Privacy Policy

Last modified 09/12/2024

 

This Application Privacy Policy (APP) explains how Sharp Shoot Media Ltd C78886 (“we”, “our”, “us”, or “the Company”) collect, use, and disclose information when the mobile applications listed below are used, or any other mobile applications where this APP is posted, or interact with us offline (for instance by contacting Customer Care) regarding the Apps (collectively, the “Mobile Apps” or “Apps”).

Your privacy is important to us and we want every individual, especially children, who interacts with our business to feel comfortable with how we use and share their personal information. This Policy aims to ensure that you are fully informed on how we will collect and process your personal data in the scenarios indicated herein. 

We recognises our obligations as a Data Controller in terms of applicable data protection and privacy laws, mainly the General Data Protection Regulation (EU) 2016/679 as supplemented by the Data Protection Act (Chapter 586 Laws of Malta), together with other applicable laws as may be amended from time to time. We are also the data controller of any personal data which we collect or receive and which we process in connection with (i) the Services and/or (ii) the Website. 

This Privacy Policy should be read together with any other privacy policy we may provide on specific occasions when we are collecting or processing Personal Information about you so that you are fully aware of how and why we are processing your Personal Information. This Privacy Policy supplements said policies and is not intended to override them. 

By using our Services, you acknowledge that you have read and understood this Privacy Policy, and you consent to the processing of your Personal Data as described in this Privacy Policy. Your use of any mobile app, website, or online service created or maintained by another company is subject to such other company’s applicable privacy policies and terms of use, and we encourage you to read the third-parties’ privacy policies and terms of use before submitting personal or other information or using that mobile app, website, or online service.

 

1. Data Protection Officer 

The Company has appointed Steven Dalli[1] as the Data Protection Officer (‘DPO’) who is responsible for matters relating to privacy and data protection. The DPO can be reached by sending an email at [email protected].

You can also obtain information on your data, and submit any suggestions you may have, by e-mail or letter to the following address: 

 

Address: Bastion View, Flat 4,

Triq Romano Carapecchia,

Fgura FGR1350

Email: [email protected]

 

2. What is Personal Information? 

Personal Information is any information relating to an identified or identifiable natural living person, otherwise known as a ‘data subject’. A data subject is an individual who can be identified, directly or indirectly, by information such as name, identification number, location data, online identifier, or other data relating to their physical, physiological, genetic, mental, economic, cultural, or social identity. Personal Information excludes any information which has been rendered anonymous in such a manner that the data subject is no longer identifiable, also known as anonymous data. 

It is imperative that the personal data we hold about you is accurate and current at all times. Otherwise, this will impair our ability to provide you with the requested Services (amongst other potential and salient issues). Please keep us informed if your personal data changes during the course of our engagement and professional relationship with you.

 

3. Types of Personal Information we collect

We get some information about the smart device you use for our Apps (we call this Device Info). We get this in a way that means we cannot tell who you are in real life. This is because we try hard not to get any personal info about you (like your name or your address), and we try to use your personal info in a way that keeps your information safe.

Most of the Personal Information we process is provided to us directly by you, such as when you contact us or when you enter your contact details. 

We collect and process the following information:

 

3.1 Information Provided by You

  • Parent/Guardian Information: Name and Surname, email address, subscription informaton. Your subsrciption payment details are directly processed by Stripe Inc. We only receive a only receiving information about a confirmed transaction on a successful purchase, linked to your customer ID.

  • Child Information: First name or nickname, date of birth (to verify age and personalise content).

     

3.2 Information Automatically Collected

What we do like to know is how our app is being used, like how long a programme is being streamed for, what content you watched, session duration, what country you are streaming in and what kind of smart device (maybe your mum's or dad's mobile phone or iPad) you are streaming on, device information, including IP address and device ID, and progress tracking.

 

3.3 Information from Third Parties

We may receive information from trusted partners, provided they have legal grounds to share such data.

 

4. How We Use Your Data

We use your Personal Data on legitimate grounds and/or with your Consent.

