PRIVACY POLICY.

Use of Personal Data

We and our service providers use Personal Data for legitimate business purposes, including:

To provide the functionality of the Services and fulfill your requests.

• To fulfill your orders for Hello and provide you with related customer service.
• To send administrative information to you, such as changes to our terms, conditions, and policies.

We will engage in these activities to manage our contractual relationship with you and/or to comply with a legal obligation.

To provide you with surveys and our newsletter and other marketing materials.

• To send you marketing related emails and push notifications, with information about our services, new products, and other news about us.

We will engage in this activity with your consent or where we have a legitimate interest.

To analyze Personal Data to provide personalized or improved services.

• To better understand you, so that we can personalize our interactions with you and provide you with content, information, and/or offers tailored to your interests.
• To analyze your use of the Services so that we can improve them.

We will provide personalized services either with your consent or because we have a legitimate interest.

To aggregate, de-identify, and/or anonymize Personal Data.

• We may aggregate, de-identify, and/or anonymize Personal Data so that it will no longer be considered Personal Data. We do so to generate other data for our use, which we may use and disclose for any purpose.

To accomplish our business purposes.

• For data analysis, such as to improve the efficiency of the Services.
• For audits, to verify that our internal processes function as intended and are compliant with legal, regulatory, or contractual requirements.
• For fraud and security monitoring purposes, such as to detect and prevent cyberattacks or attempts to commit identity theft.
• For research and developing new products and services.
• For enhancing, improving, or modifying our current products and services.
• For identifying usage trends, such as understanding which parts of the Services are of most interest to users.
• For determining the effectiveness of our promotional campaigns, so that we can adapt them to our users’ needs and interests.
• For operating and expanding our business activities, including understanding which parts of the Services are most used so we can focus our energies on meeting our users’ interests.

We engage in these activities to manage our contractual relationship with you, to comply with a legal obligation, and/or because we have a legitimate interest.

OTHER DATA

“Other Data” is any data that does not reveal your specific identity or does not directly relate to an identifiable individual. If we are required to treat Other Data as Personal Data under applicable law, then we may use and disclose it for the purposes for which we use and disclose Personal Data as detailed in this Privacy Policy.

Collection of Other Data

We and our service providers may collect Other Data in a variety of ways, including:

Data you provide

• We ask you to provide data that does not reveal your specific identity, such as your first name, date of birth, gender, and whether you are left- or right-handed.

Through your device

• Certain data is collected automatically through your device or browser, such as a device ID, your screen resolution, operating system, device manufacturer and model, language, default country setting, and Internet browser type and version. We use this data to ensure that the Services function properly. We use the device ID to send you push notifications, subject to your consent (or parental consent) where required by applicable law.

Using cookies

• Cookies are pieces of data stored directly on the computer that you are using. Cookies allow us to collect data such as browser type, time spent on the Site, pages visited, language preferences, and other traffic data. We and our service providers use the data for security purposes, to facilitate navigation, to display information more effectively, and to personalize your experience. We also gather statistical data about use of the Site in order to continually improve its design and functionality, understand how it is used, and assist us with resolving questions about it. We do not currently respond to browser do-not-track signals. If you do not want data collected through the use of cookies, most browsers allow you to automatically decline cookies or be given the choice of declining or accepting a particular cookie (or cookies) from a particular website. You may also wish to refer to http://www.allaboutcookies.org/manage-cookies/index.html. If, however, you do not accept cookies, you may experience some inconvenience in your use of the Site.

Using tracking technologies

• We may use tracking technologies to recognize you as you use the Services, so that we can understand how the Services are used and optimize user engagement. We may also use pixel tags (also known as web beacons and clear GIFs) in the emails we send, to track recipients’ actions and response rates.
• We use Google Analytics, which uses tracking technologies to collect and analyze data about use of the Services and to report on activities and trends. This service may also collect data regarding the use of other websites, apps and online resources. You can learn about Google’s practices by going to www.google.com/policies/privacy/‌partners/.

IP Address

• We collect your IP address, which is automatically assigned to your device by your Internet service provider. An IP address may be identified and logged when you access the app, along with the time of the visit. We use IP addresses for purposes such as calculating usage levels, diagnosing problems, and administering the app.

Uses and Disclosures of Other Data

We may use and disclose Other Data for any purpose, except where we are prohibited from doing so under applicable law. In some instances, we may combine Other Data with Personal Data. If we do, we will treat the combined data as Personal Data as long as it is combined.

RETENTION PERIOD

We retain Personal Data for as long as needed or permitted in light of the purpose(s) for which it was obtained and consistent with applicable law.

The criteria used to determine our retention periods include:

• The length of time we have an ongoing relationship with you and provide the Services to you (for example, for as long as you have an account with us or keep using the Services);
• Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep transaction records for a certain period of time before we can delete them); or
• Whether retention is advisable in light of Hello’s legal position (such as in regard to applicable statutes of limitations, litigation, or regulatory investigations).

THIRD PARTY SERVICES

This Privacy Policy does not address, and we are not responsible for, the privacy, data, or other practices of any third parties, including any third party operating any website or service to which the Services link. The inclusion of a link on the Services does not imply endorsement of the linked site or service by us or by our affiliates.

In addition, we are not responsible for the data collection, use, disclosure, or security policies or practices of other organizations, such as Facebook, Apple, Google, Microsoft, Blackberry, or any other app developer, app provider, social media platform provider, operating system provider, wireless service provider, or device manufacturer, including with respect to any Personal Data you disclose to other organizations through or in connection with the Services.

THIRD PARTY PAYMENT SERVICE

We may use a third-party payment service to process payments made through the Services. If you wish to make a payment through the Services, your Personal Data will be collected by such third party and not by us and will be subject to the third party’s privacy policy, rather than this Privacy Policy. We have no control over, and are not responsible for, this third party’s collection, use, and disclosure of your Personal Data.

JURISDICTION AND CROSS-BORDER TRANSFER

Your Personal Data may be stored and processed in any country where we have facilities or in which we engage service providers, and, by using the Services, you understand that your data will be transferred to countries outside of your country of residence, including the United States, which may have data protection rules that are different from those of your country. In certain circumstances, courts, law enforcement agencies, regulatory agencies, or security authorities in those other countries may be entitled to access your Personal Data.

Additional Information Regarding the European Economic Area (“EEA”): Some of the non-EEA countries are recognized by the European Commission as providing an adequate level of data protection according to EEA standards (the full list of these countries is available here. For transfers from the EEA to countries not considered adequate by the European Commission, we have put in place adequate measures, such as standard contractual clauses adopted by the European Commission, to protect your Personal Data. You may obtain a copy of these measures here.

SENSITIVE DATA

Unless we specifically request it, we ask that you not send us, and you not disclose, any sensitive Personal Data (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background, or trade union membership) on or through the Services or otherwise to us.

UPDATES TO THIS PRIVACY POLICY

The “LAST UPDATED” legend at the top of this Privacy Policy indicates when this Privacy Policy was last revised. Any changes will become effective when we post the revised Privacy Policy on the Services. Your use of the Services following these changes means that you accept the revised Privacy Policy.