Last updated: 28 February 2024
We at Andrei Tsitou LLC (“Andrei Tsitou”, “we”, “us” and “our”) have created this Privacy Policy to explain how we collect, use, disclose and otherwise process personal information in connection with operating our business. Andrei Tsitou LLC is the controller of your personal information.
This Privacy Policy applies to our websites and mobile applications and other online services we may provide on which this Privacy Policy is posted (each a “Service” and collectively, the “Services”). In addition to describing how we collect, use, disclose and otherwise process personal information, this Privacy Policy explains the rights and choices available to individuals with respect to their personal information.
California residents, please see section 7 for more information on Your California Privacy Rights. Mainland China residents, please see section 8 for more information on Your Privacy Rights.
We may obtain information about you in a variety of ways, including through your use of our Services, when you call, email or otherwise communicate with us (including through social media), or when you participate in events or other promotions.
The information that we collect, whether from you directly or automatically, may be considered personal information in certain jurisdictions or personal data under the European General Data Protection Regulation (the “GDPR”). Whenever we refer to personal information in this Privacy Policy, it means personal information or personal data as defined by applicable laws in the relevant jurisdiction.
These are the categories of personal information we collect, which may vary based on the Service being used:
Please note that when using certain Services, you may choose to input or provide access to certain physical or health-related information about yourself. Such information will be stored locally on your device and accessed only as described in the “Information collected from you” subsection below.
Some of this information you provide to us and some we collect when you use our Services. We also may obtain information about you (including personal information) from our business partners, such as vendors, and others, and from previous owners and data controllers.
You may choose not to provide some or all of your personal information to us but doing so may prevent us from providing our Services to you or limit our ability to provide you with the level of service that you would otherwise expect from us.
Information collected from you
The following are examples of the types of information we may collect directly from you:
Feedback: From time to time, we may request your opinions, suggestions, or modification and improvement ideas (“Feedback”) through surveys, or other similar requests. Any responses you provide are voluntary and shall be owned by Andrei Tsitou LLC and may be used by Andrei Tsitou LLC in our sole discretion.
Name. We require your name to personalize your user experience.
Telephone number: We may require your phone number for the technical provision of our Services to you.
Email address. We use your email address to communicate with you about the products and Services we offer, responding to requests, inquiries, comments, and suggestions and updating you with information about your account.
Username and/or PIN. Certain of our Services use this information to facilitate your access to our website or mobile application and validate your login for your security.
Other User Information: When using certain Services, you may choose to input or provide access to certain information about yourself, such as photographs, physical and health related information, or other information to enhance your experience of the Services we provide. This information will be stored on your device and will not be transmitted to Andrei Tsitou LLC unless we notify you otherwise at the time of entering the information or granting access to the information.
Payment Information: In the event you purchase products or Services directly from us, we, or a third party on our behalf, may collect payment card and other payment information, solely as required to process payment for such purchase. Your failure to provide such information may prevent you from using our services.
Location Information: When you use our Apps, we and our third party partners may detect your general location (e.g., city and state). Additionally, we may also collect precise location data (e.g., longitude/latitude) but only when you consent within the app to sharing your precise location. Failure to provide such information will only prevent you from using the features of the app that require your precise location, or obtaining results that the service intends to provide you with based on your location information, but will not affect your use of other features. We may use location information to operate and enhance our service as well as customize the content, weather alerts, and advertising we provide to you. For Apps with advertisements, if you have enabled location tracking, our trusted third-party partners may also collect and use location data to customize advertisements shown to you. See Marketing Opt-Outs in Section 9 of this Privacy Policy for more information on how to opt-out of receiving relevant advertising.
Apple Services: Certain of our Services facilitate optional syncing with Apple Services such as Apple Face Tracking and the Apple “Health” App to enhance your experience of the Services we provide. In such cases, we will ask you for permission to do this and will explain the benefit of syncing the information. This information will be stored on your device and will not be transmitted to Andrei Tsitou LLC, and we will not transmit this data to external servers or any other third parties.
You can “un-sync” or alter permissions for our Services from your Apple “Health” App or general settings at any time. You can remove your data from the Apple “Health” App or from our Services manually at any time.
Information collected by automated means (“Automated Information”)
We may collect Automated Information through the use of cookies, and other technologies. In addition to cookies, such other technologies may include:
The above tracking technologies may be deployed by us or our service providers on our behalf.
Automated Information includes information such as:
We or our third-party service provider may assign you a unique identifier through automated means in order to match information collected from you through different means or at different times, (including both personal information and Automated Information) and to use such information as described in this Privacy Policy.
