Advancify Privacy Policy
Effective Date: October 10, 2024

This Privacy Policy outlines how we collect, use, and share information through our Services and on the Advancify website at www.advancify.co (the "Site"). By using our Services and/or the Site and submitting your information, you agree to the terms of this Privacy Policy. This policy should be read in conjunction with, and is incorporated into, the Advancify website’s Terms and Conditions of Use (https://www.advancify.co/terms).

This Privacy Policy is governed by the laws of the state specified in the Terms of Service applicable to your Services. Any capitalized but undefined terms used in this Privacy Policy have the meanings assigned to them in the Terms of Service relevant to the Advancify Services you are using.

Summary

Advancify processes two types of personal data in relation to its Services: (1) your account and contact data, for which we are responsible (as the Data Controller under the EU's General Data Protection Regulation (GDPR) or as a business under the California Consumer Privacy Act (CCPA)); and (2) your User Data, collected from your monitored devices associated with your User Accounts ("Monitored Devices"), for which you are responsible (as Data Controller under GDPR), while Advancify acts as a data processor under GDPR or a service provider under CCPA.

• Account and Contact Data: We use this data to manage our relationship with you, including activation, support, invoicing, and upselling. This is detailed in Section A of this policy.
• User and Monitored Devices Data: This information is processed on your behalf to provide parental control and monitoring services via the control panel. This is described in Section B of this policy.

You are solely responsible for the configuration and use of the parental control panel and the processing of personal data associated with your account. This includes the collection, storage, and analysis of personal data from Users' Monitored Devices. Advancify automatically implements the configurations and instructions you provide, making you solely responsible for the control panel's setup.

Compliance with the Children’s Online Privacy Protection Act (COPPA)

COPPA and its rules require us to inform parents and legal guardians ("parents") about our practices for collecting, using, and disclosing personal information from children under the age of 13 ("children"). It also requires us to obtain verifiable consent from a child’s parent or confirm that the child’s teacher has obtained such consent for certain collections, uses, and disclosures of the child’s personal information.

Read more about COPPA on the FTC’s COPPA page. This regulation is designed to protect your children’s privacy. For a child under the age of 13 in the United States to use the Advancify Services, their parent or teacher must approve the registration. The Advancify Services are intended for use in a household environment by parents, not by children, and we do not knowingly collect personal information directly from children under 13.

You warrant that (a) you have informed any Users aged 14 years or older that the Monitored Devices they use include control and monitoring software and have obtained their authorization for this activity, or (b) there are rules in your country that exempt you from this obligation or provide a different age limit, in which case that limit applies. Both Advancify and you agree to comply fully with this Privacy Policy.

A. Data Processed by Advancify as Data Controller

Please note that this section does not regulate the processing of user data from Monitored Devices ("User Data") by Advancify in its capacity as a Processor, which is regulated in Section B.

1. Data Controller The Data Controller is Neuronext Inc., 1207 Delaware Ave #301, Wilmington, DE 19806. You can contact our Data Protection Officer with any suggestions, queries, concerns, or complaints about personal data, or to access your personal data by writing to: privacy@advancify.co.
2. Data Collection by Advancify through the Services Advancify collects and processes the following personal data as a data controller through the Services:
• Registration Data: When registering for Services, we collect your name, surname, and email address. This data is mandatory, and without it, your account cannot be created.
• Payments: Our payment provider (Stripe) collects certain payment data, which is processed according to their terms and privacy policies. Further information can be found at https://stripe.com/it/privacy-center/legal. Additional payment gateways may be contracted, and their terms will be provided during the payment process.
• Information about Your Computer: When you visit our platform, we automatically receive the URL of the site you came from and the site you visit next. We also receive your computer's IP address and web browser type. We use this information to analyze overall trends and improve the Services. This information is not shared with third parties without your permission.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

3.      Personal Data We Collect:

• Profile name
• Email address
• Password
• Birthdate
• Gender
• Eyeglasses use

You provide some of this data through the registration form or the account page. We also collect some data from your device (e.g., country or region).

