Privacy Policy
Effective Date: January 25, 2021
OUR COMMITMENT TO PRIVACY
Your privacy is important to us and maintaining your trust is one of our highest priorities.
This Privacy Policy (hereinafter “Privacy Policy”) sets out how Asante LLC (hereinafter “Asante”, “we”, “our”, “us”), collects, stores, and uses information about you when you download, access, browse or otherwise use or interact with our mobile application ASANTe or our website (www.asante.app) and related services (collectively, hereinafter the “Platform”). We recommend that you read this Privacy Policy in full to ensure you are fully informed. If you have any questions or concerns about our use of your information, then please contact us using the contact details provided in the section Contact Information.
Residents of California and Nevada have additional specific rights as stated in our California Privacy Notice and our Nevada Privacy Notice.
The Privacy Policy is part of the Terms and Conditions applicable to the Platform that govern your downloading, access to, browsing, and other use of the Platform. Read these Terms and Conditions carefully because they constitute legal agreements between you and us.
CONTACT INFORMATION
If you have any questions or comments about this Privacy Policy, the ways in which we collect and use your information described herein, your choices and rights regarding such use, or wish to exercise your rights, please contact our Privacy Officer at:
Asante LLC
8 The Green, Suite #11307, Dover, DE 19901
[email protected]
1. DEFINITIONS
Here are some definitions we created to make our Privacy Policy simpler and easier to read:
- Protected Information or “protected information” refers to any information we collect, store and otherwise process about an individual that directly, indirectly, or in connection with other information, allows for the identification of a natural person, and it is intended to be interpreted to the broadest extent possible to include all information about an individual protected under applicable Data Protection Laws.
- Usage Data refers to information collected automatically through our Platform either directly by us or by third-party services employed on our Platform, which can include: the IP addresses or domain names of the device/computers utilized by the Users who use our Platform; the URI addresses (Uniform Resource Identifier); the time of the request; the method utilized to submit the request to the server; the size of the file received in response; the numerical code indicating the status of the server’s answer (successful outcome, error, etc.); the country of origin; the features of the browser and the operating system utilized by the User; the various time details per visit (e.g., the time spent on each page within the Platform); the details about the path followed within the Platform with special reference to the sequence of pages visited; and other parameters about the device operating system and/or the User’s IT environment.
- User means an individual who registers for an account on the Platform.
- Visitor means an individual who visits or navigates our Platform without registering for an account on the Platform.
- Controller or “controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Protected Information, including the security measures concerning the operation and use of the Platform.
- Data Protection Laws means the federal and state privacy and data security laws in the United States of America applicable to our operations.
- Processor or “processor” means the natural or legal person, public authority, agency or other body which processes Protected Information on behalf of the Controller. For example, we refer to our third party service providers (or subcontractors) that provide services for us or on our behalf as “Processors.”
- Subprocessor or “subprocessor” means a processor that provides services on behalf of a Processor.
2. PRIVACY FOR VISITORS
When you interact with our Platform prior to registering for an account with us, we collect limited information about you and we use it for our internal business purposes as described below. We use processors to assist us with the processing of the information and their practices are covered by the processors’ own privacy policies listed below.
Categories of protected information: | Universally Unique Identifiers (UUIDs); IP Addresses; Device Identifiers; Instance IDs |
Legal Basis and Purpose | Our business purpose and legitimate interest to provide access to the Platform and for Analysis and Optimization. |
Processors | Sentry, Google Firebase |
Commitment to privacy | Sentry Privacy Policy Sentry Data Processing Agreement |
Place of processing | US |
3. PRIVACY FOR USERS
When you register for an account with us, we collect more information about you for our internal business purposes to provide the services offered by the Platform. This section explains our privacy practices, including how we share information with our processors.
A. CATEGORIES OF INFORMATION WE COLLECT ABOUT YOU.
- Information You Provide to Us
We may collect certain Protected Information that you provide to us when you interact with the Platform, as follows:- Register an account. For certain functionalities and services, our Platform requires you to register and maintain an account. In connection with the account registration, it is necessary to collect (1) your telephone number, (2) your full name, and (3) your email address.
