HalpMe OÜ App Privacy Notice
Effective Date: 25th March, 2025
HalpMe OÜ, a company incorporated in Estonia under registration code 17044600 and VAT number EE102765515, with its registered address at Merivälja tee 50, 1191, Harju Maakond, Tallinn, Estonia, trading as HalpMe, hereinafter referred to as "HalpMe", "us" or "we", is the data controller of your personal data.
HalpMe collects and processes personal data in the course of installation and/or use of the App/Website and in relation to registration, on-boarding and provision of services, in accordance with the relevant terms and conditions. This includes deciding the purposes for processing your data, such as enhancing our App, and how it is processed, always prioritizing your privacy and data protection rights.
1. Scope of This Privacy Policy
This Privacy Policy applies to all users of HalpMe Platform, including both Customers (those requesting services "Halps") and Halpers (independent service providers).
By using the Platform, you confirm that you understand and accept the terms in this Privacy Policy and in our Terms and Conditions.
For interactions and independent agreements between Customers and Halpers (such as chats, address exchange, or service provision), each party acts as an independent data controller. HalpMe does not process this data and is not a data processor for user-to-user communications.
For Users of our App the collection, use and sharing of your Personal Data are subject to this Privacy Notice and Cookie Policy, including their respective updates. If you disagree with how we handle Personal Data as described in this Privacy Notice, please refrain from downloading and using our App/website.
2. About HalpMe OÜ and this Policy
This Privacy Notice outlines the information we collect and retain about you, its purpose and usage, potential sharing, and your rights and choices regarding our processing of your Personal Data. It also details our data safeguarding measures and how to contact us with privacy inquiries. Please read it carefully.
3. What Data do we collect?
Personal data is generally processed for the provision of HalpMe App/website services. We collect the following types of personal data:
- Biographical and contact information including name, telephone number, address, e-mail address
- Banking or financial information and payment information
- Geographical locations when You are logged into the app
- Account information including user ID card picture
- Details of performed Services, and feedback ratings
- Fare estimates, actual fares and other payment data
- Earnings history and fiscal data
- Text (including emails and chats), images, and other user content you provide
- If we withdraw your right to use the service, issue a warning, a record of that withdrawal or warning
- Identification data of the device on which the relevant HalpMe app has been installed
- Website and communication information such as details collected by cookies and other similar tracking technologies when you use our sites or apps
- Details of support queries you make (e.g. through our apps or via other communication channels)
- Users complaints related to the service provided
- Background checks information in accordance with local requirements, which may include professional or technical certificates
- Information collected from third parties about you in order to verify any information you supplied to HalpMe during registration
- Record of any requests for your information made by law enforcement, regulatory, governmental or judicial bodies
To ensure regulatory compliance and verify their qualifications for this activity, we collect and process the personal data of our users. This also safeguards our contractual relations with the HalpMe app/Website service, allowing us to resolve service quality issues and continuously monitor compliance.
We highly value our customers' trust and are committed to the principles of transparency, fairness, and lawfulness. We only process your Personal Data when we have a legal basis to do so and only to the extent necessary for a specific purpose. For a comprehensive understanding of terms, definitions, and legislative requirements concerning your privacy and the processing of your Personal Data, please refer to the Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data of the European Parliament and of the Council of 27 April 2016 ("GDPR").
Our aim is to provide you with the best possible user experience. To achieve this, we may process your Personal Data, using automated systems where necessary, to personalize and enhance your app experience, and to maintain and offer exciting new features.
