edRoo - Privacy Policy

1. What types of Personal Information do we collect?

We may collect and store the following Personal Data:

Information You Provide to Us.

• Contact information, such as name, user ID, e-mail address, and phone number
• Information necessary for us to remit payments to sellers, such as financial account transactional information based on your activities on the Site as a seller (such as item and content you generate or that relates to your account); community discussions, chats, dispute resolution, correspondence through our Site, and correspondence sent to us; information we ask you to submit to authenticate yourself or if we believe you are violating site policies (for example, we may ask you to send us an ID or bill to verify your address, or to answer additional questions online to help verify your identity or ownership of an item you list);
• Marketing information, such your preferences for receiving marketing communications and details about how you engage with marketing communications; and
• Other personal information you choose to submit to us

Information We Collect About Buyers From or on Behalf of Our Sellers

• We may collect information about buyers from or on behalf of our sellers. The sellers determine the scope of the information we collect on their behalf, that they transfer to us, or that we otherwise collect, and the information we receive may vary by seller. Typically, the information we collect about individuals from or on behalf of our sellers includes:
• transactional information based on your activities on the Site as a buyer (such as item and content you purchase)
• payment information, such as credit card number
• your contact information (such as your name, user ID, email-address, and shipping, billing and other information you provide to purchase an item or receive delivery of an item
• other personal information that our sellers may provide about you

Information Automatically Collected.

• When you access the Site, we, our service providers, and our business partners may automatically log information about you, your computer or mobile device, and activity on our Site. The information that may be collected automatically includes your computer or mobile device operating system type and version number, manufacturer and model, device identifier (such as the Google Advertising ID or Apple ID for Advertising), browser type, screen resolution, IP address, the website you visited before browsing to our Site, general location information such as city, state or geographic area; and information about your use of and actions on our Sites, such as pages you viewed, how long you spent on a page, navigation paths between pages, information about your activity on a page, access times, and length of access. Our service providers and business partners may collect this type of information over time and across third-party websites. This information is collected using cookies and similar technologies. Please refer to the Cookies and Similar Technologies section for more details.

Social Media Networks and other Third Party Platforms.

• We may offer single sign-on services that allow you to use third party login credentials to sign into Service. With your permission, edRoo may also collect profile information contained in your third-party profile. edRoo may also, for your use, enable you to import information about who you are connected to, as well as enable you to share information with those third-party sites. If you wish to discontinue such sharing, please refer to the settings on the third-party service or your preference page on edRoo.
• We may also maintain pages for our company and our products on a variety of third-party platforms, such as Facebook, Twitter, Google+, YouTube, Instagram, and other social networking services. When you interact with our pages on those third-party platforms, the third-party’s privacy policy will govern your interactions on the relevant platform. If the third party platform provides us with information about our pages on those platforms or your interactions with them, we will treat that information in accordance with this Privacy Policy.

Sensitive Personal Information.

• If you send or disclose any sensitive personal information to us when you use the Services, you must consent to our processing and use of such sensitive personal information in accordance with this Privacy Policy. If you do not consent to our processing and use of such sensitive personal information, you must not submit such sensitive personal information through our Sites.

2. How do we get data about you?

What are cookies?

Cookies are small data files stored on your computer or mobile device by a website. Our Sites may use both session cookies (which expire once you close your web browser) and persistent cookies (which stay on your computer or mobile device until you delete them) to provide you with a more personal and interactive experience on our Site.

We use two broad categories of cookies: (1) first party cookies, served directly by us to your computer or mobile device, which we use to recognize your computer or mobile device when it revisits our Sites; and (2) third party cookies, which are served by service providers or business partners on our Sites, and can be used by such service providers or business partners to recognise your computer or mobile device when it visits other websites.

