This Privacy Policy has been updated on October 20, 2021

Yoga for Beginners | Nandy PRIVACY POLICY

WE RESPECT YOUR PRIVACY!

If you have any privacy related concerns, please contact us at: support@nandy.app

Reliz LTD is a company registered in Malta, with registration number C96147 and address at this date at 12 office 1, Trejqet Huggiega, Triq Victor Scerri, Naxxar, Nxr 1032, Malta (“Reliz”, “We”, “Us”), who collects, uses and discloses information, when you access or use mobile app “Yoga for Beginners | Nandy” available at AppStore (the “Service”, “App”, “Yoga for Beginners | Nandy”), make In-App purchases, or when you otherwise interact with us.

This Privacy Policy describes how we collect and use the Personal Data you provide. It also describes the choices available to you regarding our use of your Personal Data and how you can access the information. We respect your privacy and we take protecting it seriously.

Reading Privacy Policy is important so we hope you will give it time and attention.

This Policy applies to the following people:

• people who use the Service (For the purposes of this policy, we define the term “User”, “you”, "your", "yours" as a personwhich has concluded the installation of Service through App Store).
  
  
• people who make complaints to us by email.

Reliz do not sell your personal data to third parties. A “sale” of Personal Data under the CCPA is defined broadly to include the “selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means” the Personal Data of a User to another business or third party “for monetary or other valuable consideration.” If we decide to sell Service, we will inform you about this, so you can forbid us to transfer your personal data together with our business. If so, we will delete your data from the databases prior to a business transfer.

We adhere to the following principles in order to protect your privacy:

• principle of purposefulness - we process personal data fairly and in a transparent manner only for the achievement of determined and lawful objectives, and they shall not be processed in a manner not conforming to the objectives of data processing;

• principle of minimalism - we collect personal data only to the extent necessary for the achievement of determined purposes and do not keep personal data if it is no longer needed;

• principle of restricted use - we use personal data for other purposes only with the consent of the data subject or with the permission of a competent authority;

• principle of data quality - we update personal data shall be up-to-date, complete and necessary for the achievement of the purpose of data processing;

• principle of security - security measures shall be applied in order to protect personal data from unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical and organisational measures;

• principle of individual participation - the persons shall be notified of data collected concerning him or her, the persons shall be granted access to the data concerning him or her and the persons have the right to demand the correction of inaccurate or misleading data.

1. PERSONAL DATA THAT WE COLLECT AND PROCESS

In order to fulfill our obligations on provision a license for mobile app “Yoga for Beginners | Nandy” for you and applicable terms of use, We are entitled to ask you to provide us with your Personal Data, including (but not limited):

1. name;
2. anthropometric data;
3. age,weight,height;
4. e-mail.
1. Personal Data collected by or transmitted to the Reliz in the course of accessing, interacting and operating of the Service may include, without limitation, the following Personal Data:
1. device information, which may include (but is not limited to) information about the computer or mobile device you use to access the Service, including the hardware model, operating system and version, the web browser you use, and other device identifiers;
2. server log information, which may include (but is not limited to) your login details, the date and time of visits, the pages viewed, your IP address, time spent at the Service and the websites you visit just before and just after the Service;
3. information collected by cookies and other tracking technologies. We and our service providers use various technologies to collect information when you interact with the Service, including cookies and web beacons. ‘Cookies’ are small data files that are stored on your device when you visit a Service which enable us to collect information about your device identifiers, IP address, web browsers used to access the Service, pages or features viewed, time spent on pages, mobile app performance and links clicked. Web beacons are graphic images that are placed on a website or in an email that is used to monitor the behavior of the user visiting the website or sending the email. They are often used in combination with cookies. 
2. We may also receive information about you from other sources, such as when you log in to mobile app “Yoga for Beginners | Nandy” by using your Apple ID or account credentials for a separate third-party service. We will receive information from that service as indicated in the relevant third party's authorization screen.
3. Reliz may collect the Personal Data from you in a variety of ways and circumstances, including, but not limited to, installation of mobile app Yoga for Beginners | Nandy”, subscription to a newsletter, filling out a form, providing us with feedback. Reliz shall be entitled to combine Personal Data collected in the course of your interaction with different sections of the Service with any other relevant available information.

