Privacy Policy
Privacy Policy
Effective Date: 9/2/2019
This is the Basheret Privacy Policy (“Policy”). It discusses how Basheret LLC and our affiliate and subsidiary companies (collectively, "we," "our," or "us") collect, store, protect, and share your information, and who we share it with. The Policy should be read together with our Terms and Conditions. When you use the Basheret mobile application (“App”), we collect certain information about you and your usage. Also, you can use the App to share information with other users, including your friends and contacts (“Users”). We will in certain circumstances share your information as well. If you have any questions or comments about this Policy, please feel free to contact us at basheretprivacy@gmail.com.
COLLECTION OF INFORMATION.
Registration Information
When you download the App and create a user account (“Account”), we collect certain information (“Registration Information”) about you, including:
-
Name;
-
Username and password (both created by you but meeting our requirements);
-
Email address;
-
Mobile number;
-
Gender identity;
-
Date of birth;
-
Sexual preference;
-
Photographs;
-
Location; and
-
Contacts List
We use this information to enhance the App and verify our Users and their accounts. Some of this information is visible to the public on your profile page.
Additional Information
If you contact our Customer Support team, we may track your IP address as well as the information you send to us as part of the resolution of your issue. We keep records of our communications with you, including any complaints that we receive from you about other Users (and from other Users about you).
We recommend all users consider carefully any information you share over the App with other Users and recommend that you do not put sensitive personal information of any kind on your profile, which can lead to abuse and misuse of the App by other Users. Also, you should know that photographs that you post on Basheret can reveal information about yourself as well as postings and that you may not want to share this information with other Users. You are solely responsible for the amount and type of personal information you share. Any post that you make that is inconsistent with our Terms and Conditions of Use could lead us to terminate your Account. For safety and security and to ensure you have the best possible user experience, we require users to verify their accounts and may ask you for your phone number to avoid online bots and fake accounts.
You are required to keep all your account details up to date. If your phone number changes, you must update this information in your account.
To prevent abuse of the App, we check accounts and messages for content indicating breaches of our Terms and Conditions of Use which is completed by a combination of automated systems and human moderators. If an account or message meets certain criteria demonstrating that the Terms and Conditions of Use are possibly breached, the related account will automatically be blocked. All blocked users of accounts will be notified of the block. Users can contact us to dispute the block.
We process limited data (device identifiers) and share this with third-party advertising networks that host our ads. You can stop targeted advertising within the “Contact” page accessible via your basheret.app/contact-us. If you opt-out of targeted advertising, you will still see adverts although they will be less relevant to you. By accessing your device’s security settings, you could opt to prevent or limit device identifiers being shared with third party advertisers and what use is made of the device identifiers.
For users who are California residents, the data we may collect falls within the following categories of “personal information,” as defined by the California Consumer Privacy Act (CCPA):
-
Identifiers, such as name and address;
-
Personal information, as defined in the California customer records law, such as contact (including email and telephone number) and financial information;
-
Characteristics of protected classifications under California or federal law (if you choose to provide them), such as age, ancestry, gender identity, genetic information, marital status, medical condition, national origin, physical or mental disability, sex, sexual orientation, race, religion, veteran or military status;
-
Commercial information, such as transaction information and purchase history or tendencies;
-
Biometric information (not relevant here);
-
Internet or network activity information, such as browsing history and interactions with our websites and apps;
-
Geolocation data, such as mobile device location;
-
Audio, electronic, visual and similar information, such as photos and videos;
-
Professional or employment-related information, such as work history and prior employer;
-
Non-public education information; and
-
Inferences drawn from any of the personal information listed above to create a profile or summary about, for example, a person’s preferences and characteristics.
Data Storage
By using the App, you acknowledge that Basheret is a global app operating through servers located in several countries around the world, including the United States. If you live in a country with data protection laws, the storage of your personal data may not provide you with the same protections as you enjoy in your country of residence.
Geolocation Information
If you turn location access on, when you use your mobile, we will collect information about WIFI access points as well as other location information regarding your longitude and latitude and may save your device's coordinates to offer certain features to you. This information helps us identify your physical location and we may use it to personalize the App and make it easier for you to interact with other Users, by enabling the information to be displayed and shared with other members choosing to view “nearby” posts.
