Last Revised: December 19, 2022
[Last Updated: February 28, 2023]
The Sugar extension (“Sugar Extension”), developed by Sugar-smart shopping inc. (“we“, “Sugar,” or “us“), is designed to help you make a smart purchases by discovering price history, trends, sales on Amazon and other ecommerce sites, price alerts when is the right time to purchase the good and services, get alerts when the product is overpriced.
If you are a California resident, please see the CCPA Notice here
The use of information received from Google API will adhere to the Chrome Web Store User Data Policy, including the Limited Use requirements.
- Controller Contact Information
Sugar – smart shopping inc is the controller (as such term defined under the GDPR) or the “business” as defined under the California Consumer Privacy Act (“CCPA”) of the Personal Data, You can also contact us at: email@example.com
Representative for data subjects in the EU and UK
We value your privacy and your rights as a data subject and have therefore appointed Prighter Group with its local partners as our privacy representative and your point of contact.
Prighter gives you an easy way to exercise your privacy-related rights (e.g. requests to access or erase personal data). If you want to contact us via our representative, Prighter or make use of your data subject rights, please visit the following website. https://prighter.com/q/13252349120
- Data we collect and purpose of use
The first type of information we collect is aggregated, non-identifiable, non-personal information, which may be made available or gathered via the user’s use of the Service (“Non-Personal Data”). We are not aware of the identity of the user from which the Non-Personal Data was collected. Non-Personal Data may include technical information automatically transmitted by the user’s device such as, type of browser, the type of operating system, access time and date, approximate geographical location, etc.
The second type of information is individually identifiable information, namely information that identifies an individual or entity or may with reasonable effort identify an individual (“Personal Data”).
The table below details the Personal Data collected by us, how it is used, and our legal basis for data processing. Note that, under the GDPR we are considered the Data Controller of the data we collect.
|Type of Data We Collect||Purpose||Lawful Basis|
|When you use the Sugar Extension or access our Website, we will collect your IP address (“Online Identifiers”).||We use the Online Identifiers for analytic purposes.||Based on your consent through the cookie banner.|
|If you voluntarily contact us for support or other inquiries, you may be required to provide us with certain information such as your name and email address (“Contact Information”).||We will use this data to provide you with the support you requested or to respond to your inquiry.||We process such Contact Information subject to our legitimate interest in order to respond to your inquiry.|
|When you use our Sugar Extension, we will collect your browsing data and user activity events, which include: click stream data, the content that you viewed, the search engine results page, web page visited, the products viewed, searched, added to the cart, and purchased. This will include information, regarding the price, product name, currency, quantity, taxes, delivery details (regular or express) payment method, discount value of the product you viewed and searched (“Extension Browsing Data“). We will collect the Extension Browsing Data solely with regards to your engagement with the ecommerce site. We do not track or cross profile from other websites, ecommerce platforms you browse.
We share the Extension Browsing Data with our affiliated company.
Note that, in most cases the data detailed above is aggregated Non-Personal Data, however, sometimes Extension Browsing Data contains terms that could be considered as Personal Data, this is why we filter and scrape this data to remove any Personal Data before it is used.
We do not track or collect information about users’ activities across sites or applications, meaning we do not cross information from different apps, websites, your computer, tablet or mobile device.
We share the Web Browsing Data with our affiliated company.
|We will use this data in order to provide you the services, providing you with the price analysis of the product you requested an alert regarding such products price.
We will further use the Extension Browsing Data in an aggregated, anonymized manner, for marketing research and commercial use. It is important you understand, we are not interested in knowing who you are, target or profile you. Instead we are interested in completely anonymous insight of how products and web pages are published and viewed on Amazon and other e-commerce websites (“Insights”) and We will share these Insights with our business partners for commercial use.
These Insights help our business partners in their market research and their digital measurements. For example, it helps them to understand how certain products are engaged. Our interest is not to produce insights on your specific browser usage in an individual level.
|The Extension Browsing Data is used for performance of a contract.
The Extension Browsing Data is shared with our affiliated company based on consent. You can withdraw consent at any time through the app settings (as explained here) or by contacting us, as detailed below.
The Insights do not contain any Personal Data and thus do not require a lawful basis. We do not (and cannot) identify, or attempt to identify, the individuals we derived the Insights from. However, we seek your consent to process the Extension Browsing Data to share and create the Insights through a pop in notice on the apps or extensions
|We may send you email marketing materials regarding the Extension you are currently using or any services we may offer in the future (“Direct Marketing”).||We will use this data solely to send you materials and offers with respect to the services.||Direct Marketing is subject to our legitimate interest, you may opt-out at any time from certain correspondence.|
HOW DO WE COLLECT DATA
We collect the above data from you in the following ways:
- When you voluntarily choose to provide us with information, e.g., when you contact us.
