Privacy Policy

Last modified: September 2025

I. INTRODUCTION

AIBY Inc. (“we,” “us” or “our”) takes your privacy seriously. This Privacy policy (“Privacy policy”) explains our data protection policy and describes the types of information we may process when you access and/or use the website at https://ai-arta.com/ (the “Website”) dedicated to the browser version of the ARTA mobile app (“ARTA Web”).

When we refer to personal data (or personal information) we mean any information of any kind relating to a natural person who can be identified, directly or indirectly, in particular by reference to such data.

It is a natural person who can be identified directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his or her physical, physiological, mental, economic, cultural or social status.

The scope of the data we process may vary depending on the types of actions and operations you perform using the Website (see Section II for more details).

This Privacy Policy (except for Annex below - “U.S. Multistate Privacy Notice”) applies to all users of the Website regardless of where they are located. The U.S. Multistate Privacy Notice included in the Annex to this Privacy Policy supplementary applies to those users who:

a) are residents of U.S. states where corresponding U.S. State Privacy Laws were enacted; and

b) fall within the scope of the U.S. Multistate Privacy Notice applicability.

II. INFORMATION WE PROCESS

There are several categories of information that may be processed when you access and/or use the Website.

Functional Information

We ask for and process the following information when you access and/or use the Website. This information is necessary for the adequate performance of the contract between you and us. Without such information it is impossible to provide complete functionality of the Website and perform the requested services.

Authorization data. If you choose to try ARTA Web, we will process this data to create your personal account in our system. There is no way to use ARTA Web without authorization. When you create your account on the Website you will need to set up account credentials, i.e. login (email address) and go through a verification process. To create an account on the Website, you can also tap the “Sign in with Apple”, “Sign in with Google” or “Sign in with email” button available on the Website. In this case the information related to your Apple ID/Google account/email address credentials shall be used to sign in to your account. Your email address may also be used for a different purpose, please check the subsection “Email Communications and the Use of Email for Business Purposes” of this Privacy policy.

You are allowed to create an account if you have reached the age of majority or legal age in your jurisdiction. If you have not reached the age of majority or legal age in your jurisdiction and you are over 13 (thirteen) years of age, the creation and use of an account may be carried out only with the relevant consent and under the supervision of the holder of parental responsibility for you. It is strictly prohibited to create an account if you have not reached the age of thirteen (13).
Activity Information directly related to your use of ARTA Web. After you set the relevant settings on your device we may have technical access to your camera or Photos - to be able to save the files generated via ARTA Web to your device or to analyze the picture(s) you upload through ARTA Web. However, we cannot collect, store or use the pictures or files contained in your Photos unless you upload such pictures or files to ARTA Web or otherwise share them.
User Content, including Input Content and Output Content, as defined and governed by our Terms of Use, as well as by the present Privacy policy. You may dispose of, use, share, otherwise exploit your User Content for your own purposes, inter alia, download it to your device, send it, make it publicly available, share via social networks or otherwise at your sole discretion and responsibility. However, any use of User Content is at your sole risk.

Please make sure that you download and save to your device all User Content you need right after such content has been generated via ARTA Web, as we cannot guarantee that you will be able to access or download such User Content later.

To learn more about the storage terms applicable to User Content, please review Section VI of the present Privacy policy.
Contact Information (name, e-mail address, as well as any other content included in the email) which you may fill in by yourself when you contact us via email or support forms available on the Website. We collect, store and process it by our cloud storage provider (Amazon.com, Inc.). We use such information in order to respond effectively to your inquiry, fulfill your requests, send you communications that you request and perform the requested services.
Payment Information. If you choose to purchase a subscription on the Website (tap on relevant button tapping which will open Subscription Plans modal dialog) the following methods of payment may be available to you:

- Payment by card or other payment method. If you pay with a card or via another payment method, you will be required to enter your email address, as well as your debit or credit card information, name on card, country or region or other payment information. In this case, the payment transaction will be processed via Paddle payment system. Hence, some categories of your personal data (including transaction data) are collected, retained and processed by Paddle payment service provider in accordance with its privacy policy. This information circulates between you and Paddle or other payment processors and remains inaccessible to us.

Additionally, if you have purchased the subscription on the Website and you want to send a refund request by contacting us through email or contact form available on the Website, we may request that you indicate one of the following information:

- your name, email address registered when you purchased the subscription;

- transaction details (date and amount);

- last 4 digits of the card;

- the proof of purchase (screenshot of the transaction/receipt);

- a detailed explanation why you are requesting a refund.

