Privacy Policy
This policy (together with our Terms of Use) explains how we use any personal information about you that is collected or generated through your use of:
- our website, www.fika.community (the “Site”);
- our mobile app called “Fika” (the “App”);
- our Fika emotional fitness research programmes which may take place separately from the Site or App (the “Fika Programmes”);
- the App and Fika Programmes in the context of face-to-face interactions between Fika users.
In these Terms, we refer to our Site, App and Fika Programmes (and the services available from any of them) collectively as “Fika”.
Fika is owned and operated by Fika Community Limited, a company registered in England and Wales under number 11114186 with its registered office at Challenge House, Sherwood Drive, Bletchley, Milton Keynes MK3 6DP (“we”, “our”, and “us”). For the purpose of data protection laws, Fika Community Limited is your data controller and is registered with the Information Commissioner’s Office (ICO) under Registration Number ZA498380.
Please read the following carefully to understand our practices regarding your personal data and how we will treat it.
Contacting Us
If you have any questions about this data privacy policy or your information, or to exercise any of your rights as described in this policy or under applicable data protection laws, you can contact the Data Protection Officer at: dataprotection@fika.community.
Information we may collect from you
We may collect and process the following data about you:
- Identity Data: The identity and contact details you give us when you register to use Fika, when you report a problem with or have a question about Fika, if you agree to participate in one of our Fika Programmes, or when contacting us to discuss your or your organisation’s use of or interest in using Fika. The basic information that you must give us in order to open a Fika account on the App is your email address and age consent (over 18). However, we may sometimes collect additional information from you such as your name, student ID number, office address, phone number, date of birth or year of birth, university year of study, subject of study and year of graduation. We will also request your email address and password each time you access the App or Site.
- Profile Name: The App will generate at random an anonymous profile name for you, which will be used to identify you in the context of the App and your use of Fika.
- Location Data: We may collect the IP address that you use to connect to the App or Site, and (where activated and you have agreed to this on your mobile device) your location information from your mobile device. Please see our Cookies Policy for further information.
- Profile and Usage Data: This includes information about how you use Fika such as your Fika topics, goals, interests, preferences, feedback, survey responses, Fika exercises selected, duration of use, frequency of use, profile building, image choices, desired outcomes e.g. 'finding my strengths' or 'developing resilience', matching data (which indicates which other Fika users you are matched with for the purpose of anonymous group (pods) chats and the data upon which such matching took place). Usage data may be collected by cookies and tracking technology. Please see our Cookies Policy for further information.
- Your Content: The App may offer a feature which allows you to input and store your thoughts, ideas, emotions and other notes in a journal (“Journal Content”). You may also participate in group text chats (“pods”) on the App, which will give you the opportunity to share your thoughts, ideas and emotions openly with others in accordance with our Terms of Use (“Chat Content”).
- Feedback Data: If you contact us to provide feedback or with any queries, or if you provide feedback to us during the course of a Fika Programme we may keep a record of that correspondence.
- Device Data: With regard to your use of the App or Website we will automatically collect information about your mobile device, including, where available, your device ID, and operating system, for system administration and to analyse statistical data about our users’ actions and patterns. Device Data may be collected by cookies. Please see our Cookies Policy for further information.
- Marketing and communications data: This includes your preferences for receiving marketing from us.
We also collect, use and share Aggregated Data such as statistical or demographic data for our legitimate business interests. Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific App feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.
A note about your health and other sensitive information
If you choose to add Content that includes information about your mental and physical health and wellbeing, or any other sensitive information about you (for example, in your Journal Content or Chat Content), we will collect and store this Content on the basis that you provided your explicit consent for us to do so when accessing the relevant features of the App by means of a separate opt-in option. If you do not provide this explicit consent or if you withdraw your explicit consent at any time then you will not be able to continue to use the Journal or Pod features of the App.
Information we may receive from third parties
If your right to access Fika results from an agreement between us and the university or college where you study or graduated from, or your employer or other organisation of which you are a member (“Community”) or is in conjunction with a Fika development or research programme entered into between us and your Community, the Community may share your name and contact details (Identity Data) with us for the purpose of our agreement with them or your involvement in the programme.
