PRIVACY & COOKIE POLICY OF OROUNDO MOBILE 

Effective date: May 25, 2018 

OROUNDO Mobile GmbH ("us," "we," or "our") operates the

www.culturalplaces.com website, the

www.patricktomelitsch.com weblog and the 

Cultural Places application (the "Service"). 

Data protection is taken seriously by OROUNDO Mobile GmbH, Gölsdorfgasse 4/5a, 1010 Vienna 

(hereinafter "OROUNDO"). By this "Privacy Policy" OROUNDO wants to inform you about the required data, its purpose, how we intend to use it and how you can correct or amend your information. 

The protection of your privacy is of utmost importance to us. This is the reason why compliance with the strict provisions of the law is a matter of course for us. It is our firm's belief that data protection starts with transparency. Thus, our concern is to let you know which kind of your data is stored, how we use your data and also how you can limit or even prevent such storage of your data. OROUNDO will only use your information and data provided by you inconsistency with the Austrian and European data protection laws as well with this Privacy Policy. 

We use your data to provide and improve the Service. By using the Service, you agree to the collection and use of information following this policy. Unless otherwise defined in this Privacy Policy, 

terms used in this Privacy Policy have the same meanings as in our Terms and Conditions.


1. Definitions of Personal Data 

Personal Data means data about a living individual who can be identified from those data (or from those and other information either in our possession or likely to come into our property). 


Usage Data 

Usage Data is data collected automatically either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit). 


Cookies 

Cookies are small pieces of data stored on a User’s device. 


Data Controller 

Data Controller means a person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed. 

For this Privacy Policy, we are a Data Controller of your data. 

Data Processor (or Service Providers) 

Data Processor (or Service Provider) means any person (other than an employee of the Data Controller) who processes the data on behalf of the Data Controller. We may use the services of various Service Providers to process your data more effectively. 

Data Subject 

Data Subject is any living individual who is the subject of Personal Data. 

User 

The User is the individual using our Service. The User corresponds to the Data Subject, who is the subject of Personal Data. 

2. The scope of application 
OROUNDO expressly states that the Privacy Policy shall apply to all registered users of the websites and mobile applications listed in this section 2. 

The developer currently operates the following websites:

www.oroundo.com 

www.culturalplaces.com 

www.patricktomelitsch.com

Cultural Places App 

3. What is personal data? 


OROUNDO expressly states that the Privacy Policy shall apply to all registered users of the websites and mobile applications listed in this section 2. 

The developer currently operates the following websites: 

www.oroundo.com 

www.culturalplaces.com 

www.patricktomelitsch.com

Cultural Places App 

Personal data includes information on personal and factual circumstances concerning an identified or identifiable person. This includes information such as your (real) name, your address or any other mail address and as well as your telephone number. Also, your e-mail address is included here from if it is connected so strongly to your name that you are identifiable. Information due to which your identity cannot be determined does not qualify as personal data. As an example, such information is all information without any connection to your name, e.g., the declaration of your sex or your age or your education or your visits to a museum. 

4. When and for which purpose will your data be stored and collected? 

Of our registered users we store an e-mail address and an ETH wallet ID for identification. We require that data to distinguish our users and to contact them. The information for identification purposes will remain stored as long as the user is not deleted. We may use your Data to contact you with relevant information that may be of interest to you, e.g., product updates, offers, news, marketing or other information. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send or by contacting us. 

5. Usage Data 

We may also collect information that your browser sends whenever you visit our Service or when you access the Service by or through a mobile device ("Usage Data"). 

This Usage Data may include information such as your computer's Internet Protocol address (e.g., IP address), browser type, browser version, the pages of our service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data. 

When you access the Service by or through a mobile device, this Usage Data may include information such as the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the kind of mobile Internet 

browser you use, unique device identifiers and other diagnostic data. 

With your access to www.culturalplaces.com, some possible identification data (IP-address) And other information (date, time, viewed page) are stored on our server for data security. An evaluation of the data does not take place, except for statistical purposes where data will only be evaluated in an anonymized form (e.g., shortened by several numbers or encrypted series of numbers regarding the IP-address; also see Section 9 “Creation of personal profiles”).


6. Use and disclosure of personal data 

("Service Providers"). These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose. 


OROUNDO uses the following Service Providers: 

Google Analytics 

Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the received data to contextualize and personalize the ads of its advertising network. 


You can opt-out of having made your activity on the Service available to Google Analytics by installing the Google Analytics opt-out browser add-on. The add-on prevents the Google Analytics JavaScript (ga.js, analytics.js, and dc.js) from sharing information with Google Analytics about visits activity. 