Information collected from integrated services.
We may obtain information, including personal information from third parties and sources that we integrate into our Services either for the provision of our services or to facilitate your access to our Services such as described below.
You may be given the option to access or register for our services through the use of your third-party social media account, such as Facebook or Google. If you select this option, your social media provider may make certain of your personal information available to us, such as your email address or other unique identifier or we may be asked to share certain information with such social media provider. We recommend that you review your social media provider’s privacy policies carefully before using their service to connect to our Services.
Information uploaded by users of the Scan Hero app
Users of the Scan Hero app can avail of an image sharing feature and choose to upload scanned images for sharing with their friends. When a user uploads an image, then it will be processed and stored by us for up to 48 hours. After this time, the image will be permanently deleted. Users will be asked to confirm that they consent to this processing before using the feature. Our legal basis therefore for processing any uploaded images will be the user’s consent. Uploaded images will not be shared by Andrei Tsitou LLC with third parties other than necessary processors acting on our behalf (such as Google Cloud Storage). We confirm that uploaded images will not be used by Andrei Tsitou LLC for any other purpose outside of the intended feature described.
In addition to the purposes described above, we may use the information we collect for a variety of purposes, such as the following:
Service delivery and Customer support
Service improvement
Profiling
Troubleshooting
Targeted advertising and marketing
Quality and Safety Maintenance and Verification
Compliance with legal obligations
Defense
To perform the above functions, we may match information collected from you through different means or at different times, including both personal information and Automated Information, and use such information along with information obtained from other sources. We may also aggregate and/or de-identify any information that we collect, such that the information no longer identifies any specific individual. We may use, disclose and otherwise process such information for our own legitimate business purposes – including historical and statistical analysis and business planning – pursuant to this Privacy Policy and applicable privacy laws.
Your personal data may be transmitted to trusted and reliable third parties. This happens only when there are lawful grounds for the transmission. We don’t sell your data, including your images, to third parties under any circumstances.
The types of third parties to which your data may be transmitted are as follows:
Additionally, we may share your personal data if it’s required for the fulfillment of a legal obligation, or if you give us your consent to do so.
We maintain a presence on several social networking and blogging platforms, such as Facebook, Instagram, Google, LinkedIn, Twitter, Snap, TikTok and Pinterest. We may incorporate some third-party social networking features into our Services (including, allowing users to interact with others and share certain content and information on social media platforms) or utilize third-party provided platforms to publish or manage the Services or portions thereof. Through these platforms and features, we receive or may share information about you, and this Privacy Policy applies to that information as well. In addition, some providers of third-party social media or blogging platforms we utilize have their own privacy policies which explain how the third parties that provide them may collect, use and protect your information (e.g., if you establish an account with such platform providers directly). By using social features, you agree to those third parties’ privacy policies and terms of use.
If you choose to communicate with us or another user through social features available on our websites or mobile applications or through our social media pages, or other similar communication or messaging features or services, such information may be made publicly available. For security purposes, please do not include any password, social security number, payment card or other sensitive information via these features. We have the right, but not the obligation to monitor messages and communications between and among users for security and training purposes. We may, but are not obligated to, remove any content we deem inappropriate.
You have the following rights in relation to how we use your personal information:
For your protection, we may require proof of identity and verification before we can answer your requests.
You also have the right to complain before the competent national data protection authority, or any other applicable regulator in the jurisdiction where you reside, in the event that you think we’ve violated the applicable privacy laws and we haven’t addressed your request.
7. Legal basis for processing data
In this section, we identify the legal grounds on which we rely to process personal information.
In some cases, we have a legitimate interest to process the personal information that we collect, such as to develop, administer and support our products and services; to operate, evaluate and improve our business; to facilitate and manage engagement programs; to promote research; to support our recruitment activities; to facilitate a Corporate Transaction (including a sale of assets or merger or acquisition); or to fulfill our contracts with business partners, such as third parties that distribute our products.
It may also be necessary for us to process personal information to establish, exercise or defend against fraud, illegal activity, and claims and other liabilities, including by enforcing the terms and conditions that govern the services we provide.
We may also process personal information as specifically permitted by applicable legal requirements.
If we rely on consent for the processing of your personal information, we will seek such consent at the time we collect your personal information.
We retain personal data used for defense purposes for a maximum of ten (10) years from your most recent interaction with the app, or from the expiration of your subscription. If you access the app after your subscription has expired, the retention period starts from this most recent interaction. Specific legal obligations might require different retention periods and, in such cases, those different periods will apply. Upon the expiry of the retention period, the data is either deleted or anonymized.