- Account Login. You can log into our Platform using a Single Sign-On (SSO) service provided by third party services. You will need to provide login information in order to access your account. For additional information access in connection with your SSO login, see the section below regarding Third Party Integrated Services.
- User Profile. As a User, you can create a profile that includes certain categories of additional information that will be visible on our Platform to other Users, including (1) profile picture, (2) biography, (3) work history, (4) education, and (5) other categories of profile information that may be created at any time as part of your account profile.
- Content You Generate. You may also provide us with certain User content you generate, upload, display and/or receive through our Platform. For example, the virtual TCards you send to or receive from other users. Keep in mind that Users and Visitors of the Platform, have the ability to view, save and/or copy User content.
- Assistance. When you communicate with us, including for customer and technical support, we will use information from these communications to communicate with you, to resolve any issues, and will keep copies of these communications for our records in the ordinary course of business.
- Information Automatically Collected
In addition to any Protected Information and other information that you provide to us via our Platform, we and our processors may use a variety of technologies that automatically store or collect Usage Data. This Usage Data may be stored or collected using a variety of tracking technologies on your personal computer, browser, laptop, tablet, mobile phone or other device (a “Device”) whenever you visit, navigate or interact with our Platform. To the extent such information is Protected Information or we associate Usage Data with your Protected Information, we will treat such combined data as Protected Information. For example:
- Device Information. We collect information about your device, which may include your IP address, device identifiers (UDID or other unique identifier), web browser type, operating system version, device manufacturer and model, language and regional settings, and carrier or network.
- Platform Usage Information. We collect information about your interactions with the Platform like the pages or other content you view, the dates and times of your interactions, or how often you use our Platform.
- Event Information. We collect information about the Platform’s performance, including crash reports and other details about any errors you may encounter when using or accessing the Platform (i.e., for example, lost connection to the Internet).
- Cookies. When you access or use the website portion of our Platform, we and our processors may collect information about you through cookies, web beacons, web server logs, and other tracking technologies (collectively, “cookies”). Cookies may either be first or third-party. First-party cookies are those that we place on your computer or device through the website. Third-party cookies are cookies that another party places on your computer or device through our website. For example, we may use cookies to track user trends and patterns, such as the number of visits on each website page, and visitors browsing history of the website. This helps us better understand and improve areas of the website that our users find valuable. For more information on the cookies we use and how you can manage them, please access our “Cookies Center”. Please note that if you disable functional cookies on your browser, some parts of the Site may not be fully functional. We use only cookies that are necessary or that provide analytics to us. We do not use advertising cookies.
- Information We Collect from Third Parties
We may collect Protected Information about you from third parties, as follows:
- Payment Information. When you make a payment, your cardholder information is provided directly to our third-party payment processor. We do not receive or store your cardholder data on our systems. The payment processors provides us with an encrypted token that represents your account to confirm account payments. Currently, Stripe is our payment processor. You can read the privacy policy for our payment processor here: https://stripe.com/privacy.
- Third Party Integrated Services. The Platform may include optional functionalities that allows certain kinds of interactions between the Platform and a third-party tool, application or other service, and accessing or display of third-party content via the Platform. The use of such functionalities may require the third-party to provide certain information, including information the third party holds about you, to us. Currently, we use the following types of third party integrated services:
- Single Sign-On. When you register for an account on the Platform, you may have an option to use your other social media account provided by a third-party service (SDK) to facilitate the registration and log-in on the Platform, or otherwise link accounts. If you choose to use this functionality to access or use our Platform, the third-party service may send Protected Information about you to us (such as ad ID or/and device identifier).
- Third Party Interfaces. We may provide third-party services’ interfaces or links on the Platform to facilitate your sending a communication from the Platform through the third party service. For example, we may use third parties to facilitate “like” and “share” content submissions or postings of comments on Facebook or other social media platforms.
