Effective Date: February 7, 2024
1. INTRODUCTION. This Privacy Policy (the “Policy”) explains how Comigo Inc. (“Comigo”, “we”, “us”, “our”) collects, uses, and discloses personal information through its website and its online productivity and mental health support platform (the “Platform”, and collectively with the website, the “Services”). By using or accessing the Services in any manner, you acknowledge that you accept the practices and policies outlined in this Policy, and you hereby consent that we will collect, use, and share your personal information in the following ways. Any capitalized terms that are not defined in this Policy are defined in our Terms of Service.
2. INFORMATION COLLECTED AND HOW WE USE IT. As explained further in this section, you will have the opportunity to provide us with certain personal information. In addition, we may collect certain personal information automatically through your use of the Services. The rest of this section provides a more detailed explanation of the personal information we collect, how we use that personal information, and our lawful bases for processing that personal information.
2.1. Voluntarily Disclosed Information. The following table identifies the specific purposes for which you may voluntarily disclose personal information to us, along with our lawful bases for processing that personal information.
|
Purpose for Collection |
Type of Personal Information |
How we collect that information |
Lawful Basis for Processing |
|
Account Creation and communication with you about your account |
Name, Email address |
Directly from you or from Google if you register through your Google account |
Your consent; Performance of a contract with you |
|
Customization of your experience with the Services |
Age |
Directly from you |
Your consent; Performance of a contract with you; Our legitimate interest of customizing the Platform for you |
|
Your use of the Platform |
Any personal information you may include in your communications with the Platform |
Directly from you |
Your consent; Performance of a contract with you; Our legitimate interest of customizing the Platform for you |
|
Payment processing |
Your payment information |
Collected directly from you by our payment processor, as explained further in Section 3.1. |
Your consent; Performance of a contract with you; Our legitimate interest of collecting payments owed to us |
|
Marketing communications |
Name, Email address |
Directly from you |
Your consent |
2.2. Automatically Collected Information. Whenever you interact with the Services, we automatically receive and record information on our server logs from your browser or device, which may include your IP address, geolocation data, device identification, “cookie” and pixel tag information, the type of device you’re using to access the Services, the website you came from, and the actions you take on the website and the Platform. You can learn more about our use of cookies and related technologies in our Cookie Policy. We use the data we automatically collect from you to customize content for you that we think you might like, based on your usage patterns. We may also use it to improve the Services – for example, this data can tell us how often users use a particular feature of the Services, and we can use that knowledge to make the Services interesting to as many users as possible. In addition, this data helps us watch for and address issues encountered on the Platform. We collect this information with your consent, to perform our contract with you, and for our legitimate interest of providing a smooth user experience on the Services.
3. DISCLOSURE OF PERSONAL INFORMATION. We may disclose your personal information as detailed in this section.
3.1. Personnel and Third Party Service Providers. We employ personnel and engage other companies and people to perform tasks on our behalf and need to share your personal information with them to provide products or services to you. Some examples include our use of a third party payment processor (Stripe) to process payments on our behalf, so the payment processor will have access to your payment information, as well as aspects of our Services that are processed through OpenAI’s application programming interface (API).
3.2. Analytics Services. We use Mixpanel, Google Tag Manager, and Google Analytics to understand how visitors engage with our Services. Mixpanel, Google Tag Manager, and Google Analytics will have access to certain activity that occurs through the Services. You can learn more about the information that Google has access to at the following website: https://policies.google.com/technologies/partner-sites.
3.3. Social Media Marketing. Through pixel tags and cookies placed on our website, we may measure, optimize, and build audiences for our advertising campaigns on certain social media platforms like Facebook, TikTok, Instagram, and Pinterest. Those social media platforms will see certain information about user interactions on our website (as described further in Section 2.2 above and in our Cookie Policy) in order to ensure that our advertising on those social media platforms is seen by our users most likely to be interested in such advertising. The social media platforms do not have access to information about user activity on our Platform. You can learn more about how social media platforms use the information from our website in our Cookie Policy.
3.4. Anonymous Information. We may de-identify your personal information so that you are not identified as an individual and use that anonymized data to train and improve our Platform. Anonymized data may also be shared and used for research purposes in order to document user experience over time and inform scientific understanding of topics such as executive functioning and conversational agent usage.
3.5. Business Transfers. If we (or our assets) are acquired, or if we go out of business, enter bankruptcy, or go through some other change of control, personal information could be one of the assets transferred to or acquired by a third party.
3.6. Legal Compliance. We reserve the right to access, read, preserve, and disclose any information that we believe is necessary to comply with governmental requests, law enforcement or court orders, or enforce or apply our Terms of Service and other agreements.
