Privacy Policy

Welcome to our privacy policy. We are young enthusiasts that created Self to study the unconscious through the dreams to help us understand ourselves better. We know, cool goal… but what about the privacy policy? First of all, we want to state that we are committed to protecting your privacy and complying with applicable data protection and privacy laws, especially with the EU GDPR, which is the highest standard in the world.

Now, let's go in detail:

1. Self Labs is the data controller

Self Labs Ltd is the company we incorporated to manage Self website & app. It is registered in England (Company no. 11500157).
This privacy notice is designed to help you to understand what kind of personal data we collect and how we process and use such data. It also sets out your rights in relation to how we look after your personal data.
We act as a data controller for the personal data we hold about you.
Our products or services may contain links to a third party’s website or service. Currently we don’t have any third party processing your personal data on our behalf. Eventually, if we do, we will warn you that we are not responsible for the privacy policies or practices of such a third party. In that case, we recommend that you carefully read the privacy notice for such third parties.
Website: www.selflabs.net.
Email: contact@selflabs.net.
You can contact our Data Protection officer in the email dpo@selflabs.net.

2. Why we need your personal data

We collect and process your data for one or more of the following grounds:
To provide the services of this platform. We use your personal data as is necessary to provide you with our services. We process and use your personal data to provide you with a personalised service, to fulfil your other requests, process your order(s), and as otherwise may be necessary to perform the services.
You have provided us with your consent. Where you have given your informed consent, we will process your data in accordance with the permission you have given us and this Notice. You may withdraw your consent at any time.

3. Our other legitimate interests in using your data

Taking into account your interests, we process your personal data for the following purposes:
To verify your identity and administer your account. We process and use your personal data to ensure the functionality and security of our products and services, to identify you and the instructions you give us, and to prevent and detect fraud and other misuses.
Development of products and services. We process and use your personal data to develop our products and/or services. However, for the most part, we only use aggregate and statistical information in the development of our products and services, and not data directly identifiable to you. We may also process and use your personal data to personalize our offerings and to provide you with service more relevant to you, for example, to make recommendations and to display customized content and advertising. We may combine personal data collected in connection with your use of a particular product and/or service with other personal data we may hold about you, unless the purpose for which we collected that data is incompatible with amalgamation.
Communicating with you and marketing. We process and use your personal data to communicate with you, for example, to provide information relating to our products and/or services you are using or to contact you for customer satisfaction queries. We may process and use your personal data for marketing. Marketing purposes may include using your personal data for personalized marketing or research purposes in accordance with applicable laws, for example, to conduct market research and to communicate our products, services or promotions to you via our own or third parties’ electronic or other services. When contacting you for the purpose of marketing, we will take into account any preferences you have expressed to us, including any desire not to receive marketing.
Profiling. We may process and use your personal data for profiling for such purposes as targeted direct marketing and improvement of our products or services. We may also create aggregate and statistical information based on your personal data. Profiling includes automated processing of your personal data for evaluating, analyzing or predicting your personal preferences or interests in order to, for example, send you marketing messages that are actually interesting for you.
Business Continuity. In the event of an interruption or cessation of our business, we need to ensure that we can implement our business continuity procedures (for example, we may need to rebuild our IT systems) or wind down planning to protect your interests. This may involve a transfer of your personal data to a third party (see below).

4. Transfers of your personal data

Generic Service Providers. We may transfer your personal data to third parties who control or process personal data on our behalf to enable the efficient technical and logistical provision of our services. These service providers supply us with cloud data storage, data security services, customer relationship management software, and support ticketing services. We may substitute a technical or logistical service provider from time to time. Such parties are generally not permitted to use your personal data for any other purposes than for what your personal data was collected, and we require them to act consistently with applicable laws and this Notice as well as to use appropriate security measures to protect your personal data.
Event driven transfers. We may transfer your personal data to third parties in certain events where is it necessary to protect your, or our, legitimate interests. This includes the cessation, sale or transfer of our business; civil or criminal legal, or regulatory, proceedings; or insurance claims.
International transfers. Our products and services may be provided using resources and servers located in various countries around the world, provided by Amazon Web Services. Therefore, your personal data may be transferred outside the country where you use our services, including to countries outside the European Economic Area (EEA). We will only transfer data in such circumstances if the level of data protection in that jurisdiction is deemed adequate, or if there are appropriate safeguards in place to protect your privacy. In this particular case, Amazon Web Services provides its services under the agreement EU-US Privacy Shield, to make sure to comply with the European personal data protection standards, which are more demanding.

5. How long do we keep personal data?

We will only keep your personal data for so long as it is reasonable for us to do so, depending upon the nature of the data and our processing, and the grounds upon which we collected it. In general, we will delete redundant account information within 90 days of our relationship ending. Subject to any actual or potential legal claim, the maximum time that we envisage retaining any of your information is seven years, after which time it will be destroyed.
Information we use for marketing purposes will be kept by us until you notify us that you no longer wish to receive this information. If you do notify us that you no longer wish to receive marketing information we will keep an encrypted version of your contact information to ensure we respect your wishes.

7. What are your rights?

You have the right to request information and access to the personal data we hold about you.
You also have the right to request that we correct or delete any incomplete, incorrect, unnecessary or outdated personal data we hold on you. However, we cannot delete such personal data that is necessary for compliance, our binding legal obligations or if the personal data must be retained according to applicable laws, or is required for the exercise or defense of a legal claim.
In case you consider your personal data collected by us to be inaccurate but you do not wish your personal data to be deleted; if we have used your personal data unlawfully; or you have objected to the processing and the existence of legitimate grounds for processing is still under consideration, you may request restriction of processing of your personal data.
You may also at any time object to your personal data being processed for direct marketing purposes, sending promotional materials, profiling, or for the performance of market research. Further, where your personal data is processed based on your consent, you have the right to withdraw your consent for such processing at any time.
In case you wish to make use of your rights mentioned above, you may, as appropriate and in accordance with applicable laws, exercise such rights by contacting us through the contact points referred in the marketing materials or below in this Notice. In some cases, especially if you wish us to delete or cease the processing of your personal data, this may also mean that we may not be able to continue to provide the services to you.
Please note that we may need to identify you and to ask for additional information in order to be able to fulfil your above requests. Please also note that applicable law may contain restrictions and other provisions that relate to your above rights.

8. How to contact us

If you wish to contact us, please send an email to our nominated person at dpo@selflabs.net

9. Changes to this Notice

We may change this Notice from time to time. You should check this Notice occasionally to ensure you are aware of the most recent version.
This Notice was last updated on August 15th, 2018.