PRIVACY POLICY
Togee Effective as of: 20.05.2020
Last updated: 20.08.2021
We are very keen on being compliant with the European data protection rules and principles to protect you and your personal data. Please, revise this Privacy Policy before you disclose them.
1. PREAMBLE
1.1. Togee AB as data controller (’Togee’) is a company registered and operating in Sweden who created the Togee Application(’Service’). If you use (‘User’) our Service, you may disclose certain personal data to us.
1.2. For the purposes of this Privacy Policy, the terms ‘we’ or ‘our’ etc. shall mean the Togee.
1.3. Capitalized words and terms used in this Privacy Policy have the same meaning what we use in the GTC.
1.4. This Privacy Policy requires the expressed consent hereto by you, which you can withdraw anytime. Your consent shall be voluntarily, specific and based on the related information we provide to you.
1.5. Togee may amend this Privacy Policy unilaterally, at any time as the business processes develop. If you don’t agree with the modifications, you can delete your account anytime. This Policy shall come into effect upon its publication. The prevailing versions of this Policy is available on the website: https://www.togee.com.
1.6. Togee handles your personal data confidentiality and takes all the safety, technical and organizational measures that guarantees the security of your data.
1.7. Togee attempts to ensure the accuracy and up-to-date nature of the personal data; therefore, we take all necessary measures for the immediate erasure or rectification of the data that are inaccurate.
1.8. Your personal data is only yours, therefore you can request the restriction of data processing, rectification or erasure of your data, and you can object at any time, free of charge via e-mail: support@togee.com. We respond to You without undue delay, but latest within 30 days from the receipt of the request. If we have to reject to perform your request, we will provide a proper justification of rejection. In justified cases, depending on the complexity and number of requests, we can extend the deadline by two further months and we will inform you about that within one month of receipt of the request, together with the reasons for the delay.
2. SERVICE PROVIDER'S DAATA
Name of Togee: Togee Technologies AB
Registered seat of Togee: Box 659, 116 74 , Stockholm, Sweden
The contact details of Togee: its electronic mailing address used for regular communication with customers support@togee.com
Company org. number: 559074-4040
The company’s tax number: SE 559074404001
The name of the registering authority: Swedish Companies Registration Office (Se. Bolagsverket)
Website: www.togee.com
3. APPLICABLE LAWS
The Togee hereby declares to process your personal data in compliance with the prevailing laws and regulations, with special regard to the following:
- The related EU regulation: the General Data Protection Regulation of the European Union (Regulation 2016/679 (EU), the ‘GDPR’)
- Swedish Law (2018: 218) with supplementary provisions to the EU Data Protection Regulation [Lag (2018:218) med kompletterande bestämmelser till EU:s dataskyddsförordning]
4. LEGAL GROUND FOR DATA PROCESSING
4.1. The legal ground for personal data processing is:
a) your voluntary consent (Article 6 (1)(a) of the GDPR)
b) contract concluded by and between Togee and the User for contractual performance (Article 6(1)(b) of the GDPR)
c) for the performance of the Togee’s legal obligations, like auditing and accounting liabilities (Article 6(1)(c) of GDPR).
d) for the enforcement of the legitimate interest of the Togee or a third party (Article 6(1)(f) of GDPR).
4.2. You can grant and withdraw your consent to the use of your personal data for advertisement purposes.
5. THE DATA PROCESSED BY TOGEE
5.1. In order to be able to use the Services, you shall disclose certain personal data to Togee through Togee’s Application. If you reject to comply with such request; Togee is entitled to lawfully reject the provision of Services, so you may be unable to use them.
5.2. Within the scope of data processing, we can in particular pursue the following activities: collect, record, register, systematize, store and use the personal data for the purposes of data processing, to query, block, erase and destruct your data and to prevent the further use thereof. In lack of a related legal obligation, we never publish, coordinate or connect your personal data with each other.
5.3. Optional data provision by Users
5.3.1. Togee may process the following data provided by the Users which is required for the proper performance of the service.
Request data transfer in Togee Application
Legal grounds: 4.1. a), b)
-
Email address
Purpose of Data Processing: Conclusion, amendment and performance of the contract, Maintenance and development of Application, Identification of the user and ensuring the communication, Establishment and maintenance of a reliable and safe environment, enforcement of claims and rights, prevention and handling of fraud, Advertisement, marketing activities
Togee User
Legal grounds: 4.1. a), b)
-
Access to front and back camera
Purpose of Data Processing: Conclusion, amendment and performance of the contract, Maintenance and development of Application, Establishment and maintenance of a reliable and safe environment, enforcement of claims and rights, prevention and handling of fraud.
