Privacy Policy

​

WE HIGHLY VALUE YOUR PERSONAL DATA AND INFORMATION.

PLEASE READ THIS PRIVACY POLICY AS IT INCLUDES IMPORTANT INFORMATION REGARDING YOUR PERSONAL DATA AND INFORMATION.​

1. Privacy statement

​

THIS PRIVACY POLICY REFERS TO THE SERVICES AND THE WEBSITE, OURCART’S CUSTOMERS OR POTENTIAL CUSTOMERS, CUSTOMERS’ END-USERS, OURCART’S SERVICE PROVIDERS, AND THE USERS OF THE WEBSITE AND/OR SERVICES.

​

This Privacy Policy sets forth our policy with respect to information that can be associated with or which relates to a person and/or could be used to identify a person, such as a name, an identification number, location data, Internet protocol address, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person (“Personal Data”), all as defined by the General Data Protection Regulation (GDPR) (EU) 2016/679 and the California Consumer Privacy Act of 2018 (“CCPA”) .

​

"Non-Personal Data," as used in this Privacy Policy, is, therefore, any information that does not relate to a person and/or cannot be used to identify a person.

​

We may also use Non-Personal Data. The limitations and requirements in this Privacy Policy on how we gather, use, disclose, transfer, and store/retain Personal Data do not apply to Non-Personal Data.

2. Consent

2.1. To use our Services, we may need to collect, store or process data provided by you. Therefore, we might receive, collect, store and process personal data that:

2.1.1 you voluntarily provide; and/or

2.1.2 give your consent to collect and process it; and/or

2.1.3 the processing is necessary to meet contractual obligations entered by you and us or our customers; and/or

2.1.4 Processing is necessary to comply with legal obligations of us or our customers; and/or

2.1.5 Processing is for the purposes of legitimate interests pursued by us or our customers, including without limitation your compliance with Ourcart’s Terms of Service.

​

IF YOU HAVE A REASONABLE BASIS TO ASSUME OR YOU KNOW THAT ANY OF THE ABOVE MENTIONED IS NOT MEET, YOU REQUIRED TO INFORM US, WITHOUT DUE DELAY, BY SEND US EMAIL TO: privacy@ourcart.com.

​

2.2. Without derogating from the aforesaid, by the consumption of our services or allowing someone else to use the Services on your behalf, you are consenting to our collection, use, disclosure, transfer and storage in accordance with this Privacy Policy of any Personal Data and information received by us as a result of such use.

2.3 OURCART AND THIRD-PARTY PROVIDERS USED BY IT USE COOKIES TO TRACK AND ANALYZE YOUR USAGE OF OUR SERVICES. OURCART USES FIREBASE AS ITS ANALYTICS SERVICE, WHICH IS OFFERED BY GOOGLE AND TRACKS AND REPORTS WEBSITE TRAFFIC. TO THE BEST OF OURCART’S KNOWLEDGE GOOGLE USES THE DATA COLLECTED TO TRACK AND MONITOR THE USE OF THE SERVICE, AND ITS COLLECTION AND USAGE OF THE DATA IS GOVERNED BY THE RULES AND TERMS CONTAINED AT WWW.TERMSFEED.COM/BLOG/FIREBASE-PRIVACY-POLICY/.

2.4 FURTHERMORE, OURCART MAY USE VARIOUS TOOLS, MEASURES OR THIRD-PARTY SERVICES TO MONITOR AND ANALYZE THE USE OF THE SERVICES, PREVENT MISUSE OF THE SERVICES, PREVENT FRAUDULENT ACTIVITY, AND ASCERTAIN COMPLIANCE WITH ITS TERMS OF SERVICE. THIS MAY INCLUDE THE COLLECTION OF USAGE DATA (AS DEFINED IN THE TERMS OF SERVICE), INTERNET SERVICE PROVIDER (ISP), DATE AND TIMESTAMPS, REFERRING & EXIT PAGES, AND CLICKS.

​

3. Personal data that we use

3.1 Some information may be mandatory to be provided by you to us, as part of the Service, and some information may have been collected by us during the Service. The types of data that we may receive, collect, store and process may include your:

3.1.1 Personal Data – such as: Name, Address, Email address, Phone number, ID number, IP address, browser information, the pages of the Service you visit, unique device identifiers and other diagnostic data, age, gender, country, preferred language, Financial Data, Location data, cookies, your shopping list, etc.

