1) WHO WE ARE
Useberry User Testing Technologies IKE is a Greek private company seated at Athens, Greece and operating from the same address. Useberry User Testing Technologies IKE (“Useberry” or “we” or “our” or “us”) owns and controls Useberry services, and provides access to the Useberry website, at the URL: https://www.useberry.com and all subdomains under the https://www.useberry.com domain and related properties (the “Website”), software, data and materials accessed via the Website (the “Services” or “Properties”).
2) WHAT IS USEBERRY AND HOW IT WORKS
Useberry is a platform that provides app publishers, designers and developers (from now on ‘Researchers’) with the tools to create and conduct UI/UX research (from now on ‘User Tests’) to real users (from now on ‘Testers’) on their app prototypes, that is, before proceeding to developing their app.
There is a variation of ways to distribute these User Tests:
For an app that is already published and the Researcher wants to test changes or new features, the User Tests can address Testers:
For a new app, not yet published:
In the case of third-party apps, Useberry is establishing a network of publishers of app for smartphones and websites (from now on ‘Publishers’) who will distribute User Tests to their audience for a compensation, in a similar way they are distributing video ads.
3) DESCRIPTION OF THE USER TEST YOU ARE GIVEN
The User Test you are given is not a real app, but rather a simulation of a real app. It only consists of images that are connected to each other. It bears no kind of actual functions whatsoever. So, no real action will occur while you are in this app simulation environment.
Before you begin the User Test, you will be given a task. As soon as you perform the action that is associated with the completion of this task, the test will terminate.
While you are in the environment of the User Test, all kinds of buttons, like Share, Follow, Save, Like, Bookmark, Login, Reset, Cancel, Pay etc. and all kinds of fields, like Username, Password, Email e.t.c are fake and thus lead to no real action. In no case will this simulated app connect to any kind of social network app or to any other app in your smartphone, and in no case will this simulated app save any kind of text you may type. If, in the process of completing your task, you are asked to fill in a text field, such as Username, Password, Email, etc., you are welcome to insert random text. The text you will insert will not be recorded anyway.
After termination, up to three optional sessions may follow in which you might want to participate:
Choosing to skip the above sections does not affect the results of the User Test or the fact that you have successfully completed it.
4) USER DATA AND INFO WE COLLECT AND PROCESS
4a) “TESTER METADATA”
a1) FOR TESTERS REACHED VIA MOBILE PHONE:
Data received automatically by Useberry when a user connects to the app with which Useberry’s software interoperates (“Tester meta-data”).
When a user connects to a mobile application, which cooperates with Useberry, a specific set of user’s device data is automatically sent to Useberry servers. Such data, depending on the user’s mobile operating system, on the susceptibility of the application to receive such data and on the availability of such may be:
All such data received automatically by Useberry do not contain data which are able to lead to the identification of the natural person using the Mobile Device.
All such data are completely anonymous.
Most of the above data will not be sent/received by Useberry every time a user accepts this policy and chooses to participate in a User Test. Aforementioned data may be collected only if such a collection is necessary in order to meet certain User Test parameters and technical criteria (e.g if Useberry needs to micro-target a User Test with the help of beacon data (Bluetooth devices), Useberry may enable retrieval of such data in order to achieve better targeting).
If the user who is offered to participate in a User Test chooses not to participate or declines acceptance of this policy, Useberry will not proceed to any further collection of user data but can at all times use and process already collected response meta-data.
a2) FOR TESTERS REACHED VIA WEBSITES:
Data received by Useberry when a user visits a website with which Useberry’s software interoperates through the placement of a Useberry Cookie.
4b) DATA COLLECTED THROUGH THE USER TESTING PROCESS (CONTENT DATA)
4c) DATA VOLUNTARILY SUBMITTED BY THE TESTER
Useberry also collects and processes:
c1) Demographic data that the Tester is optionally asked to submit (such as Tester’s gender, age group, interests etc) that is processed and stored by Useberry in order to form targeted audiences for subsequent User Tests.
c2) Direct Personally Identifiable Data (such as Tester’s name, e-mail address etc) which the Tester voluntarily consents to send to the Researcher through Useberry for any reason e.g. in order to participate in competitions for prizes or for other contact or promotional purposes which shall be communicated to you by Useberry when you will be asked to provide such Data.
