Privacy Policy

When you use OmniVirt services, you trust us with your information. This Privacy Policy is meant to help you understand what data we collect, why we collect it, and what we do with it. This is important; we hope you will take time to read it carefully.

There are many different ways you can use our services – to search for and share information, to communicate with other people or to create new content. When you share information with us, for example by creating a OmniVirt Account, we can make those services even better – to show you more relevant search results and ads, to help you connect with people or to make sharing with others quicker and easier. As you use our services, we want you to be clear how we’re using information and the ways in which you can protect your privacy.

Our Privacy Policy explains:

  • What information we collect and why we collect it.
  • How we use that information.
  • The choices we offer, including how to access and update information.

Your privacy matters to OmniVirt so whether you are new to OmniVirt or a long-time user, please do take the time to get to know our practices – and if you have any questions contact us at contact+privacy@omnivirt.com.

Information we collect

We collect information to provide better services to all of our users – from figuring out basic stuff like which language you speak, to more complex things like which ads you’ll find most useful, the people who matter most to you online, or which OmniVirt videos you might like.

We collect information in the following ways:

  • Information you give us.

     For example, many of our services require you to sign up for a OmniVirt Account. When you do, we’ll ask for personal information, like your name, email address, telephone number or credit card to store with your account.
  • Information we get from your use of our services.

     We collect information about the services that you use and how you use them, like when you watch a video on OmniVirt, visit a website that uses our advertising services, or view and interact with our ads and content. This information includes:
    • Device information

      We collect device-specific information (such as your hardware model, operating system version, unique device identifiers, and mobile network information including phone number). OmniVirt may associate your device identifiers or phone number with your OmniVirt Account.
    • Log information

      When you use our services or view content provided by OmniVirt, we automatically collect and store certain information in server logs. This includes:
      • details of how you used our service, such as your search queries.
      • Internet protocol address.
      • device event information such as crashes, system activity, hardware settings, browser type, browser language, the date and time of your request and referral URL.
      • cookies that may uniquely identify your browser or your OmniVirt Account.
    • Location information

      When you use OmniVirt services, we may collect and process information about your actual location. We use various technologies to determine location, including IP address, GPS, and other sensors that may, for example, provide OmniVirt with information on nearby devices, Wi-Fi access points and cell towers.
    • Unique application numbers

      Certain services include a unique application number. This number and information about your installation (for example, the operating system type and application version number) may be sent to OmniVirt when you install or uninstall that service or when that service periodically contacts our servers, such as for automatic updates.
    • Local storage

      We may collect and store information (including personal information) locally on your device using mechanisms such as browser web storage (including HTML 5) and application data caches.
    • Cookies and similar technologies

      We and our partners use various technologies to collect and store information when you visit a OmniVirt service, and this may include using cookies or similar technologies to identify your browser or device. We also use these technologies to collect and store information when you interact with services we offer to our partners, such as advertising services or OmniVirt features that may appear on other sites. Our OmniVirt Analytics product helps businesses and site owners analyze the traffic to their websites and apps. When used in conjunction with our advertising services, such as those using the DoubleClick cookie, OmniVirt Analytics information is linked, by the OmniVirt Analytics customer or by OmniVirt, using OmniVirt technology, with information about visits to multiple sites.

Information we collect when you are signed in to OmniVirt, in addition to information we obtain about you from partners, may be associated with your OmniVirt Account. When information is associated with your OmniVirt Account, we treat it as personal information.

How we use information we collect

We use the information we collect from all of our services to provide, maintain, protect and improve them, to develop new ones, and to protect OmniVirt and our users. We also use this information to offer you tailored content – like giving you more relevant search results and ads.

We may use the name you provide for your OmniVirt Profile across all of the services we offer that require a OmniVirt Account. In addition, we may replace past names associated with your OmniVirt Account so that you are represented consistently across all our services. If other users already have your email, or other information that identifies you, we may show them your publicly visible OmniVirt Profile information, such as your name and photo.

If you have a OmniVirt Account, we may display your Profile name, Profile photo, and actions you take on OmniVirt or on third-party applications connected to your OmniVirt Account in our services, including displaying in ads and other commercial contexts.

When you contact OmniVirt, we keep a record of your communication to help solve any issues you might be facing. We may use your email address to inform you about our services, such as letting you know about upcoming changes or improvements.

We use information collected from cookies and other technologies, like pixel tags, to improve your user experience and the overall quality of our services. One of the products we use to do this on our own services is OmniVirt Analytics. For example, by saving your language preferences, we’ll be able to have our services appear in the language you prefer. When showing you tailored ads, we will not associate an identifier from cookies or similar technologies with sensitive categories, such as those based on race, religion, sexual orientation or health.

