PRIVACY POLICY
Last updated [17th September 2024]
INTRODUCTION
This privacy policy in respect of Mande Limited ("we," "us," or "our"), describes how and why we might collect, store, use, and/or share ("process") your information when you use the Mande application (application).
INFORMATION WE DO COLLECT
We collect personal information that you voluntarily provide to us when you create an account on our application or interact with the application or otherwise when you contact us.
The personal information that we collect depends on the context of your interactions with us, the choices you make, and whether or not you make a purchase.
For the creation of an account and use of the application, we will collect only an email address. However where necessary, we may require your name, date of birth and phone number.
To enjoy functionalities like creating reminders and scheduling times to use the application, we will require access to your Google calendar. Users have the opportunity to enable or disable this access.
We do not collect any data with respect to payments. All payment data is handled by our trusted third payment service provider.
INFORMATION WE AUTOMATICALLY COLLECT
We automatically collect certain information when you visit, use, or navigate the application. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our application, and other technical information. This information is primarily needed to maintain the security and operation of our services, and for our internal analytics and reporting purposes.
HOW WE PROCESS YOUR INFORMATION
We process your personal information for the following reasons;
• To facilitate account creation and authentication (where necessary) and otherwise manage user accounts.
• To deliver and facilitate delivery of services to the user.
• To respond to user inquiries/offer support to users.
• To send administrative information to you. We may process your information to send you details about our application and related services, changes to our terms and policies, and other similar information.
• To fulfill and manage your purchases and payments.
• To send you marketing and promotional communications ( only via the email address you provide).
• To deliver targeted advertising to you (using your email address for targeting purposes).
For the avoidance of doubt, our marketing communications and targeted advertising efforts use only your email address. No other personal data, including any data obtained through Google APIs or other sensitive information, is used for these purposes.
LEGAL BASIS
The GDPR
The General Data Protection Regulation (GDPR) and UK GDPR require us to explain the valid legal basis we rely on in order to process your personal information. As such, we may rely on the principles set put in the GDPR to process data of users in the EU as well as EU citizens who may necessarily not be in the EU but may use our service.
Aside from users from GDPR-bounded countries, personal data will be processed in accordance with local data protection laws in the jurisdiction of the user.
INFORMATION AND DATA SHARING
We may share your data with third-party vendors, service providers, contractors, or agents (“third parties”) who perform services for us or on our behalf and require access to such information to do that work. This includes, but is not limited to, services provided by Google and other partners. All third-party services are required to comply with applicable privacy and data protection laws.
Our app integrates with Google APIs, and as such, we comply with Google's data use and sharing policies. This includes:
• Only collecting, using, and sharing data in ways that are described in this privacy policy.
• Limiting the use of data to the purposes explicitly stated in this policy and the user's consent.
• Ensuring that any data shared with Google is done securely and in accordance with Google's API Services User Data Policy.
• Additionally, we do not retain or use user data obtained through Google Workspace APIs to develop, improve or train generalized AI and/or ML models.
We obtain your explicit consent before sharing data with any third-party service. Users have the right to withdraw their consent at any time and request the deletion of your data.
We may disclose your data to comply with legal obligations, enforce our terms and conditions, or protect the rights, property, or safety of our users and others. This disclosure will only occur in accordance with applicable laws and regulations.
COOKIES AND OTHER TRACKING TECHNOLOGIES
We may use cookies and other tracking technologies to collect and store your data. Users are given the opportunity to accept or deny cookies.
HOW WE KEEP YOUR INFORMATION
We will keep your personal information for as long as it is necessary for the purposes set out in this privacy notice, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements). No purpose in this notice will require us to keep your personal information for longer than 6 years after the termination of your account.
We have implemented appropriate and reasonable technical and organizational security measures designed to protect the security of any personal information we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. That notwithstanding, we will do our best to protect your personal information and ensure that transmission of personal data is without compromise.
Finally, we may also collect other personal information outside of these categories instances where you interact with us via other channels like email in the context of:
• Receiving help through our customer support channels
• Participation in customer surveys or contests; and
• Facilitation in the delivery of our Services and to respond to your inquiries.
DATA PROTECTION MECHANISM
We implement robust data protection mechanisms to safeguard your personal information, especially sensitive data such as calendar information obtained through Google APIs. These mechanisms include:
Encryption: All data transmitted between your device and our servers is encrypted using industry-standard TLS (Transport Layer Security) protocols. Sensitive data stored on our servers is encrypted at rest using AES-256 encryption.
Access Controls: We employ strict access controls and authentication mechanisms to ensure that only authorized personnel can access user data. This includes multi-factor authentication for our staff and role-based access control systems.
Regular Security Audits: We conduct regular security audits and vulnerability assessments to identify and address any potential security risks.
Secure Data Centers: Our data is stored in secure, SOC 2-compliant data centers with 24/7 physical security, redundant power systems, and environmental controls.
Data Minimization: We collect and retain only the data necessary for the functioning of our application. Data obtained through Google APIs is used solely for the purpose for which it was collected and is not retained longer than necessary.
REQUEST TO DELETE
You can ask to delete your personal information. If you ask us to delete your personal information, we will respect your request and delete your personal information, subject to certain exceptions provided by law, such as (but not limited to) the exercise by another consumer of his or her right to free speech, our compliance requirements resulting from a legal obligation, or any processing that may be required to protect against illegal activities.
UPDATES TO THIS NOTICE
We may update this privacy notice from time to time. The updated version will be indicated by an updated "Revised" date and the updated version will be effective as soon as it is accessible. If we make material changes to this privacy notice, we may notify you by directly sending you an email. We encourage you to review this privacy notice frequently to be informed of how we are protecting your information.
CONTACT US
If you have questions or comments about this notice, you may contact us by email at getmande@gmail.com