StayWise Privacy Policy
Effective Date: December 5, 2024
Sensor Tower, Inc. (“Sensor Tower”, “we”, or “us”) is honored to provide the StayWise Application (“StayWise”), as well as the website and affiliated pages (the “Website”; the Website and StayWise are together referred to as the “App”), which provides offers a seamless way to track your personal expenses and their trends over time. When using the App, you may consent to us collecting some of your personal information.
The purpose of this Privacy Policy is to provide you with a clear understanding of what personal information we have access to when you use the App, as well as what personal information may be collected when you allow us to collect usage data, how your personal information is used, and the choices you have to control the collection and/or use of your personal information. We are committed to communicating transparently, providing security, and protecting the privacy of data on our systems.
Contact Information
If you have any questions, comments, or concerns about your personal information, this Privacy Policy, your privacy, or any of our privacy practices, please contact our Data Protection Officer by email at data-protection@sensortower.com or by mailing correspondence to Data Protection Officer at Sensor Tower, Inc., 2261 Market Street #4331, San Francisco, CA 94114.
Overview
This Privacy Policy explains how Sensor Tower collects, stores, uses, transfers and shares your personal information in connection with the App. We may and reserve the right to update this Privacy Policy to reflect changes in and to keep you informed about our privacy practices. Please periodically review the App for the latest information on our privacy practices.
If we make any changes, we will notify you by publishing the updated policy, contacting you through the App, by posting a notice on the App, by posting a notice on our Website, or by some combination of these methods. If you continue to use the App after the Privacy Policy has been updated, this continued use will indicate your acceptance of the Privacy Policy as modified. In some cases, you will have to explicitly accept changes to the Privacy Policy.
If you do not accept the terms of the Privacy Policy, please discontinue using the App immediately.
Personal Information We Collect About You
The following are the categories of data that are collected:
- your name;
- your email address;
- email account information for each linked email account including an account identifier and account metadata;
- read-only email authentication account token allowing access to each such email account; and
- purchase-related information extracted from emails from each such email account.
- Device-related information such as device type, operating system and browser version
- non-granular location;
- your birth year; and
- your gender (the “Collected Data”).
Upon receiving any Collected Data, our policy is to delete your IP address from our logs, unless an error is being debugged, in which case it is deleted upon resolution of the error.
Special Category or Sensitive Personal Data
We never intentionally receive or process any of your sensitive personal information, such information regarding your sexual orientation, ethnicity, religious affiliation, refugee status, or health. As noted above, we do collect information about purchases you have made to provide the functionality of the App and for the other purposes disclosed herein. In doing so, we intentionally avoid categories of purchases that could be considered sensitive, although such techniques are not perfect and exceptions may occur.
How We Use Your Personal Information
Basis for Processing
Sensor Tower has a legitimate interest in processing your personal information for the purposes described in this Privacy Policy. Sensor Tower may also process your personal information to comply with a legal obligation or when it is otherwise required to disclose the information. If you have questions about these legal bases you can contact our Data Protection Officer.
Purposes of Processing
We may use your personal information for the following purposes:
- to operate, maintain, debug, and improve the App;
- to send you technical notices, updates, security alerts and support and administrative messages;
- to respond to your comments, questions and requests and provide customer service;
- to monitor and analyze trends and usage of the App;
- to power Sensor Tower products available at sensortower.com;
- to use in training of neural networks and artificial intelligence;
- for scientific and academic research purposes; and
- for any other purposes indicated in this Privacy Policy.
Data Minimization and Purpose Limitation
We will not process your personal information in a way that is incompatible with the purposes for which it has been collected or collect any personal information that is not needed for these purposes.
No Sale of Personal Information
We do not and will never sell your personal information to third parties for monetary or other valuable consideration.
Use of Anonymized Information
We may generate anonymized information (“Anonymized Information”) from the Collected Data of the users of the App. We may use the Anonymized Information for any purpose including commercial purposes. Commercial purposes may include without limitation using the Anonymized Information to generate, validate, and/or provide data and insights on our website at sensortower.com, and/or sharing Anonymized Information with third parties, such as customers and our service providers. Third parties can only use the Anonymized Information shared with them for the purpose under which it was shared, and cannot ever use the Anonymized Information to personally identify you.
Use of Contact Information
In situations where you consensually provide us with contact information for the sole purpose of communicating with us, we may use your information to respond to your communications and send you information you request.
Sharing of your Personal Information
We may share your personal information in the following circumstances.
