By using our services you agree to these terms - Please read them carefully
SUMMARY: We are committed to transparency. This document explains our practices concerning your Personal Information and applies to all Somus users.
We treat User's privacy very seriously and make it a high priority to ensure the security and confidentiality of the personal data you provide us when you visit our Website or use our Service. We don't track anything you do, neither monetize your information nor share it without your explicit and informed consent.
We highly encourage everyone to review this Policy carefully, as it contains important information about users' rights and obligations.
It will be helpful for you if we explain the terms that you may encounter reading this document.
'Content' is information, materials and other content, including, but not limited to, video, sounds, text, and designs.
'Visitor' refers to any individual Internet browser that may view any portion of the Site, particularly public portions of the site that do not require registration.
'User' refers to any Visitor or registered user of Somus, namely a person that seeks to use and engage with Somus Content.
‘Creator’ means a User who has set up their Somus account as a Creator account to post Content on Somus to be viewed by Fans.
‘Fan’ means a User who follows a Creator and is able to view the Creator's Content.
'Personal Information' is information that can identify a natural person alone or in combination with other information, e.g. name, email address, online identifiers, etc.
'Non-Personal Information' – refers to information that is not considered 'Personal' under applicable law, such as anonymous session management cookies or information about your device.
'Data Subject' refers to any User whose information is being processed. 'Processed' means stored, used, shared, etc.
'Profile' is the section of our app where you can edit the Personal Information that is displayed publicly.
'Cookie’ is a small text file that a website saves on your computer or mobile device when you visit the site. This small text file enables a site to remember your actions and preferences for a specified period of time so you don’t have to re-enter your login or settings information each time you visit a new page on our site.
3. Information we collect
SUMMARY: In order for our Service to work, we need to collect certain Information from you. This Information may include Personal Information, such as your name, but also some non-identifiable information, such as session storage properties, metadata and basic information about your device.
Somus collects or receives information from users in different ways. We ask you to provide basic Personal Information during the registration process, such as your name and email address. Your Internet browser or device on which you are using our app collects certain information as well, such as your device/browser information and IP address.
Once you register, your name and additional information that you choose to include in your profile is public and is visible to all Users of the Service. This information may include:
the profile picture you upload;
location (provided optionally by Users, Somus does not collect it automatically);
the information that you decide to include in the "Bio" section of your Profile.
3.1. Usage Information
Somus will inevitably collect some usage information automatically when you visit and/or use the Service and store it in log files. This information refers mainly to the technical information about your use of the Service through your internet browser or mobile device and is necessary for the correct technical functioning of the Service. We use this information to administer the Service and improve the Site and our Services to our users' needs.
This information may include, but is not limited to:
Usage information – refers to the information that is uploaded to the Service and stored in log files. It relates to how you use the Service. When you use a mobile device to access our Service, we may access, collect, and/or monitor one or more "device identifiers". These are small data files stored on or associated with your mobile device, which uniquely identify your mobile device. However, we only collect and store those identifiers for session management. After a User finishes a session, the device identifiers are deleted from our logs.
Services Metadata – Metadata is usually technical information that is associated with your use of the Service or any Content you post. For example, metadata can describe how, when and by whom a piece of user Content was posted and how that Content is formatted. Somus processes metadata for the least amount of time possible and only enough for the application to function properly. The content you post is stripped off of metadata during the initial stage of processing.
Session management cookies – we use this mechanism to store session information for a particular user. When a User logs into the Service, his/her session ID will be stored on the server until he logs out. A session is initiated when a User logs onto the Service and is terminated when he or she logs out. The User's Session ID is a random string of numbers and is non-identifiable on its own. The User's Session ID is 'assigned' to the User and each time the User logs into the service, he/she retrieves that assigned key.
3.2. Communications Information
We enable Users to communicate with each other through the commenting functionality under posts.
We advise not to disclose any personal information, and especially any sensitive personal information such as health/genetic information, racial/religious/ethnic background, etc. in comments.
