プライバシーポリシー
Last updated: February 19, 2025
This Privacy Policy is issued by SIA Holge, a Latvian company with its registered address at LV-1050 Latvia, Rīga, Jauniela 14 - 6 (“Provider,” “we,” “us,” or “our”). It outlines how we collect, use, and protect personal information when you use our websites, affiliated websites, applications, and other digital services referred to this Privacy Policy (collectively referred to as “Service”).
This Privacy Policy does not govern information collected offline or through third-party websites or services accessible via the Services.
We may update this Privacy Policy periodically to reflect changes in our practices or for other operational, legal, or regulatory reasons. We encourage you to review the policy regularly. We reserve the right to modify this Privacy Policy at any time. If changes are required under applicable laws, we will provide written notice where necessary.
1. Definitions
“Controller“, “processor“, “data subject“, “personal data“, “processing” (and “process“), “personal data breach” and “special categories of personal data” shall all have the meanings given to them in EU Data Protection Law.
“GDPR” means the EU General Data Protection Regulation (Regulation 2016/679).
The terms "personal data", "controller", "data subject", "processor" and "processing" shall have the meaning given to them in the GDPR.
The terms “sell,” “sale,” “share”, and “sharing” shall have the meanings given to them in the California Consumers Protection Act (“CCPA”).
2. Our role
This Privacy Policy explains our role as a Data Controller of your personal data when you are using our Services. SIA Holge, a Latvian company with its registered address at LV-1050 Latvia, Rīga, Jauniela 14 - 6 shall be considered a controller of your personal data.
3. Data which we collect
We may collect following personal data in our role of controller:
| Category | Data Collected |
|---|---|
| Account Creation Data | First name, last name, email, profile type, activity sector, company name, interaction data. |
| Contact Details | Name, email address, mailing address, telephone number, job title. |
| Account Credentials | Email or username, password. |
| Profile Information | Location (city and country), interests, profile picture, organization, title/position, age, groups joined, interactions with others on the Platform. |
| Support Data | Chat content, authentication data, information related to troubleshooting or support queries (e.g., relevant product or service). |
| Payment Information | Financial data necessary for processing payments through services or payment processors. |
For the avoidance of doubts, we do not collect or process any special categories of personal data as defined under Article 9 of the GDPR. This includes data related to race or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data for identification, health information, or data concerning a person’s sex life or sexual orientation.
4. Purpose and Legal Basis
Provider processes personal data to provide and enhance the Services, in compliance with legal requirements and as described in this Privacy Policy. This includes:
| Purpose of Processing | Legal Basis |
|---|---|
| Service Delivery: Using personal data to provide Services, manage accounts, respond to inquiries, and enable features such as notifications, publishing content, and joining groups. | Contract Performance: Processing is necessary to perform contractual obligations, such as account creation and service delivery. (Article 6(1)(b) GDPR: Performance of a contract) |
| Internal Operations: Diagnosing issues, improving Services, and optimizing the Platform to meet User needs. | Legitimate Interests: Enhancing services, troubleshooting, and improving Service efficiency to meet user expectations. (Article 6(1)(f) GDPR: Legitimate interests) |
| Advertising and Statistical Analysis: Offering targeted advertising and compiling anonymized statistical data to understand trends and improve services. Aggregated data does not identify specific Users and may be shared with partners without restriction. | Consent: For targeted advertising and user analytics requiring explicit agreement. (Article 6(1)(a) GDPR: Consent) |
| Legal Compliance: Disclosing personal data where required by law, regulation, subpoena, or court order. | Legal Obligation: Processing is necessary to comply with legal obligations, such as regulatory requirements or law enforcement requests. (Article 6(1)(c) GDPR: Compliance with legal obligations) |
| Communication: Interacting with Users about accounts, service updates, support requests, and providing notifications (e.g., push notifications, system alerts). | Contract Performance: Necessary to fulfill the service contract and provide timely communication to the User. (Article 6(1)(b) GDPR: Performance of a contract) |
| Payment Processing: Billing and collecting fees securely using third-party payment processors. | Contract Performance: Required to complete financial transactions securely and accurately. (Article 6(1)(b) GDPR: Performance of a contract) |
| Prevention of Abuse: Monitoring content and activity to safeguard against misuse and ensure compliance with Terms and Conditions. | Legitimate Interests: Protecting Service integrity and ensuring compliance with applicable rules and terms. (Article 6(1)(f) GDPR: Legitimate interests) |
| Customization and Personalization: Tailoring the user experience, including content recommendations and feature optimization based on user activity. | Legitimate Interests: Improving user engagement and satisfaction through a personalized experience. (Article 6(1)(f) GDPR: Legitimate interests) |
| Analytics and Marketing: Conducting data analytics and serving marketing materials in accordance with user preferences. | Consent: Explicit user permission is required for serving marketing materials and conducting specific analytics. (Article 6(1)(a): Consent) |
| Promotions: Enabling participation in optional sweepstakes, contests, and other promotions with additional rules as applicable. | Consent: Explicit permission is required to participate in contests or promotions. (Article 6(1)(a): Consent) |
5. User Rights Under GDPR
Under the General Data Protection Regulation and UK GDPR 2018, you have the following rights regarding your personal data:
| Type of the right | Description |
|---|---|
| Right of Access - Article 15 GDPR | You have the right to obtain confirmation as to whether we process your personal data and access the data we hold about you. |
| Right to Rectification - Article 16 GDPR | You can request the correction of inaccurate or incomplete personal data we hold about you. |
| Right to Erasure (‘Right to Be Forgotten’) - Article 17 GDPR | You can request the deletion of your personal data under certain conditions, such as if the data is no longer needed for its original purpose or if you withdraw consent. |
| Right to Restrict Processing - Article 18 GDPR | You can request that we restrict processing your data in specific circumstances, such as contesting its accuracy or objecting to its use. |
| Right to Object - Article 21 GDPR | You may object to the processing of your personal data for reasons related to your situation or for direct marketing purposes. |
