Simple App Privacy Policy

Effective date for new users: June 13, 2023.

Effective date for existing users: June 16, 2023.

See the prior versions of our Privacy Policy here.

This Privacy Policy explains how Simple.Life Apps Inc. (further will be referred to as “we” or “us”) collects, stores, uses, and protects your personal data in connection with your use of our website simple.life and its related pages and our application “Simple: Intermittent Fasting” (together referred to as the “Services”, and the application is usually referred to as the “App” or the “application”). This policy also explains the rights you have in respect of the personal data we hold about you and the practices we implement to protect your privacy.

If you do not want us to process your personal data as it is described in this Privacy Policy, please do not use our Services.

US State Supplements:

TABLE OF CONTENTS:

  1. What Personal Data We Collect and Why
  2. Personal Data Retention
  3. Your Data Protection Rights
  4. Security Measures
  5. Children’s Privacy
  6. Sharing of Your Personal Data
  7. Cross-Border Data Transfers
  8. Cookies, Software Development Kits, and Other Tracking Technologies
  9. Your Choices About Our Communications With You
  10. Contact Us
  11. Changes to Our Privacy Policy

1. WHAT PERSONAL DATA WE COLLECT AND WHY

When you use our Services, we collect the following data about you:

Data category Collection means Purpose of collection and processing Legal basis for collection and processing
Your name, email and alias You provide it to us We use it for account creation Performance of a contract with you
  • Your age
 You provide it to us We use this information to verify if you are eligible to use our Services Contract (in case of health data processing, we also rely on your consent)
  • Your health data (such as information about your eating disorders)
  • Your sex
  • Weight
  • Height
  • Information about your eating patterns
  • Information about your activity patterns
  • Type of work you have (sedentary/active)
  • Information whether you have children
  • Information whether you are pregnant or breastfeeding
  • Information whether you have any metabolic diseases and what are they
  • Information about your drug consumption
  • Information that you choose to import from third-party services (such as Apple Health, Fitbit, Garmin)
 You provide it to us We use it to set up a safe plan for you and to let you track your certain characteristics (for example, your weight) Contract (in case of health data processing, we also rely on your consent)
We use it to provide you with more relevant educational articles in the app Legitimate interest (in case of health data processing, we also rely on your consent)
We use some of this information in a pseudonymized manner for our internal analytics Legitimate interest (in case of health data processing, we also rely on your consent)
We use it for research purposes. We may further share anonymized data with research institutions. Further, the information we get from the research may be published in blog posts, articles, or scientific publications Legitimate interest (in the case of health data processing, we also rely on your consent)
The photos you upload to the app You provide it to us We let you upload the photos of your food as a tool to recognize the food you eat and to track it, or the photos of yourself to keep track of your progress Contract
UserID We generate it automatically We match the data about you with such an ID as a means of pseudonymization of your personal data Legitimate interest
Device information (device ID, hardware model, its operating system and version of it, mobile network information, language, time zone, IP address, unique device identifiers) Collected automatically We use it to provide you with an appropriate version of the application, for analytics purposes, and for crash reports Legitimate interest
IDFA or Android Advertising ID (whichever is applicable to your device) Collected automatically upon your consent We use it for marketing purposes. Even if you have previously consented to it, you can disable the collection of these identifiers by:
  • For iOS device, go to Privacy settings to see a list of apps that request to track your activity. On iPhone or iPad, go to Settings > Privacy > Tracking
  • For Android device, go to Settings app, navigate to “Privacy” > “Ads”, tap “Delete Advertising ID”
 Consent
Your name, age, sex, country, amount of meals and liquids intake during the day, BMI, dietary patterns, subscription status, fasting status, current weight and target weight You provide it to us If you decide to communicate with our Avo chatbot, we use this information in prompts to provide you with safer experience and with a more personal approach Contract (in case of health data processing, we also rely on your consent)
Your name, email, country, contents of communications with support team Some of it you provide to us & some of it is collected automatically To communicate with you; to notify you about changes to the Services; to send you technical notice about your account / subscription, security alerts, administrative messages (may be sent via email, in-app or push notification). You may opt out of push notifications by changing the settings on your mobile device. It is our legal obligation to keep you informed about your subscription and your account and otherwise in our legitimate interests of keeping you informed about your account
Your name, email, country, information from onboarding (excluding your health data) You provide it to us directly To send marketing and promotional communications to you, such as via email, push n otification or in-app messaging Legitimate interest (or, where required by law, consent)
Information about your use of the application (for example, whether you use the application, frequency of your use, your engagement with features) Collected automatically We use it for the purpose of our analytics Legitimate interest
Information from onboarding on the website Some of it you provide to us & some of it is collected automatically To integrate your data between the website and the application in connection with your onboarding (for example, to identify you as an existing user in the application) Legitimate interest
Your device and browser information, user ID, your sex, custom events from the Services Some of it you provide to us & some of it is collected automatically Upon your consent, we share these data with marketing services to find similar audiences Consent
Information about your subscription status (this doesn’t include your full card details) Collected automatically We use it to provide you with our premium Services Contract
We use it for analytics Legitimate interest
Details confirming the existence of relationship between us and confirmation that relationship ended, if applicable (e.g., subscription order, payment confirmation, subscription cancellation, subscription price & duration, if you used the App) Collected automatically We use it to enforce and/or defend our rights in case of claims Legitimate interest

