Privacy Policy

Effective: January 15, 2024

As part of our values, at DŌBRA we are committed to protecting and respecting your privacy in connection with your use of our Bear Room mobile application (the “App”), our website and all related services, features and content (collectively, the “Products”) offered by DŌBRA GPI UAB, registration code 306269277, address: Krokuvos str. 53-3, LT-09306 Vilnius, Lithuania (“DŌBRA,” “we,” or “us”). This Privacy Policy describes what information we collect when you use our App and how it is used and shared.

IF YOU DO NOT AGREE WITH THIS PRIVACY POLICY, DO NOT USE OUR PRODUCTS

Data processing information in short:

Personal data collected is owned by DŌBRA GPI UAB (registration code 306269277, address: Krokuvos str. 53-3, LT-09306 Vilnius, Lithuania) which is responsible for your information under this Privacy Policy (the “Data Controller”).

Our main data processing purposes:

  • To provide our Products, including the delivery of content and interactive features;
  • To manage our relationship with you which will include: Notifying you about changes to our Terms of Services [link to ToS] or Privacy Policy / Notifying you about updates.

 

Your data subject rights: to obtain information about your stored personal data, the right to correct and transmit your data and, if necessary, to object to (when data is processed based on our legitimate interest or your consent), restrict the processing of, or deleting of, your personal data. You also have a right to submit a claim at the State Data Protection Inspectorate at ada@ada.lt.

Unless otherwise defined in the Privacy Policy, the terms such as personal data, data subject, data processing, controller and processor are used in the meaning given to them in Article 4 of the General Data Protection Regulation (2016/679/EU; the “GDPR”).

For more data processing purposes and other specific information about your personal data processing please refer to a Full version of this Privacy Policy below.

Full version of the Privacy Policy

1. APPLICABILITY OF THIS PRIVACY POLICY

This Privacy Policy (the “Privacy Policy”) applies to your personal data when you:

  • use our Products, including when you provide information for getting access to our Products;
  • contact us via e-mail/phone/etc.;
  • provide us with your personal data in any other way (e.g. through customer support inquiries, feedback sharing, etc.).

 

2. INFORMATION WE COLLECT ABOUT YOU

Personal data is typically data that identifies an individual or relates to an identifiable individual. This includes information you provide to us, information which is collected about you automatically, and information obtained from third parties.

We collect several types of information from and about users of our Products (“Personal Data”/ “Data”), which can be grouped together as follow:

  • Identity Data includes your Full name, Social media or Google ID, Android device ID (Secure.ANDROID_ID), iOS device ID (UIDevice identifierForVendor);
  • Contact Data includes email address;
  • Health Data includes information about your health and wellbeing as you use our Products. You may provide this information through the Products, such as through survey responses about your current mental or physical health status, setting your health or wellness goals, or in other inputs that relate to your health or wellbeing.
  • Payment Data includes card number, type, expiration date, and billing address, and certain anonymized, limited and/or truncated versions of this information. If you sign up for a paid Product you may be required to provide your payment card or bank account information. Please note that DŌBRA does not directly process payment card information, and instead relies upon third party payment processors to do so on our behalf. Please note that third party terms may apply to these payment services.
  • Profile and Demographic Data. Through your account in our Product, you may have the opportunity to provide additional information about yourself, such as your age, race and ethnicity, sexual orientation, preferred pronouns, gender or gender identity, sex at birth, marital status, and details about your health and medical history.
  • Technical Data includes internet protocol (IP) address, device info such as mobile device model, operating system, platform, browser type and version and other device settings.

 

We also may collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your Personal Data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your usage data to calculate the percentage of users accessing a specific Products feature. However, if we combine or connect Aggregated Data with your Personal Data so that it can directly or indirectly identify you, we treat the combined data as Personal Data which will be used in accordance with this Privacy Policy.

Third-Party Widgets

Our Products contain widgets and social media features, such as LinkedIn, Facebook, Instagram. You are the only person who decides if you would like to press this button and share your Personal Data. These widgets and features collect your IP address, the information about the page you are visiting during your use of the Products, and may set a cookie to enable the feature to function properly. Your interactions with these features are governed by the relevant privacy policies of such social media resource.

