Thank you for interest in our Selfie Mirror. On this page you will find information on how we, ITAB Guidance AB, with company registration number 556065-3866, and registered address at Instrumentvägen 2, 550 09 Jönköping, Sweden, (“Data Controller”), processes your personal data in connection with the usage of the Selfie Mirror.
In accordance with the statutory requirements of the General Data Protection Regulation ((EU) 2016/679) we are committed to inform you of your legal rights and how we are handling your personal data in connection with the usage of the Selfie Mirror.
The Selfie Mirror automatically recognizes when a face is looking at the display and starts interacting. However, a recording or other processing of personal data only takes place by taking a photo if you have given your verbal consent. This consent constitutes the legal basis for the processing of your data within the meaning of Art. 6 para. 1 (a) of the GDPR.
You can withdraw your consent at any time with effect for the future. In the case of photographs that you have not selected as a cover photo, the withdraw will be made immediately by your selection of the preferred photo. All other photos which have been taken in connection with the usage of the Selfie Mirror will be deleted immediately. Your cover photo will be stored up to 12 months after the photo was taken. You can request the deletion of the photo and thereby withdraw your consent by sending us an email to: firstname.lastname@example.org. In order to identify you, we need the URL of the picture from the QR Code.
If you scan the QR Code on the display of the Selfie Mirror and subsequently visit our landing page, the web server processes the following data:
This processing is necessary to connect your mobile device to the web server. The collection and processing of this data also serves the purposes of ensuring system security and stability, error and performance analysis as well as for internal statistical purposes. We will retain and evaluate this information on the visits to the website and about the functions used (e.g. download, print or share) for analytic purposes in order to understand how we can optimise our website and our marketing campaigns. In the aforementioned purposes, we have a legitimate interest in data processing pursuant to Art. 6 para. 1 (f) of the GDPR.
In order to enable the use of certain functions of our website, we use so-called cookies. These are small text files that are stored on your end device. Cookies store certain settings about your browser and data about the exchange with the website. When a cookie is activated, it can be assigned an identification number that identifies your browser and allows the use of the information contained in the cookie. The cookies used on our website are deleted after the end of the browser session, i.e. after closing your browser (so-called session cookies).
Most web browsers automatically accept cookies. However, you can configure your browser to prevent cookies from being stored on your computer or to always display a message when you receive a new cookie. On the following pages you will find explanations on how to configure the processing of cookies:
Disabling or rejecting cookies may prevent you from using the features of the website. Our legitimate interest within the meaning of Art. 6 para. 1 (f) GDPR is the legal basis for the data processing described above.
The personal data described is processed by Ombori Apps AB, with company registration number 556841-1333, (Centralplan 17, 111 20 Stockholm, Sweden), on our behalf. The personal data described is stored on servers of Microsoft Ireland Operations Limited (One Microsoft Place, South County Business Park, Leopardstown, Dublin 18 D18 P521) in the Netherlands.
In addition, your data may be disclosed if we are legally obliged to do so or if this is necessary to safeguard our rights, in particular to enforce claims arising from the use of the Selfie Mirror or the website.
Our legitimate interest within the meaning of Art. 6 para. 1 (f) GDPR is the legal basis for the data processing operations described.
You have the following rights with regard to your personal data:
It is forbidden for children under 16 years of age, to transmit personal data about themselves to us. If we detect that such data has been transmitted to us, it will be deleted from our server. The parents (or legal guardians) of the child may contact us and request deletion of the data. For this purpose, we require a copy of an official document confirming you as a parent or guardian.
Last update: December 2019