4. INTERNATIONAL TRANSFERS. We may transfer the personal information of users from the European Economic Area or United Kingdom to the United States. When doing so, we rely on adequacy decisions, data transfer agreements, or other legally compliant mechanisms for such transfers, including standard contractual clauses. You can ask for a copy of these standard contractual clauses by contacting us as set out below.
5. SECURITY. We use commercially reasonable physical, managerial, and technical safeguards to preserve the integrity and security of your personal information. In addition, we rely on the technical safeguards provided by the third party service providers we use to host, store, and process your personal information. We cannot, however, ensure or warrant that your personal information on the Services may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards.
6.1. Who To Exercise Your Rights With. You may have rights under data protection laws in relation to your personal information. You can learn more about your rights further down in this section. If we have collected your personal information as a result of our contractual relationship with you, we are a “controller” of that personal information and you can exercise your rights with respect to your personal information by following the instructions below. However, if we have collected your personal information as a result of agreements we have in place with our clients, we are a “processor” of your personal information and those clients control our use of your personal information and determine how and for what purpose we process your personal information.
If we are a processor of your personal information, and you have any questions or concerns about how your personal information is handled or would like to exercise your rights as a data subject, you should contact the client who has contracted with us to use the Services to process your personal information. That client’s privacy policy governs their use (and our processing) of your personal information. We will provide assistance to the client to address any concerns you may have, in accordance with the terms of our contract with them and applicable law.
6.2. Rights of Users in the EEA and UK. If you reside in the EEA or the UK and we are a controller of your personal information, you have the following rights under the General Data Protection Regulation or similar laws in your country:
6.2.1. Request access to your personal information. You may request a copy of the personal information we hold about you and to check that we are lawfully processing it. Where we have good reason, and where applicable law permits, we can refuse your request for a copy of your personal information, or certain elements of the request. If we refuse your request or any element of it, we will provide you with our reason(s) for doing so.
6.2.2. Request correction of your personal information. You may request that we correct any incomplete or inaccurate data we hold about you.
6.2.3. Request erasure of your personal information. You may request that we delete or remove personal information where there is no good reason for us continuing to process it. You may also ask us to delete or remove your personal information where you have successfully exercised your right to object to processing (see below), where we may have processed your personal information unlawfully or where we are required to erase your personal information to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request. You may not request the removal of de-identified, anonymous, or aggregate data from our databases.
6.2.4. Right to Object to or Restrict Processing. In certain circumstances, you have the right to object to our processing of your personal information (for example, if we are processing your personal information on the basis of our legitimate interests but there are no longer any compelling legitimate grounds to justify our processing overriding your rights and interests). You may also restrict our processing of your personal information, for example during a period in which we are verifying the accuracy of your personal information in circumstances where you have challenged the accuracy of that personal information.
6.2.5. Request the transfer of your personal information to you or to a third party. In certain instances, you have a right to receive the personal information that we hold about you (or a portion thereof) in a structured, commonly used and machine-readable format. In such circumstances, you can ask us to transmit your personal information to you or directly to a third-party organization on your behalf. While we are happy for such requests to be made, we are not able to guarantee technical compatibility with a third-party organization’s systems. We are also unable to comply with requests that relate to personal information of others without their consent.
6.2.6. Withdraw consent. You may withdraw your consent for our processing of your personal information where we are relying on consent to process that personal information. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
6.3. Rights of All Other Users. Regardless of where you reside, you may access, edit and delete the personal information associated with your account by emailing us. Please understand, however, that it may be impossible to delete this information completely, due to backups and records of deletions. In addition, we may deny a deletion request if the denial is necessary for us to comply with applicable law. You may not request the removal of de-identified, anonymous, or aggregate data from our databases.
6.4. How to Exercise Your Rights. If you wish to exercise any of the rights set out above and we are the controller of your personal information, please contact our data protection officer at privacy@comigo.ai. If you have authorized an agent to exercise your rights on your behalf, the agent may also contact us at privacy@comigo.ai. Please note that to protect your personal information and the integrity of our Services, we may need to collect additional information to verify your identity (and, if applicable, the authority of your agent) before processing your request. If you are not satisfied with any decision we make with respect to your request, you can let us know the reasons for your concern, and we will review your appeal. If we are the processor of your personal information, please contact the organization through which you have access to our Services in order to exercise rights you may have with respect to your information.
6.5. Supervisory Authorities. We welcome and appreciate the chance to address any concerns you may have about the Policy and our collection and use of your personal information. To the extent you feel like we have not addressed your concerns, and depending on your jurisdiction, you may have the right to make a complaint at any time to your data protection supervisory authority. For end users in the EEA, you can find contact information for each country’s supervisory authority here. For end users in the UK, you can find contact information for the Information Commissioner’s Office (ICO) on the ICO’s website here.
