IMPORTANT PRIVACY INFORMATION

In order to use the service, we will ask you to enter your name and email. We will also automatically collect from your device language settings, IP address, time zone, type and model of a device, device settings, operating system, Internet service provider, mobile carrier, hardware ID, and other unique identifiers (such as IDFA and AAID). We need this data to provide our services, analyze how our customers use the service and to measure ads.

For improving the service and serving ads, we use third party solutions. As a result, we may process data using solutions developed by Amazon, Amplitude, Google, Meta, Firebase, Hotjar, Intercom, TikTok, Pinterest, Tableau etc.. Therefore, some of the data is stored and processed on the servers of such third parties. This enables us to (1) analyze different interactions (how often users make purchases, what products our users viewed); (2) serve and measure ads (and show them only to a particular group of users, for example, only to those, who have made a purchase).

If you decide to make a purchase or to order a service on our website, we will ask you to provide your email. We will use this data to fulfil your order.

Please read our Privacy Policy below to know more about what we do with data (Section 3), what data privacy rights are available to you (Section 6) and who will be the data controller (Section 1). If any questions remain unanswered, please contact us at support@passionapp.co.

PRIVACY POLICY

This Privacy Policy explains what personal data is collected when you use My Passion mobile application (the “App”), the website located at: https://my-passion.com/ “(the Website”), the services and products provided through them (together with the App and Website, the “Service”), how such personal data will be processed.

BY USING THE SERVICE, YOU PROMISE US THAT (I) YOU HAVE READ, UNDERSTAND AND AGREE TO THIS PRIVACY POLICY, AND (II) YOU ARE OVER 16 YEARS OF AGE (OR HAVE HAD YOUR PARENT OR GUARDIAN READ AND AGREE TO THIS PRIVACY POLICY FOR YOU). If you do not agree, or are unable to make this promise, you must not use the Service. In such case, you must (a) contact us and request deletion of your data; (b) delete the App from your device or leave the Website and not access or use it; and (c) cancel any active subscriptions or trials.

Any translation from English version is provided for your convenience only. In the event of any difference in meaning or interpretation between the English language version of this Privacy Policy available at link, and any translation, the English language version will prevail. The original English text shall be the sole legally binding version.

GDPR” means the General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.

EEA” includes all current member states to the European Union and the European Free Trade Association. For the purpose of this policy EEA shall include the United Kingdom of Great Britain and Northern Ireland.

Process”, in respect of personal data, includes to collect, store, and disclose to others.

CCPA” means the California Consumer Privacy Act of 2018.

TABLE OF CONTENTS

  1. PERSONAL DATA CONTROLLER

  2. CATEGORIES OF PERSONAL DATA WE COLLECT

  3. FOR WHAT PURPOSES WE PROCESS PERSONAL DATA

  4. UNDER WHAT LEGAL BASES WE PROCESS YOUR PERSONAL DATA (Applies only to EEA-based users)

  5. WITH WHOM WE SHARE YOUR PERSONAL DATA

  6. HOW YOU CAN EXERCISE YOUR PRIVACY RIGHTS

  7. AGE LIMITATIONINTERNATIONAL DATA TRANSFERS

  8. CHANGES TO THIS PRIVACY POLICY

  9. NOTICE FOR CALIFORNIA RESIDENTSVIRGINIA CONSUMER DATA PROTECTION ACT (VCDPA) NOTICE

  10. DATA RETENTION

  11. HOW “DO NOT TRACK” REQUESTS ARE HANDLED

  12. CONTACT US

  1. PERSONAL DATA CONTROLLER

HW FANTASY LIMITED, a company registered under the laws of the Republic of Cyprus, having its mailing address at 46 Lykavitou, Egkomi, Nicosia, 2401, Cyprus will be the controller of your personal data.

  1. CATEGORIES OF PERSONAL DATA WE COLLECT

We collect data you give us voluntarily (for example, email address). We also may receive data about you from third parties (for example, when you sign in via Google). We also collect data automatically (for example, your IP address).

Data you give us

If you decide to make a purchase on the Website, we will ask you to provide email address which will be used to create an Account and send you details on your payment. You can also provide us with your email when you contact our support team.

