MIMAMU PRIVACY NOTICE

Effective March 2020

You can find information about us and how we collect, use and store your personal data in each section of this Privacy Notice:

Purpose and Who We Are

The purpose of this Privacy Notice is to describe how Mimamu Tech Ltd., our subsidiaries, and our international branches ("Mimamu", "us", "we", or "our"), may collect, use, or share information about you through our online interfaces (e.g., websites and mobile applications) owned and controlled by us (collectively referred to herein as the "Site").

Mimamu offers a suite of tools that analyze Instagram data that are accessible via our Site. These tools provide you with certain information regarding your Instagram account or profile, including your activity, and others' activity when it relates to your activity, on Instagram. Through our Site, you can analyze the results of these activities. Collectively, we refer to these tools as our "Services". 

Any collection, use, and management of personal information by Instagram, as well as any other social networks, if applicable, including Facebook, Twitter, and LinkedIn (collectively, the "Social Networks") are governed by their respective privacy policies and terms. When using Social Networks, you are required to comply with their privacy policies and terms. We recommend you carefully review their privacy policies and terms, as Mimamu is not responsible for the Social Networks.

Please read this Privacy Notice carefully to understand what we do. If you do not understand any aspects of our Privacy Notice, please feel free to contact us at privacy@mimamu.co.il (our "Privacy Team").

Your use of our Site is also governed by our Terms of Use. Terms used but not defined in this Privacy Notice may be found in our Terms of Use.

Mimamu is an Israeli corporation with a registered office at 45 Shim'on Ben Tsvi Street, Giv'atayim 5363107, Israel. If you reside or are located in the European Economic Area ("EEA") Mimamu is the data controller (unless specifically stated otherwise in this Privacy Notice), as described under the General Data Protection Regulation (GDPR), of all Personally Identifiable Information (as defined below) collected via the Site and of certain Personally Identifiable Information collected from third parties, as set out in this Privacy Notice.

What Information this Privacy Notice Covers

This Privacy Notice covers information we collect from you through our Site. Our Site’s functionality as well as our Services may require Personally Identifiable Information. In order to access certain features and benefits on our Site, you will need to submit, or we will collect, "Personally Identifiable Information" (i.e., information that can be used to identify you) (may also be referred to as “personal data” or “personal information”). Personally Identifiable Information can include information such as your name, email address, mobile or cellphone number, IP address, and device identifier, among other things. Personal Identifiable Information may also include certain information of the Content (as defined below). You are responsible for ensuring the accuracy of the Personally Identifiable Information you submit to Mimamu, or to which Mimamu has access. Inaccurate information may affect your ability to use the Site, the information you receive when using the Site, and our ability to contact you.

What You Agree to by Using Our Site

We consider that the legal bases for using your personal information as set out in this Privacy Notice are as follows:

·                   our use of your personal information is necessary to perform our obligations under any contract with you or a relevant party (for example, to comply with our contract to provide the Services to you); or

·                   our use of your personal information is necessary for complying with our legal obligations, a court order, or to exercise or defend legal claims; or

·                   use of your personal information is necessary for our legitimate interests or the legitimate interests of others. Our legitimate interests are, among others, to: run, grow and develop our business; operate our Site and provide our Services; carry out research and statistical analysis; maintain information security and prevent fraudulent operations; and for internal administrative and auditing purposes; or

·                   consent

Which legal basis applies to a specific processing activity will depend on the type of personal information processed and the context in which it is processed.

If we rely on our (or another person's) legitimate interests for using your personal information, we will undertake a balancing test to ensure that our (or the other person's) legitimate interests are not outweighed by your interests or fundamental rights and freedoms which require protection of the personal information.

We may process your personal information in some cases for marketing purposes on the basis of your consent (which you may withdraw at any time as described below).

If we rely on your consent for us to use your personal information in a particular way, but you later change your mind, you may withdraw your consent by communicating to us your willingness to remove consent or delete your account and we will stop doing so. However, if you withdraw your consent, this may impact the ability for us to be able to provide our Services to you.

