indaHash Rules & Agreements

Privacy Policy (as of November 29th, 2024)

  1.  General Statement

This Privacy Policy describes how we collect, use, disclose, store and protect your personal data. It applies to every indaHash website where this Privacy Policy appears in the footer, as well as every indaHash application, service or tool (collectively, the “Services”) that references this Privacy Policy, regardless of how you access or use them, including via mobile devices.

By using our Services, applications and/or registering an account with us, you accept the terms of this Privacy Policy and consent or acknowledge that we collect, use, disclose, store and protect your personal data as described in this Privacy Policy. Providing your personal data is voluntary, however, if you refuse to provide it to us, we will not be able to enter into a contract with you.

  1. What does this privacy policy cover?

This privacy policy aims to inform you about how we use your personal data that we collect in the following cases:

  1. Your visit to one of our websites or registration in the indaHash app;
  2. This privacy policy also provides information on how indaHash processes the data of its Clients, as well as the employees and associates of our Clients and potential Clients, as well as the obligations that rest on us in connection with our role as a processor of personal data;
  3. This privacy policy also explains our legal relationship to the data processed in connection with the collection, processing, and storage of Influencers’ data.

This privacy policy applies to all our Services.

III.  Who is the data controller?

By fulfilling the information obligation resulting from art. 14 Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter referred to as “GDPR”) – in connection with the collection of personal data from the Client’s representatives, the Joint Controllers of your personal data (i.e. entities that jointly determine the purposes and methods of data processing) are: IDH Media Limited with its registered office at 22 Northumberland Road, Ballsbridge, Dublin 4, Ireland and IDH Media SA with its registered office at Ulica Piękna 19, 00-549 Warsaw, Poland (hereinafter referred to as “we”, “us”, “Joint Controllers“). 

IDH Media SA and IDH Media Limited jointly manage your personal data in order to fulfil the obligations of the group of companies providing influence marketing services.

In accordance with the agreement between the Joint Controllers, IDH Media SA performs information obligations towards Clients and their representatives and ensures that each person exercises the rights of the data subject.

In accordance with the joint controllership agreement of 20 August 2021, we have jointly determined the scope of our responsibility for fulfilling the obligations arising from the GDPR, in particular we have agreed that:

  • Controller 1 undertakes to respond to requests submitted by Data Subjects in connection with the exercise of their rights under Articles 15, 16, 17, 18, 20, 21 and 22 of the GDPR. All requests submitted by Data Subjects must be responded to in accordance with the principles and within the deadlines referred to in Article 12 of the GDPR.
  • In the event that the Data Subject has submitted a request related to the exercise of their rights under Article 15, 16, 17, 18, 20, 21 and 22 GDPR to Administrator 2, Administrator 2 will forward such a request to Administrator 1 within 3 days of receiving such a request.

The joint controllers ensure the security of personal data processing by implementing appropriate technical and organizational measures.

You can assert your rights against each of us.

IV. Personal Data Protection Inspector.

We have appointed a Data Protection Inspector who can provide you with detailed information regarding the processing of your personal data.

You can contact the Personal Data Protection Inspector:

  • by e-mail: dpo@indahash.com; or
  • by mail: indaHash, ul. Piękna 19, 00-549 Warszawa, Poland – with the note “Data Protection Inspector”.

V. Personal Data

“Personal data” is information that can be associated with a specific person and that can be used to identify that specific person based on this data or on this data and other information to which we have or may have access. Any personal data that you voluntarily provide to us will be treated with the highest standards of security and confidentiality.

