Privacy Policy of Texting Wingman
Effective Date: 19.10.2024.
This Privacy Policy ("Policy") is established by Delka Talents Ltd ("Company", "we", "us", or "our"), the proprietor and operator of the Texting Wingman application ("App"). This Policy delineates our obligations and practices regarding the systematic collection, use, and protection of personal data obtained from users of the App. We are committed to upholding the highest standards of data privacy and comply with applicable legislation, including the General Data Protection Regulation (EU) 2016/679 ("GDPR") and the California Consumer Privacy Act ("CCPA"). This Policy ensures our adherence to both the stringent requirements of these laws and our dedication to safeguarding personal data within the global operational scope of our services.
Company Identification and Contact Information
Corporate Entity: Delka Talents Ltd
Primary Contact:
Name: Gidon Rotteveel
Emails:
Secondary Contact:
Name: Alp Barokas
Email: alp@textingwingman.com
1. Definitions
Data Controller: Delka Talents Ltd, the legal entity that determines the purposes and means of the processing of personal data. As the Data Controller, Delka Talents Ltd assumes full responsibility for ensuring that all processing activities are conducted in accordance with the applicable data protection laws, including but not limited to the General Data Protection Regulation (GDPR) and relevant national regulations.
Personal Data: Any information relating to an identified or identifiable natural person ("Data Subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier (e.g., IP address, device identifier), or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that person.
Special Categories of Personal Data: Categories of personal data that are inherently sensitive and thus require enhanced protection measures. Such data includes, but is not limited to, information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data (processed for identification purposes), health data, and data concerning an individual’s sex life or sexual orientation, as defined under Article 9 of the GDPR.
Processing: Any operation or set of operations performed on personal data or on sets of personal data, whether or not by automated means. Processing includes, but is not limited to, the collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction of personal data. All processing activities must comply with the principles of lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity, and confidentiality.
Data Subject: An identified or identifiable natural person whose personal data is processed by the Data Controller. Data Subjects possess certain rights under applicable data protection laws, including but not limited to the right to access, rectify, erase, restrict, and object to the processing of their personal data, as well as the right to data portability and the right to lodge a complaint with a supervisory authority.
Data Processor: A natural or legal person, public authority, agency, or other body that processes personal data on behalf of the Data Controller, pursuant to instructions provided by the Data Controller. Data Processors are contractually bound and have specific obligations under data protection laws to ensure the security and confidentiality of personal data, as stipulated in Articles 28 and 29 of the GDPR.
Third Party: Any entity or individual, other than the Data Subject, Data Controller, or Data Processor, who may have authorization to access or process personal data under the authority of the Data Controller or Data Processor, in accordance with the provisions of applicable data protection legislation.
Data Protection Officer (DPO): An individual appointed by the Company with the responsibility of monitoring and ensuring compliance with data protection laws, including the GDPR. The DPO serves as a point of contact for data subjects and supervisory authorities and provides guidance on data protection impact assessments (DPIAs) and other compliance matters.
Consent: A freely given, specific, informed, and unambiguous indication of the Data Subject’s wishes by which they, by a statement or a clear affirmative action, signify agreement to the processing of their personal data. Consent must be capable of being withdrawn at any time without affecting the lawfulness of processing based on consent before its withdrawal, in compliance with Article 7 of the GDPR.
Data Breach: A breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data transmitted, stored, or otherwise processed. Data Controllers are required to notify the competent supervisory authority of any data breach within 72 hours of becoming aware of it, unless the breach is unlikely to result in a risk to the rights and freedoms of natural persons, as outlined in Articles 33 and 34 of the GDPR.
Adequacy Decision: A formal decision by the European Commission determining that a non-EEA country or international organization ensures an adequate level of data protection comparable to the GDPR. Transfers of personal data to countries or entities covered by an Adequacy Decision are deemed compliant with GDPR requirements (Article 45, GDPR).
Data Minimization Principle: A core principle under Article 5 of the GDPR, requiring that only the minimum amount of personal data necessary for the specified purposes is collected and processed. The Data Controller must ensure that data is adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed, consistent with the principles of privacy by design and by default.
Binding Corporate Rules (BCRs): Internal policies adhered to by a group of undertakings engaged in a joint economic activity, ensuring that personal data transferred within the group, including across borders, meets GDPR standards. BCRs require approval from a competent supervisory authority and provide a lawful basis for intra-group data transfers, particularly for multinational corporations.
