Effective as of 4th of February 2020
We understand how important it is to explain the privacy implications to you and that standard legal wording of these documents may be incomprehensible. For this reason, we have provided standard wording of the policy and simplified explanations under appropriate paragraphs italicized. If any part of the document is not clear to you please contact us at [email protected]. Please note that text in italics is only for convenience and that text in normal formatting is legally binding. In the event that there are differences in these texts the text in normal formatting is considered applicable.
- Who we are
We are (called Ketomealplan throughout this document), a company from United States, and we are responsible for your personal information that is under our control. Here you can find all the information you need to understand how we deal with your data. You can reach us at [email protected].
- Types of information
2.1 The Information on Users is divided into personally identifiable (PII) and non-personally identifiable information (Non-PII) depending on whether information, alone or with other information, can identify the User as a specific person. Information about legal entities does not fall within the scope of personal information.
Every piece of information we collect about you can be categorized into two types: 1) information which can be used to recognize you as an individual person such as your name, address, phone number… and 2) information that is completely anonymous and we can’t figure out who it belongs to such as your browser type version of operating system you use…
- Collection and use of PII
3.1 We may obtain some personally identifiable information about Users in order to provide Services. The information we collect is necessary to provide the Services, and we shall not collect any information which is not required by the nature of the Services. We may collect some of the following personally identifiable information:
- E-mail address
- General biometrics
- Log files and usage data
- Payment information
- Other information which you choose to provide
We will only collect what we really need, no more, no less. For every piece of information we collect we have a compelling reason to do so. Depending on how you use our Platform we may collect your full name, email address, information about your age, gender, height, weight, target goals, exercise activity, information about your use of the Platform, and your payment information. You may at some point also tell us more about yourself but don’t worry, we will keep it between us.
3.2 When entering into contract for using our Services you have to provide your name. Ketomealplan will only use this information to create an account for you and to address you whenever we contact you.
3.3 Ketomealplan will collect your name when you contact us through email or through other communication media provided that such information is contained within a communication. We will use this information only for addressing you in our responses.
We need to know who we are entering into business with and who we are addressing in our communication. For this reason we will collect your full name and use it to prepare the agreements and address you properly. You may also introduce yourself when you contact us even if you don’t use our services and we will address you by name when responding. We may learn about your name from the website of the company you work at, but only if you are listed as a contact person.
(B) Email address
– When you contact us. We will collect your email address whenever you contact us through our email [email protected]. Whenever we collect your email address this way, we will only use it in order to respond to your enquiry.
– When you subscribe to the newsletter. We will collect your email address when you subscribe to receive more information about Ketomealplan.
We need your email address to contact you. Whether we need to respond to your request when you contact us, send you information about our Services when you subscribe to our newsletter or if we found out about your email address from the company you work at and want to approach you about an offer, we will collect your email address and use it only for the specific purpose for which the information is obtained. If you only sent us a question to our email we will not respond by sending you hundreds of marketing emails. We are very strict when it comes to emails and don’t want to bother you unless you expect us to.
(C) General biometrics
3.5 In order to provide our Services we need to process Information about your gender, age, height, weight, goal weight loss, amount of exercise you are getting, how fast do you want to lose the weight, and which food you do not like. All this information is necessary to calculate the right meal plan for you and is not used for any other purpose.
In order to make calculations for the meal plan that is just right for you we need to know more about how much calories you spend and what would be the optimal calorie intake for you. This is determined by a series of biometric data in combination with our algorithm.
(D) Payment information
All payments are processed through trusted third-party payment processor called Stripe. That means that we do not see or access your payment information and everything is done by Stripe.
(E) Log files and usage data
3.7 We integrate security systems on our Site to prevent malicious attempts and exploits of the Site. We scan IP addresses and ban IP addresses that show malicious signs such as seeking exploits and similar. We process this information in the interest of protecting the integrity of the Site and of the databases connected with it. We collect your IP address on the basis of a legitimate interest to maintain the integrity and safety of our databases.
3.8 The Platform collects a series of general data and information when a person accesses the Platform. Information that is collected may include (1) the software and browser types and versions used, (2) the operating system used by the accessing system, (3) the date and time of access to the Services, (4) the internet service provider of the accessing system, and (5) any other similar data and information that may be used in the event of attacks on our information technology systems.
3.9 We collect this information for breach investigation purposes and for providing customer support. When using this information, we may connect specific log files with specific Users. This information is needed to (1) troubleshoot problems and correct system bugs, (2) deliver the content of our Site and Services correctly, (3) optimise the content of our Site as well as its advertisement, (4) ensure the long-term viability of our information technology systems and website technology, and (5) provide law enforcement authorities with the information necessary for criminal prosecution in case of a cyber-attack. We collect this information based on our legitimate interest or for performance of our contractual obligation where applicable.
