[PRODUCT] PRIVACY POLICY

Version 1.0.

Last updated: [date]

This Privacy Policy is here to inform you, as a user of the [Product] app and/or related website [web URL] (further “App”, “Website” respectively, together - “We/Us”, “Product”), on the processing of your personal data in connection with the use of the Product.

When We say “personal data” or “personal information”, We refer to information related to you. Such information is not limited to what directly identifies you, such as your name. In fact, you own and have legal rights to anything that speaks of you: the data you put in about your [food intake, water intake, fitness experience], your aim of the Product use, even the way you use the Product itself.

This policy is meant to provide you with all relevant inputs to make an informed choice to use the Product. It also serves to inform you of your rights and how you can exercise them. Contact us at [specific privacy email] if you have any questions or doubts.

Please mind that the Product is intended for users who have reached the legal minimum age. Therefore, We expect you will not use the Product unless you are at least 16 and older or if you are a U.S. citizen - at least 13 and older.

Contents:

Who We Are

Contact Us

Your Privacy Rights and How to Exercise Them

California Privacy Rights

Personal Data We Collect

How and Why We Use Your Data. Legal Bases for Processing

Cookies and Similar Technologies

Personal Data Transfers

Data Transfers by Both Website and App

Website-Specific Data Transfers

App-Specific Data Transfers

Retention of Your Personal Data

Changes to this Privacy Policy

1. Who We Are

In order to provide you with our Product, we launched it as a Website and as an App.

While we aim to make the transition between the two as seamless as possible, you should know that the Website and the App are operated by two different legal entities. This Privacy Policy describes how each of these legal entities handles the data received from you or received from the other entity in case you switch from the Website to the App or vice-versa, use only the App or only the Website.

You can read further below if you wish to learn when and which entity handles your data.

If you choose to use only the App, the data controller for your data is [app publisher name], having its registered address at [registered address].

For the Website, in its turn, the controller responsible for processing is [web publisher name] having its registered address at [registered address].

For the cases where you get to the Website, purchase access to the App via a Website, and further continue using an App via, i.e. where you basically use both the App and the Website, [app publisher name] and [web publisher name] act as joint controllers. Joint controllership is a legal term describing a relationship between companies where both companies coordinate, jointly decide and share responsibility with respect to your data, to ensure smooth interplay between the App and the Website and that your privacy rights are complied with at all times.

You may contact either [app publisher name] or [web publisher name] interchangeably should you wish to assert your privacy rights or obtain any additional information with regard to your data via available contact points. Same, please do not hesitate to contact Us if you wish to obtain additional information on formal arrangements between joint controllers.

2. Contact Us

Should You have any general questions about this Privacy Policy, use of Your data by Us, or want to assert Your data protection rights, please use the following contact options (interchangeable):

if You are a user of the App: [email]

if You are a User of the Website: [email], chat with support available directly at [link].

[You may also contact our Data Protection Officer: [email], [postal address]].

Please note that in some cases, for Your safety and where we have reasoned doubts about the authenticity of the request, We may need to authenticate You before proceeding with your request.

3. Your Privacy Rights and How to Exercise Them

You are entitled to the data-related rights described below. You may assert those directly via the Product (to the extent possible) or with the use of available contact options.

Please note that the described rights are based on European laws (the GDPR) and, partially, California Consumer Privacy Act (the CCPA). Depending on your country of residence, those rights may have different interpretations. Should you wish to assert your country-specific rights, kindly let us know, and We will review your case individually.

Right to access

You may ask to confirm whether we process your data and if so, to provide you with the scope of such processing and a copy of the data stored concerning you by Us.

Right to rectification

You have the right to request correction of inaccurate personal data concerning you and the completion of incomplete data. We try to allow you to correct/add data through the Product’s settings to the extent possible, e.g. you can login to your user profile and correct, amend, or delete information about yourself. We will also inform recipients of your data in case of rectification of your data.