4.      Data Collected through Your Use of Advancify Services:

Personal data is collected and processed when you access or use the Advancify Service. This includes:

• Actions you take with the Advancify Service (including date and time):
• Browsing history
• Account settings
• Digital activities – data from applications installed on your devices
• Internet activity, including visited URLs and times of visits
• Technical Data:
• URL information
• Online identifiers such as cookie data and IP addresses
• Information about the devices you use:
• Device ID
• Network connection type (e.g., Wi-Fi, 4G, LTE, Bluetooth)
• Service provider
• Network and device performance
• Browser type
• Language
• Digital rights management information
• Operating system
• Advancify app version
• General Location (not exact):
• General location includes country, region, or state. We may obtain this information from technical data (e.g., IP address or language setting on your device) or payment currency.

Purposes for Processing: The personal data we collect is used to perform our contract and communicate with you, manage your Advancify Account, and provide our Services (as described in the Terms). We also use this data to measure and improve the Services' functionality and to provide customer service, send email notifications, and (with your consent) newsletters or communications about the Services, products, and promotions. Additionally, we use your data to ensure compliance with the Terms, applicable laws, and other legal obligations.

Legal Basis for Processing: Below are the lawful bases for processing your data:

• Preparation and Performance of Contract: Processing your data is necessary for the performance of our contract with you or to take steps at your request before entering into such a contract.
• Legitimate Interest: We have a legitimate interest in processing your Registration Data to manage and improve our business, ensuring you receive the best service/product and experience. We consider and balance any potential impact on you and your rights before processing your personal data for our legitimate interest. We do not use your personal data for activities where our interests are overridden by the impact on you unless we have your consent or are required or permitted to by law.
• Compliance with Legal or Regulatory Obligations: We may process your personal data where necessary to comply with a legal or regulatory obligation.

Generally, we do not rely on consent as a legal basis for processing your Account Data, except for sending marketing communications via email or text message. However, for transparency and clarity, we ask you to provide this consent during account registration. You have the right to withdraw consent at any time by contacting us at privacy@advancify.co. This will not affect the processing of your Registration Data for service provision until you cancel your account.

Service Optimization: We may process data on an aggregated, non-identifiable basis to establish general user attributes and profiles. We may share this anonymous information with third-party service providers to improve or promote our Services. We also use your data in a non-identifying and aggregated manner to better design our website, software, and services.

Disclosure: We treat your personal data with strict confidentiality in accordance with applicable law. However, we may disclose information about you or your use of our Services to: (i) comply with legal obligations, (ii) correctly deliver our Services or perform other obligations in accordance with the Terms, (iii) conduct due diligence in the event of a sale or change of control of the Company, or (iv) share it with service providers that provide services related to the data.

We require all third parties to respect the security of your personal data and to process it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process it for specific purposes in accordance with our instructions.

5.      Advancify Monitoring on iOS Devices

When you install the Advancify Software on Monitored Devices running the iOS operating system, due to the system's technical configuration, all data transmitted to and from the device is routed through our servers. This configuration allows us to be visible to third parties such as your internet access provider and the owner of the IP address from which communications originate. Although we are not an internet access provider, this setup means that we may receive notifications ("Notifications") from third parties regarding the User’s online behavior, including but not limited to downloading/viewing online content, posting content, opening online accounts, or using third-party applications and programs. If we receive a Notification indicating that your User is engaging in activities that are illegal or may violate the rights of third parties, or if we believe (in our reasonable judgment) that any User activity may be detrimental to the provision of our Services, we will notify you.

We reserve the right to take the following actions (and will do so if required by court order, applicable law, or to protect our interests and business):

• Suspend or block access to your device(s) to the internet or specific websites/internet services.
• Provide your name and contact details to the party issuing the Notification, a court, or a public authority.
• Terminate your account if necessary.

For iOS devices, after installing the MDM profile, Advancify Kids will have access to the activities of all installed applications on the device. This information is routed only to Advancify servers and is not shared with any third parties. The specific information collected through MDM includes:

• Application names, usage time, and operating system version: used to categorize visited applications and report activity to the parent.

 

 

6.      Data Retention

We will retain your personal data only as long as necessary to fulfill the purposes for which it was collected, including:

• The performance of the contract with registered users.
• Compliance with legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the data, the potential risk of harm from unauthorized use or disclosure, the purposes of processing, and applicable legal requirements. Generally, we will retain your personal data for the duration of your subscription (in active format) and for 5 years thereafter (in a blocked format) for legal and/or administrative purposes.