We may combine personal information from one service with information, including personal information, from other OmniVirt services – for example to make it easier to share things with people you know.

We will ask for your consent before using information for a purpose other than those that are set out in this Privacy Policy.

OmniVirt processes personal information on our servers in many countries around the world. We may process your personal information on a server located outside the country where you live.

Information you share

Many of our services let you share information with others. Remember that when you share information publicly, it may be indexable by search engines. Our services provide you with different options on sharing and removing your content.

Accessing and updating your personal information

Whenever you use our services, we aim to provide you with access to your personal information. If that information is wrong, we strive to give you ways to update it quickly or to delete it – unless we have to keep that information for legitimate business or legal purposes. When updating your personal information, we may ask you to verify your identity before we can act on your request.

We may reject requests that are unreasonably repetitive, require disproportionate technical effort (for example, developing a new system or fundamentally changing an existing practice), risk the privacy of others, or would be extremely impractical (for instance, requests concerning information residing on backup systems).

Where we can provide information access and correction, we will do so for free, except where it would require a disproportionate effort. We aim to maintain our services in a manner that protects information from accidental or malicious destruction. Because of this, after you delete information from our services, we may not immediately delete residual copies from our active servers and may not remove information from our backup systems.

Information we share

We do not share personal information with companies, organizations and individuals outside of OmniVirt unless one of the following circumstances applies:

  • With your consent

    We will share personal information with companies, organizations or individuals outside of OmniVirt when we have your consent to do so. We require opt-in consent for the sharing of any sensitive personal information.
  • For external processing

    We provide personal information to our affiliates or other trusted businesses or persons to process it for us, based on our instructions and in compliance with our Privacy Policy and any other appropriate confidentiality and security measures.
  • For legal reasons

    We will share personal information with companies, organizations or individuals outside of OmniVirt if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to:
    • meet any applicable law, regulation, legal process or enforceable governmental request.
    • enforce applicable Terms of Service, including investigation of potential violations.
    • detect, prevent, or otherwise address fraud, security or technical issues.
    • protect against harm to the rights, property or safety of OmniVirt, our users or the public as required or permitted by law.

We may share non-personally identifiable information publicly and with our partners – like publishers, advertisers or connected sites. For example, we may share information publicly to show trends about the general use of our services.

If OmniVirt is involved in a merger, acquisition or asset sale, we will continue to ensure the confidentiality of any personal information and give affected users notice before personal information is transferred or becomes subject to a different privacy policy.

Information security

We work hard to protect OmniVirt and our users from unauthorized access to or unauthorized alteration, disclosure or destruction of information we hold. In particular:

  • We encrypt many of our services using SSL.
  • We review our information collection, storage and processing practices, including physical security measures, to guard against unauthorized access to systems.
  • We restrict access to personal information to OmniVirt employees, contractors and agents who need to know that information in order to process it for us, and who are subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations.

When this Privacy Policy applies

Our Privacy Policy applies to all of the services offered by Social Nation Inc. and its affiliates, including OmniVirt, services OmniVirt provides on Android and iOS devices, and services offered on other sites (such as our advertising services), but excludes services that have separate privacy policies that do not incorporate this Privacy Policy.

Our Privacy Policy does not apply to services offered by other companies or individuals, including products or sites that may be displayed to you in search results, sites that may include OmniVirt services, or other sites linked from our services. Our Privacy Policy does not cover the information practices of other companies and organizations who advertise our services, and who may use cookies, pixel tags and other technologies to serve and offer relevant ads.

Changes

Our Privacy Policy may change from time to time. We will not reduce your rights under this Privacy Policy without your explicit consent. We will post any privacy policy changes on this page and, if the changes are significant, we will provide a more prominent notice (including, for certain services, email notification of privacy policy changes).

GDPR Privacy Policy

The terms below apply to data processing of data subjects from EU and EEA.

Social Nation, Inc. DBA OmniVirt, referred to as the “Company” or “we”, is committed to protecting your privacy. This Privacy Policy (“Policy”) applies to those who visit the Websites owned and operated by the Company, as well as Users of our Products and their End Users. This Privacy Policy describes how the Company collects, uses, shares and secures the personal information you provide. It also describes your choices regarding use, access and correction of your personal information.

Amendments to this Policy will be posted to this URL and will be effective when posted. If we make any material changes we will notify you by email (sent to the e-mail address specified in your account) or by means of a notice on this Website prior to the change becoming effective. You can choose to discontinue use of the Websites or Products, if you do not accept the terms of this Policy, or any modified version of this Policy.