If you have enabled location services, but wish to turn them off, you can do so by the following methods:
-
iPhone app — settings > privacy >location services > Basheret
-
Android — settings > location > Basheret > permissions > location
Log and Usage Data
We only keep your personal information as long as we need it for legitimate business purposes (as set out in Section 11 below) and as permitted by applicable law.
In practice, we delete or anonymize your information upon deletion of your account (following the safety retention window), unless:
-
we must keep it to comply with applicable law (for instance, some “traffic data” is kept for one year to comply with statutory data retention obligations);
-
we must keep it to evidence our compliance with applicable law (for instance, records of consents to our Terms, Privacy Policy, and other similar consents are kept for five years);
-
there is an outstanding issue, claim or dispute requiring us to keep the relevant information until it is resolved; or
-
the information must be kept for our legitimate business interests, such as fraud prevention and enhancing users' safety and security. For example, information may need to be kept to prevent a user who was banned for unsafe behavior or security incidents from opening a new account.
Where Basheret adopts machine learning, for example, to help us detect and prevent fraudulent card transactions, and to detect and prevent spam communications on the App (as explained above), we may need to retain personal information for a longer period than the retention periods explained above, in order to enable the machine learning to work properly. In this situation, we always seek to minimize the amount of personal information that is used and we ensure that it is ring-fenced and kept securely from other user personal information. We regularly review the period for which personal information is required for machine learning purposes and delete any identifiable information when it is not required.
Device Information
We may collect information about your device(s) you use to access our service, including:
-
hardware and software information such as IP address, device ID and type, device-specific and apps settings and characteristics, app crashes, advertising IDs (such as Google’s AAID and Apple's IDFA, both of which are randomly generated numbers that you can reset by going into your device’ settings), browser type, version and language, operating system, time zones, identifiers associated with cookies or other technologies that may uniquely identify your device or browser (e.g., IMEI/UDID and MAC address);
-
information on your wireless and mobile network connection, like your service provider and signal strength;
-
information on device sensors such as accelerometers, gyroscopes, and compasses;
-
the unique device identifier, device model, operating system, and MAC address.
Also, if you permit us to do so, the App may access your device's address book solely to add someone to your contacts.
Links
We may keep track of how you interact with links available on Basheret including third party services and clients by redirecting clicks or through other means. We may share aggregate click statistics such as how many times a particular link was clicked on.
Cookies
Cookies are small text files that are sent to or accessed from your web browser or your device’s memory, and are basically a tool storing information about website visits, recognizing you and your preferences each time you visit Basheret, and ensuring site functionality and enables us to provide the services our members request. The cookies we collect enable us to learn how users interact with our App, whereby helping us provide a better user experience.
You may set your browser and mobile settings to block cookies and local storage devices, but please keep in mind if you do so, you may not be able to access all of the features of the App.
We use the following types of cookies:
Cookie Functions
Cookie Purposes
Analytics and research
We use Google Analytics to collect information about how visitors use the site. The cookies collect information in an anonymous form, including the number of visitors to the App, where visitors have come from and the pages they visited. For more information about Google's Privacy Policy, please visit http://www.google.com/intl/en/policies/.
Performance
We need to use certain cookies and save data to your local storage devices to ensure our users have a great experience on the App. Cookies can assist with your navigation of the App and its speed and overall functionality.
Our use of cookies and local storage devices, including the specific cookie names, may change over time, but will generally fall into the above categories. We will notify you of any key changes to our use of cookies and local storage devices. Please visit this page regularly so that you are aware of any changes.
USE OF INFORMATION.
Our main goal is for you to enjoy and benefit from the use of the App. For this reason, we may use your Registration and other information to:
-
offer you various services and features;
-
contact you with information about the App (e.g., updates and new offerings);
-
personalize the App and the content we deliver to you;
-
conduct research and analytics about how you use and interact with the App;
-
resolve disputes between you and other Users; and
-
investigate fraud, protect our legal rights, and to enforce our Terms & Conditions.
3. DISCLOSURE OF INFORMATION.
Our policy is to not disclose your Registration Information, except in the limited circumstances described here:
Circumstances where data may be disclosed
Disclosed data
Your Consent – If you consent, we may share or disclose your Registration Information, such as when you use a third-party web client or application to access your Account.
