When you access our website we automatically collect from your device language settings, IP address, time zone, type and model of a device, device settings, operating system, Internet service provider, mobile carrier, hardware ID, Facebook ID, other unique identifiers (such as IDFA and AAID, IDFV, UUID) and cookies. We need this data to provide our services, analyze how our customers use the website and to measure ads.
For improving the website and serving ads, we use third party solutions. As a result, we may process data using solutions developed by Airtable, Amazon, Amplitude, BigQuery, Growthbook, Meta, OpenAI, Reteno, Sentry, Solid, Tableau, TikTok, Zendesk. Therefore, some of the data is stored and processed on the servers of such third parties. This enables us to (1) provide our services, (2) analyze different interactions (how often users make purchases, what products our users viewed); (3) serve and measure ads (and show them only to a particular group of users, for example, only to those, who have made a purchase).
If you decide to make a purchase or to order a service on the Website, we will ask you to provide your name and email. We also may collect personal information that is included in the User Content. We will use this data to fulfil provide you with the access to the Service, fulfil your order and provide our services.
Please read our Privacy Policy below to know more about what we do with data (Section 3), what data privacy rights are available to you (Section 6) and who will be the data controller (Section 1). If any questions will remain unanswered, please contact us at support@steptwo.ai.
PRIVACY POLICY
This Privacy Policy explains what personal data is collected when you use the website located at: steptwo.ai (the "Website"), the services and products provided through it (together with the Website, the "Service"), how such personal data will be processed.
BY USING THE SERVICE, YOU PROMISE US THAT (I) YOU HAVE READ, UNDERSTAND AND AGREE TO THIS PRIVACY POLICY, AND (II) YOU ARE OVER 16 YEARS OF AGE (OR HAVE HAD YOUR PARENT OR GUARDIAN READ AND AGREE TO THIS PRIVACY POLICY FOR YOU). If you do not agree, or are unable to make this promise, you must not use the Service. In such case, you must (a) contact us and request deletion of your data; (b) leave the Website and not access or use it; and (c) cancel any active subscriptions.
Any translation from English version is provided for your convenience only. In the event of any difference in meaning or interpretation between the English language version of this Privacy Policy available at [link], and any translation, the English language version will prevail. The original English text shall be the sole legally binding version.
"GDPR" means the General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.
"EEA" includes all current member states to the European Union and the European Free Trade Association. For the purpose of this policy EEA shall include the United Kingdom of Great Britain and Northern Ireland.
"Process", in respect of personal data, includes to collect, store, and disclose to others.
AV WELLBEING SOLUTIONS LIMITED, a company registered under the laws of Cyprus, having its registered office at 12 Promitheos St., 1065 Nicosia, Cyprus, will be the controller of your personal data.
CATEGORIES OF PERSONAL DATA WE COLLECT
We collect data you give us voluntarily (for example, your name and email address). We also collect data automatically (for example, your IP address).
FOR WHAT PURPOSES WE PROCESS YOUR PERSONAL DATA
We process your personal data:
To provide our Service
This includes enabling you to use the Service in a seamless manner and preventing or addressing Service errors or technical issues. As a result of such processing, we will provide you with the output of your request.
Our use and transfer of information received from the browser extension (the "Extension") is used solely to provide and improve the Extension's core, user-facing features, which include grammar checking, paraphrasing, and summarizing text.
To provide you with customer support
We process your personal data to respond to your requests for technical support, Service information or to any other communication you initiate. For this purpose, we may send you, for example, notifications or emails about, the performance of our Service, security, payment transactions, notices regarding our Terms and Conditions of Use or this Privacy Policy.
To communicate with you regarding your use of our Service
We communicate with you, for example, by emails. These may include reminders or other information about the Service. As a result, you will, for example, receive an email that a new feature has been deployed in the Service. To opt-out of receiving emails, you should click unsubscribe link in the footer of each email.
To research and analyze your use of the Service
This helps us to better understand our business, analyze our operations, maintain, improve, innovate, plan, design, and develop the Service and our new products. We also use such data for statistical analysis purposes, to test and improve our offers. This enables us to better understand what categories of users use our Services. As a consequence, we often decide how to improve the Service based on the results obtained from this processing.
To send you marketing communications
We process your personal data for our marketing campaigns. As a result, you will receive information about our products, such as, for example, special offers or new features and products available on the Website. We may send you emails for marketing purposes. If you do not want to receive marketing emails from us, you can unsubscribe by clicking on the "Unsubscribe" link located in the footer of the marketing emails.
To send you marketing communications, we use Reteno, a cross-channel marketing platform that allows us to send you in-app messages, push notifications and emails. Reteno Privacy Policy.
To personalize our ads
We and our partners use your personal data to tailor ads and possibly even show them to you at the relevant time. For example, if you visited our Website, you might see ads of our products in your Facebook's feed.
How to opt out or influence personalized advertising
To process your payments
We provide paid products and/or services within the Service. For this purpose, we use third-party services for payment processing (for example, payment processors). As a result of this processing, you will be able to make a payment and we will be notified that the payment has been made.