VI. Collection and Use of Personal Data

  1. We collect, process and store your personal data and data from any devices (including mobile devices) that you may use when:
  • using our Services,
  • creating an account with us,
  • providing us with information via a web form,
  • updating or adding information to your account,
  • resolving disputes,
  • or otherwise corresponding with us about our Services. 
  1. The personal information we collect includes: Personal information you provide to us when you use our Services or register an account with us:
  • Identification information, such as your email address,
  • Other content you generate or that is associated with your account,
  • Financial information (such as bank account numbers, name, addresses, phone numbers) in connection with a transaction,
  • You may also provide us with other information through a web form, when updating or adding information to your account, as part of resolving disputes, or when you otherwise correspond with us about our Services – support@indahash.com
  1.  We collect personal information automatically when you use our Services or register an account with us
  • We also collect information about your interactions with our Services, your communications with us. We receive it from the devices (including mobile devices) you use when you use our Services, register an account with us, provide us with information in an online form, update or add information to your account, participate in community discussions, chats or dispute resolution, or when you otherwise correspond with us about our Services. This includes the following: first name, last name, address, bank account, email, social media account details, username
  • Computer and connection information, such as statistics on page views, traffic to and from pages, referring URL, advertising data, IP address, browsing history and web log information
  1.  Personal data we collect using cookies, web beacons and similar technologies 

We use cookies, unique identifiers and similar technologies to collect information about the pages you browse. All necessary information about cookies and other technologies and their purposes is available in the Cookie Policy.

VII. Why do we process your data?

First of all, we process your personal data because

  • it is necessary for the performance of a binding contract between you and us and for the purpose of pursuing the legitimate interests of the administrator as a party to this contract, including the performance of the contract, defending against or pursuing claims in connection with this contract.
  • In addition, we process your data to enable you to use the services offered within the indaHash application
  • and to contact you in connection with the services provided.
  • If we are required to do so by law, we will also process your data for tax and accounting purposes.
  • In addition, we process your data based on our legitimate interest, which is the need to conduct analyses and statistics aimed at – on the one hand – improving the functionality and functionality of the application, and on the other – ensuring the safety and efficiency of its use.
  • We will process your data for direct marketing purposes – to inform you about news from the world of indaHash.
  • We may also process your data for the purpose of conducting proceedings related to your complaints and other claims. Such processing is based on our legitimate interest in being able to defend against claims or enforce our claims.
  • The legitimate interest of the data controller in processing the data of Influencers is described in the following section of this privacy policy: “The following part of the Privacy Policy applies to the relationship between indaHash and the Influencer.”
  • Our legitimate interest will also be to process your data for the purpose of detecting fraud and abuse and carrying out preventive measures and ensuring the security of the Service.

VIII.  Data retention period

We will store your personal data for as long as it is in accordance with applicable law and necessary and relevant for our business.

We will store your personal data for as long as required by applicable law, until the statute of limitations for claims arising from the contract, until the end of the compensation proceedings or until you withdraw your consent.

In addition, we may store your personal data from closed accounts in order to comply with national laws, prevent fraud, collect any fees due, resolve disputes, troubleshoot problems, assist with investigations, enforce our Agreement and take other actions permitted or required by applicable national law.

Your data is deleted upon your written request or after a set period after termination of all agreements with the Customer.

We will process the data of Influencers until our legal basis expires, you withdraw your consent to processing or the time required by law in administrative and legal proceedings expires.

Regardless of the retention periods for personal data that apply to us, we want you to know that we pay great attention to their currency and security. Once a month, our IT department analyses active and inactive accounts and decides to delete or update the given register.

After the storage of your personal data is no longer necessary, we will dispose of it in a secure manner in accordance with our data storage and deletion policy. Any inquiries or complaints regarding compliance with our product privacy policy can be directed to:

Contact

Data Protection Inspector:

  • by e-mail: dpo@indahash.com;
  • or by mail: indaHash, ul. Piękna 19, 00-549 Warszawa, Poland – with the note “Data Protection Inspector”.

If you discover that we have incorrect information about you, you can ask for a correction. Such a request should be made in writing or via email support@indahash.com

XIX. Your rights

What rights can you exercise as a data subject?

