EU-U.S. Privacy Shield Framework

Fiksu complies with the EU-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries. Fiksu has certified that it adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. If there is any conflict between the policies in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/

This Privacy Shield Policy Statement applies to all personal information received by Fiksu in the United States from European Union member countries, in any format, including electronic, paper or verbal.

In compliance with the EU-US Privacy Shield Principles, Fiksu commits to resolve complaints about your privacy and our collection or use of your personal information. European Union individuals with inquiries or complaints regarding this privacy policy should first contact Fiksu at: info@fiksu.com

Fiksu has further committed to refer unresolved privacy complaints under the EU-US Privacy Shield Principles BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint.

For complaints left unresolved by all other available channels, individuals may invoke binding arbitration before a Privacy Shield Panel.

US-Swiss Safe Harbor
Fiksu complies with the US-Swiss Safe Harbor Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from Switzerland. Fiksu has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. If there is any conflict between the policies in this privacy policy and the Safe Harbor Privacy Principles, the Safe Harbor Privacy Principles shall govern. To learn more about the US-Swiss Safe Harbor and to view our certification page, please visit http://www.export.gov/safeharbor/

This Safe Harbor Privacy Policy Statement applies to all personal information received by Fiksu in the United States from Switzerland, in any format, including electronic, paper or verbal.

In compliance with the US-Swiss Safe Harbor Principles, Fiksu commits to resolve complaints about your privacy and our collection or use of your personal information. Swiss citizens with inquiries or complaints regarding this privacy policy should first contact Fiksu at: info@fiksu.com

Fiksu has further committed to refer unresolved privacy complaints under the US-Swiss Safe Harbor to an independent dispute resolution mechanism operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/us/safe-harbor-complaints for more information and to file a complaint.

Definitions
For purposes of this Policy, the following definitions shall apply:

“Agent” means any third party that collects or uses personal information under the instructions of, and solely for, Fiksu or to which Fiksu discloses personal information for use on Fiksu’s behalf.

“Fiksu” means GDM Services, Inc. d/b/a Fiksu, its predecessors, successors, subsidiaries, divisions and groups in the United States.

“Personal information” means any information or set of information that identifies or could be used by or on behalf of Fiksu to identify an individual. Personal information does not include information that is encoded or anonymized, or publicly available information that has not been combined with non-public personal information.

Privacy Principles
The privacy principles in this Policy have been developed based on the EU-U.S. Privacy Shield Framework and the US-Swiss Safe Harbor Framework.

Notice
Fiksu is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).

Fiksu may be required to disclose an individual’s personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.

Where Fiksu collects personal information directly from individuals in the European Economic Area (EEA), it will inform them about the purposes for which it collects and uses personal information about them, the types of non–agent third parties to which Fiksu discloses that information, the choices and means, if any, Fiksu offers individuals for limiting the use and disclosure of personal information about them, and how to contact Fiksu. Notice will be provided in clear and conspicuous language when individuals are first asked to provide personal information to Fiksu, or as soon as practicable thereafter, and in any event before Fiksu uses or discloses the information for a purpose other than that for which it was originally collected.

Specifically - Fiksu is a marketing service company focusing on the mobile application marketplace.

Fiksu Website
When individuals use certain features of its Website, Fiksu may collect personally identifiable information from them that may include their email address and mobile phone number. Fiksu automatically collects non-personally identifiable information such as IP addresses and website usage information from them when they visit its Website.

Fiksu may disclose and use personally identifiable information to resolve disputes, troubleshoot problems, enforce its Terms of Service or to alert individuals to changes in its policies or agreements that may affect their use of its Website. Fiksu may also disclose personally identifiable information when, in its sole discretion, it believes it is necessary or appropriate, in connection with a sale or transfer of some or all of its assets in the Website, or when, in good faith, it believes that the law requires it to do so.

