Back

Privacy Policy for Amble

This Privacy Policy was last updated on 9 January 2024


This Privacy Policy applies to your use of the Amble mobile application (the "Amble App") which hosts the Amble Marketplace ("Marketplace") and uses the Amble reward point ("Amble(s)"), any website operated by Amble (including https://amble.in/) (the “Amble Website(s)") and the services we provide that are accessible via any of them (the "Services"). This Privacy Policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be stored and processed by us.


MINIMUM AGE REQUIREMENT


Please note that you must be aged 13 years or older to use the Services. Please do not use the Services or provide us with any personal information if you are under 13 years of age.


INFORMATION WE MAY COLLECT FROM YOU


From time to time, we may collect or ask you to provide personal information including (without limitation) the following: your name, mobile phone number, email address, password, identification credentials, your contacts, biographical details, photographs and/or payment information.


We also automatically collect, store and use information about your use of the Services, and about your computer, tablet, mobile or other device through which you access the Services. This includes the following information:


  • Service Providers
  • Advertising Partners
  • Analytics Partners
  • Business Partners/Marketplace Providers
  • Parties You Authorize, Access or Authenticate, including Other Users

We may also automatically record the purchases you have made through the Amble App or Amble Websites using Amble (“Transaction Data”) to obtain an understanding of your preferences so that we can provide you with more tailored marketing where appropriate.


As part of the Services, we may provide functionality allowing you to search for friends by using your Facebook credentials and, when you elect to do this, you will be asked to allow the Amble App to access certain information associated with your Facebook account such as your name, profile picture, gender and list of friends. Provided you consent to this, such information will be processed by us in order to identify your Facebook friends who are users of Amble App and to allow you to invite those Facebook friends to install the Amble App.


Please note that, with your consent, we will collect information about your location and physical movements in order for the Amble App to function properly and monitor and verify forms of eligible movement. You may turn location monitoring on and off from time to time using the settings of your operating system of your mobile device but, if you disable this functionality, we will not be able to collect information relating to your step-count and GPS/Cell-ID location which will prevent tracking and/or conversion of your movement into Ambles.


We work with third parties from time to time (including, for example, Apple HealthKit, Near Foundation, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers and search information providers) who may provide to us information about you. This may include your purchase history from business partners who supply you with rewards made available via the Amble App.


USES MADE OF YOUR PERSONAL DATA


As a data controller, we will only use your personal data if we have a legal basis for doing so. The table at Annex 1 sets out the purposes for which we use your personal data as well as the relevant legal bases on which we do so.


WHO WE SHARE YOUR PERSONAL DATA WITH


We may share your personal data with the following recipients as necessary to achieve the purposes set out in Annex 1 or as otherwise described below:


  • Other users. Certain information of your personal data may be shared with other users of the Amble App as part of the normal operation of the Services (for example your uploaded profile picture and biographical information will be accessible to all users, and we may publish your total verified steps, or other movement, during a particular period to other users from time to time).
  • Service providers. We may share your personal data with third party service providers that perform services for us or on our behalf, which may include providing data hosting, customer relationship management, payment processing and analytics services.
  • Business partners.We may share your personal data with our trusted business partners in order that they can contact you from time to time with offers that may interest you and/or inform you of other products or services, provided you have given your consent for us to do so.
  • Law enforcement, regulators, governmental authorities and other parties for legal reasons. We may share your personal data with third parties if we are legally required to do so, or if we believe, in good faith, that such disclosure is necessary to comply with a legal obligation or request, to enforce our terms and conditions, to prevent or resolve security or technical issues, or to protect the rights, property or our safety, or the safety of our users, a third party, or the public.
  • Purchasers and third parties in connection with a business transaction.If we are involved in a merger, acquisition, bankruptcy, reorganisation, partnership, asset sale or other transaction, we may disclose your personal data as part of that transaction.

In addition, we may share your personal data with other third parties if you have provided your consent for us to do so.


