Product

Controlr is a mobile application Data Union which utilises your data and pushes the data for sale to
the the Streamr Marketplace.
By installing the Controlr mobile application, you agree to the collection and use of information in
accordance with this policy.

How We Collect Information from You

Controlr is a mobile application for collecting and aggregating your browsing activities. The Controlr
mobile application extension collects information about your browsing activities and app usage and
provides the ability to sell your data on the Streamr Marketplace. The Controlr mobile application is
in alpha testing phase and therefore the data collection methods and usage may change. Any
changes or modifications will be noted here as and when they arise.
The envisaged process is that each module has some Data Collectors and each Data Collector is
responsible for collecting a specific data regarding its module. We also collect, use and share
aggregated data such as statistical or demographic data for any purpose. Aggregated data could be
derived from your personal data but is not considered personal data in law as this data will not
directly or indirectly reveal your identity. For example, we may aggregate your usage data to
calculate the percentage of users accessing a specific website feature. However, if we combine or
connect aggregated data with your personal data so that it can directly or indirectly identify you, we
treat the combined data as personal data which will be used in accordance with this privacy policy.
We do not collect any special categories of personal data about you unless you give your express
consent (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life,
political opinions, trade union membership, information about your health, and genetic and
biometric data). Nor do we collect any information about criminal convictions and offences.

What We Do with the Collected Data

We use your data to provide a Data Union for the Streamr Marketplace. Controlr mobile application
pushes the collected data to the Streamr Marketplace for selling as Data Union. For every module,
we send all the collected data to a predefined stream on the Streamr Network. A Data Union has
been defined on Streamr Marketplace to aggregate this data. The Data Buyers can subscribe to the
streams of this product for a specific period of time by paying the requested cost. WE ARE NOT
RESPONSIBLE FOR ANY MISUSE OF DATA PROVIDED TO THE BUYERS. We will only use your personal
data when the law allows us to. Most commonly, we will use your personal data in the following
circumstances: Where we need to perform the contract we are about to enter into or have entered
into with you; Where it is necessary for our legitimate interests (or those of a third party) and your
interests and fundamental rights do not override those interests; Where we need to comply with a
legal obligation.

Personal Data Usage

We may process your personal data to do the following: Allow you to receive payments for data you
provide on the Marketplace; Allow you to receive content from the data products that you have
purchased or subscribed to; Seek your comments, feedback and suggestions on the functionality of
the Controlr mobile application; Notify you of changes, upgrades or problems in the functionality of
the Controlr mobile application; Send you communications which you have requested and which
may be of interest to you.
The processing of your personal data is necessary for the performance of the contractual
relationship between Controlr and you. We may also process your personal data based on our
legitimate interests. This means that we have a legitimate interest to process your personal data –
for example, based on our relationship with you as a user, there is a limited privacy impact on you,
and you should reasonably expect your data to be used that way. Controlr has a legitimate interest,
for example, to process your personal data to develop its business, based on the contractual
relationship between you and Swash. We may also process your personal data for specific purposes
based on your consent if we have separately requested and obtained your consent.

Your Controls and Choices

We provide you with certain controls and choices regarding the data collected on your mobile
applications: Enabling/Disabling Controlr; Delay on sending data – You are able to make custom
delays on sending data (It helps you watch data before being sent to the stream and it gives you the
ability to cancel any data sending action); Text masking feature allows you to actively mask specific
text (characters, digits, single words or combination of them) within the data being captured and
shared via the extension. This allows you to cover sensitive information that might be present, for
example, within Facebook or Twitter posts or, less probable, search queries. One could for example
add any variation of his/her own name, phone number, email, address, close people names ; etc;
Exclude URLs – This option allows you to specify which URLs you would like to exclude from data
collection for all modules. You can use different expressions to exclude an exact match URL, an
entire subsection of a URL path or even more advanced rules. Rules applied for this feature will
supersede any module’s internal logic, so you can have peace of mind that anything applied
correctly here will be followed by all modules.
We provide you with a privacy mechanism to ensure the privacy of data getting collected by
modules. The mechanism works based on the data type and the privacy level. The table below shows
how the privacy mechanism transforms the data based on the data type.

Protecting your privacy

Controlr respects your privacy and is committed to protecting your personal data. This privacy policy
will inform you as to how we look after your personal data when you use our services.
This privacy policy aims to give you information regarding the collection, use, and disclosure of data
when you use the Controlr mobile application. In addition, this privacy policy will tell you about your
privacy rights and how the law protects you.
Controlr is the controller and responsible for your personal data. We have a dedicated data privacy
manager who is responsible for overseeing questions in relation to this privacy policy. If you have
any questions about this privacy policy, including any requests to exercise your legal rights, please
contact the data privacy manager using the contact details below. If you have any questions about
this policy or if you would like to exercise your rights to your personal data described further below,
please contact our data privacy manager using the following information: Full name of legal entity:
Controlr, Email address: info@controlrapp.com, Website: https://controlrapp.com .
You have the right to make a complaint at any time with the data protection authorities concerning
our processing of your personal data. You can make the complaint with the data protection
authority of the EU member state where you have your permanent residence or where you work, or
where you find that a potential breach with regard to your personal data has occurred.
We may update our Privacy Policy from time to time. We will notify you of any changes by posting
the new Privacy Policy on this page. We will let you know via email and/or a prominent notice on our
service, prior to the change becoming effective and update the “effective date” at the top of this
Privacy Policy. You are advised to review this Privacy Policy periodically for any changes. Changes to
this Privacy Policy are effective when they are posted on this page.
The Controlr mobile application and website may include links to third-party websites, plug-ins and
applications. Clicking on those links or enabling those connections may allow third parties to collect
or share data about you. We do not control these third-party websites and are not responsible for
their privacy statements. When you leave our app or website, we encourage you to read the privacy
policy of every website you visit.

