Privacy Policy

Effective as of september 30, 2018

We are committed to respecting your data privacy and providing transparency about our data practices. This Privacy Policy (this “Privacy Policy”) explains how rommanapps, Inc. (“Company” or “we” or “us”) collects, stores, uses, transfers and discloses Personal Data from our users (“you”) in connection with the Flo™ mobile application and related services (collectively, the “App”). We reserve the right to and may change this Privacy Policy from time to time. If we make any material changes, we will notify you by email (sent to the email address specified when you register), through the App, or by presenting you with a new version of this Privacy Policy for you to accept, if we, for example, add new processing activities or collect some additional Personal Data from you. Your continued use of the App after the effective date of an updated version of the Privacy Policy will indicate your acceptance of the Privacy Policy as modified. In some cases, you will have to explicitly accept changes to Privacy Policy to continue using the App. We encourage you to periodically review our website and the App for the latest information on our data privacy practices. If you do not accept the terms of the Privacy Policy, we ask that you do not use the App. Please exit the App immediately if you do not agree to the terms of this Privacy Policy.

1. Personal data and information we collect from you

Personal data you provide to us When you use the App, we may collect Personal Data about you such as:

a) Gender

b) Weight

c) Training

YOUR CONSENT. By creating a profile in the App, you explicitly consent that: I. WE MAY STORE AND PROCESS YOUR PERSONAL DATA YOU PROVIDE THROUGH THE USAGE OF THE APP AND THROUGH THE ACCOUNT CREATION PROCESS SOLELY FOR THE PURPOSE OF PROVIDING SERVICES TO YOU, TO IMPROVE OUR SERVICE FEATURES AND OTHER PURPOSES . II. WE WILL NOT TRANSMIT ANY OF YOUR PERSONAL DATA TO THIRD PARTIES, EXCEPT IF IT IS REQUIRED TO PROVIDE THE SERVICE TO YOU (E.G. TECHNICAL SERVICE PROVIDERS), UNLESS WE HAVE ASKED FOR YOUR EXPLICIT CONSENT.

2. How we use your personal data and information

We may use your information, including your Personal Data, for the following purposes:

a. to analyze, operate, maintain and improve the App, to add new features and services to the App;

b. to customize content you see when you use the App;

c. to provide and deliver the products and services you request, process transactions and send you related information, including confirmations and reminders;

d. to verify your identity;

e. to send you technical notices, updates, security alerts and support and administrative messages;

f. for billing (invoicing), account management and other administrative purposes, if applies;

g. to respond to your comments, questions and requests and provide customer service;

h. to monitor and analyze trends, usage and activities in connection with our App

i. to link or combine with information we get from others or (and) from you to help understand your needs and provide you with better service (to use in training of neural networks, artificial intelligence, as well as for any other automated decision-making processing);

j. for scientific and academic research purposes

k. for any other purposes disclosed to you at the time we collect Personal Data or any other purposes indicated in this Privacy Policy.

We will not process Personal Data in a way that is incompatible with the purposes for which it has been collected or subsequently authorized by you . For any new purpose of processing we will ask your separate explicit consent. To the extent necessary for those purposes, we take all reasonable steps to ensure that Personal Data is reliable for its intended use, accurate, complete, and current. We also undertake to collect only such amount and type of Personal Data that is strictly required for the purposes mentioned in this Section of the Privacy Policy (“data minimization principle”).

3. Your rights

Modification, correction and erasure

You are able to modify, correct, erase, and update your Personal Data by writing us at info@rommanapps.com

Access

You have a right to access your Personal Data you insert into the App and ask us about what king of Personal Data we have about you. You can do this by using the app settings or by writing us at info@rommanapps.com.