INTERNATIONAL TRANSFERS


We may transfer your personal data outside of the country where you are located.


If you are located in the UK or EEA, your personal data may be transferred to countries which do not provide the same level of protection for personal data as that provided for under UK and EEA law.


Where we transfer your personal data to a country which is not recognised by the UK government or EU Commission (as applicable) as ensuring an adequate level or protection for personal data, we will ensure that relevant safeguards are in place to ensure the adequate protection for your personal data (for example, by entering into standard contractual clauses with the recipients of your personal data).


Further details regarding the relevant safeguards we implement can be obtained from us on request at privacy@Amble.in with the subject 'international transfers'.


DATA RETENTION


Your personal data will be kept only for as long as is necessary to fulfil the purposes set out in this policy, for as long as we are required to do so by law or any regulatory obligation.


To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.


DATA SECURITY


We take reasonable industry-standard care in keeping all our data secure and in preventing any unauthorised access or unlawful use of it.


COOKIES


We use cookies and similar technologies on the Amble App and Amble Websites for various purposes, including analytics and advertising. For more information regarding our use of cookies, please refer to Annex 2.


YOUR RIGHTS


Depending upon where you are located, you may have the following rights in respect of your personal data under applicable data protection law:


  • To ask us not to process your personal information for marketing purposes. You can exercise your right to prevent such processing (i.e. “opt out”) by clicking ‘unsubscribe’ at the bottom of our marketing emails or by emailing privacy@Amble.in, with the subject ‘unsubscribe’.
  • To ask us about the personal information we hold about you and to request a copy of your personal information. You can exercise your right to access this information by emailing privacy@Amble.in, with the subject ‘data access request’.
  • To object to any use of your personal data that we carry out on the basis of our legitimate interests (as set out in Annex 1), subject to certain conditions.
  • To receive a copy of the personal data you have provided to us in a structured, commonly used, machine-readable format that supports re-use, or to request the transfer of your personal data to another person, in each case subject to certain conditions.
  • To withdraw consent to our processing of your personal data if this is based on your consent (as set out in Annex 1).
  • To require us to limit the purposes for which we process your personal data if the continued processing of the personal data in this way is not justified, such as where the accuracy of the data is contested by you.

Please note that the above rights are not absolute and we may be entitled to refuse requests, wholly or partly, where exceptions under applicable law apply.


If you wish to exercise one of these rights, please follow the steps set out above or contract us using the details set out below.


COMPLAINTS


If you wish to lodge a complaint about how we process your personal data, please contact us using the details set out below. We will endeavour to respond to your complaint as soon as possible.


You also have the right to lodge a complaint to your national data protection authority. The relevant data protection regulator in the UK is the Information Commissioners Office (https://ico.org.uk/concerns).


If you are resident in the EEA, you can find details regarding your local data protection regulator here.


LINKS


The Services may contain features or links to websites and services provided by third parties. Any information you provide on third-party websites or services is provided directly to the operators of such websites or services and is subject to those operators’ policies governing privacy and security, even if accessed via the Amble App or Amble Websites. We are not responsible for the content or privacy and security practices and policies of third-parties to which links or access are provided through the Amble App or Amble Websites. We encourage you to learn about third parties’ privacy and security policies before providing them with your personal data.


CHANGES TO THIS PRIVACY POLICY


We reserve the right to change this Privacy Policy at any time. Any such changes we may make to this Privacy Policy will be posted on the Amble App and Amble Website(s), and may be emailed to you. Please check the Privacy Policy available on the Amble App and Amble Website(s) from time to time.


CONTACT


Questions, comments and requests regarding this Privacy Policy are welcomed and should be addressed to privacy@Amble.in with subject line “enquiry”.


ANNEX 1 – PURPOSES OF COLLECTING PERSONAL INFORMATION


The Amble App’s use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy , including the Limited Use requirements.


