What is Personal Information?
Information We Collect
Information You Give Us: Soma Labs receives and stores any Personal Information you post on or provide through the Sites or through any other means, including, without limitation, information you provide to Soma Labs when you register for an Account, sign up for the Newsletter, purchase Soma Labs products, content or services, use Soma Labs apps, or request information from Soma Labs regarding any of the above. You can choose not to provide such Personal Information, in which case you will not be able to access or use portions of the Sites or some of their features. Soma Labs may, but is not obligated to, retain the content of any electronic messages (“emails”) you send or Personal Information you provide by any other means.
Data Retention: Soma Labs will retain the information, including Personal Information, you provide to us for as long as you use the Sites or any Soma Labs services and for a reasonable time thereafter. We will retain automatically collected information for up to twenty-four (24) months and thereafter may store it in aggregate. If you’d like us to delete the information you have provided to us, please contact us at email@example.com and we will respond in a reasonable time. Please note that some or all of this information may be required in order for you to make use of the products and services available via the Sites as well as your subscriptions. If you remove this information, you may no longer be able to use these features.
Automated Collection: Soma Labs automatically receives and stores certain types of information when you visit the Sites, such as the name of the domain and host from which you access the Internet; the IP address of the computer you are using and the browser and operating system you are using; the date and time you access the Sites; the Internet address of the website from which you linked to the Sites; any search terms you used to find the Sites; the device identifiers and mobile and network information, and your actions on the Sites. This information will be treated as Personal Information if we combine or link it to any of the identifying information above. Otherwise, this information constitutes aggregate information.
Our web servers may also collect “log data.” Log data provides aggregate information about the number of visits to different pages on the Sites. We use log data for troubleshooting purposes and to track which pages people visit in order to improve the Sites. We do not link log data collected to Personal Information. Third-party vendors may also collect aggregate log data independently from us.
Use of Personal Information
Soma Labs stores your Personal Information for only as long as you maintain your Account or a paid subscription with Soma Labs ("Subscription"), receive our Newsletter, participate in any of the social features of the Sites, enter any Soma Labs promotions through the Sites, or receive Soma Labs products, content or services purchased via the Sites, and may use the Personal Information provided or obtained through the Sites:
Data Transfer: Soma Labs generally stores your Personal Information in the U.S. However, we transfer your Personal Information from the U.S. to other countries or regions in connection with storage and processing of data, fulfilling your requests, and operating our business. By providing any Personal Information to Soma Labs, you consent to such transfer, storage, and processing.
Regarding Amazon, “Alexa” means their Alexa Voice Service which includes third party services (like our skills) and other related Software.
When you use our skills you have to talk to Alexa. This voice input is sent to Amazon and us where we use it to understand what our skill should do for you. This is absolutely necessary for our service to give you an appropriate answer.
Data in Alexa
We never collect or share personal data with our skills.
To improve our services we analyze automatically how often utterances are spoken and other analytics. This is done automatically by Amazon in the Amazon Developer Portal.
Disclosure of Personal Information to Third Parties
The Sites are not directed at children, and Soma Labs does not knowingly collect Personal Information directly from users under the age of 13 or from other websites or services directed at children. Consistent with the Federal Children’s Online Privacy Protection Act of 1998 (COPPA), Soma Labs will not knowingly request or collect Personal Information from any child under age 13 without obtaining the required parental consent. Children can browse the Sites without any Personal Information being collected.
The parent or legal guardian who has consented to a child providing Personal Information to one or more of the Sites may later view the child’s Personal Information and correct or remove the information, in whole or in part; instruct Soma Labs to discontinue all use of the child’s Personal Information and/or not to communicate further with the child; or revoke or modify the consent, by contacting Soma Labs at firstname.lastname@example.org and including the child’s name and email address and the parent or guardian’s name and email address. Please visit http://www.ftc.gov/privacy/privacyinitiatives/childrens.html for information from the Federal Trade Commission about protecting children’s privacy online.
Corrections and Updates
If you want to view your Personal Information, or delete or modify incorrect parts thereof, you may do so by sending an email to email@example.com. Please note that we may be required to keep this information and not delete it (or to keep this information for a certain time, in which case we will comply with Your deletion request only after we have fulfilled such requirements). When we delete any information, it will be deleted from the active database, but may remain in our archives.
You may also choose to opt-out of receiving future Newsletters or any other email communications from Soma Labs by following the unsubscribe instructions included in email communications, or by contacting Soma Labs via email as provided above.
Soma Labs reserves the right to verify the identity of any person making a request to opt-out or to delete or modify Personal Information; provided, however, that we will have no liability of any kind resulting from false or erroneous requests or any change or deletion made by Soma Labs for any reason.Soma Labs stores Personal Information for only as long as reasonably necessary to fulfill the purposes described above, as Soma Labs determines is necessary for business records, and as required under applicable law.
Third Party Websites
If you choose to connect your account on our Services to your account on another service, we may receive information from the other service. For example, if you connect to Facebook or Google, we may receive information like your name, profile picture, age range, language, email address, and friend list. You may also choose to grant us access to your exercise or activity data from another service. You can stop sharing the information from the other service with us by removing our access to that other service.
What Steps Do We Take To Protect Your Information Online?
We take reasonable measures to protect your Personal Information in an effort to prevent loss, misuse, and unauthorized access, disclosure, alteration, and destruction. All Soma Labs employees with access to the Personal Information you provide to us through the Sites or through any other means are bound by a confidentiality agreement prohibiting the unauthorized disclosure and/or use of your Personal Information.