SERVICE PROVIDERS
We will share personal information with third parties who perform services on our behalf or operate our services. For example, we share personal information with our vendors (e.g., data processors, IT services providers, cloud providers, online platforms, debugging platforms, support providers, etc.), partners and consultants. Service Providers can only use the personal information we share with them for the limited purpose under which it was shared.
UNDER SPECIAL CIRCUMSTANCES
From time to time, a situation may arise where we may use personal information to enforce our terms of service; prevent unlawful activities and misuse of the App; protect the legal rights, property, safety, and security of Sensor Tower, our affiliates, and our users; and resolve disputes involving you relating to the App; or and comply with applicable laws and assist law enforcement. Regardless, we do not and will not share your personal information with third-parties except in the following limited circumstances:
- Third-Parties When Required By Law or as Necessary to Protect the App.
We may access, use, preserve, and share your information with third parties when we have a good faith belief that it is necessary to: detect, prevent and address fraud and other illegal activity; protect ourselves, you and others, including as part of investigations; or prevent death or imminent bodily harm. We may also share such information if we believe that you have abused your rights to use the App or violated an applicable law, or in connection with any dispute between you and us with respect to the App. - In Response to a Legal Request.
We may also access, use, preserve, and share your information, in response to a legal request if we believe in good faith that the response is required by law in that jurisdiction, applies to users in that jurisdiction, and is consistent with internationally recognized standards. Information we receive about you may be accessed, processed, and retained for an extended period of time when it is the subject of a legal request or obligation, government investigation, investigation concerning possible violations of our terms or policies, or otherwise to prevent harm. - In Connection With a Transfer of Assets.
If we sell all or part of our business, make a sale or transfer of assets, are otherwise involved in a merger or business transfer, or in the event of bankruptcy, we may confidentially disclose and transfer your personal information to one or more third parties as part of that transaction. - Other Disclosures.
We also may disclose personal information as described to you at the point of collection or pursuant to your consent.
Retention of your personal information
When you use the App
The personal information we collect from you, as described above, is retained for as long as needed to accomplish the purposes provided in this Privacy Policy. At any time, you can request that we erase any personal information that we have collected as outlined in the “Your Rights” section of this Privacy Policy.
When you unlink the App
If you unlink an email account from the App, we will no longer be able to process purchases from the emails in that account. You should be aware that we may retain any previously Collected Data associated with that account and may also generate Anonymized Information from that Collected Data. We reserve the right to use the Anonymized Information as noted elsewhere in this Privacy Policy.
Your Rights
With us, you have rights and control over your personal information regardless of the country you live in. Many of these important rights are afforded by Europe's and the UK's General Data Protection Act (“GDPR”), which include:
- The right to be informed about the collection and use of your personal information, which this Privacy Policy provides.
- The right to access your personal information (called a “subject access request” under the GDPR), which you can do by sending an email to our Data Protection Officer using the contact information provided above. Please note that since we pseudonymize data collected from you, we may need some additional information from you in order to re-identify your personal information. Also, if you have uninstalled the App, any data collected from you will have been anonymized and will not be re-identifiable.
- The right to have any data that is inaccurate or incomplete rectified by correcting or completing it.
- The right to erasure (a.k.a., “be forgotten”) by sending an email to our Data Protection Officer using the contact information provided above and requesting that we delete your personal information. Please note that since we pseudonymize data collected from you, we may need some additional information from you in order to locate and delete your personal information. Also, if you have uninstalled the App, any data collected from you will have been anonymized and we will be unable to locate it.
- The right to restrict the processing of your personal information under certain circumstances provided by Article 18 of the GDPR.
- The right to obtain and reuse a copy of your personal information for your own purposes.
- The right to object to processing of your personal information under certain circumstances provided by Article 21 of the GDPR.
How to exercise your privacy rights
Contact our Data Protection Officer using the contact information provided above to exercise any of your privacy rights. We commit to grant them within 30 days after receipt or less.
If you reside in Europe or the UK, you can also contact Osano, which has been appointed as our representative in the European Union for data protection matters, pursuant to Article 27 of the General Data Protection Regulation of the European Union. If you are in the European Economic Area, Osano can be contacted in addition to our Data Protection Officer, only on matters related to the processing of personal data. To make such an inquiry, please contact Osano by mail using the contact information below:
UK Representative
Osano UK Compliance LTD
ATTN: 8QL4
42-46 Fountain Street
Belfast
Antrim
BT1 - 5EF
EU Representative
Osano International Compliance Services Limited
ATTN: 8QL4
3 Dublin Landings
North Wall Quay
Dublin 1
D01C4E0
Formalities to exercise your privacy rights
Please keep in mind that in the case of a vague request we may engage the individual in a dialogue so as to better understand the motivation and content of the request. We may also refuse manifestly unfounded and excessive (repetitive) requests.
