We will never sell your personal data to third parties
Effective Date: January 1, 2021
1. ABOUT US
For Cherish users located in Canada or the United States of America (“USA”), we are Ruby Labs Inc. located at PO Box 67015, Toronto, Ontario, Canada M4P 3C8. The
Services currently are not intended for use in any other jurisdictions, so proceed at your own risk if you are located outside of Canada or the USA. Should you choose to
proceed from outside of Canada or the USA, any concerns should be addressed to Pernimus Limited, located at PO Box 54463, 3724 Limassol, Cyprus (as applicable, “we,” “us,” “our” or “Cherish.”)
- Controller: Where you are a Canadian or US resident, Ruby Labs Inc., will be the organization collecting your personal data. Where you are a
resident of any other jurisdiction, you acknowledge that the Services are not intended for use in such jurisdiction and that you are proceeding at your own risk. Notwithstanding the foregoing, Pernimus Limited will be the “controller” (or the equivalent thereof in your jurisdiction of residence) of your data.
- Information Processed: We Process different types of data from you in connection with your access to and use of the Services. In particular, we collect data when you register for the Services, which can be attributed to you individually (for example, you may provide us with your email address, gender, age, sexual orientation, and city where you reside). We also collect data automatically from your use of the Services (for example, cookies and your IP address(es)). For more information about the types of personal data we collect or process, see Section 3, below.
- Usage: We use the data we collect from you for a number of different purposes which are described in Section 4, below. The main purpose is to facilitate your use of the Services.
- Disclosure: We disclose the data we collect from you in a number of different circumstances, including to our service providers to perform certain functions on our behalf in connection with our provision of the Services. Some of the recipients to whom we disclose your data may be located in jurisdictions outside your own. For more information about who we disclose information to, see Section 5 below.
- Security: We take the protection of your personal data seriously. For more information about how we protect your data, see Section 7 below.
- Your Rights: Depending on where you are located, you will have various rights in relation to your data. For more information about your rights, see Section 10 below.
3. WHAT TYPES OF INFORMATION DO WE COLLECT?
When you use the Services, we collect and receive two types of data:
- Data that, alone or in combination with other reasonably available data, can be used to identify you (“Personal Data“). For clarity, “Personal Data” includes any personal information, personal data or personally identifiable information as defined by the privacy or data protection laws in your jurisdiction; and
We collect and receive the following Personal Data and Non-Personal Data directly from you and automatically through your use of our Services:
Data that we will not have
- If you sign up for any Services that require payment, your billing information will be provided to Apple or Google, not to us.
Data you may be required to provide to us
- If you sign up for a mobile application account, you will be required to create a username (a unique name of your choice) and a password.
Data you may choose to provide to us
- If you sign up for a mobile application account, you may provide us with your email address or you may, for example, choose to let your Apple account anonymize that information.
- If you sign up for a mobile application account, you may, at your option, choose to provide us with any one or more of the following:
- your gender,
- your age,
- your sexual orientation,
- a profile picture or pictures, and/or
- a “blurb” about yourself
Data that will be collected automatically from your device
- Where you have enabled the setting on your mobile device, with your permission, we also will collect your location data to filter the social media posts you are seeing, to share posts from other users who are in or near your geographical location. You may turn off this feature through the location settings on your mobile device.
- When you visit the website, we collect your IP address (which may reveal your general geographic location) from your browser access.
Data collected from third parties
- We may receive Personal Data about you from a third party, such as from another user of the Services respecting a complaint about your activities while using the Services, or from a third-party analytics vendor (see Section 11, below); however, we do not seek or purchase Personal Data about you from other third parties.
4. HOW DO WE USE YOUR INFORMATION?
We may use the Personal Data and Non-Personal Data that we collect for the following purposes:
- to provide you with Services, including:
- to provide you with access to a forum focused on open self-expression, where users can communicate and connect with like-minded individuals
- to allow users to find other users’ profiles based on preferences or user location
- to allow you to create a profile which will appear on the Cherish mobile application and to promote that profile to other users of the Services;
- to maintain and improve our Services, including improving the content and functionality of our mobile applications;
- to tailor the content and information that we may send or display to you, to offer location customization and personalized help and instructions, and otherwise to personalize your experiences while using the Services;
- to conduct surveys and customer research in order to improve the Services;
- to communicate with you in connection with the Services including, for the purposes of informing you of changes or additions to the Services;
- with your consent or as permitted by law, to deliver targeted advertising and promotional offers to you from affiliated or external companies;
- to detect and combat fraud and better understand how to protect your information;
- to manage your account and provide you with customer support;
- to protect our own rights and interests, such as to resolve any disputes, enforce our Terms and Conditions, or to respond to legal process;
- to protect the rights and interests of Cherish users (for example, from other users who violate the law or our Terms and Conditions, such as in cases of harassment or threats);
- to comply with applicable law;
- to save your data, such as your user account, registration, profile data and other data so you do not have to re-enter it each time you visit or use the Services;
- to offer more secure access to your account;
- track your return visits to, and use of, the Services in order to create aggregated usage statistics to help us better understand and optimize mobile application usage;
- To offer potential content recommendations, based on your viewing history and search criteria;
- in connection with a potential sale of our business or assets and/or to manage legal claims against us each of which are described in more detail below.