Cookies we use

Our Site uses the following types of cookies for the purposes set out below:

• Essential Cookies - These cookies are essential to provide you with services available through our Site and to enable you to use some of its features. Without these cookies, the services that you have asked for cannot be provided, and we only use these cookies to provide you with those services.
• Functionality Cookies - These cookies allow our Sites to remember choices you make when you use our Sites. The purpose of these cookies is to provide you with a more personal experience and to avoid you having to re-select your preferences every time you visit our Site.
• Analytics and Performance Cookies - These cookies collect information about traffic to our Sites and about how individuals use our Sites. The information gathered may include the types of information described above in the section titled “Information automatically collected.” We use this information to help operate our Site more efficiently, to gather broad demographic information, monitor the level of activity on our Site, and improve the Site. We use Google Analytics, Optimizely, and New Relic for this purpose. These parties use their own cookies. You can find out more information about Google Analytics cookies here: click link, and about how Google protects your data here: click link. You can prevent the use of Google Analytics relating to your use of our Site by downloading and installing the browser plugin available here: click link. You can find out more about New Relic’s services here: https://newrelic.com/, and its privacy practices here: click link.
• Social Media Cookies - These cookies are used when you share information using a social media sharing button or “like” (or similar) button on our Site or you link your account or engage with our content on or through a social networking website such as Facebook or Twitter. The social network will record that you have done this. Social networks use their own cookies.
• Targeted and advertising cookies - These cookies track your browsing habits to enable us and third-party advertising networks to deliver ads that may be of interest to you. These cookies use information about your browsing history to group you with other users who have similar interests or browsing behavior. Based on the cookies that the third-party advertising network sets on our Site and other sites, advertisers can display advertisements that may be relevant to your interests on our Site and while you are on third party websites. You can choose to disable cookies, as described below, or to opt out of the use of your browsing behaviour for purposes of targeted advertising. For opt out instructions, please review the “Targeted online advertising” portion of the “Your Choices” section of this Privacy Policy."

Disabling cookies

You can typically remove or reject cookies via your browser settings. In order to do this, follow the instructions provided by your browser (usually located within the “settings,” “help” “tools” or “edit” menus). Many browsers are set to accept cookies until you change your settings.

For further information about cookies, including how to see what cookies have been set on your computer or mobile device and how to manage and delete them, visit www.allaboutcookies.org.

If you do not accept our cookies, you may experience some inconvenience in your use of our Site. For example, we may not be able to recognize your computer or mobile device and you may need to log in every time you visit our Site.

Other technologies

In addition to cookies, our Sites may use other technologies, such as Flash technology, pixel tags, and software development kits (or SDKs) to collect information automatically.

Flash Technology

We may use Flash cookies (which are also known as Flash Local Shared Object (“LSOs”)) on our Site to collect and store information about your use of our Site. Unlike other cookies, Flash cookies cannot be removed or rejected via your browser settings. If you do not want Flash cookies stored on your computer or mobile device, you can adjust the settings of your Flash player to block Flash LSO storage using the tools contained in the Website Storage Settings Panel at this website. You can also control Flash LSOs by going to the Global Storage Settings Panel at this website and following the instructions. Please note that setting the Flash Player to restrict or limit acceptance of Flash LSOs may reduce or impede the functionality of some Flash applications, including, potentially, Flash applications used in connection with our Site.

Pixel tags

We may also use pixel tags (which are also known as web beacons and clear GIFs) on our Site and in our HTML formatted emails to track the actions of users on our Site and interactions with our emails. Unlike cookies, which are stored on the hard drive of your computer or mobile device by a website, pixel tags are embedded invisibly on webpages or within HTML formatted emails. Pixel tags are used to demonstrate that a webpage was accessed or that certain content was viewed, typically to measure the success of our marketing campaigns or engagement with our emails and to compile statistics about usage of the Site, so that we can manage our content more effectively.

Software Development Kits

Our mobile applications may use software development kits (“SDKs”) provided by third parties. SDKs enable us to provide features and functionality developed by third-party developers, including to provide us with analytics, social media integration, and advertising. The SDKs we use may enable third parties to collect information about the users of our mobile applications. The types of SDKs we use include:

• Analytics SDKs. These SDKs are used to collect information about use of our mobile applications. The information gathered may include the types of information described above in the section titled “Information automatically collected.” We use this information to help operate our mobile applications more efficiently, to gather broad demographic information, monitor the level of activity on and within the application, diagnose errors, and improve the mobile application.
• Social Media SDKs. These SDKs help you to interact with social networks you are signed into while using our mobile application, such as by sharing content with the social network and other features you use with the social network. Social networks may also work with our apps for analytics or advertising purposes, as discussed above.
• Advertising SDKs. These SDKs allow our advertising partners to collect information about your devices, and how you use our mobile application and other sites and applications over time; and to use this information to show you ads of potential interest and measure how the ads perform. These third parties’ collection, use, and sharing of your personal information is subject to their own privacy policies. You may be able to control or limit use of certain information collected through advertising SDKs for purposes of targeted advertising. For additional information, please review the “Targeted online advertising” portion of the “Your Choices” section of this Privacy Policy.

