ShareRing Holding Ltd
Incorporated in Malta with Company Reg. No. C85571
Last updated: 6 February 2024
About this Privacy Policy
This Privacy Policy applies to all personal information collected by ShareRing and/or its related bodies
corporate via this website, including any subdomains thereof, and any other websites through which
ShareRing makes its services available (collectively, “Site”), our mobile, tablet and other smart device
applications, and application program interfaces (collectively, “ShareRing Link”, “ShareRing Pro”,
“ShareRing Foundation” and “ShareRing Me / Identifi Me”) and all associated services
(collectively, “ShareRing Services”). The website and ShareRing Services are collectively referred to
as the “ShareRing Platform” or “Platform”.
Even though we will comply with all legal privacy collection, storage and usage requirements of your
jurisdiction, if you are:
(a) a resident of a jurisdiction that is a member of the European Union (EU) or the United Kingdom
(UK) then we will at a minimum specifically comply with the obligations set out in the EU’s
General Data Protection Regulation or UK equivalent (GDPR), or
(b) a resident of the State of California in the USA then we will also at a minimum specifically
comply with the obligations of the Californian Consumer Privacy Act (CCPA).
If there is a difference in the compliance obligations between the GDPR and the CCPA then we will
comply with the higher standard as regards to the minimum protection of the information collected by
us.
In circumstances where there are no applicable local data protection laws, we will still handle your
personal information in the manner described below.
It is your responsibility to seek advice regarding the implications of local laws.
- What is “personal information”?
“Personal information” essentially means information or an opinion about an identified living individual
or an individual who is reasonably identifiable:
(a) whether the information or opinion is true or not; and
(b) whether the information or opinion is recorded in a material form or not.
If information does not disclose your identity or enable your identity to be ascertained, it will in most
cases not be classified as “personal information” and will not be subject to this privacy policy.
The precise definition of “personal information” or “personal data” may vary depending on which law
governs the collection of the data. For example, in most jurisdictions, information relating to deceased
individuals is not classified as “personal information”, but this is not universally the case.
Furthermore, legislation in some jurisdictions contains exemptions which may impact upon our privacy
obligations. For example, in Australia employee records are generally exempt from an organisation’s
obligations under the Privacy Act 1988, although we nevertheless treat such records as confidential.
Note that this policy only applies to our handling of your personal information and does not relate to
any aggregated, anonymised or other information which may be developed or created internally by
us, provided this other information cannot later be used or combined with other data to identify you in
any way.
- What information do we collect?
The kind of personal information that we collect from you will depend on how you use the website and
the ShareRing Platform. The personal information which we collect and hold about you may include:
(a) basic user information such as your name, your email address, the unique public key used
for your ShareRing address that will be generated via the ShareRing Platform, and possibly
your phone number;
(b) messages and interactive post information from our website or through the ShareRing
Platform feed, such as messages to other users and information you provide in connection
with those activities and events;
(c) other background, contact and demographic information, and such other interests and self-
descriptions you choose to provide;
- How we collect your personal information?
We do not generally collect personal information about you, except when you provide that personal
information voluntarily through the ShareRing Platform. We do not collect your private key that is
generated by the ShareRing Platform. The private key will correspond to the public key used for your
ShareRing address. Your private key will be stored to a secure location embodied in your smart phone.
You will be required to provide certain personal information when you activate the ShareRing Platform
which will be stored by us for future reference and communication.
By voluntarily providing us with information about yourself, you are consenting to our use of both the
data that you provide and the data that we collect on our websites and online services in accordance
with this policy.
When you access or use our Services, we may also automatically collect information about you
(which may or may not be protected “personal information”), including:
(a) Usage Information. This comprises information about your activity through our Services. For
example, we may collect information about:
(i) how you interact with our Services, such as which of our Services you like or use and
how frequent you use such Services;
(ii) how you communicate with other users, such as their names, the time and date of
your communications, the number of messages you exchange, and your interactions
with messages.