- Other Third Party Content. We may also enable access to or display third-party content on the Platform, that is actually being served or published by the third party, and such third party may be collecting data directly from you in connection with that content. These third parties may collect and retain any information used or provided in any such communications or other activities and these third parties’ practices are not subject to our Privacy Policy. We may not control or have access to your communications through these third-parties. Further, when you use third-party services, you are using their services and not our services and they, not we, are responsible for their practices. You should review the applicable third-party privacy policies before using such third-party services in connection with our Platform.
- Information Third Parties provide about you. We may receive information about you from your friends and others who use the Platform, such as when they upload User content, communicate with us about you, or post on chat functionalities on the Platform.
- Information You provide about a Third Party. You may send someone else an invitation to join the Platform, such as sending an email or text message invitation to a friend. If so, if you provide any information about that third party to us, we will use that information to facilitate the third party’s registration on the Platform. We will not send any marketing or other communications to the third party without obtaining that third party’s prior consent first.
B. WHAT INFORMATION WE DO NOT COLLECT
- Sensitive Information
We do not knowingly collect or process sensitive information about individuals. Users are prohibited by the Terms and Conditions to upload such information. Sensitive information could include information that an individual would typically consider as sensitive and requiring a higher level of confidentiality, including, for example: (1) social security, driver’s license, state identification card, or passport numbers; (2) account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; (3) geolocation data; (4) racial or ethnic origin, political opinions, religious or philosophical beliefs, or union membership; (5) contents of a person’s mail, email and text messages, unless we are the intended recipient of the communication; (6) genetic data; (7) biometric information; (8) health information; (9) sex life or sexual orientation. - Information about Children
We do not knowingly collect or solicit any information from anyone under the age of 16. The Platform is not directed at children under the age of 18. In the event that we learn that we have collected personal information from a child under age 16, without verification of parental consent, we will delete that information as quickly as possible. If you believe that we might have any information from or about a child under 16, please contact us.
C. HOW WE USE YOUR DATA
General: We will use your information, including your Protected Information for the following purposes:
- Providing the Platform. To provide the Platform, and to meet our related contractual obligations to you, we use the Protected Information we collect about you as necessary for the following operations: (1) Making the Platform accessible via browsers or mobile phones, as applicable; (2) Enabling you to access the Platform; (3) Registration and authentication; (4) Hosting and backend infrastructure; (5) Handling Payments (6) Communications, contacts and sending messages; and (7) Content performance and features testing.
- Improving the Platform. For purposes of our internal business reasons and other legitimate interests, we use monitor the integrity of the data collected. We also use data automatically collected about you to perform analytics.
- Legal Obligations. We may use any Protected Information, as necessary based on the circumstances, to comply with applicable federal, state, and other laws and regulations, and to protect the rights, property, or safety of any person using the Platform, including to enforce our Terms and Conditions.
- Communications. We may use information such as your email address and/or phone number to respond to your inquiries, to provide customer service and/or for other technical support, or other necessary acts to perform our contractual obligations to you. As a functionality of the Platform, if you request its activation, we may also use information such as your Device ID, to send push notifications, and/or allow you to identify Users accessing our Platform or whom you intend to invite on the Platform.
- Other Reasons. We may use your Protected Information for any purpose you have given prior consent and when required by law, regulation, rule, or an order of a government entity.
D. STORAGE, RETENTION, AND SECURITY OF DATA
- Data Storage
For hosting the Platform, Website, files, data (including Protected Information), we use a service provider called DigitalOcean LLC (United States). We have carefully selected this third-party service provider and review it regularly to ensure that your privacy is preserved. For more information see the Third Party Service Provider section of this Privacy Policy. - Data Retention
Protected Information will be processed and stored for as long as required by the purpose for which it was collected and for any additional period for which we are required by law to maintain the information. For example, Protected Information collected out of the necessity of our performance of a contractual obligation with you will be kept for 3 years after obligations are terminated (e.g., 3 years after you close your account). However, Protected Information that we are processing based on our legitimate interests will be retained as long as needed to fulfill such purposes. If you have any specific questions regarding our data retention practices, please contact our Privacy Officer. - Security
We make reasonable efforts to ensure a level of security appropriate to the risk associated with the processing of Protected Information. We maintain organizational, technical and administrative measures designed to safeguard Protected Information within our organization against unauthorized access, destruction, loss, alteration or misuse. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. We cannot guarantee the security of any information obtained through your use of our Platform. If you have reason to believe that your interaction with us is no longer secure (for example, if you believe that the security of your account has been compromised), please contact us immediately.
