Privacy Policy

We believe that your privacy is very important and we act accordingly. This Privacy & Cookies Policy describes Mappo’s policies and procedures on the collection, use and disclosure of your information when you use the services provided on our website.

By using any part of the Mappo website/web App/mobile app/incar app, you consent to the collection and use of your personal information as outlined in this Privacy Policy and to the collection, processing and maintenance of this information in any applicable countries. Please note, that We will not use or share your personal information with any third party except as described in this Privacy & Cookies Policy.

Who We Are and How to Contact Us

Booksonmap Ltd. which is the operator of Mappo (hereinafter: “Mappo”, “We” or “Us” or “Our“), creates a map layer of location-based culture oriented content, inter alia, for a unique and interesting travel experience that allows users to explore destinations at its best and information services to visitors of the Website (hereinafter: “Services”).

Mappo may be acting as data controller, which means that Mappo determines what data is collected, how this data is used and how the data is protected or as data processor, which means that Mappo acts on behalf of a controller.

The following distinction may be made between the various Services, in which Mappo has in general the following role:

Service	Role
Service provided to research partners, consisting of data collection, analyses and reporting.	Processor
Service provided to the advertiser/Intermediary directly, using advertiser’s/intermediary’s technology.	Processor
Service provided to the advertiser/intermediary directly, using your contact data.	Controller
Service provided to intermediary, consisting of data as a service through third party technology.	Processor

Our registered office address is 62 Nachmani St., Tel Aviv, Israel.

If you need any clarifications about how We process personal data, or would like to exercise your data subject rights, please email Us at: contact@mappo.world. Alternatively, you can contact Us at our global HQ in 62 Nachmani St., Tel Aviv, Israel using the following postal address or telephone numbers:

Mappo Compliance Manager

62 Nachmani St., Tel Aviv, Israel Zip Code: 6579444.

Telephone: +972-525249798

Websites Within Scope

The following website/web App/mobile app/incar app is within the scope of this Privacy Policy:

web.mappo.world

This Privacy & Cookies Policy applies only to Mappo. The Services may contain links to other websites not operated or controlled by Mappo. Please remember that our Privacy & Cookies Policy is no longer in effect when you use a link to leave the above-mentioned website. Your browsing and interaction on any other websites, including those that have a link on Our website, is subject to that website’s own rules and policies. Such third parties may use their own methods to collect information about you. We are not responsible for the data collection policy and methods in such websites.

Collection of Personal Data

We collect personal data from you for one or more of the following purposes:

To provide you with information that you have requested or which We think may be relevant to a subject in which you have demonstrated an interest; and
To intermediate commercial transactions between you and third-party advertisers/companies; and
To ensure the security and safe operation of Our websites and underlying business infrastructure, and
To manage any communication between you and Mappo; and
To enable us to improve the Services and better understand our users and the markets in which we operate. For example, we may conduct or facilitate research and use learnings about how people use our Services.

Lawful Basis for the Processing of Personal Data

The table below describes the various forms of personal data We collect for each of these purposes, the lawful basis for doing so, and the period for which We will retain each type of data. We have processes in place to make sure that only those people in our organization who need to access your data can do so. A number of data elements are collected for multiple purposes, as the table below shows. Some data may be shared with third parties and, where this happens, this is also described below.

Purpose of collection	Information category	Data collected	Purpose for collection	Lawful basis for processing	Data shared with?	Retention period
1. To provide you with information	Subject matter information	Personal name, company name, geographic location, email address, phone numbers.	To provide appropriate online email, mobile application or phone information about products and Services that you have requested	Consent	Internally only	Maximum 8 years from the date the information is collected. 6 months if a marketing email is left unopened
			To provide further, related, online or email, mobile application or phone information and ongoing news updates in relation to the identified area of interest	Consent	Internally only
		Personal contact information as provided through website forms or at trade shows or any other means.	General mailing list subscription	Consent	Internally only
2.Transactional information	Transaction details	Partial Internet Protocol address.	To process our Services as intermediate commercial transactions between you and third party advertisers	Consent	Internally and third party advertisers	Maximum 8 years from the date of the performance of the contract.


