Privacy Policy

Effective November 8, 2024

We are committed to respecting your data privacy and providing transparency about our data practices. This Privacy Policy explains how Fjor Nutrition Inc. ("Company," "we," or "us") collects, uses, shares, and protects personal data through our mobile applications (e.g., Formula App, Keto Diet App, Carnivore Diet App, collectively the "Apps") and websites (e.g., https://formula.care, https://keto-diet-app.com, https://myketo.care, collectively the "Websites"), referred to together as the "Services."

We may update this Privacy Policy periodically. If significant changes are made, we will notify you via email, through the Apps, or by requiring you to accept the new policy. Continued use of the Services after updates indicates your acceptance. We encourage you to periodically review this Privacy Policy for the latest information on our data privacy practices. If you do not accept the terms of this Privacy Policy, we ask that you do not use the Services. Please discontinue use and delete the Apps if you do not agree to the terms of this Privacy Policy.

1. PERSONAL DATA AND INFORMATION WE COLLECT ABOUT YOU

We collect the following categories of personal data to provide and improve our services:

Personal data you provide:

• General Details: This includes your name, email address, and subscription details. You may also choose to provide information about your gender.
• Preferences: Information you share with us about your product or content interests and your communication or marketing preferences.
• Communication Information: If you contact us, we collect your name, contact information, and the contents of your messages.
• Health and Well-Being Data: You may choose to provide details such as your weight, height, nutrition information, water consumption, and any symptoms you track. Additionally, with your consent, we may import data from third-party services like Apple HealthKit or other similar platforms. Such data may include sports activities, calories burnt, heart rate, number of steps/distance traveled, and other health-related metrics.
• Account Photo: If you voluntarily upload a profile picture, we will store it as part of your account.

Personal data we collect automatically:

• Device and Usage Information: This includes details about your device, such as its make, model, operating system, advertising identifiers, and similar technical data.
• Log Data: Information automatically sent by your browser or device, such as IP address, browser type, operating system, and date and time of your access.
• Usage Activity: Details about how you interact with our services, such as your purchase history, content viewed, and areas of the site you visited.
• Location Information: Data about your location, including proximity to third-party merchants. You can adjust your device settings to disable location collection:
  • For iOS users: Disable location services in your device settings.
  • For Android users: Disable Bluetooth and location services in your device settings.
• Demographic Information: Data such as your age and gender.

Personal data from other sources

• Third-Party Data: With your explicit consent, we may import data from third-party platforms to enhance your app experience. This includes data such as dietary habits, physical measurements, and health activities. These imports are subject to the privacy policies of the third-party services.

How we handle sensitive data

We do not use information obtained through Apple HealthKit or similar services for advertising or sell it to third parties. This data is processed only to provide app functionality and features.

Aggregated or De-identified Information

If personal data is aggregated or de-identified so that it cannot be associated with an identifiable individual, we may use it for any business purpose.

Consent for Processing Your Personal Data

By installing the app and creating a profile, or by explicitly accepting this Privacy Policy, you consent to:

• The storage and processing of your personal data to provide and improve our services.
• Receiving notifications and reminders via the app or the email address you provided.
• Sharing data with technical service providers as necessary to deliver our services.

We will not share your personal data with third parties unless required for service delivery or you have provided explicit consent.

2. HOW WE USE YOUR PERSONAL DATA AND INFORMATION

We may use your information, including your Personal Data, for the following purposes, in compliance with applicable privacy laws. By accepting this Privacy Policy, you provide your explicit consent where required:

Providing and Improving Our Services

• To analyze, operate, maintain, and improve the Services, their features, and our marketing activities.
• To develop and add new features or offerings to the Services.
• To create a personalized experience, such as tailored content, workout plans, or recommendations based on your preferences.
• To assess your needs and determine suitable products or services.

Communication and Notifications

• To respond to your comments, questions, and requests and provide customer support.
• To send service-related communications, such as product updates, warranty information, security alerts, or transaction confirmations.
• To send you marketing communications, including promotions and insights, subject to your consent where required. You can opt out of marketing emails by following the "Unsubscribe" link in the email or contacting us at support@myketo.care.
• To send you push notifications. If you do not wish to receive these notifications, you can manage your preferences through your device or service settings or contact us at support@myketo.care.

