Privacy Policy

At Hello Inside, we’re continuously striving to provide you with the best possible experience – and your privacy is important to us.

With the following Privacy Policy we want to:

• make it easier for you to understand which data we collect and how we use it
• give you increased control over your data
• and provide a detailed explanation of your rights as a user.

GENERAL

Controller. Roots Health GmbH, FN 550059 k, Kopernikusgasse 8/20, 1060 Wien, Austria (see our imprint) (“Roots Health“, “we”, “us”). We process your personal data as a controller when you use our app or website (“Website” and, together with the Apps, “Products“) or otherwise get in contact and communicate with us.

Applicable Law. The processing of your personal data takes place in compliance with applicable local data privacy laws, e.g. the EU General Data Protection Regulation (“GDPR“) or the Austrian data protection act in its current form.

Content. In this privacy policy (“Privacy Policy”) we want to provide you with information about us, the nature, scope and purposes of the data processing, e.g. collection and use, giving you insights into the processing of your personal data related to the use of our Products. Please note that the processing of personal data of business partners and applicants is not subject to this Privacy Policy. Corresponding information can be found in separate privacy policies.

Contact. Our general point of contact for all questions, requests or concerns in regard to the processing of personal data is the email address: [email protected] (“the Email Address“). In addition, you can also contact us by mail at the above-mentioned postal address, to the attention of the Data Protection Officer

Data Protection Officer. Our Data Protection Officer can be contacted under the Email Address. Should you have any questions regarding the processing of your personal data, please do not hesitate to contact him/her.

CATEGORIES OF PERSONAL DATA WE PROCESS

Data Sources. Hello Inside processes personal data that you directly or indirectly make available to us, for example by using our Products, that others provide to us, for example when you link your profile with a Partner Platform, or that we generated on our own, for example your user ID. Please note that the exact amount of personal data we process regarding you depends on how you use our products. Therefore, we may not process personal data concerning you in all categories.

Categories of personal data we collect from you or generate. These are the categories of personal data we might collect directly or indirectly from you and/or generate on our own

Identity information – Any information that identifies you as an individual living person, including but not limited to: name (first name, last name, initials), date of birth, e-mail address, gender, profile picture, unique customer identifier number and password 

Contact information – Any information that can be used to contact you, including but not limited to: phone number, shipping and billing address, e-mail address, social media handles or any other communication channel you have used to contact us.

Location information – Any information we can use to know or guess where you are, real time or otherwise, including but not limited to: chosen residential location, current log-in location (IP address), real-time device location information via device sensors and signals, GPS location (if you wish to it share with us, for example through your mobile device settings) or information that helps us guess where you may be such as the specific Hello Inside website you have visited that might give us clues about where you are or when you “check-in” to an event or website on a social media page indicating location, if it is shared with us.

Size information – Any information related to your body measurements, including but not limited to: height, weight, circumferences, etc..

Purchase Information – Any information we use to complete or in relation to your purchase record and invoice, including but not limited to: payment provider, duration of Hello Inside subscription, price, currency and VAT (based on country info). Although we do not store or otherwise process any credit card or bank details ourselves, we process a payment ID number given by the respective Payment Service Provider and can be allocated to you.

Profile and Community Information – Any information you provide to us in your social profile and/or when interacting with our communities and other users, including but not limited to: follower information in the Hello Inside community, information provided when you participating in Hello Inside events/challenges and groups/communities either as a trainer, team member, a participant or as a promoter, pictures and videos you share, information you provide in your profile biography, team memberships and roles there, interests, feedback, likes and comments, leaderboard rankings, event participation, joined groups including roles as well as challenge participations and success.

If you explicitly allow us to access your phone book, we will compare the email addresses of your contacts with email addresses from registered users within the Hello Inside community and show you a list of people you might want to follow. Anyhow, we do not store this information.