E. HOW WE DISCLOSE YOUR INFORMATION
We do not sell our Users’ or Visitors’ Protected Information. We share information about you in the limited circumstances spelled out below and with appropriate safeguards on your privacy.
- Information We Share with Other Users. We may share information with other Users on the Platform associated with your public profile. This information includes your user name, followers, and content (including records regarding the sending and receiving of TCards and Tcoins tracker). We may share information with the Visitors associated with your posted content on the Platform.
- Information Required by Law and Similar Disclosures. We may disclose Protected Information we have about you (1) If we are required to do so by law, regulation, or legal process, such as a court order or witness; (2) In response to requests by government agencies, such as law enforcement authorities; (3) When we believe disclosure is necessary or appropriate to protect against or respond to physical, financial or other harm, injury, or loss to property; and (4) In connection with an investigation of suspected or actual unlawful activity.
- Subsidiaries, Employees, and Processors. We may disclose information about you to our subsidiaries, our employees, and individuals who are our processors that need to know the information in order to help us provide our Platform to you or to process the information on our behalf. We require all our subsidiaries and employees to follow this Privacy Policy for any Protected Information shared with them and we implement contractual safeguards with our processors.
- With your Consent. We may share and disclose information with your consent or at your direction or request.
- Third Party Service Providers. To support delivery of our Platform, we may engage and use processors with access to certain Protected Information, including the following:
Data processor | Google Oauth | Sign in with Apple | Facebook Authentication | Login Kit | ||
Provided | Apple | a Inc. | ||||
Purpose | Our Services use Single – Sign On technology to Registration and authentication in the Platform with the Google, Apple, Facebook and Snapchat account. | |||||
Where is data processed? | US | |||||
Which Data is processed? | Various types of Data as specified in the privacy policy of the service, which may include: Full Name and Email | |||||
Legal Basis | Performance of contract. | |||||
Commitment to Privacy | Google Privacy Policy
| Apple Privacy Policy | Facebook Privacy Policy
| Snapchat Privacy Policy
|
Data processor Service | DigitalOcean |
Purpose | Provisioning and operations of server and infrastructure services – Data Hosting |
Where is data processed? | US |
Which Data is processed? | All data handled in the service |
Legal Basis | Performance of contract Legitimate Interest (Provide Service) |
Commitment to privacy | DigitalOcean Privacy Policy |
Data processor Service | Twilio |
Purpose | Twilio is used to send SMS messages |
Where is data processed? | https://www.twilio.com/docs/video/ip-address-whitelisting |
Which Data is processed? | Phone Number |
Legal Basis | Performance of contract Legitimate Interest (Provide Service) |
Commitment to privacy | Twilio Privacy Policy |
Data processor | Stripe |
Purpose | Payment Processor |
Where is data processed? | US |
Which Data is processed? | Various types of Data as specified in the privacy policy of the payment processor. We do not collect and store any of user financial data. |
Legal Basis | Performance of contract Legitimate Interest (Analysis, Optimization and Provide Service) |
Commitment to privacy | Twilio Privacy Policy |
Data processor | Google Firebase |
Purpose | Firebase is used by the Platform for Analytics and Crash reporting in the iOS and Android Mobile applications, Push notifications for the Android application and Dynamic links for non-users. User data is sent fully anonymized and does not include personal identifiable data such as phone numbers, emails, names. |
Where is data processed? | Google Datacentres: https://www.google.com/about/datacenters/locations/index.html |
Which Data is processed? | Firebase Crash Reporting: – Instance IDs – Crash traces Crashlytics: – Installation UUID – IP Addresses; Firebase Cloud Messaging – Instance IDs; Firebase Dynamic Links: – Device specs (iOS) |
Legal Basis | Legitimate Interest (Analysis, Optimization and Provide Service) |
Commitment to privacy | Google Privacy Policy |
Data processor | Sentry |
Purpose | Sentry is used by the Platform to collect automated error reporting for users logged in to the Platform. |
Where is data processed? | US |
Which Data is processed? | error reporting |
Legal Basis | Legitimate Interest (Analysis, Optimization and Provide Service) |
Commitment to privacy | Sentry Privacy Policy |
F. USER DATA RIGHTS
- Rights
- Receiving and accessing information about the Protected Information stored by us about you.