2. Information Collection and Processing
Personal Identification Information (PII): This data category encompasses identifiable information that precisely recognizes an individual, either alone or in conjunction with other accessible or obtainable information. Such information includes, but is not limited to, names, postal addresses, electronic mail addresses, and identification numbers. The collection of PII is critical for fulfilling contractual obligations, facilitating user account management, and ensuring lawful interactions within the App pursuant to Article 6(1)(b) of the GDPR.
Sensitive Personal Data: Defined under Article 9 of the GDPR as data revealing racial or ethnic origin, political opinions, religious beliefs, or data concerning health or sexual orientation, among others. In our context, sensitive data includes text messages and screenshots voluntarily provided by users, which may contain such personal insights or confidential communications. Processing of Sensitive Personal Data is conducted under stringent compliance with higher security measures and specific legal bases, such as explicit consent or substantial public interest, safeguarded by appropriate measures to protect fundamental rights and the interests of the data subjects.
Automated Data Collection: We automatically collect information regarding the devices and networks used to access our App, including but not limited to IP addresses, operating systems, and browser types. This information is processed under the legitimate interest of the Company to ensure the technical functionality and security of the App, as stipulated under Article 6(1)(f) of the GDPR. This data is essential for diagnosing technical issues, enhancing system security, and optimizing overall App performance through personalized user experiences.
Purpose and Utilization of Collected Data:
Service Delivery: Personal data is processed for the effective delivery of services provided through the App, including maintaining and enhancing user functionalities and fulfilling service requests.
User Support: Data is critical in providing responsive support services, addressing technical or service-related inquiries, and resolving issues promptly to maintain trust and user satisfaction.
Security Enhancements: Consistent with our legal obligations under Article 32 of the GDPR, we implement rigorous data security measures to prevent unauthorized access, data breaches, and to ensure the integrity and confidentiality of user data.
Marketing and Communications: With user consent, as per Article 6(1)(a) of the GDPR, we use collected data to inform users of updates, promotions, and other marketing communications that are deemed relevant to the user preferences and interactions with the App.
3. Legal Basis for Processing
Consent (Article 6(1)(a) of the GDPR): Processing of your personal data is based on your explicit consent. By using our App, you signify your consent to the processing of your personal data as detailed in this Policy. Consent is obtained through a clear affirmative action, ensuring it is freely given, specific, informed, and unequivocal as per the stipulations set forth under the General Data Protection Regulation (GDPR).
Performance of a Contract (Article 6(1)(b) of the GDPR): We process your personal data as necessary for the performance of our contractual obligations to you, including but not limited to providing you with services accessible through our App. This legal basis covers all processing activities that are essential for the management of your account and the delivery of functionalities agreed upon under the terms of the contract between you and the Company.
Legal Obligations (Article 6(1)(c) of the GDPR): Our processing of your personal data is necessary for compliance with legal obligations to which we are subject. This includes fulfilling requirements set by tax, labor, and corporate laws, and any other statutory obligations relevant to our operations.
Legitimate Interests (Article 6(1)(f) of the GDPR): We process your personal data under the legal basis of legitimate interests pursued by the Company or by a third party, provided such interests do not override your fundamental rights and freedoms. Such legitimate interests include enhancing the user experience, marketing our products or services more effectively, ensuring network and information security, and conducting data analytics to inform our business strategies. A thorough Impact Assessment is performed to balance our interests against your rights, ensuring minimal impact on your privacy.
4. Purpose of Information Processing
Service Delivery: We process your personal data to facilitate the operation and management of our App. This includes activities necessary to maintain and enhance the service such as troubleshooting, data analysis, testing, and essential research. Such processing is vital to ensure the continuous functionality and improvement of the App's features, pursuant to our commitment under the terms of service agreements.
Communication: Your personal data is utilized to facilitate communication between you and the Company. This includes responding to your inquiries, fulfilling your requests, and providing you with necessary support. Effective communication ensures that we can provide timely assistance and maintain high customer satisfaction.
Improvements: We continuously seek to enhance the performance and functionality of our App. To this end, we process personal data for conducting performance reviews, technical assessments, and user experience research. These activities are crucial for advancing the App’s capabilities and introducing innovations that align with user needs and preferences.
Marketing and Promotions: With your consent, we use your personal data to inform you about promotions, new products, services, and other marketing communications that may be of interest. This processing is conducted in accordance with applicable laws and is designed to tailor our marketing efforts to better suit your preferences and enhance your user experience.