Social Media Information – Any information about you we obtain through your interaction with us on social media channels, including but not limited to: any social media information that is publicly available such as your social media handles, social media interactions and public postings, “Likes” and other reactions, social media connections, photos that are public, or those send to us by mentioning us or following our social media posts by using “handles” or “hashtags” and comments or messages you shared with us publicly or privately on social media platforms.

Device Information – Any information related to your (mobile) device, which is collected by our Apps, including but not limited to: device EUI, device ID, device fingerprint, IP/Wifi Information, operating system, data stored on device when access is granted, log information when access to device is granted, Partner Platform Apps installed and device type and version.

Browsing information – Any information on your browsing behavior, including but not limited to: browser name, IP address, clickstream data, date and time of the visit, time remained on Website, pages visited, links clicked in our marketing messages or Website, transmitted data volume, the referral URL (if you came to our Website via a different site or an advertisement), browser language and version and add-ons.

Activity information – Any information connected to your metabolic activities which you track using our Products or import, including but not limited to: activity type (meal, exercise, fasting, mood, sleep), exercise routine (start, finish time, duration), glucose score (day, meal, etc.), nutrition information, photos and personal notes.

Correspondence – Any information you share through correspondence you have with our Customer Happiness Agents, and/or other employees and personnel including any opinion you share with us that indicate your point of view and comments. This may include when you provide us feedback and review rating our service or products, or if you participate in any product research and development surveys.

Preference Information – Any information which indicates your preference whether explicitly, if provided by you, or inferred, including but not limited to: activity preference, site/brand preference, preferred language, product and product attributes preferences, units (glucose, weight, temperature) and personal goals and motivation (e.g. motivations, etc.)

Personal Data we receive from others. This is the personal data we receive from the following third parties:

Registration via Apple, Facebook or Google – If you register an Hello Inside account via social login, we will receive the following information from the respective provider:

• Apple Inc. (1 Apple Park Way Cupertino, CA 95014-0642 USA, “Apple”): First and last name, email address (if granted), gender and birthdate.
• Facebook Inc. (1601 South California Avenue, Palo Alto, CA 94304, USA, “Facebook”): First and last name, email address, gender, birthdate and profile picture.
• Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA, “Google”): First and last name, email address, gender, birthdate and profile picture.

Facebook Friend List – We will receive information about your friends on Facebook from Facebook if you explicitly allow us to access it. We will use this information to make suggestions on people you might want to follow in the Products, but do not store it.

Partner Platforms – We offer an automatic import of your activity information from other platforms we have a partnership with (“Partner Platforms”). However, we only import personal data from Partner Platforms if you have given us and the partner the order to connect your Hello Inside account with the respective Partner Platform.

Apple HealthKit – We provide the opportunity to sync our Products with Apple’s (Apple Inc., One Apple Park Way, Cupertino, CA 95014, USA; “Apple”) HealthKit framework, which provides a central repository for health and fitness data on iPhone and Apple Watch.

Within the Health Kit settings, you can decide if you want to allow our Products to read the personal data listed there and import it to the Products, to write personal data collected in our Products in the Health Kit or both.

Google Fit – We provide the opportunity to sync our Products with Google’s Fit SDK which is an open platform that lets users control their fitness data.

Within Google Fits settings you can decide if you want to allow the Products to read personal data listed in Google Fit and import it to the Products, to write personal data collected in our Products in Google Fit or both.

PURPOSE AND LEGAL BASIS FOR PROCESSING OF PERSONAL DATA

General Information. In general, we collect and use personal data for specific purposes. However, please note that we may sometimes also use such personal data for other purposes if we have the right and permission (“legal basis”) to do so.

In this section, we provide details to all scenarios and reasons (“purposes”) where we may collect (directly and indirectly) and otherwise process your personal data. We will provide information on the legal basis of these processing activities, on what categories of personal data are affected and on categories of third parties that we share data with for the respective purpose.

Communication. We process personal data in order to communicate with you regarding the user agreement you have with us. This includes for example sending you information on changes to our Terms and Conditions or Privacy Policy, sending you invoices for paid subscriptions or information on new features of our Products of the potential fade out of certain features.

