We provide innovative solutions that enable genuine brands to digitize fashion items and pair them with originals to protect intellectual property, and goodwill from detrimental effects of counterfeit; and empower their followers to connect with brands' ecosystem by collecting, storing, and exchanging the digital copies of original items and become a part of brands' activities on the Platform.
“Personal Data” means any information that relates to an identified or identifiable individual, and can include information about how you engage with our Services (e.g. device information, IP address).
“Services” means the products and services that the Company indicates are covered by this Policy, which may include Company-provided devices and apps.
Our “Brand Services” are Services provided by the Company to entities (“Brands”) who directly and indirectly provide us with “End User” Personal Data in connection with those Brands’ own business and activities. Our “End User Services” are those Services which the Company directs to individuals (rather than entities) so that those individuals do business directly with the Company. “Platform” means the websites and the applications that the Company indicates are covered by this Policy. Collectively, we refer to Platform, Brand Services and End User Services as “Services”.Depending on the context, “you” means End User or Visitor:
Depending on the activity, the Company acts as a “data controller” or “data processor”.
We provide End User Services where we do not act as a service provider to Brands but instead provide the Services directly to you for your personal use.
Creating an account. When you create an account on the Platform you provide the Company with such information as email address, Apple ID or similar information that will secure your access to the Services. You may also choose to provide additional information in your account to make it more personalized, for example date of birth, name, age and gender. In this case we will securely collect provided information in accordance with this Policy.
Selling digitalized items. The Company will provide you with an opportunity to acquire, store, sell and otherwise dispose of digitized items connected to the Platform. In this case the Company will collect information on the items you own or owned, transaction history, agreed transaction price.
Paying the Company. If you are buying goods or services directly from the Company, we receive Transaction Data. For example, when you make a payment to the Company, we might receive and collect contact information, masked PAN, information about that transaction and in some cases, shipping information.
Services. We use your Personal Data to provide the End User Service to you, including security, delivery, support, personalization and messages related to the End User Service (e.g. communicating Policy updates and information about our Services). We also use your Personal Data for our fraud detection and mitigation Brand Services and may share certain Personal Data as part of those Brand Services with the Brands that you may seek to connect with. The use of this Personal Data is subject to the Brands’ privacy policies.
Brands. When you choose to connect with the Company, you may also choose to share your information with certain Brands to participate in various connected activities. These Brands will have their own privacy policies which describe how they use that information.
Fraud Detection Services. We use your Personal Data collected on the Platform to detect and prevent fraud against us, the Brands and partners, including to detect unauthorized log-ins using your online activity. We may provide the Brands with Personal Data about you (including your attempted transactions) so that they can assess the associated fraud risk with a transaction.
Advertising. We may use your Personal Data to assess your eligibility for and offer you other End User Services. With your permission or where allowed by law, we use and share End User Personal Data with others so that we may market our products and services to you, including through interest-based advertising where allowed by applicable law, including subject to any consent requirements. We do not share End User Personal Data with third parties for their marketing or advertising unless you give us (unless otherwise stated herein) or the third party permission to do so. We do not sell the data of End Users.
Transaction Data. If you are an End Customer, communicate or transact with a Brand that uses us to provide Brand Services, we will receive transaction data. The “Transaction Data” that we collect includes Personal Data, and may include the following: your name, email address, and in some cases, some information about what you have purchased and your phone number. We may also receive your transaction history with the Brand.
We generally use and share Personal Data of End Customers with Brands to provide Brand Services as described below, as well as for the Company's own purposes to secure, improve and provide our Brand Services, as described below.
Payments. We use your Transaction Data to perform our transaction related Brand Services to Brands, including to calculate brand fees on the transactions you made through the platform, and to calculate their revenue.
Identity/Verification Services. We use Personal Data about your identity, including information provided by you and our service providers, to perform verification Services for the Company or for the Brands that you are doing business with and to reduce fraud and enhance security.