-
Access to the microphone
Purpose of Data Processing: Conclusion, amendment and performance of the contract, Maintenance and development of Application, Establishment and maintenance of a reliable and safe environment, enforcement of claims and rights, prevention and handling of fraud.
-
Access to screen recording
Purpose of Data Processing: Conclusion, amendment and performance of the contract, Maintenance and development of Application, Establishment and maintenance of a reliable and safe environment, enforcement of claims and rights, prevention and handling of fraud.
-
Content monitoring
Purpose of Data Processing: Conclusion, amendment and performance of the contract, Maintenance and development of Application, Establishment and maintenance of a reliable and safe environment, enforcement of claims and rights, prevention and handling of fraud
5.4. Automatic collection of data from the Application or Website
5.4.1. The scope of data automatically collected by the Togee regarding the Service, which is required for the proper performance and further development of the Service:
Registered Togee User in the Application
Legal grounds: 4.1. b), d)
-
Date of registration
Purpose of Data Processing: Conclusion, amendment and performance of the contract, Maintenance and development of Application, Establishment and maintenance of a reliable and safe environment, enforcement of claims and rights, prevention and handling of fraud.
-
Log data and device information
Purpose of Data Processing: Conclusion, amendment and performance of the contract, Maintenance and development of Application, Establishment and maintenance of a reliable and safe environment, enforcement of claims and rights, prevention and handling of fraud.
Website users
Legal grounds: 4.1. b), d)
-
Data collected by Google Firebase
Establishment and maintenance of a reliable and safe environment, enforcement of claims and rights, prevention and handling of fraud.
5.5. Data collected from third parties
5.5.1. We only collect your personal data collected by third parties if you have given your explicit consent to the data transfer directly to those third parties which is your responsibility to arrange. We do not supervise that your consent is properly given, we trust both you and those third parties who shall also be compliant with the data protection rules. Therefore we are not liable for the collection and processing of such data by third parties.
5.5.2. If you use the services of a third-party service provider (like Facebook, Instagram, Google, etc.) in relation to getting access to Togee’s Services, then we can request those data of yours from the concerned third party that are essential to the provision of the Services. To the provision or change of such data, the privacy policies of the concerned third-party service provider shall apply.
5.6. Cookies applied by Togee
5.6.1. What is a cookie? Cookies are small data files of information that our website or Togee application transfers to your hard drive or mobile device to store and sometimes track information about you. Although cookies do identify a User’s device, cookies do not personally identify Users. Additionally, mobile devices may use other tracking files which are similar to cookies (for example iOS devices use Apple’s ‘identifier for advertisers’ (IDFA) and Android devices use Google’s Android ID). In the context of tracking within Togee, the concept of a cookie will include an IDFA and an Android ID for the purpose of this Cookie Policy.
5.6.2. Why we use cookies: Our website and Application use cookies to distinguish you from other Users. This helps us to improve our website and Application and to provide you with a good experience when you browse our website or use Togee Application.
5.6.3. Types of cookies we may use: Strictly necessary cookies: these are cookies that are required for the operation of a website and App, such as to enable you to log into secure areas. Performance cookies: these types of cookies recognise and count the number of visitors to a website and users of an App and to see how users move around in each. This information is used to improve the way the website and App work. Functionality cookies: these cookies recognise when you return to a website or App, enable personalised content and recognise and remember your preferences. Targeting cookies: these cookies record your visit to a website or App, including the individual pages visited and the links followed. Generally, the strictly necessary cookies and some performance and functionality cookies only last for the duration of your visit to a website or expire when you close an App: these are known as ‘session cookies’. The functionality cookies and some targeting and performance cookies will last for a longer period of time: these are known as ‘persistent cookies’. Third party cookies: Some of the persistent and session cookies used by our website and App may be set by us, and some are set by third parties who are delivering services on our behalf. For example, we use Google Analytics to track what users do on the App so we can improve the design and functionality.
5.6.4. Blocking cookies: Most websites, mobile devices and apps automatically accept cookies but, if you prefer, you can change your browser, device or app settings to prevent that or to notify you each time a cookie is set. You can also learn more about cookies by visiting www.allaboutcookies.org which includes additional useful information on cookies and how to block cookies using different types of browser or device. To block the IDFA on your iOS mobile device, you should follow this path: Settings > General > About > Advertising and then turn on ‘Limit Ad Tracking’. To block Android ID on your Android device, you should follow this path: Google Settings > Ads and then turn on ‘Opt out of interest-based ads’.
