Privacy
1.Who we are
2.Only4fitness ltd and its subsidiaries ("Direttagram", "we", "us", "our") respect your privacy and we are committed to protecting the personal data we process about you. Direttagram is a social network which enables: (i) "Creators" transmit and monetise their own content ; and (ii) share their live streaming with their friends.
3.About this Policy
This privacy policy ("Policy") explains our practices with respect to the personal data we process about our Creators and Friends. Some parts of the Policy are specifically aimed at Creators, and some parts are specifically aimed at Friends. It also applies to how we process the personal data of individuals that feature in live streaming and content uploaded by a Creator ("Content Collaborators"), and where we process personal data about you in the context of our business relationships.
We process your personal data when you use our website located at www.Direttagram.com ("Website") and for the provision of the services that we offer from time to time via our Website. We also process your personal data when you interact with us through our social media pages on third-party websites (e.g. Twitter and Instagram), or otherwise. We refer to these activities collectively as the "Services" in this Policy.
We are a "data controller" of the personal data that we process in connection with the Services. This means that we decide the reasons why we process personal data about you and how we do so.
Please review this Policy to understand how we process your personal data in connection with the Services. By using our Services, you acknowledge that you have read and understand the information in this Policy.
4.What is personal data?
"Personal data" means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular person or household.
In addition, we may collect data that is not capable of identifying you or is otherwise not associated or linked with you, such as deidentified, aggregated or anonymised information. This type of data is not personal data and our use of such data is not subject to this Policy.
5.Informing us of changes
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes at any point during your relationship with us. Updates or corrections can be made through your account setting on our Website.
6.Applicability of this Policy (18+)
This Policy is provided in addition to, but does not form part of, our TERMS OF SERVICES (which includes our Acceptable Use Policy) that govern your use of our Website and the Services.
Our Services are strictly intended for individuals 18 years of age or older. Anyone under 18 years of age is not permitted to use the Services. By using the Services, you represent that you are 18 years of age or older.
7.Third-party links
Our Website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share personal data about you.
We are not responsible for, and this Policy does not apply to, the content, security or privacy practices of those other websites, plug-ins or applications. We encourage you to view the privacy and cookie policies / notices of those third parties to find out how your personal data may be used.
8.If you do not wish to provide personal data
We need to collect certain personal data from you in order to provide you with access to the Services or specific features and functionalities of the Services in accordance with our contract with you TERMS OF SERVICES We are also required to process certain personal data in accordance with applicable laws. Please note that if you do not wish to provide personal data where requested, we may not be able to provide you with access to the Services or specific features and functionalities of the Services.
9.Updates to this Policy
We may update this Policy from time to time, and any updates will be effective upon our posting of the revised Policy on our Website. We will use reasonable efforts to notify you in the event that material updates are made to this Policy, such as sending you a feed notification IN YOUR ACCOUNT.
CREATORS USER DATA
• full name*
• alias, if applicable
• residential address
• country of residence*
• email address
• telephone number
• a copy of the government identity document that you provide to us*
• a "selfie" of you holding your government identity document*
• third-party social media handle / personal website address (used to further verify your age and identity and to help us better understand the content which you are likely to share on our Website)
• signature on release forms if you feature in another Creator's content*
FRIENDS
• email address
• telephone number
THIRD-PARTY ONBOARDING DATA
The following types of personal data are collected directly by our third-party providers during onboarding:
CREATORS
• a copy of the government identity document that you provide to our third-party providers
• a short .gif, taken from a “selfie” that you provide to our third-party providers
• the results of the third-party age and identity verification process (pass / fail and reason for failing)
• metadata associated with the third-party age and identity verification process (e.g. start and finish time)
FRIENDS
• for locations where we conduct third-party age and identity verification of Fans, a copy of the government identity document that you provide to our third-party providers
• for locations where we carry out third-party age estimation, or third-party age and identity verification of Fans, a short .gif, taken from a "selfie" that you provide to our third-party providers
• the results of the third-party age estimation process or third-party age and identity verification process (pass / fail and reason for failing)
• metadata associated with the third-party age estimation process or third-party age and identity verification process (e.g. user start and finish time)
FINANCIAL DATA
CREATORS
• payment card details*
• billing address
• funds added to your wallet
• bank account information
• pay-out country
• corporate or business entity if registered for tax purposes
• social security number (for US Creators only) or other relevant tax information
• W-9 form (for US Creators only)
• 1099-MISC form (for US Creators only)
• 1099-NEC form (for US Creators only)
FRIENDS
• payment card details*
• billing address
• funds added to your wallet
* Please note: Any payments made to view the content of Creators are processed by our third-party payment providers. We do not receive your full payment card number, payment card expiration date, or the security code. Instead, the payment provider provides us with a "token" that represents your account, your payment card's expiration date, payment card type and the first six and last four digits of your payment card number.
