Data Protection & Privacy Review For Color Therapy 24 April 2021
Information privacy, also known as data privacy or data protection, is the relationship between the collection and dissemination of data, technology, the public expectation of privacy, legal and political issues surrounding them.
Privacy concerns exist wherever personally identifiable information or other sensitive information is collected, stored, used, and finally destroyed or deleted – in digital form or otherwise. Improper or non-existent disclosure control can be the root cause for privacy issues. Data privacy issues may arise in response to information from a wide range of sources.
With that in mind, this Privacy and Cookies Policy is designed to describe:
Who We Are and How to Contact Us?
Your Rights Relating to Your Personal Data
You have the right under this Privacy and Cookies Policy to:
Request access to your Personal Data. If you are within the EU, this enables you to receive a copy of the Personal Data we hold about you and to check that we are lawfully processing it.
Request correction of the Personal Data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
Request erasure of your Personal Data. This enables you to ask us to delete or remove Personal Data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your Personal Data where you have exercised your right to object to processing (see below).
Object to processing of your Personal Data. This right exists where we are relying on a legitimate interest as the legal basis for our processing and there is something about your particular situation, which makes you want to object to processing of your Personal Data on this ground. You also have the right to object where we are processing your Personal Data for direct marketing purposes.
Request the restriction of processing of your Personal Data. This enables you to ask us to suspend the processing of Personal Data about you, for example if you want us to establish its accuracy or the reason for processing it.
Request the transfer of your Personal Data. If you are within the EU, we will provide to you, or a third party you have chosen, your Personal Data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
Withdraw consent. This right only exists where we are relying on consent to process your Personal Data ("Consent Withdrawal"). If you withdraw your consent, we may not be able to provide you with access to the certain specific functionalities of our Site. We will advise you if this is the case at the time you withdraw your consent.
How to exercise your rights. If you want to exercise any of the rights described above, please contact us using the contact details in Who We Are and How to Contact Us.
Typically, you will not have to pay a fee to access your Personal Data (or to exercise any of the other rights). However, except in relation to Consent Withdrawal, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive, or, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Data (or to exercise any of your other rights). This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
We will reply to your complaint as soon as we can.
What Personal Data we collect
MIINU uses Personal Data we collect to provide the Services, personalize content, maintain security, monitor aggregate metrics such as total number of visitors, traffic, and demographic patterns, and track user content and users as necessary to comply with the Digital Millennium Copyright Act and other applicable laws,
MIINU respects the intellectual property rights of others and expects its users to do the same. In accordance with the Digital Millennium Copyright Act of 1998, the text of which may be found on the U.S. Copyright Office website at http://www.copyright.gov/legislation/dmca.pdf, MIINU will respond expeditiously to claims of copyright infringement committed using the MIINU service and/or the MIINU mobile application if such claims are reported to MIINU.
Information You Directly Provide to Us. There are many occasions when you provide information that may enable us to identify you personally ("Personal Data") while using the Services. The Personal Data we may collect from you is outlined in the table below.
Username, full name, photo, Apple/Facebook account public details or similar identifier, or other forms of identification.
Your email address.
Any details about payments to and from you and other details of subscriptions and services you have purchased from us.
Any content you post to the Services not already included in another category, including without limitation, colored designs, feedback, questions, preference settings, answers, messages, comments, and other contributions on the Services, and metadata about them (such as when you posted them) (“Content").
Marketing and Communications Data
Your preferences in receiving marketing from us and our third parties and your communication preferences. If you correspond with us by messaging through the Services, we may retain the content of such messages and our responses.
Inferred or assumed information relating to your behavior and interests, based on your online activity. This is most often collated and grouped into "segments."
Device ID, Internet protocol (IP) address, Apple ID, Facebook ID, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this application.
Personal Data from Third Party Sources. In addition to the Personal Data that we collect directly from you (as described in the section immediately above this one), we may also collect certain of your Personal Data from third party sources, some of which may not be publicly available.