4. How do we collect your data?
You directly provide HalpMe with most of the data we collect. We collect data and process data:
- HalpMe collects and uses personal data for purposes of providing the HalpMe App/website and legitimate business purposes
- Register online or place/accept or refuse a service request to a customer or Halper and to allow you to provide feedback
- Voluntarily complete a survey or provide feedback on any of our message borders via email
- Use or view our App/Website via your browser cookies
Under EU data protection laws, HalpMe's use of personal data must be justified by one of a number of legal bases. These are also set out below:
- Where you are a User, we use your personal data to on-board you as a customer (of the Halper) or a Halper and to facilitate interactions with the Users including to enable you to decide whether to fulfil a Customer's requested Service and once a service has been allocated, to facilitate communication with the Customer
- To show you the service provided by Halpers according to your needs as a customer
- We may use personal data to facilitate payments between Customer and Halpers, using our partner services Stripe
- We may use personal data to provide support, including to assist with resolving service quality issues and to respond to queries from other Users
- We use contact details to notify you of updates to our websites and the HalpMe apps/website
5. How we will use your data
HalpMe collect your data so we can:
- Enable you to easily find "halpers" that meet your specific needs through a dedicated search engine
- Process your service order (Halp) and manage your account
- Share your contact details and profile with customers and Halpers
- Email you with special offers on other services we think you might like
- When your service order is processed and accepted by a Halper, HalpMe may send the relevant information to the other party involved
6. What are the legal bases and purposes of your Personal Data Processing?
We process your Personal Data in compliance with the GDPR and other applicable data protection laws. We ensure that your personal data is processed on the most appropriate legal basis, and only when there is a legal basis to do so. Please see the detailed information about the legal basis we rely on for processing your personal data.
6.1. Conclusion and performance of a contract - Article 6 (1) (b) GDPR
We need to Process your Personal Data to be able to provide you our App for use and to implement safety procedures. Processing your Personal Data is necessary when we have a contract with you to fulfill our contractual obligations. This also applies if you've requested an action (like Member Account registration) that requires us to process your data, even if a contract isn't ultimately formed, as long as the processing occurs within the context of a potential agreement. Our Terms & Conditions, which you have accepted, outline the terms of our contract.
6.1.1 Provision of Services
To deliver our Services (e.g. user's matching), provide you with the information you've requested, process your service request, and implement safety procedures, we must process your Personal Data.
As part of our service, the public profile information of the Halper may be made accessible and searchable by third-party search engines to allow Customers and Halpers to find and verify you outside HalpMe. This is necessary to provide the service and facilitate secure transactions between users.
6.1.2 Customer Support
We provide options to choose what kind of communication You want to receive from us. We may contact you regarding customer support, service availability, security issues, or legal notices. These communications, essential for our services and contractual relationship, can be sent via email, SMS, phone calls, messages on our website or HalpMe applications, or by post. You have options to select your preferred communication methods.
6.1.3 Communications
We may reach out to you regarding our Services for essential reasons, including service updates, security alerts, legal notices, or to uphold our contractual agreement. For example, we will notify you of any modifications to our Cookie Policy, Terms & Conditions, and Privacy Notice, or if maintenance is required for our Websites and applications. These communications may be delivered via email, SMS, phone calls, messages within our Websites and applications, or by postal mail. While you can set preferences for the types of communication you receive, please be aware that opting out of essential service-related communications is not an option.
6.2. Legitimate interest - Article 6(1)(f) of GDPR
We may process your Personal Data for our legitimate interests or those of a third party, ensuring these interests do not override your rights, freedoms, or interests. We carefully balance any potential impact on you against our interests before processing your Personal Data. For instance, we may process your Personal Data for analytics, research, and App development to offer you and others a more intuitive and personalized experience, and to encourage growth and engagement with our App.
6.2.1. Right to object
You have the right to object to processing based on our legitimate interest. To do so, please contact us by e-mail at [email protected]. However, in cases where our legitimate reasons for processing your Personal Data outweigh your rights, we will continue with the necessary processing.
6.2.2. Business reorganization
In the event that we: (i) are subject to negotiations for the sale of our business or part thereof to a third party; (ii) are sold to a third party; or (iii) undergo a re-organisation, we may need to transfer some or all of your personal data to the relevant third party (or its advisors) as part of any due diligence process for the purpose of analysing any proposed sale or re-organisation.
We may also need to transfer your personal data to that re-organised entity or third party after the sale or reorganisation for them to use for the same purposes as set out in this policy.
6.3. Your consent - Article 6(a) of GDPR
You can voluntarily give your consent (opt-in) through the cookie banner. You can withdraw your consent at any time by managing your cookie preferences as described further in our Cookie Policy.