  1. Data provided by third parties

When you decide to log in using Google, we receive personal data from your Google Account: name, email address, profile picture associated with your Google Account. You can revoke access provided to us on Apps Permissions page. To know more about how Google processes your data, visit its Privacy Policy.

  1. Data we collect automatically:

    1. Data about how you found us

We collect data about your referring app or URL (that is, the app or place on the Web where you were when you tapped/clicked on our ad).

  1. Device and Location data

We collect data from your device. Examples of such data include: language settings, IP address, time zone, type and model of a device, device settings, operating system, Internet service provider, mobile carrier, hardware ID. We also record the ads in our Service with which you interact (and the Internet links to which those ads lead).

  1. Usage data

We record how you interact with our Service. For example, we log what pages you have viewed, the features and content you interact with, how often you use the Service, how long you are on the Service, your purchases.

  1. Advertising IDs

We collect your Apple Identifier for Advertising (“IDFA”), Identifier for Vendor (“IDFV”) or Google Advertising ID (“AAID”) (depending on the operating system of your device) when you access our App or Website from a mobile device. You can typically reset these numbers through the settings of your device’s operating system (but we do not control this).

  1. Transaction data

When you make payments through the Service, you need to provide financial account data, such as your credit card number, to our third-party service providers. We do not collect or store full credit card number data, though we may receive credit card-related data, data about the transaction, including: date, time and amount of the transaction, the type of payment method used.

  1. Cookies

A cookie is a small text file that is stored on a user's computer for record-keeping purposes. Cookies can be either session cookies or persistent cookies. A session cookie expires when you close your browser and is used to make it easier for you to navigate our Service. A persistent cookie remains on your hard drive for an extended period of time. We also use tracking pixels that set cookies to assist with delivering online advertising.

Cookies are used, in particular, to automatically recognize you the next time you visit our website. As a result, the information, which you have earlier entered in certain fields on the website may automatically appear the next time when you use our Service. Cookie data will be stored on your device and most of the times only for a limited time period.

  1. FOR WHAT PURPOSES WE PROCESS YOUR PERSONAL DATA

We process your personal data:

  1. To provide our Service

This includes enabling you to use the Service in a seamless manner and preventing or addressing Service errors or technical issues. As a result of such processing, we will use your email, for example, for creating an account for you.

To host personal data and enable our Service to operate and be distributed we use Amazon Web Services, which is a hosting and backend service provided by Amazon, and Google Cloud (Privacy Policy).

Sentry is a code analysis tool, which allows us to log front-end mistakes, monitor performance of client parts of a code, and analyse code vulnerabilities. While performing its functions, Sentry may access a limited number of your data, such as IP address, browser information, OS version, device type. More info about Sentry data processing is in Privacy Policy.

We use Firebase Performance Monitoring, Firebase Crash Reporting and Crashlytics, which are monitoring services provided by Google. To learn more, please visit Google’s Privacy Policy, Privacy and Security in Firebase and Crashlytics’ Data Collection Policy.

In addition, Firebase Realtime Database helps us store and sync real-time data across users and devices to provide a seamless experience, and Firebase Cloud Storage is used for securely storing and managing user-generated content, such as images or files.

CookieYes helps us to customize cookie banner, record you consent and manage other cookie compliance needs. You may find more info about your data processing by CookieYes in the Data Processing Agreement.

  1. To provide you with customer support

We process your personal data to respond to your requests for technical support, Service information or to any other communication you initiate. For this purpose, we may send you, for example, notifications or emails about, the performance of our Service, security, payment transactions, notices regarding our Terms and Conditions of Use or this Privacy Policy.

  1. To communicate with you regarding your use of our Service

We communicate with you, for example, by push notifications or by emails. These may include reminders or other information about the Service. As a result, you will, for example, receive a push notification that a new feature has been deployed in the Service. To opt out of receiving push notifications, you need to change the settings on your device. To opt-out of receiving emails, you should click unsubscribe link in the footer of each email.

The services that we use for these purposes may collect data concerning the date and time when the message was viewed by our Service’s users, as well as when they interacted with it, such as by tapping/clicking on links included in the message.

