PRIVACY POLICY

REWARDS BY WARNER MUSIC POWERED BY ONEOF PRIVACY POLICY

Updated June 28, 2023

Your privacy and security are paramount to us at OneOf, Inc. (“OneOf” or “Company”) and our partners, software providers, affiliates, and subsidiaries (“we”, “us” or “our”). This Privacy Policy incorporates by reference the Rewards by Warner Music Powered by OneOf Terms of Use (“Terms of Use”) available at https://www.wmgrewards.com/terms, and any terms used but not defined herein shall have the meaning attributed to them in the Terms of Use. This Privacy Policy is meant to explain how we collect, use, and share information on users of our service as defined below (“Service”). Our Service is not intended for under-aged or minor individuals. We do not knowingly collect personal information from such individuals.

OneOf Service

OneOf has developed and continues to improve Rewards by Warner Music (“WMG”) powered by OneOf (“WMG Rewards”), a rewards system that allows users to engage with unique and personalized content, opt-into offers and rewards that are relevant to them, earn rewards from brand and merchant partners for purchases or actions, and trade rewards on a peer-to-peer digital collectibles marketplace operated by Company (“Marketplace”). Our Service consists of access to the Software contained therein in which we make rewards and offers from a wide range of participating brand and merchant partners available to you. Our Service is delivered through the world wide web (including the Marketplace), stand-alone mobile applications, or add-on software licensed from 3rd party ESPs, including but not limited to browser extension (“Rewards Extension”), and mobile keyboard (“Rewards Keyboard”).

When you use our Service or Software, OneOf and WLPs may collect and receive certain information in order to maintain the Software and provide the Service.

Information we collect and/or receive:

We collect different kinds of information. Some of it is personally identifiable and some is non-identifying or aggregated. Here are the types of information we collect or receive:

Account and profile information. The information we require to create your WMG Rewards account (“Account”) is your first name, last name, email address, phone number, mailing address, and a unique password created by you. Such Account information (“Profile Data”) is shared by you exclusively with WLPs. You hereby grant additional permission to OneOf to manage your Profile Data on behalf of WLPs.
Transactions Data. When using our Service, you may choose to opt-in credit or debit card based purchase transactions data (“Transactions Data”) via our 3rd party Secure Data Gateway Partner. You always have the option to earn rewards without sharing any credit or debit card data via our SDGP, however, you may receive more opportunities to earn rewards if you do grant permission to OneOf via API from our SDGP. By doing so, we will have access to limited transactional information on secure servers where we will match the data from our network merchants with any of your purchases. When our system finds a match, it will reward you in your rewards account. Transactions Data are shared by you exclusively with OneOf. You hereby grant additional permission to our WLPs for accessing aggregated analytics on Transactions Data for purpose of improving services. Limited information used in this verification process may be displayed to merchant partners for verification purposes, including merchant name, date, amount of purchase and the last 4 or 5 digits of the card used. Any Personally Identifiable Information (“PII”) such as the first 11 digits of your credit or debit card(s) are masked by our SDGP and not sent to OneOf. Neither OneOf or WLPs store your full card account info in our databases. We use your transaction history to identify qualified purchases and confirm your rewards amount, and to maintain and improve the performance of the WLP programs.
Billing information. Some of our WLPs may offer premium subscriptions via OneOf. If you purchase a premium subscription, we may collect billing address and credit card information, separately from Transactions Data obtained via our 3rd party SDGP. Credit card payment information is securely collected by 3rd party Payment Processing Providers (“PPP”) such as STRIPE and is not stored in OneOf database. This is a separate and unique process that does not interact with any other permissioned data from purchase transaction history.
Log data. When you use our WLPs rewards programs powered by OneOf, our servers automatically record information, including information that your mobile device sends whenever you’re using it. We may also use cookies to collect, access and/or store information to better personalize your experience when you interact with our software. This log data may include your IP address, your browser type and settings, URLs and the domain names of the web pages you visit, the date and time of your request, and your general location (city, state, country, or zip code), information about your browser configuration and plug-ins, language preferences, and statistics on how you interact with software provided by OneOf and 3rd party ESPs, which may include data about the unique identifier associated with the ESP software you use, how you engage with Messages or content from WLPs, keywords searched in ESP software. Log data does not contain personally identifiable data and is not routinely deleted. The purpose of the information is for analyzing trends, administering the program, and gathering demographic information.
Device information. In addition to log data, we may also collect information about the device you’re using, including what type of device it is, what operating system you’re using, device settings, unique device identifiers, your IP address, the Internet Service Provider used by your device and crash data. Whether we collect some or all of this information often depends on what type of device you’re using and its settings.
Aggregated Data. We may use your device, usage, and other activity data in aggregated form. This means that such data is used for statistical and/or user activity trends analysis purposes. This data does not directly or indirectly reveal your identity and cannot be linked back to you as an individual.
OneOf usage information. This is information about which venue, features, redemptions you interact with within OneOf and what related offers and services you use.
Information from partners or other 3rd parties. We may receive information from WLPs or other 3rd parties that we could use to make our own information better or more useful. We protect such data according to the practices described in this Privacy Policy, plus any additional restrictions imposed by the third party.

