At RewardMe, we take your privacy seriously.
For this GDPR Privacy Notice, we use the terms “Personal Data” and “processing” as they are defined in the GDPR, but “Personal Data” generally means information that can be used to individually identify a person, and “processing” generally covers actions that can be performed in connection with data such as collection, use, storage and disclosure. ALTERNATIVE DATA LIMITED (“RewardMe,” “we”, and “us) will be the controller of your Personal Data processed in connection with the Services.
We will only process your Personal Data if we have a lawful basis for doing so. Lawful bases for processing include consent, contractual necessity and our “legitimate interests” or the legitimate interest of others, as further described below.
Legitimate Interest: We process the following categories of Personal Data when we believe it furthers the legitimate interest of us or third parties:
Examples of these legitimate interests include (as described in more detail above):
Consent: In some cases, we process Personal Data based on the consent you expressly grant to us at the time we collect such data. When we process Personal Data based on your consent, it will be expressly indicated to you at the point and time of collection. Specifically, if you elect to participate in our RewardMe Program and link your email account with the Services to earn the RewardMe Points, we will obtain your consent for linking your email account with the Services and collecting the following categories of Personal Data. During the email linking process, you’ll be prompted to authenticate that you’re the owner of such email account and provide consent for linking the Services to such email account, in which case the applicable email service provider has your permission to share the Linked Email Data with us.
Other Processing Grounds: From time to time we may also need to process Personal Data to comply with a legal obligation, if it is necessary to protect the vital interests of you or other data subjects, or if it is necessary for a task carried out in the public interest.
You have certain rights with respect to your Personal Data, including those set forth below. For more information about these rights, or to submit a request, please email us at email@example.com. Please note that in some circumstances, we may not be able to fully comply with your request, such as if it is frivolous or extremely impractical, if it jeopardizes the rights of others, or if it is not required by law, but in those circumstances, we will still respond to notify you of such a decision. In some cases, we may also need you to provide us with additional information, which may include Personal Data, if necessary to verify your identity and the nature of your request.
The RewardMe group has business processes, management structures and systems that cross borders. As such, we may share information about you within the Reward corporate group and transfer it to countries in the world where we operate our business in connection with the purposes identified above and in accordance with this GDPR Privacy Notice. The Services are hosted in the U.S. through our hosting service providers and operated through us and our service providers located in Hong Kong and the U.S. Please note that the laws in the U.S. and Hong Kong may differ from the laws where you reside, but we will handle your Personal Data in the manner described in this GDPR Privacy Notice.
RewardMe may, pursuant to the purposes listed above, transfer your Personal Data within the EU or Switzerland and to a different jurisdiction. We take the privacy and security of your Personal Data seriously and have adopted intra-group data processing agreement among our affiliates (“Intra-Group DPA”), which incorporates Controller to Controller Standard Contractual Clauses, available at http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32004D0915&from=EN (“C2C Model Clauses”). We undertake that the transfer of your Personal Data from Europe to the territories where your Personal Data is hosted and processed by us will follow the C2C Model Clauses to enable the lawful transfer of Personal Data pursuant to GDPR. Please contact the RewardMe Privacy Team at firstname.lastname@example.org should you wish to examine the Intra-Group DPA.
If you are located in the European Union, you may use the following information to contact our Data Protection Officer and our European Union-Based Member Representative:
Tel.: +49 (0) 40 99999 – 3430
Mob.: +49 (0) 172 918 22 22