Supplemental Page
If you reside in the European Economic Area (“EEA”)
Last modified: 11/14/2022
1. Application
This supplemental page (“Subpage”) applies if you reside in the European Economic Area (“EEA”) and supplements our Data Policy. It contains important information we are required by the General Data Protection Regulation (“GDPR”) to disclose, including (i) the controller(s) of your personal information; (ii) legal bases, (iii) your legal rights, (iv) safeguards we rely on for transferring your personal information outside the EEA; and (v) the contact details of the controller and Data Protection Officer. This page also contains important information about the Payments Controller (defined below) and the information processed in connection with the Payments Services. Please read this page carefully. If you have any questions, please contact us.
2. Who Controls My Personal Information
2.1 Controller. Where this Subpage mentions “Znugle,” “we,” “us,” or “our,” it refers to Znugle Technology AB that is responsible for your information under this Data Policy (the “Controller”).
2.2 Payments Controller. The Data Policy also applies to the Payment Services provided to you by Znugle pursuant to the Payments Terms of Service (“Payments Terms”). When using the Payment Services, you will also be providing your personal information, to one or more Znugle Payments entities, which will be the responsible (the “Payments Controller“), for your information related to the Payment Services, generally depending on your country of residence.
2.3 Changing Your Country of Residence. If you change your country of residence, the Controller and/or Payments Controller will be determined by your new country of residence as specified above, from the date on which your country of residence changes. To this end the Controller and/or Payments Controller that originally collected your personal information will need to transfer such personal information to the new applicable Controller and/or Payments Controller. The new Controller and/or Payment Controller will continue to process your personal information as described in the Data Policy and Subpage (when applicable).
2.4 Contact Us. To contact the Controller, the Payments Controller or the Data Protection Officer (“DPO”) for Znugle please find contact details.
2.2 Payments Controller. The Data Policy also applies to the Payment Services provided to you by Znugle pursuant to the Payments Terms of Service (“Payments Terms”). When using the Payment Services, you will also be providing your personal information, to one or more Znugle Payments entities, which will be the responsible (the “Payments Controller“), for your information related to the Payment Services, generally depending on your country of residence.
2.3 Changing Your Country of Residence. If you change your country of residence, the Controller and/or Payments Controller will be determined by your new country of residence as specified above, from the date on which your country of residence changes. To this end the Controller and/or Payments Controller that originally collected your personal information will need to transfer such personal information to the new applicable Controller and/or Payments Controller. The new Controller and/or Payment Controller will continue to process your personal information as described in the Data Policy and Subpage (when applicable).
2.4 Contact Us. To contact the Controller, the Payments Controller or the Data Protection Officer (“DPO”) for Znugle please find contact details.
3. Processing of Payments Information
3.1 Information Necessary for Use of Payment Services. The Payments Controller needs to collect the following information necessary for the adequate performance of the contract with you and to comply with applicable law (such as anti-money laundering regulations). Without it, you will not be able to use Payment Services:
• Payment Information. When you use the Payment Services, the Payments Controller requires certain financial information (such as your bank account or credit card information.) in order to process payments and comply with applicable law.
• Identity Verification and Other Information. The Payments Controller may require identity verification information (such as images of your government issued ID document(s), passport, national ID card, tax ID or driving license) or other authentication information (such as your date of birth, your address, email address, phone number) and other information in order to verify your identity, provide the Payment Services to you, and to comply with applicable law.
3.2 How the Payments Controller Uses Personal Information Collected. We may use the personal information as a part of Payment Services to:
• Enable or authorize third parties to use the Payment Services
• Detect and prevent money laundering, fraud, abuse, security incidents
• Conduct security investigations and risk assessments
• Comply with legal obligations (such as anti-money laundering regulations)
• Enforce the Payment Terms and other payment policies
• With your consent, send you promotional messages, marketing, advertising, and other information that may be of interest to you based on your preferences
• Provide and improve the Payment Services
• Payment Information. When you use the Payment Services, the Payments Controller requires certain financial information (such as your bank account or credit card information.) in order to process payments and comply with applicable law.
• Identity Verification and Other Information. The Payments Controller may require identity verification information (such as images of your government issued ID document(s), passport, national ID card, tax ID or driving license) or other authentication information (such as your date of birth, your address, email address, phone number) and other information in order to verify your identity, provide the Payment Services to you, and to comply with applicable law.
