Privacy Policy

Version: 1.1

Version Date: 1 September 2024

Content

1. Introduction
2. Scope
3. Personal Data We Collect
3.1 Personal Data Provided By You
3.2 Personal Data We Collect From You
3.3 Personal Data We Collect From Other Sources
4. How We Use Your Personal Data
4.1 Personal Data We Collect From Other Sources
4.2 Automated Decision Making
4.3 Anonymised & Aggregated Data
4.4 Share Content With Friends or Colleagues
5. How We Disclose Your Personal Data
5.1 Disclosures to Provide our Services
5.2 Disclosures to Protect Us or Others
5.3 Disclosure in the Event of Merger, Sale, or Other Asset Transfers
6. International Transfer of Your Personal Data
7. Your Rights
7.1 Your Right to Withdraw Consent
7.2 Your Privacy Rights
8. Security of Your Personal Data
9. Retention of Your Personal Data
10. Children’s Data
11. Other Provisions
11.1 Third-Party Websites/Applications
11.2 Changes to our Privacy Policy
12. Contact Us

1. Introduction

Fanmeka Europe Limited (“Fanmeka”, the “Company”, “we”, and “us”) is a sports fan engagement platform. Our primary service currently offers a live streamed marketplace bring together the global sports fan community to engage, connect, buy and sell sports collectibles. This privacy policy (“Privacy Policy”) is designed to help you understand how we, in our capacity as a Data Controller (”Controller”), collect, use, and share your personal data. The Privacy Policy also helps you understand, and exercise, your privacy rights.

Where we refer to the General Data Protection Regulation ("GDPR"), unless explicitly stated otherwise, we are referring to both Regulation (EU) 2016/679 (”EU GDPR”) and the UK’s Data Protection Act 2018 (”UK GDPR”), as applicable to the particular processing of your personal data.
‍

2. Scope

This Privacy Policy applies to the processing of personal data, including on our website(s), mobile applications, and other online or offline offerings. To make this Privacy Policy easier to read, our website(s), mobile applications, and other services, offerings, sales, marketing or events are collectively called “Services”. Fanmeka is the Controller of the personal data we process, unless otherwise stated. If you wish to contact us regarding your personal data or in relation to any aspect of our approach to data privacy, please refer to Section 12 for the relevant contact details.
‍

3. Personal Data We Collect

The categories of personal data we collect depend on how you interact with us, our Services, and the requirements of applicable laws and regulations. We collect data that you directly provide to us, data we obtain automatically when you use our Services, and data from other sources such as third-party services and organisations. We describe this in detail below.
‍

3.1 Personal Data Provided By You

We collect the following categories of personal data that you provide to us.
‍

Category Number	Personal Data Category Details
1	Name & Contact Data: first and last name, email address, age, gender, phone number, postal address, nickname/user name and other similar contact data. In order to be a verified seller on Fanmeka, you must provide us with a copy of your government issued identification document (e.g. passport, driving licence, national identification card, etc.). We utilise the services of our payment processor, Stripe, to collect and verify the identity of sellers. You may find their privacy policy at https://stripe.com/privacy.
2	Credentials: passwords, password hints, and similar security data used for authentication and account access.
3	Preferences & Interests: the preferences and interests you indicate in the course of account creation and/or account maintenance.
4	Purchase Data: data and details associated with your purchases, including payment data. Any payments made via our Services are processed by Stripe. You may find their privacy policy at https://stripe.com/privacy. We do not directly collect or store any payment card data entered through our Services, but we may receive data associated with your payment card data (e.g. your billing details).
5	Content Data You Upload: photos, chat logs, general chat function content, and direct messaging content.
6	Streaming Data: video and voice recording(s) of your live streaming session(s), if and when such recordings are made.

3.2 Personal Data We Collect From You

We may collect personal data when you use our Services:
‍

Personal Data Category Number	Personal Data Category Details
7	Device Information & Identifiers: We may collect certain data when you use our Services, such as your IP address, user settings, MAC address, personal identifiers (e.g. cookies), mobile carrier, mobile advertising and other unique identifiers, browser or device data, location data (including approximate location derived from IP address), and internet service provider.
8	Analytic Data: We may collect data regarding your use of our Services, such as pages that you visit before, during and after using our Services, data about the links you click, the types of content you interact with, the frequency and duration of your activities, and other data about how you use our Services. In addition, we may collect data that other people provide about you when they use our Services, including data about you when they tag/message you.

