Privacy Policy

Effective date: September 10, 2024

This Privacy Policy outlines the practices of YUNOAPP LLC registered at 18401 COLLINS AVE, SUNNY ISLES BEACH, FL 33160, USA ("we," "our," or "us") regarding the collection, use, and disclosure of information in connection with your use of our application, QR Code Reader・Barcode Scanner (“App”), an app distributed by YUNOAPP LLC. The purpose of this Privacy Policy is to inform you about the types of information we collect, how we use and protect that information, and the choices you have regarding your data.

By using the App, you agree to the collection and use of your information in accordance with this Privacy Policy. This policy is legally binding and applies to all users of the app. If you do not agree with any part of this Privacy Policy, please discontinue your use of QR Code Reader・Barcode Scanner immediately.

This Privacy Policy applies to all individuals who use or access the App (referred to as "Users"). Under the General Data Protection Regulation (GDPR), we serve as the data controller unless specified otherwise.

1. Information we collect

We collect information to provide and improve our services, ensure the app's functionality, and enhance user experience. The information we collect is categorized as follows:

1.1. Information Provided by Users

  • Photos: When you use the App, you may provide photos via your device’s camera. We only access and store the specific photos you take within the app. We do not access or use any other photos or videos on your device, even if you grant us permission to do so.

  • Support Inquiries: If you contact our support team, we collect and store the personal data you voluntarily provide to process your request.

1.2. Automatically Collected Information

  • Log and Usage Data: Our servers automatically collect service-related, diagnostic, usage, and performance data when you access or use the App. This data is recorded in log files and may include information such as:

    • IP address
    • Device information
    • Browser type and settings
    • Activity within the app (e.g., date/time stamps, pages and files viewed, searches, features used)
    • Device event information (e.g., system activity, error reports, hardware settings)
  • Device Data: We collect information about the device you use to access the App. Depending on the device, this data may include:

    • IP address or proxy server
    • Device and application identification numbers
    • Location
    • Browser type
    • Hardware model
    • Internet service provider and/or mobile carrier
    • Operating system and system configuration
  • Personal Information: We collect personal information when you visit, use, and interact with the app. This includes order information from in-app purchases and the Identifier for Advertisers (IDFA) on your mobile device. Please note that billing, processing, and charging for in-app purchases are managed by the application stores, and we do not have access to or use your credit or debit card information.

  • Analytics Usage: We use online analytics tools like Amplitude and AppsFlyer, which employ cookies to assess how users interact with our services. This information helps us to improve and optimize your app experience.

  • Ad-Related Information: We collect data related to ads viewed in the app, including the date and time served, "click" or "conversion" events, ad content, type (e.g., text, image, video), placement within the app, and user responses.

  • Information automatically provided to advertising or analytics tools is generally not within our control, and we are not responsible for the processing of such information. We do not manage or oversee how these third parties handle your personal data, especially when it is collected by their own methods outside of our App.

2. Purposes and Legal Basis for Processing Your Personal Data

2.1. We process your personal data for the following purposes:

  • Service Availability: We use the information you provide and the data collected automatically to deliver the services you request and ensure the App's functionality.

  • App Testing, Monitoring, and Improvement: We analyze automatically processed data to understand user behavior and patterns, identify potential outages and technical issues, and operate, protect, improve, and optimize our App.

  • Interest-Based/Targeted Content: Automatically processed information may be used for marketing purposes, such as displaying ads tailored to your interests and preferences.

  • Communication: We use your information to respond to your inquiries, communicate with you via newsletters, send marketing notifications, gather feedback on your experience with our App, and inform you about updates to our policies and terms.

  • Compliance and Law Enforcement: We strive to protect you from spam and fraudulent content. We may use your information to prevent, detect, and investigate fraud, security breaches, and potentially prohibited or illegal activities.

2.2. Legal Basis for Processing Your Personal Data

  • The processing of your personal data is based on specific legal grounds, depending on the purpose for which we have collected and intend to use it. The legal bases for processing your personal data include:

    • Consent: We process your personal data with your explicit consent. Before collecting, using, sharing, or processing your personal data for advertising or related purposes, we will provide clear notice and obtain your valid, specific, and informed consent. This includes using your data for interest-based advertising and improving our services.

    • Legal Obligation: We may process your personal data when it is necessary to comply with legal obligations.

