Privacy Policy

1. Introduction

AyeWatch ("AyeWatch," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile applications (iOS and Android), website at ayewatch.ai, and related services (collectively, the "Service").

By using our Service, you consent to the data practices described in this Privacy Policy. If you do not agree with our policies and practices, do not use our Service.

2. Information We Collect

Personal Information You Provide:

• Account Information: Name, email address, password, profile picture
• Communications: Messages you send to us, feedback, support requests
• User Content: Any content you upload or create using our Service

Information Collected Automatically:

• Device Information: Device type, operating system, unique device identifiers, mobile network information
• Usage Data: Features used, actions taken, time spent, frequency of use
• Location Data: IP address, time zone, general geographic location
• Log Data: Server logs, error reports, performance data
• Cookies and Similar Technologies: Session cookies, preference cookies, analytics cookies

Information from Third Parties:

• Social Media: If you connect through social media accounts
• Payment Processors: Transaction confirmations and dispute information
• Analytics Providers: Aggregated usage statistics

3. Legal Basis for Processing (GDPR)

We process your personal data based on the following legal grounds:

• Consent: When you have given explicit consent for specific processing activities
• Contract Performance: To provide the Service you requested and fulfill our contractual obligations
• Legal Obligations: To comply with applicable laws and regulations
• Legitimate Interests: For our legitimate business interests, including:
  • Improving and optimizing our Service
  • Preventing fraud and ensuring security
  • Marketing and promotional activities (with opt-out options)
  • Analytics and business intelligence
• Vital Interests: To protect vital interests of you or another person

4. How We Use Your Information

We use collected information for the following purposes:

• Provide, maintain, and improve our Service
• Process transactions and send transaction notifications
• Send administrative information, updates, and security alerts
• Respond to comments, questions, and support requests
• Monitor and analyze usage patterns and trends
• Personalize user experience and content
• Send marketing communications (with your consent)
• Detect, prevent, and address technical issues and fraud
• Comply with legal obligations and enforce our Terms
• Protect the rights, property, and safety of AyeWatch and users

5. Information Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

• Service Providers: Third parties who perform services on our behalf (hosting, analytics, payment processing, customer support)
• Business Transfers: In connection with mergers, acquisitions, or asset sales
• Legal Requirements: When required by law, court order, or governmental request
• Protection of Rights: To protect our rights, property, safety, or that of our users
• Consent: With your explicit consent
• Aggregated Data: Anonymized data that cannot identify you

All third-party service providers are contractually obligated to protect your information and use it only for the purposes we specify.

6. Your Privacy Rights

Rights Under GDPR (European Users):

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your data ("right to be forgotten")
• Restriction: Limit processing of your data
• Portability: Receive your data in a portable format
• Object: Object to certain processing activities
• Withdraw Consent: Withdraw previously given consent
• Lodge a Complaint: File a complaint with your supervisory authority

Rights Under CCPA (California Users):

• Right to Know: Request disclosure of personal information collected
• Right to Delete: Request deletion of personal information
• Right to Opt-Out: Opt-out of the sale of personal information (we do not sell data)
• Right to Non-Discrimination: Not be discriminated against for exercising rights
• Right to Correct: Request correction of inaccurate information
• Right to Limit Use: Limit use and disclosure of sensitive personal information

To exercise any of these rights, please contact us via our Contact Page. We will respond to your request within 30 days (or as required by applicable law).

7. Data Retention

We retain your personal information for as long as necessary to:

• Provide our Service to you
• Comply with legal obligations
• Resolve disputes and enforce agreements
• Maintain business records

After retention periods expire, we securely delete or anonymize your data.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

• Encryption of data in transit (TLS/SSL) and at rest
• Regular security assessments and penetration testing
• Access controls and authentication mechanisms
• Employee training on data protection
• Incident response procedures
• Regular backups and disaster recovery plans

However, no method of transmission or storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws.

For transfers from the EEA to non-adequate countries, we use appropriate safeguards:

• Standard Contractual Clauses approved by the European Commission
• Your explicit consent for specific transfers
• Other legal mechanisms as required

10. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we discover we have collected information from a child under 13, we will promptly delete it.

For users aged 13-18, we recommend parental guidance when using our Service. Parents may contact us to request review or deletion of their child's information.

11. Mobile App Permissions

Our mobile apps may request the following permissions:

• Push Notifications: To send updates and alerts (optional)
• Camera: For profile pictures or document scanning (when you use these features)
• Storage: To save data locally for offline access
• Network Access: To sync data and provide Service features

You can manage these permissions through your device settings. Denying permissions may limit functionality.

12. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to:

• Essential Cookies: Required for Service functionality
• Performance Cookies: Analyze usage and improve Service
• Functionality Cookies: Remember preferences and settings
• Marketing Cookies: Deliver relevant advertisements (with consent)

Managing Cookies: You can control cookies through your browser settings. Note that disabling cookies may affect Service functionality.

Do Not Track: We currently do not respond to Do Not Track signals, but we limit tracking to essential purposes and honor your cookie preferences.

13. Third-Party Services

We use the following categories of third-party services:

• Payment Processors: Stripe, RevenueCat, Apple Pay, Google Pay
• Analytics: Google Analytics, Firebase Analytics
• Cloud Services: AWS, Google Cloud Platform
• Communication: Email service providers, push notification services
• AI/ML Services: OpenAI, Anthropic (for AI features)

These services have their own privacy policies. We encourage you to review them.

14. Marketing Communications

With your consent, we may send you marketing emails about our products, services, and promotions. You can opt-out at any time by:

• Clicking "unsubscribe" in any marketing email
• Updating your preferences in account settings
• Contacting us via our Contact Page

Note: You cannot opt-out of transactional emails (e.g., purchase confirmations, security alerts).

15. Data Breach Notification

In the event of a data breach that may affect your personal information, we will:

• Notify affected users within 72 hours of discovery (or as required by law)
• Provide information about the nature of the breach
• Describe steps we're taking to address it
• Offer guidance on protective measures you can take
• Notify relevant authorities as required

16. Automated Decision-Making

We use AI and automated systems for certain features. You have the right to:

• Request human review of automated decisions
• Express your point of view regarding automated decisions
• Contest decisions that significantly affect you
• Opt-out of certain automated processing

17. Privacy Policy Changes

We may update this Privacy Policy from time to time. We will notify you of material changes by:

• Posting the new Privacy Policy on this page
• Updating the "Last Updated" date
• Sending email notification for significant changes
• Obtaining consent where required by law

Your continued use after changes constitutes acceptance of the updated Privacy Policy.

18. Contact Information

General Support: Contact Page

For privacy-related requests, please use the subject line "Privacy Request" and include your name and the nature of your request.

19. Supervisory Authorities

If you are unsatisfied with our response to your privacy concerns, you may contact your local data protection authority:

• EU Users: Your national data protection authority
• UK Users: Information Commissioner's Office (ICO)
• California Users: California Attorney General

20. Acknowledgment

BY USING OUR SERVICE, YOU ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTOOD THIS PRIVACY POLICY AND AGREE TO THE COLLECTION, USE, AND DISCLOSURE OF YOUR INFORMATION AS DESCRIBED HEREIN.

If you do not agree with this Privacy Policy, please do not use our Service.