Effective as of June 21, 2022
1.2 The information on Users is divided into personally identifiable and non-personally identifiable information depending on whether information can identify the User as a specific person. Personally identifiable information shall be referred to as “personal data”.
1.3 The operator of the Qalorie App is Qalorie, Inc., at 400 CALAF ST., PMB #1004, 00918 San Juan, Puerto Rico and we are responsible for compliance with the principles relating to processing of personal data. If you have any question or concern regarding your privacy, you can contact us at firstname.lastname@example.org.
2. Personal data that we process
2.1 During your interaction with the App or with us directly we may process the following personal data:
- Personal Information
- Billing and Payment
- Third-Party Identification
- General biometrics
- Other information which you choose to provide
2.2 We may collect personal data when you interact with the App, when you register and customise an account, or when you contact us.
(A) Personal Information
2.3 When entering into contract for using our Services you have to provide your name, email and phone number. Qalorie will only use this information to create an account for you and to address you whenever we contact you.
2.4 Qalorie will collect your name when you contact us through email or through other communication media provided that such information is contained within a communication. We will use this information only for addressing you in our responses.
- When you contact us. We will collect your email address whenever you contact us through our email email@example.com. Whenever we collect your email address this way, we will only use it in order to respond to your enquiry.
- When you subscribe to the newsletter. We will collect your email address when you subscribe to receive more information about Qalorie.
(B) Billing and Payment
- Hiring a coach with us. We require users to provide a valid credit card when hiring any contractor for consulting purposes.
- Cashout - Transfer Funds. We require contractors to provide a valid bank account or supported debit card to transfer their funds.
(C) Third-Party Identification
2.6 We will collect your Third-Party services ID when you choose to register an account through the available Third-Party services account options such as Google, Facebook, or Apple. When you choose to register with your Third-Party services account, we will collect your Third-Party services account ID to create an account for you and to connect your account password and email with the right ID. We do not collect your third-party service password. For example, when you choose to register through your Facebook account, you will be referred to the Facebook consent dialogue box, after which, if the consent is provided, we will collect your name, e-mail address, profile photo, and information which is publicly available on your profile in order to create and facilitate your account and user profile.
2.7 Through Stripe Third-Party Identification we will require that you provide your contact details, such as name, postal address, telephone number, and email address to fulfill our financial partner and regulatory requirements. We may also collect financial and personal information about you, such as your ownership interest in the Business User, your date of birth and government identifiers associated with you and your Business User (such as your social security number, tax number, or Employer Identification Number). You may also choose to provide bank account information.
(D) General biometrics
2.8 In order to provide our Services we need to process Information about your gender, age, height, weight, pregnancy status, breastfeeding status, weight goals, amount of exercise, how fast you want to lose the weight, and other lifestyle information. All this information is necessary to calculate the right calorie and exercise plan for you and is not used for any other purpose.
(E) Other Information
2.9 You may at some point be requested to provide other information which is required for the proper functioning of the Services. In all such cases we will use this information only for the purpose for which you disclosed it. If we are not sure as to why you are providing such information, we will contact you wherever possible. Otherwise, we will delete such information.
2.9 Some Services will not be available to you if you do not provide the requested Information. We may keep records of any questions, complaints or compliments made by you and the response, if any. Whenever you contact us, we shall collect any information which you choose to provide. We shall store and use this information only for the purpose of responding to your enquiries. Information contained within the enquiry, free from any personally identifiable information, will be stored on our servers for the purpose of improving our Services and providing the best customer support possible.
2.12 We may disclose your personal information to our partners, agents and operators under confidentiality or similar agreements, including data processors who we believe reasonably need to come into contact with that information: (i) to provide Services per your request; (ii) to administer our business or the website; (iii) to provide customer support; (iv) to update account information; (v) to forward updates, announcements, and newsletters; (vi) to respond to your communications, and communicate with you about the website and other activities related to the Services; (vii) in the event of any reorganization, merger, sale, joint venture, assignment, transfer or disposition of all or any portion of Qalorie’s business or operations (including without limitation in connection with bankruptcy or any similar proceedings); or (viii) as otherwise authorized by you.
2.13 We have implemented security procedures and measures in order to ensure appropriate protection of the information we process, against any misuse, unauthorised access, disclosure or modification.
2.14 We acknowledge that the safety of your information is one of the highest priorities and therefore only authorised processors have access to your information. Although we take all appropriate measures in respect to keeping your information secure, you understand that no data security measures in the world can offer 100% protection. If we ever find or suspect a personal data breach we will, without delay after becoming aware of it, notify you if there is a high risk to your rights associated with the data breach.
2.15 The processing of the information is being performed automatically, without human intervention. However, whenever you contact us through email, the information within the email will be handled and processed by a real person in order to provide you with the answer to the email.
