DOWNLOAD APP

Privacy Policy beemytask


  • Introduction

 

We, beemytask Ltd., 71-75 Shelton Street, Covent Garden, London, United Kingdom, together with our subsidiaries (hereinafter collectively referred to as “the company”, “we”, or “us”), take the protection of your personal data seriously and would like to take this opportunity to inform you about data protection in our company.

 

Within the scope of our data protection responsibilities, the entry into force of the EU/UK General Data Protection Regulation (Regulation (EU/UK) 2016/679; hereinafter: “GDPR”) to ensure the protection of personal data of the data subject (we also refer to you as the data subject as “customer”, “user”, “you”, or “data subject”).

 

Insofar as we decide, either alone or jointly with others, on the purposes and means of data processing, this includes, in particular, the obligation to inform you transparently about the nature, scope, purpose, duration, and legal basis of the processing (cf. Art. 13 and Art. 14 GDPR). With this declaration (hereinafter: “Privacy Policy”), we inform you about how we process your personal data.


  • General


  • Definitions

 

Based on Art. 4 GDPR, this privacy policy is based on the following definitions:

 

  • “Personal data” (Art. 4 No. 1 GDPR) is any information relating to an identified or identifiable natural person (“data subject”). A person is identifiable if they can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, an online identifier, location data, or by reference to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person. Identifiability may also be given by linking such information or other additional knowledge. The origin, form or embodiment of the information is irrelevant (photos, video or audio recordings may also contain personal data).

 

  • “Processing” (Art. 4 No. 2 GDPR) is any operation involving personal data, whether or not with the aid of automated (i.e., technology-based) procedures. This includes, in particular, the collection (i.e., procurement), recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction of personal data, as well as the change of a purpose or objective originally underlying data processing.

 

  • “Controller” (Art. 4 No. 7 GDPR) is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

 

  • “Third party” (Art. 4 No. 10 GDPR) is any natural or legal person, public authority, agency or other body other than the data subject, the controller, the processor and the persons who, under the direct authority of the controller or processor, are authorised to process personal data; this also includes other legal entities belonging to the group.

 

  • “Processor” (Art. 4 No. 8 GDPR) is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller, in particular in accordance with its instructions (e.g., IT service providers). In terms of data protection law, a processor is not a third party.
  • “Consent” (Art. 4 No. 11 GDPR) of the data subject means any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.


  • Changes to the Privacy Policy

 

  1. In the context of the ongoing development of data protection law and technological or organisational changes, our privacy policy is regularly reviewed to determine whether it needs to be adapted or supplemented. You will be informed of any changes.

 

  1. This Privacy Policy is current as of (month and year of publication of the privacy policy).


  • No obligation to provide personal data

 

We do not make the conclusion of contracts with us dependent on you providing us with personal data in advance. As a customer, you are generally not under any legal or contractual obligation to provide us with your personal data; however, we may only be able to provide certain offers to a limited extent or not at all if you do not provide the necessary data. If this should be the case in exceptional circumstances in relation to the products we offer, as described below, you will be notified separately.


  • Information about the processing of your data


  • Collection of personal data relating to you

 

  1. When you use our app, we collect personal data about you.

 

  1. Personal data is any data that relates to you personally (see above under General Information). For example, your name, location data, IP address, device ID, SIM card number, address, and email address are personal data, as are your fingerprint, images, films, audio recordings, and your user behaviour.


  • Legal basis for data processing

 

  1. By law, any processing of personal data is prohibited in principle and is only permitted if the data processing falls under one of the following justifications:

 

  • Art. 6(1)(a) GDPR (“Consent”): Where the data subject has voluntarily, in an informed manner and unambiguously indicated by a statement or other unequivocal affirmative action that he or she consents to the processing of personal data relating to him or her for one or more specific purposes;

 

  • Art. 6(1)(b) GDPR: If processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract, e.g., for the operation and provision of the beemytask App/Platform

 

  • Art. 6(1)(c) GDPR: If processing is necessary for compliance with a legal obligation to which the controller is subject (e.g., a statutory retention obligation);

 

  • Art. 6(1)(d) GDPR: If processing is necessary to protect the vital interests of the data subject or another natural person;

 

  • Art. 6(1)(e) GDPR: If processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; or
  • Art. 6(1)(f) GDPR (“legitimate interests”): if processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject (in particular where the data subject is a child).

 

The storage of information in the end user’s terminal equipment or access to information already stored in the terminal equipment is only permitted if it is covered by one of the following justifications, Art. 5(3) ePrivacy Directive:

 

  • If the end user has given their consent on the basis of clear and comprehensive information. Consent must be given in accordance with Art. 6(1)(a) GDPR;

 

  • If the sole purpose is to carry out the transmission of a message via a public telecommunications network or

 

  • If storage or access is absolutely necessary for the provider of digital service to be able to provide a digital service expressly requested by the user.