3.3. Information that you should not provide to us
We do not require any kind of sensitive information, such as health/genetic information, racial/religious or ethnic backgrounds, etc.
4. How we collect information
SUMMARY: We obtain information about you when you voluntarily give it to us.
We use different methods to collect Personal Information from and about you, for example:
Direct disclosure – occurs when you register to the Service or fill in the forms in your Profile with Personal Information. It also happens when you disclose Personal Information through post/phone/email correspondence.
Automated technologies – As you interact with our Service, we may automatically collect certain technical Information about your device, information about your behaviour on the Service, etc. This is explained in more detail in part 3.1. of this Policy.
5. How we use the Personal Information collected
SUMMARY: We use the information collected to ensure the proper functioning of our Service, maintain security, and/or comply with our legal obligations.
Somus will use your Personal Information only when it is allowed to by applicable law and in a manner that is consistent with this Policy.
We use your Personal Information for the following purposes:
5.1. Providing and maintaining the best version of the Service
Enabling the Service to function most effectively lies in our legitimate interest. Somus uses the Personal and non-Personal Information to:
Create and update your account.
Maintain your Profile and make it visible to other users.
Enable you to contact us and for us to respond to you.
Contact you with administrative communication when it is necessary, for example when we update our policies.
5.2. Maintaining the appropriate level of safety and security
Somus is committed to keeping the Service safe and secure. We may use your non-identifiable information to:
Perform internal operations necessary to provide our services, including to troubleshoot software bugs and operational problems;
to conduct basic data analysis, testing, and research.
5.3. Communicating relevant information to you
In the future, Somus may use Personal Information it collects to inform you about services, studies, surveys and news. Users have the right to object to this type of use of your Personal Information, see section 8.1. of this Policy for more information. Before we introduce such type of processing, every User will be informed about it and will have the choice to opt-in to such processing.
5.4. Complying with our legal obligations
We may process your information in a way that is necessary for compliance with a legal obligation we may encounter. Apart from the domestic/international regulations, this may include the need to comply with applicable court orders, legal requirements, legal proceedings, document requests, and industry standards and our policies.
6. How we share your information
SUMMARY: Part of the Personal Information that you share with us is also shared with the community of our Users. You can decide which Personal Information will be displayed on your Profile by making changes in the 'Manage Profile' tab of the Somus app.
6.1. We display information on your Profile
We are a social network and due to this fact, we need to display some basic information about you publicly. You can always decide which Personal Information is being displayed by making changes in the 'Manage Profile' section.
Data minimization is important for us and we collect and display only the bare minimum of the information necessary for the proper functioning of our Service.
6.2. We share information with Somus's service providers
Somus needs to provide certain information to service providers in order to ensure the proper functioning of the Service.
Every time we share any Personal Information with a third party, we make sure that it's done lawfully and in compliance with all the applicable regulations, such as the GDPR. We also make sure that the entities we share your information with adhere to the applicable law and offers appropriate safeguards to the information we disclose.
Somus shares only the information that is relevant for the purpose we are sharing it. We regulate our relationships with third parties with appropriate contracts and we take all commercially reasonable steps to ensure full information security.
Currently, Somus shares User's Personal Information with Digital Ocean, the service that hosts the application on the Internet, Stripe, Somus' payment processor.
6.3. We disclose the information if legally required to do so
Somus must share information with government agencies as required by law in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
7. Information retention and deletion
SUMMARY: We store your Personal Information for as long as you are a registered user. After deleting the account, your Personal Information is erased from our databases.
Somus must retain your Personal Information for the period when you are a registered User to ensure the proper functioning of our Service.
You may request deletion of your account at any time by filling the form here.
If you delete your profile, the entire account information will be permanently deleted from our system when you confirm your wish to delete your account.
8. Users and the GDPR
SUMMARY: As a User of Somus, the GDPR grants you a number of rights concerning the use, storage and processing of your Personal Information.