- With whom do we share information?
We share your data with third parties, including our service providers that help us provide our Sugar Extension. You can find here information about the categories of such third-party recipients.
|CATEGORY OF RECIPIENT||DATA THAT WILL BE SHARED||PURPOSE OF SHARING|
|companies active in the advertising and marketing sector such as data analytics, market measurement and marketing companies (“Business Partners”)||Insights||We will share the Insights we produce with our Business Partners for commercial use. The data we share for this purpose shall not include any Personal Data and will include only aggregated data.|
|Trusted Agents and Service Providers
|All data||We may disclose Personal Data to our trusted agents (such as legal counsel) and service providers (including, but not limited to, our Cloud Service Provider, Analytics Service Provider, fraud and security detection providers, etc.) so that they can perform the requested services on our behalf. These providers are prohibited from using your Personal Data for any purposes other than providing us with requested services. When we share information with services providers, we ensure they only have access to such information that is strictly necessary for us to provide the Sugar Extension. These parties are required to secure the data they receive and to use the data for pre-agreed purposes only while ensuring compliance with all applicable data protection regulations (such service providers may use other non-personal data for their own benefit).|
|Any acquirer of our business||All data||We may share Personal Data, in the event of a corporate transaction (e.g., sale of a substantial part of our business, merger, consolidation or asset sale). In the event of the above, our affiliated companies or acquiring company will assume the rights and obligations as described in this Policy.|
|Legal and law enforcement
|Subject to law enforcement authority request.||We may disclose certain data to law enforcement, governmental agencies, or authorized third parties, in response to a verified request relating to terror acts, criminal investigations or alleged illegal activity or any other activity that may expose us, you, or any other user to legal liability, and solely to the extent necessary to comply with such purpose.|
We reserve the right to use, disclose or transfer (for business purposes or otherwise) aggregated and processed Non-Personal Data to third parties, including, inter alia, affiliates and Business Partners for various purposes including commercial use. This information may be collected, processed, and analyzed by us and transferred in a combined, collectively, and aggregated manner (i.e., your information is immediately aggregated with other users) to third parties.
Cookies & Tracking Technologies
A “cookie” is a small piece of information that a website assigns to your device while you access such website. Cookies are very helpful and may be used for a variety of different purposes. These purposes include help customize your experience, provide us with analytics, and for advertising purposes (including personalized advertising).
Note that we do not combine the information collected through the use of third-party tools with any Personal Data collected from you. You may remove Cookies by following the instructions on your device governing the setting of your preferences. Our Cookies do not enable any access to or inspection of other information on your device. If you wish to be notified of when Cookies are placed on your device, you may set your web browser to provide such notices.
The third-party cookies used on our Site are as follows:
|Google Analytics||Analytical and Performance||www.google.com/policies/privacy/partners
For additional information regarding our use of Google products, click here.
- Data Retention
We retain the information we collect as long as it remains necessary for the purposes set forth above, all in accordance with applicable laws. We may at our sole discretion, delete or amend information from our systems, without providing any notice to you, once we deem it is no longer necessary for our purposes.
- User Rights
We acknowledge that different people have different privacy concerns and preferences. Our goal is to be clear about what information we collect so that you can make meaningful choices about how it is used. We allow you to exercise certain choices, rights, and controls in connection with your information. Depending on your relationship with us, your jurisdiction and the applicable data protection laws that apply to you, you have the right to control and request certain limitations or rights to be executed.
You may exercise any or all of your above rights in relation to your Personal Data by filling out the Data Subject Request (“DSR”) form available here, and send it to: firstname.lastname@example.org.
For California, Virginia and Colorado residents, please see our CCPA Notice.
- Data Security
While there are inherent risks involved in all data transmissions over the Internet or wireless networks, and other security risks that apply to stored data, and we therefore cannot guarantee the security of your information, we use our best efforts, using industry-standard encryption and security technologies and methods, to collect and store information collected from you in a secure and safe manner.
- Children Information
If you become aware or have any reason to believe that a Child has shared any information with us, please contact us (as detailed below) and we will take reasonable steps to ensure that such information is immediately deleted from our files.
- Transfer of Data
We may process or store Personal Data within the EEA, US, and internationally. In the event of data transfer out of your jurisdiction, we will take appropriate measures to ensure that your Personal Data receives an adequate level of protection as required under applicable law. Further, when Personal Data collected within the EU is transferred outside the EU (and not to a recipient in a country that the European Commission has decided provides adequate protection), it shall be transferred in accordance with the provisions of the Standard Contractual Clauses approved by the European Union.