This could include all data, including all CCPA Categories listed above
Service Providers - We engage certain trusted third parties to perform functions and provide services to us. We may share your Registration Information with these third parties, but only for the purposes of performing these functions and providing such services e.g. information technology companies (hardware and software) which provide services to support our products and help us with information security matters.
This could include all data, including all CCPA Categories listed above
Moderators – To monitor activity on the apps and approve content.
Name and user registration details, profile information, content of messages and photographs (CCPA Categories A, B, C, E, and H)
Payment Processing and Telecommunications Companies – To facilitate payments for our premium services.
Cardholder name, cardholder address, card number, payment amount, transaction date/time (CCPA Categories A, B, and D)
Law and Harm - As we referenced in the [link to URL for Terms and Conditions], it is important for all Users to abide by and follow our Terms and Conditions. In this vein, we will cooperate with all third parties to enforce their intellectual property or other rights. We will also cooperate with law enforcement inquiries from within or outside your country of residence where we are required to by law, where there is an investigation into alleged criminal behavior or to protect the vital interests of a person. This may include preserving or disclosing any of your information, including your Registration Information, if we believe in good faith that it is necessary to comply with a law or regulation, or when we believe that disclosure is necessary to comply with a judicial proceeding, court order, or legal request; to protect the safety of any person; to address fraud, security or technical issues e.g. through anti-spam providers to protect the service from criminal activity or to protect our rights or property or those of third parties. In such cases, we may raise or waive any legal objection or right available to us.
This could include any personal data that Basheret holds about you, depending on the nature of the request or the issue that we are dealing with, including all CCPA Categories listed above
Business Transfers -In the event that Basheret or any of our affiliates goes through a business transition or change of ownership, such as a merger, acquisition by another company, re-organization, or sale of all or a portion of its assets, or in the event of insolvency or administration, we may be required to disclose your personal data to the other parties to the transaction.
This could include all personal data that Basheret holds about you, including all CCPA Categories listed above
Advertising Partners – To serve targeted advertisements to users.
Device ID, geolocation data, demographic data (CCPA Categories C, F, and G)
Anti-Spam and Anti-Fraud -Your data may be shared with other Basheret group companies, for example, to block accounts and suspected fraudulent payment transactions as part of our anti-spam and anti-fraud procedures.
Email address, phone number, IP address and IP session information, username, user agent string, and transaction and payment data (CCPA Categories B, F and D).
Aggregated Information – We may share aggregated information with third parties that includes your personal data (but which does not include personal identifiable information) together with other including log data for industry analysis and demographic profiling. You may opt-out of receiving marketing messages by using the opt-out mechanisms and links provided in each email. We guarantee these parties must adhere to strict data protection and confidentiality provisions that are consistent with this Policy. Measures are taken to ensure that the data shared is non-attributable to the greatest extent possible.
Basheret does not sell your data and has not sold your personal data in the previous 12 months.
5. MODIFYING YOUR REGISTRATION INFORMATION.
You may access or modify the Registration Information you provided at any time or permanently delete your Account. When your Account is deactivated, we take reasonable efforts to ensure your profile is no longer viewable on the App. For up to 30 days it is still possible to restore your Account if it was accidentally or wrongfully deactivated. After 30 days, we begin our process of deleting your Account from the systems. We are not responsible for any information, pictures, comments, or other content that is deleted from our systems resulting from the deactivation of your Account.
To avoid abuse and/or misuse of Basheret by a User following termination or deletion of a profile or Account we shall retain such information as we deem in our sole discretion may be necessary to ensure that User does not open a new account and profile in breach of our Terms and Conditions – https://www.basheret.app/terms-of-service and to ensure compliance with all laws and regulations.
Warning: Even after you remove information from your profile or delete your Account, copies of that information may still be viewable and/or accessed to the extent such information has been previously shared with others, or copied or stored by other Users or to the extent such information has been shared with search engines. We cannot control this, nor do we accept any liability for this. If you have given third-party applications or websites access to your personal information they may retain such information to the extent permitted under their terms of service or privacy policies.
Removed and deleted information may persist in backup copies for up to 30 days to enable restoration, but will not be available to others in the meantime.