5) HOW WE USE DATA
Useberry collects, processes and analyzes data and provides its clients, the Researchers, with statistical charts, data, info, and tools/options for further analysis, related to the results of a User Test. Correlation/association of all data and info received/deduced by Useberry during the User Test process and all prior-to User Test /after- User Test processes, are also conducted in order for Useberry to be able to provide services to its clients. Useberry may at all times correlate or associate collected Tester meta-data and collected content data with data voluntarily submitted by the Tester, except for Direct Personally Identifiable Data, described in section c2, which Useberry will never correlate with any other data. Direct Personally Identifiable Data will be stored and sent to the Researcher only for the purpose of conducting a draw for a Prize.
Furthermore, all data collected and processed by Useberry, in any manner and form, including Tester meta-data, all content data, voluntarily sent data and all further analyses pertaining to a User Test are and remain at all times Useberry proprietary material, and are included in Useberry’s proprietary databases.
Please also note that:
We may disclose data collected by us (including Direct Personally Identifiable Data, such as name, e-mail address etc. which the user sends to Useberry in order to participate in competitions), if required to do so by law or in the good-faith belief that such action is necessary to comply with state and federal laws in response to a court order, judicial or other government subpoena or warrant, or to otherwise cooperate with law enforcement activity or other legal processes. We also reserve the right to disclose data collected by us, as we believe, in good faith, is appropriate or necessary to take precautions against liability; to protect Useberry and others from fraudulent, abusive, or unlawful uses or activity; to investigate and defend ourselves against any claims or allegations; to assist government enforcement agencies; to protect the security or integrity of the Service and our other property; or to protect the rights, property, or safety of us, our users, or other persons or entities.
Finally, we use commercially reasonable physical, managerial, and technical safeguards in an effort to preserve the integrity and security of your personal information. All data and responses are transferred above HTTPS/SSL secure channels to ensure the secure exchange of data between the users’ devices and Useberry servers. We cannot, however, ensure or warrant the security of any information you transmit to us, and you do so at your own risk. Once we receive your transmission of personal information, we make commercially reasonable efforts to ensure the security of our systems. Please be aware, however, that this is not a guarantee that such personal information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. If we learn of a security systems breach, then we may attempt to notify you electronically so that you can take appropriate protective steps. We may post a notice through the Service if a security breach occurs.
Useberry may at all times use, transfer, process, develop and exploit at its sole discretion all elements, data or content included in such Useberry Databases for any legal, commercial or other purposes.
Useberry does not collect and does not share with any entity whatsoever any sensitive or “special categories of data” including but not limited to financial account numbers, Social Security numbers, pharmaceutical prescriptions or medical records.
6) RECIPIENTS OF DATA
Useberry is the main recipient of data and Useberry may share, transfer or license, in whole or in part elements such data to third parties such as our client-researchers, app-publishers or other Useberry clients (collectively “Clients”). You hereby give your consent for the lawful processing of your data by our Clients, with whom we share such data.
We require from our clients to abide by the GDPR and/or the EU-US/SWISS-US privacy shield, in relation to their processing of your data.
Useberry may share, transfer or license such data to marketing companies, advertisers or other ad-serving companies who may use (or further sublicense) the data with the purpose of serving advertisements.
Useberry does not itself collect (and does not allow third parties to directly collect e.g. via third-party cookies), user multi-site or cross-app data through the operation of the Useberry platform. However, Useberry may share or license Useberry-collected data with third entities which, after having received Useberry data, may themselves associate them with other data (including multi-site data or cross-app data) previously collected/owned by them or licensed to them by other (non-Useberry and non-Useberry-affiliated) sources. Such third-party entities, depending on their business scope, may engage in Online Behavioral and Interest-based Advertising, allowing advertisers to infer interests and serve ads to users based on their activity and location over time. For the transfer or licensing of Useberry-collected Data to aforementioned entities (although such transferred/licensed data does not in itself include any cross-app or multi-site data) we require from clients to be compliant: with the DAA (Digital Advertising Alliance) to be found at http://www.aboutads.info/ (as each set of principles may be amended from time to time by the DAA or any successor entity to the DAA, and all interpretations of the DAA’s Self-Regulatory Principles, whether by the DAA itself or by the Council of Better Business Bureaus in an accountability proceeding or otherwise); the NAI self-regulatory principles to be found at http://www.networkadvertising.org/ (as the Code may be amended from time to time by the NAI or any successor entity to the NAI, and all interpretations of the NAI’s Code of Conduct by the NAI itself or any successor entity to the NAI); the Principles of the European Interactive Digital Alliance (“EDAA”), currently available at (http://www.edaa.eu/european-principles/), as each set of principles may be amended from time to time by the EDAA or any successor entity to the EDAA; any other relevant FTC, NAI or DAA code, principles or other guidance relating to the collection and use of data or serving of advertising or other Targeted content in the mobile environment; all United States Federal Trade Commission (“FTC”) rules and guidelines regarding the collection, use or disclosure of information from or about a unique user of a website, application or mobile website and/or the device associated with such user.