    • Legitimate Business Interests: We may process your personal data when it aligns with our legitimate business interests.

  • Specifically, personal data collected from you, third parties, or public sources, and submitted through our Website or App, will be processed for purposes based on the following legal grounds:

    • Communications - Legitimate Interest: If you interact with us via the Website, App, or other means, we may process your personal data to facilitate communication, arrange meetings, calls, or virtual sessions. Such communications may be recorded and stored within our corporate systems.

    • Marketing and Public Relations - Consent: For visitors to our Website and App, we may use cookies for marketing research, analyzing visitor characteristics, evaluating the effectiveness of our marketing efforts, and tailoring communications to identified trends. For subscribers or potential subscribers, we may use the personal data you provide to share promotional materials, announce service updates, deliver email notifications, and circulate newsletters. We ensure that all processing is transparent, lawful, and based on appropriate legal grounds while adhering to data protection principles.

    • Automated Processing - Legitimate Interest: For visitors to our Website and App, we may use essential cookies and third-party services to automatically process data about your interactions with the site or app. This helps us better understand your preferences and enhance your overall experience.

    • Marketing and Public Relations - Consent: We use cookies to conduct marketing research, analyze visitor demographics, evaluate the effectiveness of our marketing communications, and customize them according to identified trends. With your consent, we may use your personal data to send promotional materials, provide updates on our services, and deliver email notifications and newsletters.

    • Security Measures - Legitimate Interest: We process personal data to ensure the security of our app, prevent fraud, and protect the rights and interests of our Company and third parties, including safeguarding Intellectual Property rights.

3. Data Sharing and Data Transfer

3.1. Sharing with Third Parties

To enhance your experience and provide the best possible service, we may share certain information with third-party providers, affiliated entities, contractors, government entities, and authorities (collectively referred to as "data processors"). These entities are entrusted with specific tasks related to hosting, maintenance, analytics, marketing, or compliance with legal requirements.

3.2. Categories of Data Processors

When processing your data, we may engage the following types of data processors:

  • Affiliated Entities: Our subsidiaries or affiliates who process data on our behalf to improve services.

  • Government Entities and Authorities: In cases where disclosure is required by law or necessary to protect our rights, safety, or interests.

  • Service Providers: Companies that provide hosting, maintenance, analytics, marketing, or customer support services.

Service Providers Details

Name Services Location Privacy Policy
DigitalOcean, LLC Cloud storage provider U.S.A. Privacy Policy
Amplitude Inc. Analytics service provider U.S.A. Privacy Policy
AppsFlyer Inc. Analytics service provider U.S.A. Privacy Policy
Apple Inc. Cloud storage provider (for iOS devices) U.S.A. Privacy Policy
Google Inc. Analytics and marketing service provider U.S.A. Privacy Policy
Facebook (Meta Platforms, Inc.) Analytics, user acquisition and marketing service provider U.S.A. Privacy Policy
Barcode Lookup API for barcode reading U.S.A. Privacy Policy

3.3. Compliance with Data Protection Laws

We ensure that any sharing of information is carried out in strict compliance with applicable data protection laws. We implement comprehensive measures to guarantee that these data processors handle your information with the same level of care, confidentiality, and security as we do. It is important to emphasize that we do not sell your personal information to third parties for any purpose.

3.4. Legal Disclosures

We may disclose your personal information if required for specific reasons, such as in the public interest:

  • As mandated by law;

  • When we believe, in good faith, that disclosure is necessary to protect our rights, ensure your safety or the safety of others, investigate fraud, or respond to a government request;

  • If we are involved in a merger, acquisition, or sale of all or a portion of our assets, you will be notified via email and/or a prominent notice in our App of any change in ownership or in how your personal information is used, as well as any choices you may have regarding your personal information.

  • Please note that our App may contain links to third-party websites or services, or you may access our App from a third-party site. We are not responsible for the privacy practices of these third-party sites or services linked to or from our App, including any information or content contained within them.

3.5. Data Transfers Outside the EEA

If we transfer personal data from the European Economic Area (EEA) to countries that do not offer an adequate level of data protection, we rely on one of the following legal bases:

  • Implementation of Standard Contractual Clauses approved by the European Commission; or

  • Adherence to adequacy decisions made by the European Commission for specific countries. More details can be accessed here.