3.2 How the Payments Controller Uses Personal Information Collected. We may use the personal information as a part of Payment Services to:
• Enable or authorize third parties to use the Payment Services
• Detect and prevent money laundering, fraud, abuse, security incidents
• Conduct security investigations and risk assessments
• Comply with legal obligations (such as anti-money laundering regulations)
• Enforce the Payment Terms and other payment policies
• With your consent, send you promotional messages, marketing, advertising, and other information that may be of interest to you based on your preferences
• Provide and improve the Payment Services
4. Legal Bases for Processing Personal Information
We process personal information for the purposes described in the Data Policy in line with the lawful bases set out below. For more information on the processing activities, please refer to the relevant section of the Data Policy.
4.1 Processing of Payments Information (Section 3, this Subpage).
Sub-Section. How the Payments Controller Uses the Personal Information Collected. The Payments Controller processes this personal information given its legitimate interest in improving the Payment Services and its users’ experience with it, and where it is necessary for the adequate performance of the contract with you and to comply with applicable laws.
4.2 How We Use Information We Collect (Section 3).
Sub-Section. Provide, Improve, and Develop Znugle. We process this personal information for these purposes given our legitimate interest in improving Znugle and our users’ experience with it, and where it is necessary for the adequate performance of the contract with you.
Sub-Section. Create and Maintain a Trusted and Safer Environment. We process this personal information for these purposes given our legitimate interest in protecting Znugle and our users, to measure the adequate performance of our contract with you, to comply with applicable laws, for the protection of your or another person’s vital interests, and for reasons of public interest in the area of public health, such as protecting against serious cross-border threats to health.
Sub-Section. Provide, Personalize, Measure, and Improve Our Advertising and Marketing. We will process this personal information with your consent or based on our legitimate interest in undertaking marketing activities to offer you products or services that may be of interest to you.
Sub-Section. How the Payments Controller Uses the Personal Information Collected. The Payments Controller processes this personal information given its legitimate interest in improving the Payment Services and its users’ experience with it, and where it is necessary for the adequate performance of the contract with you and to comply with applicable laws.
4.3 Complying with Law, Responding to Legal Requests, Preventing Harm and Protecting Our Rights (Section 4.5).
Sub-Section. Complying with Law, Responding to Legal Requests, Preventing Harm and Protecting Our Rights. These disclosures may be necessary to comply with our legal obligations, for the protection of a person’s vital interests, for reasons of public interest in the area of public health, such as protecting against serious cross-border threats to health, for reasons of substantial public interest, or for the purposes of Znugle’s or a third party’s legitimate interest in keeping Znugle secure, preventing a breach of the law, harm or crime, enforcing or defending legal rights, claims, or obligations, facilitating the collection of taxes and prevention of tax fraud or preventing loss or damage.
4.4 Other Important Information (Section 5).
Sub-Section. Analyzing Your Communications. These activities are carried out based on Znugle’s legitimate interest in ensuring compliance with applicable laws and our Terms, preventing fraud, promoting safety, and improving and ensuring the adequate performance of our services.
Sub-Section. Linking Third Party Accounts, Third Party Partners and Integrations. We process personal information from linked third party accounts, third party partners, and integrations to the extent necessary to ensure the adequate performance of our contract with you, or to ensure that we comply with applicable laws, or with your consent.
Sub-Section. How the Payments Controller Uses the Personal Information Collected. The Payments Controller processes this personal information given its legitimate interest in improving the Payment Services and its users’ experience with it, and where it is necessary for the adequate performance of the contract with you and to comply with applicable laws.
4.2 How We Use Information We Collect (Section 3).
Sub-Section. Provide, Improve, and Develop Znugle. We process this personal information for these purposes given our legitimate interest in improving Znugle and our users’ experience with it, and where it is necessary for the adequate performance of the contract with you.
Sub-Section. Create and Maintain a Trusted and Safer Environment. We process this personal information for these purposes given our legitimate interest in protecting Znugle and our users, to measure the adequate performance of our contract with you, to comply with applicable laws, for the protection of your or another person’s vital interests, and for reasons of public interest in the area of public health, such as protecting against serious cross-border threats to health.
Sub-Section. Provide, Personalize, Measure, and Improve Our Advertising and Marketing. We will process this personal information with your consent or based on our legitimate interest in undertaking marketing activities to offer you products or services that may be of interest to you.
Sub-Section. How the Payments Controller Uses the Personal Information Collected. The Payments Controller processes this personal information given its legitimate interest in improving the Payment Services and its users’ experience with it, and where it is necessary for the adequate performance of the contract with you and to comply with applicable laws.