EU residents

Individuals residing in the countries of the European Union have certain statutory rights in relation to their personal data introduced by the General Data Protection Regulation (the “GDPR”). Subject to any exemptions provided by law, you may have the right to request access to Personal data (including in a structured and portable form), as well as to seek to update, delete or correct Personal data:

a. Rectification of Personal Data and Restriction of Processing. You are responsible for ensuring the accuracy of your Personal Data that you submit to Flo. Inaccurate information will affect your experience when using the Flo Web Sites and tools and our ability to contact you as described in this Privacy Policy. If you believe that your Personal Data is inaccurate, you have right to contact us and ask us to correct such Personal Data by contacting us at info@rommanapps.com. You shall also have the right to request restriction of processing of your Personal Data, if you contest the accuracy of the Personal Data and we need some time to verify its accuracy.

b. Access to your Personal Data and Data Portability. The App gives you the ability to access and update Personal Data within the App and your account settings. You shall have the right to request information about whether we have any Personal Data about you, to access your Personal data (including in a structured and portable form) by simply writing us at info@rommanapps.com.

c. Erasure of your Personal Data. If you believe that your Personal Data is no longer necessary in relation to the purposes for which it was collected or otherwise processed, or in cases where you have withdrawn your consent or object to the processing of your Personal Data, or in cases where the processing of your Personal Data does not otherwise comply with the GDPR, you have right to contact us and ask us to erase such Personal Data as described above. You can simply write us at info@rommanapps.com. Please be aware that erasing some Personal Data inserted by you may affect your possibility to utilize the App and its features. Erasure of some Personal Data may also take some time due to technical reasons.

d. Right to object processing of your Personal Data. You can object processing your Personal Data and stop us from processing your Personal data, simply write us at info@rommanapps.com. Please be aware that erasing some Personal Data inserted by you may affect your possibility to use the App and its features.

e. Notice about automated decision-making.We use automated decision-making tools (e.g. neural networks) that process your Personal Data in order to provide you proper Services (for example, predictions of your cycle). Normally, such automated decision-making works more precisely, if you insert more Personal Data about your cycle, symptoms, physical activities that our neural networks can work with. Our neural networks process this information in order to track particular dependencies and correlations in your cycles and symptoms and provide you more personalized information about your cycle and its predictions.

f.Notification requirements. We commit to notify you within reasonable period of time and your data protection authority within the timeframe specified in applicable law (72 hours) about any personal data breaches in the App.

g. Data Protection Authorities. Subject to GDPR, you also have the right to (i) restrict our use of Personal Data and (ii) lodge a complaint with your local data protection authority about any of our activities that you deem are not compliant with GDPR.

Please keep in mind that in case of a vague access, erasure, objection request or any other request in exercise of the mentioned rights we may engage the individual in a dialogue so as to better understand the motivation for the request and to locate responsive information. In case this is impossible, we reserve the right to refuse granting your request. Following the provisions of GDPR we might also require you to prove your identity (for example, by requesting an ID or any other proof of identity) in order for you to invoke the mentioned rights, specifically if you exercise them in respect to special categories of Personal Data like data about health. This is made to ensure that no rights of third parties are violated by your request, and the rights described in this section are exercised by an actual Personal Data subject or an authorized person. Please note that we will grant your request within 30 days after receiving it, but it may take us up to 90 days in some cases, for example for full erasure of your Personal Data stored in our backup systems - this is due to the size and complexity of the systems we use to store data.

4. Sharing you personal data and information

Personal Data We Share with Third Parties. We may share certain Personal Data, excluding information regarding your marked cycles, pregnancy, symptoms, notes and other information that is entered by you and that you do not elect to share, with third party vendors who supply software applications, web hosting and other technologies for the App. Third parties will not have access to our survey results and we will not reveal information about which articles you view. We will only provide these third parties with access to information that is reasonably necessary to perform their work or comply with the law. Those third parties will never use such information for any other purpose except to provide services in connection with the App. Apart of the cases regulated by this Privacy Policy we will never transfer your Personal Data to any third party without your prior explicit consent.

Among others we may share your Personal Data with the following third-party services:

1. Fabric. We use Fabric, an analytics company and a Google subsidiary, to better understand your use of the App. For example, Fabric may use device identifiers that are stored on your mobile device and allow us to analyze your use of the App in order to improve our app feature. Read more about Fabric. Read about Fabric privacy approach here.

Facebook and Google. We use Facebook Analytics and Google Analytics tools to track installs of our App. Normally, Facebook and Google collect only non-personally identifiable information, though some Personal Data like device identifiers may be transferred to Facebook and Google. Read more about analytical services provided by Facebook here. And by Google here. You can find their data practices in ‘Privacy’ sections.