For more information on the privacy practices of Google, please visit the Google Privacy Terms web page: http://www.google.com/intl/en/policies/privacy/ 


OROUNDO only uses your personal information within the company and only transfers it to such companies, which are supposed to help with the fulfillment of our contract with you or otherwise engaged in the service provision 


Google AdWords 

Google Inc provides Google AdWords remarketing service.
You can opt-out of Google Analytics for Display Advertising and customize the Google Display Network ads by visiting the Google Ads


Settings page: http://www.google.com/settings/ads Google also recommends installing the Google Analytics Opt-out Browser Add-on - https://tools.google.com/dlpage/gaoptout - for your web browser.


Google Analytics Opt-out Browser Add-on provides visitors with the ability to prevent their data from being collected and used by Google Analytics.
For more information on the privacy practices of Google, please visit the Google Privacy Terms web page: http://www.google.com/intl/en/policies/privacy/ 

Twitter 

Twitter Inc provides twitter remarketing service.
You can opt-out from Twitter's interest-based ads by following their instructions: https://support.twitter.com/articles/20170405
You can learn more about the privacy practices and policies of Twitter by visiting their Privacy Policy page: https://twitter.com/privacy 


Facebook 

Facebook Inc provides Facebook remarketing service.
You can learn more about interest-based advertising from Facebook by visiting this page: https://www.facebook.com/help/164968693837950
To opt-out from Facebook's interest-based ads follow these instructions from Facebook: https://www.facebook.com/help/568137493302217
Facebook adheres to the Self-


Regulatory Principles for Online Behavioral Advertising established by the Digital Advertising Alliance. You can also opt-out from Facebook and other participating companies through the Digital Advertising Alliance in the USA http://www.aboutads.info/choices/, the Digital Advertising Alliance of Canada in Canada http://youradchoices.ca/ or the European Interactive Digital Advertising Alliance in Europe


http://www.youronlinechoices.eu/, or opt-out using your mobile device settings.
For more information on the privacy practices of Facebook, please visit Facebook's Data Policy:


https://www.facebook.com/privacy/explanation 


Payments 

We may provide paid products and/or services within the Service. In that case, we use third-party services for payment processing (e.g., payment processors).
We will not store or collect your payment card details. That information is provided directly to our third payment processors whose use of your personal information is governed by their Privacy Policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information. 


The payment processors we work with are: 

Apple Store In-App Payments 

Their Privacy Policy can be viewed at https://www.apple.com/legal/privacy/en-ww/ Google Play In-App Payments
Their Privacy Policy can be seen at https://www.google.com/policies/privacy/ ​

Apart from that, your data will not be transferred, unless you have expressly agreed to any transfer or we are obliged to disclose any data, e.g., due to an official or judicial command: 

Disclosure for Law Enforcement 

Under certain circumstances, OROUNDO may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency). 


Legal Requirements 

OROUNDO may disclose your Personal Data in the good faith belief that such action is necessary to: 

· To comply with a legal obligation 

· To protect and defend the rights or property of OROUDNO 

· To prevent or investigate possible wrongdoing in connection with the Service 

· To protect the personal safety of users of the Service or the public 

· To protect against legal liability 


Please be aware that provided information of other users, e.g., on support channels are retrievable for other users of the service. Therefore you should review your contributions

carefully before making them public to ensure that you have not included any information that It is not intended for the public. You should take into account that contributions or data that you

make publicly accessible will be recorded in search engines and be available globally, even without a specific call to our offer. The deletion or correction of such data can often not be

Enforced regarding foreign operators. There is no right of elimination of these data towards OROUNDO.


If you have registered on www.culturalplaces.com, www.patricktomelitsch.com, OROUNDO uses your data provided during the registration process, e.g. delivering a newsletter.


Personal data will not be passed on to third parties. From there excepted are only partner companies which are responsible for the technical processing for the newsletter dispatch. In

these cases, the scope of the transmitted data shall be restricted to the necessary minimum.


7. Cookies 

Cookies are small text files which can be stored on the hard drives of web site users. They enable personalized adjustments to be made to the website. Tracking technologies also used

are beacons, tags, and scripts to collect and track information and to improve and analyze our service. Furthermore, Cookies are used by OROUNDO to examine the use of the websites in

anonymized or pseudonymized form, as well as the online advertisement, to store general preferences of the user and to present a user special offers and services which meet his specific interest and can be found on the websites. Furthermore, anonymized user statistics will be

drafted, and the data will be used for market research purposes. Our advertising customers will

on no account receive data which allow to identify you. Most browsers are activated in a form that they accept Cookies automatically. You may deactivate Cookies or change the settings of your browser so that it informs you as soon as cookies are sent. However, in this event, the smooth functioning of our www.culturalplaces.com Website is no longer possible. 

Examples of Cookies we use: 

* Session Cookies: We use Session Cookies to operate our Service. 


* Preference Cookies: We use Preference Cookies to remember your preferences and 
various settings. 


* Security Cookies: We use Security Cookies for security purposes. 


