Blindfold
Sign Up

Privacy Policy

Your privacy matters to us. This policy explains how we collect, use, and protect your personal information when you use our services. We're committed to transparency and giving you control over your data.

Last updated: May 15, 2023

1. INITIAL PROVISIONS

1.1This is the Privacy Policy of ApiMoon s.r.o., a company incorporated in the Czech Republic, ID No. 075 29 449, registered office: Na Korábě 2483/3, Libeň, 180 00 Prague 8, Czech Republic, registered with the Municipal Court in Prague, file No. C 302197 (also "ApiMoon" or "we", "us" or "our"). We refer to all our products, services, websites and apps collectively as the "Services" in this Privacy Policy.
1.2We respect the need for privacy and protection of personal information, including but not limited to any personal data. For the purposes of this Privacy Policy, personal data shall mean any information relating to an identified or identifiable natural person, where an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
1.3We always process Personal Data in accordance with this Privacy Policy and applicable legislation, such as Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (the "GDPR").
1.4Please read this Privacy Policy carefully to understand how we collect, process and protect Personal Data if you use the Services, and what rights you have in this connection. By using the Services and/or providing any Personal Data to us, you consent to be bound by this Privacy Policy and warrant that all Personal Data provided by you is accurate and that you are authorized to provide such Personal Data to us.
1.5For the purpose of this Privacy Policy and unless the context requires otherwise, we shall be considered as the data controller of Personal Data.

2. CATEGORIES OF PERSONAL DATA

2.1We collect, process and protect, in particular, the following categories of Personal Data:
a) Personal Data
  • Identification data (e.g., first name, last name, sex, account user name);
  • Contact information (e.g., e-mail address, telephone number);
  • Delivery information (e.g., delivery address);
  • Order information (e.g., products purchased);
  • Payment information;
  • IP address; and
  • Other Personal Data you share with us.

While using the Services, we may ask you to provide us with the above-mentioned Personal Data which can be used to contact or identify you. We may use Personal Data also to contact you using newsletters, marketing or promotional materials and provide you with other information that may be of interest to you. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or reaching out to us at support@blindfold.dev.

b) Tracking & Cookies Data

We use cookies and similar tracking technologies to track activity related to the Services. Please refer to Article 6 to learn more or visit our Cookies Policy.

3. PURPOSES OF PERSONAL DATA PROCESSING

3.1We process Personal Data for the following purposes:
  1. Fulfillment and compliance with our contractual and statutory obligations, such as the provision of the Services agreed between you and us;
  2. Marketing activities related to the Services;
  3. Provision of access to the Services;
  4. Monitoring of the usage of the Services;
  5. Detection, prevention and addressing of technical issues;
  6. Improvement of the Services;
  7. Conducting of market research;
  8. Protection of our legitimate interests.

4. RETENTION AND TRANSFER OF PERSONAL DATA

4.1We will retain and process Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy and only to the extent necessary to comply with our legal obligations, resolve disputes, exercise our rights and protect our interests. In particular, we will process Personal Data for the following periods of time:
  1. Personal Data according to Article 3.1 a) will be processed for the duration of our contractual and statutory obligations;
  2. Personal Data according to Article 3.1 b) will be processed until you reject our use of Personal Data for marketing activities (such as reject sending newsletters or other marketing communication);
  3. Personal Data according to Article 3.1 c), d) and e) will be processed as long as you use the Services;
  4. Personal Data according to Article 3.1 f) and g) will be processed as long as our legitimate interest lasts or until you refuse such Personal Data processing;
  5. Personal Data according to Article 3.1 h) will be processed as long as our legitimate interest lasts.
4.2Please note that we may retain usage data for internal analysis purposes. We retain usage data generally for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of the Services, or if we have a legal duty to retain this data for longer time periods.
4.3Personal Data we process may be transferred to (and maintained on) a computer located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction. We store all data using Amazon AWS for all our customers irrespective of their location. Your consent with this Privacy Policy followed by your submission of respective Personal Data represents your agreement to such transfer.
4.4We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and that no Personal Data are transferred to any organization or a country unless there are adequate controls in place ensuring the security of Personal Data.

5. DISCLOSURE OF PERSONAL DATA

5.1We may disclose Personal Data to a third party in particular in connection with:

a. Business Transactions

We may disclose Personal Data to any third party that acquires all or substantially all of our business, stocks or assets, or with whom we merge or undergo any other form of corporate restructuring. If we do, we will inform such third party of the requirement to process Personal Data in accordance with this Privacy Policy.

b. Disclosure for Law Enforcement

We may, under certain circumstances, be required to disclose Personal Data by law or in response to requests made by public authorities (e.g. a court or a government agency).

c. Legal Requirements

We may disclose Personal Data if we believe in good faith that such disclosure is necessary in order to: (i) comply with a legal obligation, (ii) protect and/or defend our rights or property, (iii) prevent or investigate possible wrongdoing in connection with the Services, (iv) protect the safety of users of the Services or the public, (v) protect against legal liability.

5.2By clicking the "I agree" checkbox during registration as a user of the Services or simply by using the Services, you consent to our sharing of Personal Data with third parties such as:
  1. our affiliates;
  2. hosting providers;
  3. advertising partners; or
  4. partners providing services for the purpose of fulfilling the obligations arising from the provision of the Services, such as delivery and payment providers who will then act as the processors of Personal Data.
5.3

Google API Disclosure

Our Services' use and transfer of information received from Google APIs to any other app will adhere to Google API Services User Data Policy, including the Limited Use requirements.