- Rectification of inaccurate Protected Information and restricting details.
- Receiving your Protected Information in a structured, commonly used and machine-readable format, as well as having such Protected Information transmitted to another controller (‘data portability’).
- Request erasure of your data, unless such Protected Information needs to be retained for legal purposes. Upon your verified request, we’ll delete your Protected Information (unless an exception applies) and will direct our service providers to do the same.
- Object to the processing of your Protected Information.
- Including withdraw your consent at any time, when you have provided us with your consent to the processing of Protected Information.
- Lodge a complaint with the government agency with jurisdiction over such matters.
- Exercise of Rights
These are not absolute rights that only exist if the relevant conditions are met. For example, the right for erasure does not apply in case your Protected Information is required for compliance with a legal obligation or to establish, exercise or defend legal claims (legal enforcement).
If you would like to exercise these rights, use the respective tools in your profile, and if they are unavailable please contact us at the email addresses specified in this Privacy Policy.
G. INTERNATIONAL DATA TRANSFER
We are headquartered in the United States of America and, except as stated in any privacy policy of one of our listed processors, your Protected Information will be processed in the United States. Your use of the Platform and our privacy practices under this Privacy Policy are governed by the laws of the State of Maryland.
4. PRIVACY NOTICE FOR CALIFORNIA RESIDENTS
General Provision
This Privacy Notice for California Residents supplements the information contained in our Privacy Policy and applies solely to all Visitors and Users, who reside in the State of California (“consumers” or “you”). We adopt this notice to comply with the California Consumer Privacy Act of 2018 (CCPA) and any terms defined in the CCPA have the same meaning when used in this notice.
- No sale. We do not sell your personal information to anyone.
- Information We Collect; Use; and Share
We collect information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household or device (“personal information”).
In particular, we collected the following categories of personal information within the last twelve (12) months:
Category of personal information | Source(s) of personal information | How we use it | How we share it |
Identifiers (such as your name, email address, username, or other similar identifiers)
| We may collect this data when you provide it to us, when you use our services (automatically), or when we collect it from third parties’ services.
For more details on the sources, see the Categories of Information We Collected About You section in our Privacy Policy. | We use this information to provide and improve the Services, to comply with laws; to communicate with you and other reasons.
For more details on how this information, see the How We use your Data section in our Privacy Policy. | We may share this information with the Public, Subsidiaries, Employees, Independent Contractors, third party service providers
For more information on how we share this information, see the How We Disclose Your Information section in Privacy Policy. |
Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e) such as your name, address, telephone number, education.
We do not receive or store your financial data (CVV, card number, etc.) on our systems
Some personal information included in this category may overlap with other categories | We may collect this data when you provide it to us, when you use our services (automatically), or when we collect it from third parties’ services.
For more details on the sources, see the Categories of Information We Collected About You section in our Privacy Policy. | We use this information to provide and improve the Services, to comply with laws; to communicate with you and other reasons.
For more details on how this information, see the How We use your Data section in our Privacy Policy. | We may share this information with the Public, Subsidiaries, Employees, Independent Contractors, third party service providers
For more information on how we share this information, see the How We Disclose Your Information section in Privacy Policy. |
Protected classification characteristics under California or federal law such as your age.
We don’t collect information about the user’s exact age, we are just asking for confirmation that user is over 18 years old. | Not applicable | Not applicable | Not applicable |
Commercial Information, such as purchasing or consuming history, for example records regarding the sending and receiving of TCards | We may collect this data when you provide it to us, when you use our services (automatically), or when we collect it from third parties’ services.
