Privacy Policy for the Crystal Missions Applications and Websites

1. I. Introduction

   1. This Privacy Policy (“Policy”) constitutes a part of Terms of Use and Service Agreement (“Terms”) regarding provision of services by electronic means by the Provider to individual end user (“User”). The Terms might be found at https://crystalmissions.com/privacy.
   2. The provider is a Slovak company Crystal Missions, s. r. o., with its registered office at Karola Salvu 1985/9, 034 01 Ružomberok, Slovak Republic, Identification Number: 52 919 871, registered in the Commercial Register of the District Court Žilina, Section: Sro, Insert No.: 74039/L (“Provider”).
   3. The content of this Policy applies to Users using (i) one or more of the Provider´s Applications as set forth Section XIII (6) of Terms that Provider makes available for download to mobile phones, tablets, wearables and other consumer electronic or computer devices, whether directly, through third parties or on a pre-installed basis (“App” or “Apps”) and/or (ii) Provider´s websites, including crystalmissions.com and dailytunes.online (“Websites”).
   4. Services related to Apps and Websites are provided and maintained by the Provider (“Services”).
   5. This Policy explains what information are collected by Provider and/or third parties which provide to Provider partial services necessary for Apps, Websites and/or Services (“Third Party” or ”Third Parties”), how that information is used, and what are the User´s rights. This Policy does not apply to the practices of any Third Party or any other company, body or individual that Provider does not control, or any website or app to which the User might be linked to from the App or Website. The Provider assures Users that the Provider respects and protects the User´s privacy and that the data, including personal data, is processed to a minimal extent and only what is necessary to deliver Services at the highest level.
   6. The Provider process personal data following the law, including Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons about the processing of personal data and the free movement of such data, and repealing Directive 95/46/EC (“GDPR”) and/or Slovak Act No. 18/2018 Coll. on Personal Data Protection and on Amendments and Supplements to Certain Acts, as amended.
   7. For information related to this Policy, the Provider can be contacted via email: info@crystalmissions.com or in writing at the Provider´s address set in Clause I (2) above.
   8. The Provider highly recommends User to take a few moments to read this Policy and or information on data processing in the respective application store in their section Data Safety. By using any Service, the User agrees to accept the Terms and conditions of this Policy and is aware that they may change in the future as indicated below.

2. II. What Data Are Processed

   1. The Provider process only the necessary data that the User provide or leave while using Services, as well as data from the partners, primarily data necessary to provide Services, including providing the User with access to a Services. The User can use Services anonymously — without creating a specific account for using any App or Websites. However, this does not preclude the Provider from processing personal data. Providing certain personal data is voluntary but not providing it in the case of some services will prevent their provision.
   2. The Provider collects these data:
      • device information: When the User uses any App, the Provider may collect certain information about the User´s device, including the model, operating system version, unique identifiers, and data on mobile networks;
      • logs: The Provider may collect certain log data, including events data such as failures and actions in the system, as well as settings, type and language of the operating system or browser, date and time of the request, cookie, which serves as a unique identifier of User´s browser or device;
      • App events analysis: The Provider may analyse certain App events, such as App launches and User actions within the App, to improve the performance and usability of the Apps;
      • listening data: We may collect data on which radio stations the User listen to and for how long in a given installation specified by a randomly generated UUID number. This data is collected solely for the purpose of improving the quality and content of the Apps.

3. III. Purposes of Data Processing

   1. The primary purposes for processing User´s data are:
      • providing Services available through the Apps and Websites;
      • fulfilling Provider’s legal or contractual obligations,
      • realizing Provider´s legitimate interests.
   2. To provide services to User who do not use the login option (without a specific account for Apps), the Provider process data concerning the User's device, the device's IP address, the information contained in cookies or other similar technologies, and session data.
   3. When providing services to the Users with bought any Auxiliary or Premium version (if available for any App as of effective date hereof), the Provider additionally process the information on User´s account in the respective application store (Google Play store, AppGallery Store (Huawei Device Co. Ltd) and/or AppStore) applicable at the time of purchase.
   4. When contacting the User regarding technical support, their complaint and/or use of the Services, the Provider processes the User´s e-mail address and the content of the message, and first name and/or last name as the case might be. In this regard, the Provider might use also special services of
      • Huawei Device Co., Ltd., with its seat at Huawei Industrial Base, Bantian, Longgang District, Shenzhen, Guangdong, 518129, China (“Huawei”) - Crash Service by Huawei, if the respective App was downloaded from AppGallery store; or
      • Google Ireland Limited, Google Building Gordon House, 4 Barrow St., Grand Canal Dock, Dublin 4, Ireland (“Google Ireland”) - Firebase by Google, if the respective App was downloaded from Google Play store or AppStore.

      The Provider processes this data to provide Services, i.e., perform the contract and for the legitimate interest of ensuring contact with the User. The legal basis for the collection and processing of personal data is Article 6 (1) (b) and (f) of the GDPR.