Where you are using our Services and making decisions about the personal data that is being processed in the Services (including selecting the Social Network accounts you wish to connect to the Services, e.g., your Instagram account), you are potentially acting as a data controller under the GDPR, and Mimamu is acting as a data processor.

There are certain obligations under the GDPR that you have as a data controller, including being responsible for managing Content as it relates to the Services. As a data processor, Mimamu will only access and process Content to provide you with the Services in accordance with your instructions (which you provide through the Services), the Terms of Use, the Social Networks’ terms, and applicable laws. As part of delivering the Services, we may process Content to further improve the Services, such as enhancing usability and developing new features.

What Information We Collect

We gather the following types of information about users through the Site:

1.                Information relating to your use of our App. When users come to our Site, we may track, collect, and aggregate information indicating, among other things, which pages or screens of our Site were visited, the order in which they were visited, when they were visited, and which hyperlinks or buttons were clicked. We also collect information from the URLs from which you linked to our Site. Collecting such information may involve logging the IP address, operating system and browser software used by each user of the Site. We may be able to determine from an IP address a user’s Internet Service Provider and the geographic location of his or her point of connectivity. We also may use cookies and web beacons when you visit our Site. For more information on our use of cookies and web beacons, please refer to the relevant section below, Cookies and Other Technologies.

2.                Personally Identifiable Information provided directly by you or via third parties. We collect Personally Identifiable Information that you provide to us when you register for an account, update or change information for your account, purchase products or Services, complete a survey, sign-up for email updates, send us email messages, or uses the Services on our Site. We may use the Personally Identifiable Information that you provide to respond to your questions, provide you the specific Services you select, send you updates about the Services, and send you email messages about Site maintenance or updates.

·                   Account Registration. If you register for an account on our Site you may be required to provide us with Personally Identifiable Information such as your name, mobile or cellphone number and email address; and your preferences such as language, time zone, and the types of communication you would like to receive from us.

·                   Updates. Mimamu may offer you the ability to receive updates either via email or by posting on portions of the Site as part of the Services.

·                   Identity Verification. Mimamu may offer you the ability to verify your identity for select Services. In order to enroll for these Services, you may be required to provide us or our third-party identity verification vendor with Personally Identifiable Information such as your name, address and date of birth. Subject to your consent, we may collect other personal information for your improved security or convenience, or for the purpose of fraud prevention.

·                   Communications with Mimamu. We may receive Personally Identifiable Information when you send us an email message or otherwise contact us.

·                   Surveys. We may receive Personally Identifiable Information when you provide information in response to a survey operated by us.

3.                Content. We collect: your social profile information for Social Networks you choose to connect to the Services. For example, your profile information may include your username and profile image; your posts, comments, followers on Instagram, story viewers on Instagram,, and other material that is collected from the Social Networks (the "Content").

·                   Some features of our Services may provide us an access to your Social Networks accounts, including the ability to be active on such accounts. We have no such intentions and we are strictly prohibited from doing so.

Cookies and Other Technologies

Mimamu may use cookies, software tokens, web beacons (including pixels and tags), and similar technologies on our Sites that collect certain information about you by automated means. A "cookie" is a text file that websites send to a visitor’s computer or other Internet-connected device to uniquely identify the visitor’s browser or to store information or settings in the browser. A "web beacon", also known as an Internet tag, pixel tag or clear GIF, links web pages to web servers and their cookies and may be used to transmit information collected through cookies back to a web server.

We may use these automated technologies to collect information about your equipment, browsing actions, and usage patterns relevant to our Services. The information we obtain in this manner includes IP address and other identifiers associated with your devices, types of devices connected to our Sites, device characteristics (such as operating system), language preferences, referring/exit pages, navigation paths, access times, browser preferences and characteristics, installed plugins, local time zones, local storage preferences, clickstream data and other information about your online activities. We use on our Sites both first-party cookies (served directly by our website domain when you visit our Sites) and third-party cookies (if served by any third-party website or services with whom we have partnered when you visit our Sites and certain third-party websites with whom we have partnered). Some of these cookies are session cookies (which are automatically deleted when you close your browser) and others are persistent cookies (which remain on your computer or other Internet-connected device for a period of time after you end your browsing session, unless you delete them).