3.1.2 Media Data: your receipt snapshot.

3.1.3 Device and Usage Data: The Usage Data (as defined in the Terms of Service) may include information such as your computer's or device IP address, device ID number, browser type or version, which Service pages you visit, the time and date of your visit, the time spent on those pages, unique device identifiers, and other diagnostic data.

​

4. How we use the personal data

We use this Personal Data in a manner that is consistent with this Privacy Policy and applicable laws and regulations. We may use the Personal Data as follows: 

4.1 Performing our Services: your receipt snapshots and any usage data of any mobile application provided by you, are used to perform our Services (i.e. receipt analysis, processing etc.). Furthermore, we provide our customers or the Brands, whose receipts were uploaded by you, with your Personal Data.

4.2 Access and Use: Any Personal Data provided to us by you in order to obtain access to any functionality of our services may be used by us in order to provide you with access to the needed functionality and to monitor your use of such functionality.

4.3 Internal Business: We may use your Personal Data for internal business purposes, including, without limitation, to help us improve Website content and functionality to better understand our customers and Users, to improve our Service, to protect against, identify or address wrongdoing, to enforce our Terms of Service and this Privacy Policy, to provide you with support, and to generally manage and operate our business.

4.4 Specific Purpose: If you provide Personal Data for a specific purpose, OurCart may use said Personal Data in connection with the purpose for which it was provided. For instance, if you contact OurCart by email, we will use the Personal Data you provide to answer your question or resolve your problem and will respond to the email address used to contact us; or if you upload a receipt for which you may be entitled to certain benefits or credits from one or more of our customers, we will share your Personal Data with such customers.

4.5 Marketing: We may use any Personal Data you provide us with to contact you in the future for our marketing and advertising purposes, including, without limitation, to inform you about new services we believe might be of interest to you, and to develop promotional or marketing materials and provide those materials to you.

​

​IF YOU RECEIVE DIRECT MARKETING BY MISTAKE OR WITHOUT YOUR SPECIFIC CONSENT AND/OR YOU WISH TO OPT-OUT, YOU ARE REQUIRED TO CONTACT US AT: privacy@ourcart.com.

​

4.6 Statistics: We may use any Personal Data you provide us with to generate statistical reports containing aggregated information, which may also sell to third parties. We may also share or market aggregated data, including data derived from your usage and your Personal data, for market research purposes.

4.7 Security and Dispute Resolution: We or third-party providers we utilize may use Personal Data or Usage Data to protect the security of our Website and Service, to detect and prevent cyberattacks, fraud, phishing, identity theft, and data leaks, to verify genuine software licenses, to resolve disputes, and to protect against and enforce our Terms of Service or other contracts, including to protect against fraudulent attempts to misuse the Service.

4.8 Data Retention, Archives: We retain and archive Personal Data so long as is necessary to operate our business and maintain our services, meet contractual obligations, laws and regulations, and subject to our retention policies and this Privacy Policy.

4.9 Transfer/Share/Disclose Data: We may share your Personal Data with our partners, contractors and service providers who process Personal Data on behalf of the Company to perform certain business-related functions. We may provide them with information, including Personal Data, in connection with their performance of such functions. Furthermore, We may also transfer data, including Personal Data, to 3rd parties in connection with providing the Service and/or developing or improving the Service. While we do so, we demand that the recipients are bound to maintain said Personal Data in accordance with this Privacy Policy.

4.10 Cloud Services: We may need to share Personal Data with our cloud service. For example, assist in protecting and securing our Website or Service the cloud service admin may need access to Personal Data to provide those functions. In such cases, the cloud service provider must abide by our data privacy and security requirements and is not allowed to use Personal Data they receive from us for any other purpose.

4.11 Development and Customer Service: For example, to provide customer service and support or assist in protecting and securing our systems and services our development and customer service team may require access to Personal Data. In such cases, our personnel must abide by our data privacy and security requirements and policy and are not allowed to use Personal Data for any other purpose.

4.12 Corporate Sale, Merger, Reorganization, Dissolution or Similar Event: Personal Data may be part of the transferred assets. You acknowledge and agree that any successor to or acquirer of OurCart (or its assets) will continue to have the right to use your Personal Data and other information in accordance with the terms of this Privacy Policy.