6. OUR POLICY TOWARDS AGE.
Although we want as many people as possible to enjoy our creation, we do not permit users under the age of 18 on our platform.
Basheret does not knowingly collect any information about or market to children, minors or anyone under the age of 18. If you are less than 18 years old, we request that you do not submit information to us. If we become aware that a child, minor or anyone under the age of 18 has registered with us and provided us with personal information, we will take steps to terminate that person's registration and delete their Registration Information from Basheret. If we do delete a profile because you violated our no children rules, we may retain your email and IP address to ensure that you do not try to get around our rules by creating a new profile. If you believe we might have any information from or about a child under 18, please contact us at basheretprivacy@gmail.com.
7. CHANGES TO THIS POLICY.
As Basheret evolves, we may revise this Privacy Policy from time to time. The most current version of the policy will govern our use of your information and will always be at https://www.basheret.app/privacy-policy. If we make a material change to this policy that, in our sole discretion, we will notify you, for example, via an email to the email associated with your Account or by posting a notice within Basheret. By continuing to access or use the App after those changes become effective, you agree to be bound by the revised Privacy Policy.
8. SECURITY.
At Basheret we have adopted commercially reasonable security measures to help protect your information against loss, misuse and unauthorized access, or disclosure. We use reasonable security measures to safeguard the confidentiality of your personal information such as secured servers using firewalls.
WE EXPRESSLY DISCLAIM ANY REPRESENTATION OR WARRANTY, WHETHER EXPRESS OR IMPLIED, WITH RESPECT TO ANY BREACHES OF SECURITY, DAMAGE TO YOUR DEVICE, OR ANY LOSS OR UNAUTHORISED USE OF YOUR REGISTRATION INFORMATION OR OTHER DATA.
YOUR CALIFORNIA PRIVACY RIGHTS.
For users who are California residents, you have the following rights (in addition to those listed at section 11 below) under the California Consumer Privacy Act, and you have the right to be free from unlawful discrimination for exercising your rights under the Act:
-
You have the right to request that we disclose certain information to you and explain how we have collected, used and shared your personal information over the past 12 months.
-
You have the right to request that we delete your personal information that we collected from you, subject to certain exceptions.
California's “Shine the Light” law, Civil Code section 1798.83, requires certain businesses to respond to requests from California customers asking about the businesses' practices related to disclosing personal information to third parties for the third parties' direct marketing purposes. If you wish to find out about any rights you may have under California Civil Code section 1798.83, you can write to us at basheretprivacy@gmail.com.
From time to time we may disclose your contact information to third parties in order to allow them to market their products or services to you or for other marketing purposes. This may be information we received from you offline and online. If you want us to stop further sharing your email contact information with third parties (if we have your email contact information), you may give us notice of opting-out at basheretprivacy@gmail.com. Please follow the instructions given to you by third parties to unsubscribe from their messages. If you have opted-out as described above, and thereafter you choose to use a service or promotion that requires us to contact you or share your information with a third party, then your previous opt-out preferences will not apply to such service.
Moreover, under California law, operators of online services are required to disclose how they respond to “do not track” signals or other similar mechanisms providing consumers the ability to exercise choice about the collection of personal information of a consumer over time and across third-party online services, to the extent the operator engages in that collection.
At this time, we do not track our Users' personal information over time and across third-party online services. This law also requires operators of online services to disclose whether third parties may collect personal information about their users' online activities over time and across different online services when the users use the operator's service. We do not knowingly permit third parties to collect personal information regarding an individual User's online activities over time and across different online services while using the App.
11. YOUR UK AND EU RIGHTS.
Under UK and EU law, UK and EU users have the right to lodge a complaint with data protection regulators, and the Information Commissioners’ Office (ICO) is the UK’s lead regulator. You can find out how to raise a concern with the ICO by visiting their website at www.ico.org.uk. If you’re within the EU, you may also get in touch with your local Data Protection Regulator who may liaise with the ICO on your behalf.
You have a number of rights under European Data Protection law as detailed below. These rights apply to all of our users:
-
Right to be informed: what personal data an organization is processing and why (this notice).
-
Right of access: you can request a copy of your data.
-
Right of rectification: if the data held is inaccurate, you have the right to have it corrected.
