Eyecon Privacy Policy

Effective date: 2026-04-15

Eyecon Global Ltd is operated by Instabridge Sweden AB. For the purposes of this Privacy Policy, “Eyecon”, “Eyecon Global Ltd”, “Instabridge”, “we”, “us”, or “our” refers to Instabridge Sweden AB, company reg. no. 559246-0538, and its subsidiaries, representatives, and affiliates including, our websites,  applications, and other offerings that link to this Privacy Policy or otherwise make it available to you. We are the data controller of the personal data that we collect from you when using the Services, except if explicitly stated otherwise in this policy. 

Please read this Privacy Policy carefully. This document contains a policy statement regarding our collection, use and processing of personal data, with whom we may share your personal data and your rights in relation to your personal data. It also tells you what to expect when we collect and use personal data about you that you share with us when using our Services. 

Eyecon Global Ltd. respects the privacy of users of our mobile application and related services (the “App” or “Services”) and is committed to protecting the personal data we process about you. This Privacy Policy provides comprehensive disclosure of potential scenarios in which personal data may be collected, used, or shared. This is intended to ensure transparency and to cover all relevant circumstances. We nonetheless make every effort to minimise the collection and use of personal data, and we rely on aggregate and/or de-identified data wherever possible.

This Privacy Policy explains:

  • what personal data we collect;
  • why and how we use it;
  • with whom we share it;
  • how long we keep it; and
  • which rights and choices you have.

By installing, accessing or using the App, Website or our Services, you acknowledge that you have read this Privacy Policy. 

This Privacy Policy is designed to comply with:

  • the EU/EEA General Data Protection Regulation (GDPR), where applicable; and
  • the Israeli Protection of Privacy Law, 5741-1981 (the “PPL”), including Amendment No. 13 and the Privacy Protection (Data Security) Regulations, 5777-2017; and
  • other data protection laws that may apply to our Services. For information on our processing of personal information that is subject to the California Consumer Privacy Act (“CCPA”), please see Annex A – Supplemental CCPA Privacy Notice.

If you provide us with personal information about someone else, you hereby confirm that they are aware that you have provided their personal information to us, and that they consent to our use of their personal information according to this Privacy Policy.

Please note that this notice does not apply to third party products or services or the practices of companies that we do not own or control, including other companies you may interact with, in or through Eyecon. We will not be responsible or liable for: (i) the availability or accuracy of such third-party apps or sites (ii) the content, products or services on or availability of such third party apps or sites; or (iii) your use of any such third party apps or sites.

We may update the Privacy Policy from time to time by posting a new version on https://www.eyecon-app.com with an updated date (the “Effective Date”). Your continued use of the Services after the Effective Date will be an acknowledgement of your acceptance of the amended Private Policy and our updated practices. If we make material changes to our privacy policy, we will notify you and ask you to confirm your consent.

If there is any difference between the English version and any other language version of this Privacy Policy, the English version will apply (to the extent permitted by applicable law or regulation).

 

1. Who we are

The data controller and database owner for the processing described in this Privacy Policy is:

Instabridge Sweden AB
Email: support@eyecon-app.com

Eyecon Global Ltd. is a subsidiary of Instabridge Sweden AB, reg. no. 559246-0538, Sweden (the “Instabridge Group”). Certain processing operations (for example, shared infrastructure, analytics or support) may also involve other Instabridge Group entities as controllers or processors. 

We have appointed an external Privacy Protection Officer / Data Protection Officer (“PPO/DPO”) responsible for monitoring compliance with applicable privacy laws, and acting as our contact with supervisory authorities:

ePrivacy GmbH, represented by Prof. Dr. Christoph Bauer, Burchardstraße 14, 20095 Hamburg

Email: privacy@eyecon-app.com
Subject line: “For the attention of the Data Protection Officer”

 

If you have any questions or concerns regarding your data, please contact privacy@eyecon-app.com. If you wish to communicate directly with our data protection officer (for example, because you have a particularly sensitive concern), please contact them by post, as communication by email may pose security risks. Please indicate in your request that your concern relates to Instabridge Sweden AB and Eyecon.

2. Scope and relationship to other documents

This Privacy Policy applies to:

  • your use of the Eyecon App (Android, iOS and any other platforms we support); 
  • your use of the Website https://www.eyecon-app.com; and
  • any other services that link to this Privacy Policy.

It does not apply to:

  • third-party apps, websites or services that you access through the App; or
  • other Instabridge Group products that have separate privacy notices.

Your use of the App is also governed by our End User Licence Agreement (EULA). This Privacy Policy supplements and forms part of the EULA.

3. Why we process personal data

We process personal information only where we have a lawful basis under applicable data protection laws. The legal basis we rely on depends on the type of information and the context in which we collect and use it. In general, we process personal information only:

  • where we need it to perform a contract with you;
  • where it is in our legitimate interests and those interests are not overridden by your data protection interests or fundamental rights and freedoms;
  • where we have your consent;
  • where we must comply with a legal obligation; and, in limited cases,
  • where processing is necessary to protect vital interests (yours or someone else’s).

3.1 Performance of a contract

We process your personal information where this is necessary to:

  • provide and operate the App and its core features (such as caller ID, spam detection, dialer and contact tools);
  • maintain your account and profile;
  • communicate with you about your purchases, subscriptions, or account (where applicable);
  • provide customer support and respond to your requests.

3.2 Legitimate interests

We process personal information where necessary to pursue legitimate interests of Eyecon, the Instabridge Group, or our users, and where these interests are not overridden by your rights and interests. Our legitimate interests include, for example:

  • developing, managing, delivering, maintaining, and improving the App, its features, and user experience;
  • running basic analytics and usage statistics to understand how the App is used and how it performs;
  • fraud detection and prevention, and preventing abuse, spam, and misuse;
  • ensuring the security, integrity, and performance of our networks and systems;
  • general corporate operations (such as internal administration, reporting, audits, and business continuity);
  • communicating with you about your customer service requests or operational messages (for example, service notices);
  • defending our legal rights and handling claims; and
  • where applicable, supporting compliance with certain foreign or cross-border requirements related to our operations.

