Shopprize Privacy Notice
Effective Date: [Sept 16, 2019 ]
Thank you for using the Shopprize mobile application. For decades, Nielsen has set the global standard for market and consumer insight research. Our insights are based on representative samples of the population and help our clients (e.g., manufacturers, retailers, media companies, non-profits, and governments) learn about what consumers watch, listen to, and buy. Your participation and use of the mobile application helps companies understand your behaviors and preferences, which often helps them provide better consumer products and services.
As the controller of personal data processed in connection with your use of the Shopprize mobile application (“Mobile App”), AC Nielsen Company Limited, Nielsen House, John Smith Drive, Oxford, OX4 2WB (“Nielsen,” “we,” or “us”), is committed to protecting your privacy and handling personal data about you in an open and transparent manner. This Privacy Notice explains how we use, share, and protect the data we collect from or about you in connection with your use of the Mobile App . This Privacy Notice also explains your legal rights in relation to such data.
Please note that this Privacy Notice applies only to data collected and processed in connection with your interaction with the Mobile App. This Privacy Notice does not apply to your participation in any other Nielsen panels, studies, or surveys or your interaction with or use of any other Nielsen websites, applications, or online services administered or provided by Nielsen’s group of companies. Other Nielsen panels, studies, surveys, websites, applications, and online services are governed by their own privacy notices, and we encourage you to review those privacy notices before disclosing any data.
To learn more about Nielsen’s group of companies, one or more of which may also process your data in connection with your use of the Mobile App, please click here.
Your use of the Mobile App is always voluntary. If you have any questions about the Mobile App, this Privacy Notice, or Nielsen’s data processing, please refer to the “Contacting Us” section below for our contact information.
1. OUR PRIVACY COMMITMENT
Nielsen is a privacy-conscious organisation and complies with all applicable data protection and privacy laws, including the EU General Data Protection Regulation. Indeed, it is crucial for us to maintain the confidentiality of data about our users in order to prevent any third-party interference that could affect their behaviour and the accuracy of our data and insights. We also will not use data that identifies you to advertise, promote, market, or sell third-party goods or services directly to you, and we will not allow our clients to use data that identifies you for such purposes.
2. COLLECTION OF YOUR DATA
As a user of the Mobile App, we will collect or otherwise obtain data relating to you in a variety of ways. Some of this data is collected through the use of third party tools that are incorporated in the Mobile App. Such data may include personal data (i.e., data that alone or in combination with other data identifies you as an individual, such as your name, email address, phone number, and other data that can be reasonably linked to you as an individual). Additional details about the data we gather about you in connection with your use of the Mobile App and the sources of such data can be found below.
A. Data provided by you
During the registration process, we will gather data about you that you provide to us. For example, when you create an account for the Mobile App you provide us with your name, email address, physical address, and phone number. If you do not provide us with this information we cannot create an account for you. You may also choose to provide us with demographic information such as gender, date of birth, household size, and post code. We will also collect personal data when you contact us requesting customer service or for other inquiries.
Once you register and create an account with the Mobile App, through your voluntary use of the Mobile App you will scan and send us images of receipts, which provides us information about your behavior and preferences. When you scan an image of the receipt, the Mobile App will asks you one or more questions. “Behavior data” pertains to when, why, or how you do things, such as when you purchase certain products. “Preference data” refers to the choices you make, such as which products you purchase. In order to scan and send us images of receipts, we will need to access features of your mobile device such as the camera and/or images stored.
During your use of the Mobile App, you also will receive opportunities to take surveys from time-to-time. Through your voluntary responses to survey questions, we will also collect information about you that supplements receipts submitted and other information you provide. In particular, this is usually about more in depth information regarding your behaviors and preferences.
B. Data collected in connection with your use of the Mobile App
We (or third parties on our behalf) collect certain information about you during your use of the Mobile App (“Usage Information”). This Usage Information includes session information, event information, and geolocation information.
Session information includes information about your device and your device’s interaction with the Mobile App. Information collected includes device brand, name of mobile device used, operating system and browser, IP address (and coarse, non-precise geolocation generated from the IP Address), device or Mobile App identifiers (including, for example, a UUID/installation ID unique to a mobile application, Apple’s Unique ID for Advertisers ("IDFA"), or Google AdID, (“ADID”)), number of users of the Mobile App and sessions, number of first launches, number of times the Mobile App is opened, language preference, performance information such as information about errors and defects (e.g., crash reports, including crash traces and associated logs), and session duration.
