Privacy Policy

1. Overview

Welcome to Test Apps Limited ("we," "our," or "us"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile applications and services.

1.1 Who We Are

Test Apps Limited is a New Zealand-based company committed to creating innovative mobile applications while respecting your privacy and protecting your personal information.

1.2 Scope of This Policy

This Privacy Policy applies to all applications developed and published by Test Apps Limited, including but not limited to:

• Mental health and wellness applications
• Productivity tools
• Educational applications
• Entertainment and lifestyle apps

1.3 Your Consent

By using our applications, you consent to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use our applications.

2. Information We Collect

We collect different types of information to provide and improve our services to you.

2.1 Information You Provide Directly

• Account Information: When you create an account, we collect your email address, username, and password
• Profile Information: Optional information like name, age range, profile picture, and preferences
• User Content: Information you input into our applications, such as journal entries, mood logs, goals, notes, or other user-generated content
• Communication Data: Messages you send us through support channels, feedback forms, or in-app messaging
• Payment Information: Billing details for premium features (processed through secure third-party payment processors)

2.2 Information Collected Automatically

• Device Information: Device type, operating system, unique device identifiers, mobile network information
• Usage Data: Features used, time spent in app, interaction patterns, session duration
• Location Data: Approximate location based on IP address (precise location only if you grant permission)
• Crash Data: Technical information about app crashes and errors to improve stability
• Analytics Data: Aggregated usage statistics and performance metrics

2.3 Information from Third Parties

• Social Media: If you sign in through social media (Google, Apple, Facebook), we receive basic profile information
• Analytics Providers: Aggregated usage data from third-party analytics services
• Advertising Partners: Anonymous identifiers for ad personalization (if applicable)

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 To Provide and Improve Our Services

• Create and manage your account
• Deliver the core functionality of our applications
• Personalize your experience and provide relevant content
• Analyze usage patterns to improve features and user experience
• Develop new features and services

3.2 To Communicate with You

• Send service-related notifications and updates
• Respond to your inquiries and support requests
• Send promotional materials (only if you opt in)
• Notify you about changes to our policies or services

3.3 For Safety and Security

• Detect and prevent fraud, abuse, and security incidents
• Protect the rights, property, and safety of our users and company
• Enforce our Terms of Service and other policies
• Comply with legal obligations and law enforcement requests

3.4 For Research and Analytics

• Conduct internal research and product development
• Analyze trends and user behavior in aggregate
• Measure the effectiveness of our services
• Understand how users interact with our applications

3.5 Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), United Kingdom (UK), and Switzerland, we process your personal data based on:

• Consent: You have given clear consent for us to process your data for specific purposes
• Contract: Processing is necessary to fulfill our contract with you (providing our services)
• Legitimate Interests: Processing is in our legitimate interests (e.g., improving our services) and does not override your rights
• Legal Obligation: Processing is necessary to comply with legal requirements

4. Artificial Intelligence and Machine Learning

Some of our applications use artificial intelligence (AI) and machine learning technologies to enhance user experience and provide personalized features.

4.1 How We Use AI

• Content Personalization: AI algorithms analyze your usage patterns to recommend relevant content, features, or insights tailored to your interests
• Natural Language Processing: Some applications may use AI to analyze text you input (like journal entries) to provide insights, sentiment analysis, or suggestions
• Predictive Features: Machine learning models may predict trends or patterns based on your historical data to provide proactive recommendations
• Content Generation: Certain features may use generative AI to create personalized content, suggestions, or responses based on your inputs
• Image Recognition: Some apps may use AI to analyze images you upload for categorization or feature enhancement

4.2 Data Used for AI Processing

When AI features are enabled, we may process:

• User-generated content (text, images, audio)
• Usage patterns and interaction history
• Preferences and settings
• Aggregated and anonymized data from other users

4.3 Third-Party AI Services

We may use third-party AI service providers (such as OpenAI, Google Cloud AI, or similar services) to power some AI features. When we do:

• We only share the minimum data necessary for the AI service to function
• We ensure these providers have strong privacy protections and do not use your data to train their general models (where technically feasible)
• We use enterprise or business-tier services with enhanced privacy protections
• Data shared with AI providers is processed in accordance with their privacy policies, which we require to meet high standards

4.4 Your Control Over AI Features

You have control over AI-powered features:

• Opt-Out: You can disable AI-powered features in your app settings at any time
• Data Deletion: When you delete your account or specific data, associated AI-processed insights are also removed
• Transparency: We clearly label features that use AI technology within our applications
• No Training on Your Data: Your personal data is not used to train AI models that benefit other users or third parties without your explicit consent

