App/Web Tracking Privacy Terms
This Privacy Policy (hereinafter referred to as the "Policy") aims to explain how ShareParty Insight Co., Ltd. (hereinafter referred to as "ShareParty") and RealityMine Ltd. (hereinafter referred to as "RealityMine") collect and process your personal data. ShareParty and RealityMine collaborate to provide software applications and data processing services for the purposes described in this Policy.
This Policy applies to all ShareParty users who agree to participate in the Video Tracking Program (hereinafter referred to as the "Program"), which involves connecting their mobile devices to the software application developed by RealityMine (hereinafter referred to as the "Application"). Therefore, users participating in the Program are subject to both ShareParty’s Terms of Service and Privacy Policy.
For this tracking service, ShareParty and RealityMine act as joint Data Controllers where they jointly determine the purposes and means of processing personal data, and each service provider acting on their instructions acts as a Data Processor.
Your personal data may be transferred to, stored in, or processed in Taiwan, the United Kingdom, and other countries where ShareParty, RealityMine, our service providers, or infrastructure/cloud providers operate. These countries may have data-protection laws different from those in your country. We make cross-border transfers only where permitted by applicable law and use appropriate contractual, technical, and organizational safeguards designed to protect your personal data. Where required, we will provide additional notice, obtain consent, or take other steps required for the transfer.
1. Detailed contact information
To learn more about our Privacy Policy or the way we process your personal information, please contact us through the following methods:
Primary contact: The Data Controller ShareParty
Full name of the legal entity: ShareParty Insight Co., Ltd.
Name or Title: The Data Protection Officer
Email: data@sharepartyinsight.com
Mail address: 12F, No. 131, Nanxiang Rd., Luzhu Dist., Taoyuan City, 338105, Taiwan
Primary contact: The Data Controller RealityMine
Full name of the legal entity: RealityMine Ltd.
Name or Title: The Data Protection Officer
Email: dpm@realitymine.com
Mailing address and recipient: Data Protection Manager, RealityMine Limited. Warren Bruce Court, Warren Bruce Rd, Stretford, Manchester, M17 1LB, United Kingdom.
Additional contact: The Data Processor, RealityMine
Full name of the legal entity: RealityMine Ltd.
Name or Title: Data Protection Manager
Email: dpm@realitymine.com
Mailing address and recipient: Data Protection Manager, RealityMine Limited. Warren Bruce Court, Warren Bruce Rd, Stretford, Manchester, M17 1LB, United Kingdom.
Additional contact: The Data Processor, ShareParty
Full name of the legal entity: ShareParty Insight Co., Ltd.
Name or Title: Data Protection Manager
Email: data@sharepartyinsight.com
Contact address and recipient: 12F, No. 131, Nanxiang Rd., Luzhu Dist., Taoyuan City, 338105, Taiwan
You may contact us first about any privacy concern. You may also lodge a complaint with the competent data-protection authority in your country where such a right is available under applicable law.
You have the right to contact the relevant regulatory agencies at any time. Still, we hope that you could contact us before contacting the regulatory agencies in order for us to assist you in matters of your concerns and worries about the usage of your data. Therefore, we would be very grateful if you could contact us in the first instance.
2. Privacy notice changes and your duty to inform us of data changes
The accuracy and timeliness of the personal data we hold about you are very important. Please notify us immediately of any changes to your personal data during the period of cooperation between you and us.
3. Information collection
Information we hold:
We may collect and hold personal and non-personal information about you as described below.
Personal data or personal information refers to any personal-related data from which an identity can be named but does not include data from which the identity has been removed (anonymous data).
We collect, use, store and transmit a variety of your personal data and categorize it as follows:
a. Contact data includes email addresses and telephone numbers.
b. Technical data includes the applications and websites you use, search terms you enter, Internet Protocol (IP) addresses, browser type and version, time zone settings and location, browser plug-in program type and version, operating system and platform, and other technical features on the Device you use.
We will not intentionally collect or process sensitive or special-category personal data unless you choose to provide it after receiving notice and, where required, giving separate consent, or unless another lawful basis applies. Some surveys may ask optional questions about sensitive topics. You may skip those questions or stop the survey, although this may affect eligibility for that survey's reward. For passive app or web measurement, we do not seek to collect sensitive data. Because app and web usage may incidentally reveal sensitive-category signals, we use reasonable measures to minimize, filter, exclude, or protect such data, and we process it only where permitted by applicable law and your consent settings.