No Special Categories of Personal Data. We do not collect any "Special Categories of Personal Data" about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sexual orientation, political opinions, trade union membership). Nor do we collect any information about criminal convictions and offences.
How We Use Your Personal Data and Why
We generally use Personal Data for the following: to deliver and improve our Services; to provide you with customer support; to perform research and analysis about your use of the Services; to develop, display, and track Content and advertising tailored to your interests on the Services and other sites, including, potentially, providing our advertisements to you when you visit other sites; website or mobile application analytics; to diagnose or fix technology problems; to automatically update the Services on your device; to verify your identify and prevent fraud or other unauthorized or illegal activity; to enforce or exercise any rights in our Terms of Service;
In respect of each of the purposes for which we use your Personal Data, the legal bases depend on the Services you use and how you use them. This means we collect and use your Personal Data only where:
We need it to provide you the Services, including to operate the Services, provide customer support and personalized features and to protect the safety and security of the Services;
It satisfies a legitimate interest (which is not overridden by your data protection interests), such as for research and development, to market and promote the Services and to protect our legal rights and interests; or
We need to process your data to comply with a legal or regulatory obligation.
We may also rely on your consent as a legal basis for using your Personal Data where we have expressly sought it for a specific purpose. If we do rely on your consent to a use of your Personal Data, you have the right to change your mind at any time (but this will not affect any processing that has already taken place). We have set out below, in a table format, more detailed examples of relevant purposes for which we may use your Personal Data.
Providing, updating, and maintaining our Services, application, and business
To deliver the Services you have requested.
Research and development
To enable us to improve the Services and better understand our users and the markets in which we operate. For example, we may conduct or facilitate research and use learnings about how people use our Services and feedback provided directly to us to troubleshoot and to identify trends, usage, activity patterns, areas for additional features and improvement of the Services and other insights. We also test and analyze certain new features with some users before introducing the feature to all users.
Communicating with users about the Services
To send communications via email, including, for example, responding to your comments, questions and requests, providing customer support, and sending you technical notices, product updates, security alerts. We may also provide tailored communications based on your activity and interactions with us.
Providing customer support
To respond to your requests for assistance, comments and questions, to analyze crash information, to repair and improve the Services and provide other customer support.
To keep our application, our Services and associated systems operational and secure.
To comply with applicable law, legal process and regulations and protect legitimate business interests
As we believe is reasonably necessary to comply with a law, regulation, order, subpoena, rule of a self-regulatory organization or audit or to protect the safety of any person, to address fraud, security issues, or to protect our legal rights, interests and the interests of others.
What happens when you do not provide necessary Personal Data? Where we need to process your Personal Data either to comply with law, or to perform the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with the functionalities of the Services). In this case, we may have to stop you using our Services.
How We Use Tracking or Profiling Technologies
MIINU may collect non-personally identifiable information regarding your usage of the Services, including the pages and designs and presentations you viewed, time spent using the application, demographic data such as server locations, connection speed, and other information that does not identify you. Like most online services, we also may use log files, clear GIFs, tracking pixels, web beacons, and other technologies that may collect Personal Data.
Third Party Services: MIINU may use third-party services such as Google Analytics, Firebase Analytics to help understand/improve the use of the Services. These services typically collect the information sent by your browser as part of a web page request, including cookies and your IP address. They receive this information and their use of it is governed by their respective privacy policies.
Who We Share Your Personal Data With?
We may share your Personal with third parties in the ways that are described in the table below. We consider this information to be a vital part of our relationship with you.
Our service providers provide us support for our Services, including, for example, mobile development, search engine, hosting, maintenance, backup, storage, virtual infrastructure, payment processing, analysis, identity verification, background and compliance reviews, banking services, and other services for us, which may require them to access or use Personal Data about you.