-
Right to erasure: you have the right to have your data deleted in certain circumstances.
-
Right to restrict processing: in limited circumstances, you have the right to request that processing is stopped but the data retained.
-
Right to data portability: you can request a copy of your data in a machine-readable form that can be transferred to another provider.
-
Right to object: in certain circumstances (including where data is processed on the basis of legitimate interests or for the purposes of marketing) you may object to that processing.
-
Rights related to automated decision making including profiling: there are several rights in this area where processing carried out on a solely automated basis results in a decision which has legal or significant effects for the individual. In these circumstances, your rights include the right to ensure that there is human intervention in the decision-making process.
Basheret has designated a Data Protection Officer and they can be reached by emailing basheretprivacy@gmail.com or at the following address: ashernaghi@gmail.com. If you wish to exercise any of the rights discussed above, please contact us using one of these two methods.
How we protect my personal data?
Basheret has implemented appropriate security measures to protect and prevent the loss, misuse, and alteration of the information under our control, including your personal data. To ensure your secure use of our site, our technical experts at Basheret work hard to protect you from unauthorized access to or alteration, disclosure or destruction of your personal information.
We take reasonable precautions against possible security breaches of our website, member database and records, however, no website or Internet transmission is completely secure and we cannot guarantee that unauthorized access, hacking, data loss, or other breaches will never occur.
We urge you to take steps to keep your personal data safe (including your password) and to log out of your account after use. If you lose your password or give it out, or another service provider that you use suffers a data breach and you have used the same credentials with that service provider as you have with Basheret, your personal data may be compromised. If that happens, please report it to Support via our basheretapp@gmail.com.
Where is my personal data kept?
We want you to be able to access Basheret wherever you happen to be in the world. To enable us to provide that service, we operate a global network of servers including in the US. The hardware is located in third-party data centers but is owned by us. Data collected by advertising partners may also be held outside the European Economic Area. We ensure that the data is adequately protected by ensuring that valid, legal mechanisms are in place such as: EU approved model clauses (which can be found here), US privacy shield certification (more information can be found here – please note that Basheret is not Privacy Shield certified but we may pass information to third-party service providers or advertising partners who are based in the US and who are Privacy Shield certified); and implementing robust contractual standards. If you want more information relating to the nature of the safeguards we have in place, please email basheretprivacy@gmail.com.
Does Basheret collect any other personal data about me?
If you contact us via basheretprivacy@gmail.com, we will receive your email address, and may track your IP address, as well as the information you send to us to help resolve your query. We will keep records of our communications with you, including any complaints that we receive from you about other users (and from other users about you) for 6 years after deletion of your account.
Does Basheret use my personal data for any other purpose?
We may use a material that you post on the open access areas of Basheret in advertising and promotional materials on our partner sites and partner products. We believe these uses are in line with our legitimate interests in enabling us to improve our site and better tailor your online experience to meet your needs. If we intend to do this, we will contact you for your prior approval.
We use your personal data to resolve disputes, troubleshoot problems and enforce our Terms of Service - https://www.basheret.app/terms-of-service.
Under EU and UK data protection laws, we are only permitted to use your data when we have a lawful basis to do so. The table below provides an overview of the legal bases that we rely on to use your data. Where the legal basis is consent, you can withdraw consent at any time. Where the legal basis is legitimate interests, you have a right to object to our use of your data. We explain in the relevant sections in this Policy how you can withdraw consent or opt-out of certain data uses (where applicable).