(b) Content Information. This is content which you create on our Services, such as the types of
services you like to use, how often you like to use our services and information about the
content you create or provide to us. It also includes the metadata that is associated with the
content.
(c) Location Information: This is information about your location when you access our
ShareRing Platform or website, or otherwise consent to the collection of this information. With
your specific additional consent, we may also collect information about your precise location
using methods that include GPS, wireless networks, cell towers, Wi-Fi access points.
(d) Device Information: This is device-specific information collected when you access our
Services, including details relating to your hardware model, operating system and version,
unique device identifiers, mobile network information and information about the device’s
interaction with our Services, browser type, language and time zone, information about your
wireless and mobile network connections, such as mobile phone number, service provider,
and signal strength.
(e) Log Information: This is information relating to how you access or use our Services,
including your access times, browser type and language, Internet Service Provider and
Internet Protocol (“IP”) address.
(f) Information Collected by Cookies and other Tracking Technologies: the role of cookies
is explained in more detail below.
In addition to personal information which we collect directly from you, and information which is
automatically collected from you as explained above, we may in some circumstances be provided with
information from third parties. In such a case, we will take reasonable steps to ensure that you are made
aware of the information provided to us by the third party.
- Purpose of collection
The purpose for which we collect personal information is to provide you with the best service possible
when you use our website or the ShareRing Platform.
Your personal information will only be used for the purposes described in this privacy policy or for
purposes to which you have otherwise consented, together with any other purpose expressly authorised
or required by law.
You specifically acknowledge that when you are using the ShareRing Platform then you will initially be
required through the ShareRing Platform to take a digital photo of a Government issued identification
document in order to obtain a ShareRing Id. The ShareRing Platform will not send any digitised photo
of any of your documents without your specific consent and knowledge. Where the ShareRing Platform
sends any digitised photo of any documents we have no control of the intended recipient’s system or
privacy policy and as such before you send the encrypted digitised photo to your recipient it is your
responsibility to satisfy yourself that their privacy policy meets your needs. We take no responsibility
for any actions or inactions that arise by your intended recipient. Further, even though you may have
identified a selected recipient through the ShareRing Platform, we do not endorse any recipient that is
identified through the ShareRing Platform.
It is not possible for us to provide our service to you as intended unless basic user information,
interactive messages, relevant background material and debit/credit card details, as described above,
is collected directly from you.
With respect to personal information, which is automatically collected, as described above, the reason
for collection is to improve and refine our service delivery to you.
The specific ways in which personal information may be used to improve and refine our service
delivery to you include the following:
(a) developing, operating, improving, delivering, maintaining, and protecting our products and
services;
(b) sending you communications, including by email. For example, we may use email to respond
to support inquiries or to share information about our products, services, and promotional
offers that we think may interest you;
(c) monitoring and analysing trends and usage;
(d) personalising our services by, among other things, or profile information, or customising the
content we show you, including ads;
(e) contextualize your experience by, among other things, tagging post content using your precise
location information (if, of course, you’ve given us permission to collect that information) and
applying other labels based on the content;
(f) providing and improving ad targeting and measurement, including through the use of your
precise location information (but only if you have given us permission to collect that
information), both on and off our services;
(g) enhancing the safety and security of our products and services;
(h) verifying your identity and reduce the risk of fraud or other unauthorized or illegal activity;
(i) using information we have collected from cookies and other technology to enhance our
services and your experience with them; and
(j) enforcing our Terms of Service and other usage policies.
- Disclosure
As noted above, your personal information may be disclosed to third parties to the extent this is
necessary and consistent with the purpose of collection. In addition, it may be shared as follows:
(a) When you purchase External Services. When you purchase External Services via the
ShareRing Platform, the ShareRing Platform will share with Intermediaries and Service
Providers (as those terms as defined in the ShareRing Terms and Conditions which may be
viewed on the ShareRing Platform) information about you necessary to facilitate the purchase
of those External Services. Please note these Intermediaries and Services Providers have
their own privacy policies and we do not accept any responsibility or liability for these policies
or for any data that may be collected by these Service Providers.
