top of page

Regional Addendums (International Compliance)

Last Updated: December 2025

​

Below are region‑specific addendums that complement the main Privacy Policy and Terms of Service. These apply only to users located in the corresponding jurisdictions.

ADDENDUM A — European Union (EU) & EEA Users – GDPR Compliance

 

This section applies to individuals located in the European Union or European Economic Area.

​

A.1 Data Controller

The Data Controller for Outty under the GDPR is:
OUTTY LTDA.

​

A.2 Lawful Bases for Processing

Under GDPR, processing is based on:

  • Consent – location, optional profile fields, notifications

  • Contract performance – operating the app

  • Legitimate interests – analytics, fraud prevention, service improvement

  • Legal obligation – compliance with law enforcement or regulatory bodies

​

A.3 Data Subject Rights (GDPR Articles 12–23)

EU/EEA users may:

  • Request access to personal data

  • Request rectification

  • Request deletion (right to be forgotten)

  • Restrict processing

  • Object to processing based on legitimate interests

  • Request portability

  • Withdraw consent at any time

  • Lodge a complaint with an EU supervisory authority

​

A.4 Cross-Border Data Transfers

Data may be transferred to servers outside the EU.

​

______________________________________________________________________________________

​

​

ADDENDUM B — United States (California) – CCPA/CPRA

 

This applies to users residing in California.

​

B.1 Consumer Rights Under CCPA/CPRA

California users can:

  • Request disclosure of collected data categories

  • Request deletion of personal data

  • Opt out of the “sale” or “sharing” of data (Outty does not sell personal data)

  • Request correction of inaccurate personal information

  • Request information about data retention and third-party sharing
     

B.2 Notice of Collection

Outty collects: identifiers, device data, usage data, location data, and user‑provided content (We do not store your precise GPS coordinates on our servers).

​

B.3 Sensitive Personal Information

Outty does not collect SPI as defined by CCPA (e.g., SSN, financial data, biometrics).

​

______________________________________________________________________________________

 

​

ADDENDUM C — Brazil – LGPD Compliance

​

Applies to users in Brazil.

​

C.1 Legal Bases (LGPD Art. 7 & 11)

Outty processes data under:

  • Consent

  • Contract execution

  • Legitimate interest

  • Compliance with legal obligations

​

C.2 Data Subject Rights (LGPD Art. 18)

Brazilian users can:

  • Confirm the existence of processing

  • Access data

  • Correct incomplete or outdated data

  • Request anonymization or deletion

  • Request portability

  • Obtain information about with whom data is shared

  • Revoke consent
     

C.3 International Transfers (Art. 33)

  • Data may be transferred to servers outside the Brazilian territory.

​

______________________________________________________________________________________

 

​

ADDENDUM D — United Kingdom – UK GDPR

​

This applies to users in the United Kingdom.

​

D.1 Rights & Basis

The same rights and bases as EU GDPR apply under UK GDPR.
The Data Controller remains OUTTY LTDA.

​

D.2 International Transfers

Transfers use:

  • UK Addendum to EU SCCs

  • technical protections including encryption & limited access

​

______________________________________________________________________________________

 

 

ADDENDUM E — Canada – PIPEDA

​

Applies to users in Canada.

​

E.1 Principles Followed

Outty complies with:

  • Accountability

  • Identifying purposes

  • Consent

  • Limiting collection

  • Limiting use and disclosure

  • Accuracy

  • Safeguards

  • Openness

  • Individual access
     

E.2 Rights for Canadian Users

Users may request:

  • Access to personal information

  • Correction of inaccuracies

  • Explanation of data usage
     

Outty does not engage in automated decision-making that produces legal effects.

​

______________________________________________________________________________________

 

​

ADDENDUM F — Australia – Privacy Act (APPs)

​

Applies to users in Australia.

​

F.1 Australian Privacy Principles Observed

Outty adheres to:

  • APP 1: Open and transparent management of personal information

  • APP 2: Anonymity & pseudonymity (where feasible)

  • APP 3–6: Lawful collection & use

  • APP 11: Security of personal information

  • APP 12–13: Access & correction
     

F.2 Overseas Disclosure

By using Outty, Australian users consent to data being stored in data centers abroad.

​

______________________________________________________________________________________

 

​

These addendums work together with the global Privacy Policy and Terms of Service, ensuring Outty meets the minimum compliance requirements in key regions worldwide.

 

______________________________________________________________________________________​

​​

​

Click here to go back to Privacy Policy

bottom of page