We use your personal information for the purposes of:

Providing Services. We use information you provide to authenticate you and deliver content and services to you, including but not limited to:

Issuing the rewards promised based on your spending with brands and merchants;
Enabling WLPs to customize Messages and Services offered to you, including the ability to target and send you Messages relevant to you.

Understanding and improving our products. To make the product better we have to understand how users are using it. Compiling statistics and conducting research and development for our internal business purposes on an aggregate, anonymous level. Analyzing and reporting performance on behalf of WLPs (such as number of Messages viewed and click rates on Messages).
Improving redemption services and selections. We work with our network brands and merchants to improve our rewards selections to better fit your preference, using information from your usage and aggregate usage from all users and deliver more customized services to you.
Security, Safety, and Dispute Resolution. We use data to protect the security and safety of our Services, to detect and prevent fraud, to protect against misuse or unauthorized use of the software from OneOf and/or ESPs, to resolve disputes, to enforce agreements, to limit our legal liability and protect our rights or to protect the rights, property or safety of other users or the public.
Communicating with you.

Solving your problems and responding to your requests. If you contact us with a problem or question, we will use your information to respond to that request and address your problems or concerns.
In-product communications. We may use the information you provide to contact you through in-app or desktop push notification or other in-product Messages and tools.
Email messages. We may send you service and administrative emails. We may also contact you to inform you about changes in our services, or our service offerings. These messages are considered part of the service and you may not opt-out of them. In addition, we sometimes send emails to users about new product features or other news. You can opt-out of these at any time.

Mergers and Acquisitions. If OneOf, our WLPs, or ESPs go through a business transition, such as a merger, acquisition by another company, or sale of all or a portion of assets, your information could be among the assets transferred. You will be notified by a prominent notice on this Privacy Policy of any such change in ownership or control of your data.
To Comply with Legal Obligations. We may provide access to your Information, including personally identifiable Information, when legally required to do so, to comply with a court order, to enforce our rights, or to cooperate with police investigations or other legal proceedings.
With Your Consent. There may be times that we rely on your consent to use certain types of Information for specific purposes (e.g., by asking you to check a box). You can withdraw such consent at any time by contacting our privacy team at the contact information contained in this Privacy Policy.

Protection of Personal Information

We take the security of your personal information very seriously. We protect your personal information during transit using encryption such as Transport Layer Security (TLS). When your personal data is stored by OneOf, we use leading industry secure storage solutions including but not limited to Amazon Web Services (“AWS”) with limited access housed in facilities using security measures.

How We Share and Store Your Information

We make every attempt and stay current with our technology to protect end user information in our possession. We use data protection controls such as data encryption, firewalls, access controls, and monitoring. Our controls are consistently reviewed against industry-standards.

We may collect, use, and share information we collect in an aggregated or de-identified manner (that does not identify you personally) for any purpose permitted under applicable law. This includes creating or using aggregated or de-identified data based on the collected information to develop new services and to facilitate research.