The cookies we may use on our online channels include (1) essential and functional cookies; (2) analytics cookies; and (3) targeting/advertising cookies, as described below.

·                   Essential and Functional Cookies. We use cookies on our Site that are necessary for us to provide you with our products and Services. This includes essential cookies (such as those used to authenticate you to our Site and identify you after you have logged in), functional cookies (such as those that remember the language preference you selected), and user-centric security cookies used to increase the security of the products and services we provide to you (such as to detect authentication abuses). Given the necessary functionality of these cookies, they typically may not be disabled.

·                   Analytics Cookies. We use analytics cookies to collect information on how users navigate and use our Sites, such as how the users traverse our Sites, the pages they view, how long they stay on a page and whether the page is displayed correctly or whether errors occur. Such cookies help us to improve the performance of our Sites and make the Sites more user-friendly. These cookies are provided by third-party analytics providers, such as Google Analytics.

·                   Advertising Cookies. Advertising cookies are used to control and manage advertisements. These Cookies may collect information on whether a user has reacted to an advertisement and visited another website. Such cookies help us to offer you content and provide targeted information that is more relevant to your interests. They also help us to measure the effectiveness of our advertisements and communications. In the EEA, we deploy analytics and advertising cookies on our websites only when users have opted-in as required by applicable law.

Your browser may tell you how to be notified when you receive certain types of cookies or how to restrict or disable certain types of cookies. Please note, however, that without cookies you may not be able to use all of the features of our Sites. For mobile devices, you can manage how your device and browser share certain device data by adjusting the privacy and security settings on your mobile device.

To the extent required by applicable law, we will obtain your consent before using cookies or similar tools.

The providers of third-party apps, tools, widgets and plug-ins on our Sites (e.g., Social Networks) also may use automated means to collect information regarding your interactions with these features or applications. This information is collected directly by the providers of the features and is subject to the privacy policies or notices of these providers. To the extent permitted by applicable law, Mimamu is not responsible for these providers’ information practices.

How We Use the Information

1.                Information relating to your use of our Site. We use information relating to your use of the Site to build higher quality, more useful Services by performing statistical analyses of the collective characteristics and behavior of our users, and by measuring demographics and interests regarding specific areas of our Site. We may also use this information to ensure the security of our Services and the Site.

2.                Personally Identifiable Information provided directly by you or via third parties. Except as set forth in this Privacy Notice or as specifically agreed to by you, Mimamu will not disclose any of your Personally Identifiable Information. In addition to the other uses set forth in this Privacy Notice, we may disclose and otherwise use Personally Identifiable Information as described below.

·                   Providing the Site and our Services. We use Personally Identifiable Information which you provide to us in order to allow you to access and use the Site and in order to provide any information, products, or Services that you request from us.

·                   Technical support and security. We may use Personally Identifiable Information to provide technical support to you, where required, and to ensure the security of our Services and the Site.

·                   Updates. We use Personally Identifiable Information collected when you sign-up for our various email or update services to send you the messages in connection with the Site or our Services. We may also archive this information and/or use it for future communications with you, where we are legally entitled to do so.

·                   Identity Verification. For Services that require identity verification, we may use the Personally Identifiable Information that we collect for verifying your identity, and for authenticating that submissions made on the Site were made by you. This Service may be provided through a third-party identity verification vendor.

·                   Auditing and Billing. We may use Personally Identifiable Information collected when you use our Site or Services, such as history of your actions, for auditing, billing, and for your future reference purposes.