To deliver the Fika service we use a number of Google owned services (Firebase, Cloud Firestore, Firebase Cloud Messaging, Analytics, AdSense and Ads). These 3rd party services collect the following information automatically about you when you access and use the App: age category (18-24, 25-34, 35-44, 45-54, 55-64, and 65+), the store from which you downloaded and installed the App, the App version being used, the country in which you live, the brand name, category and model name of your device (e.g., Motorola or LG, mobile or tablet, iPhone 5s or SM-J500M), the time at which you first opened the App, when you start a new session in the app and the duration of the session, your gender, interests, the language setting of your device OS, whether you are a new or established App user, and your OS version. We also collect information about when you refresh or close the app, when you install updates and app performance data such as crashes or timeouts. Google Firebase will share this information with us as part of an analytics console (Google Analytics for Firebase).
From Google Analytics, Google Ads and AdSense, Google Play Console and Apple AppStore Connect, we collect the following information regarding how you found and interact with our marketing campaigns, website or App: the browser, the type of content you interacted with and the device you used, the version of the App downloaded and the App Store used. From providers such as SendInBlue we collect the following information on how you interact with emails we may send you: which emails you open, the time and day of opening, device used and how you interact with any content included within the email.
From Google Firebase Cloud Messaging we collect the following information: how you interact with push notifications sent via the App, including how it is received, if you dismiss or click the notification and the time of interaction.
Uses made of the information
We use information held about you in the following ways:
Identity Data
For the provision of the App, the Site and the services available from them to you and to provide you with the information, products and services that you request from us through the App or Site together with customer support. Our legal basis for using your information in this manner is the performance of the contract that we are about to enter, or have already entered, into with you.
Notifying you about changes to the Fika Terms of Use or Privacy Policy. Our legal basis for using your information in this manner is the performance of the contract that we have entered into with you and for the performance of our legal obligations.
To manage and run Fika Programmes in which you are involved. Our use of your identity data for these purposes is on the basis of your consent (which may have been given to us or to your Community).
To notify you about new Fika products, services or features which are available to you, changes to Fika features or services or tips on how to use Fika by sending emails or push notifications to you. You can opt out of receiving these communications from us by updating your communications preferences in the App, or by clicking on the unsubscribe link in any email that we send to you.
Your Content
Your Journal Content is collected and stored so that we can provide the Journal function on the App to you. We will not use it for any other purposes. We do not monitor, review or analyse data that is stored in a journal. You can delete your entries at any time.
Your Chat Content is collected and stored so that we can provide the chat functions on the App to you. We will only review your Chat Content if it is relevant to an issue that we are investigating either as a result of our Peer Reporting Policy, a query from you or another user, or as a result of a technical problem with the App. You agree that we may access and use your Chat Content for this purpose. We reserve the right, without obligation, to edit or remove any Chat Content as a result of such investigation or in the event of a breach of our Terms of Use.
Profile and Usage Data
Collecting and profiling your Profile and Usage Data, to improve your user experience and to carry out compatibility matching between you and other Fika users. If you choose to participate in a pod on the App, Fika will use your Profile and Usage Data to match you with other Fika users for this purpose. Our legal basis for using your information in this manner is the performance of the contract that we have entered into with you.
Ensuring that content from the App or Site is presented in the most effective manner for you and for your device. Our legal basis for using your information in this manner is the performance of the contract that we are about to enter, or have already entered, into with you.
Suggesting content and activities for you to try on Fika based on your previous uses of Fika, either through push notifications to your device, or emails sent to your registered email address. Our legal basis for using your information in this manner is the performance of the contract that we have entered into with you.
Feedback Data, Device Data and Profile & Usage Data
Asking you to provide feedback, leave a review or take a survey. Our legal basis for using your information in this manner is that it is necessary for our legitimate interests of studying how customers view and use our products and services for the purpose of our future development of Fika, and of managing and moderating member access to the App or Site.
Ensuring that content from the App is presented in the most effective manner for you and for your device. Our legal basis for using your information in this manner is the performance of the contract that we are about to enter, or have already entered, into with you.
For analysis and statistical purposes. Our legal basis for using your information in this manner is that it is necessary for our legitimate interests of studying how customers view and use our products and services and of further developing Fika, our services and our marketing strategy.
To administer the App and Site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes and as part of our efforts to keep the App and Site safe and secure. Our legal basis for using your information in this manner is that it is necessary for our legitimate interests of studying how customers view and use our products and services and of further developing the App, our services and our marketing strategy and/or for the performance of the contract that we are about to enter, or have already entered, into with you.
Marketing and Communications Data
Notifying you about new Fika products, services or features which are available to you, changes to Fika features or services or tips on how to use Fika by sending emails or push notifications to you. You can opt out of receiving communications from us by email by updating your communications preferences in the App, or by clicking on the unsubscribe link in any email that we send to you. You can manage push notifications in your device settings.
