Last updated: 09.16.2024

Privacy Policy (Platform)

Privacy Policy (Platform)

Privacy Policy (Platform)

GENERAL

Welcome to Mellow Software, Inc. and its affiliates (the "Company", "we", "us" and "our") privacy policy for platform users (the "Policy"). Please read this Policy carefully and ensure you fully understand and agree to it.

Our platform is intended for use by health care providers ("Customers"), allowing them to operate and receive information regarding calls conducted through our call center with patients and caregivers and with respect to appointment schedules, payments and insurance information, and related services, features and functionality offered via the platform (the "Services", "Platform").

This Privacy Policy (the “Policy”) forms an integral part of our  Service Agreement (the “Agreement”) and applies to our registered customers when they use our Platform and the Services, as well as any electronic communications exchanged between us. In addition, we are processing Customer Personal Data on behalf of our Customers. The Policy describes our practices regarding the collection, use and disclosure of the information we collect from and relating to our Customers. 

This Policy does not apply to Customer Personal Data, including data of our Customer's patients and caregivers. Our Customers are responsible for maintaining their own privacy policies governing the collection, use and disclosure of Personal Data and for obtaining the necessary authorizations and consents before any Customer Personal Data are made available to us for use through the Services. We are not responsible for how our Customers treat personal data we collect on their behalf.

You understand and agree that the Company may collect, maintain, and process information provided by you, on and through the Services. You represent and warrant that you have permission to share any information you elect to provide to the Company, you consent to such information being shared with third parties as described in this Policy, and that such information is accurate, current and consistent and relevant for the purpose for which you are providing information.

For the purposes of this Policy:

“CCPA” means the California Consumer Privacy Act of 2018, as amended by CPRA.

“CPRA” means the California Privacy Rights Act of 2020, as amended from time to time.

"Customer Personal Data" means any personal data or personal information of data subjects contained within the data provided to or accessed by the Company or on behalf of Customer or in connection with the Services.

"Personal Data" or "Personal Information" means any information that identifies an individual or relates to an identifiable individual, or as defined by applicable privacy laws.

In this respect the parties acknowledge and agree that: 

  • ‍We will not collect or use personal data for purposes other than those described in this Policy, our Agreement, and/or in any other legal instrument in effect between us. 

  • This Policy is not intended to override the terms of any contract you have with us, nor any rights you may have under other applicable data privacy laws.

  • We are a Service Provider with respect to that Customer Personal Data under the CCPA and CPRA, as applicable;

  • Customer is a Business with respect to that Customer Personal Data under the CCPA and CPRA, as applicable; and

  • Each party will comply with the obligations applicable to it under the applicable data protection legislation with respect to the processing of that Customer Personal Data.

Capitalized terms that are not defined herein shall have the meanings set forth in the Agreement.

You can choose not to provide us with certain information, but by doing so, you may not be able to take advantage of many of the features and functionality of our Services.


Specifically, this Policy describes –


1. WHAT TYPES OF DATA WE COLLECT?

2. WHY DO WE COLLECT PERSONAL DATA?

3. RECIPIENT OF PERSONAL DATA

4. COOKIES AND TRACKING TECHNOLOGIES

5. DATA RETENTION

6. ‍‍UNITED STATES ONLY

7. INFORMATION SECURITY

8. PRIVACY RIGHTS

9. PRIVACY TOWARDS CHILDREN

10. CHANGES TO THIS POLICY

11. CONTACT US

12. ADDITIONAL INFORMATION FOR US STATE RESIDENTS



  1.  WHAT TYPES OF DATA WE COLLECT?

Information you provide us.

  • We make our Platform available to our Customers for a variety of uses. In order to provide the Services to Customers, we collect certain personal data such as contact and registration information from the Customer's authorized user signing up on behalf of the Customer ("User"). The Company collects and uses User personal data when a User registers for our Services, subscribe to our newsletters, use any of our Services or when they contact us directly by any communication channel, a User may give us personal data about them.

‍‍ The information you give us may include your name, e-mail address, phone number, position, company name, business postal address, information you include in your communications with us, and other personal data you choose to provide us. We do not collect health information about our Users.

  • Information you may provide when you communicate with us by via the Services, or by phone, e-mail, or otherwise. We may monitor and record phone calls, e-mails, live chats, or other communications between you and our Service representatives.

  • If you provide information regarding another entity, you represent to us that you were authorized by that entity to give us consent to use the submitted information. 


‍Information we collect when you use the Services.

  • When you access or use our Platform and Services, we may automatically receive and record information from your mobile device and browser, including your cookie information, your geolocation, regional and language settings, device model, operating system, screen resolution, internet service provider, mobile carrier and software and hardware attributes, etc.

  • ‍In addition, we may automatically collect and store the following information for statistical purposes (“Log Data”): technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our Services (including date and time); page response times, download errors, length of visits to certain pages, page interaction information etc.  

 ‍

‍Cookies.

When you visit or access our Platform and Services we may use (and authorize 3rd parties to use) pixels, cookies and other tracking technologies (collectively, "Cookies"). We use Cookies to help us compile aggregated data about our platform's interaction so that we can offer better site experiences and tools in the future. For more information see section "Cookies" below.

​If you turn cookies off, some of the features that make your Services experience more efficient may not function properly.  

 

  1. WHY DO WE COLLECT PERSONAL DATA?

​The personal data we collect and process is used for the following purposes:

  • To operate and provide our Services and guarantee their use.

  • To further develop, customize, expand, improve and secure our Services.

  • To communicate with you and to provide our Customers ongoing customer assistance and technical support, notably when you contact us, including sending notifications about changes to our Services and provide information that is relevant to the use of the Services.

  • To detect, prevent and otherwise thwart any malfeasance to our Services.

  • To analyze our performance.

  • To facilitate and optimize our marketing campaigns, and to manage and deliver advertisements for our Services more effectively, including on other websites and applications. This includes contextual, behavioral and interests-based advertising based on our customers' preferences or other data available to us;

  • To create aggregated statistics or other aggregated and inferred non-personal data or anonymized or pseudonymized data (rendered non-personal) on users of the Services, which we or others may use to provide and improve our respective Services, or for any other business purpose such as business intelligence.

  • To protect and enforce our rights, privacy and security, safety, systems and property, or those of other persons, and resolve disputes.

  • Notifications and Promotional Communications: we may send you notifications, messages and other promotional updates about new services, features and offerings, or any other information we think our customers will find valuable. We may provide such notices through any of the contact means available to us (e.g. SMS messages, e-mail, phone calls etc.), through the Services, or through our marketing campaigns on any other site or platform. If you do not wish to receive such promotional communications, you may notify us at any time by sending an email to: hello@askleo.io or by clicking on the 'unsubscribe' link in any such message, or by following any instructions we may include in the message sent to you (the “Opt-out request”). 

  • ‍As necessary to comply with any legal obligations that we or our customers are or may be subject to under any applicable law.