6. TRACKING, COOKIES AND IP ADDRESSES

6.1Cookies are computer files with small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also use beacons, tags and scripts to collect and track information and to improve and analyze the Services. Cookies allow us to recognize whether you re-entered our website from the same device, to record some of your stored parameters and to verify whether you belong to a particular category of users to which certain communication should be targeted. We may use for example the following categories of cookies:
  1. session cookies to operate the Services;
  2. preference cookies to remember your preferences and various settings; or
  3. security cookies for security purposes.
6.2You can instruct your browser to refuse cookies except for technical cookies or similar or to indicate when a cookie is being sent.
6.3When you visit our website for the first time, we ask you whether you accept cookies.
6.4With your consent we also use Google Analytics and similar services that collect third-party cookies. Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. The information about your use of the Services (including your IP address) generated by the cookies will be transmitted to and stored by Google on servers in the USA and other countries.
6.5The Services and the communications generated by the use of the Services, such as promotional e-mails, may also contain electronic images known as "web beacons". Web beacons generally work in conjunction with cookies, and we may use them in the same way we use cookies (see above).

7. DIRECT MARKETING

7.1By clicking the "I agree" checkbox during registration as a user of the Services or simply by using the Services, or by clicking the "I agree" checkbox when subscribing to our newsletters or other marketing communications, surveys etc., you agree that we may use your electronic contact details, which may be derived from your current or past usage of the Services, or permit selected third parties to use this data, to contact you via electronic means (such as e-mail) with marketing information about the Services.
7.2You may opt out of marketing communications by disabling this function via the unsubscribe link provided in each e-mail or other communication you receive, or by sending an e-mail request to support@blindfold.dev specifying that you wish to opt out from marketing communications.

8. SECURITY

8.1We are committed to storing all Personal Data securely. Therefore, we have implemented adequate physical, technical and organizational measures and plans for protecting and securing Personal Data (which do not, however, deprive you of your responsibility for taking adequate steps to secure your data, particularly for the transmission of data). Our aim is to eliminate any unauthorized or unlawful processing of Personal Data as well as any accidental, unauthorized or unlawful accessing, use, transferring, processing, copying, transmitting, alteration, loss or damage of Personal Data.
8.2Where we have given you (or where you have chosen) a password which enables you to access certain parts of the Services, you are responsible for keeping this password strong and confidential. We ask you not to share the password with unauthorized persons.
8.3Unfortunately, the transmission of information via the internet is never completely secure. Although we will do our best to protect Personal Data, we cannot guarantee the security of Personal Data transmitted by you. Any such transmission is at your own risk. Once we have received Personal Data, we will use strict procedures and security measures to protect Personal Data and prevent unauthorized access.
8.4To maintain the highest standard of Personal Data protection, all information you provide to us is stored on secure servers behind firewalls. We restrict access to Personal Data to employees, contractors and agents who need to know such Personal Data in order to operate, develop or improve the Services.
8.5Certain parts of the Services that collect personal data also use Secure Sockets Layer (SSL) encryption or other types of encryption. We back up all Customer data in data centers located in the US and Europe, which enables an expedited recovery in case of a disaster or other event of similar nature, and whenever possible, we will ensure the pseudonymization or anonymization of all personal or related data (except for names and e-mail addresses).

9. YOUR RIGHTS

9.1Subject to the rules and conditions set forth in the GDPR, you are or may be eligible to the following rights in relation to your Personal Data:

a. Right of access

You are eligible to request from us confirmation, as to whether or not Personal Data concerning you are being processed and, if this is the case, you may access further information about such processing.

b. Right to erasure (right to be forgotten)

You are eligible to request from us the erasure of Personal Data concerning you without undue delay and we shall have the obligation to erase such data without undue delay if all respective conditions are met under the GDPR. Please note that erasure of your Personal Data may result in our inability to provide you with our services.

Right of rectification

You are eligible to request from us without undue delay the rectification of inaccurate or incomplete Personal Data concerning you.

Right to object

You are eligible to object, on grounds relating to your particular situation at any time, to the processing of Personal Data.

Right of restriction of processing

You are eligible to request from us the restriction of processing of Personal Data.

Right to data portability

You are eligible to receive Personal Data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format, and you have the right to transmit those data to another controller without hindrance from us to which Personal Data have been provided.

Right to withdraw consent

You are eligible, where the processing is based on consent, to withdraw your consent at any time. Such withdrawal shall not affect the lawfulness of processing based on your consent before its withdrawal.

9.2If you feel that your Personal Data have been processed unlawfully, please contact us at support@blindfold.dev and we will resolve the problem. You have the right to lodge a complaint with the competent supervisory authority. In the Czech Republic, the competent supervisory authority is the Office for Personal Data Protection. You can learn more athttps://www.uoou.cz/en/.
9.3Please keep in mind that we respond to all enquiries within 30 days. Any requested change, once we have verified your identity and the request's legitimacy, may take up to five (5) business days to take effect.

This Privacy Policy enters into force and become effective as of 15. May 2023.