Privacy Policy

In this Privacy Policy we use the following terms:

‘Personal data’ (“personal information”) with respect to EEA residents means any information relating to an identified or identifiable natural person (‘data subject’);  with respect to US residents personal data refers to any data that identifies, relates to, or could reasonably be linked to you or your household, directly or indirectly; with respect to Singapore residents personal data means data, whether true or not, about an individual who can be identified from that data or from that data and other information to which the organization has or is likely to have access.

‘Data subject’ is an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

While using our app you are considered to be a data subject.

‘Processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

‘Controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by European Union or Member State law, the controller or the specific criteria for its nomination may be provided for by European Union or Member State law;

While using our app you are considered to be a data We are the controller of your personal data. You may find more information about us in Chapter 3 of this Privacy Policy.subject.

We may store and process the following personal data: your email address.

Categories of personal information we collect according to CCPA classification include: Category A (Identifiers).

Please note that our app is not intended to offer any services directly to children. We do not knowingly collect information from children. However, if you are under the age of 18 and want to get in touch with us, please, send us a written consent from your parents or guardians to process your personal information. 

The main purpose of collecting your personal data is to make our app work. That, in turn, includes:

1. Maintaining our service;
2. Managing your account (including registration);
3. Performance of a contract: the development, compliance and undertaking of the purchase contract for the products, items or services you have purchased or of any other contract with us through the app.
4. Keeping you updated about our news/managing your requests.

We may share your personal information in the following situations:

1. With Service Providers: we may share your personal information with service providers to monitor and analyze the use of our app, for payment processing, to contact you.
2. For business transfers: we may share or transfer your personal information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company. 
3. With Affiliates: we may share your information with our affiliates, in which case we will require those affiliates to honor this Privacy Policy. Affiliates include our parent company and any other subsidiaries, joint venture partners or other companies that we control or that are under common control with us. 
4. With business partners: we may share your information with our business partners to offer you certain products, services or promotions. 
5. With other users: when you share personal information or otherwise interact in the public areas with other users, such information may be viewed by all users and may be publicly distributed outside.
6. With your consent: we may disclose your personal information for any other purpose with your consent.

The controller of the personal data within the meaning of the General Data Protection Regulation and the Business within the meaning of CCPA is: 

Registered Company Name: MENTALJOURNEY PTE.LTD.
‍Registration number: 202338316G
Registered address: 60 Paya Lebar Road #07-54 Paya Lebar Square Singapore 409051
Responsible person: Aaron Charles Gabriel
Email: support@mentaljourneyapp.com

You may always reach us by sending an electronic message to our email as mentioned above.

We delete your personal data as soon as they are no longer needed for the purposes pursued with the collection and processing and as far as no legal storage obligations stand in the way.

We will retain and use your personal data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

Cookies are small text files that are sent from a web server to your browser and stored on your device's hard drive. This makes it possible to recognize you when you visit the app again. We don’t use any type of cookies in our app.

Please note that we use Google AdMob. You may acquaint yourself with their policies by following this link here.

We store your personal data in Amazon Web Services (AWS). If we decide to transfer your data to other countries or international organizations, we will obtain your consent for the transfer to be made and we will take steps to ensure that your personal data continues to receive a standard of protection that is at least comparable to that provided under the PDPA.

If you are an EEA resident, we will transfer your data to another country (outside EEA) only if it is ensured that the recipient of the data guarantees an adequate level of data protection and that there are no other interests worthy of protection against the data transfer.

Under GDPR we must process your data using one of the following legal bases:

1. Article 6 I lit. a GDPR - the data subject has given consent to the processing of his or her personal data for one or more specific purposes - serves our company as the legal basis for processing operations in which we obtain consent for a specific processing purpose. 
2. If the processing of personal data is necessary for the performance of a contract to which the data subject is a party, as is the case, for example, with processing operations that are necessary for the delivery of goods or the provision of another service or consideration, the processing is based on Article 6 I lit. b GDPR - processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract. The same applies to such processing operations that are necessary for the implementation of pre-contractual measures, for example in cases of inquiries about our products or services. 
3. If our company is subject to a legal obligation by which a processing of personal data becomes necessary, such as for the fulfillment of tax obligations, the processing is based on Art. 6 I lit. c GDPR - processing is necessary for compliance with a legal obligation to which the controller is subject. 
4. In rare cases, the processing of personal data might become necessary to protect vital interests of the data subject or another natural person. This would be the case, for example, if a visitor were to be injured on our premises and as a result his or her name, age, health insurance data or other vital information had to be passed on to a doctor, hospital or other third party. Then the processing would be based on Art. 6 I lit. d GDPR - processing is necessary in order to protect the vital interests of the data subject or of another natural person. 
5. Finally, processing operations could be based on Art. 6 I lit. f GDPR - processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child. Processing operations that are not covered by any of the aforementioned legal bases are based on this legal basis if the processing is necessary to protect a legitimate interest of our company or a third party, provided that the interests, fundamental rights and freedoms of the data subject are not overridden. Such processing operations are permitted to us in particular because they were specifically mentioned by the European legislator. In this respect, it took the view that a legitimate interest could be assumed if the data subject is a customer of the controller.

Your rights concerning your personal data depend on the applicable law. Thus this section is divided into 3 subsections for the residents of US, EEA and Singapore respectively.