How / why your personal data is used and lawful bases for processing
We process personal data for, or based on, one or more of the following legal bases:
• Consent: Your consent is requested only in specific circumstances which includes, for example, the processing of: (i) Face Recognition Data by our third-party providers as part of the age and identity verification process for all Creators (and for Fans in certain locations); and (ii) age estimation captures (which may involve the use of Face Recognition Data) by our third-party providers for Fans in certain locations. Please see Section 10 (our onboarding processes), above, for further information.
• Performance of a contract: By using the Services, you have contracted with us through our TERMS OF SERVICE , and we will process personal data to perform that contract (e.g. to fulfil transactions between Fans and Creators and process Creator earnings) and to enforce the terms of that contract.
• Legitimate interests: We may process personal data if it is in our, or a third-party's, legitimate interests (as detailed in the table below). This includes, for example, investigating and responding to a report made through our DMCA PROCEDURE to protect a Creator's intellectual property rights.
• Compliance with legal obligations: As a global business, we may process personal data to comply with applicable law, rules and regulations in the locations where we operate.
• Task carried out in the public interest: We may process personal data as necessary for a task carried out in the public interest. This may include, for example, reporting illegal activity to relevant law enforcement authorities, other governmental agencies and non- governmental organisations.
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.
The table below indicates the purposes for which your personal data is processed and the legal justification for the processing. Some of the above grounds for processing will overlap and there may be several grounds which justify the processing:
We collect your personal data from the following categories of sources:
• Directly from you: When you provide it to us directly to open an account and use the Services, when you update your personal data in your account, or by corresponding with us (e.g. User Data, Account Data).
• Automatically or indirectly from you: For example, through and as a result of your use of the Services (e.g. Transaction Data, Technical Data, Usage Data).
• From our service providers: For example, where permitted by applicable law, we receive Third-Party Onboarding Data and certain Technical Data from our third-party age and identity verification providers.
Sharing your personal data
We share personal data with the following categories of third parties:
• Relevant authorities, regulators and organisations: In response to requests from governmental authorities (including law enforcement and tax authorities), regulators, and certain non-governmental organisations (such as the National Center for Missing & Exploited Children (NCMEC)). These recipients will use your personal data in the performance of their regulatory, law enforcement or otherwise charitable or not-for-profit role. The lawful basis we rely on for sharing personal data with these recipients is that the processing is either necessary to comply with a legal obligation to which we are subject, or necessary for our, or a third-party's, legitimate interests, or where it is in the interests of the wider public to do so (namely reporting illegal content to, and assisting with requests from, such authorities, regulators and organisations, to protect the safety of our users and third parties).
Your rights regarding personal data
You have certain rights regarding the collection and processing of personal data. You may exercise these rights by contacting us using the contact details set out at Section 19 (assistance and contact information).