The General Data Protection Regulation (the 'GDPR') is an EU legislation that grants certain rights to Data Subjects. Those rights apply to all the Users of Somus worldwide – the fact that we are a company registered in the EU and we process your information in the EU (Estonia) makes all Somus Users Data Subjects under the GDPR.
8.1. Your rights under the GDPR
For as long as we are in possession of your information, you have the following rights:
Right of access – you may ask us whether we are processing your information and you have the right to request a copy of the information we hold about you.
Right of rectification – you have the right to correct inaccurate or incomplete information about you; you also have the ability to do so yourself in the 'Settings' section of your Profile.
Right to be forgotten – in most circumstances, you can ask for the information that we hold about you to be erased from our system.
Right to restriction of processing – where certain conditions apply, you can ask us to 'block' the processing of your information.
Right to data portability – you have the right to have the data we hold about you transferred to another organisation and to receive the information in a structured, commonly used format. This functionality is under development – in the meanwhile you can contact us at email@example.com to request your data.
Right to object – the GDPR gives you the right to object to certain types of processing, such as direct marketing. Currently, we are not using your Personal Information for any marketing purposes and we do not foresee such use in the future.
Right to object to automated processing (including profiling) – This right provides the data subject with the ability to object to a decision based on purely automated processing. Like with the right to object, we are not processing your Personal Data for such type of automated decision-making and we are not anticipating such use in the future.
If you have any concerns about how Somus processes your Personal Information, you have the right to lodge a complaint with a suitable data protection authority. Here you can find a list of data protection authorities in Europe.
8.2. Grounds for processing
The GDPR requires every organisation that processes information about EU users to do so on the basis of specific legal grounds. Somus processes information on the basis of the following grounds:
Legitimate interest - It is necessary to provide the Service's features. Our main ground for processing is our interest in delivering you the best Service possible. Somus collects and uses certain information in order for the Service to fulfil its functions. Certain information about the user is necessary to create and maintain your account.
9. International Data Transfers
SUMMARY: Somus is a company registered in Estonia but outsources its hosting services to DIgital Ocean, which provides data centres across Europe and the United States
We use Digital Ocean for the purposes of hosting our Service. We transfer the data to servers across Europe and The United States. We take appropriate safeguards for international data transfers, all the data is encrypted and sent through a secure TLS connection.
SUMMARY: We utilize a variety of industry-standard safeguards to keep your Information safe, such as secure coding, privacy by design/default, two-step authentication, encryption, TLS connections, and 3-layer access.
Somus takes information security very seriously. Sustainability, privacy and security are paramount values in our organisation. We work hard to protect the Personal Information you give us from loss, misuse, or unauthorized access. We utilize a variety of safeguards to protect the Personal Information submitted to us, both during transmission and once it is received.
Somus implements a number of safeguards to ensure that our systems are secure. Somus performs code reviews and security and privacy testing on every new feature. Somus utilises automated package vulnerability scanners – which scan the system for known vulnerabilities and automatically prepare and implement a patch which will fix the vulnerability.
Somus also implements security monitoring, which monitors strange activities and detects suspicious traffic.
Somus enforces a multi-layer approach to the service's security. Accessing managerial part of the service requires a complex authentication. Every layer has access to different data and privileges. From the mid-layer downwards, there's IP domain restriction, self-signed certificates and IP white listing/restriction. On top of the before-mentioned safeguards, Somus also uses multi-factor authentication for development and management systems.
11. Children's Privacy
SUMMARY: We do not intentionally gather Personal Information from persons under the age of 16.
If you are under the age of 16, please do not submit any Personal Information through the Service. Somus does not collect or process Personal Information pertaining to a child, where a child under the GDPR is defined as an individual below the age of 16 years old.
12. Contact Us
Lõõtsa tn 5, 11415
Please include your name and email address in email requests, and your name and postal address in mail requests.
These policies are part of Somus’ Terms of Service. For more information, contact Somus at firstname.lastname@example.org.