Privacy

PRIVACY POLICY

 

Effective as of June 10, 2021

 

BodBox, Inc. (together with our affiliates, “BODbx”, “we”, “our” or “us”) has adopted this “Privacy Policy” to describe how we collect, use and share your personal information in connection with our website (the “Site”), our mobile application and web application (collectively, the “App”), the BODbx device and any other BODbx products, services or digital platforms that link to this Privacy Policy (together with the “Site” and “App”, the “BODbx Service”), and in the context of certain offline activities described in this Privacy Policy.

 

We provide important information for California residents in Section 11.

 

1.   PERSONAL INFORMATION WE COLLECT

 

Personal information you provide to us. Personal information you may provide to us when you use the BODbx Service or otherwise includes:

 

  • Contact data, such as your name, email address, mailing address and phone
  • Profile data that you provide when you register for or update your account on the BODbx Service, such as your username and password, home city or town, age, profile image, gender, height, weight and/or limitations, and workout/activity
  • Image and Likeness that you choose to share through the BODbx Service, such as your visual image and likeness (e.g., the video captured by the BODbx device), along with the metadata associated with the files you
  • Financial data, such as your credit card number and/or other related information that may be required from you to complete your purchase.
  • Purchase data, such as order history and information about the transactions you have completed with us.
  • Other information that we may collect which is not specifically listed here, which we will use as described in this Privacy Policy or as otherwise disclosed at the time of collection.

 

Automatic Collection. We, our service providers and our third party partners may automatically log information about you, your computer or mobile device, and your activity over time on the BODBX Service and other online services, including:

 

  • Online activity data, such as the date and time of your access, visit or use of the BODbx Service, pages or screens you viewed, how long you spent on a page or screen, navigation paths between pages or screens, searches you conduct on our Site and information about your activity on a page or screen.

  • Device data, such as unique device identifier, media access control address, network information, hardware model, browser type, screen resolution, IP address as well as usage and traffic data and information about how the device interacts with the BODbx Service.

 

Cookies and Similar Technologies. The following cookies and similar technologies may be used to facilitate automatic data collection:

 

  • Cookies, which are text files that websites store on a visitor‘s device to uniquely identify the visitor’s browser or to store information or settings in the browser for the purpose of tracking user activity and patterns, helping you navigate between pages efficiently, remembering your preferences and generally improving your browsing
  • Web beacons, also known as pixel tags or clear GIFs, which are typically used demonstrate that a webpage or email was accessed or opened, or that certain content was viewed or clicked, typically to compile statistics about usage of websites and the success of marketing We may use web beacons to track your use of Site or to collect information about your interactions with our email messages, such as the links you click on and whether you open or forward a message, the date and time of these interactions and the device you use to read emails. Web beacons may be placed on the Site or BODbx Service by third parties such as a social media platform, or an analytics provider in order to support functionality described in this Privacy Policy. We also use web beacons to allow ad networks to provide anonymized and aggregated auditing, research and reporting for us and for advertisers.
  • Firebase Authentication. Firebase Authentication may place cookies on your device to enable a faster login process. They support authentication using an OTP verification process and the Firebase Authentication token to securely manage your data in the database. For more information about Firebase and their cookies usage, please visit firebase.com/terms/privacy-policy.html.

 

Third Party Platforms. When you choose to connect with a social media service or other third party platform when using the BODbx Service, we may collect information about you from that platform, including any information that you choose to import into the BODbx Service. You may also be able to access posting and sharing tools on the BODbx Service that allow you to post information to a social media or third party platform. By using these tools, you acknowledge that some account information may be transmitted from the applicable platform account to us; our treatment of that information is covered by this Privacy Policy. Additionally, when you use one of these tools, the social media or third party platform may be collecting information about your online activity through its own tracking technologies, subject to its own privacy policy. We encourage you to read the privacy and other policies of any third party platform you use in connection with the BODbx Service.

 

2.   HOW WE USE YOUR PERSONAL INFORMATION


We use your personal information for the following purposes and as otherwise described in this Privacy Policy or at the time of collection.

