1. Overview of Our Services
We offer you a wide range of Services, including our browser extensions (“Software”) and receiving push notifications by the Site if you agree to receive such push notifications (“Push Notifications”). The Software allows you to make changes to your default homepage, new tab page and/or search settings. The Software’s features are customizable, which may include adding clocks, calendars, social media links and/or unique images to your homepage or new tab.
2. What Information We Collect, Store, or Access
Joona collects data to operate effectively and provide you the best experiences with our Services. The data we collect depends on the context of your interactions with us, the choices you make, including your privacy settings, and the features you use. The data we collect may include the following:
3. Our Vendors
- Information You Provide to Us. We collect and store any information you directly provide to us. This may include your first and last name, email address, phone number, and any other similar contact data you may provide to us when you contact us via email or the Contact Us page.
- Automatically Captured Information. We automatically collect information from your computer and/or browser when you use our Site and/or Services. This information is gathered and/or processed solely for the core functionalities of our Services and to improve the quality and security of our Services.
- Device and Usage Data. We collect data about your device and how you and your device interacts with us. For example, we collect:
- Product use data. We collect data about the features and customizations you use within our Services. This may include information obtained from active “Cookies” (see section on Cookies below) which helps us remember your preferred settings. This may also include anonymous information such as the number of times you click on a feature offered in our Services to help us optimize your user experience.
- Device, connectivity and configuration data. We collect data about your device and the network you use to connect to our products. This includes your Internet Protocol (“IP”) address, device identifiers, browser type, regional and language settings.
- Error reports and performance data. We collect data about the performance of our Services and any problems you experience with them. This data helps us to diagnose problems with our Services, and to improve our products and solutions for your future use.
- Aggregated Data. We may use your device, usage, and other activity data in aggregated form. This means that such data is used for statistical and/or user activity trends analysis purposes. This data does not directly or indirectly reveal your identity and can never be linked back to you as an individual.
- Memory-Based Technologies. We may use online technologies, such as web beacons, cookies and other similar tools, to keep track of your usage preferences within our Services (see our Cookies and Web Beacons sections below).
- Location Data. We receive your location data so that we may provide you with access to local weather features via our Services.
- Aggregated Data. We receive aggregated analytics data such as general activity trends and statistics about users of our Software and Site. Such aggregated data is anonymized and cannot be traced back to you as an individual in the form that we receive it.
We may use the help of outside companies and consultants to help conduct various aspects of our business so that we can provide you with our Services (“Vendor(s)”). Please see below for more details:
4. How and For What Purposes We Use Your Data
- Performance of Service. We share your information with authorized Vendors that assist us to provide the Services and Site. These Vendor services include:
These Vendors receive access to your information strictly for the purpose of performing their functions that allow us to provide you with the Site, Services and their related features.
- Technical and development support for purposes of maintenance and improvement of the Site and Services;
- Functionality and performance support for purposes of providing you with access to features like push notifications, the weather, time, calendar and search features;
- External and internal communications support for purposes of providing you with user support and discussing any technical, security or other issues; and
- Services that provide us with infrastructure for the purpose of providing us with software, networking, storage, and other related technology required to provide our Services.
- Analytics. Like many websites and services, we use Google Analytics, an industry standard third-party cloud-based analytics service. Google Analytics helps us to understand usage and performance of our Site and Services. This information is anonymized so that it is not tied to your IP address.
We do not share, sell or trade any of your personally identifiable information with any third parties other than as described herein. We may share your data with our principals, employees, consultants, officers, directors, members, agents, subsidiaries, or affiliates, or our parent company and its principals, parent company, employees, officers, consultants, directors, members, agents, subsidiaries, or affiliates (collectively “Related Companies”). Neither we nor our Related Companies contribute to or participate in any cooperative databases that give other companies access to your personally identifiable information.
We and our Related Companies use the data we collect for these basic purposes:
5. Legal Bases for Processing Personal Data
- Providing our Services. We and our Related Companies use data to provide our Services to you. These products may include personalized features and recommendations that enhance your productivity and enjoyment.
- User Support. We and our Related Companies may use data to diagnose product problems, repair errors, and provide other user care and support services.
- Product Improvement. We and our Related Companies use data to continually improve our products, including adding new features or capabilities.