Intercom provides us with message and customer service tools, which enable us to communicate with you within the Service. When you chat with us via in-App chat, your information is automatically transferred to Intercom. The transfer is required to enable us to identify (if you shared any name related data with us) and to communicate with you in the in-App chat. Thus, Intercom uses these data to provide and fulfill its services (as set forth in their terms of service). Read more about Intercom’s approach to privacy in its Privacy Policy.

To communicate with you we use Firebase Cloud Messaging, which is message sending service provided by Google. Firebase Cloud Messaging allows us to send messages and notifications to users of our App across platforms such as Android and iOS. We integrate Firebase Cloud Messaging with Firebase Analytics to create analytics-based audiences and track opening and conversion events. As a result, we can, for example, send encouraging messages to users who have recently installed App. Please check Google's Privacy Policy.

Our application integrates Customer.io to manage and automate personalized communications, such as emails, push notifications, and in-app messages. Customer.io collects user interaction data, including email engagement, app activity, and behavioral events, to deliver relevant and timely messages that enhance the user experience. This service helps us improve communication, retain users, and provide important updates about our application. All data collected is processed securely in accordance with Customer.io’s privacy policy, and users can manage their communication preferences through the app settings or unsubscribe options provided in messages.

  1. To research and analyze your use of the Service

This helps us to better understand our business, analyze our operations, maintain, improve, innovate, plan, design, and develop the Service and our new products. We also use such data for statistical analysis purposes, to test and improve our offers. This enables us to better understand what categories of users use our Services. As a consequence, we often decide how to improve the Service based on the results obtained from this processing. For example, if we discover that users choose certain types of stories less frequently, we may focus on improving the category or decide to remove it.

We use Facebook Analytics, which is a service provided by Facebook that allows us to use different analytical tools. On Facebook Analytics we get, in particular, aggregated demographics and insights on how many people visit our Service, how often users make purchases, and other interactions. Lean more about Facebook’s approach to data from its Privacy Policy.

To analyse how visitors use our Services and to measure effectiveness of some ads we use Google Analytics, a web analysis program of Google. In order to provide us with analytics, Google Analytics places cookies on your device. On Google Analytics we get, in particular, aggregated information on the data you enter on our Services and users’ interactions within the Services. Google allows you to influence the collection and processing of information generated by the Google, in particular, by installing a browser plug-in, available here.

We also use Google BigQuery, a cloud-based data warehouse that allows us to analyze large datasets efficiently. We use BigQuery to process and analyze user interactions with our Service, helping us gain insights into user behavior, optimize performance, and improve our offerings. While BigQuery itself does not collect personal data, it processes aggregated and anonymized information from various sources to support data-driven decision-making. Users can manage their data preferences through Google’s Privacy Settings.

We also use Amplitude, which is an analytics service provided by Amplitude Inc. We use this tool to understand how customers use our Services. Amplitude collects various technical information, in particular, time zone, type of device (phone or tablet), unique identifiers (such as IDFA). Amplitude also allows us to track various interactions (entering your reading goals) that occur on App or the Website. As a result, Amplitude helps us to decide what features should we focus on. Amplitude provides more information on how they process data in its Privacy Policy.

To track and analyze behavior of our Services’ users (in particular, how they react to changes of App’s or Website’s structure, text or any other component), we use Firebase Remote Config. Firebase Remote Config is an A/B testing and configuration service provided by Google – Privacy Policy and Privacy and Security in Firebase.

To perform our Website analysis, we also use Tableau, a company providing interactive data visualization products focused on business intelligence – Tableau Privacy Policy.

Hotjar is an analytics and feedback tool that helps us understand how users interact with our Website. It allows us to collect anonymized data on user behavior, such as clicks, scrolling, and time spent on pages, through heatmaps, session recordings, and surveys. This information helps us optimize our Website’s design, improve user experience, and identify potential usability issues. Users can manage their data preferences or opt out of tracking through Hotjar’s Opt-Out Page.

Firebase Analytics – collects anonymized data on App usage and user interactions to help us understand user behavior and optimize features.

Our App integrates Applovin to enhance marketing efforts and deliver personalized advertisements. Applovin collects marketing identifiers (such as device advertising IDs) and purchase event data to optimize ad targeting and measure the effectiveness of ad campaigns. This helps provide relevant advertisements to users while improving overall app monetization. The data collected is processed according to Applovin’s privacy policy, and users can manage or opt out of targeted advertising through their device settings.