6. THE METHOD AND TERM OF THE USE OF THE DATA COLLECTED
6.1. We only process your personal data if it is essential, suitable for and limited to the extent and duration required to the achievement of the purposes set for processing.
The conclusion, amendment and performance of the contract
-
Justification of purpose: Togee shall use the data collected by it or through third party service providers for the following purposes, to create, modify and conclude the contract. The personal data collected during the use of the Service serves to facilitate and enable the use of the Application. Togee uses the User’'s personal data to enable the creation of the contractual background of the User’s service order and to facilitate the fulfilment of the contract.
-
Duration of data processing: Togee shall process the personal data during the term of the contractual relationship or, in case a contractual relationship has not been established, until the purpose of processing has ceased, or erases them in case further processing of such data is no longer necessary for the purpose of processing. User may request for the erasure of his/her data in a letter sent to the support@togee.com email address. For the purposes of evidencing in the case of a dispute, the data of the concerned User shall be processed during the term of the general limitation period and for five (5) years after the final and binding closure of the dispute.
Maintenance and development of service
-
Justification of purpose: Togee shall use the data collected by it or through third-party service providers for the following purposes of maintenance and development of service. Togee shall use the personal data of the User to enable the continuous development and improvement of the Services.
-
Duration of data processing: Togee shall process the personal data during the term of the contractual relationship or, in case a contractual relationship has not been established, until the purpose of processing has ceased, or erases them in case further processing of such data is no longer necessary for the purpose of processing. User may request for the erasure of his/her data in a letter sent to the support@togee.com email address. For the purposes of evidencing in the case of a dispute, the data of the concerned User shall be processed during the term of the general limitation period and for five (5) years after the final and binding closure of the dispute.
Identification of the user and ensuring the communication
-
Justification of purpose: Togee may use the User’s personal data to ensure effective communication with the User, in the course of which Togee contacts and identifies users through their contact data provided.
-
Duration of data processing: Togee shall process the personal data during the term of the contractual relationship or, in case a contractual relationship has not been established, until the purpose of processing has ceased, or erases them in case further processing of such data is no longer necessary for the purpose of processing. User may request for the erasure of his/her data in a letter sent to the support@togee.com email address. For the purposes of evidencing in the case of a dispute, the data of the concerned User shall be processed during the term of the general limitation period and for five (5) years after the final and binding closure of the dispute.
Establishment and maintenance of a reliable and safe environment, enforcement of claims and rights, prevention and handling of fraud
-
Justification of purpose: Togee may use the personal data of the User to secure the legitimate interests of Users in the course of the use of Services. In the scope of the above, Togee shall be entitled to the following activities: the prevention and termination of fraud, spam, misuses and other harmful activities, to perform security investigations and risk analysis, to check and verify the data provided by the user.
-
Duration of data processing: Togee shall process the personal data during the term of the contractual relationship or, in case a contractual relationship has not been established, until the purpose of processing has ceased, or erases them in case further processing of such data is no longer necessary for the purpose of processing. User may request for the erasure of his/her data in a letter sent to the support@togee.com email address. For the purposes of evidencing in the case of a dispute, the data of the concerned User shall be processed during the term of the general limitation period and for five (5) years after the final and binding closure of the dispute.
Advertisement, marketing activities
-
Justification of purpose: Togee may use the personal data of Users solely for the following advertisement and marketing activities: to send promotion messages, advertisements, newsletters, other information popularizing the Services via phone or e-mail, to display the sponsored games, surveys, promotion activities and events of Togee and its cooperating partners.
-
Duration of data processing: The User may unsubscribe from advertisement-related communication at any time, through the support@togee.com e-mail address, among the profile settings and, in case of newsletters, by clicking directly on the unsubscribe menu function in the newsletter. In the absence of such an act, Togee shall process data for up to a maximum of 5 years.
Complaint management procedure
-
Justification of purpose: Documentation and verification of the conduct of the procedure, the actual examination.
-
Duration of data processing: The Togee shall process the personal data concerned until the purpose of processing has ceased, or erases them in case further processing of such data is no longer necessary for the purpose of processing. The data shall be stored for 5 years according to consumer protection rules.
Compliance with legal obligations relating to employment (e.g. informing necessary authorities)
-
Justification of purpose: Compliance with relevant information, reporting obligations and obligations connected to taxation, contributions, etc.
-
Duration of data processing: Togee processes the data for five (5) years starting from the last day of the calendar year in which employment ends, with the prohibition to discard labor, wage and social security records. Otherwise the limitation period in labor law is 7 years.