We call all the data listed above your “personal data”.

Other than with respect to your health data, we and third-parties we engage may use cookies, Software Development Kits (SDKs), and other tracking technologies to automatically collect the personal data set forth above. For more information regarding our use of these technologies, please see Section 8: Cookies, Software Development Kits, and Other Tracking Technologies.

Note about access to camera. When you choose to upload photos of your food to the app, you will typically grant us permission to access your camera or your device’s photo library. You provide such a permission through the request that appears on your mobile device (it may differ depending on your device’s operating system). You can revoke the permission through the settings on your mobile device, and here’s how to do it.

If you use an iOS device:

  1. On your iPhone or iPad open the Settings app.
  2. Scroll down and tap “Privacy”.
  3. Tap “Camera” or “Photos”.
  4. Next to Simple, toggle the permissions switching on or off.

If you use an Android device:

  1. On your device open the Settings app.
  2. Tap “Apps”.
  3. Tap “Simple”. If you can’t find it, tap “See all apps”, then choose Simple.
  4. Tap “Permissions”.
  5. To change a permission setting, tap it, then choose “Allow” or “Don’t allow”.

Note about Avo chatbot. The Avo chatbot integrated within the App is designed solely for the purpose of providing you with the best possible experience and support for your intermittent fasting journey. The chatbot is powered by Microsoft Azure OpenAI Service.

We do not use the data you share with the chatbot for any purpose other than those specified herein, and we do not sell or share your personal information with any third parties other than Microsoft Azure to provide the service. We collect only the information necessary to provide you with safe recommendations. Moreover, we do not use data shared with the chatbot to generally train and/or create our separate artificial intelligence/products.

  • What personal data is shared with Avo?
    • If you choose to use the Avo chatbot, we share some of your personal data with it. It implies that your personal data is processed by Microsoft Azure. The data we share includes the following: your name, age, gender, country, your Simple goals, and your account type (free/paid).
    • Upon your consent, we also share your health data with the chatbot. This helps us give you a safer and more personalized experience of communication with the chatbot. Examples of the health data we share are: your BMI, your weight and height, your target weight, your dietary patterns, fasting status, and your amount of meals and liquids that day. You can withdraw your consent at any time by sending us an email at [email protected]. Your consent withdrawal will not render the previous processing of data unlawful.
    • Please note that Microsoft Azure has the right to moderate communications with the chatbot.
  • How do we use your personal data? Information shared with Avo, including your food preferences, health conditions and other personal data, will be used by Avo to provide relevant and safe responses to your requests. In addition, Simple may use the information you share to improve Simple’s products and personalize your experience. We do not sell or share your chat contents with any third parties.
  • Where and how long are my conversations stored? All the conversations shared with Avo are stored on our Amazon Web Server (AWS) in the United States until you decide to delete these conversations.
  • How can I delete my conversations with Avo? You can delete chat contents with Avo at any time by sending us an email at [email protected].

 



2. PERSONAL DATA RETENTION

We retain your Personal Data for as long as your account is active or as needed for the purposes of processing. At any time, you can delete your account, as well as the Personal Data associated with it, in the app settings or by sending a request to [email protected]. Please note that we still may retain certain data about you if so needed due to applicable legislation requirements, any potential or ongoing dispute resolution, or in order to enforce our rights.