The Company does not knowingly collect any personal information from children under the age of 16. The Company’s Websites and Products are not offered to individuals under the age of 16. You should not use the Websites and the Products in you are below 16. If you are under the age of 16, please do not submit any personal information through our Websites or Products. If you are under 16 and want to use our Websites and Products please contacts us to settle this matter individually. If you have questions or complaints regarding our privacy policy or practices, please contact us by the contacts below.

Social Nation, Inc.
Address: 280 Palm Ave, Millbrae, CA 94030
Email: contact+privacy@omnivirt.com

The terms related to the users of our Products shall be effective only upon signing Data Processing Agreement (the “DPA”) with us. Please contact us for details but we may refuse signing the DPA for any reason unilaterally.

Unless DPA adopted by us in your respect states otherwise, the Company is not liable for your inability to comply with applicable law and you warrant that any of your activities will not constitute a breach of applicable law. You will defend, indemnify and hold harmless the Company, its affiliates, independent contractors, service providers and consultants, and its and their respective directors, officers, employees and agents, from and against any third party claims, suits or actions and any resulting damages, costs, liabilities and expenses (including, but not limited to, reasonable attorneys’ fees) arising out of or related to your violation of any terms of this Privacy Policy and your processing of personal data.

Collection and Use

We may use the personal information collected from within the Websites or when you use the Products on the basis of legitimate interest to:

  • Send you promotional and marketing communications.
  • Facilitate your transactions with other persons when you use our Products.
  • Analyze user experience with the Websites and the Products.
  • Analyze your data for the purpose of fraud detection.
  • We may use the personal information collected from within the Websites or when you use the Products as it’s required for performance or entering an agreement with us:

  • Enter the agreement on the use Products by you and administering your account.
  • Provide you with the Products and Websites’ content.
  • Send you service messages related to the Websites or Products.
  • We obtain consent from the customers (“End Users”) of our Users for the following purposes:

  • Delivering targeted ads based on End Users’ profiles.

Each data subject has the right to withdraw previously provided consent or object to processing under specific circumstances.

Provision of personal data with our Websites is required for proper aligning of the Websites features to your preferences and entering an agreement with you on the use of Website and the Products. Inability to process this data will result in inability to provide proper access to our Websites and ability to use our Products.

Processing of personal data with our Products is our contractual obligation. It is required to show you ads based on your personal features (including language) instead of random contextual ads. Your profiles may be combined with the data collected by our Products and received from third parties. Further your data may be combined with other sets of data recognized as related to you. Such profiles help to align ad targeting based on the profile features chosen by advertisers. The data collected is being processed for 2 years unless otherwise required by a lawful purpose.

Conditions of Processing

The Company warrants that data processing will take place only if and to the extent that at least one of the following applies in case if the Company acts as a data controller:

  • the data subject has given consent to the processing of his or her personal data for one or more specific purposes;
  • processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
  • processing is necessary for compliance with a legal obligation to which the Company is subject;
  • processing is necessary in order to protect the vital interests of the data subject or of another natural person;
  • processing is necessary for the performance of a task carried out in the public interest;
  • processing is necessary for the purposes of the legitimate interests pursued by the Company or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child;
  • the Company took reasonable measures to ensure that no data of children below 16 is processed;
  • processing of personal data revealing racial or ethnic origin, criminal offences, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation is not conducted by the Company.

Where personal data relating to a data subject is collected, the Company shall, at the time when personal data are obtained or by data subject’s request, provide the data subject with all of the following information by a link to this Privacy Policy:

  • the identity and the contact details of the controller and the controller’s representative;
  • the purposes of the processing for which the personal data are intended as well as the legal basis for the processing;
  • where the processing is based on legitimate interests stipulated by applicable, such legitimate interests pursued by the controller or by a third party;
  • the recipients or categories of recipients of the personal data;
  • the fact that the controller intends to transfer personal data to a third country and the existence or absence of an adequate data protection;
  • the period for which the personal data will be stored, or if that is not possible, the criteria used to determine that period;
  • the existence of the right to request from the controller access to and rectification or erasure of personal data or restriction of processing concerning the data subject or to object to processing as well as the right to data portability;
  • the existence of the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal;
  • the right to lodge a complaint with a supervisory authority;
  • whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether the data subject is obliged to provide the personal data and of the possible consequences of failure to provide such data.

Sensitive Information

Each User is restricted from collecting and processing the following information:

  • data related to children below 16, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric and health data or data concerning a person’s sex life or sexual orientation.