6.3.1. Marketing materials
To provide you with marketing materials or provide you with offers from our partners where we are not required to rely on consent, to keep you updated with news in relation to our products and services and to enable us to analyse how you interact with our communications.
6.3.2. Promotional messages
Where permitted by law (you will always be provided with an opportunity to opt-out of future messages), we may contact you with promotional messages regarding the HalpMe app and our and selected business partners' products and services. For further information about marketing and how to manage your preferences, see the section "Direct Marketing to Users" below.
6.3.3. Partner campaigns
Where you have expressed the interest to participate in the campaign organized by our partners we may share your personal details with them if it is necessary to conduct such a campaign.
6.3.4. Cookies and tracking
We may use cookies and other tracking technologies to understand and analyse your online experiences and to determine what events, products and services are likely to be of interest to you. This may be by reference to how you have interacted with our websites, apps, or marketing emails. We may combine such information (whether you are logged in or not) with personal data.
6.4. Legal Obligation and compliance - Article 6 (c) of GDPR
To ensure the responsible and secure provision of our Services, we process your Personal Data in compliance with legal and regulatory obligations. This includes:
- Verifying identity and age: Conducting personal identification and KYC (Know Your Customer) purposes, determining your location and applicable legal regime using your IP address, and ensuring underaged do not use our Services while maintaining the accuracy of your data
- Managing security risks: Ensuring network and information security, and conducting audits
- Preventing illicit activities: Complying with legal processes like search warrants, subpoenas, or court orders, and preventing crimes related to money laundering, terrorist financing, fraud, or computer crimes
- Meeting reporting and legal requirements: Engaging in regular reporting activities and meeting various economic, financial, technical, and legal requirements, including segmenting data for social responsibility and legal reporting where necessary
- Preventing fraud: We use personal data in our efforts to prevent fraud. If false or inaccurate information is provided and fraud is identified or suspected, your personal data may be passed to fraud prevention agencies and may be recorded by us or by them
- Reporting to tax authorities: In certain jurisdictions we may send data about earnings to tax authorities or other relevant authorities
HalpMe may also receive your data directly from the following sources:
- Stripe
- Halpers
- Customers
7. With Whom We May Share Your Personal Data?
We may share your Personal Data with the following recipients:
7.1. Internally
With authorised employees, contractors, consultants, agents, affiliates, and subsidiary companies within our business group or linked to our parent company for professional purposes (in case is applicable). Access is strictly limited to those who need it to perform their duties.
7.2. In the event of a change in control or sale
Merger, joint venture, or preparation for these events, any acquiring entity or partner will have the right to continue processing your Personal Data as outlined in this Privacy Notice.
7.3. Authorities and other public and private entities
May be needed to comply with our legal obligations.
7.4. Halpers and Customers (of the halpers)
HalpMe facilitates through their platform that potential Customers will be able to find potential Halpers to meet their requirements. To facilitate the development and provision of our service, it will be necessary to share your information with other users.
7.5. Third-party providers
To deliver, manage, and improve our App, we may transfer your Personal Data to carefully selected third-party providers. We ensure these providers comply with applicable laws, protect your data, implement necessary security measures, and delete your data from their servers upon our request. The following are specific third-party providers we may utilize:
- Google Analytics and other providers for analytics: Upon your consent given via Cookie preferences we use your Personal Data for analytics and surveys by generating aggregated data. All insights are derived in a way that maintains your anonymity. For deeper insights and analytics, we may engage third-party service providers, always ensuring your privacy is protected. For example, we use tools like Google Analytics to understand user interactions on our Website and Applications, always prioritising the security of your Personal Data. Please, visit Google's Business Data Responsibility site and read Google's Privacy Policy to get more information about how Google processes personal information
- Other Service Providers: In case we use other service providers to help us provide our Services and perform our legal obligations (e.g., maintenance, analytics, analysis, marketing and development). Such Service Providers will have access to your Personal Data as reasonably necessary to perform these tasks on our behalf and are obliged not to disclose or use your Personal Data for other purposes
8. How do we store your data
HalpMe store all personal data collected from You within the European Economic Area (EEA), specifically in Germany and France. We are committed to ensuring the security and privacy of your data, and we implement appropriate technical and organizational measures to protect your personal information in accordance with the General Data Protection Regulation (GDPR).
