Showoff Privacy Policy

Date of publication: February 12, 2024

Tbilisi, Georgia

This Privacy Policy (hereinafter - the Policy) defines the policy regarding the processing of personal data and provides information about the requirements for the protection of personal data implemented by the Data controller. This Policy explains how we collect, use, disclose, and safeguard your information when you visit our Service. Please read this Privacy Policy carefully. 

IF YOU DO NOT AGREE WITH THE TERMS OF THIS PRIVACY POLICY, PLEASE DO NOT ACCESS THE SERVICE.

In case changes are made to the Policy, we shall notify you and post the new version of the Policy in the Service not later than 10 days before such changes become effective. 

1. TERMS AND DEFINITIONS

1. Service – «Showoff» software, located on the Internet https://www.showoff.app/.‍
2. Data controller (WE)  – CS Development LLC, Identification number 405519808, Georgia, Tbilisi, Vake district, I. Chavchavadze Ave., N 37, building. 3a, apartment N54, support@showoff.app‍
3. Data subject (User / YOU)  – a natural person using the Application or interacting with the Data controller or third parties through its personal data.‍
4. Personal data – any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.‍
5. Processing of personal data – any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.‍
6. Cookies – Data fragment in the HTTP-request which is designed to be stored on the device of the User and used by the Data controller for user authentication, storage of personal preferences and user settings, tracking the status of the access session, keeping statistics about the Users.

Terms not specified in this Policy shall be interpreted in accordance with the provisions of the Terms of Use, the applicable law, by analogy and in accordance with customary practices.

1. GENERAL PROVISIONS
   1. The Policy regulates the processing of personal data when we interact with the User in connection with the use of the Service.
   2. The Policy has been developed in accordance with the requirements provided by:
      1. 2.2.1.the applicable law relating to personal data protection;
      2. 2.2.2.agreements concluded between the Data controller and the Users;
      3. other regulatory documents, taking into account applicable requirements in the field of protection of personal data.
   3. The current version of the Policy is a public document and available to any User in the Service. We have the right to modify the Policy. In case changes are made to the Policy, we shall notify you and post the new version of the Policy in the Service not later than 10 days before such changes become effective. 
   4. We process the personal data in according to the following principles:
      1. lawful purposes and methods of personal data processing;
      2. good faith;
      3. the purposes of personal data processing meet the purposes determined in advance and declared at the time of personal data collection as well as to the Data controller’s powers;
      4. the scope and nature of the personal data being processed and the methods of personal data processing meet the purposes of personal data processing;
      5. it is unacceptable to unify personal data bases created for incompatible purposes.

Rights and obligations of the Data controller

1. The Data controller ensures the recording, systematization, accumulation, storage, clarification (updating, modification), extraction of personal data of the User according to the applicable law.
2. The Data controller transfers personal data only to those third parties specified in the consent.
3. The Data controller has the right to transfer personal data to the bodies of inquiry and investigation, other authorized bodies on the grounds provided for by applicable law.

Rights and obligations of the User

1. The User has the right at any time to withdraw consent to the processing of personal data, to request changes and clarifications of personal data from the Data controller.
2. The User has the right to access his personal data, as well as to receive information related to the processing of his personal data. Such information is provided at the request of the User in accordance with the procedure adopted by the Data controller.
3. The User has the right to demand the destruction of incomplete, outdated, inaccurate, illegally obtained and excessively processed personal data.
4. The User has the right to appeal against the actions and omissions of the Data controller, if such considers that the Data controller violates his rights or processes personal data in an illegal way.
5. The User has the right to get acquainted with information related to personal data processed by the Data controller. 
6. The User has the right to independently make changes and clarifications to their personal data, delete personal data provided by the User when using the Service. 

1. PURPOSES FOR DATA PROCESSING
   1. Data controller is not entitled to process the User's Personal data without sufficient legal grounds. Data controller can only process Personal data if:

• it is necessary for the performance of agreements between the User and Data controller;
• it is required by applicable law or necessary to comply with statutory obligations;
• it is necessary to ensure the legitimate interests of the Data controller in case if such data processing does not significantly affect the interests of the User and his/her fundamental rights and freedoms.  

1. Personal data of Users shall be processed for the following purposes:
   1. Use of the Service in compliance with the Terms of use of the Data controller, namely:

• Identification of the User and ensuring his access to the Service; 
• Ensuring high-quality and stable operation of the Service; 
• Receiving feedback on the performance of Service from Users and providing Users with the most appropriate content in accordance with their requests and interests; 
• Improving the experience of Users when using Service, including improving the performance, interface and algorithms of Service, sending reminders and notifications.

