PRIVACY AND COOKIE STATEMENT

1. GENERAL

1.1 INTRODUCTION

Lalaland B.V., having its registered office at (1013 AP) Amsterdam at Danzigerkade 11c, and all its affiliated companies (Lalaland, we, us or our) makes available it’s online imagery engine software as a service solution through its platform accessible via platform.lalaland.ai (the Platform) to companies (the Company), the employees of the Company or other persons authorized by the Company to access and use the Platform on behalf of the Company (User or you). 

Lalaland takes the careful handling of your personal data very seriously. As the party responsible for processing your personal data, we will ensure that your personal data are handled and protected with the greatest possible care. In doing so, we shall in all cases comply with the applicable laws and regulations. 

Please read this privacy policy before using our Platform. By using (part of) the Platform, you agree to this privacy policy. This privacy policy gives you an insight into the information we collect, why we collect it and what we do with it. 

 

1.2 LEGAL BASES

We process your personal data on the basis of the following legal bases which are included in the European privacy legislation: 

  1. consent;
  2. execution of an agreement;
  3. legal obligation; and
  4. legitimate interest of Lalaland.

By legitimate interests we mean among other things: advertising, marketing, security, auditing, fraud detection, (crime) prevention, (market) research and analysis and improvement of our Platform, internal management, legal affairs and business administration. Below is always indicated which basis applies to a specific processing.


2. THE PERSONAL DATA WE PROCESS, PROCESSING PURPOSES AND APPLICABLE BASES

Create an account: to create an account, you (or the Company’s representative, by giving you access to the Platform) must: (i) provide your contact information (first name, last name, phone number, (work)email address, company address, , profile picture); as well as your username and password. Depending on the processing, either ground 1., 2. or 4. applies.

Payment: for the payment of the subscription fees applicable for the use of the Platform or any additional fees to be paid by the Company to Lalaland, the Company must provide its payment details being the payment method and financial data, such as credit card and/or bank account information. Since this regards payment information of the Company this payment information does not qualify as personal data.

Information Messages: we may use your contact information (as specified above) to send information messages (not marketing communications) necessary for the use of the Platform. Ground 2. applies.

IP-address: upon each visit to the Platform your (fixed or temporary) IP address is detected. We process these data for technical and functional management in order to ensure our Website is easy to use. Ground 4. applies.

Testing and analytics: We use personal data to analyze how registered Users use the Platform. This includes using the data to detect and remedy errors and malfunctions. Ground 4. applies.

Data aggregation: In order to minimize the processing of your personal data, we may aggregate or encrypt your personal data to create anonymous data that cannot subsequently be traced back to a natural person. Ground 4. applies.

Compliance with (local) law: In order to comply with applicable law, we may be required to process your personal data for purposes other than those set out in this privacy policy, for example for law enforcement and in case of a court order. Ground 3. is applicable.

Fraud detection: We process your personal data for fraud detection and to prevent fraud and abuse. If we have a reasonable suspicion of, or determine that there has been, any fraud, scam or criminal activity attributable to you, your personal data will be processed in order to prevent you from using the Platform in the future. Depending on the processing, either ground 3. or 4. is applicable.

Customer Service: We may collect and share your personal data to provide customer service. For example, we may collect (telephone) requests and contact forms received by customer service and the related responses, together with the other contact details (as described above) and any other User information. This way we can better respond to enquiries. Depending on the processing, either ground 1. or 4. is applicable.

Marketing: To the extent permitted by applicable law, we may use your contact information (as defined above) for marketing communications, such as newsletters. You may unsubscribe from these at any time. The newsletter may also contain information and offers from other parties. Each newsletter contains a link that allows you to unsubscribe from our newsletter. The newsletter subscribers file will not be provided to third parties, unless you have given your explicit permission. Depending on the processing, base 1. or 4. is applicable.

 

3. STORAGE PERIOD OF PERSONAL DATA

We will retain your personal data for no longer than is permitted under applicable law or where we believe it is necessary and appropriate to retain your personal data for a longer period. In any event, the data required to create your account (as described above) will be retained for as long as you continue to use the Platform. After unsubscribing or deleting your account, your account data will be kept for a period up to 6 months. If you have any questions about the retention period for your personal data, please contact us using the contact details below.

Please note that we may keep collected data in an aggregated and anonymous form at any time for (market) research, analysis and/or fraud protection purposes. Ground 4. applies in this case. 


4. PROVISION OF PERSONAL DATA TO THIRD PARTIES

In the cases listed below, we are permitted to share your personal data with third parties. 

Service providers: We may share your personal information for the purposes set forth in this privacy policy with service providers which provide Lalaland with services in relation to the Platform, such as hosting, data analysis and storage, payment processing, information technology and related infrastructure, customer service, product design, product diagnostics, email delivery, credit card processing, auditing, and marketing. We only share your personal data with service providers that provide sufficient safeguards to protect your personal data. Depending on the processing, either ground 2. or 4. applies.

Competent Authorities: We disclose personal data to law enforcement authorities and other public authorities to the extent required by law or strictly necessary for the prevention, detection or prosecution of criminal offences and fraud. Ground 4. applies.

Transfer: We may transfer your personal data to third parties in the event that our organization is subject to a merger, acquisition, reorganization, sale of business units or bankruptcy. In this case we will ask for your prior consent, if this is required under applicable law. Ground 4. is applicable.

If the above organizations are regarded as processors under the European privacy legislation, we will enter into a processing agreement with them.  Processing of your personal data will only take place on our instruction and under our responsibility. 


