This Privacy Policy explains what information of yours will be collected by us when you download or register on or access the App or the Site or our Services or make the payment with us, how the information will be used, and how you can control the collection, correction, and/or deletion of the information. We will not knowingly use or share your information with anyone, except as described in this Privacy Policy. The use of information collected through our App or Platform shall be limited to the purposes described under this Privacy Policy and our Terms of Service.
By registering on or using our Platform or providing your personal information to us or by using other features and functionalities of the Platform, you are accepting and consenting to the practices described in this policy. Please note that this includes consenting to the processing of any personal information that you provide, as described below.
What information about the you do we collect?
- Information that you provide us: We collect the information you provide when you use our Platform and our services, including without limitation, when you sign up for an account either as a ‘Client’ or as an ‘Expert’, browse our Platform, avail our services, book an appointment, leave your feedback, engage or interact with content on the Site/App or with the Experts, engage with us through any social media platform, submit a complaint, communicate or interact with us in any manner. This can include Personal Information, Payment Information, Identity Verification, and Biometric Identifiers.
- Personal Information: While using the Services (whether as a Client or Expert), we may require or otherwise collect information that identifies you as a specific individual and can be used to contact or identify you (“Personal Information”). Examples of Personal Information include your full name, profile photo, email address, company address, billing address, and phone number.
- Payment Information: If you use the Service to make or receive payments, we will also collect certain payment information, such as credit card or other financial account information, and billing address.
- Identity Verification: We may collect Personal Information, such as your date of birth or taxpayer identification number, to validate your identity or as may be required by law, such as to complete tax filings. We may request documents to verify this information, such as a copy of your government-issued identification or photo or a billing statement.
- Biometric Identifiers or Service Interaction Information: We may collect Personal Information to verify your identity and to detect fraud, identity theft, or other misuse of your account through facial recognition and other technologies. This might be a photograph of your face, a selfie, or data about your interactions with the Service. We may request documents to verify this information, such as a copy of your government-issued ID. From time to time, Finest50 may require you to take and submit another or updated image of your face for comparison to your government-issued ID. The biometric identifiers or information collected are used only to verify your identity and platform security and use integrity purposes.
- Child below 18: The Service is major and intended for users 18 and older. We do not knowingly collect Personal Information from anyone younger than age 18. If we become aware that a child younger than 18 has provided us with Personal Information, we will use commercially reasonable efforts to delete such information from our databases. If you are the parent or legal guardian of a child younger than age 18 and believe that Finest50 has collected Personal Information from your child, please contact us at: [email protected].
- Combination of Personal and Non-Identifying Information: Sometimes when non-identifying information is combined, it can identify an individual. For example, if a birthdate is combined with a first name, it might identify a person even if the birthday or first name alone could not. But the same pieces of information are considered Non-Identifying Information when they are taken alone or combined only with other non-identifying information (for example, your viewing preferences). We may combine your Personal Information with Non-Identifying Information, but Finest50 will treat the combined information as Personal Information.
- Information that we collect when you use the Platform: We also collect information while you access, browse, view or otherwise use the Platform. In other words, when you access the Platform, we are aware of your usage of the Platform, and gather, collect and record the information relating to such usage, including geo-location information, device data and connection information, browser information and web-log information.
- Information that we collect from third party sources: You can engage with us through social media platforms or mobile applications. When you engage with us through social media platforms, such as Facebook or LinkedIn, you allow us to have access to certain information from your social media profile based upon your privacy preference settings on such platform.
- Good Judgment: We suggest that you exercise good judgment and caution while providing your personal information.
What is the lawful basis for which we use your personal information?
For the purposes of the applicable law (such as GDPR, PDPA, etc.), you hereby acknowledge that all processing of your personal information will be justified by a "lawful ground" for processing. In the majority of cases, processing will be justified on the basis that:
- Consent: You have given your consent for processing personal data for one or more specific purposes.
- Performance of a contract: Provision of personal data is necessary for the performance of an agreement with you and/or for any pre-contractual obligations thereof.
- Legal obligations: Processing personal data is necessary for compliance with a legal obligation to which we are subject.
- Vital interests: Processing personal data is necessary in order to protect your vital interests or of another natural person.
- Public interests: Processing personal data is related to a task that is carried out in the public interest or in the exercise of official authority vested in the Company.
- Legitimate interests: Processing personal data is necessary for the purposes of the legitimate interests pursued by the Company.
In any case, we will gladly help to clarify the specific legal basis that applies to the processing, and in particular whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract. Feel free to contact us for this purpose at [email protected].