All these categories of information will be processed solely for the purpose of addressing your refund request in a quick and efficient manner in accordance with the Refund Policy.

Information That Is Processed Automatically

When you access and/or use the Website, some information about your device and your user behavior may be processed automatically. This information is generally non-personal, i.e. it does not, on its own, permit direct association with any specific individual, and we may access it only in aggregated form. We process this information on the ground of our legitimate interest for improving the Website and giving our users the best experience.

We may use third-party automatic data processing technologies to analyze certain information sent by your device via the Website (advertising or analytics tools). Some of them may launch automated processing of your personal data, including profiling, which means any form of automated processing of personal data used to evaluate certain personal aspects relating to you, in particular to analyze or predict aspects concerning your personal preferences, interests, behavior, location or movements (see the list of data described below). Processing information through automatic data processing technologies starts automatically when you first time access the Website.

Device Details. When you use a device (computer, mobile phone or tablet) to access the Website, some of the details about your device are reported, including “device identifiers”. Device identifiers are small data files or similar data structures stored on or associated with your device, which uniquely identify your device (but not your personality). Device identifier enables generalized reporting or personalized content and ads by the third parties.
What data may be processed:
- Information about the device itself: type of your device, type of operating system and its version, model and manufacturer, screen size, screen density, orientation, audio volume and battery, battery life, loading time, latency, framerate, device memory usage.
- Information about the Internet connection: mobile carrier, network provider, network type, IP address, timestamp and duration of sessions, speed, browser.
- Location-related information: IP address, the country code / region / state / city associated with your SIM card or your device, language setting, time zone, neighboring commercial points of interest (e.g. “coffee shop”).
- Device identifiers: Identity For Advertisers for iOS devices/ Advertising ID or Android ID for Android devices, user identifiers.
Cookies and similar technologies. When you access and/or use the Website, cookies and similar technologies may be used (pixels, web beacons, scripts). A cookie is a text file containing small amounts of information which is downloaded to your device when you access the Website. The text file is then sent back to the server each time you use the Website. This enables us to operate the Website more effectively. For example, we will know how many users access specific areas or features within our Website and which links they clicked on. We use this aggregated information to understand and optimize how our Website is used, improve our marketing efforts, and provide content and features that are of interest to you. Third-party analytics tools may use cookies or similar technologies for the purpose of analyzing the Website traffic.
Log file information. Log file information is automatically reported each time you make a request to access the Website. When you use the Website, analytics tools automatically record certain log file information, including time and date when you start and stop using the Website, and how you interact with the Website.

Information provided automatically to advertising or analytics tools does not generally come to our control, therefore, we cannot be responsible for processing such information. Please mind that some services are engaged in personal data profiling and may obtain information related to your personality and/or your device by using technologies that do not belong to our scope of responsibility.

Email Communications and the Use of Email for Business Purposes

When you register on the Website, we may use your email address to send you invoices for your subscription purchases. Once you enter your email address into the relevant section available on the Website or tap the “Sign in with Apple”, “Sign in with Google” or “Sign in with email” button available on the Website to create an account you may also receive communications (newsletters) regarding special subscription offers, new features and functionalities and other news related to the Website on the grounds of our legitimate interest. This use of email address applies only in cases where you have provided your email for these purposes (for example, when purchasing a subscription or entering your email in a designated form). Sending you newsletters will allow you to stay up to date and receive the latest news about the Website, including about the best price offers. You also hereby acknowledge and accept the treatment of some categories of your personal data (i. e. the information about your name and email that you provide us, subscription purchase date, approximate geolocation data, activity information, etc.) for our business purposes, including internal market analysis activities, particularly for the purpose of delivering you targeted communications (newsletters) that most align with your needs and interests. You may also unsubscribe, opt-out of receiving communications to your email address at any time by using the resignation link provided in each email you receive from us. Your unsubscribe request shall be honored within a reasonable period of time.

III. THE PURPOSES OF PROCESSING YOUR PERSONAL DATA

Our mission is to constantly improve the Website and provide you with new experiences. As part of this mission, we use your information for the following purposes:

(a) To make our service available and ensure the efficient operation of the Website. We use functional information to provide you with all requested services and to ensure the efficient operation of the Website according to its intended purpose.