You can exercise the rights guaranteed to you by law in relation to the processing of your personal data by contacting us by email at support@indahash.com.

Any claim received by us will be dealt with as quickly as possible and, in any case, within the maximum period established by law from the moment of its receipt. In some cases, it may be necessary to ask for a copy of your identity document or other identification document if we need to verify your identity.

Your rights as a data subject are as follows:

  1.  Right to withdraw consent

You may withdraw your consent in relation to any processing based on it. However, we remind you that the withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.

  1. Right of access

You have the right to know what data is being processed and, if so, to obtain a copy of it, as well as to obtain information on:

  • the origin and recipients of the data,
  • the purposes for which it is being processed;
  • whether there is an automated decision-making process, including profiling;
  • the period of data storage.
  1. Right to rectification

You have the right to request the rectification of your personal data if you consider that the data we process is inconsistent with the factual state.

  1. Right to deletion

You have the right to request the deletion of your personal data if it is no longer necessary to achieve the purpose for which it was collected or if we are no longer authorized to process it.

  1. Right to data portability

You have the right to request the portability of your data in the event of processing your data based on your consent or the performance of a contract, as well as when the processing is carried out in an automated manner. If you exercise this right, you will receive your personal data in a structured format, commonly used and readable by any electronic device. You can send such data to another Administrator or request that we do it for you. We will only send such data to another Administrator if it is technically possible. 

  1. Right to restrict the processing of your personal data

You have the right to restrict the processing of your data in the following cases:

  • When you have requested the rectification of your personal data during the period in which we verify their accuracy,
  • When you believe that we are not authorized to process your data. In such a case, you can ask us to limit their use instead of requesting their deletion,
  • When you believe that further processing of your data is no longer necessary and you want us to retain them in order to pursue claims or defend against claims,
  • Where the processing is based on our legitimate interest and you have exercised your right to object, you can ask us to limit the use of your data until we verify whether such interests override yours.
  1. Right to object

You have the right to object at any time to the processing of your personal data based on our legitimate interest, including profiling.

  1. Right to lodge a complaint with a supervisory authority

Remember that at any time, if you believe that we have violated your right to data protection, you may lodge a complaint with the competent data protection supervisory authority, in the case of Poland, the President of the Office for Personal Data Protection. Ul. Stawki 2, 00-193 Warszawa.

X. Disclosure

We transfer your data to other entities if it is necessary to provide a service or enable you to participate in campaigns, required by applicable law or justified by operational necessity (e.g. hosting providers). This means that we may transfer your personal data to:

  • our (co-)employees and (co-)employees of other companies in our capital group;
  • our Clients,
  • courier companies,
  • banks and entities providing payment services,
  • our other subcontractors, provided that we entrust them with the performance of activities requiring the transfer of your data (such entities will act solely on the basis of an agreement concluded with them),
  • competent authorities, if required by applicable law.

XI. Transfer of data outside the European Economic Area (EEA)

We transfer your data only for the purpose of implementing the campaign in which you want to or can participate. Your data may only be transferred to a Client/Advertiser/Supplier outside the EEA if you participate in a campaign, outside this area. Since indaHash operates worldwide, it sometimes happens that providers of daily operational services (necessary for our operational and technological activities), including for example servers, hosting, project management platform, software, accounting platforms, etc., are located outside the EEA and also receive (or may receive) your data if necessary.

All data transfers outside the EEA are based on

  • so-called standard contractual clauses, approved by the European Commission, which ensure appropriate security standards in accordance with applicable law,
  • transfer on the basis of a decision of the European Commission (EC) stating an adequate level of protection (adequacy decision).

To exercise your rights referred to above, contact our Data Protection Officer dpo@indahash.com

You can also obtain information on the basic content of the arrangements between us (joint controllers) regarding the fulfillment of our obligations under the personal data protection regulations.

