Privacy Policy

Latest update: January 14, 2022

1. Introduction

Welcome to PhanTribe. Provided to you by Collective Action ApS.

Collective Action ApS ("us", "we", or "our") operates www.phantribe.com and PhanTribe mobile applications (hereinafter referred to as "Products" / "Services").

The PhanTribe brand and all sub brands under PhanTribe are owned and run by Collective Action ApS. We process your personal data when you use our apps or website or otherwise contact and communicate with us.

Our Privacy Policy governs your visit to www.phantribe.com and usage of PhanTribe mobile applications, and explains how we collect, process, safeguard and disclose information that results from your use of our Products and Services.

We use your data to provide and improve our Service. By using our Service, you agree to the collection and use of your personal data in accordance with this Privacy Policy. Unless otherwise defined in this Privacy Policy, the terms used in this Privacy Policy have the same meanings as in our general Terms of Use.

Our Terms of Use ("Terms") govern all use of our Products and Services and together with the Privacy Policy constitutes your agreement with us ("agreement").

The purpose of the following Privacy Policy is to: Increase your understanding of which data we collect and how we use it. Provide a detailed explanation of your rights as a user and give you increased control over your data.

2. Definitions

SERVICE means the www.phantribe.com website and PhanTribe mobile applications operated by Collective Action ApS.

PERSONAL DATA means data about a living individual who can be identified from that data (or from those and other information either in our possession or likely to come into our possession).

USAGE DATA is data collected automatically either generated by the use of Service or from Service infrastructure itself (for example, the duration of a page visit or features used in a mobile application).

COOKIES are small files stored on your device (computer or mobile device) to collect your personal data when using our service on your devices.

DATA CONTROLLER means a natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed. For the purpose of this Privacy Policy, we are a Data Controller of your data.

SUBCONTRACTORS (OR SERVICE PROVIDERS) means any natural or legal person who processes the data on behalf of the Data Controller. We may use the services of various Service Providers in order to provide our service and process your data more effectively.

DATA SUBJECT is any living individual who is the subject of Personal Data.

THE USER is the individual using our Service. The User corresponds to the Data Subject, who is the subject of Personal Data.

3. Information Collection and Use

We collect several different types of personal information for various purposes to provide and improve our Service to you.

We want to inform you about the scope and purposes of the data collection and use. To allow you to have the knowledge and understanding of how your personal data tied to the use of our products and services is being collected, used, handled and processed.

Please be informed that the procession and handling of personal data by third party service providers is not subject to this Privacy Policy.

Our subcontractors (third party service providers) will have access to users personal data as within reasonably necessary to deliver their tasks on our behalf and are obliged to safeguard it and not to share, reveal or use it for other purposes. We use subcontractors for the following areas:

• Cloud Solution Providers
• Messaging Service Providers
• Location Information Providers (GPS tracking - only shared when explicitly approved by the user. Our weather service provider only receives the user's GPS coordinates anonymously and cannot identify the user)

4. Types of Data Collected

Personal Data

While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you ("Personal Data"). Personally identifiable information may include, but is not limited to, any information that can identify you as an individual person, including but not limited to:

• General:
  • Email address
  • Password (for the PhanTribe account)
  • Name (arbitrarily chosen for profile creation)
  • Company name
  • Office location
  • Videos, e.g. optional welcome video from management, etc.
• User generated app data:
  • Steps
  • distance walked / run / cycled (+ time and duration)
  • GPS coordinates (if consent given), e.g. walk tour, run tour, cycle tour, etc.
  • Uploaded photos, e.g. PhanPhotos, etc.
  • Comments, e.g. on other users' activities, on other users' photos, etc.
  • Chat messages
  • Activity information, e.g. leaderboard, feed, Social Walking, activity board, TribeEngage, etc.
  • Community information, e.g. teams, followers, starred participants, etc.
  • Survey information, e.g. Net promoter score, app usage statistics to improve our products/services, etc.
• Phone specific data:
  • Installation ID
  • User agent, e.g. device type, device model, etc.
  • IP address
  • Push token (for receiving push messages)
  • Device ID
  • Other phone specific data, e.g. screen resolution, memory usage, hardware profile, etc.
• Browser specific data:
  • IP address
  • Cookie
  • User agent, e.g. browser version, operating system version, etc.

Usage Data

We may also collect information that your browser sends whenever you visit our Service or when you access Service by or through a mobile device ("Usage Data").

This Usage Data may include information such as your computer's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

When you access Service with a mobile device, this Usage Data may include information such as but not limited to, your physical activity, the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile internet browser you use, unique device identifiers and other diagnostic data.

