MobileAppLab OÜ Privacy Policy

Effective Date: April 01, 2025

Overview

MobileAppLab OÜ (the “Company” or “We”) is the owner of the Ivite app. By using Ivite app, you acknowledge and consent to the collection and utilization of information in accordance with this Privacy Policy. Any personal data collected is solely intended to enhance and improve the app’s functionality. Your information will not be shared with third parties except as explicitly stated in this Privacy Policy.

This Privacy Policy outlines the principles governing the collection, use, and disclosure of personal information for individuals who choose to use the app when they interact with us through various channels, including:

  • Legal Obligations and Disclosures: We may disclose your personal information when required by law or when we believe it's necessary to comply with legal processes or protect our rights.
  • Using Ivite app App: We gather and process your personal data to provide and improve our services, when you use the Ivite app.
  • Adherence to This Policy: We are committed to using and disclosing your personal data only as described in this Privacy Policy.
  • Customer Support and Feedback: We handle your data to assist you effectively if you visit our help center or communicate with us via email or other channels.
  • Third-Party Data Collection: Certain third parties may collect information about your online activities over time and across different websites or platforms when you use our services. Please review their privacy policies to understand how they handle your data.
  • Visiting Website: This policy outlines how we manage and protect your information, when you browse ivite.app when applicable.
  • Communications: We ensure your personal data is handled responsibly when we reach out to you regarding our products and services.
  • Social Media Interaction: This policy details how we handle your data during engaging with you on platforms like Facebook, Twitter, Instagram, TikTok, and YouTube.
  • Business Transactions: In the event of a merger, acquisition, or sale of assets, your personal data may be transferred as part of that transaction.

This Privacy Policy does not apply to:

  • Third-Party Actions: We cannot control how third parties, such as social media or payment platforms, use your personal data beyond our own interactions with you.
  • Non-Personal Data: Information that does not identify an individual or household is not covered by this policy.
  • Company Personnel: The personal data of our employees, contractors and similar individuals is subject to separate policies.

MobileAppLab OÜ acts as a "data controller" regarding your personal data. This means we determine the purposes and means of processing your information.

Data Security

We implement reasonable and appropriate security measures to safeguard your personal data and protect it against accidental loss, unauthorized access, use, alteration, and disclosure. Our security practices include:

  • Encryption of personal data to enhance protection.
  • Regular vulnerability assessments and penetration testing to identify and mitigate potential threats.
  • Data integrity safeguards to prevent unauthorized modifications.
  • Organizational and legal controls, such as role-based access restrictions, ensuring that only authorized employees access personal data strictly for necessary operational purposes.

While we take extensive measures to secure your data, it is important to acknowledge that no method of data transmission over the internet is entirely secure. Despite our efforts, we cannot guarantee absolute protection against unauthorized access, disclosure, alteration, or destruction of collected information. Any transmission of personal data is done at your own risk. We are not liable for any security breaches beyond our implemented safeguards. If you wish to report a security incident related to our app, please contact us at: info@mobileapplab.tech.

Legal Bases for Processing Your Data

We process your personal data based on one or more of the following legal grounds:

  • Consent: You have given us explicit permission to process your data.
  • Legitimate Interests: We process data to pursue legitimate interests of our own or third parties, provided your rights and interests are not overridden. These interests include:
  • Complying with legal obligations and regulations.
  • Ensuring security and preventing fraud.
  • Managing business operations effectively.
  • Enhancing and improving our products and services.
  • Engaging with customers and keeping you informed about updates, new features, and relevant content.
  • Conducting research and development to improve user experience.
  • Marketing and promoting our app to a wider audience.
  • Contractual Necessity: Processing is necessary to fulfill our contract with you, for example, providing access to the app and customer support.
  • Legal Compliance: We process data to comply with legal obligations, such as record-keeping for compliance with regulations like the GDPR or CCPA.
  • Other Legal Grounds: We may process your data based on other legal bases as permitted by law.

If we rely on your consent to process your data, you have the right to withdraw it at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

Your Privacy Rights

You have certain rights regarding your personal data, subject to applicable laws:

  1. Right to Be Informed: You have the right to know how we collect and use your personal data, how long we retain it, and with whom we share it.
  2. Right of Access: You can request confirmation of whether we process your personal data and obtain a copy of the data we hold about you.
  3. Right to Restrict Processing: You can request that we limit the processing of your personal data in certain situations, such as when you contest the accuracy of the data.
  4. Right to Withdraw Consent: If we rely on your consent to process your data, you can withdraw it at any time.
  5. Right to Erasure (Right to Be Forgotten): You can request that we delete your personal data under certain circumstances. Note that deleting your data does not cancel any active subscriptions, which must be managed through your app store.
  6. Right to Rectification: You can ask us to correct any inaccuracies in your personal data or complete any incomplete data.
  7. Right to Data Portability: You can request a copy of your personal data in a structured, commonly used, and machine-readable format to transfer it to another service provider.
  8. Right to Object: You can object to the processing of your personal data when we rely on legitimate interests. You can also object to processing for direct marketing purposes.
  9. Right to Non-Discrimination: We will not discriminate against you for exercising any of your privacy rights.
  10. Rights Related to Automated Decision Making and Profiling: You have the right not to be subject to decisions based solely on automated processing that significantly affect you.