XII. Complaints about data processed through the website.

If you have any concerns about the way in which your personal data is processed through this website, do not hesitate to report your concerns to the Data Protection Officer at: dpo@indahash.com

XIII.Collection and use of technical information

We may automatically collect non-personal information about you, such as the type of web browser you are using or the website from which you connected to our website. You cannot be identified from this information and it is used only to help us provide an effective service on this website.

XIV. Security

We protect your information by using technical and administrative security measures to reduce the risk of loss, misuse, unauthorized access, disclosure and alteration. Some of the safeguards we use include firewalls and data encryption, physical access controls to our data centres and authorization controls for accessing information. If you believe that your account has been misused, please contact us.

XV. The following part of the Privacy Policy applies to the relationship between indaHash, the Client, the Subscription User, as well as the employees and associates of Clients and potential Clients.

If you are our Client, a Subscription User, or an employee or associate of our Client or potential Client, this section of the privacy policy describes our mutual relationship regarding responsibilities for personal data. It also outlines your choices regarding the use of such data, as well as your rights to access and correct your personal information.

  1. In this context, indaHash assumes the following roles in the process of personal data processing:
  • Data Controller for Clients and Subscription Users, as well as employees and associates of Clients or potential Clients (including contact, business, and billing information).
  • Data Processor when processing data on behalf of the Client (including Influencers’ data).
  1. Clients are responsible for complying with all laws and regulations that require notification, disclosure, and/or consent before transferring data to indaHash for processing. Terms not otherwise defined herein have the meanings given in the Client’s indaHash Terms of Service (the “Agreement”). In the event of a conflict between this Privacy Policy and the Agreement, the terms of the Agreement shall prevail.
  1. Use of the Subscription Service (“Subscription Service”)

Our online subscription service enables Clients to:

  • search for Influencers,
  • obtain information about the audience and effectiveness of Influencers,
  • create and manage Influencer marketing campaigns,
  • track Influencer posts.

The Subscription Service may also be used to help organize Influencer data regarding the company’s marketing strategy. Information added to the Subscription Service, either by Influencers providing their contact details or when the Subscription Service Client adds information, is stored and managed on our service providers’ servers. indaHash provides the Subscription Service to our Clients for their own marketing and customer service purposes.

A Subscription User is an employee or associate of the Client using the Subscription Service on behalf of the Client.

  1. Use by indaHash

The information we collect and manage through the Subscription Service for our own marketing purposes belongs to us and is used, disclosed, and protected according to the indaHash Privacy Policy.

Data Scope Collected by indaHash for Clients, Subscription Users, and Employees or Associates of Clients or Potential Clients:

  • Full name
  • Email address
  • Physical address
  • Phone number
  • IBAN number
  • Client company information (name, address, VAT identifier, etc.)
  1. Use by our Clients

Our Clients use the Subscription Service to create Influencer campaigns through which people can learn more about their company. When Clients use the Subscription Service, they may collect Personal Data such as:

  • Full name
  • Email address
  • Physical address
  • Phone number
  • Image
  • Social media platform username
  • IBAN number
  • Client company information (name, address, VAT identifier, etc.)
  1. indaHash does not control the content or types of information that our Clients may collect or manage using the Subscription Service. This information belongs to them and is used, disclosed, and protected according to their Privacy Policy.
  2. indaHash processes information from our Clients in accordance with their instructions and in accordance with our agreements with them, and we store it on our service providers’ servers.
  1. Our agreements with our Clients prohibit us from using this information, except as necessary to provide and improve the Subscription Service, in line with this Privacy Policy and as required by law.
  1. Purposes for Using Information Collected via the Subscription Service

We use information collected through our Subscription Service by our Clients for the following purposes:

  • To provide the Subscription Service (which may include detecting, preventing, and resolving technical and security issues);
  • To respond to requests for technical assistance; and otherwise fulfill obligations under the Client’s indaHash Terms of Service.
  1. We do not have direct relationships with individuals, “Influencers,” who provide Personal Data to our Clients. Our Clients control and are responsible for correcting, deleting, or updating information they collect using the Subscription Service. We may work with our Clients to help notify their Influencers about the collection, processing, and use of their data.