The legal basis for these processing activities is the performance of your contract with us.

The data categories processed for this purpose are Identity Information, Contact Information, Location Information, Purchase Information, Correspondence and Preference Information.

For this purpose we share personal data with Processors, in this case with Messaging Service Providers and CRM Solution Providers.

Providing our Products. We process your personal data to be able to provide you with a seamless user experience when using our Products and the Products features.

We may collect your Personal Data for this purpose by using technologies such as cookies, pixels and tags to collect your device information. For more information on the cookies we use, the personal data they collect, and how to disable them, please see our Cookie Policy .

The legal basis for these processing activities is the performance of your user agreement with us.

The data categories processed for this purpose are Identity Information, Contact Information, Location Information, Purchase information, Size Information, Profile and Community Information, Device Information, Browsing Information, Activity Information, Correspondence and Preference Information.

For this purpose we share personal data with other users, other services (where applicable – see Sharing of personal data with other services. for more information), Processors, in this case with Cloud Solution Providers, CRM Solution Providers, Authentication Solution Providers and Payment Solution Providers, and with Partners.

Customer Support. We process your personal data to answer your queries about your use of our Products and respond to your questions and concerns through various communications channels we make available to you, including if you contact us for questions about your privacy rights. Your requests to our customer service will be analyzed so that we can provide you with valuable service in the future.

The legal basis for these processing activities is our legitimate interest or, in the case of privacy issues, our legal obligation to process them, if applicable.

The data categories processed for this purpose are Identity Information, Contact Information, Location Information, Purchase Information, Profile and Community Information, Device Information, Browsing Information, Activity Information, Correspondence, Preference Information.

For this purpose we share personal data with Processors, in this case with, CRM Solution Providers and Messaging Service Providers.

Product Research and Development. We conduct analysis and research to improve our products and services. This includes asking you questions in surveys, asking you for feedback or asking you to test our Products and provide us with a review. We collect this information based on your consent. Where it is possible for the specific project or upon your request, we will remove any Identity, Contact, or Device Information, so the information cannot be used to identify you anymore and is considered “anonymized”.

• The legal basis for these processing activities is your explicit consent. You can always revoke a consent you have given.
• The data categories processed for this purpose depend on the specific project/survey and might include all categories of personal data we process.
• For this purpose we share personal data with Processors, in this case with Research/Survey Solution Providers and CRM Solution Providers.

Domain and Network Security and User Authentication. To protect our domains, detect unusual activities, and prevent security threats and protect our users from unauthorized accesses (such as hackers), we screen all traffic to our Products, and authenticate user log-in information using tokens to verify the details you provide to us and compare it with other available information, such us the credentials you have provided directly to us or other platforms (such as Facebook) or information that is available in the public domain to ensure only “authorized” users have access to our Products.

• The legal basis for these processing activities is our legitimate interest.
• The data categories processed for this purpose are Identity Information, Contact Information, Browsing Information and Device Information.
• For this purpose we share personal data with Processors, in this case with Authentication Solution Providers and Data Analytics Solution Providers.

Business Operational Analytics. We need to know how we do as a business. This is in the interest of our shareholders, our board members, our employees, and our partners, as well as our users. We create data models for different analytical purposes and analyze using these data models how our Products are selling in different markets, what are the popular features of our Products, what worked and what didn’t in terms of our marketing and advertising campaigns, our Product designs and distribution strategy, our website design and overall user experience, so we can establish, implement, and evaluate our business strategy.

This includes, for example, analyzing data to understand how users browse our Website and use the Apps to improve our user experience design to make sure you will continue to use our Products and interact with us on our Websites and Apps.

We may collect your Personal Data for this purpose by using technologies such as cookies, pixels and tags to collect your device information. For more information on the cookies we use, the personal data they collect, and how to disable them, please see our Cookie Policy .

