Last updated: 9th March 2021
1. About this policy. Amondo is committed to protecting and respecting your privacy. This policy sets out who we are and how and why we collect, store, use and share your personal information. It also explains your rights in relation to your personal information, so please read it carefully. This policy applies to your use of https://www.amondo.com/ (the “Site”) or any services offered through or associated with the Site, including the Amondo platform and API (the “Services”).
2. Other terms that apply to you. Your use of our Services is also subject to our End User Terms and any other terms and conditions agreed between us and you.
3. What is “personal data”? “Personal data” means any information that identifies an individual person. It does not include data about a company or anonymous data (i.e. data where the personal identity has been removed).
4. About us. The Site is owned and operated by Amondo Ltd, a company incorporated in the United Kingdom under number 09043853 whose registered office is at 86-90 3rd Floor, Paul Street, London, England, EC2A 4NE. In this policy, “we”, “us” or “our” refers to Amondo Ltd.
5. Our role. When we process personal data, we are responsible as a “controller” of that personal data for the purposes of the General Data Protection Regulation and the Data Protection Act 2018 (the “data protection laws”). Amondo is registered as a data controller with the UK Information Commissioner’s Office under registration number ZA365772.
6. How we collect data
6.1. Directly from you. Some of the data we collect is collected directly from you. For example, you give us personal data directly when you visit our Site, subscribe to our newsletter, use our Services or communicate with us (whether in person or by phone, text or email).
6.2. From social media platforms and Third-Party Platforms. Our customers use our Services to create content feeds (which we call “Imprints”). Imprints aggregate content from social media platforms that connect directly to our Platform, like Facebook, Instagram, YouTube, Twitter, Snap or TikTok (which we call “Source Platforms”). Customers can also upload content from third-party platforms that are not directly connected to Amondo (“Third-Party Platforms”). If you post something on a Source Platform that relates to one of our customers (like if you tag them, mention their brand or use certain hashtags), we automatically receive your username or social media handle, profile picture or avatar, and the content of that post, in line with the relevant platform’s terms and your privacy settings on that platform. If content you’ve posted on a Third-Party Platform is uploaded to the Platform, we also receive your username or social media handle, profile picture or avatar, and the content of that post, in line with the relevant platform’s terms and your privacy settings on that platform.
6.3. When you enter our clients’ user generated content (UGC) competitions which are managed by us. We collect data directly from you (such as first name, last name, social media handle, email and image) on behalf of our clients when you upload UGC as part of a competition entry made either through either our site, our client’s site or associated microsite.
6.4. From other third parties. We may also receive information from the following third parties that help us provide our Services, including Algolia (to power our search engine), Amazon Web Services (to store and process information), Cloudflare (to host our Services) Cloudinary (to store, serve and stream images and videos), Facebook (Platform) and Facebook (Web Application) (for Facebook integration and analytics), Fathom (to understand how users engage with our Site), Google AdSense (for advertising), Google Analytics (to understand how users engage with our Site), Heroku by Salesforce (to host our Services), Intercom (for live chat, customer support and usage statistics), MailChimp (for newsletter marketing), Paperform (to build website forms), Port (for user data organisation and controls), Riddle (to create quizzes as part of our Services), Sendgrid by Twilio (for service emails), Sentry (for error tracking), Vimeo, YouTube (to host and embed videos) and Zapier (to integrate third-party APIs). For more information on how these companies handle your personal data, please refer to their privacy policies.
7. Data we collect about you. The personal data we collect about you may include your name and email address, username or social media handle, profile picture and other photos, location data, behavioural data (like information about how you use our Services, including your IP address) and any personal data in content you post through Source Platforms or Third-Party Platforms.
8. How and why we use your data. Under data protection laws, we can only use your personal information if we have a proper reason for doing so, such as complying with our legal and regulatory obligations, fulfilling contractual obligations to you (or taking any steps at your request before entering into a contract), where you have given consent or for our (or a third party’s) legitimate interest. (A “legitimate interest” is when we have a business or commercial reason to use your information, which is a proper reason for using your personal data as long as it’s not overridden by your own rights and interests.) This section explains what we use your personal information for and our reasons for doing so.
8.1. Providing our Services to you. We use your personal data to administer the Services, to ensure content is presented in the most effective manner for you and for your device, as part of our efforts to keep the Services safe and secure and to allow you to participate in interactive features of our Services (when you choose to do so). We use your personal data this way for our legitimate interests in maintaining our Services.