(b) To improve, test and monitor the effectiveness of our Website. We use information that is processed automatically to better understand user behavior and trends, detect potential outages and technical issues, to operate, protect, improve, and optimize our Website.

(c) To communicate with you. We use the information we have to communicate with you through newsletters, i.e. to receive your feedback about your Website experience, and let you know about our policies and terms. We also use your information to respond to you when you contact us.

(d) To prevent fraud and spam, to enforce the law. We really want the Website to be free of spam and fraudulent content so that you feel safe and free. We may use your information to prevent, detect, and investigate fraud, security breaches, potentially prohibited or illegal activities, protect our trademarks and enforce our Terms of Use as well as applicable law.

If any new purpose for processing your personal data arises, we will let you know when we start to process information for that other purpose by introducing the corresponding changes to this Privacy policy.

IV. SHARING OF YOUR INFORMATION

We will share your information with third parties only in the ways that are described in this Privacy policy.

Please note that while integrating external services we choose third parties that can assure they apply all necessary technical and organizational measures to protect user personal data. However, we cannot guarantee the security of any information transmitted from us to any such third party. We are not responsible for any accidental loss or unauthorized access to your personal data through a fault of third parties.

We will not rent or sell your personal data to any third parties, but we may share your information from tools like cookies, log files, and device identifiers and location data, with third-party organizations that provide automatic data processing technologies for the Website. We do not control or influence these third-party tracking technologies or how they may be used.

We may also share certain information such as cookie data with third-party advertising partners. This information allows third-party ad networks, inter alia, to deliver targeted advertisements that they believe will be of most interest to you.

We may engage the following third-party service providers in order to provide us with necessary infrastructure for delivery and improvement of our services:

Entity name	Services performed	Entity location	Link to Privacy Policy
Amazon.com, Inc.	Cloud storage provider	U.S.A.	https://services.amazon.com/privacy-policy.html https://aws.amazon.com/compliance/data-privacy-faq/?nc1=h_ls
AdMob (Google LLC)	Ad management service provider	U.S.A.	https://policies.google.com/privacy https://developers.google.com/admob
Amplitude Inc.*	Analytics service provider	U.S.A.	https://amplitude.com/privacy
Apple Inc.	Authorization tool	U.S.A.	https://www.apple.com/lae/privacy/
AppLovin Corporation	Ad management / analytics service provider	U.S.A.	https://www.applovin.com/privacy/
AppsFlyer Inc	Analytics service provider	U.S.A.	https://www.appsflyer.com/legal/services-privacy-policy/
Black Forest Labs Inc (FLUX API) *	AI-generated content provider	U.S.A.	https://blackforestlabs.ai/privacy-policy/
Digital Turbine Inc.	Ad management service provider	U.S.A.	https://www.digitalturbine.com/privacy-policy/
Facebook (Meta Platforms, Inc.)	Analytics / ad management service provider	U.S.A.	https://www.facebook.com/privacy/explanation/
Fal - Features & Labels, Inc.	Cloud service provider	U.S.A.	https://fal.ai/privacy/
Firebase (Google LLC)	Analytics service provider and authorization tool	U.S.A.	https://policies.google.com/privacy https://firebase.google.com/support/privacy?hl=en
IronSource Mobile Ltd	Analytics / ad management service provider	Israel	https://developers.is.com/ironsource-mobile/air/ironsource-mobile-privacy-policy/#step-1
Google Analytics (Google LLC)	Analytics service provider	U.S.A.	https://policies.google.com/privacy How Google uses information from sites or apps that use its services: https://policies.google.com/technologies/partner-sites?hl=en https://support.google.com/analytics/answer/6004245 (see section ‘Information for Visitors of Sites and Apps Using Google Analytics’)
Liftoff Mobile Inc.	Ad management service provider	U.S.A.	https://liftoff.io/privacy-policy/
Mintegral North America Inc.	Ad management service provider	U.S.A.	https://www.mintegral.com/en/privacy#privacy-policy-of-the-mintegral-services
PixVerse (MOTIVAI PRIVATE LIMITED) *	AI-generated content provider	Singapore	https://docs.pixverse.ai/Privacy-Policy-97a21aaf01f646ad968e8f6a0e1a2400 https://docs.pixverse.ai/PixVerse-Platform-Terms-of-Service-1773e99bf35080c6a802fae0e3629708
Qonversion Inc.	Analytics service provider	U.S.A.	https://qonversion.io/page/privacy
RunPod Inc.	Cloud service provider	U.S.A.	https://www.runpod.io/legal/privacy-policy
Runway AI, Inc. *	AI-generated content provider	U.S.A.	https://runwayml.com/privacy-policy
Paddle (Paddle.com Inc., Paddle.com Market Limited, Paddle Payments Limited)	Payment processing service provider	U.S.A. / Ireland / UK	https://www.paddle.com/legal/privacy/
Stability AI Ltd *	AI-generated content provider	U.K.	https://stability.ai/privacy-policy
UnityAds	Ad management service provider	U.S.A.	https://unity3d.com/legal/privacy-policy

