Effective date: September 27, 2024
See the prior versions of our Privacy Policy here.
This Privacy Policy explains how Simple.Life Apps Inc, a Delaware corporation with registration no. 7688095 and registered address 8 The Green, Ste A, City of Dover, County of Kent, DE 19901, USA; and AM APPS Ltd, a Cyprus company with registration no. ΗΕ 392517 and registered address 33 Agiou Athanasiou Avenue, Office 1st Floor, 4102, Agios Athanasios, Limassol, Cyprus (collectively referred to as “Simple”, “Company”, “us” or “we”) collect, store, use, and protect your personal data in connection with your use of our Simple mobile application “SIMPLE” (the “App”), our websites (including but not limited to simple.life, simple-life-app.com), our blog, and all related services, features, and content (collectively the “Services”) . This Privacy Policy also explains the rights you have in respect of the personal data we hold about you and the practices we implement to protect your privacy.
For the purposes of this Privacy Policy, Simple acts as the Data Controller of your personal data.
Any translation of the English version of this Privacy Policy is provided solely for your convenience. In case of any differences between the English version and any other translation, the English version shall prevail and shall be the only legally binding version.
If you do not want us to process your personal data as it is described in this Privacy Policy, please do not use our Services.
US State Supplements:
TABLE OF CONTENTS:
When you use our Services, we collect the following data about you:
Purpose of collection and processing | Data categories | Collection means | Legal basis for collection and processing |
To provide core features of the App (it includes, but is not limited to, intermittent fasting plan preparation, food and water intake tracking, Avo communication) To verify user against existing requirementsProvision of premium features available at additional charge to the users | Unique user ID, meals and drinks tracking, symptoms tracking, health status, fasting schedule, weight, height, BMI, dietary patterns, activity patterns, device data, age, gender, uploaded photos, your replies to the onboarding questionnaire (including but not limited to your weight loss barriers, weight loss drivers, movement and wellbeing patterns) The data you log and track The facts you share with Avo or inferences made during the chat with you (including but not limited to your energy levels, fasting schedule and your satisfaction with it, nutrition goals, meal preferences and dislikes, general health status, dietary adjustments, information about your family and support, as well as your flexibility and adaptability in dietary changes) Restaurant map feature: the photos of the menus, the history of establishments visited, venue locations, venue rating and venue title, date of visit Premium users: payment data | You provide it to us Unique user ID: we assign it to you automatically Device data: collected automatically | Contract Consent for special category data Premium users: contract, consent and legal obligation for payments |
AI Avo chat safeguards to prevent harm and personalize response | Name The data you log and track (including meal logs and nutrition score, fasting logs (fasting duration, status and schedule; symptoms tracked during fasting if any)) Hydration: goal and progress Activity: goals and progress Body status state Your replies to the onboarding questionnaire (including but not limited to your health conditions, medications intake) Age, Gender, Country, BMI, current weight, target weight, measurement system, current time, user language, Account type The facts you share with Avo or inferences made during the chat with you (including but not limited to your energy levels, fasting schedule and your satisfaction with it, nutrition goals, meal preferences and dislikes, general health status, dietary adjustments, information about your family and support, as well as your flexibility and adaptability in dietary changes) | You provide it to us or collected automatically | Vital interest Legitimate interest, where vital interest does not apply |
To create your account with Simple | Your name, email address, country, unique user ID, age, subscription data, device data | You provide it to us Unique user ID: we assign it to you automatically Device data: collected automatically | Contract |
We match the data about you with such an ID as a means of pseudonymization of your personal data | UserID | We generate it automatically | Legitimate interest |
To connect Avo to your messenger apps (e.g., WhatsApp) | Telephone number | You provide it to us | Contract |
To provide you with customer support and manage your account | Name, email address, contents of communication | You contact Simple support for help with the account | Legitimate interest |
To review App content, feedback, and complaints raised to ensure medical safety and accuracy of the App | Name, email address, contents of communication | You contact Simple support or leave a public feedback / complaint | Legitimate interest |
To send you technical notices and updates, investigate incidents, and send security alerts. To send you support and administrative messages | Name, email address | You provide it to us during onboarding | Legitimate interest |
To integrate data between the website and the App in connection with the users onboarding (e.g., when you sign up for the Services on the Website, we use a third party, AppsFlyer, to help us identify you as an existing user when you use the App) | Unique user ID | We generate it automatically | Legitimate interest |