3. What We Use Your Data For

We use the data we collect through your use of the Services to:

• Provide and administer the Services, including to facilitate content creation, content access, display customized content, and facilitate communication with other users;
• Process payments to creators and other third parties;
• Process your requests and orders for content, products, specific services, information, or features;
• Communicate with you about your account by:
  • Responding to your questions and concerns;
  • Sending you administrative messages and information, including messages from other users; notifications about changes to our Service; and updates to our agreements;
  • Sending you information, such as by email or text messages, about your progress in exams and related content, rewards programs, new services, new features, promotions, newsletters, and other available author-created content (which you can opt out of at any time);
  • Sending push notifications to your wireless device to provide updates and other relevant messages (which you can manage from the “options” or “settings” page of the mobile app);
• Manage your account and account preferences;
• Facilitate the Services’ technical functioning, including troubleshooting and resolving issues, securing the Services, and preventing fraud and abuse;
• Solicit feedback from users;
• Market products, services, surveys, and promotions;
• Market Subscription Plans to prospective customers;
• Learn more about you by linking your data with additional data through third-party data providers and/or analyzing the data with the help of analytics service providers;
• Identify unique users across devices;
• Tailor advertisements across devices;
• Improve our Services and develop new products, services, and features;
• Analyze trends and traffic, track purchases, and track usage data;
• Advertise the Services on third-party websites and applications;
• As required or permitted by law; or
• As we, in our sole discretion, otherwise determine to be necessary to ensure the safety or integrity of our users, employees, third parties, the public, or our Services.

Additionally, we shall also use the data for:

• Deliver, maintain, and improve our SaaS platform
• Personalize user experiences and provide support
• Process admissions and visa applications
• Analyze platform performance and user behavior
• Comply with legal obligations

4. Who We Share Your Data With

We may share your data with third parties under the following circumstances or as otherwise described in this Privacy Policy:

• Universities/Institutions for admissions
• SaaS service providers (AWS, Azure)
• Government authorities for visa processing
• Legal compliance requirements