Personal Data Category Number

Personal Data Category Details

Device Information & Identifiers: We may collect certain data when you use our Services, such as your IP address, user settings, MAC address, personal identifiers (e.g. cookies), mobile carrier, mobile advertising and other unique identifiers, browser or device data, location data (including approximate location derived from IP address), and internet service provider.

Analytic Data: We may collect data regarding your use of our Services, such as pages that you visit before, during and after using our Services, data about the links you click, the types of content you interact with, the frequency and duration of your activities, and other data about how you use our Services. In addition, we may collect data that other people provide about you when they use our Services, including data about you when they tag/message you.

3.3 Personal Data We Collect From Other Sources

We may obtain information about you from other sources, including through third-party services and organisations. For example, if you access our Services through a third-party application, such as an app store, a third-party login service, or a social networking site, we may collect information about you from that third-party application that you have made available via your privacy settings.
‍

4. How We Use Your Personal Data

We process your data for various purposes and corresponding legal basis as shown in the table below. You are not obligated to share your personal data with us. However, if you do not share personal data with us we might not be able to offer all of our Services to you.

Processing Purpose	Categories Processed	Processing Legal Basis
Manage your data and accounts (including service communication about your account, activities on our Services, and policy changes).	1, 2, 4 & 5	Necessary to fulfil our contract with you (Article 6(1)(b) GDPR).
Provide access to certain areas, functionalities and features of our Services.	1, 2 & 7	Necessary to fulfil our contract with you (Article 6(1)(b) GDPR).
Administer prize draws and competitions when you elect to participate in competitions.	1	Necessary to fulfil our contract with you (Article 6(1)(b) GDPR).
Answering requests for customer or technical support.	1, 2, 4 & 5	Our legitimate interests (Article 6(1)(f) GDPR) to provide you with customer support.
Allowing you to register for events.	1	Necessary to fulfil our contract with you (Article 6(1)(b) GDPR).
Performing research and development.	7 & 8	Your consent (Article 6(1)(a) GDPR) where such consent is required and obtained otherwise our legitimate interests (Article 6(1)(f) GDPR) to improve our services.
Detecting security incidents, protecting against malicious, deceptive, fraudulent or illegal activity, and prosecuting those responsible for that activity. When you stream on our Services we record and store your streaming session for these purposes.	1, 2, 6 & 7	Our legitimate interests (Article 6(1)(f) GDPR) to keep our systems secure e.g. against fraud, spam, malware and other security risks, and efficient and to block unauthorised users.
When you stream on our Services we record and store your streaming sessions for the purpose of transaction verification. For the same purpose such recordings can be accessed by users of our Services who purchased an item from you in your stream. Other users who only watched your stream do not have access to the recordings.	6	Our legitimate interests (Article 6(1)(f) GDPR) and those of the users buying items via our Services (to be able to carry out a verification of the transaction after it has been carried out, if necessary).
Measuring interest and engagement in our Services.	7 & 8	Your consent (Article 6(1)(a) GDPR) where such consent is required and obtained otherwise our legitimate interests (Article 6(1)(f) GDPR) to improve our services.
Improving, upgrading or enhancing our Services.	7 & 8	Your consent (Article 6(1)(a) GDPR) where such consent is required and obtained otherwise our legitimate interests (Article 6(1)(f) GDPR) to improve our services.
Developing new products and Services.	3, 7 & 8	Your consent (Article 6(1)(a) GDPR) where such consent is required and obtained otherwise our legitimate interests (Article 6(1)(f) GDPR) to improve our services.
Ensuring internal quality control and safety.	2 & 7	Our legitimate interests (Article 6(1)(f) GDPR) to keep our systems secure.
Debugging to identify and repair errors with our Services.	7	Our legitimate interests (Article 6(1)(f) GDPR) to keep our systems secure.
Enforcing our agreements and policies.	1, 3 & 4	Our legitimate interests (Article 6(1)(f) GDPR) that our agreements and policies are adhered to.
Fulfil and manage your orders, payments, returns, and exchanges made through the Services.	1, 3 & 4	Necessary to fulfil our contract with you (Article 6(1)(b) GDPR).
Processing your financial information and other payment methods for products or Services purchased.	1, 3 & 4	Necessary to fulfil our contract with you (Article 6(1)(b) GDPR).
Auditing relating to interactions, transactions and other compliance activities.	1, 2, 3 & 4	For compliance with our legal obligations (Article 6(1)(c) GDPR).
Complying with any further legal obligations, such as cooperating with law enforcement or tax authorities.	1, 3 & 4	For compliance with our legal obligations (Article 6(1)(c) GDPR).
Authenticating and verifying individual identities, including requests to exercise your rights under this policy.	1, 3 & 4	For compliance with our legal obligations (Article 6(1)(c) GDPR).
Processing your personal data we collected on conferences, trade shows and other events to reach out to you as a business contact.	1	Our legitimate interests (Article 6(1)(f) GDPR) to increase our business contacts.
Sending you newsletters and personalised and relevant marketing communications via e-mail, push notification, in-app message or similar, including through cross device tracking.	1, 3, 7 & 8	Your consent (Article 6(1)(a) GDPR) where such consent is required and obtained otherwise our legitimate interests (Article 6(1)(f) GDPR) to provide you with direct marketing materials related to our services.
To provide you with relevant marketing communications via phone calls.	1	Your consent (Article 6(1)(a) GDPR).
Carrying out surveys.	1 & 7	Your consent (Article 6(1)(a) GDPR) where such consent is required and obtained otherwise our legitimate interests (Article 6(1)(f) GDPR) to collect feedback on our services so we can improve them.
Providing interactive features (e.g., messaging and chat features, commenting functionalities, written reviews, forums, blogs, sharing highlights from live streams, invite a friend tools and social media pages). When you stream on our Services we and our users may record and store your streaming session for this purpose. If a user decides to record and store parts of a streaming session, the user determines the purpose, the legal basis, as well as the retention period of such recording independently from us.	1 & 5	Your consent (Article 6(1)(a) GDPR) where such consent is required and obtained otherwise the necessary to fulfil our contract with you (Article 6(1)(b) GDPR).
Fulfilling our legal obligations in connection with sweepstakes or contests.	1	For compliance with our legal obligations (Article 6(1)(c) GDPR).
Anonymising your personal data for statistic evaluation.	1, 2, 3, 4 & 7	Our legitimate interests (Article 6(1)(f) GDPR) to evaluate your anonymised data for statistical purposes.

