Privacy Policy

Latest Update: March 26, 2020

Your privacy is very important to us—that's why our privacy policies already adhered to the high standard of the new European data protection law known as GDPR, and why we're ensuring we maintain those rights and extend them to all our users, inside and outside the EU.

What Third Party services do you use?

We use a number of third parties to store user data in order to provide/improve our services:

We use Google Analytics and Firebase to track usage patterns in order to improve user experience and product features.
We use Sentry to track errors that occur within our products. This also includes certain data that correlates with the error, but does not include sensitive customer information (passwords, tokens etc).
We send marketing newsletters or updates using Mailchimp. These emails are only sent to customers who signed up specifically to receive the newsletter.
We send transactional and administrative emails through Mandrill.
All payments are processed by Apple and Google. We don’t currently store any payment information or customer data from these transactions.
We temporarily store working documents on Zendesk or Google Drive if we are testing them in order to test bugs or respond to support requests.

Please read below to see how MindFi handles information. Before you get to the details, here are a few of our fundamental privacy principles:

Information you upload or post to MindFi may be seen by others depending on your privacy settings.
We aggregate and de-identify certain information about our users to use for business purposes.
We give you several ways to control the privacy of your personal information and are continuously working to enhance privacy options available to you.

MindFi respects your privacy and shares your concern about the security of information you may submit to MindFi’s websites and the related mobile applications and services (collectively, the “Services”). Our privacy policy (the “Privacy Policy”) explains the information we collect, how we use and share it, how to manage your privacy settings and your rights in connection with the Services. Please also read the Terms of Service which sets out the terms governing the Services.

MindFi is headquartered in Singapore and our Services are provided to you by Jaedye Labs Pte. Ltd. If you are a resident of the European Union (“EU”), Jaedye Labs Pte. Ltd. is the controller of your personal data for the purposes of EU data protection law.

This policy was written in English. To the extent a translated version conflicts with the English version, the English version controls. Unless indicated otherwise, this Privacy Policy does not apply to third party products or services or the practices of companies that we do not own or control, including other companies you might interact with on or through the Services.

Questions or comments about this Privacy Policy may be submitted to help@mindfi.co

We Collect, Use, Share and Otherwise Process Information

MindFi relies on a number of legal bases to collect, use, share, and otherwise process the information we have about you for the purposes described in this Privacy Policy, including:

as necessary to provide the Services and fulfill our obligations pursuant to the Terms of Service.
where you have consented to the processing, which you can revoke at any time. For example, you may consent to the processing of health-related information;
where necessary to comply with a legal obligation, a court order, or to exercise and defend legal claims;
to protect your vital interests, or those of others, such as in the case of emergencies;
where you have made the information public;
where necessary in the public interest; and
where necessary for the purposes of MindFi’s or a third party’s legitimate interests, such as those of visitors, users or partners.

Our Legitimate Interests

We process your information in furtherance of our legitimate interests, including:

providing and improving the Services, including any personalized Services. We do so as it is necessary to pursue our legitimate interests of providing and developing innovative and tailored offerings to our users on a sustained basis; and
keeping the Services safe and secure. We do so as it is necessary to pursue the legitimate interests of MindFi and its users in ensuring the Services are secure, and to protect against fraud, spam and abuse, etc.

Information MindFi Collects

MindFi collects information about you, including information that directly or indirectly identifies you, if you or your other users choose to share it with MindFi. We receive information in a few different ways, including when you track, complete or upload activities using the Services. MindFi also collects information about how you use the Services. There are also several opportunities for you to share information about yourself and your activities with MindFi. For example:

We collect basic account information such as your name, email address, date of birth, gender, username and password that helps secure and provide you with access to our Services.
Profile and user information is collected about you when you choose to upload a picture, activity (including date, time, geo-location information) or post, view others’ activities, or otherwise use the Services.
MindFi may collect or infer health information which may include information such as heart rate or other biometric information, such as sleep, height and weight or other indicators. Before you can upload health information to MindFi or information from which MindFi can infer health information, you must give your explicit consent to the processing of that health information by MindFi. You can withdraw your consent to MindFi processing your health information at any time.
We gather information from the photos, posts, comments and other content you share on the Services, including when you participate in partner events.
When you make a payment on MindFi, you may provide payment information such as your payment card or other payment details. We use Payment Card Industry compliant third-party payment services and we do not store your credit card information.
We may collect and process location information when you sign up for and use the Services. To record your session and to provide you with your usage statistics and inclusion in the Service’s features, it is necessary to collect and record the physical location of your device including, data such as speed and direction. Processing of your location data is essential to the Services which we provide and a necessary part of our performance of the agreement we have with you.
MindFi allows you to sign up and log in to the Services using accounts you create with third-party products and services, such as Facebook (collectively, “Third-Party Accounts”). If you access the Services with Third-Party Accounts we will collect information that you have agreed to make available such as your name, email address, profile information and preferences with the applicable Third-Party Account. This information is collected by the Third-Party Account provider and is provided to MindFi under their privacy policies. You can generally control the information that we receive from these sources using the privacy settings in your Third-Party Account.
To help us to provide you with the best possible service, you can choose to provide us with your contact information so we can better respond to your support requests and comments.
We also obtain additional third party information about users from marketers, partners, researchers, and others. We may combine information that we collect from you with information obtained from other users, third parties and information derived from any other subscription, product, or service we provide. We may also collect information about you from other users such as when they comment about you.
We collect information from your browser, computer, or mobile device, which provide us with technical information when you access or use the Services. This technical information includes device and network information, cookies, log files and analytics information.

Cookies and Similar Technologies

When you visit the Services, a cookie will be stored on your computer. Generally, cookies and similar technologies work by assigning to your browser or device a unique number that has no meaning outside of MindFi. MindFi uses these technologies to personalize your experience and to assist in delivering content specific to your interests. Additionally, after you’ve entered your user ID and password during a session on the Services, MindFi saves that information so you don’t have to re-enter it repeatedly during that session.

Most browsers automatically accept cookies. To manage the collection of information through cookies or other equivalent technology you can use the settings on your browser or mobile device. MindFi is committed to providing you choices to manage your privacy and sharing. However, MindFi does not recognize or respond to browser-initiated Do Not Track signals, as the internet industry has not fully developed Do Not Track standards, implementations and solutions. To learn more about Do Not Track signals, you can visit https://allaboutdnt.com. Not accepting cookies may make certain features of the Services unavailable to you. MindFi may also use your IP address to identify you, to administer the Services and to assist in diagnosing problems with MindFi’s servers.

Log Files

The Services use log files. Stored information includes IP addresses, browser type, internet service provider (ISP), referring/exit pages, platform type, date/time stamp, and number of clicks. This information is used to analyze trends, administer, protect and secure the Services, track user movement in the aggregate, and gather broad demographic information for aggregate use.

How MindFi Uses Information

MindFi uses the information we collect and receive to administer and operate the Services and to customize them for you. For example, we use your heart rate, sleep or "Mindful Minutes" information to provide you with interesting and useful performance analysis. Subject to your privacy settings, your information, including your profile, username, photos, users you follow and who follow you, your activities and comments you give and receive will be shared on MindFi so that you may be able to participate in the Services, for example to show your place on a leaderboard. Certain information (e.g., your name and some profile information) may also be available to non-members on the web.

We use the information we collect about you, your friends and your activities to customize your experience. We also use the information we collect to process payments, provide support related to the Services, protect members and enforce our Terms of Service, promote safety, and to communicate with you (including to send marketing communications) where you have agreed to receive such messages and notifications.

We also use the information we collect to analyze, develop and improve the Services. To do this, MindFi may use third party analytics providers to gain insights into how our Services are used and to help us improve the Services.

We may also use the information we collect to market and promote the Services, activities on MindFi, and other commercial products or services. This includes customizing your MindFi experience. For example, if we know that you like to meditate, we may tell you about new meditation activities or show you sponsored content related to meditation. If we see that you meditate in a certain area, we may suggest an event in that area. We may also mention that you have used our partners' products or services as part of your activities.

MindFi may aggregate the information you and others make available in connection with the Services and post it publicly or share it with third parties. To do this, we remove certain account information, such as your name, and combine the resulting information with similar information from other MindFi users. Examples of the type of information we may aggregate in this way include information about usage, demographics, meditation sessions and performance. MindFi will not share information with third parties, except for research-related parties, and will only use this information for the purpose of improving your MindFi usage experience, such as to improve mindfulness, meditation, work, productivity. For information sharing with research-related parties, we will seek your explicit permission and also ensure that the researcher has secured approval from an independent ethics review board and will provide proof of such approval upon request. Please contact us at help@mindfi.co via email or within the app's "Contact Us" feature if you object to MindFi using your information for these purposes. Because the data we aggregate comes from activities, information, and content you shared on the Services and which is identified with your MindFi user name among other information, someone looking at this information you've shared could draw a potential connection.

