Privacy Policy
Information We Collect
We only collect such personal information as is strictly necessary for the purposes outlined in Section 2. We collect personal information in the following ways:
- Google User Data: When you use our application using your Google account, we may collect certain data from your Google account, such as your email address, and profile information.
- Usage Data: We collect information on how you use the application, such as features accessed, time spent on the app, and error reports.
How We Use Your Information
We use the personal data we collect for the following purposes:
- To Provide and Improve Services: We use your user data to deliver and enhance the functionalities of our application.
- Personalization: We use the data to personalize your experience within the app.
- Communication: To send you updates, security alerts, and support messages.
- To comply with legal obligations: To respond to legal and regulatory requirements and ensure compliance with applicable laws.
Data Storage and Security
Storage: Your data is stored securely using industry-standard encryption methods.
Security: We implement appropriate technical and organizational measures to protect your data against unauthorized access, alteration, disclosure, or destruction
Data Sharing and Disclosure
- Third-Party Services: We do not share your user data with third parties except as necessary to provide our services (e.g., cloud storage providers) and comply with legal obligations.
- Legal Compliance: We may disclose your data to comply with legal requirements, protect our rights, or respond to lawful requests.
User Control and Data Retention
- Access and Control: You can request us to revoke your access and remove your data by contacting us using the information provided in Section 17.
- Retention: We retain your data only for as long as necessary for the purposes set out above or as required by law. When no longer needed, we will destroy, erase, or de-personalize the personal information. Legal requirements may necessitate our retaining some or all of the personal information for a period longer than we might otherwise hold it. However, Jumbula will restrict access to such information to prevent it from being used except for the fulfillment of these legal requirements.
Accuracy
Ensuring data accuracy is crucial for maintaining the quality and integrity of our services. To ensure that the personal information you provide is accurate, complete, and up to date, we urge you to provide us with updates regarding such information and to inform us of any errors affecting the personal information we hold. You may obtain, review, update, or correct your account information at any time online or by contacting us using the information provided in Section 17.
Security of Data
Ensuring the privacy and security of your data is paramount at Jumbula. We have implemented a wide range of security policies and mechanisms to safeguard all the data we receive from our clients. We will continue to maintain these security measures to protect your data held by us from unauthorized use, access, disclosure, distribution, loss, or alteration. We employ administrative, contractual, and technological safeguards to protect personal information, and we require our Service Providers to do the same. Please be aware, however, that despite our efforts, no security measures are perfect, and no system is impenetrable. Your privacy can be enhanced by using strong passwords that are not easily guessed, securely stored, and not reused on other sites. Avoiding dictionary words or proper names and adding extra characters and punctuation marks can also help protect you. If you believe your password has been compromised, you should change it immediately.
Access to personal information will be restricted to authorized personnel who require the information to perform their duties properly. Additionally, access will be limited to only the information that is strictly necessary for the performance of those duties.
We periodically update our policies regarding information security measures to protect the personal information held by us in the most effective manner possible.
Technology Safeguards
Jumbula employs the latest security standards to protect your data, such as the HyperText Transfer Protocol Secure sockets, real-time data backups and PCI-DSS standard.
Security of Data in Transit
We use the HyperText Transfer Protocol Secure (HTTPS) sockets to encrypt the communications between end users’ browsers and our servers.
Data Backups with Real Time Mirrors
We take data backups seriously. All your data is securely stored in the Microsoft Azure database and storage servers, and we have access to on-the-minute backups of all the data.
Microsoft Azure Cloud Platform
Microsoft Azure is a collection of integrated cloud services to build, deploy, and manage applications through a global network of data centers. Jumbula database, storage, and processing servers are all operated within the Azure platform. Azure security center prevents, detects, and responds to threats with exceptional performance and manages the physical security of all our Azure resources.
Payment Card Industry Data Security Standard (PCI-DSS)
We are compliant with security standards for the Payment Card Industry Data Security Standard (PCI-DSS), an internationally recognized standard for credit card data security.
Secure Account Passwords
All passwords are stored as one-way hashed ciphertext and cannot be hacked to retrieve the original plaintext passwords.
Data Privacy
We treat all the information we collect from our clients with the highest privacy standards. The financial information that is collected is used only to bill participants for products and services. We never sell your private data to any outside vendor or ever share your data with any affiliates or partners.
Monitoring and Enforcement
- Monitoring Compliance: Our organization prioritizes adherence to our Privacy Policy and regulatory requirements through regular audits and assessments of data processing activities. We have designated a Data Protection Officer (DPO) responsible for overseeing compliance efforts. The DPO monitors data processing activities, conducts periodic audits, and ensures that all policies and procedures align with privacy regulations.
- Reporting Mechanisms: Employees, customers, and other stakeholders can report suspected violations or concerns regarding data privacy through various channels. We maintain internal reporting channels where employees can report incidents or concerns anonymously if preferred. Customers and other stakeholders can report concerns, as outlined in Section 17. All reports are taken seriously and thoroughly investigated.
- Enforcement Actions: Non-compliance with our privacy policy or regulations is addressed promptly and firmly. We have clear disciplinary measures outlined for employees who violate data protection policies, which may include warnings, training, suspension, or termination, depending on the severity of the violation. Repeat or serious breaches may result in legal action.
- Incident Response: In the event of a data breach or other security incident, we have established procedures for immediate response. Our incident response team, including the DPO, IT security personnel, and legal advisors, assesses the situation, contains the breach, and mitigates damages. We promptly notify affected parties and relevant authorities as required by law.
- Training and Awareness: Our organization ensures employees receive regular training on regulatory compliance, data privacy, and security. Through concise programs and ongoing awareness initiatives, we equip our team with the knowledge and tools needed to uphold privacy standards and mitigate risks effectively.
- Review and Updates: Our Privacy Policy is regularly reviewed and updated to ensure alignment with regulatory compliance. We conduct reviews at least annually, or more frequently if necessary, due to regulatory changes or significant internal developments. Updates to the policy are communicated to all employees and stakeholders through internal channels, ensuring everyone remains informed about our commitment to data privacy and their rights. Any significant changes to this notice will be clearly communicated to you through appropriate channels, such as email or a prominent notice on our website. We encourage you to review our Privacy Notice periodically to stay informed about how we are protecting your personal information.
Choice and Consent
- Consent to Data Collection: By using our application, you consent to the collection and use of your user data and usage data as described in this policy. You may revoke this consent at any time by contacting us using the information provided in Section 17.
- Communication Preferences: You can manage your communication preferences and opt out of receiving updates, security alerts, and support messages at any time by adjusting your settings within the app or through the provided unsubscribe options in the communications.
- Data Retention Choices: We retain your data for as long as necessary to provide our services or as required by law. You have the right to request the deletion of your data at any time unless retention is required by legal obligations.