We use Mintegral to improve ad personalization and campaign performance. Mintegral collects marketing identifiers and in-app purchase event data to optimize ad delivery and enhance user engagement. By analyzing this data, we aim to provide a more relevant and seamless advertising experience. The collected data is handled in compliance with Mintegral’s privacy policy, and users have the option to manage or disable targeted advertising through their device settings.

Our App utilizes Apple Search Ads to improve app visibility and optimize marketing campaigns within the Apple App Store. Apple Search Ads collects marketing identifiers, search-related data, and user interactions with advertisements to measure ad performance and deliver relevant ads to users. This data helps us refine our marketing strategies and enhance user acquisition. All information collected through Apple Search Ads is processed in accordance with Apple’s privacy policies, and users can manage their ad preferences through their Apple device settings.

  1. To send you marketing communications

We process your personal data for our marketing campaigns. As a result, you will receive information about our products, such as, for example, special offers or new features and products available on the Service. We may show you advertisements on our Service, and send you emails for marketing purposes. If you do not want to receive marketing emails from us, you can unsubscribe following instructions in the footer of the marketing emails.

  1. To personalize our ads

We and our partners use your personal data to tailor ads and possibly even show them to you at the relevant time. For example, if you visited our Website or installed the App, you might see ads of our products in your Facebook’s feed.

How to opt out or influence personalized advertising

iOS: On your iPhone or iPad, go to Settings > Privacy > Apple Advertising and deselect Personalized Ads.

Android: To opt-out of ads on an Android device, go to Settings > Privacy > Ads and enable Opt out of Ads personalization. In addition, you can reset your advertising identifier in the same section (this also may help you to see less of personalized ads). To learn even more about how to affect advertising choices on various devices, please look at the information available here.

macOS: On your MacBook, you can disable personalized ads: go to System Preferences > Security & Privacy > Privacy, select Apple Advertising, and deselect Personalized Ads.

Windows: On your laptop running Windows 10, you shall select Start > Settings > Privacy and then turn off the setting for Let apps use advertising ID to make ads more interesting to you based on your app activity. If you have other Windows version, please follow the steps here

To learn even more about how to affect advertising choices on various devices, please look at the information available here.

In addition, you may get useful information and opt out of some interest-based advertising, by visiting the following links:

Browsers: It is also may be possible to stop your browser from accepting cookies altogether by changing your browser’s cookie settings. You can usually find these settings in the “options” or “preferences” menu of your browser. The following links may be helpful, or you can use the “Help” option in your browser.

Google allows its users to opt out of Google’s personalized ads and to prevent their data from being used by Google Analytics.

We value your right to influence the ads that you see, thus we are letting you know what service providers we use for this purpose and how some of them allow you to control your ad preferences.

We use Facebook Pixel on the Service. Facebook pixel is a code placed on the Service collecting data that helps us track conversions from Facebook ads, build targeted audience and remarket to people who have taken some action on the Service (for example, made a purchase).

We also use Facebook Audience Network SDK, Facebook Advanced Matching, Facebook Ads Manager, and Facebook Custom Audience. These tools allow us to deliver personalized and relevant advertisements, measure and optimize ad performance, and understand user preferences. Facebook Audience Network SDK helps us show ads tailored to your interests based on your online activities while also providing advertisers with aggregated insights. Facebook Advanced Matching enables us to securely match certain data, such as email addresses, with Facebook to track conversions and optimize ads for users who have previously engaged with our Service. Additionally, through Facebook Ads Manager and Facebook Custom Audience, we can create targeted lists of users based on specific criteria, such as device identifiers or interactions within our service, to ensure that our advertisements reach relevant audiences on Facebook, Instagram, and other Facebook products. As a result, you may see more of our ads while using these platforms. You have control over how your data is used, and you can manage your ad preferences via Facebook’s settings. To learn more about opting out of personalized ads, visit Facebook’s Ad Preferences.