Exercising Your Rights

To exercise your rights, please contact us using one of the following methods:

  • Email: Send your request to info@mobileapplab.tech
  • In-App Support: Use the support feature within the Ivite app.

Data Retention and International Data Transfers

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements. When data is processed for multiple purposes, it is retained until the purpose with the longest retention period expires. We remain responsible for the protection of your personal data during transfers to third parties.

In compliance with the EEA GDPR, when transferring personal data from the EEA to countries outside the EEA, where no adequacy decision has been adopted by the European Commission, we implement appropriate safeguards to ensure the continued protection of your personal data. Specifically, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission (Article 46(2)(c) GDPR).

Similarly, under the UK GDPR, when transferring personal data to countries outside the United Kingdom, we implement appropriate safeguards to maintain data protection standards. Depending on the circumstances, we ensure compliance by adopting either the UK Addendum to the EU Standard Contractual Clauses or the UK International Data Transfer Agreement. Additionally, where applicable, we may rely on adequacy decisions issued or approved by UK authorities.

Verification of Identity, Response Time, and Right to Lodge a Complaint

To protect your privacy, we may need to verify your identity before processing your request. This may involve additional information or steps to ensure that we are communicating with the correct individual.

We aim to acknowledge your request within ten business days and provide a substantive response within one month. If we require more time, we will inform you of the reason for the delay and the expected extension period.

What Personal Data Is Collected, How It's Used, Retention Periods, and Data Sharing

We collect and process personal data for various purposes. Below is a breakdown of the personal data we process, how we obtain it, the reasons for its use, the duration of retention, and potential third parties with whom we may share it:

1. Account Registration and Authentication

  • Legal Basis: Performance of a contract with you.
  • Data Collected: Email address, hashed and salted password (not accessible to us), authentication tokens, user UUID (Universally Unique Identifier).
  • Purpose: To create and secure your Ivite app account.
  • How Collected: Information you provide during account creation. If you use Single Sign-On (SSO), we collect data from these services during registration.
  • Retention Period: As long as your account remains active, regardless of your subscription status.
  • Third Parties Involved: Google LLC (Firebase Cloud Firestore) – used for data storage and authentication.

2. Support and Assistance

  • Legal Basis: Performance of a contract and legitimate interest in providing effective customer service and enhancing user experience.
  • Data Collected:
  • User Account Information: Unique ID, name (if provided), email, language preference, last activity date, last feedback date, state and country, message history with timestamps and content.
  • Device/Environment Data: Device logs, hardware details, system information, app version, device identifiers, and other technical data.
  • Support Ticket Information: Your support requests, email communications, timestamps, and any uploaded screenshots or recordings.
  • Purpose: To address your inquiries, troubleshoot issues, and improve our services
  • How Collected: Direct communication through the app, email, or support channels. Some device information is collected automatically to assist in diagnosing technical issues.
  • Retention Period: Personal data in support requests is retained as long as the related account is active, and the support request is open. Archived support tickets are deleted within one year.
  • Third Parties Involved: Data may be processed using internal tools and stored on servers provided by our cloud service providers.

3. Personalized App Features

  • Legal Basis: Your consent (for optional data and integrations) and legitimate interests (for mandatory app functionality).
  • Data Collected:
  • Personal Details: Name, date of birth, email, sex.
  • App Usage Information: Interactions with the app, completion of onboarding steps, acceptance of disclaimers.
  • Third Parties Involved: Google LLC (Firebase Cloud Firestore) for data storage.

4. Communications and Mailings

  • Legal Basis: Legitimate interest in keeping users informed and sharing relevant content.
  • Data Collected: Email address, subscription status (active or canceled), analytics on email interactions (opens, clicks, unsubscribes).
  • Purpose: To send informative communications, updates about the app, and promotional content for new products or features.
  • How Collected: Information you provide during registration or through account settings.
  • Retention Period: Data is retained as long as you remain subscribed or until you opt out of communications.

5. Analytics and Improvements

  • Legal Basis: Legitimate interest in improving the user experience and optimizing our services.
  • Data Collected: App usage data, user behavior metrics, timestamps of interactions, screen views, user actions, retention data. Data is aggregated and anonymized where possible.
  • Purpose: To analyze user behavior, identify trends, and make data-driven decisions for app enhancements and marketing strategies.
  • How Collected: Automatically collected by analytics tools like Firebase when you interact with the app.
  • Retention Period: Aggregated data is retained indefinitely for analysis purposes.
  • Third Parties Involved: Mixpanel Inc for data collection and analysis.

6. Subscription Management (when applicable)

  • Legal Basis: Performance of a contract with you.
  • Data Collected:
  • Email address
  • User UUID
  • Country
  • Affiliate code used during purchase
  • Subscription status and length
  • Purchase history and transaction IDs
  • Location and currency
  • Transaction history
  • Purpose: To manage user subscriptions for the app, including sign-ups, billing, renewals, cancellations, and refunds.
  • How Collected: Information is obtained through the App Store during your subscription transactions.
  • Retention Period: Subscription information is stored according to the retention policies of the respective app store.

