Privacy Policy Terms Of Service

Privacy Notice

Effective Date: Feb 8, 2024
Notice Version: 2.1

Data Controller Contact Information:

Wombat Apps LLC
c/o Privacy Officer
8201 164th Ave NE, Suite 200
Redmond, WA 98052
United States of America
privacy@carbmanager.com

Our designated representative in the EU is:

Maetzler Rechtsanwalts GmbH & Co KG
c/o Wombat Apps LLC
Schellinggasse 3/10, 1010 Vienna, Austria

Our designated representative in the UK is:

Prighter Ltd
c/o Wombat Apps LLC
20 Mortlake Mortlake High Street,
London, SW14 8JN, UK

Our privacy notice governs our privacy practices when you are using our websites, https://www.carbmanager.com, https://www.wombatapps.com, and our mobile and web apps, called Carb Manager, hereinafter and collectively referred to as the services.

Our privacy notice tells you what personal data and non-personal data we collect from you, how we collect them, how we protect them, how we share them, how you can access and change them, and how you can limit our sharing of them. Our privacy notice also explains certain legal rights that you have concerning your personal data. Any capitalized terms not defined herein will have the same meaning as those defined elsewhere on our website.

Definitions

The terms “us”, “we”, and “our” refer to the owner of this Website.

‘NON-PERSONAL DATA’ (NPD) means any information that is not personally identifiable.

‘PERSONAL DATA’ (PD) means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person can be identified directly or indirectly by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person. PD is, in many ways, the same as Personally Identifiable Information (PII). However, PD is broader in scope and covers more data.

‘SENSITIVE PERSONAL DATA’ (SPD) means a consumer’s social security, driver’s license, state identification card, or passport number; a consumer’s account log-in, financial account, debit card, or credit card number in combination with any required security, access code, password, or credentials allowing access to an account; a consumer’s exact geolocation; a consumer’s ethnic or racial origin, religious or philosophical beliefs, or union membership; the contents of a consumer’s mail, text messages, and email unless the business is the intended receiver of the communication; a consumer’s genetic data; the processing of biometric data to uniquely identify a consumer; personal information collected and analyzed about a consumer’s health; sex life or sexual orientation. Sensitive personal information that is "publicly available" is considered sensitive personal information or personal information.

Topics Covered in Our Privacy Notice

YOUR RIGHTS

INFORMATION WE COLLECT AND HOW WE COLLECT IT

HOW YOUR PD IS USED AND SHARED

RETAINING AND DESTROYING YOUR PD

PROTECTING THE PRIVACY RIGHTS OF THIRD PARTIES

DO NOT TRACK SETTINGS

LINKS TO OTHER WEBSITES

PROTECTING CHILDREN’S PRIVACY

OUR EMAIL POLICY

OUR SECURITY POLICY

USE OF YOUR CREDIT CARD

IN-APP PURCHASES

TRANSFERRING PD FROM OTHER COUNTRIES

CHANGES TO OUR PRIVACY NOTICE

YOUR RIGHTS

Contact us using the information at the top of this privacy notice to exercise any of your legal rights contained within this privacy notice. We will respond to your request within 30 days after receiving it.

When using our services and submitting Personal Data (PD) to us, you have certain rights under privacy laws in the United States, including the California Consumer Privacy Act of 2018 (CaCPA), the California Privacy Rights Act of 2020 (CPRA), and privacy laws of other countries including the European Union General Data Protection Regulation of 2016 (the “EU GDPR”), the UK General Data Protection Regulation (UK GDPR / the Data Protection Act 2018), the Data Protection Act 2018, and other global privacy laws. Even if not listed here, we will make reasonable efforts to honor data subject access requests even though we may be under no legal obligation to do so. However, we reserve the right to decline any data subject access request that we are not legally obligated to comply with. Your rights include but are not limited to the following:

  1. The right to equal service, price, and not being discriminated against even if you exercise your privacy rights.
  2. The right to one or more means where you can submit requests under this privacy notice, including (at minimum) a toll-free telephone number or, if the business maintains an Internet website, a website address email address.
  3. The right to know whether your PD is sold, shared, or disclosed and to whom.
  4. The right to request that we do not sell or share any of your PD.
  5. The right to request that we disclose the following personal information to you: the categories of personal information we collected about you; the categories of sources from which your personal information is collected; the business or commercial purpose for collecting, selling, or sharing your personal information; the categories of third parties to whom we disclose your personal information; the specific pieces of personal information we have collected about you.
  6. The right to be informed about the PD we collect from you and how we process them.
  7. The right to get confirmation that your PD is being processed and you can access your PD.
  8. The right to have your PD corrected if they are inaccurate or incomplete.
  9. The right to request the removal or deletion of your PD if there is no compelling reason for us to continue processing them. However, the right to deletion is not absolute and can be overridden to continue data processing in some cases where we still have a legal ground or overriding legitimate interest to process your data.
  10. The right to ‘block’ or restrict the processing of your PD. When your PD is restricted, we are permitted to store your PD but not to process them further.
  11. The right to request the PD that you provided to us and use them for your own purposes. Upon express request, we will provide your data to you or another service or product provider within 30 days of your request, subject to commercial and industrial secrets.
  12. The right to object to us processing your PD for the following reasons:
    - Processing was based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling);
    - Direct marketing and targeted advertising (including profiling);
    - Processing for purposes of scientific/historical research and statistics.
  13. The right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects regarding you or similarly significantly affects you.
  14.  The right that we limit the collection of your PD to that which is "adequate, relevant and reasonably necessary with the purposes for which the data is processed.
  15. The right that we do not process your PD for purposes that are neither reasonably necessary nor compatible with the disclosed purposes for which such personal data is processed, as disclosed to you, unless the controller obtains your consent.
  16. The right to designate an authorized agent to request on your behalf. When designating an authorized agent, you must provide a valid power of attorney, the requester’s valid government-issued identification, and the authorized agent’s valid government-issued identification.
  17. The right to file a complaint with supervisory authorities if your information has not been processed in compliance with your rights under privacy laws.

INFORMATION WE COLLECT AND HOW WE COLLECT IT

Generally, you control the amount and type of information you provide us when using our website.

Our Legal Basis for Collecting and Processing Personal Data (PD)

Our legal basis for collecting and processing your PD when you buy our products and services or fill in any of the contact forms is based on the necessity for the performance of a contract or to take steps to enter into a contract. Our legal basis for collecting and processing your PD when you sign up for our newsletter, download free information, access free audio and videos, and use the free version of our services is based on consent.

Automatic Information

We automatically receive information from your web browser or mobile device. This information may include the IP address of your computer/the proxy server you use to access the Internet, your Internet service provider’s name, your web browser type, the type of mobile device, your computer operating system, and data about your browsing activity when using our services. We use all this information to help improve our services.

Other Websites, Platforms, and Third-Party Fitness and Health Devices

If you link your account to third-party platforms such as Fitbit, Garmin, or Apple Health, we will receive information that you have authorized each synchronization with that platform. This information may include exercise minutes, calories expended, steps taken in a day, body weight, and other metrics you choose to share.

When Entering and Using Our Services

When you enter and use our services and agree to accept cookies, some of these cookies may contain your Personal Data (PD).

Our Use of Cookies

Our services use cookies. A cookie is a small piece of data or a text file that is downloaded to your computer or mobile device when you access certain websites. Cookies may contain text that can be read by the web server that delivered the cookie to you. The text contained in the cookie generally consists of a sequence of letters and numbers that uniquely identifies your computer or mobile device; it may contain other information as well.

By agreeing to accept our use of cookies, you are giving us and the third parties with which we partner permission to place, store, and access some or all the cookies described below on your computer and or mobile device.

