GETEXPERIENCE.COM v12.27.2023
PRIVACY AND DATA PROTECTION POLICY

1. SCOPE AND APPLICABILITY OF THIS DOCUMENT

1.1. This Privacy and Data Protection Policy (hereinafter the “Policy”) in relation to the processing and security of personal data determines the position and intentions of GETEXPERIENCE, INC., the company, registered in the USA at: 704 N. King Street, Suite 500, Wilmington, DE 19808, USA (hereinafter the “Company”) in the field of processing and ensuring the security of personal data in order to respect and protect the rights and freedoms of each person and, in particular, the right to privacy, personal and family secrets, protection of the honor and good name of users of the Company’s service available at www.getexperience.com or via respective mobile apps (hereinafter the Service).
1.2. In order to maintain business reputation and ensure compliance with the requirements of the current international regulations of personal data protection, the Company considers the most important task to ensure the legitimacy of the processing and security of personal data of subjects in business processes. To solve this problem, the personal data protection system has been introduced, is functioning and is undergoing periodic review (control).
1.3. The Policy applies to all personal data of subjects processed in the Company using automation tools and without using such tools.
1.4. This document determines the Company's Policy in the field of processing and protecting personal data and is located at https://getexperience.com/en/privacy-policy.This Policy is applicable to any subject of personal data.
1.5. The Policy is developed and used in conjunction with the consent to the processing of personal data, which any person willing to use the Service as the Provider or the Participant (hereinafter the “User”) acknowledges and agrees to when completing the User’s registration in the Service. This consent represents the User’s agreement to and acceptance of the terms of this Policy.
1.6. The Company reserves the right to make at its own discretion any amendments to this Policy at any time and without any special notice to this effect. The new version of this Policy shall come into effect upon posting of the same on the https://getexperience.com/en/privacy-policy (hereinafter the “Website”). Continuing using the Website, the User confirms its consent to comply with the terms and conditions of the Policy in its current version. The Company recommends the Users to review the Policy more often in order to make sure that the User understands the terms, while using the Service. If the User does not agree with the terms of the Policy amended by the Company, he/she shall not be entitled to use the Service.
1.7. Any timeframes set forth herein, are stated according to time zone UTC-5, unless otherwise stated in the text of this Policy. The beginning and the end of calendar dates set forth herein, including those used to determine the duration of a term, shall be determined according to the beginning and the end of respective days in time zone UTC-5.
1.8. This version of the Policy shall come into effect on 27 December, 2023 and remain valid until approval of a new version.

2. PRINCIPLES AND CONDITIONS OF PERSONAL DATA PROCESSING

2.1. Processing and ensuring the security of User’s personal data in the Company is carried out in accordance with the requirements in the field of personal data of the Delaware Online Privacy Protection Act (DOPPA, 6 Del. C. § 1205C) and for the users from European Union - in accordance with the General Data Protection Regulation 2016/679 of the European Union (GDPR).
2.2. When processing personal data, the Company adheres to the following principles: (a) legality and fairness; (b) restrictions on the processing of personal data to the achievement of specific, predetermined and legitimate goals; (c) the reliability of personal data, their relevance and sufficiency for processing purposes; (d) prevent processing of personal data that is incompatible with the purposes of collecting personal data; (e) prevent the merging of databases containing personal data that are processed for purposes that are incompatible with each other; (f) the legitimacy of organizational and technical measures to ensure the security of personal data; (g) processing of personal data that meets the purposes of their processing; and (h) compliance content.
2.3. The Company processes personal data only in the presence of at least one of the following conditions: (a) processing of personal data is carried out with the consent of the subject of personal data to the processing of his personal data; (b) processing of personal data is necessary to achieve the objectives stipulated by law, for the implementation and fulfillment of the functions, powers and responsibilities of the operator imposed by international standards in the field of personal data; (c) processing of personal data is necessary for the execution of the contract, of which either the beneficiary or the guarantor is party, according to which the subject of personal data is, and also to enter into a contract on the initiative of the subject of personal data or the contract on which the subject of personal data will be the beneficiary or surety; (d) processing of personal data is necessary for the exercise of the rights and legitimate interests of the Company or third parties or to achieve socially significant goals, provided that it does not violate the rights and freedoms of the subject of personal data; (e) processing of personal data is necessary when receiving feedback, analyzing the improvement of the quality of the Service, as well as obtaining information about loyalty and satisfaction with the Company's Service, further research and processing of this information; (f) processing of personal data is carried out, access of an unlimited number of persons to which is provided by the subject of personal data or at his request; and (g) processing of personal data to be published or mandatory disclosure in accordance with international standards in the field of personal data.
2.4. the Company has the right to transfer the User’s personal data to other Users in relation to Experience booked on the Website and to the Company’s business partners, including marketing and advertisement purposes. The Company may also use the User’s personal data, including any video and/or photographic images posted on the Website, for advertising of the Website and/or the relating Company’s services.
2.5. The Company destroys or depersonalizes personal data upon the achievement of processing objectives or in case of loss of the need to achieve the processing objective.

3. PURPOSES OF PERSONAL DATA PROCESSING

3.1. The Company processes personal data of the subject of personal data solely for the following purposes:
(a) maintaining the Service activity and organization of support services; (b) the conclusion, execution and termination of contracts concluded by Users via the Service; (c) identification of Users; (d) informing about the Company's or it’s subsidiaries’ or partners’ advertising and/or marketing campaigns, surveys, questionnaires, and marketing research regarding the Service and / or the services provided by the Company’s subsidiaries or partners; (e) communicating with the Users, if necessary, including sending notifications, requests and information related to the Service, as well as processing the User’s requests; (f) improving the quality of services provided, ease of use, development of the new services, and (g) conducting statistical and other studies based on anonymized data.
3.2. The Company collects the following information as a subject of personal data: (a) full name; (b) year of birth; (c) place of registration / residence; (d) phone numbers; (e) email address; (f) data that is transmitted automatically depending on the settings of the software used by the User, including, but not limited to: IP address, cookies data, information about the User’s browser (or another program that allows access to the Service), date and time of access to the Company’s services, addresses of the requested pages and other similar information. The Website has the right to establish requirements for the composition of the Personal Information of the User, which must be provided for the use of its Services. If certain information is not marked as mandatory by the Website, its provision or disclosure is carried out by the User at its discretion.

4. RIGHTS OF PERSONAL DATA SUBJECTS

4.1. The User, whose personal data are processed by the Company, has the right to:
4.1.1. receive from the Company: (a) confirmation of the processing of personal data by the Company; (b) legal grounds and purposes for the processing of personal data; (c) information about the methods of personal data processing used by the Company; (d) name and location of the Company; (e) information on persons who have access to personal data or to whom personal data may be disclosed in accordance with international standards in the field of personal data; (f) a list of processed personal data relating to the User from whom the request was received and the source of their receipt, unless otherwise provided by law for the provision of such data; (g) information on the processing time of personal data, including the storage period; (h) information on ongoing or alleged cross-border transfer of personal data; (i) name and address of the person processing personal data on behalf of the Company; and (j) other information stipulated by international standards in the field of personal data;
4.1.2. require clarification of their personal data, their blocking or destruction if personal data are incomplete, outdated, inaccurate, illegally obtained or not necessary for the stated purpose of processing;
4.1.3. demand elimination of illegal actions of the Company in relation to his personal data;
4.1.4. appeal against the actions or inaction of the Company to the supervisory and control authority in the field of personal data protection or in court if a person believes that the Company processes their personal data in violation of the requirements of international personal data standards or otherwise violates its rights and freedoms;
4.1.5. protect their rights and legitimate interests, including damages and / or moral damages in court.
4.2. The withdrawal of consent to the processing of personal data does not affect the legality of data processing based on your consent prior to its withdrawal. If you want to send a request, you should contact the Company in writing using the contact information provided below. The Company makes a decision on your request within four weeks.
4.3. The User has the right to receive personal data about him or her that he or she provided to the Company in a structured, commonly used and machine-readable format and has the right to transfer this data to another operator without objection of the Company if: (a) processing is based on consent in accordance with Article 1.5. of this Policy; (b) processing is carried out by automatic means.
4.4. In exercising its right to data portability in accordance with the provisions of this Section the User has the right to transfer personal data directly from the Company to another operator, where it is technically possible.
4.5. The exercise of the right mentioned in Section does not prejudice the right to delete User data. This right does not apply to the processing required for a task performed in the public interest or in the exercise of official authority granted to the Company.
4.6. The User’s right referred to in this Section shall not adversely affect the rights and freedoms of third parties. When exercising its rights provided for in this Policy, the User may not infringe on third-party rights or the rights of others to protect their privacy and personal data.

5. ORDER, TERMS AND METHODS OF PROCESSING PERSONAL DATA

5.1. The processing of personal data of the User of the Website is carried out in accordance with this Policy, the User Agreement, as well as the consent of the User to the processing of personal data.
5.2. The Company processes personal data both in an automated way and without the use of automation.
5.3. The Company stops processing personal data in the following cases: (a) achieving the goals of personal data processing; (b) withdrawal of the consent of the subject of personal data; (c) identification of illegal processing of personal data; and (d) termination of the Company's activities.
5.4. The processing of the User’s personal data is carried out by the Company in the following ways: collection, recording (including on electronic media), systematization, accumulation, storage, drawing up of lists, labeling, updating (updating, changing), retrieving, using, transferring (distributing, providing, access), de-identification, blocking, deletion, destruction, cross-border transfer of personal data, obtaining User’s video and photographic images, as well as performing any other actions with personal User data subject to applicable law.
5.5. The Company may collect and process information through provision of information on the Customers to its affiliates, subsidiaries or contractors, which executed service agreements with the Company, including the necessity of processing of above data. Irrespective of where the data are processed, the Company shall implement the same actions for security of the same, which actions are described herein.

6. COLLECTION OF INFORMATION

6.1. The Company receives the following information on the Users during the Service use:
6.2. When the using the Service as an Experiences’ participant, the information on the Users may include:
• name (nickname),
• photo images,
• details and images of the driver license;
• details and images of the documents confirming the person’s identity;
• company or sole entrepreneur name;
• details of the company or sole entrepreneur registration (including TIN and VAT numbers);
• e-mail address,
• phone number,
• details and images of the documents confirming the special skills (driver license or other),
• details of registration in social media,
• login and password in the Service,
• current and previous settings of Personal Account,
• information on devices used for access to the Service and cookie files,
• addresses and information of the current location,
• information on submitted Experience participation requests,
• information on previously ordered Experiences (completed and canceled),
• records of communication with the Service support and/or Provider,
• marks assigned to Providers and/or the Service, comments, reviews, etc.
The Service shall not in any way get access to and process the payment information of the Users (bank cards details, bank account details etc.) while paying for the Experience. The User’s payment data uploaded while filling the form for Experience payment shall be passed directly to the payment system.
6.3. When using the Service as the Provider, information on the Users may include as follows:
• name (name of the company or sole entrepreneur, conventional name of the Provider in the Service),
• images,
• e-mail address,
• phone number,
• login and password in the Service,
• registered address,
• details of registration as the legal entity (sole entrepreneur, including TIN and VAT numbers),
• details of the proposed Experiences (including the descriptions, technical data, images, etc),
• details and images of the documents confirming the identity of the Provider and/or its representatives;
• information on languages which can be used while using the Service and providing the Experiences,
• payment details (including information on the banking or payment systems’ accounts necessary and sufficient for making payments to such accounts),
• regions where the Provider may provide participation in the Experiences via the Service,
• personal web-site address or other description of Provider’s activity,
• information on devices used for the Service use and cookie files,
• current and previous settings of Personal Account,
• details of the placed Orders, completed and non-completed Experiences,
• records of communication with the Service support and/or other Users,
• marks assigned to the Provider in the Service (reviews, comments, etc.),
6.4. Information on the Users may be provided by:
- filling out respective forms in sections of Personal Account by the Users,
- submitting respective data to e-mail of the Company by the Users,
- collection of information during the use of the Service, including by placement of orders and fulfillment of the Experiences.
6.5. While using the Service the Participant gets access to the following data about the Providers: description, dates and other information about the Experiences that the Provider may upload to the Service; region of the Provider’s activity.
6.6. While entering into the Experience Agreement the Provider gets access to the following data about the Participant: full name and name in the Service, contact phone number and e-mail; details and/or images of the documents confirming the special skills (driver license or other), if the Provider specified that such documents are necessary for participation in the Experience. While entering into the Experience Agreement the Participant gets access to the following data about the Provider: full name and name in the Service, contact phone number and e-mail.
6.7. The Users are not be entitled to use the details of other Users, received via the Service, for any purposes other than for fulfillment of the certain Experience.

