Last Updated: 18 Feb 2025

Privacy Policy

 

1. Introduction

Welcome to Smarter Day App (referred to as “Smarter Day App,” “we,” “us,” or “our”). We are committed to protecting the privacy of individuals who:

  • Visit our websites and related subdomains.
  • Use our mobile applications.
  • Use any other service provided by us (collectively, the “Services”).

This Privacy Policy explains what information we collect, how we collect it, why we collect it, how we use it, how we share it, and the choices you have regarding your information.

By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you disagree, please do not access or use our Services.

2. Scope and Applicability

  1. Global Compliance: This Policy is designed to meet requirements across multiple jurisdictions, including (but not limited to):

    • The General Data Protection Regulation (GDPR) in the European Economic Area (EEA).
    • The California Consumer Privacy Act (CCPA) and other applicable U.S. state privacy laws.
    • Other international privacy laws and regulations where we operate or from which we collect personal information.

  2. Third-Party Links and Integrations: Our Services may contain links to third-party websites, mobile applications, or services (collectively, “Third-Party Services”). We have no control over these Third-Party Services, and their privacy practices are governed by their respective policies. We encourage you to review their policies to understand how they collect, use, and share information.

3. Information We Collect

We collect personal information and non-personal information (collectively, “Information”) from and about you in a variety of ways, as described below:

3.1 Personal Information You Provide Directly

  • Account and Profile Information: When you create an account, we may collect your name, email address, username, password, phone number, postal address, profile picture, and any other information you choose to provide.
  • Communications: We collect any information you provide when you contact us via email, chat, or support channels. This may include messages, attachments, and associated metadata.
  • Payment and Billing Information: If you make a purchase or subscription through our Services, our third-party payment processors may collect billing information such as credit card numbers or bank account details. We do not store full payment information on our servers.
  • User-Generated Content: Any information you submit while using our interactive features (e.g., in-app messages, forum posts, feedback forms, surveys, contests) may be collected and displayed to others depending on the settings.

3.2 Information Collected Automatically

  • Device Data: Such as IP address, unique device identifiers (e.g., IDFA, Android Advertising ID), device type, operating system version, browser type and version, language settings, and network information.
  • Usage Data: Your activities on our Services, such as time spent, pages visited, links clicked, features used, the date and time of your visits, and other usage analytics.
  • Cookies and Similar Technologies: We may use cookies, web beacons, pixel tags, and other tracking technologies to collect information about your interactions with our Services. This helps us remember your preferences and analyze user behavior.

3.3 Information from Third Parties

  • HubSpot: We use HubSpot for customer relationship management (CRM), email marketing, and analytics. HubSpot may collect and store your name, email address, and other contact details, as well as your interactions (e.g., email open rates, click-throughs). HubSpot’s Privacy Policy describes its data practices in detail.
  • Firebase: We use Firebase (by Google) for app analytics, messaging, crash reporting, and other backend infrastructure purposes. Firebase may collect device information, in-app events, crash data, and performance metrics. Google’s Privacy Policy covers Firebase data processing practices.
  • Social Media Platforms: If you choose to link or sign up via social media (e.g., using “Sign in with Facebook”), we may receive your public profile, friend list, or other information you authorize these platforms to share with us.
  • Other Third Parties: We may receive additional information from service providers, business partners, public databases, or marketing partners, which we may combine with other information we hold about you.

4. Purposes and Legal Bases for Processing

We process your information for a variety of purposes under different legal bases, especially as required by GDPR. These include:

  1. Providing and Improving the Services

    • To create and manage user accounts, authenticate logins, and maintain your profile.
    • To personalize your experience and deliver targeted content.
    • Legal Basis: Contractual necessity (Art. 6(1)(b) GDPR) and/or legitimate interests (Art. 6(1)(f) GDPR) to offer efficient Services.

  2. Communications

    • To respond to inquiries, provide support, and send updates or important account notifications.
    • Legal Basis: Contractual necessity or legitimate interests.

  3. Marketing and Promotions

    • To send marketing communications (subject to your consent where required by law).
    • To provide personalized ads (subject to opt-out where applicable).
    • Legal Basis: Consent (Art. 6(1)(a) GDPR) or legitimate interests.

  4. Analytics and Service Enhancements

    • To monitor and analyze usage, trends, and user behaviors.
    • To conduct research, testing, and troubleshooting to improve functionality, user interface, and performance.
    • Legal Basis: Legitimate interests or consent for cookies/analytics in certain regions (e.g., EEA).