We perform balancing tests where required to ensure that our interests do not override your fundamental rights and freedoms.

3.3 Consent

In some cases we rely on your consent. This is particularly relevant for:

  • accessing your device contacts and certain call/SMS permissions (where required by your device or applicable law);
  • using or sharing identifiers and events with third-party partners for personalised/behavioural advertising (for example, ads targeted based on your online behaviour or other personal information collected by us or third parties); and
  • some advanced analytics activities where consent is required;
  • sending certain forms of direct marketing (such as SMS or email promotions), where required by law.

Where we rely on consent:

  • we will request it explicitly (for example, using in-App screens, consent banners, or system permission prompts);
  • you may withdraw it at any time via the App settings or by contacting us;
  • withdrawal will not affect processing carried out before it, but may limit your ability to use some features (for example personalised ads or certain contact features).

3.4 Legal obligations

We may process and retain your personal information where this is necessary to comply with legal obligations under applicable laws, for example:

  • tax and accounting rules;
  • communications or consumer laws (including anti-spam rules);
  • obligations to respond to lawful requests from authorities and courts.

3.5 Vital interests

In limited circumstances, we may process personal information where this is necessary to protect vital interests—your interests or those of another person—for example in connection with an emergency or serious threat to safety.

 

4. What data we collect

We distinguish between non-personal data and personal data:

  • Non-personal data is information that does not identify an individual and cannot reasonably be used to do so (for example, aggregated statistics).
  • Personal data is information that identifies you or can reasonably be linked to you, or that relates to an identifiable individual (including your contacts and callers).

When non-personal data is combined with personal data, we treat it as personal data.

4.1 Data you provide to us

Account and profile data
When you install and use the App/Services and/or create a user account, we may collect and process:

  • name and username/handle;
  • email address and phone number;
  • password (or other account credentials you create);
  • profile photo or avatar;
  • language, region, time zone, and other preferences you choose.

Third-party login data (e.g., Google/Facebook)
If you choose to sign in using a third-party account, you give us permission to receive authentication and account information from that provider, such as your username, email address, and encrypted access credentials (e.g., tokens). Depending on your settings with the third-party provider, we may also receive additional profile information available through that account (for example country and hometown, date of birth, and networks).

Contact and address book data
With your explicit permission, we access your device address book to provide features such as caller ID, reverse lookup, contact management, and related tools. This may include:

  • contact names, nicknames, labels, and groups;
  • phone numbers;
  • photos stored with contacts;
  • notes or other contact metadata you store.

Communications and content you choose to share
You may provide personal data when you:

  • contact us (for example via email or in-App support) for customer or technical support;
  • use sharing features (such as “invite a friend,” “share this page,” or similar features), where available;
  • participate in offers, contests, or special events;
  • subscribe to newsletters or sign up to hear about current or upcoming products (where offered);
  • complete surveys offered by us or on our behalf.

In these cases, we may process:

  • your contact details;
  • the content of your message and any attachments;
  • any technical or diagnostic information you choose to share;
  • responses you provide (for example survey answers) and related participation details.

Transaction information
Where you make purchases or payments (for example subscriptions or in-app purchases), we may process transaction-related information such as purchase history and payment or billing details (as applicable, and often via our payment providers/app stores).

Biographic and demographic data
Depending on how you use the Services and what you choose to provide (including via third-party login), we may process biographic or demographic information such as date of birth and gender.

4.2 Data we collect (or generate) from your device and your use of the Services

When you access or use the Services, we collect personal data from and about you and the device(s) you use. Depending on your device, operating system, and settings (including permissions you grant), this may include:

Identifiers and network information

  • IP address;
  • unique device identifiers and advertising identifiers;
  • installation identifiers and similar direct/indirect identifiers;
  • SIM-related identifiers (for example carrier information and, where available, SIM/eSIM-related identifiers);
  • network information and performance data (for example signal level and connectivity diagnostics).

Device and technical data

  • device model, hardware, and operating system version/firmware;
  • mobile carrier, preferred languages, browser type and version (where relevant), and Internet service provider;
  • mobile network information;
  • applications installed on your device and default communication/browsing apps (where accessible and permitted by the platform);
  • App version, configuration, logs, diagnostic data, and related metadata;
  • error, crash, and performance data.

Interaction data

  • clickstream-style interaction data within the Services (for example screens viewed, taps/clicks, scrolls, navigation flows);
  • searches (including reverse lookups) and other in-App actions;
  • feature usage frequency and timing;
  • settings and preferences selected in the App/Services.

Location data

  • approximate location inferred from IP address (for example country or region); and/or
  • precise location derived from GPS or similar signals only if you enable location features and grant the relevant device permissions.

In-app purchase information

  • information associated with in-app purchases (for example purchase events and entitlements), typically received via the app store/payment platform.

Inferences

  • inferences drawn from the personal data we collect to better understand your preferences and improve the Services (for example suggesting relevant features or improving usability).

Data from connected third-party channels
If you connect your account to a third-party application, we may receive similar information about your interactions with the Services through those channels, depending on your settings and the third party’s policies.

Identity-based advertising identifiers

If you enable personalised advertising, Eyecon and its advertising partners may use identity-linking technologies (for example UID2) that rely on hashed identity inputs (such as a hashed email) and pseudonymous advertising tokens. These tokens are created and processed by the UID2 provider and our ad partners to deliver and measure personalised advertising.

Notification listener (optional feature)

If you enable Eyecon’s notification/ID features and grant notification access, the app may read notifications from other apps to provide caller-ID and message-preview functionality. This data is processed and stored locally on your device. We may extract the minimum data required for the feature, such as phone numbers detected in the notification, short message text, group name, and the notification icon (if present). 

 

VPN feature data

If you enable Eyecon’s VPN feature, we may use a third-party VPN connectivity provider, PureVPN, to establish and maintain an encrypted VPN connection. In this setup, Eyecon remains the customer-facing service provider and data controller for the personal data we collect through the App, while PureVPN acts as our processor/service provider for VPN connectivity.