We use different methods to collect data about you. The following details of how to use the Applications to collect data.
The Applications collect "clickstream data" and collect diary/survey data after they have been set up. Clickstream data is the information that you and your Device generate as you browse the Internet and interact with a variety of websites, services and device features.
This service will install the "Dashboard". The “Dashboard” is the software that collects the data mentioned above from your device. We will only use the data described in the Policy.
The following types of information are collected by the Applications:
a. Online browsing: It includes the websites you visit and the applications you use, including news sites, applications or social networks, and your interactions with each other.
b. Online activity: It includes search terms you enter and the search results, videos you watch, products you purchase online, the information you enter into forms, contents you download or upload, advertisements you view, cookies of the websites you visit, information and contents on the websites you visit or applications you use, and interactions with applications, which may include your personal, financial, and health information, as described more detailed in the chapter below, "Protection of personal and sensitive information".
c. System information: It includes information about your running Device and browser, including the IP address and phone number of your device, how the application works, and what other applications are installed or running on your Device.
d. Mobile usage information: If you have downloaded and installed our Applications or VPN profile on your Device, we can collect information about your mobile device usage. Please note that this information is collected in the "backstage" and sent to us without further activation by you. We call this "passive tracking". Passive tracking can include the following types of information:
• Information about your Internet browsing habits - the amount of time you spend browsing the Internet on your mobile device or computer, the websites you visit or applications you use, and all terms you search for.
• Information about other applications and features you use on your mobile device (such as cameras, but we do not collect any photos), including the identity of the applications and features, when you download them, how often you use them, and how long you use them.
• Information about the time you make or receive calls on your mobile device and the length of those calls. We do not collect or record the contents of your calls.
• Information about text, SMS or multimedia messages you send or receive. We do not collect or record the contents of SMS or multimedia messages sent and received through your cell phone's operating system.
• Information about when emails are sent and received on mobile devices.
• Whether you make a phone call, send an email, SMS, or multimedia message, the RealityMine system "de-identify" the details of the number or email address of the counterparty, so we do not identify the actual phone number or email address of the party you are calling/sending a letter/texting message to; however, we can determine if the counterparty is a "contact" in your mobile device.
• Information about the mobile device you have, such as the type of device, when and how long it is charged, battery status, and whether it is on, off, in standby, or in "flight" mode.
• Information about the mobile network you use, the Wi-Fi network you are connected to, and the duration of your connection.
• The amount of data downloaded to your mobile device, the number of times you download data, and the type of connection (Wi-Fi or mobile network) you use.
• Information that can be inferred by combining the above information - such as which applications you are using before searching for specific information on your mobile device's web browser, or how often you call, email, or text to a specific contact, or the geographic location where you are most likely to charge your device, make a call, or download an application.
• Operating system features that allow you to view application contents, such as accessing support services.
• Your Device's advertiser ID or ad identifier.
e. Information provided by you. In some instances, we may ask you to send us video, audio or image content. The contents sent may include personal information, such as an image format that can identify you.
The above list covers examples of the types of data collected, but is not a complete list of all individual data elements.
4. Protection of personal and sensitive information
We have taken appropriate security measures to protect your personal data from accidental loss, theft, or unauthorized access, alteration, or disclosure. In addition, only employees, agents, contractors and other third-party collaborative vendors with business needs will have access to your personal data. The aforementioned parties will process your personal data only in accordance with the instructions of the Data Controller and will assume responsibility and liability for confidentiality. We have developed ways to respond to any suspected leakage of personal data and will notify you in accordance with local regulatory requirements, as well as report such violations to any applicable regulatory authorities.
5. Cookies
We may use the technology called “cookies” to collect certain information. A cookie is a small text file that is stored on your device through the browser. If you return to the site using the same device and browser, the site can recognize you through the cookie and store your preferences and other information.
We use a temporary work-stage cookie during the download and registration process to correctly identify the marketing research team you have joined, add a unique anonymous identifier, and trigger the download process.