How do we use this information?
We use all of the information we have to help us provide, support and improve our services. We use the information collected from you for one or more of the following purposes:-
- To create and update your account and profile as a Client or as an Expert;
- To provide our Services;
- To enable Clients to book an appointment with an Expert of their choice, and to cancel or reschedule such appointments upon request by the Client or the Expert;
- To publish your posts, blogs, images, videos, and Listings as an Expert;
- To publish your feedback about the Consultation Service as a Client;
- To process your payments for services;
- To provide you the payment made by Clients (after deducting our service fee);
- To process refunds in the Finest50 wallets;
- To assess queries, requirements, and process requests for various services;
- To enhance your user experience, including as a way to recognize you and welcome you to the Platform;
- To improve our Platform and services;
- To be able to deliver our services, personalize content, and make suggestions for you by using this information to understand how you use and interact with our services and the people or things you’re connected to and interested in on and off our services;
- We use your information to send you marketing communications, newsletter, communicate with you about our services and let you know about our policies and terms. We also use your information to respond to you when you contact us;
- We use the information we have to help verify accounts and activity, and to promote safety and security on of our services, such as by investigating suspicious activity or violations of our terms or policies;
- We also use your information to ensure our services are working as intended, such as tracking outages or troubleshooting issues that you report to us. And we use your information to make improvements to our services;
- We use information to help improve the safety and reliability of our services. This includes detecting, preventing, and responding to fraud, abuse, security risks, and technical issues that could harm Finest50, our community, or the public;
- To respond to summons, court orders, directions or other judicial processes;
- To provide information to law enforcement agencies or in connection with an investigation on matters related to public safety.
Data Retention
Unless you request that we delete certain information as per Section 5 below, we retain government-issued identification documents you submit to verify your identity for 30 days, selfies you submit to verify your identity for 180 days, and other information we collect for at least 5 years. Your information may persist in copies made for backup and business continuity purposes for additional time. If you choose to provide us with Personal Information, we encourage you to routinely update the data to ensure that we have accurate and up-to-date information about you
Deleting your information
Your information, account and the content you share on our platform is yours. You can at any time delete the same. However, you acknowledge that we will not be able to remove the content that other users have saved and copied, and we may also retain some of the information so deleted for a reasonable period of time in order to comply with legal requests. You can request us to delete your information by writing to us at [email protected].
Web Beacons, Cookies and Similar Technologies
We may use automated technologies including the use of web server logs to collect IP addresses, device details, cookies and web beacons.
- Web Beacons: We and our marketing partners, affiliates, analytics, and service providers may also employ software technology known as “web beacons” and/or “tracking tags” to help us keep track of what content on our Service is effective and to serve relevant advertising to you. Web beacons are small graphics with a unique identifier that may be invisible to you, and which are used to track the online activity of Internet users. Web beacons are embedded in the web pages you review or email messages you receive. Web beacons or similar technologies may be used for a number of purposes, including, without limitation, to count visitors to our Service, to monitor how Finest50 Users navigate the Service, to count how many emails that were sent were actually opened, or to count how many particular articles or links were actually viewed.
- Cookies: Cookies are bits of electronic information that a website may transfer to a visitor’s computer to identify specific information about the visitor’s visits to other website. The Website uses a browser feature known as a cookie, which assigns a unique identification to your computer. However, in case you do not wish for us to collect such information, simply change the cookie settings on your web browser. For more information, please refer to our Cookie Policy available on our website.
Messages and Consultations
Experts and Clients may communicate with each other through the Platform and our Service. For example, Experts and Clients may wish to discuss Client needs before, during or after the Consultation Services. If you communicate with an Expert or a Client, that Expert or Client will also be a “data controller” with respect to such communications.
Sharing of Information
- Your profile on our Platform is public, and the same can be accessed and viewed by the users and viewers of the Platform;
- The blogs, bio, images, videos, posts, and Listings that you share as an Expert, and the feedback that you share as a Client, are public, and can be viewed by the users and viewers of the Platform;
- We share your personal as well as non-personal information with our third-party hosting service providers namely: a) Amazon Web Services (AWS) – USA (aws.amazon.com/), b) Cloudflare – Cloud Host USA (www.cloudflare.com/), c) Twilio – 2 Factor Authentication – Berlin (www.twilio.com/), d) SendGrid Email Provider – Berlin (www.sendgrid.com/), e) Webinar and Video Call - EnableX – Singapore (www.enablex.io/).
- We share your payment information with our third-party payment gateway service provider, namely, Stripe (www.stripe.com/) and Axis Bank (Andheri West, Mumbai, IND) (www.axisbank.com/).