7. TRANSBOUNDARY TRANSFER OF PERSONAL DATA

7.1. GETEXPERIENCE, Inc is an international company. In order to achieve the objectives specified in the Policy, the Company reserves the right to transfer personal data to countries other than the country from which they were originally received. In this case the personal data may be transferred to process by the Company’s subsidiaries, advisors, consultants, business partners, etc.
7.2. Information on the Users may be provided by the Company to third parties in connection with the violation by the Users of intellectual property rights in relation to the content posted in the Services, or other violation of the third parties rights, for further resolution of the dispute.
7.3. In case of cross-border transfer of personal data, the Company protects data in accordance with this Policy and consent to the processing of personal data.
7.4. Information that published on the Website or submit for publication via the Service may be accessible via the Internet throughout the world. The Company cannot prevent third parties from using or misusing such information.
7.5. By posting the information to the Service the User gives his/her expressly consent to the transmission of personal information described in this Section.

8. ENSURING PERSONAL DATA SECURITY

8.1. The Company applies the necessary and sufficient organizational and technical measures, including the use of information security tools, the detection of unauthorized access facts, the restoration of personal data, the establishment of rules for access to personal data, and the monitoring and evaluation of the effectiveness of the measures applied.
8.2. All persons authorized by the Company to process personal data are familiar with the provisions of the applicable legislation on personal data, including international requirements for the protection of personal data, documents defining this Policy regarding the processing of personal data, and local acts for the processing of personal data.
8.3. The Company has the following organizational measures: (a) the persons responsible for organizing the processing and ensuring the security of personal data are appointed; (b) developed local acts on the processing of personal data; and (c) internal control over the compliance of the processing of personal data with the requirements for the protection of personal data is carried out.
8.4 When collecting personal data of Users, the Company undertakes to ensure the recording, systematization, accumulation, storage, refinement (update, change), extraction of personal data of Users using databases.