If you want to delete your account in the app, go to your profile settings, scroll down, and press the “Delete Account” button.

3. YOUR DATA PROTECTION RIGHTS

If you wish to exercise any of the rights you are entitled to under this Section, please contact us at [email protected].

EEA/UK residents. Individuals residing in the European Economic Area (“EEA”) and the United Kingdom (“UK”) have certain statutory rights in relation to their Personal Data including under the General Data Protection Regulation (Regulation (EU) 2016/679) (“EEA GDPR”) and the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2020 (SI 2020/1586), as may be amended from time to time (“UK GDPR”) (collectively, the “GDPR”), including the rights specified below.

  • Access to your Personal Data: You have a right to request information about whether we have any Personal Data about you, and to receive a copy of such Personal Data.
  • Rectification of your Personal Data: You are responsible for ensuring the accuracy of your personal data that you provide to us. Inaccurate information may affect your experience when using our Services and our ability to contact you as described in this Privacy Policy. If you believe that your personal data is incomplete or inaccurate, you have a right to contact us and ask us to correct such personal data
  • Restriction of processing: You also have the right to demand restriction of processing of your personal data, for example, if you contest the accuracy of the personal data which inaccuracy is verified by us.
  • Erasure of your Personal Data: In certain circumstances, you may ask us to erase your personal data. Please be aware that erasing some personal data may affect your ability to use our Services.
  • Right to portability of your personal data: In certain circumstances, you have the right to request us to receive any personal data you provided us in a structured, commonly used and machine-readable format. You may further ask us to give that personal data to another party.
  • Right to object processing or otherwise using your Personal Data: Where we are processing your personal data based on our legitimate interest, you may object to the processing or otherwise using your personal data. Please be aware that our inability to process or otherwise use some of your personal data may affect your ability to use our Services. If you have opted in to receiving marketing communications, you have the right to opt out of those at any time.
  • Right to withdraw your consent at any time: Where you may have provided your consent to the processing of your personal data for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. The withdrawal of your consent does not affect the lawfulness of the processing based on your consent before its withdrawal.
  • The right to lodge a complaint with your local data protection authority. Under GDPR, you have the right to lodge a complaint with a local data protection authority in the country of your residence, where you work or where an alleged infringement of the applicable data protection law took place. Please see a list of EU member states’ supervisory authorities here, and the UK’s supervisory authority (ICO) here. If you have such concerns about our data protection activities, we kindly ask you to first contact us at [email protected], and we will do our best to resolve the issue.

Please keep in mind that in case of a vague request to exercise any of the aforementioned right we may ask for more details if so needed to complete your request. If this is impossible, we reserve the right to refuse granting your request.

Following the provisions of the applicable law, we might also ask you to prove your identity (for example, by requesting your user ID or some other proof of your identity) in order for you to invoke the mentioned rights. We do so to ensure that no right of third parties are violated by your request, and the mentioned rights are exercised by an actual Personal Data subject or an authorized person.

Please note that we will process your request within one month after receiving it. We may extend this period by up to two months where necessary, taking into account the complexity and number of the requests. If we extend the response period, we will let you know within one month from your request. We will not discriminate against you for exercising your rights under the law.

4. SECURITY MEASURES

We use reasonable and appropriate information security safeguards to help keep your personal data secure and in an effort to protect it from accidental loss and unauthorized access, use, alteration and disclosure. Unfortunately, the transmission of information via the Internet is not completely secure. Although we take measures to do our best to protect your personal data, we cannot guarantee the security of the collected information transmitted to or through our Services or an absolute guarantee that such information may not be accessed, disclosed, altered, or destroyed. Any transmission of your personal data is at your own risk. We are not responsible for the circumvention of security measures contained in the App.

If you want to report a security incident related to our Services, please contact us at [email protected].

5. CHILDREN’S PRIVACY

Our Services are not intended for or directed at children under 18, and we do not knowingly collect or solicit any information from anyone under the age of 18 or knowingly allow any such persons to use our Services (in accordance with the eligibility requirements under our Terms of Use).

