Effective Date: July 7, 2023
This page informs you of our policies regarding the collection, use, and disclosure of Personal Information when you use our application. Nothing in this Privacy Policy is intended to limit in any way your statutory right, including your rights to a remedy or means of enforcement.
We greatly respect your privacy, which is why we make every effort to provide a platform that would live up to the highest user privacy standards. Please read this Privacy Policy carefully, so you can fully understand our practices and your rights in relation to Personal Information. Unless otherwise defined in this Privacy Policy, terms used in this Privacy Policy have the same meanings as in our Terms and Conditions.
This Policy applies to Renko and its relevant Affiliates (“Renko,” “us,” “we,” or “our”). We may update this Policy from time to time. Please check back periodically for updates. If you do not agree with any changes we make, you should stop interacting with us. When required under applicable law, we will notify you of any changes to this Policy by posting an update on our Site or in another appropriate manner.
2. Personal Data We Collect and Disclose
The below table describes what personal data we collect about you and to whom we disclose personal data.
Categories of Personal Data Collected |
Disclosures of Personal Data |
Identifiers, such as your name, email address, postal address, phone number, and device identifiers (e.g., advertising identifiers and IP address). |
|
Commercial information, including preferences, such as purchasing history or tendencies, and transactional information, such as banking information. |
|
Internets or other electronic network activity information and device information, such as your browsing history, search history, device information, and other information (whether passive browsing or active engagement) regarding your interactions with us and use of our products, Services, emails, and other Digital Properties. |
|
Geolocation information, such as approximate location based on your IP address, mobile device location, or information you provide to us (such as city and state you provide through a web form). You may be able to control the collection of this data through the settings of your device. |
|
Sensitive Personal Data, such as proof of vaccination or race and ethnicity (optional) (where permissible under applicable law). |
|
In addition to the above disclosures, we may share your personal data to respond to lawful requests by law enforcement or other government authorities in accordance with our UK GDPR data protection principles. We may also de-identify, anonymize, or aggregate personal data to use or share with third parties for any purpose, where legally permitted.
How We Process Personal Data
We may process your personal data for the below purposes:
Purpose of Processing |
Lawful Basis |
To provide our products, Services, and Digital Properties to you, including processing and fulfilling transactions; enabling you to access the Digital Properties and our Services; operating, maintaining, and improving our Digital Properties and Services; communicating with you, such as by completing your support requests or providing security updates; and diagnosing, repairing, and tracking service and quality issues. |
Legitimate interests; Contract; Legal obligations |
For our own business purposes, including maintaining internal business records and conducting internal reporting; collecting payments and performing accounting and similar business functions; auditing and managing projects related to our Services; performing IT security management and IT-related tasks, such as administration of our technologies and network; evaluating and improving our business, Services, and Digital Properties; and performing research and development of new products and services; and processing your survey and questionnaire responses. |
Legitimate interests; Legal obligations |
For legal, safety, or security reasons, including to comply with legal requirements; establish, exercise, or defend against legal claims; protect the safety, security, and integrity of our property and the rights of those who interact with us or others; investigate any content or conduct policy violations; and detect, prevent, and respond to security incidents or other malicious, deceptive, fraudulent, or illegal activity. These safety purposes may also involve collecting and processing special categories of personal data (i.e., health data), for office visits and events where necessary for public health or as required by applicable law. |
Legitimate interests; Legal obligations; Public interest |
For marketing our products and Services or those of third parties, such as our business partners, including soliciting or publishing testimonials or feedback about our products and Services; send you marketing and promotional communications or product recommendations (via email, phone, or other online and offline channels) about our Services or those of third parties; facilitate your participation in a contest or event; assess ad impressions or engage in contextual ad customization. You may opt out of marketing communications by clicking the “unsubscribe” link at the bottom of our marketing communications. Note that some of our marketing materials and information may use tracking technologies and analytics tools to help us understand your preferences. |
Consent (where required by law); Legitimate interests |
To fulfill a referral request when you use our referral service to tell a friend about our Services, including by using the name, email address, title, and company name that you provide us to contact the person you are referring. You must only provide others’ personal data if you have their consent to do so. |
Consent (where required by law); Legitimate interests |
Diversity, equity, and inclusion, such as promoting diversity, equity, and inclusion initiatives and representation within our business (where authorized by applicable law). |
Consent (where required by law); Legitimate interests |
Corporate transactions, such as sales, mergers, acquisitions, reorganizations, bankruptcy, and other corporate events. |
Legitimate interests; Legal obligations |
When you have voluntarily agreed to have your personal data processed. |
Consent |
Renko will honor data subject rights to the extent required by law. You may have the right to access, correct, update, and, in some cases, request deletion of your personal data (subject to exceptions). You may submit a request here.
