This Privacy Policy describes how we process your personal data at Metus. From now on, we'll call it the 'Policy'.
It applies to your use of:
From now on, we'll collectively call these the 'Metus Service'.
From time to time, we may develop new or offer additional services. They'll also be subject to this Policy, unless stated otherwise when we introduce them.
This Policy is not...
Many privacy laws give rights to individuals over their personal data. These laws include the General Data Protection Regulation, or 'GDPR'.
Some rights only apply when Metus uses a certain 'legal basis' to process your data. We explain each legal basis, and when Metus uses each one, in Section 4 'Our purpose for using your personal data'.
The table below explains:
It’s your right to... | How? | |
---|---|---|
Be informed | Be informed of the personal data we process about you and how we process it. | We inform you:
|
Access | Request access to the personal data we process about you. | To request a copy of your personal data from Metus, either:
When you download your data you will receive the information about your data that Metus has to provide under Article 15 of the GDPR. If you would like more information about how we process your personal data, you can contact us. |
Rectification | Request that we amend or update your personal data where it’s inaccurate or incomplete. | You can edit your User Data under ‘Edit profile’ in your account or by contacting us. |
Erasure | Request that we erase certain of your personal data. For example, you can ask us to erase personal data:
There are situations where Metus is unable to delete your data, for example when:
|
There are several ways you can erase personal data from Metus:
|
Restriction | Request that we stop processing all or some of your personal data. You can do this if:
You can request that we stop this processing temporarily or permanently. |
You can exercise your right to restriction by contacting us. |
Object | Object to us processing your personal data. You can do this if:
|
To exercise your right to object, you can:
|
Data portability | Request a copy of your personal data in electronic format and the right to transmit that personal data for use in another party’s service. You can request us to transmit your data when we are processing your personal data on the legal bases of consent or performance of contract. However Metus will try to honour any request to the extent possible. |
For information about how to exercise the right to portability, see ‘Access’ above. |
Not be subject to automated decision making | Not be subject to a decision based solely on automated decision making (decisions without human involvement), including profiling, where the decision would have a legal effect on you or produce a similarly significant effect. | Metus does not carry out this type of automated decision making in the Metus Service. |
Withdrawal of consent | Withdraw your consent to us collecting or using your personal data. You can do this if Metus is processing your personal data on the legal basis of consent. |
To withdraw your consent, you can:
|
Right to lodge a complaint | Contact the Croatian Authority for Privacy Protection or your local data protection authority about any questions or concerns. | You can find the Croatian Authority’s details here. You can also go to the website of your local data protection authority. |
What is tailored advertising?
How to control tailored advertising:
If you are 'opted out' of Tailored Ads in your Privacy Settings, you may still get advertising. This can include on our free Service Option, as well as our paid Service Option, as applicable (for example, advertising in podcasts). This type of advertising is based on your registration information and what you are currently listening to on our services. For example, if you are listening to a cooking podcast, you may hear an ad for a food processor.
These tables set out the categories of personal data we collect from you.
Collected when you sign up for the Metus Service or when you update your account | |
---|---|
Category | Description |
User Data | Personal data that we need to create your Metus account and that enables you to use the Metus Service. The type of data collected and used depends on the type of Service Option you have. It also depends on how you create your account, the country you are in, and if you use third party services to sign in. This may include your:
We receive some of this data from you e.g. from the sign up form or account page. We also collect some of this data from your device e.g. country or region. For more information about how we collect and use this data, see ‘Your general (non-precise) location’ in the Usage Data category. |
Street Address Data | We may ask for and process your street address for the following reasons:
In some cases, we may use a third party application to help you verify your address, such as Google Maps. |
Collected through your use of the Metus Service | |
---|---|
Categories | Description |
Usage Data | Personal data collected and processed about you when you’re accessing or using the Metus Service. There are a few types of information this includes, listed in the following sections. Information about how you use Metus Examples include:
Examples include:
Your general (non-precise) location Your general location includes country, region or state. We may learn this from technical data (e.g. your IP address, language setting of your device) or payment currency. We need this to:
Your device sensor data Motion-generated or orientation-generated device sensor data if needed to provide features of the Metus Service that require this data. This is data which your device collects about the way you move or hold your device. |
Additional data you may choose to give us | |
---|---|
Categories | Description |
Voice Data | If voice features are available in your market and where you’ve chosen to use a voice feature, we collect and process voice data. Voice data means audio recordings of your voice and transcripts of those recordings. For more information on how different voice features work, and how you can control and turn them off. |
Payment and Purchase Data | If you make any purchases from Metus or sign up for a paid Service Option or a trial, we will need to process your payment data. The exact personal data collected and used will vary depending on the payment method. It will include information such as:
|
Survey and Research Data | When you respond to a survey or take part in user research, we collect and use the personal data you provide. |
We receive some of the data mentioned above from third parties. The below table describes the categories of those third parties.
