Effective Date: 18/07/2023

This Privacy Policy governs the access, use, storage, and sharing of user data by our API website. We prioritize your privacy and the security of your personal information. Please carefully read this Privacy Policy to understand how we handle your data and ensure its protection.

By using our API website, you agree to the collection, use, storage, and sharing of your data as described in this Privacy Policy. If you do not agree with any part of this policy, please refrain from using our API website.

Definitions and Key Terms To ensure clarity in this Privacy Policy, the following terms are strictly defined as follows:

Personal Data (or Data): Any information, including a Personal Identification Number, that directly or indirectly allows for the identification or identifiability of a natural person.

Usage Data: Information is collected automatically through our API website or third-party services used by our API website. This may include IP addresses, domain names, URI addresses, time and method of requests, server response details, browser and operating system information, and other device-related parameters.

User: An individual who uses our API website and is the Data Subject unless specified otherwise.

Data Subject: The natural person to whom the Personal Data refers.

Data Processor (or Data Supervisor): A natural or legal person, public authority, agency, or other body that processes Personal Data on behalf of the Controller, as described in this privacy policy.

Data Controller (or Owner): A natural or legal person, public authority, agency, or other body that, alone or jointly with others, determines the purposes and means of Personal Data processing, including security measures related to the operation and use of our API website. Unless specified otherwise, the Data Controller is the Owner of our API website.

API Website: The means through which User Personal Data is collected and processed.

Service: The service provided by our API website as described in the relevant terms (if available) and on this site/application. The Service provider offers a 30-day satisfaction guarantee and provides refunds for unsatisfied buyers within a certain timeframe. Buyers can opt out of such services, ensuring customer satisfaction for their initial purchase. If the buyer does not opt out within the specified time frame, the Service will continue, and the buyer will be responsible for subscription charges.

Cookie: A small data file generated by a website and stored by a web browser, used for browser identification, analytics, and remembering user preferences or login information.

Company: In this policy, “Company” refers to [Dowell UX Living Lab’s], which is responsible for your information as outlined in this Privacy Policy.

Country: The location where the owners/directors of [Dowell UX Living Lab’s Privacy Policy] are based, which is [UK] in this case.

Customer: Refers to the company, organization, or person that signs up to use our services.

Device: An internet-connected device, such as a phone, tablet, or computer, used to access and utilize our services.

IP address: An assigned number to identify devices connected to the Internet. It can often indicate the device’s location.

Personnel: Individuals appointed to work for our API website.

You: A registered person or entity accessing our API website via this URL to use the Services.

Tracker: Any technology (e.g., Cookies, unique identifiers, web beacons, embedded scripts, e-tags, and fingerprinting) that enables tracking of Users, such as accessing or storing information on the User’s device.

Information We Collect 

When using our API website, we may collect the following information from users: Basic user information, including name, email address, profile picture, and associated details. Usage data, such as interactions with our API website, features used, actions taken, and usage frequency and duration.

Other personal information

We may collect includes, Contact information, such as name, email address, and phone number. 

Demographic information, such as age and gender. Identification information, including government-issued identification if required. Transaction information, such as details of services used and payments made. User-generated content, such as reviews, feedback, and survey responses. Device information, including device type, operating system, and mobile network details.

Use of Information 

We solely use the collected information to provide and improve our services. The information is used to ensure the proper functioning of our API website, enhance user experience, conduct analytics and research, communicate with users, and fulfill our contractual obligations. We do not utilize the information for any other purposes, nor do we share it with third parties, unless required by law or with your explicit consent.

Storage and Security 

We are committed to protecting the security of your data. We employ appropriate technical and organizational measures to prevent unauthorized access, use, or disclosure of your information. Our efforts include encryption, access controls, and regular security assessments. We retain your data for as long as necessary to fulfill the purposes outlined in this Privacy Policy or as required by law. When your data is no longer needed, we securely dispose of or anonymize it.

Sharing of Data 

We do not share, sell, rent, or disclose your data to third parties, except in the following circumstances: With your consent: We may share your data with third parties if you explicitly consent to such sharing. 