We retain personal data used for the purpose of compliance with legal obligations for a maximum of five (5) years from your most recent interaction with the app, or from the expiration of your subscription. If you access the app after your subscription has expired, the retention period starts from this most recent interaction. Specific legal obligations might require different retention periods and, in such cases, those different periods will apply. Upon the expiry of the retention period, the data is either deleted or anonymized.
We retain the personal data for a maximum of three (3) years from your most recent interaction with the app, or from the expiration of your subscription. If you access the app after your subscription has expired, the retention period starts from this most recent interaction. After this period, unless any legal obligations require that the data is retained for longer, the data is either deleted or anonymized.
The images uploaded by the users of the Scan Hero app will be processed and stored by us for up to 48 hours. After this time, the image will be permanently deleted.
We may transfer your personal information to countries other than the country in which the data was originally collected for the purposes described in this Privacy Notice. For example, if you are located outside of the United States, we may transfer your personal information to the United States. The countries to which we transfer personal information may not have the same data protection laws as the country in which you initially provided the information. When we transfer personal information across borders, we consider a variety of requirements that may apply to such transfers.
Specifically, we may transfer personal information from the European Economic Area to:
If you are a California resident, the California Consumer Privacy Act (“CCPA”) may provide you with rights that are in addition to those set forth elsewhere in this Privacy Policy regarding our use of your personal information. The CCPA Notice applies to “Consumers” as defined by the law. This section describes your CCPA rights as a California Consumer and explains how to exercise those rights. See Sections 1 - 4 above to learn what information we collected from you and how it is collected, used and shared.
Access Rights
No more than twice in a twelve-month period, you may request the right to know what personal information we have collected about you, including the categories of personal information, specific pieces of personal information, categories of sources from which we collected your personal information, business or commercial purposes for our collection or sale of your personal information, and categories of third parties to whom we’ve disclosed your personal information.
Data Correction Rights
You may request to have inaccurate personal information corrected and updated.
Data Deletion Rights
Except to the extent we have a basis for retention under CCPA, you may request that we delete your personal information that we have collected directly from you and are maintaining. Note also that we are not required to delete your personal information that we did not collect directly from you.
Exercising Your Rights
To make a request for access, correction, or deletion according to your rights under CCPA, send your request to day2dayhabits@gmail.com. Consumers may exercise these rights via an authorized agent. We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm that the personal information relates to you. Any request you submit to us is subject to an identification and residency verification process (“Verifiable Consumer Request”).
The Verifiable Consumer Request must provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative; and describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
Some personal information we maintain about Consumers is not sufficiently associated with enough personal information about the Consumer for us to be able to verify that it is a particular Consumer’s personal information (e.g., clickstream data tied only to a pseudonymous browser ID). In accordance with the CCPA, we do not include that personal information in response to Verifiable Consumer Requests. If we cannot comply with a request, we will explain the reasons in our response.
We will make commercially reasonable efforts to identify Consumer personal information that we collect, process, store, disclose, and otherwise use and to respond to your California Consumer privacy rights requests. We will typically not charge a fee to fully respond to your requests, but we may charge a reasonable fee, or refuse to act upon a request, if your request is excessive, repetitive, unfounded, or overly burdensome.
Opt-Out
To make a request to opt-out of sale under CCPA, email day2dayhabits@gmail.com.
We will not discriminate against you in a manner prohibited by the CCPA because you exercise your CCPA rights. However, we may charge a different price or rate, or offer a different level or quality of good or service, to the extent that doing so is reasonably related to the value of the applicable data. In addition, we may offer you financial incentives for the collection, sale and retention and use of your personal information as permitted by the CCPA that can, without limitation, result in reasonably different prices, rates, or quality levels. The material aspects of any financial incentive will be explained and described in its program terms. We may add or change incentive programs and/or their terms by posting notice on the program descriptions and terms linked to above so check them regularly.
California’s “Shine the Light” law, Civil Code section 1798.83, requires certain businesses to respond to requests from California customers asking about the businesses’ practices related to disclosing personal information to third parties for the third parties’ direct marketing purposes. Alternately, such businesses may have in place a policy not to disclose personal information of customers to third parties for the third parties’ direct marketing purposes if the customer has exercised an option to opt-out of such information-sharing. As discussed above, if we share Personal Information with third parties for their marketing purposes you will be able to elect for us not to do so by submitting your request to day2dayhabits@gmail.com (please include your name, mailing address, and email address).