Privacy Notice Regarding Specific indaHash Products

We may provide links on our sites and services to third-party sites or services. We are not responsible for the collection, use, monitoring, storage, or sharing of any personal information by such third parties, and we encourage you to review the privacy notices of such third parties and ask them questions about their privacy practices with respect to you.

  1. Google Integrations

If you choose to integrate your Gmail application with the Subscription Service, you may use the following integrations and allow indaHash to access your Google user data:

Gmail Integration

By using the “Gmail Integration” with the Subscription Service, you will grant the Subscription Service access to information associated with your account, email messages, subject lines, and message content.

In addition, the Subscription Service will be able to read, modify, create, and send email messages from your connected Gmail account. The Subscription Service will scan the content of your email messages to identify which messages you have chosen to follow in order to provide you with the notification feature.

The subscription service will store replies, outgoing messages, email headers, message subject, aliases, time sent, and email body. Your email may contain confidential information such as the names of your contacts, private communications, or financial or medical information. You understand that correspondence you track will be visible to other users on your subscription team. 

  1.  Additional Restrictions on Use of Google User Data:

Notwithstanding anything else in this Product Privacy Policy, if you grant IndaHash access to your Gmail data through the Gmail integration, our use of that data is subject to the following additional restrictions:

  • We will use access to read, write, modify, or inspect the content of Gmail messages (including attachments), metadata, headers, and settings solely for the purpose of providing a web-based email client that allows users to compose, send, read, and process email messages, and to improve the email experience for efficiency,
  • We will not transfer Gmail account data to others unless necessary to provide and improve those features, to comply with applicable law, or as part of a merger, acquisition, or sale of assets,
  • indaHash will not use Gmail data to serve ads,
  • indaHash will not allow third parties to read this data unless you have given us permission to do so on a message-by-message basis. This is necessary for security purposes, e.g. to investigate abuse, to comply with applicable law, or for IndaHash’s internal operations when data is aggregated
  1. Mobile Applications. 

When you use our mobile application. We use mobile analytics software to better understand the functionality of our mobile applications on your mobile device. This software may record information such as:

  • frequency of use of the application,
  • events occurring within the application,
  • total usage,
  • performance data,
  • the location from which the application was downloaded.

In addition to the information collected on our websites, when you use our mobile applications, we may also collect:

  • the model and version of your device,
  • device identifier (or “UDID”),
  • operating system version,
  • your indaHash subscription service credentials.

From time to time, we send push notifications to inform you about events or promotions. If you no longer wish to receive such notifications, you can disable them at the device level. We may combine the information stored in the analytics software with personal data submitted in the mobile application. We do this to improve the services we offer and enhance our marketing, analytics, and website functionality.

  1. Single Sign-On (SSO) 

You can log in to our website using a Single Sign-On (SSO) service, such as your Facebook account. This service will authenticate your identity and give you the option to share certain personal information with us, such as your name and email address, to pre-fill our registration form. Such services may also give you the option to post information about your activities on this website to your profile page to share with others in your network.

  1. Log Files 

When you use the Subscription Service, we automatically collect information about your computer’s hardware and software. This information may include your IP address, browser type, domain names, Internet Service Provider (ISP), files viewed on our site (e.g., HTML pages, graphics, etc.), operating system, clickstream data, access times, and referring website addresses. This information is used by indaHash to operate the Subscription Service and maintain its quality. For this purpose, we combine this automatically collected data with personal data such as your name, email address, address, and phone number.