We do not sell or rent your information to marketers or other third parties unless otherwise described in this Policy. We may share your information:

With your permission for rewards purposes to our WLPs, or brand and merchant partners;
If we believe in good faith that disclosure is appropriate to comply with applicable law, regulation, or legal process (such as a court order or subpoena);
In connection with a change in ownership or control of all or a part of our business (such as a merger, acquisition, reorganization, or bankruptcy).
With our service providers, partners, or contractors in connection with the services they perform for us or our developers, including but not limited to:
Extended Software Providers ("ESPs") and ESP vendors. We may share de-identified data with outside companies and consultants to help conduct the following aspects of our business so that they can maintain and run certain portions of the software and services:

Technical and development support for purposes of maintenance and improvement of the ESP software and services;
Functionality and performance support for purposes of providing WLPs with access to communication targeting and controls, and providing you with access to features like Messages and search;
External and internal communications support for purposes of providing you with responses to your inquiries and discussing any technical, security or other issues internally; and
Third-party services that provide ESPs with infrastructure, software, networking, storage, and other related technology required to run ESP software and services.
Affiliates, subsidiaries, and parent companies of ESPs to use such data for the purposes described in this Privacy Policy.

WLPs. We may share your data with WLPs with whom you have signed up and opt-in to their rewards program.

We retain information we collect about you for as long as necessary to fulfill the purposes outlined in this Policy, unless a longer retention period is required or permitted under applicable law, regulation, or contract. As permitted under applicable law, even after you stop using an application or terminate your account with our developers we may still retain your information (for example, if you still have an account with another developer or if there is residual information within our databases or systems); however, your information will only be used and shared as required by law or in accordance with this Policy. You can request a full removal of your data collected from any WLP program by contacting our privacy team at the contact information contained in this Privacy Policy

Children Under 13 (or 16 in the EEA)

We understand the importance of taking extra precautions to protect the privacy and safety of children using OneOf Services. Children under the age of 13 (or 16 in the EEA), or equivalent minimum age in the relevant jurisdiction, are NOT permitted to create their own accounts, or install any of our software.

Children 13-18

Our Service is not available for use for Children 13-18, unless a parent or legal guardian provides verifiable consent or as part of the child account creation process in Family Sharing. For example, a parent or legal guardian must review this Privacy Policy and agree to the Consent to OneOf’s Collection, Use and Disclosure of Your Child’s Information; before they can begin the account creation process for their child.

Children’s Privacy Policy

We are committed to protecting the privacy of children who use our sites and applications. This Privacy Policy explains our information collection, disclosure, and parental consent practices with respect to information provided by children (“child” or “children”) under the age of 13 and ages 13-18 and uses terms that are herein defined in our general Privacy Policy. This policy is in accordance with the U.S. Children’s Online Privacy Protection Act (“COPPA”) and outlines our practices in the United States and Latin America regarding children’s personal information. For more information about COPPA and general tips about protecting children’s online privacy, please visit OnGuard Online.

Location-Based Services

To provide location-based services on OneOf and OneOf Services network, with your explicit consent, partners such as maps data providers, may collect, use, and share precise location data, including the real-time geographic location of your phone device. Where available, location-based services may use GPS, Bluetooth, and your IP Address, along with crowd-sourced Wi-Fi hotspot and cell tower locations, and other technologies to determine your devices’ approximate location. This location data is collected anonymously in a form that does not personally identify you and is used by OneOf and our partners to provide and improve location-based products and services. For example, your device may share its geographic location with applications which may alert you to local rewards offers.

Third party offers, advertisements, and data collection

We may offer a number of separate products and services offered by third parties advertised to you on our OneOf and website. These third party offers may be complementary to your use of the OneOf services and may be personalized based on information you provide to us, or other information. If you choose to use these separate products and services, provide information to the third party, or allow the third party to otherwise collect information about you, then their use of your information is subject to the applicable third party’s privacy policy and terms of service. You should review the practices of the third party before deciding to use their service or provide them with any information.

