Polaroid Legal
This Privacy Policy explains how Polaroid International B.V. ("Polaroid", "we" or "our") collects, stores and uses your personal data when you use ("Use") the Polaroid application named the Polaroid Music app (the "App"). Please read this Privacy Policy carefully.
We respect your right to privacy. The processing of your personal data is subject to the rules of the General Data Protection Regulation ((EU) 2016/679) ("GDPR"), as well as the national implementation acts of the GDPR.
1. WHO WE ARE
Polaroid is a company registered with the commercial register in The Netherlands (Chamber of Commerce registration number 59065982) whose registered office is at Danzigerkade 16C, 1013 AP, Amsterdam, The Netherlands. Polaroid is part of the Polaroid group of companies. You may contact us on [email protected].
With regard to your personal data that we process as a result of the Use of the App (see paragraph 2), we are the controller within the meaning of the GDPR. This means we have certain statutory duties and responsibilities regarding our processing activities. This Privacy Policy serves to inform you on how we meet our duties and responsibilities.
2. THE PERSONAL DATA WE COLLECT ABOUT YOU
When you Use the App, we and/or our third-party data processors acting on our behalf (see paragraph 5) collect the following personal data about you:
Personal data you provide to us:
User data: profile name, email address, phone number, date of birth, gender, country, street address;
Usage and preference data: we collect data about how you and other App users interact with our services, preferences expressed, and settings chosen;
Device data: we collect data about your mobile device, including, for example, the hardware model, operating system and version, software, IP address, file names and versions and preferred language;
Location data; we collect data about the location where your device is used; and
Log data: when you interact with our services and hardware products within the App, we create logs, which include access dates and times, app features or pages viewed, app crashes and other system activity.
Personal data collected from other (third party) sources:
Personal data available through public sources: In order to be able to offer our services in the App correctly and to create the best user experience, we collect personal data from third parties, such as app stores, operating system and device manufacturers, and analytical companies. If you connect your account to a third party application, service and/or devices, we collect personal data from them to make the integration possible.
We do not access any personal data from the Google Play Store and/or the Apple App Store.
3. LEGAL BASES FOR PROCESSING YOUR PERSONAL DATA
The GDPR requires a legal bases for the processing of personal data. For each purpose (see paragraph 4), we will indicate the legal bases on which we process your personal data.
Our legal basis for processing your personal data is:
the processing is necessary for the performance of a contract to which you are a party, or in order to take action at your request prior to the conclusion of a contract (e.g. offering our services within the App) (purpose A, B and J);
the processing is necessary for us to comply with our legal obligations to which Polaroid is subject (purpose D and H);
the processing is necessary for our legitimate interests or those of a third party (purpose C, D, E, F, G, and I). The legitimate interest we pursue is the proper conduct of our business activities, such as ensuring that the content from our services is presented in the most effective manner, to troubleshoot software burgs and operational problems and provide you with information on products and offers which are relevant to you.
4. HOW WE MAY STORE AND USE YOUR INFORMATION
Polaroid (and third party data processors acting on our behalf) may collect, store and process your personal data:
A. to make this App and its features available to you;
B. to provide our services to you;
C. to develop and distribute our app;
D. where we have a legal right or duty to use or disclose your personal data (including for crime and fraud prevention and combating and to comply with a court order) or for company acquisition/asset sale;
E. to ensure that content from our services is presented in the most effective manner for you and your device;
F. to administer, secure, adapt and improve our radio services, hardware products and for internal operations, including, for example, to prevent fraud and abuse of our services; to troubleshoot software bugs and operational problems; to conduct data analysis, testing, and research; and to monitor and analyze usage and activity trends;
G. to be able to answer and handle legal requests and/or complaints;
H. to comply with legal obligations applicable to Polaroid;
I. obtaining external (legal) advice and/or the establishment, exercise or substantiation of a legal claim; and
J. to execute licensor contracts.
5. DISCLOSURE OF YOUR PERSONAL DATA
In some cases, we share your personal data with third parties. We only provide your personal data to third parties if this is necessary for one or more of the purposes listed in paragraph 4. Your personal data may be shared with the following parties and/or for the following reasons:
- Company acquisition or business or asset sale: in the event that a third party acquires all or part of our business and/or assets, we may disclose your personal data to that third party in connection with the acquisition. We also reserve the right to disclose your personal data to third parties as part of any business or asset sale carried out because Polaroid has gone into insolvency or any similar situation, but only where lawful and compliant with the applicable data protection legislation, as amended from time to time.
