By using the website https://memoriesbook.io (the “Website”) you (the “User”) unconditionally accept this Privacy Policy (the "Policy"), so please kindly read it to get a clear understanding of what information about you we process, why we need it, and how we protect it.
If you don’t accept this Policy, you must immediately stop using the Website.
If you only access our Website as a visitor, it is most likely that we don’t collect any of your personal data. However, our website uses cookies, so you might wish to read our Cookies Policy to know what exactly we do and how you can manage your cookies settings.
Company (also referred to as “we”, or “us”) means Memories Book Oy, a legal entity registered in Finland (Business ID 3370199-7) having its postal address at: c/o Streamex Oy, Malminkaari 5, 00700 Helsinki, Finland.
Cookies are small pieces of data sent by the Website server and stored on your device in order to optimise the performance of the Website. The use of cookies on the Website is governed by the Cookies Policy
GDPR, General Data Protection Regulation - Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.
Google means Google LLC, a company incorporated in the United States of America.
Google account means a user account that is required for access, authentication and authorization to online Google services, which are operated by Google.
Page means a webpage created by a User on the Website which contains information about a Persona.
Persona means a deceased person, to whom the Page created by the User is dedicated.
Personal data mean any information relating to an identified or identifiable natural person (‘data subject’) . In particular, is accordance with the applicable law the following identifiers are considered as personal data: a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, including collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Website means the Internet website operated by the Company on the following domain: https://memoriesbook.io.
Services means a web and mobile application operated by the Company which allows Users to keep memories of deceased people by creating Pages on the Website and share such Pages via QR codes; such QR codes can be engraved on tangible media and placed at any location according to User’s choice.
User (also referred to as “you”) means any individual who uses the Website or the Services.
This Policy explains what personal data and other personal information the Company processes, the purpose and the procedure of such processing, as well as the protective measures implemented by the Company.
This Policy applies to the personal data and other personal information collected by the Company in connection with the operating of the Website and rendering the Services.
With regard to the processing of personal data and other personal information by third parties, this Policy applies only in case they receive personal data from the Company. The Policy does not apply to personal information received by third parties directly (for example, as a result of the use of third-party cookies).
This Policy has been developed in accordance with GDPR as well as other laws applicable to the activities of the Company, including the Finnish Data Protection Act (1050/2018).
We collect information relating to Users, including personal data, in order to provide and continually improve our Services.
We receive and store any information you provide in relation to the Services. You can choose not to provide certain information, but then you might not be able to take advantage of our Services.
When creating an account on the Website you provide us with the following information (“authentication data”):
We use this information to authenticate you on the Website in order to provide you with the relevant Services in accordance with our Terms of Service.
If you do your authentication on the Website with your Google account, you authorize us to receive your authentication data from Google. If your Google account is deleted, you cannot be authenticated on the Website and might not be able to use the Services.
We receive and keep information about all Pages created by you on the Website.
To delete your account from the Website, please contact us at hello@memoriesbook.io.
When you report to us a violative or infringing content using our report form we ask you to provide us with some information about you, including:
When you give us feedback using our feedback form, we ask you to give us:
When you send us emails we receive some information about you, including:
We use this information to communicate back to you regarding your report, question or any other matter which you bring to our attention.
We might receive information about you from other sources, such as:
Google. If you do your authentication on the Website with your Google account, you authorize us to receive your authentication data from Google.
Service providing partners. Payment processing service providers, producers of QR code plates, delivery service providers, and other companies with which we work to provide Services to you, may collect your personal data. In doing so they are guided by their own privacy policies for which we are not responsible. From our Services partners we might receive your delivery and address information which we use to deliver your purchase, payment and delivery status of your order which we use to ensure the timely provision of the Services.
We do not collect or receive your payment details such as card numbers or bank account numbers.
When creating a Page of on the Website you provide us with information related to the Persona, including:
In accordance with the applicable law the information relating to a deceased person does not qualify as personal data in the meaning of the GDPR. Therefore, information related to the Persona is not considered as personal data.
By creating a Page and populating it with information related to the Persona you warrant us that:
Information about the Persona displayed on the Page becomes publicly accessible via a QR code, unless the User sets a privacy mode for a particular Page.
You can at any time update Persona’s information on the Page.
You can at any time delete Persona`s information from the Page, except for the name and the dates of birth and death, which cannot be deleted without deleting the Page itself.
To delete the Page from the Website, please contact us at hello@memoriesbook.io
We automatically collect and store certain types of information about your use of the Website and the Services, such as the internet protocol (IP) address used to connect your computer to the internet, the location of your device or computer, your browser’s language and time zone settings, etc. This is explained in more detail in our Cookies Policy. You can change your cookies settings to manage what automatic information about you we will collect.
We don’t collect and don’t process special categories of personal data, namely data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning health or data concerning a natural person's sex life or sexual orientation.
According to our Terms of Service, the Minimum age requirement for creating account of the Website is 16 years. We do not knowingly process personal data of individuals under 16 years old without the consent of their parents or legal representatives.
IF YOU ARE UNDER THE AGE OF 16 YOU MAY NOT USE THE WEBSITE, UNLESS PARENTAL CONSENT IS PROVIDED ACCORDINGLY
We process your personal information, including personal data, to operate, provide, develop, and improve the Services. These purposes include:
Functioning of the Website, including the possibility for Users to create accounts.
Provision of the Services, in accordance with the Company’s contractual obligations to the registered Users pursuant to the Terms of Service.
Troubleshooting and improving the Services, namely to analyse performance, fix errors, and improve the usability and effectiveness of the Services.