   5. For the User who voluntarily subscribe to the Newsletter service, if available as of effective date hereof, the Provider provides a service of delivering messages with information related to Services. For this purpose, the Provider may process the email address provided by the User during registration on the basis of Article 6 (1) (b) of the GDPR and/ or regarding marketing content of Newsletter on the basis of legitimate interest under Article 6 (1) (f) of the GDPR.
   6. To improve the quality of Services, the Provider may process information regarding the use of Services, including session information, IP address, time spent using Services on individual screens, pages, and subpages, and the use of features and content. The Provider process this data to provide Services, i.e., to fulfil the contract, and in their legitimate interest, on the basis of Article 6 (1) (b) and (f) of the GDPR.
   7. For statistical analysis of Service usage, the Provider uses services provided by
      • Google Ireland - Google Analytics and Firebase by Google, if the respective App was downloaded from Google Play store or AppStore;
      • Huawei - HUAWEI Analytics Kit by Huawei, if the respective App was downloaded from AppGallery store;

      Google Ireland and Huawei collect and process data that enables the analysis of how the User uses Services, and this kind of data is not linked to other data processed by Google / Huawei and the Provider does not influence the extent of such data collection. The legal basis for processing data is Article 6 (1) (f) of the GDPR;

   8. The Provider does not use personal data, including email address and other identity-related data of User, for marketing purposes of other entities. However, the Provider may occasionally, if ever, send information about their promotional activities in the form of email messages or push notifications directly within the App.
   9. To partially cover the costs of Services maintenance, the Provider place advertisements in their Services delivered by Third Parties as Provider´s partners. To deliver ads and content more tailored to User´s interests, Third Parties may use advertising identifiers or similar technologies.
   10. Profiling for marketing purposes is carried out by trusted Third Parties as Provider´s partners, subject to User´s consent given through a message displayed during the consent collection process. The User can withdraw consent at any time. The delivery of ads tailored to User´s interests is done using unique identifiers and the Provider does not combine them with other information. Our partners whose services the Provider use include:
       • Google LLC, with its seat at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”) – for the services of Google Ad Manager and/or Admob by Google, if the respective App was downloaded from Google Play store or AppStore;
       • Huawei – for the services of HUAWEI Ads by Huawei, if the respective App was downloaded from AppGallery store.

       The Provider utilizes Google's / Huawei´s services to display ads in the Services (text ads, banners, etc.). Cookies may be stored on the User's device, or other solutions used by Google, or third-party websites acting on behalf of Google, such as ad identifiers. Google / Huawei collect data on User´s interests based on the websites they visit or apps they use, with the aim to analyse User´s behaviour regarding advertisements; User's IP address is not linked with other data. The Provider has no control over the processing of data by Google / Huawei. The Provider process this data in their legitimate interest, which involves obtaining the funds necessary to finance the Services provided with the legal basis of Article 6 (1) (f) of the GDPR.

   11. In cases related to breaches of the Terms or this Policy or other legal regulations, procedures for asserting the claims, and defending against claims from any user or other Third Party, the Provider may process personal data of specific User. This data may be disclosed to other User, Third Party, or to public authorities authorized by law, such as courts, police, or prosecutors. The Provider will process and, if necessary, disclose this data to fulfil their legal obligations, i.e., in their legitimate interest on the legal basis of Article 6 (1) (c) of the GDPR.
   12. The Provider may process personal data to fulfil legal obligations related to their activities and requests from law enforcement authorities. The legal basis for such processing of personal data is compliance with applicable legal regulations and our legitimate interest according to Article 6 (1) (c) and (f) of the GDPR.

4. IV. User's Rights

   1. GDPR grants User – individuals specific rights regarding their data. The Provider ensures that the User may exercise these rights, subject to the technical possibilities and limitations of applicable law. When using Services, the User is entitled to the following rights regarding the processing of User´s data:
      • right to access data - the User is entitled to be informed about the personal data the Provider process, and the User can request access to this data;
      • right to rectification and completion of data - the User can ask Provider to correct User´s data (rectification or completion), if they become aware that User´s data processed by the Provider is incorrect, outdated, or incomplete;
      • right to erasure of date – the User can request deletion of their date at any time;
      • right to restriction of data processing - the User is entitled to temporarily or permanently cease the processing of all or some of User´s data;
      • right to object - the User can object at any time to the processing of User´s data by the Provider;
      • right to data portability - the User is entitled to request a copy of User´s data in electronic form and the right to transfer it to another entity for use in providing services by that entity.
      • right to complain with a supervisory authority - the User is entitled to complain with a supervisory authority responsible for data protection.
   2. The Provider store personal data for as long as necessary for providing Services, business interests related to the development and improvement of provided Services, ensuring compliance with legal obligations and resolving claims and disputes. Most data are retained only for the duration of User´s use of the Services; thus, personal data collected during the provision of Services will be deleted when it is no longer needed to achieve the purpose of storage. User personal data will be deleted after consent for such processing and storage is withdrawn, as appropriate.
   3. The supervisory authority for the protection of personal data in Slovakia is the Office for Personal Data Protection of the Slovak Republic (Úrad na ochranu osobných údajov Slovenskej republiky), with its seat at Námestie 1. mája 18, 811 06 Bratislava, Slovak Republic, ID (IČO): 36064220 (“Data Protection Office”). The User is entitled to complain to the Data Protection Office in any case if the User believe that User´s data is being processed incorrectly. More information might be obtained at website: www.dataprotection.gov.sk or at phone number: +421 232 313 220 (available Tuesdays and Thursdays 8:00–12:00).

