- We collect the following data from the users:
- Contact Information: We also collect the user’s name, email address, phone number, gender, height, address, zip code, credit card number, purchase and order conformation and personal preferences when they use our services.
- Billing Information: Upon subscribing to our services, users may be required to provide certain additional information when they purchase our services. These include the user’s credit card number, account number, pay pal account details or other banking or payment information along with user’s contact details etc.
- Usage Information: Upon using our services, we collect the user’s browser types, language, access times and location, Internet Protocol Address (“IP address”).
Device Information: We also collect certain technical information from users when they use our services such as user’s Internet Protocol Address (“IP address”), the device or computer used to access our services including hardware model, operating system and version, MAC address, unique device identifier, International Mobile Equipment Identity, mobile network information.
- The manner in which we collect user’s information and data
We collect the aforementioned information from users in the following manner:
- We collect only the aforementioned information when a user voluntarily uses our services, either through our website or through our mobile application. Upon using our services, the user consents and permits us to collect the aforementioned information.
- Use of the information and data collected
We use information collected from the users when they use our website and/or mobile Application, register or sign up for the Application, sign up for our newsletter, respond to a survey or to our marketing communication, browse our Application, or use Our Website or its features in the following ways: We use the information collected in the following manner:
- We use the information voluntarily provided by the users when they use our services via our website and/or mobile application. We collect and use users’ personal information to maintain and improve our services and deliver the services requested by the users. We also collect personal information to inform users about our products or services. The personal information we collect allows us to customise our services according to the individual interests of the users and to enhance their experience while using our services. We also use a user’s personal information to track those users who use our services repeatedly and in order to estimate and stratify the audience and usage patterns of these users. Immediately after the image has been processed and the measurements are made available to the users and users are permitted to access the information stored “on our cloud servers”. Further, the image can be accessed by us or our employees to enhance the services we provide to the users and for research and development purposes.
- We may use user’s non-personal data to personalise a user’s experience, improve our services and enhance the user’s experience when they use our services. We may also use non-personal data such as language, time zone, location, zip code to that we can gauge customer behaviour and improve our services. Further, we may use automatically generated information and store it in log files such as IP address, browser type, language, operating system in order to understand and learn user behaviour and trends, improve our website and mobile application. We may use this information in our marketing and advertising services. If the law or any regulation treats all or part of this pointed information as personal, we would also treat it the same way.
- We may use information a user submits in a public forum such as a blog, chat room, or social network to personalize their experience. Users are solely and exclusively responsible for the information they choose to submit in public forums.
- We may use the manner in which a user uses our application include their search queries in order to improve the services provided by us. If we do combine Non-Personal Data with Personal Data, the combined information will be treated as Personal Data for as long as it remains combined.
- In some of our email messages, we use a “click-through URL” linked to content on Our Website or Application. When customers click one of these URLs, they pass through a separate web server before arriving at the destination page on Our Website or Application. We track this click-through data to help us determine interest in particular topics and measure the effectiveness of our customer communications. If a user prefers not to be tracked in this way, a user should not click text or graphic links in the email messages.
- User’s Access and Control over their Personal Data
- We store user’s Personal Data for 10 (ten) years and delete it thereafter. If a user continues to use our services after a period of 10 years, then new and fresh personal data will be collected by us and which we will store for another 10 (ten) years. Further, we have no obligations to notify a user when deleting their Personal Data and can do it at our sole discretion. By using our services, users consent to their personal information being retained with us for a period of 10 (ten) years. If the user does not wish for us to retain their personal data for a period of 10 (ten) years, they should refrain from using our services.
- Further, if permitted, a user may update, correct or change relevant Personal Data in their personal account. Further, if a user merely deletes their account, it does not mean that the personal data and images stored with us will also be deleted automatically. This personal data will be retained by us for a period of 10 (ten) years.
- If a user wishes for their personal data to be deleted before the expiry of a period of 10 (ten) years, then they may contact us and request for us to delete their personal data. We will attempt to revert with the request within a period of 60 days from receiving the request.
- Storage of the data and information that we collect
We store and secure the data and information as we collect from our users in the following manner:
- We currently process all information and data on Amazon Web Services- Cloud Computing Services (“AWS Cloud”). However, we are at the liberty to change our cloud computing service providers and upon using our services, users consent to their personal data being stored on whichever cloud we may be using at that point of time. AWS Cloud is a highly protected cloud computing service with multi-layer security built into it. When a user provides us with their personal data this data is encrypted and it is thereafter transferred to AWS Cloud. Once the data is received on the AWS Cloud, it is then decrypted. Presently, the servers of the AWS Cloud are located in Virginia, United States of America and the information is stored there. However, in the event that we change our cloud computing services, the information may be stored in servers located elsewhere. In the event that AWS Cloud changes the location of their servers, the user data stored will be shifted to that server, AWS Cloud or us, may, though not necessarily, inform the users about the shift in servers. In order to use our services, a user consents to such changes. In the event that a user does not agree to thus, they are to refrain from using our services.