The legal basis for these processing activities is our legitimate interest.

The data categories processed for this purpose are Identity Information, Location Information, Purchase Information, Profile and Community Information, Social Media Information, Device Information, Browsing Information, Activity Information, Correspondence Information and Preference Information.

For this purpose we share personal data with Processors, in this case with Data Analytics Solution Providers and Cloud Solution Providers.

Personalized Marketing Messages Via Email / Push Notification. Upon your explicit consent, we send you marketing messages that we think you would be interested in (“personalized”) to the email address you provide to us or via push-notifications when you have installed our Apps.

We might also send such messages when you purchase our Products and we consider that to be an indication of interest in our Products, services, promotions, and various offerings.

To send you “personalized” messages, we observe your online behavior, and analyze it to best estimate what you might be interested in, and you can benefit from. We therefore use different analytics tools to understand what your behavior means in terms of your like and dislike of our Products, and to understand the impact (success rates) of the messages delivered to you.

We may collect your Personal Data for this purpose by using technologies such as cookies, pixels and tags to collect your device information. For more information on the cookies we use, the personal data they collect, and how to disable them, please see our Cookie Policy .

Additionally, we assess your behavior when reading such emails with the help of so-called web beacons or tracking pixels.

The legal basis for these processing activities is your explicit consent or our legitimate interest. You can always revoke a consent given or object to the data processing for this purpose which is based on our legitimate interest

The data categories processed for this purpose are Identity Information, Contact Information, Location Information, Purchase Information, Profile and Community Information, Social Media Information, Device Information, Browsing Information, Activity Information, Correspondence Information and Preference Information.

For this purpose we share personal data with Processors, in this case with CRM Solution Providers and Messaging Service Providers.

Targeted messages on 3rd-party advertising platforms. We use third-party solutions to send targeted campaigns and messages on their platforms. Therefore, Social Media Platforms will attempt to match your profile in their database to determine the optimal time and place (e.g the page you are browsing). Besides that, we analyze information to understand the impact of our campaigns.

• Please note that you may see ads from Hello Inside on social media or other platforms even if you have not consented to data processing for this purpose. This will not happen based on the fact that we process and share your personal data, but randomly.
• We may collect your Personal Data for this purpose by using technologies such as cookies, pixels and tags to collect your device information. For more information on the cookies we use, the personal data they collect, and how to disable them, please see our Cookie Policy .
• The legal basis for these processing activities is your explicit consent. You can always revoke a consent you have given.
• The data categories processed for this purpose are Identity Information, Contact Information, Location Information, Purchase Information, Profile and Community Information, Social Media Information, Device Information, Browsing Information, Activity Information and Preference Information.
• For this purpose we share personal data with Processors, in this case with Advertising Solution Providers and Data Analytics Solution Providers.

Cooperation with Law Enforcement and Regulatory Authorities (including Courts). When we are legally required to provide your personal data for national and public security reasons, crime prevention, investigation and prosecution, anti-money laundering, judicial proceedings, protection of other individuals’ rights and freedoms, and enforcement of civil claims, we will provide information as requested by the authorities or parties once we are satisfied that the request is mandated by law. We may not be able to notify you if it is against the law to do so.

• The legal basis for these processing activities is our respective legal obligation, the necessity in order to protect the vital interests’ people or the necessity for public interest.
• The data categories processed for this purpose depend on the specific request/obligation and might include all categories of personal data we process. Anyhow, we will always limit the amount of personal data processed for this purpose to the smallest amount possible.
• For this purpose we share personal data with authorities, including courts and with Processors, in this case with Messaging Service Providers.

Contract Dispute and/or Legal Compliance. We need to keep evidence in case of any contractual dispute, or to defend ourselves in case of any investigatory audits or privacy compliance disputes and complaints, including how we have handled your privacy rights. Besides that, we might also have to process certain information which might include personal data to comply with statutory retention periods.