Research and Development

• To conduct research and analysis, including for scientific and academic research purposes.
• To anonymize or de-identify your personal data and use it for aggregated statistical purposes, such as analyzing the effectiveness of the Services and their features.

Ensuring Legal Compliance and Security

• To comply with legal obligations, such as verifying age eligibility for the Services.
• To protect the rights, privacy, safety, or property of our users, us, our affiliates, or third parties.
• To prevent misuse of the Services and ensure the security of our IT systems and networks.

Information from Third Parties

• To integrate data from third-party services, such as Apple HealthKit or Google Health Connect, upon your consent. This may include health data like steps, calories burnt, or other fitness metrics, which will only be processed to provide functionality and improve your experience.
• To combine third-party marketing data with existing information to tailor advertising and improve products, provided this does not include sensitive or special categories of personal data under applicable laws.

Social Networks and Public Areas

• To enable sharing of information, such as messages, photos, and videos, with others in your network. Please note:
  • Information shared in public areas of the Services may be visible to others and cannot always be removed.
    • If you mistakenly post personal data in public areas, contact us at support@myketo.care to request its removal. In some cases, technical limitations may prevent us from removing it entirely.
• Information you post in public areas may also be indexed by third-party search engines.

Aggregated or De-identified Information

• We may aggregate or de-identify personal data so that it can no longer identify you and use it to:
  • Conduct scientific research.
  • Analyze the effectiveness of the Services and their features.
  • Improve or add features to the Services.
  • Share aggregated insights or statistics with research institutions or third parties.

Important Notes on Sensitive Data

• We will not use sensitive information, such as HealthKit data, for advertising or sell it to advertising platforms, data brokers, or information resellers.
• Sensitive data will only be used for the purposes disclosed at the time of collection or as outlined in this Privacy Policy.

Choice/Opt-Out

You may opt out of receiving our newsletter or marketing emails by following the unsubscribe instructions in the email or contacting us at support@myketo.care.

3. YOUR RIGHTS

Modification, correction, and erasure. You are able to modify, correct, erase and update your Personal Data in the App account settings or, if that is impossible, by writing us at support@myketo.care.

Access. You have a right to access your Personal Data you insert into the App and ask us about what kind of Personal Data we have about you. You can do this by using the app settings or by writing to support@myketo.care.

EU residents. Individuals residing in the countries of the European Union have certain statutory rights in relation to their personal data introduced by the General Data Protection Regulation (the "GDPR"). Subject to any exemptions provided by law, you may have the right to request access to Personal data (including in a structured and portable form), as well as to seek to update, delete or correct Personal data:

• Rectification of Personal Data and Restriction of Processing. You are responsible for ensuring the accuracy of your Personal Data that you submit to the App. Inaccurate information will affect your experience when using the App Web Sites and tools and our ability to contact you as described in this Privacy Policy. If you believe that your Personal Data is inaccurate, you have right to contact us and ask us to correct such Personal Data by contacting us at support@myketo.care. You shall also have the right to request restriction of processing of your Personal Data, if you contest the accuracy of the Personal Data and we need some time to verify its accuracy.
• Access to your Personal Data and Data Portability. The App gives you the ability to access and update Personal Data within the App and your account settings. You shall have the right to request information about whether we have any Personal Data about you, to access your Personal data (including in a structured and portable form) by using your app settings or by simply writing us at support@myketo.care.
• Erasure of your Personal Data. If you believe that your Personal Data is no longer necessary in relation to the purposes for which it was collected or otherwise processed, or in cases where you have withdrawn your consent or object to the processing of your Personal Data, or in cases where the processing of your Personal Data does not otherwise comply with the GDPR, you have right to contact us and ask us to erase such Personal Data as described above. You can use simply write us at support@myketo.care. Please be aware that erasing some Personal Data inserted by you may affect your possibility to use the App and its features. Erasure of some Personal Data may also take some time due to technical reasons.
• Right to object processing of your Personal Data. You can object processing your Personal Data and stop us from processing your Personal data you can simply write us at support@myketo.care. Please be aware that erasing some Personal Data inserted by you may affect your possibility to utilize the App and its features.
• Notification requirements. We commit to notify you within reasonable period of time and your data protection authority within the timeframe specified in applicable law (72 hours) about any personal data breaches in the App.
• **Data Protection Authorities.**Subject to GDPR, you also have the right to (i) restrict our use of Personal Data and (ii) lodge a complaint with your local data protection authority about any of our activities that you deem are not compliant with GDPR.