·                   Communications with or from Mimamu. When you send us an email message or otherwise contact us, we may use the information provided by you to respond to your communication and/or as described in this Privacy Notice. We may also archive this information and/or use it for future communications with you where we are legally entitled to do so. Where we send you emails, we may track the way that you interact with these emails (such as when you open an email or click on a link inside an email). We use this information for the purposes of optimizing and better tailoring our communications to you.

·                   Disclosure to Mimamu Operations and Maintenance Contractors. We may use service providers, vendors and contractors (collectively, "Contractors") to assist us in providing our Services to you. Our Contractors may have limited access to your Personally Identifiable Information in the course of providing their products or services to us, so that we in turn can provide our Services to you. These Contractors may include vendors and suppliers that provide us with technology, services, and/or content related to the operation and maintenance of the Site or the Services. Access to your Personally Identifiable Information by these Contractors is limited to the information reasonably necessary for the Contractor to perform its limited function for us.

·                   Government Authorities; Legal Rights and Actions. Mimamu may share your Personally Identifiable Information with various government authorities in response to subpoenas, court orders, or other legal process; to establish or exercise our legal rights or to protect our property; to defend against legal claims; or as otherwise required by law. In such cases we reserve the right to raise or waive any legal objection or right available to us. We also may share your Personally Identifiable Information when we believe it is appropriate to investigate, prevent, or take action regarding illegal or suspected illegal activities; to protect and defend the rights, property, or safety of Mimamu, the Site, our users, customers, or others; and in connection with our Terms of Use and other agreements.

·                   Disclosure to Acquirers. Mimamu may disclose and/or transfer your Personally Identifiable Information to an acquirer, assignee or other successor entity in connection with a sale, merger, or reorganization of all or substantially all of the equity, business, or assets of Mimamu to which your Personally Identifiable Information relates.

Retention of Personally Identifiable Information

We keep your Personally Identifiable Information for no longer than necessary for the purposes for which the Personally Identifiable Information is collected and processed. The length of time we retain Personally Identifiable Information depends on the purposes for which we collect and use it or as required to comply with applicable laws and to establish, exercise, or defend our legal rights.

Confidentiality & Security of Personally Identifiable Information

We consider the confidentiality and security of your information to be of the utmost importance. We will use industry standard physical, technical, and administrative security measures to keep your Personally Identifiable Information confidential and secure, and will not share it with third parties, except as otherwise provided in this Privacy Notice, or unless such disclosure is necessary in special cases, such as a physical threat to you or others, as permitted by applicable law. Because the Internet is not a 100% secure environment, we cannot guarantee the security of Personally Identifiable Information, and there is some risk that an unauthorized third party may find a way to circumvent our security systems or that transmission of your information over the Internet will be intercepted. It is your responsibility to protect the security of your login information. Please note that e-mails communications are typically not encrypted and should not be considered secure.

Updating or Deleting Your Personally Identifiable Information

You have certain rights in relation to your Personally Identifiable Information. You can access your Personally Identifiable Information and confirm that it remains correct and up-to-date, choose whether or not you wish to receive material from us or some of our partners, and request that we delete or provide you with a copy of your personal data by contacting us or, where applicable, logging into the Site and visiting your user account page.

If you would like further information in relation to your rights or would like to exercise any of them, you may also contact our Privacy Team.

If you reside or are located in the EEA, you have the right to request that we:

·                   provide access to any Personally Identifiable Information we hold about you;

·                   prevent or restrict the processing of your Personally Identifiable Information for direct-marketing purposes;

·                   update any Personally Identifiable Information which is out of date or incorrect;

·                   delete any Personally Identifiable Information which we are holding about you restrict the way that we process your Personally Identifiable Information;

·                   provide your Personally Identifiable Information to a third party provider of services; or

·                   provide you with a copy of any Personally Identifiable Information which we hold about you.

We try to answer every email promptly where possible, and provide our response within the time period stated by applicable law. Keep in mind, however, that there will be residual information that will remain within our databases, access logs, and other records, which may or may not contain your Personally Identifiable Information. Please also note that certain Personally Identifiable Information may be exempt from such requests in certain circumstances, which may include if we need to keep processing your Personally Identifiable Information to comply with a legal obligation. When you email us with a request, we may ask that you provide us with information necessary to confirm your identity.