5. Disclosure of Personal Data
Third-Party Service Providers: In order to enhance the functionality and efficiency of our App, we engage third parties to perform various tasks on our behalf. These tasks include but are not limited to application hosting, maintenance, backup, analytics, customer service, marketing, and communication initiatives. These third-party service providers are granted access to your personal data solely for the purpose of performing these tasks on our behalf and are contractually bound under stringent non-disclosure agreements (NDAs) and data processing agreements (DPAs) that prohibit them from using, sharing, or retaining your personal data for any purpose other than as explicitly directed by us, in compliance with Article 28 of the GDPR.
Legal Compliance and Safety: We reserve the right to disclose your personal data when such disclosure is necessary to comply with a legal obligation to which we are subject, such as responding to governmental or law enforcement requests, as required by applicable law, including but not limited to complying with court orders or legal processes. Furthermore, we may disclose your personal data to protect and defend the rights, property, or safety of the Company, our users, or third parties, including enforcing contracts or policies, or in connection with investigating and preventing fraud or security issues, in accordance with Article 6(1)(c) and Article 6(1)(f) of the GDPR.
6. International Data Transfers
In the course of providing our services through the Texting Wingman application, your personal data may be transferred to, stored, and processed in facilities located in jurisdictions outside of your own, including but not limited to data centers or servers located outside the European Economic Area (EEA) or the United States. Such transfers occur in accordance with applicable data protection laws and are managed under the following legal frameworks to ensure that your personal data remains protected to standards commensurate with or superior to those in your jurisdiction:
Adequacy Decisions: Where possible, we transfer personal data to countries that have been deemed to provide an adequate level of data protection by the European Commission, pursuant to Article 45 of the GDPR.
Standard Contractual Clauses (SCCs): For transfers to countries without an adequacy decision, we rely on Standard Contractual Clauses approved by the European Commission, which contractually oblige the recipient to protect your personal data to the standard required within the EEA.
Binding Corporate Rules (BCRs): For transfers within our corporate group, we may rely on Binding Corporate Rules approved by competent data protection authorities to ensure that personal data receives an adequate and consistent level of protection wherever it is transferred within the group.
Necessary Derogations: In limited situations, transfers may occur based on specific derogations for certain situations as defined in Article 49 of the GDPR, such as for the performance of a contract between us or the implementation of pre-contractual measures taken at your request, or for important reasons of public interest.
We implement strict safeguards, including contractual, technical, and organizational measures, to ensure that your data is handled securely and in accordance with this Privacy Policy and the applicable data protection legislation. You can obtain more information about the specific measures applied to the transfer of your personal data internationally by contacting our Data Protection Officer.
7. Data Security
Delka Talents Ltd is committed to the protection of your personal data and takes the integrity and confidentiality of your information very seriously. We employ state-of-the-art security measures to safeguard your personal data against unauthorized access, use, alteration, loss, or destruction. These security measures include, but are not limited to:
Technical Safeguards: The use of encryption technologies during data transmission and storage, secure network configurations, and the implementation of access controls to limit the access to data to authorized personnel only.
Organizational Measures: Regular training of our employees on data protection best practices and the implementation of privacy-by-design and privacy-by-default principles in the development and deployment of our App.
Physical Security Measures: Secure facilities and protected equipment to prevent physical access to the systems where personal data is stored.
Regular Audits and Assessments: Conducting periodic security assessments and audits to evaluate the effectiveness of our security measures and to identify and remediate potential vulnerabilities.
Furthermore, our security protocols are aligned with industry standards and are regularly updated in response to new security challenges and developments in the field. In the event of a data breach, we have in place procedures to promptly notify affected individuals and relevant authorities in accordance with applicable laws and regulations.
By taking these comprehensive security measures, we strive to protect your personal data from any form of unauthorized access or disclosure, ensuring its availability, integrity, and confidentiality.
8. Data Retention
Delka Talents Ltd adheres to the principle of data minimization and limits the retention of personal data to a timeframe that is strictly necessary to fulfill the purposes outlined in this Policy or as dictated by legal, regulatory, or operational requirements. The specific retention period for personal data depends on various factors including:
Nature of the Data: Different types of data have inherently different retention needs based on their use and the legal or business purposes they serve.
Purpose of Processing: We retain your personal data as long as necessary to provide you with the services you have requested, to comply with legal obligations (such as tax or corporate laws), to resolve disputes, and to enforce our agreements.
Legal Obligations: Retention periods may also be guided by legal requirements to hold data for a minimum period, as required under applicable laws pertaining to corporate, tax, insurance, and other sectors.