(b) With service providers. We may share information about you with service providers who
perform services on our behalf and on behalf of Service Providers of External Services. This
may include maintenance and support personnel acting in the normal course of their duties;
and
(c) With business partners. We may share information about you with business partners that
provide services and functionality that may require the creation of any ShareRing ID that can
later be used by us in the provision of any future services. In addition, prior to any sharing any
of your personal information we will advice as to who and when such sharing shall occur.
(d) With third parties for legal reasons. We may share information about you if we reasonably
believe that disclosing the information is needed to:
(i) comply with any valid legal process, governmental request, or applicable law, rule, or
regulation.
(ii) investigate, remedy, or enforce potential Terms of Service violations.
(iii) protect the rights, property, and safety of us, our users, or others.
(iv) detect and resolve any fraud or security concerns.
(e) With third parties as part of a merger or acquisition. If we get involved in a merger, asset
sale, financing, liquidation or bankruptcy, or acquisition of all or some portion of our business
to another company, we may share your information with that company before and after the
transaction closes.
(f) With outsourcers. In the event that we outsource part of our infrastructure, it is possible that
the entity we engage for this purpose may also have access to your personal information.
(g) With advertisers. We may also share with third parties—such as advertisers— aggregated,
non-personally or de-identified information, which cannot reasonably be identified as you.
We may be required to disclose your personal information if such a disclosure is:
(a) required by law (e.g. the relevant taxation authorities);
(b) is authorised by law (e.g. to protect our interests or where we have a duty to make such
disclosure); or
(c) you have consented for us to disclose the information about you.
Except as provided above, your personal information will not be shared with other parties unless:
(a) you are fully informed prior to such transference and you have agreed to such transference; or
(b) we are required by law to transfer the information to an authorised organisation. In this regard,
you acknowledge that for the purposes of “Know Your Customer” obligations imposed upon us
in order to comply with any Anti-money Laundering and Counter Terrorism laws you permit us
to share your personal information with any organisation that we engage to meet such
obligations.
- Accuracy and Security
We take reasonable steps to ensure your personal information is accurate, up-to-date and complete.
To help us achieve this:
(a) you should ensure that if there is any change to any of the details you have provided to us,
you promptly advise us; and
(b) if it comes to your attention that we possess certain information about you that is not correct,
accurate, complete or up-to-date, then contact us and we will use all reasonable efforts to
ensure any agreed inaccuracies are rectified. You acknowledge that it is your responsibility
and onus of proof to establish that any information about you is not correct, accurate,
complete or up-to-date.
Such corrections may take time as we will only correct such information once we have verified that
the new information is correct, and we have verified that it is you who have asked for the alteration.
We undertake to use our reasonable endeavours to protect your personal information from misuse,
interference and loss, and from unauthorised access, modification and disclosure.
Subject to the foregoing, we do not guarantee or warrant the security of your personal information. No
system is 100% secure. The Services that we provide use industry standard Secure Sockets Layer
(SSL) technology to allow for the encryption of personal information related to debit and credit card
numbers which is transmitted between you and us. We also encrypt all other data in accordance with
industry standard encryption technology.
To maximize security, we will not retain your personal information when it is no longer required in
connection with the original purpose of collection, unless we are under a legal obligation to the
contrary. - Notification of Security breaches
For the purposes of this privacy policy a “Data Breach” is a breach of the security concerning the
protection of personal information which leads to the accidental or unlawful destruction, loss,
alteration, unauthorised disclosure or access to your Personal Data transmitted, stored, or otherwise
processed by us.