Google Ads is an ad delivery service provided by Google that can deliver ads to users. In particular, Google allows us to tailor the ads in a way that they will appear, for example, only to users that have conducted certain actions with our Service (for example, show our ads to users who have made a purchase). Some other examples of events that may be used for tailoring ads include, in particular, visiting our Website. Additionally, we use Google Tag Manager to efficiently manage and deploy tracking codes and analytics tools, helping us optimize ad performance and user experience. Google allows its users to opt out of Google’s personalized ads and to prevent their data from being used by Google Analytics.

TikTok Ads is the service provided by TikTok that can deliver ads to its users. The ads can be tailored to specific categories of users (for instance, based on their geographical location). TikTok’s Privacy Policy.

We use Pinterest Ads to deliver group-based advertisements. For example, you may see our ads if you are interested in specific services, information, or offers. Pinterest Privacy Policy.

Taboola is a content discovery platform that helps deliver personalized recommendations and advertisements to users based on their browsing behavior and interests. It allows us to show relevant content and ads to users who have interacted with our Service, such as visiting specific pages or engaging with certain types of content. By analyzing user interactions, Taboola optimizes ad placements to improve engagement and enhance the user experience. Users can manage their ad preferences or opt out of personalized recommendations through Taboola’s Privacy Policy and Opt-Out Settings.

  1. To allow you to share our content on your social media

Our application integrates the Facebook Sharing SDK to enable users to share content directly from our platform to their Facebook accounts. When you choose to share content using the Facebook Sharing SDK, the tool may collect certain data, such as your Facebook user ID, shared content details, and interaction metrics, in accordance with Facebook’s Data Policy. We do not store or process your Facebook login credentials. Your use of this feature is subject to Facebook’s privacy terms and settings, and we encourage you to review Facebook’s Privacy Policy for more information on how your data is handled.

  1. To process your payments and refunds

We provide paid products and/or services within the Service. For this purpose, we use third-party services for payment processing (for example, payment processors). As a result of this processing, you will be able to make a payment and we will be notified that the payment has been made.

We will not store or collect your payment card details ourselves. This information will be provided directly to our third-party payment processors.

To enable the purchase and to process your payments we use Solidgate, which is a payment gateway service provider. Also, we may use PayPal (Privacy Statement) to process your payments.

Our App integrates RevenueCat to manage in-app purchases and subscriptions efficiently. RevenueCat collects purchase event data, subscription statuses, and transaction history to provide a seamless payment experience and ensure proper access to premium features. This service helps us track revenue, analyze user spending behavior, and manage subscription renewals. RevenueCat does not store sensitive payment details, as all transactions are processed securely through the respective app store (Apple App Store or Google Play Store). The data collected is handled in compliance with RevenueCat’s privacy policy.

  1. To enforce our Terms and Conditions of Use and to prevent and combat fraud

We use personal data to enforce our agreements and contractual commitments, to detect, prevent, and combat fraud. As a result of such processing, we may share your information with others, including law enforcement agencies (in particular, if a dispute arises in connection with our Terms and Conditions of Use).

  1. To comply with legal obligations

We may process, use, or share your data when the law requires it, in particular, if a law enforcement agency requests your data by available legal means.

  1. UNDER WHAT LEGAL BASES WE PROCESS YOUR PERSONAL DATA

In this section, we are letting you know what legal basis we use for each particular purpose of processing. For more information on a particular purpose, please refer to Section 3. This section applies only to EEA-based users.

We process your personal data under the following legal bases:

  1. your consent;

Under this legal basis we will send you marketing communications. You have the right to withdraw your consent any time by using the unsubscribe link in the footer of our emails.

  1. to perform our contract with you;

Under this legal basis we:

We rely on legitimate interests:

Our legitimate interest for this purpose is our interest in improving our Service so that we understand users’ preferences and are able to provide you with a better experience (for example, to make the use of the Service easier and more enjoyable, or to introduce and test new features).

The legitimate interest we rely on for this processing is our interest to promote our Services in a measured and appropriate way.

The legitimate interest we rely on for this processing is our interest to promote our Service in a reasonably targeted way.

Our legitimate interests for this purpose are enforcing our legal rights, preventing and addressing fraud and unauthorized use of the Service, non-compliance with our Terms and Conditions of Use.

  1. to comply with legal obligations.