4. Data Retention

4.1. Retention Period

We retain your personal information for as long as necessary to provide the services offered through our App and to comply with our legal obligations. If you no longer wish for us to use or store your information that we have physical access to, you may request the deletion of your personal information and account. This action could result in loss of access to our services and may limit our ability to respond effectively to your inquiries.

4.2. Data Retention Circumstances

Please note that certain data may still be retained for a limited period (no longer than necessary for the storage purpose) in the following circumstances:

  • Legal Compliance: To meet our legal obligations, such as those related to taxation, accounting, or auditing requirements.

  • Security and Backup: To maintain security, data backup settings, and system integrity.

  • Fraud Prevention: To detect, prevent, or investigate fraud or other illegal activities.

After the retention period expires, we will securely delete or anonymize your personal data in accordance with applicable laws and regulations.

5. Security Measures

5.1. Safeguarding Personal Information

We implement industry-standard practices to safeguard the personal information you provide to us, both during transmission and after it is received. We take reasonable and appropriate measures to protect your personal data from loss, misuse, unauthorized access, disclosure, alteration, and destruction, considering the risks associated with processing and the nature of the information.

5.2. Security Practices

To ensure the security of your personal data, we use strong encryption algorithms and employ hashing techniques where possible. However, while we strive to protect your personal data, no method of transmission over the Internet or method of electronic storage is entirely secure, and we cannot guarantee its absolute security.

5.3. Notification of Security Breach

In the event of a security breach that compromises your personal information, we will promptly notify you in accordance with applicable legal requirements.

5.4. Contact Information

If you have any questions or concerns regarding the security of our App, please contact us at [email protected].

6. User Privacy Rights

6.1. Privacy Rights

We respect your privacy and are committed to ensuring that your personal information is protected. As a user of the App, you have the following privacy rights:

  • Right to Access: You have the right to request access to the personal data we hold about you. Upon request, we will provide you with a copy of your personal information in a structured, commonly used, and machine-readable format.

  • Right to Rectification: If you believe that any personal information we have collected about you is inaccurate or incomplete, you have the right to request that we correct or update it.

  • Right to Erasure: You have the right to request the deletion of your personal data under certain circumstances, such as when the data is no longer necessary for the purposes for which it was collected or when you withdraw your consent.

  • Right to Restrict Processing: You have the right to request that we limit the processing of your personal data if you contest the accuracy of the data, if the processing is unlawful, or if we no longer need the data but you require it for legal claims.

  • Right to Data Portability: You have the right to request that your personal data be transferred to another organization or directly to you, where technically feasible.

  • Right to Object: You have the right to object to the processing of your personal data for direct marketing purposes or when the processing is based on our legitimate interests.

  • Right to Withdraw Consent: If our processing of your personal data is based on your consent, you have the right to withdraw that consent at any time. This will not affect the lawfulness of processing based on consent before its withdrawal.

  • Right to Complain: If you have any concerns or complaints regarding how we handle your personal data, you have the right to contact us via email [email protected] or lodge a complaint with a data protection authority.

6.2. Exercising Your Rights

To exercise any of these rights, please use the details provided in the "Contact Us" section of this Privacy Policy. We will respond to your request in accordance with applicable data protection laws.

6.3. Your Right to Opt Out

If you prefer not to have third-party service providers display personalized ads based on your interests, you can adjust your device settings:

  • For iOS Devices: Go to Settings > Privacy > Advertising and select "Limit Ad Tracking." You can find more information here.

  • For Android Devices: Navigate to Settings > Google > Ads and choose "Opt out of Ad Personalization." You can also visit YourAdChoices to opt out.

Please note that even after opting out of interest-based advertising, you may still receive non-personalized ads, such as those based on the content of the digital products you are using.

If you do not want third-party service providers to use your precise location data or street-level location information, you can disable Location Services for the App:

  • For iOS Devices (iOS 11 or later): Go to Settings > Privacy > Location Services, select the App, and set "Share My Location" to "Never." Additional information is available here.

  • For Android Devices (Android 5.0 or later): Go to Settings > Apps > [App Name] > Permissions > Location and turn off the "Location" option.