Disclosure of Personal Data

In addition to including your data in the Data Unions, we may share your personal data with the
following parties: Streamr Network AG; Data buyers on the Streamr Marketplace; Third party
subcontractors (e.g. hosting service providers) in providing our services, in which context they may
also process your personal data.

Transfer of Data

The data that has been collected by Controlr, may be transferred to – and maintained on – Streamr
network nodes located outside of your state, province, country or other governmental jurisdiction
where the data protection laws may differ than those from your jurisdiction. Any transfer of your
personal data to a country outside the EU or the EEA will be made only provided that the EU
Commission has decided that the third country ensures an adequate level of protection in
accordance with the EU General Data Protection Regulation (679/2016) or, if such decision has not
been made for the country in question, in accordance with the EU Commission’s standard
contractual clauses for data transfers. For more information about such clauses, see this link:
https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/modelcontracts-transfer-personal-data-third-countries_en. For clarity, the EU Commission has determined
that Switzerland is a country with an adequate level of protection. Your consent to this Privacy Policy
followed by your consent for collecting data in the Controlr mobile application represents your
agreement to that transfer. Please contact us if you want further information on the specific
mechanism used by us when transferring your personal data out of the EEA.

Data Security

Controlr is concerned about the security of your data. We have implemented technical security
measures that are designed to help protect your information from unauthorized access, disclosure,
use and modification. From time-to-time, we review our security procedures to consider appropriate
new technologies and methods. Please be aware, though, that despite our efforts, no security
measures are perfect or impenetrable. We cannot ensure, and do not warrant or guarantee that the
information you transmit to Streamr nodes will remain secure, nor do we guarantee that this
information will not be accessed, disclosed, altered, destroyed or used in an unauthorized manner. If
we learn of a security breach, we may attempt to notify you electronically so that you can take
appropriate protective steps. We may also post a notice on our website or in the Swash extension if
a security breach occurs. Depending on where you live, you may have a legal right to receive a notice
of a security breach in writing.

Data Retention

We will retain your personal data only for as long as it is relevant for the purpose for which it was
collected and will delete any personal data that is no longer relevant. This means that we will keep
your personal data that is necessary to implement our agreement with you for as long as you
maintain a Swash user account or for as long as reasonably necessary to fulfil the purposes we
collected it for, whichever is longest, as well as until the expiry of any applicable claim periods after
this. We will also comply with any applicable laws or statutes which obligate us to retain your
personal data for a specific time period, such as the mandatory retention periods under accounting
laws and regulations. As regards any personal data that we process based on your consent, we will
retain such data for as long as it is relevant for the purpose for which the data was collected, unless
you withdraw your consent before that. You may close your Controlr account at any time. We will
delete all your personal data when your account is closed, unless there are applicable laws or
statutes which obligate or allow us to retain your personal data longer. If you have entered into a
contract with a third party data provider, any such contract may contain further obligations as to for
how long the personal information is kept.

Your Legal Rights

You have rights with regard to your personal data. Please note that the particular rights may be
subject to qualifications or specific requirements arising from, for example, applicable laws, that are
not fully described here. You have the right to obtain confirmation from us whether your personal
data is being processed. You also have the right to access your personal data and to obtain certain
information, such as the purposes of processing your personal data and the types of personal data
involved. You have the right to request us to correct inaccurate personal data about you. You have
the right to request us to erase personal data about you in certain situations, such as if the data is no
longer necessary for the purposes for which it was collected, if processing such data is unlawful or if
the data was processed based on consent and you withdraw your consent. You have the right to
restrict processing of your personal data in certain situations. If you exercise this right, we are
generally only allowed to store the data in question. You might exercise this right, for example, if you
believe that the personal data we hold about you is inaccurate, in which case your right to restriction
of processing would apply for the time that it takes us to verify whether your belief is correct. You
have at any time the right to object to processing your personal data for direct marketing purposes.
You are also entitled to, on the grounds of your particular situation, object to processing of your
personal data that we do based on our legitimate interest. You have the right to obtain your
personal data in a structured, commonly used and machine-readable format and to transfer the data
to another controller, if we process your personal data based on your consent or because of a
contract that we have entered with you. For this right to be available to you, our processing of your
personal data must take place by automated means. To the extent we process your personal data
based on your consent, you have the right to withdraw your consent at any time. You can do so by
sending an email to info@controlrapp.com. Withdrawing your consent does not affect the
lawfulness of the processing of your personal data based on consent before its withdrawal. You have
the right to make a complaint with the data protection authorities concerning our processing of your
personal data. You can make the complaint with the data protection authority of the EU member
state where you have your permanent residence or where you work, or where you find that a
potential breach with regard to your person data has occurred.