  • Strictly Necessary Cookies - These cookies are necessary for the proper functioning of the website, such as displaying content, logging in, validating your session, responding to your request for services, and other functions.
  • Performance Cookies - These cookies collect information about the use of the website, such as pages visited, traffic sources, users’ interests, content management, and other website measurements.
  • Functional Cookies - These cookies enable the website to remember users’ choices, such as their language, usernames, and other choices while using the website.
  • Media Cookies - These cookies can be used to improve a website’s performance and provide special features and content. They can be placed by us or third parties who provide services to us.
  • Advertising or Targeting Cookies - These cookies are usually placed and used by advertising companies to develop a profile of your browsing interests and serve advertisements on other websites that are related to your interests.
  • Session Cookies - These cookies allow websites to link the actions of a user during a browser session. They may be used for remembering what a user puts in their shopping cart as they browse a website. Session cookies also permit users to be recognized as they navigate a website so that any item or page changes they make are remembered from page to page. Session cookies expire after a browser session.
  • Persistent Cookies - These cookies are stored on a user’s device between browser sessions, which allows the user’s preferences or actions across a website or across different websites to be remembered. Persistent cookies may be used to remember users’ choices and preferences when using a website or target advertising to them.
  • We may also use cookies for the following:
    - Identifying the areas of our website that you have visited;
    - Personalizing the content that you see on our website;
    - Our website analytics;
    - Remarketing our products or services to you;
    - Remembering your preferences, settings, and login details;
    - Targeted advertising and serving ads relevant to your interests;
    - Allowing you to share content with social networks.

Most web browsers can be set to disable the use of cookies. However, if you disable cookies, you may not be able to access features on our services correctly or at all.

Web Beacons

We may use a technology called web beacons to collect general information about your use of our services and your use of special promotions or newsletters. The information we collect by web beacons allows us to statistically monitor the number of people who open our emails as well as provide us with other information about your interaction with our services.

At User Registration or When Buying Products or Services

When you register as a user or when buying our products or services, we may collect some or all of the following information: height, weight, activity level, sex, date of birth, and other information you choose to provide to us.

Survey and Interview Questions

Occasionally, we contact our users and customers to ask for feedback or testimonials. Please know that by submitting your testimonial, you are granting us the right to use, reproduce, and publicly display your comments, along with your name and any images or videos you provide, across our various marketing and promotional channels. Your personal contact information will remain confidential and will not be shared publicly. By submitting your testimonial, you are acknowledging and agreeing to these terms.

Collecting Information About Your Physical Location

When you use our services, we may collect and process information about your actual physical location. We use several technologies, such as IP tracking, to determine your location. These technologies may also give us information about nearby cell towers, Wi-Fi access points, and other devices.

Google API

By using our services, you are subject to the Google Privacy Policy and Terms of Service.
When collecting and processing user data, including Personal Data (PD) from Google APIs, we will follow Google API Services User Data Policy. We also require that our employees, contractors, and agents comply with the Google API Services User Data Policy.

Chat Software or Contact Forms

Our services contain chat software or contact forms that enable visitors to communicate with us online or offline by email. In some cases, visitors can communicate with us without buying our services. When you use our chat software or contact forms, we may collect some or all the following information: your email address, first name, last name, location, and any other information you willingly choose to give us. You should limit the information you give to us to one that is necessary to answer your questions.

Google Analytics

Our services use Google Analytics to collect information about the use of our services. Google Analytics collects information from users such as age, gender, interests, demographics, how often they visit our services, what pages they visit, in-app actions, and what other websites they have used before coming to our services. We use the information we get from Google Analytics to analyze traffic and improve our marketing, advertising, and services. You can prevent Google Analytics from using your information about your website visits by opting out at this link: https://tools.google.com/dlpage/gaoptout

Analytics

Our services use analytics services from several companies other than Google to collect information about the use of our services. Analytics collects information such as how often users visit our services, what pages they visit, when they do so, and their IP addresses. We use the information we get from analytics to improve our services. We also use companies like Kochava, Amplitude, and LeanPlum for analytics services.

What Happens If You Don’t Give Us Your Personal Data (PD)

If you do not provide us with enough PD, we may be unable to provide you with our services.

HOW YOUR PERSONAL DATA (PD) IS USED AND SHARED

We use the information we receive from you to:

  • Provide our services you have requested or purchased from us;
  • Personalize and customize our content;
  • Make improvements to our services;
  • Contact you with updates to our products and services;
  • Resolve problems and disputes;
  • Contact you with products and services that we believe may be of interest to you.