* Tagged third-party service providers apply only if you choose to try ARTA Web

In case you want to learn more about the services and privacy options (including opt-out) please consult the correspondent websites and privacy policies.

We may engage the following third-party service providers in order to provide us with necessary infrastructure for delivery and improvement of the Website: as indicated above we use Google Analytics services that track and report the Website traffic. Google Analytics services use different types of cookies to analyze user activity on the Website. If you want to learn more about the types of cookies and other data collected and processed by Google Analytics service provider (Google LLC) please visit:

Note that we are not responsible for any usage of your data by the abovementioned third-party service provider (Google LLC) in violation of our instructions.

If you do not want Google Analytics to use cookies, you can block data collection following the instructions provided in Section VIII of the present Privacy policy.

The Website may contain links to third-party websites/services or you may access the Website from a third-party site. We are not responsible for the privacy practices of these third-party sites or services linked to or from the Website, including the information or content contained within them.

We may disclose your personal information if it is needed for objective reasons, due to the public interest or in other unforeseen circumstances:

- as required by law;

- when we believe, in good faith, that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request;

- in some cases, we may share your information with our affiliates, subsidiaries, contractors, business partners or other third parties who perform services on our behalf.

If we are involved in a merger, acquisition, or sale of all or a portion of our assets, you will be notified via email and/or prominent notice on our Website of any change in ownership or your personal information usage, as well as any choices you may have regarding your personal information.

V. INTERNATIONAL DATA TRANSFERS

We work in the cross-border area and provide the Website to users around the world.

We and third-party organizations that provide automatic data processing technologies for the Website or our third-party partners may transfer processed information across borders and from your country or jurisdiction to other countries or jurisdictions around the world.

If you are located in the European Union or other regions with laws governing data processing that may differ from U.S. law, please note that we may transfer information, including personal information, to a country and jurisdiction that does not have the same data protection laws as in your jurisdiction.

By using the Website you agree that we may transfer your personal information to a third country, a territory or one or more specified sectors within that third country, or to the international organization where data protection and confidentiality regulations may not provide the same level of protection of personal data as your country does.

We try to make sure that the recipient of any personal data provides a proper protection of the personal data received, in accordance with the current legislation on the protection of such information.

For the purposes of data storage, we recourse to the services of the hosting organizations. We take your privacy seriously and, therefore, encrypt your personal data - if possible - before sending it to the hosting organizations for the purposes of its storage. Please note that we cooperate only with those hosting organizations that have passed our security and reliability check.

VI. HOW LONG WE USE YOUR PERSONAL DATA

We generally retain your personal information for as long as is necessary for performing the functional service of the Website and to comply with our legal obligations. If you no longer want us to use your information that we physically access and store, you can request that we erase your personal information.

However, some data may still be stored for a certain time period (but no longer than the storage purpose requires) if information is necessary to comply with legal obligation (taxation, accounting, audit) or in order to maintain safety and data backup settings, prevent fraud or other malicious acts.