 

  1. We specify the applicable legal basis for each of the processing operations we carry out below. Processing may also be based on several legal bases.


  • Data collection during the download the App

 

  1. When downloading this App, certain personal data required for this purpose is transmitted to the relevant app store (e.g., Apple App Store or Google Play).

 

  1. In particular, the email address, user name, customer number of the downloading account, individual device identification number, payment information, and the time of the download are transmitted to the app store during the download.

 

  1. We have no influence on the collection and processing of this data; it is carried out exclusively by the app store you have selected. Accordingly, we are not responsible for this collection and processing; the responsibility for this lies solely with the app store.


  • Data collection during use the App/Platform

 

  1. We can only provide you with the benefits of our App/Platform if we collect certain personal data from you that is necessary for the operation of the App/Platform.

 

  1. We only collect this data if it is necessary for the fulfillment of the contract between you and us (Art. 6(1)(b) GDPR). Furthermore, we collect this data if it is necessary for the functionality of the App/Platform and your interest in the protection of your personal data does not outweigh this (Art. 6(1)(f) GDPR) or if you consent to the collection and processing (Art. 6(1)(a) GDPR).

 

  1. We collect and process the following data from you:

 

  • Device information: Access data includes the IP address, device ID, device type, device- specific settings and app settings, app properties, the date and time of access, time zone, the amount of data transferred, and a notification indicating whether the data exchange was complete, app crashes, browser type, and operating system. This access data is processed to enable the technical operation of the App/Platform.

 

  • Data you provide to us: Contact information required to set up an account, such as your first and last name, email address, home address, and phone number, identity data, such as your

date of birth and, depending on your place of residence, your social security, tax, or VAT number, and background check data, such as the results of your background check.

  • Information with your consent: We process other information (e.g., GPS location data) if you allow us to do so.

 

  • Contact form data or chat: When you use contact forms or the chat, the data transmitted through them is processed (e.g., first and last name, address, company, email address, and time of transmission, data transmitted via email or chat messages between you and us, or between you and other users. This may include photos shared between users or by a tasker via chat in connection with completing a task).

 

  1. If the processing of the data requires the storage of information on your end device or access to information already stored on the end device, Art. 5 (3) of the ePrivacy Directive in conjunction with the respective implemented national standard (e.g., for Germany, Section 25 Telecommunications Digital Services Data Protection Act – TDDDG).


  • Use of cookies

 

  1. We use cookies when operating our App/Platform. Cookies are small text files that are stored in the device memory of your mobile device and assigned to the mobile app you are using, and through which certain information flows to the entity that sets the cookie. Cookies cannot execute programs or transfer viruses to your computer and therefore cannot cause any damage. They serve to make our app more user-friendly and effective overall, i.e., more pleasant for you.

 

  1. Cookies may contain data that makes it possible to recognise the device used. In some cases, however, cookies only contain information about certain settings that are not personally identifiable. Cookies cannot directly identify a user.

 

  1. A distinction is made between session cookies, which are deleted as soon as you close your browser, and permanent cookies, which are stored beyond the individual session. In terms of their function, cookies are divided into:

 

  • Technical cookies: These are essential for navigating the app/platform, using basic functions, and ensuring the security of the App/Platform; they do not collect information about you for marketing purposes or store which websites you have visited.

 

  • Performance cookies: These collect information about how you use our App/Platform, which pages you visit, and, for example, whether errors occur when using the App/Platform; they do not collect any information that could identify you – all information collected is anonymous and is only used to improve our App/Platform and find out what interests our users.

 

  • Advertising cookies, targeting cookies: These are used to offer app users needs-based advertising within the App/Platform or offers from third parties and to measure the effectiveness of these offers; advertising and targeting cookies are stored for a maximum of 13 months.

 

  • Sharing cookies: These are used to improve the interactivity of our App/Platform with other services (e.g., social networks); shared cookies are stored for a maximum of 13 months.

 

  1. The legal basis for cookies that are absolutely necessary to provide you with the expressly requested service is Art. 5(3) of the ePrivacy Directive in conjunction with the respective implemented national standard (e.g., for Germany, Section 25(2) no. 2 Telecommunications Digital Services Data Protection Act – TDDDG).
  2. Any use of cookies that is not technically necessary constitutes data processing, which is only permitted with your express and active consent in accordance with Art. 5 (3) of the ePrivacy Directive in conjunction with the respective implemented national standard (e.g., for Germany, Section 25(1) TDDDG) in conjunction with Art. 6(1)(a) GDPR. This applies in particular to the use of performance, advertising, targeting, or sharing cookies. Furthermore, we will only pass on your personal data processed by cookies to third parties if you have given your express consent in accordance with Art. 6 (1)(a) GDPR.