Communications and Emails

When we communicate with you about our services, we will use the email address you provided when you registered as a user or customer. We may also send you emails with promotional information about our services or offers from us or our affiliates unless you have opted out of receiving such information. You can unsubscribe to these by using the link in the emails. You can also change your contact preferences at any time by writing to our customer support team or contacting us using the information at the top of this privacy notice.

Sharing Your Information When You Login Using Other Websites or Services

We may share your Personal Data (PD) with third parties such as  http://google.com, http://www.apple.com, and others. If you sign into our services through a third-party service or website, your information such as name, email address, language preference, profile picture etc. might be automatically imported to our services. We do not have any control over the privacy notices and business practices of other third-party services or websites.

If you log into our services using websites and services, you agree to let us use and store your profile information from those websites to make better use of any social media features on our services. This sharing of information helps us provide you with a better experience when using our services and provides us with information such as visitor traffic. If you use any of the social sharing icons on our services to share our information, you may also be sharing your personal information through other websites.

Push Notifications

By using our services, you are giving your express consent and authorizing a third party or us to contact you by push notifications. You are not required to give us your consent to contact you through this communication method. However, withholding your consent may interfere with or prevent us from providing some or all our services to you. You can stop receiving push notifications at any time by using one of our opt-out methods.

Sharing Information with Third Parties

We do not sell or rent your Personal Data (PD) or Sensitive Personal Data (SPD), which includes health information, to third parties for marketing purposes.

Vendors that we hire to provide us with various services (Service Providers) may have access to your Personal Data (PD) while they are performing their contractual obligations. These third-party service providers may include but are not limited to payment processors, web analytics companies, advertising networks, data management services, help desk providers, accountants, law firms, auditors, shopping carts, and email service providers. We prohibit our Service Providers from selling or disclosing the Personal Data (PD) we provide. We also require all Service Providers to maintain confidentiality standards that are commercially reasonable to ensure the security of your Personal Data (PD).

We reserve the right to share or sell aggregated, anonymous or deidentified information with third parties for marketing, advertising, research or other purposes. We do not limit the use of aggregated information by third parties.

Legally Required Releases of Information

We may disclose your Personal Data (PD) if such disclosure is (a) required by subpoena, law, or other legal processes; (b) necessary to assist law enforcement officials or government enforcement agencies; (c) necessary to protect us from legal action or claims from third parties, including you and or other users; or (d) necessary to protect the legal rights, personal and or real property, or the personal safety of our company, users, employees, and business partners.

Disclosures to Successors

If our business is sold or merges in whole or in part with another business that would become responsible for providing the services to you, we retain the right to transfer your Personal Data (PD) to the new business. The new business would retain the right to use your PD according to the terms of this privacy notice as well as to any changes to this privacy notice as instituted by the new business. We also retain the right to transfer your PD if our company files for bankruptcy and some or all of our assets are sold to another individual or company.

Community Discussion Boards, Blogs, or Other Mechanisms

Our services may offer the ability for users to communicate through online community discussion boards, blogs, or other mechanisms. If you choose to post on these discussion mechanisms, you should use care when exposing any Personal Data (PD), as such information is not protected by our privacy notice, nor are we liable if you disclose your PD through such postings. Also, PD, which you post on our services for publication, may be available worldwide on the Internet. We cannot prevent the use or misuse of such information by others.

RETAINING AND DESTROYING YOUR PERSONAL DATA (PD)

We retain your PD if it is necessary to provide our services and or products to you and to fulfill the purposes outlined in our privacy notice, subject to any legal obligations that may require a longer retention period. PD associated with your account will be kept until it is no longer necessary to provide our services and or products or until you ask us to delete it.

The criteria used to determine our retention periods include:

  • The length of time we have a continuing relationship with you and provide the services and or products to you that you requested.
  • Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them).
  • Whether retention is advisable considering our legal position (such as, for statutes of limitations, litigation, or regulatory investigations).

PD about you that is no longer necessary to provide our products or services may be de-identified and aggregated with other NPD to provide insights, such as statistics on the use of our services and or products. This information will be deidentified from your name and other personally identifiable information.