On the grounds of entering into a contract or fulfilling contractual obligations, we Process your Personal Data for the following purposes:

  • Provide our Services to you, including to operate our websites, maintain customer records;
  • Authenticate users and provide personalised accounts.
  • Send you advertising or promotional materials, including information about new products, features and enhancements, special offers, deliver premium content and track user progress.
  • Process subscriptions and payments securely.
  • Improve the app experience through analytics. 
  • Send you technical notices, updates, including push notifications, security alerts and support and provide administrative messages, such as changes to this Privacy Policy or our Terms;
  • Respond to your comments, questions, and requests and provide customer service;
  • Monitor performance of the Services, overall usage of the Services and user retention rates, track how users are engaging,  identify which features are least and most utilised, identify problem areas within the application, and inform design development for future application updates; 
  • Carry out any other purpose conveyed to you at the time the information was collected.

 

We process your Personal Data in order to fulfil obligation rising from law and/or use your Personal Data for options provided by law. 

With your consent we Process your Personal Data for the following purposes:

  • to send you newsletters or notifications regarding content on our website.
  • for other purposes we have asked your consent for;

 

We may also use or share information in an anonymised or aggregate manner for many purposes such as research, analysis, modeling, marketing, and improvement of our Services. We will use data outside the scope of this Policy only when it is anonymised.

We might process your Personal Data for additional purposes that are not mentioned here, but are compatible with the original purpose for which the data was gathered. To do this, we will ensure that:

  • the link between purposes, context and nature of Personal Data is suitable for further Processing;
  • the further Processing would not harm your interests and
  • there would be appropriate safeguard for Processing.

We will inform you of any further Processing and purposes.

 

5. How does the Company handle children’s information?

At Sharp Shoot Media Ltd, protecting children’s privacy and ensuring the responsible handling of their personal data is our top priority. The Perlina TV app is designed to provide a safe and engaging environment for children, and we adhere to strict privacy guidelines in compliance with applicable laws.  

5.1. Parental Consent

  • Verifiable Parental Consent: We do not collect personal data from children under the age of 13 (or the applicable age of consent in your jurisdiction) without obtaining verifiable parental or guardian consent.
  • Parents/guardians are required to create and manage accounts on behalf of children. This ensures that any data collected is handled with parental oversight.

 

5.2. Types of Data Collected

We collect minimal data necessary to provide our services, such as:

  • A child’s first name or nickname (optional, for personalisation).
  • Progress on videos watched and preferences (e.g., last watched video).
  • Anonymous app usage data, such as session duration and videos played, for improving the app experience.

 

5.3. Data Minimisation

  • We collect only the data necessary for the child’s use of the app and to deliver age-appropriate content.
  • Sensitive information such as physical addresses, school information, or precise geolocation data is never collected.

 

5.4. Data Security

  • All data related to children is encrypted during transmission and securely stored on servers managed by trusted providers like Google Firebase and Digital Ocean.
  • Access to children’s data is restricted to authorised personnel and trusted processors who comply with strict security protocols.

 

5.5. Data Usage

Children’s data is used solely to:

  • Deliver personalised, age-appropriate content.
  • Track progress on videos to improve their viewing experience.
  • Ensure a safe and secure app-experience.

Children’s data is never used for targeted advertising or shared with third parties for marketing purposes.

 

5.6. Parental Control

  • Parents or guardians have full control over their child’s account and data.

  • They can access, update, or delete their child’s data at any time through the account settings or by contacting us directly.

     

5.7. Data Retention

  • Data is retained only as long as necessary to provide the service or comply with legal obligations.

  • If an account is deleted or parental consent is withdrawn, all associated data is permanently removed from our systems.

     

5.8. Additional Safeguards

  • All data is encrypted in transit.
  • Any analytics collected for app improvement is anonymised to ensure children’s identities are not disclosed.
  • We continuously review our processes to enhance privacy protections and comply with evolving legal requirements.

 

6. Note to Parents

If you live in Malta, and you’re not 13 years old yet, please ask your mom or dad to look at this bit. 

Under the General Data Protection Regulation (GDPR) in the European Union, a person is considered a child if they are under the age of 13 for the purposes of processing personal data. This means that parental or guardian consent is required to process the personal data of children under 13 years old (this may vary according to the jurisdiction you are in). Please discuss this Policy with your Children so that they will better understand how to use the Services and the information they may be asked to provide when using the Services. We take Children's privacy seriously and encourage parents to take an active role in protecting their Children's privacy and online experience at all times.

