Privacy policy Brain Challenges

I. GENERAL PROVISIONS

1. This policy (after this: „Policy”) sets out the rules for the protection and processing of personal data in the Brain Challenges application (after this: „Application”), whose administrator is PredictWatch Sp. z o. o. with its registered office at Upalna 1A lok. 76, 15-668 Białystok (hereinafter: „Administrator”). 

2. The Application Administrator is the administrator of the personal data of Application users (after this: „Users”). 

3. The user logs in to the application by entering an individually assigned code or using an e-mail address / Gmail / Facebook account

4. Individual data collected by the Application serves the following purposes: 

a. The data used to register in the Mobile Application, recover the account, and remind the password are: e-mail address. 

b. Data for communication with the User following the Application Regulations: REGULATIONS OF THE APPLICATION Brain Challenges.docx 

5. The Administrator does not verify the accuracy of the personal data provided by the User. If the User provided data of third parties during registration or use of the Application, causing damage, the Administrator will be entitled to demand appropriate compensation from the User. If such actions are prohibited, the Administrator may provide information about the User to the relevant public authorities. 

6. The application is intended for persons over 18 years of age. The Application does not process the data of persons at a younger age. 

7. CODE in the app. In the login process, the CODE is used to log in users participating in the study. The PredictWatch research team provides it. For people who do not take part in the application creator’s study, they give the option of logging in without using a code. Using the CODE during the login process allows the user to use the application without providing any personal data. 

8. For people who do not have a CODE for testing, providing personal data by Users is voluntary. However, providing the data necessary to register an account on the Website is required to conclude a contract with the Administrator and use the Website and the Mobile Application. 

9. Technical and organizational measures protect Users’ personal data to guarantee an appropriate level of protection following applicable regulations. 

10. Marketing consents Setting up an account in the application is tantamount to agreeing to the following content[i] „I consent to the processing of my personal data by Predictwatch sp z o.o. for marketing purposes, by sending commercial information by electronic means to the e-mail address provided.” 

II. LEGAL BASIS FOR PROCESSING PERSONAL DATA 

11. The Administrator processes Users’ personal data as part of the performance of the contract for the provision of electronic services, which the User concludes with the Administrator by registering an account in the Mobile Application. The legal basis for data processing is Art. 6 sec. 1 lit. B of the General Data Protection Regulation No. 2016/679 of April 27, 2016 (after this: „GDPR”). 

12. The User’s data is also processed as part of the Administrator’s legitimate interest, which consists in preparing anonymous statistics based on the User’s data and identifying errors in the operation of the Mobile Application – to ensure their proper function and improve their functionality (legal basis: Article 6 para. 1 letter f) GDPR.) 

13. The Mobile Application may also enable the submission of additional consents to process personal data by the Administrator or other entities. In this case, the legal basis for processing will be the consent given (legal basis: Article 6(1)(A) of the GDPR).

III. RECIPIENTS OF PERSONAL DATA

14. Unless this Policy or the Application Regulations provide otherwise, the Administrator does not share User data with other entities. 

15. The Administrator may only share statistical data collected in the Mobile Application with its partners anonymously. 

16. Profiles, statistics, and analyses concerning specific Users are made available only to those Users or entities to which the User has given explicit consent. 

17. Google LLC processes the data based on the decision of the European Commission on July 12, 2016, on the adequacy of protection provided by the EU-US Privacy Shield (Google LLC declared the application of the requirements resulting from the Privacy Shield). In addition, Google LLC reported using the so-called „standard contractual clauses” available at: https://cloud.google.com/terms/eu-model-contract-clause. The data is processed by Google LLC (based in the USA, 1600 Amphitheater Parkway, Mountain View, California 94043 USA ) in the scope of the provision of Google Cloud Service by this entity – storage of data in the computing cloud at the request of the Administrator, also outside the EU). 

IV. DATA PROCESSING PERIOD 

18. Unless this Policy or the Application Regulations expressly provide otherwise, Users’ personal data is processed only for the duration of the agreement between the User and the Administrator (i.e., from the moment of registration in the Application until the moment of deleting the account in the Application). The processing time of individual personal data may be shorter – in the event of the expiration of the cookie collecting the User’s data or in the event of data deletion or self-modification of the settings in the Mobile Application by the User. 

19. Uninstalling the Mobile Application from the device does not delete the User’s account. Uninstalling the Application or logging out of the Mobile Application causes further User data is not collected through the Mobile Application. 

20. Deleting an account in the Application results in the removal or irretrievable anonymization of all User data in the Mobile Application. 

21. The Administrator may terminate the agreement with the User – delete the User’s account and personal data in the cases indicated in the Application Regulations. If the Administrator needs to modify or delete the User’s data based on this Policy, the Application Regulations, or the law, the Administrator will inform the User about this fact in the form of an e-mail message provided when registering an account in the Application. 

22. The User’s personal data may be processed longer than it results from the preceding points if it is necessary due to a complaint or claim made by the User (until the case is resolved), due to an obligation under the law or an order issued by the court, the police or other authorized entities. 

V. USER’S RIGHTS  

23. Each User has the right to: 

a. obtain information on the processing of his personal data, including the categories of processed personal data and possible recipients of the data, 

b. request correction of incorrect personal data or completion of incomplete personal data, 

c. requests to delete or limit the processing of personal data – the demand will be met if the legal requirements for such a request are met, 

d. submit an objection – in the case of data processing based on the Administrator’s legitimate interest (Article 6(1)(f) of the GDPR), 

e. withdrawal of consent to the processing of personal data (if the processing is based on the User’s consent) – this does not affect the lawfulness of the processing that took place before the consent was withdrawn, 

f. transfer of personal data – by receiving data from the Administrator in a format that allows them to be transferred to a selected third party, 

g. submit a complaint to the supervisory body President of the Office for Personal Data Protection, ul. Stawki 2, 00 – 193 Warszawa – if it is found that personal data is processed unlawfully. 

24. If the exercise of the rights set out in point 1 does not ensure the functionality of the Application, this Policy, or the Application Regulations, the User may submit an application, question, or request related to the processing of his personal data by sending a message to the email address: support@cannabe.app or correspondence address ul. Upalna 1a/76, 15-668 Bialystok 

VI. FINAL PROVISIONS

25. The Administrator reserves the right to change the content of this Policy in the event of a change in the functioning of the Application affecting the scope and manner of processing the User’s personal data, as well as in the event of a change in the law or receipt of a decision or judgment that will force such a change.