As users of our Service, you grant our WLPs, Secure Data Gateway Partner, Payment Processors, and other partners the right, power, and authority to access and transmit your data as reasonably necessary for such partners to provide respective services. In addition, you acknowledge and agree that your personal information will be treated by each partner in accordance with their respective private policy. You furthermore expressly grant all partners the right, power and authority to access and transmit your data to OneOf and its partners as reasonably necessary to provide the services to you.

Our Cookie Policy

This Privacy Policy incorporates by reference the Rewards by Warner Music powered by OneOf Cookie Policy (“Cookie Policy”) available at https://www.wmgrewards.com/cookies.

Security

We take reasonable steps to protect information you provide to us as part of your use of the OneOf and OneOf Services from loss, misuse, and unauthorized access or disclosure. When you enter sensitive information (such as sign-in credentials) we encrypt the transmission of that information using secure socket layer technology (SSL). We follow generally accepted standards to protect the personal data submitted to us, both during transmission and once we receive it. From time to time, we review our security procedures to consider appropriate new technology and methods. However, please be aware that, despite our reasonable efforts, no electronic transmission or digital storage mechanism is ever fully secure or error free, no security measures are impenetrable, and we cannot guarantee that your Information will not be accessed, viewed, disclosed, altered, or destroyed as a result of a breach of any of our safeguards to protect against security incidents.

Our Company-Wide Commitment to Your Privacy

To make sure your personal information is secure, we communicate our privacy and security guidelines to OneOf employees and strictly enforce privacy safeguards within the company.

Changes to this Privacy Policy

OneOf will update this policy from time to time in order to upgrade its policy to match any new features we may add to the platforms, and if we do we’ll post any changes on this page. If you continue to use any OneOf product and/or website after those changes are in effect, you agree to the revised policy. If the changes are material, we may provide more prominent notice or seek your consent to the new policy.

General Data Protection Regulation (GDPR)

We are a Data Controller of your information.

OneOf’s legal basis for collecting and using the personal information described in this Privacy Policy depends on the Personal Information we collect and the specific context in which we collect the information:

OneOf needs to perform a contract with you
You have given OneOf permission to do so
Processing your personal information is in OneOf’s legitimate interests
OneOf needs to comply with the law

OneOf will retain your personal information only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your information to the extent necessary to comply with our legal obligations, resolve disputes, and enforce our policies. Our Privacy Policy was generated with the help of GDPR Privacy Policy Generator and the Privacy Policy Generator.

If you are a resident of the European Economic Area (EEA), you have certain data protection rights. If you wish to be informed what Personal Information we hold about you and if you want it to be removed from our systems, please contact us. You should be aware that the Information we collect and receive or permit third parties such as ESPs and ESP vendors to process may be transferred to, stored and/or processed outside of your country of residence and in any country or territory where one or more of ESP affiliates, subsidiaries, parent companies, or vendors (“ESP Related Parties”) are located, including in the United States. Such Information will also be processed by personnel operating outside the EEA who work for our ESPs or for one of the ESP Related Parties. We rely on multiple legal bases to lawfully transfer personal data around the world. These include your consent and model contractual clauses created by the European Commission which require certain privacy and security protections. A sample copy of such agreements is available upon request by contacting us.

In certain circumstances, you have the following data protection rights:

The right to access, update or delete the information we have on you.
The right of rectification.
The right to object.
The right of restriction.
The right to data portability
The right to withdraw consent

To ask questions about or exercise these rights, please contact us using the contact details below. We will consider these requests from you and provide our response within a commercially reasonable period (and in any event within any time-period required by applicable law).

You always have the option to stop using our Services and to uninstall our software or ESP software you are using. To uninstall the Extension - click here for Chrome. If you wish to make a complaint about how we process your personal data, please contact us, and we will try our best to resolve it.

Our ESPs are data processor for the purposes of the General Data Protection Regulation. This means that ESPs are processing your data on behalf of WLPs so that you can access certain Services of your choice. When ESPs are using your data to provide you with their software, they are using such data as provided by us and WLPs so we can provide you with, fulfill, and improve Services through ESP software.