  5. Compliance and Protection

    • To comply with legal obligations (e.g., responding to lawful requests, regulatory requirements).
    • To enforce our Terms of Service, protect our users and Services from fraud or security threats, and uphold our legal rights.
    • Legal Basis: Legal obligation (Art. 6(1)(c) GDPR), legitimate interests, or protection of vital interests (Art. 6(1)(d) GDPR in exceptional cases).

  6. Other Purposes

    • Where you have provided consent for specific purposes or where such processing is otherwise required or permitted by applicable law.

5. How We Share Your Information

We may share your information with the following categories of recipients, as necessary and in accordance with applicable law:

  1. Service Providers and Vendors

    • Third-party companies that perform services on our behalf, including hosting providers, analytics providers (e.g., Google Analytics, Firebase), payment processors, email service providers (HubSpot), technical support, and security services. These service providers are contractually required to handle data in compliance with this Privacy Policy and are prohibited from using it for any other purpose.

  2. Business Transfers

    • In connection with a merger, acquisition, reorganization, sale of assets, bankruptcy, or other similar business transaction. Your information may be transferred as part of that deal but will remain protected under this Privacy Policy (or a policy with equivalent or stronger protections).

  3. Legal and Regulatory Compliance

    • We may disclose information if required to do so by law, subpoena, or other legal process; to cooperate with law enforcement or regulatory bodies; to protect our rights and property or the safety of our users or others; or to enforce our Terms of Service or other agreements.

  4. Affiliates and Subsidiaries

    • We may share information within our corporate group for operational and business purposes consistent with this Privacy Policy.

  5. With Your Consent

    • We may share your information for any other purpose disclosed at the time of collection or with your explicit consent.

6. Data Transfers and International Processing

We operate globally and may transfer your personal information to countries outside of your own, including to our servers or service providers located in the United States or other jurisdictions that may have data protection laws different from those of your country. Where required by applicable law, we implement appropriate safeguards—such as Standard Contractual Clauses (SCCs) approved by the European Commission—to ensure that your personal information remains protected in accordance with this Privacy Policy.

7. Data Retention

  1. General Retention Period: We retain your personal information only as long as necessary for the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law (e.g., tax, accounting, or legal obligations).

  2. Retention Criteria: We consider the volume, nature, and sensitivity of the data, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process your data, and the applicable legal requirements to determine appropriate retention periods.

  3. Account Deletion: If you request account deletion, we will delete or anonymize your personal information within a reasonable timeframe, unless we are required by law or legitimate business interests to retain certain information (e.g., billing records, fraud prevention).

8. Security Measures

We use a combination of technical, administrative, and physical safeguards to protect your information, including but not limited to:

  • Encryption: We use TLS/SSL encryption for data in transit where appropriate.
  • Access Controls: Restricted access to personal data to authorized personnel only, based on job roles.
  • Firewalls and Monitoring: Protection against unauthorized access and regular monitoring of systems.
  • Regular Assessments: Periodic reviews of data collection, storage, and processing practices, including security measures.

Despite these measures, no method of data transmission or storage is 100% secure, and we cannot guarantee absolute security. You are also responsible for keeping your password and account credentials confidential and for notifying us immediately of any suspected unauthorized account activity.

9. Cookies and Tracking Technologies

  1. Types of Cookies We Use:

    • Strictly Necessary Cookies: Essential for the operation of our Services.
    • Functional Cookies: Enhance performance and functionality, such as saving your preferences.
    • Analytics/Performance Cookies: Gather data for usage analytics (e.g., Google Analytics, Firebase Analytics).
    • Advertising/Targeting Cookies: Deliver targeted advertising and track ad performance, where applicable.

  2. Managing Cookies: You can typically configure your browser to refuse cookies, remove cookies, or alert you when a cookie is being sent. However, doing so may affect certain functionalities of our Services.

  3. Do Not Track: We currently do not respond to “Do Not Track” signals. You may use third-party browser extensions or other tools to configure tracking preferences.

10. Children’s Privacy

  1. Minimum Age: We do not knowingly collect or solicit personal information from children under 13 years of age (or the minimum legal age in your jurisdiction, such as 16 in certain EEA countries) without verifiable parental consent.
  2. Parental Rights: If you believe that a child under the relevant age has provided us with personal information without parental consent, please contact us. We will take prompt steps to delete such information in accordance with applicable laws (e.g., Children’s Online Privacy Protection Act, “COPPA”).