Please keep in mind that in case of a vague access, erasure, objection request or any other request in exercise of the mentioned rights we may engage the individual in a dialogue so as to better understand the motivation for the request and to locate responsive information. In case this is impossible, we reserve the right to refuse granting your request.

Following the provisions of GDPR we might also require you to prove your identity (for example, by requesting an ID or any other proof of identity) in order for you to invoke the mentioned rights, specifically if you exercise them in respect to special categories of Personal Data like data about health. This is made to ensure that no rights of third parties are violated by your request, and the rights described in this section are exercised by an actual Personal Data subject or an authorized person.

4. SHARING YOUR PERSONAL DATA AND INFORMATION

Sharing with third parties. We will share your Personal Data and information with third parties only in the ways that are described in this Privacy Policy.

We may disclose your Personal Data:

• as required by law, such as to comply with a subpoena, or similar legal process.
• when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
• if we are involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on our Web site of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
• to any other third party with your prior explicit consent to do so.

We share the information we collect with third-party business partners who commit to comply with applicable laws concerning their usage of your Personal Data (for example, GDPR for the EU residents). Our third-party business partners may share your Personal Data with their own third-party business partners, granted they have appropriate data protection safeguards in place, and use the information either for themselves or on behalf of their own business partners to:

• Operate and improve their services;
• Provide you with advertisements and information for products and services in this app or on other apps or websites based on variables such as your location, and assess your level of engagement with them; and
• Carry out other purposes that are disclosed to you and to which you consent.

Depending on a service you use, we may share some of your Personal Data and information with third-party business partners who perform analytical and other tasks for us (in some jurisdictions such parties may qualify for being a 'processor' under applicable laws). These are the third-party services with whom, among others, we may share some of your Personal Data and information:

1. Appsflyer. Appsflyer is a mobile marketing platform. We may share certain non-identifiable information about you and some Personal Data (but never any data related to health) in order to carry out marketing activities and provide you better and more targeted service. Learn more about Appsflyer: https://www.appsflyer.com
2. MoPub. Mopub is a subsidiary of Twitter, Inc. and a monetization platform. We may share non-identifiable information about you and some Personal Data (but never any data related to health) in order to carry out marketing and adds activities. Learn more about MoPub: https://www.mopub.com
3. Facebook. We use Facebook as our advertising partner to display advertising in our App or to manage our advertising on other sites. Normally, Facebook collects only non-personally identifiable information about your activities on this App and other apps to provide you targeted advertising based upon your interests. Learn more about Facebook advertising policy: https://m.facebook.com/ads/ad_choices.
4. Fabric. We use Fabric, an analytics company and a Google subsidiary, to better understand your use of the App. For example, Fabric may use device identifiers that are stored on your mobile device and allow us to analyze your use of the App in order to improve our App features. Read more about Fabric here: https://get.fabric.io
5. **Crashlytics.**Crashlytics, a Google business division, provides us crash reporting solution that we use in order to track when the App crashes or works improperly on your device. Crashlytics may collect certain device identifiers in order to understand on what devices and under which circumstances the App does not work or crashes. See more about Crashlytics here: https://try.crashlytics.com/reports/
6. Appsee. Appsee is s a mobile app analytics platform that provides us tools that enable us to track and optimize the UX in the App through the use of some device identifiers. See more here: https://www.appsee.com
7. **Flurry.**Flurry is a Yahoo! Subsidiary and analytical platform that we use in order to analyze different use trends in our App. We may share certain non-identifiable information about you and some Personal Data (but never any data related to health) with Flurry. See more: https://developer.yahoo.com/flurry/legal-privacy/tos.html
8. **Zendesk.**We use Zendesk as an intermediary for user support services. Zendesk may collect some of your Personal data (like contact information) in order to connect us with you. See more about Zendesk and its privacy policy: https://www.zendesk.com/company/customers-partners/eu-data-protection/
9. **Twitter.**We use Twitter as our advertising partner to display advertising in Twitter. Normally, Twitter collects only non-personally identifiable information about your activities on this App and other apps to provide you targeted advertising based upon your interests. See more about Twitter's privacy approach:https://help.twitter.com/en/rules-and-policies/update-privacy-policy
10. **Firebase.**Firebase is an analytics product from Google, Inc. that allows us to track crashes of the App, monitor events in the App, provide us stats regarding the use of the App. Firebase may collect certain device identifiers in order to understand on what devices and under which circumstances particular incidents and events happen. See more on Firebase: https://firebase.google.com/

Our third-party partners are either EU-based or certified under EU-US Privacy Shield Framework that ensures that European data protection requirement are met. The privacy policy of these services can be found on their respective websites. Be informed that some third-party service providers may have their servers located in the United States.