1. Ensuring the interaction of the Users within using the Service.
2. Receiving by Users advertising and marketing information from the Data Controller:

We use the information we have to improve our advertising and measurement systems so we can show you relevant ads in our Service and measure the effectiveness and reach of ads and services. We also use Cookies to help us show ads and to make recommendations for businesses and other organisations to people who may be interested in the products, services or causes they promote.

1. Promoting safety and security:

We use the information we have to help verify accounts and activity, and to promote safety and security on and off of our Services, such as by investigating suspicious activity or violations of our terms or policies. We also use cookies to help us keep your account, data and the Service safe and secure.

1. Carrying out measures to resolve statements, claims, communications from Users on issues of quality of service, provision of Service:

We use Your data to provide customer and technical support, solve problems and improve responses to requests from you and other Users. This helps to ensure that we provide high quality support.

1. Conducting research and statistical accounting, studying consumer demand and behavioral patterns:

We collect your data for use in research, analytics and performance monitoring related to Service. This includes analyzing user patterns, traffic, and demographic data to understand usage trends and improve the application. We utilize Google Analytics, a web analytics tool that helps us understand how users interact with the Service. Google Analytics uses its own cookies to track user interactions, as in our case where they are used to collect information about how users use our Service. This information is used to compile reports and to improve our Service. The reports reveal website trends without identifying individual visitors. For more information about opting out of Google Analytics tracking on all websites you use, please visit this Google page: https://tools.google.com/dlpage/. You may opt out of receiving personalized advertising from advertisers and ad networks that are members of the Network Advertising Initiative ("NAI") or comply with the DAA Self-Regulatory Principles for Online Behavioral Advertising by using the appropriate opt-out tools. The NAI opt-out tool can be found here http://www.networkadvertising.org/choices/ and the DAA opt-out tool can be found here http://www.aboutads.info/choices/.

1. The Personal data may be used for other purposes if it is mandatory in accordance with the provisions of the applicable law in conjunction with General Data Protection Regulation (GDPR).
2. Processing of personal data is limited by specific, predetermined, and legitimate purposes. Processing of personal data incompatible with the purposes of personal data collection shall not be permitted.

1. INFORMATION ABOUT USERS
   1. Depending on which services of the Service You use, we collect different kinds of information from or about You:
      1. Data necessary for the individualization of Your Account, including, but not limited to collected from other services/accounts:

• nickname, surname, first name, middle name (if applicable);
• e-mail address;
• telephone number;
• company name;
• date of birth;
• gender, age.

1. Data used by the User within Service such as image of the User, data consisting of any physiological attributes of the User such us height, weight, etc.
2. Data on the activity of the User within Service and other services such as demographic and interest data on User’s actions while using Service or other services, conduct statistics, visits, etc. 
3. Geolocation information, device locations, including specific geographic locations, such as through GPS, Bluetooth, or WiFi signals.
4. Electronic data: 

• HTTP headers, IP address, Cookies, web beacons/pixel tags, browser ID data, hardware and software information, wi-fi network data; 
• date and time of accessing the Service;
• device settings, file and software names and types, battery and signal strength, and device identifiers, 
• Connection information such as the name of mobile operator or ISP, browser type, language and time zone, MAC address, device ID, IMEI, MEID.

1. We process data for as long as it is necessary to provide products and services to you and others, including those described above. Information associated with your Account will be kept until it is deleted, unless we no longer need the data to provide products and services.
2. The Data controller, without the written consent of the User, does not process the Personal data of the User of Personal data classified by law as special categories of personal data (related to race, nationality, political views, religious or philosophical beliefs, health status, intimate life) and biometric personal data (which characterize physiological and biological characteristics of a person, on the basis of which his identity can be established and which are used to identify the Data Subject). If the written consent of the User is necessary, such consent is provided by the User when collecting Personal data by the Data controller to an authorized person of the Data controller personally or through his representative by proxy or by law (for minors), with verification of the relevant powers. 
3. The Data controller does not verify the Personal data provided by the User. At the same time, Data controller works under the premise that the User provides reliable and sufficient information. 

1. INFORMATION ON SECURITY MEASURES
   1. We take necessary legal, organizational and technical measures and ensure their adoption to protect your personal data from unauthorized or accidental access, destruction, modification, blocking, copying, provision, distribution of personal data as well as from other unlawful actions in relation to personal data, which are in particular (but not limited to):
      1. Designation of a person responsible for the processing of personal data;
      2. Limited list of employees, having access to personal data;
      3. Software identification of Users and recording their actions;
      4. Implementation of anti-virus control and other protection measures against malicious software impacts;
      5. Use of information backup and recovery tools;
      6. Regular updating of software used in processing of personal data to ensure security of processed data;
      7. Implementation of encryption during transmission of personal data on the Internet;
      8. Adoption of measures related to admission of only appropriate persons in places where technical means are installed;
      9. Application of technical means for protection of premises, where technical means of personal data information systems and places of storage of tangible media of personal data are located. 