- We will share information with government agencies as required by law in response to lawful requests by public authorities, including to meet national security or law enforcement requirements and, including without limitation, in connection with reporting earnings. We cooperate with government and law enforcement officials and private parties to enforce and comply with the law. We will disclose information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate to respond to claims and legal process (including but not limited to subpoenas), or, at the request of governmental authorities or other third parties conducting an investigation where we determine in our sole discretion the disclosure is necessary to (a) protect the property and rights of Finest50 or a third party, (b) protect the safety of the public or any person, or (c) prevent or stop activity we may consider to be, or pose a risk of being, illegal, fraudulent, unethical or legally actionable activity.
- Finest50 may share information, including Personal Information, with its parent or subsidiary or affiliate companies, primarily for business and operational purposes, including activities such as IT management, for them to provide services to you, or support and supplement the Services we provide.
- We keep your information safe and do not share your information with any other third party. However, if we merge with or are acquired by another company or we sell our App or Site or business unit, or if all or a substantial portion of our assets are acquired by another company, in those cases, your information will likely be one of the assets that would be transferred.
- We may also share your information in response to legal request. Please refer to Section 11.
Storage and Security of Information
- Storage: Your data is stored through our respective third-party hosting service provider’s data storage, databases and servers. We also store some of the information collected by us on our servers and do not share it with any third party, except for the limited purposes as mentioned in the Section 6. The servers and databases in which information may be stored may be located outside the country from which you accessed this Platform and in a country where the data protection and other laws may differ (and be less stringent) from your country of residence. You hereby consent to any such cross-border transfer of your personal information.
- Retention: Personal information that we collect, access or process will be retained only so long as necessary for the fulfillment of the purposes for which it was collected, as necessary for our legitimate business purposes, or as required or authorized by law. Personal information that is no longer required to fulfil the identified purposes will be destroyed, erased or made de-identified or anonymous.
- Steps taken by us to protect your data: Finest50 takes commercially reasonable steps to help protect and secure the information it collects and stores about Finest50 Users. All access to the Site is encrypted using industry-standard transport layer security technology (“TLS”). When you enter sensitive information (such as tax identification number), we encrypt the transmission of that information using secure socket layer technology (“SSL”). We also use HTTP strict transport security to add an additional layer of protection for our Finest50 Users. We regularly take the following steps to protect the integrity of your information:
- We protect the security of your information while it is being transmitted by using secure connection;
- We use computer safeguards such as firewalls to keep this data safe;
- We only authorize access to employees and trusted partners who need it to carry out their responsibilities;
- We regularly monitor our systems for possible vulnerabilities and attacks, and we carry out penetration testing to identify ways to further strengthen security; and
- We will ask for proof of identity before we share your personal data with you.
- Security: We employ reasonable security practices to ensure that the information is safe and secure with it. However, no information on the internet is 100% safe, and you accept and acknowledge such risk. Also, we will disclose the information so collected for limited purposes as mentioned in this Privacy Policy.
Links to other Platforms
The Platform may contain links to third-party websites and online services that are not owned or controlled by us. We have no control over, and assume no responsibility for such websites and online services. Be aware when you leave the Platform; we suggest you read the terms and privacy policy of each third-party website, and online service that you visit.
Rights of EU, EEA and UK users
This section of the Policy supplements the other provisions of this Privacy Policy, and applies to you if you are in the EU, the European Economic Area (EEA) or UK. For the purposes of GDPR, your Data Controller for the data collected on the Platform is Finest50, a company, having its registered office address at 71-75 SHELTON STREET, CONVENT GARDEN, LONDON, UK – WC2H 9JQ.ALL YOUR USER INFORMATION WILL BE COLLECTED, STORED, PROCESSED AND
SHARED STRICTLY IN ACCORDANCE, IN LINE AND FULL COMPLIANCE WITH
REGULATION (EU) 2016/679 (SIMPLY CALLED “GDPR”) AND DIRECTIVE
2002/58/EC (SIMPLY CALLED “E-PRIVACY DIRECTIVE, 2002”) OF THE
EUROPEAN PARLIAMENT AND OF THE COUNCIL (HERINAFTER COLLECTIVELY
REFERRED TO AS THE “EU REGULATION”).Under applicable EU regulation, you have the following rights in respect of your personal information:
- Right to obtain information: to obtain information about how and on what basis your personal information is processed and to obtain a copy;
- Right to rectification: You have the right to have any incomplete or inaccurate information we hold about you rectified and corrected.