7. Children's Privacy

Our services are not intended for use by children under the age of 18, and we do not knowingly collect or solicit personal information from anyone under this age. If we become aware that we have inadvertently collected personal information from a child under 18 without verified parental consent, we will take immediate steps to delete that information from our records. If you believe that we may have collected information from or about a child under the age of 18, please contact us at [email protected], and we will address the issue promptly.

8. CALIFORNIA RESIDENT NOTICE

Under the California Consumer Privacy Act of 2018 (CCPA) California residents shall have the right to request: a) the categories of personal information that is processed; b) the categories of sources from which personal information is obtained; c) the purpose for processing of user personal data; d) the categories of third parties with whom we may share your personal information; e) the specific pieces of personal information that we might have obtained about a particular user provided that the data given in the request is reliable enough and allows to identify the user.

PERSONAL INFORMATION.

All about the categories of information, its sources and purposes of processing is described above. Be informed that according to CCPA personal information does not include de-identified or aggregated consumer information.

DATA SHARING.

Data sharing scope and basis are defined above. All third parties that are engaged in processing user data are service providers that use such information on the basis of agreement and pursuant to business purpose.

OPT-OUT OPTIONS.

If you don’t want us to process your personal information any more, please contact us through [email protected] Please be informed that such opt out may impact App’s further operation without functional data and you will be advised to remove the App from your device. If you don’t want us to share device identifiers and geolocation data with service providers, please check your device settings to opt out as described above.

REQUESTS.

To submit a verifiable consumer request please contact us through the email [email protected] When submitting a verifiable request, you should be ready to: a) Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, which may include: name, address, city, state, and zip code and email address. We may use this information to surface a series of security questions to verify your identity. If you are making a request through an authorized agent acting on your behalf, such authorized agent must provide written authorization confirming or a power of attorney, signed by you; b) Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We will not be able to respond to your request or provide you with personal information if we cannot: (i) verify your identity or authority to make the request; or (ii) confirm that personal information relates to you. We may ask you for additional information or documents to verify your identity. We may also carry out checks, including with third party identity verification services, to verify your identity before taking any action with your personal information. This is regarded as a safeguard measure to prevent disclosure of your personal information under a fake or scum request.
We ensure that personal information provided in a verifiable consumer request will be used only to verify the requestor’s identity or authority to make the request and not for any other purpose. We will keep it for the adequate term reasonably needed for the purpose described above and delete after the purpose is fulfilled.
We try to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time, we will inform you of the reason and extension period in writing. Please note that we are only required to respond to two requests per customer each year.

CALIFORNIA PRIVACY RIGHTS.

  • The right of access means that you have the right to request that we disclose what Personal Information we have collected, used and disclosed about you in the past 12 months. Please, note that we shall not be required to provide personal information to you more than twice in a 12-month period.
  • The right to prohibit sale of information means that you have the right to request that we stop the processing of your data for direct marketing purposes either by asking us to cease processing all data about you or asking us not to send you direct marketing communications. We generally do not sell your Personal Information for profit.
  • The right of correction means that you have the right to request that we correct any inaccurate personal information that we maintain about you.
  • The right to non-discrimination means that you will not receive any discriminatory treatment when you exercise one of your privacy rights.
  • The right to opt out of automated decision-making technologies means your right not to be subject to a decision that is based solely on automated processing (where a decision is taken about you using an electronic system without human involvement) which significantly impacts your rights. No decision will be made by us about you solely on the basis of automated decision making which has a significant impact on you.
  • The right to restrict the use of your sensitive information means directly contacting us to stop such processing of your sensitive personal information for such purposes. We do not process any sensitive personal information to infer characteristics about you.
  • The right of deletion means that you have the right to request that we delete Personal Information collected or maintained by us, subject to certain exceptions. Please note that under the CCPA we are under no obligation to comply with your request if we need to maintain your information if we need it to, among other things: (a) complete the transaction for which the personal information was collected, or (b) fulfill the terms of a written warranty or product recall; (c) detect security incidents; protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity; (d) debug to identify and repair errors that impair existing intended functionality; (e) comply with the California Electronic Communications Privacy Act; (f) enable solely internal uses that are reasonably aligned with the expectations of the consumer based on the consumer’s relationship with the business; (g) comply with a legal obligation. Otherwise use the personal information internally in a lawful manner that is compatible with the context in which the consumer provided the information, etc.
  • The rights to portability means your right to receive your personal information in an electronic and structured form to you or to another party.