To provide the VPN feature, we and/or PureVPN may process the minimum technical data necessary to establish, operate, secure, and troubleshoot the VPN connection. Depending on the implementation, this may include service configuration data and limited connection-related technical data such as VPN credentials/tokens, device type, session keys or public-key material generated for a session, selected VPN location, app version, and limited technical troubleshooting information. We seek to minimise this data and to avoid using it to identify users where not necessary.

Neither Eyecon nor PureVPN store or share browsing content, traffic payload, or a record of websites you visit through the VPN feature. We do not use VPN traffic content for advertising, profiling, or analytics.

 

4.3 Call, messaging, and address book data (caller ID features)

To support caller ID, dialer features, spam detection, and block/allow lists—and only where permitted by your device, operating system, local law, and granted permissions—we may process:

Call and messaging metadata

  • phone numbers involved in calls;
  • call direction (incoming/outgoing), time, date, duration, and number of calls;
  • spam labels, block/unblock actions, and user reports;
  • limited SMS metadata and (where applicable) content only if you explicitly enable SMS-related features and only to the extent permitted by local law and your operating system.

Local processing and storage
Call log information required to provide call history features (for example phone number, contact name if it exists in your address book, and call time/date and duration) is stored and processed locally on your device.

Fair use and service improvement
In addition, we may collect limited call usage metrics (such as call counts, and call time and duration) for purposes such as monitoring fair use, product development, resolving issues, and improving user experience.

We do not collect/track or store the audio or other content of your calls, or the content of your sms messages.

4.4 Data about your contacts, callers, and other individuals

To provide caller ID and related features, we may process data that relates to people who are not users of the Services, including:

  • phone numbers, names, photos, and labels contained in your address book;
  • how you and other users label or classify a number (for example “Mom”, “Bank”, “Spam”);
  • spam reports, reputation signals, and spam-related classifications for specific numbers;
  • information from public sources that links phone numbers to individuals or organisations.

We treat this type of information with particular care and provide mechanisms for individuals to exercise their rights where applicable (see Section 11).

4.5 Data from public and third-party sources

We may receive personal data from the following sources:

Publicly available sources
Where permitted by law and platform terms, we may use publicly available information (for example public web pages, business directories, or public social media profiles) to help identify phone numbers and suggest caller names.

Third-party services and SDKs
We use third-party tools for functions such as hosting, analytics, spam detection, crash reporting, advertising, measurement, and customer support. These third parties may provide us with information such as:

  • installation data and app store events;
  • aggregated usage, performance, or diagnostic metrics;
  • attribution and campaign performance data;
  • identifiers and device data needed to provide their services.

We use this information only for the purposes described in this Privacy Policy, subject to contractual restrictions and applicable law.

VPN infrastructure provider

If you use the VPN feature, we may receive information from our VPN connectivity provider relating to the operation of the feature, such as service availability, aggregate performance and reliability indicators, generic error information, and support-related information where troubleshooting is required. Our VPN provider applies a no-activity-logs approach for VPN traffic and does not process browsing history, DNS browsing activity, or traffic payload for analytics or profiling purposes. Any support information is used only to investigate and resolve service issues.

 

Personal Information Collected Using Cookies and Similar Technologies

We and our partners use various tools to collect personal information when you visit our sites and Services, including cookies, pixels, software development kits, advertising identifiers, and other similar technologies. Some of these technologies store information in the browser or on your device. Other technologies may use network-related or other information to recognize your device (e.g., IP address). Our Services use these technologies, for example, when you first request a web page, and information is then stored on your computer or other device so the website or app can access information when you make subsequent requests for pages from that Service. 

Examples of Cookies we use on our website and their purposes:

At any time, you can control the use of cookies by adjusting the settings on your browser. However, if you choose to disable some or all cookies, please note that by blocking any or all cookies, you may not have access to certain features, content, or personalization available through our Services. 

Functional cookies: We use functional cookies to operate certain functions of the website in accordance with your choices, meaning that when you continue to use or come back to the website, the site will be provided as you have previously requested, e.g. remembering your username and customization of the website.

Analytics cookies: We use analytics cookies to analyse how the website is accessed, used or is performing. We use the information to maintain, operate and improve the website.

Third party cookies: We may allow our partners to use cookies on the website for the same purposes identified above. We may also use service providers acting on our behalf to use cookies for the purposes identified above.

Security Cookies: We use security cookies for security purposes.

Advertising Cookies: advertising cookies are used to serve you with advertisements that may be relevant to you and your interests.

If you have any questions or comments about our use of cookies, please contact privacy@eyecon-app.com.

Other personal information collected using tracking technologies

Depending on the Services you use and your consent settings, we and our partners may also use these technologies to gather information about how you view and use our Services and content, and to connect your activity with other personal information we store about you. Some of these partners include:

Google Analytics. For more information about how Google uses your personal information (including for its own purposes, e.g., for profiling or linking it to other information), please visit Google Analytics’ Privacy Policy. To learn more about how to opt-out of Google Analytics’ use of your information, please click here.

5. How we use your personal information (purposes)

We use personal data for the following purposes:

  1. Operating and providing the App
    • to run the dialer, caller ID, contact management, block/allow lists, reverse lookup and spam detection features;
    • to authenticate you and manage your account;
    • to provide customer support and respond to your requests.
  2. Caller ID, contact matching and enrichment
    • to identify calls and numbers using aggregated signals from users and public sources;
    • to suggest contact names, photos or other identifiers;
    • to improve the accuracy and coverage of caller ID.
  3. Spam and fraud detection
    • to build and maintain reputation scores and spam indicators for numbers;
    • to warn users about suspected spam, fraud or abusive callers;
    • to prevent misuse of the App and protect user safety.
  4. Analytics and product improvement
    • to understand how users interact with features and where they encounter issues;
    • to run tests and experiments to improve usability and performance;
    • to generate aggregated statistics for internal reporting and planning.
  5. Advertising and user acquisition
    • Personalised / behavioural advertising (only with your consent):
      • if you explicitly allow personalised ads, we may use identifiers (such as advertising ID), coarse location and in-App event data to show ads tailored to your interests and to measure ad performance.
      • Identity-linking tokens (e.g., UID2 tokens) are used only for personalised ad delivery, frequency capping and ad measurement. We use them only with your consent and do not use them for non-advertising profiling beyond these purposes.
    • Non-personalised / contextual advertising:
      • regardless of consent, we may show ads based on the context of the App (for example, the screen you are on), but not based on behavioural profiles.
    • User acquisition and campaign measurement:
      • we may share a limited set of identifiers and events with mobile measurement partners (MMPs) and platforms to measure installs and campaign performance.
  6. Notification handling:
    • We use notification data only to operate the notification/ID feature (display caller ID and message previews, match to contacts, and detect spam). Processing is performed locally on the device and notification text/images are not sent to Eyecon for advertising, profiling, or cross-context behavioural targeting.
  7. Direct communication and marketing
    • to send in-App notifications and service messages (for example, security alerts, important updates);
    • with your consent or where otherwise permitted by law, to send you marketing messages (for example via email or SMS) about Eyecon features and offers;
    • to respect your marketing preferences and opt-outs.
  8. Compliance, security and enforcement
    • to comply with applicable laws, including the PPL, Amendment 13 and the Data Security Regulations;
    • to secure our systems and investigate suspicious activity;
    • to respond to lawful requests from authorities and courts;
    • to enforce our EULA and this Privacy Policy;
    • to handle and defend against legal claims.

We do not use:

  • the content of your calls or SMS;
  • names, notes or photos from your contacts; or
  • spam/fraud scores or caller ID labels

as inputs for ad targeting.

We do not use personal data for purposes that are inconsistent with this Privacy Policy unless we are required to do so by law or we obtain your consent.

5.1 Use of aggregated or anonymised data

We may use your non-personal information data in an aggregated and/or anonymised form to share publicly and to third parties, for example, in reports on internet use trends, to partners under agreement with us, or as part of community benchmarking. Data shared in this manner cannot reasonably be used to identify you as an individual. If we create or receive de-identified information, we will not attempt to reidentify such information, unless permitted by, or required to comply with, applicable laws. 

5.2 AI Recommendations & Personalisation (Optional Feature)

If you enable AI Recommendations & Personalisation (“AI Feature”), we process certain information you choose to share to provide more relevant, contextual recommendations and answers in the app. This feature is optional and can be turned off at any time.

Data you can choose to share for AI personalisation (opt-in per category)

We process AI Feature data based on your consent (GDPR Art. 6(1)(a)) for each category you enable. You can withdraw consent at any time in Settings.

You can opt in separately to each category below. We only process the categories you have enabled:

  • gps location: current GPS coordinates for location-based recommendations.
  • location history: places visited and travel patterns for personalised recommendations.
  • installed apps: installed app names to infer interests for recommendations.
  • recently opened apps: recently used apps to tailor responses to your current context.
  • browser history: websites visited (e.g., domains or URLs depending on your selection) to infer interests.
  • search history: search queries to tailor responses.sms history: 
  • text messages/communications: (content and/or metadata, depending on your selection) used only to provide context in AI responses.
  • call history: call records (metadata) used only to provide context in AI responses.
  • photo metadata: photo timestamps and location metadata used only to provide context in AI responses.
  • responses and feedback: your prior AI interactions and feedback used to improve your future AI experience.
  • other: other information you explicitly choose to provide for personalisation (described at the time you opt in).

How we use data for AI personalisation (purposes)

We use AI Feature data only to:

  • Generate personalised AI responses and recommendations during your session (on-the-fly inference); and
  • Maintain and protect the AI Feature, including security, abuse prevention, debugging, and quality assurance.

We do not use AI Feature data to train or fine-tune AI models.

Enhanced safeguards (potentially sensitive inferences)

Some AI Feature data (alone or combined) could allow inferences about sensitive information (such as health, religion, or political opinions). We apply enhanced safeguards, including data minimisation, strict access controls, encryption, and purpose restrictions.

Sharing and international transfers

We may share AI Feature data with service providers that help operate the AI Feature (for example, cloud infrastructure and AI processing vendors) acting as our processors under data-processing agreements. If processing involves transfers outside the EU/EEA, we use appropriate safeguards such as Standard Contractual Clauses.

Retention and deletion of AI Feature data

AI Feature data is retained for no more than 30 days and is automatically scheduled for deletion. If you disable a category or turn off the AI Feature, we stop collecting that category and delete related AI Feature data according to the same automated schedule, unless a longer period is required by law.

5.3 VPN connectivity and security

  • If you choose to use our VPN feature, we may use your personal data for the following purposes:
  • To provide an optional VPN feature that routes traffic through secure VPN infrastructure;
  • to authenticate VPN sessions and apply the connection settings you choose (for example VPN location);
  • to maintain service reliability, diagnose connectivity issues, prevent abuse, and secure the VPN feature;
  • to provide support in relation to VPN performance or connection problems.

We do not use VPN traffic content, browsing history through the VPN feature, or DNS activity for behavioural advertising, analytics profiling, or marketing.

6. How long we keep your data (retention)

We will keep your personal data for as long as you have an account in the Services or for as long as we need to keep any personal data to comply with our legal obligations, resolve disputes, or enforce our agreements. After this your personal data will be deleted.

7. Sharing and storing your data

We do not sell your personal data in the ordinary sense of “sale”. We share personal data with:

7.1 Service providers and processors

We use third-party service providers who process data on our behalf and under our instructions, for example:

  • cloud hosting and storage providers;
  • analytics and measurement services;
  • spam and fraud detection services;
  • VPN services;
  • crash reporting and performance monitoring providers;
  • customer support and communication tools;
  • payment and billing providers, where relevant.

These providers act as processors or database holders under GDPR and Israeli law and may only use personal data to provide services to us, subject to confidentiality and security obligations.