7. THE PESONS HAVING ACCESS TO THE DATA PROCESSED, DATA TRANSFERS
7.1. To be able to provide you with undisturbed Services, for quality assurance purposes, as well as to enable the investigation of customer claims and complaints, we might have to transfer your data to third parties. By accepting this Privacy Policy you give your expressed consent to these data transfers. 7.2. Data transfer may take place in the following cases:
Transfer of data to employees
Scope of data that may be transferred: To the personal data processed by us, Togee shall have access; the personal data shall also be made available to the employees of Togee, but only if their access to and processing of personal data is required for the purposes of data processing related to the given data category.
Publicly displayable information
Scope of data that may be transferred: Togee may only display publicly those information with respect to which you have granted its consent to the disclosure thereof on the social/public surfaces of Togee’s Partners.
Accounting Company
Scope of data that may be transferred: Togee may only display publicly those information with respect to which you have granted its consent to the disclosure thereof on the social/public surfaces of Togee’s Partners
Accounting Company
Scope of data that may be transferred: Data on employees, contributors and invoicing will be forwarded to our partner providing accounting services.
Law Firm
Scope of data that may be transferred: All data necessary for the performance of the activity of the Law Firm shall be forwarded to our legal advisory partner.
Norgic AB
The personal data shall also be made available to our subcontractors who perform software development and network tasks , but only if their access to and processing of personal data is required for the purposes of data processing related to the given data category.
VdoTok AB
The personal data shall also be made available to our subcontractors who perform software development and network tasks , but only if their access to and processing of personal data is required for the purposes of data processing related to the given data category.
Tech Incubator Pvt Ltd
Our subcontractor, who also perform software development and network tasks, shall have access to personal data, but only if their access to and processing of personal data is required for the purposes of data processing related to the given data category.
Compliance with Laws
Except for the cases defined in this section 7 and the case if Togee is instructed by the court to transfer data upon provisions prescribing mandatory data transfer to a specific authority, state or administrative organ and such instruction cannot be lawfully rejected, Togee may not transfer the personal data provided to it to third parties
7.3. To be able to provide you with undisturbed Services, we use the contribution of the following third-party service providers:
Hosting service provider, or a company providing system operation services to the Togee upon contractual relationship (Data Processor)
Name: Amazon Web Services EMEA SARL
The address of the hosting service provider: 38 Avenue John F. Kennedy, L-1855, Luxembourg
Company reg. no.: B186284
Contact details of the hosting service provider: https://aws.amazon.com/contact-us/
The website of the hosting service provider: https://aws.amazon.com/
Tax number: 26888617
Name: Google Ireland Limited
The address of the hosting service provider: Gordon House, Barrow Street, Dublin 4, Ireland Company reg. no.: 368047 Telephone number of the hosting service provider: 353-1-436-1000 Contact details of the hosting service provider: https://www.google.com/contact/ The website of the hosting service provider: www.google.com Tax number: 6388047V Name: OVH Limited The address of the hosting service provider: 1801 McGill College Ave. Suite 800, Montreal, Quebec H3A 2N4 Canada Company reg. no.: 537 407 926 Telephone number of the hosting service provider: 1-855-684-5463 Contact details of the hosting service provider: https://www.ovhcloud.com/en/contact/ The website of the hosting service provider: www.ovh.com
7.4. The Data Processor assists Togee in the smooth operation of the IT infrastructure that facilitates the storage of personal data provided to Togee, Data Processor has no direct access to personal data. We expressly declare that we have no direct or indirect liability with respect to the data processing activity of the Data Processor and the security of personal data in the course thereof; in this regard, the privacy policies and regulations of the Data Processor shall apply.
7.5. If we need to involve further Data Processors, we will notify you about that by the modification of our Privacy Policy.
8. RIGHTS AND OBLIGATIONS OF THE PARTIES
8.1. Processing of Users’ data, rights of information, access to data
8.1.1. You can access your personal data which have been collected by us. Please, notify us of any change in your data, at support@togee.com. You are responsible for ensuring the up-to-date status and reality of the personal data. In order to protect you, in case of any requests coming concerning your data, we need to verify the person. We do not retain personal data for the sole purpose of being able to react to potential requests.
8.1.2. The first request is free of charge. The second and all additional requests repeatedly filed are 500 SEK, if the request is related to the same subject or subject matter in the ongoing year, the request is not for information purposes and Togee legally disregards the rectification, erasure or restriction of the personal data handled on the basis of the repeated application. If a repeated request is justified because the act giving rise to the request has been caused by omission or activity attributable to us, we may waive the charges set out.