7. Social Media Interaction

  • Legal Basis: Legitimate interests in engaging with our audience and promoting our services. For the processing of your personal data by social media platforms, please refer to their respective privacy policies.
  • Data Collected: Usernames (which may include real names), profile pictures, profile information, social media activity, direct messages, posts where we are tagged, and any other information you choose to share. This may include app usage details, dietary preferences, success stories, photos, and, in some cases, medical history.
  • Purpose: To engage with users, provide support, enhance brand awareness, and interact on social media platforms.
  • How Collected: Direct interactions on platforms like Facebook, Instagram, Twitter, TikTok, and YouTube. Some data may also be collected and provided by these platforms.
  • Retention Period: Data in social media posts is retained as long as those posts exist. Messages are kept as long as stored by us.
  • Third Parties Involved:
  • Meta Platforms, Inc. (Facebook, Instagram)
  • Reddit, Inc. (Reddit)
  • Google LLC (YouTube)
  • X Corp (Twitter)
  • TikTok Inc. (TikTok)

8. Social Media Advertising

  • Legal Basis: Legitimate interest in marketing and promoting our services. Meta Platforms may rely on different legal bases for processing your data, as outlined in their privacy policies.
  • Data Collected: Online identifiers, behavioral data, marketing-related information such as social media user IDs, demographic data, interests, and online behavior.
  • Purpose: To conduct advertising campaigns on social media platforms like Facebook and Instagram, promoting the app and website, increasing user engagement, conducting market research, and evaluating marketing effectiveness.
  • How Collected: Data is sourced from Meta Platforms, Inc. through their advertising platforms.
  • Retention Period: Data is retained as long as it is available through Meta Platforms.
  • Third Parties Involved: Meta Platforms, Inc. (Facebook, Instagram)

9. Knowledge Base Access

  • Legal Basis: Legitimate interests in providing support and enhancing user experience.
  • Data Collected: Email addresses or user IDs, interaction data such as search queries and questions asked.
  • Purpose: To provide users with access to the Knowledge Base for support and information.
  • How Collected: Data is collected when you access the Knowledge Base through the app or website.
  • Retention Period: Data is retained as long as your app account is active.

10. Hosting and Backend Infrastructure

  • Legal Basis: Performance of a contract with you.
  • Data Collected: All personal data necessary for app functionality, as described in other sections.
  • Purpose: To securely host and maintain application data, manage backend infrastructure, and ensure optimal performance and scalability of the app.
  • How Collected: Data provided by users during registration and through ongoing interactions with the app.
  • Retention Period: Data is retained as long as your app account exists.
  • Third Parties Involved: Google LLC (Firebase Cloud Firestore) for data hosting and backend services.

11. Cookie Consent Management and Use of Cookies

  • Legal Basis: We have a legal obligation to secure and document user consent for the use of cookies and tracking technologies.
  • Data Collected:
  • Partially Anonymized IP Address (for geographic identification)
  • Consent Timestamp
  • Consent Choices (opt-in/opt-out for cookie categories)
  • Cookie Identifiers
  • Page Views
  • Geographical Region
  • Purpose: To record and retain your cookie consent preferences on our website (companyname.com) to ensure compliance and enhance your experience.
  • How Collected: Via your interactions with the cookie consent banner on the website.
  • Retention Period: This data is retained indefinitely for legal compliance and record-keeping.

12. Cookies and Similar Technologies

Cookies are small files stored on your device containing device-specific information. We use cookies for several purposes:

  • Session Management: Maintaining your session and ensuring smooth navigation across our website.
  • Preference Storage: Remembering your settings and preferences for future visits.
  • Analytics: Understanding how users interact with our website to improve services.

Types of Cookies

  • Session Cookies: Temporary cookies deleted when you close your browser.
  • Persistent Cookies: Cookies that remain after closing the browser until they expire.

Managing Cookies

You can adjust browser settings to refuse cookies or receive alerts when cookies are being sent. Disabling cookies may impact website functionality.

Children’s Privacy

Our app is not intended for individuals under the age of 16, and we do not knowingly collect, solicit, or process any personal information from minors. Additionally, we do not permit individuals under 16 to use our services, in accordance with the eligibility requirements outlined in our Terms of Use.

If you are under 16, please do not:

  • (i) access or provide any information within our services or its features, or
  • (ii) submit any personal details to us, including but not limited to your name, address, phone number, or email.

If you are a parent or legal guardian and believe that we may have inadvertently collected personal information from a child under 18, please contact us immediately at info@mobileapplab.tech, and we will take appropriate steps to address the matter.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of significant changes by posting the updated policy on this page and updating the "Effective Date." We encourage you to review this policy periodically.

Contact Information

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us:

  • Email: info@mobileapplab.tech
  • Address: Harju maakond, Tallinn, Kesklinna linnaosa, Vesivärava tn 50-301, 10152
  • In-App Support: Use the support feature within the Ivite app.