DELETION (DE-IDENTIFICATION) OF PERSONAL DATA

1. Deletion (de-identification) of Personal data is performed in the following cases:

• upon achievement of processing purposes or in case of loss of necessity in their achievement within a period not exceeding thirty days from achievement of such purposes, unless otherwise provided by the agreement between the Data controller and the User (his representative);
• in case of detection of unlawful processing of Personal data or lawful withdrawal of Personal data within a period not exceeding ten working days from the moment of detection of such a case;
• in case of the expiration of the storage period of Personal data determined in accordance with the applicable legislation and the organizational and administrative documents of the Data controller, including the withdrawal of consent to the processing of the Personal data;
• in case of an order from the competent authority for the protection of the rights of data subjects, the prosecutor’s office of any country or a court decision.

1. DATA TRANSFER TO THIRD PARTIES

For the purposes listed under of this Policy, We may disclose certain collected data to the following third parties:

1. Hosting, web analytics and technical support providers, as well as marketing service providers, affiliates, contractors, business partners, service providers, third-party analytics providers and advertising partners for the purposes stipulated by art. 3.2.1, 3.2.3, 3.2.6 of this Policy, including, but not limited to, Google, LLC and affiliates, Facebook, Inc. and affiliates, Oath, Inc. and affiliates.
2. Our employees, as well as to the developers of the Service for the purposes under p. 3.2.1 of this Policy;
3. Partners, consultants, lawyers, auditors, courts and / or law enforcement agencies, as well as government agencies and organizations for legal and financial audits; persons, institutions, organizations that have grounds for obtaining access to Personal data by virtue of the provisions of the law for the purposes stipulated by p. 3.2.1, 3.2.4 and 3.2.5 of this Policy.
4. Any third parties, in order to provide legal protection to Data controller or third parties in case of violation by the User of the Terms of use, or in a situation where there is a threat of such a violation for the purposes stipulated by p. 3.2.4, 3.2.5 of this Policy.
5. Other third parties, which are specified in the consent of the User to the processing of Personal data.

1. CONFIDENTIALITY
   1. We and other persons who obtained access to Personal data are obliged not to disclose to third parties and not to distribute your Personal data without your consent, except in cases stipulated by the applicable law.
   2. We may access, preserve and share your information in response to a legal if we have a good faith belief that the law requires us to do so. This may include responding to legal requests from jurisdictions outside of the country where we have a good faith belief that the response is required by law in that jurisdiction, affects users in that jurisdiction, and is consistent with internationally recognized standards. We may also access, preserve and share information when we have a good faith belief it is necessary to: detect, prevent and address fraud and other illegal activity; to protect ourselves, you and others, including as part of investigations; or to prevent death or imminent bodily harm. 

1. CROSS-BORDER PROCESSING
   1. We may transfer personal data to any other country for the purposes set out in section 3 of this Policy only under the User’s consent if such transfer is permitted by applicable law.
   2. Before transferring the personal data to another country, We ensure that We comply with the requirements stipulated under applicable law and that a country provides reliable protection of the rights of personal data subjects.
   3. The transfer of personal data to a country that do not meet the aforementioned requirements may only be carried out if We have your consent in writing to transfer your personal data and/or for the performance of the agreement to which You are a party.

1. INQUIRIES
   1. You can send your inquiries regarding the use of the Personal data to us.
   2. We undertake to consider and respond to your inquiry within 30 days after it is received.
   3. All correspondence we receive from you (written or electronic inquiries) is classified as restricted-access information and may not be disclosed without your written consent. The personal data and other information on the User who sent the inquiry may not be used without the User’s special consent for any purpose other than for response to the inquiry, except as expressly provided by law.

1. FINAL PROVISIONS
   1. To withdraw the consent, you (or your representative) can send us a written demand in a free form, in a way that allows to reliably determine the person who signed and sent the correspondence as well as the grounds for the representative’s authority. 
   2. Issues not regulated by this Policy shall be governed by the applicable law.

1. CONTACT US
   1. For all data privacy issues or any questions or concerns you have about this Privacy Policy, please contact us at info@showoff.app

DATA CONTROLLERCS Development LLC
Identification number 405519808
Georgia, Tbilisi, Vake district, I. Chavchavadze Ave., N 37, building. 3a, apartment N54
support@showoff.app