Purpose for which data is used
Data
Source
Legal basis
To provide you with the Basheret service
Information you share with us, including:
Name, email address, date of birth, location (CCPA Categories A and B)
You provide your name, email address and date of birth to us. We obtain location data from the device that you use to access the service
Contractual necessity
To facilitate networking opportunities on the Basheret site
Optional information that you choose to provide in your profile, including through adding Basheret badges, which may include information about your sexual preferences, non-binary gender, religion, ethnic background, photos etc. (CCPA Categories C, H, I, J)
You provide this information to us
Consent
To verify your identity and prevent fraud and to ensure the safety and security of Users
Phone number (CCPA Category B)
You provide this information to us
Legitimate interests – it is in our legitimate interests to ensure that accounts are not set up fraudulently and to safeguard Users of the site
To take payment for premium services
Payment card details (CCPA Categories B and D)
You provide this information to us
Contractual necessity and legitimate interests – we have a legitimate interest in receiving payment for our premium services
To send you marketing information about our offers and services
Email address and mobile phone number (CCPA Category B)
You provide this information to us
Legitimate interests – it is in our legitimate interests to promote our products and services
To show “nearby” location information to you and other users of the App
WIFI access points and location data when you use the App (CCPA Category G)
We obtain this information from the device that you use to access the service
Legitimate interests – it is in our legitimate interests to provide this functionality as part of the services
To carry out research and analysis to help us improve the App
Log and usage data, including IP address, browser type, referring domain, pages accessed, mobile carrier and search terms (CCPA Category F)
We obtain this information from the device that you use to access the service
Legitimate interests – it is in our interests to analyze the way in which Users are accessing and using our services so that we can further develop the App and improve the service
To respond to correspondence and queries that you submit to us
Email address and IP address, phone number (CCPA Categories B and F)
You provide your email address and phone number to us when you contact us and we obtain your IP address from the device that you use to contact us
Legitimate interests – it is in our legitimate interests to respond to your queries to ensure that we provide a good service to Users and troubleshoot problems
To block accounts as part of our anti-spam procedures
Email address, phone number, IP address and IP session information, username, user agent string (CCPA Categories B and F)
You provide your email address, phone number and username to us. We obtain the other information from the device that you use to access the service
Legitimate interests – it is in our legitimate interests to prevent unauthorized behavior and to maintain the safety and security of our services
To enable users to create their Basheret profile and log into the App via Facebook
Data from Facebook, including email address, name and profile picture, date of birth, friends who use the app, pages liked, location and photos (CCPA Categories A, B, C, and H)
We obtain this information from Facebook
Legitimate interests – it is in our legitimate interests to facilitate access to our services
To block payment transactions as part of our anti-fraud procedures
Name, IP address, email address, mobile number, cardholder name, payments received, type of payment, user ID, country (CCPA Categories, A, B, and D)
You provide your name, email address, mobile number and card details to us. We obtain your IP address from the device that you use to contact us. We obtain your payment information from your interactions with our service
Legitimate interests – it is in our legitimate interests to prevent fraudulent transactions and to maintain the security of our services
To serve promo cards and advertisements on the App
Demographic, location data, email address (CCPA Categories A, B, C and G)
We obtain demographic data from you, and location data from the device that you use to access the service. You provide your email address to us
Legitimate interests – it is in our legitimate interests to target advertisements so that users see relevant advertisements and to allow us to generate income from advertising revenue
To serve advertisements on third-party networks
Device identifiers (IDFA and GAID) (CCPA Category F)
We obtain this information from the device that you use to access the service
Legitimate interests – it is in our legitimate interests to serve advertisements and to promote our products
To contact you in order to run surveys for research purposes and to obtain feedback, and to find out if you want to take part in marketing campaigns
Email address and mobile phone number (CCPA Category B)
You provide this information to us
Legitimate interests – it is in our legitimate interests to research so that we can further develop the App and improve the service
To enable video and audio call functions, and the sending of images and video
Video and audio call usage data, images and video (CCPA Categories F and H)
We obtain this information from the device that you use to access the service
Legitimate interests – it is in our legitimate interests to provide these functionalities as part of the services
To defend legal claims, protect legal rights and to protect people from harm
This could include any information that is relevant to the issue
This information may be obtained directly from you, from your device or from third parties, depending on the information involved
Legitimate interests – it is in our legitimate interests to protect our legal rights, defend legal claims and to protect our users and third parties from harm
12. ABOUT US.
Your access to the App, as well as this Privacy Policy are governed and interpreted by the laws of the State of California other than such laws, rules, regulations and case law that would result in the application of the laws of a jurisdiction other than the State of California. By using the App, you are consenting to the exclusive jurisdiction of the courts of the United States and the State of California. You agree that such courts shall have in personal jurisdiction and venue and waive any objection based on inconvenient forum. You agree that you will not file or participate in a class action against us. In the event there is a discrepancy between this English language version and any translated copies of the Policy, the English version shall prevail.