7.      Anonymized Data for Statistical Purposes

To improve our Services and provide sector/segment reports, we may anonymize your Registration Data and certain User Data. This anonymized data will be stored and processed indefinitely, even after your account has been closed. The primary purpose is to analyze how our Services are used on an aggregated, non-identifiable basis, measure their effectiveness, and provide general customer service. We may also share this anonymized data with third-party business partners for academic research, surveys, or commercial analytics, and to publish periodic reports on behavior patterns and trends.

8.      International Transfers of Data

We utilize third-party technological services to provide Advancify Services, and these providers may process your personal data as sub-processors. These entities may be located in jurisdictions that do not provide adequate safeguards regarding personal data processing. For all entities outside the European Economic Area (EEA), Australia or Singapore we have entered into contracts with such entities that include safeguards such as EC model clauses and have implemented additional safeguards in accordance with applicable law:

·         Hetzner Online GmbH. Provides cloud hosting services. For more information, visit   Hetzner’s Privacy Policy  https://www.hetzner.com/legal/privacy-policy/

• Amazon Web Services (Amazon.com, Inc.): Provides cloud hosting services. For more information, visit Amazon’s Privacy Policy.
• Stripe, Inc.: Provides payment services. For more information, visit Stripe’s Privacy Policy.
• Zendesk Inc.: Provides Advancify with support services. For more information, visit Zendesk’s Privacy Policy.

 

For more information about our service providers that conduct international data transfers, please contact privacy@advancify.co.

9.      Data Security

We have implemented technical and organizational measures to protect your personal information from unauthorized access, alteration, loss, or misuse. These measures take into account the current state of technology, the nature of the information stored, and the risks to which it is exposed. In the event of a security breach, we will take appropriate action and notify you electronically in a timely manner.

10.  Data Subject’s Rights

Under applicable data protection law, you have the following rights:

• Request Access: Obtain a copy of the personal data we hold about you and check that we are lawfully processing it.
• Request Correction: Have incomplete or inaccurate data corrected, although we may need to verify the accuracy of the new data you provide.
• Request Erasure: Ask us to delete or remove personal data where there is no legitimate reason for us to continue processing it. This includes cases where you successfully exercise your right to object to processing, where your information has been unlawfully processed, or where we must erase your data to comply with local law. Note that we may not always be able to fulfill your request for specific legal reasons, which will be communicated to you at the time of your request.
• Object to Processing: Object to our processing of your personal data where we rely on a legitimate interest or where processing impacts your fundamental rights and freedoms. You can also object to your data being processed for marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds for processing that override your rights.
• Request Restriction of Processing: Ask us to suspend the processing of your personal data in certain scenarios, such as when you want us to verify the data’s accuracy, where our use of the data is unlawful but you do not want it erased, where you need us to retain the data to establish, exercise, or defend legal claims, or where you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to continue using it.
• Request Data Portability: Request the transfer of your personal data to you or a third party in a structured, commonly used, machine-readable format. This right applies only to automated information initially provided with consent or used to perform a contract with you.
• Withdraw Consent: Withdraw your consent at any time where we rely on consent to process your personal data. This will not affect the lawfulness of processing carried out before you withdraw consent, but it may affect our ability to provide certain products or services to you. We will notify you if this is the case.

If you exercise your rights, we may need to request specific information from you to confirm your identity and ensure your right to access your personal data (or to exercise any other rights). This is a security measure to ensure that personal data is not disclosed to anyone without the right to receive it. We may also contact you for further information to expedite our response.

11.   Exercising Your Rights to Know or Delete

To exercise your rights to know or delete your personal information, you can submit a request by either:

• Emailing us at privacy@advancify.co.

Only you, or someone legally authorized to act on your behalf, may make a request to know or delete your personal information. To designate an authorized agent, please email us at privacy@advancify.co. You may also submit a request on behalf of your child by emailing us at the same address.