If you are:
(a) a resident of a jurisdiction that is a member of the EU or the UK and the GDPR applies to
your Personal Data, then we will without undue delay after becoming aware of a Data Breach
and where feasible within 72 hours notify the Office of the Information and Data Protection
Commissioner for Malta (the Malta Supervisory Authority) in writing of the Data Breach unless
the Data Breach is unlikely to result in risk to your rights and freedoms. Further we will
attempt to notify you within a reasonable time after becoming aware of the Data Breach if the
Data Breach involves your Personal Data; and
(b) not a resident of a jurisdiction that is a member of the EU or the UK and the GDPR does not
apply to your personal information, then we will without undue delay after we become aware
of a Data Breach notify the applicable regulator if and to the extent required by law to do so. - Access and correction
If you request us to provide you with access to personal information, we hold about you, then we will
generally provide such information in a timely manner to you after we have verified that such access
has been requested by you. There may, however, be legal grounds upon which we may, or must,
withhold access in response to a request. For example, we may legally withhold any requested access
if we honestly believe that such access could potentially harm a third party. - Marketing
If you use our services, you consent to the receipt of ShareRing direct marketing material. We may
send to direct marketing material concerning any new services that we intend to introduce as part of
our business operations. We will only use your personal information for this purpose if we have
collected such information directly from you. We do not use sensitive personal information in direct
marketing activity. Our direct marketing material will include a simple means by which you can request
not to receive further communications of this nature. An alternative means of opting out is to contact
us as set out below and simply request that you receive no further such communications.
You can withdraw your consent at any time – if you are subject to the GDPR, see the “Specific
Consent” segment below. - International transfer and foreign laws
For purposes of operational efficiency, your personal information may be disclosed to recipients in
another jurisdiction. You consent to this in the knowledge that if your personal information is mishandled
in another jurisdiction, we disclaim responsibility and you may not have a remedy under the law of your
home jurisdiction. - Individual rights
Even if you are located outside Europe or the UK, the European Union General Data Protection
Regulation (GDPR) and the UK equivalent may in some circumstances provide you with additional
rights. Where and to the extent this is the case, we will not handle your personal information in a manner
inconsistent with that law.
Where you are subject to the GDPR (or UK equivalent), or in circumstances where we have
contractually committed to handle your personal information in accordance with GDPR principles, your
additional individual rights will include:
(a) a right to erasure (“right to be forgotten”);
(b) a right to restriction of processing;
(c) a right to data portability; and
(d) a right to object (to automated individual decision-making).
How to contact us about privacy
If you have a complaint concerning the manner in which we maintain the privacy of your personal
information, please contact us as set out below. All complaints will be considered by our privacy officer
and we may seek further information from you to clarify your concerns. If we agree that your complaint
is well founded, we will, in consultation with you, take appropriate steps to rectify the problem. If you
remain dissatisfied with the outcome, you may wish to refer the matter to the regulator or seek
independent legal advice.
If you have any other queries regarding, arising out of or relevant to this privacy policy, you can
contact privacyofficer@sharering.network.
Cookies
We use “cookies” to collect information.
A cookie is a small data file that most major websites write to your hard drive for record keeping
purposes when you visit them. Cookies allow us to measure activity on the web site and to improve
your user experience, for example by remembering your passwords and viewing preferences, thus
allowing you to visit various member-only parts of the website without re-registering.
Cookies are used by us to measure activity on the website and through our ShareRing Platform and
make improvements and updates based on which areas are popular and which are not.
We do not use cookies to retrieve information from your computer that was not originally sent in a
cookie. Except for personal information voluntarily provided by you, we do not use information
transferred through cookies for any promotional or marketing purposes, nor is that information shared
with any third parties whatsoever. Despite this, we may aggregate any and all data sent to us via
cookies for our business purposes.
You may occasionally receive cookies from our advertisers, which is standard in the Internet industry.
We do not control these cookies, and these cookies are not subject to our privacy policies.
Most browsers are initially set to accept cookies. If you prefer, you can set your browser to refuse
cookies or to alert you when cookies are being sent. However, it is possible that some parts of the
web site, the Mobile App and the Services provided via this website, such as the member-only areas,
will not function properly if you do so.
Amendments to this policy
We reserve the right to change and modify this privacy policy at any time without prior notice. We
strongly recommend that you regularly check this document, either on our website or on the app, to
ensure that you understand the obligations detailed in this Privacy Policy.