1.
Introduction

We at One.Thing.Less value your privacy. This Privacy Policy demonstrates our commitment to ensure your privacy and the confidentiality of your personal data ("Personal Data").

It is important to note that upon registering with us you consent to this Privacy Policy. In case you should not agree to any part of this Privacy Policy, you must stop using our mobile application and website (collectively, the "App") and related services. Any processing of your Personal Data is based on your consent to this Privacy Policy and the applicable laws and regulations.

2.
Personal Data we collect

We only collect the Personal Data you provide to us during registration (such as your freely chosen profile name, email address, and country of residence) or later when using our App and the Personal Data you request us to collect from third parties on your behalf. We never see your password as it gets encrypted during the registration process.

3.
Purposes for processing your Personal Data

We strive to empower you to gain control over the use of your Personal Data and to capture its value by using our R.E.ACT framework:

1. Request.
   Our App enables you to request information from third parties regarding the processing of your Personal Data.
   

2. Evaluate.
   The Personal Data provided by different sources upon your request will be integrated and presented to you in a structured manner for your evaluation.
   

3. Act.
   Based upon your evaluation you can act and determine who may – or may not – process your Personal Data.

Your Personal Data will only be used by us and our technology suppliers (who are obliged to protect your Personal Data to the same extent as we are) to provide you with our services. We do not sell or otherwise transfer your Personal Data to third parties without your prior consent or as we are required under applicable law or regulation. We do not monitor your behavior, track your physical location or subject you to profiling or automated decision-making. We only request and process Personal Data on you from companies you explicitly ask us to obtain on your behalf.

4.
Cookies and Device Identifiers

Cookies are small pieces of text sent to your browser when you visit a site. They serve a variety of functions, like allowing you to navigate our site or prevent third parties tricking your browser into taking unwanted action. We only use the most essential technical and functional cookies to provide our services, and we do not use cookies for retargeting or advertising purposes.

You can set your browser to not accept cookies (opt out), but this may limit your ability to use our App. Unless you opt-out, we use cookies for the following purposes:

1. Authentication and Security. Cookies help us verify your account and device and determine when you are logged in, so we can make it easier for you to access our App and provide the appropriate experiences and features. We also use cookies to help prevent fraudulent use of login credentials.

2. Performance and Analytics. Cookies help us analyze how our App is being accessed and used, and enable us to track performance of our services. For example, we use cookies to determine which web pages were visited. This helps us provide you with information that you find interesting. We also use cookies to gather insights regarding our App's performance, such as whether you use an iOS or Android device or which referral site (for example clicking on a Google search result) brought you to our App.

We only use the standard analytics provided by the Apple App Store and the Google Play Store, respectively, regarding device identifiers to measure and improve the use and performance of our App.

5.
Protecting your Personal Data

We restrict the use and access to your Personal Data to those who have an absolute need-to-know to provide our services. We maintain appropriate technical and organizational measures, including encryption of data in transit and at rest, to preserve the confidentiality and integrity of your Personal Data. All Personal Data is stored exclusively in a secure hosting environment located in the EU, certain website functionalities are provided by a US supplier duly certified with the EU-US privacy shield, and we ensure compliance with all applicable data protection and security laws.

6.
Your Rights

We grant you all individual data protection rights as per the European Union's General Data Protection Regulation (GDPR) – irrespective of your country of residence.

You have the right to be informed by us on any processing of your Personal Data and obtain a copy thereof to verify the lawfulness of processing (right of access). If you are affected by incorrect or incomplete Personal Data, you may request rectification or completion of any relevant data (right to rectification). You may request the deletion of your Personal Data (right to erasure) or a temporary restriction of processing in certain cases (right to restriction of processing). You may also object to the processing of your Personal Data (right to object), and you have the right to receive your Personal Data in a structured, commonly used and machine-readable format or have your Personal Data transferred to another data controller if technically feasible (right to data portability).

7.
Retaining your Personal Data

We store your Personal Data only for as long as necessary to provide you with our services. You can delete your account at any time by following the instructions provided by our App. A user deletion request results in the user’s Personal Data being removed from One.Thing.Less systems or being fully anonymized, unless retention is required by applicable laws or regulations.

8.
Contacts

In case you are dissatisfied with any aspect of processing of your Personal Data, we would like to understand how we can solve the issue. Please contact us at dataprotection@onethingless.com. 

If you would like to contact our EU representative, please send us an email at dataprotection@onethingless.com.

You also have the right to contact the data protection supervisory authority in your country of residence.