1.1. Privacy Principles
KoSAC has three fundamental principles when it comes to collecting and processing private data:
- We only store the data that Defora needs to function as a secure and feature-rich service.
- We promise that we’ll tell you how we use your data to make your Service experience safe and easy.
- Plus, we’ll make sure we collect and store your data securely.
1.2. Terms of Service
1.3. Table of Contents
- the legal basis for processing your personal data;
- what personal data we may collect from you;
- how we keep your personal data safe;
- what we may use your personal data for;
- who your personal data may be shared with; and
- your rights regarding your personal data.
1.4. EEA Representative
If you live in a country in the European Union or European Economic Area (EEA), you can request: 1) a copy of personally identifiable information, or; 2) correction or deletion of personally identifiable information. For this, please contact email@example.com. Please be advised that the personally identifiable information in our possession is limited to your phone number, group display name, and eligibility information you have provided to us. We are unable to provide your activities since we cannot link it to your personally identifiable information due to our encryption system.
2. Legal Ground for Processing Your Personal Data
We process your personal data on the ground that such processing is necessary to further our legitimate interests (including providing effective and innovative Services to our users), unless those interests are overridden by your interest or fundamental rights and freedoms that require protections of personal data.
3. What Personal Data We Collect
3.1. Basic Account Data
Defora is a communication service for people. To make sure that everyone is able to participate in an equal manner, we need to check that you are a real, unique person. This process is currently done by checking your ownership of a unique mobile number, which you will provide to us to create a Defora account. We store them away in an encrypted database in a hashed form so that the uniqueness check can be carried out without ever revealing the plaintext form of your mobile number.
To ensure the trust and legitimacy of decisions reached, Defora enables that only the eligible stakeholders can participate. We check this by authenticating your eligibility data through your own organization or a relevant 3rd party that your Group has chosen as an eligibility check service provider.
Your actions on the service will not be linked to your mobile number as we issue new random anonymized addresses for your actual interactions with other users, further securing your privacy.
In anonymous mode, random nicknames are issued for you for each Activity. You can choose to have a discussion in real name, which each member can set themselves. We do not require your Group display name to be your real name unless your Group has specified otherwise.
Your mobile number, eligibility data, and Group display names are the only data we collect, and they will be deleted upon your request.
3.2. Your Language Content
3.3. Feedback Information
When you rate or give feedbacks to Defora, we collect them to gain better insights to improve our Service. Again they are not linked to your personally identifiable data, so we take them as simply feedbacks for reference for future developments.
4. Keeping Your Personal Data Safe
4.1. Storing Data
All personal data is immediately encrypted when you register for our Services, and we store and/or process this data in South Korea. If you engage in a monetary transaction with us for customized features, you may be retried to provide billing information, including your name, address, phone number and credit card data. Please be advised that Defora utilizes third party payment services to effectuate these transactions. As such, we will not have access to any of this billing information, nor will we be able to connect them with your Contents and activities on our Service.
4.2. Data Retention
We maintain our office in South Korea. We do not have a physical presence outside of the country. We do not have a physical presence in the European Union, any EU-Member country or any member of the European Economic Area.
We use commercially reasonable safeguards and take reasonable steps to keep the information pertaining to your personal data and contents. Please be advised that our retention of all data and information obtained in connection with our Services, including personally identifiable information, is consistent with industry-accepted practices and security standards. We implement these security practices for the safekeeping of your data.
5. Processing Your Personal Data
5.1. Our Services
Defora is a communication service, where we process your data to Groups and Activities of your choosing in secure and anonymous manner.
5.2. Advanced Features
Defora only stores the information it needs to function as a secure and feature-rich service for better deliberative democracy.
6. Who Your Personal Data May Be Shared With
6.1. Other Defora Users
6.2. Defora’s Group Companies
We may share Content data with Aardvark, a non profit foundation to conduct research to craft better deliberative democratic structures and environment. We will implement appropriate safeguards to protect the security and integrity of that Content.
6.3. Law Enforcement Authorities
7. Your Rights Regarding the Personal Data Your Provide to Us
7.1. Your Rights
Under applicable data protection legislation, in certain circumstances, you have rights concerning your personal data. You have a right to: (1) request a copy of all your personal data that we store and to transmit that copy to another data controller; (2) delete or amend your personal data; (3) restrict, or object to, the processing of your personal data; (4) correct any inaccurate or incomplete personal data we hold on you; and (5) lodge a complaint with national data protection authorities regarding our processing of your personal data.
7.2. Exercising Your Rights
If you wish to exercise any of these rights, kindly contact us using the details in section 10 below.
7.3. Data Settings
Sadly, if you‘re generally not OK with Defora’s modest requirements, it won’t be possible for us to provide you with our Services. You can delete your Defora account in My menu.
8. Deleting Data
f you would like to delete your account, you can do this on the app My Menu > Delete Defora. Deleting your account removes your mobile number hash on our system, and also the access to all of your activities locally. This action must be confirmed via your Defora account and cannot be undone.
Your non personally identifiable data will remain as record of deliberation. However, if you believe your contents are potentially personally identifiable data, contact us to take it down.
9. Policy Pertaining to Children
Defora does not knowingly collect or solicit any information from anyone under the age of consent established by the data protection law of their applicable country. Defora does not knowingly allow such persons to register for the Services. The Service is not directed to anyone under the age of consent established by the data protection law of their applicable country
11. Questions and concerns
If you have any questions about privacy and our data policies, please contact firstname.lastname@example.org, which we will answer at the earliest opportunity.
©2020 All Rights Reserved. Apple and the Apple logo are trademarks of Apple Inc., registered in the U.S. and other countries. Google Play and the Google Play logo are trademarks of Google LLC.