3. HOW WE USE INFORMATION COLLECTED ABOUT YOU

We will only use your Data when the law allows us to. Most commonly, we will use your Data on the following legal bases:

  • Where we need to perform the contract, we are about to enter into or have entered into with you.
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
  • Where we receive your explicit consent to process the relevant personal data. You have the right to withdraw consent to marketing at any time by contacting us at hello@dobra.world.
  • Where we need to comply with a legal or regulatory obligation.

We have set out below a description of all the data processing purposes and which of the legal bases we rely on. We have also identified what our legitimate interests are where appropriate.

Purpose

Data

Legal basis

To register you for accessing to our Products

Identity / Contact/

Performance of a contract with you

To fulfill our obligations under any agreements that we may have with you

Identity / Contact / Technical / Health / Payment / Profile and Demographic

Performance of a contract with you

To manage our relationship with you which will include notifying you about changes to our Terms of Use or Privacy Policy / notifying you about updates

Identity / Contact

Performance of a contract with you / Necessary to comply with a legal obligation / Necessary for our legitimate interests (to keep our records updated and to study how customers use our Products)

To administer and protect our business and Products (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)

Identity / Contact / Technical

Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganization or group restructuring exercise)

To deliver relevant Products content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you

Identity /Technical

Your explicit cookie consent / Necessary for our legitimate interests (to study how customers use our Products, to develop them, to grow our business and to inform our marketing strategy

To use data analytics to improve our Products, marketing, customer relationships and experiences

Technical

Your explicit cookie consent / Necessary for our legitimate interests (to define types of customers for our products and services, to keep our webProducts updated and relevant, to develop our business and to inform our marketing strategy)

4. DISCLOSURE OF YOUR INFORMATION

We collect information globally and store that information within the EU. We use encryption and other strong security measures to protect data.

We may share your Data with certain third parties selected by us to help support our operations. These include, for example, hosting provider and the service providers that help us to analyze web traffic, send emails, and track customer support requests.

We may also disclose your Data when we believe we have your consent to do so, such as when you contact us for customer support and provide us with any information.

We may also disclose your Data when we have a good faith belief (i) we are required to do so by law, or in response to a subpoena, court order, or other legal mechanism, or (ii) it is necessary to: detect, prevent and address fraud and other illegal activity; to protect ourselves, you and others, including as part of investigations.

We may share your Data with our corporate affiliates to be used in a manner consistent with this Privacy Policy, and if we or our assets gets acquired or transferred in part or whole to another organization, your information and any other information we have collected may be among the items transferred.

Finally, where permissible according to applicable law, we may use certain limited Data about you, such as your email address, to hash it and to share it with social network websites (such as Facebook, Google+, Twitter, Linkedin) to generate leads, drive traffic to our Products or otherwise promote it. These processing activities are based on our legitimate interest in undertaking marketing activities to offer you Products that may be interesting to you.

Our Products may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. Please note that these websites and any services that may be accessible through them should have their own privacy policies and that we do not accept any responsibility or liability for these policies or for any personal data that may be collected through these websites or services, such as contact and location data. Please check these policies before you submit any personal data to these websites or use these services.

Please note that you may, at any time, ask us to cease processing your Data for direct marketing purposes by sending an e-mail to hello@dobra.world.

5. COOKIES

Cookies are small text files sent by website to your computer or mobile device that enable services and website features to function properly. Cookies make it easier for you to use our Products during future visits. They also allow us to monitor traffic and to personalize the content of our Products for you. Session-based cookies only last while your browser is open, and are automatically deleted when you close the browser. Persistent cookies last until you or your browser deletes them or until they expire.

Some of our cookies are necessary for certain uses of some Products. These cookies allow us to make our Products usable by enabling basic functions like page navigation and access to secure areas of the Products. Some Products cannot function properly without these cookies.