7. RETENTION OF INFORMATION. Subject to your right to request deletion of your personal information in accordance with Section 6, we will retain your personal information as long as needed for your use of the Services, your approved receipt of marketing communications from us, our compliance with legal obligations, and to protect our or others’ interests. Subject to the limitations set forth in Section 6, if you terminate your account with us, we will delete all personal information associated with your account within 30 days of the date the account is terminated.
8. HOW WE RESPOND TO DO NOT TRACK SIGNALS. We do not track you or collect your personal information across third party websites or online services. Thus, we do not receive Do-Not-Track signals, or other similar signals. To the extent that we do receive any such signals, we will not comply with them as it is not an aspect of the functionality of the Services.
9. AGE OF USERS. Children under the age of 13 are not permitted to use, access or register for the Services in any way. We do not knowingly collect or solicit information from anyone under the age of 13. If we learn that we have collected personal information from a child under the age of 13, we will delete that information as quickly as possible.
10. CHANGES TO POLICY. We’re constantly trying to improve the Services, so we may need to change this Policy from time to time as well. When significant changes are made, users will be logged out of the Services so that the updated practices and policies outlined in this Policy are acknowledged and accepted. The date of the last modification will be posted at the beginning of this Policy. By continuing to access or use the Services, you are indicating that you agree to be bound by the modified Policy.
11. CONTACT US. If you have any questions or concerns regarding this Policy, please send us a detailed message to privacy@comigo.ai, and we will try to resolve your concerns. In addition, you may contact Comigo for all other inquiries at hello@comigo.ai.
Cookie Policy
This Cookie Policy provides information about cookies, how we and third parties use them on the Services, and how you can manage our use of cookies with respect to your experience on the Services.
What is a Cookie?
A cookie is a small text file that can be stored on and accessed from your device when you visit and use our Services. Cookies enable us to “personalize” the Services for users by remembering information about our users. The Services use cookies to administer the Services, store your preferences, display content to personalize your visit, analyze trends on the Services, and track your movements around the Services.
How to Manage Cookies
Cookies are managed through web browsers, so please review your web browser settings to modify your cookie settings, to disable the use of cookies, or to delete cookies. The National Advertising Initiative provides a helpful overview for disabling cookies. Please note that if you delete, or choose not to accept, cookies from the Services, you may not be able to utilize the features of the Services to their fullest potential.
Types of Cookies
Cookies can be categorized in different ways:
● First-Party vs. Third-Party Cookies: If we use first-party cookies, we put them on your device. Third party cookies are placed on your device by a third party. We do not use any first-party cookies, but you can learn more about the third-party cookies used on the Services below.
● Duration:
o Session Cookies: Temporary cookies that expire once your session on the Services ends or your web browser is closed.
o Persistent Cookies: Cookies that remain on your device for a longer period until you manually erase them or until their expiration date.
● Purpose:
o Necessary Cookies – These cookies are necessary for us to operate the Services and their core features (e.g., account login).
o Functionality Cookies – These cookies enable us to operate the Services in accordance with the choices you make. These cookies permit us to “remember” you in between visits. For instance, we will recognize your username and remember how you customized the Services (e.g., language preference, location), and these cookies allow us to provide you with the same customizations during future visits.
o Analytical – These cookies analyze how the Services are used (e.g., browsing habits) and how the Services are performing. These cookies include, for example, Google Analytics cookies.
o Marketing – These cookies track your online activity to help advertisers deliver more personalized content and targeted ads. These cookies can share that information with other organizations or advertisers.
First-Party Cookies That We Use
We do not use any first-party cookies.
Third-Party Cookies That We Use
● Google Analytics and Mixpanel – We use Google Analytics and Mixpanel to analyze our web traffic and improve user experience. Google Analytics and Mixpanel use cookies and web beacons (as defined below) to generate statistical information about how our Services are being used. For more information on Google Analytics cookies, please see here.
● Social media marketing – Certain social media platforms (like Facebook, TikTok, Instagram, and Pinterest) use marketing cookies and web beacons (as defined below) to collect information about user activity on the public portions of our website (but not on the Platform). The social media platforms use this information to improve their platforms and provide targeted advertisements to you, including advertisements about Comigo.
Web Beacons.
A web beacon (including tracking pixels) is an unobtrusive feature on web pages or emails that enables us to check whether a user has accessed some content. We may use web beacons to better understand how you and other users interact with the Service.
