Privacy Policy

1. Information We Collect

1.1 Information You Provide Directly

1.2 Information Collected Automatically

1.3 Information We Do NOT Collect

• Social Security numbers or government IDs
• Biometric data
• Precise geolocation data
• Health or medical information
• Racial or ethnic origin
• Political opinions or religious beliefs
• Information about children under 18

2. How We Use Your Information

2.1 Primary Uses

• Service Delivery: Curating and delivering personalized newsletters based on your preferences
• Account Management: Creating and maintaining your account, processing subscriptions
• Communication: Sending newsletters, service updates, and important notifications
• Payment Processing: Processing subscription payments through our payment processor

2.2 Secondary Uses

• Service Improvement: Analyzing aggregate usage patterns to improve content curation
• Security: Detecting and preventing fraud, abuse, and security threats
• Legal Compliance: Complying with applicable laws and regulations
• Support: Responding to your inquiries and providing customer support

2.3 AI and Machine Learning

We use artificial intelligence to curate content for your newsletters. Your preferences and interaction data may be used to train and improve our AI models. This data is processed in aggregate and anonymized form where possible. You can opt out of having your data used for AI improvement by contacting us at privacy@remembr.xyz.

3. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), we process your personal data based on the following legal grounds:

• Contract Performance: Processing necessary to provide you with the Service you requested
• Legitimate Interests: Improving our services, preventing fraud, ensuring security
• Consent: Where you have given explicit consent (e.g., marketing communications)
• Legal Obligation: Where processing is required by law

4. Information Sharing and Disclosure

4.1 We Do NOT Sell Your Data

We do not sell, rent, or trade your personal information to third parties for their marketing purposes. We have never sold user data and never will.

4.2 Service Providers

We share data with trusted third-party service providers who assist in operating our Service:

All service providers are contractually bound to maintain confidentiality and use your data only for the purposes specified.

4.3 Legal Requirements

We may disclose your information if required to do so by law or in response to:

• Valid legal process (subpoenas, court orders, warrants)
• Requests from government authorities
• Protection of our rights, property, or safety
• Prevention of fraud or security threats

We will notify you of such requests where legally permitted and will challenge overly broad requests when appropriate.

4.4 Business Transfers

In the event of a merger, acquisition, bankruptcy, or sale of assets, your personal information may be transferred to the acquiring entity. We will provide notice before your information becomes subject to a different privacy policy.

5. Data Security

5.1 Security Measures

We implement robust security measures to protect your data:

• Encryption in Transit: All data transmitted between you and our servers is encrypted using TLS 1.3
• Encryption at Rest: Stored data is encrypted using AES-256 encryption
• Access Controls: Strict access controls and authentication for all systems
• Regular Audits: Periodic security assessments and vulnerability testing
• Employee Training: All team members receive security and privacy training
• Incident Response: Documented procedures for responding to security incidents

5.2 Data Breach Notification

In the event of a data breach that affects your personal information, we will notify you within 72 hours of becoming aware of the breach, as required by applicable law. We will also notify relevant regulatory authorities as required.

5.3 Your Responsibility

You are responsible for maintaining the security of your account credentials. Please use a strong, unique password and do not share your login information with others.

6. Your Privacy Rights

6.1 Rights for All Users

Regardless of your location, you have the right to:

• Access: Request a copy of your personal data
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your account and associated data
• Portability: Export your data in a machine-readable format
• Opt-out: Unsubscribe from marketing communications at any time

6.2 Additional Rights for EEA Residents (GDPR)

If you are in the European Economic Area, you also have the right to:

• Object: Object to processing based on legitimate interests
• Restrict: Request restriction of processing in certain circumstances
• Withdraw Consent: Withdraw consent at any time (where processing is based on consent)
• Lodge Complaint: File a complaint with your local data protection authority

6.3 California Residents (CCPA/CPRA)

California residents have additional rights under the CCPA and CPRA:

• Right to Know: What personal information we collect, use, and disclose
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: Opt out of the "sale" or "sharing" of personal information (we do not sell data)
• Right to Non-Discrimination: We will not discriminate against you for exercising your rights
• Right to Correct: Request correction of inaccurate personal information
• Right to Limit Use: Limit use of sensitive personal information

To exercise these rights, contact us at privacy@remembr.xyz or use the controls in your account settings.

6.4 How to Exercise Your Rights

You can exercise your privacy rights by:

• Using the privacy controls in your account dashboard
• Emailing us at privacy@remembr.xyz
• Using the unsubscribe link in any newsletter

We will respond to verified requests within 30 days (or 45 days for complex requests). We may need to verify your identity before processing your request.

7. Cookies and Tracking Technologies

7.1 Types of Cookies We Use

7.2 What We Do NOT Use

• Third-party advertising cookies
• Social media tracking pixels
• Cross-site tracking
• Fingerprinting technologies

7.3 Email Tracking

Our newsletters may include tracking pixels to measure open rates and click-through rates. This helps us understand which content is most valuable to you. You can disable image loading in your email client to opt out of open tracking.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States. These countries may have different data protection laws.

For transfers from the EEA to countries not deemed adequate by the European Commission, we use Standard Contractual Clauses approved by the European Commission or other legally approved mechanisms.

9. Data Retention

We retain your personal data only as long as necessary for the purposes described in this policy:

• Active Account: Data retained while your account is active
• After Cancellation: Account data deleted within 30 days of cancellation
• Legal Requirements: Some data may be retained longer if required by law (e.g., financial records for 7 years)
• Anonymized Data: Aggregated, anonymized data may be retained indefinitely for analytics

10. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child, we will take steps to delete that information promptly. If you believe a child has provided us with personal information, please contact us at privacy@remembr.xyz.

11. Third-Party Links

Our newsletters may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to read the privacy policies of any website you visit.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

• Posting the updated policy on our website
• Updating the "Last Updated" date at the top
• Sending you an email notification for significant changes

Your continued use of the Service after changes become effective constitutes your acceptance of the revised policy.

13. Do Not Track Signals

We honor Do Not Track ("DNT") signals sent by your browser. When DNT is enabled, we limit tracking to essential functionality only.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

• Privacy Inquiries: privacy@remembr.xyz
• Data Protection Officer: dpo@remembr.xyz
• General Support: support@remembr.xyz
• Website: pulse.remembr.xyz

We will respond to your inquiry within 30 days.

15. Regulatory Information

15.1 EEA Representative

If you are located in the EEA and have questions about our data processing, you may contact our EU representative at eu-representative@remembr.xyz.

15.2 Supervisory Authority

If you are located in the EEA, you have the right to lodge a complaint with your local supervisory authority if you believe your data protection rights have been violated.