  1. ​RECIPIENTS OF PERSONAL DATA

We may disclose certain personal data to the following recipients:

  • Third party service providers for operational and business purposes, to enable the operation of the Services, such as: phone call infrastructure provider, communications and content delivery providers, call recording, speech-to-text provider, text-to-speech provider, Large Language Model (LLM) provider, hosting service providers, analytics partners, data and cyber security services, billing and payment processing services, performance measurement, marketing and advertising services, legal and financial advisors. 

  • Legal obligations - when it is required to satisfy applicable laws or to respond to a lawful request for information.

  • Our affiliated companies: We may share your personal data internally within our affiliated companies, for the purposes described in this Policy.  

  • In the event that we go through a business transition, such as a merger, acquisition by another company, or sale of all or a portion of its assets (including during negotiations for such transaction), your personal data may be among the assets transferred, subject to restrictions similar to those contained herein or as otherwise be required by applicable laws.


We may also use and disclose your personal data in additional manners, pursuant to your explicit approval, if we are legally obligated to do so, or if we have successfully rendered such data non- identifiable and anonymous.

4‍. COOKIES AND TRACKING TECHNOLOGIES

A cookie is a piece of information that the computer that hosts our Services gives to your browser when you access the Platform and Services. We utilize cookies, anonymous identifiers, pixels, container tags and other tracking technologies in order for us to provide and monitor our Platform and Services, to ensure that they perform properly, to analyze our performance and marketing activities, and to personalize your experience. Such cookies and similar files or tags may also be temporarily placed on your device. Certain cookies and other technologies serve to recall personal data, such as an IP address. We may also use third-party cookies that are placed by third party company such as Google Analytics, as explained below.  

Most browsers allow you to control cookies, including whether or not to accept them and how to remove them. You may set most browsers to notify you if you receive a cookie, or you may choose to block cookies with your browser. Please note that deleting or disabling our cookies may prevent you from accessing certain areas or features of our Services or may otherwise adversely affect your user experience.

Our Platform may use the following types of cookies:

  • Essential/Strictly Necessary Cookies: These cookies are necessary for the Services to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the Sites will not then work.

  • Analytics/Performance Cookies: These cookies allow us to count visits and traffic sources, so we can measure and improve the performance of our Services. They help us know which pages are the most and least popular and see how visitors move around the Sites.

  • Targeting/Advertising Cookies: These types of cookies may be set by our advertising partners. These cookies may be used by those advertising partners to build a profile of your interests and to show you relevant adverts on other websites. You may opt-out of certain sharing of information through these cookies, by sending a request as explained under your privacy rights below

  • Analytics Services: We may use third-party web analytics services (such as Google Analytics) and other technologies on our Services to: collect and analyze usage information through cookies and similar tools; engage in activities such as auditing, research, or reporting; and provide certain features to you. To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-out Browser Add-on.


Online Tracking:

At this time, this Service does not support Do-Not-Track signals.



  1. ANALYTICS

Customer acknowledges and agrees that Company may create and derive from processing related to the Services anonymised, de-identified, and/or aggregated data that does not identify Customer or any natural person (collectively, “Anonymized Data”), and use, publicise or share with third parties the Anonymized Data to improve Company's products and services and for its other legitimate business purposes. Anonymized Data shall not be considered Customer Personal Data to the extent permissible under applicable data protection legislation.



  1. ‍DATA RETENTION​

​​We may retain communications with you in order to process your inquiries, respond to your requests and improve the Services.  

We will retain your personal data for as long as is necessary to fulfill the purposes outlined in this Policy, or as long as is set out in any relevant agreement you hold with us, unless a longer retention period is required or permitted by law.

All retained personal data will remain subject to the terms of this Policy.



  1. UNITED STATES ONLY

The Services are intended for use only in the United States of America (USA). If you use the Services or contact us from outside of the USA, please be advised that (i) any information you provide to us or that we automatically collect will be transferred to the USA; and (ii) by using the Services or submitting information, you explicitly authorize its transfer to and subsequent processing in the USA in accordance with this Policy. 


  1. ‍INFORMATION SECURITY

​​We implement commercially suitable administrative, technical, and physical  measures to reduce the risks of damage, loss of information and unauthorized access or use of information. These measures do not provide absolute information security. Therefore, it is not guaranteed, and you cannot expect, that the Services will be immune to information security risks.


You should take steps to protect against unauthorized access to your password, phone, and computer by, among other things, signing off after using a shared computer, choosing a robust password that nobody else knows or can easily guess, and keeping your log-in and password private. We are not responsible for any lost, stolen, or compromised passwords or for any activity on your account via unauthorized password activity.

  1. YOUR PRIVACY RIGHTS  

​Where applicable under certain privacy protection law, you may have certain rights in connection with your personal data and the manner by which we handle it. Therefore, you may have the right to request access to, receive a copy of, update, amend or delete, restrict, or object to certain uses of your personal data or to port such personal data, or the right to equal services and prices (each to the extent available to you under the laws which apply to you). Further, when we rely on your consent for processing of your personal data (for instance, for direct marketing) you can withdraw your consent at any time. Some of these rights may be subject to certain exceptions or limitations in accordance with applicable law. 

 

Opt-out of marketing communications: If you wish to opt out of our use of your contact information for our direct marketing purposes, you can click on the 'unsubscribe' link in any such message or contact us at: hello@askleo.io.  

To protect the privacy and the security of your information, we may request information from you to enable us to confirm your identity. We will respond to your request in a reasonable timeframe, with accordance to applicable law.

  1. POLICY TOWARD CHILDREN

The Services are not designed for or directed at Users that are children under the age of 18 years old ("Minors"). If you become aware that a child has provided us with personal data as a User, he or she should contact us using the details provided hereunder.

  1. CHANGES TO THIS PRIVACY POLICY

This Policy may be amended at any time and from time to time, consistent with the requirements of applicable data protection laws. Changes to this Policy shall become binding and effective when they are published on our Platform or Services.

If you have any questions about this Policy, please contact at: hello@askleo.io 


  1. CONTACT US 

If you have any further questions, please contact us by email at: hello@askleo.io


_____________________________________________________________________________

  1. ADDITIONAL INFORMATION FOR US STATE RESIDENTS

The information in this section applies to you if you are a U.S. resident in a state with an applicable privacy law or regulation.



This section of our Policy details what personal data we collect about you under U.S. applicable privacy laws and regulations, the sources of the personal data, the purposes of use and disclosure, and the categories of third parties that may receive that personal data. 

​Please read this section in combination with the other sections of this Policy for a complete understanding of how we collect, use, and disclose your personal data.



The Policy above describes the categories of personal data we may collect and the sources of such information (in Section ‎2 above), and our retention (Section ‎6) and deletion (Section 9) practices. We also included information about how we may process your data (in Sections ‎3 through ‎8), which includes “business purposes” under the CCPA. 



