THIS PRIVACY POLICY (THIS “POLICY”) DESCRIBES HOW AND WHEN SANCTUM B.V., A PRIVATE LIMITED LIABILITY COMPANY INCORPORATED UNDER THE LAWS OF THE NETHERLANDS, WITH ITS REGISTERED OFFICE AT SINGEL 174A, 1016 AJ AMSTERDAM, THE NETHERLANDS (“SANCTUM,” “WE,” OR “US”), COLLECTS, USES, STORES, AND DISCLOSES INFORMATION WHEN YOU USE OUR WEBSITE(S), OUR MOBILE APPLICATION(S) AND RELATED DIGITAL PLATFORMS (THE “APP”), AND OUR IN-PERSON AND DIGITAL SERVICES (COLLECTIVELY, TOGETHER WITH THE WEBSITE AND APP, THE “SERVICE”).BY USING THE SERVICE, YOU CONSENT TO THE COLLECTION, USE, AND DISCLOSURE OF INFORMATION IN ACCORDANCE WITH THIS POLICY, SUBJECT TO YOUR RIGHTS UNDER APPLICABLE LAW.

‍1. DEFINITIONS

‍“PERSONAL DATA” (OR “PERSONAL INFORMATION”) MEANS INFORMATION THAT IDENTIFIES, RELATES TO, DESCRIBES, OR COULD REASONABLY BE LINKED TO AN IDENTIFIED OR IDENTIFIABLE INDIVIDUAL. IT DOES NOT INCLUDE AGGREGATED OR DE-IDENTIFIED INFORMATION.

‍2. INFORMATION WE COLLECT

‍WE MAY COLLECT PERSONAL DATA IN THE FOLLOWING CATEGORIES:(A) INFORMATION YOU PROVIDE VOLUNTARILY, INCLUDING NAME, EMAIL ADDRESS, TELEPHONE NUMBER, BILLING INFORMATION, ACCOUNT DETAILS, AND CORRESPONDENCE.(B) INFORMATION COLLECTED THROUGH YOUR USE OF THE SERVICE, INCLUDING DEVICE INFORMATION, IP ADDRESS, APP/WEBSITE USAGE DATA, LOG DATA, COOKIE DATA, AND ANALYTICS INFORMATION.(C) TRANSACTION INFORMATION, INCLUDING PURCHASE HISTORY AND SUBSCRIPTION STATUS (PAYMENTS ARE PROCESSED BY THIRD-PARTY PROVIDERS; WE DO NOT STORE FULL PAYMENT CARD DETAILS).(D) MEDIA CONTENT, INCLUDING PHOTOGRAPHS, AUDIO, OR VIDEO RECORDED AT EXPERIENCES WHERE PERMITTED.(E) HEALTH-RELATED INFORMATION ONLY IF YOU VOLUNTARILY DISCLOSE IT (E.G., TO INFORM FACILITATORS OF RELEVANT CONDITIONS). WE DO NOT REQUEST OR REQUIRE MEDICAL DATA AS A CONDITION OF USE UNLESS NECESSARY FOR SAFETY OR LEGAL COMPLIANCE.

‍3. HOW WE USE PERSONAL DATAWE USE PERSONAL DATA FOR PURPOSES INCLUDING:PROVIDING, OPERATING, AND IMPROVING THE SERVICE;

MANAGING BOOKINGS, ACCOUNTS, AND SUBSCRIPTIONS;

PROCESSING TRANSACTIONS AND CUSTOMER SUPPORT;

COMMUNICATING SERVICE UPDATES, ADMINISTRATIVE NOTICES, AND RELEVANT INFORMATION;

ENSURING SAFETY, SECURITY, FRAUD PREVENTION, AND POLICY ENFORCEMENT;

COMPLYING WITH LEGAL AND REGULATORY OBLIGATIONS.

WE DO NOT SELL PERSONAL DATA.

‍4. LEGAL BASES (WHERE APPLICABLE)
‍WHERE REQUIRED (INCLUDING UNDER GDPR), WE PROCESS PERSONAL DATA ON THE BASIS OF ONE OR MORE OF THE FOLLOWING: CONTRACTUAL NECESSITY; LEGITIMATE INTERESTS; LEGAL OBLIGATION; AND/OR YOUR CONSENT.