We use the following categories of personal data in the manner specified below, and rely on the following legal basis for processing:


Contact Details (phone number): We use this data to verify your identity as part of our account set up procedure. Our legal basis for processing this data is because it is in our and your legitimate interests to ensure that you have used the correct phone number when signing up for the Services.


Contact Details(email address, phone number etc.), profile information (username, profile photo, bio etc.), movement data (motion data, HealthKit data): We use this data to provide the Services, including operating the Amble Marketplace (using our own systems and those of appropriate third party service providers). Our legal basis for processing this data is based on performance of a contract (our terms and conditions).


Location Data(iOS only): We use this data to verify your physical movement and location and issue Ambles on the basis of this verified data. Our legal basis for processing this data is based on consent (where we are processing location data) and performance of a contract.


Movement data (Healthkit / Google Fit steps data): We use this data to verify your physical movement and issue Ambles on the basis of this verified data. Our legal basis for processing this data is based on consent and performance of a contract.


Health connect data (Android only) : Since we do not obtain or read any other data (except step counts) from Health connect, such Health Services data cannot be used by us for marketing or advertising purposes, or shared with or sold to advertising platforms, data brokers, or information resellers. Notwithstanding anything to the contrary in this Privacy Policy, the use of information received from Google's Health Connect will adhere to the Health Connect Permissions Policy, including the Limited Use requirements.


Contact Details(email address, phone number etc.), payment details (card number, CVC etc.), profile information (username): We use this data to process your transactions with us. Our legal basis for processing this data is based on performance of a contract.


Profile Information(username, profile photo etc.), movement data (motion data, HealthKit data, Google Fit data): We use this data to create daily leader boards of users, comprising all users or users meeting particular criteria as ranked by the number of steps completed or using other criteria. Our legal basis for processing this data is because it is in our legitimate interests to make our services social and competitive and allow you to see how you rank against other users and encourage you to walk more.


Contact Details (phone number): We use this data to connect you with other users and allow you to invite contacts to use the Services. Our legal basis for processing this data is because it is in our legitimate interests to make our services social and allow you to interact with friends when using the Services.


Contact Details (phone number, email address etc.), communications data (personal data comprised in your requests, survey responses, complaints etc.): We use this data to respond to queries and complaints and provide you with information and materials that you request from us. We also use this data to communicate with you, including to inform you of updates to the Amble App, Amble Website(s), our Terms of Use and/or this Privacy Policy. We also use this data to perform market and customer research. Our legal basis for processing this data is because it is in our legitimate interests to respond to your queries and provide any information and materials requested in order to maintain good customer relations; it is in our legitimate interests to ensure that any changes to our policies, terms and other such technical updates are communicated to you; and because it is in our legitimate interests to carry out market and customer research so that we can improve our Services.


Transaction Data and Order History:We use this data to obtain an understanding of your preferences and to maintain accounts and records. Our legal basis for processing this data is because it is in our legitimate interests to understand our users’ preferences so we can improve the Services and the offers we display on the Amble App; and because it is in compliance with a legal obligation.


Contact Details(phone number, email address, social media accounts), marketing preferences (records of consents): We use this data for Marketing and advertising (including sending you marketing emails, carrying out online behavioural advertising and measuring the effectiveness of our marketing). We also use this data to share your contact details with trusted business partners for marketing purposes. Our legal basis for processing this data is consent (if required under applicable law). Where consent is not required under applicable law, such processing is necessary in our legitimate interests, namely to develop and grow our business.


Profile Information (username, profile photo, bio etc.), usage data, transaction Data, movement data (motion data, HealthKit data, Google Fit data): We use this data to investigate and/or prevent suspected fraud or other criminal activities, to investigate disputes between users, and for Statistical analysis to help us manage our business, e.g. in relation to our financial performance, customer base, product range or other efficiency measures. Our legal basis for processing this data is because it is in our legitimate interests to resolve and protect ourself and users of the Services, the Amble App and the Amble Websites against harmful activities; it is in our legitimate interests to ensure that disputes between users are resolved and appropriate action is taken against users breaching the rules; and because it is in our legitimate interests to be as efficient as we can so we can deliver the best services to you.