4.13 Law Enforcement: In order to, for example, respond to a subpoena or request from law enforcement, a court or a government agency (including in response to public authorities to meet national security or enforcement requirements), or in the good faith belief that such action is necessary to (a) comply with a legal obligation, (b) protect or defend our rights, interests or property or that of third parties, (c) prevent or investigate possible wrongdoing in connection with the Services, (d) act in urgent circumstances to protect the personal safety of Users of the Website and  Services or the public, or (e) protect against legal liability.

4.14 Other Purposes: If we intend to use any Personal Data in any manner not consistent with this Privacy Policy, you will be informed of such anticipated use prior to or at the time the Personal Data is processed.

​​

IF YOU HAVE A REASONABLE BASIS TO ASSUME OR YOU KNOW THAT ANY OF THE ABOVE MENTIONED IS NOT MET, YOU ARE REQUIRED TO PROMPTLY INFORM US, WITHOUT DELAY, BY SENDING US AN EMAIL TO: privacy@ourcart.com.

​

4.15 Non-Personal Data: Since Non-Personal Data cannot be used to identify you in person, we may use such data  in any way permitted by law.

Ourcart shall notify you immediately in writing in the event that: (i) any of your Personal Data is disclosed by Ourcart (including its Affiliates, agents, subcontractors, independent contractors or consultants), in violation of this Agreement, our Privacy Policy or applicable laws or legislation pertaining to privacy or data security, or (ii) Ourcart (including its Affiliates, agents, subcontractors, independent contractors, or consultants) discovers, is notified of, or suspects that unauthorized access, acquisition, disclosure or use of your Personal Data may have occurred.

​

5. How We Store and Transfer Information

5.1 We have no intention to transfer data to third-party countries. Therefore, we try to store Personal data at the same region where it was collected:

5.1.1 Where Personal Data is collected within the EU jurisdiction, we store the data including its backups at AWS-UK region.

5.1.2 Where Personal Data is collected outside the EU jurisdiction and/or the data process by suppliers outside the EU jurisdiction, we store the collected or received data including its backups at AWS-US cloud services in us- east region. 

5.1.3 The Amazon Cloud Services is comply with the GDPR and is ISO 27001, 27017,27018 certified (for AWS full statement see https://aws.amazon.com/blogs/security/all-aws-services-gdpr-ready/).

5.1.4 Furthermore, AWS is certified under the EU-US Privacy Shield (For more information see: https://aws.amazon.com/compliance/eu-us-privacy-shield-faq/).

5.1.5 Where Personal Data is collected by third-party providers supporting the Service, such third parties undertake that they are using and storing the Personal Data in accordance with all applicable legislation.

​

5.2 To deliver our services and/or operate our business, Information, which may include Personal Data, may be processed by our third-party service providers (“Suppliers”) (e.g. business analytic tools, customer service software & support ticket system, goods providers, survey conducting services, image analysis providers etc.). We transfer only the data that is necessary for conducting our Service. The data is transferred only to suppliers approved by us that allow compliance with GDPR or other local privacy laws.

5.3 Personal Data may be transferred, stored, and processed in countries outside the EU or European Economic Area (EEA). Such transfer to third-party countries may include countries that do not guarantee an adequate level of data protection laws as required under EU privacy laws. We implement a high level of information security techniques and technical measures and/or third-party contractual obligations to ensure that their information security level matches that implemented by us. 

5.4 We may transfer Personal Data to Israel – where we maintain our headquarters. The EU considers Israel to have an adequate data protection law.

​

6. Personal Data Security

6.1 We are strongly committed to protecting your Personal Data and information, and we will take reasonable technical steps, accepted in our industry, to keep your Information secure and protect it against loss, misuse or modification. However, no network, server, database or Internet or email transmission is ever fully secure or error-free. Therefore, you should take special care in deciding what information you disclose.

6.2 If you notice any security risks or violations, we advise you to report them to us at: privacy@ourcart.com so that we may resolve them as soon as possible.

6.3 We recommend that you use, disclose and share your Personal Data and information with caution and do not give out Personal Data and information unless it is necessary, as we cannot guarantee the security of data over the internet and cannot control the actions of other users of the Services with whom you choose to share Personal Data and information.

​

7. Accessing, Updating, Correcting, and Deleting Information, Restricting Information Processing, and Lodging a Complaint with a Supervisory Authority

7.1​​ You may have the right to request access to some of your Personal Data being stored by us. You can also ask to correct, update or delete any inaccurate Personal Data that we process about you. The foregoing is subject to our policies and the applicable laws and regulations. To exercise these rights, you can contact us at: privacy@ourcart.com.

