PRIVACY POLICY
Effective Date: May 25, 2018
This Privacy Policy applies to the Dentacoin B.V. owned and operated applications, websites, and subdomains (“Sites and Applications”). Dentacoin B.V. (“Dentacoin”, “we” or “us”) knows that you care how information about you is used, stored, and shared.
This Privacy Policy explains what personal data of yours will be collected by us when you access the Sites and Applications, how the data will be used, and how you can control the collection, correction and/or deletion of data.
Personal data means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
This Privacy Policy complies with the requirements of the EU General Data Protection Regulation (GDPR).
This Privacy Policy does not apply to information we collect by other means (including offline) or from other sources. We will not use or share your personal data with anyone except as described in this Privacy Policy.
The use of personal data collected through our Sites and Applications shall be limited to the purposes under this Privacy Policy.
1. Data Protection Overview
The operators of all Dentacoin Sites and Applications take the protection of your personal data very seriously. We treat your personal data as confidential and in accordance with the statutory data protection regulations and this Privacy Policy.
If you use any of our Sites and Applications, various pieces of personal data will be collected. Personal information is any data with which you could be personally identified. This Privacy Policy explains what information we collect and what we use it for. It also explains how and for what purpose this happens.
Please note that data transmitted via the Internet (e.g. via email communication) may be subject to security breaches. Complete protection of your data from third-party access is not possible.
This Privacy Policy explains what information we collect and what we use it for. It also explains how and for what purpose this happens.
Who is responsible for the data collection on our Sites and Applications?
The data collected on our Sites and Applications are processed by the Data Operator. The operator's contact details can be found in the legal notice on Dentacoin’s official website www.dentacoin.com.
Dentacoin Foundation operates the majority of its services as a data controller. However, there are some instances in which we operate as a data processor - e.g. in cases of surveys published on DentaVox, which are ordered by third-parties.
How do we collect your data?
We collect data when you register, sign up for our newsletter, respond to a survey, or send an inquiry.
Part of this data (including your name, email, phone number, friend list) is provided by third parties (such as Facebook, Civic, uPort) during the registration process, upon your explicit consent.
Other data is collected automatically by our IT systems when you visit our Sites and Applications (primarily technical data such as which browser and operating system you are using, when you accessed the website, etc.).
A hashed version of your personal data is also used for creating Facebook Custom Audiences (details in 5. Facebook Pixel)
What do we use your data for?
We collect your data in order to:
- ensure the proper functioning of our Sites and Applications;
- give you access to the full range of functionalities (such as answering questionnaires and earning Dentacoin tokens, writing reviews, using the Dentacare mobile app, etc.);
- answer your inquiries;
- send you service information and newsletters;
- conduct market research;
- analyze the overall user behavior.
We will not sell, rent, or lease your personal data to any third party individual, government agency, or company at any time unless compelled to do so by law.
How do we protect your data?
Your personal data is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential.
All sensitive information you supply is encrypted via Secure Socket Layer (SSL) technology or TLS encryption for security reasons and for the protection of the transmission of confidential content. You can recognize an encrypted connection in your browser's address line when it changes from "http://" to "https://" and the lock icon is displayed in your browser's address bar. If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.
We use regular Malware Scanning. We implement a variety of security measures when a user enters, submits, or accesses their information to maintain the safety of your personal information.
How long do we keep your data?
Your data is retained until you explicitly express that you want us to delete your data or you delete it on your own using the designated option in your Profile on our Sites and Applications. By deleting your Profile on our Sites and Applications you are exercising your right “to be forgotten” and we have the obligation to erase your personal data within 90 days after your request.
2. What rights do you have regarding your data
You always have the right to request information about your stored data, its origin, its recipients, and the purpose of its collection at no charge. You also have the right to request it to be corrected, restricted, or deleted (those options are available to you in Your profile as well). You can contact us at any time using the address given in the legal notice if you have further questions about the issue of privacy and data protection. You may also, of course, file a complaint with the competent regulatory authorities.
Revocation of your consent to the processing of your data
Many data processing operations are only possible with your explicit consent. You may revoke your consent at any time with future effect. An informal email expressing this request is sufficient. The data processed before we receive your request may still be legally processed.
Information, restriction, deletion
You have the right to be provided at any time with information free of charge about any of your personal data that is stored as well as its origin, the recipient and the purpose for which it has been processed. You also have the right to have this data corrected, restricted or deleted. Those options are available to you in "My account" section as well. All personal data related to your profile will be deleted within 90 days after your request. Account restoration requests on all our Sites and Applications can be accepted and respected only within this 90-day period; afterward, the data is irreversibly erased. You can contact us at any time using the email address given in our legal notice if you have further questions related to your personal data.
Right to file complaints with regulatory authorities
If there has been a breach of data protection legislation, the person affected may file a complaint with the competent regulatory authorities.
Right to data portability
You have the right to have data that we process based on your consent or in fulfillment of a contract delivered to yourself or to a third party in a standard, machine-readable format. If you require the direct transfer of data to another responsible party, this will only be done to the extent technically feasible.
Analytics and third-party tools
When visiting our Sites and Applications, statistical analyses may be made of your surfing behavior. This happens primarily using cookies and analytics tools. The analysis of your surfing behavior is usually anonymous, i.e. we will not be able to identify your identity from this data. When created, cookies normally don't contain any personal information. They don't scan your computer or do any kind of investigation to find out your personal information. Any personal information they might contain is a result of your own input on a website's form. Most of the time, when a cookie does store personal information, this information is coded in such a way that it is unreadable to any third party who happens to access your cookie folder.
You can object to this analysis. We will inform you further below about how to exercise your options in this regard.
3. Data Collection
3.1. Account Data
Personal data such as email address, age, city, country, a mobile phone number is requested from you when registering on any of our Sites and Applications. This data is collected to ensure the proper functioning of our Sites and Applications; it allows you to access certain parts of our Sites and Applications, to use the full range of functionalities they offer (such as answering DentaVox questionnaires, earning Dentacoin tokens, writing reviews on our Trusted Reviews, enhancing your oral hygiene routine by means of the Dentacare mobile app, etc.), as well as to receive service information and newsletters. Other data can be used to analyze how you use our Sites and Applications, as well as for market research purposes.
For account creation, verification and login we also use the services of third-party service providers - Facebook and Civic.
Facebook Login
Our Sites and Applications use Facebook Login. The service is provided by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook").
Facebook Login allows you to quickly and easily create an account and login without having to set (and likely later forget) another password. When creating your account on our Sites and Applications, you will be asked for specific permissions about the data you allow us to use from your Facebook profile. No other data from your Facebook profile will be collected without your explicit consent.
You can discontinue at any time the integration of your Facebook profile with our Sites and Applications or edit your permissions by following the instructions specified here: https://www.facebook.com/help/262314300536014/
Please check out Facebook's privacy policy to learn more: https://www.facebook.com/about/privacy/
Civic Login
Our Sites and Applications use Civic for account creation and verification. The service is provided by Civic Technologies, Inc., 540 Bryant Street, Suite 200, Palo Alto, CA 94301, United States.
Civic allows you to register and authenticate without the need for usernames and passwords, and verify your identity using blockchain-powered attestations. Users store their identity data, documents, and attestations using the Civic App and can reuse the attestations when needed. When creating your account on our Sites and Applications, you will be asked for specific permissions about the data you allow us to use from your Civic decentralized ID. No other data from your Civic ID will be collected without your explicit consent.
Please check out Civic's privacy policy to learn more: https://www.civic.com/legal/privacy-policy/
3.2. Cookies
Our Sites and Applications use cookies. Cookies do not harm your computer and do not contain any viruses. Cookies help make our Sites and Applications more user-friendly, efficient, and secure. Cookies are small text files that are stored on your computer and saved by your browser.
Cookies that are necessary to allow electronic communications or to provide certain functions you wish to use are stored pursuant to Art. 6 paragraph 1, letter f of GDPR. The Sites and Applications’ operator has a legitimate interest in the storage of cookies to ensure an optimized service provided free of technical errors. If other cookies (such as those used to analyze your surfing behavior) are also stored, they will be treated separately in this Privacy Policy.
You can choose to enable all cookies or adjust settings from the cookie bar on our Sites and Applications.
There are two types of cookies we use:
- Persistent cookies remain on a user’s device for a set period of time specified in the cookie. They are activated each time that the user visits the website that created that particular cookie.
- Session cookies are temporary. They allow website operators to link the actions of a user during a browser session. A browser session starts when a user opens the browser window and finishes when they close the browser window. Once you close the browser, all session cookies are deleted.
You can configure your browser to inform you about the use of cookies so that you can decide on a case-by-case basis whether to accept or reject a cookie. Alternatively, your browser can be configured to automatically accept cookies under certain conditions or to always reject them, or to automatically delete cookies when closing your browser. Disabling cookies may limit the functionality of our Sites and Applications.
The cookies we use can be additionally classified as follows:
- Strictly necessary cookies are essential to navigate around a website and use its features. Without them, you wouldn’t be able to use basic services like registration or login. These cookies do not gather information about you that could be used for marketing, nor do they track where you've been on the Internet.
Example of how we use strictly necessary cookies: Allowing you to sign in to Dentacoin Sites and Applications as a registered user.
- Performance cookies collect data for statistical purposes on how visitors use a website, they don’t contain personal information such as names and email addresses, and are used to improve your user experience on our Sites and Applications.
Example of how we use performance cookies: Gathering data about visits to the website, including numbers of visitors and visits, length of time spent on the site, pages clicked on or where visitors have come from.
Information supplied by performance cookies helps us to understand how you use the website; for example, whether or not you have visited before, what you looked at or clicked on and how you found us. We can then use this data to help improve our services. We generally use independent analytics companies to perform these services for us and when this is the case, these cookies may be set by a third-party company (third-party cookies).
If you have registered with our Sites and Applications, we can combine the data from the web analytics services and their cookies with the information you have supplied to us, so that we can make your experience more personal or tailor your emails with the content you might find more interesting. We would only do this if you have given us permission to communicate with you. Sometimes the data used from the web analytics companies has been collected before you registered or signed in. In these cases, if we use this data to identify you, we use it only in accordance with our privacy policy.
- Functionality cookies allow users to customize how a website looks for them: they can remember usernames, language preferences and regions, and can be used to provide more personalized services.
Example of how we use functionality cookies: Remembering your cookie preferences and adapting the way our Sites and Applications function based on it.
- Marketing cookies are used to deliver advertisements more relevant to you, but can also limit the number of times you see an advertisement and be used to chart the effectiveness of an ad campaign by tracking users’ clicks. They are usually placed by third-party advertising networks with a website operator’s permission but can be placed by the operator themselves. They can remember that you have visited a website, and this information can be shared with other organizations, including other advertisers. They cannot determine who you are, though, as the data collected is never linked to your profile.
The main ways we use advertising cookies are set out below:
• Interest-based advertising;
• Retargeting;
• Social media;
• Customer support.
Without these cookies, online advertisements you encounter will be less relevant to you and your interests and we will not be able to process your chat inquiries properly.
The cookies used on our Site and Applications are described below.