If you are a resident of Mainland China (“Mainland China”, for the purpose of this Privacy Policy, excluding the Hong Kong Special Administrative Region and the Macau Special Administrative Region, and Taiwan), the PRC laws and regulations contain rules that are in addition to those set forth elsewhere in this Privacy Policy regarding our collection, use, transfer and retention of your personal information.
Principles of Collection
We only collect your information to the extent necessary to provide one or more of the Services, and will do so only by fair and reasonable means. The legal basis for collecting and using the information depends on what the information is and the context in which we collect it. During your use of some features, we will collect your personal information after obtaining your consent. Unless the provision of such information is required by applicable laws and regulations, refusing to provide such information will only result in your inability to use the related features, and will not affect your use of other features.
Sensitive Personal Information
Access to sensitive personal information, such as contacts, exact location, camera, microphone and album, is disabled by default, and will only be enabled upon your express authorization. It is important to note that obtaining your authorization to access sensitive personal information is a necessary but not sufficient condition for us to collect certain information. Our acquisition of your authorization to access sensitive personal information does not mean that we will definitely collect your relevant information. We will only collect your sensitive personal information when there is a specified purpose and sufficient necessity and in accordance with this Privacy Policy. For the collection and processing of sensitive personal information, specific consent shall be obtained from you.
We place great value on the protection of minors’ personal information. As required by applicable laws and regulations, any user under the age of 14 shall obtain the written consent of his/her parent or statutory guardian prior to providing sensitive personal information to us.
Information Shared with a Third Party
We will share your personal information with third parties only in accordance with this Privacy Policy. Unless explicitly authorized by you, we will not share any information that can be used to identify your identity (such as your name or email address). We may, however, share non-personally identifiable, aggregated, and/or public information with third parties. We will direct all such third-party service providers to maintain the confidentiality of the information disclosed to them and not to use your information for any purpose other than that have been authorized by you.
Data Retention
We may retain your personal information for the longer of three (3) years after we become aware that you have ceased using our services or for so long as necessary to fulfill any contractual obligation governing the information or our legal and regulatory obligations. However, we may not know if you have stopped using our services, so we encourage you to contact us at the appropriate support email in the “How to Contact Us” section of this Privacy Policy if you are no longer using the services. We may retain other information that is not personally identifiable for backups, archiving, prevention of fraud and abuse, analytics, or where we otherwise reasonably believe that we have a legitimate reason to do so.
Upon the expiry of the retention period, unless any legal obligations require that personal information is retained for longer, the data is either deleted or anonymized.
If we discontinue providing our Services, we will notify you of such change by sending a notification, posting an announcement, or other means, and delete or anonymize your personal information within a reasonable period. “Anonymization” refers to the irreversible erasure or removal of sensitive personal information that leads to the information owner being identified. Any anonymized information shall not be considered as personal information.
Your personal information collected from Mainland China will be stored in a location within Mainland China in accordance with applicable laws and regulations. If it is necessary to change the location where your personal information is stored from Mainland China to another location outside Mainland China, the information transfer will be conducted in strict compliance with applicable laws.
Right to Delete Information
We will delete, and you have the right to request the deletion of, your personal information if the purpose of processing such personal information has been achieved or is unable to be achieved, or the personal information is no longer necessary for achieving such purpose, we cease the provision of the Service, or the required information retention period has expired, relevant authorization or consent is withdrawn by you, the processing of personal information by us is in violation of any applicable law, regulations or agreement, or any other circumstances as provided by applicable laws or regulations.
If the information retention period prescribed by law has not expired, or it is technically difficult to delete the personal information, we will cease the processing of such personal information, except for storage and any necessary measure taken to protect your personal information.
Device permissions
Mobile platforms have permission systems for specific types of device data and notifications, such as camera and microphone as well as push notifications. Where applicable, you can change your settings on your device to either consent or oppose the collection of the corresponding information or the display of the corresponding notifications. Of course, if you do that, certain services may lose full functionality.
Uninstall
You can stop all information collection by the app by disabling call forwarding and deactivating your account by following the instructions on the Service’s Settings screen and then uninstalling the app using the standard uninstall process for your device. If you uninstall the app from your mobile device, the unique identifier associated with your device will continue to be stored. If you re-install the application on the same mobile device, we will be able to re-associate this identifier to your previous transactions and activities.
If you receive commercial email from us, you may unsubscribe at any time by following the instructions contained within the email. You may also opt-out from receiving commercial email from us, and any other promotional communications that we may send to you from time to time, by sending a request to day2dayhabits@gmail.com. Please be aware that if you opt-out of receiving commercial email from us or otherwise modify the nature or frequency of promotional communications you receive from us, it may take up to ten business days for us to process your request, and you may receive promotional communications from us that you have opted-out from during that period. Additionally, even after you opt-out from receiving commercial messages from us, you will continue to receive transactional or administrative messages from us regarding the Services.
