PRIVACY POLICY
This Privacy Policy describes how we, the operators of FamHistory Map (referred to herein as "we," "us," "our," or the "Company"), collect, use, store, disclose, and safeguard your personal information when you access or use our website at famhistory-map.com, our mobile or desktop applications, our official social media channels, or any services we make available (collectively, the "Services").
We are committed to protecting your privacy and handling your personal data with transparency, care, and in full compliance with applicable data protection legislation.
By accessing or using our Services, you acknowledge that you have read and understood this Privacy Policy. For any privacy-related questions, requests, or concerns, please contact us at any time using the contact details set out in the final section of this document.
This Privacy Policy addresses the following key topics:
In the event of any conflict between a translated version of this Privacy Policy and the original English version, the English version shall take precedence, unless expressly stated otherwise.
1. FACE DATA AND IMAGE PROCESSING
Our app provides a feature that allows users to receive AI-based heritage insights based on facial images voluntarily provided by the user.
What data we collect
We collect and process facial images (photos) that users choose to upload or capture using their device camera within the app.
We do not collect or generate biometric identifiers such as facial recognition data, faceprints, or templates.
How we use this data
The facial images are used solely to generate heritage-related insights within the app.
This data is not used for identity verification, user tracking, or any form of biometric identification.
Third-party processing
To provide this functionality, facial images may be securely transmitted to a third-party AI service provider OpenAI for processing.
This processing is performed exclusively for generating the requested results and in accordance with applicable data protection standards.
Facial images may be securely transmitted to OpenAI for processing. OpenAI does not store or retain this data after processing and does not use it for any purpose other than providing the requested analysis.
Data sharing
We do not sell, rent, or use facial data for advertising or marketing purposes.
We do not share facial data with third parties except as necessary to provide this feature.
Data storage and retention
Facial images are not stored on our servers after processing is completed.
All images are deleted immediately after the requested analysis is performed.
User consent
Users are informed about the use of their facial images before using this feature and must provide explicit consent prior to processing.
Data security
We take reasonable technical and organizational measures to protect user data during transmission and processing.
If you have any questions regarding this feature, please contact us at support@famhistory-map.com.
We process data you provide when creating or maintaining an account with us ("account data"). This may include your full name, email address, telephone number, and any other details submitted during the registration process, as well as your transaction and purchase history. Account data is used to operate and maintain our Services, ensure platform security, and communicate with you effectively. The legal basis for this processing is the performance of a contract between you and us, or the taking of pre-contractual steps at your request. We also have a legitimate interest in monitoring, improving, and securing our Services.
We process information generated or provided in connection with the Services we deliver ("service data"). This may include contact details, payment and banking information, transaction records, and responses to any questionnaires or forms. In certain circumstances, service data may include sensitive personal data, such as health-related information, where this is directly relevant to the service being provided. Service data is processed to fulfil orders, deliver Services, and maintain accurate records. The legal basis is the performance of a contract with you, or, in the case of sensitive personal data, your explicit prior consent.
Where you have opted in, we may process information provided when subscribing to our newsletters or marketing emails ("messaging data"). This data is used solely to send you relevant updates and communications. The primary legal basis is your consent. Where you are an existing customer who has not opted out, we may also rely on our legitimate interest in maintaining and developing customer relationships.
We may process the content of any communications you send to us, along with associated metadata ("correspondence data"). This information is retained to facilitate effective communication and maintain accurate business records. The legal basis for this processing is our legitimate interest in the proper administration of our business, ensuring consistent quality of service, and resolving any disputes that may arise.
When you browse our website or use our applications, we may collect technical and behavioural information about your device and usage patterns ("device data"). This may include IP addresses, approximate geographic location, browser type and version, operating system, device type, screen resolution, and, subject to your consent, precise location. We also collect usage information such as referral sources, session duration, pages viewed, and navigation paths, gathered via cookies and similar tracking technologies. This data is processed to enhance the performance, usability, and security of our Services. The legal basis is our legitimate interest in effective platform management.