8. Technical infrastructure 

(hyperlink to: http://eur-lex.europa.eu/legal- content/EN/TXT/?uri=uriserv:OJ.L_.2016.119.01.0001.01.ENG&toc=OJ:L:2016:119:TOC)


Moreover, will ensure all Digital Ocean services comply with its provisions. They provide a level of protection of privacy that complies with the EU rules. To confirm this, Digital Ocean has certified the company under the Privacy Shield. We place great importance on high-security standards. Access to data-processing systems is limited to employees of OROUNDO, encrypted via TLS and authorized via user/password and private/public key authorization mechanism. OROUNDO blocks all accesses on the data processing systems which occur on non-authorised ports. Only necessary ports and services are open. The employees of the computer center do not have password access to the data processing systems. For our Cultural Places Platform, we use 100% free software which is based on Linux. Linux is known for its outstanding safety. 

We will install necessary security updates on all production systems. 


9. Creation of personal profiles 

Our technical infrastructure is based on so-called "Root Servers" at the hosting provider Digital Ocean, LLC. Digital Ocean supports the General Data Protection Regulation (GDPR) 

We respectively third-party companies record information on the use of our Services without relation to personal information. Due to pseudonymization and anonymization of the gained

information, your privacy stays protected all the time because the information does not allow conclusions on specific persons. In particular, it is possible that the use of analytical tools (web tracking) results in the creation of specific user profiles.


We use – like almost every

website operator – analytical tools in the form of tracking software, to determine the use frequency, the number of users on our www.culturalplaces.com and www.patricktomelitsch.com website.


Therefore, we use Google Analytics, a web analysis service of Google Inc (also see Section 6). This tracking software uses Cookies which are stored on a computer of the user and technically enable analyses of the use of the website (see also section "Cookies"). The Cookie-generated information about the usage of our www.culturalplaces.com and www.patricktomelitsch.com Websites are used to create reports about the activities on the website and to provide further services in connection to the website

use. In this process, your IP-address will be made unrecognizable. Thus it will be anonymous.

With this software neither the operator of the analyzing tools nor, we can record

personal data that may reveal the identity of the user. Google Analytics can be deactivated by installing a Browser-Add-On (available under 

http://tools.google.com/dlpage/gaoptout?hl=de). 


10. Newsletter/consent according to GDPR 

You agree that OROUNDO sends you a newsletter, as well as information and advertising material about activities and service offers of OROUNDO under the General Data Protection Regulation (“GDPR”) to your e-mail address provided by you. You may revoke your consent given in this Section 10 in writing by mail to OROUNDO Mobile 

GmbH, Gölsdorfgasse 4/5a, 1010 Vienna or by e-mail office@oroundo.com at any time. 

11. Children's Privacy 

Our Service does not address anyone under the age of 14 ("Children"). 

We do not knowingly collect personally identifiable information from anyone under the age of 14. If you are a parent or guardian and you are aware that your Children has provided us with 

Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers. 

12. Information, Revocation Right, Questions 

Whenever made possible, you can update your Personal Data directly within your account settings section. If you are unable to change your Personal Data, please contact us to make the required changes.
If you wish to be informed what Personal Data we hold about you and if you want it to be removed from our systems, please contact us. 

In certain circumstances, you have the right: 

* To access and receive a copy of the Personal Data we hold about you 


* To rectify any Personal Data held about you that is inaccurate 


* To request the deletion of Personal Data held about you 
You have the right to data portability for the information you provide to OROUNDO. You can require to obtain a copy of your Personal Data in a commonly used electronic format so that you can manage and move it. 


You may request at any time and without charge information concerning the data stored about your person or a pseudonym assigned to your person. We reserve the right to provide this information electronically. Moreover, you are at any time entitled to revoke the further use of personal data in the future. 

In case of an information request or a revocation, you need to file sufficient information to your individualization (at least e-mail address and ETH wallet ID) and valid evidence that this information refers to you. 


13. Right of modification 

We reserve the right to amend the provisions of the Privacy Policy without giving any reasons at any time, whereby any such amendments shall be published on www.culturalplaces.com and/or by sending the text of the change to the e-mail address provided by the user in each case at least 30 days before any such amendments entering into force. Apart from formal requirements amendments of the Privacy Policy requires your consent.


Any modifications of the Privacy Policy come into effect within 30 days after the announcement. In case you do not accept the amended of the Privacy Policy, you may not further use the Services of OROUNDO. 


HOW TO CONTACT US 

If you have any questions or comments about this privacy policy, or if you wish to exercise your rights, please contact us in written form: 

Your contact person for data protection is Mr. Mag. Wolfgang Zissernig 

OROUNDO Mobile GmbH Gölsdorfgasse 4/5a, 1010 Vienna E-Mail: GDPR@oroundo.com 

Ohmanngasse 16/1/11, 1190 Wien, Österreich