Solely with respect to information you agree to share, we use it for Simple promotional purposes. If you have previously consented to it, you can disable the collection of the information by: For iOS device, go to Privacy settings to see a list of apps that request to track your activity. On iPhone or iPad, go to Settings > Privacy > TrackingFor Android device, go to Settings app, navigate to “Privacy” > “Ads”, tap “Delete Advertising ID” | *No special category data IDFA or Android Advertising ID (whichever is applicable to your device) IDFV Country IP address Age group Gender Subscription status App use information Device details Mobile network operator information User clicks in particular ads | Collected automatically upon your consent | Consent |
To send you our special offers and insights | *No special category data Email, country, age, unique user ID, subscription status | You provide it to us during onboarding or collected automatically | Consent Where applicable — legitimate interest |
We use it to enforce and/or defend our rights in case of claims | Details confirming the existence of relationship between us and confirmation that relationship ended, if applicable (e.g., subscription order, payment confirmation, subscription cancellation, subscription price & duration, if you used the App) | Collected automatically | Legitimate interest |
Leaving a review via our trusted partners, such as TrustPilot | Name, email, user ID, review content | You provide it to us | Legitimate Interest |
To research and analyze your use of the Services.This helps us to better understand our business, analyze our operations, maintain, improve, plan, design, and develop the Services and our new products. We also use data for statistical analysis purposes, to test and improve our Services. This enables us to better understand what features of the Services our users like more, and what categories of users use our Services. | App usage data Your logs and tracking data Restaurant map feature: the photos of the menus, the history of establishments visited, venue locations, venue rating and venue title, date of visit | Collected automatically | Legitimate interest |
For US users: we use it for tax purposes. For example, to calculate the applicable sales tax of your transaction depending on your State. | Zip / Post Code | You provide it to us or collected automatically | Legal obligation |
We call all the data listed above your “personal data”.
Other than with respect to your health data, we and third-parties we engage may use cookies, Software Development Kits (SDKs), and other tracking technologies to automatically collect the personal data set forth above. For more information regarding our use of these technologies, please see Section 8: Cookies, Software Development Kits, and Other Tracking Technologies.
Note about access to camera. When you choose to upload photos to the App, you will typically grant us permission to access your camera or your device’s photo library. You provide such a permission through the request that appears on your mobile device (it may differ depending on your device’s operating system). You can revoke the permission through the settings on your mobile device, and here’s how to do it.
If you use an iOS device:
If you use an Android device:
Note about payment data. When you make payments through the Services, you need to provide payment data, such as your credit card number, to our third-party service providers that act as our data and payment processors. We do not collect or store, or have access to full credit card number data, though we may receive some limited information, including without limitation redacted credit card-related data (including a secure token reflecting your payment method), data about Services purchased, date, time and amount of the purchase, and the type of payment method used.
Aggregated information. We may aggregate, anonymize, or de-identify your personal data so that it cannot be reasonably used to identify you. We may share such data with third parties such as academic research institutions or use the data for statistical purposes. For example, we may share or use general age and demographic information and aggregate statistics about certain activities or symptoms from data collected to help identify patterns across users in articles, blog posts, and scientific publications.
For certain targeted academic or user research studies, we will contact you and rely on your consent. You can withdraw your consent at any time by contacting us at [email protected].
Avo AI chatbot. The Avo AI chatbot supports you on your wellness journey, it will answer your questions and help you learn more about living a healthier lifestyle. Avo may be sending daily check-ins, troubleshooting issues that you may face, and providing recommendations for next actions. You may also be able to communicate with Avo through third-party messengers (e.g., via WhatsApp).
The chatbot is powered by Microsoft Azure OpenAI Service, and OpenAI (e.g. GPT – 4 Turbo API and GPT – 4 Vision API). Microsoft Azure has the right to moderate communications within the chatbot; we reserve the right to grant similar rights of moderation to other vendors where needed, which will be promptly added to this Privacy Policy.
Health Connect. If you are an Android user and choose to share some or all of your Health Connect data with us, please note that our use of information received from Health Connect adheres to the Health Connect Permissions policy, including Google’s Limited Use requirements.
We retain your Personal Data for as long as your account is active or as needed for the purposes of processing.