  1. Categories of Information:

In the last 12 months, we collected the following categories of personal information:
 

  • Contact information provided by our customer users

  • Personal and online identifiers, such as IP addresses and cookie history

  • Commercial and transaction information

  • Content of customer interaction with our customer support

  • Users' browsing journey from and to the platform Services

  • Internet or other electronic network activity information

  • Non-precise Geolocation data (IP address only)



  1. Sources of Information

The sources from which we obtain personal data are:

  • Directly from you when you log-in to our Services, subscribe to our newsletter, or when you contact us directly by any communication channels.
     

  • When you use the Services, through monitoring of use by cookies and other tracking technology.
     

  1. Sales or Sharing of Your Information:

We do not act as data brokers or otherwise trade in your data.  However, under some US data protection laws, like the CCPA, our disclosure of certain internet activity and device information with third parties through cookies on our customer platform may be considered a “sale” or “sharing” of personal data.  

We may have "sold" (using that term as defined by U.S. privacy laws and regulations) or shared the categories of personal data listed above in the past 12 months to our affiliates, third party service providers, promotional partners, advertising partners, analytics partners, and social media platforms.



  1. The purpose for collecting, sharing or selling information:

administering the provision of our Services, authenticating users access requests when they log-in or access our Services, providing customer support as required, detecting and preventing security incidents, debugging and fixing errors, maintaining and enhancing our Services, allowing users to receive our commercial communications when they have agreed to receive them, marketing our services and attributing engagement with our Services to the applicable marketing campaigns.

For the purpose of the CCPA, in the last 12 months we may have 'sold' or 'shared' your personal data mentioned above with other parties as necessary for the purposes described above, for example:

  • Data analytics, advertising and marketing vendors.

  • Service providers as described under Section 3 above.  

  • Third parties that collect information on our Users through our Services for serving ads and marketing materials and related activities such as campaign measurement and analytics.

  • Affiliates. Our affiliated companies, for purposes consistent with this Policy.

  • Law enforcement, government bodies, regulators and other parties for legal reasons. We may share your personal data with third parties as required by law or if reasonably necessary to (i) detect and investigate illegal activities and breaches of agreements; and/or (ii) exercise or protect the rights, property, or safety of the Company, our personnel or others.

  • Business transfers. Parties to transactions and potential transactions whereby we sell, transfer or otherwise share some or all of our business or assets, including your personal data, such as a merger, consolidation, acquisition, reorganization or sale of assets (including negotiations for such transaction), or in the event of bankruptcy or dissolution.

We do not knowingly collect, use, sell or share the personal data of Users who are children under the age of 18.



  1. Sensitive Personal Information:

We may process sensitive personal data in accordance with applicable laws and do not use or disclose sensitive personal data in any way that would require us to provide an opt-out opportunity under the applicable laws.



  1. Retention of Information:

We retain your personal data for the time period reasonably necessary to achieve the purposes described in this Policy, or any other notice provided at the time of collection.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of such data, the potential risk of harm from unauthorized use or disclosure of such data, the purposes for which we process it, and the applicable legal requirements.



  1. Consumer Rights

California and other states residents may have certain consumer rights. These rights may include:

  • The right to know what Personal Information we collect, including (1) the right to request information regarding the categories of Personal Information we collect along with other information such as the categories of sources from which the information is collected and third parties with whom it is shared and (2) the right to access/ request a copy of the specific pieces of Personal Information we collect;

  • The right to delete Personal Information that we collect from you, subject to certain exceptions;

  • The right to correct inaccurate Personal Information that we maintain about you;

  • The right to opt-out of the sale or sharing of Personal Information;

  • The right to opt-out of certain uses of Sensitive Personal Information; and

  • The right not to be retaliated or discriminated against for exercising any rights in good faith.



When you submit a request, we may request information from you to enable us to confirm your identity.

You may also designate an authorized agent to submit a request on your behalf. 
Depending on the nature of the request, we may authenticate the request by requesting additional information or documentation, such as account related information, billing information and the submission of specific documents.

No Discrimination. We do not discriminate against any individual for exercising their rights under this section.



  1. How to make a request in order to exercise your rights?

Where applicable, to make an access request, a deletion request or an “opt-out” of the “sale” request (as described above), please email: hello@askleo.io 

Please note that these rights are not absolute, and may be subject to the relevant applicable laws, our own legitimate interests and regulatory requirements. 

Before completing your request, we may need to verify your identity or the identity of your authorized representative. We may request additional documentation or information solely for the purpose of verifying your identity.  


All requests, complaints or queries may be addressed to the Company to the following email address: hello@askleo.io 



We will consider any request, complaint or query and provide you with a reply in a timely manner. We take our obligations seriously and we ask that any concerns are first brought to our attention, so that we can try to resolve them. To the extent you feel unsatisfied with our response to your request to exercise your rights, you may choose to send us a request to appeal our decision. If you are unsatisfied with our response, you can lodge a complaint with the applicable data protection supervisory authority.


GENERAL

Welcome to Mellow Software, Inc. and its affiliates (the "Company", "we", "us" and "our") privacy policy for platform users (the "Policy"). Please read this Policy carefully and ensure you fully understand and agree to it.

Our platform is intended for use by health care providers ("Customers"), allowing them to operate and receive information regarding calls conducted through our call center with patients and caregivers and with respect to appointment schedules, payments and insurance information, and related services, features and functionality offered via the platform (the "Services", "Platform").

This Privacy Policy (the “Policy”) forms an integral part of our  Service Agreement (the “Agreement”) and applies to our registered customers when they use our Platform and the Services, as well as any electronic communications exchanged between us. In addition, we are processing Customer Personal Data on behalf of our Customers. The Policy describes our practices regarding the collection, use and disclosure of the information we collect from and relating to our Customers. 

This Policy does not apply to Customer Personal Data, including data of our Customer's patients and caregivers. Our Customers are responsible for maintaining their own privacy policies governing the collection, use and disclosure of Personal Data and for obtaining the necessary authorizations and consents before any Customer Personal Data are made available to us for use through the Services. We are not responsible for how our Customers treat personal data we collect on their behalf.

You understand and agree that the Company may collect, maintain, and process information provided by you, on and through the Services. You represent and warrant that you have permission to share any information you elect to provide to the Company, you consent to such information being shared with third parties as described in this Policy, and that such information is accurate, current and consistent and relevant for the purpose for which you are providing information.

For the purposes of this Policy:

“CCPA” means the California Consumer Privacy Act of 2018, as amended by CPRA.

“CPRA” means the California Privacy Rights Act of 2020, as amended from time to time.

"Customer Personal Data" means any personal data or personal information of data subjects contained within the data provided to or accessed by the Company or on behalf of Customer or in connection with the Services.

"Personal Data" or "Personal Information" means any information that identifies an individual or relates to an identifiable individual, or as defined by applicable privacy laws.

In this respect the parties acknowledge and agree that: 

  • ‍We will not collect or use personal data for purposes other than those described in this Policy, our Agreement, and/or in any other legal instrument in effect between us. 

  • This Policy is not intended to override the terms of any contract you have with us, nor any rights you may have under other applicable data privacy laws.