FOR US RESIDENTS:

1. The right to notice. You have the right to be notified which categories of personal data are being collected and the purposes for which the personal data is being used.
2. The right to request. Under CCPA, you have the right to request that we disclose information to you about our collection, use, sale, disclosure for business purposes and share of personal information. Once we receive and confirm your request, we will disclose to you:
   
   • The categories of personal information we collected about you
   • The categories of sources for the personal information we collected about you 
   • Our business or commercial purpose for collecting or selling that personal information
   • The categories of third parties with whom we share that personal information 
   • The specific pieces of personal information we collected about you 
   • If we sold your personal information or disclosed Your personal information for a business purpose, we will disclose to you the categories of personal information categories sold and the categories of personal information categories disclosed
   ‍
3. The right to say no to the sale of Personal Data (opt-out). You have the right to direct us to not sell your personal information. To submit an opt-out request please contact us.
4. The right to delete Personal Data. You have the right to request the deletion of your Personal Data, subject to certain exceptions. Once we receive and confirm your request, we will delete (and direct our Service Providers to delete) your personal information from our records, unless an exception applies. We may deny your deletion request if retaining the information is necessary for us or our Service Providers to:
   
   • Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
   •Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
   • Debug products to identify and repair errors that impair existing intended functionality. 
   • Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
   • Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.). 
   • Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information's deletion may likely render impossible or seriously impair the research's achievement, if you previously provided informed consent.
   • Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
   • Comply with a legal obligation.
   • Make other internal and lawful uses of that information that are compatible with the context in which you provided it
   ‍
5. The right not to be discriminated against. you have the right not to be discriminated against for exercising any of your consumer's rights, including by:
   
   • Denying goods or services to you
   • Charging different prices or rates for goods or services, including the use of discounts or other benefits or imposing penalties 
   • Providing a different level or quality of goods or services to you
   • Suggesting that you will receive a different price or rate for goods or services or a different level or quality of goods or services
   ‍

1. The right to be informed - that’s an obligation on us to inform you how we use your personal data (and that’s what we’re doing in this Privacy Notice)
2. Right of access - The Controller offers you access to your personal data we process. This means you can contact us and request from us a confirmation whether or not your personal data are being processed and if so, you have the right to request access to your data, which we will provide to you in the form of a so-called "registry" (stating, in particular, purposes, categories of personal data, categories of recipients of personal data, storage periods or criteria for determining storage periods).
3. Right to rectification - You have the right to have inaccurate personal data we have stored about you rectified.
4. Right to erasure - You may also ask us to erase your personal data from our systems. We will comply with such requests unless we have a legitimate ground to not delete your personal data.
5. Right to restriction of processing - You may request us to restrict certain processing of your personal data. If you restrict certain processing of your personal data, this may lead to fewer possibilities to use our Services and app.
6. Right to data portability - You have the right to receive your personal data from us in a structured, commonly used and machine-readable format in order to transmit the personal data to another controller.
7. Right to object - that’s a right for you to object to us processing your personal data (for example, if you object to us processing your data for direct marketing).
8. Rights in relation to automated decision-making and profiling - that’s a right you have for us to be transparent about any profiling we do, or any automated decision-making.
9. Right to withdraw Consent — that’s the right to revoke any consent you may have previously given us at any time, if we have collected and processed your personal information with your consent. Withdrawing your consent will not affect the lawfulness of any processing we conducted with your consent prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.

1. Right to Access - when you request  to access your personal data held by us, we are required to respond to your request as quickly as is reasonable and to give you access to any personal data about you that is in our possession or control, along with details about any uses or disclosures we may have made of the information within the year prior to the request;
2. Right to Correction - you have the right to correct where you may request us to correct an error or omission in your personal data in our possession; We will update the personal data as soon as it is practical unless we are convinced for valid reasons that correcting it is unnecessary. 
3. Right to Withdraw Consent - you have the right to withdraw consent at any time by giving reasonable notice to us. Upon receipt of the withdrawal request, we will inform you about the probable consequences of withdrawing consent.
4. Right to Accuracy - you have the right to accuracy where we are required to use reasonable efforts to ensure that any personal data we collect is accurate and complete, particularly if that personal data is likely to be used to make decisions that will have an impact on you or may be disclosed to other organizations;
5. Right to Protection - you have the right to protection where we must protect personal data in our possession or under our control by making reasonable security arrangements to prevent unauthorized access, collection, use, disclosure, copying, modification or disposal, or similar risks and the loss of any storage medium or device on which personal data is stored.
6. Right of Private Action - If you suffer direct loss or damage due to an our violation of specific provisions, you have the right to seek redress through civil proceedings in a court;
7. Right to be Informed - we will inform you of the purposes for collecting, using, or disclosing personal data at the time of collection. 

How to use your rights - You may exercise your rights above in writing by sending an email to the contact details in How to Contact Us. You will not have to pay a fee to exercise any of your rights unless your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances. We may require confirmation of your identity depending on your request. We respond to all requests we receive from individuals wishing to exercise their data rights in accordance with applicable data protection laws.

Yes. We may amend this Privacy Policy from time to time. The new version will come into force upon its publishing in our app. You may always find out whether our privacy policy was amended by checking the “last modified” legend on the top of the page.