SALE OF DATA.

We do not sell any of your personal data to third parties.

9. COLORADO RESIDENT NOTICE

This section applies only to Colorado residents in addition to the rest of this Privacy Policy. We process personal data in compliance with the Colorado Privacy Act that requires us to disclose the following additional information related to our privacy practices.

If you are unable to access this Privacy Policy due to a disability or any physical or mental impairment, please contact us and we will provide you with the required information in an alternative format that you can access.

PERSONAL INFORMATION.

All about the categories of information, its sources and purposes of processing is described above.

DATA SHARING

Data sharing scope and basis are defined above. All third parties that are engaged in processing user data are service providers that use such information on the basis of agreement and pursuant to business purpose.

REQUESTS.

To submit a verifiable consumer request please contact us through the email [email protected] When submitting a verifiable request, you should be ready to: a) Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, which may include: name, address, city, state, and zip code and email address. We may use this information to surface a series of security questions to verify your identity. If you are making a request through an authorized agent acting on your behalf, such authorized agent must provide written authorization confirming or a power of attorney, signed by you; b) Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We will not be able to respond to your request or provide you with personal information if we cannot: (i) verify your identity or authority to make the request; or (ii) confirm that personal information relates to you. We may ask you for additional information or documents to verify your identity. We may also carry out checks, including with third party identity verification services, to verify your identity before taking any action with your personal information. This is regarded as a safeguard measure to prevent disclosure of your personal information under a fake or scum request.
We ensure that personal information provided in a verifiable consumer request will be used only to verify the requestor’s identity or authority to make the request and not for any other purpose. We will keep it for the adequate term reasonably needed for the purpose described above and delete after the purpose is fulfilled.
We try to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time, we will inform you of the reason and extension period in writing. Please note that we are only required to respond to two requests per customer each year.

COLORADO PRIVACY RIGHTS.

  • The right of access means the right to know if a controller is processing the consumer’s data.
  • The right to portability provides the ability for you to receive the data in their right to access in a portable and machine-readable format, where technically feasible, that enables you to transmit the data to another entity without hindrance. Please note that you may only exercise the right to data portability twice per calendar year.
  • The right to opt-out means your right to object to the processing of your personal data for such purposes as (1) the sale of your personal data. Please note that we do not sell any of your personal data to third parties; (2) Targeted advertising, or (3) Profiling to help make decisions that produce legal or similarly notable effects concerning a consumer.
  • The right of correction means your right to request that we rectify inaccurate information about you.
  • The right of deletion means that you can ask us to delete or stop processing your personal data.
  • The right of appeal means that if you are not satisfied with resolving your privacy request, you can initiate an appeal procedure described below.
  • HOW TO EXERCISE YOUR PRIVACY RIGHTS.

    You can exercise any of your privacy rights specified above using any of the ways described in the Section “Contact information”. Please, specify clearly what you want to exercise and identify yourself. Please note that we are not required to comply with the request if we are unable to authenticate your request using commercially reasonable efforts.
    If you send us a request we will reply to you within 45 calendar days free of charge, except that, for a second or subsequent request within a twelve-month period, we may charge a reasonable fee.
    If we refuse to take action on your request, you can follow the appeal procedure within 30 days after receiving such refusal sending your appeal to this email [email protected] adding in the subject of email “Appeal to answer on privacy request”.
    We are obliged to consider your appeal within 45 after receipt of the appeal and inform you of any action taken or not taken in response to the appeal. We can extend this term by 60 additional days where reasonably necessary, taking into account the complexity and number of requests serving at this time.
    If your appeal is denied, you may contact the Attorney General to submit a complaint by visiting the Office of the Attorney General’s website to complete an Online Consumer Complaint Form.

    AUTHENTICATION.

    For the purpose of safeguarding your Personal Data against unauthorized access or deletion, we may need to authenticate your credentials before accepting a request pertaining to your rights. If you do not possess an account with us or if we suspect unauthorized access to your account, we may request additional personal information from you to verify your identity. If after these steps we are unable to verify your identity, we reserve the right to decline your rights request.

    SALE OF DATA.

    We do not sell any of your personal data to third parties.