3. Storage and transfer of Information
3.1 Information will be stored on secure servers hosted by MongoDB, Inc. 5th Floor, 229 West 43rd Street, 11236 New York – USA (MongoDB). Hosted servers are controlled and maintained in accordance with sufficient privacy safeguards. We may store or transfer information on Users to processors located outside of US, provided that such countries implement appropriate and suitable safeguards regarding the security of personal information.
3.2 Some services require the use of Third-Party solutions, or the App or e-mails may contain links to other external websites that do not fall under our domain. When you are redirected from our App to the third-party website you are no longer interacting with our App and we are not responsible for the privacy practices or the content of such external websites. Any information that you provide through third-party websites will be handled and processed in accordance with their privacy policies and other applicable terms.
4. Third Party Services, and Cookies
4.1 We use third-party service providers for some aspects of our services, such as managing emails, communication environment, providing customer support and similar. These service providers sometimes need your personal information in order to properly deliver functionality, but they may only collect and use it under our control.
5. Information retention period
5.1 Information is stored on the servers only for the duration necessary for providing the Services and maintaining the integrity of our databases. If you register to use our Services, we will store your information for as long as you have an active account. As soon as you terminate your account we will remove all information we have collected about you unless we have appropriate legal grounds for continuing their processing.
7. Contact Information
NEW RECOMMENDED CLAUSES
6.1 We do not knowingly collect any personal information about children under the age of 13. Our Platform is not directed to children under the age of 13. If we become aware that a child under 13 has provided any personal info, it will be erased from our database as soon as reasonably possible, except when we need to keep that information for legal purposes or to notify a parent or guardian. However, portions of this data may remain in back-up archives or web logs even after we erase it from our databases. If a parent or guardian believes that a child has sent us personal information, send us an e-mail.
7. Users’ Rights, CCPA
7.1 We will not share your personal information with third parties for their direct marketing purposes to the extent it is forbidden by law. If our practices change, we will do so in accordance with applicable laws and will notify you in advance. California law requires that operators of online services disclose how they respond to a Do Not Track signal. Some browsers have incorporated “Do Not Track” features. Most of these features, when turned on, send a signal or preference to the online service that a user visits, indicating that the user does not wish to be tracked. At this time we do not respond to Do Not Track signal.
7.2 You can request disclosure of your information collected by us by writing to the email at the end of this Policy. We will then provide the requested information, its sources and purposes of use, in a portable and easily accessible format within 45 days of the request.
7.3 You have the right to request deletion of your personal information from our systems by submitting a request to the email at the end of this Policy.
7.4 You have the right to nondiscrimination for exercising your rights. That means you cannot be denied goods or services, charged different prices, or provided different quality of goods/services for asserting your legal rights.
- International Transfer
8.1 We process your personal information in the Unites States. This is where it will be transferred to in case you are located somewhere else. By submitting any personal information to us, you agree to its transfer to and processing in the Unites States.
- EU Users’ Rights
- Your GDPR rights to be informed, to access, rectify, erase or restrict the processing of your personal information. You have the right to obtain free information about what personal data we have obtained about you, where it is stored, for how long, for what purposes it is used, to whom it was disclosed. You have the right to have us, without undue delay, rectify of inaccurate personal data concerning you. That means you can request we change your personal data in our records, or have your incomplete personal data completed. You have the “right to be forgotten,” i.e. to have us delete your personal information, without undue delay, if the data is no longer necessary in relation to the purposes for which it was collected. However, GDPR gives us the right to refuse erasure if we can demonstrate compelling legitimate grounds for keeping your information.
- GDPR gives you the right to restrict processing if any of the following applies:
- If you contest the accuracy of your personal data, we will restrict processing it for a period enabling us to verify its accuracy.
- The processing is unlawful and you oppose its erasure and request instead the restriction of its use.
iii. We no longer need your personal data for the purposes of the processing, but you require us to restrict processing for the establishment, exercise or defense of legal claims.
- You have objected to processing pursuant to Article 21(1) of the GDPR pending the verification whether our legitimate grounds override yours.
- Right to data portability. Upon request, we will provide you your personal data in our possession, in a structured, commonly used and machine-readable format. You have the right to transmit that data to another controller if doing so does not adversely affect the rights and freedoms of others.
- Right to object. You can object, on grounds relating your particular situation, at any time, to processing of your personal information, if based on point (e) or (f) of Article 6(1) of the GDPR. We will then have to stop processing, unless we can demonstrate compelling legitimate grounds for the processing. If you object to the processing for direct marketing purposes, we will have to stop processing for these purposes.
- Right to withdraw consent. GDPR grants you the right to withdraw your earlier given consent, if any, to processing of your personal data at any time.
- Rights related to automated decision making. As a responsible business, we do not rely on any automated decision making, such as profiling.