DENTACOIN.COM
Strictly Necessary:
Laravel security cookie - Laravel stores the current CSRF token in a XSRF-TOKEN cookie that is included with each response generated by the framework. You can use the cookie value to set the X-XSRF-TOKEN request header. This cookie is primarily sent as a convenience since some JavaScript frameworks and libraries, like Angular and Axios, automatically place its value in the X-XSRF-TOKEN header:
XSRF-TOKEN
Laravel session - this cookie is saved when a user logs in; we need it in order to keep them logged-in:
Laravel_session
Facebook signup/ login - we need these cookies in order to allow registration/ login with Facebook:
datr
c_user
sb
spin
wd
Xs
fr
Cookies consent: Strictly necessary - we store this cookie in order to ensure that a user has accepted the strictly necessary cookies:
strictly_necessary
Performance:
Google Analytics - it tracks user behavior and interaction with our Sites and Applications; more about the stored data in 5.1. Google Analytics:
_gat_gtag_UA_97167262_1
_ga
_gid
Functionality:
Cookies consent: Additional - we store this cookie in order to ensure that only the cookies explicitly chosen by the user are enabled:
performance_cookies
functionality_cookies
marketing_cookies
Marketing:
Tawk.to - this cookie enables us to answer user inquiries through the chatbot:
__tawkuuid
Facebook pixel - it is used to track conversions and other indicators used to measure Facebook advertising results; more about the use of it in 5.4. Facebook Pixel:
_fbp
DoubleClick - advertising cookies used by Google; see more about the data used by Google Ads in 5.2. Google Ads and Google Conversion Tracking:
IDE
DENTISTS.DENTACOIN.COM
Strictly Necessary:
Laravel security cookie - Laravel stores the current CSRF token in a XSRF-TOKEN cookie that is included with each response generated by the framework. You can use the cookie value to set the X-XSRF-TOKEN request header. This cookie is primarily sent as a convenience since some JavaScript frameworks and libraries, like Angular and Axios, automatically place its value in the X-XSRF-TOKEN header:
XSRF-TOKEN
Laravel session - this cookie is saved when a user logs in; we need it in order to keep them logged-in:
Dentistssession
Facebook signup/ login - we need these cookies in order to allow registration/ login with Facebook:
datr
c_user
sb
spin
wd
Xs
fr
Cookies consent: Strictly necessary - we store this cookie in order to ensure that a user has accepted the strictly necessary cookies:
strictly_necessary
Performance:
Google Analytics - it tracks user behavior and interaction with our Sites and Applications; more about the stored data in 5.1. Google Analytics:
_gat_gtag_UA_97167262_3
_ga
_gid
Functionality:
Cookies consent: Additional - we store this cookie in order to ensure that only the cookies explicitly chosen by the user are enabled:
performance_cookies
functionality_cookies
marketing_cookies
Marketing:
Facebook pixel - it is used to track conversions and other indicators used to measure Facebook advertising results; more about the use of it in 5.4. Facebook Pixel:
_fbp
Facebook cookie - additional advertising cookie by Facebook:
Fr
DoubleClick - advertising cookies used by Google; see more about the data used by Google Ads in 5.2. Google Ads and Google Conversion Tracking:
IDE
ASSURANCE.DENTACOIN.COM
Strictly Necessary:
Laravel security cookie - Laravel stores the current CSRF token in a XSRF-TOKEN cookie that is included with each response generated by the framework. You can use the cookie value to set the X-XSRF-TOKEN request header. This cookie is primarily sent as a convenience since some JavaScript frameworks and libraries, like Angular and Axios, automatically place its value in the X-XSRF-TOKEN header:
XSRF-TOKEN
Laravel session - this cookie is saved when a user logs in; we need it in order to keep them logged-in:
Laravel_session
Facebook signup/ login - we need these cookies in order to allow registration/ login with Facebook:
datr
c_user
sb
spin
wd
Xs
fr
Cookies consent: Strictly necessary - we store this cookie in order to ensure that a user has accepted the strictly necessary cookies:
strictly_necessary
Test version cookie - warns users that this is still test version of the website:
warning-test-version
Performance:
Google Analytics - it tracks user behavior and interaction with our Sites and Applications; more about the stored data in 5.1. Google Analytics:
_gat_gtag_UA_108398439_4
_ga
_gid
Functionality:
Cookies consent: Additional - we store this cookie in order to ensure that only the cookies explicitly chosen by the user are enabled:
performance_cookies
functionality_cookies
marketing_cookies
ACCOUNT.DENTACOIN.COM
Strictly Necessary:
Laravel security cookie - Laravel stores the current CSRF token in a XSRF-TOKEN cookie that is included with each response generated by the framework. You can use the cookie value to set the X-XSRF-TOKEN request header. This cookie is primarily sent as a convenience since some JavaScript frameworks and libraries, like Angular and Axios, automatically place its value in the X-XSRF-TOKEN header:
XSRF-TOKEN
Laravel session - this cookie is saved when a user logs in; we need it in order to keep them logged-in:
Laravel_session
Facebook signup/ login - we need these cookies in order to allow registration/ login with Facebook:
datr
c_user
sb
spin
wd
Xs
fr
DENTACARE.DENTACOIN.COM
Strictly Necessary:
Laravel security cookie - Laravel stores the current CSRF token in a XSRF-TOKEN cookie that is included with each response generated by the framework. You can use the cookie value to set the X-XSRF-TOKEN request header. This cookie is primarily sent as a convenience since some JavaScript frameworks and libraries, like Angular and Axios, automatically place its value in the X-XSRF-TOKEN header:
XSRF-TOKEN
Laravel session - this cookie is saved when a user logs in; we need it in order to keep them logged-in:
Laravel_session
Facebook signup/ login - we need these cookies in order to allow registration/ login with Facebook:
datr
c_user
sb
spin
wd
Xs
fr
Cookies consent: Strictly necessary - we store this cookie in order to ensure that a user has accepted the strictly necessary cookies:
strictly_necessary
Performance:
Google Analytics - it tracks user behavior and interaction with our Sites and Applications; more about the stored data in 5.1. Google Analytics:
_ga
_gid
Functionality:
Cookies consent: Additional - we store this cookie in order to ensure that only the cookies explicitly chosen by the user are enabled:
performance_cookies
functionality_cookies
marketing_cookies
WALLET.DENTACOIN.COM
Strictly Necessary:
Local storage - remembers the user credentials so that they stay signed-in:
keystore_file
current_account
Performance:
Google Analytics - it tracks user behavior and interaction with our Sites and Applications; more about the stored data in 5.1. Google Analytics:
_gat_gtag_1P_JAR
_ga
_gid
DENTAVOX.DENTACOIN.COM
Strictly Necessary:
Laravel security cookie - Laravel stores the current CSRF token in a XSRF-TOKEN cookie that is included with each response generated by the framework. You can use the cookie value to set the X-XSRF-TOKEN request header. This cookie is primarily sent as a convenience since some JavaScript frameworks and libraries, like Angular and Axios, automatically place its value in the X-XSRF-TOKEN header:
XSRF-TOKEN
Laravel session - this cookie is saved when a user logs in; we need it in order to keep them logged-in:
Laravel_session
Facebook signup/ login - we need these cookies in order to allow registration/ login with Facebook:
datr
c_user
sb
spin
wd
xs
Cookies consent: Strictly necessary - we store this cookie in order to ensure that a user has accepted the strictly necessary cookies:
Strictly_necessary
Rewards saving cookies - these cookies are saved when a user takes a poll or a survey before registering or logging in, in order to save their answers and include the corresponding rewards in their balance after logging in:
daily_poll
first_test
Performance:
Google Analytics - it tracks user behavior and interaction with our Sites and Applications; more about the stored data in 5.1. Google Analytics:
_gat_gtag_UA_108398439_2
_ga
_gid
Functionality:
Cookies consent: Additional - we store this cookie in order to ensure that only the cookies explicitly chosen by the user are enabled:
performance_cookies
functionality_cookies
Marketing_cookies
Previous login - this cookie is used to see if this user has been logged before:
Prev-login
Marketing:
Facebook pixel - it is used to track conversions and other indicators used to measure Facebook advertising results; more about the use of it in 5.4. Facebook Pixel:
_fbp
DoubleClick - advertising cookies used by Google; see more about the data used by Google Ads in 5.2. Google Ads and Google Conversion Tracking:
DSID
IDE
Gstatic.com - advertising cookies used by Google; see more about the data used by Google Ads in 5.2. Google Ads and Google Conversion Tracking:
1P_JAR
CONSENT
Google - additional advertising cookies used by Google; see more about the data used in 5.2. Google Ads and Google Conversion Tracking:
1P_JAR
ANID
APISID
CONSENT
HSID
NID
SAPISID
SID
SIDCC
SSID
__Secure-3PAPISID
__Secure-3PSID
__Secure-APISID
__Secure-HSID
__Secure-SSID
Recommendation popup - it enables users to see a popup for rating their experience and writing an online recommendation:
first-login-recommendation
REVIEWS.DENTACOIN.COM
Strictly Necessary:
Laravel security cookie - Laravel stores the current CSRF token in a XSRF-TOKEN cookie that is included with each response generated by the framework. You can use the cookie value to set the X-XSRF-TOKEN request header. This cookie is primarily sent as a convenience since some JavaScript frameworks and libraries, like Angular and Axios, automatically place its value in the X-XSRF-TOKEN header:
XSRF-TOKEN
Laravel session - this cookie is saved when a user logs in; we need it in order to keep them logged-in:
Laravel_session
Facebook signup/ login - we need these cookies in order to allow registration/ login with Facebook:
datr
c_user
sb
spin
wd
Xs
Fr
Amcharts - these cookies are used to visualize dentists’ rating on all aspects:
__cfduid
_ga
amcharts_last_accepted_policy_version
amdocs_code_type_2
Cookies consent: Strictly necessary - we store this cookie in order to ensure that a user has accepted the strictly necessary cookies:
strictly_necessary
Performance:
Google Analytics - it tracks user behavior and interaction with our Sites and Applications; more about the stored data in 5.1. Google Analytics:
_gat_gtag_UA_108398439_1
_ga
_gid
Functionality:
Cookies consent: Additional - we store this cookie in order to ensure that only the cookies explicitly chosen by the user are enabled:
performance_cookies
functionality_cookies
marketing_cookies
Guided tour cookie - it is used to remember the completed steps from the guided tour for new users
save-guided-tour
Dentist city - this cookie is saved when a user wants to see dentists from another city on the home page slider:
dentist_city
Marketing:
Facebook pixel - it is used to track conversions and other indicators used to measure Facebook advertising results; more about the use of it in 5.4. Facebook Pixel:
_fbp
DoubleClick - advertising cookies used by Google; see more about the data used by Google Ads in 5.2. Google Ads and Google Conversion Tracking:
DSID
IDE
Google - additional advertising cookies used by Google; see more about the data used in 5.2. Google Ads and Google Conversion Tracking:
1P_JAR
ANID
APISID
CONSENT
HSID
NID
SAPISID
SID
SIDCC
SSID
__Secure-3PAPISID
__Secure-3PSID
__Secure-APISID
__Secure-HSID
__Secure-SSID
Aritic PinPoint - these cookies are used by one of our newsletter service providers in order to track behavior and usage, and to thus to allow better newsletter analytics and content automation:
aritic_device_id
aritic_session_id
atc_id
atc_sid
3.3. Server log files
The website provider automatically collects and stores information that your browser automatically transmits to us in "server log files". These are:
- Browser type and browser version
- Operating system used
- Referrer URL
- Hostname of the accessing computer
- Time of the server request
- IP address
This data will not be combined with data from other sources.