Right to erasure (Right to be forgotten)

You may request the erasure of your personal data stored by Us. Please note, however, that the right to erasure is not absolute and shall be fulfilled by Us only provided specific legal requirements are met. You may request data erasure only if:

your personal data is no longer necessary for the purposes for which it was initially collected,

you have withdrawn your consent to personal data processing, and the consent was the sole legal basis for the processing,

you have successfully objected to the processing based on a balancing of interests ground relating to your particular situation,

your personal data have been unlawfully processed,

your personal data have to be erased for compliance with a legal obligation, or

you are an underage person and used Our Product by mistake.

Further, your right to erasure is subject to restrictions. For example, We are not under obligation or even allowed to delete data that We are still obligated to retain due to statutory retention periods. Similarly, data that We need for the establishment, exercise or defence of legal claims are excluded from your right of erasure.

If We’ve transferred personal data to third parties, We will either initiate deletion of your data from such third parties or inform them about the erasure, insofar as required by the applicable law.

In order to avoid the unnecessary legalese and keeping in mind the common use of words, We will interpret all user requests asking us to “delete my data” as requests for erasure of their data under Art. 17 GDPR.

Right to restriction of processing

You have the right to request, under certain conditions, restriction of processing (i.e. marking of stored personal data to restrict their future use). The requirements for restriction of processing are:

The accuracy of your personal data is contested, and We must verify the accuracy of your data;

  • The processing is unlawful, but you do not want your personal data to be erased, but instead request the restriction of the use of the personal data;
  • We do no longer need your personal data for the purposes of the processing, but you need the data for the establishment, exercise or defence of legal claims;
  • You have objected to the processing, and We are verifying whether Our legitimate interests override yours.

Right to objection

You have a right to object to the processing of your personal data in whole or in part at any time, and in any form, in case Our processing is based on a legitimate interest (balancing of interests). In order to process your objection, We kindly request you to refer to your particular situation why you believe your rights and freedoms are a particular risk (see Article 21 GDPR for more details).

Please note that the right to the objection is not absolute, and We will stop the processing of your data only provided We cannot demonstrate compelling legitimate grounds for processing.

Where the processing you object against concerns direct marketing purposes, though, We will stop any processing once We receive the objection from you. A common example of how you can exercise an objection to marketing communications is pressing the “unsubscribe” button in emails.

Right to data portability

You have the right to receive the data you provided to us in a commonly used and machine-readable format to transfer those data to another controller without Our interference. You may also ask Us to assist you with moving your data where it is technically feasible. Please note that this option relates only to data processed based on the performance of our contract with you or based on consent. For more information about the contract and consent, please refer to Section 5 below.

Right to withdraw consent

If you provide consent to the processing of your personal data, you can withdraw at any time. Consent withdrawal does not have a retroactive effect, meaning that processing that occurred before the withdrawal shall not be affected.

Right to lodge a complaint

You can lodge a complaint with the data protection authority at any time if you believe that your data is processed unlawfully. Here are the contacts of the supervisory data protection authority:

Data Protection Commissioner, 1 Iasonos Street, 1082 Nicosia, Cyprus, tel: +357 22818456, fax: +357 22304565, email: commissioner@dataprotection.gov.cy

3.1. California Privacy Rights

In this section you may find a description of your privacy rights as a California resident that are established under California laws, such as the California Consumer Privacy Act (the “CCPA”). We describe California-specific rights that substantially differ from those established under the GDPR and that are not yet covered under this Policy. These rights are in addition to those established under the GDPR (as described above in Section 3) for California residents. .

You may assert these rights directly via the Product (to the extent possible) or with the use of available contact options.

Access to specific information and data portability rights

Generally, your right to request data access and data portability are described above in Section 3 under the names “Right to access” and “Right to rectification” respectively. Scopes of these rights differ a little under the CCPA.

You have the right to request that We disclose certain information to you about Our collection and use of your personal information over the past 12 months only. Once We receive and confirm your verifiable consumer request, We will disclose to you:

The categories of personal information We collected about you.

The categories of sources for the personal information We collected about you.

Our business or commercial purpose for collecting or selling that personal information.

The categories of third parties with whom We share that personal information.

The specific pieces of personal information We collected about you.

If we sold or disclosed your personal information for a business purpose, We will disclose such facts separately.