8.1.3. If we process a large quantity of information concerning you, we may need you to specify the information or processing activities to which the request relates before the information is delivered.
8.2. Rectification and erasure: You can ask us to rectify your personal data if necessary or to delete them where the retention of such data infringes the provisions of the related laws and regulations or if they are no longer necessary in relation to the purposes for which they are originally processed.
8.3. Withdrawal of consent and restriction of processing: In case you withdraw your consent to our processing of your personal data, we might not delete your data if processing is necessary for the protection of exercising the right of freedom of expression and information, for compliance with a legal obligation, for the performance of a task carried out in the public interest etc. The processing of personal data is essential until the proper, contractual completion of the contract concluded by and between Togee and you.
8.4. Right to object: You still have the right to object against the processing of your personal data considering your individual circumstances even if it is lawfully processed for the performance of a task carried out in the public interest or in the exercise of official authority vested in Togee, or on grounds of the legitimate interests of controller a or a third party?
8.5. Right to data portability: If you need it, we can provide you with a structured, commonly used and machinereadable format or all of your personal data processed by us and you can transmit those data to another controller.
8.6. The Obligation of the User: You are the only one who is responsible for the lawfulness, reality and accuracy (i.e. the quality) of your data under criminal liability.
9. FURTHER IMPORTANT INFORMATION
9.1. Records of data processing activities. Service Provider complies with the obligation of keeping records of the data processing activities and complies with and maintains a data processing record that is relevant to the employment activity. We don’t have to record our User’s personal data.
9.2. Data Protection Officer: In our standpoint, Togee is not obliged to appoint a data protection officer, as our main activities do not involve data processing operations that would allow a regular, systematic and highscale follow-up monitoring of the Data Subjects; furthermore, nor do we handle any special categories of personal data or criminal-relevant data.
9.3. Supervisory organs and other authorities: The territorial delineation of this Privacy Policy may extend to other foreign authorities if the User is concerned with a location or place of business outside Sweden. Our supervisory authority who you can turn to regarding our data processing is:
Swedish Data Protection Authority, with regards to the owner of Togee
Name: Swedish Data Protection Authority (DPA)
Address: Drottninggatan 29, plan 5, 10420 Stockholm
Post address: Datainspektionen Box 8114, 10420 Stockholm
Phone: 08-657 61 00
Email: datainspektionen@datainspektionen.se
Foreign data protection authorities may also be involved if you have your location or place of business outside Sweden. You can search here the relevant authority: https://ec.europa.eu/justice/article29/structure/data-protection-authorities/index_en.htm
9.4. Automated decision making, profiling We do not apply decision-making procedures that are based solely on automated processing, including profiling, which would have legal effects on you. Should we introduce such procedures in the future, you will be properly notified about that and we will ask for your consent thereto.
9.5. Processing of sensitive data We do not process personal data which are, by their nature, particularly sensitive in relation to fundamental rights and freedoms, or require specific protection as the context of their processing could create significant risks to the fundamental rights and freedoms. If we decide to process such sensitive data, this activity shall be pursued with special care and diligence, having your expressed consent thereto, and only the extent it is required. We do not process personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation or criminal data.
9.6. Processing children’s data We do not collect personal information online from children, the registration is not possible under the age of 13.
10. PERSONAL DATA BREACH
10.1. In case of personal data breach, where the incident is likely to pose a high risk to the rights and freedoms of those concerned, we submit the report towards the data protection supervisory authority required by the laws and regulations, without undue delay, but in any case, within 72 hours from getting aware of the incident. We have developed internal procedures in case of personal data breach, and personal data breaches are also recorded into a registry. If you are affected by such personal data breach will also be notified, if the prevailing laws and regulations require so.
10.2. If you detect a threat of personal data breach, we ask to report it immediately via email at hello@togee.com. Furthermore, in case of personal data breach, you may initiate a case before Datainspektionen against Togee.
11. CHANGES OF THE PRIVACY POLICY
11.1. Togee reserves the right to amend this Privacy Policy at any time. Amendments will be published immediately on the website https://togee.com
11.2. In case of amendment, the User will be notified thereof thirty (30) days prior to the date of effectiveness of amendment, via the Application.
11.3. In case the Data Subject objects to such amendment, he/she may notify Togee thereof and disclose his/her respective comments and notices via e-mail (support@togee); furthermore, he/she may request the erasure of his/her personal data.