We may use cookies outside of the Applications and link this information to other data in your personal file, including data collected through the Applications in use. You can modify your browser’s settings to delete cookies and/or control how cookies operate. For more information, please refer to the “Help” description of your browser.
6. How we use your data
We, along with our designated data processors, will use your personal data only under lawful conditions. In general, we will use your personal data in the following circumstances:
a. When we are about to enter into a contract to be performed or when the counterparty of the contract that has been entered into is the Data Controller who needs to process your personal data. By downloading the Applications, you agree to our processing of your data and acknowledge that we are processing your personal data in accordance with the contract you have entered into with the Data Controller.
b. When it is necessary for the legitimate interests of us and our data processors (or third-party partners), provided that your interests and fundamental rights do not override these interests.
c. When we need to comply with laws and regulations or legal obligations.
d. To evaluate the performance of our products and services and to determine the room for improvement in data analysis features.
7.For the purposes for which we use your personal data.
We process your data according to our legitimate interests and ensure that our contract with the Data Controller is fulfilled.
8. Purposes for which the Data Controller uses your personal data
This section describes how your data (including web usage, application usage, demographic statistics, survey responses, and information we obtain from third party collaborative vendors) will contribute to the services provided by the Data Controller to its individual or multiple customers (hereinafter referred to as “Customers”). Generally speaking, the participating members’ data will be merged into the consumer segment data and reported in an aggregate or categorized manner. A consumer segment is a group of users who share common interests or characteristics, such as “women aged 28-34 who want to use Netflix”. Once data is aggregated, the de-identified and aggregated results and consumer segments are shared with the Customers of the Data Controller and other parties described in this Policy. In some cases, the Data Controller may share unaggregated results for restricted purposes. The following are examples of the types of services offered by the Data Controller and the ways in which your data may be used in these services:
Advertising marketing – Your data is merged with other users’ data into a customer data pool for analyzing the exposure of specific advertisements. The information in the merged data database will be de-identified and will not identify any specific user. You agree that these de-identified data may be shared between the data controller and the data processor to facilitate the analysis and understanding of how and to what extent advertising expenditures impact the consumer journey and decision-making process.For example, comparing the behavior of two user groups, one that has seen a specific online ad and the other that has not.
Media usage analysis – Your data is merged with other users’ data to form a consumer segment that is shared with the Data Controller without any specific user information being identified in the data. We typically analyze these consumer segments on behalf of our Customers to understand where consumers are surfing the Internet and how they are interacting with digital media, including the website contents, applications, and advertisements they are viewing. For example, the Data Controller can help companies understand how effective their websites or applications are by comparing how users interact on their own websites or applications to those of their competitors.
Creating a personal file – The Data Controller may obtain additional information about you from other public or private data sources, using personally identifiable information that you provide to us outside of the Applications, or using anonymous identifiers associated with you (such as IP addresses or similar identifiers). The data sources of these third-party collaborative vendors may provide the Data Controller with information about your online and offline purchases, information about your family and lifestyle, as well as broader demographic and personal history breakdowns. The Data Controller can merge this information with other information to add and improve the shared personal files described in this Policy. For example, by looking at web browsing activities and in-store purchase behaviors, the Data Controller’s marketing research can determine whether members of a particular consumer segment visit particular websites in the course of researching a product (such as a television, computer, or automobile), but are more likely to visit a brick-and-mortar store. Such data helps the manufacturer or distributor of the products to better understand where to find Customers interested in their products.
Consumer analytics – The data controller uses your data, either personally, identifiable information obtained directly by the Data Controller or through trusted third-party collaborative partners, to optimize and improve the consumer base on the Data Controller or its Customers. When Customers already have such information, the Data Controller uses personally identifiable information in this manner because it is often the only way to match the personal files held with the Customers’ personal files. Sometimes the Data Controller will collect information from your clickstream data, such as work-stage ID, and share that information with third-party collaborative vendors in order to match your information with information held by the third-party collaborative vendors as part of their services. While in these cases, the Data Controller will allow third parties and their Customers to use your information to enhance the overall consumer base and for advertising purposes, in the general course of your online activities, you will be a member of a broader consumer base and therefore will see specific advertisements created with the help of your data.