  • Cookie Policy

 

For more information about which cookies we use and how you can manage your cookie settings and disable certain types of tracking, please see our Cookie Policy (link to the cookie policy).


  • Data storage period

 

  1. We will delete your personal data as soon as it is no longer required for the purposes for which we collected or used it (see C. 4., 5., 6.). As a rule, we store your personal data for the duration of the user or contractual relationship via the app. Your data is generally only stored on our servers in the EU/EWR and the UK, subject to any transfer in accordance with the provisions in F. 1., 2. and 3.

 

  1. However, data may be stored beyond the specified period in the event of a (threatened) legal dispute with you or other legal proceedings.

 

  1. Third parties employed by us (see F. 1.) will store your data on their system for as long as is necessary in connection with the provision of services for us in accordance with the respective order.

 

  1. Legal requirements for the storage and deletion of personal data remain unaffected by the above (e.g., for tax purposes). When the storage period prescribed by law expires, the personal data will be blocked or deleted, unless further storage by us is necessary and there is a legal basis for this.


  • Data security

 

  1. We use appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or unauthorised access by third parties, taking into account the state of the art, the implementation costs, and the nature, scope, context, and purpose of the processing, as well as the existing risks of a data breach (including its likelihood and impact) for the data subject. Our security measures are continuously improved in line with technological developments.

 

  1. We will be happy to provide you with further information on this upon request. Please contact our GDPR representative in the EU (see D. 1.) for this purpose.


  • No automated decision-making (including profiling)

 

We do not intend to use personal data collected from you for automated decision-making (including profiling).


  • Unsubscribing from promotional communications

 

  1. You can unsubscribe from receiving promotional communications via email, SMS, or push notifications on the website and in the app by visiting the “Notifications” page in your account settings and adjusting your preferences. Other ways to unsubscribe include: Unsubscribe from email marketing by clicking the “Unsubscribe” link in the email.
  2. Unsubscribe from promotional SMS messages by following the instructions in those messages and replying with the word “STOP.”


  • Change of purpose

 

  1. Your personal data will only be processed for purposes other than those described if this is permitted by law or if you have consented to the changed purpose of data processing.

 

  1. In the event of further processing for purposes other than those for which the data was originally collected, we will inform you of these other purposes prior to further processing and provide you with all further relevant information.


  • Responsibility for your data and contacts


  • Responsible party and contact details

 

  1. We are the controller responsible for the processing of your personal data within the meaning of Art. 4 No. 7 GDPR.

 

Beemytask Ltd.

 

71-75 Shelton Street, Covent Garden, London, United Kingdom dataprotection@beemytask.com

  1. Our EU-GDPR representative is available for EU citizens at any time to answer any questions you may have and as your contact person for data protection issues. His contact details are:

 

[the company]

 

[address for service]

 

[email address]

 

  1. Please contact this contact point in particular if you wish to assert your rights, which are explained in Chapter G, against us.

 

  1. If you have any further questions or comments regarding the collection and processing of your personal data, please also contact the above-mentioned contacts.


  • Data collection when contacting us

 

  1. If you contact us by email or via a contact form, we will store your email address, your name, and any other personal data you have provided in the course of contacting us so that we can contact you to answer your question.

 

  1. We delete this data as soon as storage is no longer necessary. If there are legal retention periods, the data remains stored, but we restrict its processing.

 

F. data processing by third parties


  • Contract data processing
  1. It may happen that contracted service providers are used for individual functions of our app. As with any large company, we also use external domestic and foreign service providers to handle our business transactions (e.g., in the areas of IT, logistics, telecommunications, sales, and marketing). These service providers only act on our instructions and are contractually obliged to comply with data protection regulations in accordance with Art. 28 GDPR.

 

  1. The following categories of recipients may have access to your personal data:

 

  • Service providers for the operation of our app and the processing of data stored or transmitted by the systems (e.g., for data center services, IT security). The legal basis for the transfer is then Art. 28 GDPR unless they are processors;

 

  • Government agencies/authorities, insofar as this is necessary to fulfill a legal obligation. The legal basis for the transfer is then Art. 6(1)(c) GDPR;

 

  • Persons employed to carry out our business operations (e.g., auditors, banks, insurance companies, legal advisors, supervisory authorities, parties involved in company acquisitions or the establishment of joint ventures). The legal basis for the transfer is then Art. 6(1)(b) or (f) GDPR.