Sources of Personal Data
We may combine information that we receive from the various sources described in this Policy, including third-party sources and public sources, and use or disclose it for the purposes identified above.
Cookies and Tracking Technologies
Cookies are files with a small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a web site and transferred to your device. We use cookies to collect information in order to improve our Services for you.
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. The Help feature on most browsers provides information on how to accept cookies, disable cookies or to notify you when receiving a new cookie.
If you do not accept cookies, you may not be able to use some features of our Service and we recommend that you leave them turned on.
Some tracking technologies enable us to track your device activity over time and across devices and websites. While some browsers have incorporated Do Not Track or DNT preferences, we do not honor such signals from web browsers at this time.
Security and Retention
We maintain appropriate security procedures and technical and organizational measures to protect your personal data against accidental or unlawful destruction, loss, disclosure, alteration, or use.
Your personal data will be generally retained as long as necessary to fulfill the purposes for which we collected the personal data. Once you and/or your company have terminated the contractual relationship with us or otherwise ended your relationship with us, we may retain your personal data in our systems and records to ensure adequate fulfillment of surviving provisions in terminated contracts or for other legitimate business purposes, such as to evidence our business practices and contractual obligations, to provide you with information about our products and services, or to comply with applicable legal, tax, or accounting requirements. When we have no ongoing legitimate business need nor lawful legal ground to process your personal data, we will delete, anonymize, or aggregate it or, if this is not possible (for example, because your personal data has been stored in backup archives), then we will securely store your personal data and isolate it from any further processing until deletion is possible. If you want to know more about retention periods applicable to your particular circumstance, please contact us using the details provided in the Contact us section below.
Children’s Privacy
Our Sites and Services are not directed to children under the age of 16, and we do not knowingly collect online personal data directly from children. If you are a parent or guardian of a minor child and believe that the child has disclosed online personal data to us, please contact us.
External Links
When interacting with us, you may encounter links to external sites or other online services, including those embedded in third-party advertisements. We do not control and are not responsible for privacy and data collection policies for such third-party sites and services. You should consult such third parties and their respective Privacy Policy for more information or if you have any questions about their practices.
Contact Information
If you have questions or complaints regarding this Policy or about the Renko Group’s privacy practices, please contact us by:
Email:
Tell:
Address:
Supplemental Terms for California Residents
Pursuant to the California Consumer Privacy Act (“CCPA”), this Section applies to certain personal data collected about California individuals where Renko controls how and why the personal data is processed (which the CCPA calls a “business”) and supplements the rest of our Policy above. This Section does not apply to current or former employees, applicants, contractors, or agents.
Additional Data Processing Disclosures:
The below table provides the categories of personal data we have sold, shared, or disclosed to third parties, as defined by the California Privacy Rights Act.
Categories of Personal Data We Collect |
California Privacy Rights Act Details: Categories of Third Parties to Whom Personal Data is “Sold or Shared” |
Identifiers, such as your name, email address, postal address, phone number, and device identifiers (e.g., advertising identifiers and IP address). |
|
Internet or other electronic network activity information and device information, such as your browsing history, search history, device information, and other information (whether passive browsing or active engagement) regarding your interactions with us and use of our products, Services, emails, and other Digital Properties. |
|
Geolocation information, such as approximate location based on your IP address, mobile device location, or information you provide to us (such as city and state you provide through a webform). You may be able to control collection of this data through the settings of your device. |
|
Audio, electronic, visual, and other sensory information, such as CCTV recordings of our premises (e.g., if you visit our offices); recordings of your interactions with our sales or advocacy teams (e.g., for quality assurance or training purposes, in accordance with applicable laws); or customer support chat or messaging logs. |
|
Inferences as defined by California law, such as marketing you are likely to positively react to. |
|
Sensitive Personal Data, such as proof of vaccination or race and ethnicity (optional) (where permissible under applicable law). |
|
Although we have not “sold” or “shared” personal data for money in the past 12 months, we engage in routine practices with our Digital Properties involving third parties that could be considered a “sale” or “sharing” as defined under California law. We do not knowingly sell or share any personal data of minors under the age of 16. We do not collect or process “sensitive personal information,” as defined by California law, to infer characteristics about you. Renko only uses sensitive personal information consistent with the exceptions to the right to limit sensitive personal information.