At any time, you can delete your account, as well as the Personal Data associated with it, in the App settings (go to profile settings, scroll down, and press the “Delete Account” button) or by sending a request to [email protected]. We will address your deletion request within one month after the request receipt. It may take us up to 90 days in some cases to complete full erasure of your personal data stored in our backup systems. If you choose to deactivate your account, Simple will generally delete your personal data, and it will not be recoverable should you later create another account.
Please note that we still may retain certain data about you if so needed due to applicable legislative requirements, any potential or ongoing dispute resolution, or in order to enforce our rights.
If you wish to exercise any of the rights you are entitled to under this Section, please contact us at [email protected].
EEA/UK residents. Individuals residing in the European Economic Area (“EEA”) and the United Kingdom (“UK“) have certain statutory rights in relation to their Personal Data including under the General Data Protection Regulation (Regulation (EU) 2016/679) (“EEA GDPR“) and the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2020 (SI 2020/1586), as may be amended from time to time (“UK GDPR“) (collectively, the “GDPR“), including the rights specified below.
Please keep in mind that in case of a vague request to exercise any of the aforementioned rights we may ask for more details if so needed to complete your request. If this is impossible, we reserve the right to refuse granting your request.
Following the provisions of the applicable law, we might also ask you to prove your identity (for example, by requesting your user ID or some other proof of your identity) in order for you to invoke the mentioned rights. We do so to ensure that no rights of third parties are violated by your request, and the mentioned rights are exercised by an actual data subject or an authorized person.
We will process your request within one month after receiving it. We may extend this period by up to an additional two months where necessary, taking into account the complexity and number of the requests. If we extend the response period, we will let you know as soon as possible. We will not discriminate against you for exercising your rights under the law.
We use reasonable and appropriate information security safeguards to help keep your personal data secure and in an effort to protect it from accidental loss and unauthorized access, use, alteration and disclosure. This includes:
Unfortunately, the transmission of information via the Internet is not completely secure. Although we take measures to do our best to protect your personal data, we cannot guarantee the security of the collected information transmitted to or through our Services or an absolute guarantee that such information may not be accessed, disclosed, altered, or destroyed. Any transmission of your personal data is at your own risk. We are not responsible for the circumvention of security measures contained in the App.
If you want to report a security incident related to our Services, please contact us at [email protected].
Our Services are not intended for or directed at children under 18, and we do not knowingly collect or solicit any information from anyone under the age of 18 or knowingly allow any such persons to use our Services (in accordance with the eligibility requirements under our Terms of Use).
If you are under 18, do not: (i) use or provide any information in our Services or through any of its features, or (ii) provide any information about yourself to us, including your name, address, telephone number or email address. If you are a parent or guardian and believe we have collected information from your child who is under the age of 18, please contact us at [email protected].
We may disclose the information we process about you, including your personal data, as follows:
Simple.Life Apps Inc. is based in the United States (“US”). Personal data we collect is transferred to and processed in the US (where it is governed by the US law) and to other countries (where it is governed by the laws of those countries).
Transfers of personal data outside of the European Union, the European Economic Area, and the United Kingdom. Where required under the EEA GDPR, in case of transfers of personal data from the EEA to countries outside the EEA, where we cannot rely on adequacy decisions adopted by the European Commission (for more information, please see here) we ensure appropriate safeguards are in place to guarantee the continued protection of your personal data, particularly by signing the Standard Contractual Clauses of the European Commission (article 46(2)(c) GDPR). For more information on these Standard Contractual Clauses, please see here.
Where required under the UK GDPR, in case of transfers of personal data to countries outside the United Kingdom, we ensure appropriate safeguards are in place to guarantee the continued protection of your personal data, particularly by signing the UK Addendum to the EU Standard Contractual Clauses or the UK International Data Transfer Agreement, whichever is more appropriate in the given situation. For more information on the UK Addendum and the UK International Data Transfer Agreement please see here. We may also guarantee the protection of your personal data by relying on adequacy decisions adopted or approved by the authorities in the United Kingdom.
When you use our Services, we and our service providers, vendors, and partners, including third parties, may use cookies (a small text file placed on your computer or mobile device to identify your computer and web browser) and other similar technologies to collect or receive certain information about you and/or your use of our Services.