We store your personal information on industry standard servers, including through the use of the following third parties: 

  • Firebase and Google Cloud, owned by Google, who is a Service Provider. The data we store and otherwise process about you will be stored on servers hosted by Google Cloud. 
  • Amplitude, who is a Service Provider, and their service provider Amazon Web Services, which acts as a subprocessor. 
  • Singular. Singular is a Service Provider, and data that they process on our behalf is hosted by their service providers Amazon Web Services, Inc. and Snowflake, Inc,  which act as subprocessors.
  • CrispChat. Crisp IM SAS is a Service Provider, and data that they process on our behalf is hosted by their service providers Amazon Web Services, Inc. and DigitalOcean LLC,which act as subprocessors.
  • Payment data is hosted by Stripe Payments Europe, Ltd, which is a Service Provider.
  • Call, text and data usage data for Instabridge Mobile is processed and hosted by OXIO, Inc, which is a Service Provider.

7.2 Advertising and user acquisition partners

For in-app advertising and campaign measurement we work with:

  • ad networks and mediation platforms;
  • mobile measurement partners and attribution providers;
  • platforms where we run user acquisition campaigns.

Depending on your consent and settings, these partners may receive:

  • advertising IDs or other mobile IDs;
  • coarse location;
  • App installation and event data related to ads (for example, impressions, clicks, conversions);
  • limited device and network information
  • UID2 tokens and related metadata; these are generated and stored by the UID2 provider and may be shared with our advertising partners for ad delivery and measurement. 

Some partners act as our processors and may only use data to provide services to us. Others act as independent controllers and use data they receive to improve and measure their own advertising services; their use is governed by their own privacy policies.

We do not permit partners to access or use:

  • the content of your calls or SMS;
  • names, photos or notes from your contacts;
  • spam/fraud scores or detailed caller ID labels

7.3 Other users and the public

To provide caller ID and spam protection, we may show Eyecon users:

  • names, photos or other identifiers associated with a number, derived from aggregated signals and public sources;
  • spam warnings and reputation indicators for numbers reported as spam or suspected fraud.

We do not expose your entire address book to other users.

If you believe a number is incorrectly labelled, please contact us (see Section 11).

7.4 Instabridge Group entities

We may share personal data with other entities in the Instabridge Group where necessary for:

  • shared infrastructure and security;
  • group-level analytics and planning;
  • centralised support or governance.

All such processing is subject to intra-group agreements and safeguards.

7.5 Authorities and legal recipients

We may disclose personal data where we believe in good faith that it is necessary to:

  • comply with applicable laws or lawful requests from authorities or courts;
  • respond to legal claims, investigations or regulatory inquiries;
  • protect our rights, property or safety, or those of our users or the public;
  • investigate and prevent fraud, abuse, security incidents or violations of our EULA.

7.6. Third-party services, SDKs and links

The App uses third-party software development kits (SDKs) and services, for example for:

  • hosting and storage;
  • analytics and product measurement;
  • spam and fraud detection;
  • VPN services;
  • crash reporting and performance monitoring;
  • in-App advertising and campaign attribution;
  • customer support.

These partners may collect or receive certain data from your device or from our systems as described above. Some act as processors, others as independent controllers.

We maintain an internal register of our processors and SDKs, and we require our partners to implement appropriate privacy and security safeguards. Where partners act as independent controllers (for example some large ad networks or platforms), their processing is governed by their own privacy policies, which we recommend you review.

The App may also link to third-party apps, websites or services (for example messaging apps or social networks). Your use of those services is governed by their own terms and privacy policies, not this one.

7.6.1 VPN service provider (PureVPN)

If you use Eyecon’s VPN feature, we may share limited personal data and technical data with PureVPN, our VPN connectivity provider, solely to enable and support the VPN service. PureVPN acts as our processor/service provider in this context.

The data shared is limited to what is necessary to provide the VPN feature, such as technical connection data, VPN service credentials/configuration, selected VPN location, device type, session-related cryptographic material, and troubleshooting information where needed. We instruct PureVPN to process such data only for the purpose of providing the VPN feature, maintaining reliability and security, and handling support.

PureVPN does not process or store browsing activity, DNS browsing logs, traffic content/payload, or device advertising identifiers for analytics or tracking on Eyecon’s behalf. We do not permit PureVPN or its subprocessors to use data processed for the VPN feature for their own marketing or profiling purposes.

PureVPN may use vetted subprocessors for infrastructure hosting, network operations, operational monitoring, and support tooling, subject to contractual data protection, confidentiality, and security obligations.

7.6.2 Notification data storage & sharing

Notification/ID data is kept on your device in the app’s local database. We do not share notification data, message content or associated images. You can disable the notification/ID feature or revoke notification access in your device settings; doing so stops further reading of notifications and deletes related local feature data where permitted.

8. International transfers

Instabridge Sweden AB is based in Sweden, and uses service providers and infrastructure in multiple locations, including:

  • the European Economic Area (EEA);
  • Israel;
  • the United States; and
  • other countries as needed to provide the Services.

When personal data is transferred outside your country:

  • for EU/EEA data, we use safeguards such as standard contractual clauses and other measures required by GDPR;
  • for Israeli data, we comply with the PPL and the Data Security Regulations, including rules on transfers from Israel and, where applicable, cross-border transfer conditions and contractual protections;
  • for other jurisdictions, we apply appropriate safeguards required by local law.

We maintain internal documentation of our databases and cross-border data flows and review them periodically.

If you are located in the European Union (“EU”), United Kingdom (“UK”) or Switzerland then we may transfer personal data that we collect from you to third party suppliers and trusted partners located in countries that are outside of the EU and the European Economic Area (“EEA”) (including, but not limited to the USA) or to our partners/related third parties in connection with the above purposes. The same rule applies for users outside the EU/EAA, that is your data may be transferred outside of the country from which it was originally collected. Please be aware that the countries to which we may transfer data may have data protection laws that are different from the laws where you live. 

When transferring personal data outside the EU/EEA, we will ensure that the country in which your personal data will be handled has been deemed “adequate” by the EU Commission under Article 45 of the General Data Protection Regulation (“GDPR”) or if your personal data will be transferred to a country which the EU Commission does not consider to have an adequate level of protection for personal data, we will take all necessary steps required under applicable law in order for such transfer of personal information across borders to be compliant with applicable law. We will only transfer your personal data to a country outside the EU/EEA that does not have adequate data protection laws where; (i) the transfer is being safeguarded by the use of Standard Contractual Clauses (SCCs), which have been approved by the European Commission as appropriate safeguards for international transfers under Article 46(2) of the GDPR; or (ii) where applicable, by an adequacy decision adopted by the European Commission under Article 45 of the GDPR.