5. V. Transfer, Sharing and Protection of Data

   1. The Provider does not transfer personal data outside the EU or the EEA unless necessary. However, some of Provider´s partners and service providers may be based in, or their servers may be located in another country. All operations related to such transfer of personal data are carried out following the regulations governing the processing of personal data, in particular the GDPR. The Provider ensure that Third-Party recipients apply standard contractual clauses compliant with EU law.
   2. In order to provide Services, the Provider is cooperating with trusted collaborating entities - Internet and analytical service providers; nevertheless, the Provider does not share data with them.
   3. To deliver Services, the Provider may exceptionally, if ever, obtain some personal data from other trusted and law-abiding external partners.
   4. When providing services to the User who bought any Auxiliary or Premium version (if available for any App as of effective date hereof), the Provider may receive some information from the Third Party providing the respective application store (Google Play store, AppGallery Store (Huawei Device Co. Ltd) and/or AppStore), namely necessary data to identify User´s account, this process occurs through secure APIs provided by Third Party as our partners.
   5. The Provider strives to provide data with the highest possible level of protection and uses reasonable administrative, logical and physical safeguards designed to protect personal data against loss, theft, unauthorized access, use, or modification. These safeguards are intended to ensure a level of security appropriate to the risks associated with the processing of the User´s data. The Provider have implemented and applied various data protection policies, including pseudonymization, data encryption, and access control, and the data is stored in certified, secure data centres.

6. VI. Cookie Policy

   1. Provider´s Websites, Apps and Services may use the technical capabilities provided by web beacons, such as cookies or similar technologies, including unique identifiers (all these solutions as “Cookies”). Cookies, which may be stored on a computer, smartphone, or tablet when visiting Websites and internet services, are used to collect and store information about User´s activity. This allows User´s preferences to be used for displaying more relevant search results, delivering expected content, or displaying advertisements and promotional offers tailored to the User´s interests. Cookies typically contain the domain name of the internet service, from which they originate, a unique identifier, and the duration of their storage on the device.
   2. The Provider use Cookies on Websites for following purposes: providing Services, optimization of Services, conducting analyses and gathering statistics and facilitating the presentation of advertisements.
   3. The Provider uses following types of Cookies:
      • Necessary Cookies – ensure the proper functioning of the Websites and their basic functions; without them, the User would not be able to properly use the Services available on the Websites;
      • Analytical Cookies – the Websites use Cookies provided by Google Analytics which enable the Provider to track the number and source of visits so that the Provider can measure and improve the performance of the Services;
      • Marketing Cookies – the Services use the capabilities of Third-Party Cookies to target and display advertisements and promotional offers what allows the Provider to partially fund the development of the Services by displaying banner ads, video ads and promotional offers that are well-tailored to the User´s interests and online activity. In this case, the Provider use the services of external advertising service providers, including Google.
   4. If the User does not want Cookies to be used on their device, they can choose an option to block their use. However, the Provider would like to emphasize that blocking all Cookies may negatively affect the providing of some Services.
   5. Settings on devices or services that the User uses may provide additional options to opt out of tailored ads and promotional offers based on interests and online activity.

7. VII. Other Provisions

   1. This Policy may be modified to keep it current and reliable information about the processing of personal data. If the Provider makes any material changes to this Policy, they will update the “Effective Date” at the bottom of this Policy; in some cases, the Provider might notify the User in advance on such change by displaying information on the Website or by sending an email. All changes to the Policy become effective at the time of their publication.
   2. If the User does not accept the Policy, the User should stop using App and/or Services and/or uninstall the App, when appropriate.
   3. If any of the provisions of this Policy is invalid, the invalid provision will be replaced by a provision that comes closest to the intended legal purpose of the invalid provision.
   4. This Policy is subject to and will be interpreted in accordance with Slovak law, including applicable law of European Union, excluding conflict of laws rules. Courts in Slovakia have exclusive jurisdiction to resolve any disputes that may arise from this Policy or in connection with it.

Effective Date: 1.9.2025