Targeted surveys – Based on the data collected by the Applications, the Data Controller may send you invitations to participate in surveys based on your online activities. For example, if you visit a website that indicates that you enjoy traveling, the Data Controller may send you a survey about travel services. The Data Controller may provide some or all of the survey responses to its Customers, but will not provide information in the responses that can directly identify any particular user, including specific responses and quotes from individual respondents.
The Data Controller may also use your information for the following purposes: To maintain the settings and proper functioning of the Applications, database or application services (such as customer support, email or surveys), and data quality maintenance and data cleanup.
During the registration process before installing the application, or while participating in surveys or other services, the data controller will directly collect your name, phone number, email, birth year, household information, income, and gender within the scope outlined in this Policy. Such kind of information is part of your consumer personal file and will be used as described above. The Data Controller will also contact you via the contact information you have left to provide information about application maintenance and updates as well as other service-related communication. In addition, for research purposes, ShareParty may invite you to take part in optional in-depth telephone interviews. We will not treat merely providing a contact number as consent to receive phone interviews; we will contact you for such interviews only where you have separately and voluntarily agreed, and you may decline without leaving the Program.
When working with a third party collaborative vendor (such as a third party data provider) to supplement your personal file, to protect your privacy, the Data Controller will ask the data provider to sign a confidentiality agreement stating that personally identifiable information will not be shared with unauthorized parties. The Data Controller will give explicit instructions to the data provider to maintain the confidentiality, security and integrity of the information we provide and not to use the information for purposes other than those expressly authorized.
We may use and share aggregated, de-identified, pseudonymized, or statistical data with selected clients and partners to provide market analysis, audience insights, and competitive intelligence. We do not disclose your name, contact details, or other directly identifying personal data to clients for these purposes unless we have your consent or another valid legal basis under applicable law. Where pseudonymized data remains personal data under applicable law, we continue to protect it as personal data.
9. Additional disclosure of your information
In the event of a business transformation, such as a merger, acquisition, or the sale of all or part of the company’s assets, you understand that all information you have provided and stored may be transferred as part of the transferred assets.
In order to conduct business partnerships and market research, you understand and agree that we may share limited data with research clients, measurement partners, analytics providers, technology vendors, reward/payment providers, and other service providers that support the ShareParty service. Examples may include Kantar, Google, Yahoo, Meta, NIQ/GfK, comScore, Treasure Data, Ipsos, INTAGE, GMO Research & AI, TNL Mediagene, AD2, RealityMine, and similar partners, depending on the project and market. Where specific legal entities differ by country or contract, references include the relevant group companies, affiliates, processors, and service providers. Any data shared will be limited to application or Web usage, e-commerce or media data. We do not share any personal and directly identifiable information, such as names, addresses or emails. If we share data with these organizations, we will comply with the relevant data protection regulations. For example, if we receive a request for data deletion, we will forward the request to these organizations, which must also delete the data in order to comply with this Privacy Policy. If you do not agree, please follow the steps in this Policy to opt out of the program.
We also reserve the right to disclose your information when we believe disclosure is necessary to protect our rights or to combat suspected fraudulent activities, in accordance with the laws, a court order, or a proceeding required legally.
10. Removal of the Applications
You may opt out of this survey program at any time by removing the Application from your Device. For instructions on removing the Applications, please read the instructions provided to you when you first join the survey and follow all of the detailed steps for removing the Application. However, the procedure for individual operating systems is outlined below:
a. If you are using an Android mobile phone system, you can simply open “Settings”, scroll down to “Apps”, find ShareParty and click “Uninstall”.
b. If you are using an iPhone, just click on the app icon. When the “X” appears on the top of ShareParty, click on the “X” to delete the App.
c. If you are using a Windows device, find ShareParty in “Programs and Features”, double-click it and open the installation wizard, then click “Uninstall”. After completing the above steps, the system will automatically remove all browser extension features.
d. If you are using an OSX device, please force quit ShareParty, drag and drop the App to the trash can, and then empty the trash can. After completing the above steps, the system will automatically remove all browser extension features.
If you are unable to exit the data collection program in a quick and easy way, please let us know and we can assist you with the request. If you have any questions about removing the Application or exiting the program, please be sure to contact the Data Controller.
If you have set your browser to “private browsing” or similar settings, the Application will continue to run, collect data, and send it to us. To completely stop the Application from running and stop collecting data from your Device, you must follow the steps described above to remove the Application.