Please note that you may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:

Provide sufficient information that allows Us to reasonably verify you are the person about whom we collected personal information or an authorised representative.

Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

Right to request deletion of data

Generally, your right to request erasure is described above in Section 3 under the name “Right to erasure (Right to be forgotten)”.

Despite the fact that the Right to request deletion of data under the CCPA and Right to erasure under the GDPR are essentially the same, please note that under the CCPA We are under no obligation to comply with your request if We need to maintain your information for certain reasons. For your convenience, you may find below an abridged version of such exceptions. To learn more, please refer to the full text of CCPA or to additional clarifications from the California Attorney General.

Under the CCPA, We may retain your personal information if we need it to, among other things:

Complete the transaction for which the personal information was collected, fulfil the terms of a written warranty or product recall conducted.

Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity.

Debug to identify and repair errors that impair existing intended functionality.

Comply with the California Electronic Communications Privacy Act.

To enable solely internal uses that are reasonably aligned with the expectations of the consumer based on the consumer’s relationship with the business.

Comply with a legal obligation.

Otherwise use the consumer’s personal information, internally, in a lawful manner that is compatible with the context in which the consumer provided the information, etc.

Right to non-discrimination

California consumers have the right to non-descrimination in relation to exercise of their rights under the CCPA. In particular, we cannot deny you goods or services, charge you different prices for goods or services, either by denying benefits or imposing penalties, provide you with a different level or quality of goods or services or threaten you with any of the above.

Right to request information on data transfer for third party’s direct marketing purposes

Under California’s “Shine the Light” law (Civil Code Section § 1798.83) Website users can request information regarding disclosure of personal information to third parties for their direct marketing purposes.

Right to prohibit sale of information

We do not sell the personal data We collect (as defined in the CCPA) and will not sell it without providing you the right to opt out. Please note that We share user’s personal information for our business purposes as described in the Section 7 “Personal Data Transfers”.

4. Personal Data We Collect

Your user journey may vary depending on whether it is the App or Website (or both) You choose to use. Similarly, the scope and peculiarities of data processing will vary:

if You download the App through the Website, both Website Data Collection and App Data Collection will apply;

if You use the Website only, Website Data Collection will apply;

if You download the App via application stores, only App Data Collection will apply.

The data you provide

Data Category

Website Data Collection

App Data Collection

General Information

When You start using the Website, or in the course of the Website’s use, We collect the following personal data:

Name,

Email address,

[Phone number],

Birth year, age (inferred based on the birth year),

Country of residence,

Sex,

[Password/passcode (encrypted)],

[Other information relevant to particular Web product]

When You start using the App, or in the course of the App use, We collect the following personal data:

Name,

Email address,

Birth year, age (inferred based on the birth year),

Country of residence,

Sex,

[Other information relevant to particular App]

In case you enter the App from the Website, we may use already collected on the Website information for the App.

Fitness & Wellness Onboarding Information

To tailor your Website and/or in-App experience to your needs, We may ask you to answer some questions about your fitness and wellness experience.

Such Fitness & Wellness Onboarding Information may include your height and weight, target weight and body type and target zones, fitness level, sleep condition, wellbeing details, [other information relevant to a particular Product], etc.

If you do not provide Us with Fitness & Wellness Onboarding information, We will not be able to create a personalised [fitness/fasting/nutrition] experience for You.

[Health and Wellness In-app Information] or [Fitness and Wellness In-app Information] or [Wellness In-app Information] 

[N/A - will be relevant only if there is web independent functionality]

[- only if the user inserts something by himself, like in Femia, SoT (food intake etc.), FastEasy, Hydration tracker etc.; for other apps - such information will be regarded as automatically-collected

- title depending on what user will enter in the app

- examples: food intake, water intake etc.]

[Precise Location Information]

[N/A - will be relevant only if there is web independent location-related functionality]

[For [Pedometer/running map] feature we enable you to share your Precise Location Information. [Pedometer/running map] is a location-related feature that depends on location information. If you choose not to allow access to the precise location, the mentioned feature will not be available.]

Payment Data

To make a purchase via a Website, you need to enter your payment information, such as bank card credentials, payment service (e.g. PayPal) credentials, etc.