Location Data

We may use and store information about your location if you give us permission to do so ("Location Data"). We use this data to provide features of our Service, to improve and customize our Service. The information can include, but is not limited to: Chosen office location, current log-in location (IP address), GPS location (your choice if you wish to share with colleagues), or sharing on social media indicating location.

You can enable or disable location services when you use our Service at any time by way of your device settings. But it will cause some features and functions not to be usable. These features will not work without such location data sharing.

Profile, Team & Community data

Any information provided to us when you interact with your colleagues, team members, other communities and users. Including but not limited to: follower information (starred group, favorties), information provided when you participate in a PhanTribe event or challenge and team / community either as participant, as team member or as a team promoter / captain and leaderboard rankings.

Chat messages

Users should be advised that the chat is a very simple feature to help you share information related to the PhanTribe event and / or ongoing activities on the PhanTribe services with your colleagues.

For the sake of simplicity we do not encrypt any messages in the chat. We therefore discourage posting private or sensitive information.

All data, also chat messages, are stored on Google’s infrastructure and are secured with their security measures and encrypted. Only our CTO has access to that data and can read the unencrypted content.

Tracking Cookies Data

We use cookies and similar tracking technologies to track the activity on our Service and we hold certain information.

Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website or mobile application and stored on your device. Other tracking technologies are also used such as beacons, tags and scripts to collect and track information and to improve and analyze our Service.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.

Examples of Cookies we use:

• Session Cookies: We use Session Cookies to operate our Service.
• Preference Cookies: We use Preference Cookies to remember your preferences and various settings.
• Security Cookies: We use Security Cookies for security purposes.

5. Use of Personal Data

We uses the collected personal data for various purposes:

1. To provide and maintain our Service; We process users personal data to be able to present users with the most optimal user experience doable when they engage and use our products and services. The data categories handled and used in this regard is mentioned above under Personal Data.

2. To operate our products / services; We overlook and monitor all traffic and user activity in our products / services with the purpose of:

   • Fixing bugs and other errors and problems, in order to make sure our products / services function as intended.
   • Detecting, preventing and addressing all technical issues possible.
   • Conducting product analysis and research and development to improve our products / services. We gather users' personal data to make analysis and / or other valuable information so that we can improve our products / services, and to provide reports for your employer (Which can include asking users for feedback and other questions in surveys. We collect this information based on user consent only).
   • Making user reports on general user engagement for your company management.
   • Allowing users to participate in interactive features of our Service.
   • Gathering analysis or valuable information so that we can improve our products / services. and provide reports for your employer.

3. To provide customer and user support; We process users' personal data to handle their queries about their use of our Service and to respond to users' questions and concerns through various communication channels we make possible for our users to use.

4. To communicate with users; We use personal data to be able to communicate with our users. As example, this could be, but is not limited to sending users in app notifications or email on:

   • Changes and updates to our Privacy Policy or Terms of Use.
   • Information on changes to or launching of new product features.
   • Information about the next internal company event or an open event.
   • Customer support - to be able to give feedback on users queries about their use of our products / services.
   • To present users with news, special offers and general information about other goods, services and events which we offer.

5. To enable event registration & participation; When a user register for an event we use the personal data you provide to assign the user to a team. When we organize open events. We also use your personal data to keep you informed about such events.

The legal basis for all above processing of personal data is the performance of your agreement with us and that the processing is necessary for providing the Service in accordance with our Terms of Use and that the processing is carried out in our legitimate interests.

6. Sharing of personal data with colleagues

The use of PhanTribe products necessitates the sharing of personal data with all your colleagues in the company you are employed in. The products would not work without such data sharing, i.e. it is necessary to fulfill our user agreement with you. Using our product includes sharing of personal data with colleagues, i.e. making personal data visible to all your work colleagues.

7. Retention of Personal Data

In order to make it possible for users to use our products / services, we store personal data for as long as the user and the user's employer has an account or an agreement with us.

• Every user has the right to have personal data we store about them deleted, i.e. a user wants to delete their account / user agreement.
• If a user or a user's employer terminates the user agreement we will delete all personal data within 3 months after termination.
• Personal data we have collected for analytical purposes or research will not be deleted but anonymized.
• In case the user changes employer, the user can ask us not to delete his / her personal data but instead transfer it to the new employer.
• We will store and process the user's personal data crucial to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.
• We will retain your personal data when we are legally obligated to do so by country and / or state government laws.

8. Subcontractors (service providers)

We use third party companies and individuals to facilitate our Service ("Service Providers"), provide Service on our behalf, perform Service-related tasks and / or assist us in analysing how our Service is used.

These third parties service providers have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

9. Transfer of Data

Your information, including Personal Data, may be transferred to – and maintained on – computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.

Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

Collective Action ApS will do what is reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy.