Profile Information(username, profile photo, bio etc.), usage data, technical data: We use this data to correct errors and problems with the Services, and to protect the security of systems and data. Our legal basis for processing this data is because it is in our legitimate interests to monitor the Services to ensure that it functions properly and is secure; to comply with our legal and regulatory obligations; and because it is also in our legitimate interests to protect systems and data and to prevent and detect criminal activity that could be damaging for you and/or us.


Technical Data and Usage Data: We use this data to analyse the usage of the Services, including for the purposes of improving the Services and to ensure that content is presented in the most effective manner for you. Our legal basis for processing this data is based on consent.


Contact Details(email address, phone number etc.), profile information (username, profile photo, bio etc.): We use this data to enforce legal rights or defend or undertake legal proceedings. Our legal basis for processing this data is because it is in our legitimate interests or those of a third party, i.e. to protect our business, interests and rights or those of others.


ANNEX 2 – COOKIES


What are cookies


We use cookies to distinguish you from other users of the Amble App and Amble Website(s) and obtain certain information about your usage and behaviour. A cookie is a small file of letters and numbers that we put on your computer when you use the Amble App or Amble Website(s). This helps us to provide you with a better experience when you use the Amble App or browse the Amble Website(s) and also allows us to improve the Services. We will use both persistent cookies, which could remain on your device until their expiration (which, in some cases, is up to 10 years), and session cookies, which are temporary files removed from your device once your browser is closed.


Cookies we use


The types of cookies we may use include:


  • Examples of Personal Data Collected:
    • Email
    • Phone number
    • User name
    • IP address
    • Device ID
    • Name
    • Profile picture
    • List of friends
  • Source:
    • You
    • Third parties, including Analytics Partners
  • Categories of Third Parties with Whom We Share this Personal Data:
    • Service Providers
    • Advertising Partners
    • Analytics Partners
    • Business Partners/Marketplace Providers
    • Parties You Authorize, Access or Authenticate, including Other Users
  • Consumer Demographic Data
    • Examples of Personal Data Collected:
      • Age/date of birth
      • Zip code
      • Gender
    • Source:
      • You
      • Categories of Third Parties with Whom We Share this Personal Data:
      • Service Providers
      • Advertising Partners
      • Analytics Partners
      • Business Partners/Marketplace Providers
      • Parties You Authorize, Access or Authenticate, including Other Users
  • Geolocation Data
    • Examples of Personal Data Collected:
      • IP-address-based location information
      • GPS data
      • Time zone setting
    • Source:
      • You
      • Categories of Third Parties with Whom We Share this Personal Data:
      • Service Providers
      • Advertising Partners
      • Analytics Partners
      • Business Partners/Marketplace Providers
      • Parties You Authorize, Access or Authenticate, including Other Users
  • Health Data
    • Examples of Personal Data Collected:
      • Health or exercise activity monitoring
      • Apple HealthKit data
    • Source:
      • You
    • Categories of Third Parties with Whom we Share this Personal Data:
      • Service Providers
      • Business Partners/Marketplace Providers
      • Parties You Authorize, Access or Authenticate, including Other Users
  • Categories of Data Considered “Sensitive” Under the IPRA
    • Examples of Personal Data Collected:
      • Personal data concerning a consumer’s health
      • Precise geolocation data
    • Source:
      • You
    • Categories of Third Parties with Whom we Share this Personal Data:
      • Service Providers
      • Advertising Partners
      • Analytics Partners
      • Business Partners/Marketplace Providers
      • Parties You Authorize, Access or Authenticate, including Other Users
  • Other Identifying Information that You Voluntarily Choose to Provide
    • Examples of Personal Data Collected:
      • Identifying information in emails, letters, or texts you send us or in your survey responses
    • Source:
      • You
    • Categories of Third Parties with Whom we Share this Personal Data:
      • Service Providers
      • Parties You Authorize, Access or Authenticate, including Other Users
  • Other
    • Examples of Personal Data Collected:
      • Your contacts
      • Any Personal Data or other identifying information that you include in your user bio
    • Source:
      • You
      • Third parties, including Social Networks
      • Categories of Third Parties with Whom We Share this Personal Data:
      • Service Providers
      • Advertising Partners
      • Analytics Partners
      • Business Partners/Marketplace Providers
      • Parties You Authorized, Access or Authenticate, including Other Users
      Our Commercial or Business Purposes for Collecting or Disclosing Personal Data
  • Providing, Customizing and Improving the Services
    • Creating and managing your account or other user profiles
    • Processing orders or other transactions; billing.
    • Providing you with the products, services or information you request.
    • Meeting or fulfilling the reason you provided the information to us.
    • Providing support and assistance for the Services.
    • Improving the Services, including testing, research, internal analytics and product development.
    • Personalizing the Services, website content and communications based on your preferences.
    • Doing fraud protection, security and debugging.
    • Carrying out other business purposes stated when collecting your Personal Data or as otherwise set forth in applicable data privacy laws, such as the IPRA
  • Marketing the Services
    • Marketing and selling the Services.
    • Showing you advertisements, including interest-based or online behavioural advertising.
  • Corresponding with You
    • Responding to correspondence that we receive from you, contacting you when necessary or requested, and sending you information about Amble or the Services.
    • Sending emails and other communications according to your preferences or that display content that we think will interest you.
  • Meeting Legal Requirements and Enforcing Legal Terms
    • Fulfilling our legal obligations under applicable law, regulation, court order or other legal process, such as preventing, detecting and investigating security incidents and potentially illegal or prohibited activities.
    • Protecting the rights, property or safety of you, Amble or another party.
    • Enforcing any agreements with you.
    • Responding to claims that any posting or other content violates third-party rights.
    • Resolving disputes.

