Privacy Policy of Website and Web Apps
Updated and Effective as of August 2024
Thank you for choosing to be part of our community!
WE HOPE YOU TAKE SOME TIME TO READ THROUGH IT CAREFULLY, AS IT IS IMPORTANT.
This Privacy Policy describes how Neman Solutions OÜ(collectively, “we,” “us,” or “our”) collects, uses, stores, transfers, and discloses personal information from our Users in connection with our Website or/and Web application located at the following Website: https://caltrackai.com (collectively referred to as “Service”). One way to protect your privacy is to learn how it will be used before you give it out. We attach great importance to your privacy rights and truthfully explain why and how we process your information. We tried to shorten this privacy policy, so it would be easier to understand the rights of a User (referred to as “you,” “yours,” Etc.) and our obligations to the User’s data. «Personal Data» means personal data that relates to you as an identified or identifiable individual.
Where applicable, you must provide us with the relevant Personal Data to be able to use our Services completely. You should not use the Services if you disagree with this Policy, our Terms of Use, and any other agreement that governs your use. BY USING THE SERVICE, YOU PROMISE US THAT (I) YOU HAVE READ, UNDERSTAND AND AGREE TO THIS PRIVACY POLICY, AND (II) YOU ARE OVER 16 YEARS OF AGE (OR HAVE HAD YOUR PARENT OR GUARDIAN READ AND AGREE TO THIS PRIVACY POLICY FOR YOU). You must not use the Service if you disagree or cannot make this promise. In this case, you must (a) contact us and request deletion of your data; and (b) leave the Service and not access or use it.
We may update this Privacy Policy from time to time, so please be sure to check regularly. We will notify you of any material changes by posting the new Privacy Policy on the primary access points to the Services or as otherwise required by applicable law.
If any questions still need to be answered, please contact us at support@caltrackai.com.
Table of content:
1. Categories of personal data, purposes of the processing, and legal bases
When the User uses our Services, we can collect, use, receive, process, transfer, and share some of the User’s Personal Data for different legitimate purposes. Below are explanations regarding what Personal Data we may collect or process, why we may collect this data, and the legal bases relied on in each case.
Category | Personal Data |
---|---|
User-provided information (In some instances, we may require certain Registration Information, in other cases, we may ask you to provide such data voluntarily.) | |
Contact Data – when the User registers for the Service and enters the contract | email; Name/Surname/Nickname; password or passcode; last 4 digits of the card number; comment. |
Location Data - we do not collect the User’s precise location | country, state, or coarse location such as Approximate Location Services (general - non-precise location). |
Quiz Data - during the onboarding questionnaire, the User may provide different quiz personal data. We do not collect, store, share, or transfer this quiz data or use this data for identification, marketing, or advertising purposes. We are not collecting biometric information. | date and place of birth, birth time, gender, weight, age, photo (arm, face, Etc.), relationship status, future goals, source of stress, answers to the questions, data on physical characteristics (including height, weight, areas for improvement), Etc. |
Automatically collected information. When you use the Service, some information about your device and user behavior may be processed automatically. | |
Device Info – technical data | device type and model, two-character country code, a subdivision of country (e.g., state), city, two-character language code, operating system, and version number (ex.: ios 7.1.3, android), hardware type, connection type (for example, WiFi, 3G, 4G), network service provider, device motion parameters and carrier. |
Identity Data - identify a computer, device, browser, or product | IP Address; ID for advertisers (IDFA) (iOS only); Google Advertising ID, or GPS ADID (ID Device) if Google Advertising ID is empty; API level (Android only); Firebase ID and other similar unique identifiers. |
Usage Data (Events) - indicates if the activity happened on mobile or web | length of the User's last session in seconds; Length of the User's current session in seconds; Number of sessions recorded; Push notification token, i.e., registration token (Android), device token (iOS); clicks on User's ads; the type of ads and the webpage or Application from which such ads were displayed; downloads and installations of applications. |
Diagnostic information | logs, error reports, events, and the type, number, date, and page relating to this information. |
Cookies and Other Tracking Technologies | cookies, web beacons (also known as "tracking pixels"), embedded scripts, location-identifying technologies, fingerprinting, device recognition technologies, in-app tracking methods, and other tracking technologies now and hereafter developed ("Tracking Technologies") may be used to collect information about interactions with the Service or information received from third parties. |
Please note that we may ask your permission to connect to Apple HealthKit (please see more information here: http://www.apple.com/ios/health/) and Google Fit (please see more details here:https://www.google.com/fit/) to enable us to import Personal Data about your health and activities into the Service. This imported data may include calories burned, heart rate, and other data about your health. When you choose to have this data imported, you are subject to the Google Fit and Apple HealthKit privacy policies and practices.
