Last Updated: June 27, 2019
INFORMATION WE COLLECT
When you use our Services, we collect the following types of information.
Information You Provide Us
Some information is required to create an account on our Services, such as your name, email address, password, date of birth, gender, height, weight, and in some cases your mobile telephone number. This is the only information you have to provide to create an account with us. You may also choose to provide other types of information, such as a profile photo, biography, country information, and community username.
If you contact us or participate in a survey, contest, or promotion, we collect the information you submit such as your name, contact information, and message.
Payment and card information
Some Entertech devices support payments and transactions with third parties. If you activate this feature, you must provide certain information for identification and verification, such as your name, credit, debit or other card number, card expiration date, and CVV code. This information is encrypted and sent to your card network, which upon approval sends back to your device a token, which is a set of random digits for engaging in transactions without exposing your card number. For your convenience, we store the last four digits of your card number and your card issuer’s name and contact information. You can remove the token from your account using your account settings. We do not store your transaction history.
2. Information We Receive from Your Use of Our Services
Your device collects data to estimate a variety of metrics like the heart rate and brainwaves while you are using our Services.
The Services include features that use precise location data, including GPS signals, device sensors, Wi-Fi access points, and cell tower IDs. We collect this type of data if you grant us access to your location. You can always remove our access using your mobile device settings. We may also derive your approximate location from your IP address.
When you access or use our Services, we receive certain usage data. This includes information about your interaction with the Services, for example, when you create or log into your account, or pair your device to your account.
We also collect data about the devices and computers you use to access the Services, including IP addresses, browser type, language, operating system, mobile device information (including device and application identifiers), the referring web page, pages visited, location (depending on the permissions you have granted us), and cookie information.
3. Information we receive from third parties
If you choose to connect your account on our Services to your account on another service, we may receive information from the other service. For example, if you connect to Facebook or Google, we may receive information like your name, profile picture, age range, language, email address, and friend list. You may also choose to grant us access to your exercise or activity data from another service. You can stop sharing the information from the other service with us by removing our access to that other service.
4. Health and other special categories of personal data
To the extent that information we collect is health data or another special category of personal data subject to the European Union’s General Data Protection Regulation (“GDPR”), we ask for your explicit consent to process the data. We obtain this consent separately when you take actions leading to our obtaining the data, for example, when you pair your device to your account, grant us access to your exercise or activity data from another service. You can use your account settings and tools to withdraw your consent at any time, including by stopping the use of a feature, removing our access to a third-party service, unpairing your device, or deleting your data or your account.
HOW WE USE INFORMATION
We use the information we collect for the following purposes.
Provide and Maintain the Services
Using the information we collect, we are able to deliver the Services to you and honor our Terms of Service contract with you. For example, we need to use your information to provide you with your Flowtime headband tracking your brainwaves and heart rate; and to give you customer support.
2. Improve, Personalize, and Develop the Services
We use the information we collect to improve and personalize the Services and to develop new ones. For example, we use the information to troubleshoot and protect against errors; perform data analysis and testing; conduct research and surveys; and develop new features and Services.
We also use your information to make inferences and show you more relevant content. Here are some examples:
Based on your meditation data, we may provide you with customized insights to help you improve your meditation.
We may give you some tips of sleep according to your historical sleep data.
3. Communicate with You
We use your information when needed to send you Service notifications and respond to you when you contact us. We also use your information to promote new features or products that we think you would be interested in. You can control marketing communications and most Service notifications by using your notification preferences in account settings or via the “Unsubscribe” link in an email.
4. Promote Safety and Security
We use the information we collect to promote the safety and security of the Services, our users, and other parties. For example, we may use the information to authenticate users, facilitate secure payments, protect against fraud and abuse, respond to a legal request or claim, conduct audits, and enforce our terms and policies.
For personal data subject to the GDPR, we rely on several legal bases to process the data. These include when you have given your consent, which you may withdraw at any time using your account settings and other tools; when the processing is necessary to perform a contract with you, like the Terms of Service; and our legitimate business interests, such as in improving, personalizing, and developing the Services, marketing new features or products that may be of interest, and promoting safety and security as described above.
DISCLOSURE OF YOUR INFORMATION
We may disclose your personal information to any member of our group, which means our subsidiaries, our ultimate holding company, and its subsidiaries.