• With Your Sellers:We share data that we have about you for content you access or request information about, so they can improve their content for you and other users. This data may include things like your city, country, browser language, operating system, device settings, the site that brought you toedRoo, and your activities on edRoo. If we collect additional data about you (like age or gender), we may share that too. We will not share your email addresswith creators or sellers.
• With Other Users:Depending on your settings, your shared content and profile data may be publicly viewable, including to other users and sellers. If you ask a question to a seller or provide a feedback for a product, your information (including your name) may also be publicly viewable.
• With Service Providers, Contractors, and Agents:We share your data with third-party companies who perform services on our behalf, like payment processing, fraud and abuse prevention, data analysis, marketing and advertising services (including retargeted advertising), email and hosting services, and customer services and support. These service providers may access your personal data and are required to use it solely as we direct, to provide our requested service.
• With edRoo Affiliates:We may share your data within our corporate family of companies that are related by common ownership or control to enable or support us in providing the Services.
• With Business Partners:We have agreements with other websites and platforms to distribute our Services and drive traffic to edRoo. For example, we work with Benesse in Japan. Depending on your location, we may share your data with these partners.
• With Analytics and Data Enrichment Services:As part of our use of third-party analytics tools like Google Analytics and data enrichment services like ZoomInfo, we share certain contact information, Account Data, System Data, Usage Data (as detailed in Section 1), or de-identified data as needed. De-identified data means data where we’ve removed things like your name and email address and replaced it with a token ID. This allows these providers to provide analytics services or match your data with publicly-available database information (including contact and social information from other sources). We do this to communicate with you in a more effective and customized manner.
• To Power Social Media Features:The social media features in the Services (like the Facebook Like button) may allow the third-party social media provider to collect things like your IP address and which page of the Services you’re visiting, and to set a cookie to enable the feature. Your interactions with these features are governed by the third-party company’s privacy policy.
• To Administer Promotions and Surveys:We may share your data as necessary to administer, market, or sponsor promotions and surveys you choose to participate in, as required by applicable law (like to provide a winners list or make required filings), or in accordance with the rules of the promotion or survey.
• For Advertising:If we decide to use an advertising-supported revenue model in the future, we may use and share certain System Data and Usage Data with third-party advertisers and networks to show general demographic and preference information among our users. We may also allow advertisers to collect System Data through Data Collection Tools (as detailed in Section 2.1), to use this data to offer you targeted ad delivery to personalize your user experience (through behavioral advertising), and to undertake web analytics. Advertisers may also share with us the data they collect about you. To learn more or opt out from participating ad networks’ behavioral advertising, see Section 6.1 (Your Choices About the Use of Your Data) below. Note that if you opt out, you’ll continue to be served generic ads.
• For Lead Generation and Sharing:If we decide to use an lead generation and sharing revenue model in the future, we may use and share certain Account data (including email), Profile data, System Data and Usage Data with partners. To learn more or opt out from participating ad networks’ behavioral advertising, see Section 6.1 (Your Choices About the Use of Your Data) below. Note that if you opt out, you’ll continue to be served generic ads.
• For Security and Legal Compliance:We may disclose your data to third parties if we (in our sole discretion) have a good faith belief that the disclosure is:
• Permitted or required by law;
• Requested as part of a judicial, governmental, or legal inquiry, order, or proceeding;
• Reasonably necessary as part of a valid subpoena, warrant, or other legally-valid request;
• Reasonably necessary to enforce our Terms of Use, Privacy Policy, and other legal agreements;
• Required to detect, prevent, or address fraud, abuse, misuse, potential violations of law (or rule or regulation), or security or technical issues; or
• Reasonably necessary in our discretion to protect against imminent harm to the rights, property, or safety ofedRoo, our users, employees, members of the public, or our Services.
• We may also disclose data about you to our auditors and legal advisors in order to assess our disclosure obligations and rights under this Privacy Policy.
• During a Change in Control:If edRoo undergoes a business transaction like a merger, acquisition, corporate divestiture, or dissolution (including bankruptcy), or a sale of all or some of its assets, we may share, disclose, or transfer all of your data to the successor organization during such transition or in contemplation of a transition (including during due diligence).
• After Aggregation/De-identification:We may disclose or use aggregated or de-identified data for any purpose.
• With Your Permission:With your consent, we may share data to third parties outside the scope of this Privacy Policy.

Other scenarios include:

• Contractual Necessity: To fulfill requested services
• Consent: For marketing communications and cookies
• Legitimate Interests: Platform security and improvements

Additionally, to provide our Sites and Services.

• facilitate the creation of and secure your account on our network;
• identify you as a User in the system;
• send you a welcome e-mail to verify ownership of the e-mail address provided when your account was created;
• respond to your inquiries related to employment opportunities or other requests;
• provide the Service and customer support you request;
• resolve disputes, collect fees, and troubleshoot problems;
• prevent, detect, and investigate potentially prohibited or illegal activities, and enforce our User Agreement;
• customize, measure and improve our Service and content;
• tell you about our Service, service updates, and promotional offers based on your communication preferences;
• compare information for accuracy, and verify it with third parties; and
• and other uses as described when we collect the information.

To communicate with you

If you request information from us (such as signing up for our newsletter), register on the Sites, or participate in our contests or promotions, we may send you edRoo-related marketing communications as permitted by law. You will have the ability to opt out of such communications.

Use of Personal Data About Buyers on Behalf of Our Sellers.

We use personal information we collect about buyers from or on behalf of our sellers to provide services only as directed or authorized by the seller. We do not use this information for our own purposes. Typically, our clients direct or authorize us to use personal information collected on their behalf to enable ecommerce and payments functionality on our clients’ websites, to manage the delivery of electronic goods, and to deliver communications from the sellers to their buyers.

