Under the General Data Protection Regulation (EU & U.K.) No. 2016/679 of 27 April 2016, “GDPR” and the Data Protection Act 2018 we are required to provide you with certain information about who we are, how we process your personal data and for what purposes, and your rights in relation to your personal data. This information is provided in this policy and it is important that you read this information.
Automata ICO Limited (we) are committed to protecting your personal data and respecting your privacy.
We have appointed a DPO (Data Protection Officer), who is accessible via email@example.com.
The Company uses “Cookies” in the App. Cookies are small files with text information. Cookies are stored on your mobile device only when you accept the placement of cookies when prompted during your usage of our App.
For more information, please read our cookies policy available on our website.
We will only use your personal data when the GDPR and the law of the member state of the EU to which we are subject, allows us to do so. Most commonly we will use your personal data in the following circumstances:
|Purpose/activity||Type of data||Lawful basis for processing|
|To open and use an AKT account||Identity, Contact, Financial, Device||Necessary for the performance of a contract|
|To process in-App purchases and deliver Services||Identity, Contact, Financial, Transaction, Device, Marketing and Communications, Location||Necessary for the performance of a contract|
|To manage our relationship with you||Identity, Contact, Financial, Profile, Marketing and Communications||Necessary for the performance of a contract|
|To administer and protect our business and the App||Identity, Contact, Device||Necessary for our legitimate interests|
|Marketing (for customers who subscribe):||Identity, Contact, Device, Content, Profile, Usage, Marketing and Communications, Location||Necessary for our legitimate interests|
|Marketing (for non-customers):||Identity, Contact||Your consent|
|To improve the App||Identity, Contact, Device, Content, Profile, Usage, Location||Necessary for our legitimate interests|
|To faster the "Contact add" process from your phone directory||Identity, Contact, Your Contact(s)||Consent|
|To ensure compliance with applicable regulatory and legal requirements||Communication Data, Identity, Contact, Financial, Transaction, Usage||Necessary for our legitimate interests|
Where processing of personal data is carried out on behalf of the Company, we conclude a separate contract with the processor with respect to such processing. This contract is a commitment to compliance with GDPR and provides sufficient contractual guarantees for the implementation of appropriate technical and organizational measures, which ensure the protection of your rights.
In terms of the transmission of personal data to recipients outside of our group of companies, we only transmit data to third parties when this is required by law or necessary for the performance of the contract or where you have consented to the transmission. Under these conditions such third party recipients of personal data may be:
We authorize such service providers to use or disclose the personal data only to perform services on our behalf or comply with legal requirements. We require such service providers to contractually commit to protect the security and confidentiality of personal data they process on our behalf. Our service providers acting as processors are based predominantly in the EU.
Some of our external third parties are based outside the EEA so their processing of your personal data will involve a transfer of data outside the EEA.
Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring the following safeguard is implemented; where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe. For further details, see European Commission: Standard contractual clauses for data transfers between EU and non-EU countries.
Please contact us if you want further information on the mechanism used by us when transferring your personal data out of the EEA.
We recognize the importance of protecting and managing your personal data. Any personal data we process will be treated with the utmost care and security. This section sets out some of the security measures we have in place.
We use a variety of physical and technical measures to keep your personal data safe and prevent unauthorized access to or use or disclosure of it:
As no system can be deemed 100% secure, we cannot guarantee the security of any personal data you provide us.
Any payment transactions carried out by us or our chosen third-party provider of payment processing services will be encrypted using Secure Sockets Layer (SSL) or Transport Layer Security (TLS) technology. Where we have given you (or where you have chosen) a password that enables you to access certain parts of our Website or App, you are responsible for keeping this password confidential.
We ask you not to share any personal information or password with anyone.
By law we must keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for ten years after they cease being customers for tax purposes.
In some circumstances you can ask us to delete your data: seeYour legal rights below for further information.
In some circumstances we will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
Under certain circumstances you have the following rights under data protection laws in relation to your personal data.
Please address all other requests in written form to:
3rd Floor Ormond Building,
31-36 Ormond Quay Upper,
Dublin 7, D07 Ee37, Ireland.
Or by Email: firstname.lastname@example.org
Please do not address your requests through a third-party platform which requires us to get back to you through that same means, since we are not able to clearly identify you as our customer in such cases. Instead, please resort to the methods of contact to exercise your rights as set out in this policy
Consent means processing your personal data where you have signified your agreement by a statement or clear opt-in to processing for a specific purpose. Consent will only be valid if it is a freely given, specific, informed and unambiguous indication of what you want. You can withdraw your consent at any time by contacting us.
Legitimate Interest means the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.
Performance of Contract means processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.
Comply with a legal obligation means processing your personal data where it is necessary for compliance with a legal obligation that we are subject to.