    10. VIRGINIA PRIVACY NOTICE

    The following section pertains exclusively to residents of Virginia. It outlines our practices regarding the collection, utilization, and sharing of Personal Data belonging to Virginia residents, in our capacity as a business operating under the Virginia Consumer Data Protection Act ("VCDPA"). Additionally, it outlines your rights in relation to your Personal Data. Please note that the term "Personal Data" used in this section holds the definition ascribed to it by the VCDPA, with the exception of information exempted from the VCDPA's scope.

    PERSONAL INFORMATION.

    All about the categories of information, its sources and purposes of processing is described above.

    DATA SHARING

    Data sharing scope and basis are defined above. All third parties that are engaged in processing user data are service providers that use such information on the basis of agreement and pursuant to business purpose.

    REQUESTS.

    To submit a verifiable consumer request please contact us through the email [email protected]. When submitting a verifiable request, you should be ready to: a) Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, which may include: name, address, city, state, and zip code and email address. We may use this information to surface a series of security questions to verify your identity. If you are making a request through an authorized agent acting on your behalf, such authorized agent must provide written authorization confirming or a power of attorney, signed by you; b) Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
    We will not be able to respond to your request or provide you with personal information if we cannot: (i) verify your identity or authority to make the request; or (ii) confirm that personal information relates to you. We may ask you for additional information or documents to verify your identity. We may also carry out checks, including with third party identity verification services, to verify your identity before taking any action with your personal information. This is regarded as a safeguard measure to prevent disclosure of your personal information under a fake or scum request.
    We ensure that personal information provided in a verifiable consumer request will be used only to verify the requestor’s identity or authority to make the request and not for any other purpose. We will keep it for the adequate term reasonably needed for the purpose described above and delete after the purpose is fulfilled.
    We try to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time, we will inform you of the reason and extension period in writing. Please note that we are only required to respond to two requests per customer each year.

    VIRGINIA PRIVACY RIGHTS.

    As a resident of Virginia, we would like to inform you about your privacy rights, which are outlined below. While we respect and uphold these rights, it is important to note that they are not absolute, and there may be instances where we are unable to fulfill your request in accordance with applicable laws and regulations.

    • Correct inaccuracies in the consumer’s personal data that is collected by the controller.
    • Confirm if the controller is actually processing their personal data or request a copy of the personal data.
    • Delete personal data provided by or obtained about the consumer.
    • Obtain copies of the personal data collected by the controller.
    • Opt out of the processing of personal data for purposes of targeted advertising, the sale of personal data, or further profiling.
    • The right to restrict processing of your sensitive personal information. We do not process any sensitive personal information to infer characteristics about you.
    • You have the right to be free from discrimination related to your exercise of any of your Virginia privacy rights.
    • Appeal our valid refusal of your initial request. If we reject your request relating to any of the rights outlined in the above sections, you have the option to request a reconsideration of our decision.

    HOW TO EXERCISE YOUR PRIVACY RIGHTS.

    You can exercise any of your privacy rights specified above using any of the ways described in the Section “Contact information”. Please, specify clearly what you want to exercise and identify yourself. Please note that we are not required to comply with the request if we are unable to authenticate your request using commercially reasonable efforts.
    If you send us a request we will reply to you within 45 calendar days free of charge, except that, for a second or subsequent request within a twelve-month period, we may charge a reasonable fee.
    If we refuse to take action on your request, you can follow the appeal procedure within 45 days after receiving such refusal sending your appeal to this email [email protected] adding in the subject of email “Appeal to answer on privacy request”.
    We are obliged to consider your appeal within 45 after receipt of the appeal and inform you of any action taken or not taken in response to the appeal. We can extend this term by 60 additional days where reasonably necessary, taking into account the complexity and number of requests serving at this time.
    If your appeal is denied, you may contact the Attorney General to submit a complaint by visiting the Office of the Attorney General’s website to complete an Online Consumer Complaint Form.

    AUTHENTICATION.

    For the purpose of safeguarding your Personal Data against unauthorized access or deletion, we may need to authenticate your credentials before accepting a request pertaining to your rights. If you do not possess an account with us or if we suspect unauthorized access to your account, we may request additional personal information from you to verify your identity. If after these steps we are unable to verify your identity, we reserve the right to decline your rights request

    SALE OF DATA.

    We do not sell any of your personal data to third parties.