We also use Non-Personal Data. For example, we may collect and analyze aggregated and/or de-identified information to produce statistical data to help us improve our provision of the Services and manage user activity.
The following only applies to people residing in the EU and UK (and, given the fact that our Services are only intended for residents of Canada and the USA, the following will only apply to EU and UK members who have misinformed Ruby of their country of residence).
We collect your data as a Data Controller when we have a legal basis to do so. The following legal bases pertain to our collection of data:
- Our use of your Personal Data is necessary to perform a contract or take steps to enter into a contract with you. This applies to our processing activities described at 4A above. Where the information processed is a “special category of personal data” (known as sensitive data – in particular health information or information about your sexual preferences or ethnicity), we require an additional lawful basis which will be your consent.
- Our use of your Personal Data is in our legitimate interest as a commercial organization to make improvements to our services and to expand our business. This applies to our processing activities described at 4B, 4C, 4D, and for certain purposes in 4H.
- Our use of your Personal Data is necessary to comply with a relevant legal or regulatory obligation that we have, in particular, where we are required to disclose Personal Data to a court, tax authority or regulatory body in the event of an investigation. This applies to some purposes involved our processing activities described at 4E, 4G, and 4I.
Our use of your Personal Data is in accordance with your consent. This applies to our processing activities described at 4E, 4H and 4J (in each case where required by local law).
5. HOW WILL WE SHARE YOUR INFORMATION?
We may provide Personal Data to third parties in the following limited circumstances:
- To trusted third parties to assist us in the provision of the Services and the operation of our business.
- We will share your Personal Data with third party service providers that we have engaged to perform services on our behalf, based on our instructions, such as to our parent, subsidiary or sister companies, or to advertising agencies, marketing agents, data processing and storage companies or organizations which provide administrative and support services to us.
- We limit our disclosure of your Personal Data to such third parties to that which is reasonably necessary for the purpose or service for which the third-party service provider is engaged.
- We also use contractual and other means to provide a comparable level of protection while the data is being processed by such third parties, including limiting such providers to using your Personal Data solely to provide us with the specific service for which those providers were engaged, and for no other purpose. You can obtain more information about our policies and practices with respect to the use of Personal Data by third party service providers by contacting [email protected].
- To courts, regulators and law enforcement as required or permitted by law, including:
- to government bodies and law enforcement agencies, pursuant to warrant, order, subpoena or statutory requirement;
- in connection with any legal proceedings or prospective legal proceedings involving Cherish; and
- to otherwise establish, exercise or defend our legal rights and protect against misuse of our Services, or to protect the personal safety and property or our users or the public as permitted by law.
- In the event of a sale or merger, including:
- as required, in connection with the sale, assignment, bankruptcy proceeding or other transfer of the business or a portion of the business of our Services, including a corporate merger, consolidation, restructuring, sale of assets or other corporate change of our direct or indirect parent companies that affects us, as well as the insurance or securitization of our assets. In any such case, the recipient parties will be required contractually to keep the information confidential and use it only for the purposes of the transaction, or proposed transaction, in question.
We do not otherwise share, or give your Personal Data to any third parties, unless you give us additional consent to do so.
You should be aware that some of your Personal Data will be provided to, or otherwise visible to, other users of the Services as part of the normal operation of the Services (as set out in the terms or description of the Services). For example, your username, profile information and any information that you post to the mobile application will be available to, and searchable by, other users of the Services. In the European Union, the lawful basis for this disclosure is voluntarily making the data public. If you are not comfortable making this data public, you can subscribe to our Hide Profile feature, which allows your profile to remain private and un-searchable.
Other users of the Services, who may be located in any country in the world where our Services are offered, also may receive notifications (on the Services, via email, or through device notifications) that show your post, including your nickname and your profile photo.