To comply with law.

• We use your personal information as we believe necessary or appropriate to comply with applicable laws, lawful requests and legal process, such as to respond to subpoenas or requests from government authorities.
• For compliance, fraud prevention and safety
• We use your personal information as we believe necessary or appropriate to (a) enforce the terms and conditions that govern the Sites; (b) protect our rights, privacy, safety or property, and/or that of you or others; and (c) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity.

With your consent.

• We will request your consent to use your personal information where required by law, such as where we would like to send you certain marketing messages. If we request your consent to use your personal information, you have the right to withdraw your consent any time in the manner indicated when we requested the consent or by contacting us. If you have consented to receive marketing communications from our third party partners, you may withdraw your consent by contacting those partners directly.

To create anonymous data.

• We may create Anonymous Data records from Personal Data by excluding information that make the data personally identifiable to you. We use this Anonymous Data to analyze request and usage patterns so that we may enhance the content of our Service and improve site navigation. We reserve the right to use Anonymous Data for any purpose and disclose Anonymous Data to third parties in our sole discretion.

5. Our Disclosure of Your Personal Data

We may disclose Personal Data to respond to legal requirements, enforce our policies, respond to claims that a listing or other content violates the rights of others, or protect anyone's rights, property, or safety. Such information will be disclosed in accordance with applicable laws and regulations.

We may also share your Personal Data with:

• Service providers under contract who help with our business operations (such as fraud investigations, bill collection, affiliate and rewards programs).
• Our subsidiaries and corporate affiliates for purposes consistent with this Privacy Policy.
• Our sellers, when you make a purchase with them using our Services.
• Other third parties to whom you explicitly ask us to send your information (or about whom you are otherwise explicitly notified and consent to when using a specific service).
• A third party payments processor to process payments made to us. Currently, we use Stripe to process our payments. Stripe may use personal information it collects when processing our payments as directed by us and for certain additional purposes. The information that Stripe obtains in connection with processing our payments is subject to Stripe’s Privacy Policy.
• Professional advisors, such as lawyers, bankers, auditors and insurers, where necessary in the course of the professional services that they render to us.
• Law enforcement, governmental agencies, or authorized third-parties, in response to a verified request relating to a criminal investigation or alleged illegal activity or any other activity that may expose us, you, or any other edRoo User to legal liability. In such events, we will disclose information relevant to the investigation, such as name, city, state, ZIP code, telephone number, e-mail address, User ID history, IP address, fraud complaints, bidding and listing history, and anything else we may deem relevant to the investigation.
• Other business entities with which we perform a business transaction (or potential business transaction), such as a merger, consolidation, or acquisition, in which case we will make reasonable efforts to require that the recipient follow this Privacy Policy with respect to your Personal Data. In the event of an insolvency, bankruptcy or receivership, your Personal Data may also be transferred as a business asset.

6. Account Protection

Your password is the key to your account. Use unique numbers, letters and special characters, and do not disclose your edRoopassword to anyone. If you do share your password or your Personal Data with others, remember that you are responsible for all actions taken in the name of your account. If you lose control of your password, you may lose substantial control over your Personal Data and may be subject to legally binding actions taken on your behalf. Therefore, if your password has been compromised for any reason, you should immediately notify edRoo and change your password.

7. Your Choices

Accessing, Reviewing and Changing Your Personal Data

You may change any of your Personal Data in your account by editing your profile within your account or by sending an e-mail to us at the e-mail address set forth below. You may request deletion of your Personal Data by us, but please note that we may be required to keep this information and not delete it (or to keep this information for a certain time, in which case we will comply with your deletion request only after we have fulfilled such requirements). Upon your request, we will close your account and remove your Personal Data from view as soon as reasonably possible, based on your account activity and in accordance with applicable law. We do retain Personal Data from closed accounts to comply with law, prevent fraud, collect any fees owed, resolve disputes, troubleshoot problems, assist with any investigations, enforce our User Agreement, and take other actions otherwise permitted by law.

Marketing communications

You may opt out of marketing-related emails by clicking on a link at the bottom of our marketing emails, or by contacting us at support@$NEXT_PUBLIC_DOMAIN. You may continue to receive service-related and other non-marketing emails.

