Subscribe to receive anything new about Digipast
en

PRIVACY POLICY

1. Introduction

This policy contains the formal commitments of MOPTIL PC regarding the protection of the personal data of the users of both the web application and mobile applications named "Digi-Past" (collectively: the “Application” or “App”) for the protection of its users. It describes the basic conditions of processing of users' data and applies to all types of processing during the operation of the Application and does not cover third-party websites or services linked within the App.

2. Identity and contact details of the controller

MOPTIL PRIVATE COMPANY, Misaraliotou street no. 2 - Athens - Attica, P.O. Box 11742, telephone number +3021067005182 and email address info@moptil.com, processes as a controller within the meaning of Article 4 of Regulation (EU) 2016/679 (General Data Protection Regulation, hereinafter: "GDPR") the personal data of the users of the Application. For any issue regarding your personal data, please contact us and we will try to resolve it in the best possible way.

3. Source from which the personal data originate

Personal data we process are collected from you while some anonymized usage data we process originate from our third-party service providers.

4. What data we process

When you use the App, the following categories of data are collected:

  • i) Username
  • ii) Unique subscriber ID
  • iii) Metadata and logs such as information about the user's device (type, model, manufacturer, operating system and IP address), quality metrics (response times, error reports, login time and application usage time), browser version, history of movements-changes, location when using the App and others. No location metadata is collected when the App is not in use, unless you choose to enable the push notification button for receiving personalized notifications.
    The above does not include special categories of sensitive data within the meaning of Article 9(1) of the GDPR.
    In addition to the above, anonymized or pseudonymized usage data is collected: i) Due to the use of Google Firebase App distribution technology (Invitation Type, Status, Sessions, Crashes and in case of feedback Crashlytics Installation UUIDs, Crash traces, Breakpad minidump formatted data, Firebase installation IDs). These cannot be associated with the Applications personal data and are not considered.
    ii) Statistical data.
    All usage data is held and processed in such a manner that can no longer be attributed to a specific data subject without the use of additional information, which we do not possess, provided that such additional information is kept separately by our third-party service providers and is subject to technical and organizational measures to ensure their safety.
5. Purpose and legal basis of processing

The purpose of processing your data is to provide reports to the developer or publisher about the performance of the Application, which include information about your usage of the Application and your country of residence and, also, to provide customer support.

The legal basis for processing your personal data is Article 6(1)f and Article 6(1)b of the GDPR: processing is necessary i) for the performance of a contract to which you are party in order for the Application to operate, ii) for the purposes of the legitimate interests pursued by the controller. This information is provided to the developer or publisher (us) so that we can understand the performance of our subscriptions and respond to your inquiries providing customer support.

In addition, when you choose to enable the push notification button to receive personal messaging with user-specific details like location and product views suggestions to increase relevance, the legal basis for processing is Article 6(1)a of the GDPR, i.e. your consent, which is given by clicking the relevant button on your screen (web-based or app-based).

6. Data retention time

The data is kept for a maximum period of one year or shorter if deletion is requested.

7. Recipients of the data

The recipients of your data are the data processors on behalf of the controller, namely: a) the data storage service provider, in an appropriate database maintained for this purpose within the EEA, b) the App’s support service provider. Further, pseudonymized usage data is received by relevant analytics providers, such as Google LLC.

8. Data security

For MOPTIL the integrity and confidentiality of your information is a constant priority whether you download our store apps (mobile applications) or access directly through your browser (web application). The Application has been designed with the security and protection of your personal data in mind.We keep only pseudonymized usage data that we cannot attribute to a specific data subject. In any case we take appropriate technical and organizational measures to prevent accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access to the data and we are working to keep the web App always available to you.

At the same time, your payments are handled through secure, verified providers, and we do not directly handle your financial information.

About our store apps, for your safety and convenience MOPTIL provides DIGIPAST exclusively through the App (Apple Inc.)/Play Store (Google LLC), which ensure that our app comes from a verified source, is free of known malware, and hasn’t been tampered with at the time of installation or launch. App/Play Store use an encrypted protocol for secure online commercial transactions, in accordance with current standards and security specifications, via a secure banking environment. To ensure the confidentiality of data transfer, they use an appropriate encryption protocol. In this way, all your personal information is encrypted so that it cannot be read or changed during its transfer on the Internet. An encrypted communication requires all information sent between a client and a server to be encrypted by the sending software and decrypted by the receiving software, thus protecting personal information in transit. In addition, all information sent is protected by a mechanism that automatically verifies whether the data has been changed in transit. For the latest security measures please refer to the App/Play Stores.

When you access through your browser, appropriate technical and organisational measures are also applied. Our web application employs industry-standard security protocols to protect your data during transmission and storage. We utilize HTTPS encryption to ensure that all data exchanged between your browser and our servers remains confidential and secure. Regular security assessments are conducted to identify and mitigate potential vulnerabilities.

In both cases, measures include, but are not limited to: measures to prevent unauthorised access to data processing systems; measures to ensure that data processing systems cannot be used by unauthorised persons; measures to ensure that persons authorised to use data processing systems only have access to the data for which they are authorised; measures to ensure that personal data cannot be used by unauthorised persons during processing; measures to ensure that personal data cannot be transmitted, copied, altered or removed by unauthorised persons during electronic transmission or during the course of transmission or recording, and that it is possible to verify and authenticate the processors to whom personal data has been transmitted by means of devices; measures to ensure that it is possible to subsequently review and verify whether and by whom personal data have been entered, modified or deleted in the data processing systems, measures to ensure that personal data processed by third parties/contractors are only processed in accordance with our instructions, and measures to ensure that data collected for different purposes can be processed separately.

9. Your rights

You have the following rights:

  • i) Right of access: you have the right to know whether we are processing your personal data and, if so, to receive a copy of it.
  • ii) Right to withdraw your consent.
  • iii) Right to rectify inaccurate or incomplete data.
  • iv) Right to erasure: you have the right to request that we delete your data, for example if your data is no longer necessary in relation to the purposes for which it was collected or otherwise processed.
  • v) Right to restriction: you have the right to ask us to restrict processing, for example if you contest the accuracy of your data or request that we do not delete data that you consider necessary for the establishment, exercise, or defence of legal claims.
  • vi) Right to object: you have the right to object to processing at any time and on grounds relating to your particular situation.

You can exercise your rights by sending an e-mail to info@moptil.com or a letter to our postal address or by submitting the request to us in person, at the address of MOPTIL PC. However, for us to process your request, we must be able to verify your identity or provide us with additional information necessary to confirm your identity. We also point out that exercising the right to object or erasure does not imply the immediate deletion of data or the modification of processing. In any case, we will reply to you in detail as soon as possible, within the time limits set by the GDPR.

If you believe that the processing of your data violates the GDPR, you have the right to file a complaint with a supervisory authority. The competent supervisory authority for Greece is the Hellenic Data Protection Authority (www.dpa.gr). Complaints are submitted electronically, through the Authority's web portal (https://www.dpa.gr/el/syndesi/prosvasi) or, exceptionally, in the following ways: a) by sending to the email: complaints@dpa.gr, by mail to the Authority's offices (Personal Data Protection Authority, 1-3 Kifisias St., 115 23 Athens), c) by submitting in person to the Authority's offices (1st floor, public hours at the protocol office: 09:00 – 13:00).

10. Updates and Revisions

This policy may be updated or revised. We recommend that you check this website regularly to detect recent changes.