How Information is Shared

Service Providers

We may share your information with third parties who provide services to MindFi such as supporting and improving the Services, promoting the Services, processing payments, or fulfilling orders. These service providers will only have access to the information necessary to perform these limited functions on our behalf and are required to protect and secure your information. We may also engage service providers to collect information about your use of the Services over time on our behalf so that we or they may promote MindFi or display information that may be relevant to your interests on the Services or other websites or services.

Sharing Information and Activities

We may share your information with other MindFi users and the public in accordance with your privacy controls. For example, all or a portion of your name and other profile information is viewable by other MindFi users and the public and additional information you provide may also be viewable. If you link your MindFi account to other social networks and share your activities, they will be viewable on such third-party platforms, including your location information. You should use caution when sharing information via third parties and you should carefully review the privacy practices of such third parties.

Third Party Business via API or Other Integrations

When you choose to use third party apps, plug-ins, or websites that integrate with the Services, they may receive your information and content, including your personal information, photos, and your activity data (including private activities). Information collected by these third parties is subject to their terms and policies. MindFi is not responsible for the terms or policies of third parties.

Affiliates and Acquirors of our Business or Assets

We may share your information with affiliates under common control with us, who are required to comply with the terms of this Privacy Policy with regard to your information. If MindFi becomes involved in a business combination, securities offering, bankruptcy, reorganization, dissolution or other similar transaction, we may share or transfer your information in connection with such a transaction.

Legal Requirements

We may preserve and share your information with third parties, including law enforcement, public or governmental agencies, or private litigants, within or outside your country of residence, if we determine that such disclosure is reasonably necessary to comply with the law, including to respond to court orders, warrants, subpoenas, or other legal or regulatory process. We may also retain, preserve or disclose your information if we determine that disclosure is reasonably necessary or appropriate to prevent any person from death or serious bodily injury, to address issues of national security or other issues of public importance, to prevent or detect violations of our Terms of Service or fraud or abuse of MindFi or its users, or to protect our operations or our property or other legal rights, including by disclosure to our legal counsel and other consultants and third parties in connection with actual or potential litigation.

DMCA Notices

We may share your information with third parties when we forward Digital Millennium Copyright Act(DMCA) notifications, which will be forwarded as submitted to us without any deletions.

How We Protect Information

We are committed to protecting your privacy and data.

Data storage and transfer: Your information collected through the Services is stored and processed on our secure servers with Amazon Web Services (AWS) in Singapore or any other country in which MindFi or its affiliates or service providers maintain facilities. We encrypt sensitive information (e.g. your login credentials, PII) during transmission and storage. The Services use industry standard Secure Sockets Layer (SSL) technology to allow for the encryption of personal information and other sensitive information. In addition, MindFi's secure servers protect this information using advanced firewall technology. Any payment transactions will be encrypted using SSL technology; all payment data is stored with our payment processor and is never stored on MindFi's servers.

Keeping your information safe: We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected personal data breach and will notify you, other involved parties, and any applicable regulator(s) of a breach where we are legally required to do so. However, no security system is impenetrable, and we cannot 100% guarantee the security of our systems.

To help ensure that these measures are effective in preventing unauthorized access to your private information, you should be aware of the security features available to you through your browser. You should use a security-enabled browser to submit your credit card information and other personal information at the Services. Please note that if you do not use an SSL-capable browser, you are at risk of having data intercepted.

Managing Your Settings

Adjust Notification and Email Preferences

MindFi offers various ways to manage the notifications you receive. You may also unsubscribe by following the instructions contained at the bottom of each type of email. Any administrative or service-related emails (to confirm a purchase, or an update to this Privacy Policy or the Terms of Service, etc.) generally do not offer an option to unsubscribe as they are necessary to provide the Services you requested.

Updating Account Information

You may correct, amend or update profile or account information that is inaccurate at any time by adjusting that information in your account settings. If you need further assistance, please contact MindFi at help@mindfi.co . MindFi will generally respond to your request within 7-10 business days.

Deleting Information and Accounts

You can delete your account anytime inside the Services by visiting Settings. Once deleted, your data, including your account, activities and place on leaderboards cannot be reinstated.

Note that content you have shared with others or that others have copied may also remain visible after you have deleted your account or deleted the information from your own profile.