Personalisation of User experience on the Website, for example, saving User's settings and authorisation status on the Website, providing User with personalized content, recommendations, and features.
Communicating with Users, in particular, informing Users about changes in Services and new opportunities related to the use of the Website, collecting feedback, providing response to User's reports and questions, resolving disputes, etc.
Facilitating the exercise of data subject rightsby the User;
Marketing, in particular, displaying interest-based ads, sending promotional or advertising materials, including personalised ones, provided the User can at any time withdraw his or her consent to receive such marketing communications.
Preventing fraud, abuse and security incidents, in particular to prevent unauthorized or illegal activity on our Website, to conduct security investigations and risk assessments, to prevent or take action against activities that are, or may be, in breach of our Terms of Service or applicable law.
Compliance with the mandatory legislation requirementsrequirements of the country of incorporation of the Company.
We don’t make decisions affecting your rights and legitimate interests on the basis of exclusively automated processing of your personal data.
We process your personal information, including personal data, for as long as you keep your account at the Website, and for as long as the Pages created by you are available to the public.
The Company processes information relating to Personas for the purposes of:
We process information relating to Personas for as long as the respective Pages are available to the public.
Our legal basis for collecting and using your personal information is dependent on the scope and the specific purpose for which we collect such information. The legal basis is one of the following:
We are not in the business of selling our Users’ personal information to others. We don’t intentionally disclose any of your personal information, to any third party without having received your permission, except as provided for below.
Functioning of the Website. To operate the Website, we may, from time to time, need to use hosting and other technical services from third party services providers. This means that though the Company is responsible, as a data controller, for how and why the personal information is collected and processed, the actual processing might be performed by a third party services provider acting on behalf of the Company.
Provision of the Services. In order to provide the Services in accordance with our contractual obligations, we may need to share your personal information with third parties, such as payment processing service providers, hosting and storage providers, producers of QR code plates, delivery service providers, etc.
Advertising. The Website may contain third-party advertising and links to other websites and apps. Third-party advertising partners may collect information about you when you interact with their content, advertising, and services. For example, if you click on a link you may be taken to a third party website which may collect your personal information through the use of third-party cookies. The Company is not responsible for the ways and methods of processing User's data by third parties in this case.
Analytics. We may share your information with analytics service providers for analytics services. Such analytics service providers set their own cookies or other identifiers on your computer, through which they can collect information about your usage of our Website. This helps us compile aggregated statistics about the effectiveness of our Website and Services.
Business transfers. We may also transfer your information, including personal information, in connection with a corporate merger, consolidation, the sale of business and related assets or other fundamental corporate changes.
The above mentioned third parties may be located in countries other than your own, and we may send them information we receive. When such third party service providers process your personal information on our behalf, we will assure that they comply with obligations similar to those which are set forth in this Policy. We will also assure that they will abide by our data privacy and security requirements, and will be allowed to use the personal information solely for the purposes we set. We will transfer your personal information while using appropriate and suitable safeguards, while using a variety of legal mechanisms, including contracts, to ensure your rights and protections travel with your data.
Protection of the Company and Others. Furthermore, information about you may also be released in order to comply with any valid legal obligation or inquiry or process such as a search warrant, subpoena, statute or court order. We will also release specific information in special cases, such as if you use our Services to perform an unlawful act or omission or take any act or omission that may damage the Company, its property and goodwill, or if there is an attempted breach of the security of the Website or a physical or property threat to you or others. With respect to our data protection practices, you have the right to file a complaint to any relevant supervisory data protection authority.
We design our systems with your security and privacy in mind.
We deploy industry standard measures to ensure the security, confidentiality, integrity and availability of the personal information we process. We maintain physical, technical and administrative safeguards, and test and update these periodically. We endeavour to restrict access to personal information on a ‘need to know’ basis for the provision of Services to you.
No such measures are perfect or impenetrable. In the event of a security breach, we will take all reasonable action to minimize any harm. Although we will do our best to protect personal information, we cannot guarantee the security of data transmitted to our Website and transmission is at the Users own risk.
It is important for you to protect against unauthorized access to your passwords and to your computers and devices. It is your responsibility to keep your authentication data safe and confidential. You shouldn’t disclose your authentication data to third parties.
Under the GDPR you have certain rights in relation to your personal data:
The right to be informed: our obligation is to inform you that we process your personal data (and that's what we're doing in this Policy).
The right of access: your right to request a copy of the personal data we hold about you.
The right of rectification: your right to request that we correct personal data about you if it is incomplete or inaccurate.
The right to erasure: (also known as the "right to be forgotten"): under certain circumstances, you may ask us to delete the personal data we have about you (unless it remains necessary for us to continue processing your personal data for a legitimate business need or to comply with a legal obligation as permitted under the GDPR, in which case we will inform you).
The right to restrict processing: your right, under certain circumstances, to ask us to suspend our processing of your personal data.
The right to data portability: your right to ask us for a copy of your personal data in a common format (for example, a .csv file)
The right to object: your right to object to us processing your personal data (for example, if you object to us processing your data for direct marketing)
Rights in relation to automated decision-making and profiling: our obligation to be transparent about any profiling we do, or any automated decision-making
These rights are subject to certain rules around when you can exercise them.
You may at any time send to us an inquiry, request or complaint related to the use of your personal data, or to the exercise of your rights, to the e-mail address hello@memoriesbook.io
We reserve the right to revise, amend, or modify this Policy at any time. When changing the policy, we will update this posting accordingly. The new version of the Policy comes into force at the moment of its publication on the Website.
Users are notified about changes in the Policy at the next authorisation on the Website and will have to accept the new version of the Policy or stop using the Website.