or mandatory when collecting personal data from you via forms. Note, in particular, that to create an account, engage in the services provided by us, and where necessary, prove your identity, the provision of personal data is typically mandatory: if relevant data is not provided, then we will not be able to do these things and provide the services you expect.
We do not collect fingerprints, facial recognition data, or other biometrics, other than photos and/or videos of yourself and/or your photo ID that you submit during our ID verification processes and which may be processed by facial recognition software for that purpose. Where you enable biometric security (such as fingerprint or Face ID login), your biometrics will be handled by your device, not by us.
How is your personal data collected?
We use different methods to collect data from and about you, including through:
· Direct interactions. You may give us your personal data by filling in forms, corresponding with us by post, phone, email or otherwise, or using our products and services. This includes personal data you provide when you:
· Enquire about products and services;
· Sign-up to and use our products and services;
· When we conduct assessment or inspection services;
· Subscribe to our service or publications;
· Request marketing to be sent to you;
· Enter a competition, promotion or survey; or
· Give us some feedback.
· Third party interactions. We may receive your information from a third party, for example where a referral is made from other partner company. We will always ensure that the data has been collected and shared with us in accordance with our legal obligations.
· Automated technologies or interactions. As you use our website, products and services, we may automatically collect personal data by using cookies, server logs and other similar technologies. You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly.
How do we
use this personal data, and what is the legal basis for this use?
Where you are requested to consent to the processing of your personal data by SoMon, you have the right to withdraw your consent at any time. We process your personal data for the following purposes:
To fulfill (or take steps linked to) a service agreement with you. This includes:
● creating your account;
● verifying your identity;
● communicating with you; and
● providing customer services;
● As required by the Company or third parties to conduct their business and pursue their other legitimate interests, in particular:
● to provide services you have requested;
● to monitor, improve and protect the services on our website and mobile apps, in particular by looking at how they are used, testing alternatives (e.g. by “A/B testing”, and running “beta” version trials), and by learning from feedback and comments you provide;
● to personalise our website, apps and services;
● by publishing de-identified records of market data, including trading records for third party monitoring and research purposes;
● to monitor customer accounts to prevent, investigate and/or report misconduct such as spam, misrepresentation, security incidents, malicious manipulation or crime (such as fraud), in accordance with applicable law, and to cooperate with authorities seeking to do the same;
● to investigate any complaints received from you or from others;
● in connection with legal claims, compliance, regulatory or investigative purposes (including disclosure in connection with legal process or litigation); and
● to invite individuals to take part in market research and beta tests.
● for purposes which are required by law, in response to requests by relevant courts and public authorities, such as those conducting an investigation.
Where you give us consent (insofar as such consent is required):
● we will send you direct marketing in relation to our relevant products and services, or other products and services provided by us and carefully selected partners;
● we place cookies, monitor email engagement, and use other similar technologies in accordance with our Cookies Notice and the information provided to you when those technologies are used;
on other occasions where we ask you for consent, we will use the data for the purpose which we explain at that time.
● we will upload the user’s scores to a global leaderboard as well as our server with the user’s consent.
SoMon uses personal data to power our services, to communicate with you, for security and fraud prevention, and to comply with law. We may also use personal data for other purposes with your consent.
SoMon uses your personal data only when we have a valid legal basis to do so. Depending on the
circumstance, SoMon may rely on your consent or the fact that the processing is necessary to fulfill a
contract with you, protect your vital interests or those of other persons, or to comply with law. We may also process your personal data where we believe it is in our or others’ legitimate interests, taking into
consideration your interests, rights, and expectations.
Fully-automated
decision-making that could have significant effects on you
As the service documentation on our site and our terms of service explain, our Mobile App applies certain automatic processes based on the resources on your account.
Other significant automated decision-making that uses your personal data may also be employed, to protect accounts and to uphold our terms of service. In particular, if you attempt to access our services from a jurisdiction in respect of which our services are restricted, your account may be automatically restricted. In addition, if the information provided during any identity verification or onboarding process (including self-reported information, information that is derived from your ID document, proof of address, or any other document provided by you, or your IP address or browser location information) suggests that you may be in breach of our terms of service or may have provided false or inaccurate information, your account may be automatically restricted. You may contact customer support to review any restrictions applied to your account; as part of this, you may be asked to provide additional proof of identity and/or location, or other documentation with respect to your identity and/or account. During an account lockout, you may be unable to access your account, make any trades, or given or amend any instructions.