 

Service delivery. We may use your personal information to:

 

  • provide, deliver, and customize your use of the BODbx Service;
  • provide you with the BODbx Service and any products that you purchase from us;
  • to enhance or supplement the BODbx Service;
  • to communicate with you about the BODbx Service, including regarding the status of any orders of the BODbx Service and to respond to your inquiries, including for customer support;
  • understand your needs and interests, and personalize your experience with the BODbx Service and our communications; and
  • provide support and maintenance for the BODbx

 

We will use your video captured by the BODbx device and then extract the data from the video into an Excel-readable spreadsheet that is fully anonymized as necessary for the BODbx pose recognition technology to function. Once the video is converted into data, the video is then deleted and thus never stored in our database. We will use the extracted data as necessary to analyze your posture and form when doing the recommended exercises, to provide feedback and summary statistics and to customize your next workout.

 

Research and development. We may use your personal information for research and development purposes, including to analyze and improve the BODbx Service and our business. As part of these activities, we may create aggregated, de-identified or other anonymous data from personal information we collect. We make personal information into anonymous data by removing information that makes the data personally identifiable to you. We may use this anonymous data and share it with third parties for our lawful business purposes, including to analyze and improve the BODbx Service and promote our business.

 

Marketing and advertising. We and our third party advertising partners may collect and use your personal information for marketing and advertising purposes:

 

  • Direct We may send you BODbx-related or other direct marketing communications as permitted by law. You may opt-out of our marketing communications as described in the Opt-out of marketing communications section below.
  • Interest-based advertising. We may contract with third-party advertising companies and social media companies to display ads on the BODbx Service and other sites. These companies may use cookies and similar technologies to try to tailor the ads you see online to your interests based on your activity over time across the BODbx Service and other sites, or your interaction with our These ads are known as "interest-based advertisements." You can learn

more about your choices for limiting interest-based advertising, in the Advertising choices section below.

 

Compliance and protection. We may use your personal information to:

 

  • comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government
  • protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims);
  • enforce the terms and conditions that govern the BODbx Service; and
  • prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity

 

For other purposes. We may also use your personal information for other purposes described in this Privacy Policy or at the time we collect the information.

 

3.    WITH WHOM WE SHARE YOUR PERSONAL INFORMATION

 

We may share your personal information with the following parties and as otherwise described in this Privacy Policy or at the time of collection:

 

Affiliates. Our affiliates, for purposes consistent with this Privacy Policy.

 

Your trainers. Your trainers, when you choose to share access of your workout data with your trainers through the BODbx web application. For example, we will share with them your name, age, height, weight, summary data and scores from previous workouts and other information you provide through the BODbx Service.

 

Other BODBX users and the public. When you provide content to your public user profile or voluntarily disclose in any other manner that other users or the public can view, other BODbx users or the public may be able to access or view this information. In addition, content that you post publicly on, through or in connection with the BODbx Service, including on third party services such as a social media platform, may also be public. We do not control how other users or third parties use any personal information that you make available to them. Please be aware that any information you post publicly can be cached, copied, screen captured or stored elsewhere by others (e.g., search engines) before you have a chance to edit or remove it.

 

Service providers. Other companies and individuals that provide services or perform tasks on our behalf to help us operate the BODbx Service or our business, such as, for example, customer support, hosting, analytics, mobile application metrics, email delivery, marketing and database management services and payment processor. These third parties may use your personal information only as authorized under our contracts with them. We use Paypal for payment processing. For more information about Paypal, please visit https://www.paypal.com/us/webapps/mpp/ua/privacy-full?locale.x=en_US.


We use Firebase for data storage, transfer and processing. For more information about Firebase, please visit www.firebase.com/terms/privacy-policy.html.

 

Advertising Partners. Third party advertising companies and social media companies that may assist us and other parties with customer research, management of customer and prospective customer databases, promotional mailings or other targeted promotions. These partners may collect information about your activity on the Site and other online services to help us advertise our and other services, and/or use hashed customer lists that we share with them to deliver ads on their platforms to our customers and similar users on their platforms.

 

Third party platforms. Social media platforms or other third party platforms that you connect to the BODbx Service and where you authorize us to share your information with them (such as when you use options to access the BODbx Service by logging into the third party platform).