- Comply with applicable law: we may disclose your personal data where necessary to comply with applicable law or an order of a governmental or law enforcement body. We may also disclose your personal data in response to a request for personal data by a competent authority if we believe disclosure is in accordance with, or is otherwise required by, any applicable law, regulation, or legal process.
- Subsidiaries and affiliated entities: we may share your personal data with our subsidiaries and affiliated entities within the Polaroid group that provide services or conduct data processing in relation to the App on our behalf.
- Other relevant parties: we may disclose your personal data where necessary with our processors, vendors, consultants, marketing partners, and other service providers who need access to such personal data to carry out work on our behalf for the performance of any contract we enter into with them.
- Analytics: this App uses Google Analytics for Firebase and Google Firebase Crash Reporting services (i) provided by Google and (ii) providing insight into App usage and user engagement. Google will use this information on our behalf for the purpose of evaluating your use of the App and compiling reports on App activity for us. Some Firebase services process personal data, that will be provided to us by Google in an aggregated manner. For this reason, a data processing agreement is concluded with Google. However, the aggregated data received from Google does not represent personal data for us as we are not reasonably able to identify a specific user on the basis of this information, nor do we make any efforts to personalise it subsequently. We process these aggregated data to analyse and optimize usage behaviour in general, for example by evaluating crash reports.
We may, in some cases, merge your personal data with the data of third parties. We do this, for example, to see your previous purchases.
6. INTERNATIONAL TRANSFERS
We may transfer personal data that we collect from you to third party processors located in countries that are outside of the European Economic Area ("EEA") and to other Polaroid group companies in connection with the above purposes. For example, some Polaroid group companies or processors are domiciled in the United States, which leads to the disclosing of your personal data outside the EEA.
In such situations, we will ensure that appropriate safeguards are in place that offer an adequate level of protection of your rights and freedoms as a data subject in accordance with the GDPR. We do this, for example, by concluding standard contractual clauses for the transfer of personal data approved by the European Commission, or by transferring your personal data only to third parties that are considered to guarantee an adequate level of protection according to the European Commission.
7. DATA RETENTION
We will retain your personal data for no longer than is necessary for the purpose(s) for which it is collected or processed and/or in accordance with legal obligations. After a retention period, we will delete or anonymize your personal data, unless we retain (part of) of your personal data for another purpose. We will only do so if we have a legal basis to retain your personal data. We will ensure that personal data are only accessible for that other purpose.
With regards to the use of our digital services, we will retain your data for a period of two (2) years after your last login using our (account) services. The reason is that when you would reactivate your account, you can easily continue to make use of our services within that two-year period. If you are inactive for a longer period of time, we will notify you and remove your data, unless you indicate otherwise.
However, a longer retention period of your personal data may occur if this is necessary to comply with a legal obligation. If a dispute or (legal) proceedings are expected, we may also retain your personal data for a longer period of time.
We will in any case comply with legal data retention obligations. If you would like to receive more information about the retention periods that we apply, please contact us on [email protected].
8. YOUR RIGHTS
As a data subject, you have a number of rights that you may exercise in the context of out processing of your personal data:
the right of information about the personal data we process about you;
the right to access your processed personal data;
the right to rectification of the personal data that we hold about you;
the right to erasure of your personal data (under circumstances listed in the applicable law);
the right to restrict the processing of your personal data (under circumstances listed in the applicable law);
the right to object against the processing of your personal data (e.g. in relation to the processing of your personal data for advertising purposes);
the right to data portability (you can ask us to provide you or a third party with your personal data in a readable and accessible form); and
the right to withdraw your consent to the processing of your personal data.
For security purposes we may occasionally request proof of identity before we are able to exercise your rights. If you wish to exercise any of the above rights, please contact us on [email protected].
Please take into account that your rights are not absolute in all cases, and that we may not be required to comply with your request. If that is the case, we will make sure you will be informed of this.
9. UPDATES TO THIS PRIVACY POLICY
This Privacy Policy was last updated in January 2023 and replaces our previous Privacy Policy.
Please check regularly to stay informed of updates to this Privacy Policy. If we make any changes to this Privacy Policy in the future, we will publish the revised Privacy Policy on the App. If changes are made that may significantly affect you as a data subject, we will do our best to directly inform you about those changes. All changes will take effect as soon as the Privacy Policy has been published on the App.
10. QUESTIONS AND COMPLAINTS
In case you have any questions or complaints regarding the processing of your personal data, please contact us on [email protected]. If you are of the opinion that we process your personal data in an improper or unlawful manner, that we do not/insufficiently take regard of your objection or request in the context of your rights or if you wish to make a complaint in the context of the processing of your personal data, you have at all times the right to lodge a complaint with the competent Data Protection Authority.