Please note that We do not access, collect or store payment information you enter on the Website. Third-party payment service providers, e.g. your bank or PayPal, store this data.

By exchanging information with third-party payment service providers, We recognise and record your subscription status. Also, We receive limited information allowing us to authenticate and account for your payment, including the date, time and amount of the transaction, the type of payment method used, payment transaction identification number, and the last four digits of the payment card data.

N/A [data on subscription status for the app is automatically collected]

Customer Support and Other Communications Information

When you contact Us for customer support or otherwise communicate with Us, you may provide Us with information related to your use of the Product, additional contact information, payment information, identification documents, or other information you may find helpful to resolve your query. We also collect information on the feedback you provide on the customer support experience.

Your User Choices

We collect:

information about your: Website settings, privacy settings and

records about when you accepted Our Terms of Use, Privacy Policy, Refund Policy and/or provided consent to marketing communications;

information on whether you have enabled web browser notifications.

We collect:

information about your in-app settings, privacy settings and

records about when you accepted Our Terms of Use, Privacy Policy and/or provided consent to the processing of your data or to marketing communications;

information about whether you have enabled push notifications.

Feedback Information

We will collect and process your feedback should you communicate it to Us.

Our App contains flow via which you can provide Us with feedback, score our application or engage in deeper discussions. We will collect and analyse the data you submit to make Our Product better.

We will also collect and process your feedback should you communicate it to Us in any different way.

Automatically collected data

Data Category

Website Data Collection

App Data Collection

Usage Information

We collect information about your activity on our Website, like frequency of use, areas and features that you access, visit or use, and engagement with particular features.

We collect information about your activity on our App, like:

Product interaction, e.g. frequency of use, areas and features that you access, visit or use, engagement with particular features.

In-app [fitness/fasting/nutrition] activities, like performed/active workouts, equipment used, gym/home-based workouts choice etc.

[Access to external groups/communities created by the App for additional communications, feedback collection].

Device-Related Information

When you install, access, or use the Website, We collect device-related information. This includes IP address, user-agent, hardware model, operating system information, browser information, language and time zone, [other information to be requested from Web team] etc.

Device-related information also includes approximate location information

When you install, access, or use the App, We collect device-related information. This includes IP address, user-agent, hardware model, operating system information, the App version, browser information, mobile network, language and time zone, device identifiers, including Android Advertising Identifier (GAID)/Apple ID for Advertisers (IDFA) etc.

Device-related information also includes approximate location information. [Please note that approximate location information is collected even if you do not choose to use Our precise location-related features. General location (e.g. country level) is estimated based on IP addresses and other information like phone locale.]

[We may also scan your device to identify applications the App can connect with, such as fitness trackers’ apps or music players.]

Subscription Status

N/A

By exchanging information with your application store, We understand and record your subscription status.

Log and Troubleshooting Information

We collect some troubleshooting, bug, and crash reporting information from you to help determine problems with the Product. We also collect and write logs to be able to access historical data for internal and external investigations.

Information third parties provide about you

Data Category

Website Data Collection

App Data Collection

Advertising Networks Information

Advertising networks provide us with insights which channels (e.g. social networks) and which particular ad campaigns helped you to reach the Product.

[Social Login Information]

N/A

We provide you with the option to register using social media account details, like your Facebook or Google social media account or login via Apple. If you allow access to such data, We receive information about your respective accounts, such as your name and email address. The exact scope of information provided is always displayed on the social login screen presented to you by the relevant login provider during login.

We do not use your Facebook, Google or Apple in any way different from allowing you to access the App and cannot post anything to your Facebook or Google profile and/or affect your Apple account.

[Fitness Bands, Fitness Trackers Data]

N/A

You can grant Us access to third-party services, such as Apple HealthKit and Google Fit, to enable us to import Personal Data about your health and activities into the App. This imported data varies depending on the service you grant us access to and generally includes sports activities, weight, calories burned, heart rate, number of steps/distance travelled etc. When you choose to have this data imported you are subject to the Google Fit and Apple HealthKit privacy policies and practices on top of this Privacy Policy.