All data is located in encrypted databases on servers in the EU, and said encryption keys are under the custody of our service provider. We have used standard contractual clauses permitted by law.
We never sell your Personal Data, nor do we publish it publicly on the Internet or elsewhere without your consent.
Your personal data will be stored as long as you have an active Member Account. In case your Member account has been closed, your personal data will be deleted, securely destroyed or anonymised (according to the policies set out in this section) from the databases, unless such data is required to be retained for legal or regulatory purposes or certain legitimate business purposes, including for accounting, dispute resolution or fraud prevention.
When determining the appropriate period for which the personal data will be stored, we consider the following criteria:
- The volume, nature and sensitivity of the data
- The potential risk of harm from unauthorized use or disclosure
- Applicable legal, jurisdictional and regulatory requirements
- Our internal policies and industry best practices
- The purposes for processing your personal data and feasibility of achieving those purposes through other means
The maximum retention period for personal data is 5 years when we are required by law to retain your data.
Once the retention period expires, your personal data will be securely deleted or anonymized. If anonymized, it will no longer be associated with you, and we may use this data indefinitely without further notice.
Please note that the uninstallation of the HalpMe app from your device does not cause the automatic deletion, destruction or anonymization of your personal data.
9. What are your data protection rights?
You have several rights regarding your Personal Data: the right to access, correct, update, or request deletion of your data; the right to restrict or object to its processing; the right to data portability; and the right not to be subject to automated decision-making, including profiling.
10. What Are Cookies?
Cookies are small text files stored on your browser or device when you visit a website. They enable websites to remember your preferences, improve performance, and deliver relevant content or services. Cookies can be essential for technical functionality or used for analytics, personalization, and advertising. Some cookies process personal data and require your consent under GDPR.
11. Types of Cookies We Use
We use the following types of cookies on the Platform:
11.1. Strictly Necessary Cookies
These cookies are essential for website navigation and feature utilization.
11.2. Performance Cookies
We use these to gather anonymous, aggregated data on how you use our website, like popular pages. This information helps us improve website functionality and cannot identify you.
11.3. Functionality Cookies
These cookies allow the website to remember your preferences (username, language, region) and provide enhanced, personalized features. They can also recall changes you've made to the website, such as your preferred language. The information collected may be anonymized and cannot track your browsing activity on other websites.
11.4. Targeting Cookies
These cookies collect information about your browsing habits to deliver advertisements that are more relevant to your preferences and interests. They also help us measure the effectiveness of our advertising campaigns.
12. Cookie Overview Table
| Cookie Name | Provider | Purpose | Duration | Type |
|---|---|---|---|---|
| appVersion | HalpMe | Track application version for cache busting and updates | 3h | Functional |
| connect.sid | HalpMe | Express session management | 30 days | Essential |
| access_token | HalpMe | JWT access token for API authentication | 30 minutes | Essential |
| refresh-token | HalpMe | JWT refresh token for session renewal | 180 days | Essential |
| user-fingerprint | HalpMe | Device fingerprint for security and session validation | 180 days | Essential |
| userCountry | HalpMe | Store user's country for localization and service availability | 7-14 days | Functional |
| languagePreference | HalpMe | Store user's language preference | 1 year | Functional |
| clientTimezone | HalpMe | Store user's timezone for appointment scheduling | 24 hours | Functional |
| NID, OGPC, SID | Security, preferences and analytics | 6 months | Functional and Security | |
| SMSV | Authentication for users | 1 year | Functional | |
| __Host-1PLSID, __Host-3PLSID | Session ID used across multiple google services | While user is authenticated | Functional | |
| __Host-GAPS | Stores session info used for google account authentication services | While user is authenticated | Functional | |
| ACCOUNT_CHOOSER | Remember which google account have been used for sign-in | While user is authenticated | Functional | |
| LSID | Login Session ID cookie used to authenticate users across multiple Google services | While user is authenticated | Functional | |
| OTZ | Optimizes ad delivery and user experience across google services | Same as session duration | Functional |
Note: Exact durations and cookie types may vary depending on browser behavior and updates from third-party providers.