8.2. Managing our Services. We use your personal data for internal operations, to administer and manage your account, respond to communications from you and provide you with information you request from us, notify you about changes to the Services and carry out any other obligations arising from any contracts entered into between you and us. We use your personal data this way to fulfill contractual obligations to you (or take steps at your request before entering into a contract).
8.3. Improving our Services. We use your personal data to make our Services better, including troubleshooting, data analysis, testing, research, statistical and survey purposes. We use your personal data this way for our legitimate interest in improving our Services.
8.4. Improving our marketing. We use your personal data to measure and understand the effectiveness of our marketing efforts, deliver relevant marketing to you and make relevant suggestions and recommendations to you. We use your personal data this way for our legitimate interests in promoting our business and Services.
8.5. Complying with legal obligations. We also use your personal data to comply with legal obligations like mandatory reporting and record retention, ensuring confidentiality of commercially sensitive information and responding to any requests from regulatory or legal authorities.
9. Marketing and promotional communications. We have a legitimate interest in processing your personal information for promotional purposes, which means we don’t usually need your consent to send you these types of communications. However, we’ll only send you updates about Services you have used or that we think you might be interested in, including exclusive offers, promotions or new Services. We won’t subscribe you to our mailing list without your explicit consent. You can ask us to stop sending you marketing messages at any time by the following opt-out links or by contacting us.
10. Who we share your data with
10.1. We routinely share personal information with the third parties noted above, which we use to help run our business and deliver our Services. We only allow these service providers to handle your personal data if we’re satisfied they take appropriate measures to protect your personal data.
10.2. We may also disclose your data to our clients that have run UGC competitions and to which you have entered. We do not use this data for any other purpose than to allow you to partake and our clients to facilitate such competitions. We only allow clients to handle your personal data if we’re satisfied they take appropriate measures to protect your personal data.
10.3. We may disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations, enforce any of our rights or protect ourselves and others.
10.4. We may also need to share some personal information with other parties, such as potential buyers of some or all of our business or during a restructuring. The recipient will only be permitted to use the data for the purposes we originally collected it for, and they will be bound by confidentiality obligations.
11. How long we keep your data. We keep your personal data for as long as it’s necessary for the purpose(s) we’ve collected it for, as set out in this policy. Different retention periods apply depending on the type of data collected, who it was collected from and how it was collected, explained further below
11.3. Customers, authorised users and other contractual obligations. When you enter into a contract with us or take steps to enter into a contract with us (whether as a customer or otherwise), we keep your personal data for as long as it’s necessary to fulfill our contractual obligations to you. (If you are an authorised user of one of our customers, we keep your personal information for as long as it’s necessary to fulfill our contractual obligations to the customer who authorised your Account.) We may also keep your personal data for as long as it’s necessary to manage and improve our Services and marketing, or to comply with legal or regulatory obligations.
11.4.1. If we received personal data from a Source Platform or Third-Party Platform, we keep your information until either:
188.8.131.52 Your post is removed from the relevant Imprint(s) (either by us or by the relevant customer); or
184.108.40.206. Your post is removed from (or made private on) the relevant Source Platform (either by you or by the relevant Source Platform). Please note that it may take up to 24 hours from when a post is deleted on a Source Platform for that post to be removed from our Platform.
11.4.2. If you would like us to remove one of your posts from an Imprint, please contact us using the contact details below.
12. How we secure your data
12.1. We have appropriate security measures to prevent personal information from being accidentally lost, or used or accessed unlawfully, including the following:
12.1.1. We limit access to your personal information to those who have a genuine business need to access it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
12.1.2. We use industry-standard encryption to protect your data in transit. This is commonly referred to as transport layer security (“TLS”) or secure socket layer (“SSL”) technology
12.1.3. We also have procedures in place to deal with any suspected data security breach. We’ll notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
12.2. Unfortunately, sending personal data via the internet is not completely secure. Although we do our best to protect your personal data, we can’t guarantee the security of data sent to us and you send personal data to us at your own risk.
13. Where your data is stored. To deliver our Services to you, it’s sometimes necessary for us to share your personal information outside the UK and/or the European Economic Area (EEA), such as with service providers located outside the UK/EEA or if you are based outside the UK/EEA. These transfers are subject to special rules under data protection laws. Although non-UK/EEA countries don’t have the same data protection laws as the UK/EEA, We will, however, ensure the transfer complies with data protection laws and that all personal data will be secure. If you’d like more information about what happens to your personal data when it’s transferred outside the UK/EEA, please contact us.