Brands (their Authorized Third Parties). We share Personal Data of End Customers with respective Brands and with parties directly authorized by those Brands to receive Personal Data. This includes sharing Personal Data of End Customers with a Brand when a Brand authorizes a third party to access its account at the Platform. For example, when the Brand uses Services to verify an End Customer’s identity, the Company shares with Brand the information, documents or photos provided by the End Customer to verify their identity. The Brands you choose to connect with may further share your Personal Data to third parties they authorize. Please contact your Brand in order yo get more information.
To provide Brand Services, we collect, use and share Personal Information from Representatives of the Brands (e.g. a company marketing manager).
Registration and Contact Information. If you register for the Platform account for a Brand, we collect your name and account log-in credentials. If you register for an event that the Company organizes or attends or if you sign up for the Company's communications, we collect your registration and profile information. If you are a Representative of a new Brand, we receive your Personal Data from third parties (including data providers) in order to advertise to, market and communicate with you as described further below and in Section 2.
We generally use Personal Data of Representatives to provide the Brand Services to the associated Brands, as well as for the purposes described below.
Brand Services. We use and share Personal Data of Representatives with Brands to provide the Services.
Forms. When you choose to fill in a form on the Platform or on third party websites featuring our advertising we will collect the information included in the form, usually your contact information and other information about your question related to our Services.
Personalization. We use information about you that we gather from cookies and similar technologies to measure engagement with the content on the Platform, to improve relevancy and navigation, to personalize your experience and to tailor content about the Platform and our Services to you.
Advertising. With your permission or where allowed by law, we use and share Visitor Personal Data with others so that we may advertise and market our products and services to you, including through interest-based advertising where allowed by applicable law, including subject to any consent requirements.
In addition to the ways we collect, use and share Personal Data that are described above, we also process your Personal Data as follows.
Online Activity. Depending on the Platform functionality you use and the Brands’ implementation of our Brand Services, we will collect information about:
Communication and Engagement Information. We will collect any information you choose to provide to us, for example, through support tickets, emails or social media. When you respond to the Company's emails or surveys, we collect your email address, name and any other information you choose to include in the body of your email or responses. If you contact us by phone, we will collect the phone number you use to call the Company, as well as other information you may provide during the call. We will also collect your engagement data such as your registration for, attendance of, or viewing of the Company's events and other interaction with the Company's personnel.
Forums and Discussion Groups. Where our Platform allows you to post content, we will collect Personal Data that you provide in connection with the post.
In addition to the ways described above in which we use Personal Data, we use Personal Data in the following ways:
Communications. We may use the contact information we have about you to perform the Services, which may include sending codes via SMS to authenticate you. If you are an End User, Representative or Visitor, we may communicate with you using the contact information we have about you (e.g. using email, phone, text message or videoconference) to provide information about our Services and our affiliates’ services, invite you to participate in our events or surveys, or otherwise communicate with you for our marketing purposes, provided that we do so in accordance with applicable law, including any consent or opt-out requirements. For example, when you submit your contact information to us or when we collect your business contact details through our participation at trade shows or other events, we may use the information to follow-up with you regarding an event, send you information that you have requested on our products and services and include you on our marketing information campaigns.
Social Media and Promotions. If you choose to submit Personal Data to us to participate in an offer, program or promotion, we will use the Personal Data you submit to administer the offer, program or promotion. Based on your permission or opt-out, we will also use that Personal Data and Personal Data you make available on social media to market to you.
Fraud Prevention and Security. We collect and use Personal Data to help us to detect and manage the activity of fraudulent and other bad actors across our Platform to otherwise seek to secure our Platform against unauthorized access, use, modification or misappropriation of Personal Data, information and funds. In connection with fraud and security monitoring, prevention, detection, and compliance activities for the Company and the Brands, we may receive information from service providers, and third parties. We may collect information from you, and about you, from Brands, financial partners and in some cases third parties. For example, to protect our Platform, we may receive information from third parties about IP addresses that malicious actors have compromised. This Personal Data (e.g. name, address, phone number, country) helps us to confirm identities subject to applicable law and prevent fraud. We may also use technology to assess the fraud risk associated with an attempted transaction by an End Customer or End User with a Brand or financial partner.