+ Fitbit, Garmin descriptions

Cookies and Other Tracking Technologies

On the Website, we also use cookies in order to [purposes description]. Please refer to Section [section number and link] for more information on cookies on our Website.

On-device Data Collection

[There may be other features where data is stored and processed locally at your device, and we do not have any access to that information. Such as food pictures for Stay on Track - to add, if any].

5. How and Why We Use Your Data. Legal Bases for Processing

All processing of your data must the be lawful, i.e. rely on one of the legal bases referenced in the law:

Performance of a contract with you, i.e. provision of the Product (Website and App) as described in our Terms of Use,

Your consent, i.e. when you provide consent to the processing of particular information,

Our legitimate interests, i.e. when We believe that We can use and/or share your data since We have a legitimate balanced reason to do so,

Performance of Our obligations under the law.

Below you can see described purposes of Our processing (why We process your information) for each legal basis and the corresponding data categories used in each case.

As We have mentioned earlier, Your user journey may vary depending on whether it is the App or Website (or both) You choose to use. However, the purposes and legal bases for the data processing in relation to the Website and the App coincide.

Performance of a contract with you

Why and how We process your information

Data Used

To ensure the intended operation of the Product, namely, maintain your profile in the Product, ensure you have convenient access to it and provide you with the functionality of the Product described in the descriptions of the Product as well as materials inside of it. For example, We use your data to create [fitness/fasting/nutrition] plans best fitted for you in particular…[exapmle]

General Information

Fitness and Wellness Onboarding Information

[Health and Wellness In-app Information] or [Fitness and Wellness In-app Information] or [Wellness In-app Information]

Device-related Information

Usage Information

Your User Choices

[Social Login Information]

For billing purposes, account management, features accessibility.

General Information

Device-related information

Payment Data/Subscription Status

[Social Login Information]

Please note that provision of the information above is necessary for Us to provide Our Product to you (perform Our agreement with You). We will not be able to provide a Product without the listed above information. We will also not be able to continue providing the Product if you request erasure or otherwise restrict Our access to such data.

Your consent

Why and how We process your information

Data Used

[To exchange information with different fitness bands and/or trackers as per your request.]

Fitness Bands, Fitness Trackers Data

[To enable [runs/walking] mapping features, dependent upon location.

Precise location data allows us to visualise your root; calculate covered distances within a particular time and define your speed.]

Precise Location Information

Please note that you can withhold your consent or even revoke it at any time if you change your mind. You can do this either via App settings or by contacting Us. Unfortunately, this will also preclude Us from providing you with features relying upon your consent.

Our legitimate interest

Why and how We process your information

Legitimate Interest Substantiation

Data Used

To analyse the performance of Our Product, improve it and further deliver a better user experience based on analysis of your interaction with the Product.

For example:

We count users and events for reporting to identify how many users the Product has. This includes metrics like how many unique users the Product has.

We analyse bugs and fix issues with the Product.

Our interest is to measure the use of our Product and count the people who interact with it. Such actions are aimed to improve Product development and enable the provision of accurate and reliable internal reporting.

Usage Information

Device-related information

Log and Troubleshooting Information

Payment Data (the fact of purchase)/Subscription Status

Feedback Information

To assess the effectiveness of Our advertising campaigns by understanding which advertisements have led you to the Product and whether you have finally used the Product or purchased it/some of its features.

It is Our interest to understand who may be interested in Our Product and to offer Our Product to new potentially interested audiences as well as remind old users of it.

General Information (in a limited scope - to add examples as relevant for the Product)

Device-related information

Payment Data (the fact of purchase)/Subscription Status

Advertising Networks Information

To communicate with you in various ways, e.g.:

to send you technical notices, updates, security alerts;

to send reminders to your smartphone or web browser via in-app messages, in-app and web push notifications

to send promotional communications, such as product updates, offers, discounts, and provide news and information that We think will be of interest to you.

You can opt-out of any of Our promotional communications anytime as described in your privacy rights section.

We believe the provision of presumably relevant information will be a plus in addition to the provision of the App functionality.