How you use our website is very important to us. Some people may try to ‘hack’ our website; other may have a problem viewing the content while some may experience issues with the functionality. In each of these cases your machine is communicating with the server where the website is hosted and the server is keeping track of those communications. We can use this data to protect us from attacks, to fix bugs and issues, and to display the appropriate content to your browser. You may also experience issues with the Site and we can only fix them when we know what’s “under the hood” and what happened that caused the issue. Sometimes, although not always, these pieces of data may contain personal information such as your IP address.
(F) Other Information
3.10 You may at some point choose to provide other information which is not required for the proper functioning of the Services. In all such cases we will use this information only for the purpose for which you disclosed it. If we are not sure as to why you are providing such information we will contact you wherever possible. Otherwise we will delete such information.
It is possible that when we communicate you may disclose some personal information that is not listed in this document. Maybe you want to tell us about the school project that was similar to our software or that you have a birthday coming up. We promise that we will not misuse this information.
3.11 Some Services will not be available to you if you do not provide the requested Information. We may keep records of any questions, complaints or compliments made by you and the response, if any. Whenever you contact us, we shall collect any information which you chose to provide. We shall store and use this information only for the purpose of responding to your enquiries. Information contained within the enquiry, free from any personally identifiable information, will be stored on our servers for the purpose of improving our Services and providing the best customer support possible.
If you don’t tell us who you are we can’t enter into an agreement with you. Similarly some services can’t function if we do not have your information. On the other hand we will not ask for your information unless we absolutely need to have it. If you send us something we will only keep it if we can remove any trace of your personal information.
We only use your information for us. We will not sell it, rent it, publicly display it or do anything else that will lead to your information getting into the wrong hands. However, we may share your information with our contractors and subcontractor but they may only use your information under our control and only for the purposes you allowed or knew about.
3.13 We may disclose your personal information to our partners, agents and operators under confidentiality or similar agreements, including data processors who we believe reasonably need to come into contact with that information: (i) to provide Services per your request; (ii) to administer our business or the website; (iii) to provide customer support; (iv) to update account information; (v) to forward updates, announcements, and newsletters; (vi) to respond to your communications, and communicate with you about the website and other activities related to the Services; (vii) in the event of any reorganization, merger, sale, joint venture, assignment, transfer or disposition of all or any portion of Ketomealplan’s business or operations (including without limitation in connection with bankruptcy or any similar proceedings); or (viii) as otherwise authorized by you.
3.14 We have implemented security procedures and measures in order to ensure appropriate protection of the information we process, against any misuse, unauthorised access, disclosure or modification.
3.15 We acknowledge that the safety of your information is one of the highest priorities and therefore only authorised processors have access to your information. Although we take all appropriate measures in respect to keeping your information secure, you understand that no data security measures in the world can offer 100% protection. If we ever find or suspect a personal data breach we will without delay after becoming aware of it, notify you if there is a high risk to your rights associated with the data breach.
We do our best to keep your data secure. Unfortunately, no security system is 100% secure so just in case we had prepared an “emergency plan” if we ever get breached. We will also notify the authorities as soon as possible about any suspected data breach. We will also aim to notify you if we have your contact information.
3.16 The processing of the information is being performed automatically, without human intervention. However, whenever you contact us through email, the information within the email will be handled and processed by a real person in order to provide you with the answer to the email.
We process your information automatically. A real person will process your data only when we need to communicate with you. We do this to minimize possible data leaks.
- Storage and transfer of Information
4.1 Information will be stored on secure servers which are located in US. Hosted servers are controlled and maintained in accordance with sufficient privacy safeguards. We may store or transfer information on Users to processors located outside of US, provided that such countries implement appropriate and suitable safeguards regarding the security of personal information.
We will keep your data within US and transfer it to other countries only if we need to use subcontractors from such countries. Before we send data to anyone we make sure that they will handle it securely and that no additional risks are involved with such transfers.
4.3 Some services require the use of third-party solutions or the website or e-mails may contain links to other external websites that do not fall under our domain. When you are redirected from our website to the third-party website you are no longer interacting with our website and we are not responsible for the privacy practices or the content of such external websites. Any information that you provide through third-party websites will be handled and processed in accordance with their Privacy Policies and other applicable terms.
When you are redirected to other websites or other applications you are no longer interacting with us. Be careful who you are giving your personal information to, because not everyone uses it in the same way.
- Third Party Services, and Cookies
5.1 We use third-party service providers for some aspects of our services, such as managing emails, communication environment, signing the documents, providing customer support and similar. These service providers sometimes need your personal information in order to properly deliver functionality, but they may only collect and use it under our control.
We sometimes integrate functionalities of some other service providers to help us deliver the services to you. If we provide them with some of your personal information we do it only under strict data processing agreements and we exercise our control over them.
- Information retention period
6.1 Information is stored on the servers only for the duration necessary for providing the Services and maintaining the integrity of our databases. If you register to use our Services, we will store your information for as long as you have an active account. As soon as you terminate your account we will remove all information we have collected about you unless we have appropriate legal grounds for continuing their processing.
We only keep your information when it is really necessary. As soon as we do not need it we will delete it.
- Contact Information