Targeted online advertising

Some of the business partners that collect information about users’ activities on our Sites may be members of organizations or programs that provide choices to individuals regarding the use of their browsing behavior or mobile application usage for purposes of targeted advertising.

Users may opt out of receiving targeted advertising on websites through members of the Network Advertising Initiative by clicking here: www.networkadvertising.org/choices, or the Digital Advertising Alliance by clicking here: www.aboutads.info/choices. European users may opt out of receiving targeted advertising on websites through members of the European Interactive Digital Advertising Alliance by clicking here: https://www.youronlinechoices.eu/, selecting the user’s country, and then clicking “Choices” (or similarly-titled link). Mobile app users may opt out of receiving targeted advertising in mobile apps through participating members of the Digital Advertising Alliance by installing the AppChoices mobile app, available here: https://www.youradchoices.com/appchoices, and selecting the user’s choices. Please note that we also may work with companies that offer their own opt-out mechanisms and may not participate in the opt-out mechanisms that we linked above.

If you choose to opt-out of targeted advertisements, you will still see advertisements online but they may not be relevant to you. Even if you do choose to opt out, not all companies that serve online behavioural advertising are included in this list, and so you may still receive some cookies and tailored advertisements from companies that are not listed.

In addition, your mobile device settings may provide to limit our, or our partners’, ability to engage in ad tracking or targeted advertising using the Google Advertising ID or Apple ID for Advertising associated with your mobile device.

Do Not Track Signals

Some Internet browsers may be configured to send "Do Not Track" signals to the online services that you visit. We currently do not currently respond to do not track signals. To find out more about "Do Not Track," please visit http://www.allaboutdnt.com.

Choosing not to share your personal information

Where we are required by law to collect your personal information, or where we need your personal information in order to provide our services to you, if you do not provide this information when requested (or you later ask to delete it), we may not be able to provide you with our services. We will tell you what information you must provide to receive the services by designating it as required in or on the Sites or through other appropriate means.

8. Security

Your information is stored on our servers located in the United States. We use a variety of security technologies and procedures to help protect your Personal Data from unauthorized access, use or disclosure. However, as you probably know, third parties may unlawfully intercept or access transmissions or private communications, and other Users may abuse or misuse your Personal Data that they collect from the Site. Therefore, we do not promise, and you should not expect, that your Personal Data or private communications will always remain private.

9. International Transfers

In order to provide the Services to you, we must transfer your data to Australia or United States or other geographies and process it there. By visiting or using our Services, you consent to storage of your data on our servers located here. If you are using the Services from outside the Australia, you consent to the transfer, storage, and processing of your data in and to Australia, United States or other countries. Specifically, personal data collected in the United Kingdom (“UK”), Switzerland, and the European Economic Area (“EEA”) is transferred and stored outside those areas. Additionally, if you are located in the EEA, UK, or Switzerland, you also have the right to lodge a complaint with your data supervisory authority. By submitting your data or using our Services, you consent to this transfer, storage, and processing by edRoo and its processors.

edRoo is headquartered in Australia and has service providers in other countries, and your personal information may be transferred to Australia or other locations outside of your state, province, country or other governmental jurisdiction where privacy laws may not be as protective as those in your jurisdiction.

European Union users should read the important information provided here about transfer of personal information outside of the European Economic Area: click here.

10. Third Parties

Except as otherwise expressly included in this Privacy Policy, this document addresses only the use and disclosure of information we collect from you. If you disclose your information to others, whether they are bidders, buyers or sellers on our Site or other sites throughout the Internet, different rules may apply to their use or disclosure of the information you disclose to them. edRoodoes not control the privacy policies of third parties, and you are subject to the privacy policies of those third parties where applicable. We encourage you to ask questions before you disclose your Personal Data to others.

11. Changes to this Privacy Policy

We reserve the right to modify this Privacy Policy at any time. We encourage you to periodically review this page for the latest information on our privacy practices. If we make material changes to this Privacy Policy, we will notify you by updating the date of this Privacy Policy and posting it on the Sites and in the app stores where our mobile applications are available for download. We may (and, where required by law, will) also provide notification of changes in another way that we believe is reasonably likely to reach you, such as via e-mail (if you have an account where we have your contact information) or another manner through the Sites.