We collect personal data to ensure the Service provided, analyze your behavior during the usage of our Service, add new features to our Service, and provide our third-party service providers with information crucial to their services.
Providing Service includes enabling you to use the Service seamlessly and preventing or addressing Service errors or technical issues. As a result of such processing, we will use your email, for example, to send you the purchased product or to render services ordered through our Website. To host personal data and enable our Website to operate and be distributed, we use Amazon Web Services, a hosting and backend service provided by Amazon. We use Stripe and PayPal, payment processing providers, to allow the purchase and process your payments. We use Firebase Performance Monitoring, a monitoring Service provided by Google. Please visit Google’s Privacy Policy and Privacy and Security in Firebase to learn more. We will not store or collect your payment card details ourselves. This information will be provided directly to our third-party payment processors.
Purposes | Personal Data | Legal Basis |
---|---|---|
To provide the Services according to our policies with you. For example, we use your Personal Data to: help you with the onboarding process and personalize your results, provide the app when you download it onto your device. | Contact Data; Quiz Data; Location Data; Usage Data | Contract |
Research and development: We use Personal Data for internal research and development purposes and to improve and test the features and functions of our Services. We use information processed automatically to understand better user behavior and trends, detect potential outages and technical issues, and operate, protect, improve, and optimize our Service. | Automatically collected information | Legitimate interest |
To diagnose and fix issues with the Service. | Usage Data | Legitimate interest |
To help the User to choose a subscription plan, provide entertainment services, to send analysis reports, and go through the quiz to customize the User experience. | Quiz Data | Contract |
To communicate with you. When you contact us (for example, to inquire about our Services), we want to communicate with the User to provide support. | Contact Data | Contract |
To allow us to track the performance of our marketing campaign to help us optimize our Service features and events for each user. | User ID, in-Apps activity data, advertising ID, IP address, location | Legitimate interest |
An alternative way to register (only for voluntary users’ desires). | If you sign into the Services with Facebook Connect (Instagram) or Google Connect, or Apple, we will collect information that is visible via your Facebook or Google account, such as (1) your first and last name, (2) Facebook ID/Google ID/Apple ID (3) Profile Picture/URL, city-level location. | Contract |
If applicable, billing (invoicing), account management, and other administrative purposes. If you pay for Services directly through our website, you authorize us to have our payment processor collect this information. | Contact Data. In the event the User purchases products or Services directly from us, we, or a third party on our behalf, may collect the billing information the User provides us, as well as the payment card and other payment information, solely as required to process payments or send User invoices for such purchase. | Contract |
To send you marketing communications. | Contact Data | Consent |
To personalize ads. | Automatically collected information, Location data | Consent |
To prevent fraud or harm to us or any third party and ensure the security of our network and services. | Automatically collected information | Legitimate interest |
Legal obligations: We may be required to use and retain Personal Data for legal and compliance reasons, such as the prevention, detection, or investigation of a crime; loss prevention; or fraud. For example, when we use your date of birth when required for age verification purposes. | Contact Data | The legal obligation |
To fulfill contractual obligations with third parties. For example, when we provide pseudonymized data to our partners in analytics matters or process your payment. | Automatically collected information. Contact Data | Legitimate Interest |
2. Cookies
We may send one or more small data files called - "cookies" - to User's computer to uniquely identify User's browser, help the User log in faster, and enhance User's navigation through the website. Cookies may convey anonymous information about how Users browse the Services to us so we can provide you with a more personalized experience, but do not collect personal information about you. We may use different types of cookies: Essential Cookies (to provide you with Services available through our Site and to enable you to use some of its features), Functionality Cookies (to remember your login details and changes you make, this helps us to make Service personal oriented), Analytics Cookies (these cookies allow us to collect information about traffic to our Site and how users use our Site, but this information doesn't include personally identifiable user information, the data collected is aggregated and anonymous), Social Media Cookies (these cookies are used when you share information using a social media sharing). We may use web and mobile analytics and advertising services and technologies (such as Google Analytics, Facebook Analytics, Firebase, AppStore Analytics, Tenjin, GameAnalytics, AdMob, Etc.) to assist in collecting certain information about the devices or computers you use to access the Apps and Sites. Users can opt out of certain types of tracking by Google Analytics and Yandex.Metrica. If you want to refrain from participating in Google Analytics and Yandex.Metrica, you can download a browser add-on that blocks the display of ads. We may use remarketing technology like Google Remarketing. We may use Google Remarketing to serve targeted advertisements. You can disable this function using the appropriate settings at http://www.google.com/settings/ads. For further information about cookies, including how to see the cookies set on your computer or mobile device and manage and delete them, visit www.allaboutcookies.org and www.youronlinechoices.com.