Event information includes transaction data about your use of the Mobile App (e.g., features used, access dates, requests to redeem rewards, amount of rewards redeemed, and dates and times).
Geolocation information includes latitude and longitude information. The Mobile App uses location-enabled services to obtain geolocation information, but only accesses coarse location information. The Mobile App uses Google Location Services, which combines Wi-Fi, mobile cell data, or both, to determine the device’s location. This returns data with an accuracy equivalent to a city block.
For more information, please see Section 5, “Cookies and Similar Technologies”.
D. Data we obtain from other sources
We obtain data about you from other sources, generally relating to your demographic characteristics; what you watch, research, or buy; and your exposure to certain content or advertising.
This data is obtained from various sources, including but not limited to:
Third party analytics vendors who gather information about how users interact with the Mobile App. These third party analytics vendors also provide us with additional information about users of the Mobile App they possess, such as information about age range, gender, and a user’s interests (see Section 5, “Cookies and Similar Technologies”);
public sources (e.g., public databases, social media, etc.);
the manufacturers and sellers of goods and services that you or your household purchase or use;
third-party websites or mobile apps that you use and are authorised to share data with us;
third-party (non-Nielsen) panels of which you or your household are a member;
Nielsen measurement products, including Nielsen panels in which you or your household participate;
companies and retailers that offer "customer loyalty" programs; and
data providers and data-matching service providers.
We combine the data that we collect or otherwise obtain about you and use it in accordance with this Privacy Notice. For example, we combine information you directly provide to us with information about usage of the Mobile App to understand how individual users engage with the Mobile App.
E. Data we do not collect
We do not collect official identification numbers (e.g., passport or national identity numbers) or financial identifiers (e.g., bank account or credit card numbers).
Additionally, we do not seek sensitive or special categories of personal data (e.g., data relating to an individual’s racial or ethnic origin, political opinions or other similar beliefs, health or medical conditions, criminal background, or trade union membership) about users of the Mobile App.
3. USE OF PERSONAL DATA
Personal data is processed for the following purposes:
To Manage your Account: We process personal data to create your account, provide you the Mobile App and its contents (including its interactive features and functionality), deliver the services you have requested, fulfill your requests, and for customer service and support. For example, we will process personal data such as your name, email address, physical address, and phone number to establish your account. We will also process personal data about you and your use of the Mobile App (e.g., receipts you upload) to track, process, post, and fulfill rewards you earn. Finally, if you participate in a sweepstakes we will process personal data about your account to enroll you in the sweepstakes and administer the sweepstakes contest.
For Market Research Purposes: Once you create an account and provide us with images of receipts, data is extracted from the receipts (i.e., items purchased, price, quantity, store) and combined with demographic information, location information (collected via Google Location Services to help us understand where receipts are uploaded), surveys you complete, and data obtained from other sources, to help us create a variety of market research insights for our clients. These insights, in turn, help our clients make informed decisions about various topics, such as the products that they manufacture or stock in their stores, which advertising method(s) to use (e.g., online/digital advertising, mobile advertising, print advertising, broadcast advertising, etc.). Our clients may also use our insights to understand, among other things, the types of products consumers in different demographic groups would be likely to buy and whether residents in a particular neighborhood would be likely to shop at a specialty store if it was nearby.
When we prepare reports and share insights with our clients, we use tools and methods that are designed to ensure that there is no reasonable possibility for them of identifying any participants or users of the Mobile App. For example, we will combine information about you with information about other users of the Mobile App in order to produce reports with aggregated data from which you cannot be identified.
We also create reports based upon “modeled data” (i.e., projections based on demographic and behavioral characteristics, such as age, gender, product purchases, or TV watching habits) that look at a sample group of people and predict what people with similar characteristics or preferences might watch or buy. This allows advertisers, for instance, to identify the likely audience for a marketing campaign.
To Contact You: We process personal data to notify you when updates to the Mobile App are available, for customer service purposes, to notify you if you have won a sweepstakes, and of changes to any products or services offered through the Mobile App. Depending on your device settings, the Mobile App utilizes push notifications to notify you of updates, changes, or relevant information. A push notification is a way for the Mobile App to send information via badges, alerts, or pop-up messages.
We will also contact you with information about our business, services, and events as well as other information that may be of interest to you, such as offers to participate in other panels, studies, or surveys administered by us or other Nielsen entities (subject to obtaining your consent to the extent required by applicable law).