By installing or using the App or Services, you consent to those transfers of personal information to other countries and to service providers.

You can find further information about the rules on data transfers outside the EU/EEA, including the mechanisms that we rely upon, on the European Commission website (https://ec.europa.eu/info/law/law-topic/data-protection_en).

9. Security

We implement technical and organisational measures designed to protect personal data from accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access, in line with the Data Security Regulations and relevant industry standards.

These measures include, as appropriate:

  • encryption of data in transit and at rest;
  • access controls based on least privilege and need-to-know;
  • strong authentication for administrative access (for example multi-factor authentication);
  • logging and monitoring of key systems and access to databases;
  • separation of environments and network security controls;
  • regular security testing, audits and training;
  • documented procedures for incident detection, response, notification and remediation.

We classify our databases by security level and apply the required controls for each level, taking into account data sensitivity, the number of data subjects and the number of authorised users.

No system is completely secure. If you believe that your account or data may have been compromised, please contact us immediately.

10. Children and minors

The App is not intended for persons under the age of majority. Our Services are designed for a general audience and require all users to be above the minimum age to consent for data processing as a condition of access. By installing or using our Services you represent and warrant to us that you are above the minimum age to consent for data processing in your domicile.

If you are a parent or guardian of a minor, and believe that minor has uploaded personal information in connection with our Services without your consent, or if you wish to review personal information collected from your minor child, or have that information modified or deleted, you may contact us as described in “Contact Us” below. If we become aware that a minor has provided us with personal information in violation of applicable law, we will use reasonable efforts to delete any personal information we have collected, unless we have a legal obligation to keep it.

We do not knowingly collect or solicit personal data from children or persons below the applicable age. If we learn that we have collected such data, we will delete it and may restrict access to the App from the relevant account or device.

If you believe we have collected data about a child or person in violation of this Policy or applicable law, please contact us (see Section 11).

11. Your rights and choices

Your rights depend on where you live and which laws apply. If you are in the EU/EEA or the UK, the GDPR (and UK GDPR) generally applies to our processing of your personal data, and you have the rights described below.

11.1 GDPR/UK GDPR rights (EU/EEA/UK)

You may have the right to:

  • Access – to obtain confirmation of whether we process personal data about you and to receive a copy. (This right applies to data relating to you, not to data relating to other individuals.)
  • Correction (rectification) – to request correction of inaccurate, incomplete, or outdated data.
  • Deletion (erasure) – to request deletion of your personal data in certain circumstances (for example where it is no longer necessary for the purposes for which it was collected). This right may be limited where we are permitted or required by law to retain certain data. If you request deletion, you may no longer be able to use some or all of the Services.
  • Restriction – to request restriction of processing in certain circumstances.
  • Objection – to object to processing based on legitimate interests, and to object at any time to direct marketing. If you object to certain processing that is necessary to provide the Services, you may no longer be able to use some or all features (and if you share a device, other users of that device may be affected).
  • Data portability – to receive certain data in a structured, commonly used, and machine-readable format and to have it transmitted to another controller where technically feasible.
  • Withdrawal of consent – where we rely on your consent, you may withdraw it at any time. Withdrawal does not affect processing carried out before it, and it does not affect processing based on lawful grounds other than consent.
  • Information about sharing – to request information about the categories of third parties with whom your personal data has been shared (and, where required by law, further details).
  • Automated decision-making – where applicable, to request information about, and to challenge, decisions taken exclusively by automated processing that produce legal or similarly significant effects for you.

11.2 Israel and other jurisdictions

Israel: Under Israeli law, you also generally have the right:

  • to review data about you held in a registered database; and
  • to request correction, and in some cases deletion or blocking, of data that is incorrect, incomplete, unclear, or outdated.

Non-users (caller ID results): If you are not an Eyecon user but believe that data about your phone number or identity appears in Eyecon’s caller ID results, you may contact us and we will review your request in accordance with applicable law and guidance from the Israeli Privacy Protection Authority (PPA).

Other jurisdictions (including the United States): Depending on where you live, you may also have rights to:

  • opt out of certain processing (for example “targeted advertising,” “sale”/“sharing” of personal information, or certain profiling, as those terms are defined under applicable law);
  • appeal our decision if we decline to act on your request (where an appeal right is provided by law); and
  • use an authorized agent to submit requests on your behalf where permitted by law (we will require appropriate proof of authorization).

For further information on your rights as a US user, please see ANNEX A.

11.3 Limits on rights

These rights are not absolute. We may decline or limit a request where there is a valid reason under applicable law—for example, where we cannot verify your identity, where the request would adversely affect the rights of another person, where we must retain data to comply with legal obligations, or where fulfilling the request would prevent us from providing the Services you request.

11.4 How to exercise your rights

To exercise your rights, please contact us at:

Please include your phone number (with country code) and enough information to identify you and your relationship with Eyecon. We may request additional information to verify your identity and locate your data (for example, confirming the email address or account information associated with you). Only you—or someone legally authorized to act on your behalf where permitted—may make a request.

We will respond within the timeframe required by applicable law.

11.5 Data deletion requests

You can request deletion of your data directly through the Eyecon app or by contacting us via email. To request data deletion in the app, go to Account Settings, where you can select the option to delete your account and associated data. Alternatively, you may send an email to support@eyecon-app.com with your deletion request clearly stated, and our team will process your request in accordance with applicable privacy laws.

11.5 Complaints

If you are unhappy with our processing of your personal data and/or consider it to be in contrary to applicable legislation you may have the right to lodge a complaint with a competent supervisory data protection authority (“DPA”) (such as with the DPA in your country of residence, the DPA in the country of your place of work or the DPA in the country where the alleged infringement has occurred). 

