Altogether Privacy Policy

We are committed to safeguarding your personal information and ensuring compliance with applicable privacy laws in the UK, EU, and US. This Privacy Policy outlines how we collect, use, share, and protect your information when using the Altogether social media app. By accessing or using our services, you agree to the practices described herein.

 

  1. Information We Collect

 

Personal Data: We collect the information you provide directly to us when you register an account, update your profile, post content, or interact with others. This may include:

 

  • Name, email address, date of birth, username.
  • Profile picture, interests, and content you post.

 

Automatically Collected Data: When you use our app, we may automatically collect:

 

  • IP address, browser type, operating system, and device identifiers.
  • Location data (if you enable location services).
  • Usage data, such as the features you use and how you interact with content.

 

Legal Basis for Collection: In compliance with the UK GDPR, EU GDPR, and California Consumer Privacy Act (CCPA), we collect and process personal data based on your consent, the necessity of fulfilling a contract, or for legitimate interests, such as improving services.

 

  1. How We Use Your Information

 

We process your information for the following purposes:

 

  • Service Provision: To create and manage your account, personalise your experience, and facilitate communication with other users.
  • Service Improvement: To analyse app usage trends and enhance functionality.
  • Marketing Communications: With your consent, we may send you promotional offers and updates. You can opt out of these communications at any time.
  • Legal Compliance: To comply with regulatory and legal obligations, including those related to age verification, fraud prevention, and reporting.

 

  1. Sharing Your Information

 

We do not sell your personal data. However, we may share information in the following scenarios:

 

  • Service Providers: We work with third-party providers for hosting, payment processing, analytics, and customer support. These providers are contractually obligated to protect your data in line with UK GDPR, EU GDPR, and US privacy laws.
  • Legal Compliance: If required by law, we may share your data with law enforcement or other regulatory bodies, as per UK/EU/US regulations, such as the Data Protection Act 2018 (UK), GDPR (EU), and CCPA (California).
  • Business Transactions: In the event of a merger, acquisition, or asset sale, your data may be transferred as part of the business transaction, but will remain subject to the same privacy protections.

 

International Data Transfers: If your data is transferred outside the UK/EU/US, we ensure it is protected by mechanisms such as Standard Contractual Clauses (SCCs) or other legal safeguards, in accordance with the GDPR and US privacy laws.

 

  1. Your Rights

 

Under UK and EU GDPR:

 

  • Right to Access: You have the right to request access to the personal data we hold about you.
  • Right to Rectification: You can request corrections to inaccurate or incomplete data.
  • Right to Erasure: You can request that we delete your personal data in certain circumstances (“Right to be Forgotten”).
  • Right to Data Portability: You can request that your data be transferred to another provider in a structured, commonly used format.
  • Right to Object: You may object to our processing of your personal data, particularly for direct marketing purposes.

 

Under the CCPA (US):

 

  • Right to Know: You have the right to request disclosure of the categories and specific pieces of personal data we have collected.
  • Right to Deletion: You may request the deletion of your personal information, subject to certain legal exceptions.
  • Right to Opt-Out of Sale: While we do not sell data, you have the right to instruct us not to sell your personal information if this practice changes.
  • Right to Non-Discrimination: You will not be discriminated against for exercising your rights under CCPA.

 

To exercise any of these rights, contact us at info@unclocks.com. We will respond in accordance with applicable legal timeframes.

 

  1. Security Measures

 

We implement robust security measures to protect your data from unauthorised access, disclosure, alteration, and destruction. These measures include:

  • Encryption of data in transit and at rest.
  • Access controls and role-based access.
  • Regular security audits and vulnerability assessments.

 

However, no security system is foolproof, and we cannot guarantee the absolute security of your data.

 

Data Retention: We retain your personal data only for as long as necessary to fulfil the purposes outlined in this policy or as required by law.

 

  1. Children’s Privacy

 

Altogether is not intended for children under the age of 13, in compliance with the Children’s Online Privacy Protection Act (COPPA) (US) and GDPR (EU). We do not knowingly collect personal data from minors. If we become aware of data collected from a child under 13, we will take immediate steps to delete it.

 

  1. Changes to This Policy

 

We may update this Privacy Policy from time to time to reflect changes in legal requirements or our business practices. Any significant updates will be communicated via email or in-app notification, and your continued use of the app following such changes indicates your acceptance.

 

  1. Contact Us

If you have any questions or concerns about this Privacy Policy or your rights under UK, EU, or US law, please contact us at info@unclocks.com

 

Effective Date: 03 October 2024