5. TRANSFER OF YOUR PERSONAL DATA ABROAD 

For the most part, our Platform is managed and operated from the Netherlands. If personal data is nevertheless transferred to a third party abroad, this is only done to a third party in a country that, according to the European Commission, offers an adequate level of protection for personal data. In the absence of such an adequate level of protection, we will ensure that the legally required guarantees are provided, such as the conclusion of an EU model contract. At the time of drafting this privacy policy, your personal data will only be transferred abroad in the context of the services provided by i) Amazon Web Services EMEA SARL located at 38 Avenue John F. Kennedy, L-1855, Luxembourg (AWS Europe) in the field of hosting software. AWS Europe adheres to the Standard Contractual Clauses as set by the European Commission, which are incorporated in the applicable AWS Service Terms. 

If you would like further information about the transfer of your personal data outside the Netherlands, please contact us. By using our Platform, or otherwise providing information to us, you consent to the transfer of your personal data to countries outside the Netherlands.


6. COOKIES

We use cookies on the Platform. By clicking “Ok” on the cookie message on our Platform or continuing to use the Platform, you consent to cookie placement. A cookie is a simple, small file that the Platform stores on your hard drive through your browser. Information is stored in a cookie. Different types of cookies can be used per visit. Below you will find more information about the cookies used by and through the Platform and for what purposes. 

 

6.1 WHAT TYPE OF COOKIES ARE USED ON THE PLATFORM AND FOR WHAT PURPOSE

The Platform uses the different types of cookies listed below for the purposes set out below:

Analytical cookies: Analytical cookies are anonymous cookies that allow us to improve our Platform. These cookies collect information about how visitors use the Platform, such as information about the most visited pages or the number of error messages displayed. The information gathered by these cookies may not be used for marketing purposes and is not passed on to third parties.

Persistent cookies: Persistent cookies are cookies that are placed on your device during a browser session that remain stored in your device during a defined period of time. Persistent cookies allow us to recognize your device when it is used to access our Platform with a new browser session and to help you quickly sign-in to our Platform again. We may also use persistent cookies for analytical purposes. 

Session cookies: Session cookies are set during your visit and are automatically deleted as soon as you close the Platform. We remember which parts you view during a visit and adjust our Platform accordingly.

First-party cookies: First-party cookies are cookies placed on your device directly by us and can only be read by us. They can be session or persistent cookies. For example, we use first party cookies to speed up the log in process or enhance your experience of our Platform.

Third-party cookies: Third-party cookies are cookies placed on your device by third-parties we use for services embedded in our Platform. For example, they are used in relation to audience measurement analysis and to improve the relevance of the content of our Platform.

Other/unforeseen cookies: Due to the way the internet and websites work, we may not always have insight into the cookies that are placed through our Platform by third parties. This is particularly the case if our Platform contain so-called ’embedded elements’ (these are texts, documents, images or videos that are stored with another party but are shown on, in or via our Platform).

 

6.2 ADJUSTING COOKIE SETTINGS OR DELETING COOKIES

If you do not want us to place cookies on your (mobile) device, you can refuse the use of cookies via your browser’s settings or options. For each browser and each (mobile) device, you have to adjust your settings separately. Please note: it is possible that after adjusting the cookie settings, some parts of the Platform can no longer be used (correctly). If cookies have been placed by us, you can also remove them. How you do this varies from one browser to another. Consult the help function of your browser if necessary. More information about cookies can be found on the website of the ‘Consumentenbond

If you come across cookies on the Platform that we have not listed above, we kindly ask you to notify us.


7. SECURITY

We endeavor to do everything we can to protect your personal data. To this end, we use technical and organizational security measures to protect the personal data we administer against manipulation, loss, destruction and access by unauthorized persons. These security measures are constantly improved in line with technological developments. For example, [Differential Privacy and Encryption]. Furthermore, the Platform is continuously updated with the latest security updates. The Platform may contain links to external websites operated by other companies, e.g. to process payments. It is possible that they may collect personal information from people who visit their websites. We cannot guarantee the privacy policies of external websites and are not responsible for those websites.


8. YOUR RIGHTS 

You have the right to access, correct or delete your personal data at any time. To do so, please contact us using the contact details below. It is also possible for you to view, delete or change certain data yourself via the Platform under your account. Finally, we would like to point out that you also have the following rights on the basis of the European privacy legislation:

– Get an explanation of what personal data we hold about you and what we do with it;

– Access to the exact personal information we hold about you;

– to have incorrect data corrected;

– to have obsolete personal data removed;

– withdrawal of consent; and

– object to a certain use of your personal data.

If, despite our efforts to ensure the accuracy of personal data, there is incorrect information stored, we will correct it at your request.


9. COMPLAINTS 

We will be happy to help you in the event of complaints about the processing of your personal data. In the event of a complaint, please contact us using the contact details below. Under the European privacy legislation, you also have the right to submit a complaint directly to the Personal Data Authority about the way in which we process personal data.

 

10. AMENDMENT

We reserve the right to amend this privacy policy. The most recent version of this privacy policy can be found on the Website at all times. We recommend that you check regularly to see whether an updated version is available.


11. CONTACT DETAILS

If you have any questions about this privacy policy or our processing of your personal data, please contact us using the following email: hello@lalaland.ai

 

Please indicate in your email your first and last name and your login email for the Platform. Please also send the request from the email address used to create your account for the Platform and use the subject line “Personal Data Request”, so we can follow up your request properly. For your protection, we may take steps to verify identity before responding to your request.


12. VERSION

This privacy policy was last modified on [15/11/2022].