3. Third parties processing Personal data
We may share your information with third-party companies to perform certain services, including but not limited to hosting services, payment processing, analytics, and customer service, and to assist us in our marketing efforts. We share your Personal Data with certain third parties as part of our operation of the Service, whether shared by us or gathered directly by third parties through SDKs integrated into the Service. This data sharing enables us to provide you with the Service optimally, such as serving you personalized, relevant advertisements within the Service. We hereby undertake not to disclose or transfer the User’s Personal data to any third parties, except Processors mentioned in this paragraph, without receipt of individual consent of the User. The following companies are the Processors of the Personal Data of the Services (In case you want to learn more about the services and privacy options, please consult their websites and privacy policies):
Processor | Purpose | Policy and opt-out |
---|---|---|
Customer support: help us to communicate with you CalTrack AI and fast | ||
Freshworks Inc. | Customer support (Email address, Content of the emails). | https://www.freshworks.com/privacy/ |
Customer support: help us to communicate with you CalTrack AI and fast | ||
AppLovin Corp | https://www.applovin.com/privacy/ | |
AdColony, Inc | https://www.adcolony.com/privacy-policy/ | |
TikTok (Bytedance, Ltd) | https://www.tiktok.com/legal/page/row/privacy-policy/en | |
IronSource Mobile Ltd. | https://ironsource.mobi/privacypolicy.html | |
Snap Inc. | https://www.snap.com/en-US/privacy/privacy-policy/ | |
https://policy.pinterest.com/en/privacy-policy | ||
Meta Inc. | https://www.facebook.com/privacy/policy/ | |
Analytic companies: provide us with tools and technologies that allow us to understand better how users interact with our services, usually collect data via their own SDKs | ||
Amplitude, Inc. | Mobile attribution and analytics. To perform research and analysis about how users interact with the Services. Personal Data collected: Cookies, Usage Data, Device Info, Identity Data. | https://amplitude.com/privacy |
Other partners | ||
Apple, Inc. | To collect and process payments for subscriptions to the App. Personal Data collected: Payment and banking information and Usage Data. | https://support.apple.com/en-us/HT210584 |
Facebook Ireland Ltd. | Our Services measure conversions using visitor action pixels from Facebook. It allows an analysis of the effectiveness of Facebook advertisements for statistical and market research purposes and their future optimization. Facebook Analytics is an analytics tool provided by Facebook, Inc. (US) that may collect or receive information from our Services. You can manage your personalized ad preferences concerning Facebook directly from your Facebook account. Personal Data collected: Cookies, unique device identifiers for advertising (Google Advertiser ID or IDFA, for example), and Usage Data. | https://www.facebook.com/policy.php |
PayPal | To collect and process payments for subscriptions to the App and certain web services (Payment and Banking information). | https://www.paypal.com/by/ webapps/mpp/ua/privacy-full |
Stripe | Payment service provider (Payment and Banking information) | https://stripe.com/privacy |
4. Term of storage of Personal data. Security measures.
If you are located outside of the USA and choose to provide information to us, please note that we transfer the data, including Personal Data, to the USA and process it there. Your consent to this Privacy Policy, followed by submitting such information, represents your agreement to that transfer. We retain all Personal Data for as long as you use the Services and 24 months after you stop. If you do not use the Services for 24 continuous months, we erase Personal Data from our database and request the same erasure from any third party to whom your Personal Data may have been transferred. We may erase Personal Data earlier if we no longer need to process such data.
Personal data may be processed by automated and non-automated means and stored at our premises and on our service provider's servers. We understand that, unfortunately, the Internet's transmission of information is not entirely secure. We do our best to maintain the privacy and integrity of your information. We have implemented industry-standard security measures, which include encryption to protect your personal information, including all information you input into your habit data or share in Services, and this information is not available to third parties. Our measures include pseudonymization and tokenization; Encryption; Protection of data integrity, Etc. However, transmissions over the Internet are never 100% secure, and you should not provide personal data to avoid risk. We will also not use the information received through your use of the HealthKit and Google Fit framework for advertising or similar services or selling it.