Any modifications to this Privacy Policy will be effective upon our posting of the new terms and/or upon implementation of the new changes on the Sites (or as otherwise indicated at the time of posting). In all cases, your continued use of the Sites after the posting of any modified Privacy Policy indicates your acceptance of the terms of the modified Privacy Policy.

12. Contact Us

If you have any questions or concerns at all about our Privacy Policy, please feel free to email us at support@$NEXT_PUBLIC_DOMAIN.

13. Additional Information for European Union Users

Personal information

References to “personal information” in this Privacy Policy are equivalent to “personal data” governed by European data protection legislation.

Controller

For purposes of European data protection legislation, edRoo, Inc. is the controller of personal information that we collect for our own business purposes. See the Contact Us section above for contact details.

edRoo acts as a processor to sellers through the Services, as described throughout this Privacy Policy. When we act as a processor to a seller, the relevant seller is the data controller of your personal information processed in connection with the sale or delivery of goods to you.

Legal bases for processing

We use your personal information only as permitted by law. We are required to inform you of the legal bases of our processing of your personal information, which are described in the table below. If you have questions about the legal basis of how we process your personal information, contact us atsupport@$NEXT_PUBLIC_DOMAIN.

• To provide our Sites and Services - Processing is necessary to perform the contract governing our provision of the Services or to take steps that you request prior to signing up for the Services.
• To communicate with you, To create anonymous data, For compliance, fraud prevention and safety - These processing activities constitute our legitimate interests. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal information for our legitimate interests. We do not use your personal information for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
• To comply with law - Processing is necessary to comply with our legal obligations
• With your consent - Processing is based on your consent. Where we rely on your consent you have the right to withdraw it anytime in the manner indicated in the Service or by contacting us at support@$NEXT_PUBLIC_DOMAIN.
• Use of Personal Data on Behalf of Our Sellers - We use personal data to comply with the instructions of the data controller, our sellers and, to the extent necessary, to perform the contract governing our provision of the Services or to take steps that you request prior to signing up for the Services.

Use for new purposes

When we act as a data controller, we may use your personal information for reasons not described in this Privacy Policy where permitted by law and the reason is compatible with the purpose for which we collected it. If we need to use your personal information for an unrelated purpose, we will notify you and explain the applicable legal basis.

Retention

We will only retain your personal information for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.

When we no longer require the personal information we have otherwise collected about you, we will dissociate such information from the information attached to your content. In some circumstances we may anonymize your personal information (so that it can no longer be associated with you), in which case we may use this information indefinitely without further notice to you.

Your rights

European data protection laws give European Union users certain rights regarding their personal information. If you are located within the European Union, you may ask us to take the following actions in relation to your personal information that we hold in the capacity of a data controller:

• Opt-out. Stop sending you direct marketing communications. You may continue to receive service-related and other non-marketing emails.
• Access. Provide you with information about our processing of your personal information and give you access to your personal information.
• Correct. Update or correct inaccuracies in your personal information.
• Delete. Delete your personal information.
• Transfer. Transfer a machine-readable copy of your personal information to you or a third party of your choice.
• Restrict. Restrict the processing of your personal information.
• Object. Object to our reliance on our legitimate interests as the basis of our processing of your personal information.

You can submit these requests by email to support@$NEXT_PUBLIC_DOMAIN or our postal address provided above. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions. If you would like to submit a complaint about our use of your personal information or response to your requests regarding your personal information, you may contact us as described above or submit a complaint to the data protection regulator in your jurisdiction. You can find your data protection regulator here.

To the extent we act as a processor on behalf of a seller, individuals should contact the relevant seller to exercise the rights and choices described in this section.

Cross-Border Data Transfer

Whenever we transfer your personal information out of the EEA to countries not deemed by the European Commission to provide an adequate level of personal information protection, the transfer will be based:

• Pursuant to the recipient’s compliance with standard contractual clauses, EU-US Privacy Shield, or Binding Corporate Rules
• Pursuant to the consent of the individual to whom the personal information pertains
• As otherwise permitted by applicable EEA requirements.