9. COOKIES AND WEB BEACONS

9.1. The website of the Company uses “cookies”. Information that Company gets through the cookies helps to deliver services in the most convenient way.
9.2. By using this website, the User agrees with the placement of cookies in his device under the terms of this Agreement.
9.3. If the User doesn’t agree with the using cookies by the Company, the User need either to customize respectively the settings of his browser for Control or Disabling of the cookies in his device or not to use this website and exit it.
Information on cookies:
9.4. Cookies are the small text files downloaded by internet browser of the User to his PC/tablet computer, telephone or any other device used by the User for access to the website.
9.5. Cookies are used in order to ensure a personalized experience of the site use and convenient site navigation. They help to track the most visited web pages, determine the efficiency of advertising and web searches, and give an indication of the User behavior, thereby contributing to improvement of communication means and products offered to Users. The cookies also help the User not to lose data inserted into the request form, when the site page is refreshed.
9.6. Cookies that the Company saves through the website do not contain any data enabling to identify the User.
9.7. Please note that the Company do not guarantee a correct work of the Company’s website in the User’s browser, should the User disable the option of cookies storage.
Used cookies:
9.8. The Company uses the cookies of the following types:
9.8.1. Performance cookies
These cookies collect information on using of the websites such as, for example, information on the most visited by User pages of the site. They can be used by the Company for optimization of the websites and navigation facilitation. These cookies are also used by the Company’s affiliates to establish a fact of visit to the site from the site of affiliates; a fact of use of the website’s services. The performance cookies are not used for collection of personal data of the website User. All information collected with such cookies is intended for the purposes of statistics and remains anonymous.
9.8.2. Functionality cookies
These cookies help the websites to remember the choice made by the User, when browsing the website. Such cookies can also be used to remember the settings like a font type and font size of the text, and any other adjustable parameters of the website. The functionality cookies can be used to track the recommended services and videos of the Company in order to prevent the repetition of the same. The functionality cookies help the User not to lose the data inserted into the request form in the website. The information provided by the functionality cookies does not enable User identification and tracking of the User’s experience in the websites, which are not related to the Company.
9.8.3. Advertising cookies
These cookies record data on User actions in the web, including visits to the sites and pages, and data on the links and advertisements clicked by the Users for browsing. This is necessary to display on the websites the content, which is the most targeted for the User, and to ensure the opportunity to provide the advertising or any other information, which is the most compliant with the User’s interests. The Company, together with the third parties, including the technological partners and service providers, participates in advertising targeted to the interests of Users, delivering the advertisement and the personalized content, which, in Company’s opinion, will be of interest for the User.
Cookies management:
9.9. Most web browsers are preset to accept cookies. The User may change settings to block the cookies by the browser or to get notifications, when such files are sent to the device. There are several ways to manage cookies. Read the browser manual please to learn more about how to adjust or change the browser settings.
9.10. Please keep in mind that some personal services can’t be delivered to the User and the User selecting such settings can’t get a full access to all sections of the website.
Term of storage of cookies:
9.11. Some cookies operate from the moment of the User’s access to the site till the end of a particular session in the browser. These files become useless and they are automatically deleted upon closing the browser. Such files are called session cookies.
9.12. Some cookies are also saved on device between the sessions in browser and they are not deleted after the browser closing. Such cookies are called persistent cookies.
9.13. A web beacon, also called an internet or pixel tag, is used to collect information about the use of the Internet. Thanks to this, the Company can provide the Users with more specific information. When using the Website, the Company informs any User about which cookies and web beacons are related to the Website, and invites them to consent to the placement of these cookies and web beacons.

10. STORAGE AND DESTRUCTION OF INFORMATION

10.1. The Company keeps the information available in the User’s Personal Account and any other data about the User until the Personal Account is deleted by the User.
10.2. In order to comply with any legal, fiscal, insurance and any other requests, which are effective in compliance with applicable law, User support, improvement of the service quality, research and analytics with respect to the Service use, direct marketing and for any other operational purposes, the Company keeps all the information about the Users that may be received in accordance with this Privacy Policy, including information on payments for Rents and of License Fees, as well as of the devices used for the use of the Service within all the term of use of the Personal Account, during 7 (seven) years after the Personal Account is deleted. Upon expiry of this term the Company shall delete or anonymize such information in compliance with applicable legislation.
10.3. The Users may at any time delete their Personal Accounts by choosing in the Service the option “Delete Account” in the section “Settings”, subsection “Additional Options”. Upon the User chooses such option, the Company shall delete all information on the User, except for the information that must be kept and shall restrict access of any third parties, including the Service Users, to data on such User which remains in the Service. The Users hereby accept and agree, that even in case of deletion of Personal Account, the information on the User may be provided by request of the third parties, in particular, if any conflict situation, related to completion or payment for the Experience needs to be settled, for the purposes of ensuring security of the Users or the Service, prevention or investigation of any cases of fraud, etc.