5. Rights about personal data.
We attach great importance to user privacy and would like to explain your data protection rights.
(i) The withdrawal right. It's important to remember that if we process your data based on your consent, you have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. Withdrawal is made by the mere notification of us via its Support service, i.e., by emailing support@caltrackai.com with the topic «Consent withdrawal» or in the Settings menu of the application.
(ii) The right to be informed. The right to know what Personal Data we hold and how and why we handle your Personal Data. You can ask us for a copy of your Personal Data. If you would like to exercise your right of access, please contact us as described below and let us know what information, in particular, you would like to receive.
(iii) The right to opt-out of direct or target interest advertising on mobile applications by checking the privacy settings on your device settings menu. Please note that even if you use your right to opt out, you will still receive advertising but not direct or target interest. On Apple, you can opt out by going to Settings > Privacy > Advertising and turning on "Limit Ad Tracking." On Android, you can opt out by going to Settings > Google Services> Ads and turning on choosing "Opt out of Ads Personalization."
(iv) The right to request an update or correction (rectify) to any of your Personal Data that is out of date, incomplete or incorrect (according to Article 16 of the GDPR). In certain circumstances, you have the right to ask us to delete the Personal Data we hold about you.
(v) The right to delete your Personal data. (Right to be forgotten). You have the right to request that we delete certain of your Personal data. There are situations where we are unable to delete your data, for example, when: it's still necessary to process the data for the purpose we collected it for; our interest in using the data overrides your interest in having it deleted (for instance, we need the data to protect service from fraud); we have a legal obligation to keep the data or require the data to establish, exercise or defend legal claims.
(vi) The right to object. You have the right to object to our processing of your personal data under certain conditions: we are processing your personal data on the legal basis of legitimate interest or processing your personal data for interest-based advertising. Object to us processing your personal data at any time on grounds relating to your particular situation Object to your personal data being processed for direct marketing purposes.
(vii) The right to restrict the processing of your personal data under the conditions set out in Article 18 of the GDPR or any other applicable laws in your country of residence. You can do this if: your personal data is inaccurate; our processing is unlawful; we do not need your information for a specific purpose; you object to processing, and we are assessing your objection request.
(viii) The right to portability of your personal data. In some circumstances, you may have the right to request that the data you provided to us be provided so that you can transfer this to another data controller. You have the right to Request a copy of your personal data in electronic format and transmit that personal data for use in another party's service. If you wish to receive personal data in a machine-readable format, you can send a respective request to support@caltrackai.com.
(ix) The right to complain to a data protection authority about our collection and use of your personal information. Don't hesitate to contact your local data protection authority for more information. Please see this directory for contact details: https://edpb.europa.eu/about-edpb/board/members_en. If you are in Switzerland, please visit this FDPIC site for contact details: https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/contact.html.
(x) The right to request access to the personal information we collect from you, change it or delete it in some circumstances. You have the right to ask for copies of your personal data. To request to review, update, or delete your personal information, please submit a request. We will respond to your request within 30 business days. The User is empowered to request one copy of the personal data undergoing processing free of charge. Any additional documents are provided on a reimbursement basis.In this case, please send an email to support@caltrackai.com.
If you are based in the EEA, you have the following rights in addition to the above: The right to complain to the supervisory authority. We would love for you to contact us directly so that we can address your concerns. Nevertheless, you can complain to a competent data protection supervisory authority, particularly in the EU Member State where you reside, work, or where the alleged infringement has occurred.
6. Age limitations
The Service is intended for adults and has a minimum “Age Limit” in each country or region. In general, you must be 16 years of age or older to use the Service, or your age requires parental consent to process your personal data. Following the Federal Children’s Online Privacy Protection Act of 1998 (“COPPA”), we will never knowingly solicit, nor will we accept, personally identifiable information from users of the Service known to be under 13 years of age. Please see our privacy policy for additional information, including how to notify us of any concerns.
If you believe we have information from or about anyone under thirteen (13) years of age, please notify us by email at support@caltrackai.com. Please include “COPPA Concern” in your message’s subject line and the body for the fastest processing. We will make the most significant efforts to delete the personal data.