4.1 Personal Data We Collect From Other Sources

We and our partners collect personal data using cookies and similar technologies. In principle, cookies and similar technologies are used either (i) based on your consent or (ii) without your consent, only if those cookies and similar technologies are strictly necessary to provide our Services, which you have requested. You can object to the use of cookies and similar tracking technologies or withdraw your consent via the settings of your mobile device, or your browser settings.

4.2 Automated Decision Making

We may engage in automated decision making, including profiling, for anti-fraud purposes. Fanmeka’s processing of your personal data will not result in a decision based solely on automated processing that significantly affects you unless such a decision is necessary as part of a contract we have with you, we have your consent, or we are permitted by law to engage in such automated decision making.

4.3 Anonymised & Aggregated Data

We may use personal data and other data about you to create anonymised and/or aggregated data, such as anonymised demographic data, anonymised purchase data, data about the device from which you access our Services, or other analyses we create.

Our Services may offer various tools and functionalities. For example, we may allow you to provide data about your friends through our referral services. Our referral services may allow you to forward or share certain content with a friend or colleague, such as an email inviting your friend to use our Services. Please only share with us contact data of people with whom you have a relationship (e.g. relative, friend, etc) and only if they have said they are happy to receive referrals from us.
‍

5. How We Disclose Your Personal Data

We disclose your data to third parties for a variety of business purposes, including to provide our Services, to protect us or others, or in the event of a major business transaction such as a merger, sale, or asset transfer, as described below.

5.1 Disclosures to Provide our Services

_The categories of third parties with whom we may share your data are described below.