| Right to Data Portability - Article 20 GDPR | You have the right to receive your personal data in a structured, commonly used, and machine-readable format and transmit it to another controller without hindrance. |
| Right to Lodge a Complaint - Article 77 GDPR | You may lodge a complaint with a supervisory authority in your EU member state if you believe your data rights have been violated. |
6. User Rights under US privacy laws
Under U.S. privacy laws, such as the California Consumer Privacy Act (CCPA), Colorado Privacy Act (CPA), and Virginia Consumer Data Protection Act (CDPA), you have the following rights:
| Type of the right | Description |
|---|---|
| Right to Access | You can request information about the categories and specific pieces of personal data collected, the purposes for which it was collected, and the categories of third parties with whom it was shared in the last 12 months. |
| Right to Deletion | You can request deletion of personal data collected, except where exemptions apply, such as legal compliance or ongoing business purposes. |
| Right to Correct | You can request correction of inaccurate personal data. |
| Right to Opt-Out | You can opt out of the "sale" or "sharing" of personal data, even if no monetary compensation is exchanged, where such activity is considered a "sale" under the law. |
| Right to Non-Discrimination | You can request information to ensure you are not denied services, charged different prices, or offered lower quality services for exercising your privacy rights. |
| Right to Data Portability | You can request personal data in a portable, machine-readable format for ease of transfer to another organization. |
7. Do not sell or share
Under the California Privacy Rights Act (CPRA), we confirm that we do not “sell“ or “share“ your personal data as those terms are defined in the CPRA. Specifically:
- Do Not Sell: We do not exchange your personal data for monetary or other valuable consideration with third parties.
- Do Not Share: We do not share your personal data for cross-context behavioral advertising purposes.
However, we may disclose certain personal data to service providers or contractors to perform business functions on our behalf, which is not considered a "sale" or "sharing" under the CPRA.
8. Exercising your privacy rights
To exercise any of these rights specified in Sections 5 and 6 of this Privacy Policy, contact us through:
Email: Send your request to info@interacty.me
We reserve our right to verify your identity to ensure the security of your personal data. Responses will typically be provided within 30 days for EU and UK based requests, and within 45 days for US based requests.
You may designate an authorized agent to submit requests on your behalf. Proof of authorization and identity verification will be required. Please note that we may demand Power of Attorney as a proof of such authority.
We reserve our right to request extension of time (for additional 30 days for EU and UK based requests and for additional 45 days term for US based requests) in case of excessive or repetitive requests, as well as charging additional fee for execution of such requests.
9. サービス・メール・コミュニケーション
We may send you email or other messages about us or our products and services.
We will collect your explicit consent via clear opt-in mechanisms, such as checkboxes, consent banners, or other affirmative actions. Consent for specific purposes (e.g., data sharing or cookies) will be obtained prior to processing. You may withdraw your consent at any time by adjusting your account settings or contacting us at info@interacty.me
10. Data Retention and Anonymization
We retain personal data only as long as necessary to fulfill the purposes outlined in this Privacy Policy, comply with legal obligations, or resolve disputes. Once the data is no longer required for these purposes, it is securely deleted or anonymized. Anonymized and aggregated data may be used for statistical purposes to enhance our Platform and improve services. This data does not identify individual users and may be shared without restriction.
11. Data Protection and Security Measures
We implement commercially reasonable technical, administrative, and organizational measures to protect personal data from unauthorized access, loss, misuse, or alteration. These measures include HTTPS protocols, encryption via SSL/TLS, daily data backups, and regular infrastructure updates. Our Service operates on secure servers hosted by AWS, which undergoes regular stress and penetration testing. Access to systems is secured with unique credentials, and customizable permissions. Internally, all employees and contractors are bound by confidentiality agreements and receive regular training on data protection. Access to personal data is restricted to authorized personnel within their specific scope of responsibility. Logs of data access, changes, or deletions are maintained for up to 30 days. We conduct regular internal audits to minimize processing and ensure security measures remain effective.
12. Engagement with Processors and Third Parties
We may transfer limited amounts of personal data to verified third-party service providers who assist with hosting, maintenance, payment processing, analysis, marketing, and other business operations. These processors act under our written agreements, which include commitments to GDPR compliance, security, and confidentiality. Processors are permitted to process personal data solely as instructed by us and must notify us promptly of any data breaches. If personal data is transferred outside the European Economic Area (EEA), we ensure adequate protection is in place, such as the use of European Commission-approved standard contractual clauses.
13. Minors and personal data
Our Services are intended for individuals aged 16 or older. In our controller role, we do not knowingly process the personal data of children or minors under this age limit. If we become aware that such data has been collected without parental or legal consent, we will promptly delete it. However, this does not apply to cases when we act as a data processor in accordance with our Terms of Service.
14. Data Minimization
We process only the minimum amount of personal data necessary to provide our Services or operate our websites. Basic identification and contact details may be required for access. Users who do not wish to provide such information are advised not to use our Services.
15. Cross-Border Data Transfers
Where required, personal data may be transferred to entities outside the EEA. These transfers occur only where adequate protection is ensured through legally binding agreements, including standard contractual clauses.
16. Commitment to User Security
Despite robust measures, no method of data transmission or storage is 100% secure. We advise users to exercise caution when deciding which personal data to share. Our efforts to maintain high security standards include regular updates to our infrastructure and application security protocols, daily backups, and strong transfer controls to safeguard data during storage and transfer.
If you have questions or require further information about our data practices, please contact us at support@interacty.me.