- Right of Erasure: to erase your personal information in limited circumstances where (a) you believe that it is no longer necessary for us to hold your personal information; (b) we are processing your personal information on the basis of legitimate interests and you object to such processing, and we cannot demonstrate an overriding legitimate ground for the processing; (c) where you have provided your personal information to us with your consent and you wish to withdraw your consent and there is no other ground under which we can process your personal information; and (d) where you believe the personal information we hold about you is being unlawfully processed by us;
- Right of restriction: to restrict processing of your personal information where:
- the accuracy of the personal information is contested;
- the processing is unlawful but you object to the erasure of the personal information;
- we no longer require the personal information for the purposes for which it was collected, but it is required for the establishment, exercise or defence of a legal claim or
- you have objected to us processing your personal information based on our legitimate interests and we are considering your objection;
- Right to object: to object to decisions which are based solely on automated processing or profiling;
- Right to ask for a copy: where you have provided your personal information to us with your consent, to ask us for a copy of this data in a structured, machine-readable format and to ask us to share (port) this data to another data controller; or to obtain a copy of or access to safeguards under which your personal information is transferred outside of the EEA.
- Right to withdraw your consent. You have the right to withdraw your consent on using your personal data. If you withdraw your consent, we may not be able to provide you with access to certain specific functionalities of our services.
- Request the transfer of your Personal Data. We will provide to you, or to a third-party or Epert you have chosen, your personal data in a structured, commonly used, machine-readable format. Please note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
Under certain circumstances, you may have the right to object, on grounds relating to your particular situation, to the processing of your personal data by us and we may be required to no longer process your personal data. Moreover, if your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing. In this case your personal data will no longer be processed for such purposes by us.In addition to the above, you have the right to lodge a complaint with a supervisory authority for data protection. Please note that the right of access and the right to erasure do not constitute absolute rights and the interests of other individuals may restrict your right of access or erase in accordance with local laws. We will ask you for additional data to confirm your identity and for security purposes, before disclosing data requested by you. We reserve the right to charge a fee where permitted by law. We will decline to process requests that jeopardize the privacy of others, are extremely impractical, or would cause us to take any action that is not permissible under applicable laws. Additionally, as permitted by applicable laws, we will retain where necessary certain personal information for a limited period of time for record-keeping, accounting and fraud prevention purposes.To make such requests, please contact us at [email protected].
California Resident Rights
This section of the Policy applies to you, if you are a California resident, as per California Consumer Policy Act, 2018 (simply called “CCPA”) and California Online Privacy Protection Act (simply called “COPPA”). This privacy notice section for California residents supplements the information contained in our Privacy Policy and it applies solely to all visitors, users, and others who reside in the State of California.Categories of Personal Information CollectedWe collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device. The following is a list of categories of personal information which we may collect or may have been collected from California residents within the last twelve (12) months. Please note that the categories and examples provided in the list below are those defined in the CCPA. This does not mean that all examples of that category of personal information were in fact collected by us, but reflects our good faith belief to the best of our knowledge that some of that information from the applicable category may be and may have been collected. For example, certain categories of personal information would only be collected if you provided such personal information directly to us.
Examples: A real name, alias, postal address,
unique personal identifier, online identifier, Internet Protocol
address, email address, account name, driver's license number,
passport number, or other similar identifiers.Collected: Yes.
- Category B: Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).
Examples: A name, signature, Social Security
number, physical characteristics or description, address, telephone
number, passport number, driver's license or state identification
card number, insurance policy number, education, employment,
employment history, bank account number, credit card number, debit
card number, or any other financial information, medical
information, or health insurance information. Some personal
information included in this category may overlap with other
categories.Collected: Yes.
- Category C: Protected classification characteristics under California or federal law.
Examples: Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).Collected: Yes.
- Category D: Commercial information.
Examples: Records and history of products or services purchased or considered.Collected: Yes.
- Category E: Biometric information.
Examples: Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.Collected: No.
- Category F: Internet or other similar network activity.
Examples: Interaction with our Service or advertisement.Collected: Yes.
- Category G: Geolocation data.
Examples: Approximate physical location.Collected: Yes.
- Category H: Sensory data.
Examples: Audio, electronic, visual, thermal, olfactory, or similar information.Collected: No.
- Category I: Professional or employment-related information.
Examples: Current or past job history or performance evaluations.Collected: No.
- Category J: Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).
Examples: Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.Collected: No.
- Category K: Inferences drawn from other personal information.
Examples: Profile reflecting a person's
preferences, characteristics, psychological trends, predispositions,
behaviour, attitudes, intelligence, abilities, and aptitudes.Collected: No.