1. APPLE HEALTH APP INTEGRATION

1. You may opt to integrate Service with Apple's Health App Database. If you grant Service access to Apple's Health App Database, Service will import your data from the Health App Database into the Application in certain circumstances, such as to aid you in the tracking of fitness goals. In addition, Service may transfer data that you store locally on your Device, such as active energy, mindfull minutes, workouts to the Health App Database. Service cannot read from or write to the Health App Database unless you grant access. Data accessed from the Health App Database will never be shared with third parties, such as third party service providers and/or advertisers.
2. Reliz is in no way responsible for the protection of the Fitness Data and/or other information stored within Apple's Health App Database. You and Apple are solely responsible for the protection of such information in the Health App Database. Please review Apple's applicable policies and procedures before syncing and backing up your Fitness Data and/or other information with the Health App Database.
   
   

1. USE OF COLLECTED PERSONAL DATA

1. We may use the information collected from you for a variety of purposes, primarily, relating to providing our Services and information about our Services. We may also use the information for such other purposes as otherwise allowed by law. For example, we (or a supplier or our affiliate company acting on our behalf and only under our instructions) may use your personal data, including personally identifiable information, for such purposes, including but not limited to:

1. to provide license and access to mobile app “Yoga for Beginners | Nandy”;
2. to handle your orders and requests, including requests for technical support and assistance;
3. to properly fulfil tax-related and accounting obligations imposed by applicable laws;
4. to detect, investigate, and prevent illegal activities or conduct that may violate the Terms of Use of mobile app “Yoga for Beginners | Nandy” and this Privacy Policy;
5. personalize your experience with our Service;
6. contact you in relation to, and conduct, surveys or polls you choose to take part in and to analyse the data collected for market research purposes;
7. conduct internal research and development and to improve, test and enhance the features and functions of our Service;
8. marketing and promotion of our Services or related products, including those of a third party’s products which are related to our Services (If you do not want us to use your data in this way, please let us know by contacting us at: support@nandy.app;
9. meet our internal and external audit requirements, including our information security obligations;
10. tracking purchases and usage information;
11. any other purpose as we determine, in our sole discretion, to be necessary or required to ensure the safety and/or integrity of our users, employees, third parties, public, and/or our Services, or to comply with requirements of any applicable law.

1. CONSENT TO PERSONAL DATA PROCESSING
1. EU Persons Consent to Personal Data processing
1. If you are an EU Person and to process your Personal Data we need to receive your consent, as it is prescribed by GDPR, we will process your Personal Data only in the case we have received from you a freely given, specific, informed and unambiguous indication of your wishes by which you signify agreement to the processing of your Personal Data ("Consent").
2. You may give your Consent by ticking a box when visiting the Service. In the case you tick the respective box, you irrevocably and unconditionally consent and agree that Reliz shall be entitled to process your Personal Data as it is indicated by your Consent.
3. Your Consent covers all processing activities with your Personal Data carried out for the same purpose or purposes. When the Processing has multiple purposes, your Consent should be deemed given for all of them.
4. You have the right to withdraw your Consent at any time. You can submit such a request by sending us an email to support@nandy.app. Your withdrawal of Consent shall not affect the lawfulness of your Personal Data processing based on Consent before its withdrawal.
5. Except as required or enabled by law we will not use or disclose your Personal Data for any purpose for which you refuse Consent or later withdraw your Consent. If you withdraw Consent, you agree that in spite of this withdrawal, we may continue to use those Personal Data previously provided to us to the extent that we are contractually or otherwise legally obliged to do so and to the extent necessary to enforce any contractual obligation you may have towards Reliz or in any other way permitted by law.

1. Non-EU Persons Consent to Personal Data processing

1. If you are not an EU Person, by transferring to us your Personal Data via the Service or otherwise, you irrevocably and unconditionally consent and agree that the Reliz shall be entitled, in accordance with this Policy:
1. To Process in any manner, including to collect, store, use, disclose, share and transfer (including cross-border), your Personal Data so provided to us, as well as your Personal Data collected from your use of the Service (i.e. your Personal Data which we collect automatically and/or from other sources); and
2. to use cookies and web beacons (pixel tags) to collect your Personal Data.

• СOMPLIANCE WITH GENERAL DATA PROTECTION REGULATION (GDPR), CALIFORNIA CONSUMER PRIVACY ACT (CCPA) AND BRAZIL'S GENERAL DATA PROTECTION LAW (LGPD (LEI GERAL DE PROTEÇÃO DE DADOS))

1. If you are located in the European Economic Area (EEA) privacy rights are granted and all processing of Personal Data is performed in accordance with regulations and rules following the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data, known as the General Data Protection Regulation (“GDPR”).

1. If you are located in California, all processing of Personal Data is performed in accordance with regulations and rules following the California Consumer Privacy Act, Cal. Civ. Code § 1798.100 et seq. (“CCPA”).