 

  1. Furthermore, we only disclose your personal data to third parties if you have given your express consent in accordance with Art. 6(1)(a) GDPR.

 

  1. If we pass on your personal data to our subsidiaries or if our subsidiaries pass on your personal data to us (e.g. for advertising purposes), this is done based on existing data processing agreements.


  • Requirements for the transfer of personal data to third countries

 

  1. Within the scope of our business relationships, your personal data may be passed on or disclosed to third-party companies. These may also be located outside the European Economic Area (EEA), i.e., in third countries. Such processing is carried out exclusively for the purpose of fulfilling contractual and business obligations and maintaining your business relationship with us (the legal basis is Art. 6 (1)(b) or (f) in conjunction with Art. 44 et seq. GDPR). We will inform you of the respective details of the transfer below in the relevant sections.

 

  1. The European Commission certifies that some third countries have data protection standards comparable to those of the EEA through so-called adequacy decisions (a list of these countries and a copy of the adequacy decisions can be found here: https://ec.europa.eu/info/law/law-topic/data- protection/international-dimension-data-protection/adequacy-decisions_en). In other third countries to which personal data may be transferred, however, there may not be a consistently high level of data protection due to a lack of legal provisions. Where this is the case, we ensure that data protection is adequately guaranteed. This can be achieved through binding corporate rules, standard contractual clauses of the European Commission for the protection of personal data pursuant to Art. 46 (1), 2 (c) GDPR (the standard contractual clauses of 2021 are available at https://eur-lex.europa.eu/legal- content/EN/TXT/? uri=CELEX%3A32021D0915&locale-en), certificates, or recognised codes of conduct. Please contact our EU-GDPR representative (see D. 1.) if you would like more information on this.


  • Legal obligation to transfer certain data

 

We may be subject to a specific legal or regulatory obligation to provide lawfully processed personal data to third parties, in particular public authorities (Art. 6 (1)(c) GDPR).

 

G. Your rights

To exercise your rights, you must send a request either by email or by post to the addresses given above (see D. 1.).


  • Right of access

 

You have the right to obtain information from us about the personal data concerning you within the scope of Art. 15 GDPR.


  • Right to object to data processing and revoke consent

 

  1. In accordance with Art. 21 GDPR, you have the right to object to the processing of personal data concerning you at any time. We will stop processing your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or if the processing serves to assert, exercise, or defend legal claims.

 

  1. In accordance with Art. 7(3) GDPR, you have the right to withdraw your consent once given (even before the GDPR came into force, i.e., before May 25, 2018) – i.e., your voluntary, informed and unambiguous declaration of intent, made clear by a statement or other unequivocal affirmative action, that you consent to the processing of the personal data concerned for one or more specific purposes – at any time, if you have given such consent. As a result, we will no longer be permitted to continue processing the data based on this consent in the future.


  • Right to rectification and erasure

 

  1. If personal data concerning you is inaccurate, you have the right to request that we rectify it without delay in accordance with Art. 16 GDPR.

 

  1. Under the conditions specified in Art. 17 GDPR, you have the right to request the erasure of personal data concerning you. You have the right to erasure in particular if the data in question is no longer necessary for the purposes of collection or processing, if the data storage period (see C. 7.) has expired, if there is an objection (see G. 2.), or if there is unlawful processing.


  • Right to restriction of processing

 

  1. In accordance with Art. 18 GDPR, you have the right to request that we restrict the processing of your personal data.

 

  1. You are particularly entitled to the right to restriction of processing if the accuracy of the personal data is disputed between you and us; in this case, you are entitled to this right for a period of time required to verify the accuracy. The same applies if the successful exercise of a right to object (see G. 2.) is still disputed between you and us. You also have this right in particular if you have a right to erasure (see G. 3.) and you request restricted processing instead of erasure.


  • Right to data portability

 

In accordance with Art. 20 GDPR, you have the right to receive from us the personal data concerning you that you have provided to us in a structured, commonly used, machine-readable format.


  • Right to lodge a complaint with the supervisory authority

 

  1. Pursuant to Art. 77 GDPR, you have the right to lodge a complaint with the competent supervisory authority regarding the collection and processing of your personal data.
  2. EU residents have the right to contact the data protection authority of any EU member state of their choice to exercise their data protection rights. An overview of all data protection authorities in the EU, along with contact details, can be found at the following link: https://www.edpb.europa.eu/about-edpb/ about-edpb/members_en

 

  1. UK residents can contact the UK Information Commissioner’s Office; https://ico.org.uk/make-a- complaint/data-protection-complaints/