If you are under 18, do not: (i) use or provide any information in our Services or through any of its features, or (ii) provide any information about yourself to us, including your name, address, telephone number or email address. If you are a parent or guardian and believe we have collected information from your child who is under the age of 18, please contact us at [email protected].

6. SHARING OF YOUR PERSONAL DATA

We may disclose the information we process about you, including your personal data, as follows:

  • We may share your personal data with businesses that are legally part of the same group of companies that we are part of, including our subsidiaries (“Affiliates”). The Affiliates act as our data processors and may perform data processing on our behalf (e.g., providing technical support or conducting analytics). Such Affiliates are bound by appropriate contractual safeguards. Our Affiliates are:
    • Palta People Ltd, based in Cyprus (data processor for internal processing activities)
    • Palta Poland sp. z o.o., based in Poland (data processor for internal processing activities)
    • Palta UK Ltd., based in the United Kingdom (data processor for internal processing activities)
    • Palta Software Ltd, based in Cyprus (data processor for the purpose of internal analytics)
  • We may disclose your personal data, and other collected information to third-party organizations such as contractors, business partners, service providers, and vendors that we use to support our business and who assist us in providing Simple. Such service providers may include:
    • cloud provider Amazon Web Services (USA), which we use to store your personal data;
    • email delivery providers.
  • We may disclose your personal data to Microsoft Azure OpenAI if you decide to use our Avo chatbot (AI nutrition chatbot.
  • We may disclose your personal data to third-party analytics providers and advertising partners or otherwise permit them to collect or access it. For more information, please see Section 8: Cookies, Software Development Kits, and Other Tracking Technologies.
  • We may disclose your personal data in the event that we or any of our affiliates, subsidiaries or lines of business is merged, acquired, divested, financed, sold, disposed of or dissolved, including in the course of a transaction like a merger, divestiture, restructuring, reorganization, acquisition, bankruptcy, dissolution, liquidation. In such cases, your personal data and any other collected information may be among the items sold, transferred, or otherwise disclosed as part of that transaction or proceeding.
  • We may disclose your Personal Data in response to legal requests and for purposes of preventing harm. We may access, preserve and share your information in response to a legal (like a search warrant, court order or subpoena), government or regulatory request if we have a good faith belief that the law requires us to do so. This may include responding to legal, government or regulatory requests from jurisdictions where we have a good faith belief that the response is required by law in that jurisdiction, affects users in that jurisdiction, and is consistent with internationally recognized standards. We may also access, preserve and share information when we have a good faith belief it is necessary to: (i) detect, prevent and address fraud and other illegal activity; (ii) protect ourselves, you and others, including as part of investigations; and (iii) prevent death or imminent bodily harm. Information we receive about you may be accessed, processed and retained for an extended period of time when it is the subject of a legal request or obligation, governmental investigation, or investigations concerning possible violations of our terms or policies, or otherwise to prevent harm.

7. CROSS-BORDER DATA TRANSFERS

Where required under the EEA GDPR, in case of transfers of personal data from the EEA to countries outside the EEA, where we cannot rely on adequacy decisions adopted by the European Commission (for more information, please see here) we ensure appropriate safeguards are in place to guarantee the continued protection of your personal data, particularly by signing the Standard Contractual Clauses of the European Commission (article 46(2)© GDPR). For more information on these Standard Contractual Clauses, please see here.

Where required under the UK GDPR, in case of transfers of personal data to countries outside the United Kingdom, we ensure appropriate safeguards are in place to guarantee the continued protection of your personal data, particularly by signing the UK Addendum to the EU Standard Contractual Clauses or the UK International Data Transfer Agreement, whichever is more appropriate in the given situation. For more information on UK Addendum and the UK International Data Transfer Agreement please see here. We may also guarantee the protection of your personal data by relying on adequacy decisions adopted or approved by the authorities in the United Kingdom.

8. COOKIES, SOFTWARE DEVELOPMENT KITS, AND OTHER TRACKING TECHNOLOGIES

When you use our Services, we and our service providers, vendors, and partners, including third parties, may use cookies (a small text file placed on your computer or mobile device to identify your computer and web browser) and other similar technologies to collect or receive certain information about you and/or your use of our Services. We also use third-party analytics tools like Google Firebase, AppsFlyer, and Amplitude to help us measure traffic and usage trends of our Services, as well as for other purposes. Such analytics tools collect information via third-party SDKs incorporated into the App, which includes information about features of the App you visit or use, your actions in the App, and information about your subscription. Such information may be used to provide content, advertising, or functionality. Third parties may also use such information for their own purposes. For the avoidance of doubt, we do not use health data for advertising purposes.