  • We are a Service Provider with respect to that Customer Personal Data under the CCPA and CPRA, as applicable;

  • Customer is a Business with respect to that Customer Personal Data under the CCPA and CPRA, as applicable; and

  • Each party will comply with the obligations applicable to it under the applicable data protection legislation with respect to the processing of that Customer Personal Data.

Capitalized terms that are not defined herein shall have the meanings set forth in the Agreement.

You can choose not to provide us with certain information, but by doing so, you may not be able to take advantage of many of the features and functionality of our Services.


Specifically, this Policy describes –


1. WHAT TYPES OF DATA WE COLLECT?

2. WHY DO WE COLLECT PERSONAL DATA?

3. RECIPIENT OF PERSONAL DATA

4. COOKIES AND TRACKING TECHNOLOGIES

5. DATA RETENTION

6. ‍‍UNITED STATES ONLY

7. INFORMATION SECURITY

8. PRIVACY RIGHTS

9. PRIVACY TOWARDS CHILDREN

10. CHANGES TO THIS POLICY

11. CONTACT US

12. ADDITIONAL INFORMATION FOR US STATE RESIDENTS



  1.  WHAT TYPES OF DATA WE COLLECT?

Information you provide us.

  • We make our Platform available to our Customers for a variety of uses. In order to provide the Services to Customers, we collect certain personal data such as contact and registration information from the Customer's authorized user signing up on behalf of the Customer ("User"). The Company collects and uses User personal data when a User registers for our Services, subscribe to our newsletters, use any of our Services or when they contact us directly by any communication channel, a User may give us personal data about them.

‍‍ The information you give us may include your name, e-mail address, phone number, position, company name, business postal address, information you include in your communications with us, and other personal data you choose to provide us. We do not collect health information about our Users.

  • Information you may provide when you communicate with us by via the Services, or by phone, e-mail, or otherwise. We may monitor and record phone calls, e-mails, live chats, or other communications between you and our Service representatives.

  • If you provide information regarding another entity, you represent to us that you were authorized by that entity to give us consent to use the submitted information. 


‍Information we collect when you use the Services.

  • When you access or use our Platform and Services, we may automatically receive and record information from your mobile device and browser, including your cookie information, your geolocation, regional and language settings, device model, operating system, screen resolution, internet service provider, mobile carrier and software and hardware attributes, etc.

  • ‍In addition, we may automatically collect and store the following information for statistical purposes (“Log Data”): technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our Services (including date and time); page response times, download errors, length of visits to certain pages, page interaction information etc.  

 ‍

‍Cookies.

When you visit or access our Platform and Services we may use (and authorize 3rd parties to use) pixels, cookies and other tracking technologies (collectively, "Cookies"). We use Cookies to help us compile aggregated data about our platform's interaction so that we can offer better site experiences and tools in the future. For more information see section "Cookies" below.

​If you turn cookies off, some of the features that make your Services experience more efficient may not function properly.  

 

  1. WHY DO WE COLLECT PERSONAL DATA?

​The personal data we collect and process is used for the following purposes:

  • To operate and provide our Services and guarantee their use.

  • To further develop, customize, expand, improve and secure our Services.

  • To communicate with you and to provide our Customers ongoing customer assistance and technical support, notably when you contact us, including sending notifications about changes to our Services and provide information that is relevant to the use of the Services.

  • To detect, prevent and otherwise thwart any malfeasance to our Services.

  • To analyze our performance.

  • To facilitate and optimize our marketing campaigns, and to manage and deliver advertisements for our Services more effectively, including on other websites and applications. This includes contextual, behavioral and interests-based advertising based on our customers' preferences or other data available to us;

  • To create aggregated statistics or other aggregated and inferred non-personal data or anonymized or pseudonymized data (rendered non-personal) on users of the Services, which we or others may use to provide and improve our respective Services, or for any other business purpose such as business intelligence.

  • To protect and enforce our rights, privacy and security, safety, systems and property, or those of other persons, and resolve disputes.

  • Notifications and Promotional Communications: we may send you notifications, messages and other promotional updates about new services, features and offerings, or any other information we think our customers will find valuable. We may provide such notices through any of the contact means available to us (e.g. SMS messages, e-mail, phone calls etc.), through the Services, or through our marketing campaigns on any other site or platform. If you do not wish to receive such promotional communications, you may notify us at any time by sending an email to: hello@askleo.io or by clicking on the 'unsubscribe' link in any such message, or by following any instructions we may include in the message sent to you (the “Opt-out request”). 

  • ‍As necessary to comply with any legal obligations that we or our customers are or may be subject to under any applicable law.


  1. ​RECIPIENTS OF PERSONAL DATA

We may disclose certain personal data to the following recipients:

  • Third party service providers for operational and business purposes, to enable the operation of the Services, such as: phone call infrastructure provider, communications and content delivery providers, call recording, speech-to-text provider, text-to-speech provider, Large Language Model (LLM) provider, hosting service providers, analytics partners, data and cyber security services, billing and payment processing services, performance measurement, marketing and advertising services, legal and financial advisors. 

  • Legal obligations - when it is required to satisfy applicable laws or to respond to a lawful request for information.

  • Our affiliated companies: We may share your personal data internally within our affiliated companies, for the purposes described in this Policy.  

  • In the event that we go through a business transition, such as a merger, acquisition by another company, or sale of all or a portion of its assets (including during negotiations for such transaction), your personal data may be among the assets transferred, subject to restrictions similar to those contained herein or as otherwise be required by applicable laws.


We may also use and disclose your personal data in additional manners, pursuant to your explicit approval, if we are legally obligated to do so, or if we have successfully rendered such data non- identifiable and anonymous.

4‍. COOKIES AND TRACKING TECHNOLOGIES

A cookie is a piece of information that the computer that hosts our Services gives to your browser when you access the Platform and Services. We utilize cookies, anonymous identifiers, pixels, container tags and other tracking technologies in order for us to provide and monitor our Platform and Services, to ensure that they perform properly, to analyze our performance and marketing activities, and to personalize your experience. Such cookies and similar files or tags may also be temporarily placed on your device. Certain cookies and other technologies serve to recall personal data, such as an IP address. We may also use third-party cookies that are placed by third party company such as Google Analytics, as explained below.  

Most browsers allow you to control cookies, including whether or not to accept them and how to remove them. You may set most browsers to notify you if you receive a cookie, or you may choose to block cookies with your browser. Please note that deleting or disabling our cookies may prevent you from accessing certain areas or features of our Services or may otherwise adversely affect your user experience.

Our Platform may use the following types of cookies:

  • Essential/Strictly Necessary Cookies: These cookies are necessary for the Services to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the Sites will not then work.

  • Analytics/Performance Cookies: These cookies allow us to count visits and traffic sources, so we can measure and improve the performance of our Services. They help us know which pages are the most and least popular and see how visitors move around the Sites.