BY USING THE APP, YOU CONSENT THAT WE MAY USE COOKIES AND THIRD-PARTY SERVICES, AND COLLECT YOUR USAGE DATA UNDER A UNIQUE IDENTIFIER, FOR THE PURPOSES OF TRACKING, ANALYSIS, AND IMPROVEMENT OF THE APP.

a. Aggregated Information. We may also share aggregated, anonymized or de-identified information, which cannot reasonably be used to identify you. For example, we may share, including, without limitation, in articles, blog posts and scientific publications, general age demographic information and aggregate statistics about certain activities or symptoms from data collected to help identify patterns across users.

b.Special Circumstances. We will not share or sell any of your Personal Data to any third party except as otherwise stated in this Privacy Policy and in the following circumstances: (i) in response to subpoenas, court orders or legal processes, to the extent permitted and as restricted by law (including to meet national security or law enforcement requirements); (ii) when disclosure is required to maintain the security and integrity of the App, or to protect any user’s security or the security of other persons, consistent with applicable laws; (iii) when disclosure is directed or consented to by the user who has input the Personal Data; (iv) in the event that we go through a business transition, such as a merger, divestiture, acquisition, liquidation or sale of all or a portion of its assets, your information will, in most instances, be part of the assets transferred.

c. Third party (onward) transfers and Privacy Shield compliance. In the context of an onward transfer, we have responsibility for the processing of Personal Data we receive under the Privacy Shield (See Section 11 of this Privacy Policy) or generally from the EU and Swiss residents and subsequently transfer to a third party acting as an agent on our behalf. We remain liable under the Principles (as defined below) and GDPR if our agent processes such Personal Data in a manner inconsistent with the Principles and GDPR, unless we prove that we are not responsible for the event giving rise to the damage. For any onward transfer we commit to execute a formal agreement with any receiving party or processor acting on our behalf.

If we receive Personal Data subject to our certification under the Privacy Shield and then transfer it to a third-party service provider acting as an agent on our behalf, we have certain liability under the Privacy Shield if both (i) the agent processes the Personal Data in a manner inconsistent with the Privacy Shield and (ii) we are responsible for the event giving rise to the damage.

5. Retention of your personal data

We will retain your Personal Data as long as your account is active or needed to provide you services, and only for as long as it serves purposes of processing identified in Section 2 of this Privacy Policy. At any time, you can remove your Personal Data as specified in Section 3 of this Privacy Policy. You should be aware that we may retain certain Personal Data and other information after your account has been terminated in an aggregated, anonymized form. Any posts or comments you submit may remain visible if and after you delete your account. We are not obligated to remove your posts or comments. We reserve the right to use your information in any aggregated data collection after you have terminated your account, however we will ensure that the use of such information will not identify you personally. We will also retain your Personal Data as necessary to comply with legal obligations, resolve disputes and enforce our agreements. If you remove data from your account, you will no longer see it in the App, but some backups of the data may remain in our archive servers for a reasonable period of time due to technical solutions we use. However, we undertake to delete any such backups within a reasonable period of time. If you choose to delete the App, deactivate your account, we retain your Personal data for as long as your account is active and a reasonable period thereafter in case you decide to re-activate the Services. We also retain some of your information as necessary to comply with our legal obligations, to resolve disputes, to enforce our agreements, to support business operations, and to continue to develop and improve our Services. Where we retain information for Service improvement and development, we take steps to eliminate information that directly identifies you, and we only use the information to uncover collective insights about the use of our Services, not to specifically analyze personal characteristics about you.

6. Security

We take all reasonable and appropriate measures to protect all collected Personal Data from loss, theft, misuse and unauthorized access, disclosure, alteration and destruction, taking into account the nature of the Personal Data that we process and risks associated with special categories of Personal Data we collect (information about health).

7. Contact us

If you have any questions or concerns about your privacy, any provisions of this Privacy Policy or any of your rights, you may contact us at:

Romman Smart applications.

info@rommanapps.com