The basis for data processing is Art. 6 (1) (b) GDPR, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.
3.4. Contact forms and Online chat
Should you send us questions via contact forms or chats on our Sites and Applications, we will collect the data entered, including the contact details you provide, to answer your question and any follow-up questions. We do not share this information without your permission.
We will, therefore, process any data you enter onto the contact form only with your consent as per Art. 6 (1)(a) GDPR. You may revoke your consent at any time. An informal email expressing this request is sufficient. The data processed before we receive your request may still be legally processed.
We will retain the data you provide on the contact form until you request its deletion or revoke your consent for its storage. Any mandatory statutory provisions, especially those regarding mandatory data retention periods, remain unaffected by this provision.
3.5. Comments on our Blog
If you use the comment function on our Blog, your username (unless posting anonymously), the time at which you created the comment, and your email address will be stored along with your comment. The comments and the associated data (e.g. IP address) are stored and remain on our Blog until the content commented upon has been completely deleted or the comments are required to be removed for legal reasons (slander, etc.).
The comments are stored based on your consent as per Art. 6 (1) (a) GDPR. You may revoke your consent at any time with future effect. An informal email expressing this request is sufficient. The data processed before we receive your request may still be legally processed.
4. Data Collected for Market Research Purposes
We collect data for market research purposes from subscribers (data subjects) taking incentivized online surveys on our market research platform DentaVox. The collection and use of personal data (incl. survey answers) on DentaVox is performed in compliance with the GDPR Guidance Note for the Research Sector, compiled jointly by the European Research Federation (EFAMRO) and ESOMAR - the global voice of the data, research and insights community.
All surveys taken, as well as the respective answers given by a respondent, are associated with her/his DentaVox account. Hence they can also be considered personal data (in terms of database/storage). The respondent can request all this data (both personal details and survey answers) to be edited, withdrawn or deleted at any time by contacting us at the email provided in the legal notice or using the designated options in their online Profile.
If the survey responses, however, have already been incorporated and anonymized or aggregated in a market, opinion or social research project (like it is in the case of DentaVox), then this data does not have to be deleted as it’s not personal data. The aggregated and anonymized survey results can hence be provided to third parties such as partners, media, etc.
If a participant communicates his/her opposition to the processing of his/her data, we will facilitate this by not further processing identification data.
5. Analytics and advertising
5.1. Google Analytics
Our Sites and Applications use Google Analytics, a web analytics service. It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Google Analytics uses the so-called "cookies". These are text files that are stored on your device and that enable us to analyze your user behavior on our Sites and Applications. The information generated by the cookie about your use is usually transmitted to a Google server in the USA and stored there.
Google Analytics cookies are stored based on Art. 6 (1) (f) GDPR. The Sites and Applications’ operator has a legitimate interest in analyzing user behavior to optimize online services and advertising activities.
IP anonymization
We have activated the IP anonymization feature on our Sites and Applications. Your IP address will be shortened by Google within the European Union or other parties to the Agreement on the European Economic Area prior to transmission to the United States. Only in exceptional cases is the full IP address sent to a Google server in the US and shortened there. Google will use this information on behalf of the operator of our Sites and Applications to evaluate your use of the website, to compile reports on website activity, and to provide other services regarding website activity and Internet usage for the Sites and Applications’ operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with any other data held by Google.
Browser plugin
You can disable cookies / prevent the storage of cookies by selecting the appropriate settings in your browser. However, be aware that doing so you may not be able to enjoy the full functionality of our Sites and Applications. You can also prevent the data generated by cookies about your use of Dentacoin websites (incl. your IP address) from being passed to and processed by Google, by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
Objecting to the collection of data
You can prevent the collection of your data by Google Analytics by using this add-on: https://chrome.google.com/webstore/detail/google-analytics-opt-out/fllaojicojecljbmefodhfapmkghcbnh?hl=en. An opt-out cookie will be set to prevent your data from being collected on future visits to Dentacoin websites.
For more information about how Google Analytics handles user data, see Google's privacy policy: https://support.google.com/analytics/answer/6004245?hl=en.
Demographic data collection by Google Analytics
Our Sites and Applications use Google Analytics' demographic features. This allows reports to be generated containing statements about the age, gender, and interests of site visitors. This data comes from interest-based advertising from Google and third-party visitor data. This collected data cannot be attributed to any specific individual person. You can disable this feature at any time by adjusting the ads settings in your Google account or you can forbid the collection of your data by Google Analytics as described in the section "Refusal of data collection".
5.2. Google Ads and Google Conversion Tracking
Our Sites and Applications use Google Ads. Google Ads is an online advertising program developed by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, United States ("Google").
As part of Google Ads services/tools, we use the so-called “conversion tracking”. When you click on an ad served by Google, a conversion tracking cookie is set. Cookies are small text files that your internet browser stores on your computer. These cookies expire after 30 days and are not used for personal identification of the user. Should the user visit certain pages of the website and the cookie has not yet expired, Google and the website can tell that the user clicked on the ad and proceeded to that page.
Each Google Ads advertiser has a different cookie. Thus, cookies cannot be tracked using the website of an Ads advertiser. The information obtained using the conversion cookie is used to create conversion statistics for the Ads advertisers who have opted for conversion tracking. Customers are told the total number of users who clicked on their ad and were redirected to a conversion tracking tag page. However, advertisers do not obtain any information that can be used to personally identify users. If you do not want to participate in tracking, you can opt-out of this by simply disabling the Google Conversion Tracking cookie in your browser settings. In doing so, you will not be included in the conversion tracking statistics.