EU Users’ Rights

If you are habitually located in the European Union, you have the right to access, rectify, download or erase your information, as well as the right to restrict and object to certain processing of your information. While some of these rights apply generally, certain rights apply only in certain limited circumstances. We describe these rights below:

Access and Porting
You can access much of your information by logging into your account. If you want a copy of your data or require additional access, contact us at help@mindfi.co .
Rectify, Restrict, Limit, Delete
You can also rectify, restrict, limit or delete much of your information by logging into your account and by accessing Settings in the mobile applications. If you are unable to do this, please contact us at help@mindfi.co . MindFi will generally respond to your request within 10-14 business days.
Object
Where we process your information based on our legitimate interests explained above, or in the public interest, you can object to this processing in certain circumstances. In such cases, we will cease processing your information unless we have compelling legitimate grounds to continue processing or where it is needed for legal reasons.
Revoke consent
Where you have previously provided your consent, such as to permit us to process health-related data about you, you have the right to withdraw your consent to the processing of your information at any time. In certain cases, we may continue to process your information after you have withdrawn consent if we have a legal basis to do so or if your withdrawal of consent was limited to certain processing activities.
Complain
Should you wish to raise a concern about our use of your information (and without prejudice to any other rights you may have), you have the right to do so with your local supervisory authority.

Transfers

The Services are operated from the Republic of Singapore. If you are located outside of the Republic of Singapore and choose to use the Services or provide information to us, you acknowledge and understand that your information will be transferred, processed and stored in the Republic of Singapore, as it is necessary to provide the Services and perform the Terms of Service. Singapore privacy laws may not be as protective as those in your jurisdiction.

Retention of Information

We retain information as long as it is necessary to provide the Services to you and others, subject to any legal obligations to further retain such information. Information associated with your account will generally be kept until it is no longer necessary to provide the Services or until you ask us to delete it or your account is deleted whichever comes first. For example, when you withdraw your consent to MindFi processing your health-related information, MindFi will delete all health-related information you uploaded. Following the deletion of your account, it may take up to 30 days to fully delete your personal information and system logs from our systems. Additionally, we may retain information from deleted accounts to comply with the law, prevent fraud, collect fees, resolve disputes, troubleshoot problems, assist with investigations, enforce the Terms of Service and take other actions permitted by law. The information we retain will be handled in accordance with this Privacy Policy.

Information about you that is no longer necessary and relevant to provide our Services may be de-identified and aggregated with other non-personal data to provide insights that are commercially valuable to MindFi, such as statistics of the use of the Services. For example, we may retain mindful minutes, session data such as time used and duration, to continue to improve the Services. This information will be de-associated with your name and other identifiers.

Health Information

We do not use information collected through the Services to infer health information that we consider sensitive, such as a user's past, present or potential future health or medical condition or treatment, including but not limited to genetic, genomic, and family medical history. We may, however, infer a user's potential interest in certain non-sensitive health and wellness categories, such as exercise and fitness activities, diet and weight loss, nutrition, healthy living, or physical and massage therapy. We may use this non-sensitive health and wellness information for the purpose of delivering more relevant content, services, offers to our users.

Children

We do not knowingly collect Personal Data from children under the age of 13 and do not target our Services to children under 13. If you are under 13, please do not submit any Personal Data through the Services. We encourage parents and legal guardians to monitor their children's Internet usage and to help enforce our Privacy Policy by instructing their children to never provide Personal Data through any of our Services without their permission. If you have reason to believe that a child under the age of 13 has provided Personal Data to us, please contact us, and we will endeavor to delete that information from our databases.

Other MindFi Sites

MindFi maintains certain websites that can be accessed outside of http://www.mindfi.co, such as http://www.getmindfi.com (the Other Sites"). The Other Sites maintain the look and feel of the Services, but are hosted by outside service providers with their own terms and privacy policies. If you interact with the Other Sites, your information may be stored, processed, or shared outside of the Services. If you interact with the Other Sites, you acknowledge that you may be subject to the terms and conditions and policies applicable to such Other Site. Please be aware that any personal information you submit to the Other Sites may be read, collected, or used by other users of these forums indefinitely, and could be used to send you unsolicited messages. MindFi is not responsible for the personal information you choose to submit via the Other Sites.

Privacy Policy Information

MindFi reserves the right to modify this Privacy Policy at any time. Please review it occasionally. If MindFi makes changes to this Privacy Policy, the updated Privacy Policy will be posted on the Services in a timely manner and, if we make material changes, we will provide a prominent notice. If you object to any of the changes to this Privacy Policy, you should stop using the Services and delete your account inside our mobile applications.