BY USING THE APP, YOU CONSENT THAT WE MAY USE COOKIES AND THIRD-PARTY SERVICES AND COLLECT YOUR USAGE (INCLUDING FOR PROCESSING BY THIRD-PARTY SERVICE PROVIDERS) AND SOME PERSONAL DATA UNDER A UNIQUE IDENTIFIER, FOR THE PURPOSES OF TRACKING, ANALYSIS, AND IMPROVEMENT OF THE APP. BY USING OUR SERVICE, YOU EXPLICITLY CONSENT TO THE USE AND PROCESSING OF YOUR DATA COLLECTED AS DESCRIBED ABOVE.

Aggregated Information. We may also share aggregated, anonymized or de-identified information, which cannot reasonably be used to identify you. For example, we may share, including, without limitation, in articles, blog posts and scientific publications, general age demographic information and aggregate statistics about certain activities or symptoms from data collected to help identify patterns across users.

5. DATA SECURITY

Security of your Personal Data is important to us. When you provide your Personal data that is considered to be sensitive or falls under "categories of special data" under applicable laws to us, we encrypt the transmission of that information using secure socket layer technology (SSL). We follow generally accepted industry standards to protect the Personal Data submitted to us, both during transmission and once we receive it.

Among others, we utilize the following security measures to protect your Personal Data:

• Pseudominization and tokenization of certain categories of your Personal Data;
• Protection of data integrity;
• Encryption of your Personal Data in transit and in rest;
• Systematic vulnerability scanning and penetration testing;
• Organizational and legal measures. For example, our employees have different levels of access to your Personal Data, and only those in charge of data management get access to your Personal Data and only for limited purposes required for the operation of the App. We impose strict liability on our employees for any disclosures, unauthorized accesses, alterations, destructions, misuses of your Personal Data.
• Conducting periodical data protection impact assessments in order to ensure that the App fully adheres to the principles of 'privacy by design', 'privacy by default' and other internationally accepted data protection principles. We also commit to undertake privacy audit in case of Company's merger or takeover.

Bear in mind that no method of transmission, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee its absolute security. If you have any questions about security on our App, you can contact us at support@myketo.care.

6. RETENTION OF YOUR PERSONAL DATA

We retain your Personal Data for as long as your account is active or as necessary to fulfill the purposes for which it was collected, including:

• Providing and improving our Services.
• Complying with legal obligations.
• Resolving disputes.
• Ensuring safety and security.

If you choose to deactivate your account, we retain your Personal Data for up to one month in case you decide to reactivate your account. Certain information, such as general details, details about in-app purchases, communication information, and consent logs, may be retained longer as necessary to comply with legal obligations, resolve disputes, or enforce our agreements.

In addition, we may anonymize your Personal Data (removing any association with you) for purposes such as:

• Conducting scientific research or statistical analysis.
• Improving or developing our Services.

Once anonymized, this information may be used indefinitely without further notice to you.

If you wish to cancel your account or request that we delete your Personal Data, please contact us at support@myketo.care. We will process your request in accordance with applicable legal requirements.

7. DATA STORAGE AND CROSS-BORDER DATA TRANSFERS

Our servers are located in the United States (“US”). This means that your Personal Data may be transferred to, processed, and stored in the US, where it is governed by US law.

Transfers of Personal Data Outside the EEA and UK

For users located in the European Economic Area (EEA) and the United Kingdom (UK), we comply with GDPR and UK GDPR requirements for cross-border data transfers:

• Adequacy Decisions: Where applicable, we rely on adequacy decisions adopted by the European Commission or UK authorities, which confirm that the receiving country provides an adequate level of data protection.
• Standard Contractual Clauses (SCCs): When an adequacy decision is not available, we ensure appropriate safeguards are in place by using SCCs approved by the European Commission (for EEA data) or the UK Addendum to the SCCs or the UK International Data Transfer Agreement (for UK data).
• Additional Measures: We may implement further safeguards to protect your personal data, such as encryption and data minimization, where necessary.