Conversion cookies are stored based on Art. 6 (1) (f) GDPR. The Sites and Applications’ operator has a legitimate interest in analyzing user behavior to optimize user experience and advertising.
For more information about Google Ads and Google Conversion Tracking, see the Google Privacy Policy: https://policies.google.com/privacy?gl=de .
You can configure your browser to inform you about the use of cookies so that you can decide on a case-by-case basis whether to accept or reject a cookie. Alternatively, your browser can be configured to automatically accept cookies under certain conditions or to always reject them, or to automatically delete cookies when closing your browser. Disabling cookies may limit the functionality of our Sites and Applications.
5.3. Google reCAPTCHA
We use "Google reCAPTCHA" (hereinafter "reCAPTCHA") on our Sites and Applications. This service is provided by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA ("Google").
reCAPTCHA is used to check whether the data entered on our Sites and Applications (e.g. a contact or registration form) has been entered by a human or by an automated program. To do this, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis starts automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, how long the visitor has been on the website, or mouse movements made by the user). The data collected during the analysis is then forwarded to Google.
The reCAPTCHA analyses take place completely in the background. Website visitors are not advised that such an analysis is taking place.
Data processing is based on Art. 6 (1) (f) GDPR. The Sites and Applications’ operator has a legitimate interest in protecting them from abusive automated crawling and spam.
For more information about Google reCAPTCHA and Google's privacy policy, please visit the following links: https://www.google.com/intl/de/policies/privacy/
https://www.google.com/recaptcha/intro/android.html
5.4. Facebook Pixel
Our Sites and Applications measure conversions using visitor action pixels provided by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook").
These pixels allow the tracking of site visitors’ behavior after they click on a Facebook ad to reach the provider's website. This allows an analysis of the effectiveness of Facebook advertisements for statistical and market research purposes and their future optimization.
The data collected is anonymous to us as an operator of our Sites and Applications and we cannot use it to draw any conclusions about our users' identities. However, the data are stored and processed by Facebook, which may make a connection to your Facebook profile and which may use the data for its own advertising purposes, as stipulated in the Facebook privacy policy. This will allow Facebook to display ads both on Facebook and on third-party sites. We have no control over how this data is used.
Check out Facebook's privacy policy to learn more about protecting your privacy: https://www.facebook.com/about/privacy/
We use Facebook Custom Audiences to improve our targeting capabilities and thus enhance our advertising activities. The process includes uploading lists of emails, phone numbers and other data of existing customers. This data is hashed locally in advance, cross-referred against the Facebook existing users' hashed IDs, and then the matches are added to our Custom Audiences. Please note that hashing turns all your data into short fingerprints that can't be reversed. It happens before your data is sent to Facebook.
For more information on Custom Audiences, please visit: https://www.facebook.
You can also deactivate the custom audiences remarketing feature in the Ads Settings section at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. You will first need to log into Facebook.
If you do not have a Facebook account, you can opt-out of usage-based advertising from Facebook on the website of the European Interactive Digital Advertising Alliance: http://www.youronlinechoices.com/de/praferenzmanagement/ .
6. Newsletter and Service Information Emails
6.1. Newsletter
If you would like to receive our Newsletter, we require a valid email address as well as information that allows us to verify that you are the owner of the specified email address and that you agree to receive this newsletter. No additional data is collected or is only collected on a voluntary basis. We only use this data to send the requested information and do not pass it on to third parties.
We will, therefore, process any data you enter onto the contact form only with your consent as per Art. 6 (1) (a) GDPR. You can revoke consent to the storage of your data and email address as well as their use for sending the newsletter at any time, e.g. through the "unsubscribe" link in the Newsletter. The data processed before we receive your request may still be legally processed.
The data you provide in the Newsletter sign-up form will be used for its regular distribution until you cancel your subscription. If you decide to unsubscribe, the above-mentioned data will be deleted. Data we have stored for other purposes - e.g. email addresses of users that have registered on our Sites and Applications - remain unaffected.
For sending newsletters, we use the services of MailChimp, HubSpot and SendGrid.
6.2. Service Information Emails
If you want to register on our Sites and Applications, we require a valid email address that allows us to send you service information - e.g. emails for verification that you are the owner of this specified email address, notifications for certain actions taken on our Sites and Applications, password reset links, etc.
We will, therefore, process any data you enter onto the registration form only with your consent as per Art. 6 (1) (a) GDPR. You can revoke consent to the storage of your data and email address as well as their use for sending service information at any time through deleting your account. The data processed before we receive your request may still be legally processed.
For sending service information emails, we use the services of SendGrid.
6.3. Service Providers
MailChimp
Our Sites and Applications use the services of MailChimp to send newsletters. This service is provided by The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308 USA.
MailChimp is a service that organizes and analyzes the distribution of newsletters. If you provide data (e.g. your email address) to subscribe to our newsletter, it will be stored on MailChimp servers in the United States.
MailChimp is certified under the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework.
We use MailChimp also to analyze our newsletter campaigns. When you open an email sent by MailChimp, a file included in the email (called a web beacon) connects to MailChimp's servers in the United States. This allows us to determine if a newsletter message has been opened and which links you clicked on. In addition, technical information is collected (e.g. time of retrieval, IP address, browser type, and operating system). This information cannot be assigned to a specific recipient. It is used exclusively for the statistical analysis of our newsletter campaigns. The results of these analyses can be used to better tailor future newsletters to your interests.
If you do not want your usage of the newsletter to be analyzed by MailChimp, you will have to unsubscribe using the designated link available in each newsletter. Data processing is based on Art. 6 (1) (a) GDPR. You may revoke your consent at any time by unsubscribing from the Newsletter. The data processed before we receive your request may still be legally processed.