Under certain circumstances and subject to certain exemptions, you have the right to:
• Withdraw your consent to the processing of your personal data: Please note that withdrawing your consent will not affect the lawfulness of any processing carried out before you withdraw your consent.
• Request to know or access to your personal data: You may receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
• Request correction of the personal data that we hold about you: You may correct any incomplete or inaccurate personal data we hold about you.
• Request deletion / erasure of your personal data: You may ask us to delete or remove personal data where there is no legitimate reason for us continuing to process it. You also may ask us to delete or remove your personal data where you have exercised your right to object to processing (see below). Please note that we may not always be able to comply with your request of deletion / erasure for specific legal reasons.
• Request the restriction of processing of your personal data: You may ask us to suspend the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it.
• Request the transfer of some sections of your personal data to another party.
You also have the right to object to processing of your personal data where we are relying on a legitimate interest for the processing and there is something about your particular situation which makes you want to object to processing on this ground.
We do not process personal data that is subject to solely automated decision-making, where that decision-making is likely to have a legal or similarly significant effect on you.
You also have the right:
• To lodge a complaint with a data protection regulator. For example, in the UK, this is the Information Commissioner's Office (ICO) and in Switzerland, this is the Federal Data Protection and Information Commissioner (FDPIC). If you are resident in the EEA, you may wish to contact your local country or state-specific data protection regulator.
• Depending on your location, to not receive retaliatory or discriminatory treatment in connection with a request to exercise the above rights, or appeal a decision we have made in connection with your privacy rights request. All appeal requests should be submitted by contacting us using the contact details set out at Section 19 (assistance and contact information).
Exercising your rights
If you would like to exercise your rights set out at Section 15 (your rights regarding personal data), you may do so by contacting us using the contact details set out at Section 19 (assistance and contact information).
If you submit the request yourself, please ensure that your request contains sufficient information to allow us to confirm your identity and properly understand, evaluate, and respond to it.
In order to verify your identity, we may at times need to request additional personal data from you, taking into consideration our relationship with you and the sensitivity of your request. In certain circumstances, we may decline a privacy rights request, particularly where we are unable to verify your identity.
If your request is made by a third-party authorised by you, we will also require proof that the third-party has permission to submit the request on your behalf (such as a signed document evidencing that the third-party has authority to make the request).
10.Retention of personal data
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes for which it was collected, as set out in this Policy. Subject to the below, we retain personal data for a period of 6 months after the deletion or deactivation of your account on the Website.
Please note that:
The personal data that we retain and the length of time for which it is retained will be determined on a case-by-case basis, depending on the particular circumstances.
• We will delete your personal data sooner where a shorter retention period is required by applicable law.
• We will retain your personal data for a longer period to the extent we deem necessary to carry out the processing activities set out in this Policy, for example:
• where it is necessary to comply with laws and regulatory obligations that are applicable to us (e.g. adhering to record keeping / maintenance requirements in certain locations and financial / tax reporting requirements, which in some cases is up to 7 years, and if we receive a valid legal request, such as a preservation order or search warrant, related to your account);
• for the purposes of identifying and reporting illegal activity, protecting the safety of our users and third parties, or otherwise protecting the rights and property of our users, us, and other third parties (e.g. where you have, or we have reason to believe that you have, violated our TERMS OF SERVICE, and in circumstances where users are banned from further access to the Website);
• for purposes of legal proceedings (e.g. to defend ourselves in litigation about a claim related to you); and
• for the purposes of responding to requests from third parties in relation to your account, such as requests received from, or investigations by, law enforcement authorities, relevant governmental authorities (e.g. tax authorities and regulatory authorities) and non-governmental organisations (e.g. NCMEC).
11.Assistance and contact information
We have appointed a Data Protection Officer ("DPO") whose responsibilities include, together with our team of privacy specialists, responding to questions, requests, and concerns in relation to this Policy and our use of personal data.