• The legal basis for these processing activities is our respective legal obligation or our legitimate interest.
• The data categories processed for this purpose depend on the specific obligation and situation and might include all categories of personal data we process. Anyhow, we will always limit the amount of personal data processed for this purpose to the smallest amount possible.
• For this purpose we share personal data with authorities, including courts, our lawyers and tax advisors and Processors, in this case Cloud Solution Providers and Messaging Service Providers.

SHARING OF PERSONAL DATA

General Information. We share your personal data with third parties

• if this is necessary, for the purposes listed above,
• if you have instructed us to do so (e.g. if you connect your account to a partner platform),
• to exercise or protect the rights and interests of Hello Inside, our users and personnel, or
• if you have (explicitly) consented beforehand.

We distinguish between the following categories of third-parties we share personal data with:

• other users of our Products,
• other services,
• Processors,
• authorities including courts and
• lawyers and tax advisors.

Sharing of personal data with other users. The use of certain features of our Products includes the sharing of personal data with other users. These features would not work without such data sharing, i.e. it is necessary to fulfill our user agreement with you. Using the following features includes sharing of personal data with, i.e. making personal data visible to other users:

Leaderboard – If you track a glucose activity, you can be asked to join a weekly/monthly Leaderboard of accumulated glucose metrics, or highscores among the community. You can opt out of this at any time in your privacy settings.

Sharing of personal data with other services. We allow you to connect our Products to several Partner Platforms and/or other services and share personal data you have recorded or generated with or in our Products there. Please note that once personal data is transferred to a Partner Platform or other service, the further processing of this data will take place outside our responsibility and according to the partners privacy policy.

Partner Platforms – If you connect your Hello Inside profile with your accounts on Partner Platforms and decide to import or share personal data from our products there, this includes the transfer of your data to the platform upon your explicit instruction to do so by connecting your Hello Inside account to your respective Partner Platform account.

Social Networks and Messenger Services – If you decide to share activities via a social media plattform or messenger service you may use on your mobile device, you explicitly instruct us to share the respective data with the messaging service you have chosen.

Sharing of personal data with our Service Providers (“Processors”). We share your personal data with Processors that help us to conduct the processing activities necessary for the purposes of tracking product behaviour. Our Processors will have access to your personal data as reasonably necessary to perform their tasks on our behalf and are obligated to protect it and not to disclose or use it for other purposes. We use processors of the following categories: Advertising Solution Providers, Data Analytics Solution Providers, Cloud Solution Providers, CRM Solution Providers, Messaging Service Providers, Authentication Solution Providers and Research/Survey Solution Providers.

Sharing of personal data with authorities and lawyers and tax advisors. We share personal data with authorities and lawyers and tax advisors where this is necessary.

Data Selling. We do not sell any of your personal data to third parties.

RETENTION OF PERSONAL DATA

Retention Period. In order to enable you to use our Products, we retain personal data for as long as you have an account with us. Anyhow, if certain personal data is no longer required for the purposes listed above, e.g. because certain functions of our Products are no longer operated or offered, we will delete or anonymize this data within a reasonable time after the complete fade out of the function.

If our user agreement with you is terminated and you don’t request us to immediately delete your personal data, we will delete it 25 months after termination.

Deletion of personal data. If you request deletion of your account or if we delete it after the above-mentioned period, your personal data processed by Hello Inside will be deleted, with the following exceptions:

• Personal data required for our performance of statutory obligations will not be deleted but reduced to the minimum necessary.
• Personal data that we need to defend against claims, that we need to enforce our claims or that we need to document our compliance with legal requirements will not be deleted but reduced to the minimum necessary.
• Personal Data we have collected for analytical purposes or research will not be deleted but anonymized.

YOUR RIGHTS CONCERNING PERSONAL DATA

Exercise your Rights. To exercise your rights concerning personal data (“privacy rights”) defined in the sections below or within the Annexes to the Privacy Policy, please follow the steps indicated for each case. If no certain steps are defined or if you have any problems completing the steps or if you have questions, please send a request via email to the Email Address or contact us via mail to our postal address.