  • In Sweden, the supervisory authority is the Swedish Supervisory Authority for Privacy Protection (“Integritetsskyddsmyndigheten”).
  • in the EU/EEA or UK, with your local data protection authority (including the authority in your country of residence, workplace, or where the alleged infringement occurred); and/or
  • in Israel, with the Israeli Privacy Protection Authority (PPA).

We will cooperate with the appropriate authorities to resolve privacy-related complaints.

12. Specific information regarding direct marketing and advertising choices

12.1 Service messages

We may send you service or transactional messages, for example about:

  • important changes to the App or our terms;
  • security alerts or technical issues;
  • responses to your requests.

These are not marketing and you cannot opt out of essential service messages.

12.2 Direct marketing

Where required by law (for example for SMS or email advertising under Israel’s Communications Law / Anti-Spam Act), we will obtain your prior consent before sending advertising messages.

You can withdraw consent or opt out at any time by:

We may still send you non-marketing service messages.

12.3 Behavioural / personalised advertising

We only use your personal data for behavioural / personalised advertising if you have explicitly consented to it in the App.

You can:

  • enable or disable personalised ads in App Settings → Privacy / Advertising (or similar); and
  • use your device settings to limit or reset your advertising identifier and interest-based ads.

If you disable personalised ads or do not provide consent:

  • we will not use data from the App to create or update advertising profiles;
  • we will not send behavioural/ad-personalisation data from the App to ad partners, except to the extent strictly necessary for non-personalised ads and basic measurement;
  • you may still see non-personalised ads.

We do not use:

  • call or SMS content;
  • names, notes or photos from your contacts;
  • spam/fraud scores or detailed caller ID labels

to build ad profiles.

13. Israel-specific information (PPL & Amendment 13)

If you are located in Israel or if Israeli law otherwise applies, the following additional information applies.

13.1 Applicable law and supervisory authority

Our processing of personal data is subject to:

  • the Protection of Privacy Law, 5741-1981 (PPL);
  • Amendment No. 13 to the PPL; and
  • the Privacy Protection (Data Security) Regulations, 5777-2017.

The competent supervisory authority is the Israeli Privacy Protection Authority (PPA).

13.2 Databases, PPO and data broker considerations

We maintain internal documents describing our databases that hold personal data, including:

  • their purposes;
  • types of data subjects and data categories;
  • transfers outside Israel;
  • security classification and measures.

Under Amendment 13 and the Data Security Regulations, certain databases may require specific security levels, documentation and, in some cases, registration or notification. We classify our databases and apply required measures accordingly.

We have appointed a Privacy Protection Officer (PPO) with responsibilities and authority as required by law, including:

  • monitoring compliance with the PPL, Amendment 13 and the Data Security Regulations;
  • assisting in privacy impact assessments and risk management;
  • advising management and reporting on privacy matters;
  • serving as the contact point with the PPA.

To the extent that Eyecon’s activities fall within categories such as “data broker” or high-risk database owner under Amendment 13, we will comply with any additional transparency, supervision and registration obligations that apply.

13.3 Rights and remedies under Israeli law

In addition to the rights listed in Section 11, under Israeli law you generally have the right:

  • to review data about you held in a registered database; and
  • to request correction, and in some cases deletion or blocking, of data that is incorrect, incomplete, unclear or outdated.

If you wish to exercise these rights, please contact us using the details in Section 11 and specify that your request relates to your rights under the PPL.

If you are not an Eyecon user but believe that a phone number associated with you appears in Eyecon’s caller ID results, you may contact us to request review, correction or deletion of that data. We will handle your request in accordance with the PPL, Amendment 13 and relevant PPA guidelines.

If you are dissatisfied with our response, you may lodge a complaint with the Israeli Privacy Protection Authority.

14. Changes to this Privacy Policy

We may update this Privacy Policy from time to time, for example to reflect:

  • changes in our Services or technologies;
  • changes in applicable laws or regulatory guidance;
  • feedback from users or authorities.

When we make material changes, we will:

  • update the “effective date” at the top; and
  • where required, provide additional notice (for example via the App or by other appropriate means).

Your continued use of the App after the updated Privacy Policy becomes effective indicates that you have read and understood the changes. If you do not agree, you should uninstall the App and contact us if you wish to exercise your rights.

15. Contact us

If you have questions, concerns or requests regarding this Privacy Policy or your personal data, you can contact us at:

Eyecon Global Ltd.
Support email: support@eyecon-app.com
Privacy contact: privacy@eyecon-app.com

Data protection officer contact: privacy@instabridge.com

Data Protection Officer

External Data Protection Officer: ePrivacy GmbH, represented by Prof. Dr. Christoph Bauer, Burchardstraße 14, 20095 Hamburg

If you have any questions or concerns regarding your data, please contact privacy@instabridge.com. If you wish to communicate directly with our data protection officer (for example, because you have a particularly sensitive concern), please contact them by post, as communication by email may pose security risks. Please indicate in your request that your concern relates to Instabridge Sweden AB and Eyecon.

 

Postal address:

Prof. Dr. Christoph Bauer,

Burchardstraße 14,

20095 Hamburg

E-mail address:

privacy@instabridge.com

 

Contact information Data Controller 

Name:

Instabridge Sweden AB

Registration number:

559246-0538

Postal address:

Instabridge Sweden AB

Box 190

101 23 Stockholm

E-mail address:

support@eyecon-app.com

 

ANNEX A – SUPPLEMENTAL CCPA PRIVACY NOTICE

This Supplemental CCPA Privacy Notice supplements our Privacy Policy and only applies to our processing of personal information that is subject to the CCPA.  

NOTICE AT COLLECTION 

At or before the time of collection, California residents have a right to receive notice of our privacy practices. California residents can find this information below.