We will never send communications to you which market, or advertise within the App the products or services of another company, and we will never allow anyone else to use your information for the purpose of marketing their products and services to you.
Information we collect about you from third parties.
Information received from your Community
We may use the Identity Data received from your Community in order to liaise with you about the proposed agreement between us and your Community, or your intended use of Fika. Our legal basis for using your information in this manner is that it is necessary for our legitimate interests of developing our business, Fika and the App, and/or for the performance of the contract that we are about to enter, or have already entered, into with you or your Community.
Information received from other sources
We will use the information received from our 3rd party service providers such as Google, Apple and SendInBlue through their analytics dashboards:
To ensure that content from the App is presented in the most effective manner for you and for your device. Our legal basis for using your information in this manner is the performance of the contract that we are about to enter, or have already entered, into with you.
For analysis and statistical purposes. Our legal basis for using your information in this manner is that it is necessary for our legitimate interests of studying how customers view and use our products and services and of further developing Fika, our services and our marketing strategy.
To administer the App and Site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes and as part of our efforts to keep the App and Site safe and secure. Our legal basis for using your information in this manner is that it is necessary for our legitimate interests of studying how customers view and use our products and services and of further developing the App, our services and our marketing strategy and/or for the performance of the contract that we are about to enter, or have already entered, into with you.
Disclosure of your information
Service Providers
We will share your personal information with our service providers who act as processors based in the United Kingdom, European Union and United States. The table below sets out a list of our service providers and the scope of the services that they provide to us.
| Provider | Basis of use |
|---|---|
| Apple app store connect | iOS device aggregated app download analytics |
| Capsule | CRM platform |
| Google Play Console | Android device aggregated app download analytics |
| Google Ads | Digital marketing and analytics platform |
| Google AdSense | Monitor effectiveness of marketing campaigns |
| Google Analytics | App usage & website analytics |
| Google Cloud Firestore | Data hosting and backup storage |
| Google G-Suite for Business | Assistance with business activities such as: staff emails, customer service and gathering user feedback |
| Google Firebase | App development platform and hosting |
| Google Firebase Cloud Messaging | Send messages to users including push notifications |
| Netlify | Website hosting, contact forms and newsletter signup |
| SendInBlue | Send relevant & appropriate email communications |
| Slack | Assistance with business activities such as: internal communication and occasional customer service. |
| Specialist individual contractors and consultants | Specialist individual contractors and consultants |
Other potential disclosures
We may also disclose your personal information to third parties:
- In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
- If Fika or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
- If we are under a duty to disclose or share your personal data in order to comply with any legal, regulatory or tax obligation.
We will not share or make your identity data available to other Fika users or to any third parties for marketing.
How long your personal information will be kept
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Details of retention periods for different aspects of your personal data are available in our retention policy, which you can request from us by contacting us at dataprotection@fika.community.
In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
Storage of your personal data
Some of our service providers are based outside the European Economic Area (EEA) and United Kingdom (UK) so their processing of your personal data will involve a transfer of data outside the EEA and UK.
Whenever we transfer your personal data out of the EEA and UK, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between Europe and the US.
Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of the App or Site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to the App or Site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Your rights
Under data protection laws, you have a number of important rights free of charge. In summary, those include rights to:
- access to your personal information and to certain other supplementary information that this Privacy Notice is already designed to address
- require us to correct any mistakes in your information which we hold
- require the erasure of personal information (also known as ‘the right to be forgotten’) concerning you in certain situations
- receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations
- object at any time to processing of personal information concerning you for direct marketing
- object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you
- object in certain other situations to our continued processing of your personal information
- otherwise restrict our processing of your personal information in certain circumstances
You can withdraw your consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
If you would like to exercise any of those rights, please contact us as below. When contacting us, please let us have enough information to identify you (e.g. name, email address), let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill), and let us know the information to which your request relates.
Keeping your personal information secure
We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
How to complain
Please let us know if you have any query or concern about our use of your information on dataprotection@fika.community.
While we would ask you to please contact us in the first instance, data protection laws also give you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/ or telephone: 0303 123 1113.
Changes to our privacy policy
Any changes we may make to our privacy policy in the future will be notified to you when you first access the App after the update has taken place and, where appropriate, notified to you by e-mail. By continuing to use Fika, you confirm that you accept the updated Privacy Policy. If you do not agree to the updated Privacy Policy, you must not continue to use Fika.
Contact
Questions, comments and requests regarding this privacy policy should be sent by email to dataprotection@fika.community.
Contact Us
© 2019 Fika Community Limited. All Rights Reserved. Registered company No. 11114186.