7. CCPA rights
Here is the additional information about how we collect, use, disclose and otherwise process the personal data of individual residents of the State of California within the scope of the California Consumer Privacy Act of 2018 (“CCPA”). We adopted this paragraph to comply with CCPA, and any terms defined in the CCPA have the same meaning when used in this notice. California law requires us to disclose the categories of personal information we collect and how we use them, the categories of sources from which we collect personal information, and the third parties with whom we share personal information. We have provided detailed descriptions above in this policy. In particular, our Services have collected the following categories of personal information from its consumers within the last twelve (12) months:
Category | Examples | Collected | We sell | Sources of Collection | Categories of Third Parties with Whom We Share Personal Information |
---|---|---|---|---|---|
A. Identifiers | A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number. | YES | NO | User, their Devices | Advertisers, Analytics Providers, and Third Parties as Legally required |
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). | A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal data in this category may overlap with those from other categories. | NO | NO | N/A | N/A |
C. Protected classification characteristics under California or federal law. | Race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth, and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information), driver’s license number, passport number, or other similar identifiers. | NO | NO | N/A | N/A |
D. Commercial information. | Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. | YES | NO | User | Payment Service Providers |
E. Biometric information. | Genetic, physiological, behavioral, and biological characteristics or activity patterns used to extract a template or other identifier or identifying information, such as fingerprints, faceprints, voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data (Hair color, eye color, fingerprints, height, retina scans, facial recognition, voice, and other biometric data). | NO | NO | N/A | N/A |
F. Internet or other similar network activity. | Browsing history, search history, and information on a consumer’s interaction with a website, application, or advertisement. | YES | NO | User, their Devices | Advertisers, Analytics Providers, and Third Parties as Legally required |
G. Geolocation data. | Physical location or movements. | NO | NO | N/A | N/A |
H. Sensory data. | Audio, electronic, visual, thermal, olfactory, or similar information. | NO | NO | N/A | N/A |
I. Professional or employment-related information. | Current or past job history or performance evaluations. | NO | NO | N/A | N/A |
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). | Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. | NO | NO | N/A | N/A |
K. Inferences drawn from other personal information. | The profile reflects a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. | YES | NO | User, their Devices, Partners | Advertisers, Analytics Providers, and Third Parties as Legally required |
As a California resident, you have the rights listed below:
You may exercise your California privacy rights described above by emailing us to support@caltrackai.com. We will need to confirm your identity (e.g. first name, last name, account name, email address, state of residence, etc.) and California residency to process your requests to exercise your information, access or deletion rights. We aim to respond to a consumer request for access or deletion within 45 days of receiving that request. If we require more time, we will inform you of the reason and extension period in writing.
The California Consumer Privacy Act (“CCPA”) provides California residents with the additional rights listed here. To exercise these rights, see the “Exercising Your California Privacy Rights” subsection below.
Social sharing features
User has the right to know and see what information we have collected about you over the past 12 months, including:
Right to Delete
The User has the right to request that we delete the information we have collected from you (and direct our service providers to do the same). There are several exceptions, however, that include, but are not limited to, when the information is necessary for us or a third party to do any of the following:
Right to Opt-out
You have the right to “opt-out,” or direct us to stop “selling” or otherwise sharing your information with third parties in exchange for monetary or other valuable consideration. To submit an opt-out request, please follow the instruction under the ‘Opt-out of targeted advertising’ paragraph found above, to configure the Privacy Setting in any of our app or by checking your device privacy settings.
Other Rights
You can request certain information about our disclosure of your information to third parties for their own direct marketing purposes during the preceding calendar year (to the extent we have shared information for such purposes within the given period). This request is free and may be made once a year. You also have the right not to be discriminated against for exercising any of the rights listed above.
Exercising Your California Privacy Rights
To request access to or delete your personal information, opt-out, or exercise any other rights under California law, please email us at support@caltrackai.com.
8. Miscellaneous
Conditions of the present PRIVACY POLICY may be unilaterally changed by us if required under the applicable laws or in other relevant cases with obligatory notification of the Users. The new version of the PRIVACY POLICY enters into force and is subject to observance by the User after the User has expressly agreed to its applicability. If the User does not agree to the relevance of the new version of the PRIVACY POLICY, the User will discontinue the usage of the Service of Neman Solutions OÜ and will not be allowed to use its account without the provision of unambiguous consent to the applicability of the new version of the PRIVACY POLICY.
9. Contact information
DATA CONTROLLER:
Neman Solutions OÜ is legal entity incorporated in the Estonia and registered at Vesivarava Tn 50-201, Tallinn, 10152, Estonia
Email: support@caltrackai.com