We may process any personal data referred to in this Privacy Policy when reasonably necessary for the establishment, exercise, or defence of legal claims, whether in judicial or administrative proceedings. The legal basis is our legitimate interest in protecting our legal rights and those of our users and other relevant parties.
Personal data may be processed to the extent necessary for obtaining or maintaining insurance coverage, managing business risk, or seeking professional advice. The legal basis is our legitimate interest in the prudent management and protection of our business operations.
We may also process personal data where required by applicable law or regulation, or where necessary to protect your vital interests or those of another individual.
Should the purpose or legal basis for processing your personal data change materially, we will notify you in advance. Where your consent was previously relied upon as the legal basis, we will seek fresh consent before proceeding under any new purpose.
From time to time, we may aggregate, anonymise, or de-identify personal data to a degree that it can no longer reasonably identify any individual. Once data has been rendered fully anonymous, it no longer constitutes personal data under applicable law. We may use such anonymised data freely within the bounds of applicable law, including sharing with research institutions, publishing statistical insights, or improving our Services.
We adhere to the principle of data minimisation at all times. Personal data collected and processed by us is limited to what is strictly adequate, relevant, and necessary for the purposes for which it is processed.
Personal data is stored on our own servers or on servers operated by carefully selected third-party service providers. All such providers are bound by contractual obligations governing the processing of personal data and the maintenance of confidentiality.
We implement a range of technical and organisational measures to protect your personal data against unauthorised access, loss, disclosure, or alteration. Organisational measures include restricting data access to authorised personnel, implementing confidentiality obligations, delivering staff training, and maintaining relevant internal policies and procedures. Technical measures include encryption, access controls, intrusion detection systems, and regular security assessments.
We may share your personal data with any member of our corporate group, including subsidiaries and parent entities, to the extent necessary for internal administrative purposes or the shared provision of IT services and infrastructure.
3.2 Professional Advisers and Insurers
Your personal data may be disclosed to our insurers, legal advisers, accountants, and other professional consultants where reasonably necessary for obtaining insurance coverage, managing risk, seeking professional guidance, or establishing, exercising, or defending legal claims.
We may share personal data with providers of anti-fraud, risk management, and regulatory compliance services to the extent necessary to protect your data and to fulfil our legal obligations.
Where you make a purchase through our Services, your payment data may be shared with our authorised payment service providers. We disclose only the minimum information necessary to process your payment, facilitate any required fund transfers, and address payment-related queries or complaints.
We may share personal data with third-party service providers engaged to support the delivery of our Services. These may include hosting providers, email delivery services, data analytics platforms, customer satisfaction survey tools, and market research providers. All such providers are required to implement appropriate technical and organisational safeguards and are prohibited from using your data for any purpose other than those specified by us.
We may disclose personal data where required to do so by law or by a competent authority, or where we reasonably believe disclosure is necessary to protect the vital interests of any individual.
We do not retain personal data for longer than is necessary for the purposes for which it was collected. Our standard retention periods are as follows:
For certain categories of data, such as device and usage data, a precise retention period cannot be determined in advance. Such data is retained only for as long as necessary for the applicable processing purpose.
Upon expiry of the applicable retention period, or upon receipt of a valid erasure request, personal data will be securely destroyed using industry-standard methods such as cryptographic erasure, overwriting, or physical destruction, as appropriate to the storage medium.
Notwithstanding the above, we may retain personal data for longer periods where required to comply with a legal obligation, or where necessary to protect the vital interests of any individual.
Subject to your consent, we may send marketing communications by email to keep you informed of our latest offerings, updates, and activities. Where we have previously provided services to you and you have not opted out, we may also contact you by email or telephone regarding relevant products or services, on the basis of our legitimate interest in maintaining our customer relationship with you.
If we contact you by telephone in accordance with Section 4.1 above, we may also send SMS or text messages to the mobile number you have provided. The frequency of such messages and any applicable data rates may vary.