 

Professional advisors. Professional advisors, such as lawyers, bankers, auditors and insurers, where necessary in the course of the professional services that they render to us.

 

Law enforcement and others. Law enforcement, government authorities and privacy parties, when we believe in good faith it is necessary or appropriate for the compliance and operations purposes described above.

 

Business transferees. Relevant participants in business transactions (or potential transactions), such as corporate divestiture, merger, consolidation, acquisition, reorganization, sale or other disposition of all or any portion of the business or assets of, or equity interests in, BODbx or our affiliates (including, in connection with a bankruptcy or similar proceedings). In any of these cases user information, including personal information, could be one of the assets transferred to or acquired or accessed by a third party.

 

For other purposes. We may also share your personal information for other purposes described in this Privacy Policy or with your consent.

 

4.   YOUR CHOICES

 

Opt-out of marketing communications. If you have provided us with your email address and you would like to stop receiving marketing emails about BODbx from us, click on the unsubscribe link at the bottom of any of our email communications. It may take up to 72 hours to process your unsubscribe request. Please note that even if you opt out of receiving marketing communications from us, we may contact you for non- marketing reasons related to the BODbx Service or your subscription, such as for password recovery purposes or service calls that you have requested.


Account information. If you have signed up for an account, then you may access your BODbx account at any time once logged on, and you may modify, update and change your account settings through your account on the BODbx Service. When you update information, we may maintain a copy of the unrevised information in our records. You can also delete your account by emailing us at support@thebodbox.com. Please note that we will need to verify that you have the authority to delete the account. Also, some information may remain in our records after your deletion of such information from your account, and public activity on your account prior to deletion may remain publicly accessible.

 

Cookies. Most browsers let you remove or reject cookies. To do this, follow the instructions in your browser settings. Many browsers accept cookies by default until you change your settings. Please note that if you set your browser to disable cookies, the BODBX Service may not work properly.

 

Do Not Track. Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” or similar signals.

 

Choosing not to share your personal information. If you do not provide information that we need to provide the BODbx Service, we may not be able to provide you with the BODbx Service or certain features. We will tell you what information you must provide to receive the BODbx Service when we request it.

 

Third party platforms. If you choose to connect to the BODbx through your social media account or another third party platform, you may be able to use your settings in your account with that platform to limit the information we receive from it. If you revoke our ability to access information from a third party platform, that choice will not apply to information that we have already received from that third party.

 

5.    OTHER SITES AND SERVICES

 

The BODbx Service may contain links to websites and other online services operated by third parties. These links are not an endorsement of, or representation that we are affiliated with, any third party. In addition, our content may be included on web pages or other online services that are not associated with us. We do not control websites or other online services operated by third parties, and we are not responsible for their actions. Other websites and online services follow different rules regarding the collection, use and sharing of your personal information. We encourage you to read the privacy policies of the other websites and online services you use.

 

6.   SECURITY

 

We employ a number of technical, organizational, and physical safeguards designed to protect the personal information we collect. However, security risk is inherent in all


internet and information technologies and we cannot guarantee the security of your personal information.

 

7.   CHILDREN

 

The BODbx Service is not intended for use by children under 13 years of age. If we learn that we have collected personal information from a child under 13 without the consent of the child’s parent or guardian as required by law, we will delete it.

 

8.  INTERNATIONAL DATA TRANSFER

 

We are headquartered in the United States and may use service providers in other countries. Your personal information may be transferred to the United States or other locations where privacy laws may not be as protective as those in your state, province, or country.

 

9.    CHANGES TO THIS PRIVACY POLICY

 

We may update this Privacy Policy at any time. When we make material changes to this Privacy Policy, we will notify you by updating the effective date of this Privacy Policy and posting the modified Privacy Policy. We may also provide notification of changes via email if we have your email address, through the BODbx Service or in another manner that we believe is reasonably likely to reach you. Any modifications to this Privacy Policy will be effective when posted (or as otherwise indicated at the time of posting). In all cases, your continued use of the BODbx Service after the posting of any modified Privacy Policy indicates your acceptance of the modified Privacy Policy.