We may disclose Non-Personal Data in a number of circumstances, including to third-party advertisers.
6. DATA TRANSFERS
As we have a multinational business operation, your Personal Data may be transferred to recipients located in jurisdictions outside your jurisdiction of residence, and your profile may be accessible by users in different countries around the world. If you are concerned about this, you can stop using our Services at any time. These recipients include the two corporations listed in Section 1, and may include our parent, subsidiary or sister entities, or service providers, which may be based in other countries.
As a result, your Personal Data may be collected, stored, accessed, used and/or disclosed in countries outside your jurisdiction of residence, including without limitation Canada and Cyprus. Some of these jurisdictions do not have an equivalent level of data protection laws as those in your country; however, we will take steps to ensure that the information receives the same level of protection as if it remained within your country of residence (based on the country you have indicated in your account, which should be either Canada or the USA, as our Services currently are not intended for use in other jurisdictions). You have a right to request details about the appropriate safeguards where this is documented (but it may be redacted to ensure security and confidentiality).
We take the protection of your Personal Data seriously. We implement appropriate measures and take steps to protect Personal Data against loss and theft as well as unauthorized access, disclosure, copying, use, and modification using security safeguards, including physical, organizational and technological measures, commensurate with the sensitivity of your Personal Data. Our employees who have access to your Personal Data are made aware of the importance of keeping it confidential.
Where we use service providers who might have access to your Personal Data, we require them to have privacy and security standards that are comparable to ours. We use contracts and other measures with our service providers to maintain the confidentiality and security of your Personal Data and to prevent it from being used for any other purpose.
Please be aware that no data security measures can guarantee complete security. You also should take steps to protect against unauthorized access to your phone, other mobile device and computer by, among other things, signing off after using a shared device, and choosing a robust password – for access to your hardware – that nobody else knows or can guess easily
8. HOW LONG DO WE KEEP THE PERSONAL DATA WE COLLECT?
We keep your Personal Data for only as long as it is required for the purposes for which it was collected, or as otherwise permitted by applicable law, after which we delete or de-identify your Personal Data, rendering it Non-Personal Data.
In general, we retain your Personal Data for a period of time corresponding to a statute of limitations setting out the period during which legal claims may be filed in court. For example, we may retain your Personal Data during the statute of limitations period, to maintain an accurate record of your dealings with us and, as applicable, assert or defend against a legal claim. However, in some circumstances we may retain Personal Data for other periods of time, for instance where we are required to do so in accordance with legal, tax and accounting requirements, or if required to do so by a legal process, legal authority, or other governmental entity having authority to make the request, for so long as required.
The Services are not for use by children under the age of 18 years. Accordingly, we do not knowingly collect, store, share or use the Personal Data of children under 18 years. If you are under the age of 18 years, please do not use this Service or provide any Personal Data, even if prompted by the Services to do so.
If you choose to sign up for marketing emails, we will ask you to provide us with your age. Failure to answer accurately will be deemed to be fraudulent on your part, and you, not us, will bear responsibility for such fraudulent behaviour and any resultant consequences.
10. YOUR RIGHTS
You have the ability to exercise the following rights:
- Right to withdraw consent.
- You have the right to withdraw your consent at any time, subject to legal and contractual restrictions. For example, if you wish to opt-out of receiving electronic marketing communications, you can use the ‘unsubscribe’ link provided in our emails, or otherwise contact us at [email protected], and we will stop sending you communications. Note that your withdrawal of such consent may limit your ability to fully use the Services.
- Right of access, rectification and erasure.
- You have the right to request access to and obtain a copy of any of your Personal Data that we may hold, to request correction of any inaccurate data relating to you, and to request the deletion of your Personal Data under certain circumstances. Please note that you can edit your own profile at any time.
- Data portability.
- Where the Personal Data is processed by automatic means, you have the right to receive all such Personal Data which you have provided us in a structured, commonly used and machine-readable format, and also to require us to transmit it to another controller where this is technically feasible.
- Right to restriction of processing.
- You have the right to restrict our processing of your Personal Data (meaning we could only store it unless we have your consent or as otherwise required by law) where:
- you contest the accuracy of the Personal Data, until we have taken sufficient steps to correct or verify its accuracy; or
- we no longer need your Personal Data for the purposes of the processing, but you require such Personal Data for the purposes of a dispute, complaint or proceeding.
- You have the right to restrict our processing of your Personal Data (meaning we could only store it unless we have your consent or as otherwise required by law) where:
- Right to object to direct marketing (including profiling).