We will not store or collect your payment card details ourselves. This information will be provided directly to our third-party payment processors.
To enable the purchase and to process your payments we use Solidgate, payment processing provider. Solidgate's Privacy Policy.
To enforce our Terms and Conditions of Use and to prevent and combat fraud
We use personal data to enforce our agreements and contractual commitments, to detect, prevent, and combat fraud. As a result of such processing, we may share your information with others, including law enforcement agencies (in particular, if a dispute arises in connection with our Terms and Conditions of Use).
To comply with legal obligations
We may process, use, or share your data when the law requires it, in particular, if a law enforcement agency requests your data by available legal means.
UNDER WHAT LEGAL BASES WE PROCESS YOUR PERSONAL DATA
In this section, we are letting you know what legal basis we use for each particular purpose of processing. For more information on a particular purpose, please refer to Section 3. This section applies only to EEA-based users.
We process your personal data under the following legal bases:
to perform our contract with you;
Under this legal basis we:
• Provide our Service (in accordance with our Terms and Conditions of Use) • Provide you with customer support • Communicate with you regarding your use of our Service • Process your payments
for our (or others') legitimate interests, unless those interests are overridden by your interests or fundamental rights and freedoms that require protection of personal data;
We rely on legitimate interests:
• to communicate with you regarding your use of our Service • to research and analyze your use of the Service • to send you marketing communications • to personalize our ads • to enforce our Terms and Conditions of Use and to prevent and combat fraud
to comply with legal obligations.
WITH WHOM WE SHARE YOUR PERSONAL DATA
We share information with third parties that help us operate, provide, improve, integrate, customize, support, and market our Service. We may share some sets of personal data, in particular, for purposes and with parties indicated in Section 3 of this Privacy Policy. The types of third parties we share information with include, in particular:
Service providers
We share personal data with third parties that we hire to provide services or perform business functions on our behalf, based on our instructions. We may share your personal information with the following types of service providers:
• artificial intelligence services providers (Open.AI) • cloud storage providers (Amazon Web Services) • data analytics providers (Amplitude, Google, Meta, Tableau, BigQuery) • communication service providers (Zendesk, Reteno) • marketing partners (in particular, social media networks, marketing agencies, email delivery services; Meta, Google, TikTok) • payment service providers (Solid)
Law enforcement agencies and other public authorities
We may use and disclose personal data to enforce our Terms and Conditions of Use, to protect our rights, privacy, safety, or property, and/or that of our affiliates, you or others, and to respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, or in other cases provided for by law.
Third parties as part of a merger or acquisition
As we develop our business, we may buy or sell assets or business offerings. Customers' information is generally one of the transferred business assets in these types of transactions. We may also share such information with any affiliated entity (e.g. parent company or subsidiary) and may transfer such information in the course of a corporate transaction, such as the sale of our business, a divestiture, merger, consolidation, or asset sale, or in the unlikely event of bankruptcy.
HOW YOU CAN EXERCISE YOUR PRIVACY RIGHTS
To be in control of your personal data, you have the following rights:
Accessing / reviewing / updating / correcting your personal data. You may review, edit, or change the personal data that you had previously provided on the Website.
Deleting your personal data. You can request erasure of your personal data as permitted by law.
When you request deletion of your personal data, we will use reasonable efforts to honor your request. In some cases, we may be legally required to keep some of the data for a certain time; in such event, we will fulfill your request after we have complied with our obligations.
Objecting to or restricting the use of your personal data. You can ask us to stop using all or some of your personal data or limit our use thereof.
Additional information for EEA-based users:
If you are based in the EEA, you have the following rights in addition to the above:
The right to lodge a complaint with supervisory authority. We would love you to contact us directly, so we could address your concerns. Nevertheless, you have the right to lodge a complaint with a competent data protection supervisory authority, in particular in the EU Member State where you reside, work or where the alleged infringement has taken place.
The right to data portability. If you wish to receive your personal data in a machine-readable format, you can send respective request to us as described below.
To exercise any of your privacy rights, please send a request to support@steptwo.ai.
AGE LIMITATION
We do not knowingly process personal data from persons under 16 years of age. If you learn that anyone younger than 16 has provided us with personal data, please contact us.
INTERNATIONAL DATA TRANSFERS
We may transfer personal data to countries other than the country in which the data was originally collected in order to provide the Service set forth in the Terms and Conditions of Use and for purposes indicated in this Privacy Policy. If these countries do not have the same data protection laws as the country in which you initially provided the information, we deploy special safeguards.
In particular, if we transfer personal data originating from the EEA to countries with not adequate level of data protection, we use one of the following legal bases: (i) Standard Contractual Clauses approved by the European Commission (details available here), or (ii) the European Commission adequacy decisions about certain countries (details available here).
CHANGES TO THIS PRIVACY POLICY
We may modify this Privacy Policy from time to time. If we decide to make material changes to this Privacy Policy, you will be notified by available means such as email and will have an opportunity to review the revised Privacy Policy. By continuing to access or use the Service after those changes become effective, you agree to be bound by the revised Privacy Policy.