13. How We Use Cookies
We use cookies for the following purposes:
- To enable core Platform functionality
- To analyse Platform performance and improve usability
- To customise content and advertisements based on user preferences
- To comply with legal and regulatory requirements
14. Managing Your Cookie Preferences
14.1. You may withdraw your consent for non-essential cookies at any time through the "Cookie Settings" link in the footer. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
14.2. You may also object to the processing of personal data collected via cookies for direct marketing or profiling purposes under Article 21 of the GDPR.
14.3. Our platform uses a Consent Management Platform (CMP) that allows you to toggle individual cookie categories (e.g., essential, analytics, marketing).
14.4. You have the right to control how cookies are used on your device:
- Cookie Consent Banner: When you first visit the Platform, you will see a banner requesting your consent to non-essential cookies
14.5. You can choose to accept or reject non-essential cookies. Essential cookies will remain active as they are required for the Platform to function.
14.6. Browser Settings: Most browsers allow you to block or delete cookies through their settings. Note that blocking essential cookies may impact the functionality of the Platform.
14.7. Change Preferences: You can modify your cookie preferences at any time via the "Cookie Settings" link at the bottom of our website.
Consent for non-essential cookies is collected through our CMP (Consent Management Platform) in line with GDPR Article 6(1)(a). A record of your consent (or refusal) is stored and can be reviewed or changed at any time.
15. Third-Party Cookies
We may allow third-party services to place cookies on your device for analytics, marketing, or functional purposes. These third parties are responsible for their cookies, and their privacy policies apply and it might include:
- Google Analytics
- Google reCAPTCHA
- Google Auth
- Payment processors
All third-party cookies used are integrated in accordance with GDPR requirements. We ensure that any vendor we use provides an appropriate level of data protection, implements technical safeguards, and enters into data processing agreements (DPAs) with us where applicable.
HalpMe does not monitor or control data shared directly between Customers and Halpers during services; cookie usage is limited to platform operations.
We do not allow third-party services to collect data through cookies unless you have explicitly opted in via our consent banner.
16. Cookies Retention Periods
Cookies are stored for varying durations depending on their type:
- Session Cookies: Deleted when you close your browser
- Persistent Cookies: Stored until their expiration date or until you delete them
Retention periods are determined based on the cookie's function and whether it is essential, analytical, or advertising-based. Details for each are available in our Cookie Settings section.
17. Withdraw your consent at any time
If you do not wish to accept cookies connected with your use of our Website, you may delete, block, and disable cookies from your browser as stated above. However, please note that disabling necessary cookies will most likely affect the functionality of this Website.
18. Underaged's Privacy
The HalpMe Platform is intended for use only by individuals who are 18 years or older.
We do not knowingly collect or process personal data from individuals under 18. If we discover that we have inadvertently collected such data, we will:
- Delete it without delay; and
- Take steps to prevent future collection
Parents or guardians who believe their child's data has been submitted in error should contact us immediately at [email protected].
19. Changes to our privacy policy
This notice may be updated periodically, with immediate effect. Please refer to your App for the most current version. For significant changes regarding how we process your Personal Data, we will notify you via our App or other methods, allowing you to review the changes before they are implemented.
By continuing to use our App after we publish or send notice of a revised Privacy Notice, you acknowledge and accept such changes, and your Personal Data will be collected, used, and shared according to the updated Privacy Notice.
20. Third party Links
Our websites and applications may include links to external third-party websites. Please be aware that these third-party websites operate under their own privacy policies. We do not assume any responsibility or liability for their policies or their handling of your personal data. We strongly advise you to review these policies before providing any personal data to such third-party websites.
21. How to contact us
If you have any questions about this Privacy Notice or concerns about how we manage your Personal Data, please contact us by e-mail at [email protected]. We will strive to answer your questions and inform you of the measures taken to resolve the issues you've brought to our attention.
Supervisory Authority Contact: If you are not satisfied with our response, you may file a complaint with:
- Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon): https://www.aki.ee
- Or your local EU data protection authority if outside Estonia
We are committed to resolving privacy concerns fairly and transparently.