Upon expiration of the retention period, personal data is securely deleted or anonymized, unless further retention is required or permitted by law to handle legal claims or comply with regulatory requirements. We regularly review our data retention policies to ensure they comply with our legal obligations and the data protection principles outlined in this Policy.
For more specific information on how long we retain your personal data, you may contact our Data Protection Officer using the contact details provided in this Policy.
9. Data Subject Rights
Under the General Data Protection Regulation (GDPR) and other relevant data protection laws, you, as a data subject, are afforded comprehensive rights regarding the personal data that Delka Talents Ltd holds about you. We are committed to ensuring that you can exercise these rights effectively. Below is a summary of your rights and the means by which you can exercise them:
Right of Access: You have the right to obtain confirmation from us as to whether or not personal data concerning you is being processed, and, where that is the case, access to the personal data along with information regarding the nature, processing, and disclosure of that data.
Right to Rectification: You have the right to obtain the rectification of inaccurate personal data concerning you. Depending on the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
Right to Erasure (‘Right to be Forgotten’): You may request the deletion of personal data concerning you unless the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for public interest in the area of public health, for archival purposes in the public interest, scientific or historical research purposes, or for the establishment, exercise or defense of legal claims.
Right to Restrict Processing: You have the right to request the restriction of processing of your personal data, which allows you to suspend the processing of your data in certain cases, such as if you contest the accuracy of the data, or the processing is unlawful.
Right to Object to Processing: You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you, especially in the case of data processed for direct marketing purposes.
Right to Data Portability: You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format, and you have the right to transmit those data to another controller without hindrance from us.
To exercise any of these rights, please contact us using the contact information provided in this Policy. We may request specific information from you to help us confirm your identity and process your request. Access to personal data may be denied under certain circumstances, such as when making the information available would reveal personal data about another person or if we are legally prevented from disclosing such information. In such cases, we will explain the reasons for denial.
10. Amendments to This Policy
Delka Talents Ltd reserves the right to update or modify this Privacy Policy at any time and from time to time without prior notice. However, we will not make changes that result in significant additional uses or disclosures of your personal data without allowing you to consent to such changes where legally required.
Notification of Changes:
Date Revision: We will indicate the last date of revision of this policy at the top of this document. You are encouraged to periodically review this Policy to stay informed of updates.
Direct Notifications: For substantial amendments, additional notice may be provided, depending on the nature of the changes. This may include public announcements via our App interface, direct communication sent to your provided email addresses, or through prominent posting on our website's homepage.
Your Continued Consent:
By continuing to use our services after these changes take effect, you agree to be bound by the revised Policy. If you do not agree to the new terms, you should delete your account or discontinue the use of our App and services.
Consultation Opportunity:
Prior to the implementation of significant changes, we may also provide you with the opportunity to consent to major changes, especially those that impact the processing of your personal data in ways not covered under the original purpose for which it was collected.
We are committed to ensuring that our privacy practices are transparent and in compliance with applicable laws, providing security and protection of your personal data while respecting your rights as a data subject.
11. Third-Party Integrations
Delka Talents Ltd recognizes the importance of maintaining the privacy and security of your personal data when it interacts with third-party services. This section clearly discloses the extent to which our App integrates with third-party services and the implications of these integrations on your personal data.
Overview of Integrations:
Our App may integrate with various third-party services that enhance its functionality and user experience. These may include social media platforms, data analytics providers, advertising networks, and cloud-based storage services.
Data Sharing and Protection:
Purpose: Third-party services are integrated to provide specific features within the App, such as social media sharing capabilities, personalized advertising, and enhanced analytics that help us understand how our App is used.
Data Access: Only the necessary amount of your personal data is shared with third-party service providers to perform the services they are contracted for. We do not share more data than is required for the transaction or interaction.
Safeguards: We require all third-party service providers to adhere to confidentiality agreements and to implement robust security measures to protect your data. They are also prohibited from using your personal data for any other purpose beyond the specific services they provide to our App.
Legal Compliance: All third-party integrations are evaluated to ensure compliance with applicable data protection laws. We ensure that any data transfers conform to legal standards, such as the GDPR and the CCPA, including ensuring that third parties located outside the EEA adhere to equivalent data protection regulations.
Your Rights and Choices:
You may have options within the App to control the data shared with third-party services. Where possible, we provide settings that allow you to adjust your privacy preferences regarding third-party integrations.
We encourage you to review the privacy policies of any third-party services with which our App interacts to understand how these entities handle your information.
Updates to Third-Party Integrations:
We periodically review our relationships with third-party service providers to ensure that your personal data remains secure and is handled in compliance with this Policy. Any significant changes to the way these third parties access or use your data will be reflected in updated versions of this Policy and communicated accordingly.
12. Legal Disclaimers
Delka Talents Ltd provides the Texting Wingman application under the following legal disclaimers to ensure compliance with international data handling and regulatory standards:
Compliance with International Laws: While the App is accessible globally, users are responsible for ensuring their use of the App complies with local laws. The Company makes no representation that the App is appropriate or available for use in locations outside of the jurisdictions where we are licensed or authorized to operate. Accessing the App from territories where its contents are illegal is prohibited.
Limitation of Liability: To the fullest extent permitted by applicable law, Delka Talents Ltd shall not be liable for any indirect, incidental, special, consequential, or punitive damages resulting from the use of, or inability to use, the App, including damages for loss of profits, goodwill, use, data, or other intangible losses, even if Delka Talents Ltd has been advised of the possibility of such damages.
Data Accuracy: Delka Talents Ltd takes reasonable steps to ensure that the personal data we process is accurate, complete, and current. However, we depend on our users to update or correct their personal data whenever necessary. The Company assumes no responsibility for the accuracy of information provided by users or any third parties.
No Waiver: The failure of Delka Talents Ltd to enforce any right or provision of this Policy will not be deemed a waiver of such right or provision.
Severability: If any provision of this Privacy Policy is held to be invalid or unenforceable, the remaining provisions will remain in full force and effect.
Indemnification: Users agree to defend, indemnify, and hold harmless Delka Talents Ltd, its officers, directors, employees, and agents, from and against any claims, liabilities, damages, losses, and expenses, including without limitation reasonable attorney’s fees and costs, arising out of or in any way connected with their access to or use of the App, or their violation of this Privacy Policy.
No Warranty: The App is provided on an "as is" and "as available" basis without any warranties of any kind, including that the App will operate error-free or that the App, its servers, or the content are free of computer viruses or similar contamination or destructive features.
Changes and Updates: Delka Talents Ltd reserves the right to modify, update, or discontinue the App at its sole discretion, at any time, for any or no reason, and without notice or liability.
13. Governing Law
This Privacy Policy and all matters arising out of or relating to this Policy shall be governed by the substantive laws of Malta, without regard to conflicts of laws principles that would require the application of any other law. By using the App, you agree that any dispute, claim, or controversy of any kind, arising from or relating to this Policy or your use of the App, shall be determined by arbitration in Malta under the rules of the Malta Arbitration Centre. The arbitration shall be conducted in English, and the arbitral decision may be enforced in any court of competent jurisdiction.
Contact Us;
If you have any questions, concerns, or require further information regarding our privacy practices, this Policy, or the processing of your personal data, please contact our Data Protection Officer ("DPO") using the contact details provided below. The DPO is responsible for overseeing compliance with data protection regulations and ensuring that your rights are respected in accordance with applicable laws.
Primary Contact
Name: Gidon Rotteveel
Emails:
14. Subscriptions, Payments, and Refunds
Subscriptions: Texting Wingman offers a weekly auto-renewable subscription that provides users with unlimited access to in-app features, including personalized texting advice and 24/7 messaging assistance. By subscribing, you agree to allow automatic renewal of the subscription unless you cancel it at least 24 hours before the end of the current period. Your account will be charged for renewal within 24 hours prior to the end of the current period.
Payments: All payments for the subscription are processed through your App Store account upon confirmation of purchase. You are responsible for any applicable taxes or charges related to your subscription.
Refunds: As per App Store policies, refunds are handled directly by Apple. If you believe there has been an error with your subscription or payment, please contact Apple Support to request a refund, as Texting Wingman cannot issue refunds for in-app purchases made through the App Store.
In the event that the primary contact is unavailable, you may also reach out to our designated secondary contact:
Secondary Contact
Name: Alp Barokas
Email: alp@textingwingman.com
Delka Talents Ltd is committed to upholding the highest standards of data protection and privacy. We will endeavor to address all inquiries, requests, and concerns promptly and in full compliance with our legal obligations under applicable data protection laws, including but not limited to the General Data Protection Regulation (GDPR) and relevant national regulations.
Please note that you may also submit formal complaints or requests related to your data subject rights as described in this Policy. Our DPO will respond within the statutory timeframes mandated by applicable laws.