- You have the right to object to our use of your Personal Data (including profiling) for direct marketing purposes, such as when we use your Personal Data to inform you of our promotions.
- You also have the right to lodge a complaint with the privacy commissioner with jurisdiction over your place of residence, if you consider that the processing of your Personal Data infringes applicable law (although we ask you to try resolve any complaints with us first).
If you would like to exercise any of these rights, please contact us using the contact information provided in Section 15, below.
11. COOKIES AND OTHER TRACKING
Provided we have obtained necessary permissions and consents in accordance with local laws, we use these tools only to provide you with an improved user experience, to better understand your needs and preferences, to provide you with content (including advertising and/or marketing emails) that is most relevant to you, and to monitor trends respecting the usage of our Services.
Do-Not-Track. Currently, our systems do not recognize browser “do-not-track” requests. You may, however, disable certain tracking as discussed in this section (e.g., by disabling cookies or opting out of ad networks as described further in this section).
Clear GIFs. Clear GIFs (a.k.a. web beacons, web bugs or pixel tags) are tiny graphics with a unique identifier, similar in function to cookies. In contrast to cookies though, clear GIFs are embedded invisibly on web pages and in applications, not stored on your hard drive. These “images” are loaded automatically to your browser/device when you visit our website or open an html format email message from us, thereby letting us know if a certain page was visited or an email message was opened. Clear GIFs can allow us to record simple user actions related to our websites and to email communications received from us, to help us determine the usage and effectiveness of our site and communications. We might use clear GIFs to track the activities of our website visitors and app users, help us manage content, and compile statistics about usage. We and our third-party service providers also might use clear GIFs in html e-mails to our customers, to help us track e-mail response rates, identify when our e-mails are viewed, and track whether our e-mails are forwarded. These may be blocked by using a third-party application (look for a browser extension for content-filtering, including ad-blocking) or, in the case of emails, by changing your settings to prevent images from being downloaded (where your email provider supports this functionality).
12. DIRECT MARKETING
Where we have necessary permissions and consents in accordance with local laws: (a) we will send you marketing information about our Services, and about other products and services our affiliates and/or third parties offer where we legitimately believe this may be of interest to you; and, (b) this content will be personalized. Where you have specifically requested marketing information from us about our marketing affiliates and/or third parties that we work with, or have expressly indicated that you would like to receive details from our parent, subsidiary or sister entities, we also may send promotional offers.
We use Personal Data that you provide in your user profile combined with certain algorithms and machine-based learning to improve our Services’ search function and to present posts to you which are more likely to be of interest – in particular based on the demographic data of individuals with whom you interact in order to present more posts of other similar users that you appear to be interested in. You can elect to change your preferences at any time in your profile. This does not amount to “automated decision making” which would have any significant impact on you.
14. ACCESS AND UPDATES
You have the opportunity to (i) opt out of certain communications, (ii) modify/update Personal Data you have provided to us, and (iii) hide certain information visible to public users of the application at any time by deleting a specific post. You also may choose not to share personal information in your profile.
Please be aware that there may be a short delay for any custom changes you make to take effect on the public areas of the system. Please also note that changing or deleting your information through your profile or settings, or opting out of email notifications from us, will only change or delete the data in our database for the purpose of future activities and communications.
15. CONTACT US
If you have any questions or concerns regarding our policies and practices related to your information, please contact our Data Protection Officer/Chief Privacy Officer at [email protected], or by writing to:
Where you are a Canadian or US resident:
Ruby Labs Inc.
Attention: Chief Privacy Officer
PO Box 67015
Toronto, ON Canada M4P 3C8
Where you are a resident of any other jurisdiction:
Attention: Data Protection Officer
PO Box 54463
3724 Limassol, Cyprus
As noted in Section 14 above, subject to certain restrictions required or permitted by law, you have the right to access Personal Data we hold about you and to have any concerns you may have over our policies and practices addressed. In addition, you have the right to obtain information regarding our policies and practices as they relate to the collection, storage, access, use and disclosure of Personal Data, including with respect to the transfer and storage of your information outside your home jurisdiction, and to request updates to, or correction of, your Personal data.
We aim to resolve all complaints promptly. For residents of the European Union, you should not be using our Services, as they are not intended for use outside of Canada and the USA (and, if you have an account, it means you have provided us with incorrect information about your country of residence). Notwithstanding the foregoing, if you are not satisfied with any resolutions proposed, or if you have concerns with processing of data, you may contact your local data protection authority, a list of which is found here. https://edpb.europa.eu/about-edpb/board/members_en.