Our lawyers, accountants may need to review your personal data to provide consultancy, compliance, banking, legal, insurance, accounting and similar services.
Legal and Taxing Authorities, Regulators and Participants in Judicial Proceedings
We may disclose your Personal Data if we believe it is reasonably necessary to comply with a law, regulation, order, subpoena, rule of a self-regulatory organization or audit or to protect the safety of any person, to address fraud, security or technical issues, or to protect our legal rights, interests and the interests of others, such as, for example, in connection with the acquisition, merger or sale of securities or a business (e.g., due diligence).
As we develop our business, we may buy or sell businesses or assets. In the event of a corporate sale, merger, reorganization, dissolution or similar event, we may also transfer your Personal Data as part of the transferred assets without your consent or notice to you.
We may use third-party advertising services such as: Google Admob (You can read about their privacy practice at: https://support.google.com/admob) , Vungle (You can read about their privacy practice at: https://vungle.com/privacy), AdColony (You can read about their privacy practice at: https://www.adcolony.com/privacy-policy), MoPub (You can read about their privacy practice at: https://www.mopub.com/en/legal/privacy), Unity Ads (You can read about their privacy practice at: https://unity3d.com/legal/privacy-policy), IronSource (You can read about their privacy practice at: https://www.is.com/privacy-policy) and Applovin (You can read about their privacy practice at: https://www.applovin.com/privacy).
These advertising services help to choose/improve the ads that appear on our application. These services do not intentionally collect personal information like your name, address, or email address, but the personal data that they may collect may enable them to recognize your device over time and across apps. They receive this information and their use of it is governed by their respective privacy policies.
We may also share non-Personal Data (such as anonymous usage data, referring/exit pages and URLs, platform types, number of clicks, etc.) with interested third parties to help them understand the usage patterns for certain Services or conduct independent research based on such anonymous usage data.
If you request that we remove your Personal Data as described in Your Rights Relating to Your Personal Data, we will convey that request to any third-party with whom we have shared your data. We are not, however, responsible for revising or removing your Personal Data obtained by any third party who has previously been provided your information by us in accordance with this policy or any third party to whom you have provided such information.
How long we store your Personal Data
We will retain your information for as long as it is reasonably needed for the purposes set out in How We Use Your Personal Data and Why unless you request that we remove your Personal Data as described in Your Rights Relating to Your Personal Data. We will only retain your Personal Data for so long as we reasonably need to use it for these purposes unless a longer retention period is required by law (for example for regulatory purposes). This may include keeping your Personal Data for the period of time needed for us to pursue legitimate business interests, conduct audits, comply with (and demonstrate compliance with) legal obligations, resolve disputes and enforce our agreements.
Where We Store Your Personal Data
How We Protect Your Personal Data
We use ‘Microsoft Azure' for our infrastructure and hosting (You can read about their privacy practice at: https://www.microsoft.com/en-us/TrustCenter/Privacy/default.aspx), We may use OneSignal Push Notification and before the use of this service, you are asked whether you agree to such notifications. you can disable push notification in the setting inside the application (You can read about their privacy practice at: https://onesignal.com/privacy_policy),we use Zendesk to provide support services (You can read about their privacy practice at: https://www.zendesk.com/company/policies-procedures), we use industry-standard physical, managerial, and technical safeguards to preserve the integrity and security of your personal information. We limit access to your Personal Data to those employees and other staff who have a business need to have such access. All such people are subject to a contractual duty of confidentiality. We cannot, however, ensure or warrant the security of any information you transmit to MIINU or guarantee that your information on the Services may not be accessed, disclosed, altered, or destroyed by a breach of any of our physical, managerial, or technical safeguards.
Third Parties & Links to Other Websites
We may use ‘Sendgrid’ as our email marketing service provider (You can read about their privacy practice at: https://www.twilio.com/legal/tos, and by requesting our services or using our platform, you acknowledge that you understand and agree to their policies.
Our Policy on Children's Privacy