However, it’s not only cookies that can be used in this way. Functions performed by a cookie can be achieved by other means, too. This Section, therefore, also applies to any similar technology that stores or accesses information on your device. This could include, for example, HTML5 local storage, local shared objects, beacons, pixels, and plug-ins.
We also use third-party analytics tools to help us measure traffic and usage trends of our Services, as well as for other purposes. Such analytics tools collect information via third-party SDKs incorporated into the App, which includes information about features of the App you visit or use, your actions in the App, and information about your subscription. Such information may be used to provide content, advertising, or functionality. Third parties may also use such information for their own purposes. For the avoidance of doubt, we do not use health data for advertising purposes.
Interest-based Advertising. We may partner with ad networks and other ad-serving providers that serve ads on behalf of us and others on non-affiliated platforms. Some of those ads may be personalized, meaning that they are intended to be relevant to you based on information ad networks and ad serving providers collect about your use of the App over time, including information about relationships among different browsers and devices. This type of advertising is known as interest-based advertising.
Your Choices. Most browsers and devices are configured to accept cookies and similar tracking technologies automatically. You may be able to set your browser and device options so as to limit such technologies. You can visit the Digital Advertising Alliance (“DAA”) Webchoices tool at www.aboutads.info to learn more about this interest-based advertising and how to opt out of this kind of advertising by companies participating in the DAA self-regulatory program, and http://www.aboutads.info/appchoices for information on the DAA’s mobile app opt-out program. You can also opt out of receiving interest-based ads from members of the Network Advertising Initiative (“NAI”) by visiting the NAI consumer opt-out page at http://optout.networkadvertising.org/?c=1#!/. Opting out of receiving interest-based ads does not mean that you will no longer receive ads from us, but rather that the ads will not be tailored to your perceived interests.
Google Analytics. We use Google Analytics. To check how Google uses your personal data when you use or interact with our Services, visit “How Google uses information from sites or apps that use our services“. To opt out of being tracked by Google Analytics across all websites, visit http://tools.google.com/dlpage/gaoptout.
For users in the European Economic Area, United Kingdom, and United States. You can manage the collection and processing of Personal Data via cookies, SDKs, and other tracking technologies by contacting us at [email protected].
You may find that some parts of the App may not function properly if you have refused cookies or similar tracking technologies, and you should be aware that disabling cookies or similar tracking technologies may prevent you from accessing some of our content. Your choices are typically device and browser specific.
For more details on our use of tracking technologies, please see our Cookie Notice.
If you are using our Services, you may receive electronic communications from us (e.g., by posting in-app notices, via push notifications or emails). We send some of these communications to you, such as those related to your subscriptions, technical and security notices, and updates to the Privacy Policy and Terms of Use, where necessary to perform our contract with you to provide the App or otherwise based on our legitimate interest in contacting you.
If required by law, we will ask for your consent to send you promotional and marketing emails, in-app communications, and push notifications about new products, features, or offers related to our Services.
Marketing & Promotional Emails. If you wish to stop receiving our promotional and marketing emails, you can do so by following the “Unsubscribe” links in any marketing email sent to you.
Push Notifications. If you wish to stop receiving push notifications, you can do so through your mobile device settings by tapping “Settings” -> “Notifications” -> Choose Simple – > press the toggle to allow or forbid push notifications from the App.
General contact details. If you have any questions about this Privacy Policy, please contact us via email at [email protected].
Appointed EEA/UK representative. If you are a resident of the EEA or the UK and you have any questions about this Privacy Policy, please contact us via email at [email protected] or via our EEA/UK representatives email addresses:
Email: [email protected] (please indicate that you are “Simple” app user)
The date this Privacy Policy was last reviewed is indicated at the top of the page. The Company may modify or update this Privacy Policy from time to time. Some changes do not require your consent or notification: for example, when we make changes for the sake of transparency, when we add a new purpose of processing that is compatible with the existing purposes, or a new processing activity that falls under the users’ reasonable expectations. However, if the changes made may pose risk to your rights and freedoms (for example, by including a new purpose of processing that is not compatible with the existing purposes of processing, a new legal basis, or a new category of personal data to be collected or a new data subject, all of which are not reasonably expected by the users), we will ask for your consent to those changes separately from this Privacy Policy. If you did not receive a request for your consent to the changes or refused to give consent, those changes will not apply to you. This can negatively affect some of our Services provided to you if those Services inevitably require consent to the changes.