- 1. Introduction.
- 2. Collecting and receiving data.
- 3. How we use the information.
- 4. Users rights.
- 5. How we share the information.
- 6. Consent.
- 7. Responsible for data protection.
- 8. Communication with the interested party.
- 9. Security and Security Breach Notification.
- 10. Age limitations.
- 11. Changes in our privacy policies.
- 12. Cookies.
This document resumes our protection policy data according to the guidelines of the General Data Protection Regulations (GDPR). This protection policy applies to website and mobile app of city.live.
city.live is a platform which gives life to cities, putting in your hand all you need to interact with any city easily and quickly. Keep up with everything that is happening around you, it does not matter if you are at home or traveling, with this platform you can know everything about all the cities around the world.
Participate in the city.live community creating and saving your favorite Points of Interest (POIs) in your private collections or sharing them with other users.
If you don't agree with the terms collected in our policy, you must stop accessing to the services, websites or any other function of city.live.
2. Collecting and Receiving data
The data requested and managed by city.live to offer our services and allow registration in the system and access to the platform are:
- a) Name of the users.
- b) Surname of the users.
- c) Email.
- d) Password.
- e) Birthday (Facebook)
- f) Gender (Facebook)
- g) Telephone number.
- h) Profile Photo
If the users use any payment service, the company could collect billing information such as credit card information, bank information or a billing address.
In addition, it is possible that the company collects information from the content:
- a) Created or shared on city.live, as points of interest (PDI) or PDI collections for futures references.
- b) The communications that are made in city.live as comments, suggestions or ideas of the users that we receive.
- c) Any information that you facilitate us, when you contact us to get help.
- d) We can collect information about the user location. You must give us a express consent about those data. If you do not want that city.live collects your location information, does not use it.
- e) There are some information collected automatically: IP address, your browser type, your operating system, the pages you see in city.live, the pages you see immediately before and after accessing and the search terms you enter in city.live.
- f) Information about the people and groups you are connected to.
- g) Any other information that you decide to upload, share with other users or provide us directly through the services.
- h) We may collect other information about you, that is publicly available.
All these data don't include any data which the GDPR named as "Sensitive Personal Data” and are obtained in a legal, fair, and transparent way in accordance with the GDPR.
It will be treated with the aim of improving the services and experiences that city.live offers to its clients and it will be deleted when it is no longer necessary for these purposes.
3. How we use the information
city.live will use detailed information with the following specific and legitimate purposes:
- a) To provide, develop, improve, and monetize the services.
- b) To communicate with the users in relation to their use of the platform.
- c) To improve and promote protection, integrity and safety services.
- d) To identify and repair errors that could happen during the use of the platform.
- e) To develop new tools, products or services which can implement a better experience over time.
- f) Customizing the service for its use.
- g) Monitoring and analysis of trends and uses.
- h) To answer you when you contact us.
- i) To inform you about our policies and conditions.
- j) To send you marketing messages, with express consent from the users.
The treatment of the user’s data can only be used for these purposes once collected, if not it must be deleted. Despite this, intraHouse can store data for longer periods, if personal data are processed for archival purposes in the public interest, for scientific or historical research purposes or for statistical purposes, provided that doing so also protects the rights and freedoms of those concerned.
4. Users rights
In accordance with the General Data Protection Regulations (GDPR), city.live informs you that, as interested party, you have the following rights:
- a)Access to the personal data that are subject to treatment, obtain information about the treatment, and a copy of them if requested.
- b)To correct, complete and / or update your personal data that are being processed, if they are inaccurate or incomplete.
- c)To request the restriction of the treatment of your personal data in case you consider that the personal data treated are inaccurate, illegal, or when you oppose to the treatment.
- d)You also have the right to exercise the portability of your data, which will be provided by using a format structured, commonly used and mechanical reading.
- e)Withdraw the consent given for the purposes described. This right can be exercise whenever you want.
- f)You have the right to request the deletion of your data, "right to be forgotten". The users can delete its account whenever they want. In these cases, the users with whom you shared information while the account was active, can still see the information.
If you wish to exercise any of the rights as a user, you can do so on your own through the user information options collected in your city.live profile or you can also send a written request to our Data Protection Officer (DPO):
Data Protection Officer: Kim André Akerø
5. How we share the information
In this section, we describe in which circumstances city.live can share the collected information:
- a) To provide the requested services.
- b) To perform the tasks for which we have an express consent.
- c) city.live can share information with other users related to your ID, PDI, PDI collection, published content or your profile location with your previous consent.