You may withdraw your consent to receive marketing communications at any time by clicking the unsubscribe link included in any marketing email, or by contacting us directly using the details provided in the Contact section below. Where you receive both email and telephone marketing communications and wish to opt out of both, you must do so separately for each channel.
Once we receive your opt-out request, we will update your profile to ensure you no longer receive future marketing communications. Please note that, due to the nature of interconnected business systems, it may take a short period for your preference to be reflected across all platforms. You may therefore continue to receive occasional marketing messages during this processing window.
Opting out of marketing communications will not affect any messages that are strictly necessary for the delivery of our Services, such as transactional emails, account notifications, or security alerts.
We may utilize AI-powered chatbots and automated customer support tools provided by third-party technology providers when you contact us through our in-application support channels, our official support email address, or other designated communication channels.
The following terms apply to any interaction with such AI tools:
(a) AI chatbots used within our Services are powered by third-party AI providers integrated into our platform.
(b) When interacting with an AI chatbot, certain information may be collected or used, including your user profile data, submitted queries, interaction history, and any information you voluntarily provide during the conversation.
(c) The nature of information processed depends on the content of your enquiry. Both personal and non-personal data may be processed, which may include health-related or other sensitive information you choose to share.
(d) By engaging with our AI support tools, you consent to the processing of any personal data included in your interactions for the purposes of improving our Services, enhancing user experience, and providing efficient support. Your data will not be used for unrelated purposes without your separate consent.
(e) Information processed via AI chatbot interactions may be shared with the third-party providers operating those tools. We require all such providers to comply with applicable data protection laws and maintain appropriate confidentiality and security standards.
(f) AI chatbots are not able to process requests relating to subscription management or the exercise of data subject rights. For such requests, please contact our human support team directly.
(g) Data processed through AI chatbot interactions is retained by us for up to three (3) months from your most recent consent renewal, in order to maintain functionality and personalise your support experience.
This section provides a summary of your rights under applicable data protection legislation. For a full and precise understanding of these rights, please refer to the relevant legislation, in particular the General Data Protection Regulation (EU) 2016/679, and any guidance issued by competent supervisory authorities. The complexity of certain rights means that this section provides only a high-level overview.
You have the following rights in relation to your personal data:
You have the right to request confirmation of whether we process your personal data and, if so, to receive a copy of that data together with supplementary information regarding the processing, including its purposes, categories, and recipients. The first copy will be provided free of charge; any additional copies may be subject to a reasonable administrative fee.
You have the right to request that we correct any inaccurate personal data we hold about you, and to have any incomplete data completed.
You may request the deletion of your personal data in certain circumstances, including where the data is no longer necessary for the purposes for which it was collected, or where it has been unlawfully processed. This right is subject to exceptions, including where continued retention is required to comply with a legal obligation or to establish, exercise, or defend legal claims.
You may request that we limit the processing of your personal data in certain situations, such as where you contest the accuracy of the data or have objected to processing. Where processing is restricted, we may retain the data but will only process it further under limited circumstances.
You have the right to object to the processing of your personal data where that processing is based on our legitimate interests or a public interest task. We will cease processing unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms, or where processing is necessary for the establishment, exercise, or defence of legal claims.
You have the unconditional right to object to the processing of your personal data for direct marketing purposes, including any profiling carried out in connection with direct marketing. Where you exercise this right, we will immediately cease processing your data for such purposes.
You may object to the processing of your personal data for scientific or historical research purposes, or for statistical purposes, unless such processing is necessary for the performance of a task carried out in the public interest.
Where processing is based on your consent or on the performance of a contract with you, and is carried out by automated means, you have the right to receive your personal data in a structured, commonly used, and machine-readable format. This right does not apply where the exercise thereof would adversely affect the rights and freedoms of others.