Third party sources that we receive your data from | ||
---|---|---|
Categories of third parties | Description | Data categories |
Authentication partners | If you register for or log into the Metus Service using another service, that service will send your information to us. This information helps create your account with us. | User Data |
Third party applications, services and devices you connect to your Metus account | If you connect your Metus account to a third party application, service or device, we may collect and use information from them. This collection is to make the integration possible. These third party apps, services or devices may include:
We’ll ask your permission before we collect your information from certain third parties. |
User Data Usage Data |
Technical service partners | We work with technical service partners that give us certain data. This includes mapping IP addresses to non-precise location data (e.g., country or region, city, state). This makes it possible for Metus to provide the Metus Service, content, and features. We also work with security service providers who help us protect user accounts. |
User Data Usage Data |
Payment partners and Merchants | If you choose to pay through third parties (e.g. telco carriers) or by invoice, we may get data from our payment partners. This allows us to:
If we direct you to a merchant, we receive data from the merchant that is related to your purchase. For example, we might direct you to an artist’s merchandise store on a third party platform or to a third party ticketing website. Receiving this data allows us to:
|
Payment and Purchase Data |
Advertising and marketing partners | We receive inferences from certain advertising or marketing partners. These inferences are the partners’ understanding of your interests and preferences. This allows us to deliver more relevant ads and marketing. |
Usage Data |
Acquired companies | We may receive data about you from companies we acquire. This is to enhance our services, products, and offerings. | User Data Usage Data |
If you download the Metus mobile app and try Metus using a logged out user experience, we will collect limited information about your usage of the Metus Service, including Usage Data. We do this to understand how you are accessing and using the Service. We also do this to ensure we provide the right experience for you, for example based on your country or region. If you decide to create a Metus account to experience our service in full, then we will combine this data with your Metus account data.
The table below sets out:
Here is a general explanation of each 'legal basis' to help you understand the table:
Purpose for processing your data | Legal basis that permits the purpose | Categories of personal data used for the purpose |
---|---|---|
To provide the Metus Service in accordance with our contract with you. For example, when we use your personal data to:
|
Performance of a Contract |
|
To provide further parts of the Metus Service. For example, when we use your personal data to enable you to share a link to Metus content with someone else. |
Legitimate Interest Our legitimate interests here include:
|
|
To provide certain additional voluntary features of the Metus Service. When this is the case, we will clearly ask for your consent. | Consent |
|
To diagnose, troubleshoot, and fix issues with the Metus Service. | Performance of a Contract |
|
To evaluate and develop new features, technologies, and improvements to the Metus Service. For example:
|
Legitimate Interest Our legitimate interests here include developing and improving products and features for our users. |
|
For marketing or advertising where the law requires us to collect your consent. For example, when we use cookies to understand your interests or the law requires consent for email marketing. |
Consent |
|
For other marketing, promotion and advertising purposes where the law does not require consent. For example, when we use your personal data to tailor advertising to your interests. |
Legitimate Interest Our legitimate interests here include using advertising to fund the Metus Service, so that we can offer much of it for free. |
|
To comply with a legal obligation that we are subject to. This might be:
For example, when we use your date of birth when required for age verification purposes. |
Compliance with legal obligations |
|
To comply with a request from law enforcement, courts, or other competent authorities. |
Compliance with legal obligations, and legitimate interest Our legitimate interests here include assisting law enforcement authorities to prevent or detect serious crime. |
|
To fulfil contractual obligations with third parties. For example, when we provide pseudonymised data about our users’ listening because we have an agreement with a Metus rightsholder to do so. Pseudonymised data means that your data is identified by a code rather than your name or other directly identifying information. |
Legitimate Interest Our legitimate interests here include:
|
|
To take appropriate action with reports of intellectual property infringement and inappropriate content. | Legitimate Interest Our legitimate interests here include protecting intellectual property and original content. |
|
To establish, exercise, or defend legal claims. For example, if we are involved in litigation and we need to provide information to our lawyers in relation to that legal case. |
Legitimate Interest Our legitimate interests here include:
|
|
To conduct business planning, reporting, and forecasting. For example, when we look at aggregated user data like the number of new sign ups in a country in order to plan new locations to launch our products and features in. |
Legitimate Interest Our legitimate interests here include researching and planning so that we can keep running our business successfully. |
|
To process your payment. For example, when we use your personal data to let you purchase a Metus subscription. |
Performance of a Contract, and consent |
|
To keep the Metus Service secure and to detect and prevent fraud. For example, when we analyse Usage Data to check for fraudulent use of the Metus Service. |
Legitimate Interest Our legitimate interests here include protecting the Metus Service and our users against fraud and other illegal activity. |
|
To conduct research and surveys. For example, when we contact our users to ask for your feedback. |
Legitimate Interest Our legitimate interests here include to understand more about how users think about and use the Metus Service. |
|
This section sets out who receives personal data which is collected or generated through your use of the Metus Service.