Personal Data Sales


In this section, we use the term ‘sell’ as it is defined in the IPRA. We sell your Personal Data, subject to your right to opt-out of these sales.


As described in Annex 2, we have incorporated Cookies from certain third parties into our Services. These Cookies allow those third parties to receive information about your activity on our Services that is associated with your browser or device. Those third parties may use that data to serve you relevant ads on our Services or on other websites you visit. Under the IPRA, sharing your data through third party Cookies for online advertising may be considered a “sale” of information. You can opt out of these sales by following the instructions in this section. Otherwise, we do not sell your Personal Data to third parties.


Personal Data Sharing


Under the IPRA, India residents have certain rights when a business “shares” Personal Data with third parties for purposes of cross-contextual behavioral advertising. We have shared the following categories of Personal Data for the purposes of cross-contextual behavioral advertising:


  • Profile or Contact Data
  • Device/IP Data
  • Web Analytics
  • Social Network Data
  • Consumer Demographic Data
  • Geolocation Data
  • Categories of Data Considered “Sensitive” Under the CPRA
  • Other

As described in Annex 2, we have incorporated Cookies from certain third parties into our Services. These Cookies allow those third parties to receive information about your activity on our Services that is associated with your browser or device. Those third parties may use that data to serve you relevant ads on our Services or on other websites you visit. Under the IPRA, sharing your data through third party Cookies for online advertising may be considered a “sale” of information. You can opt-out of data selling and/or sharing by following the instructions in this section.


We share Personal Data with the following categories of third parties:


  • Marketing providers (including for cross-contextual behavioral advertising purposes)
  • Service providers
  • Other users (where certain information, such as profile data, is visible to all users)
  • Business partners
  • Third parties in connection with a business transaction, such as merger or sale
  • Law enforcement, regulators, governmental authorities and other parties for legal reasons