Thank you for using Get My Slice. Here we describe how we might collect, use and handle your personal data when you use our service.
As the first direct to consumer marketing platform, Get My Slice is committed to providing its customers with full transparency and control over their users’ personal data, empowering them in their GDPR compliance journey.
Before we dive in, we want you to know that we will never EVER sell your personal data, we sell access to you and you get paid for that access in the form of incentives and rewards.
What is the GDPR and How it Affects Get My Slice Customers
On May 25, 2018, The European Union enforced a new data privacy law, the General Data Protection Regulation (GDPR). A primary aim of the GDPR is to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach it.
Any company that collects or processes personal data of persons in the EU falls under the scope of the GDPR, even if the company has no physical presence in the European Union.
This means that most businesses with a global or online presence, including Get My Slice customers are affected. LEARN MORE
GDPR Compliance as Shared Responsibility Between Data Controllers and Data Processors
|Data Controller||Data Processor|
|‘Controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data||‘Processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.|
|When we process Get My Slice user data MZOT is a Data Controller. Get My Slice clients are data controllers in respect to their user data.||MZOT is a data processor for the personal data collected by Get My Slice users.|
Collection of Personal Data
We collect a small amount of personal data such as, but not limited to, name, phone number, email address and bank details to enable us to create an account on Get My Slice, authenticate you into the app, communicate with you and to make payments to you.
This personal information is stored in Dublin, Ireland, a different geographical environment to other data collected.
Collection of Digital Footprint Data (Behavioural Data)
We allow you to link your 3rd party digital profiles within the Get My Slice App, please be aware that we do not store your login credentials. With your profiles linked, the app then tries to collect your activity data from the 3rd parties and store this information that is anonymised to an unique ID. The activity data consists of items such as websites visited, searches performed, interest areas, advertising segments and other such information that relates to what these 3rd parties deem valuable with regards to monetisation. This is the data is then mapped to thousands of marketing segments, these marketing segments is what powers the Get My Slice app, brands then offer users incentives (payments, discounts, cashback) to participate in an offer (sign up/purchase/enquire), no footprint or personal data is ever shared with brands, the only way data is shared is if you personally provide your information within the in-app chat to the brand or by entering your information on the brands own website/app (3rd party).
This digital footprint information is stored in London, UK, a different geographical environment to other data collected.
Data Collection and Retention Policies:
Get My Slice securely stores your data in different geographical locations including UK and Ireland.
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.
We have put in place procedures to deal with any suspected personal information breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Get My Slice will retain your Personal Data for as long as you maintain an account or are a registered user on the website/s, application/s or as needed to provide you service. If you delete your account, we will remove your Personal Data and use copies of your Personal Data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements
Physical Access Control
Our physical data centers are secure and managed by AWS (Amazon Web Services) and MongoDB. Security measures include having security officers onsite, monitoring and alarm systems, video/CCTV monitors and much more. No person, not even a member of Get My Slice, has self-determined access to the servers.
Data Access, Usage and Transmission Controls
Tools are in place to protect unauthorized access, usage or transmission of data. The data cannot be changed or deleted by unauthorized persons during transmission.
To keep data private and secure we ensure that any information collected for different purposes is separate during processing. This extends to test systems and production systems as well.
Availability Control and Rapid Recoverability
Frequent backups of our databases protect all stored data against loss. This process creates continuous backups, which are also transferred to a remote site. With this, we can restore data if lost.
Incident Response Management
If data is lost we inform those affected immediately.
Privacy by Design
Get My Slice has implemented appropriate technical and organizational measures into our software development life cycle for ensuring that personal data is processed strictly in accordance with our customers’ instructions and configurations.
- Personal Data is collected only when assurance of user consent is obtained
- No selling or re-brokering of personal data
- Opt-out/opt-in options
- Honoring do-not-track privacy choices
While the content on this page is to help you understand the GDPR when working with third parties, the information contained should not be construed as legal advice. You should consult with your own legal counsel with respect to interpreting your unique obligations under the GDPR and the use of a company’s products and services to process personal data.
For more on our GDPR compliance, get in contact with our privacy team — firstname.lastname@example.org.