If you have questions about this Policy, or how we process your personal data, please submit a ticket through your account or email us at info@Direttagram.com
2.Only4fitness ltd and its subsidiaries ("Direttagram", "we", "us", "our") respect your privacy and we are committed to protecting the personal data we process about you. Direttagram is a social network which enables: (i) "Creators" transmit and monetise their own content ; and (ii) share their live streaming with their friends.
3.About this Policy
This privacy policy ("Policy") explains our practices with respect to the personal data we process about our Creators and Friends. Some parts of the Policy are specifically aimed at Creators, and some parts are specifically aimed at Friends. It also applies to how we process the personal data of individuals that feature in live streaming and content uploaded by a Creator ("Content Collaborators"), and where we process personal data about you in the context of our business relationships.
We process your personal data when you use our website located at www.Direttagram.com ("Website") and for the provision of the services that we offer from time to time via our Website. We also process your personal data when you interact with us through our social media pages on third-party websites (e.g. Twitter and Instagram), or otherwise. We refer to these activities collectively as the "Services" in this Policy.
We are a "data controller" of the personal data that we process in connection with the Services. This means that we decide the reasons why we process personal data about you and how we do so.
Please review this Policy to understand how we process your personal data in connection with the Services. By using our Services, you acknowledge that you have read and understand the information in this Policy.
4.What is personal data?
"Personal data" means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular person or household.
In addition, we may collect data that is not capable of identifying you or is otherwise not associated or linked with you, such as deidentified, aggregated or anonymised information. This type of data is not personal data and our use of such data is not subject to this Policy.
5.Informing us of changes
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes at any point during your relationship with us. Updates or corrections can be made through your account setting on our Website.
6.Applicability of this Policy (18+)
This Policy is provided in addition to, but does not form part of, our TERMS OF SERVICES (which includes our Acceptable Use Policy) that govern your use of our Website and the Services.
Our Services are strictly intended for individuals 18 years of age or older. Anyone under 18 years of age is not permitted to use the Services. By using the Services, you represent that you are 18 years of age or older.
7.Third-party links
Our Website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share personal data about you.
We are not responsible for, and this Policy does not apply to, the content, security or privacy practices of those other websites, plug-ins or applications. We encourage you to view the privacy and cookie policies / notices of those third parties to find out how your personal data may be used.
8.If you do not wish to provide personal data
We need to collect certain personal data from you in order to provide you with access to the Services or specific features and functionalities of the Services in accordance with our contract with you TERMS OF SERVICES We are also required to process certain personal data in accordance with applicable laws. Please note that if you do not wish to provide personal data where requested, we may not be able to provide you with access to the Services or specific features and functionalities of the Services.
9.Updates to this Policy
We may update this Policy from time to time, and any updates will be effective upon our posting of the revised Policy on our Website. We will use reasonable efforts to notify you in the event that material updates are made to this Policy, such as sending you a feed notification IN YOUR ACCOUNT.
CREATORS USER DATA
• full name*
• alias, if applicable
• residential address
• country of residence*
• email address
• telephone number
• a copy of the government identity document that you provide to us*
• a "selfie" of you holding your government identity document*
• third-party social media handle / personal website address (used to further verify your age and identity and to help us better understand the content which you are likely to share on our Website)
• signature on release forms if you feature in another Creator's content*
FRIENDS
• email address
• telephone number
THIRD-PARTY ONBOARDING DATA
The following types of personal data are collected directly by our third-party providers during onboarding:
CREATORS
• a copy of the government identity document that you provide to our third-party providers
• a short .gif, taken from a “selfie” that you provide to our third-party providers
• the results of the third-party age and identity verification process (pass / fail and reason for failing)
• metadata associated with the third-party age and identity verification process (e.g. start and finish time)
FRIENDS
• for locations where we conduct third-party age and identity verification of Fans, a copy of the government identity document that you provide to our third-party providers
• for locations where we carry out third-party age estimation, or third-party age and identity verification of Fans, a short .gif, taken from a "selfie" that you provide to our third-party providers
• the results of the third-party age estimation process or third-party age and identity verification process (pass / fail and reason for failing)
• metadata associated with the third-party age estimation process or third-party age and identity verification process (e.g. user start and finish time)
FINANCIAL DATA
CREATORS
• payment card details*
• billing address
• funds added to your wallet
• bank account information
• pay-out country
• corporate or business entity if registered for tax purposes
• social security number (for US Creators only) or other relevant tax information
• W-9 form (for US Creators only)
• 1099-MISC form (for US Creators only)
• 1099-NEC form (for US Creators only)
FRIENDS
• payment card details*
• billing address
• funds added to your wallet
* Please note: Any payments made to view the content of Creators are processed by our third-party payment providers. We do not receive your full payment card number, payment card expiration date, or the security code. Instead, the payment provider provides us with a "token" that represents your account, your payment card's expiration date, payment card type and the first six and last four digits of your payment card number.