4.5 Accuracy and Limitations

While we strive for accuracy, AI-generated content and insights:

• May not always be 100% accurate or appropriate for your specific situation
• Should not be considered professional advice (medical, legal, financial, etc.)
• Are provided for informational and entertainment purposes
• Should be reviewed critically and not relied upon exclusively for important decisions

4.6 Data Security for AI Processing

We implement additional security measures for AI processing:

• Data encryption during transmission to AI services
• Anonymization or pseudonymization where possible
• Regular security audits of AI integrations
• Strict access controls limiting who can access AI-processed data

5. How We Share Your Information

We do not sell your personal information to third parties. We may share your information in the following limited circumstances:

5.1 Service Providers

We share data with trusted third-party service providers who help us operate our applications:

• Cloud Hosting: Amazon Web Services (AWS), Google Cloud Platform
• Analytics: Google Analytics, Firebase Analytics
• Payment Processing: Stripe, Apple In-App Purchase, Google Play Billing
• Customer Support: Help desk and support ticket systems
• Email Services: Transactional and promotional email delivery
• AI Services: Third-party AI and machine learning providers (as described in Section 4)

These service providers are contractually obligated to protect your data and use it only for the purposes we specify.

5.2 Legal Requirements

We may disclose your information if required by law or in response to valid legal processes, such as:

• Court orders or subpoenas
• Law enforcement requests
• National security requirements
• Protection of our legal rights and property
• Prevention of fraud or security threats

5.3 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email and/or prominent notice in our applications before your information is transferred and becomes subject to a different privacy policy.

5.4 With Your Consent

We may share your information with third parties when you explicitly consent to such sharing, such as when connecting your account to other services or platforms.

5.5 Aggregated or Anonymized Data

We may share aggregated or anonymized data that cannot identify you personally with:

• Researchers for academic studies
• Business partners for analytics
• The public for transparency reports

6. Data Security

We take the security of your personal information seriously and implement industry-standard measures to protect it.

6.1 Technical Safeguards

• Encryption: Data is encrypted in transit (using TLS/SSL) and at rest
• Secure Storage: Data is stored on secure servers with restricted access
• Access Controls: Strict authentication and authorization mechanisms
• Regular Security Audits: Periodic security assessments and vulnerability testing
• Secure Development: Security best practices in our development process

6.2 Organizational Safeguards

• Limited Access: Only authorized personnel have access to personal data
• Employee Training: Staff trained on data protection and privacy practices
• Confidentiality Agreements: All employees sign confidentiality agreements
• Incident Response: Procedures in place to respond to security breaches

6.3 Your Responsibilities

You can help protect your account by:

• Using a strong, unique password
• Enabling two-factor authentication (if available)
• Not sharing your login credentials
• Logging out of shared devices
• Reporting any suspicious activity immediately

6.4 Data Breach Notification

In the event of a data breach that affects your personal information:

• We will notify affected users promptly (typically within 72 hours of discovery)
• We will describe the nature of the breach and what information was affected
• We will outline steps we're taking to address the breach
• We will provide recommendations on how you can protect yourself
• We will notify relevant regulatory authorities as required by law

7. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

7.1 Retention Periods

• Active Accounts: We retain your data while your account is active
• Inactive Accounts: Accounts inactive for 3 years may be deleted after notification
• User Content: Stored as long as your account is active or until you delete it
• Support Communications: Retained for 2 years for quality assurance
• Analytics Data: Aggregated data retained indefinitely (anonymized)
• Legal/Compliance Data: Retained as required by law (varies by jurisdiction)
• Backup Data: Deleted data may persist in backups for up to 90 days

7.2 Account Deletion

When you delete your account:

• Your profile and user-generated content are permanently deleted within 30 days
• Some information may be retained in backups for up to 90 days
• Aggregated, anonymized data may be retained for analytics
• Information we're required to retain by law will be kept only as long as necessary
• You will receive confirmation once deletion is complete

7.3 How to Delete Your Data

You can delete your data by:

• Deleting your account through app settings
• Contacting us at hello@testapps.com with a deletion request
• Using the "Delete My Data" option in your account settings

8. Your Privacy Rights

You have important rights regarding your personal information. Here's what you can do:

8.1 Access Your Data

You have the right to access the personal information we hold about you. You can:

• View your profile and settings in the app
• Request a copy of your data by emailing hello@testapps.com
• Download your data using in-app export features (if available)

8.2 Correct Your Data

You can update or correct your personal information by:

• Editing your profile in the app settings
• Contacting us to correct inaccurate information