1. If you are located in Brazilia, all processing of Personal Data is performed in accordance with regulations and rules following the Lei Geral de Proteção de Dados (“LGPD”).

1. The Child Online Privacy and Protection Act (“COPPA”) regulates online collection of information from persons under the age of 13 (covered person). Covered persons are required to obtain parental consent before providing personal data via Service. If you are a parent of a COPPA covered person, you have the option to agree to the collection and use of your COPPA covered person’s information. You may revoke your consent, review your COPPA covered person’s personal data, ask to have it deleted, and/or refuse to allow any further collection or use of your COPPA covered person’s information at any time, contact us at support@nandy.app.

1. We process Personal Data as a Controller, as defined in the GDPR.

1. DATA ACCESS, DATA CORRECTION, DATA DELETION, DATA PORTABILITY AND WITHDRAWAL OF THE CONSENT

1. You can review, correct, update, delete or transfer their personally identifiable information. For that, contact us directly at support@nandy.app We will acknowledge your request within seventy-two (72) hours and handle it promptly and as required by law.

1. Right to access. Youmay contact us to get confirmation as to whether or not we are processing your personal data. When we process your personal data, we will inform You of what categories of personal data we process regarding You, the processing purposes, the categories of recipients to whom personal data have been or will be disclosed and the envisaged storage period or criteria to determine that period.

1. Right to withdraw consent. In case our processing is based on consent granted, You may withdraw the consent at any time by contacting us or by using the functionalities of our Services. You can withdraw your consents at any time by replying to the email with your withdrawal and your Personal Data will be deleted in 48 hours. Withdrawing consent may lead to fewer possibilities to use our Services.

1. Right to object. In case our processing is based on our legitimate interest to run, maintain and develop our business, You have the right to object at any time to our processing. We shall then no longer process your personal data unless for the provision of our Services or if we demonstrate other compelling legitimate grounds for our processing that override your interests, rights and freedoms or for legal claims. Notwithstanding any consent granted beforehand for direct marketing purposes, You have the right to prohibit us from using personal data for direct marketing purposes, by contacting us or by using the functionalities of the Services or unsubscribe possibilities in connection with our direct marketing messages.

1. Right to restriction of the processing. You have the right to obtain from us restriction of processing of your personal data, as foreseen by applicable data protection law, e.g. to allow our verification of accuracy of personal data after your contesting of accuracy or to prevent us from erasing personal data when personal data are no longer necessary for the purposes but still required for your legal claims or when our processing is unlawful. Restriction of processing may lead to fewer possibilities to use our Services.

1. Right to data portability. You have the right to receive your personal data from us in a structured, commonly used and machine-readable format and to independently transmit those data to a third party, in case our processing is based on your consent and carried out by automated means.

1. How to use these rights. To exercise any of the above-mentioned rights, You should primarily use the functions offered by our Services. If such functions are however not sufficient for exercising such rights, You shall send us a letter or email to the address set out below under Contact, including the following information: name, address, phone number, email address, and a copy of a valid proof of identity. We may request additional information necessary to confirm your identity. We may reject requests that are unreasonably repetitive, excessive or manifestly unfounded. 

1. STORING OF INFORMATION AND DELETION

1. We store your Personal Data for as long as needed to provide you with our services. We may store Data longer, but only in a way that it cannot be tracked back to you. When Personal Data is no longer needed, we delete it using reasonable measures to protect the Data from unauthorized access or use.
   
   
2. EU Territory. We store Personal Data as long as it is needed for the provision of our services. Traffic information is erased or made anonymous when it is no longer needed for the purpose of the transmission or, in the case of payable services, up to the end of the period during which the bill may lawfully be challenged or payment pursued. Direct marketing and provision of value-added services information (including traffic information used for these purposes) is stored as long as the same is necessary for the provision of these activities, or up to the time when a user opts out from such use in accordance with this Privacy Policy. Other information is stored for as long as we consider it to be necessary for the provision of our services. This Section shall not prevent any technical storage or access to information for the sole purpose of carrying out the transmission of a communication or as strictly necessary in order for us to provide the service you requested.
   
   
3. As explained in the GDPR statement, we strive to anonymize the data when possible. If you decide to exercise your right to erasure we will also inform our Providers to delete all your data.
   
   
4. US Territory. We will retain collected information for the period necessary to fulfill the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by applicable legislation.
   
   
5. Storing might be different depending on the territory of collecting the information and the applicable legislation, but we always strive to store the information only as long as it is needed for the purposes of providing, improving or personalizing our services.
   