4.3 Complying with Law, Responding to Legal Requests, Preventing Harm and Protecting Our Rights (Section 4.5).
Sub-Section. Complying with Law, Responding to Legal Requests, Preventing Harm and Protecting Our Rights. These disclosures may be necessary to comply with our legal obligations, for the protection of a person’s vital interests, for reasons of public interest in the area of public health, such as protecting against serious cross-border threats to health, for reasons of substantial public interest, or for the purposes of Znugle’s or a third party’s legitimate interest in keeping Znugle secure, preventing a breach of the law, harm or crime, enforcing or defending legal rights, claims, or obligations, facilitating the collection of taxes and prevention of tax fraud or preventing loss or damage.
4.4 Other Important Information (Section 5).
Sub-Section. Analyzing Your Communications. These activities are carried out based on Znugle’s legitimate interest in ensuring compliance with applicable laws and our Terms, preventing fraud, promoting safety, and improving and ensuring the adequate performance of our services.
Sub-Section. Linking Third Party Accounts, Third Party Partners and Integrations. We process personal information from linked third party accounts, third party partners, and integrations to the extent necessary to ensure the adequate performance of our contract with you, or to ensure that we comply with applicable laws, or with your consent.
5. Your Rights
If Znugle is the Controller or the Payments Controller, or pursuant to applicable law, you benefit from a number of rights. While some of these rights apply generally, certain rights apply only in certain limited cases. Please note that we may ask you to verify your identity and request before taking further action on your request. Please contact us for information on data subject rights and how to submit a request.
5.1 Data Access and Portability. You have the right to request certain copies of your personal information held by us. In certain instances, you also have the right to request copies of personal information that you have provided to us in a structured, commonly used, and machine-readable format and/or request us to transmit this information to another service provider (where technically feasible).
5.2 Rectification. You have the right to ask us to correct inaccurate or incomplete personal information about you (and which you cannot update yourself within your Znugle account).
5.3 Erasure. We generally retain your personal information for as long as is necessary for the performance of the contract between you and us, to comply with our legal obligations, and as permitted by applicable law. You have the right to ask us to delete your personal information, subject to certain limitations and restrictions. Please note that if you request the erasure of your personal information:
• We may retain your personal information as necessary for our legitimate business interests, such as prevention of money laundering, fraud detection and prevention and enhancing safety. For example, if we suspend a Znugle account for fraud or safety reasons, we may retain information from that Znugle account to prevent that Member from opening a new Znugle account in the future.
• We may retain and use your personal information to the extent necessary to comply with our legal obligations. For example, Znugle may keep your information for tax, legal reporting and auditing obligations.
• Information you have shared with others (e.g., Reviews, forum postings) will continue to be publicly visible on Znugle, even after your Znugle account is cancelled. However, attribution of such information to you will be removed.
• Some copies of your information (e.g., log records) will remain in our database, but are disassociated from personal identifiers.
• Because we maintain Znugle to protect from accidental or malicious loss and destruction, residual copies of your personal information may not be removed from our backup systems for a limited period of time.
5.4 Withdrawing Consent. If we are processing your personal information based on your consent you can withdraw your consent at any time by changing your account settings or by sending a communication to Znugle specifying which consent you are withdrawing. Please note that the withdrawal of your consent does not affect the lawfulness of any processing activities based on such consent before its withdrawal.
5.5 Restriction of Processing. You have the right to limit the ways in which we use your personal information, in particular where (i) you contest the accuracy of your personal information; (ii) the processing is unlawful and you oppose the erasure of your personal information; (iii) we no longer need your personal information for the purposes of the processing, but you require the personal information for the establishment, exercise or defence of legal claims; or (iv) you have objected to the processing pursuant to Section 5.6 (below) and pending the verification whether the legitimate grounds of Znugle override your own.
5.6 Objection to Processing. You have the right to object to the processing of your personal information based on grounds specific to your situation if such processing is for direct marketing or is for a purpose based on a legitimate interest or public interest. If you object to processing based on legitimate or public interests we will no longer process your personal information for these purposes unless we can demonstrate compelling legitimate grounds for such processing or where the processing is otherwise required for the establishment, exercise or defence of legal claims. Where your personal information is processed for direct marketing purposes, you may, at any time ask Znugle to cease processing your data for these direct marketing purposes by sending an e-mail to opt-out@znugle.com.
5.7 Lodging Complaints. You have the right to lodge complaints about our data processing activities by filing a complaint with our Data Protection Officer who can be reached by the “Contact” section or with a supervisory authority, either your local supervisory authority or our lead supervisory authority, the Irish Data Protection Commission.