General Information

Your User Choices

Usage Information

Device-related information

To provide customer support/ processing requests to the customer support team. This includes, for example:

responding when you request Our help such as assisting with your account login or verification process;

reacting to your comments and questions.

It is in Our interest to assist Our users with any inquiries and requests.

Customer Support and Other Communications Information

Usage Information

Device-related information

General Information

Payment Data/Subscription Status

To defend Ourselves from prospective legal claims, litigation and other disputes, including in relation to violations of Terms of Use, Privacy Policy, Subscription Terms or Refund Policy.

To ensure the safety, security and integrity of the Product.

 

It is in Our interest to respond to complaints, prevent and address fraud, unauthorised use of the Product, violations of our Terms and policies, or other harmful or illegal activity.

It is in Our interest to seek legal advice and protect ourselves (including our rights, personnel, property or products), Our users or others, including as part of investigations or regulatory inquiries and litigation or other disputes.

General Information

Usage Information

Device-related information

Log and Troubleshooting Information

To identify disruptions and maintain Product security, including detection and tracking of inadmissible access attempts and access to our servers.

It is Our interest to eliminate disruptions, maintain system security, and detect and track inadmissible access and access attempts.

General Information

Usage Information

Device-related information

Log and Troubleshooting Information

Payment Data/Subscription Status

Performance of Our obligations under the law

Why and how We process your information

Data Used

According to applicable tax and accounting laws, we may need to account your payments to conduct necessary statutory reports/withdrawals.

Further, sometimes in order to comply with applicable laws, We need to authenticate you, i.e. collect your identification documents.

Finally, according to applicable laws, We need to understand whether you allow processing of your data, push notifications, marketing communications and similar activities.

Payment Data

General Information

Usage Information

Your User Choices


Automated processing of your data

We do not use your data to make decisions based solely on automated processing that would create legal or comparable significant effects.

6. Cookies and Similar Technologies

[Cookie policy]

Third-party services, e.g. FB Pixel, FB Conversions API establish requirements as to the content of PP (e.g. users shall be informed of the possibility to withdraw cookies consent) - shall be taken into account

[Cookies description, reference to para 5 Cookies and similar technologies: attribution landings, HotJar, general analytics, payment service providers cookies etc.]:

Disclose how a business’s website or online service responds to Do Not Track signals from Web browsers.

The policy should fully disclose any automatic information collection, including collection of IP addresses, automatically recorded times and dates of visits to the website, and contents of a user’s public comments and posting on the website. This may also include the use of cookies, web beacons, or other tracking technologies. The paragraph must be tailored to reflect the (a) actual type of info the website passively collects and how this info is used, (b) technology it uses to collect this info, and (c) website practices with third-party advertisers.

Do Not Track

"Do Not Track" is a preference you can set in your Web browser to let the websites you visit know that you do not want them collecting information about you. The Website does not currently respond to a "Do Not Track" or similar signal. We do not engage in the collection of personal information about your online activities over time and across third-party websites or online services to provide targeted advertising and we do not allow third parties to collect such personal information when you use the Website.

7. Personal Data Transfers

7.1. Data Transfers by Both Website and App

As We have mentioned earlier, this Privacy Policy is aimed to describe data use in relation to the [App] App and related Website [URL]. Below, We explain with whom We share your personal data from the Product, i.e. both the Website and the App.

Third-party service providers

A number of Product functions rely upon services of third parties, so-called ‘processors’. Processors act based and in accordance with Our requests and shall not use your data for their own purposes.

Main service providers both App and Website share your data with are as follows:

Amazon Web Services [(address)]

We use Amazon Web Services, which is a hosting and backend service provided by Amazon, for personal data hosting and enabling our Product to operate and be distributed to its users.

[Scope of transferred data, if relevant; a basis for cross-border data transfer, if any]

AppsFlyer [(address)]

Appsflyer helps us to understand, in particular, how users find Our Product (for example, which advertiser had delivered an ad that led you to our Website or App). Appsflyer also provides us with different analytics tools that enable us to research and analyse your use of the Product.

[Scope of transferred data, if relevant; a basis for cross-border data transfer, if any]

Firebase Crashlytics [(address)]

Firebase Crashlytics is a Google Firebase service, which allows us to track application performance, i.e. We can discover the causes and severity of crashes in Product.