Fiksu Application Marketing Service
Fiksu buys mobile advertising space on behalf of its clients. When individuals click on a client ad or application link delivered by Fiksu, Fiksu servers receive and store a mobile identifier ("Mobile ID") which is a pseudonymous number that is associated with their mobile device. Fiksu cannot use the Mobile ID to identify them personally, but it does enable Fiksu to deliver relevant advertising to each mobile device. In addition to the Mobile ID, Fiksu collects information about the kind of mobile device they use (e.g., iPhone, Samsung), the operating system for their mobile device (e.g., Android, Apple O/S), IP address, the applications they download from Fiksu clients, when, how, and how often they use those applications.

Fiksu uses their device's Mobile ID and other information about client applications they download to help their clients understand which ads are most effective at generating downloads of the client's applications. Fiksu also use your Mobile ID and the information associated with their device Mobile ID over time (e.g., the applications they download, when and how they use those applications, and any publisher-provided demographic data) to enhance our services and to select Fiksu client ads that are most likely to be of interest to them.

Mobile Information Sharing, Onward Transfer
Fiksu discloses the information in its systems from its application marketing services, including Mobile IDs and/or the information associated with Mobile IDs over time for the following purposes:

Except as described above Fiksu does not share data to non-Agent third parties.

Where Fiksu receives personal information from its subsidiaries, affiliates or other entities in the EEA, it will use and disclose such information in accordance with the notices provided by such entities and the choices made by the individuals to whom such personal information relates.

Choice
Fiksu will offer individuals the opportunity to choose (opt-out) whether their personal information is (a) to be disclosed to a non-agent third party, or (b) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. Individuals with concerns about how their data is being used can contact Fiksu’s Privacy Officer at the address below.

Data Integrity
Fiksu will use personal information only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the individual. Fiksu will take reasonable steps to ensure that personal information is relevant to its intended use, accurate, complete, and current.

Transfers To Agents
Fiksu will obtain assurances from its agents that they will safeguard personal information consistently with this Policy, by means of a contract obligating the agent to provide at least the same level of protection as is required by the relevant Privacy Principles, Where Fiksu has knowledge that an agent is using or disclosing personal information in a manner contrary to this Policy, Fiksu will take reasonable steps to prevent or stop the use or disclosure.

In cases of onward transfer to third parties of data of EU individuals received pursuant to the EU-US Privacy Shield, Fiksu is potentially liable.

Access and Correction
Fiksu provides individuals the right to access personal information that it holds about them. In addition, Fiksu will take reasonable steps to permit individuals to correct, amend, or delete information that is demonstrated to be inaccurate or incomplete. In most cases personal information can be accessed and modified by the individual by logging into their account and self-managing their personal information. In an instance where the specific personal information cannot be self-managed the individual should contact the site administrator for support.

Security
Fiksu will take reasonable precautions to protect personal information in its possession from loss, misuse and unauthorized access, disclosure, alteration and destruction.

Enforcement
Fiksu will conduct compliance audits of its relevant privacy practices to verify adherence to this Policy. Any employee that Fiksu determines is in violation of this policy will be subject to disciplinary action up to and including termination of employment.

Limitation on Application of Principles
Adherence by Fiksu to these privacy principles may be limited (a) to the extent required to respond to a legal or ethical obligation; (b) to the extent necessary to meet national security, public interest or law enforcement obligations; and (c) to the extent expressly permitted by an applicable law, rule or regulation.

Privacy Policy
Fiksu recognizes the importance of maintaining the privacy of information collected online and has created a Privacy Policy (the “PP”) governing the treatment of personal information collected through web sites that it operates. With respect to personal information that is transferred from the EEA or Switzerland to the U.S., the PP is subordinate to this Policy. However, the PP also reflects additional legal requirements and evolving standards with respect to Internet privacy. Fiksu’s Privacy Policy can be found at http://fiksu.com/privacy/.

Contact Information
Questions or comments regarding this Policy should be submitted to the Fiksu Privacy Office by mail to:
GDMService Inc. d/b/a Fiksu
Attn: Privacy Officer
126 Newbury St Floor 4
Boston, MA 02116
Or by e-mail to info@fiksu.com

Changes to Privacy Policy
This Policy may be amended from time to time, consistent with the requirements of the EU-US Privacy Shield Framework and US-Swiss Safe Harbor Principles.

EFFECTIVE DATE: September, 2016