For Fraud Prevention and Detection: We process personal data for purposes of fraud prevention and detection. When you initiate a request to redeem rewards, the Mobile App automatically reviews your account, considering the frequency of redemption (e.g., coins collected, number and amount of cashouts), location data (collected via Google Location Services), sweepstakes wins, and trends regarding receipt submission. If the foregoing values are high, your account can be flagged and uploaded receipts are manually reviewed. If we identify evidence in violation of the Terms of Service your account is blocked.
We process personal data because we have a legitimate interest pursuant to Article 6(1) lit. f, GDPR, in identifying, preventing, and remediating fraud (to the extent such interests are not overridden by your interests or fundamental rights and freedoms).
Other Purposes: In addition to using your data for our research purposes as described above, we may use your data to:
operate and manage our IT and security systems, including to monitor such systems and identify and respond to security events;
conduct research for quality assurance and product, service, and business development purposes, including processing personal data to improve the quality and design of the Mobile App and to create new features, functionality, and services. Personal data about usage of the Mobile App, such as session and event information, is processed to improve the Mobile App and make it more intuitive;
facilitate the day-to-day operations and financial management of the Nielsen group of companies and any corporate transactions (e.g., a reorganization, merger, sale, joint venture, assignment, transfer, etc.);
protect the rights, safety, property, or operations of one or more Nielsen entities, you, or others;
comply with applicable laws and regulations and establish, exercise, and/or defend the legal rights of one or more Nielsen entities; and
respond to requests and communications from law enforcement authorities or other government officials.
We process personal data because we have a legitimate interest pursuant to Article 6(1) lit. f, GDPR (to the extent the following legitimate interests are not overridden by your interest or fundamental rights and freedoms), in (i) managing and operating our business and day-to-day affairs; (ii) managing and enhancing protection against fraud, spam, harassment, intellectual property infringement, and risks to which we are exposed (e.g., crime and security risks), (iii) conduct research and improving our products and services; (iv) managing risks to which Nielsen is exposed, and to provide a safe and secure environment for participants and users of the Mobile App; (v) complying with laws and regulations to which one or more entities within the Nielsen group of companies is subject, including, where applicable, laws and regulations of countries other than your country of residence; and (vi) meeting our obligations and enforcing our legal rights.
We process personal data to comply with a legal obligation arising under applicable law to which we are subject such as compliance with Nielsen’s legal and regulatory obligations, as well as establishing, exercising, and defending our legal rights.
We also will de-identify data about you and use it or allow others to use it for historical, academic, or longitudinal research. We make sure in such cases that there is no reasonable possibility of identifying you from the data used.
Please note that because we are continually adapting our services to evolving consumer and media consumption patterns, we may also use your data in ways that we have not developed yet, in which case we will provide you with additional information as our practices change.
4. COOKIES AND OTHER SIMILAR TECHNOLOGY
The Mobile App includes technology provided by third parties to operate the Mobile App and provide services. The Mobile App incorporates technology provided by third parties to enable push notifications, for crash reporting, and for analytics.
For example, the Mobile App includes Google Analytics for Firebase. Google Analytics for Firebase is an app measurement solution that provides insight on app usage and user engagement to help us understand how individuals use the Mobile App. Google Analytics for Firebase captures a number of events and user properties to provide detailed insights about the Mobile App, such as active users, demographics, and commonly used features. You can find more information about Google Analytics here: www.google.com/policies/privacy/partners/.
Technologies used in mobile applications to identify a device or application are not-browser based like cookies and cannot be controlled by browser settings. They will store data in your device and access pre-existing features of your device. Some use device advertising ID or other device identifiers to associate Mobile App user activity to a particular app and to track user activity across mobile apps. For example, the Mobile App and third party technology we use assign a unique identifier (in practice: a series of numbers and letters such as a mobile app instance ID) to the Mobile App so we (and third parties) can identify the same user of the device. This is important to make sure content is delivered to the correct Mobile App, to assist in providing automatic updates, to facilitate the sending and receipt of push notifications, and to compute metrics. Our analytics provider also uses Android’s Advertiser ID – or AdID – where available to improve the accuracy of identifying unique devices. Google Analytics for Firebase will also use the Android Advertiser ID to provide us with additional demographic information about users of the Mobile App, such as age range, gender, and interests.