 

7. Data Sharing

We do not share your Personal Data with strangers. We share data only as necessary with the following trusted processors:

  • Google Firebase: For authentication, analytics, and subscription management.
  • Stripe: For secure payment processing.
  • Digital Ocean: For backend hosting (with access to Firebase data for validation and processing).
  • OneSignal: For sending push notifications.
  • Vioside: For app development and technical support (may access user data as needed).

 

We ensure all data processors comply with applicable laws and maintain robust security measures.

 

8. Data Retention

We retain your personal information for as long as reasonably necessary to fulfill the purposes outlined in this APP, and in accordance with our retention policies, as applicable, unless a longer retention period is required by applicable laws and/or regulations. Subscription and account data are deleted upon account closure or withdrawal of consent.

 

Should we ever request your consent, you have the right to withdraw your consent at any time. In such cases select the unsubscribe button in our email communications or contact the Data Protection Officer by email at [email protected].

 

In any case, we may continue to process your Personal Information if it is required by law and to meet our contractual obligations with you. This requirement will continue for as long as the agreement subsists and for a specified retention period thereafter, if and as required by law. 

 

Whereit is not possible for us to specify in advance the periods for which your Personal Information will be retained. In such cases, we will determine the period of retention based on the following criteria:

  • What the purpose(s) was for which your information was collected in the first place;
  • Whether there are any statutory obligations, obliging us to continue to process your information;
  • Whether we have a legal basis in place to continue to process your information, including but not limited to consent;
  • What the value attached to your information is;
  • Whether there are any industry practices stipulating how long information should be retained;
  • The risk, cost and liability attached to such retention; and
  • Any other relevant circumstances.

 

9. Cookies and Similar Technologies

To help deliver a tailored and safe experience while maintaining strict data security standards, the app usestechnologies to ensure functionality, personalisation, and service optimisation. You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of the Website may become inaccessible or not function properly. This section should be read in conjunction with our IP address and cookie policy.

 

10. International transfers

We do not generally transfer your personal data to entities outside the European Economic Area (“EEA”) except as may be necessary to: (i) provide you with the requested Services, (ii) fulfil our contractual obligations to you or exercise our contractual obligations against you, (iii) comply with our legal or regulatory obligations or (iv) assert, file or exercise a legal claim. Where we do need to transfer your personal data to outside the EEA we will ensure a similar degree of protection is afforded to that personal data by ensuring at least one of the following safeguards applies or is otherwise implemented:

  • We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
  • In the absence of an adequacy decision, we will use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
  • Where we use providers based in the U.S., we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US.

 

11. Applicable Safeguards

11.1 Protecting Your Personal Information

We have implemented measures and policies to safeguard your Personal Information from unauthorised access, altering or disclosure,  accidentally loss, or improper use and will continue to update these measures as new technology becomes available. 

We also regularly review and, where practicable, improve upon these security measures.

 

11.2 Security in Transmission

No method of transmission over the Internet or method of electronic storage is 100% secure. We cannot warrant the security of any information you transmit to use, and you do so at your own risk. If you wish to send an e-mail from your private e-mail account to the Company, you must take your own security precautions in order to maintain the confidentiality and integrity of your e-mail’s content, by using standard commercially available encryption software, for example. 

 

11.3 Personal Information Breach 

We cannot guarantee that your Personal Information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or organisational safeguards. 

We have put in place procedures to deal with any suspected personal data security breach and will notify the supervisory authority of a suspected breach where we are legally required to do so. In certain cases, we will also inform you, as the data subject, of the occurrence of the breach and the steps you need to take to safeguard your rights. 

If you believe your Personal Information has been compromised, please contact the Data Protection Officer on [email protected].

While we strive to ensure the accuracy of information about you, it shall be your responsibility to ensure that the information you provide is correct and to notify us should such information change. In line with GDPR, if you would like to review or change the details you have supplied us with, please contact the DPO.

 

12. Privacy by Design and by Default 

Where we introduce new technologies, policies or processes, we will ensure that your privacy is considered from the outset i.e. at the ‘design stage’, and where applicable we will carry out a Data Protection Impact Assessment (DPIA).

