Trepup Privacy Notice

This Trepup Privacy Notice is dedicated to safeguarding your privacy and governing the collection, use, and sharing of your personal information on Trepup. It operates in harmony with the Terms of Service and the Policies, serving as a cornerstone of our privacy practices. Within this notice, any capitalized terms not already defined will carry the meanings given to them in the Terms of Service. With a commitment to mirroring the evolving landscape of communication, we have crafted this notice to be universally inclusive, ensuring it respects both individual and collective identities without bias toward gender, thereby embracing the diversity of our user base.

Your privacy is important to Trepup. We strive to take reasonable care to protect the information we receive from you and comply with applicable data and privacy protection laws and regulations. Trepup adheres to the EU General Data Protection Regulation (GDPR), setting guidelines for the collection and processing of personal information of individuals. We have established this notice to inform you about the types of personal information we collect from you, how we use it, and your options to limit our use of the personal data related to you.

When you create your Trepup Account, we will ask for your consent to collect, store, disclose, process, and transfer such personal data in the manner and for the purposes mentioned in the Policies. You may withdraw your consent at any time.

By accessing or using Trepup or by otherwise providing us with your information, you will be deemed to have the capacity to enter into a legally binding contract as per the jurisdiction from which you are accessing the website. Consequently, you will be deemed to have read, understood, and agreed to the practices and policies outlined in this notice and agree to be bound by its terms.

How and what types of personal data do we collect?

When you use or sign up for Trepup, you voluntarily give us certain personal data, such as your name, email address, and password. You can update this personal data at any time by logging into your Trepup Account.

You may also choose to give us permission to access your personal data from other services. For example, you may link your Apple or Google account to Trepup, which allows us to obtain personal data from those accounts. The personal data we obtain from these services (for example, your contact information) often depends on your settings or their privacy policies, so be sure to check them before you link other accounts. Providing any personal data to us via a social media website is beyond our control and made at your own risk as such websites are hosted by third parties.

Whenever you use any website, mobile application, or other internet service, certain personal data gets created and recorded. Similarly, when you access or use Trepup, personal data may get created or recorded.

The personal data we collect is generally "personally identifiable" (i.e., it can be used to specifically identify you as a unique person). We also collect or process "non-personally identifiable" data (i.e., data that cannot be used to specifically identify you or identify you only in combination with other pieces of information).

We collect the following types of personal data:

• Log data:

  While accessing or using Trepup, our servers automatically record personal data, including personal data that your browser sends whenever you visit a website. This log data may include your IP address, browser type and settings, operating system, the referring web page, pages visited, location, search terms, and cookie data.

• Behavioral information:

  We collect information about how Trepup is used, including usage statistics, traffic data, access times and locations, and browsing history.

• Financial information:

  You are required to provide your financial information, such as your credit or debit card details, for the purposes of debiting your account with any fees pursuant to the use of Trepup services.

• Cookie data:

  Depending on how you access Trepup, we may use "cookies" (a small text file sent by your device each time you visit our website, unique to your Trepup Account or browser) or similar technologies, such as web beacons or pixels, to record log data, analyze trends, gather demographic information, or track navigation through our website. For further details, please refer to the Cookies policy.

• Device information:

  We collect information about the device you are using Trepup on. This device information will include personal data such as the type of device, operating system, device settings, unique device identifiers, and crash data. This helps us ensure that our website displays and functions correctly on your device. Whether we collect some or all of this device information, including personal data, often depends on the type of device you are using and its settings. For example, different types of device information and personal data are available depending on whether you are using a Mac or a personal computer. To learn more about what device information and personal data your device makes available to us, please check the policies of your device manufacturer or software provider.

• Web beacons:

  We include web beacons on our website and in the emails we send. For further details, please refer to the Cookies policy.

• Forward-to-friend link:

  If one of your contacts uses the forward-to-friend link in an email you send, your email content may be shared. We do not keep records of your contacts' email addresses and do not add anyone to a distribution list because of the forward-to-friend link if a contact forwards an email to a friend. Users only see the total number of times their contacts forwarded their email and cannot access the email addresses that were used to share or receive the forwarded content.

• Other sources:

  To develop Trepup, we may search through the internet to receive further information concerning you or your contacts, such as name, email address, location, IP addresses, demographic information, and use of social media websites.

What other types of personal data do we collect?

In addition to the types of personal data mentioned above, we may collect the following information about you:

• Demographic information:

  We collect information that refers to selected population characteristics, including age, gender, and location.

• Indirect information:

  Your use of certain third-party websites and applications requires us to collect such information considered necessary for that purpose.

• Customer support data:

  We collect your information when you contact us through email or other means/tools available on Trepup. This includes (1) information solicited by our support staff to validate your Trepup Account and identity; (2) a record of communication between you and our support staff, which may be used for monitoring and quality improvement; (3) a response to a query or comment about Trepup; and (4) for the purpose of reinstatement of accounts blocked or suspended by us on any ground in accordance with the Policies.