11. ACCESS TO AND CHANGE OF INFORMATION

11.1. The Users may change name, phone number and e-mail address specified in their Personal Account. Personal Account also contains the history of the placed orders and agreed Rents (completed and non-completed due to any reasons), as well as the User’s rating in the Service.
11.2. The requests for receipt of any User information, change of information mentioned in Personal Account if such information is not correct, deletion of Personal Account and refusal to receive marketing information from the Company may be sent to [email protected].

12. SITES OF THIRD PARTIES

12.1. The Website may include hyperlinks to third party websites. The Company does not control and is not responsible for their privacy policies and activities.

13. RESPONSIBILITY

13.1. In the event of non-compliance with the provisions of this Policy, the Company shall be liable in accordance with applicable laws of the State of Delaware, USA.
13.2. To obtain clarification on the issues of personal data processing, it is necessary to send an official request to the email address [email protected].
13.3. In the case of a formal request from the administration of the Website, the following must be indicated in the request text: (a) full name of the User; (b) the number of the main document certifying the identity of the subject of personal data or his representative, information about the date of issue of the specified document and the issuing authority; (c) information confirming the fact of the processing of your personal data by the Company; and (d) signature.
13.4. Formal requests and complaints are submitted in writing and to the specified address of the Company, previously sent in a reliable manner. To resolve any dispute concerning the interpretation or its own jurisdiction, rely on the jurisdiction of the courts of the State of Delaware, USA.

14. LIMITATION OF PRIVACY POLICY

14.1. The personal data subjects are obliged to reasonably and responsibly approach to the placement of their own personal data in the public domain, including on the Website in the case of leaving comments and feedback.
14.2. The Company is not responsible for the actions of third parties who have gained access to the personal data of the subject through the fault of the latter.
14.3. The Company reserves the right, at its sole discretion, to make changes to this Policy at any time without any special notice. The new version of this Policy comes into force from the moment it is posted on the Website.

15. DEFINITIONS

15.1. Personal data processing: any action or set of actions with personal data performed using automation means or without them, including the collection, recording, systematization, accumulation, storage, refinement (update, change), extraction, use, transfer (distribution), de-identification, blocking, deletion, destruction of personal data.
15.2. Personal Data: Any information relating directly or indirectly to a specific or definable user. To such information, in particular, include: (a) information about computer, including IP address, geographical location, type, browser version and operating system; (b) information about any User activity on the Website, including the source of the referral, the duration of the visit, page views and navigation paths through the Website; (c) User’s email address, which was entered when registering in the Service; (d) information that was entered when creating a profile in the Service, and for example, name, profile pictures, gender, date of birth, relationship status, interests and hobbies, education data and employment information; (e) User’s first name, last name and email address that were entered to set up a subscription to emails and / or newsletters; (f) information that was entered when the User designs services via the Service; (g) information that is created when using Service, including when, how often and under what circumstances it was used; (h) information that any User publishes on the Website and/or via the Service, indicating the publication on the Internet, which may include username, profile pictures and the content of messages; (i) the information contained in any messages that any User sends to the Company by e-mail or through the Service, including its content for communication and metadata; (j) any other personal information that may be sent by the User via the Service or to the Company.
15.3. Dissemination of Personal Data: Actions, access to the disclosure of personal data to an indefinite circle of persons.
15.4. Consent to Personal Data Processing: The permission of the User of the Website, which he gives the interested party to receive, collect, store and use personal information about themselves.
15.5. Personal Data Subjects: An entity that is directly or indirectly determined or determined by personal data.
15.6. Cross-border Personal Data Transfer: The transfer of personal data to the territory of a foreign state to the authority of a foreign state, a foreign individual or a foreign legal entity.
15.7. Unless this Policy expressly states otherwise, any terms used in the text, shall have meaning determined in the Provider License Agreement or the End User License Agreement.