8.3 Delete Your Data

You have the right to request deletion of your personal information:

• Delete your account through the app
• Request data deletion by emailing hello@testapps.com
• Note: Some information may be retained as required by law

8.4 Export Your Data

You have the right to receive your personal data in a portable format:

• Use in-app export features to download your data
• Request a data export by contacting us
• Data will be provided in JSON or CSV format

8.5 Opt-Out of Communications

You can control the communications you receive:

• Marketing Emails: Unsubscribe link in every email
• Push Notifications: Manage in app settings or device settings
• SMS Messages: Reply STOP to opt out
• Service Emails: Essential service communications cannot be disabled

8.6 Object to Processing

You can object to certain types of data processing:

• Marketing and promotional activities
• Analytics and research (by limiting data collection in settings)
• AI-powered features (by disabling them in settings)

8.7 Restrict Processing

You can ask us to temporarily restrict processing of your personal data in certain circumstances, such as when verifying data accuracy or assessing legitimate grounds for processing.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience and collect information about how you use our services.

9.1 What Are Cookies?

Cookies are small data files stored on your device that help us remember your preferences and understand how you use our services.

9.2 Types of Cookies We Use

• Essential Cookies: Necessary for the app to function (cannot be disabled)
• Functional Cookies: Remember your preferences and settings
• Analytics Cookies: Help us understand how users interact with our apps
• Advertising Cookies: Used to deliver relevant ads (if applicable)

9.3 Other Tracking Technologies

• Mobile SDKs: Software development kits for analytics and advertising
• Pixels: Tiny images used to track email opens and website visits
• Local Storage: Data stored locally on your device
• Device Identifiers: Unique identifiers like IDFA (iOS) or AAID (Android)

9.4 Managing Cookies and Tracking

You can control cookies and tracking through:

• App Settings: Manage tracking preferences in the app
• Device Settings: Enable "Limit Ad Tracking" (iOS) or "Opt out of Ads Personalization" (Android)
• Browser Settings: Clear or block cookies in your browser

9.5 Do Not Track

Our applications currently do not respond to "Do Not Track" signals. However, you can limit tracking through device settings as described above.

10. Third-Party Services and Links

Our applications may integrate with or link to third-party services that have their own privacy policies.

10.1 Third-Party Integrations

We may use the following types of third-party services:

• Social Media Logins: Google, Apple, Facebook sign-in
• Analytics: Google Analytics, Firebase Analytics
• Cloud Storage: AWS, Google Cloud
• Payment Processors: Stripe, Apple Pay, Google Pay
• Customer Support: Help desk and ticketing systems
• AI Services: OpenAI, Google Cloud AI, or similar providers

10.2 Third-Party Links

Our applications may contain links to external websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to read their privacy policies before providing any information.

10.3 Social Sharing

If you choose to share content from our apps to social media platforms, those platforms will have access to the shared information according to their own privacy policies.

11. Children's Privacy

We are committed to protecting the privacy of children who use our services.

11.1 Age Requirements

• General Apps: Users must be 13 years or older (16 in the EEA)
• Apps with Sensitive Content: May require users to be 18 or older
• Parental Consent: Required for users under the minimum age in their jurisdiction

11.2 Children Under 13

We do not knowingly collect personal information from children under 13 (or 16 in the EEA) without parental consent. If we become aware that we have collected such information without consent, we will delete it promptly.

11.3 Parental Rights

If you are a parent or guardian and believe your child has provided us with personal information without your consent:

• Contact us immediately at hello@testapps.com
• Provide proof of your relationship to the child
• We will delete the information within 30 days

11.4 Family-Friendly Apps

For applications designed for families with children, we:

• Minimize data collection from children
• Disable advertising or use only age-appropriate ads
• Do not require social features that allow communication with strangers
• Provide clear privacy information to parents

12. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence.

12.1 Where We Process Data

• Primary Location: New Zealand
• Cloud Storage: Servers in multiple regions including USA, Australia, Europe
• Service Providers: May be located worldwide

12.2 Data Protection Safeguards

When we transfer data internationally, we ensure appropriate safeguards:

• Standard Contractual Clauses: Approved by the European Commission
• Adequacy Decisions: Transfers to countries deemed adequate by regulatory authorities
• Binding Corporate Rules: For transfers within corporate groups
• Explicit Consent: When required, we obtain your consent for specific transfers

12.3 Your Rights for International Transfers

You have the right to:

• Know where your data is being transferred
• Receive information about safeguards in place
• Object to certain international transfers
• Request copies of safeguard documentation

13. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA).