U.S. STATES PRIVACY NOTICE
Applicability
If you reside in a state that has enacted consumer privacy laws, this section applies to you. This U.S. States Privacy Notice ("Notice") supplements our Privacy Policy and provides disclosures required by laws in states such as California, Colorado, Connecticut, Delaware, Iowa, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Texas, Utah, and Virginia.
This Notice is designed to supplement our Privacy Policy to ensure compliance with state-specific laws and applies to the collection, use, and sharing of your Personal Information through our websites, mobile applications, and other online or offline services (collectively, the "Services").
For California residents, this also serves as our California Notice at Collection.
This Notice does not apply to information collected about employees, job applicants, or independent contractors in the context of employment.
Definition of Personal Information
The definition of "Personal Information" may vary by state law. Generally, it refers to "information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household."
YOUR RIGHTS
Certain U.S. state privacy laws grant residents specific rights regarding their personal information. If you reside in a state with such laws, you may have the following rights:
Right to Data Portability/Access You may have the right to request access to the specific pieces of personal information we have collected about you in the 12 months preceding your request. Where applicable, we may provide this data in an electronic, portable, and readily usable format.
Right to Know You may be entitled to receive information regarding the categories of Personal Information we collected, the sources from which we collected Personal Information, the purposes for which we collected and shared Personal Information, the categories of Personal Information that we sold and the categories of third parties to whom the Personal Information was sold, and the categories of Personal Information that we disclosed for a business purpose in the 12 months preceding your request.
Right to Deletion You may have the right to request that we delete the personal information we have collected from you. We will use commercially reasonable efforts to fulfill your request, subject to applicable laws. However, we may be required to retain certain information for legitimate business purposes or as required by law.
Right to Opt-Out of Sales, Sharing, and Targeted Advertising You may have the right to opt out of certain uses of your personal information, including: • The "sale" or "sharing" of your personal information as defined under state privacy laws. • The use of your personal information for targeted advertising.
To opt out, you can: • Visit our "Do Not Sell/Share My Personal Data" form. • Submit a request via our support team.
Right to Limit the Use of Sensitive Personal Information Certain states provide the right to restrict how businesses use sensitive personal information. If applicable, please contact us at support@steptwo.ai with the subject line "Limit the Use of Sensitive Personal Information." We will process such requests in accordance with applicable laws.
Right to Withdraw Consent Where applicable, you have the right to withdraw your consent for data collection and sharing.
Right to Correct (Rectification) You may have the right to request that we correct inaccurate personal information we maintain about you.
How to Exercise Your Rights To exercise any of the available privacy rights, please send a request to support@steptwo.ai or use the privacy features available in our products.
California "Shine the Light" Law California residents have the right to request, once per year, a list of third parties to whom we have disclosed their personal information for direct marketing purposes in the prior calendar year. To obtain this information from us, please send an email message to support@steptwo.ai, which includes "Request for California Shine the Light Privacy Information" on the subject line and your state of residence and email address in the body of your message.
Right to Appeal If we deny your request, you may have the right to appeal our decision. To do so, please contact us and explain your concerns. If you are dissatisfied with the result of the appeal, you may escalate the matter by contacting the Attorney General's office in your state of residence.
Non-Discrimination You have the right to exercise your privacy rights without fear of discrimination or retaliation. However, we may provide different levels of service or pricing based on the value of your personal information, as permitted by applicable law.
DATA RETENTION AND SECURITY
We will store your personal data for as long as it is reasonably necessary for achieving the purposes set forth in this Privacy Policy (including providing the Service to you). We will also retain and use your personal data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Security measures:
We implement commercially reasonable technical and organizational safeguards to prevent unauthorized access, use, or disclosure. Our key security measures include:
• Encryption in transit: All personal data transmitted via our website and Chrome Extension is encrypted using HTTPS/TLS protocols. • Secure infrastructure: We store all personal and usage data on reputable cloud providers, such as Amazon Web Services (AWS), which comply with industry standards for physical and digital security. • Encryption at rest: Where appropriate, we apply encryption to stored data to prevent access in case of unauthorized server access. • Access control: Access to personal data is strictly limited to authorized employees, contractors, or service providers who need this data to operate or improve the Service. All such individuals are subject to contractual confidentiality obligations. • Monitoring and logging: We monitor our systems for unauthorized access and regularly review our data processing practices to detect and respond to potential threats. • Data minimization: We collect and store only the personal data necessary for the functioning of our services and limit retention periods accordingly.
HOW "DO NOT TRACK" REQUESTS ARE HANDLED
Except as otherwise stipulated in this Privacy Policy, this Website does not support "Do Not Track" requests. To determine whether any of the third-party services it uses honor the "Do Not Track" requests, please read their privacy policies.
CONTACT US
You may contact us at any time for details regarding this Privacy Policy and its previous versions. For any questions concerning your account or your personal data please contact us at support@steptwo.ai.