   
6. We do not use Service to knowingly solicit information from or market to children under the age of 13. In the event that we learn that we have collected personal data from a child under 13 years of age we will delete that information as quickly as possible. If you believe that we might have any information from or about a child under 13 years of age please contact us at support@nandy.app.

1. INFORMATION SECURITY

1. We care to ensure the security of personal data. We follow generally accepted industry standards to protect the information submitted to us, both during transmission and once we receive it. We maintain technical, physical, and administrative security measures to provide reasonable protection for your Personal Data. When we or our contractors process Your information, we also make sure that your information is protected from unauthorized access, loss, manipulation, falsification, destruction or unauthorized disclosure. This is done through appropriate administrative, technical and physical measures.

1. There is no 100% secure method of transmission over the Internet or method of electronic storage. Therefore, we cannot guarantee its absolute security.

1. We never process any kind of sensitive data and criminal offence data. Also we never undertake profiling of personal data.

1.  CONTRACTORS

1. We work with third party service providers who provide website, application development, hosting, maintenance, and other services for us. They may be located outside of the EEA. These contractors may have access to, or process Personal Data on behalf of us as part of providing those services for us. We limit the information provided to these service providers to that which is reasonably necessary for them to perform their functions.

1. All data transfers are performed in accordance with the highest security regulations. Transfer of Personal Data to countries outside of the European Economic Area may be possible only in the case, when we have obtained your consent for it.

1. All data processed by us is stored exclusively in secure hosting facilities provided by Google Cloud and Google BigQuery. 

1. We use Facebook. Facebook remarketing service is provided by Facebook Inc. You can learn more about interest-based advertising from Facebook by visiting this page: https://www.facebook.com/help/164968693837950. To opt-out from Facebook's interest-based ads follow these instructions from Facebook:https://www.facebook.com/help/568137493302217. Facebook adheres to the Self-Regulatory Principles for Online Behavioral Advertising established by the Digital Advertising Alliance. You can also opt-out from Facebook and other participating companies through the Digital Advertising Alliance in the USA http://www.aboutads.info/choices/, the Digital Advertising Alliance of Canada in Canada http://youradchoices.ca/ or the European Interactive Digital Advertising Alliance in Europe http://www.youronlinechoices.eu/, or opt-out using your mobile device settings. For more information on the privacy practices of Facebook, please visit Facebook's Data Policy: https://www.facebook.com/privacy/explanation. Your data will be stored in Facebook data centers, located in Sweden, Denmark, and Ireland.
   
   
2. We use Amplitude Analytics for analytic user behavior and understand how users are navigating through App(s) and which features engage the most. For more information on the privacy practices of Amplitude Analytics, please visit the Privacy Policy: https://amplitude.com/privacy
   
   
3. We use Adjusts to analyze and optimize mobile advertising campaigns and user activities on the internet. For more information on the privacy practices of Adjusts, please visit the Privacy Policy: https://amplitude.com/privacy

1. We use Appsflyer For more information on the privacy practices of Appsflyer, please visit the Privacy Policy: https://www.appsflyer.com/services-privacy-policy/

1. We use Firebase. Firebase is Google's mobile application development platform that helps to build, improve, and grow service. For more information on the privacy practices of Firebase, please visit the Privacy Policy:https://firebase.google.com/support/privacy

1. We use PushWoosh. PooshWoosh is a service that enables push notifications to be sent. For more information on the privacy practices of PushWoosh, please visit the Privacy Policy https://www.pushwoosh.com/privacy-policy/

1. We use InstaBug. InstaBug is a service that helps us to track bugs and crashes of the app, along with user support. For more information on the privacy practices of InstaBug, please visit the Privacy Policy https://instabug.com/privacy

• OPT-OUT
  
  

1. You can deactivate local notifications by changing the notification settings in accordance with the instructions of the operating system running on the Users’ device.

• APPLICATION OF THIS PRIVACY POLICY

1. This Privacy Policy is applicable to our Service. Once redirected to another website or App, this Policy is no longer applicable.

• ACCEPTANCE OF THESE CONDITIONS

1. We assume that all Users have carefully read this document and agree to its content. If one does not agree with this Privacy policy, they should refrain from using Service.

• CHANGES AND UPDATES TO OUR PRIVACY POLICY

1. From time to time, we may update this Privacy Policy. We encourage You to periodically check back and review this Policy so that You always will know what information we collect, how we use it, and with whom we share it.

• CONTACT US!

1. If you have any questions please contact us at support@nandy.app.