Your Data Protection Rights:
Subject to legal limitations, certain California residents may have the below rights.
California residents may request to exercise the Right to Know, the Right to Delete, and the Right to Correct by emailing us. We will not discriminate against you, in any manner prohibited by applicable law, for exercising these rights.
How to Fully Exercise the Right to Opt-Out of Sale or Sharing: In order to fully exercise the Right to Opt-Out of Sale or Sharing with respect to any “sale” or “sharing” of information, you must submit a Right to Opt-Out of Sale or Sharing request using our contact channel; and
If you block cookies, we will be unable to comply with your Right to Opt-Out of Sale or Sharing requests for device data that we automatically collect and disclose to third parties online using cookies, pixels, and other tracking technologies. To the extent required by California law, we will honor “Do Not Sell or Share” opt-out preference signals sent in a format commonly used and recognized by businesses at the browser level, such as an HTTP header field or JavaScript object.
Verification: To process California data protection requests, we will need to obtain information to locate you in our records or verify your identity, depending on the nature of the request. In most cases, we will request information about you, which may include your name, email address, or other information. If you submit a Right to Know “Specific Pieces Report,” we may also request a signed declaration, under penalty of perjury, that you are who you say you are. We may request alternative information under certain circumstances and/or use third parties to help verify your identity.
Authorized Agents: Authorized agents may exercise California data protection rights on behalf of California individuals, but we reserve the right to verify the individual’s identity directly as described above. Authorized agents must contact us by submitting a request and indicate that they are submitting the request as an agent. We may require the agent to demonstrate authority to act on your behalf by providing signed permission from you. We may also require you to verify your own identity directly with us or to directly confirm with us that you provided the authorized agent permission to submit the request.
Timing: We will process Right to Opt-Out of Sale or Sharing requests within fifteen business days from the date we received the request. We will respond to Requests to Delete and Requests to Know within forty-five days unless we need more time, in which case we will notify you, and it may take up to ninety days to respond to your request.
Supplemental Information for the EEA, Switzerland, and the U.K.
The following terms supplement the Policy with respect to our processing of EEA (i.e., European Union Member States, Iceland, Liechtenstein, and Norway), Swiss, and U.K. personal data. In the event of any conflict or inconsistency between the other parts of the Policy and the terms of this Section 11, Section 11 shall govern and prevail with regard to the processing of EEA, Swiss, and U.K. Personal Data, to the extent applicable.
Data Controller: The Renko entity with which you have a primary relationship (such as the entity that concluded the Services contract with you; the entity that has provided you with marketing materials and promotional communications; or the primary entity in the region where you access our Site) is the controller within the scope of this Policy. In the majority of cases, this will be Renko unless we specifically inform you otherwise.
Your Data Protection Rights:
Under applicable data protection laws, you may exercise certain rights regarding your personal data:
You may exercise these rights by contacting us using the details provided in the Contact Us Section above. Please note that we may refuse to act on requests to exercise data protection rights in certain cases, such as where providing access might infringe someone else’s privacy rights or impact our legal obligations.
International Transfers of Personal Data:
Due to the global nature of our operations, some of the recipients mentioned in this Policy may be located in countries outside the EEA, Switzerland, or the U.K., which do not provide an adequate level of data protection as defined by data protection laws in the EEA, Switzerland, and the U.K. Transfers within the Renko Group or to third parties located in such third countries take place using a valid data transfer mechanism, such as the EU Standard Contractual Clauses and/or the U.K. Addendum to such clauses, approved Binding Corporate Rules, approved codes of conduct and certifications mechanisms, on the basis of permissible statutory derogations, or any other valid data transfer mechanism issued or approved by the EEA, Swiss, or U.K. authorities. More information on (including a copy of) our Binding Corporate Rules is available here, and evidence of our Binding Corporate Rules approval is available on the European Data Protection Board’s website here. Certain third countries have been officially recognized by the EEA, Swiss, and U.K. authorities as providing an adequate level of protection and no further safeguards are necessary. Please reach out to us using the contact information if you wish to receive further information about how we transfer personal data or, where available, a copy of the relevant data transfer mechanism.
Supplemental Information for Other Regions