Share

We may transfer personal information to our affiliated companies and sub-contractors that involved in provision the Products and Websites. The Company may exercise cross-border transfer of your data provided that the recipient signs a DPA with us which provides suitable safeguards for your personal data.

Categories of controllers we share your data with:

  • Advertisers, advertising networks, advertising data brokers.
  • Categories of processors we share data with:

  • Hosting services providers, fraud detection service providers, advertising statistics and tracking service providers.

Data Subjects’ Rights

As a data subject you have the following rights:

  • Right to access allows you to request the if its data is processed, to request the data itself and information related to purpose, data categories, recipients (or categories) including their countries, storage period or criteria to determine the storage, existence of right to rectification/erasure/restriction/objection, the right to lodge a complaint to supervisory authorities, data source, existence of profiling including logic and consequences, safeguards of transfer to third countries.
  • Right to rectification is the right to correct incorrect data and the right to complete incomplete data.
  • Right to erasure (to be forgotten) means that the data subject may request erasure if the data is:
    • no longer needed for the purposes of processing,
    • consent is withdrawn and no other grounds apply
    • data subject object processing
    • processing was unlawful
    • the data is related to a child and was processed in the context of offering a service directly to a child
  • Right to erasure does not apply if the processing is required for defense against legal claims and exercising of legal obligations.
  • Right to restriction means that processing shall be restricted if:
    • the user claims that the data is inaccurate and controller needs to verify if it’s really inaccurate
    • processing is unlawful but the data subject want it to be restricted rather than erased
    • processing is no longer required for its purposes but the data subject requires it for legal defense
    • processing is under objection but the controller need to verify if objection is not overridden by legitimate interest of controller.
  • When restriction is applied the data may be only stored except for processing under user’s consent or for legal defense.
  • Right to notification means that the controller shall communicate the request to erasure/rectification/restriction to each recipient unless it proves that it will take disproportionate effort. The controller shall inform the user about those recipients by request.
  • Right to data portability means that data subject may request the controller to provide collected data in structured and readable form if the processing is based on consent or for the purpose of contract performance/conclusion.
  • Right to object means that the data subject based on its personal circumstances may override legitimate interests of the controller which are the basis for processing. This right
  • shall be communicated at the time of first communication with the user separately from other information.
  • The data subject has the right not to be subject to profiling which significantly affects him or her.
  • The data subject has the right to lodge a complaint to supervisory authorities at any time.

Correction or Removal

If you would like to request your information to be removed from our database, please contact us. The Company acknowledges that you have the right to access your personal information. The Company collects information on behalf of our Users as a joint controller, and has no direct relationship with the individuals with whom our Users may interact using the Products. If you are an End User and would no longer like your data to be processed in the current manner, please contact the User that you interact with directly. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data or apply with other request should direct his query to the User. If technically possible, the Company may provide you with the details of such User and assist in your request provided directly to the Company.

Retention of Personal Information

We retain personal data we process for as long as needed to provide the Products and Websites and as long as you use the Products and Websites. If you wish to request that we no longer use your data, please contact us. We will retain your data as necessary to comply with our legal obligations, maintain accurate financial and other records, resolve disputes, and enforce our agreements.

Processing Personal Information on the Websites

We are the data controller in respect of information provided from our Websites for the purposes of the General Data Protection Regulation (“GDPR”) and the Swiss Federal Act on Data Protection. We may collect the following information from you within the Websites: Contact Information, such as name, IM username, email address, mailing address, phone number and billing information.

When you use our Website, we automatically collect information on the type of device you use, operating system version, and the device identifier to ensure you receive proper notifications and proper settings of the Websites.

Processing Personal Information on the Products

We are the joint controller in respect of the information provided from our Users in the course of using the Products.

Our Users are responsible to inform the individuals using the Products on the Users’ properties with all necessary information and obtain necessary consent for any personal information that is collected through the Products.

We may collect the following information from you when you use our Products:

  • application id
  • publisher id
  • android id
  • SDK version
  • application source
  • device id/IMEI
  • device model
  • device specifications
  • OS type/version
  • IP address
  • local time
  • carrier
  • device location
  • language
  • network type
  • user agent

Records of Processing

The Company maintains a record of processing activities under its responsibility. The record shall contain all of the following information:

  • the name and contact details of the data controller;
  • the purposes of the processing;
  • a description of the categories of data subjects and of the categories of personal data;
  • the categories of recipients to whom the personal data have been or will be disclosed;
  • transfers of personal data to a third country, including the identification of that third country and suitable safeguards;
  • where possible, the envisaged time limits for erasure of the different categories of data;
  • where possible, a general description of the technical and organisational security measures in respect of processed data.