1. COOKIES, SOFTWARE DEVELOPMENT KITS, AND OTHER TRACKING TECHNOLOGIES

When you use our Services, we and our service providers, vendors, and partners, including third parties, may use cookies (small text files placed on your computer or mobile device to identify your browser or device) and other tracking technologies to collect information about your interactions with the Services. This includes information about the features you use, your actions within the Services, and your device or browser settings.

This section applies to cookies and similar technologies such as:

• HTML5 local storage.
• Local shared objects (e.g., Flash cookies).
• Beacons and pixels.
• Plug-ins and widgets.
• Software Development Kits (SDKs).

Why We Use Cookies and Similar Technologies

We use cookies and similar technologies to:

• Operate and administer the Services, such as enabling key functionalities.
• Provide analytics and measure traffic to understand how users engage with our Services.
• Enhance user experience by remembering preferences and settings.
• Deliver personalized content and advertisements (interest-based advertising).
• Ensure the security and integrity of the Services.

Types of Cookies We Use

• Strictly Necessary Cookies: These cookies are essential for the operation of the Services and enable features like secure logins, network distribution, and billing. You cannot disable these cookies without affecting the functionality of the Services.
• Performance and Analytics Cookies: These cookies help us understand user behavior and interactions with the Services to improve their performance. Examples include:
  • Tracking page views and usage trends.
  • Measuring errors and testing new features.
• Marketing Cookies: These cookies are used to deliver personalized advertisements based on your preferences and interactions with the Services. Note: We do not use sensitive health or wellness data for advertising purposes.

Software Development Kits (SDKs)

Our apps incorporates third-party SDKs to enable various features and gather analytics. For example:

• Google Analytics: Helps measure usage and traffic trends. You can opt-out of tracking via Google’s opt-out tools.
• AppsFlyer SDK: Tracks performance and effectiveness of our advertising campaigns. Learn more and opt-out at AppsFlyer Opt-Out.

Interest-Based Advertising

We may partner with ad networks and other providers to serve personalized ads on non-affiliated platforms. These ads are tailored based on your interactions with the Services over time.

You can opt-out of interest-based advertising using tools like:

• Digital Advertising Alliance (DAA): Visit DAA WebChoices or DAA AppChoices.
• Network Advertising Initiative (NAI): Visit NAI Consumer Opt-Out.

Your Choices Regarding Cookies and Tracking

• Browser Settings: Most browsers allow you to block or delete cookies through their settings. However, disabling cookies may affect the functionality of certain features within the Services.
• Device Settings: On Apple devices, enable "Limit Ad Tracking" in your settings. On Android devices, enable "Opt-out of Ads Personalization."
• Cookie Preferences: You can manage your cookie preferences at any time through our Manage Cookies tool, accessible from the Services (see below).

Cross-Border Use of Cookies and Tracking Technologies

For users in the European Economic Area (EEA), United Kingdom (UK), and California, additional privacy protections apply:

• You may manage the collection of your Personal Data through cookies and similar technologies by contacting us at support@myketo.care.
• We ensure compliance with GDPR and other relevant laws when transferring cookie-related data across borders by using Standard Contractual Clauses or other legally recognized safeguards.

Impact of Disabling Cookies

Disabling cookies or similar tracking technologies may prevent you from accessing certain features of the Services or degrade the user experience. Your preferences for cookies and tracking technologies are device- and browser-specific.

9. CHILDREN'S PRIVACY

General age limitation. We are committed to protecting the privacy of children. The App is not intended for children and we do not intentionally collect information about children under 16 years old. The App does not collect Personal Data from any person the Company actually knows is under the age of 16. If you are aware of anyone under 16 using the App, please contact us at support@myketo.care and we will take required steps to delete such information and (or) delete their account.

10. DATA PROTECTION OFFICER

To communicate with our Data Protection Officer, please email at support@myketo.care.

11. CONTACTING US

General contact details. If you have any questions or concerns about your privacy, any provisions of this Privacy Policy or any of your rights, you may contact us at: support@myketo.care