How / why your personal data is used and lawful bases for processing
We process personal data for, or based on, one or more of the following legal bases:
• Consent: Your consent is requested only in specific circumstances which includes, for example, the processing of: (i) Face Recognition Data by our third-party providers as part of the age and identity verification process for all Creators (and for Fans in certain locations); and (ii) age estimation captures (which may involve the use of Face Recognition Data) by our third-party providers for Fans in certain locations. Please see Section 10 (our onboarding processes), above, for further information.
• Performance of a contract: By using the Services, you have contracted with us through our TERMS OF SERVICE , and we will process personal data to perform that contract (e.g. to fulfil transactions between Fans and Creators and process Creator earnings) and to enforce the terms of that contract.
• Legitimate interests: We may process personal data if it is in our, or a third-party's, legitimate interests (as detailed in the table below). This includes, for example, investigating and responding to a report made through our DMCA PROCEDURE to protect a Creator's intellectual property rights.
• Compliance with legal obligations: As a global business, we may process personal data to comply with applicable law, rules and regulations in the locations where we operate.
• Task carried out in the public interest: We may process personal data as necessary for a task carried out in the public interest. This may include, for example, reporting illegal activity to relevant law enforcement authorities, other governmental agencies and non- governmental organisations.
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.
The table below indicates the purposes for which your personal data is processed and the legal justification for the processing. Some of the above grounds for processing will overlap and there may be several grounds which justify the processing:
We collect your personal data from the following categories of sources:
• Directly from you: When you provide it to us directly to open an account and use the Services, when you update your personal data in your account, or by corresponding with us (e.g. User Data, Account Data).
• Automatically or indirectly from you: For example, through and as a result of your use of the Services (e.g. Transaction Data, Technical Data, Usage Data).
• From our service providers: For example, where permitted by applicable law, we receive Third-Party Onboarding Data and certain Technical Data from our third-party age and identity verification providers.
Sharing your personal data
We share personal data with the following categories of third parties:
• Relevant authorities, regulators and organisations: In response to requests from governmental authorities (including law enforcement and tax authorities), regulators, and certain non-governmental organisations (such as the National Center for Missing & Exploited Children (NCMEC)). These recipients will use your personal data in the performance of their regulatory, law enforcement or otherwise charitable or not-for-profit role. The lawful basis we rely on for sharing personal data with these recipients is that the processing is either necessary to comply with a legal obligation to which we are subject, or necessary for our, or a third-party's, legitimate interests, or where it is in the interests of the wider public to do so (namely reporting illegal content to, and assisting with requests from, such authorities, regulators and organisations, to protect the safety of our users and third parties).
Your rights regarding personal data
You have certain rights regarding the collection and processing of personal data. You may exercise these rights by contacting us using the contact details set out at Section 19 (assistance and contact information).
Under certain circumstances and subject to certain exemptions, you have the right to:
• Withdraw your consent to the processing of your personal data: Please note that withdrawing your consent will not affect the lawfulness of any processing carried out before you withdraw your consent.
• Request to know or access to your personal data: You may receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
• Request correction of the personal data that we hold about you: You may correct any incomplete or inaccurate personal data we hold about you.
• Request deletion / erasure of your personal data: You may ask us to delete or remove personal data where there is no legitimate reason for us continuing to process it. You also may ask us to delete or remove your personal data where you have exercised your right to object to processing (see below). Please note that we may not always be able to comply with your request of deletion / erasure for specific legal reasons.
• Request the restriction of processing of your personal data: You may ask us to suspend the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it.
• Request the transfer of some sections of your personal data to another party.
You also have the right to object to processing of your personal data where we are relying on a legitimate interest for the processing and there is something about your particular situation which makes you want to object to processing on this ground.
We do not process personal data that is subject to solely automated decision-making, where that decision-making is likely to have a legal or similarly significant effect on you.
You also have the right:
• To lodge a complaint with a data protection regulator. For example, in the UK, this is the Information Commissioner's Office (ICO) and in Switzerland, this is the Federal Data Protection and Information Commissioner (FDPIC). If you are resident in the EEA, you may wish to contact your local country or state-specific data protection regulator.
• Depending on your location, to not receive retaliatory or discriminatory treatment in connection with a request to exercise the above rights, or appeal a decision we have made in connection with your privacy rights request. All appeal requests should be submitted by contacting us using the contact details set out at Section 19 (assistance and contact information).
Exercising your rights
If you would like to exercise your rights set out at Section 15 (your rights regarding personal data), you may do so by contacting us using the contact details set out at Section 19 (assistance and contact information).
If you submit the request yourself, please ensure that your request contains sufficient information to allow us to confirm your identity and properly understand, evaluate, and respond to it.
In order to verify your identity, we may at times need to request additional personal data from you, taking into consideration our relationship with you and the sensitivity of your request. In certain circumstances, we may decline a privacy rights request, particularly where we are unable to verify your identity.
If your request is made by a third-party authorised by you, we will also require proof that the third-party has permission to submit the request on your behalf (such as a signed document evidencing that the third-party has authority to make the request).
10.Retention of personal data
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes for which it was collected, as set out in this Policy. Subject to the below, we retain personal data for a period of 6 months after the deletion or deactivation of your account on the Website.
Please note that:
The personal data that we retain and the length of time for which it is retained will be determined on a case-by-case basis, depending on the particular circumstances.
• We will delete your personal data sooner where a shorter retention period is required by applicable law.
• We will retain your personal data for a longer period to the extent we deem necessary to carry out the processing activities set out in this Policy, for example:
• where it is necessary to comply with laws and regulatory obligations that are applicable to us (e.g. adhering to record keeping / maintenance requirements in certain locations and financial / tax reporting requirements, which in some cases is up to 7 years, and if we receive a valid legal request, such as a preservation order or search warrant, related to your account);
• for the purposes of identifying and reporting illegal activity, protecting the safety of our users and third parties, or otherwise protecting the rights and property of our users, us, and other third parties (e.g. where you have, or we have reason to believe that you have, violated our TERMS OF SERVICE, and in circumstances where users are banned from further access to the Website);
• for purposes of legal proceedings (e.g. to defend ourselves in litigation about a claim related to you); and
• for the purposes of responding to requests from third parties in relation to your account, such as requests received from, or investigations by, law enforcement authorities, relevant governmental authorities (e.g. tax authorities and regulatory authorities) and non-governmental organisations (e.g. NCMEC).
11.Assistance and contact information
We have appointed a Data Protection Officer ("DPO") whose responsibilities include, together with our team of privacy specialists, responding to questions, requests, and concerns in relation to this Policy and our use of personal data.
If you have questions about this Policy, or how we process your personal data, please submit a ticket through your account or email us at info@Direttagram.com