  1. WITH WHOM WE SHARE YOUR PERSONAL DATA

We share information with third parties that help us operate, provide, improve, integrate, customize, support, and market our Service. We may share some sets of personal data, in particular, for purposes and with parties indicated in Section 3 of this Privacy Policy. The types of third parties we share information with include, in particular:

  1. Service providers

We share personal data with third parties that we hire to provide services or perform business functions on our behalf, based on our instructions. We may share your personal information with the following types of service providers:

We may use and disclose personal data to enforce our Terms and Conditions of Use, to protect our rights, privacy, safety, or property, and/or that of our affiliates, you or others, and to respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, or in other cases provided for by law.

  1. Third parties as part of a merger or acquisition

As we develop our business, we may buy or sell assets or business offerings. Customers’ information is generally one of the transferred business assets in these types of transactions. We may also share such information with any affiliated entity (e.g. parent company or subsidiary) and may transfer such information in the course of a corporate transaction, such as the sale of our business, a divestiture, merger, consolidation, or asset sale, or in the unlikely event of bankruptcy.

  1. HOW YOU CAN EXERCISE YOUR PRIVACY RIGHTS

To be in control of your personal data, you have the following rights:

Accessing / reviewing / updating / correcting your personal data. You may review, edit, or change the personal data that you had previously provided on the Service.

Deleting your personal data. You can request erasure of your personal data as permitted by law.

When you request deletion of your personal data, we will use reasonable efforts to honor your request. In some cases, we may be legally required to keep some of the data for a certain time; in such event, we will fulfill your request after we have complied with our obligations.

Objecting to or restricting the use of your personal data. You can ask us to stop using all or some of your personal data or limit our use thereof.

Additional information for EEA-based users:

If you are based in the EEA, you have the following rights in addition to the above:

The right to lodge a complaint with supervisory authority. We would love you to contact us directly, so we could address your concerns. Nevertheless, you have the right to lodge a complaint with a competent data protection supervisory authority, in particular in the EU Member State where you reside, work or where the alleged infringement has taken place.

The right to data portability. If you wish to receive your personal data in a machine-readable format, you can send respective request to us as described below. To exercise any of your privacy rights, please send a request to support@passionapp.co.

  1. AGE LIMITATION

We do not knowingly process personal data from persons under 16 years of age. If you learn that anyone younger than 16 has provided us with personal data, please contact us.

  1. INTERNATIONAL DATA TRANSFERS

We may transfer personal data to countries other than the country in which the data was originally collected in order to provide the Service set forth in the Terms and Conditions of Use and for purposes indicated in this Privacy Policy. If these countries do not have the same data protection laws as the country in which you initially provided the information, we deploy special safeguards.

In particular, if we transfer personal data originating from the EEA to countries with not adequate level of data protection, we use one of the following legal bases: (i) Standard Contractual Clauses approved by the European Commission (details available here), or (ii) the European Commission adequacy decisions about certain countries (details available here).

  1. CHANGES TO THIS PRIVACY POLICY

We may modify this Privacy Policy from time to time. If we decide to make material changes to this Privacy Policy, you will be notified by available means such as email and will have an opportunity to review the revised Privacy Policy. By continuing to access or use the Service after those changes become effective, you agree to be bound by the revised Privacy Policy.

  1. NOTICE FOR CALIFORNIA RESIDENTS

This Supplemental California Privacy Notice only applies to our processing of personal information that is subject to the California Consumer Privacy Act of 2018 (the “CCPA”). The CCPA provides California residents with the right to know what categories of personal information we have collected about them and whether we disclosed that personal information for a business purpose (e.g., to a service provider) in the preceding twelve months. California residents can find this information below.

Category of Personal Information Collected Categories of Third Parties Personal Information is Disclosed to for a Business Purpose
Identifiers

Service providers

Users or third parties you share with

Advertising partners

Personal information categories listed in Cal. Civ. Code § 1798.80(e)

Service providers

Users or third parties you share with

Commercial information Payment solutions partners
Internet or other electronic network activity

Service providers

Users or third parties you share with

Advertising partners

Geolocation data

Service providers

Advertising partners

Inferences drawn from other personal information to create a profile about a consumer

Service providers

Advertising partners

Under CCPA you as a California resident have the following rights:

Right to Know. You have the right to request that we disclose to you the personal information we collect, use, or disclose.