VII. USER PRIVACY RIGHTS

Applicable data protection laws give you the following rights regarding your personal information:

The Right to Know (also referred to as the Right to Access). You have the right to obtain a confirmation as to whether or not personal data concerning you is being processed. Additionally, you can request a copy of personal data we hold about you and additional details on how such data is processed.
The Right to Data Portability. You are entitled to request your personal information in a portable, structured and machine-readable format that makes it easier to reuse such information or transfer it directly to another service, move it wherever you want.
The Right to Correct Inaccuracies (also referred to as the Right to Rectification). Where you cannot update your data by yourself through your account (if available) or the Website settings, you can ask us to correct, change, complete or rectify your data.
The Right to Data Deletion (also referred to as the Right to Erasure or the Right to Be Forgotten). You have the right to request the deletion of all or some pieces of your personal data we process. In this regard you should bear in mind that applicable data protection laws may provide exceptions to the Right to Data Deletion, which means that under certain circumstances we may need to keep some pieces of your data to comply with legal obligations, detect fraud, exercising or defense of legal claims, for other legal reasons. Therefore, upon receiving your verified request, we’ll delete your personal data and direct our service providers to do the same unless a legal exception applies.
The Right to Restriction of Processing. Under certain circumstances, you may have the right to limit the ways in which your personal information is processed. These specific circumstances are addressed in data protection laws that may apply to you. For example, you can ask for restriction of data processing in the case of disputed accuracy: if you believe that the personal data we hold about you is inaccurate, you can request a restriction of processing while we verify its accuracy.
The Right to Object to Processing of Personal Data. When your personal information is processed automatically with the involvement of third-party service providers, you may object to such processing in some circumstances. Additionally, when your personal information is processed for direct marketing purposes, you may ask to cease processing your data for these direct marketing purposes. In order to exercise your right to object please submit us the corresponding request. You may also contact the third-party service providers listed in the Section IV of this Privacy Policy to learn how you can object to their processing of your data. Most of them have clear instructions on their privacy pages, functional API or other options.

To exercise any of the rights described above, you can contact us through email or contact form available on the Website. Please bear in mind that we ensure the above-mentioned rights only with respect to the information that we physically access and store.

You also have the right to lodge a complaint with your local data protection or a supervisory authority if you reasonably believe that your rights under applicable data protection laws have been breached. Please note that when you exercise your right to lodge a complaint with your local data protection or a supervisory authority, you may be required to provide additional information and support your complaint with sufficient objective evidence. By lodging a complaint you agree to provide sufficient explanation as to what you believe impaired your rights. Additionally, in some cases prior to lodging a complaint with your local data protection or a supervisory authority, you may be required to send your initial claim directly to us and ask for clarifications if necessary.

If you are located in the European Union, you may address our representative when you have questions on privacy issues: Konrad Gutowski, privacy @ aiby.com.

VIII. HOW TO OPT OUT

Email communications and the use of email for business purposes. You may also opt out of the use of your email for analytics or unsubscribe from communications at any time by contacting us through email or contact form available on the Website. This use of email applies only in cases where you have provided your email for these purposes (for example, when purchasing a subscription or entering your email in a designated form). For more details about the use of email, see the “Email Communications and the Use of Email for Business Purposes” section above. Your unsubscribe request will be honored within a reasonable period of time.

Google Analytics. If you want to opt-out of being tracked by Google Analytics you can install and enable Google Analytics Opt-out Browser Add-on. Additionally, you can manage cookies and/or delete cookies that might have already been set by Google Analytics through your browser settings. Further information on Google Analytics’ data practices and relevant instructions can be found at https://support.google.com/analytics/answer/6004245 (see section ‘Information for Visitors of Sites and Apps Using Google Analytics’).

Advertising Industry Opt Out Tools

You may also limit the collection of cross-app data for interest-based ads and exercise your right to opt out using the following Advertising Industry Opt Out Tools:

Digital Advertising Alliance for Websites: https://optout.aboutads.info;
European Interactive Digital Advertising Alliance (EDAA): https://youronlinechoices.eu/;
Network Advertising Initiative: https://optout.networkadvertising.org/.

Bear in mind that if you choose to disable all cookies, this can affect the Website functions, some of the features that make the Website more efficient may not function.

IX. SECURITY

The security of your personal information is highly important to us. We follow generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it.

We take reasonable and appropriate measures to protect personal information from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into account the risks involved in the processing and the nature of the personal information.

We implement appropriate technical and organizational measures, which are designed to implement data-protection principles, such as data minimization, in an effective manner and to integrate the necessary safeguards into the processing. We seek your personal data to be encrypted with proper and strong encryption algorithms, including hashing where possible.

Unfortunately, no method of transmission over the Internet, or method of electronic storage, is 100% secure. We do our best to protect your personal data, nevertheless, we cannot guarantee its absolute security. In the event that your personal information is compromised as a breach of security, we will promptly notify you in compliance with applicable law.