We will always carry out a DPIA where we use new technologies or consider there is a high risk to your rights and freedoms. Where an assessment identifies risks that cannot be satisfactorily reduced or avoided, we will seek advice from the supervisory authority (Office of the Information and Data Protection Commissioner).

 

13. Your Rights 

In terms of applicable data protection and privacy laws we protect the fundamental rights and freedoms of natural persons and in particular their right to the protection of Personal Information.

As a data subject you have the following rights:

  • Right of access: You have the right to obtain for us confirmation whether Personal Information concerning you is being processed, and where that is the case, access to the Personal Information and the additional information as outlined in the regulations.

     

  • Right to rectification: You have the right to obtain from us without undue delay the rectification of inaccurate Personal Information concerning you.

     

  • Right to erasure: You have the right to obtain from us the erasure of your Personal Information in terms of law.  This right is limited by, and subject to all our compliance, regulatory and legal obligations.  

     

  • Right to restriction of processing: You have the right to obtain from us restriction of processing where, one of the following applies:
  1. the accuracy of Personal Information is contested by yourself for a period enabling us to verify the accuracy of your personal data;
  2. the processing is unlawful, and you oppose to the erasure of your Personal Information and request the restriction of its use instead;
  3. we no longer need the Personal Information, but it is required by yourself for the establishment, exercise or defence of legal claims;
  4. you object to processing pursuant to your right to object pending the verification whether our legitimate grounds override yours.
  • Right to data portability: You shall have the right to receive your Personal Information which you have provided to us, in a structured, commonly used and machine-readable format.  

     
  • Right to object: You have the right to object, on grounds relating to your particular situation to processing of your Personal Information.  We shall no longer process your Personal Information unless we have a compelling legitimate ground for the processing.  You have the right to object at any time to the processing of Personal Information concerning you for direct marketing purposes.

             

  • Right to lodge a complaint: Should you require any clarification or need to discuss matters relating to the processing of your Personal Information, you may contact the Data Protection Officer by e-mail at [email protected][4] .

In the case you are not satisfied with the outcome, as a data subject, you also have a right to lodge a complaint with the Information and Data Protection Commissioner, either online, via the submission of a report by conventional mail, or by email at [email protected]. Also, you may seek to enforce your rights through judicial remedy.

Please note that your rights in relation to your Personal Information are not absolute. If you intend to exercise one or more of your rights, please send your request by email at [email protected].

Generally, no fees are applicable when exercising your rights. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may simply refuse to comply with your request in such circumstances.

We will provide you with a response without undue delay, and in any event, within one month, which starts running as soon as your identity is verified. Occasionally, if your request is particularly complex or you have made a number of requests, we may extend our response time up to three months. In any case, we will inform you accordingly. 

The Company may need to request specific information from you to help verify your identity. This is a security measure to ensure that Personal Information is not disclosed to unauthorised third parties. We may also contact you to ask you for further information or clarification in relation to your request to speed up our response. 

We try to respond to all legitimate requests within a period of one month from the date of receiving your request. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated. 

Kindly note that none of these data subject rights are absolute, and must generally be weighed against our own legal obligations and legitimate interests. If a decision is taken to override your data subject request, you will be informed of this by our data protection team along with the reasons for our decision.

 

14. Links to Third-Party Websites 

Kindly note that it is your responsibility to check the privacy policy of each website you visit. The Company’s website and app may include links to websites operated by third-parties. We lay no claim to ownership of websites of third-parties accessible by way of links, and we are not responsible for their content. 

We are not responsible for the privacy policies and practices of websites and other apps which you access using links from our app, or websites which directed you to our website and app. Any concerns or questions arising from such websites should be handled directly with the respective owners or operators.

 

15. Contacting Us

If at any time you would like to contact us, you can do so by any of the following means.

Address: Bastion View, Flat 4,

Triq Romano Carapecchia,

Fgura FGR1350

Email: [email protected]

Tel: +356 79870914

 

16. Changes to this Privacy Policy

This Privacy Policy may change from time to time and will indicate when changes have been made by revising the date at the top of this APP.

If we change this Privacy Policy in ways that affect how we use your Personal Information, we will advise you of the choices you may have as a result of those changes. We will also post a notice that this Privacy Policy has changed.