• Data on third parties:

  We do not have any direct relationship with the contacts or other individuals you provide us personal data on by using Trepup. Therefore, it is your sole responsibility to obtain the explicit consent of your contacts for us to collect and process information in accordance with applicable laws and regulations. Trepup takes no responsibility and assumes no liability for any unlawful use of the website. If a contact no longer wishes to be contacted, he can directly unsubscribe from the distribution list uploaded by the user or ask the user to update or delete him from the distribution list.

How do we use the personal data we collect and on what basis?

We may use the personal data we collect to

• provide Trepup to you and protect Trepup and our users.
• send you updates about activities on Trepup, emails, promotional materials, and other information that may be of interest to you. For example, depending on your notification settings, we may send you periodic updates that include topics you may like. You will always have an option to stop getting these updates or unsubscribe from getting any emails or other notifications by updating your preferences or by following the procedures we may provide.
• help your contacts find you on Trepup or allow people to search for your profile on Trepup using your username.
• respond to your questions or comments.
• send you emails, invoices, and further notifications concerning billing and collecting money related to the use of Trepup services.
• send you system notifications, such as version updates, warnings, or changes in the Policies.
• communicate with you in any other context, including, but not limited to, providing customer support, meeting legal requirements, or enforcing compliance with the Policies.

Additionally, we may use the personal data we collect to

• operate Trepup to foster a positive user experience and to improve the product.
• provide you customized content, including suggesting accounts on Trepup that you may like to follow.
• analyze data, track trends, build algorithms, and create databases for rating systems and recommendation engines.
• conduct research activities.
• conduct non-targeting activities such as frequency capping, compliance, billing, ad reporting or delivery, market research, or product development purposes.
• conduct audits and quality assessment procedures for Trepup.
• analyze the use of our resources, troubleshooting problems, and improving Trepup.
• investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any person, violations of the Terms of Service, the Policies, or as otherwise required by law or to initiate any legal proceedings against you in relation to the foregoing.
• contact you from time to time to record your feedback on Trepup.

We process personal data for the purposes specified above on the following legal bases:

• To perform the contract that we have entered into with you or to conduct precontractual measures that occur as part of your request.
• To establish, exercise, or defend legal claims.
• To comply with legal and regulatory obligations.
• For legitimate interests, including the interests set out above, for example, to understand how users interact with our services to ensure and improve the performance of our services.
• Based on consent.

What options do you have about your personal data?

Our aim is to give you simple options so that you can exercise control over your personal data. If you have a Trepup Account, many of the options you have are embedded into the website or your settings. For example, you may

• change or remove personal data on your Trepup profile at any time.
• link or delink your Trepup Account from an account on another service.
• control cookies or other types of local data storage through the browser you use.
• temporarily deactivate or permanently close your Trepup Account.

You should be aware that some of the personal data that may have been shared on third-party websites may continue to be available, as we do not have control over these websites. Your personal data may also appear in online searches. Other personal data that you have shared with others, or that other users have copied, may also remain visible. You should only share personal data with people that you trust because they will be able to save it or reshare it with others, including when they sync the personal data to a device.

How do we share your personal data?

Depending on your usage of Trepup, your personal data may be visible to others. For example, when you create your Trepup profile, anyone can view it and access your personal data.

Trepup does not generally disclose your personal data to third parties. We may, however, share your personal data in the following limited instances:

• When you give us your consent.
• To comply with a law, regulation, or legal request.
• To protect the safety, rights, or property of the public, any user, or Trepup.
• To detect, prevent, or otherwise address fraud, security, or technical issues.
• To third parties who are authorized by us to perform functions on our behalf, including, but not limited to, those which provide administrative or other services to us such as mailing houses, telecommunication companies, information technology companies, payment gateway service providers, data centers, and auditors.
• If Trepup were to engage in a merger, acquisition, reorganization, bankruptcy, dissolution, or similar transaction or proceeding that involves the transfer of the personal data described in this notice.

How do we protect your personal data?

To protect your personal data in accordance with applicable data and privacy protection laws and regulations, we have implemented appropriate technical and organizational measures as required under the GDPR or other applicable laws.

We use industry-leading technology to keep your personal data safe. To protect your personal data, we automatically encrypt your confidential personal data in transit from your device to Trepup using Transport Layer Security (TLS) 1.3, the latest encryption protocol for secure internet communication, offering enhanced security, faster connection establishment, and improved performance.

Once you provide us with your personal data, it resides on a server that is heavily guarded both physically and electronically. Trepup servers sit behind an electronic security system and are not directly connected to the internet, so your private personal data is available only to authorized computers.

To enhance security, we use process automation to analyze user activity for fraudulent or anomalous behavior, limit the use of our website in response to signs of abuse, remove inappropriate user content or links to illegal content, and suspend or disable accounts for any security violations.

We maintain records of personal data and processing activities for as long as required by law.

How can you protect your personal data?