California Consumer Privacy Act (CCPA)

For Privacy Notice supplementing the information contained here for California Residents only, please visit here.

Consent

By using our website, you hereby consent to our Privacy Policy and agree to its terms.

Contacting Us

Please feel free to contact us if you have any questions about our Privacy Policy or practices at support@wmgrewards.com or at our mailing address below.

Rewards by Warner Music Group
340 S LEMON AVE #6858
WALNUT, CA 91789

REWARDS BY WARNER MUSIC POWERED BY ONEOF COOKIE POLICY

Updated June 28, 2023

This Cookie Policy incorporates by reference the Rewards by Warner Music Powered by OneOf Terms of Use (“Terms of Use”) available at https://www.wmgrewards.com/terms and Privacy Policy available at https://www.wmgrewards.com/privacy (“Privacy Policy”). Any terms used but not defined herein shall have the meaning attributed to them in the Terms of Use or Privacy Policy (to the extent that the Terms of Use and Privacy Policy attribute conflicting meanings with respect to a term, the meaning attributed to such term in the Privacy Policy shall control).

OneOf and ESPs uses cookies, scripts, web beacons, and/or other similar technology to log data, directly or indirectly, which are commonly used on the Internet. We use both session-based and persistent cookies. Session-based cookies last only while your browser is open and are automatically deleted when you close your browser. Persistent cookies last until you or your browser delete them or until they expire.

Cookies help us:

Track, manage and optimize your interactions with us;
Monitor the performance of the Services and Extension in order to evaluate their effectiveness and continually improve them; and
Customize and enhance your online experience with our Service by serving content relevant to your interests.

A list of the types of cookies we use, along with a description of what each cookie does, is set forth below:

Log-in cookies are associated with your Account and personal information in order to remember that you are logged in. Other cookies are not tied to your Account but are unique and allow us to do site analytics and customization, among other things.
Cookies necessary for essential purposes – These cookies are essential for our Software and ESP software to properly provide our Service. Without these cookies, any usage of our Software would not be possible. These cookies include hashed user id, used to identify you and other users, and session data, used to keep track of when you close and reopen your browser and access your Tokens as well as deals, sweepstakes, and rewards offered through WMG Rewards.
Functionality Cookies – Functionality cookies record preferences you’ve communicated to us and allow us to tailor our Software and ESP software to you. For example, these cookies allow us to remember settings you have applied.
Performance/ Analytics Cookies – We use performance/analytics cookies to analyze how our Software and ESP software is accessed, used or is performing in order to provide you with a better user experience and to maintain, operate and continually improve the Services. For example, these cookies allow us to:

Collect information about where our users are located and what browsers they are using;
Determine how users were driven to access/install our Software or ESP software, or when and why users revoked access to/uninstalled our Software or ESP software;
Analyze the length of time users retain access to and use our Software or ESP software;
Improve the Services by measuring any errors that occur; and
Conduct research and diagnostics.

Messages and Tracking Cookies – We allow WLPs to place cookies on our Software and ESP software, which enables WLPs to track your activity across various sites so they can deliver more relevant Messages to fit your interests. Cookies allow us and ESPs to know whether you’ve seen and clicked the Messages served on ESP software and allow you to store your Message preferences, which help tailor the content you see and measure the effectiveness of the Messages.

Your browser may offer a "Do Not Track" (DNT) feature that can signal to operators of websites and web services (such as behavioral advertising services) that you do not wish for them to track your online activities over time and/or across various sites. Because there is not yet a common understanding of how to interpret the DNT signal, our Extensions and Services do not currently respond to browser DNT signals. We will continue to work with the online industry to define a common understanding of how to treat DNT signals.

You can refuse cookies via your browser settings or manually clear cookies within your browser but doing so may affect preferences you have set in the Extensions. You may lose the ability to access partial or all of the functionalities of our Software or ESP software if you refuse cookies. For more information, including instructions on disabling cookies, please visit this support page.