- Security, Safety, and Dispute Resolution. We and our Related Companies use data to protect the security and safety of our products and our customers, to detect and prevent fraud, to protect against misuse or unauthorized use of the Site, Push Notifications or Services, to resolve disputes, to enforce our agreements, to limit our legal liability and protect our rights or to protect the rights, property or safety of other users or the public.
- Business Operations. We and our Related Companies use data to develop aggregate analysis and business intelligence that enables us to operate, protect, make informed decisions and report on the performance of our business.
- Communications. We and our Related Companies use data we collect to communicate with you and personalize our communications with you as needed.
- Legal Obligations. We and our Related Companies may provide access to your data, including personally identifiable information, when legally required to do so, to comply with a court order, to cooperate with police investigations or other legal proceedings.
- Mergers and Acquisitions. If we go through a business transition, such as a merger, acquisition by another company, or sale of all or a portion of its assets, your data will likely be among the assets transferred. You will be notified by a prominent notice on the Site of any such change in ownership or control of your data.
If you are accessing our Site or Services in the European Economic Area (“EEA”), then applicable law requires us to ensure that we only process your personal data (as defined in the General Data Protection Regulation) where we have a legal basis to do so. When we process your personal data, we will only do so where at least one of the following applies:
- Legitimate Interests. We may need to use your personal data in order to fulfill a legitimate interest. For example, it is in our legitimate interests to use your personal data to provide and maintain the core functionalities of our Services, improve our Services, ensure it is error-free and process personal data for administrative, fraud detection and other legal purposes.
- Provide Our Services. We need your personal data to perform our responsibilities under a contract we have with you (including, for example, making our Services available to you in accordance with our Terms [terms hyperlink]). Most of the time, we use your personal data to perform the contract you have with us to provide you with our Services.
- Consent. There may be times that we ask you for consent to use certain types of personal data for specific purposes (e.g., by asking you to check a box). You are able to withdraw such consent at any time by contacting our privacy team at firstname.lastname@example.org.
In addition, third parties with whom we partner to provide certain features on our Site or via our Services may use LSOs such as HTML 5 and Flash to collect and store information. To learn how to manage privacy and storage settings for Flash cookies click here:
- Third-Party Cookies. In addition to the cookies we set when you visit our Site or use our Services, third parties may also set cookies when you visit our Site or use our Services. In some cases, that is because we have hired the third-party to provide services on our behalf, such as site analytics. Because your browser connects to those third parties' web servers to retrieve that content, those third parties are able to set or read their own cookies on your device and may collect information about your online activities across websites or online services.
- Web Beacons. The Site may contain electronic images known as “web beacons” which are also sometimes called single-pixel gifs. Web beacons may be used to assist in delivering cookies, allow us to count how many users have installed and/or uninstalled our Software. In addition, we may employ web beacons from Vendors to help compile aggregated statistics regarding the effectiveness of our features and operations of the Site and Services. We will never allow web beacons on the Site to be used by third parties (other than Related Companies) to collect or access your personally identifiable information. We do not tie web beacons to any personally identifiable information you submit while on our Site or while using our Services.
- Deleting Cookies. Certain features from the Site and Services depend on the placement of cookies. Please be aware that if you choose to reject or delete cookies, you may not be able to use such features and preferences. If you choose to reject or delete cookies, settings and preferences controlled by those cookies will be deleted and may need to be reset.
- "Do Not Track." Some browsers have incorporated "Do Not Track" (DNT) features that can send a signal to the websites you visit indicating you do not wish to be tracked. Because there is not yet a common understanding of how to interpret the DNT signal, our Services do not currently respond to browser DNT signals. We will continue to work with the online industry to define a common understanding of how to treat DNT signals.
7. Third-Party Content
8. Retention of Personal Data
9. Where We Store and Process Personal Data
If you are a user based in the EEA, you should be aware that the personal data we collect or permit third parties to collect may be transferred to, stored and/or processed outside of your country of residence and in any country or territory where one or more of our Related Companies or Vendors are located, including but not limited to the United States. Such data will also be processed by personnel operating outside the EEA who work for us or for one of our Related Companies and/or Vendors.