We share your personal data with our subcontractors, to be able to operate and deliver our products / services. Our subcontractors will have access to your personal data as reasonably necessary to perform their tasks on our behalf and are obligated to protect it and not to disclose, share or use it for other purposes. We use subcontractors for the following areas but not limited to:

• Cloud Solution Providers
• Messaging Service Providers
• Location providers (GPS)

10. Disclosure of Data

Under rare circumstance we may disclose personal information that we collect, or you provide:

1. Sharing and selling personal data.

   We do not share or sell any personal user data to third parties, outside the users company, that are not our subcontractors, without the users explicitly accepting.

   • A user can actively decide to share his / her achievement / activity on a social media platform, but that is solely the user's own decision. Please note that once personal data is transferred to a third party social media platform the further processing of this data will take place outside of our responsibility.
   • Legal compliance - under certain circumstances, we may disclose your personal data if required to do so by law or in response to valid requests by public authorities. We may not be able to notify the user if it is against the law to do so.

2. Business Transaction.

   If we or our subsidiaries are involved in a merger, acquisition or asset sale, your Personal Data may be transferred.

3. Other cases. We may disclose your information also:

   1. To our subsidiaries and affiliates;
   2. To fulfill the purpose for which you provide it; If you have instructed us to do so (e.g. if you post your achievement on social media). in such a case you have explicitly consented on beforehand. You can also ask us to move your account and data to a new employer
   3. If we believe an access disclosure is necessary or appropriate to protect the rights, property, or safety of the company, our customers, or others.

11. Security of Data

The security of your data is important to us but remember that no method of transmission over the internet or method of electronic storage is 100% secure. We can only protect users' personal data once it reaches our area of responsibility. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.

With that said we will at the same time assure you that we are highly committed to protect and safeguard users personal data and do implement appropriate technical and organizational safety standards to protect it against any misuse and against any accidental loss or damage. And we have this in mind and consideration when we choose which service providers we work with.

• These security measures are ongoing being revised to comply with the latest technological developments.
• We do ongoing reviews and update our Privacy Policy & Terms of Use to reflect any changes resulting from product updates and day-to-day business operations. We will notify every user by in app notification when we make significant changes that users must be aware of.

12. Your Data Protection Rights Under General Data Protection Regulation (GDPR)

If you are a resident of the European Union (EU) and European Economic Area (EEA), you have certain data protection rights, covered by GDPR. – See more at https://eur-lex.europa.eu/eli/reg/2016/679/oj

We aim to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data.

If you wish to be informed what Personal Data we hold about you and if you want it to be removed from our systems, please email us at info@phantribe.com.

In certain circumstances, you have the following data protection rights:

1. The right to access, update or to delete the information we have on you;

2. The right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete; Please be informed that you can rectify much of your personal data in the settings of our products and services on your own and that it is not always technically possible for us to correct all kinds of data in our products and services.

3. The right to object. You have the right to object to our processing of your Personal Data in the following cases;

   • The personal data is no longer necessary for the purpose they were collected or otherwise processed for.
   • You as a user have withdrawn consent on which the processing is based and there is no other legal reason for the processing.

4. the right to data portability. You have the right to be provided with a copy of your Personal Data in a structured, machine-readable and commonly used format;

5. the right to withdraw consent. You also have the right to withdraw your consent at any time where we rely on your consent to process your personal information; e.g. If you have given your consent to the processing of your personal data for a specific purpose, you can withdraw it at any time. However, this does not affect the lawfulness of data processing based on the consent before the withdrawal of consent.

Please note that we may ask you to verify your identity before responding to such requests. Please note, we may not be able to provide our Service to you without some necessary data.

You have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the European Economic Area (EEA).

13. Children's Privacy

Our Services are not intended for use by children under the age of 16 ("Child" or "Children").

We do not knowingly collect personally identifiable information from Children under 18. If you become aware that a Child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from Children without verification of parental consent, we take steps to remove that information from our servers.

14. Changes to This Privacy Policy

We ongoing review and update our Privacy Policy & Terms of Use to reflect any changes resulting from product updates and day-to-day business operations. We will notify every user by in app notification when we make significant changes that users must be aware of.

Furthermore users are alway able to see the latest version of Privacy Policy in the mobile application and website they use and update "effective date" at the top of this Privacy Policy.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted in the products / services you use.

15. Employment Relationship

Your user consent for processing of your personal data is 100% freely given and is not related to the employment relationship, but only to make available this supplementary service offered by the employer to improve the overall workplace community and your personal well-being. Your employer and yourself are pursuing the same interests. It will have absolutely no effect on your employment if you choose not to participate.

16. Contact Us

If you have any questions about this Privacy Policy, please contact us:

By email: info@phantribe.com.