Please note that removing the application will not delete the information and data you have previously provided to us. If you wish to request data deletion, you must submit a request in accordance with the instructions outlined in Section 13 of this Policy.
11. Data security
We have taken appropriate technical and organizational measures to protect your personal data from accidental loss, theft, or unauthorized access, alteration, or disclosure. In addition, only employees, agents, contractors and other third-party collaborative vendors with business needs will have access to your personal data. The aforementioned parties will process your personal data only in accordance with our instructions and will assume responsibility and liability for confidentiality.
We have developed ways to respond to any suspected leakage of personal data and are required by law to notify you and any applicable regulatory agencies of such violations.
12. Information security incident notice
If we become aware of an information security breach that may result in the destruction, loss, alteration, unauthorized disclosure of, or access to, customer data or personal data (each, an "information security incident"), we will, without delay, immediately (1) notify the Data Controller of the information security incident; and (2) work with the Data Controller to take reasonable steps to mitigate the impact of the information security incident and reduce potential losses.
Notice of information security incidents will be sent to the data subject by the Data Controller.
The parties named in this Privacy Policy will use their reasonable efforts to assist the Data Controller in meeting its obligations under the Republic of Singapore’s “Personal Data Protection Act 2012” and Article 33 of the “GDPR” or other applicable laws to report the information security incident to the relevant regulatory agencies and the data subjects.
In this chapter, describing our obligations to report or respond to an information security incident does not mean that we acknowledge our negligence or liability related to information security incidents.
The Data Controller must promptly notify us of any potential data misuse.
13. Data access rights
You have the right to make requests to:
a. Obtain personal data we hold about you. You will need to contact your Data Controller.
b. Correct your personal data when it is incorrect, out of date or incomplete. You will need to contact your Data Controller to correct the data.
c. Request that we stop using your personal data.
d. After you withdraw your consent, we will stop processing any personal data that requires your consent.
If you wish to modify or remove personally identifiable information we hold about you, please contact your Data Controller with the specific request. The above data access rights do not include the ability to modify or remove clickstream data, inadvertently collected as described in the "Protection of personal and sensitive information" above, or information shared with third party collaborative vendors as permitted by this Privacy Policy.
If you would like to review your personal data held by us, please approach the contact window for a Data Subject Access Request (DSAR) form, which will be provided to you within 30 business days. You will be asked to submit two types of identified certificates dated within the last three months to the Data Controller for the DSAR.
You may contact us first about any privacy concern. You may also lodge a complaint with the competent data-protection authority in your country where such a right is available under applicable law.
e. The Company and its affiliates or partners (hereinafter referred to as "Partners") may process and analyze de-identified data for lawful and legitimate purposes, including but not limited to the following:
• Providing data analytics services to help Partners improve their products and services;
• Utilizing collected membership data for market trend analysis;
• Implementing non-individualized advertising learning models to enhance the effectiveness of ad placements.
The Company is committed to ensuring that all data processing complies with applicable local regulations, including but not limited to the EU General Data Protection Regulation (GDPR) and the Cross-Border Privacy Rules (CBPR).
Furthermore, the Company will ensure the security and integrity of de-identified data. If local regulations impose specific requirements on data sharing or processing, the Company will adjust its practices accordingly.
We may use aggregated, de-identified, or pseudonymized data for analytics, modelling, quality control, fraud prevention, audience segmentation, and machine-learning purposes. We may also use automated tools to support survey matching, reward eligibility, fraud checks, and service security. We do not use solely automated processing to make decisions about you that produce legal or similarly significant effects, unless we provide any notice, consent, review option, or other safeguard required by applicable law.
14. Legal basis
Legitimate interest means that we have a business interest in operating and managing our business in a way that provides you with the best possible services/products and the best possible security experience. Before processing your personal data for our legitimate interests, we will ensure that we consider carefully and determine any potential positive or negative impacts on you and your rights. We will not use your personal data for activities that affect you more than our interests (unless we have your consent or are otherwise required or permitted by laws). You can contact us for further information about how we assess our legitimate interests to avoid potential impacts on you in particular activities.
Performance of a contract refers to measures taken to perform a contract to which you are one of the contracting parties or respond to your request before the contract is concluded, so that your data will be processed as needed.
Compliance with laws or regulatory obligations means processing your data as necessary to comply with laws or to meet our regulatory obligations.
15. Your legal rights
You have the following rights:
To request access to your personal data (commonly referred to as a "data subject’s access request"). This request allows you to obtain a copy of the personal data we hold about you and check whether we process such data according to the laws.
To request correction of the personal data we hold about you. Although we will need to check the accuracy of the new data you provide, this request allows you to correct incomplete or incorrect data that we have about you.
To request deletion of your personal data. You may request that we delete or remove personal data when we have no legitimate reason to continue processing your personal data. You also have the right to request that we delete or remove your personal data after you have successfully exercised your right to object to the processing (see "Objection to data processing" below for details). For example, if we process your personal data illegally, or if we are required to delete your personal data to comply with local laws and regulations. Please note, however, that we may not be able to complete your data deletion request for specific legal reasons, and we will notify you if there is an applicable legal reason when you make such a request. Your request will be processed within 90 days in accordance with our company policy.
Objection to data processing means objecting to our processing of your personal data based on our legitimate interests or those of a third party, as well as in special circumstances relating to you, where you believe that the data processing would affect your fundamental rights and freedoms so you object to it from this position. You also have the right to object to our processing of your personal data for the purposes of direct marketing. In some cases, we will demonstrate that we have a compelling legitimate position to process your data that overrides your rights and freedoms.
To request restrictions on the processing of your personal data. Under the following circumstances, you may ask us to suspend the processing of your personal data: (a) if you want us to confirm the accuracy of the data; (b) if we are using the data unlawfully but you do not want us to delete it; (c) if you need us to continue to hold the data even though we no longer need it in order to establish, exercise or defend a legal claim; or (d) if you have objected to our use of your data, but we need to check whether there is an overriding legitimate reason for continuing to use the data. At the direction of the Data Controller, we will carry out data processing operations to produce our data package products. Your Data Controller will receive selected reports to meet their business needs.
To request the transmission of your personal data to you or a third party. We will provide your personal data in a structured, commonly used, machine-readable format to you or a third party collaborative vendor of your choice. Please note that this right applies only to automated information that you initially provided and consented to our use, or information that we use to fulfill our contract with you.
To withdraw the consent on which we rely to process your personal data at any time. However, this will not affect the legality of the data processing we undertake prior to your withdrawing your consent. If you withdraw your consent, we will not be able to provide you with certain products or services. We will inform you if there are any of the above circumstances when you withdraw your consent.
The interpretation and application of this Policy shall be governed by the relevant laws and regulations of your location. In the event of any conflict between this Privacy Policy and local laws, the local laws shall take precedence, and we will adjust our operational procedures accordingly to ensure compliance.
16. Data retention
We retain personal data only for as long as reasonably necessary for the purposes described in this notice, including to provide the Service, administer rewards, support your account, maintain security, prevent fraud, resolve disputes, comply with legal, tax, audit, and accounting obligations, and enforce our terms. When personal data is no longer needed, we will delete it, anonymize it, or securely dispose of it. Aggregated or de-identified data that no longer identifies you may be retained and used for legitimate business, research, analytics, and reporting purposes.
17. Children's privacy
ShareParty is intended only for users who are at least 18 years old. We do not knowingly collect personal data from anyone under 18. If we learn that we have collected personal data from a person under 18, we will delete it or take other steps required by applicable law.
18. Privacy Policy changes
If we use your personal information in a manner different from that described in our Privacy Policy when collecting data, your Data Controller will send an email notification. If we make changes to our privacy practices to the extent that will not affect information stored in our database or future information collection, your Data Controller will post an announcement on the website informing members of the change and asking them to pay attention to the revised Privacy Policy.
19. Contact us
If we hold any personally identifiable information about you, you may contact the Data Controller to request for your contact information to be corrected, updated, or deleted.
If you have questions about this Policy, the data collected by the Applications, or have other privacy-related concerns, please contact the Data Controller.
To contact the Data Controller's DPO, please send a message to
data@sharepartyinsight.com and dpm@realitymine.com
To contact the DPM of the Data Processor, RealityMine, please send a message to
dpm@realitymine.com
To contact the DPM of the Data Processor, ShareParty, please send a message to
data@sharepartyinsight.com