You may submit a request to know only twice within a 12-month period. Your request must:

• Provide sufficient information to reasonably verify that you are the person whose personal information we collected or an authorized representative. This may include, but is not limited to:
• (a) Contact information associated with the account.
• (b) The user profile name.
• (c) The name of one or more Monitored Devices.
• (d) Technical information (e.g., model ID, serial number, IMEI code, operating system, etc.).
• (e) Any other personal information we determine in our sole discretion to be sufficient for verifying your identity with a reasonable degree of certainty.
• Describe your request with sufficient detail to allow us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide personal information if we cannot verify your identity or authority to make the request and confirm that the personal information relates to you.

You do not need to create an account with us to submit a request to know or delete. However, we consider requests made through your password-protected account to be sufficiently verified when the request relates to personal information associated with that specific account.

We will only use personal information provided in the request to verify the requestor’s identity or authority to make the request.

12.    Response Timing and Format

We strive to respond substantively to a verifiable consumer request within thirty  (30) days of receipt. If we require more time (up to an additional 30 days), we will inform you of the reason for the extension in writing.

Any disclosures we provide will only cover the 12-month period preceding our receipt of your request. Our response will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will provide your personal information in a format that is readily usable and should allow you to transmit the information from one entity to another without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that a fee is warranted, we will explain our decision and provide a cost estimate before completing your request.

13.  Commercial Communications

As a user of Advancify’s Services, you will receive electronic commercial communications in accordance with applicable law. This includes alerts, notices, newsletters, offers, and promotions related to Advancify’s Services. If you do not wish to receive such information, you can opt out by clicking "unsubscribe" in one of our emails or by sending a notification to privacy@advancify.co.

 

 

General

We may amend this Privacy Policy as necessary to reflect future legislative or case law developments. We will notify you of any changes by posting a clear notice on our website, platform, and in this Privacy Policy.

Unless a specific local regulation of mandatory application provides otherwise, this Privacy Policy is governed by the laws of the State Delaware.

 

B. Advancify Processing User Data as Data Processor/Service Provider

When you register and create an account, Advancify begins collecting data from the devices associated with your account. This data may include personal information relating to you, the users of the devices, or third parties ("User Data"). This information includes details about your devices, websites and apps used by your users, contacts, connections, payments, messages, other communications, and any content posted or received. Additionally, in the case of any promotional campaigns or other initiatives, Advancify may process the contact information (name and email address) of potential new clients or users that you provide. This Section B applies to the processing of these data as well.

As a data processor under the GDPR and a service provider under the CCPA, we process User Data according to your instructions (as our customer, the "Client"), who acts as the data controller. This means that you control this data: you decide which data is collected and how it is used for your parental control purposes. While most of this data may be processed within a domestic context, we are providing a commercial service to you, and therefore our processing of the User Data on your behalf is governed by the terms outlined in this Section B.

1. Object and Term

The purpose of this Section B is to regulate the processing of the User Data that you provide to Advancify in order to receive our Services. The term of this Section B is aligned with the duration of your subscription with Advancify.

2. Details of Processing

For CCPA compliance, Advancify has collected the following types of personal data/information from consumers within the past twelve months. Under the GDPR, these data types are processed by Advancify as a data processor:

• Identifiers: Such as real name, alias or account name, unique personal identifier, online identifier, IP address, and email address.
• Monitored Device Usage Information: Depending on the functionalities configured by the Account Owner in the dashboard, this may include URLs of visited websites on supported web browsers, website usage times and number of visits, application usage times, Monitored Device usage times, and Monitored Device location information. All data collected by such devices, including identification and contact data, internet browsing and content viewing data, and behavioral data.

Technical Information about the Monitored Device: Such as the model ID. For iOS devices, after installing the MDM profile, Advancify will have access to the activities of all installed applications on the device. This information is routed only to Advancify servers and is not shared with any third party. The specific information collected through MDM includes:

-Application names, usage time, and operating system version: used to categorize visited applications and report activity to the parent.

3. Warranty and Indemnity

As the responsible party for User Data that we process on your behalf as a data processor, you represent and warrant that you have obtained all appropriate informed consents or other legal bases for processing from each data subject whose personal data is submitted to us through the Advancify Software. You agree to indemnify and hold us harmless from all claims, damages, and losses we may suffer relating to or arising from the processing of User Data and other third-party personal data submitted to our systems during the use and provision of our Services.