    11. CONNECTICUT PRIVACY NOTICE

    This notice outlines the manner in which we, acting as a "Controller" under Connecticut's Data Protection Act ("CTDPA"), collect, utilize, and disclose your personal data, as well as the rights you have concerning your personal data, including sensitive personal data. In this context, "personal data'' and "sensitive data'' carry the definitions provided in the CTDPA and do not encompass information excluded from the scope of the CTDPA.

    PERSONAL INFORMATION.

    All about the categories of information, its sources and purposes of processing is described above.

    DATA SHARING

    Data sharing scope and basis are defined above. All third parties that are engaged in processing user data are service providers that use such information on the basis of agreement and pursuant to business purpose.

    REQUESTS.

    To submit a verifiable consumer request please contact us through the email [email protected]. Before processing most requests, we will need to verify your identity and confirm that you are a resident of the State of Connecticut. When submitting a verifiable request, you should be ready to: a) Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, which may include: name, address, city, state, and zip code and email address. We may use this information to surface a series of security questions to verify your identity. If you are making a request through an authorized agent acting on your behalf, such authorized agent must provide written authorization confirming or a power of attorney, signed by you; b) Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
    We will not be able to respond to your request or provide you with personal information if we cannot: (i) verify your identity or authority to make the request; or (ii) confirm that personal information relates to you. We may ask you for additional information or documents to verify your identity. We may also carry out checks, including with third party identity verification services, to verify your identity before taking any action with your personal information. This is regarded as a safeguard measure to prevent disclosure of your personal information under a fake or scum request.
    We ensure that personal information provided in a verifiable consumer request will be used only to verify the requestor’s identity or authority to make the request and not for any other purpose. We will keep it for the adequate term reasonably needed for the purpose described above and delete after the purpose is fulfilled.
    If you are submitting a request on behalf of a Connecticut resident, including a minor child, we will also need sufficient information to verify that the individual is the person about whom we collected personal data, and that you are authorized to submit the request on their behalf.
    We try to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time, we will inform you of the reason and extension period in writing. Please note that we are only required to respond to two requests per customer each year.

    CONNECTICUT PRIVACY RIGHTS.

    As a resident of Connecticut, we would like to inform you about your privacy rights, which are outlined below. While we respect and uphold these rights, it is important to note that they are not absolute, and there may be instances where we are unable to fulfill your request in accordance with applicable laws and regulations.
    Right to know. You have the right to verify whether we are processing your personal data or not.
    Right to deletion. You have the right to request the deletion of your personal data under certain circumstances. If you make such a request, we will assess whether we are legally obligated to comply or if there are reasons that limit the scope of the deletion. If there are any reasons, we will provide you with an explanation in our response.
    Right to access. The right to access and obtain a copy of personal data you previously provided to us, in a readily usable format that allows you to transmit the information to another entity without hindrance, to the extent technically feasible.
    The right to opt out of the processing of personal data for purposes of targeted advertising, the sale of personal data, or further profiling.
    The right to opt out of profiling. You have the right to choose not to have your personal data processed for profiling purposes that could lead to decisions with significant legal or similar effects on you. If you wish to exercise this right, you can opt out of such profiling activities.
    The right to appeal our valid refusal of your initial request. If we reject your request relating to any of the rights outlined in the above sections, you have the option to request a reconsideration of our decision.

    HOW TO EXERCISE YOUR PRIVACY RIGHTS.

    You can exercise any of your privacy rights specified above using any of the ways described in the Section “Contact information”.
    If we refuse to take action on your request, you can follow the appeal procedure within 45 days after receiving such refusal sending your appeal to this email [email protected] adding in the subject of email “Appeal to answer on privacy request”. If your appeal is denied, you may contact the Attorney General to submit a complaint by visiting the Office of the Attorney General’s website to complete an Online Consumer Complaint Form.

    12. Changes to This Privacy Policy

    We may revise this Privacy Policy from time to time. When we make significant changes, we will notify you as required by applicable privacy laws or when the changes are substantial. If legally required, we will obtain your consent for any changes. The "last updated" date at the bottom of this Privacy Policy will indicate the latest revision. We encourage you to review this page regularly for updates. We may also notify you of changes by updating the Privacy Policy date within the App or through other methods, such as in-app notifications.

    13. Contact Us

    If you have any questions or concerns regarding this Privacy Policy, please contact us at [email protected].

    Last updated: September 12, 2024