If you have any questions about the security of the Website, you can contact us through email or contact form available on the Website.

X. CHILDREN’S PRIVACY

Our Website is not intended for children. Therefore, we do not knowingly or intentionally collect or solicit any personal information from children. For the purposes of this Section X the terms “child” and/or “children” in the context of data processing activities may be interpreted on a case-by-case basis as prescribed by applicable data protection laws. No one who is considered a “child” under applicable data protection laws is allowed to directly provide any personal information to the Website.

As a general rule we consider a person under the age of 16 to be regarded as “a child” until we have legal grounds to conclude that a person under 16 should be treated as an adult as per provisions of local data protection rules or based on the parent authorization provided to us directly.

Solely the holders of parental responsibility are liable for preventing their children from providing personal information via the Website without relevant verifiable parental consent. If we learn that we have collected personal information from a child without verification of the holder of parental responsibility, we will erase that information as quickly as possible. If you reasonably believe that we might have any information from or about a child, or a child has directly provided us with personal information via the Website without verifiable parental consent, please contact us.

XI. CHANGES TO THE PRIVACY POLICY

This Privacy policy is updated regularly.

Whenever we change this Privacy policy, we will post those changes to this Privacy policy and other places that we consider appropriate. Additional forms of notice of modifications or updates as appropriate under the circumstances may be provided to you.

XII. HOW TO CONTACT US

If you have any questions about this Privacy policy, please feel free to contact us through email or contact form available on the Website.

Copyright © 2025 AIBY Inc.

Annex to Privacy Policy

U.S. Multistate Privacy Notice

INTRODUCTION. THE SCOPE OF APPLICATION

This U.S. Multistate Privacy Notice (“Notice”) supplements the information contained in Privacy Policy and may apply to individual residents of the U.S. states (“Covered U.S. Individual Residents”) that have enacted comprehensive data privacy laws including but not limited to California Consumer Privacy Act of 2018 (CCPA) as amended by California Privacy Rights Act of 2020 (CPRA), Texas Data Privacy and Security Act of 2023 (TDPSA), Virginia Consumer Data Protection Act of 2021 (VCDPA), Colorado Privacy Act of 2021 (CPA), Connecticut Data Privacy Act of 2022 (CTDPA) and others (collectively referred to as “U.S. State Privacy Laws” and separately as “U.S. State Privacy Law”). Notice addresses specific requirements common to U.S. State Privacy Laws and outlines additional information on the rights of Covered U.S. Individual Residents. It also describes how we collect, use, disclose and protect your personal information in compliance with these U.S. State Privacy Laws.

Applicability. Please note that if you are a user of our Website and a resident of one of the U.S. states where the corresponding U.S. State Privacy Law was enacted, you’ll be regarded a Covered U.S. Individual Resident and this Notice shall apply to you only if the processing of your personal data in connection with your use of the Website falls within the scope of such U.S. State Privacy Law. Please refer to the corresponding U.S. State Privacy Law for further details. If you are still unsure whether this Notice is applicable to you, please do not hesitate to contact us and we will spare no effort to assist you.

The correlation between Privacy Policy and Notice. This Notice does not replace and cannot be used interchangeably with Privacy Policy. On the contrary, Notice serves as a supplemental part of Privacy Policy for Covered U.S. Individual Residents.

The concept of personal data under U.S. State Privacy Laws. Applying Notice, you should also bear in mind that it pertains only to the processing of personal data which is understood as information linked or reasonably linkable to an identified or identifiable individual. Generally U.S. State Privacy Laws do not apply to the processing of de-identified, aggregated data or publicly available information, as these categories fall outside the scope of personal data.

THE CATEGORIES OF PERSONAL DATA PROCESSED. PURPOSES OF PROCESSING

Detailed information about the categories of personal data that may be processed when you use the Website is contained in Section II of Privacy Policy >>

To learn about the purposes of personal data processing please review Section III of Privacy Policy >>