 

10.   HOW TO CONTACT US

 

If you have any questions about this Privacy Policy or our information handling practices, please contact us by email at support@thebodbox.com or postal mail at the below address:

 

BodBox, Inc. Attn: President

7902 Tysons One Place #2817 McLean, VA 22101 USA

 

11.    IMPORTANT INFORMATION FOR CALIFORNIA RESIDENTS

 

This section applies only to California residents and is immediately effective at the time this Privacy Policy is posted. It describes how we collect, use and share Personal Information of California residents in operating our business, and their rights with respect to that Personal Information. For purposes of this section, “Personal Information” has the meaning given in the California Consumer Privacy Act of 2018 (“CCPA”) but does not include information exempted from the scope of the CCPA.


Your California privacy rights. As a California resident, you have the rights listed below. However, these rights are not absolute, and in certain cases we may decline your request as permitted by law.

 

  • Information. You can request the following information about how we have collected and used your Personal Information during the past 12 months:
    • The categories of Personal Information that we have
    • The categories of sources from which we collected Personal
    • The business or commercial purpose for collecting and/or selling Personal Information
    • The categories of third parties with whom we share Personal Information
    • Whether we have disclosed your Personal Information for a business purpose, and if so, the categories of Personal Information received by each category of third party recipient.
    • Whether we’ve sold your Personal Information, and if so, the categories of Personal Information received by each category of third party
  • Access. You can request a copy of the Personal Information that we have collected about you during the past 12
  • Deletion. You can ask us to delete the Personal Information that we have collected from you.
  • Nondiscrimination. You are entitled to exercise the rights described above free from discrimination in the form of legally prohibited increases in the price or decreases in the quality of the BODBX Service.

 

How to exercise your rights. You may exercise your California privacy rights described above as follows:

 

  • Right to information, access and deletion. You can request to exercise your information, access and deletion rights by emailing us at support@thebodbox.com. We reserve the right to confirm your California residence and will need to confirm your identity to process your requests. As part of this process, government identification may be required. Consistent with California law, you may designate an authorized agent to make a request on your In order to designate an authorized agent to make a request on your behalf, you must provide a valid power of attorney, the requester’s valid government-issued identification, and the authorized agent’s valid government issued identification. We cannot process your request if you do not provide us with sufficient detail to allow us to understand and respond to it.
  • Request a list of third party marketers. California’s “Shine the Light” law (California Civil Code § 1798.83) allows California residents to ask companies with whom they have formed a business relationship primarily for personal, family or household purposes to provide certain information about the companies’ sharing of certain personal information with third parties for their direct marketing purposes during the preceding year. You can submit such a request by sending an email to support@thebodbox.com with “Shine the Light” in the subject

The request must include your current name, street address, city, state, and zip code and attest to the fact that you are a California resident.

  • We do not sell your personal information. Based on our understanding of the term “sell” under the CCPA, we do not “sell” your Personal Information and have not sold it to third parties for a business or commercial purpose in the 12 months preceding the effective date of this Privacy Policy. However, like many companies online, we use services provided by Google, Facebook and others that help deliver interest-based ads to you as described in the section above entitled Interest-Based You can review your options for opting-out of such services above.

 

Personal information that we collect, use and share. We are required to explain the categories of Personal Information we collect by reference to the categories specified by the CCPA, which are described in the list below. For each category, we list the type of data we collect and the source of that data as described in the section above entitled Personal Information We Collect. We have not sold your personal information in the preceding 12 months.

 

·         Identifiers

  • What we collect: Contact data, profile data
  • Sources: You, third party platforms

·         Commercial information

  • What we collect: Profile data, fitness and performance data, purchase data, online activity data
  • Sources: You, automatic collection, third party platforms

·         Financial Information

  • What we collect: Financial data
  • Sources: You

·         Online identifiers

  • What we collect: Contact data, profile data, online activity data, device data
  • Sources: You, automatic collection, third party platforms

·         Internet or network information

  • What we collect: Device data, online activity data
  • Sources: Automatic collection
  • Inferences drawn from any of the above information to create a profile reflecting your preferences, characteristics, and behavior.
    • May be derived from your: Profile data, fitness and performance data, purchase data, online activity

·         Medical Information

  • What we collect: Profile data, fitness and performance data
  • Sources: You, third party platforms

·         Physical Description

  • What we collect: Profile data, fitness and performance data
  • Sources: You, third party platforms

  • Protected Classification Characteristics, which we do not intentionally collect, but it may be revealed in other data we collect.