Withdrawing consent or otherwise objecting to direct marketing
Wherever we rely on your consent, you will always be able to withdraw that consent, although we may have other legal grounds for processing your data for other purposes, such as those set out above. In some cases, we are able to send or display marketing without your consent. You have an absolute right to opt-out of direct marketing, or profiling we carry out for direct marketing, at any time. You can do this by following the instructions in the communication where this is an electronic message, changing your account settings, or by contacting us using the details set out below.
Data security
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Who will we
share this data with, and where?
We will share your personal data with our affiliates so they can help deliver and improve our services, run our business, and comply with our legal obligations and related third party requests.
Personal data may be shared with courts or public authorities if required as described above, mandated by law or regulation, or required for the legal protection of our or third party legitimate interests, in compliance with applicable laws and regulations, and relevant / competent public authorities’ requests.
Personal data will also be accessed by employees or contractors, or shared with third party service providers, who will process it on our behalf for the purposes identified above.
In the event that the business is sold or integrated with another business, your details will be disclosed to our advisers and any prospective purchaser’s advisers, and to the new owners of the business.
Your rights
Depending on applicable law (in particular, whether the laws of the UK or EEA countries apply), you may have the right to ask us for a copy of personal data about you; to correct or delete that personal data; restrict the processing of that personal data; and to obtain a copy of personal data about you that you provided to us (in connection with our agreement with you, or with your consent), in a structured, machine readable format, and to ask us to port this data to (i.e. share that data with) another organization.
In addition, applicable law may provide the right to object to the processing of personal data about you, in some circumstances (in particular, where we don’t have to process the data to meet a contractual or other legal requirement, or where we are using the data for direct marketing).
You have the right to appeal the result of significant fully automated decisions. This should be done by emailing us within 5 working days from the date of the decision, which we will then review.
If these rights apply, they may however be limited, for example if fulfilling your request would reveal personal data about another person, would infringe the rights of another person or legal entity (including our rights), or if you ask us to delete or change data which we are required by law to keep (or have other compelling legitimate interests in keeping). We will inform you of relevant exemptions we rely upon when responding to any request you make.
To exercise any of these rights, or to obtain other information, you can get in touch using the details set out below. If you have unresolved concerns, you typically have the right to complain to regulators, depending on applicable law. For example, in the EEA, your complaint can likely be taken to data protection authorities where you live, work or where you believe a breach may have occurred.
How long does the Company retain data?
Where we process personal data in connection with performing an agreement with
you, we keep the data for 7 years from your last interaction with us.
Where we process personal data for marketing purposes or with your consent, we process the data until you ask us to stop and for a short period after this (to allow us to implement your requests). We also keep a record of that request indefinitely, so that we can continue to respect your request in future.
Where we process personal data for site security purposes, we retain it for 3 years.
Longer retention periods may apply, such as where ongoing access to records continues to be important to our defence of legal claims or where we are required by law or regulation to retain information for specific periods.
Cookies and
Web Beacons
SoMon uses cookies on our website and web beacons in some emails. Cookies are small text files and web beacons are small graphic images. They are downloaded to your device when you visit a website or receive certain emails, unless you have set your browser to reject them.
We use cookies to remember your preferences and improve your overall experience of our site. We use web beacons to track the actions of individuals (such as email recipients) and measure the success and response rates of our marketing campaigns. In particular, we use the following:
● Session Cookies
These enable you to carry out some essential functions on our
sites, such as maintaining log-in details for the session or a transaction.
They also help by minimizing the need to transfer information across the
internet. They are not stored on your computer and expire when you terminate
your browser session or logout of certain areas.
● Analytics
We like to keep track of what pages and links are popular and
which ones don’t get used so much to help us keep our site relevant and up to
date. It’s also very useful to be able to identify trends of how people
navigate our site and help us provide a more friendly solution.
● Third-party cookies
Analytics tracking (and most web tracking software) use cookies in order to
provide meaningful reports about site visitors. However, analytics cookies do
not collect personal data about website visitors.
Controlling these technologies
If you want to delete any cookies, please check your browser or device settings (and help pages) for instructions on how to delete them. Your browser or device may also offer tracking controls for things other than cookies, such as beacons and tags.
Please note that by deleting our cookies or disabling future cookies, in particular the “strictly necessary” cookies described above, you may not be able to access certain areas or features of our site.
External
links
Although our website and mobile apps only look to include quality, safe and relevant external links, users should always adopt a policy of caution before clicking any links to non-Company websites or apps. We cannot control, guarantee or verify their contents. They will have their own policies and practices, for example with regard to privacy and personal data, and you should acquaint yourselves with those before further engaging with those third party websites or apps.
Contact
You can contact us in relation to data protection and this privacy notice by emailing legal@social.monster.