We understand the trust users place in us and our responsibility to protect the privacy of user information. We want you to be clear about how we’re using the information and the ways in which you can protect your privacy.
When we refer to “XHOCKWARE, we mean the legal entity behind solutions like Evaristo, that acts as the controller or processor of your information, as explained in more detail in the “Identifying the Data Controller and Processor” section below.
By “Users”, “Shoppers” or “End Users”, we mean the individuals using any of the services rendered by XHOCKWARE, and that agree and comply to the terms set by the “Service Terms Agreement”.
By “Customers” we mean our Customers, usually Restaurants, Cafes, CoffeeShops, or Shopping Malls. These are 3rd Party legal entities that sign a service agreement or business contract with XHOCKWARE for rendering any of the services provided to by the company, to their customers, staff or stores.
Table of Contents
- INFORMATION WE COLLECT AND RECEIVE
- USER DATA
- USAGE DATA
- CUSTOMER’S INFORMATION (RETAILERS)
- SERVICES METADATA
- LOG DATA
- DEVICE INFORMATION
- LOCATION INFORMATION
- COOKIE INFORMATION
- THIRD-PARTY SERVICES
- CONTACT INFORMATION
- THIRD-PARTY DATA (CUSTOMERS)
- ADDITIONAL INFORMATION PROVIDED
- HOW WE USE INFORMATION
- XHOCKWARE GETS USAGE INFORMATION
- DATA RETENTION
- HOW WE SHARE AND DISCLOSE INFORMATION
- CUSTOMER’S INSTRUCTIONS (RETAILERS)
- USERS’ INSTRUCTIONS – DATA PORTABILITY
- COLLABORATING WITH OTHERS
- CUSTOMER ACCESS
- THIRD-PARTY SERVICE PROVIDERS AND PARTNERS
- THIRD-PARTY SERVICES
- AGGREGATED OR DE-IDENTIFIED DATA
- TO COMPLY WITH LAWS
- WITH YOUR CONSENT
- AGE LIMITATIONS
- INTERNATIONAL DATA TRANSFERS PRIVACY SHIELD AND CONTRACTUAL TERMS
- DATA PROTECTION OFFICER
- IDENTIFYING THE DATA CONTROLLER AND PROCESSOR
- YOUR RIGHTS
- DATA PROTECTION AUTHORITY
- CONTACTING XHOCKWARE
A separate agreement (Contract) governs delivery, access and use of the Services by 3rd parties (Our Customers).
- Registered Users: Users that opt-in on the app, and decide to register on the app and share personal information.
- UnRegistred Users: Users that anonymously use the app, by deciding not to register on the app, and from which no personally identifiable information is kept
- Customer: Companies that provide the minimal information necessary for Xhockware to render its services, but that do not include or share any personal information from their customers.
User Data is collected when Users grants access to Evaristo mobile App when using the Services to create or update an account.
XHOCKWARE may collect an email address, social information, domain and/or similar account details.
This information is kept private, and will never be shared with any other entities, except under the terms set by this policy, namely to comply with a court order.
Usage Data is collected when Users access Evaristo’s mobile App or any of XHOCKWARE services. Usage information may include Smartphone usage information when ordering with the app, or for any interaction with the app.
This information is used to continuously improve the services provided, for debugging, statistics and diagnostic purpose, or any another objective set by this Policy. No personal information or personally identifiable information is kept under usage data.
Customer’s Information (Restaurants)
XHOCKWARE also collects, generates and/or receives Information from Customers. This information may include:
- Sales information
- product information (inc. prices, product data, etc)
XHOCKWARE will not share or receive from Customer’s any of the End User’s personal information.
In the extreme case of when the User makes purchases that include a loyalty card identifier, this identifier may be shared with the customer. This identifier has no relevance to XHOCKWARE, as no matching loyalty or personal information for the User is stored, or will ever be shared by a customer.
When a User interacts with the Service, metadata is generated that provides additional context about the way Registered Users work.
For example, XHOCKWARE logs content you interact with, the types Usage Information shared and what Third-Party Services (Customers) are used.
Our servers automatically collect Usage or Operational Information when Users access or use our Service and record it in log files.
This log data may include the Internet Protocol (IP) address, browser type, and settings, the date and time the Services were used, request and response information, information about browser configuration and plugins, language preferences and cookie data.
No personal information is kept on log files.
XHOCKWARE collects information about devices accessing the Services, including the type of device, what operating system is used, device settings, application IDs, unique device identifiers and crash data.
Whether we collect some or all of Device information often depends on the type of device used and its settings.
Device information is hashed externally to our application. This means we cannot uniquely identify a user or any personal information from the User’s device information.
Device information only allows us to anonymously differentiate users from each other for a basic service operation.
We receive information from User and information from the device to determine the approximate Customer location.