Use of Cookies

When you use our Websites or Products, we may store some information on your device. This information will be in the form of a “cookie” or similar file/technology. Cookies are small pieces of information stored on your device. We use cookies to help you navigate the Websites and Products as easily as possible, and to remember information about your current session. Session Cookies and they are removed from your device when you end your session. You must enable cookies on your web browser to use all features of the Websites and the Products. Essential Cookies are essential for the basic functionalities offered by the Products and the Websites. These cookies help in keeping a user logged in to the Websites or Products and remember relevant information when they return to the Websites and the Products. Insight cookies are used for tracking the user activities within the Websites and the Products, which helps us in improving your user experience. Marketing cookies are used for providing you with customized and interest-based ads based on your browsing behavior and other similar activities on our Websites and Products.

Protection of Information

The Company performs the following measures on protection of personal data to prevent the data breaches, misuse and the violation of rights of data subjects:

  • Providing this Policy for review to any person or entity which is about to process the personal data to/from the Company.
  • Keeping the Company’s officers and contractors responsible for proper data processing conducted by such officers and contractors.
  • Providing prior examination of the source and destination of personal data in respect of possible violations of data processing.
  • Providing advice to any officer, data subject or partner on the subject of compliance with this Policy.
  • Making sure no access to personal data is provided to unauthorized parties.
  • Using only reliable and tested software for processing or personal data.
  • Assuming technical and organizational risks of data processing before such processing takes place.
  • Ensuring that all actions in respect of the data are exercised by protected accounts to access the data and all data storages are available only to a limited number or persons on a password basis.
  • Ensuring that Company is able to suspend data processing or withdraw any piece of data from processing if we believe that such processing may violate applicable law.
  • In case of change in any business process the Company will determine whether such change is data-related and check if such change falls in line with this Policy.
  • Providing that each location and device where personal data may be stored is a safe environment.
  • Utilizing firewall to minimize the risk of unauthorized access to the hosting infrastructure.
  • Where necessary use third-party vendors to perform security assessments to identify issues with its data security that could result in security vulnerabilities.
  • Providing encryption of most valuable personal data.
  • Ensuring ongoing confidentiality, integrity, availability and resilience of processing systems and services.
  • Providing the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident.
  • Processing regular testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the data processing.

Data Breaches

The Company continuously reviews its internal processes and external relations in respect of compliance with this Policy. If a present or potential violation is detected the Company shall investigate the reasons and decide if the violation may be cured. The Company shall assign officers to manage the violation or terminate the relations with the respective partner or data subject which will result in suspension of data processing.

In case of a personal data breach, the Company shall without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the personal data breach to the supervisory authority, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons. Where the notification to the supervisory authority is not made within 72 hours, it shall be accompanied by reasons for the delay.

The notification shall at least:

  • describe the nature of the personal data breach including where possible, the categories and approximate number of data subjects concerned and the categories and approximate number of personal data records concerned;
  • communicate the name and contact point where more information can be obtained;
  • describe the likely consequences of the personal data breach;
  • describe the measures taken or proposed to be taken to address the personal data breach, including, where appropriate, measures to mitigate its possible adverse effects.

Where, and in so far as, it is not possible to provide the information at the same time, the information may be provided in phases without undue further delay.

The Company shall document any personal data breaches, comprising the facts relating to the personal data breach, its effects and the remedial action taken. That documentation shall enable the supervisory authority by request.

When the personal data breach is likely to result in a high risk to the rights and freedoms of natural persons, the Company shall communicate the personal data breach to the data subject without undue delay. The communication to the data subject shall describe in clear and plain language the nature of the personal data breach and contain at least the information on taken measures.

The communication to the data subject shall not be required if any of the following conditions are met:

  • the Company has implemented appropriate technical and organisational protection measures, and those measures were applied to the personal data affected by the personal data breach, in particular those that render the personal data unintelligible to any person who is not authorised to access it, such as encryption;
  • the Company has taken subsequent measures which ensure that the high risk to the rights and freedoms of data subjects is no longer likely to materialise;
  • it would involve disproportionate effort – in such a case, there shall instead be a public communication or similar measure whereby the data subjects are informed in an equally effective manner.

Legal Disclosure

We may disclose your personal data as required by applicable law, in response to lawful requests by public authorities, including meeting national security or law enforcement requirements and when we believe that disclosure is necessary to protect our rights and/or to comply with a judicial proceeding, court order, or other legal process served on us. Your personal data will also be shared between our affiliated companies for the activities permitted under this Policy.

Dated: May 24, 2018