We might also require you to prove your identity in some cases. This is made to ensure that no rights of third parties are violated by your request.
Other Items
Notification requirements. We commit to notify you, when it is needed under the law, within a reasonable period of time and your data protection authority within the timeframe specified in applicable law about data breaches related to your personal information.
Data Protection Authorities. Subject to applicable laws, you may have the right to lodge a complaint with your local data protection authority about any of our activities that you deem are not compliant with applicable law.
The California Consumer Privacy Act
If you are a California resident, then Under the California Consumer Privacy Act (“CCPA”) you have certain rights regarding the personal information that we may have collected about you. The following sections disclose the “what,” “how,” and “why” behind any personal information we collect about you, who we share it with, and what your rights are over your personal information.
Personal Information We Collect
As summarized in detail in the Collected Data section above, we collect:
- personal identifiers;
- customer records information;
- commercial information;
- Internet or other electronic network activity information; and
- Inferences.
Why We Collect Your Personal Information
We use the above categories of data in order:
- to operate, maintain, debug, and improve the App;
- to send you technical notices, updates, security alerts and support and administrative messages;
- to respond to your comments, questions and requests and provide customer service;
- to monitor and analyze trends and usage of the App;
- to power Sensor Tower products available at sensortower.com;
- to use in training of neural networks and artificial intelligence;
- for scientific and academic research purposes; and
- to ensure security.
How We Collect Your Personal Information
As further described in the Collected Data section above, we collect identifiers and commercial information directly from you and we collect Internet or other electronic network activity from your usage of the App and its services.
We do not use cookies or web beacons to collect personal information from you or track your activity.
With Whom We Share and Sell Your Personal Information
We do not sell your personal information. We do sell anonymized and/or aggregated consumer information, which does not identify you or any individual person and is not considered personal information by the CCPA (Cal. Civ. Code 1798.140(o)(K)(3)) on sensortower.com as summarized in the Use of Anonymized Information section above.
We may share your personal information under the circumstances outlined in the Sharing of your Personal Information section above.
We may also share personal information for other reasons we may describe to you or as permitted by law.
Your Rights under CCPA
The consumer rights you may have under CCPA include the right to:
- Opt out of the sale of your personal information;
- Request that we disclose information about the personal information collected, used, disclosed or sold;
- Request that we delete personal information collected or maintained by us; and
- Not receive discriminatory treatment for exercising your privacy rights.
Right to Opt out of Sale
We do not sell your personal information. While you have the right to direct us to not sell your personal information, as summarized below, such a request could be moot since we do not sell your personal information.
Right to Request Disclosure
You have the right to request that we disclose to you what categories of personal information we have sold or disclosed for a business purpose about you, and the categories of third parties to whom the personal information was sold or disclosed. Additionally, you have the right to request disclosure of specific pieces of information. Below is a list of the information that you can include in your request.
- the categories of personal information that we have collected about you;
- the categories of sources from which we collected the personal information;
- the business or commercial purpose for collecting or selling the personal information;
- the categories of third parties with whom we share personal information;
- the specific pieces of personal information we have collected about you;
- the categories of personal information that we disclosed about you for a business purpose; and
- the categories of personal information that we have sold about you, as well as the categories of third parties to whom we sold the information.
Right to Request Deletion
You have the right to request that we delete any personal information about you that we have collected from you. Please note that there are exceptions where we do not have to fulfill a request to delete information, such as when the deletion of information would create problems with the completion of a transaction or compliance with a legal obligation.
The Right to Non-Discrimination
We will not discriminate against you (e.g., through denying goods or services, or providing a different level or quality of goods or services) for exercising any of the rights afforded to you.
Submitting a Request, Question, or Feedback
If you would like to exercise your right to opt out, right to delete, or right to request disclosure, or if you have any questions or would like to provide feedback on this Privacy Policy or our privacy practices, please email us using the following information and our privacy team will examine your request, question, or feedback and respond to you as quickly as possible.