Please also note that:
We may work with third-party service providers to provide maintenance services, data analysis, service hosting, and other services for us. These third parties may have access to or process data/information collected by us as part of providing their contracted services to us. Useberry complies with applicable Data Protection legislation and cooperates with reliable cloud hosting service providers. Useberry cooperates with such cloud hosting providers who are either located within the E.U. (and therefore are obliged to comply with all EU Data Protection Laws and Regulations) or may be located in the US. In the latter case, US located cloud hosting providers are selected by Useberry, on grounds of US providers being certified members of the U.S. – EU Privacy Shield companies (https://www.privacyshield.gov/list ).
We may disclose data collected by us (including Direct Personally Identifiable Data, such as e-mail address etc. which the user sends to Useberry in order to participate in competitions), if required to do so by law or in the good-faith belief that such action is necessary to comply with state and federal laws in response to a court order, judicial or other government subpoena or warrant, or to otherwise cooperate with law enforcement activity or other legal processes. We also reserve the right to disclose data collected by us, as we believe, in good faith, is appropriate or necessary to take precautions against liability; to protect Useberry and others from fraudulent, abusive, or unlawful uses or activity; to investigate and defend ourselves against any claims or allegations; to assist government enforcement agencies; to protect the security or integrity of the Service and our other property; or to protect the rights, property, or safety of us, our users, or other persons or entities.
We require from all third parties with whom we share your data to agree and warrant that all the processing operations in which they engage shall be lawful and compliant with the provisions of the GDPR (even if not applicable directly by Law to their business) and/or the EU-US/SWISS-US Privacy Shield and any further Data Protection Legislation which may be applicable to their business. We also require that they provide, in particular in terms of expert knowledge, reliability and resources, sufficient guarantees to implement appropriate technical and organisational measures in such a manner that processing will meet the requirements the GDPR (even if not applicable directly by Law to their business) and/or the EU-US/SWISS-US Privacy Shield and ensure the protection of the rights of the data subject.
Finally, we use commercially reasonable physical, managerial, and technical safeguards in an effort to preserve the integrity and security of your personal information. All data and responses are transferred via HTTPS/SSL secure channels to ensure the secure exchange of data between the users’ devices and Useberry servers. We cannot, however, ensure or warrant the security of any information you transmit to us, and you do so at your own risk. Once we receive your transmission of personal information, we make commercially reasonable efforts to ensure the security of our systems. Please be aware, however, that this is not a guarantee that such personal information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. If we learn of a security systems breach, then we will attempt to notify you electronically so that you can take appropriate protective steps. We shall post a notice through the Service if a security breach occurs and we shall notify the personal data breach to the supervisory authority without undue delay and, where feasible, not later than 72 hours after having become aware of it, in case the personal data breach is likely to result in a risk to the rights and freedoms of natural persons.
Useberry is GDPR compliant. Useberry takes all necessary actions to comply with COPPA and protect the rights and safety of Minors. By minors, we mean individuals under the age of majority in their residence. We make efforts to exclude Minors from any collection of data and therefore we delete any information and data that has come to our attention that is related to Minors without any notice. If has it comes to your attention anything regarding this issue please contact us immediately.
Useberry processes Personal Data in accordance with the GDPR requirements directly applicable to Useberry’s provision of its services, which came into force on 25 May 2018. In particular, Useberry processes personal data only in accordance with GDPR data protection principles and GDPR data protection provisions. Useberry also implements appropriate technical and organizational measures and demonstrates compliance and ensures that both in the planning and implementation of processing activities, data protection principles and appropriate safeguards are addressed and implemented (data protection by design and default).