We use the personal information that we collect or receive for the
business purposes as described above. We may disclose the above
listed categories of personal information to third parties for
business purposes as described above. As previously mentioned in
this Policy, we do not “sell” (as such term is defined in the CCPA)
personal information.You are entitled to the following specific rights under the CCPA in relation to personal information related to you:
- You have a right to request that we will disclose certain information to you about our collection and use of personal information related to you over the past 12 months, including: (i) The categories of personal information that we collect about you; (ii)The categories of sources from which the personal information is collected; (iii) The purposes for collecting, using, or selling that personal information. (iv) The categories of personal information that we disclosed for a business purpose or sold, and the categories of third parties to whom we disclosed or sold that particular category of personal information. (v) The specific pieces of personal information that we have collected about you.
- You have a right to request that we delete personal information related to you that we collected from you under certain circumstances and exceptions.
- You also have a right not to be discriminated against for exercising your rights under the CCPA.
- You also have a right to submit your request via an authorized agent. If you use an authorized agent to submit a request to access or delete your personal information on your behalf, the authorized agent must: (1) be a person or business entity registered with the California Secretary of State to conduct business in California; (2) provide proof of such registration; and (3) provide documentation or other proof indicating that they are authorized to act on your behalf. We may also require you to verify your identity directly with us, and directly confirm with us that you provided the authorized agent permission to submit the request.
To make such requests, please contact us at [email protected]We will verify your request using the information associated with your account, including email address. Government identification may also be required.A request for access can be made by you only twice within a 12-months period. Any disclosures that we provide will only cover the 12-months period preceding receipt of your request. We do not charge a fee to process or respond to your verifiable User request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will inform you of the reasons for such decision and provide you with a cost estimate before processing further your request.
Notice for Nevada Residents
Under Nevada law, certain Nevada residents may opt out of the sale
of “personally identifiable information” for monetary consideration
to a person for that person to license or sell such information to
additional persons.
“Personally identifiable information” includes first and last name, address, email address, phone number, social security number, or an identifier that allows a specific person to be contacted either physically or online.
We do not engage in such activity; however, if you are a Nevada resident who has purchased or leased goods or services from us, you may submit a request to opt out of any potential future sales under Nevada law by emailing [email protected]. Please note we will take reasonable steps to verify your identity and the authenticity of the request. Once verified, we will maintain your request in the event our practices change.
How do we respond to legal requests?
We may access, preserve and share your information in response to a legal request (like a search warrant, court order or subpoena) if we have a good faith belief that the law requires us to do so. This may include responding to legal requests from law enforcement agencies, courts, tribunals and government authorities. We may also access, preserve and share information when we have a good faith belief it is necessary to: detect, prevent and address fraud and other illegal activity; to protect ourselves, you and others, including as part of investigations; or to prevent death or imminent bodily harm. We also may retain information from accounts disabled for violations of our terms for at least a year to prevent repeat abuse or other violations of our terms.
Children Privacy
Protecting children's privacy is important to us, and therefore our
Platform is not intended for children. We do not direct the Platform
to, nor do we knowingly collect any personal information from, such
children. If you are not of majority <em>(or above) </em>as per the
law of jurisdiction that applies to you, you are not authorized to
use our Platform without your parents/legal guardian’s prior express
consent. If we learn that a child has provided personally
identifiable information to us, we will use reasonable efforts to
remove such information from its database. Please contact us at [email protected] if you believe we knowingly or unknowingly collected information described in this Section.
How can I withdraw my consent? (OPT-OUT)
After you signup, you will automatically start receiving promotional emails and direct mail from us. If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at any time, by contacting us at [email protected].
Governing law and Dispute Resolution
Unless provided by the relevant statute, rules or directives applicable to the jurisdiction in which you reside, in case of any disputes, issues, claims or controversies arising out of or in relation to your use of the Platform, or our services, the governing law and dispute resolution mechanism as provided in the Terms of Service shall apply to this Privacy Policy as well.
Do you have questions or concerns about this Privacy Policy?
In the event you have any grievance regarding anything related to this Privacy Policy, Terms of Service, Disclaimer, Cookie Policy, or with any content or service of Platform, in that case you may freely write your concerns through your registered email to Grievance Officer/Designated Representative to below:
- Name: Qusai Bany-Taha
- Email: [email protected]
- Postal Address: Finest50 Limited, 71-75 Shelton Street, Convent Garden , London, UK – WC2H 9JQ
Welcoming of suggestions
We welcome your comments regarding this Privacy Policy. Please write to us at [email protected].