  • Targeting/Advertising Cookies: These types of cookies may be set by our advertising partners. These cookies may be used by those advertising partners to build a profile of your interests and to show you relevant adverts on other websites. You may opt-out of certain sharing of information through these cookies, by sending a request as explained under your privacy rights below

  • Analytics Services: We may use third-party web analytics services (such as Google Analytics) and other technologies on our Services to: collect and analyze usage information through cookies and similar tools; engage in activities such as auditing, research, or reporting; and provide certain features to you. To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-out Browser Add-on.


Online Tracking:

At this time, this Service does not support Do-Not-Track signals.



  1. ANALYTICS

Customer acknowledges and agrees that Company may create and derive from processing related to the Services anonymised, de-identified, and/or aggregated data that does not identify Customer or any natural person (collectively, “Anonymized Data”), and use, publicise or share with third parties the Anonymized Data to improve Company's products and services and for its other legitimate business purposes. Anonymized Data shall not be considered Customer Personal Data to the extent permissible under applicable data protection legislation.



  1. ‍DATA RETENTION​

​​We may retain communications with you in order to process your inquiries, respond to your requests and improve the Services.  

We will retain your personal data for as long as is necessary to fulfill the purposes outlined in this Policy, or as long as is set out in any relevant agreement you hold with us, unless a longer retention period is required or permitted by law.

All retained personal data will remain subject to the terms of this Policy.



  1. UNITED STATES ONLY

The Services are intended for use only in the United States of America (USA). If you use the Services or contact us from outside of the USA, please be advised that (i) any information you provide to us or that we automatically collect will be transferred to the USA; and (ii) by using the Services or submitting information, you explicitly authorize its transfer to and subsequent processing in the USA in accordance with this Policy. 


  1. ‍INFORMATION SECURITY

​​We implement commercially suitable administrative, technical, and physical  measures to reduce the risks of damage, loss of information and unauthorized access or use of information. These measures do not provide absolute information security. Therefore, it is not guaranteed, and you cannot expect, that the Services will be immune to information security risks.


You should take steps to protect against unauthorized access to your password, phone, and computer by, among other things, signing off after using a shared computer, choosing a robust password that nobody else knows or can easily guess, and keeping your log-in and password private. We are not responsible for any lost, stolen, or compromised passwords or for any activity on your account via unauthorized password activity.

  1. YOUR PRIVACY RIGHTS  

​Where applicable under certain privacy protection law, you may have certain rights in connection with your personal data and the manner by which we handle it. Therefore, you may have the right to request access to, receive a copy of, update, amend or delete, restrict, or object to certain uses of your personal data or to port such personal data, or the right to equal services and prices (each to the extent available to you under the laws which apply to you). Further, when we rely on your consent for processing of your personal data (for instance, for direct marketing) you can withdraw your consent at any time. Some of these rights may be subject to certain exceptions or limitations in accordance with applicable law. 

 

Opt-out of marketing communications: If you wish to opt out of our use of your contact information for our direct marketing purposes, you can click on the 'unsubscribe' link in any such message or contact us at: hello@askleo.io.  

To protect the privacy and the security of your information, we may request information from you to enable us to confirm your identity. We will respond to your request in a reasonable timeframe, with accordance to applicable law.

  1. POLICY TOWARD CHILDREN

The Services are not designed for or directed at Users that are children under the age of 18 years old ("Minors"). If you become aware that a child has provided us with personal data as a User, he or she should contact us using the details provided hereunder.

  1. CHANGES TO THIS PRIVACY POLICY

This Policy may be amended at any time and from time to time, consistent with the requirements of applicable data protection laws. Changes to this Policy shall become binding and effective when they are published on our Platform or Services.

If you have any questions about this Policy, please contact at: hello@askleo.io 


  1. CONTACT US 

If you have any further questions, please contact us by email at: hello@askleo.io


_____________________________________________________________________________

  1. ADDITIONAL INFORMATION FOR US STATE RESIDENTS

The information in this section applies to you if you are a U.S. resident in a state with an applicable privacy law or regulation.



This section of our Policy details what personal data we collect about you under U.S. applicable privacy laws and regulations, the sources of the personal data, the purposes of use and disclosure, and the categories of third parties that may receive that personal data. 

​Please read this section in combination with the other sections of this Policy for a complete understanding of how we collect, use, and disclose your personal data.



The Policy above describes the categories of personal data we may collect and the sources of such information (in Section ‎2 above), and our retention (Section ‎6) and deletion (Section 9) practices. We also included information about how we may process your data (in Sections ‎3 through ‎8), which includes “business purposes” under the CCPA. 



  1. Categories of Information:

In the last 12 months, we collected the following categories of personal information:
 

  • Contact information provided by our customer users

  • Personal and online identifiers, such as IP addresses and cookie history

  • Commercial and transaction information

  • Content of customer interaction with our customer support

  • Users' browsing journey from and to the platform Services

  • Internet or other electronic network activity information

  • Non-precise Geolocation data (IP address only)



  1. Sources of Information

The sources from which we obtain personal data are:

  • Directly from you when you log-in to our Services, subscribe to our newsletter, or when you contact us directly by any communication channels.
     

  • When you use the Services, through monitoring of use by cookies and other tracking technology.
     

  1. Sales or Sharing of Your Information:

We do not act as data brokers or otherwise trade in your data.  However, under some US data protection laws, like the CCPA, our disclosure of certain internet activity and device information with third parties through cookies on our customer platform may be considered a “sale” or “sharing” of personal data.  

We may have "sold" (using that term as defined by U.S. privacy laws and regulations) or shared the categories of personal data listed above in the past 12 months to our affiliates, third party service providers, promotional partners, advertising partners, analytics partners, and social media platforms.



  1. The purpose for collecting, sharing or selling information:

administering the provision of our Services, authenticating users access requests when they log-in or access our Services, providing customer support as required, detecting and preventing security incidents, debugging and fixing errors, maintaining and enhancing our Services, allowing users to receive our commercial communications when they have agreed to receive them, marketing our services and attributing engagement with our Services to the applicable marketing campaigns.

For the purpose of the CCPA, in the last 12 months we may have 'sold' or 'shared' your personal data mentioned above with other parties as necessary for the purposes described above, for example:

  • Data analytics, advertising and marketing vendors.

  • Service providers as described under Section 3 above.  

  • Third parties that collect information on our Users through our Services for serving ads and marketing materials and related activities such as campaign measurement and analytics.

  • Affiliates. Our affiliated companies, for purposes consistent with this Policy.

  • Law enforcement, government bodies, regulators and other parties for legal reasons. We may share your personal data with third parties as required by law or if reasonably necessary to (i) detect and investigate illegal activities and breaches of agreements; and/or (ii) exercise or protect the rights, property, or safety of the Company, our personnel or others.

  • Business transfers. Parties to transactions and potential transactions whereby we sell, transfer or otherwise share some or all of our business or assets, including your personal data, such as a merger, consolidation, acquisition, reorganization or sale of assets (including negotiations for such transaction), or in the event of bankruptcy or dissolution.

We do not knowingly collect, use, sell or share the personal data of Users who are children under the age of 18.



  1. Sensitive Personal Information:

We may process sensitive personal data in accordance with applicable laws and do not use or disclose sensitive personal data in any way that would require us to provide an opt-out opportunity under the applicable laws.



  1. Retention of Information:

We retain your personal data for the time period reasonably necessary to achieve the purposes described in this Policy, or any other notice provided at the time of collection.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of such data, the potential risk of harm from unauthorized use or disclosure of such data, the purposes for which we process it, and the applicable legal requirements.



  1. Consumer Rights

California and other states residents may have certain consumer rights. These rights may include:

  • The right to know what Personal Information we collect, including (1) the right to request information regarding the categories of Personal Information we collect along with other information such as the categories of sources from which the information is collected and third parties with whom it is shared and (2) the right to access/ request a copy of the specific pieces of Personal Information we collect;

  • The right to delete Personal Information that we collect from you, subject to certain exceptions;

  • The right to correct inaccurate Personal Information that we maintain about you;

  • The right to opt-out of the sale or sharing of Personal Information;

  • The right to opt-out of certain uses of Sensitive Personal Information; and

  • The right not to be retaliated or discriminated against for exercising any rights in good faith.



When you submit a request, we may request information from you to enable us to confirm your identity.

You may also designate an authorized agent to submit a request on your behalf. 
Depending on the nature of the request, we may authenticate the request by requesting additional information or documentation, such as account related information, billing information and the submission of specific documents.

No Discrimination. We do not discriminate against any individual for exercising their rights under this section.



  1. How to make a request in order to exercise your rights?

Where applicable, to make an access request, a deletion request or an “opt-out” of the “sale” request (as described above), please email: hello@askleo.io 

Please note that these rights are not absolute, and may be subject to the relevant applicable laws, our own legitimate interests and regulatory requirements. 

Before completing your request, we may need to verify your identity or the identity of your authorized representative. We may request additional documentation or information solely for the purpose of verifying your identity.  


All requests, complaints or queries may be addressed to the Company to the following email address: hello@askleo.io 



We will consider any request, complaint or query and provide you with a reply in a timely manner. We take our obligations seriously and we ask that any concerns are first brought to our attention, so that we can try to resolve them. To the extent you feel unsatisfied with our response to your request to exercise your rights, you may choose to send us a request to appeal our decision. If you are unsatisfied with our response, you can lodge a complaint with the applicable data protection supervisory authority.


GENERAL

Welcome to Mellow Software, Inc. and its affiliates (the "Company", "we", "us" and "our") privacy policy for platform users (the "Policy"). Please read this Policy carefully and ensure you fully understand and agree to it.

Our platform is intended for use by health care providers ("Customers"), allowing them to operate and receive information regarding calls conducted through our call center with patients and caregivers and with respect to appointment schedules, payments and insurance information, and related services, features and functionality offered via the platform (the "Services", "Platform").

This Privacy Policy (the “Policy”) forms an integral part of our  Service Agreement (the “Agreement”) and applies to our registered customers when they use our Platform and the Services, as well as any electronic communications exchanged between us. In addition, we are processing Customer Personal Data on behalf of our Customers. The Policy describes our practices regarding the collection, use and disclosure of the information we collect from and relating to our Customers. 

This Policy does not apply to Customer Personal Data, including data of our Customer's patients and caregivers. Our Customers are responsible for maintaining their own privacy policies governing the collection, use and disclosure of Personal Data and for obtaining the necessary authorizations and consents before any Customer Personal Data are made available to us for use through the Services. We are not responsible for how our Customers treat personal data we collect on their behalf.

You understand and agree that the Company may collect, maintain, and process information provided by you, on and through the Services. You represent and warrant that you have permission to share any information you elect to provide to the Company, you consent to such information being shared with third parties as described in this Policy, and that such information is accurate, current and consistent and relevant for the purpose for which you are providing information.

For the purposes of this Policy:

“CCPA” means the California Consumer Privacy Act of 2018, as amended by CPRA.

“CPRA” means the California Privacy Rights Act of 2020, as amended from time to time.

"Customer Personal Data" means any personal data or personal information of data subjects contained within the data provided to or accessed by the Company or on behalf of Customer or in connection with the Services.

"Personal Data" or "Personal Information" means any information that identifies an individual or relates to an identifiable individual, or as defined by applicable privacy laws.

In this respect the parties acknowledge and agree that: 

  • ‍We will not collect or use personal data for purposes other than those described in this Policy, our Agreement, and/or in any other legal instrument in effect between us. 

  • This Policy is not intended to override the terms of any contract you have with us, nor any rights you may have under other applicable data privacy laws.

  • We are a Service Provider with respect to that Customer Personal Data under the CCPA and CPRA, as applicable;

  • Customer is a Business with respect to that Customer Personal Data under the CCPA and CPRA, as applicable; and

  • Each party will comply with the obligations applicable to it under the applicable data protection legislation with respect to the processing of that Customer Personal Data.

Capitalized terms that are not defined herein shall have the meanings set forth in the Agreement.

You can choose not to provide us with certain information, but by doing so, you may not be able to take advantage of many of the features and functionality of our Services.


Specifically, this Policy describes –


1. WHAT TYPES OF DATA WE COLLECT?

2. WHY DO WE COLLECT PERSONAL DATA?

3. RECIPIENT OF PERSONAL DATA

4. COOKIES AND TRACKING TECHNOLOGIES

5. DATA RETENTION

6. ‍‍UNITED STATES ONLY

7. INFORMATION SECURITY

8. PRIVACY RIGHTS

9. PRIVACY TOWARDS CHILDREN

10. CHANGES TO THIS POLICY

11. CONTACT US

12. ADDITIONAL INFORMATION FOR US STATE RESIDENTS



  1.  WHAT TYPES OF DATA WE COLLECT?

Information you provide us.

  • We make our Platform available to our Customers for a variety of uses. In order to provide the Services to Customers, we collect certain personal data such as contact and registration information from the Customer's authorized user signing up on behalf of the Customer ("User"). The Company collects and uses User personal data when a User registers for our Services, subscribe to our newsletters, use any of our Services or when they contact us directly by any communication channel, a User may give us personal data about them.

‍‍ The information you give us may include your name, e-mail address, phone number, position, company name, business postal address, information you include in your communications with us, and other personal data you choose to provide us. We do not collect health information about our Users.

  • Information you may provide when you communicate with us by via the Services, or by phone, e-mail, or otherwise. We may monitor and record phone calls, e-mails, live chats, or other communications between you and our Service representatives.

  • If you provide information regarding another entity, you represent to us that you were authorized by that entity to give us consent to use the submitted information. 


‍Information we collect when you use the Services.

  • When you access or use our Platform and Services, we may automatically receive and record information from your mobile device and browser, including your cookie information, your geolocation, regional and language settings, device model, operating system, screen resolution, internet service provider, mobile carrier and software and hardware attributes, etc.