Where required by applicable law, we will ask for your permission before storing and/or accessing data on your mobile device. For further information on information collected and your rights and choices regarding them, please see “Data Collected in Connection with Your Use of the Mobile App” and “Your Rights and Choices” below.
5. DISCLOSURES AND TRANSFERS OF YOUR DATA
In connection with one or more of the purposes outlined above, we may disclose your data to:
other entities within the Nielsen group of companies, including to administer, manage, and development business and services; to provide services to our customers, and for IT support and servicers (including security);
our clients and other third parties, such as market research companies (in accordance with market research industry ethical guidelines) as well as organizations and institutions engaged in historical, academic, or longitudinal research;
third parties that assist us in providing goods and services or if necessary to complete any transaction you have requested or authorized or to provide you with a requested product or service. For example, we disclose information to process gift card redemptions (i.e., Amazon) such as an email address to deliver gift cards electronically, as well as delivering prizes won in the sweepstakes. Prizes are provided by third party vendors;
third-party service providers (commonly called ‘data processors’), including providers of the following services (among others): website or application hosting, management, or support; data analysis or processing; data backup; data security and storage; data matching; panelist recruitment; product development; and other services (subject to binding contractual obligations of confidentiality and security). We have contracted with Zollo Social Shopping Limited (d/b/a Ourcart), 26 Elifelet Street, Tel Aviv Yafo 660802, to administer the Mobile App, provide hosting services, and to run and administer the sweepstakes. The Mobile App also has an integration with a third party survey provider to deliver our surveys to users of the Mobile App;
relevant third parties as part of a corporate transaction, such as a reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings); and
competent governmental and public authorities or to other third parties, in each case to comply with legal or regulatory obligations or requests or for the purposes of reporting any actual or suspected breach of applicable law.
We limit how our clients may use personal data that we share with them in order to prevent them from tracing aggregated data back to the individual to whom it relates and prevent personal data from being used in a way that is inconsistent with this Privacy Notice.
The disclosures described will result in the transfer of your personal data to countries or regions with data protection laws that differ from those in your country of residence and do not provide an “adequate level” of data protection, including countries that have not been recognized by the European Commission (or equivalent United Kingdom (UK) body in the event of the UK’s exit from the EU) as providing an adequate level of data protection such as the United States of America, India, or other locations where the Nielsen group of companies has facilities. Some countries outside the EU/EEA, such as Israel, have been recognized by the European Commission as adequate (as list is available here: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en). The UK has indicated that, in the event of its exit from the EU, it intends to recognize the European Commission’s adequacy decisions.
When we transfer data outside the European Union to countries not deemed ‘adequate’ we ensure that we do so in compliance with the EU’s rules for data, including by relying on a recipient’s certification under US/EU Privacy Shield program (which will continue to apply to UK/US transfers as long as the recipient updates its public commitments to include UK transfers), data transfer agreements with the recipient that include standard contractual clauses approved by the European Commission (or equivalent UK body in the event of the UK’s exit from the EU) for transfers of personal data to countries not providing an adequate level of data protection, the recipient’s binding corporate rules, and, in certain circumstances, on the basis of an applicable derogation or exemption. For further details relating to the transfers described above and the safeguards used with respect to such transfers, please contact us at firstname.lastname@example.org.
6. YOUR CHOICES AND LEGAL RIGHTS
Use of the Mobile App is always voluntary, but your use is subject to the Terms and Conditions for the Mobile App. You may withdraw from participation in the Mobile App at any time by contacting email@example.com or uninstalling the Mobile App using your device’s standard uninstallation process. Uninstalling the mobile app will not delete your account, however.
Certain data collected via the Mobile App depends on your device settings and permissions. Depending on your mobile device (and operating system), device settings provide the ability to restrict the collection of certain device data. You can reset or restrict your device advertising ID through your device settings. You can also modify or disable your mobile device’s location functionality, access to the camera, receipt of push notifications, or other features used by the Mobile App through your mobile device’s settings. If you disable access to your mobile device’s camera, you will be unable to upload images of receipts via the Mobile App. If you turn off ‘push’ notifications or alerts through your device’s privacy settings, you will no longer receive ‘push’ notifications.