3. Security	Security information	Technical information, as described above, as well as any other information that may be required for this purpose	To protect our websites and infrastructure from cyber-attacks or other threats and to report and deal with any illegal acts	Legitimate interest	Internally, forensic and other organization with whom We might contract for this purpose	Relevant statutes of limitation
4.Communications	Contact information	Personal name, company name, contact details, identification details	To communicate with you about any issue that you raise with Us or which follows from an interaction between Us	Legitimate interest	Internally and, as necessary, with professional advisers	Relevant statutes of limitation

Other than the above mentioned, Mappo does not collect any “Special Categories of Personal Data” which is defined as follows: personal data, revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership; data concerning health or sex life and sexual orientation; genetic data or biometric data; information about criminal convictions and offences.

You can ask Us to stop sending you marketing messages or modify your email preferences at any time through any of the following methods:

by following the opt-out links on any marketing message sent to you; or
by contacting Us at any time using the contact details motioned above.

Storage of Personal Data

Our website and web applications are hosted in Israel or in the United States or in Europe.
Our customer relationship management, marketing and accounting systems are in Israel.
We use a Cloud Service Providers (CSPs) as part of our processing environment. Unless We specifically state otherwise, We are, in respect of all these CSPs, the data controller.
Unless We specifically state otherwise all of the CSPs that We use are Israeli located processing facilities.

Security Measures

Mappo has appropriate security controls in place to protect personal data. We limit access to your Personal Data to employees and other staff on a “need to know” basis. All such people are subject to a contractual duty of confidentiality.

We do not, however, have any control over what happens between your device and the boundary of our information infrastructure. You should be aware of the many information security risks that exist and take appropriate steps to safeguard your own information. We accept no liability in respect of breaches that occur beyond our sphere of control.

We have put in place procedures to deal with any actual or suspected personal data breach. For your information, We are obligated to inform you and the supervisory authority within the United States regarding a breach concerning your data or a risk of breach of your data within 72 hours of discovering the breach.

Your Rights Relating to Your Personal Data

As a data subject whose personal information We hold, you have certain rights. If you wish to exercise any of these rights, please contact Us using the details provided above. In order to process your request, We will ask you to provide two valid forms of identification for verification purposes. If you are within the European Union, your rights are as follows:

The right to be informed: As a data controller, We are obliged to provide clear and transparent information about our data processing activities. This is provided by this Privacy Policy and any related communications We may send you.
The right of access: You may request a copy of the personal data We hold about you, free of charge. Once We have verified your identity and, if relevant, the authority of any third-party requestor, We will provide You the related personal data We hold about you as well as the following information:

The purposes of the processing;
The categories of personal data concerned;
The recipients to whom the personal data has been disclosed;
The retention period or envisioned retention period for that personal data, and
When personal data has been collected from a third party, the source of the personal data.

If there are exceptional circumstances, regulatory, legal based or other, and We refuse to provide the information you requested, We will explain the reasons for the refusal. If requests are frivolous or vexatious, We reserve the right to refuse them. If answering requests is likely to require additional time or occasions unreasonable expense (which you may have to meet), We will inform you promptly.

The right to rectification: When you believe We hold inaccurate or incomplete personal information about you, you may exercise your right to correct or complete this data. This may be used with the right to restrict processing of your personal data to make sure that incorrect/incomplete information is not processed until it is corrected.
The right to erasure (the ‘right to be forgotten’): Where no overriding legal basis or legitimate reason continues to exist for processing personal data, you may request that We delete your personal data. This includes personal data that may have been unlawfully processed. We will take all reasonable steps to ensure erasure.
The right to restrict processing: You may ask Us to stop processing your personal data. We will still hold the data, but will not process it any further. This right is an alternative to the right to erasure. If one of the following conditions applies you may exercise the right to restrict processing:

The accuracy of the personal data is contested;
Processing of the personal data is unlawful;
We no longer need the personal data for processing, but the personal data is required for part of a legal process, and
The right to object has been exercised and processing is restricted pending a decision on the status of the processing.