Compliance with Legal Obligations. We use Personal Data to meet our contractual and legal obligations related to anti-money laundering, Know-Your-Customer ("KYC") laws, anti-terrorism, export control and prohibitions on doing business with restricted persons or in certain business areas, and other legal obligations. We strive to make our Platform safe, secure and compliant, and the collection and use of Personal Data is critical to this effort. For example, we may monitor patterns of payment transactions and other online signals and use those insights to reduce the risk of fraud, money laundering and other activity that is harmful to the Company, our End Users and their End Customers.
Minors. The Platform is not directed to minors, including children under the age of 13, and we request that they not provide Personal Data through the Services. In some countries, we may impose higher age limits as required by applicable law. We do not sell any Personal Data of End Customers, Representatives, Visitors or End Users, including those aged between 13 to 16.
In addition to the ways described above, we share Personal Data in the following ways:
The Company's Affiliates. We share Personal Data with other affiliated entities of the Company. When we share with these entities, it is for purposes identified in this Policy.
Service Providers or Processors. In order to provide Services to the Brands and End Users and to communicate, market and advertise to Visitors, Representatives and End Users regarding our Services, we will rely on others to provide us services. Service providers (provide a variety of critical services, such as hosting (storing and delivering), analytics to assess the speed, accuracy and/or security of our Services, identity verification, customer service, email and auditing. We authorize such service providers to use or disclose the Personal Data of our Users that we make available to perform services on our behalf and to comply with applicable legal requirements. We require such service providers to contractually commit to protect the security and confidentiality of Personal Data they process on our behalf. Our service providers are predominantly located in the European Union, the United States of America.
Financial Partners. “Financial Partners” are financial institutions that we may partner with to offer the Services (including payment method acquirers, banks and payout providers). We share Personal Data of our Users with certain Financial Partners to provide the Services to the associated Brands and to offer certain Services in partnership with our Financial Partners.
For the purposes of the General Data Protection Regulation, we rely upon a number of legal bases to enable our processing of your Personal Data.
We process Personal Data for the purpose of entering into business relationships with prospective partnering Brands and End Users and to perform the respective contractual obligations that we have with these Users. Activities include:
We process Personal Data to verify the identity of our Users in order to comply with fraud monitoring, prevention and detection obligations, laws associated with the identification and reporting of illegal and illicit activity, such as "Anti-Money Laundering ("AML") and Know-Your-Customer ("KYC")" obligations, and financial reporting obligations. For example, we may be required to record and verify a User’s identity for the purpose of compliance with legislation intended to prevent money laundering and financial crimes.
Where allowed under applicable law, we rely on our legitimate business interests to process Personal Data about you. The following list sets out the business purposes for which we have a legitimate interest in processing your data:
We may rely on consent to collect and process Personal Data as it relates to how we communicate with you and for the provision of our Services. When we process data based on your consent, you have the right to withdraw your consent at any time without affecting the lawfulness of processing based on such consent before the consent is withdrawn.
You may have choices regarding our collection, use and disclosure of your Personal Data:
If you no longer want to receive marketing-related emails from us, you may opt-out via the unsubscribe link included in such emails. We will try to comply with your request(s) as soon as reasonably practicable. Please note that if you opt-out of receiving marketing-related emails from us, Brands may still send you messages and direct us to send you messages on their behalf.
Depending on your location and subject to applicable law, you may have the following rights described here with regard to the Personal Data we control about you:
To exercise your data protection rights please contact us as described below.
We make reasonable efforts to provide a level of security appropriate to the risk associated with the processing of your Personal Data. We maintain organizational, technical and administrative measures designed to protect Personal Data covered by this Policy against unauthorized access, destruction, loss, alteration or misuse. Personal Data is only accessed by a limited number of personnel who need access to the information to perform their duties. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure.