You also have rights regarding personal data about you we process. Such rights include:
The right to request and obtain confirmation as to whether or not we are processing personal data about you, and, where that is the case, access a copy of the data held about you;
Request that we update the personal data we hold about you or correct such information that is inaccurate or incomplete;
The right to request that certain data about you is erased (note that this right is not absolute, but applies in certain cases);
The right to object to our processing of personal data about you where we process personal data (a) based on legitimate interests, (b) for direct marketing, or (c) for statistical/research purposes (subject to limitations imposed by the UK Data Protection Act 2018 or other EU Member State legislation);
The right to propose other restrictions on the processing of personal data about you if there is a disagreement about its accuracy or we are not lawfully allowed to process it; and
The right of data portability for personal data you have provided (to the extent applicable).
Where we process personal data based on consent, you may withdraw the consent you have given us to process personal data about you. Please note revoking consent will not impact the lawfulness of processing that occurred prior to your revocation of consent.
If you are interested in exercising one or more of the rights described above, please visit our web form or contact us using the contact information below. Because we want to avoid taking action regarding personal data bout you at the direction of someone other than you, please note that we may request information to verify your identity before we give effect to these rights.
If you have questions or concerns about our collection or use of personal data, you can contact our EU Data Protection Officer at firstname.lastname@example.org. If you are unsatisfied with the way in which we have processed personal data or any privacy query or request that you have raised to us, you have the right to complain to the Supervisory Authority in your country of residence or where the activity that is the subject of the complaint occurred (current contact information for the Supervisory Authorities is available here).
7. CHILDREN’S DATA
We understand the importance of protecting minors’ privacy, and it is our policy to never knowingly collect or maintain personal data about anyone under the age of 18. We only allow individuals at least 18 years of age to participate in our Studies. The Mobile App is not designed for or intentionally targeted at minors under the age of 18. If we become aware that we have collected personal data relating to a minor, we will take reasonable steps to delete it.
8. DATA SECURITY
We have in place reasonable organisational, technical, and administrative measures that are designed to protect your personal data from loss, misuse, and unauthorized access, disclosure, destruction, and other forms of unlawful processing while it is under our control.
9. DATA RETENTION
We will retain your data for as long as needed for the fulfillment of the purposes described in this Privacy Notice, unless applicable law or professional or legal obligations requires a longer retention period. The criteria for determining the period of retention include: (a) existence of an ongoing relationship with you; (b) Personal Data is required for the purpose(s) listed in this Notice; or (c) applicable laws and regulations required us to keep Personal Data.
We may also be required to keep personal data for a longer period of time, such as in the event of litigation or if we receive a subpoena, search warrant, court order, or other legal process that requires us to keep the personal data.
10. UPDATES TO THIS PRIVACY NOTICE
Changes in our business or personal data processing practices, technology, and/or legal requirements may require us to update or make changes to this Privacy Notice from time to time. Please take a look at the “Effective Date” at the beginning of this Privacy Notice to see when it was last revised. If we were to make a “material” change (i.e., a change to the way we use your data that might make you reconsider participating in the Panel), we will notify you at the most recent mailing address or email address we have on file at least 30 calendar days before implementing the change, thereby giving you time to withdraw your participation in the Mobile App.
The most current version of this Privacy Notice is available on the Website or accessible via the Mobile App. We encourage you to visit the Website or Mobile App periodically to remain informed about how we are using and protecting your personal data.
11. CONTACTING US
If you have questions about this Privacy Notice or our data handling practices, please email us at: email@example.com or write us at the appropriate address below.
If you reside in the EU/EEA, please write us at:
Oxford Business Park South
John Smith Drive
Oxford OX4 2WB
Attn: Legal Dept.
If you reside outside of the EU/EEA, please write us at:
85 Broad Street
New York, NY 10004
Attn: Legal Dept.
This Privacy Notice replaces any other statement, whether written or oral, made to you about our practices with respect to Nielsen’s collection and use of personal data about you in connection with the Mobile App.
THANK YOU – WE APPRECIATE AND VALUE YOUR PARTICIPATION!
Nielsen Holdings plc (NYSE: NLSN) is a global performance management company that provides a comprehensive understanding of what consumers Watch and Buy. Nielsen's Watch segment provides media and advertising clients with Total Audience measurement services across all devices where content - video, audio and text - is consumed. The Buy segment offers consumer packaged goods manufacturers and retailers the industry's only global view of retail performance measurement. By integrating information from its Watch and Buy segments and other data sources, Nielsen provides its clients with both world-class measurement as well as analytics that help improve performance. Nielsen, an S&P 500 company, has operations in over 100 countries that cover more than 90 percent of the world's population. For more information, please visit www.nielsen.com.