[Scope of transferred data, if relevant; a basis for cross-border data transfer, if any]

Front (FrontApp, Inc., 1455 Market Street, 19th Floor, San Francisco, CA 94103)

In order to provide you with swift and smooth customer support We use Front - software allowing us to optimise users' and customer support's conversations. In this regard, Front receives and stores copies of all data related to your customer support requests, such as emails, purchase details, feedback etc.

[Scope of transferred data, if relevant; basis for cross-border data transfer, if any]

Provider [(address)]

[Description; Scope of transferred data, if relevant; basis for cross-border data transfer, if any]

Customer support providers

People and companies providing us with professional app development and maintenance services

Advertising networks

We use services of third-party advertising platforms, for example, Instagram, Facebook, Snapchat that allow us to show targeted campaigns and messages to users within their platforms based on the users’ behaviour. In simplified terms, We provide information about you that would allow advertising platforms to locate you in their database and information that you performed a desirable action, such as making a purchase.

This allows an advertising network to understand which people are interested in Our Product as well as display advertisements of the Product to users who will most likely like it.

Please note that most advertising networks act as separate controllers or co-controllers of your data in full or partially, which means that such controllers decide whether to use the transferred data for their own purposes, e.g. providing you advertisements of other providers similar to our Product. You can learn more about the data processing practices of such companies in their respective privacy policies:

Facebook [PP link]

Instagram [PP link]

Snapchat [PP link]

[We do not share any health & wellness information with advertising networks. Add additional details on what is shared, in particular, in the course of CAPI use]

Related companies

We share your information with Our affiliates, i.e. companies which are related to [App Publisher], [Web Publisher] by, for example, having the same owner. Where such sharing takes place, related companies will honour this Privacy Policy.

Public authorities and bodies

We may use and disclose personal data to enforce our Terms of Use to protect our rights, privacy, safety, or property, and/or that of our affiliates, you or others, and to respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, or in other cases provided for by law.

International data transfers

Please note that in the course of the business, We transfer your personal data outside of EU/EEA countries. For example, some of Our service providers are located in the United States of America.

We shall implement measures as established under the law to ensure data transfers are protected as required. Where a recipient is located in one of the jurisdictions listed on the official website of the European Commission here, the appropriate safeguard is the corresponding adequacy decision of the Commission. Where no such adequacy decision is present, we rely on the so-called Standard Contractual Clauses (see more about them here) along with a detailed analysis of the law of the destination country to safeguard your data and your rights.

7.2. Website-Specific Data Transfers

In addition to the above, the Website may share your data as described below.

Third-party service providers

Provider [(address)]

[Description; Scope of transferred data, if relevant; basis for cross-border data transfer, if any]

7.3. App-Specific Data Transfers

Finally, on top of what is described for both the Website and the App, the App itself shares data as follows.

Third-party service providers

Provider [(address)]

[Description; Scope of transferred data, if relevant; basis for cross-border data transfer, if any]

8. Retention of Your Personal Data

We keep your information for as long as necessary to fulfil the purposes outlined in this Privacy Policy unless further retention is required under the law.

For data used subject to your consent and/or contract with you We store your information until the deactivation of your account. Upon that, We will either delete or anonymise it, except for cases where processing is based upon Our legitimate interest (more on this in Section 5 of this Policy), or if this is not technically possible (for example, because your personal information has been stored in backup archives). In the latter case, We will securely store your personal information and isolate it from any further processing until deletion is possible.

Even after the deactivation of your account, We retain data that is necessary for processing where we rely on our legitimate interest. For example, We may keep information on purchases in order to protect our rights in a legal process. Such storage is not indefinite and is limited to such data's usefulness and achieving our legitimate goals.

[Section must be improved. Data retention periods must be specified for each particular data category]

9. Changes to this Privacy Policy

We may change this Privacy Policy from time to time by posting those changes directly on this Webpage. Please make sure to review this Privacy Policy regularly. By continuing to use our Product, you acknowledge you’ve read and understood the most up-to-date Privacy Policy.