Data Protection Officer data-protection@sensortower.com
Your Rights in Other States and Countries
Other States
Various other US states, including but not limited to, Colorado, Connecticut, Virginia, and Utah, have passed laws providing their state residents rights similar to those afforded under the CCPA and the GDPR. These rights include rights to:
- Confirm whether we process their personal information.
- Access and delete certain personal information.
- Data portability.
- Opt-out of personal data processing for targeted advertising and sales.
- Some states also provide their state residents with rights to:
- Correct inaccuracies in their personal information, taking into account the information's nature processing purpose.
- Opt-out of profiling in furtherance of decisions that produce legal or similarly significant effects.
Regardless of your specific residence, at Pura we, to the extent possible, honor privacy right requests afforded by any jurisdiction, regardless of whether you reside in that jurisdiction.
Other Countries
If you are a resident of another country, state, or province with applicable data privacy laws and regulations that afford you with privacy rights similar to those afforded by the GDPR, CCPA, or other similar laws or regulations, we will honor any requests from you to exercise those privacy rights in accordance with those data privacy laws and regulations to the extent possible.
“Do Not Track” Requests
We adhere to the standards set out in this Privacy Notice and do not monitor or respond to Do Not Track browser requests.
Security of your personal information
We maintain reasonable and appropriate safeguards to protect all collected personal information against loss, misuse, theft, unauthorized access, disclosure, alteration, or destruction. While we strive to protect your information and privacy, no data transmission or storage can be guaranteed to be 100% secure. We cannot guarantee or warrant the security of information you disclose or transmit to us and cannot be responsible for the theft, destruction, misuse, unauthorized access, alteration, or inadvertent disclosure of your information.
If we become aware of a security systems breach, we will attempt to inform you by posting a notice, publishing a press release, notifying you via the App, or other appropriate means, and will take appropriate steps to remedy the breach in compliance with any applicable laws and as specified in this Privacy Policy.
Children’s Privacy
General age limitation. We are committed to protecting child privacy. The App is not intended for children and we do not intentionally or knowingly collect information, personal or otherwise, about individuals under the age of 18, much less children under 13 years old. If you are aware of anyone under 18 using the App, please contact us using the contact information provided above and we will take required steps to delete any such information and/or prevent that individual from accessing the App.
Age limitation for EU residents. To the extent prohibited by applicable law, we do not allow use of the App by EU residents younger than 18 years old. If you are aware of anyone younger than 18 using the App, please contact us using the contact information provided above and we will take required steps to delete any such information and/or prevent that individual from accessing the App.
Storage and International Transfers
Sensor Tower is based in the United States of America (“U.S.”) and the personal information we collect is governed by U.S. law. Please be advised that the laws in the U.S. and the laws of other countries may not offer the same protections as the law of your jurisdiction, and may be deemed inadequate relative to your country’s data protection law.
Further, you agree that we may store and process your information through third-party or affiliate hosting services in the United States, European Economic Area (“EEA”), and other international jurisdictions. As a result, we, our affiliates, subsidiaries, or agents may securely transfer your information to a jurisdiction with different data protection laws than your jurisdiction. By using the Services, you explicitly and unambiguously consent to the transfer of your information outside of your own country for the purposes described in this Privacy Policy.
Third-party Data Processors
We use data processors that perform particular operations with your personal information for us.
Data processors (or just processors) are companies that help us, the Data Controller, run the App, support our communication with you or perform other App-related activities. They may process certain personal information on our behalf to accomplish the goals related to the App functions and associated activities. Data processors act only in accordance with instructions and process only the personal information that we instruct them to process. We are liable for any acts or omissions of our data processors and engage with them under data processing agreements to the extent required by applicable law.
The following is a non-exclusive list of our main data processors:
Type | Processor | Data Processed | Purpose |
---|---|---|---|
Infrastructure and security | Amazon Web Services (“AWS”) | App usage information. | Storage of usage information while using the App. |
Data Source | Gmail™ | Emails that have been sent and received. | Understanding purchases from your emails. |
Artificial Intelligence | OpenAI | Emails related to purchases and receipts. | Understanding purchases from your emails. |
Analytics | Google Analytics | Analytics-related information such as app version, anonymous demographics, events describing how the app is used, etc. | Analyze usage patterns within the app to optimize flows and retention. |
User Support | Helpscout | User's device and app version information. | Helpscout is the tool that we use to manage support within the app. Users reach out to us through the service to discuss bugs, features, etc. |
Changes to this Policy
We keep our Privacy Policy under regular review and may update it at any time.
Third-party Links
This Privacy Policy may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.