Revocation of Consent. If you have given your consent to the processing of personal data for a specific purpose, you can withdraw (revoke) it at any time. However, this does not affect the lawfulness of data processing based on the consent before the revocation. Please note that in certain cases, we may continue to process your personal data after you have withdrawn consent, if we have another legal basis to do so.

If you want to revoke the marketing consent you have given, please:

• log in to the Hello Inside App
• click on Profile
• go to Privacy Settings 
• unmark the stay informed checkbox.

Please note: The implementation may take a few days. Meanwhile, you may still receive a couple of marketing messages from us based on the marketing consent you have given in the past.

Right to Information and Access. You have the right to obtain (i) confirmation as to whether or not your personal data is being processed by us and, if so, (ii) more specific information on the data and (iii) a copy of the data. The more specific information concerns, among other things, processing purposes, categories of data, potential recipients, or the duration of storage and can be found in this Privacy Policy.

If you like to receive a copy of your personal data processed, please send an email to [email protected]

Right to Rectification. You have the right to obtain the rectification of inaccurate personal data we process concerning you. In case the personal data processed by us is not correct, we will rectify these without undue delay and inform you of this rectification. Please note that (i) you can rectify much of your personal data in the settings of our Products on your own and that (ii) it is not technically possible for us to rectify all kinds of data in our Products.

Right to Erasure. You have the right to have personal data we store about you deleted. If you have requested a copy of your personal data we process, your account can only be deleted after the export is completed, because otherwise, we would no longer be able to comply with this request.

Please note that we consider a request to delete your account as a termination of our user agreement with you. However, you are free to subsequently create a new account at any time.

Please also be aware that deletion may take up to a couple of days.

Right to Restriction of Processing. You have the right to obtain a restriction of processing of your personal data from us in the following cases:

• the personal data is no longer necessary for the purpose they were collected or otherwise processed for;
• you have withdrawn consent on which the processing is based and there is no other legal ground for the processing;
• you have objected to the processing pursuant and there are no overriding legitimate grounds for the processing;
• the processing is unlawful;
• the personal data have to be erased for compliance with a legal obligation in European Union or Member State law to which Hello Inside is subject to.

Right to Data Portability. You have the right to (i) receive a copy of your data in a structured, commonly used and machine-readable format and (ii) transmit those Data to another controller without hindrance from us. In order to exercise your right to data portability please send an email to [email protected].

Right to Object. You have the right to object at any time to the processing of personal data for which our legitimate interests are the legal basis, including profiling. You also have the right to object to processing of personal data for direct marketing purposes.

Right to File a Complaint. You have the right to file a complaint with your local data protection authority, if you think that our processing of your personal data infringes applicable law.

The Österreichische Datenschutzbehörde (Austrian Data Protection Authority) can be contacted as follows:

Mail: [email protected] Phone: +43 (0) 1 52152 2550 Postal-Address: Barichgasse 40-42, 1030 Wien, Austria Web: https://www.dsb.gv.at/kontakt

FURTHER INFORMATION

Security Measures. We are committed to protecting your personal data and do implement appropriate technical and organizational security measures to protect it against any unauthorized or unlawful processing and against any accidental loss, destruction, or damage. We require our service providers to do the same through contractual agreements.

These security measures are constantly revised to comply with the latest technological developments. However, you should be aware that any transmission of your personal data through the internet is at your own risk. We can only protect your personal data once it reaches our area of responsibility.

Transfer of personal data outside of the EU/EEA/CH. We only share your personal data with third parties outside the EU, EEA and Switzerland if (i) the third party is located in a country that provides an adequate level of data protection under Article 45 of the GDPR or if (ii) appropriate safeguards are in place to protect your personal data and your rights related thereto.

Do Not Track Signals. Our Products do not recognize or respond to browser-initiated Do Not Track signals. To learn more about Do Not Track signals, you can visit https://allaboutdnt.com.