We do our best to keep your personal data safe, but we cannot guarantee that your personal data will be 100% secure. We, however, request that you cooperate with us in protecting your personal data and comply with the following personal security measures:

• Do not give third parties access to your computer or other devices when you access Trepup.
• Keep your Trepup login credentials, including passwords for your computer or other devices, confidential.
• Update your antivirus software when requested by your antivirus software provider.
• Do not send any confidential information using Trepup.

You agree that the security measures adopted by us are reasonable to protect your personal data. We disclaim any liability for any breach of security or unintended loss or disclosure of your personal data unless it is caused by our gross negligence or intentional misconduct.

We can only keep your personal data up-to-date and accurate to the extent that you provide us with the necessary information. It is your responsibility to notify us of any changes in your personal data.

Which rights do you have about your personal data?

You have the following rights regarding the processing of your personal data:

• Withdrawal of consent:

  At any time, you may give or withdraw your consent to us for collecting and processing your personal data in the manner and for the purposes mentioned in the Policies. We will ask for your consent when you create your Trepup Account and in other cases, if required by law. You may withdraw or limit your consent at any time by changing your settings or by directly contacting us. However, even after you have chosen to withdraw your consent, we may be able to continue to process your personal data to the extent required or permitted by law.

• Objection to or restriction:

  You may object to any processing of your personal data. Once you inform us about the reason for your objection, we will review whether and to what extent we can restrict or stop the future processing of your personal data in accordance with applicable law. We will inform you if we decide to lift a restriction or objection to processing.

• Access and information:

  You are entitled to request confirmation or information about whether, where, and for what purpose your personal data is being processed, and you may access your personal data. If required, we will provide you with a copy of your personal data in a commonly used electronic format free of charge. You may reuse your personal data for your own purposes across other services.

• Rectification:

  If you become aware that your personal data is incomplete or inaccurate, you can rectify or change it at any time. It is your responsibility to keep your personal data complete, accurate, and up to date.

• Deletion:

  If you choose to close your Trepup Account or request us to delete your personal data, we will delete your personal data within a maximum period of 180 calendar days unless retention obligations or superseding retention rights apply. For example, we will retain your personal data for the exercise or defense of legal claims, to comply with legal obligations, or to perform requests from official authorities or for archiving purposes in the public interest.

• Lodging a complaint:

  You have the right to lodge a complaint in relation to our processing of your personal data with a local supervisory authority. The supervisory authority in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).

We will inform you immediately if a data security incident occurs, which is likely to result in a high risk to your rights and freedoms. If Article 33 of the GDPR or other applicable law requires notification of a data protection supervisory authority, we will inform the competent authority within 72 hours about the incident.

To which countries do we transfer personal data?

We may transfer or store personal data worldwide wherever Trepup does business, including to countries outside your own and with third parties on their servers on our behalf, but always in accordance with this notice or other applicable laws or regulations.

Transfers of your personal data outside the European territory composed of the European Economic Area, the United Kingdom, and Switzerland may be made with your prior informed consent or where an adequate level of protection is ensured, or under other circumstances making the transfer necessary, such as in terms of the performance of a contract made in your interest, for important reasons of public interest, or for the defense, exercise, or establishment of legal claims.

How do third parties process data on Third-Party Links?

Trepup may include hyperlinks to various external websites, and may also include advertisements and hyperlinks to applications, content, or resources (collectively, "Third-Party Links"). We have no control over such Third-Party Links present on Trepup, which are provided by users. You acknowledge and agree that we are not responsible for any collection or disclosure of your information by any external websites, applications, companies, or persons thereof. Third-Party Links on Trepup are not a recommendation, endorsement, or solicitation of any material or content on such Third-Party Links, or any other material on or available via such Third-Party Links.

You further acknowledge and agree that we are not liable for any loss or damage which may be incurred by you because of the collection and/or disclosure of your information via Third-Party Links, because of any reliance placed by you on the completeness, accuracy, or existence of any advertising, products, or other materials on or available via such Third-Party Links. This will include all transactions and information transmitted between you and any such third-party websites, applications, or resources. All such transactions will be strictly between you and the third-party websites, applications, or resources. We shall not be liable for any disputes arising from or in connection with such transactions between you and third parties.

Such third-party websites and external applications or resources, accessible via the Third-Party Links, may have their own privacy policies governing the collection, storage, retention, and disclosure of your information that you may be subject to. We recommend that you exercise reasonable diligence, as you would in traditional offline channels and practice judgment and common sense before committing to any transaction or exchange of information, including, but not limited to, reviewing the third-party website or application's privacy policy.

How long do we keep data?

We will retain your personal information for as long as necessary for the purpose for which it was collected. We will further retain your personal data to comply with legal and regulatory obligations, for as long as claims could be brought against us, and for as long as legitimate interests, including data security, require.

How do we protect children's privacy?

We do not knowingly collect personal data from users who are under 13 years old. Upon discovery of any personal data of children, we shall purge such personal data in accordance with applicable law.