Interest-based Advertising. We may partner with ad networks and other ad-serving providers that serve ads on behalf of us and others on non-affiliated platforms. Some of those ads may be personalized, meaning that they are intended to be relevant to you based on information ad networks and ad serving providers collect about your use of the App over time, including information about relationships among different browsers and devices. This type of advertising is known as interest-based advertising.

Your Choices. Most browsers and devices are configured to accept cookies and similar tracking technologies automatically. You may be able to set your browser and device options so as to limit such technologies. You can visit the Digital Advertising Alliance (“DAA”) Webchoices tool at www.aboutads.info to learn more about this interest-based advertising and how to opt out of this kind of advertising by companies participating in the DAA self-regulatory program, and http://www.aboutads.info/appchoices for information on the DAA’s mobile app opt-out program. You can also opt out of receiving interest-based ads from members of the Network Advertising Initiative (“NAI”) by visiting the NAI consumer opt-out page at http://optout.networkadvertising.org/?c=1#! /. Opting out of receiving interest-based ads does not mean that you will no longer receive ads from us, but rather that the ads will not be tailored to your perceived interests.

For users in the European Economic Area, United Kingdom, and United States. You can manage the collection and processing of Personal Data via cookies, SDKs, and other tracking technologies by contacting us at [email protected].

You may find that some parts of the App may not function properly if you have refused cookies or similar tracking technologies, and you should be aware that disabling cookies or similar tracking technologies may prevent you from accessing some of our content. Your choices are typically device and browser specific.

9. YOUR CHOICES ABOUT OUR COMMUNICATIONS WITH YOU

If you are using our Services, you may receive electronic communications from us (e.g., by posting in-app notices, via push notifications or emails). We send some of these communications to you, such as those related to your subscriptions, technical and security notices, and updates to the Privacy Policy and Terms of Use, where necessary to perform our contract with you to provide the App or otherwise based on our legitimate interest in contacting you.

If required by law, we will ask for your consent to send you promotional and marketing emails, in-app communications, and push notifications about new products, features, or offers related to our Services.

Marketing & Promotional Emails. If you wish to opt-out of our promotional and marketing emails, you can do so by following the “Unsubscribe” links in any marketing email sent to you.

Push Notifications. If you wish to opt-out of push notifications, you can do so through your mobile device settings by tapping “Settings” -> “Notifications” -> Choose Simple — > press the toggle to allow or forbid push notifications from the app.

10. CONTACT US

General contact details. If you have any questions about this Privacy Policy or Simple, please contact us via email at [email protected] or our mailing address:

Simple.Life Apps, Inc.

8 The Green, Ste A, City of Dover,

County of Kent, DE 19901, USA.

Appointed EEA/UK representative. If you are a resident of the EEA or the UK and you have any questions about this Privacy Policy or Simple, please contact us via email at [email protected] or at our EEA/UK representative mailing address:

EEA representative: DPOEU LTD

Nikolaou Lazarou 13, 3020, Limassol, Cyprus

Email: [email protected]

UK representative: Palta UK Ltd
Sterling House Fulbourne ROA, Walthamstow, London, E17 4EE
Email: [email protected]

11. CHANGES TO OUR PRIVACY POLICY

The date this privacy policy was last reviewed is indicated at the top of the page. The Company may modify or update this privacy policy from time to time. Some changes do not require your consent: for example, when we add a new purpose of processing that is compatible with the existing purposes, or the new processing activity that falls under the users’ reasonable expectation. However, if the changes made may pose risk to your rights and freedoms (for example, by including a new purpose of the processing that is not compatible with the existing purposes of processing, a new legal basis, or a new category of personal data to be collected or a new data subject, all of which are not reasonably expected by the users), we will ask for your consent to those changes separately from this privacy policy. If you did not receive a request for your consent to the changes or refused to give consent, those changes will not apply to you. That fact can negatively affect some of our Services provided to you if those Services inevitably include consent to the changes.