Please be aware, however, that despite our efforts, no security measures are perfect or impenetrable and no method of data transmission can be guaranteed against any interception or other type of misuse. To mitigate this risk, you should (a) use secure usernames and passwords and carefully protect them from disclosure and (b) implement updated internet security and virus protection on your computer. If you suspect that your computer’s security or your information has been compromised or your password accessed or used by an unauthorized third party, please contact us immediately to have your password changed.
If we become aware of a security systems breach, we may attempt to notify you electronically so that you can take appropriate protective steps. We may post a notice through the Sites if a security breach occurs. We may also send an email to you at the email address you have provided to use in these circumstances. Depending on where you live, you may have a legal right to receive notice of a security breach in writing.
Users should also be aware of how they handle and disclose their Personal Information and should avoid sending Personal Information through insecure email. Please refer to the Federal Trade Commission’s website at http://www.business.ftc.gov/privacy-and-security/consumer-privacy for information about how to protect yourself against identity theft.
Commercial Electronic Message Consent
By providing your email address to Soma Labs through the Sites, you affirmatively and expressly consent to receiving commercial emails from Soma Labs. These parties may send you commercial emails in order to deliver the Newsletter, to provide you with more information about available products you have purchased, and to provide you with updates, special offers, and other information, including but not limited to Site updates. You may unsubscribe from these commercial emails at any time by clicking on the “unsubscribe” link included in any email or by contacting Soma Labs via email at firstname.lastname@example.org or at the mailing address provided below. Opting out of promotional communications does not affect our communications with you via telephone or email related to any business we may have with you as an owner or other transactional emails.
Your California Privacy Rights
Effective January 1, 2005, under California Civil Code Section 1798.83, if an individual who is a California resident has provided Personal Information to a business in connection with a business relationship that is primarily for personal, family, or household purposes, and if that business has within the immediately preceding calendar year disclosed such an individual’s Personal Information to a third party and knows or should have known that such third party used the information for its own direct marketing purposes, then that business is obligated to disclose in writing to such individual upon request, what Personal Information was shared and with whom it was shared.
Any request for a disclosure required under this California law should be sent to us via email at email@example.com or via regular mail at the address set forth below.
Please note that under this law, we are not required to respond to a customer’s request more than once in a calendar year, nor are we required to respond to any request that is not sent to the email or mailing address designated above.
Terms Applicable to Data from EU Member Countries
We are based in the United States. In most cases, the Personal Information we collect is stored and used in the United States. While we do not direct our services to residents of the EU, it is possible that EU residents may access and use the Sites.
If we collect Personal Information from EU residents in a manner subject to the General Data Protection Regulation then, in addition to the above, the following terms shall also apply to our collection, use and retention of that information:
Privacy Shield Principles: We support the EU-U.S. Privacy Shield Framework principles (Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability) regarding the collection, use and retention of Personal Information from EU Member Countries. Although we are not registered under the Privacy Shield, we make every effort to comply with these principles when handling Personal Information from residents of the EU Member Countries. However, our compliance with these principles may be limited (a) to the extent necessary to meet applicable national security, public interest, or law enforcement requirements; or (b) by statute, governmental regulation, or case law. If there is a conflict between the policies set forth below and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List at https://www.privacyshield.gov/list.
Basis for Collection: As set out above, we collect and process Personal Information for which you have given your express consent at the time of collection. For example, we collect Personal Information when you elect to participate in one of our promotions. We also collect and process Personal Information in order to improve our services, to deliver services and perform obligations under contracts we have with you, and to comply with our own legal obligations.
Sensitive Data: We do not collect sensitive data, for example, biometric data, health data, or data revealing racial or ethnic origin, from visitors to the Sites.
Authorized Transfer: We also may disclose Personal Information for other purposes or to other third parties when you have consented to or requested such disclosure. Please be aware that we will disclose Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We are not liable for appropriate onward transfers of Personal Information to third parties.
Data Processors: We may retain third parties to process or analyze Personal Information we collect from the Websites. For example, a Site may be maintained or hosted by a third party service provider, a promotion may be administered by a sales promotion agency, and/or products may be fulfilled by a wholesaler. These suppliers and other third parties who provide services for us are contractually obligated not to use Personal Information about you except as we authorize.
Profiling: We may analyze Personal Information we have collected about you to create a profile of your interests and preferences so that we can contact you with information that is relevant to you. We may make use of additional information about you when it is available from external sources to help us do this effectively. We may also use Personal Information about you to detect and reduce fraud and credit risk.
Your Rights: Your rights include: (a) a right to withdraw your consent to the processing of Personal Information about you to which you have previously given consent; (b) a right to object to processing of Personal Information about you for the purpose of direct marketing; and (c) a right to have any incorrect part of the Personal Information about you corrected or removed.
If you request to have incorrect Personal Information removed, we may retain some of your Personal Information as necessary for the purposes of our legitimate business interests or in furtherance of public interests in accordance with the Privacy Shield Principles. Any Personal Information you have shared publicly with others may continue to be publicly visible on the Sites.
You also have the right to obtain a copy of the Personal Information we have about you, although we reserve the right to charge a reasonable fee for this depending on the nature and frequency of your request(s) and our cost to provide the information.
Enforcement and Disputes: We commit to resolve complaints about your privacy and our collection or use of your Personal Information. If you do not receive timely acknowledgement of your request or have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
In addition to the above, you may complain to your home data protection authority and can invoke binding arbitration for some residual claims not resolved by other redress mechanisms. Contact details for the EU data protection authorities can be found at http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.
Last updated and effective as of: June 7, 2019