11. Your Rights and Choices

Depending on your jurisdiction, you may have certain legal rights regarding your personal information. These rights may include:

11.1 GDPR (EEA, UK, and Similar Jurisdictions)

  • Access: Request a copy of your personal data in our possession.
  • Rectification: Request corrections or updates to inaccurate or incomplete personal data.
  • Erasure (“Right to be Forgotten”): Request deletion of your personal data under certain circumstances.
  • Restriction of Processing: Limit the way we use your data in certain contexts.
  • Data Portability: Receive your data in a structured, commonly used, and machine-readable format, or request we transfer it to another controller.
  • Objection: Object to certain types of processing, including direct marketing and processing based on our legitimate interests.
  • Withdraw Consent: If processing is based on consent, you can withdraw it at any time (without affecting the lawfulness of processing before withdrawal).

11.2 CCPA (California Residents)

  • Right to Know: Request disclosure of the categories and specific pieces of personal data we have collected about you, the categories of sources, the purposes of collection, and the categories of third parties with whom we share data.
  • Right to Delete: Request deletion of personal data, subject to exceptions (e.g., completing a transaction, detecting security incidents).
  • Right to Opt Out of “Sale” of Personal Data: We do not “sell” personal data as commonly understood. If we were to do so in the future, you have the right to opt out.
  • Non-Discrimination: You have the right not to be discriminated against for exercising any of these rights.

11.3 Other Jurisdictions

  • Canada (PIPEDA): Similar rights to access and correct personal information.
  • Brazil (LGPD): Rights to confirmation, access, correction, anonymization, deletion, portability, information about data sharing, and revocation of consent.
  • Other Regions: We will comply with local data protection laws to the extent they apply.

11.4 Exercising Your Rights

You can submit requests to exercise these rights by contacting us at [Contact Email or Online Form URL]. We will respond to your request within the timeframe required by applicable law, after verifying your identity. Additional documentation or verification steps may be required.

12. Third-Party Services and Integrations

  1. Firebase:

    • Purpose: Analytics, crash reporting, app performance monitoring, cloud messaging.
    • Data Collected: Device details, usage patterns, crash logs, in-app events.
    • Opt-Out: You may opt out of certain Firebase features (e.g., Analytics) via your device settings (Android/iOS Ads Settings) or by emailing us for further instructions.
    • Data Transfers: Data may be processed on Google’s servers, which may be located outside your jurisdiction.

  2. HubSpot:

    • Purpose: CRM, email marketing, lead management, and user interaction analytics.
    • Data Collected: Name, email address, user interactions with emails (e.g., open rates, links clicked), form submissions, IP address, cookies.
    • Opt-Out: Unsubscribe links in emails or by contacting us directly.
    • Data Transfers: Data stored on HubSpot servers in the U.S. (or other locations), protected by Standard Contractual Clauses for EEA data.

  3. Payment Processors:

    • Purpose: Handle billing, subscription, and payment transactions.
    • Data Collected: Name, credit card or banking details, transaction records.
    • Security: PCI-DSS compliant. We do not store full payment details.
    • Examples: [Stripe, PayPal, or any other relevant processor]

  4. Other Third-Party Tools:

    • May include analytics tools, marketing tools, and social media plug-ins.
    • Data collection practices and opt-out methods vary; review each provider’s privacy policy for details.

13. Business and Corporate Transactions

In the event we undergo a merger, acquisition, financing, due diligence, reorganization, bankruptcy, receivership, sale of assets, or transition of service to another provider, your information may be transferred as part of such a transaction, as permitted by law and/or contract. Any entity acquiring our assets or merging with us will assume the rights and obligations regarding your personal information as described in this Privacy Policy (or a policy with equivalent or stronger protections).

14. Disclaimer of Liability

While we take the measures described in this Privacy Policy to protect your information, we cannot be held responsible for:

  • Unauthorized Third-Party Acts: Data breaches, hacking, or theft of information despite the security measures employed.
  • User Actions: Sharing your login credentials, personal information posted publicly, or other mistakes.
  • External Links: Third-Party Services or websites that we do not control.

By using our Services, you acknowledge and agree that to the maximum extent permitted by applicable law, we will not be liable for any indirect, incidental, consequential, or punitive damages related to the security or disclosure of your information.

15. Changes to this Privacy Policy

We reserve the right to modify, update, or amend this Privacy Policy from time to time to reflect changes in our practices, technological advancements, legal requirements, or other factors. When we make material changes, we will notify you (e.g., by email, through our Services, or by updating the “Effective Date” above) and, where required by law, obtain your consent. Your continued use of our Services after the revised Privacy Policy becomes effective signifies your acceptance of those changes.

16. Contact Us

If you have any questions or concerns about this Privacy Policy, our data practices, or to exercise your privacy rights, please contact us at:

  • Email: dev@smarter.day