We have implemented technical, administrative and physical security measures to protect Information from unauthorized access and improper use. We keep information on servers that are protected by firewalls and located in a physically secure facility accessible only to our authorized employees and personnel of the Related Companies. From time to time, we review our security procedures in order to consider appropriate new technology and methods. Please be aware though, that, despite our reasonable efforts, no security measures are impenetrable and any information transmitted to us or through the Site and/or Services will be at your own risk.
11. Your Personal Data Rights
If you are in the EEA you have certain rights in relation to your personal data. If you would like further information in relation to these or would like to exercise them, please contact us using the contact details below at any time. You have the right to request that we:
We will consider all such requests and provide our response within a commercially reasonable period (and in any event within any time-period required by applicable law).
- Provide Access to any personal data we hold about you;
- Correct any personal data about you which is out of date or incorrect;
- Erase any personal data which we are holding about you in certain circumstances except where we have a right to retain such data to comply with legal obligations by European or Member State law or we have an overriding interest to retain such data;
- Consider Valid Objections or Limit/Restrict the way we use of your personal data, including for direct-marketing purposes as applicable;
- Transmit your personal data to a third-party provider of service to the extent applicable and commercially reasonably possible;
- Withdraw Your Consent in cases where we rely on your consent in order to process your personal data. You do not need a valid reason for withdrawal in such cases, and you may withdraw your consent at any time.
Keep in mind that certain personal data may be exempt from such requests in certain circumstances. If an exception applies, we will inform you of this when responding to your request. Additionally, we may request that you provide us with information necessary to confirm your identity before responding to any request you make.
12. Data Protection Officer
Our EEA users have access to a designated Data Protection Officer (“DPO”) who is responsible for ensuring that your rights are respected and to review and oversee how we collect and use your personal data. The DPO can be reached by contacting email@example.com.
13. Children’s Privacy
Our Services are intended for general audiences over the age of 18 years old. We do not knowingly collect information from children under the age of 18 years old. If you are not over 18 years old, then DO NOT USE OUR SITE, PUSH NOTIFICATIONS OR SERVICES.
14. Limitation on Third-Party Rights
Users who have downloaded our Software and who do not want their data collected as described above should immediately uninstall the Software. You may uninstall the Software by going here and following the directions to remove the Software from your computer. You may also disable our Push Notifications by following the instructions listed here. To be clear, disabling Push Notifications will not prevent the collection of data as related to your use of our Services (including the Software) or Site.
16. Your California Privacy Rights
Users who are California residents (“California Users”) have certain rights with regard to Information classified as “personal information” according to applicable data privacy laws in California. Keep in mind that we may reject requests, for example, where your request is unlawful or adversely affects the rights of another person. You have the right to request that we:
You also have the right to be free from discrimination as a result of exercising these rights.
- Delete your personal information;
- Provide access to categories of personal information which we have collected about you; and
- Provide access to specific pieces of personal information which we have collected about you.
If you wish to submit such a request, please click https://joona.io/request-user-data.html . We will need to verify your identity before responding to your requests.
If you are a California resident, you may designate an authorized agent to make a request to access or a request to delete on your behalf. We will respond to your authorized agent's request if they submit proof that they are registered with the California Secretary of State to be able to act on your behalf, or submit evidence you have provided them with power of attorney pursuant to California Probate Code section 4000 to 4465. We may deny requests from authorized agents who do not submit proof that they have been authorized by you to act on their behalf, or are unable to verify their identity within two (2) business days of submitting a request. In addition, for security purposes, you and/or your authorized agent will only be able to submit requests via the proper browser and device on which your Software is installed.
California “Shine the Light” Rights;
In addition, California Civil Code Section 1798 entitles California Users to request information concerning whether a business has disclosed personal information to any third parties for the third parties’ direct marketing purposes. We will not sell or share your personal information with non-affiliated companies for their direct marketing purposes without your consent. California Users who wish to request further information about our compliance with this law or have questions or concerns about our privacy practices and policies may contact us by email at firstname.lastname@example.org.
18. How to Contact Us
If you have any questions or comments regarding our privacy practices, you may contact us using the following details:
18565 Jamboree Road, Suite 200N
Irvine, CA 92612
EEA users should use the below email address:
EEA Users also have the right to raise a complaint to our supervisory body for data protection matters or another supervisory authority. You can contact the Information Commissioner’s Office via any means provided here.
LAST UPDATED: December 31, 2019