The data provided when subscribing for the newsletter will be used to distribute it until you cancel your subscription when said data will be deleted. Data we have stored for other purposes - e.g. email addresses of registered users on our Sites and Applications - remain unaffected.
We have entered into a data processing agreement with MailChimp, in which we require MailChimp to protect the data of our subscribers and not to disclose it to third parties.
SendGrid
Our Sites and Applications use the services of SendGrid to send newsletters and service information to registered users. This service is provided by SendGrid, Inc., 1801 California Street, Suite 500, Denver, CO 80202, United States.
SendGrid is a service that organizes and analyzes the distribution of newsletters and service information. When you provide data (e.g. your email address) to register, it will be stored on SendGrid servers in the United States.
SendGrid adheres to the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework.
We use SendGrid to analyze our service emails and email newsletter campaigns. When you open an email sent by SendGrid, a file included in the email (called a web beacon) connects to SendGrid's servers in the United States. This allows us to determine if an email has been opened and which links you clicked on. In addition, technical information is collected (e.g. time of retrieval, IP address, browser type, and operating system). This information cannot be assigned to a specific recipient. It is used exclusively for the statistical analysis of our email campaigns. The results of these analyses can be used to better tailor future emails to your interests.
If you do not want your usage of the service emails to be analyzed by SendGrid, you will have to delete your account. If you do not want to receive our newsletters, you will have to unsubscribe by clicking on the link provided on the bottom of each email newsletter.
We will, therefore, process any data you enter onto the registration/contact form only with your consent as per Art. 6 (1) (a) GDPR. You can revoke consent to the storage of your data and email address as well as their use for sending service information at any time through deleting your account on our Sites and Applications. You may revoke your consent for receiving newsletters at any time by unsubscribing from our Newsletter. The data processed before we receive your request may still be legally processed.
We have entered into a data processing agreement with SendGrid, in which we require SendGrid to protect the data of our subscribers and not to disclose said data to third parties.
HubSpot
We use the services of HubSpot to send newsletters and respond to inquiries. This service is provided by HubSpot, Inc., 25 First Street, 2nd Floor, Cambridge, MA 02141, United States.
HubSpot is a service that organizes and analyzes the distribution of newsletters. If you provide data (e.g. your email address) to subscribe to our newsletter or send an inquiry, it will be stored on HubSpot servers in the United States.
HubSpot is certified under the EU-US Privacy Shield.
We use HubSpot to analyze our email campaigns. When you open an email sent by HubSpot, a file included in the email (called a web beacon) connects to Salesforce's servers in the United States. This allows us to determine if an email has been opened and which links you clicked on. In addition, technical information is collected (e.g. time of retrieval, IP address, browser type, and operating system).
If you do not want your usage of the newsletter to be analyzed by HubSpot, you will have to unsubscribe using the link in every newsletter we send.
Data processing is based on Art. 6 (1) (a) GDPR. You may revoke your consent at any time by unsubscribing from the Newsletter. The data processed before we receive your request may still be legally processed.
The data provided when registering for the newsletter or sending an inquiry will be used to distribute the newsletter until you cancel your subscription when said data will be deleted from our servers and those of HubSpot.
We have entered into a data processing agreement with HubSpot, in which we require HubSpot to protect the data of our subscribers and not to disclose said data to third parties.
Aritic PinPoint
Our Sites and Applications use the services of Aritic PinPoint to send newsletters. This service is provided by DataAegis Software Pvt Ltd., Building No 46/2, # 4, 2nd Floor, 7th Cross, Thavarakkare, Bangalore – 560029, dmca@Aritic.com.
Aritic PinPoint is a service that organizes and analyzes the distribution of newsletters. If you provide data (e.g. your email address) to subscribe to our newsletter, it will be stored on Aritic servers.
We use Aritic also to analyze our newsletter campaigns. When you open an email sent by Aritic, a file included in the email (called a web beacon) connects to Aritic's servers. This allows us to determine if a newsletter message has been opened and which links you clicked on. In addition, technical information is collected (e.g. time of retrieval, IP address, browser type, and operating system). This information cannot be assigned to a specific recipient. It is used exclusively for the statistical analysis of our newsletter campaigns. The results of these analyses can be used to better tailor future newsletters to your interests.
If you do not want your usage of the newsletter to be analyzed by Aritic PinPoint, you will have to unsubscribe using the designated link available in each newsletter. Data processing is based on Art. 6 (1) (a) GDPR. You may revoke your consent at any time by unsubscribing from the newsletter. The data processed before we receive your request may still be legally processed.
The data provided when subscribing for the newsletter will be used to distribute it until you cancel your subscription when said data will be deleted. Data we have stored for other purposes - e.g. email addresses of registered users on our Sites and Applications - remain unaffected.
We have entered into a data processing agreement with DataAegis Software Pvt Ltd., in which we require them to protect the data of our subscribers and not to disclose it to third parties.
7. Third-party widgets and plugins
Indacoin
We use Indacoin as a payment processor to accept card payments and facilitate the exchange of Dentacoin (DCN) against other Blockchain cryptocurrencies. This service is provided by Indacoin OU, Registry code: 14798473, Address: Meistri 16, Tallinn, Estonia, 13517, Operating license: FVT000145.
Please check the Privacy Policy and Terms of Use of Indacoin here: https://indacoin.io/terms/amlpolicy
Indacoin Terms of Use: https://indacoin.com/terms
YouTube
Our Sites and Applications use plugins from YouTube, which is operated by Google. The operator of the pages is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.
If you visit one of our websites’ pages featuring a YouTube plugin, a connection to the YouTube servers is established. Here the YouTube server is informed about which of our pages you have visited.
If you're logged in your YouTube account, YouTube allows you to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.
YouTube is used to help make our Sites and Applications appealing and allows you to upload video reviews.