- d) The default setting is that any Collection that you create may be visible to anyone who uses city.live. You can change this setting, through the "Edit" icon available for the Collection. But keep in mind that if you create a public access link to the Collection, that Collection will be available indefinitely to anyone with the link, even if the Collection is designated as private.
- e) intraHouse may share the information with its corporate affiliates, matrices or subsidiaries.
- f) To comply with the legislation, we may share certain information if we believe it is reasonable to share this information in accordance with the requirements of applicable legislation, regulations and procedures.
- g) To investigate and prevent illegal activities that involve situations of potential threats to the security. That way, we can also prevent fraud and security problems.
- h) If there is a fusion, acquisition, bankruptcy, dissolution, reorganization, sale of some or all of the assets, financing, acquisition of all or part of our company, a transaction or similar procedure, some or all of the information could be shared or transferred, in accordance with confidentiality agreements.
Information you share with third parties.
city.live can integrate links and third-party applications. By clicking on those links or applications, you may be providing information (including personal information) directly to third parties, to us or both. We are not responsible for how those third parties collect or use your information. We recommend that you review the privacy policies and terms of service of those third-party websites to understand how they collect, use and disclose your information.
Users outside of Norway.
The information we collect will be processed and will be subject to the laws of Norway. Norway, may not provide the same level of protection for your personal information as your country of origin and which is available to Norway. Government or its agencies under a legal order made in Norway. By using city.live, you accept such transfer and processing in Norway.
intraHouse understands that an explicit consent has been given when the interested party is fully informed of the planned personal data processing operation, and through a clear and conscious affirmative action, accepts the policies, terms and conditions that this entails.
The interested party may withdraw their consent at any time by request addressed to the DPO or, when appropriate, use a service designed for that purpose. In case of withdrawal of consent, the data will be deleted from the system.
Consent cannot be inferred from failure to respond to a communication. intraHouse may demonstrate that consent was obtained for a specific personal data processing operation.
7. Responsible for data protection
intraHouse, a Norwegian company located in Ålesund, is responsible for managing the data of its users on the city.live platform. The company has named Kim André Akerø as DPO, he will be responsible for carrying out any change related to the activities related to data protection.
intraHouse as responsible for the data of the users and in order to preserve the integrity of their information keeps a record of the treatment activities that includes all the data involved, the purpose of the treatment and the data transfers to third countries or organizations.
Finally, as entity responsible of city.live, we have the power to take the necessary measures to ensure an adequate development of the platform, even excluding users if an inappropriate use or content is detected.
8. Communication with the interested party
If you have any questions about this Privacy Data Policy, about the service provided, or simply if you need help to manage your environment contact us by:
Address: Kirkegata 1a, N-6004 Ålesund
city.live will offer the interested party information about:
- a) The identity and contact details of the person responsible for processing the information.
- b) The purpose behind the processing of personal data in addition to the legal basis for that treatment.
- c) How long that personal data will be stored.
- d) The rights of the interested party to request the following: access or elimination of their personal information, correct errors in their personal data, and review the procedure followed for collection and storage.
- e) The intention to transfer personal data to a country outside the European Union.
Our DPO responds to the requests of the interested parties with a clear and simple language, through a structured format and susceptible to mechanical reading within a period of one month, extendable two more months due to the complexity of the request. If intraHouse can not comply with a request, the interested party will be notified of the reason.
9. Security and Security Breach Notification
intraHouse, in compliance with the General Data Protection Regulations (GDPR), must ensure the security of the data provided by users.
In order to comply with this obligation, the company makes periodic backup copies, pseudonymization, encryption and anonymization of the information collected. Furthermore, the control and recording of storage of user information, media, access to data and system events is periodically audited. intaHouse's employees in charge of data processing receive training on a regular basis to ensure a legal treatment of the information.
All formal requests to access personal data must be supported by the corresponding documentation and any communication must be specifically authorized by the DPO.
The DDP also evaluates, within the IAR, the risk levels of the information assets, in order to establish guidelines for its management according to the GDPR.
Notifications of Security Violations.
In the event of a security breach, intraHouse will notify the Control Authority without undue delay (term not exceeding 72 hours), through the means provided, of the security breaches of personal data of which it is aware.
If during a security breach occurs an illicit use of the data, intraHouse will be committed to remove it.
10. Age Limitations
city.live does not allow the use of its services or platforms by any person under 16 years of age.
11. Changes in our privacy policies
You can download an application form to exercise your access, correction, cancellation, and opposition rights with respect to personal data.