XHOCKWARE may also collect location information from devices in accordance with the explicit consent process provided by User on his/her device.
The Websites and Service may also include cookies and similar tracking technologies of third-parties, which may collect Usage Information via the Websites and Services and across other websites and online services.
For more details about how we use these technologies, please see our Cookies Policy.
A user can choose to permit or restrict Third-Party Services.
Third-Party Services are software that integrates with our Services to provide the desired functionality.
Once enabled, the provider of a Third-Party Service may share certain information with XHOCKWARE.
For example, we may receive a username or email address of Users, along with additional information that the application has elected to make available to XHOCKWARE to facilitate the integration.
When a Third-Party Service is enabled, XHOCKWARE is authorized to connect and access Usage Information made available to XHOCKWARE in accordance with our agreement with the Third Party Provider (Customers).
We do not, however, receive or store passwords for any of these Third-Party Services when connecting them to the Service.
Third-Party Services examples are:
- Social Media Networks
In accordance with the consent process provided by your device, any information that a User chooses to import is collected when using the Services.
A user may decide to allow direct contact with XHOCKWARE, for customer support or marketing initiatives.
Third-Party Data (Customers)
XHOCKWARE may receive data about organizations, industries, marketing campaigns and other matters related to our business from affiliates and subsidiaries, our partners or others that we use to make our own information better or more useful. This data may be combined with Usage Information we collect and might include aggregate level data, such as which IP addresses correspond to zip codes or countries. Or it might be more specific, for example, an online marketing or email campaign.
Additional Information Provided
We receive Usage information when submitted to our Servers when the User interacts with our social media accounts or otherwise communicates with the company.
Certain Information is collected automatically and, if some Information is not provided, we may be unable to provide the Service.
4. How We Use Information
User’s Data will be used by XHOCKWARE in accordance with Terms of Service as accepted when installing the App in your mobile device.
Customer (3rd party) Data will be used by XHOCKWARE in accordance with Customer’s instructions, including any applicable terms in the Customer Agreement and Customer’s use of Services functionality, and as required by applicable law. XHOCKWARE is a processor of Customer Data and Customer is the controller.
Customer may, for example, assign roles and configure settings, access, modify, export, share and remove Customer Data and otherwise apply its policies to the Services.
XHOCKWARE Gets Usage Information:
- To provide, update, maintain and protect our Service and business. This includes the use of Usage Information to support delivery of the Service under a Customer Agreement, prevent or address service errors, security or technical issues, analyse and monitor usage, trends and other activities or at a User’s request.
- As required by applicable law, legal process or regulation.
- To communicate with Users by responding to your requests, comments and questions. If you contact us, we may use your contacts to respond.
- To develop and provide search, learning and productivity tools and additional features. XHOCKWARE tries to make the Services as useful as possible for Users.
For example, we may improve search functionality by using Usage Information to help determine and rank the relevance of content, make Services suggestions based on historical use and predictive models, identify trends and insights, to customize a Services experience or create new features.
- To send emails and other communications. We may send you service, technical and other administrative emails, messages and other types of communications. We may also contact you to inform you about changes in our Services, our Services offerings, and important Services-related notices, such as security and fraud notices. These communications are considered part of the Services and you may not opt out of them. In addition, we sometimes send emails about new product features, promotional communications or other news about XHOCKARE services. These are marketing messages so you can control whether you receive them.
- To investigate and help prevent security issues and abuse.
5. Data Retention
XHOCKWARE will retain Users Data in accordance with Users consent, including any applicable terms of the Customer Agreement, and as required by applicable law. The deletion of Users Data and other users of the Services by Customer may result in the deletion and/or de-identification of certain associated Usage Information.
Only when we have your explicit consent to do so, we may share personal information with companies, organizations or individuals outside of XHOCKWARE.
If requested for legal purposes, we may share personal information with companies or organizations to meet any applicable law, regulation, legal process or enforceable governmental request, enforce applicable Terms of Service, including investigation of potential violations or to detect, prevent, or otherwise address fraud, security or technical issues.
Customer’s Instructions (Restaurants)
XHOCKWARE may share and disclose Customer Data in accordance with a Customer’s consent, including any applicable terms in the Customer Agreement and in compliance with applicable law and legal process.
Users’ Instructions – Data Portability
XHOCKWARE will share and disclose Users Data and Usage Information in accordance with Users instructions, including any applicable terms in the Terms of Service, and in compliance with applicable law and legal process.
Collaborating with Others
User’s Data, such as an anonymised User’s profiled Information, may be shared, subject to the policies and practices permitted by Law.
Customer representatives and authorized personnel may be able to access Usage Information.
This may include, for example, accessing sales details, usage data related to shopping journeys, service metrics related to your usage in their stores.
Third-Party Service Providers and Partners
We may involve third-party companies or individuals as business partners to process Usage Information and support our business.