Further information about handling user data can be found in the data protection declaration of YouTube under https://www.google.de/intl/de/policies/privacy.
Google Web Fonts
Our Sites and Applications use web fonts provided by Google. When you open a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly.
When you call up a page of our Sites and Applications that contains a social plugin, your browser makes a direct connection with Google servers. Google thus becomes aware that our web page was accessed via your IP address. The use of Google Web fonts is in the interest of a uniform and attractive presentation of our Sites and Applications. This constitutes a justified interest pursuant to Art. 6 (1) (f) GDPR.
If your browser does not support web fonts, a standard font is used by your computer.
Further information about handling user data, can be found at https://developers.google.com/fonts/faqand in Google's privacy policy at https://www.google.com/policies/privacy/.
Google Maps and Google Places
Our Sites and Applications use Google Maps and Google Places via an API. It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
To use Google Maps, it is necessary to save your IP address. This information is generally transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer.
Google Places gets data from the same database used by Google Maps and provides place picker, place autocomplete, place details. More information:
https://developers.google.com/places/ios-api/.
The use of Google Maps and Google Places is in the interest of making our Sites and Applications appealing, to facilitate the location of places specified by us on the website and to help you choose from verified locations. This constitutes a justified interest pursuant to Art. 6 (1) (f) GDPR.
Further information about handling user data, can be found in the data protection declaration of Google at https://www.google.de/intl/de/policies/privacy/.
Social media widgets
Our Sites and Applications include social media widgets, such as “like” and “share” buttons for Facebook, Twitter, Google+, Reddit, WhatsApp, LinkedIn. These features may collect information about your IP address and which page you are visiting on our Sites and Applications, and they may set a cookie to make sure the feature functions properly. We also maintain a presence on social media platforms including Facebook, Twitter, Instagram, Reddit, Steemit, Telegram, LinkedIn. Any information, communication, or materials you submit to us via a social media platform is done at your own risk without any expectation of privacy. We cannot control the actions of other users of these platforms or the actions of the platforms themselves. Your interactions with those features and platforms are governed by the privacy policies of the companies that provide them.
Others
To assure the proper functioning of our mobile applications, we also use the following libraries:
- HockeyApp for crash analytics: https://hockeyapp.net/
- Google Play Authentication as another verification option
- Snacky for status messages: https://github.com/matecode/Snacky
- OkHTTP as a HTTP client: http://square.github.io/okhttp/
- Gson - Java serialization/deserialization library: https://github.com/google/gson
- Easy image - Gallery picker: https://github.com/jkwiecien/EasyImage
- Image cropping Android Image Cropper: https://github.com/ArthurHub/Android-Image-Cropper
- Grant - for handling Android permissions:
- Grant - for handling Android permissions: https://github.com/anthonycr/Grant
- Barcode scanner library: https://github.com/dm77/barcodescanner
- Library for picking country names: https://github.com/mukeshsolanki/country-picker-android
- Ticker for textview animations: https://github.com/robinhood/ticker
- Spotlight - tutorials library: https://github.com/TakuSemba/Spotlight
- Alamofire - HTTP Networking in Swift: https://github.com/Alamofire/Alamofire
- CodableAlamofire - An extension for Alamofire that converts JSON data into Decodable objects: https://github.com/Otbivnoe/CodableAlamofire
- AlamofireImage - an image component library for Alamofire: https://github.com/Alamofire/AlamofireImage
- FacebookCore - Facebook SDK in Swift: https://cocoapods.org/pods/FacebookCore
- Firebase/Messaging - Messaging service interface: https://firebase.google.com/docs/reference/js/firebase.messaging.Messaging
- Firebase/Auth - supports multiple authentication options: https://cocoapods.org/pods/FirebaseAuth
- GoogleSignIn: https://cocoapods.org/pods/GoogleSignIn
- TwitterKit: https://github.com/twitter/twitter-kit-ios
- Disk: framework for iOS to easily persist structs, images, and data: https://github.com/saoudrizwan/Disk
- QRCodeReader.swift: https://github.com/yannickl/QRCodeReader.swift
- Fabric - Crashlytics: https://get.fabric.io/
- SwiftySound - library that lets you play sounds: https://github.com/adamcichy/SwiftySound
- Awesome Spotlight View - for tutorial walkthrough: https://github.com/aleksandrshoshiashvili/AwesomeSpotlightView
- Bread wallet core - SPV bitcoin C library: https://github.com/breadwallet/breadwallet-core
- Trevor crypto - cryptography algorithms for embedded devices: https://github.com/trezor/trezor-crypto
- Libtomath - portable number theoretic multiple-precision integer library written entirely in C: https://github.com/libtom/libtommath
8. Changes to this policy
We may change this Privacy Policy at any time by updating this page. We will endeavour to provide you with an email notice of change of this page if any amendments occur. If you do not agree with the amendments, please either close your account and discontinue the use of our Sites and Applications, or contact us for further questions.
9. Questions and Concerns
The party responsible for processing data on our Sites and Applications is:
Dentacoin B.V.
Wim Duisenbergplantsoen 31
6221 SE Maastricht
The Netherlands
We have appointed a Data Protection Officer for Dentacoin B.V. If you have any questions or comments, or if you want to edit, delete or withdraw any Personal Data we hold, or you have a concern about the way in which we have handled any privacy matter, please contact the Data Protection Officer at privacy@dentacoin.com.
You may also contact us by postal mail at:
Dentacoin B.V.
Wim Duisenbergplantsoen 31
6221 SE Maastricht
The Netherlands
We hereby expressly prohibit the use of contact data published in the context of website legal notice requirements with regard to sending promotional and informational materials not expressly requested. The Sites and Applications’ operator reserves the right to take specific legal action if unsolicited advertising material, such as email spam, is received.