To help us protect personal data, we encourage you to use a strong password and never share your password with anyone or use the same password with other sites or accounts. If you have reason to believe that your interaction with us is no longer secure (e.g. you feel that the security of your account has been compromised), please contact us immediately.
We retain your Personal Data as long as we are providing the Services to you or the Brands (as applicable) or for a period during which we reasonably anticipate providing the Services. Even after we stop providing Services directly to you or a Brand with which you are connecting, and even if you delete your Platform account or complete a transaction with a Brand, we retain your Personal Data in order to comply with our legal and regulatory obligations. In cases where we keep Personal Data, we do so in accordance with any limitation periods and records retention obligations that are imposed by applicable law.
We are a global business. Personal Data may be stored and processed in any country where we do business, where our service providers do business or if you use an international payment method or financial partner service, the countries in which that payment method or financial partner operates. We may transfer your Personal Data to countries other than your own country, including to the United States. These countries may have data protection rules that are different from your country. When transferring data across borders, we take measures to comply with applicable data protection laws related to such transfer. In certain situations, we may be required to disclose Personal Data in response to lawful requests from Officials (such as law enforcement or security authorities).
If you are located in the European Economic Area (“EEA”), the "United Kingdom ("UK")" or Switzerland. Where applicable law requires a data transfer mechanism, we use one or more of the following: EU Standard Contractual Clauses with a data recipient outside the EEA, Switzerland or the UK, verification that the recipient has implemented Binding Corporate Rules, or other legal methods available to us under applicable law. For transfers to third countries we have entered into Standard Contractual Clauses, approved by the European Commission, to ensure an adequate level of protection for the transfer of your Personal Data to those entities outside the EEA. You can obtain a copy of the relevant Standard Contractual Clauses.
While the Company remains self-certified under the E.U.-U.S. Privacy Shield and the Swiss-U.S. Privacy Shield, it is not currently relying on these frameworks for the transfer of personal data to the U.S.
We may change this Policy from time to time to reflect new services, changes in our privacy practices or relevant laws. The “Last updated” legend at the top of this Policy indicates when this Policy was last revised. Any changes are effective when we post the revised Policy on the Services.
We may provide you with disclosures and alerts regarding the Policy or Personal Data collected by posting them on our website and, if you are an End User or Brand, by contacting you through your Platform Dashboard, email address and/or the physical address listed in your Platform account.
If applicable law requires that we provide notice in a specified manner prior to making any changes to this Policy applicable to you, we will provide such required notice.
Australia. If you are an Australian resident, and you are dissatisfied with our handling of any complaint you raise under this Policy, you may wish to contact the Office of the Australian Information Commissioner.
EEA and UK. To exercise your rights, you may contact the Data Protection Officer If you are a resident of the EEA and we believe we process your information within the scope of the General Data Protection Regulation (GDPR), you may direct your questions or complaints to the Data Protection Commission. If you are a resident of the UK, you may direct your questions or concerns to the UK Information Commissioner’s Office.
Indonesia. As used in this Policy, “applicable law” includes Law No. 11 of 2008 as amended by Law No. 19 of 2016 on Electronic Information and Transactions, Government Regulation No. 71 of 2019 on the Implementation of Electronic Systems and Transactions, and Minister of Communication and Informatics Regulation No. 20 of 2016 on Personal Data Protection in Electronic Systems and “Personal Data” includes “personal data” as defined under such laws.
Malaysia. If you have any questions or complaints about this Policy, please contact our Data Protection Officer.
Thailand. Thailand residents may have additional rights under applicable laws. If we process your Personal Data due to a legal obligation or contractual right, and you do not provide us with personal Information, we may not be able to lawfully provide you services.
United States - California. If you are a consumer located in California, we process your personal information in accordance with the California Consumer Privacy Act ("CCPA"). You have a right to receive notice of our practices at or before collection of personal information. This section provides additional details about the personal information we collect and use for purposes of CCPA.
If you have any questions or complaints about this Policy, please contact us via firstname.lastname@example.org.