2.2. We are also registered with the Information Commissioner under registration number: ZA219393.
2.3. You may contact us at: email@example.com
3.1. Amazon Web Services (AWS). AWS is an appointed Data Processor by Oval. AWS provides the processing service of the Data collected through the use of the App. The processing of Data is carried out in respect of AWS Security Standards at all times. If personal data is transferred outside of the EEA, we always require that appropriate safeguards are in place to protect the information when it is processed.
3.2. Additionally, the Data may be accessible to certain types of persons in charge, involved with the operation of the App (administration, sales, marketing, legal, system administration) or external parties (such as third party technical service providers, mail carriers, hosting providers, IT companies, communications agencies). Apple HealthKit data and Google Fit data will not be used for any marketing purposes. The updated list of these parties may be requested from the Data Controller at any time.
4.1. Oval collects, by itself or through third parties, Personal Data which includes: Full Name; Email; Mobile Phone number; Date of Birth; Country of Residence and Address; Nationality; Bank Account; copies of Personal Identification Documents (such as your Passport, ID, Driver License). The primary purposes in collecting the information is to provide and improve our Service, to administer your use of the Service, and to enable you to enjoy it.
4.3 Failure to provide Personal Data may make it impossible for the App to provide its Service.
5.1. When you use our App we may receive or collect your IP address, URL, Browser information, operating system and platform as well as your login information. We may collect and store information about your location by converting your IP address into a rough geolocation or by accessing your mobile device’s GPS coordinates or coarse location if you enable location services on your device. This information may be used to improve and personalise our service. In cases where, in order to provide our service, personal data is to be collected from third parties who can be considered as autonomous data controllers, such as, for instance, likes on Facebook, Instagram or Twitter put by the Users, we guarantee to process this data exclusively for the fulfilment of contractual obligations related to our service.
6.1. The Service requires the processing in read only mode of your bank account details and financial data such as your transaction history and balance. To ensure the maximum level of protection of your Data, Oval collaborates with the following service providers that store and process User’s Data:
6.2. Salt Edge Inc. is an account aggregation service that allows the User to store its credit card and bank accounts’ credentials. Oval has signed up for the Bank Integration Program offered by Salt Edge Inc. and to get the most out of the App you may link your bank account(s) to the App by using Salt Edge’s platform service. Salt Edge will allow you to connect with your bank account(s) using your online login credentials and will store them through a bank-level security system. Oval will never store User’s personal online login credentials and will receive from Salt Edge only the information required to provide the service.
The Data we collect from Users are also used for the following purposes:
8.1. Security Measures
8.1.1 Oval processes Users’ Personal Data in a proper manner and shall adopt appropriate security measures to prevent unauthorised access, disclosure, modification, or unauthorised destruction of the Data. Even where all precautions are adopted we cannot guarantee complete security in all events.
8.1.2. The Data processing is carried out using computers and/or IT enabled tools, following organisational procedures and modes strictly related to the purposes indicated.
8.2. Place of processing
8.2.1. The Data is processed at the Data Controller's operating offices and where the Data Processor’s operating offices or other parties involved with the processing are located. If we or our service providers transfer personal data outside of the EEA, we always require that appropriate safeguards are in place to protect the information when it is processed.
8.3. Retention time
8.3.2 The User may always request that the Data Controller suspend or remove the Data.
9.1. The User consents to the transfer of the collected Data through the Service in the event of rearrangement, merger, sale, joint venture, transfer or any other arrangement method of the whole or part of the Company, of its goods and shares, according to the purpose and the limits of this document.
10.1. Your Personal Data may be used for legal purposes by the Data Controller, in Court or in the stages leading to possible legal action arising from improper use of this App or related services.
10.2. You acknowledge to be aware that the Data Controller may be required to reveal personal data upon request of public authorities.
You have the right, at any time, to:
11.1. Know whether your Personal Data has been stored and may consult the Data Controller to learn about their contents and origin (right of access);
11.2. Verify your Personal Data accuracy or ask for them to be supplemented, updated or corrected (right to rectification);
11.3. Request the erasure of your Personal Data or their transformation into anonymous format (right to erasure);
11.4. Request the restriction of processing of your Personal Data for any and all legitimate reasons (right to restriction of processing);
11.5. Receive your Personal Data in a structured, commonly used and machine-readable format and to transmit those data to another controller (right to data portability);
11.6. Withdraw the consent to the processing of your Personal Data at any time, without prejudice to the lawfulness of the processing based on consent before its withdrawal;
11.7. Object to the direct marketing activities carried out by Oval Money, including any segmentation for marketing purposes.
Requests should be sent to the Data Controller at: firstname.lastname@example.org
Any information regarding a natural person, which is, or may be, identified or identifiable, even indirectly, by reference to any other information, including a personal identification number.
Information collected automatically from this App (or Third Party services employed in this App), which may include: IP addresses or domain names of the computers used by the Users, URI addresses (Uniform Resource Identifier), time of the request, method of request submission to the server, size of the file received in response, numerical code indicating the status of the server's answer (successful outcome, error, etc.), Country of origin, features of the browser and the operating system utilised by the User, various time details per visit (e.g., time spent on each page within the App) and details about the process followed within the App, specifically the visited pages sequence and other parameters about the device operating system and/or the User's IT environment.
The natural person, legal person, public administration or any other body, association or organisation, also jointly with another Data Controller, having the right to make decisions regarding the purposes and the methods of processing of Personal Data and the means used, including the security measures concerning the operation and use of this App. The Data Controller, unless otherwise specified, is the Owner of this App.
The individual using this App, which must coincide with or be authorised by the Data Subject, to whom the Personal Data refers.