- Our employees are trained in adequately addressing and handling any breach that occurs. In the event of a breach, the AWS Cloud services are disabled and all the services we provide to all are halted. In order to re-start the services, the admin will have to change the multi-layer access keys.
- We secure a user’s personal information from unauthorized access, use or disclosure. Personal information of users uploaded through their account is protected by a password. We protect personal information we collect against accidental, unlawful or unauthorized destruction, loss, alternation, access, disclosure or use through the use of firewall and encryption such as Secure Sockets Layer encryption (“SSL encryption”), amongst others. Further, when a user provides us with their credit card information for billing purposes, this information is encrypted.
- After we capture the image of a user and display the measurement results, the user permits us to retain the video and/or image in our secure database for a period of 10 (ten) years.
- The users have complete access to their data that is stored in the AWS Cloud.
- We wish to mention that despite the fact that we meet and exceed the standards applicable with regard to privacy and protection of user’s information, no transmission or method of electronic storage is 100% secure. We do not guarantee that the information stored during the use of our website and/or mobile application is protected from and invulnerable to hacking. We will not be subjected to a security breach or to security threats, attack from viruses or other vulnerabilities. Upon using our services, users agree that we do not guarantee that the information stored is protected from hacking and will not be subjected to security breach as no transmission of electronic storage is 100% secure and upon using. In the event that a user does not consent to this, they are to refrain from using our services.
- Data Protection Rights of Users
- The right to Access, Update and Correct Users’ Personal Data:
- Users are permitted to access their personal information that is stored on the AWS cloud, which is their profile information that is stored in their account.
- The right to rectification:
- The right to erasure of Users’ Personal Data:
- Further, we shall communicate any erasure of personal data or restriction of processing to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort and we shall also inform the user about those recipients if the user so requests it.
- The right to object:
- The user shall have the right to object, on grounds relating to their particular situation, at any time to processing of personal data concerning them. We shall no longer process the personal data unless we demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the user or for the establishment, exercise or defence of legal claims.
- Where personal data are processed for direct marketing purposes, the user shall have the right to object at any time to processing of personal data concerning them for such marketing, which includes profiling to the extent that it is related to such direct marketing.
- Where the user objects to processing for direct marketing purposes, the personal data shall no longer be processed for such purposes.
- The right to data portability:
- Users have the right to receive the personal data concerning them, which they provide to us, in a structured, commonly used and machine-readable format and have the right to transmit this data to another controller without hindrance from us. Users have the right to have the personal data transmitted directly from us to another controller, where technically feasible. This shall not adversely affect the rights and freedoms of others.
- Links to third-party websites/collaborations
- Further, a user who wishes to access a third-party website directly from our website does so at their own cost, risk and peril and we do not take any liability or risk associated with such actions.
- Sign in through social media
- If a user wishes to use our services through social media portals such as “Facebook”, “Twitter” or “Gmail”, then the user’s login is routed through a third party ‘plug in’ called “Social Login”.
- The user does not share any information with the plug in as the plug-in functions solely as a routing system. We are not privy to the information a user shares with social media portals when they use these portals to log into our website.
- Jurisdiction Specific Rules
- We do not intend for our services, either on our website or on through the mobile application, to be used by people under the age of 18 years old, or equivalent minimum age in the relevant jurisdiction (“minor children”) unless they use our services under the supervision of their parent and/or guardian who provide us with verifiable consent.
- Opt out system
- Users always have the option to opt-out from receiving announcements of certain information, promotional and commercial emails from us by deleting the application.
- We provide the users with an opportunity to opt-out from receiving any or all communications from us by contacting and intimating us at our email address specifically for the purpose of opting-out, i.e. email@example.com.
- Further, it may be noted that a request to not receive unsolicited commercial emails will not apply to messages that the user requests or that are not commercial in nature. We may still contact users regarding purchases made even if they opt out of receiving unsolicited commercial messages.
- How to contact us:
- Email address: firstname.lastname@example.org
- Phone Number: 661-634-1130
- Physical Address: 121 Monterey Street Bakersfield, CA 93305