As required by law: 

We may disclose your data if required by law or in response to valid legal requests or court orders. Business transfers: In the event of a merger, acquisition, or sale of all or part of our assets, your data may be transferred to the acquiring entity.

Methods of Processing 

We implement appropriate security measures to prevent unauthorized access, disclosure, modification, or destruction of Personal Data. Data processing is performed using computers and/or IT-enabled tools, following strict organizational procedures and modes related to the stated purposes. Besides the Owner, certain authorized personnel involved in the operation of our API website or external parties (such as technical service providers, hosting providers, IT companies, and communications agencies) may have access to the Data as Data Processors.

Legal Basis for Processing We may process Personal Data relating to users if one of the following applies: Users have provided their consent for one or more specific purposes. Processing is necessary for the performance of a contract with the user and/or for any pre-contractual obligations. Processing is necessary for compliance with a legal obligation to which the Owner is subject. Processing is related to a task carried out in the public interest or in the exercise of official authority vested in the Owner. Processing is necessary for the purposes of the legitimate interests pursued by the Owner or a third party.

Place of Processing 

The Data is processed at the Owner’s operating offices and in any other locations where the parties involved in the processing are located. Depending on the user’s location, data transfers may involve transferring the user’s Data to a country outside their own. To learn more about the processing location of transferred Data, users can refer to the relevant sections of this document or inquire with the Owner using the contact information provided.

Retention Time 

Personal Data shall be processed and stored for as long as necessary to fulfill the purposes for which it was collected. Retention periods may vary depending on the specific purpose of processing. Once the retention period expires, Personal Data shall be deleted or anonymized. Users have the right to access, rectify, erase, and port their Personal Data during the retention period.

The Purpose of Processing 

The Data concerning the user is collected to allow the Owner to provide its Service, comply with legal obligations, respond to enforcement requests, protect rights and interests, detect malicious or fraudulent activity, and for device permissions, analytics, registration/authentication, access to third-party accounts, and advertising.

Device Permissions for Personal Data Access 

Our API website may request specific permissions from users to access their device data. Users have the ability to grant or revoke these permissions, which may affect the proper functioning of the API website.

International Data Transfers 

As part of our operations, user data may be transferred and stored on servers located in countries outside their jurisdiction. These countries may have different data protection laws. By using our API website, users consent to the transfer and processing of their data following this Privacy Policy. We ensure that any international transfers of data comply with applicable data protection laws through appropriate measures, such as Standard Contractual Clauses or other recognized legal mechanisms.

Your Rights 

Under applicable data protection laws, users have rights regarding their data. These rights may include-

• Right to access: You can request access to the personal data we hold about you. 
• Right to rectification: You can request the correction of any inaccurate or incomplete personal data. 
• Right to erasure: You can request the deletion of your personal data. 
• Right to restrict processing: You can request the limitation of processing of your personal data. 
• Right to data portability: You can request the transfer of your personal data to another party. 
• Right to object: You can object to processing your personal data in certain circumstances. 4
• Right to withdraw consent: If we rely on your consent for the processing of your personal data, you have the right to withdraw that consent at any time.

Cookies 

We may use cookies to enhance the user experience on our API website. 

Cookies are small data files stored on the user’s device that remember preferences or login information. Users can disable cookies in their browser settings, but this may affect the functionality of our service.

Retention of Information 

We retain user information for as long as necessary to fulfill the purposes for which it was collected or as required by law. We take reasonable measures to protect user information from unauthorized access, use, and disclosure.

Applicable Law Our service complies with all applicable data protection laws. Your use of our service may be subject to local, state, national, or international laws.

Children’s Privacy 

Our API website is not intended for children under the age of 13, and we do not knowingly collect personal information from children under the age of 13.

Third-Party Services 

We may utilize third-party services, such as analytics or advertising providers, to improve our service. These services may collect specific user data, but we do not share personal information with them. Their usage is solely for improving our service.

Changes to Privacy Policy 

We reserve the right to modify this privacy policy at any time. Any significant changes will be notified to users via email or our website. Continued use of our service after such changes indicates acceptance of the updated terms.

Contact Information 

If you have any questions or concerns about this privacy policy, please contact us at Dowell@dowellresearch.uk