For further information on each of these rights, including the circumstances in which they apply, you should refer to guidance from your local Data Protection Authority: http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm

Questions, Suggestions, and Complaints

If you have any privacy-related questions, suggestions, unresolved problems, or complaints, as well as queries regarding our processing of Personally Identifiable Information, you may contact our Privacy Team. If you reside or are located in the EEA, you may make a complaint to the address stated above or seek a remedy through local courts if you believe that your rights have been breached. You also have the right to make a complaint to your local data protection authority at any time. We hope that we would be able to resolve any concerns that you may have before you approach your data protection authority so please do contact us in the first instance.

California Privacy Rights (If Applicable)

Under California’s "Shine the Light" law, California residents who provide personal information in obtaining products or services for personal, family, or household use are entitled to request and obtain from us, once a calendar year, information about the customer information we shared, if any, with other businesses for their own direct marketing uses. If applicable, this information would include the categories of customer information and the names and addresses of those businesses with which we shared customer information for the immediately prior calendar year (e.g. requests made in 2019 will receive information regarding 2018 sharing activities).

To obtain this information, please send an email message to our Privacy Team with "Request for California Privacy Information" on the subject line and in the body of your message. We will provide the requested information to you at your email address in response. Please be aware that not all information sharing is covered by the "Shine the Light" requirements and only information on covered sharing will be included in our response.

If you are a consumer as defined in the California Consumer Privacy Act (CCPA), the following provisions apply to you. Definitions of terms are set out in the CCPA.

1.                Information about your Personal Information. The categories and specific types of personal information collected and sources from which personal information are collected are set out in the "What Information We Collect" section of this Privacy Notice; and the business and commercial purposes for collecting personal information, as well as the categories of third parties with whom your information is shared, are set out in the "How We Use the Information" section of this Privacy Notice.

2.                Your Rights. We have outlined certain rights in the section "Updating or Deleting Your Personally Identifiable Information". Under the CCPA, California residents have the right to know what personal information about them is collected, request deletion of their personal data, opt-out of the sale of their personal data, and not be discriminated against if they choose to exercise any of these rights.

Mimamu does not sell any of the data we collect about you. If you would like to exercise any of the other rights afforded to you, contact our Privacy Team.

International Privacy Practices

Mimamu's Site is primarily operated and managed on servers located and operated within the EEA. In order to provide our products and Services to you, we may send and store your Personally Identifiable Information (also commonly referred to as personal data) outside of the country where you reside or are located, including to countries that may not or do not provide the same level of protection for your Personally Identifiable Information. We are committed to protecting the privacy and confidentiality of Personally Identifiable Information when it is transferred. If you reside or are located within the EEA and such transfers occur, we take appropriate steps to provide the same level of protection for the processing carried out in any such countries as you would have within the EEA to the extent feasible under applicable law.

Changing Our Privacy Notice

Please note that we review our privacy practices from time to time, and that these practices are subject to change. Any change, update, or modification will be effective immediately upon posting on our Site. We will notify you of any material change to this Privacy Notice by posting a notice on our Site for a reasonable period of time following such update or by sending an email to the email address associated with your user account, and by changing the effective date (located at the top or bottom of this page). Be sure to return to this page periodically to ensure familiarity with the most current version of this Privacy Notice.

No Information from Children Under 16

Mimamu strongly believes in protecting the privacy of children. Any use or access by anyone under the age of 16 is prohibited. In line with this belief, we do not knowingly collect or maintain Personally Identifiable Information on our Site from persons under 16 years of age, and no part of our Site is directed to persons under 16 years of age. If you are under 16 years of age, then please do not use or access this Site at any time or in any manner. We will take appropriate steps to delete any Personally Identifiable Information of persons less than 16 years of age that has been collected on our Site without verified parental consent upon learning of the existence of such Personally Identifiable Information.