5.2 Rectification. You have the right to ask us to correct inaccurate or incomplete personal information about you (and which you cannot update yourself within your Znugle account).
5.3 Erasure. We generally retain your personal information for as long as is necessary for the performance of the contract between you and us, to comply with our legal obligations, and as permitted by applicable law. You have the right to ask us to delete your personal information, subject to certain limitations and restrictions. Please note that if you request the erasure of your personal information:
• We may retain your personal information as necessary for our legitimate business interests, such as prevention of money laundering, fraud detection and prevention and enhancing safety. For example, if we suspend a Znugle account for fraud or safety reasons, we may retain information from that Znugle account to prevent that Member from opening a new Znugle account in the future.
• We may retain and use your personal information to the extent necessary to comply with our legal obligations. For example, Znugle may keep your information for tax, legal reporting and auditing obligations.
• Information you have shared with others (e.g., Reviews, forum postings) will continue to be publicly visible on Znugle, even after your Znugle account is cancelled. However, attribution of such information to you will be removed.
• Some copies of your information (e.g., log records) will remain in our database, but are disassociated from personal identifiers.
• Because we maintain Znugle to protect from accidental or malicious loss and destruction, residual copies of your personal information may not be removed from our backup systems for a limited period of time.
5.4 Withdrawing Consent. If we are processing your personal information based on your consent you can withdraw your consent at any time by changing your account settings or by sending a communication to Znugle specifying which consent you are withdrawing. Please note that the withdrawal of your consent does not affect the lawfulness of any processing activities based on such consent before its withdrawal.
5.5 Restriction of Processing. You have the right to limit the ways in which we use your personal information, in particular where (i) you contest the accuracy of your personal information; (ii) the processing is unlawful and you oppose the erasure of your personal information; (iii) we no longer need your personal information for the purposes of the processing, but you require the personal information for the establishment, exercise or defence of legal claims; or (iv) you have objected to the processing pursuant to Section 5.6 (below) and pending the verification whether the legitimate grounds of Znugle override your own.
5.6 Objection to Processing. You have the right to object to the processing of your personal information based on grounds specific to your situation if such processing is for direct marketing or is for a purpose based on a legitimate interest or public interest. If you object to processing based on legitimate or public interests we will no longer process your personal information for these purposes unless we can demonstrate compelling legitimate grounds for such processing or where the processing is otherwise required for the establishment, exercise or defence of legal claims. Where your personal information is processed for direct marketing purposes, you may, at any time ask Znugle to cease processing your data for these direct marketing purposes by sending an e-mail to opt-out@znugle.com.
5.7 Lodging Complaints. You have the right to lodge complaints about our data processing activities by filing a complaint with our Data Protection Officer who can be reached by the “Contact” section or with a supervisory authority, either your local supervisory authority or our lead supervisory authority, the Irish Data Protection Commission.
6. Retention
We retain personal information for as long as needed or permitted in light of the purpose(s) for which it was obtained and consistent with applicable law. The criteria used to determine our retention periods include:
• the length of time we have an ongoing relationship with you and provide Znugle to you (for example, for as long as you have an account with us or keep using Znugle);
• whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them); and/or
• whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).
• the length of time we have an ongoing relationship with you and provide Znugle to you (for example, for as long as you have an account with us or keep using Znugle);
• whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them); and/or
• whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).
7. Operating Globally and International Transfers
To facilitate our global operations Znugle may transfer, store, and process your information within our family of companies, partners, and service providers based in Europe, India, Asia Pacific and North and South America. Laws in these countries may differ from the laws applicable to your country of residence. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in these other countries may be entitled to access your personal information. Some of these countries are subject to a European Commission adequacy decision. For other countries, measures have been taken pursuant to applicable data protection law, such as standard contractual clauses within Znugle or with the relevant third party to protect this personal data.
7.1 Other Means to Ensure an Adequate Level of Data Protection. If Znugle is the Controller and your information is shared with corporate affiliates or third party service providers outside the EEA, we have (prior to sharing your information with such corporate affiliate or third party service provider) established the necessary means to ensure an adequate level of data protection. This may be an adequacy decision of the European Commission confirming an adequate level of data protection in the respective non-EEA country or an agreement on the basis of the EU Model Clauses (a set of clauses issued by the European Commission). We will provide further information on the means to ensure an adequate level of data protection, such as a copy of the EU Model Clauses, on request.