These third-parties may, for example, provide virtual computing and storage services. Additional information about the sub-processors we use will be available.
XHOCKWARE may use services like Amazon Web Services (AWS), Microsoft Azure and Google Cloud Platform (GCP) for cloud servers and online storage. Amazon’s security policies can be found here. Azure security policy can be found here. GCP security policies can be found here. Other providers may be added in the future. Their Security Policies should be referenced here.
XHOCKWARE will assure that any third-party with access for any reason to personal or usage information will be bound by contract, fully complying with these terms, and meeting or exceeding XHOCKWARE’s confidentiality level.
Aggregated or De-Identified Data
We may disclose or use aggregated or de-identified Usage Information for any purpose. For example, we may share aggregated or de-identified Usage Information with prospects or Customers for business or research purposes.
To Comply with Laws
If we receive a request for information, we may disclose Usage Information if we reasonably believe disclosure is in accordance with or required by any applicable law, regulation or legal process.
Please see the Data Request Policy to understand how XHOCKWARE responds to requests to disclose data from government agencies and other sources.
To enforce our rights, prevent fraud, and for safety. To protect and defend the rights, or third-parties, including enforcing contracts or policies, or in connection with investigating and preventing fraud or security issues.
With your consent
XHOCKWARE may share Usage Information with third-parties when we have your explicit consent to do so.
XHOCKWARE takes the security of data very seriously. XHOCKWARE works hard to protect Information you provide from loss, misuse, and unauthorized access or disclosure. These steps take into account the sensitivity of the Information we collect, process and store, and the current state of technology.
Given the nature of communications and information processing technology, XHOCKWARE cannot guarantee that Information, during transmission through the Internet or while stored on our systems or otherwise in our care, will be absolutely safe from intrusion by others.
XHOCKWARE will continuously seek to increase the security of your data. In the case of a Personal Data breach, Evaristo, without undue delay and where feasible, not later than 72 hours after detection, will notify the Personal Data breach to the supervisory authority competent in accordance with GPDR Article 55.
Any delay to report to the supervisory authority will be accompanied by detailed reasons.
If allowed by the countries law underage Users over the age of 16 may use XHOCKWARE services without requiring parental consent.
Any individual under the age of 16, requires parental consent before being allowed to use XHOCKWARE’s services.
XHOCKWARE may not be responsible for Users accessing the services without complying with the local law in regard to Legal Age. If you learn that anyone younger than 16 has unlawfully provided us with personal data, please contact us and we will take steps to delete such information.
10. International Data Transfers Privacy Shield And Contractual Terms
XHOCKWARE may transfer your Personal Data to countries other than the one in which you live. We deploy the following safeguards if XHOCKWARE transfers Personal Data originating from the European Union or Switzerland to other countries not deemed adequate under applicable data protection law:
- E.U.-U.S. Privacy Shield and Swiss-U.S. Privacy Shield. To comply with European Union and Swiss data protection laws, XHOCKWARE self-certified under the E.U.-U.S. Privacy Shield and the Swiss-U.S. Privacy Shield.
These frameworks were developed to enable companies to comply with data protection requirements when transferring personal data from the European Union and Switzerland to the United States. To learn more about the Privacy Shield Program, please see http://www.privacyshield.gov/welcome.
- European Union Model Clauses. XHOCKWARE offers European Union Model Clauses, also known as Standard Contractual Clauses, to meet the adequacy and security requirements for our Customers that operate in the European Union, and other international transfers of Customer Data.
However, if you have any question, request, complain related to Data Protection or your Privacy Rights, you can reach our teams through the contacts on our website, or e-mail us at firstname.lastname@example.org
XHOCKWARE is the controller of Information and a processor of Customer Data relating to Usage Data.
13. Your Rights
Individuals located in certain countries, including the European Economic Area, have certain statutory rights in relation to their personal data. Subject to any exemptions provided by law, you may have the right to request access to Information, as well as to seek to update, delete or correct this Information.
You can usually do this using the settings and tools provided in the App. If you cannot use the settings and tools, contact user support for additional assistance (email@example.com).
To the extent that XHOCKWARE’s processing of your Personal Data is subject to the General Data Protection Regulation, XHOCKWARE relies on its legitimate interests, described above, to process your data. XHOCKWARE may also process other information that constitutes your Personal Data for direct marketing purposes and you have a right to object to XHOCKWARE’s use of your Personal Data for this purpose at any time.
- Restrict XHOCKWARE use of Information that constitutes your Personal Data.
- If you are a resident of the European Economic Area and believe we maintain your Personal Data within the scope of the General Data Protection Regulation (GDPR), you may direct questions or complaints to our lead supervisory authority:
Comissão Nacional de Proteção de Dados (Portugal)
R. de São Bento 148,
Telefone: 21 392 8400
You may contact us at firstname.lastname@example.org