16. IMPORTANT ADDITIONAL INFORMATION FOR CALIFORNIA RESIDENTS
This section provides information for California residents. Pursuant to California privacy laws, including the California Consumer Privacy Act (“CCPA”), we provide California residents information about how we collect and process your Personal Information.
Categories of Personal Information that We Collect, Disclose, and Sell
Personal Information of California Residents: Categories Collected, Processed, and Shared with Third Parties
|Categories of personal information||Do we collect?||Do we disclose for business purposes?||Do we sell?||Sold or Disclosed for a business or commercial purpose in the prior 12 months?|
|NAME, CONTACT INFORMATION AND IDENTIFIERS: Identifiers such as username, password, city, Internet Protocol (IP) address, and (where provided by resident), name, gender, age, sexual orientation and email address.||YES||YES||NO||
We may validate through a third party whether your email address is accurate (i.e., exists).
We may share other aggregate information.
|CUSTOMER RECORDS: Paper and electronic customer records containing personal information, such as name, physical characteristics or description, address, telephone number, bank account number, credit card number.||NO||NO||NO||NO|
|PROTECTED CLASSIFICATIONS: Characteristics of protected classifications under California or federal law such as race, sex, age or sexual orientation.||YES||NO||NO||● We may disclose aggregate information about age groups/range segment conversion data to certain performance marketing campaigns to confirm payment-qualifying transactions. Users may choose to provide sensitive information such as their sex, age or race to describe themselves to other users of the service|
|PURCHASE HISTORY AND TENDENCIES: Commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.||NO||NO||NO||We may share aggregate information|
|USAGE DATA: Internet or other electronic network activity information such as usage of services, and information regarding a resident’s interaction with an internet website, application, or advertisement.||YES||YES||NO||We may share aggregate information.|
|GEOLOCATION DATA: City of residence.||YES||NO||NO||NO|
|AUDIO/VISUAL: Audio, electronic, visual, thermal, olfactory, or similar information.||NO||NO||NO||NO|
|EMPLOYMENT HISTORY: Professional or employment-related information.||NO||NO||NO||NO|
If you would like to exercise any of these rights, please contact us using the contact information provided in Section 15.
California Residents’ Rights
California law grants California residents certain rights and imposes restrictions on particular business practices as set forth below.
Do-Not-Sell. We do not sell your Personal Data.
Verifiable Requests for Copy, Deletion and Right to Know. Subject to certain exceptions, California residents have the right to make the following requests, at no charge, up to twice every 12 months:
Right of Deletion: California residents have the right to request deletion of their Personal Data that we have collected about them, subject to certain exemptions, and to have such Personal Data deleted, except where necessary for specific purposes exempt under the law.
Right to a Copy: California residents have the right to request a copy of the specific pieces of Personal Data that we have collected about them in the prior 12 months and to have this delivered, free of charge, either: (a) by mail or (b) electronically in a portable and, to the extent technically feasible, readily useable format that allows the individual to transmit this information to another entity without hindrance.
Right to Know: California residents have the right to request that we provide them certain information about how we have handled their personal information in the prior 12 months, including the:
- categories of Personal Data collected;
- categories of sources of Personal Data;
- business and/or commercial purposes for collecting and/or selling their Personal Data;
- categories of third parties with whom we have disclosed or shared their Personal Data;
- categories of Personal Data that we have disclosed or shared with a third party for a business purpose; and
- categories of third parties to whom the resident’s Personal Data has been sold and the specific categories of Personal Data sold to each category of third party.
Submitting Requests. Requests to exercise the right of deletion, right to a copy, and / or the right to know may be submitted by contacting: [email protected]. We will respond to verifiable requests received from California consumers as required by law.
Incentives and Discrimination. The CCPA prohibits discrimination against California residents for exercising their rights under the CCPA and imposes requirements on any financial incentives offered to California residents related to their personal information. We respect your privacy rights. We do not discriminate against residents who exercise their rights under CCPA.
California Privacy Rights under California’s Shine-the-Light Law.
Under California’s “Shine the Light” law (Cal. Civ. Code § 1798.83), California residents who provide us certain Personal Data are entitled to request and obtain from us, free of charge, information about the Personal Data (if any) we have shared with third parties for their own direct marketing use. Such requests may be made once per calendar year for information about any relevant third-party sharing in the prior calendar year. California residents who would like to make such a request may submit a request in writing (see Section 15 “Contact Us” for ways to reach us).