  1. What is the legal basis that allows us to process your data? We process your personal data based on:
  1. the contract between us and the Client if the Client is an individual;
  2. he legitimate interest of the controller:
    1. in the scope in which we process the data of Subscription Users and other employees and collaborators of clients using indaHash Services to fulfill the contract between us and the Client,
    2. in the scope in which we process the data of employees and collaborators of our potential clients for marketing our services (meetings, conversations, sales events),
    3. in the scope in which we process the data of employees and collaborators of our current clients to send newsletters informing about our new products and services.
  3. Consent – for sending newsletters informing about our new products and services to people who are not employees or collaborators of our current clients.
  4. Consent – regarding Subscription Users.

For more information about balancing legitimate interests in this case, please contact us at dpo@indahash.com.

XVI. The following section of the Privacy Policy applies to the relationship between indaHash and Influencer.

If you are an Influencer, this section of this Privacy Policy describes our relationship with you in terms of responsibility for personal data. Below you will find all information related to the processing of personal data and your right to maintain control over it.

  1. Role of indahash as a data processor:

This Privacy Notice describes how we collect, receive, use, store, share, transfer and process your personal data. It also describes your choices regarding its use, as well as your rights to access and correct your personal data.

  1. Indahash assumes the following roles in the process of processing personal data:
  • With regard to personal data shared by our Clients while using our Subscription Service and other Services, indaHash will process such data as a data processor, acting on behalf of the respective Client, in which case our Client assumes the role of Data Controller. In relation to this data, the Client/Subscription User will be responsible for informing you about their privacy practices and the processing of your personal data.
  • Data Controller of personal data that indaHash obtains from publicly available online resources, including data that you voluntarily share on your social media.
  • Data Controller of personal data that you provide to us during the registration process for the Service via the registration form or similar tools made available by us.
  1. What are the requirements for providing us with your personal data?
  • In order to provide us with your personal data, you must be at least 18 years old and/or have sufficient legal capacity to use the Service.
  • When you provide us with your data in order to use our services, you guarantee that the data and information provided are true, up-to-date, and belong to you, not to third parties.
  • Additionally, you are obliged to notify us of any changes to the data you have provided, in each case ensuring the truthfulness and accuracy of the data you have supplied.
  • indaHash reserves the right to verify your age and identification data at any time if necessary, including by requesting an official proof of age or an equivalent procedure. In case of fraud or suspicion that you are under the indicated age, we may delete, temporarily disable, and/or close your account.
  1. What type of data processing do we perform and what are its main characteristics?

Below, we explain how we process your personal data and provide detailed information regarding your privacy:

  • We collect publicly available information obtained directly or indirectly through various data sources, such as social networks and other sources; and/or the registration form and the use of the Service.
  • Publicly available information may include identification and contact data. We collect your identification data (name, username), publicly available information from your social media profile, and any other information you have openly made public.
  • During registration through our Service, we may collect the same information, as well as your email address and password, and other identification data you voluntarily provide in your account (gender, phone number, date of birth, links to your social media accounts, posting and content creation rates, profile description, and photos).
  • You may also be asked to give us consent to collect personal data from your social media accounts via API.
  • We collect and create profiles about you as an influencer to build a classification based on your reach (number of followers, audience, etc.); the context of your followers (country, demographics, industry, activities or products you create content about, potential target audience); and other relevant variables related to the social networks you are active on.
  1. What are the purposes of processing your personal data?

We process influencers’ personal data for the following purposes:

  1. For voluntary registration on our Platform, we will process your data to manage your account and provide you with access to various available features.
  2. For the Subscription Service we offer to our clients, the main purpose of processing your personal data is to enable our Clients to find influencers who match their values, target audience, and other requirements, and to help establish connections with influencers to create and manage marketing campaigns.
  1. What is the legal basis for processing influencers’ personal data?

We process influencers’ data based on:

  1. Consent: in the case of registering for our Services via the mobile application.
  2. Performance of the contract with the influencer: in the case of entering into a contract for a campaign between us and the influencer.
  3. Legitimate interest of the data controller: in the case of obtaining data from publicly available sources that you have voluntarily shared.