Service Providers: We may share your personal data with our third-party service providers who use that data to help us provide our Services. This includes service providers that provide us with IT support, hosting, payment processing, customer service, and related services.
Business Partners: We may share your personal data with business partners to provide you with a product or service you have requested. We may also share your personal data to business partners with whom we jointly offer products or services.
Affiliates: We may share your personal data with our company affiliates for administrative purposes, including activities such as IT management, for them to provide services to you or support and supplement the Services we provide. Affiliates include sister companies and any subsidiaries, joint venture partners or other companies that we control or that are under common control with us.
Other Users / Website Visitors: As described above in Section 3 (’Personal Data We Collect’), our Services allow you to share your profile and/or User Content with other Users and publicly, including to those who do not use our Services.
Advertising Partners: With your consent, we may share your personal data with third-party advertising partners. These third-party advertising partners may set cookies and other tracking technologies on our Services to collect data regarding your activities and your device (e.g. your IP address, cookie identifiers, page(s) visited, location, time of day). These advertising partners may use this data (and similar data collected from other services) for purposes of delivering personalised advertisements to you when you visit digital properties within their networks. This practice is commonly referred to as “interest-based advertising” or “personalised advertising”.
APIs/SDKs: We may use third-party Application Program Interfaces (“APIs”) and Software Development Kits (“SDKs”) as part of the functionality of our Services.

5.2 Disclosures to Protect Us or Others

We may access, preserve, and disclose any data we store associated with you to external parties if we, in good faith, believe doing so is required or appropriate to; comply with law enforcement, such as a court order; protect your, our, or others’ rights, property, or safety; enforce our policies or contracts; collect amounts owed to us; or assist with an investigation or prosecution of suspected or actual illegal activity.

5.3 Disclosure in the Event of Merger, Sale, or Other Asset Transfers

In the event of a business transfer, such as a merger, acquisition, insolvency, restructuring or sale of all or part of our assets, or due diligence procedures in connection with a potential transfer of all or part of the business, the data we collect and process may be disclosed (inter alia to professional advisers involved), co-sold or transferred as part of that transaction based on our legitimate interest to transfer our business (Article 6(1)(f) GDPR). If such a transfer is subject to additional restrictions under applicable law, we will comply with those restrictions.
‍

6. International Transfer of Your Personal Data

Currently, your personal data is processed and retained within the European Union (”EU”) and we don't expect any significant changes to these arrangements. However, in the event of a legitimate and legally permissible purpose, we may transfer personal data that we collect from you to third parties located in countries that are outside of the EU and the UK, including to the United States of America (”US”), or to members of our group of companies in connection with the above purposes. Please be aware that countries which are outside the EU and UK may not offer the same level of data privacy and protection as the EU and the UK, although our collection, storage and use of your personal data will always continue to be governed by this Privacy Policy.

In the event that we transfer personal data outside the EU and the UK, we will:

include the standard contractual data protection clauses or addendum approved by the European Commission and / or UK Government (as applicable) for transferring personal data outside the EU and the UK into our contracts with those third parties (as addressed under Article 46(2) of the EU GDPR and Article 75 of the UK GDPR). You may request a copy of such standard contractual data protection clauses from our Data Protection Officer at usersupport@fanmeka.com; or
ensure that the country in which your personal data will be handled has been deemed "adequate" by the European Commission and / or UK Government (as applicable) under Article 45 of the EU GDPR and Article 74 the UK GDPR.

You can find further information about the rules on data transfers outside the EU and the UK, including the mechanisms that we rely upon, on the European Commission’s website (here) and on the UK Information Commissioner's Office website (here).
‍

7. Your Rights

The following categories of data processing are performed based on your consent, which you can withdraw at any time (Article 7(3) GDPR). If you withdraw your consent to us processing your personal data, this will not affect any processing which has already taken place prior to your withdrawal request.

Email: You can withdraw your consent by using the unsubscribe link found at the bottom of the email to opt out of receiving future emails. Alternatively, you may contact us using the contact details outlined in Section 12 below.

Text Messages: You can withdraw your consent by updating your preferences in your Fanmeka account. Alternatively, you may contact us using the contact details outlined in Section 12 below.