  • ‍In addition, we may automatically collect and store the following information for statistical purposes (“Log Data”): technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our Services (including date and time); page response times, download errors, length of visits to certain pages, page interaction information etc.  

 ‍

‍Cookies.

When you visit or access our Platform and Services we may use (and authorize 3rd parties to use) pixels, cookies and other tracking technologies (collectively, "Cookies"). We use Cookies to help us compile aggregated data about our platform's interaction so that we can offer better site experiences and tools in the future. For more information see section "Cookies" below.

​If you turn cookies off, some of the features that make your Services experience more efficient may not function properly.  

 

  1. WHY DO WE COLLECT PERSONAL DATA?

​The personal data we collect and process is used for the following purposes:

  • To operate and provide our Services and guarantee their use.

  • To further develop, customize, expand, improve and secure our Services.

  • To communicate with you and to provide our Customers ongoing customer assistance and technical support, notably when you contact us, including sending notifications about changes to our Services and provide information that is relevant to the use of the Services.

  • To detect, prevent and otherwise thwart any malfeasance to our Services.

  • To analyze our performance.

  • To facilitate and optimize our marketing campaigns, and to manage and deliver advertisements for our Services more effectively, including on other websites and applications. This includes contextual, behavioral and interests-based advertising based on our customers' preferences or other data available to us;

  • To create aggregated statistics or other aggregated and inferred non-personal data or anonymized or pseudonymized data (rendered non-personal) on users of the Services, which we or others may use to provide and improve our respective Services, or for any other business purpose such as business intelligence.

  • To protect and enforce our rights, privacy and security, safety, systems and property, or those of other persons, and resolve disputes.

  • Notifications and Promotional Communications: we may send you notifications, messages and other promotional updates about new services, features and offerings, or any other information we think our customers will find valuable. We may provide such notices through any of the contact means available to us (e.g. SMS messages, e-mail, phone calls etc.), through the Services, or through our marketing campaigns on any other site or platform. If you do not wish to receive such promotional communications, you may notify us at any time by sending an email to: hello@askleo.io or by clicking on the 'unsubscribe' link in any such message, or by following any instructions we may include in the message sent to you (the “Opt-out request”). 

  • ‍As necessary to comply with any legal obligations that we or our customers are or may be subject to under any applicable law.


  1. ​RECIPIENTS OF PERSONAL DATA

We may disclose certain personal data to the following recipients:

  • Third party service providers for operational and business purposes, to enable the operation of the Services, such as: phone call infrastructure provider, communications and content delivery providers, call recording, speech-to-text provider, text-to-speech provider, Large Language Model (LLM) provider, hosting service providers, analytics partners, data and cyber security services, billing and payment processing services, performance measurement, marketing and advertising services, legal and financial advisors. 

  • Legal obligations - when it is required to satisfy applicable laws or to respond to a lawful request for information.

  • Our affiliated companies: We may share your personal data internally within our affiliated companies, for the purposes described in this Policy.  

  • In the event that we go through a business transition, such as a merger, acquisition by another company, or sale of all or a portion of its assets (including during negotiations for such transaction), your personal data may be among the assets transferred, subject to restrictions similar to those contained herein or as otherwise be required by applicable laws.


We may also use and disclose your personal data in additional manners, pursuant to your explicit approval, if we are legally obligated to do so, or if we have successfully rendered such data non- identifiable and anonymous.

4‍. COOKIES AND TRACKING TECHNOLOGIES

A cookie is a piece of information that the computer that hosts our Services gives to your browser when you access the Platform and Services. We utilize cookies, anonymous identifiers, pixels, container tags and other tracking technologies in order for us to provide and monitor our Platform and Services, to ensure that they perform properly, to analyze our performance and marketing activities, and to personalize your experience. Such cookies and similar files or tags may also be temporarily placed on your device. Certain cookies and other technologies serve to recall personal data, such as an IP address. We may also use third-party cookies that are placed by third party company such as Google Analytics, as explained below.  

Most browsers allow you to control cookies, including whether or not to accept them and how to remove them. You may set most browsers to notify you if you receive a cookie, or you may choose to block cookies with your browser. Please note that deleting or disabling our cookies may prevent you from accessing certain areas or features of our Services or may otherwise adversely affect your user experience.

Our Platform may use the following types of cookies:

  • Essential/Strictly Necessary Cookies: These cookies are necessary for the Services to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the Sites will not then work.

  • Analytics/Performance Cookies: These cookies allow us to count visits and traffic sources, so we can measure and improve the performance of our Services. They help us know which pages are the most and least popular and see how visitors move around the Sites.

  • Targeting/Advertising Cookies: These types of cookies may be set by our advertising partners. These cookies may be used by those advertising partners to build a profile of your interests and to show you relevant adverts on other websites. You may opt-out of certain sharing of information through these cookies, by sending a request as explained under your privacy rights below

  • Analytics Services: We may use third-party web analytics services (such as Google Analytics) and other technologies on our Services to: collect and analyze usage information through cookies and similar tools; engage in activities such as auditing, research, or reporting; and provide certain features to you. To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-out Browser Add-on.


Online Tracking:

At this time, this Service does not support Do-Not-Track signals.



  1. ANALYTICS

Customer acknowledges and agrees that Company may create and derive from processing related to the Services anonymised, de-identified, and/or aggregated data that does not identify Customer or any natural person (collectively, “Anonymized Data”), and use, publicise or share with third parties the Anonymized Data to improve Company's products and services and for its other legitimate business purposes. Anonymized Data shall not be considered Customer Personal Data to the extent permissible under applicable data protection legislation.



  1. ‍DATA RETENTION​

​​We may retain communications with you in order to process your inquiries, respond to your requests and improve the Services.  

We will retain your personal data for as long as is necessary to fulfill the purposes outlined in this Policy, or as long as is set out in any relevant agreement you hold with us, unless a longer retention period is required or permitted by law.

All retained personal data will remain subject to the terms of this Policy.



  1. UNITED STATES ONLY

The Services are intended for use only in the United States of America (USA). If you use the Services or contact us from outside of the USA, please be advised that (i) any information you provide to us or that we automatically collect will be transferred to the USA; and (ii) by using the Services or submitting information, you explicitly authorize its transfer to and subsequent processing in the USA in accordance with this Policy. 


  1. ‍INFORMATION SECURITY

​​We implement commercially suitable administrative, technical, and physical  measures to reduce the risks of damage, loss of information and unauthorized access or use of information. These measures do not provide absolute information security. Therefore, it is not guaranteed, and you cannot expect, that the Services will be immune to information security risks.


You should take steps to protect against unauthorized access to your password, phone, and computer by, among other things, signing off after using a shared computer, choosing a robust password that nobody else knows or can easily guess, and keeping your log-in and password private. We are not responsible for any lost, stolen, or compromised passwords or for any activity on your account via unauthorized password activity.