The right to data portability: You may request your set of personal data be transferred to another controller or processor, provided in a commonly used and machine-readable format. This right is only available if the original processing was on the basis of consent, the processing is by automated means and if the processing is based on the fulfilment of a contractual obligation.
The right to object: You have the right to object to our processing of your personal data where:

Processing is based on legitimate interest;
Processing is for the purpose of direct marketing;
Processing is for the purposes of scientific or historic research;
Processing involves automated decision-making and profiling.

Withdraw consent:This right only exists where We are relying on consent to process your personal data. If you withdraw your consent, We may not be able to provide you with access to the certain specific functionalities of our website and Services. We will advise you if this is the case at the time you withdraw your consent.

We may also collect, use and share “Aggregated Data” such as statistical or demographic data for any purpose. Aggregated Data may be derived from your Personal Data, but once in aggregated form it will not constitute Personal Data for the purposes of the GDPR as this data does not directly or indirectly reveal your identity. However, if We combine or connect Aggregated Data with your Personal Data so that it can directly or indirectly identify you, We treat the combined data as Personal Data which will be used in accordance with this Privacy & Cookies Policy.

Use of Cookies and Log files

Please note that we use “cookie” technology and users’ IP addresses to customize and enhance Your online experience on the Platform. Cookies are pieces of information transferred to Your hard drive when You use the Website that automatically identify Your browser to Our server whenever You interact with Our website. This technology allows Us to improve the way Our website works in order to maximize your browsing experience. Such technology is a common feature of many websites and is necessary in order for certain features of Our website to function properly or in order to provide an online service to you.

In addition, from time to time, we use the cookie services of third parties as specified hereunder:

Google Analytics – in order to collect data about website usage. This data does not include personally identifiable information. You can view the Google Privacy Policy here: google.com/policies/privacy/.
Google Remarketing – in order to market products and services we believe may interest you. You may be exposed to our adverts on Google’s Display Advertising Network of partner websites and Google’s own search results pages. We aim to carefully select the products and services we remarket to you, and do so based on the pages you have visited on our Website. To opt out of Google Remarketing, You may customize the browser settings of Your Device to notify You when a browser cookie is sent or to refuse browser cookies altogether.
Facebook – we use a Facebook pixel to obtain information regarding the activities that users engage in while visiting our Website. For information on Facebook’s Privacy and Cookie policy, visit https://www.facebook.com/policies/cookies/.
Push Crew – we use Push Crew services for efficient marketing without spamming You. For more information about Push Crew Privacy policy: https://vwo.com/privacy-policy/.
Mouseflow – we use mouseflow services to analyze the activity in our web site with various instruments including cookies in order to improve the website marketing. For more information about Mouseflow Privacy policy: https://mouseflow.com/privacy/.

The third parties mentioned above are completely independent and we do not control any of them. You may customize the browser settings of your device to notify You when a browser cookie is sent or to refuse browser cookies altogether. Please be advised that if you decide to refuse/block cookie activity, some parts of Our website won’t work properly or not at all. Thus, potentially reducing your options at Our website. Please check your browser for instructions on how to make these adjustments.

We also follow a standard procedure of using Log files. The information collected by Log files include internet protocol (IP) addresses, browser type, internet service provider (ISP), data and time stamp, referring/exit pages, and possibly the number of clicks. These are not linked to any information that is for analyzing trends, administering the site, tracking users’ movement on the website, and gathering demographic information.

Changes to this Policy

Mappo will occasionally update this Privacy Policy. When we do, we will also revise the “Last Updated” date at the top of the Privacy Policy. If we make any material changes to this Policy, those changes will be posted here so that you are always aware of what personal information is collected, how that information is used, and under what circumstances that information may be disclosed. Your continued use of Mappo’s website following the posting of changes to this Policy will confirm your acceptance of such changes.

Contact

If you have any questions, comments, or requests regarding this Policy or the information practices of Mappo, please contact us by e-mail at contact@mappo.world

***