PROTECTING THE PRIVACY RIGHTS OF THIRD PARTIES

If you make any postings on our services that contain information about third parties, you agree that you have permission to include that information. While we are not legally liable for the actions of our users, we will remove any postings about which we are notified if such postings violate the privacy rights of others.

DO NOT TRACK SETTINGS

Some web browsers have settings that enable you to request that our services not track your movement within our services. Our services do not obey such settings when transmitted to and detected by our services. You can turn off tracking features and other security settings in your browser by referring to your browser’s user manual.

LINKS TO OTHER WEBSITES

Our services may contain links to other websites. These websites are not under our control and are not subject to our privacy notice. We have no responsibility for these websites, and we provide links to these websites solely for your convenience. You acknowledge that your use of and access to these websites are solely at your risk.

PROTECTING CHILDREN’S PRIVACY

Our services are not designed for use by anyone under the age of 18. We do not knowingly collect Personal Data (PD) from children under the age of 18. If you are a parent or guardian and believe that your child is using our services and they are under the age of 18, please contact us. Before we remove any information, we may ask for proof of identification to prevent malicious removal of account information. If we discover that a child under the age of 18 is accessing our services, we will delete their information within a reasonable period of time. You acknowledge that we do not verify the age of our users nor have any liability to do so.

OUR EMAIL POLICY

You can always opt-out of receiving email correspondence from us or our affiliates. We will not sell, rent, or trade your email address to any unaffiliated third-party without your permission except in the sale or transfer of our company or if our company files for bankruptcy as described in the section Disclosures to Successors.

OUR SECURITY POLICY

We have built our services and services using industry-standard security measures and authentication tools to protect the security of your Personal Data (PD). We and the third parties who provide services to us also maintain technical and physical safeguards to protect your PD. Unfortunately, we cannot guarantee the prevention of loss or misuse of your PD or secure data transmission over the Internet because of its nature. We strongly urge you to protect any password you may have for our services and not share it with anyone.

USE OF YOUR CREDIT CARD

You may have to provide a credit or debit card to buy products and services from our services. We use third-party billing services and have no control over them. We use commercially reasonable efforts to ensure that your credit card number is kept strictly confidential by using only third-party billing services that use industry-standard encryption technology to protect your credit card number from unauthorized use. However, you understand and agree that we are in no way responsible for any misuse of your credit card number.

IN-APP PURCHASES

Carb Manager does not directly collect or store your payment information. Payments are processed either by way of the Apple Store or Google Play or by our service provider(s) when you make purchases directly within the app.

TRANSFERRING PERSONAL DATA (PD) FROM OTHER COUNTRIES

PD that we collect from you may be stored, processed, and transferred among any countries in which we operate. The European Union has not found the United States and some other countries to have an acceptable level of protection of PD under Article 45 of the GDPR. Our company relies on derogations for specific situations as defined in Article 49 of the GDPR. If you are a European Union user or a user from another country, with your consent, your PD may be transferred to the United States or other countries when you request information from us. When you buy goods or services, we will use your PD for the performance of a contract with you. Wherever we transfer, process, or store your PD, we will attempt to apply reasonable safeguards to protect it. We will use the information we collect from you by following the practices described in our privacy notice. Also, we enter into data processing agreements and standard contractual clauses when appropriate. By using our website, you agree to the transfers of your PD described within this section.

CHANGES TO OUR PRIVACY NOTICE

We reserve the right to change this privacy notice at any time. If our company decides to change this privacy notice, we will post those changes on our services so that our users and customers are always aware of what information we collect, use, and disclose. If at any time we decide to disclose or use your Personal Data (PD) in a method different from that specified at the time it was collected, we will provide advance notice by email sent to the email address on file in your account or notify you with an in-app notice. Otherwise, we will use and disclose our users’ and customers’ PD in agreement with the privacy notice in effect when the information was collected. In all cases, your continued use of our services, services, and products after any change to this privacy notice will constitute your acceptance of the change. If you have questions about our privacy notice, please contact us through the information at the top of this privacy notice.

Copyright © - This document or any portion of it may not be copied or duplicated in any way without a license.