7.2 YOUR PRIVACY RIGHTS
In your capacity as a data subject whose data is collected and processed by Useberry, we inform you that you have the rights provided to you under the GDPR and, in particular, you have (a) the right to withdraw your consent at any time and without detriment, without affecting the lawfulness of processing based on consent before its withdrawal, by notifying such withdrawal to us via email with the subject “Data processing consent withdrawal” at the following email address email@example.com; (b) the right to request from Useberry access to and rectification or erasure of personal data or restriction of processing concerning you and to object to processing as well as the right to data portability; (c) the right to receive notification regarding rectification or erasure of your personal data or restriction of processing that is takes place following your request; (d) the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, and (e) to lodge a complaint with a supervisory authority.
7.3 CONTACT INFO/REPRESENTATIVE IN THE EU/DATA PROTECTION OFFICER
Please contact us with any questions or comments about this Policy, your personal information, our third-party disclosure practices, or your consent choices by email: firstname.lastname@example.org.
Useberry designates as its representative in the EU, who acts on Useberry’s behalf and who may be addressed by any supervisory authority and be subject to enforcement proceedings in the event of non-compliance with the GDPR by Useberry, Mr. Thodoris Tokis, who can be contacted at the following address: email@example.com. Useberry remains fully liable under the GDPR. Useberry appoints as a Data Protection Officer Thodoris Tokis, who can be contacted at the following address: firstname.lastname@example.org.
8) OPT-OUT MECHANISMS
Useberry provides you with a set of tools in order for you to be able to control the collection and processing of your data either by Useberry or by Useberry clients with which Useberry may share the data it collects:
By following the instructions below, Useberry shall stop sending to you any User Tests in the future and shall stop collecting or processing any further data about you.
In order to disable user tests from within your app, please visit your Google Settings on your phone in the Ads section and copy your Advertising Identifier.
In order to disable user tests from within your app, please visit your Privacy section in Settings and then choose Advertising. After that, you can enable Limit Ad Tracking. If you are able to retrieve your Advertising Identifier, please copy it and read below in order to opt out.
You can disable user tests from your browser by finding Useberry cookie placed by the web plugin. In order to find the cookie stored by Useberry web plugin, you need to open the cookie section within your browser and filter cookies with the domain name of the website that hosts Useberry web plugin. Then once you see the list with all the cookies from that website you need to copy the value of the cookie “uuid”.
For any of the three options above, please get in contact with us at email@example.com with email subject: “opt me out” and message: the information you copied before (Advertising Identifier or cookie “uuid”).
Resetting your Advertising Identifier
You can also at all times reset your Advertising identifier from the relevant setting section of your mobile device. If you choose to do so, all data previously collected about the user and associated with the Advertising identifier cannot be correlated or associated with the new Advertising Identifier obtained after the resetting.
You can at any time erase any user test related profile created by Useberry platform around your mobile device or browser by following the instructions below:
Visit your Google Settings and then in Ads section choose to reset your Advertising Identifier.
Visit your Privacy section in your Settings and then choose Advertising. After that, you can reset your Advertising Identifier.
Open your cookies section in your browser and delete Useberry cookie.
By following the aforementioned procedures, your mobile device or browser will consider you as a completely new user for Useberry platform and will ignore previous user tests related profiles.
9) REPRODUCTION OF USER TEST CONTENT BY THE TESTER AND RELATED MATTERS
APPLE, GOOGLE AND AMAZON ARE NOT A SPONSOR NOR ARE INVOLVED IN ANY WAY IN THIS CONTEST/DRAW. NO APPLE PRODUCTS ARE BEING USED AS PRIZES.
10) GOVERNING LAW & MISCELLANEOUS
11) CHANGES AND UPDATES TO THIS POLICY
Useberry reserves the right to modify the terms and conditions of the present Agreement or alter or end its services at any time at its sole discretion. You are responsible for ensuring that you will regularly review the present Agreement. If you choose to continue using Useberry services after any modifications to the present terms are made, you will be considered to have fully and unconditionally accepted the aforementioned modifications to this Agreement.
Last Updated: 01-09-2018