14. Your rights
14.1. Under data protection laws you have the right to:
14.1.1. Be informed: the right to be informed of what personal data we have about you and our purpose for processing it.
14.1.2. Access: the right to be provided with a copy of your personal data.
14.1.3. Rectification: the right to require us to correct any mistakes in your personal data.
14.1.4. Be forgotten: the right to require us to delete your personal data—in certain situations.
14.1.5. Restriction: the right to require us to restrict processing of your personal data—in certain circumstances.
14.1.6. Portability: the right to receive the personal data you provided to us in a structured, commonly used and machine-readable format and/or transmit that data to a third party—in certain situations.
14.1.7. Object: the right to object to your personal data being processed for direct marketing (including profiling) and, in certain circumstances, the right to object to our continued processing of your personal data.
14.1.8. Not to be subject to automated decision-making: the right not to be subject to a decision that has legal effects on you or significantly affects you based solely on automated processing (including profiling).
14.1.9. Complain: the right to complain to a supervisory authority if you think any of your rights have been infringed by us. In the UK, this is the Information Commissioner’s Office (ICO).
14.2. If you would like to exercise any of these rights, please contact us.
15. Cookies (and other similar technologies)
15.2. Cookies we use
15.2.1. Strictly necessary cookies. These cookies are required to save your session and to carry out other activities that are strictly necessary for the operation of the Site. They include, by way of general example, cookies that enable you to log into secure areas of the Site, use a shopping cart, or make use of e-billing services. These cookies are session cookies, which means they’re temporary and will usually expire when you close your browser.
15.2.2. Analytical/performance cookies. These cookies allow us to recognise and count the number of visitors and to see how visitors move around the Site when they’re using it. These cookies help us improve the way the Site works by, for example, ensuring that users are finding what they’re looking for easily.
15.2.3. Functionality cookies. These cookies are used to recognise you when you return to the Site. They enable us to personalise our content for you, greet you by name and remember your preferences.
15.2.4. Targeting cookies. These cookies record your visit to the Site, the pages you visit, and the links you follow. We use this information to make the Site and the advertising displayed on it more relevant to your interests. We also share this information with third parties for the same purpose.
15.2.5. Social media cookies. These cookies work together with social media plug-ins. For example, when we embed photos, video and other content from social media websites, the embedded pages contain cookies from these websites. Similarly, if you choose to share our content on social media, a cookie may be set by the service you have chosen to share content through.
15.2.6. Third-party cookies. Please note that some of the above cookies are placed by third parties and that the Site does not block third-party cookies. The third-party cookies we use include Google Analytics and Cloudflare (to understand how users interact with our Site), Intercom (for live chat, customer support and usage statistics) Facebook Advertising and Facebook Pixel (for advertising purposes) and cookies from our Source Platforms (such as Facebook, Instagram, YouTube, Twitter, Snap and TikTok).
15.3. Consenting to cookies. You will be shown a pop-up message requesting your consent to setting non-essential cookies before any are placed on your device. When you give your consent, a unique token is generated to show that you have consented and you won’t receive the pop-up message again when you return to our Site.
15.4. Disabling cookies
15.4.1. By default, most internet browsers accept cookies, but you can choose to enable or disable some or all cookies via the settings on your internet browser. Most internet browsers also enable you to choose whether you wish to disable all cookies or only third party cookies. For further details, please consult the help menu in your internet browser.
15.4.2. Some of the cookies we use are essential for the Site to operate. If you use your browser settings to block essential cookies, you may not be able to access all or parts of our Site.
15.4.3. You have the right to opt out of social media cookies and third-party cookies. To enforce this right, please contact us.
15.5. Sessions. Sessions are a mechanism that enable a webpage to remember information from a previous webpage. By default, a web page forgets information from a previous webpage—sessions are used to help a website function when it needs to remember certain information from one webpage to the next (for example, to help you fill out forms or make payments). Sessions ordinarily work with cookie files, but they can also work without cookies. Information from sessions is deleted when you close your window or tab. We use sessions in addition to cookies to help our Site function.
15.6. Local storage. Local storage is a mechanism that enables us to store information locally on your device. Like sessions, local storage is used to help a website function when it needs to remember certain information, but local storage is used to continue remembering information after you close your window or tab. We also use local storage to help our Site function.
15.7. Hidden fields. Hidden fields are a mechanism used to store information on a webpage. Users can’t typically see hidden fields or submit information through them. We use hidden fields to help present our Site in the best way for you and your device (for example, to retain information about what language you’re viewing the Site in).
16. Changes to this policy. Any changes we may make to this policy will be posted on this page (and, where appropriate, notified to you by email). Please check back frequently for updates and changes.
17. Contact us. Questions, comments and requests regarding this policy are welcomed. You can contact us by post at our registered address (above) or by email at firstname.lastname@example.org.