·         Biometric Information

  • What we collect: Profile data, fitness and performance data
  • Sources: You, third party platforms

·         Sensory information

  • What we collect: Profile data, fitness and performance data, Content you choose to share through the Service
  • Sources: You

 

The business/commercial purposes for which we use each category of Personal Information above are described in the section above entitled How We Use Your Personal Information. The categories of third parties to which we disclose each category of Personal Information above of Personal Information for business purposes are described in the section above entitled With Whom We Share Your Personal Information.

 

The above summary of how we collect, use, share Personal Information describes our practices for the 12 months preceding the effective date at the top of this Privacy Policy. Information that you choose to provide to us may include other categories of information.

 

12.   IMPORTANT INFORMATION FOR SINGAPORE RESIDENTS

 

This section applies only to Singapore residents and sets out how we comply with the provisions of the Personal Data Protection Act 2012 of Singapore (“PDPA”) as follows:

 

  • Our policies on how we manage your Personal Data;
  • The types of Personal Data we collect, use, disclose and/ or retain;
  • How we collect, use, disclose and/ or retain your Personal Data; and
  • The purpose(s) for which we collect, use, disclose and/ or retain your Personal

 

We will collect, use or disclose Personal Data for reasonable business purposes only if there is consent or deemed consent from you. We may also collect, use or disclose Personal Data if it is required or authorized under applicable laws. By using the BODbx Service, you agree and consent to us, our authorized service providers and other third parties as provided above in Section 3 to collect, use and disclose and/ or retain your Personal Data in accordance with this Privacy Policy. From time to time, we may update this privacy policy to ensure that our policy is consistent with any regulatory changes.

However, subject to your legal rights in Singapore, the prevailing terms of this Privacy Policy shall apply.

 

Collection of Personal Data. In this Section 12, “Personal Data” refers to any data and/or information about you from which you can be identified by, either from that data; or from that data and other information to which we may have legitimate access to. The


Personal Data which we collect from you, our service providers and our third party partners include, but are not limited to, such personal information as described in Section 1 above.

 

Use of Personal Data. In general, we may use your Personal Data for the following purposes:

 

  • To provide the BODbx Service;
  • To respond to your request or for the purposes for which it was provided to us as stated at the time of the collection (or as is obvious from the context of collection);
  • For general management and reporting purposes;
  • All other purposes related to our business; and
  • To comply with applicable laws and

 

Please see Section 2 for more information about the use of your Personal Data.

 

Disclosure of Personal Data. We do not disclose Personal Data to third parties except when required by law, when we have your consent or deemed consent or in cases where we have engaged third parties such as data intermediaries or subcontractors specifically to assist with our activities. Please see Section 3 above for more information about the third parties which we may disclose your Personal Data to.

 

Use of Cookies. We use “cookies” as necessary to provide you with the BODbx Service. Please see Section 1 above for more information.

 

Protection of your Personal Data. We maintain appropriate security safeguards and practices to protect your Personal Data unauthorized access, collection, use, disclosure, copying, modification disposal or similar risks, in accordance with applicable laws.

 

Access and Correction of your Personal Data. We take all reasonable measures to ensure that your Personal Data remains accurate, complete and up-to-date. You may also keep us informed when there are any updates to your Personal Data by contacting us directly. Subject to the exceptions referred to in section 21(2) of PDPA, you may request access to or make corrections to your Personal Data records, but we have the right to charge a reasonable fee for processing your request. Please submit your request to us by writing to us at support@thebodbox.com.

 

Withdrawal of Consent. If you wish to withdraw your consent to any use or disclosure of your Personal Data as set out in this Privacy Policy, you may contact us at support@thebodbox.com.

 

Contacting Us. If you have any questions or complaints relating to the use or disclosure of your Personal Data, or if you wish to know more about our data protection policies and practices, you may contact us at support@thebodbox.com.