Location information
If you choose to opt-in, some of our apps may collect your device’s precise real-time location, and in such cases, you may be able to opt out from further allowing us to have access to such location data by managing your location preferences in the app and/or on your device.
Notice to Nevada users
We do not sell covered information, as defined under Chapter 603A of the Nevada Revised Statutes, and we do not have plans to sell this information. However, if you would like to be notified if we decide in the future to sell personal information covered by the Act, please contact us at day2dayhabits@gmail.com. You are responsible for updating any change in your email address by the same method and we are not obligated to cross-reference other emails you may have otherwise provided us for other purposes. We will maintain this information and contact you if our practices change.
New Privacy Laws
We understand that privacy laws are constantly evolving. New US state laws and new international privacy laws are consistently emerging, developing and being enacted. We will respect all applicable privacy laws.
Advertising Opt-Outs
You may choose whether to receive some Interest-based Advertising by submitting opt-outs. Some of the advertisers and Service Providers that perform advertising-related services for us and third parties may participate in the Digital Advertising Alliance’s (“DAA”) Self-Regulatory Program for Online Behavioral Advertising. To learn more about how you can exercise certain choices regarding Interest-based Advertising, including use of Cross-device Data for serving ads, visit http://www.aboutads.info/choices/, and http://www.aboutads.info/appchoices for information on the DAA’s opt-out program specifically for mobile apps (including use of precise location for third party ads). Some of these companies may also be members of the Network Advertising Initiative (“NAI”). To learn more about the NAI and your opt-out options for their members, see http://www.networkadvertising.org/choices/. Please be aware that, even if you are able to opt out of certain kinds of Interest-based Advertising, you may continue to receive other types of ads. Opting out only means that those selected members should no longer deliver certain Interest-based Advertising to you but does not mean you will no longer receive any targeted content and/or ads (e.g., from other ad networks). Also, if your browsers are configured to reject cookies when you visit these opt-out webpages, or you subsequently erase your cookies, use a different device or web browser or use a non-browser-based method of access (e.g., mobile app), your NAI / DAA browser-based opt-out may not, or may no longer, be effective.
When you allow Notifications, we may send you offers and promotions related to our products and features. You may opt-out of these through the Settings menu on your device.
We use various efforts intended to safeguard the security and integrity of personal information collected through our Services. Despite these measures, however, we cannot and do not guarantee that information will be absolutely safe from interception or intrusion during transmission or while stored on our system, or otherwise, and you provide information to us at your own risk.
If you correspond with us by email or using Web forms like a “contact us” feature available through our Services, you should be aware that your transmission might not be secure from access by unauthorized parties. We have no liability for disclosure of your information due to errors or unauthorized acts of third parties during or after transmission. If you create an account as part of using our Services, you are responsible for maintaining the confidentiality of your account password and for any activity that occurs under your account. Please notify us of any unauthorized use of your password or account.
If we believe that the security of your personal information in our care may have been compromised, we may seek to notify you. If we have your email address, we may notify you by email to the most recent email address you have provided us in your account profile. Please keep your email address in your account up to date. You can change that email address anytime in your account profile. If you receive a notice from us, you can print it to retain a copy of it. To receive these notices, you must check your email account using your computer or mobile device and email application software. We may also post a conspicuous notice on our site or notify you through the mobile application.
For your convenience and information, we may provide links to websites and other third-party content that is not owned or operated by us. The websites and third-party content to which we link may have separate privacy notices or policies. We are not responsible for the privacy practices of any entity that we do not own or control. We encourage you to review the privacy policies of such third parties before providing them with any personal information.
We reserve the right to update this Privacy Policy to reflect changes in our practices and services. When we post changes to this Privacy Policy, we will update the date of this Privacy Policy. Continued use of the Services after such date constitutes acceptance of such updates. When required by applicable law, we may inform you by additional means, such as through a notification on the website or in our mobile applications if we make material changes to how your personal information is collected, accessed or otherwise used as a result of your use of the Services or if your rights under this Privacy Policy are materially impacted by changes to our privacy practices. We recommend that you check this page from time to time to inform yourself of any changes in this Privacy Policy.
If you want to submit a request by email or if you have any other questions about privacy or data protection at Andrei Tsitou LLC, you can contact us at day2dayhabits@gmail.com.