If you believe that our processing of your personal data infringes applicable data protection law, you have the right to lodge a complaint with a competent supervisory authority. You may do so in the EU member state where you reside, where you work, or where the alleged infringement took place.
Where our processing of your personal data is based on your consent, you have the right to withdraw that consent at any time. Withdrawal of consent will not affect the lawfulness of any processing that took place prior to the withdrawal.
You have the right not to be subject to a decision based solely on automated processing, including profiling, where that decision produces legal effects or similarly significantly affects you. Exceptions apply where the decision is necessary for the performance of a contract, is authorised by applicable law with appropriate safeguards, or is based on your explicit consent.
To exercise any of the rights set out in this section, please contact us by email at support@famhistory-map.com. We will respond to your request within one (1) calendar month of receipt. In the case of complex or multiple simultaneous requests, the response period may be extended by up to two (2) additional months, in which case we will notify you of the extension and the reasons for it.
Cookies are small text files containing unique identifiers that are sent by a web server to your browser and stored on your device. Each time your browser makes a request to the same server, these identifiers are transmitted back, enabling the server to recognise your device and recall your preferences or session information.
Cookies do not typically contain information that directly identifies you. However, personal data that we hold about you may be associated with information derived from cookies in order to improve and personalise your experience of our Services.
We use the following categories of cookies on our website:
(a) Strictly Necessary Cookies: These cookies are essential to the operation of our website and cannot be disabled. They enable core functionality such as user authentication, security controls, and the delivery of services you have requested.
(b) Functional Cookies: These cookies allow us to remember choices you make and provide enhanced, personalised features. They may also be used to analyse usage patterns and improve the overall quality and relevance of our Services.
(c) Analytical and Performance Cookies: These cookies collect information about how visitors interact with our website, including which pages are visited most frequently and whether any errors are encountered. All information gathered is aggregated and anonymous.
Our third-party service providers may also set cookies on your device when you visit our website. We currently use the following third-party cookie services:
Each third-party provider operates under its own privacy policy. We encourage you to review the privacy policies of these providers directly.
Most web browsers allow you to manage cookie preferences, including the ability to refuse or delete cookies. The process for doing so varies by browser. Please refer to the help documentation for your specific browser (for example, Chrome, Firefox, Safari, or Microsoft Edge) for up-to-date guidance.
Please note that disabling all cookies may adversely affect the functionality of our website and may prevent you from accessing certain features or services. Restricting cookies may also result in less personalised content and a diminished user experience.
Our website may contain hyperlinks to third-party websites, including those of partners, affiliates, and other external information sources. We wish to draw your attention to the fact that these third-party websites operate under their own privacy policies, for which we bear no responsibility. We strongly recommend that you review the privacy policy of any external website before submitting personal data to it.
Our website and Services are directed exclusively at individuals aged 18 years and above. We do not knowingly collect or process personal data relating to children under the age of 18.
If we become aware that we have inadvertently collected personal data relating to an individual under the age of 18 without the valid consent of a parent or legal guardian, we will take immediate steps to delete that data from our records. If you believe we may hold personal data relating to a minor, please contact us without delay.
We rely on the accuracy of the personal data we hold in order to deliver high-quality Services. We therefore request that you notify us promptly if any personal information we hold about you requires correction or updating. You may do so by contacting us at the details provided below.
We reserve the right to update or amend this Privacy Policy at any time. Any revisions will be published on our website at famhistory-map.com, together with the date of the most recent update. In the event of material changes that significantly affect how we process your personal data, we will endeavour to notify you directly — for example, by email or by means of a prominent notice within our Services. We encourage you to review this Privacy Policy periodically to stay informed of how we protect your information.
For any questions, concerns, complaints, or requests relating to this Privacy Policy, the exercise of your data protection rights, or any other privacy-related matters, please contact us using the following details:
Support Email: support@famhistory-map.com
Website: famhistory-map.com
We are committed to responding to all privacy-related requests and enquiries within the timeframes prescribed by applicable data protection law.