(i) Customer Data: personal data that we collect, process and manage on behalf of our business customers (“Customers”), submitted to the Moralius online platform, the moralius.com web or mobile applications and related products, integrations, add-ons and extensions services managed and operated by moralius.com (collectively, the “Platform”). We process such Customer Data on behalf and under the instruction of the respective Customer in our capacity as a “Data Processor”:
The Application collects primary data from the sensors of the mobile phone or tablet device, for the period during which the user remains within the above radius of the project.
Such data are mainly the following: date and time of recording for the raw data, time of recording in the UNIX time system, location data – GPS (longitude, latitude and altitude of the vehicle's location, horizontal and altitude accuracy of the GPS recording), mobile phone or tablet device data, Push Notification Token data, data on the date and time of Sign in/Sign out from the Application, data on the date and time of entry/exit from the project, data on the date and time of activation/deactivation of Location Services (GPS), data on the time and date of activation/deactivation of the mobile phone or tablet device, data on the time and date of activation/deactivation of recording of the Application through its settings; data on the time and date of activation/ deactivation of automatic renewal services in the background (Background App Refresh), data on the time and date of activation / deactivation of the WiFi.
The mobile application uses the device's Location services, call capability, camera and notification capabilities on a case-by-case basis. The above may be used only for the proper functioning of the Application. The mobile application does not retrieve data that is not intended for use of the Application.
(ii) User Data: personal data concerning individuals engaging with moralius.com on behalf of our Customers (collectively, “Users”). We process such User Data on behalf and under the instruction of the respective Customer in our capacity as a “Data Processor”:
We collect this information directly from you, or from other sources and third parties such as our Customer (your employer), users and colleagues related to your organizational account.
(iii) Website Data: data relating to visitors of our website (including https://www.moralius.com/), and any other prospective customer, user or partner (collectively, “Web visitors”) who visits or otherwise interacts with our website, digital ads and content, emails, integrations or communications under our control (“Sites”, and collectively with the Platform – the “Services”) and/or submits his/her data to us in the course of advertising events or campaigns. We process such Website Data in our capacity as a “Data Controller”.
We use personal data as necessary for the performance of our Services (“Performance of Contract”); to comply with our legal obligations (“Legal Obligations”); and to support our legitimate interests in maintaining and improving our Services, e.g. in understanding how our Services are used and how our campaigns are performing, and gaining insights which help us dedicate our resources and efforts more efficiently; in marketing, advertising and selling our Services to you and others; providing customer services and technical support; and protecting and securing our Users, Customers, Website Visitors, ourselves and our Services (“Legitimate Interests”). To process your personal data as described above for recruiting purposes, we rely on your consent (“Consent”).
We may retain your personal data for as long as it is reasonably needed in order to maintain and expand our relationship and provide you with our Application and website; in order to comply with our legal and contractual obligations; or to protect ourselves from any potential disputes (i.e. as required by laws applicable to log-keeping, records and bookkeeping, and in order to have proof and evidence concerning our relationship, should any legal issues arise following your discontinuance of use), all in accordance with our data retention policy and at our reasonable discretion.
We may disclose personal data in the following instances:
Service Providers: We engage selected third-party companies and individuals as “Service Providers”, to perform services on our behalf or complementary to our own. These include providers of Third Party Services, such as: hosting and server co-location services, communications and content delivery networks (CDNs), cloud servers, data and cyber security services, billing and payment processing services, fraud detection, investigation and prevention services, session or activity recording services, remote access services, performance measurement, data optimization and marketing services, social and advertising networks, content, lead generating and data enrichment providers, email, support and customer relation management systems, third-party customer support providers, and our legal, compliance and financial advisors and auditors.
Our Service Providers may have access to personal data, depending on each of their specific roles and purposes in facilitating and enhancing our Services or other activities, and may only use the data as determined in our agreements with them.
Partners/Subcontractors: We engage selected business and channel partners, subcontractors and providers of professional services related to our Services, which allow us to provide tailored services for our prospective and existing Customers and Users.
Customers and other Users: Your personal data may be shared with the Customer owning the Account to which you are subscribed as a User (including data and communications concerning your User Profile), as well as other Users of that Account. Your personal data and activity within the Services may also be monitored, processed, and analyzed by the Account Admin.
Public authorities: In exceptional circumstances, we may disclose or allow government and law enforcement officials access to your personal data, in response to a subpoena, search warrant or court order (or similar requirement), or in compliance with applicable laws and regulations. Such disclosure or access may occur if we believe in good faith that: (a) we are legally compelled to do so; (b) disclosure is appropriate in connection with efforts to investigate, prevent, or take action regarding actual or suspected illegal activity, fraud, or other wrongdoing; or (c) such disclosure is required to protect the security or integrity of our Application and Services.
For the avoidance of doubt, Moralius may share your personal data in additional manners, pursuant to your explicit approval, or if we are legally obligated to do so, or if we have successfully rendered such data non-personal and anonymous.
In order to protect your personal data held with us, we use industry-standard physical, procedural and technical security measures, including encryption as appropriate. However, please be aware that regardless of any security measures used, we cannot and do not guarantee the absolute protection and security of any personal data stored with us or with any third parties.
If you wish to exercise your privacy rights under applicable law (including the EU or UK GDPR), such rights may include – to the extent applicable to you – the right to know/request access to (specific pieces of personal data collected; categories of personal data collected; categories of sources from whom the personal data was collected; purpose of collecting personal data; categories of third parties with whom we have shared personal data), to request rectification or erasure of your personal data, or to restrict or object to such personal data’s processing (including the right to direct us not to “share” your personal data to third parties now or in the future), or to obtain a copy or port such personal data,– please contact us by email at email@example.com. If you are a GDPR-protected individual, you also have the right to lodge a complaint with the relevant supervisory authority in the EEA or the UK, as applicable.
Please note that if your request relates to personal data that may be processed on our Customer’s behalf, as their “data processor” or “service provider, such Customer exclusively determines how such data is processed, as well as if and how your request should be handled – so we advise that you submit your request directly to them
EU and UK Representative: Moralius representative in the European Union and the United Kingdom for data protection matters may be contacted on matters related to the processing of personal data of residents of the EU and the UK, at firstname.lastname@example.org.
Last updated: March 7, 2023