Right to Delete. You have the right to request that we delete your personal information that we have collected from you.

Right to Opt-Out. CCPA requires that we maintain a separate webpage that allows you to opt out of the sale of your personal information, which can be accessed by clicking the Do Not Sell My Personal Information.

Right to Non-Discrimination. We will not discriminate against you for exercising any of these rights. We will not deny you our services, charge you different prices, or provide you a lower quality of services if you exercise your rights under the CCPA.

You may designate, in writing or through a power of attorney, an authorized agent to make requests on your behalf to exercise your rights under the CCPA. Before accepting such a request from an agent, we will require the agent to provide proof you have authorized it to act on your behalf, and we may need you to verify your identity directly with us.

To exercise any of your privacy rights, please send a request to support@passionapp.co.

California’s Shine the Light law gives California residents the right to ask companies once a year what personal information they share with third parties for those third parties' direct marketing purposes. Learn more about what is considered to be personal information under the statute.

To obtain this information from us, please send an email message to support@passionapp.co which includes “Request for California Privacy Information” on the subject line and your state of residence and email address in the body of your message. If you are a California resident, we will provide the requested information to you at your email address in response.

  1. VIRGINIA CONSUMER DATA PROTECTION ACT (VCDPA) NOTICE

This section supplements our Privacy Policy and only applies if you reside in the Commonwealth of Virginia. Where applicable, it describes how we use and process your personal data and explains your particular rights under Virginia Consumer Data Privacy Act (VCDPA).

Disclosures about the use of your personal data

We may collect and use certain information about you, some of which may be personal data (such as your name, email address, IP address, payment card number, or other information which may be reasonably linked to you), in order to operate the Services and to maximize your experience.

If you would like more information about the categories of your personal data we collect or the purposes for which we collect them, please read Section 2 and Section 3. To learn more about sharing of your personal data with our business partners and other third parties, please read Section 5.

Data Rights

Section 6 of our Privacy Policy describes the data rights we offer to all users and how to execute these rights. This includes the right to access, review, correct, update your data, obtain a portable copy of your data, or delete data related to your stored preferences and your use of the Services. Before completing your request, we may require some information sufficient to authenticate your identity.

Additionally, VCDPA provides Virginia residents with these data rights:

Opt out of the Processing of your Personal Data for Targeted Advertising. In order to exercise your choice as a Virginia resident, please click on “Do Not Sell/Share My Information”. While we may use different wording, this link will opt you out of targeted advertising.

Please note that we do not process personal data for purposes of (1) the sale of personal data, as defined by the VCDPA, or (2) profiling in furtherance of decisions that produce legal or similarly significant effects concerning the consumer.

Confirm whether your Personal Data is being Processed. You may confirm whether your personal data is being processed by emailing us at support@passionapp.co.

Appeal a Case with regard to your Request. In the case where we declined to take action on your data rights request or have rejected your request, you may contact us at support@passionapp.co to initiate an appeal of this decision. Please use the subject line “Appeal of Refusal to Take Action on Privacy Request” and provide the relevant information in the email. Once we receive your appeal, we will notify you in writing within 60 days of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions.

If your appeal is denied, you may contact the Office of the Virginia Attorney General by these means:

Office of the Attorney General | Virginia.gov

www.virginia.gov/agencies/office-of-the-attorney-general/#vagov

202 North Ninth Street

Richmond, VA 23219

  1. DATA RETENTION

We will store your personal data for as long as it is reasonably necessary for achieving the purposes set forth in this Privacy Policy (including providing the Service to you). We will also retain and use your personal data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

  1. HOW “DO NOT TRACK” REQUESTS ARE HANDLED

Except as otherwise stipulated in this Privacy Policy, this Service does not support “Do Not Track” requests. To determine whether any of the third-party services it uses honor the “Do Not Track” requests, please read their privacy policies.

  1. CONTACT US

You may contact us at any time for details regarding this Privacy Policy and its previous versions. For any questions concerning your account or your personal data please contact us at support@passionapp.co.

Effective as of: [20 January 2025]