We also use functional cookies and cookies from third parties for analysis and marketing purposes. Functional cookies enable certain parts of the Products to work properly and your user preferences to remain known. Analysis cookies, among other things, collect information on how visitors use our Products, the content that users view most frequently, and the effectiveness of our third party advertising. Cookies are either “session” cookies which are deleted when you end your browser session, or “persistent,” which remain until their deletion by you or the party who served the cookie.

To find out more about cookies in general, visit this site: https://allaboutcookies.org/.

You can generally activate or later deactivate the use of cookies through a cookie panel or a functionality built into your web browser or mobile device.

 6. SECURITY

We have implemented measures designed to secure your Data from accidental loss and from unauthorized access, use, alteration, and disclosure. All information you provide to us is stored on our secure servers behind firewalls.

The safety and security of your information also depends on you. We urge you to be careful about giving out information through the Products.

7. CHILDREN

Our Products are not directed to individuals under 16. We do not knowingly collect Data from children under 16. If we become aware that a child under 16 has provided us with Data, we will take steps to delete such information. If you become aware that a child has provided us with Data, please contact our support services.

8. YOUR DATA SUBJECT RIGHTS

To object to processing: You have the right to object to certain types of processing, including processing for direct marketing (i.e. if you no longer want to be contacted with potential opportunities).

To be informed: You have the right to be provided with clear, transparent, and easily understandable information about how we use your Personal Data and your rights.

Right of access: You have the right to obtain access to your Personal Data (if we are processing it), and certain other information about or privacy practices with respect to your Personal Data.

To rectification: You are entitled to have your information corrected if it is inaccurate or incomplete.

To erasure (“to be forgotten”): You have the right to request the deletion or removal of your Personal Data where there’s no compelling reason for us to keep using it. We will delete backup copies of that Personal Data from our archives as soon as is practically possible, to the extent allowed by our other data retention obligations (e.g., to protect other data stored in the same backup archives, or meet other regulatory or legal requirements). As soon as those obligations have been fulfilled, we will permanently delete those archives as quickly as possible.

To restrict processing: You have rights to “block” or suppress further use of your Personal Data that we process. When processing is restricted, we can still store your Personal Data, but may not use it further.

To data portability: You have rights to obtain and refuse your Personal Data for your own purposes across different services.

To lodge a complaint: You have the right to lodge a complaint about the way we handle or process your Personal Data with your national data protection regulator. However, we hope you will contact us first, so we will try to address your complaint directly.

To withdraw consent: If you have given your consent to anything we do with your Personal Data, you have the right to withdraw your consent at any time. This includes your right to withdraw consent to us using your Personal Data for marketing purposes.

To exercise any of you rights specified above, please, contact us at hello@dobra.world providing specific and detailed information regarding exercising of the relevant right.

Data Retention

We only retain your Personal Data for as long as is necessary for us to use your information as described above or to comply with our legal obligations and legitimate interests. For example, Identity / Contact data you provide during registration is stored until your registration is active. If registration is not active for 1 year, the Data is deleted.

Please be advised that this means that we may retain some of your Personal Data after you cease to use our Products. For instance, we may retain your data as necessary to meet our legal obligations, such as for tax and accounting purposes.

When determining the relevant period in which we retain or establish/revise periods for retaining Personal Data, we will take the following factors into account:

  • our contractual obligations and rights in relation to the information involved
  • legal obligation(s) under applicable law to retain data for a certain period of time or with respect to pending or anticipated legal actions
  • our legitimate interest where we weigh your interest in controlling your Personal Data and against our lawful purpose in processing your Personal Data
  • statutes of limitations under applicable law(s)
  • if you have made a request to have your Data deleted

Otherwise, pursuant to GDPR, we will securely erase your Personal Data once there is no lawful basis or legal obligation to store or process it.

9. CONTACT US

We may provide additional information about our privacy practices at other points, for example, when we ask you to provide Data in connection with a particular Product, and where this will help us provide more relevant and timely information.

We reserve the right to make changes to our practices and this Privacy Policy at any time. If we change the way we handle your Data, we will update this Privacy Policy and notify you as appropriate.

If you have any requests concerning your Data or any queries with regard to this Privacy Policy please feel free to contact us at hello@dobra.world.