We may also disclose your personal information to third parties as follows:
In some circumstances, based on your specific requests, we may need to disclose your personal information to a third party so that they can provide a service you have requested from such party, or fulfill a request for information from such party. An example of this is the SMS Service.
In some circumstances, we may disclose the personal information that you have provided to Entertech to a third party that offers and/or provides goods or services complementary to our own for the purpose of enhancing our users’ experiences by offering you integrated or complementary functionality, complementary services or bundled pricing options.
If Entertech’s service providers (like hosting, market analytics, and payment service providers) require this information to provide services to Entertech. Entertech requires each of its service providers to agree to maintain the confidentiality and security of your personal information.
In the event that we sell or buy any business or assets, in which case we may disclose your personal information to the prospective seller or buyer of such business or assets.
If Entertech or substantially all of our assets are acquired by a third party, in which case personal information held by us about our customers will be one of the transferred assets.
If we are under a duty to disclose or share your personal information in order to comply with any legal obligation such as to comply with a subpoena, bankruptcy proceedings, similar legal process, or in order to enforce or apply our agreements with you; or to protect the rights, property, or safety of Entertech, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
With third parties, such as Facebook, in order to serve Entertech advertisements on such third party platforms, to the extent that you have consented to such practices under applicable law.
FOR EXTERNAL PROCESSING
We transfer information to our corporate affiliates, service providers, and other partners who process it for us, based on our instructions, and in compliance with this policy and any other appropriate confidentiality and security measures. These partners provide us with services globally, including for customer support, information technology, payments, sales, marketing, data analysis, research, and surveys.
FOR LEGAL REASONS OR TO PREVENT HARM
We may preserve or disclose information about you to comply with a law, regulation, legal process, or governmental request; to assert legal rights or defend against legal claims; or to prevent, detect, or investigate illegal activity, fraud, abuse, violations of our terms, or threats to the security of the Services or the physical safety of any person.
Please note: Our policy is to notify you of legal process seeking access to your information, such as search warrants, court orders, or subpoenas, unless we are prohibited by law from doing so. In cases where a court order specifies a non-disclosure period, we provide delayed notice after the expiration of the non-disclosure period. Exceptions to our notice policy include exigent or counterproductive circumstances, for example, when there is an emergency involving a danger of death or serious physical injury to a person.
We may share non-personal information that is aggregated or de-identified so that it cannot reasonably be used to identify an individual. We may disclose such information publicly and to third parties, for example, in public reports about sleep and meditation, to partners under agreement with us.
If we are involved in a merger, acquisition, or sale of assets, we will continue to take measures to protect the confidentiality of personal information and give affected users notice before transferring any personal information to a new entity.
HOW TO DEACTIVATE YOUR USER ACCOUNT
You can deactivate your user account by contacting us at firstname.lastname@example.org. When you do, your personal identifiable information will be removed from the Services. Backup copies of this data will be removed from our cloud based upon an automated schedule, which means it may persist in our archive for a short period. Entertech may continue to use your de-identified data and aggregate information.
We keep your account information, like your name, email address, and password, for as long as your account is in existence because we need it to operate your account. In some cases, when you give us information for a feature of the Services, we delete the data after it is no longer needed for the feature. We keep other information, like your sleep and meditation data, until you use your account settings or tools to delete the data or your account because we use this data to provide you with your personal statistics and other aspects of the Services. We also keep information about you and your use of the Services for as long as necessary for our legitimate business interests, for legal reasons, and to prevent harm, including as described in the How We Use Information.
Apple iOS users may opt-in to allow the Service to provide data regarding the amount of minutes meditated to the Apple iOS “Health” application for display. This data will not be shared with third parties or used for marketing purposes.
We work hard to keep your data safe. We use a combination of technical, administrative, and physical controls to maintain the security of your data. This includes using Transport Layer Security (“TLS”) to encrypt many of our Services. No method of transmitting or storing data is completely secure, however. If you have a security-related concern, please contact Customer Support.
CHANGES TO THIS POLICY
We will notify you before we make material changes to this policy and give you an opportunity to review the revised policy before deciding if you would like to continue to use the Services. We encourage you to periodically review this page for the latest information on our privacy practices.