4. Your Use of User Data

As the Data Controller, you warrant that you have the appropriate authority to collect and process the User Data and any other data you provide to us. You will not submit any personal data relating to individuals over the age of 13 who have not authorized such processing. Through our Services, you may access a copy of the User Data we collect on your behalf. You are responsible for protecting the confidentiality of any User Data accessible through the Services and preventing unauthorized access or disclosure.

5. Service Configuration and Data Processing Instructions

As a user, you are responsible for installing the Advancify Software and configuring the control panel, which constitutes your instructions for us to process User Data on your behalf to provide the Services. The level and degree of surveillance and monitoring are entirely under your control, and we will not be liable for any configuration and control decisions you make. Additionally, any support requests you submit via email or phone constitute instructions for us to process User Data as necessary to assist with your request or perform any actions you ask us to take. All such User Data remains your responsibility, with Advancify acting as a data processor in accordance with this Privacy Policy.

6. Retention

We store User Data until you close your account. After your account is closed, we disassociate the personal data from the individual it refers to and use this disassociated data for internal research and analysis purposes.

 

7. Data Removal

During your subscription, we typically retain your User Data in an identifiable form for 12-month periods to provide our annual behavior report. Additionally, you can delete all historical data through the Platform control panel at any time. Once deleted, this data will no longer be accessible and will be fully removed from our systems during the next backup, except as noted below. If you wish to remove all User Data in your Advancify Account, please uninstall Advancify from your devices and send an email (as detailed below) with a digital copy of your ID or other identification document to verify your identity. Once your identity is confirmed, we will remove all Data from our active systems and backups within ten days.

8. Subcontracting

Advancify may subcontract its obligations and/or provide access to User Data to third-party service providers if necessary for the proper provision of the Services. You hereby expressly authorize Advancify to subcontract the entities listed in clause 8. Advancify ensures that each third-party subcontractor is contractually obligated to process User Data in accordance with applicable data protection laws and your instructions.

9. International Transfer of Data

We use third-party technological services to provide our Services, whose providers may process Registration Data and User Data collected during the provision of services as sub-processors. You authorize us to subcontract these services and transfer User Data to the entities and countries listed below:

• Hetzner Online GmbH. Provides cloud hosting services. For more information, visit   Hetzner’s Privacy Policy  https://www.hetzner.com/legal/privacy-policy/
• Amazon Web Services (Amazon.com, Inc.): Provides cloud hosting services. For more information, visit Amazon’s Privacy Policy.
• Stripe, Inc.: Provides payment services. For more information, visit Stripe’s Privacy Policy.
• Zendesk Inc.: Provides Advancify with support services. For more information, visit Zendesk’s Privacy Policy.

10. Security Breach of Personal Data

If there is a security breach involving personal data, Advancify will notify you and the competent supervisory authority without undue delay, and if possible, no later than seventy-two (72) hours after the breach occurs. This is subject to any instructions from a competent supervisory authority, national legislation, or delegated act.

11.Your Australian Law Rights

a. If the Privacy Act 1988 (Cth) ("Australian Privacy Act") applies to you, this Section applies.

b. For the purposes of clause 7 (Subcontracting), Advancify will also ensure that any agreement with a third party requires the third party to comply with the Australian Privacy Principles under the Australian Privacy Act.

c. If you wish to make a complaint about a breach of the Australian Privacy Act, the Australian Privacy Principles, or a privacy code that applies to Advancify, please contact us at privacy@advancify.co. We will take reasonable steps to investigate your complaint and respond to you. If, after this process, you are not satisfied with our response, you may submit a complaint to the Office of the Australian Information Commissioner (OAIC). To lodge a complaint, visit the 'Complaints' section of the Information Commissioner’s website at http://www.oaic.gov.au/privacy/privacy-complaints to obtain the relevant complaint forms, or contact the Information Commissioner’s office directly.

12. Changes to Our Privacy Policy

We reserve the right to amend this Privacy Policy at our discretion and at any time. When we make changes to this Privacy Policy, we will post the updated notice on the Application and update the notice’s effective date. Your continued use of Advancify Services following the posting of changes constitutes your acceptance of those changes.