13.1 Your California Rights

• Right to Know: Request disclosure of personal information we've collected about you
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: Opt out of the "sale" or "sharing" of your personal information
• Right to Correct: Request correction of inaccurate personal information
• Right to Limit: Limit the use of your sensitive personal information
• Right to Non-Discrimination: Not be discriminated against for exercising your rights

13.2 Do Not Sell or Share My Personal Information

We do not sell your personal information. We do not share your personal information with third parties for their direct marketing purposes without your consent.

13.3 Sensitive Personal Information

We may collect certain categories of sensitive personal information, including:

• Account login credentials
• Health or medical information (in health-focused apps)
• Precise geolocation (only if you grant permission)

You can limit our use of sensitive personal information through your account settings.

13.4 How to Exercise Your California Rights

To exercise any of these rights:

• Email: hello@testapps.com with "California Privacy Rights" in the subject
• Include: Your name, email, and specific request
• Verification: We may need to verify your identity before processing your request
• Authorized Agent: You may designate an authorized agent to make requests on your behalf

13.5 Response Timeline

• We will acknowledge your request within 10 business days
• We will respond substantively within 45 days
• If more time is needed, we'll notify you and may extend by an additional 45 days

13.6 California "Shine the Light" Law

California Civil Code Section 1798.83 permits California residents to request information about disclosures of personal information to third parties for direct marketing purposes. As stated above, we do not share personal information with third parties for their direct marketing purposes.

14. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR).

14.1 Legal Basis for Processing

We process your personal data based on the following legal grounds:

• Consent: You have explicitly consented to processing for specific purposes
• Contract Performance: Processing is necessary to provide our services
• Legitimate Interests: Processing serves our legitimate business interests
• Legal Obligation: Processing is required to comply with laws
• Vital Interests: Processing is necessary to protect someone's life

14.2 Your GDPR Rights

• Right of Access: Obtain confirmation of processing and a copy of your data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data ("right to be forgotten")
• Right to Restrict Processing: Limit how we process your data
• Right to Data Portability: Receive your data in a structured format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent for consent-based processing

14.3 Data Protection Officer

You can contact our Data Protection Officer at:

• Email: hello@testapps.com
• Subject Line: "GDPR / Data Protection Inquiry"

14.4 Supervisory Authority

You have the right to lodge a complaint with your local supervisory authority if you believe we have not handled your personal data properly. Contact details for EU supervisory authorities are available at https://edpb.europa.eu/about-edpb/about-edpb/members_en.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

15.1 Notification of Changes

When we make changes, we will:

• Update the Date: Change the "Last Updated" date at the top of this policy
• In-App Notification: Notify users through our applications for significant changes
• Email Notification: Send email notifications for material changes (if we have your email)
• Website Notice: Post notices on our website

15.2 Types of Changes

• Minor Changes: Clarifications, formatting, or non-substantive updates
• Material Changes: Significant changes to data practices or your rights
• Legal Updates: Changes required by new laws or regulations

15.3 Your Options

When we make material changes:

• You can continue using our services under the new terms
• You can contact us with questions or concerns
• You can exercise your rights to access, correct, or delete your data
• You can stop using our services if you disagree with the changes

16. Contact Information

We're here to help with any privacy questions or concerns you may have.

16.1 When to Contact Us

Please contact us for:

• Questions about this Privacy Policy or our privacy practices
• Requests to exercise your privacy rights
• Concerns about how your personal information is handled
• Reports of potential privacy or security issues
• Questions about data sharing or third-party integrations
• Requests for additional information about our data practices
• Questions about how AI is used in our applications

16.2 Response Times

• General Inquiries: We aim to respond within 2-3 business days
• Privacy Rights Requests: Within 30 days (or as required by law)
• Security Issues: Within 24 hours for urgent matters
• GDPR Requests: Within 1 month (may be extended to 3 months for complex requests)

16.3 What to Include in Your Request

To help us process your request efficiently, please include:

• Your full name and email address associated with your account
• Specific details about your request or concern
• Which applications you use
• Any relevant dates or timeframes
• Proof of identity (for privacy rights requests)

16.4 Emergency Contacts

For urgent privacy or security matters:

• Email: hello@testapps.com with "URGENT" in the subject line
• Data Breach Reports: hello@testapps.com with "SECURITY INCIDENT" in the subject line

16.5 Language Support

We primarily provide support in English. If you need assistance in another language, please let us know and we will do our best to accommodate your request or direct you to appropriate resources.

16.6 Representative Contacts

For residents of certain jurisdictions, we have appointed local representatives:

• EU/EEA/UK Representative: Contact details available upon request
• California Agent: Service through our primary contact above