Publicly available information
The following personal data will always be publicly available on the Metus Service (except to any user you have blocked):
You or another user can share certain information on third party services, like social media or messaging platforms. This includes:
When this sharing occurs, the third party service may store a copy of it to support their features.
Personal data you may choose to share
We will only share the following personal data with those outlined in the table below:
Categories of recipients | Categories of data you can choose to share | Reason for sharing |
---|---|---|
Third party applications, services and devices you connect to your Metus account |
|
To connect your Metus account, or so that you can use the Metus Service in connection with third party applications, services or devices. Examples of such third party applications, services and devices include:
You can see and remove many third party connections under ‘Apps’ in your account. |
Information we may share
See this table for details of who we share to and why.
Categories of recipients | Categories of data | Reason for sharing |
---|---|---|
Service providers |
|
So they can provide their services to Metus. These service providers include those we hire to:
|
Payment partners |
|
So they can process your payments, and for anti-fraud purposes. |
Advertising partners |
|
So they can help us deliver more relevant advertising to you on the Metus Service, and help measure the effectiveness of ads. For example, our ad partners help us facilitate tailored advertising. |
Marketing Partners |
|
To promote Metus with our partners. We share certain User Data and Usage Data with these partners where necessary to:
Examples of partners include:
Our partners may also combine the personal data we share with them with other data they collect about you, e.g. your use of their services. We and our partners may use this information to present you with offers, promotions, or other marketing that we think you’ll find relevant. |
Hosting Platforms |
|
Hosting platforms host podcasts so that they can deliver them to you. We share certain data, such as your IP address, with the hosting platforms when you play a podcast. We also allow you to stream podcasts available from other hosting platforms not owned by Metus. Podcast providers should explain in the show or episode description which platform is hosting the podcast. See the hosting platform’s own privacy policy for how they use data shared with them. |
Academic researchers |
|
For activities such as statistical analysis and academic study, but only in a pseudonymised format. |
Other Metus group companies, including companies that Metus acquires |
|
To carry out our daily business operations and so we can maintain, improve and provide the Metus Service and acquired companies’ services to you. For example:
|
Law enforcement and other authorities, or other parties to litigation |
|
When we believe in good faith it’s necessary for us to do so, for example:
|
Purchasers of our business |
|
If we were to sell or negotiate to sell our business to a buyer or possible buyer. In this case, we may transfer your personal data to a successor or affiliate as part of that transaction. |
We keep your personal data only as long as necessary to provide you with the Metus Service and for Metus's legitimate and essential business purposes, such as:
Here are some of the categories of our retention periods:
It's your right to request that we delete certain of your personal data. See the section on 'Erasure' in Section 2 'Your personal data rights and controls' for more information.
We have set certain retention periods so that some data expires after a specific period of time.
We keep some data until your Metus account is deleted. When your Metus account is deleted, your data is deleted or anonymised.
After your account is deleted, we keep some data for a longer time period but for very limited purposes.
Criteria used to determine the retention periods include:
.
Because of the global nature of our business, Metus shares personal data internationally with Metus group companies, subcontractors and partners when carrying out the activities described in this Policy. They may process your data in countries whose data protection laws are not considered to be as strong as EU laws or the laws which apply where you live. For example, they may not give you the same rights over your data.
Whenever we transfer personal data internationally, we use tools to:
To ensure each data transfer complies with applicable EU legislation, we use the following legal mechanisms:
We also identify and use additional protections as appropriate for each data transfer. For example, we use:
We're committed to protecting our users' personal data. We put in place appropriate technical and organisational measures to help protect the security of your personal data. However, be aware that no system is ever completely secure.
We have put various safeguards in place to guard against unauthorised access and unnecessary retention of personal data in our systems. These include pseudonymisation, encryption, access, and retention policies.
To protect your user account, we encourage you to:
You can log out of Metus in multiple places at once by using the 'Sign out everywhere' function on your account page.
If other individuals have access to your Metus account, then they can access personal data, controls and the m+Metus Service available in your account. For example, you might have allowed someone to use your account on a shared device.
It's your responsibility to only allow individuals to use your account where you're comfortable sharing this personal data with them. Anyone else's use of your Metus account may impact your personalised recommendations and be included in your data download.
The Metus Service has a minimum 'Age Limit' in each country or region. The Metus Service is not directed to children whose age:
If you're a parent of a child under the Age Limit and become aware that your child has provided personal data to Metus, contact us.
If we learn that we've collected the personal data of a child under the applicable Age Limit, we'll take reasonable steps to delete the personal data. This may require us to delete the Metus account for that child.
When using a shared device on the main Metus Service, be cautious about playing or recommending any inappropriate content to individuals under 18 years old.
We may occasionally make changes to this Policy.
When we make material changes to this Policy, we'll provide you with prominent notice as appropriate under the circumstances. For example, we may display a prominent notice within the Metus Service or send you an email or device notification.
For any questions or concerns about this Policy, contact our Data Protection Officer any one of these ways: