We are GetSocial. We are based at Juliana van Stolberglaan 4-10, 2595 CL Den Haag, The Netherlands. You can contact us at firstname.lastname@example.org. We process data, including some personal data, on behalf of our Client (app developer or publisher).
In this privacy notice, we describe how we process data, including personal data, on behalf of our app publishers clients. We are committed to a lawful, fair and transparent processing of personal data, adhering to the EU General Data Protection Regulation (GDPR).
- What data is used (categories)
Exactly what personal data we process depends on how our clients, the publisher of apps you use, have implemented our service, but our platform allows for the following types of data to be used:
Location (Country, Region, and City)
Retrieved from the IP-address (Using GeoIP mapping database) with max accuracy until city level.
We don’t collect location from the GPS of the device.
Device IDs (IDFA, IDFV, and AAID)
Unique advertising identifier of the user’s device.
Hashed Device IP Address
Hashed version of the IP from the device the user is accessing GetSocial from.
Browser User Agent
A string representing the Browser User Agent.
A string representing the User’s chosen language in the app.
A string representing the device language.
The model number of device i.e. SM-G360V.
Manufacturer of the device i.e. Apple, Samsung.
Device OS and OS version
Operating system and the OS version on the device i.e. iOS 11.
Device time zone
Time zone of the device i.e. Europe/Berlin.
Device screen size
Size of the screen in pixels.
Carrier of the device i.e. T-Mobile.
Network connection i.e. Wifi, 3G, LTE.
Purchases made by the user in the app which includes product Id, product type, product price, currency, and purchase time
Any string defined by the Client for their users.
User Image / Avatar
URL defined by the Client that points to a hosted image or fetched from Facebook.
Facebook ID of users who authenticate with Facebook. The id is scoped per app by Facebook.
Client proprietary ID.
Events and properties tracked based on user’s action in the app i.e. number of invites sent, app sessions etc.
User’s social graph
Friends of users (invited friends, Facebook friends or friends added through the app).
List of user private and public properties set and used by the Client.
We may also use persistent cookies to help us collect or store some of this information. Our cookies can be deleted or rejected through the browser settings of the User’s device. We utilize any combination of this data to help us identify a User’s device(s) pursuant to providing the Service. Clients may also pass custom data to GetSocial pursuant to providing the Services or information used to customize your experience with their App(s). The type of custom data shared via our Service is ultimately determined by our Clients. We strongly encourage our Clients not to share sensitive information such as credit card or password information via our Service.
- What is the data used for (purposes)
GetSocial data is used for delivering the GetSocial services. For example, device information is collected for attribution and tracking for user invites, language is used to provide localized text. The per-user friend graph is built per app and used for the service only. All data is also used in aggregated form to provide data insights via the GetSocial Dashboard.
- Where is data obtained from (sources)
Data is obtained via GetSocial’s API (Application Programming Interface) and SDK (Software development kit) from the user’s device, when using the app and/or visiting the smart link referral page.
- How long and where is data stored
Data is stored for up to 5 years. Aggregated and anonymized performance data could be stored longer.
GetSocial uses AWS (Amazon Web Services) for infrastructure (cloud computing, storage, database, performance analytics, application, and deployment services etc). Data is stored in database and cache servers, local file storage (in-app), and Global content delivery network (CDN) in US East.
- What safeguards are taken to protect data
Taking into account the nature, scope, context, and purpose of the processing, GetSocial takes technical and organizational measures to protect data against theft, loss, and damage. These include:
- Access control, including multi-factor authentication, to data.
- Defined groups, users and roles permission to access instances and AWS services.
- All data is located in the GetSocial VPC (Virtual Private Cloud).
- All data is transmitted encrypted (SSL).
- All data is encrypted in transit and at rest.
GetSocial uses several measures to ensure data availability and signal data breaches, including:
- Data storage with the ability to recover data at any point in time during the last 5 days.
- GetSocial services are set up for High Availability with multiple instances running in different Availability Zones.
- We make use of Load Balancers to distribute the load and auto-scaling through custom defined Cloudwatch alarms.
- Alarm system to detect and report anomalies and errors across the whole system, within 1 min of occurrence.
- Who is data shared with
GetSocial does not actively share data with any third parties, other than sub processors acting on our or our client’s behalf unless our Client explicitly requests so. We also offer our Clients basic integrations with Analytics Services like Adjust and Appsflyer and we share device information with them. This is the same information that Clients are already sharing directly with those services.
- Your Rights
You have the right to request access to your personal data that we process. You also have the right to:
- Rectify incorrect personal data or erase it in certain circumstances.
- Restrict or object to the processing of your personal data.
- Receive your data so that you can use it elsewhere (data portability).
Finally, you have the right to lodge a complaint with a supervisory authority. If you do not know who your supervisory authority is, please contact us and we will tell you.
You can contact us with any questions you may have about the processing of your personal data at the address above or by email at email@example.com. We may not be able to answer you directly since we can only process personal data on the instruction of our customers, but we will forward your question where possible.