  1. YOUR PRIVACY RIGHTS  

​Where applicable under certain privacy protection law, you may have certain rights in connection with your personal data and the manner by which we handle it. Therefore, you may have the right to request access to, receive a copy of, update, amend or delete, restrict, or object to certain uses of your personal data or to port such personal data, or the right to equal services and prices (each to the extent available to you under the laws which apply to you). Further, when we rely on your consent for processing of your personal data (for instance, for direct marketing) you can withdraw your consent at any time. Some of these rights may be subject to certain exceptions or limitations in accordance with applicable law. 

 

Opt-out of marketing communications: If you wish to opt out of our use of your contact information for our direct marketing purposes, you can click on the 'unsubscribe' link in any such message or contact us at: hello@askleo.io.  

To protect the privacy and the security of your information, we may request information from you to enable us to confirm your identity. We will respond to your request in a reasonable timeframe, with accordance to applicable law.

  1. POLICY TOWARD CHILDREN

The Services are not designed for or directed at Users that are children under the age of 18 years old ("Minors"). If you become aware that a child has provided us with personal data as a User, he or she should contact us using the details provided hereunder.

  1. CHANGES TO THIS PRIVACY POLICY

This Policy may be amended at any time and from time to time, consistent with the requirements of applicable data protection laws. Changes to this Policy shall become binding and effective when they are published on our Platform or Services.

If you have any questions about this Policy, please contact at: hello@askleo.io 


  1. CONTACT US 

If you have any further questions, please contact us by email at: hello@askleo.io


_____________________________________________________________________________

  1. ADDITIONAL INFORMATION FOR US STATE RESIDENTS

The information in this section applies to you if you are a U.S. resident in a state with an applicable privacy law or regulation.



This section of our Policy details what personal data we collect about you under U.S. applicable privacy laws and regulations, the sources of the personal data, the purposes of use and disclosure, and the categories of third parties that may receive that personal data. 

​Please read this section in combination with the other sections of this Policy for a complete understanding of how we collect, use, and disclose your personal data.



The Policy above describes the categories of personal data we may collect and the sources of such information (in Section ‎2 above), and our retention (Section ‎6) and deletion (Section 9) practices. We also included information about how we may process your data (in Sections ‎3 through ‎8), which includes “business purposes” under the CCPA. 



  1. Categories of Information:

In the last 12 months, we collected the following categories of personal information:
 

  • Contact information provided by our customer users

  • Personal and online identifiers, such as IP addresses and cookie history

  • Commercial and transaction information

  • Content of customer interaction with our customer support

  • Users' browsing journey from and to the platform Services

  • Internet or other electronic network activity information

  • Non-precise Geolocation data (IP address only)



  1. Sources of Information

The sources from which we obtain personal data are:

  • Directly from you when you log-in to our Services, subscribe to our newsletter, or when you contact us directly by any communication channels.
     

  • When you use the Services, through monitoring of use by cookies and other tracking technology.
     

  1. Sales or Sharing of Your Information:

We do not act as data brokers or otherwise trade in your data.  However, under some US data protection laws, like the CCPA, our disclosure of certain internet activity and device information with third parties through cookies on our customer platform may be considered a “sale” or “sharing” of personal data.  

We may have "sold" (using that term as defined by U.S. privacy laws and regulations) or shared the categories of personal data listed above in the past 12 months to our affiliates, third party service providers, promotional partners, advertising partners, analytics partners, and social media platforms.



  1. The purpose for collecting, sharing or selling information:

administering the provision of our Services, authenticating users access requests when they log-in or access our Services, providing customer support as required, detecting and preventing security incidents, debugging and fixing errors, maintaining and enhancing our Services, allowing users to receive our commercial communications when they have agreed to receive them, marketing our services and attributing engagement with our Services to the applicable marketing campaigns.

For the purpose of the CCPA, in the last 12 months we may have 'sold' or 'shared' your personal data mentioned above with other parties as necessary for the purposes described above, for example:

  • Data analytics, advertising and marketing vendors.

  • Service providers as described under Section 3 above.  

  • Third parties that collect information on our Users through our Services for serving ads and marketing materials and related activities such as campaign measurement and analytics.

  • Affiliates. Our affiliated companies, for purposes consistent with this Policy.

  • Law enforcement, government bodies, regulators and other parties for legal reasons. We may share your personal data with third parties as required by law or if reasonably necessary to (i) detect and investigate illegal activities and breaches of agreements; and/or (ii) exercise or protect the rights, property, or safety of the Company, our personnel or others.

  • Business transfers. Parties to transactions and potential transactions whereby we sell, transfer or otherwise share some or all of our business or assets, including your personal data, such as a merger, consolidation, acquisition, reorganization or sale of assets (including negotiations for such transaction), or in the event of bankruptcy or dissolution.

We do not knowingly collect, use, sell or share the personal data of Users who are children under the age of 18.



  1. Sensitive Personal Information:

We may process sensitive personal data in accordance with applicable laws and do not use or disclose sensitive personal data in any way that would require us to provide an opt-out opportunity under the applicable laws.



  1. Retention of Information:

We retain your personal data for the time period reasonably necessary to achieve the purposes described in this Policy, or any other notice provided at the time of collection.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of such data, the potential risk of harm from unauthorized use or disclosure of such data, the purposes for which we process it, and the applicable legal requirements.



  1. Consumer Rights

California and other states residents may have certain consumer rights. These rights may include:

  • The right to know what Personal Information we collect, including (1) the right to request information regarding the categories of Personal Information we collect along with other information such as the categories of sources from which the information is collected and third parties with whom it is shared and (2) the right to access/ request a copy of the specific pieces of Personal Information we collect;

  • The right to delete Personal Information that we collect from you, subject to certain exceptions;

  • The right to correct inaccurate Personal Information that we maintain about you;

  • The right to opt-out of the sale or sharing of Personal Information;

  • The right to opt-out of certain uses of Sensitive Personal Information; and

  • The right not to be retaliated or discriminated against for exercising any rights in good faith.



When you submit a request, we may request information from you to enable us to confirm your identity.

You may also designate an authorized agent to submit a request on your behalf. 
Depending on the nature of the request, we may authenticate the request by requesting additional information or documentation, such as account related information, billing information and the submission of specific documents.

No Discrimination. We do not discriminate against any individual for exercising their rights under this section.



  1. How to make a request in order to exercise your rights?

Where applicable, to make an access request, a deletion request or an “opt-out” of the “sale” request (as described above), please email: hello@askleo.io 

Please note that these rights are not absolute, and may be subject to the relevant applicable laws, our own legitimate interests and regulatory requirements. 

Before completing your request, we may need to verify your identity or the identity of your authorized representative. We may request additional documentation or information solely for the purpose of verifying your identity.  


All requests, complaints or queries may be addressed to the Company to the following email address: hello@askleo.io 



We will consider any request, complaint or query and provide you with a reply in a timely manner. We take our obligations seriously and we ask that any concerns are first brought to our attention, so that we can try to resolve them. To the extent you feel unsatisfied with our response to your request to exercise your rights, you may choose to send us a request to appeal our decision. If you are unsatisfied with our response, you can lodge a complaint with the applicable data protection supervisory authority.