Push Notifications on Mobile Devices: You can withdraw your consent by changing the settings on your mobile device.
‍

⚠️ Important Note: The above does not apply to non-promotional communications, such as communications regarding our Services, any transactions you enter into via our Services, or updates to our Terms of Service or this Privacy Policy.

‍

Cookies & Interest-Based Advertising: You may stop or restrict the placement of technologies on your device by adjusting your preferences regarding cookies and similar tracking technologies by adjusting your preferences as your browser or device permits.

Other Processing Activities Based on Consent: You can withdraw your consent by contacting us using the contact details outlined in Section 12 below.
‍

⚠️ Important Note: Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. Please note that Fanmeka does not respond to, or honour, DNT signals or similar mechanisms transmitted by web browsers.

7.2 Your Privacy Rights

In accordance with applicable law, you have the right to:

Access Personal Data about you, including: (i) confirming whether we are processing your personal data; (ii) obtaining access to or a copy of your personal data (Article 15 GDPR);
Request Correction of your personal data where it is inaccurate, incomplete or outdated. In some cases, we may provide self-service tools that enable you to update your personal data (Article 16 GDPR);
Request Deletion, Anonymisation or Blocking of your personal data when processing is based on your consent or when processing is unnecessary, excessive or noncompliant (Article 17 GDPR);
Request Restriction our processing of your personal data under certain circumstances (Article 18 GDPR);
Request data portability and receive an electronic copy of personal data that you have provided to us (Article 20 GDPR);
Request the review of decisions taken exclusively based on automated processing if that could affect data subject rights.

If you wish to exercise any of these rights, you may contact us as described in Section 12 below. We will process such requests in accordance with applicable laws.

Also you have the right to lodge a complaint to the Irish Data Protection Commission here or an EU data protection authority where you live, work or where you believe a breach may have occurred, see the contact details of the EU Data Protection Authorities here.
‍

8. Security of Your Personal Data

We take steps to ensure that your data is treated securely and in accordance with this Privacy Policy. Unfortunately, no system is 100% secure, and we cannot ensure or warrant the security of any data you provide to us. We have taken appropriate safeguards to require that your personal data will remain protected and require our third-party service providers and partners to have appropriate safeguards as well. To the fullest extent permitted by applicable law, we do not accept liability for unauthorised disclosure.

By using our Services or providing personal data to us, you agree that we may communicate with you electronically regarding security, privacy, and administrative issues relating to your use of our Services. If we learn of a data protection breach, we may attempt to notify you electronically by posting a notice on our Services, by mail or by sending an email to you.
‍

9. Retention of Your Personal Data

We store the personal data we collect as described in this Privacy Policy for as long as you use our Services or as necessary to fulfil the purpose(s) for which it was collected, provide our Services, resolve disputes, establish legal defences, conduct audits, pursue legitimate business purposes, enforce our agreements, and comply with applicable laws.
‍

10. Children’s Data

As stated in our Terms of Service, you must be at least 18 years old in order to create an Account or use the App. Accordingly, our Services are not directed to children under 13 (or other age as required by local law), and we do not knowingly collect personal data from children.

If you are a parent or guardian and believe your child has uploaded personal data to our site without your consent, you may contact us as described in Section 12 below. If we become aware that a child has provided us with personal data, in violation of applicable law, we will delete any personal data we have collected, unless we have a legal obligation to keep it, and terminate the child’s account.
‍

11. Other Provisions

11.1 Third-Party Websites/Applications

The Services may contain links to other websites / applications and other websites / applications may reference or link to our Services. These third-party services are not controlled by us. We encourage our users to read the privacy policies of each website and application with which they interact. We do not endorse, screen or approve, and are not responsible for, the privacy practices or content of such other websites or applications. Providing personal data to third-party websites or applications is done so at your own risk.

11.2 Changes to our Privacy Policy

We may revise this Privacy Policy from time to time at our sole discretion. If there are any material changes to this Privacy Policy, we will notify you as required by applicable law. You understand and agree that you will be deemed to have accepted the updated Privacy Policy if you continue to use our Services after we have notified you of the material amendments to this Privacy Policy.
‍

12. Contact Us

If you have any questions about our privacy practices or this Privacy Policy, or to exercise your rights as detailed in this Privacy Policy, please email us at usersupport@fanmeka.com.