California Consumer Privacy Act (“CCPA”). For information regarding your rights as a citizen of the US-State of California pursuant CCPA, please refer to Annex 1 – Information for California Residents pursuant the California Consumer Privacy Act (“CCPA”) .

CHANGES TO THE PRIVACY POLICY

General Information. We review and update the Privacy Policy periodically to reflect any changes resulting from our day-to-day business operations. We will notify you when we make significant changes that you must be aware of.

Last Update. This Privacy Policy was last modified on 30 June 2021.

ANNEX 1 – INFORMATION FOR CALIFORNIA RESIDENTS PURSUANT THE CALIFORNIA CONSUMER PRIVACY ACT (“CCPA”)

If you are a California resident, this section applies to you and supplements the Privacy Policy. Please note that when the Privacy Policy talks about personal data, this is personal information pursuant CCPA.

Categories of Personal Information we process. In the preceding 12 months, we have collected the categories of personal information listed below.

Identifiers – for details please see Identity Information, Contact Information, Device Information and Location Information descriptions in the Privacy Policy.

Categories of personal information described in the California Customer Records statute (California Civil Code Section 1798.80) – for details please see Size Information and Purchase Information descriptions in the Privacy Policy.

Characteristics of protected classifications under California law, such as gender and age (over 40) – for details please see Identity Information description in the Privacy Policy.

Commercial information, including records of products or services purchased or purchasing habits – for details please see Purchase Information Description in the Privacy Policy.

Biometric information – for details please see Activity Information description in the Privacy Policy.

Internet and other similar network activity – for details please see Browsing Information and Device Information description in the Privacy Policy..

Geolocation data – for details please see Location Data description in the Privacy Policy.

Audio and visual information – for detail please see Profile & Community Information description in the Privacy Policy.

Your Rights. Pursuant CCPA, California consumers have the right to request access to the specific pieces of personal information we have collected about them in the last 12 months. You may also request additional details about our processing practices, including the categories of personal information we have collected about you, the categories of sources of such collection, the business or commercial purpose for collecting personal information, the categories of third parties with whom we share your personal information and the categories of personal information we have disclosed about you in the preceding 12 months. This corresponds with the Right to Information and Access as listed in the Privacy Policy and can be enforced accordingly.

You also have the right to request deletion of your personal information (subject to certain exceptions). This corresponds with the Right to Erasure as listed in the Privacy Policy and can be enforced accordingly.

Moreover, you have the right to opt out of sales of personal information and to receive equal service and price and not be discriminated against even if you exercise any of your CCPA rights.

In addition to the ways to enforce privacy rights as described in the Privacy Policy, California Consumers may address their request to enforce their rights pursuant CCPA by making a call to our toll-free service number.

Toll-free number for requests pursuant CCPA by residents of the US-State of California: 888 694 6364.

In any case, your request must include sufficient information that allows us to reasonably verify you are the person about whom we collected personal information, which may include your email address, name and account id (which is required only if you already have an account with us).

We will not discriminate against you if you choose to exercise your rights under the CCPA.

The right to opt out from data selling is not enforceable regarding Hello Inside, because Hello Inside does not sell user data at all.

Metrics reporting. We disclose the number of requests to know we received, complied with in whole or in part, or denied and the number of requests to delete that we received, complied with in whole or in part, or denied retroactively for each year. Please note that as Hello Inside is not selling any personal information, we therefore do not count “do not sell my data” requests.

Please note that the rights mentioned are not absolute rights. In individual cases it is possible that the exercise of these rights is opposed by rights or obligations of Hello Inside or third parties.

Possibility of denying consent and the consequences. If the Privacy Policy indicates that the processing of your personal data for a certain purpose is based on your consent, please be advised that you are not obligated to give such consent and that you may revoke a consent you have given at any time. In case you do not give a certain consent or in case you revoke a consent you have given, your personal data will not be processed for this purpose (anymore).