SHARING OF PERSONAL INFORMATION WITH SERVICE PROVIDERS (PROCESSORS). CLARIFICATIONS ON ISSUES OF DATA SELLING

U.S. State Privacy Laws require us to provide you with information about who we share your personal data with and for what purposes. You can find comprehensive data in this regard in Section IV of Privacy Policy >>. The legal entities indicated in Section IV of our Privacy Policy act as our “service providers” or “processors” within the meaning of U.S. State Privacy Laws and process your information on our behalf for business purposes. The examples of business purposes are the following: auditing related to current interaction with users, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions; providing customer service, advertising, marketing, analytic services; detecting security incidents; debugging; provision of Website services to users; improving, enhancing, upgrading the Website functionality. Please refer to the table in Section IV of our Privacy Policy to learn what specific services the processors/service providers perform for the Website. When we use the services of our processors/service providers and disclose your information for business purposes, we enter into corresponding written contracts with them. These contracts incorporate data processing provisions, parts, sections or annexes that require our processors/service providers not to use personal information transferred by us other than for the purpose of performing the services specified in the contracts. Additionally, the contracts with our processors/service providers specifically prohibit them from and/or do not contain permissions for selling the personal information transferred by us.

We do not “sell” you personal information for monetary gain, which means that we do not and will not disclose your personal information to third parties in direct exchange for money or some other form of payment. However, certain U.S. State Privacy Laws provide expansive definition of the term “sell”, which leads to cases where some disclosures of personal information to a third party even for non-monetary benefit of the disclosing party (“valuable consideration”) may qualify as data selling. In particular, sharing of personal information with third parties for the purposes of “interest-based advertising”/ “cross-context behavioral advertising” may constitute a sale under broad definition and interpretation of this and similar terms (“sell”/”selling”/”sold”) according to some U.S. State Privacy Laws. Even if such kind of data sharing qualifies as sale under U.S. State Privacy Law applicable to you, you’ll always have an option to opt out (see the subsection Instructions on Online Tracking Opt Out below for more details on available opt out mechanisms).

PRIVACY RIGHTS

If you are a Covered U.S. Individual Resident and this Notice applies to you, you’ll be able to exercise all user privacy rights specified in Section VII of Privacy Policy >>, particularly:

the Right to Know (also referred to as the Right to Access);
the Right to Data Portability;
the Right to Correct Inaccuracies (also referred to as the Right to Rectification);
the Right to Data Deletion (also referred to as the Right to Erasure or the Right to Be Forgotten);
the Right to Restriction of Processing;
the Right to Object to Processing of Personal Data.

User privacy rights listed above have similar content and exceptions in different jurisdictions. Their general meaning is addressed in Section VII of Privacy Policy. However, some minor aspects related to these rights may vary slightly from one jurisdiction/state to another, therefore, you may want to consider these differences when submitting your user privacy request.

Besides the rights referred to above, U.S. State Privacy Laws specifically mention the following additional data privacy rights you have:

The Right to Opt Out of the processing of the personal data for purposes of (a) targeted advertising, sometimes also referred to as “cross-contextual behavioral advertising” or “interest-based advertising”; (b) the “sale” or “sharing” of your personal data; (c) profiling in furtherance of solely automated decisions that produce legal or similarly significant effects concerning you. The specified Right to Opt Out is exercised with due regard to the context of our interaction with you as with the user of our Website and accompanying data processing activities. To learn the details on how you can exercise your Right to Opt Out, please refer to the subsection Instructions on Online Tracking Opt Out below.

The Right to Non-Discrimination. This right means that you will not receive discriminatory treatment for exercising your privacy right(s). Inter alia, we will not deny you the Website services, charge different prices or rates, or provide a different level or quality of services for you if you choose to exercise your user privacy right(s).

The Right to Appeal. If we deny and refuse to take an action on your initial user privacy request, you may have the right to appeal that decision under some U.S. State Privacy Laws. See the subsection How to Appeal Initial Decision Regarding Privacy Request below for more details.

HOW TO EXERCISE YOUR PRIVACY RIGHTS

Depending on the specific user privacy right you choose to exercise, different methods may be available to you.

In particular, when appropriate technical capabilities are accessible to you within the Website and/or in your device settings, some rights (e.g. the Right to Correct Inaccuracies, the Right to Data Deletion, the Right to Opt Out) can be exercised by you independently without our assistance and the need to submit us the corresponding request. For instance, in certain circumstances the Website may provide you with a possibility to change, update, correct inaccuracies or delete certain pieces of your personal data via your Website account settings.

Instructions on Online Tracking Opt Out.

Further, there are a number of ways you can exercise the Right to Opt Out of data processing for the purposes of activities that under U.S. State Privacy Laws may qualify as targeted advertising; “sale” (under broad interpretation) or “sharing” of personal data; profiling. Follow the instructions below to stop online tracking activities across third party apps and websites and sharing your data with third parties for personalized ads.