Legitimate interest of the data controller 

In relation to point C above, we collect and process your personal data based on our legitimate interest in providing our clients with the Subscription Service, allowing our Clients to contact you as an influencer for the purpose of creating marketing campaigns. Both Clients and Influencers mutually benefit from the availability of a channel through which they can meet and communicate via our Service. For more information on balancing legitimate interests in this case, please contact us at dpo@indahash.com. If you request registration, we collect and process your personal data and access to information on your social media account with your consent or for the performance of a contract.

Recipients of Influencers’ Personal Data.
Our Clients use the Subscription Service to create advertising campaigns carried out by Influencers. When Clients use the Subscription Service, they may collect personal data such as:

  1. Full name,
  2. Email address,
  3. Physical address,
  4. Phone number,
  5. Image,
  6. Social media platform username,
  7. IBAN number,
  8. Client company information (name, address, VAT identifier, etc.).

For more information about the recipients of personal data, please refer to the section of this privacy policy titled: “To whom do we disclose your personal data?”

7.How long do we store your data?

All of your personal data will be processed for the time necessary to achieve the purposes indicated above. We may retain your personal data longer if they are subject to a legal claim or may be relevant to future legal disputes.

XVII. Website Navigation (Cookies)
We use cookies and other tracking tools on this website to collect information about how users interact with the Website.
For more information on how we use these tracking tools, visit our Cookie Policy page.

XVIII. To whom do we disclose your personal data?

  1. Clients

Some personal data will be made available to our Clients so they can evaluate your suitability for their campaigns. This information may include public information about your social media account and related estimated statistics.

  1. Service providers

 (For example, hosting companies or platforms for sending marketing communications). Regardless of the above, these entities have signed appropriate confidentiality agreements and will process your data solely in accordance with our instructions, without being able to use them for their own purposes or beyond the service they provide to us.

  1. Public authorities

We may disclose data and any other information in our possession or accessible through our systems to the relevant public authorities when there is a legal obligation to do so and when required, for example, to prevent or prosecute misuse of services or fraudulent activities through our Service or website. In such cases, the personal data you provide to us will be stored and shared with administrative or judicial authorities.

  1. In the event of a corporate transaction: 

In the event of a merger, acquisition, sale of all or part of assets, or any other type of corporate transaction involving a third party, we may share, disclose, or transfer your data to the acquiring entity (also during the pre-transaction phase).

  1. Third parties

With your consent or on another legitimate basis: If we want to share data with third parties outside the scope of this Privacy Policy, we will always ask for your consent or inform you of this and the legitimate basis.

Please note that this Privacy Policy applies solely to the collection, processing, and use of information (related to personal data) by us through your interaction with our Services and website. Access to third-party websites you may reach through links from our Service is subject to their own privacy policies, over which we have no control. Therefore, before providing them with any personal data, we recommend that you review their privacy policies.

  1. Data subject requests

If you are a Client, Influencer, or otherwise interact with one of our Clients and no longer wish to be contacted by a Client using our Subscription Service, please contact the Client you are interacting with directly.


If you want to access, correct, change, or delete data controlled by an indaHash Client, you should direct your request to the indaHash Client (in this case, the data controller). We will cooperate with Clients to respond to requests from data subjects. 

You can request the deletion of your indaHash or Subscription Service account by sending a request to support@indahash.com. If you wish to exercise your data subject rights regarding data processed by indaHash as a controller, please refer to the information in this Privacy Policy available in the “Your Rights” section.

XIX. Changes to this policy
We periodically update this Privacy Policy. We will post any changes on this page, and if the changes are significant, we will provide an update via the Service, application, or newsletter. While we will notify you of any significant changes to this Privacy Policy before they take effect, we encourage you to review this policy periodically. We will also keep previous versions of this Privacy Policy in an archive for review.