Privacy Policy App – Generic

BASIC INFORMATION:

  • What is this document?
     It is a legal document drafted to provide users of the DoGood App with detailed information about the processing of their personal data.
  • What does it apply to?
     It applies to the DoGood App itself, including all its sections and functionalities, and to any personal information processed for its operation, both at registration and during use. For the purposes of this policy, “user” refers to the natural person who uses the functionalities offered by the DoGood App.
  • How can you know if this document is up to date?
     We may update this policy when necessary. In such cases, we will communicate the changes through the website or other means so that you are informed and can accept the new terms. Continued use of the DoGood App after such changes implies agreement with them, except in cases where express consent is required, in which case we will ask for it.
  • Which laws is this document based on?
     This policy is drafted in compliance with the General Data Protection Regulation (GDPR), Organic Law 3/2018 of December 5 on Personal Data Protection and the Guarantee of Digital Rights, and Law 34/2002 of July 11 on Information Society Services and Electronic Commerce. Providing information on personal data protection is one of DoGood’s obligations fulfilled through this document.

DATA CONTROLLERS AND PROCESSORS
 Personal data processed in the DoGood App is collected and handled by:

  • DOGOOD PEOPLE, S.L. (or DoGood), located at Calle Diego de León, 57, 28006 Madrid, Spain, as the DATA PROCESSOR.

     

  • The company (hereinafter, the Client) to which the user belongs or for which the user works or collaborates and maintains a professional, labor, or other relationship, as the DATA CONTROLLER.

     

DATA PROCESSED BY DOGOOD
 DoGood collects personal data and information from users of the DoGood App, including the following categories:

  • Identification or contact data: e.g., name, surname, email, or, in certain cases, phone number.

     

  • Job details: e.g., profession or job title.

     

  • Biometric data, when the user consents to biometric access to the DoGood App.

     

SOURCES OF PERSONAL DATA
 Data may come from the Client (who guarantees its legitimacy), from the user (who provides the data through the App or other communication channels), or from the Client’s communication to DoGood.
 In some cases, basic account creation data (e.g., email, name, and surname) may be obtained from Google, Apple, Microsoft, or similar services when users register via Single Sign-On.

PURPOSES OF DATA PROCESSING
 DoGood processes users’ personal data for the following purposes:

  • To register users on the DoGood App and identify them.

     

  • To track user activity within the App.

     

  • To manage user participation in functionalities and activities within the App.

     

  • To send emails related to the App and the program being undertaken.

     

  • To manage inquiries sent through contact forms.

     

  • To provide the service contracted by the Client to DoGood.

     

  • To carry out surveys on sustainability perception at the beginning and end of the program to assess progress.

     

  • To conduct surveys related to the training content and satisfaction or improvement feedback regarding the program.

     

LEGAL BASIS FOR DATA PROCESSING
 The legal basis for processing data for each of the purposes listed above is the development and maintenance of the legal and/or contractual relationship between the Client and DoGood and/or the user’s consent granted by accepting this Privacy Policy.

DATA DISCLOSURE
 DoGood may share user data with third parties, always in the most anonymized and aggregated way possible. Personal data will not be shared unless strictly necessary. User activity data will never be shared alone but as part of aggregate reports.

Personal data may be disclosed to:

  • Service providers essential for operating the DoGood App.

     

  • Public bodies and competent authorities, as required by law.

     

  • Other companies affiliated with DoGood.

     

In the context of such disclosures, international data transfers may occur to non-EEA countries. These transfers will only happen when necessary and under appropriate legal safeguards, such as:

  • Standard Contractual Clauses approved by the European Commission; or

     

  • Other valid legal instruments ensuring adequate protection levels.

     

DATA RETENTION
 DoGood will retain data as long as the contractual relationship with the Client exists or until the user stops using the DoGood App. After that, the data will be blocked and ultimately deleted in accordance with legal deadlines.

USER GUARANTEES REGARDING PROVIDED DATA
 The user guarantees that the provided data is true, accurate, complete, and up to date, being responsible for any direct or indirect damages resulting from failure to comply with this obligation.
 The user agrees to promptly notify DoGood of any relevant changes to their personal data to keep it current and error-free.

MEASURES TAKEN TO PROTECT YOUR DATA
 To ensure security and confidentiality, DoGood commits to treating users’ personal data with the utmost confidentiality and only for the purposes outlined in this policy.
 DoGood has implemented the required security levels and adopted the necessary technical and organizational measures to prevent alteration, loss, or unauthorized access or processing of personal data, considering the state of technology and data sensitivity.
 Nevertheless, users should be aware that Internet security measures are not infallible.
 For any issues regarding data management, you may contact DoGood at hola@dogoodpeople.com.

USER RIGHTS REGARDING PERSONAL DATA
 Users have the right to:

  • Access their personal data to see what is being processed.

     

  • Request correction or deletion of inaccurate or unnecessary data.

     

  • Request the restriction of processing (in which case data will be retained only for legal claims).

     

  • Request data portability (receive personal data in a structured, machine-readable format and transmit it to another controller).

     

  • Object to the processing of their data, unless legitimate reasons justify continued processing.

     

  • Not be subject to automated decisions, including profiling, that produce legal effects or significantly affect them.

     

  • Withdraw consent at any time for any previously accepted purpose (without affecting the legality of prior processing).

     

HOW TO EXERCISE YOUR RIGHTS
 Users may contact the Client or DoGood by writing to the addresses provided or via hola@dogoodpeople.com.
 We will respond as soon as possible and, in any case, within one month of receiving the request. This period may be extended by two additional months, depending on the complexity and number of requests. In that case, we will notify you within the first month.
 If you are not satisfied, you may file a complaint with the competent Data Protection Authority, particularly if you are not satisfied with the response. For Spain, this is the Spanish Data Protection Agency (www.aepd.es). Before doing so, we encourage you to contact hola@dogoodpeople.com.

SPECIFIC PRIVACY POLICY FOR BIOMETRIC DATA PROCESSING

  1. Introduction
     When using the DoGood mobile app, the user has the option to enable biometric authentication, such as facial recognition or fingerprint scanning, for faster and more secure account access. By enabling this function, the user agrees to the following terms.

     

  2. Use and Processing of Biometric Data
     Biometric data is used solely for user authentication and to enhance account access security. Biometric identifiers stored on the user’s device are used exclusively to verify identity when logging into the app.

     

  3. Data Storage
     DoGood does not collect, store, or process biometric data directly. These data are stored exclusively on the user’s mobile device and managed by the device’s operating system. DoGood has no access to this information and, therefore, cannot share it with third parties.

     

  4. Security
     Users are responsible for maintaining the security of their mobile devices. DoGood is not liable for any unauthorized access to user accounts resulting from the loss, theft, or misuse of the device or biometric data.
  5. Consent

By activating biometric authentication, the user consents to the use of their biometric information by the device’s operating system for identity verification. The user may disable this function at any time through the app settings.