Blocking Advertising ID used in your mobile device settings. Your mobile device settings enable you to make choices about the collection, use or transfer of your Advertising ID to third parties for the purposes of targeted advertising and/or ad measurement. To manage your activity tracking permissions and the use of your Advertising ID, please follow the relevant instructions in Section VIII of our Privacy Policy >>.

Advertising Industry Opt Out Tools. Even if you block the access to and use of your Advertising ID, you might still see personalized ads from other companies and ad networks. You have an opportunity to send your opt out request to some of such other companies and ad networks who participate in self-regulatory programs using special Advertising Industry Opt Out Tools. See Section VIII of our Privacy Policy to know which Advertising Industry Opt Out Tools you may choose to use >>.

Ad and Analytics Platforms Opt Out Mechanisms. Some third-party ad platforms and analytics service providers have their own privacy management tools that allow you opt out and/or make your privacy choices directly. Here are some examples:

Therefore, we recommend you to check the privacy options of our service providers (processors) regularly. The up to date list of our service providers (processors) is presented in Section IV of Privacy Policy >>.

Submission of a user privacy request to exercise privacy right(s)

To exercise any user privacy right that cannot be managed by you independently, please contact us anytime through our contact form with the corresponding privacy request. When submitting your request, please include in its text the phrase “Exercising my rights to maintain confidentiality in … State”, replacing '...' with the name of the state of your residence. We will make every effort to satisfy any request you make to exercise any of your privacy rights.

AUTHENTICATION OF USER PRIVACY REQUESTS. INSTRUCTIONS ON HOW TO APPEAL OUR INITIAL DECISION REGARDING YOUR PRIVACY REQUEST

When you submit any user privacy request via our contact form contact form in order to exercise your privacy right(s), the relevant procedure of request authentication shall be put in place. The details and rules for such authentication procedure are provided below.

We shall comply with your user privacy request only if we are able to authenticate you as the user of our Website and as a Covered U.S. Individual Resident. Therefore, when submitting a verifiable user privacy request, you should be ready to:

Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or such person’s authorized agent, which (depending on the circumstances) may include: name, address, city, state, zip code and email address. We may use this information to surface a series of security questions to you to verify your identity. If you are making a request through an authorized agent acting on your behalf, such authorized agent must provide written authorization confirming their authority to represent your interests or a power of attorney, signed by you.
Describe your privacy request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We will not be able to respond to your privacy request or provide you with personal information if we cannot: (i) verify your identity or authority to make the request; or (ii) confirm that the personal information relates to you. We may ask you for additional information or documents to verify your identity before taking any action with your privacy request. This is regarded as a safeguard measure to prevent disclosure of your personal information under a fake or scam request.

We ensure that personal information provided in a verifiable user privacy request will be used only to verify the requestor’s identity or authority to make the request and not for any other purpose. We will keep it for the adequate term reasonably needed for the purpose described above and delete after the purpose is fulfilled.

We try to respond to a verifiable user privacy request within forty-five (45) days of its receipt. If we require more time and it is reasonably necessary, we may extend the response period. In this case we will inform you of the reason and the applicable extension period in writing.

How to Appeal Initial Decision Regarding Privacy Request.

In cases when we have a reasonable basis, we may choose to decline to take an action regarding the user privacy request. For example, this may happen when we are unable to authenticate a request, or when the request is manifestly unfounded or fraudulent. In this particular case we’ll inform you of the justification for declining to take action within a reasonable period of time after receiving your initial request.

If we decline to take action with respect to your initial request, you may be entitled to appeal our decision under some U.S. State Privacy Laws. To do so, you will need to provide us with the missing information and explanations reasonably necessary to address your request effectively. Within the term prescribed by the applicable U.S. State Privacy Law we’ll inform you in writing of any action taken or not taken in response to your appeal, including a written explanation of the reasons for our decision.

CHANGES TO THIS NOTICE. FINAL PROVISIONS

We may update this Notice from time to time. To stay informed of updates, please review the latest published version of Notice regularly.

If you reasonably believe that certain U.S. State Privacy Law provides you with additional rights or options not outlined or referred to in this Notice, please contact us through our contact form. We will do our best to address all your concerns and reply to your request effectively.