For more details on the sources, see the Categories of Information We Collected About You section in our Privacy Policy. | We use this information to provide and improve the Services, to comply with laws; to communicate with you and other reasons.
For more details on how this information, see the How We use your Data section in our Privacy Policy. | We may share this information with the Public, Subsidiaries, Employees, Independent Contractors, third party service providers
For more information on how we share this information, see the How We Disclose Your Information section in Privacy Policy. |
Biometric information
| Not applicable | Not applicable | Not applicable |
Internet or another similar network activity such usage data as session logs, information on a consumer’s interaction with the Platform or Website, etc. | We may collect this data when you provide it to us, when you use our services (automatically), or when we collect it from third parties’ services.
For more details on the sources, see the Categories of Information We Collected About You section in our Privacy Policy. | We use this information to provide and improve the Services, to comply with laws; to communicate with you and other reasons.
For more details on how this information, see the How We use your Data section in our Privacy Policy. | We may share this information with the Public, Subsidiaries, Employees, Independent Contractors, third party service providers
For more information on how we share this information, see the How We Disclose Your Information section in Privacy Policy. |
Geolocation data, for example, physical address | Not applicable | Not applicable | Not applicable |
Electronic, visual, or similar information such as content (TCards) created and transmitted through the Platform. | We may collect this data when you provide it to us, when you use our services (automatically), or when we collect it from third parties’ services.
For more details on the sources, see the Categories of Information We Collected About You section in our Privacy Policy. | We use this information to provide and improve the Services, to comply with laws; to communicate with you and other reasons.
For more details on how this information, see the How We use your Data section in our Privacy Policy. | We may share this information with the Public, Subsidiaries, Employees, Independent Contractors, third party service providers
For more information on how we share this information, see the How We Disclose Your Information section in Privacy Policy. |
Inferences drawn from other personal information. | Not applicable | Not applicable | Not applicable |
- Sharing with third parties. In the past twelve (12) months we shared personal information for our business purposes with service providers as set forth in the section “Third Party Service Providers” of the Privacy Policy.
- Rights and Choices
- Right to know what personal information we collect. You have the right to request details on the specific personal information we’ve collected about you. We provide this information in our Privacy Policy, but you can also get this information by contacting us.
- Right to know who we share your data with. We do not sell your data, but we do share your information with others for legitimate business purposes and performance of our contract with you. For example, we use service providers to store and host your data. See the How We Disclose Your Information section for more details.
- Right to deletion. You have the right to request deletion of your data, unless an exception applies. Examples of exceptions include: when we need to keep data to meet legal obligations, detect fraud, investigate reports of abuse or other Terms of Conditions violations, or fix security issues. Upon your verified request, we’ll delete your personal information (unless an exception applies) and will direct our service providers to do the same.
- Get a timely response. You have the right to make two free requests in any 12-month period. We will respond to your request within 45 days, and in more difficult cases we may extend our response time by another 45 days. Our support team is pretty great, so they tend to respond a lot quicker. The easiest way to get information is by following the instructions above, but you or your authorized agent can also email [email protected].
- Non-Discrimination. We uphold the principle of non-discrimination and encourage you to review your privacy settings closely and reach out to us with your questions.
- Revisions on the Privacy Notice for Californian Residents. We’ll update this Notice every 12 months and let you know when we’ve made updates consistent with our Privacy Policy.
5. PRIVACY NOTICE FOR NEVADA RESIDENTS
Nevada law allows customers to “opt-out” of the sale of certain personal information, called “covered information.” We do not sell covered information as defined in the law and we have no plans to change that practice. If you want to be notified if we do change that practice, please send your name and email address to [email protected]. We will contact you if there are any changes and you can complete your opt-out at that time. If your email address changes at any point, you will need to send your new email address to us at [email protected].
6. AMENDMENTS TO THE PRIVACY POLICY
We reserve the right to amend this Privacy Policy at our discretion and at any time. When we make changes, we’ll let you know one way or another. Sometimes, we’ll let you know by revising the date at the top of the Privacy Policy that’s available on our website and mobile application. Other times, we may provide you with additional notice (such as adding a statement to our websites’ homepages or providing you with an in-app notification).