7.2 We may retain your Personal Data for any period permitted or required under applicable laws. Even if we delete your Personal Data it may remain stored on backup or archival media for an additional period due to technical  issues or for legal, tax or regulatory reasons, or for legitimate and lawful business purposes.

7.3 You may have the right to restrict processing if one of the following applies:

7.3.1 The accuracy of the Personal Data is contested by the data owner;

7.3.2 The processing is unlawful and the data owner objects to having their Personal Data erased, instead requesting that its use be restricted;

7.3.3 Your service provider no longer needs the Personal Data for the purposes of the original processing, but the data is required by the data owner for establishing, exercising or defending legal claims;

7.3.4 The data owner has objected to processing pending verification of whether the legitimate grounds of your service provider override those of the data owner.

IF YOU WISH TO OBJECT TO PROCESSING, YOU ARE REQUIRED TO CONTACT US AT: privacy@ourcart.com.

​

7.4 You may have the right to lodge a complaint with a supervisory authority. However, prior to doing so, you are welcome to contact us by email at: privacy@ourcart.com in order to resolve the issue for the benefit of all parties. Our supervisory authority is the Israeli Data Protection Authority.

8. California Privacy Rights

The California Consumer Privacy Act of 2018 (“CCPA”) permits users who are California residents to request to exercise certain rights. The CCPA distinguishes between two main roles for companies involved in the processing of Personal Data:

a. Business (similar to ‘controller’ under the GDPR).

b. Service Provider (similar to ‘processor’ under the GDPR).

The CCPA imposes various obligations on ‘Businesses’ as well as sets forth limitations on the ‘sale’ of Personal Data. In particular, you can request from a customer who is a ‘Business’ under the CCPA to receive information on the following:

• The categories and specific pieces of your Personal Data that was collected.

• The categories of sources from which your Personal Data was collected.

• The business or commercial purposes for which your Personal Data is collected.

• The categories of third parties with which your Personal Data is shared.

Our Service provides, enables customers to facilitate incentives for their brands. Where Ourcart’s customers are considered ‘Businesses’ and are subject to the CCPA, Ourcart may be considered a Service Provider. Ourcart will therefore comply with the obligations imposed on Service Providers and will follow customers’ instructions to facilitate their compliance with the CCPA. 

We can assure you that will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

1. Deny you goods or services.

2. Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.

3. Provide you with a different level or quality of goods or services.

4. Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

9. General

9.1 This Privacy Policy does not apply to any Personal Data that you provide to third-parties (including data provided directly to the Brands).  

9.2 This Privacy Policy applies only to the Service and Website; it does not apply to third-party websites or services linked to by the Website or whose services we distribute. Links from the Website or the distributed third-parties’ services do not imply that we endorse or have reviewed said third-party websites or services. We suggest contacting these third-parties directly for information regarding their privacy policies. 

​

10. Change in Terms and Conditions

​10.1 The Services and our business may change from time to time. As a result, at times it may be necessary for us to make changes to this Privacy Policy. We reserve the right, at our sole discretion, to update or modify this Privacy Policy at any time (collectively, “Modifications”). Modifications to this Privacy Policy will be posted on the Website with a revised ‘Last Updated’ date at the top of this Privacy Policy. 

10.2 Please review this Privacy Policy periodically, and especially before you provide any Personal Data or information. This Privacy Policy was last updated on the date indicated above. Your continued use of the Services following the implementation of any Modifications to this Privacy Policy constitutes acceptance of those Modifications. If you do not accept any Modification to this Privacy Policy, your sole remedy is to cease accessing, browsing and otherwise using the Website or our Services.  

​

11. Dispute Resolution​

11.1 If you have a complaint about OurCart’s privacy practices, you should write to us at: privacy@ourcart.com. We will take reasonable steps to work with you to attempt to resolve your complaint.

11.2 This Privacy Policy is governed by the laws of the State of Israel. Any dispute arising in connection with this Privacy Policy shall be brought before the competent court in the Tel Aviv District of Israel, which shall be granted exclusive jurisdiction to adjudicate the matter.

​

Representation for data subjects in the EU or in the UK:

We value your privacy and your rights as a data subject and have therefore appointed Prighter as our privacy representative and your point of contact.

Prighter gives you an easy way to exercise your privacy-related rights (e.g. requests to access or erase personal data). If you want to contact us via our representative Prighter or make use of your data subject rights, please visit: https://prighter.com/q/12054331