‍5. HOW WE SHARE PERSONAL DATA
‍WE MAY DISCLOSE PERSONAL DATA TO:SERVICE PROVIDERS (E.G., HOSTING, ANALYTICS, CUSTOMER SUPPORT, PAYMENT PROCESSORS);

TECHNOLOGY PARTNERS (E.G., APP DISTRIBUTION PLATFORMS SUCH AS APPLE AND GOOGLE);

PROFESSIONAL ADVISERS (E.G., LEGAL, ACCOUNTING, INSURANCE);

AUTHORITIES OR THIRD PARTIES WHERE REQUIRED BY LAW OR TO PROTECT RIGHTS, SAFETY, AND SECURITY.

WE REQUIRE THIRD-PARTY SERVICE PROVIDERS TO PROCESS PERSONAL DATA ONLY AS NECESSARY TO PERFORM SERVICES FOR US AND TO IMPLEMENT APPROPRIATE SAFEGUARDS.

‍6. COOKIES AND ANALYTICS
‍WE MAY USE COOKIES, SDKS, PIXELS, LOG FILES, AND SIMILAR TECHNOLOGIES TO COLLECT INFORMATION ABOUT HOW THE SERVICE IS USED, TO OPERATE AND IMPROVE THE SERVICE, AND TO MEASURE PERFORMANCE. YOU MAY CONTROL COOKIES THROUGH YOUR BROWSER SETTINGS, SUBJECT TO TECHNICAL LIMITATIONS.

‍7. INTERNATIONAL TRANSFERS
‍AS A GLOBAL BUSINESS, YOUR PERSONAL DATA MAY BE TRANSFERRED TO AND PROCESSED IN COUNTRIES OTHER THAN YOUR COUNTRY OF RESIDENCE. WHERE REQUIRED BY LAW, WE IMPLEMENT APPROPRIATE SAFEGUARDS FOR SUCH TRANSFERS.

‍8. DATA RETENTION

‍WE RETAIN PERSONAL DATA ONLY FOR AS LONG AS NECESSARY FOR THE PURPOSES DESCRIBED IN THIS POLICY AND/OR AS REQUIRED BY APPLICABLE LAW, INCLUDING TAX, ACCOUNTING, AND LEGAL REQUIREMENTS.

‍9. YOUR RIGHTS

‍SUBJECT TO APPLICABLE LAW, YOU MAY HAVE RIGHTS INCLUDING THE RIGHT TO ACCESS, CORRECT, DELETE, RESTRICT, OR OBJECT TO PROCESSING, AND TO WITHDRAW CONSENT WHERE PROCESSING IS BASED ON CONSENT. TO EXERCISE RIGHTS, CONTACT US AS SET OUT BELOW.

‍10. SECURITY

‍WE USE REASONABLE ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS DESIGNED TO PROTECT PERSONAL DATA. HOWEVER, NO SECURITY MEASURES CAN BE GUARANTEED TO BE 100% EFFECTIVE, AND YOU USE THE SERVICE AT YOUR OWN RISK.

‍11. CHILDREN

‍THE SERVICE IS NOT INTENDED FOR CHILDREN UNDER 18 UNLESS EXPRESSLY STATED. WE DO NOT KNOWINGLY COLLECT PERSONAL DATA FROM CHILDREN WITHOUT VERIFIED PARENTAL CONSENT WHERE REQUIRED.

‍12. UPDATES TO THIS POLICY

‍WE MAY UPDATE THIS POLICY FROM TIME TO TIME. WHEN WE DO, WE WILL REVISE THE “LAST UPDATED” DATE ABOVE. YOUR CONTINUED USE OF THE SERVICE AFTER SUCH CHANGES CONSTITUTES ACCEPTANCE OF THE UPDATED POLICY, SUBJECT TO YOUR RIGHTS UNDER APPLICABLE LAW.

‍13. CONTACTING US

‍IF YOU HAVE QUESTIONS OR REQUESTS ABOUT THIS POLICY, CONTACT:HELLO@WEARESANCTUM.COMOR BY POST AT: SANCTUM B.V., SINGEL 174A, 1016 AJ AMSTERDAM, THE NETHERLANDS.