  • Personal Information Collected. See the section of this Supplemental CCPA Privacy Notice titled “Overview of Personal Information Collected, Disclosed, Sold and/or Shared” for a list of personal information which may be collected. If we have previously collected personal information in the past 12 months, we may collect that personal information from you. 
  • Uses of Personal Information. See the section of this Supplemental CCPA Privacy Notice titled “Uses of Personal Information” for a list of the purposes for which we use personal information. 
  • Is Personal Information “Sold” or “Shared” for “Cross-Context Behavioral Advertising”? Yes. 
  • How Long is Personal Information Retained For? We will retain your personal information for as long as you have an account in the Services or for as long as we need to keep any personal information to comply with our legal obligations, resolve disputes, or enforce our agreements. After this your personal information will be deleted. AI Personalisation data is retained for no more than 30 days and is automatically scheduled for deletion. If you disable a category or turn off AI Personalisation, we stop collecting that category and delete related AI Personalisation data according to the same automated schedule, unless a longer period is required by law.
  • Additional Information. For more information on our privacy practices, please review this Supplemental CCPA Privacy Notice and our Privacy Policy. Importantly, the section of our Privacy Policy titled “Your Rights and Choices” includes important details about how you can exercise some of the rights which you have under the CCPA. 

 

CATEGORIES OF SOURCES FROM WHICH PERSONAL INFORMATION IS COLLECTED

We collect personal information that you provide to us, personal information we collect automatically when you use the Services, and personal information from third-party sources. If you choose to enable AI Personalisation in the Services, we may collect and use additional personal information only for the categories you specifically opt in to. You can change your selections at any time in Settings.

OVERVIEW OF PERSONAL INFORMATION COLLECTED, DISCLOSED, SOLD, AND/OR SHARED 

The CCPA provides California residents with the right to know what categories of personal information Eyecon/Instabridge has collected about them, whether Eyecon/Instabridge  disclosed that personal information for a business purpose (e.g., to a service provider), whether Eyecon/Instabridge  “sold” that personal information, and whether Eyecon/Instabridge  “shared” that personal information for “cross-context behavioral advertising” in the preceding twelve months. California residents can find this information below:

 

Category of Personal Information Collected by Instabridge

Category of Third Parties To Whom Personal Information is Disclosed to for a Business Purpose

Category of Third Parties To Whom Personal Information is Sold and/or Shared

Identifiers
  • Service providers
  • Third-party services you share or interact with
  • Others, upon the instruction of a user using a profile sharing functionality
  • Our affiliates (in particular to prevent, detect and fight fraud or other illegal or unauthorized activities under our Terms)
  • Our payment service providers and fraud vendors (e.g., for anti-fraud purposes and to fight against other illegal activities)
  • Joint marketing partners
  • Other vendors and professional services organizations who assist us in relation to the business or commercial purposes laid out herein

Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))
  • Service providers
  • Third-party services you share or interact with
  • Not applicable

Protected classification characteristics under California or federal law
  • Not applicable
  • Not applicable

Commercial information
  • Service providers
  • Third-party services you share or interact with
  • Our payment service providers and fraud vendors (e.g., for anti-fraud purposes and to fight against other illegal activities)
  • Other vendors and professional services organizations who assist us in relation to the business or commercial purposes laid out herein

Biometric information
  • Not applicable
  • Not applicable

Internet or other electronic network activity
  • Service providers
  • Third-party services you share or interact with
  • Vendors and professional services organizations who assist us in relation to the business or commercial purposes laid out herein

Geolocation data
  • Service providers
  • Third-party services you share or interact with
  • Vendors and professional services organizations who assist us in relation to the business or commercial purposes laid out herein

Sensory data
  • Not applicable
  • Not applicable

Professional or employment-related information
  • Not applicable
  • Not applicable

Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Sec. 1232g, 34 C.F.R. Part 99))
  • Not applicable
  • Not applicable

Inferences drawn from other personal information to create a profile about a consumer
  • Service providers, including service providers who assist with AI processing and infrastructure
  • Not applicable

Personal information that reveals a consumer’s social security, driver’s license, state identification card, or passport number 
  • Not applicable
  • Not applicable

Personal information that reveals a consumer’s account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account 
  • Service providers
  • Not applicable

Personal information that reveals a consumer’s precise geolocation
  • Service providers, including service providers who assist with AI processing and infrastructure
  • Third-party services you share or interact with
  • Vendors and professional services organizations who assist us in relation to the business or commercial purposes laid out herein

Personal information that reveals a consumer’s racial or ethnic origin, religious or philosophical beliefs, or union membership 
  • Service providers, including service providers who assist with AI processing and infrastructure
  • Not applicable

Personal information that reveals the contents of a consumer’s mail, email, and text messages unless Eyecon or Instabridge is the intended recipient of the communication
  • Service providers, including service providers who assist with AI processing and infrastructure
  • Not applicable

Personal information that reveals consumer’s genetic data
  • Not applicable
  • Not applicable

Biometric information that is processed for the purpose of uniquely identifying a consumer
  • Not applicable
  • Not applicable

Personal information collected and analyzed concerning a consumer’s health 
  • Service providers, including service providers who assist with AI processing and infrastructure
  • Not applicable

Personal information collected and analyzed concerning a consumer’s sex life or sexual orientation
  • Service providers, including service providers who assist with AI processing and infrastructure
  • Not applicable

 

USES OF PERSONAL INFORMATION

We may use and disclose the personal information that we collect for the following business and commercial purposes: 

  • Processing for purposes described in the “How We Use Information” section of our Privacy Policy; 
  • Processing related to delivering personalized, cross-context behavioral advertising, as well as marketing communications;

 Auditing related to counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards;

  • Helping to ensure security and integrity to the extent the use of personal information is reasonably necessary and proportionate for these purposes; 
  • Debugging to identify and repair errors that impair existing intended functionality;
  • Short-term, transient use, including, but not limited to, non-personalized advertising shown as part of your current interaction with Instabridge;
  • Maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing storage, or providing similar Services;
  • Providing advertising and marketing services; 
  • Providing AI-powered personalisation features (opt-in); generating personalised AI responses and recommendations, and maintaining and protecting the AI Feature (including security, abuse prevention, debugging, and quality assurance). We do not use AI Personalisation data to train or fine-tune AI models.
  • Undertaking internal research for technological development and demonstration; 
  • Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by Instabridge, and to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by Instabridge. 

 

DISCLOSURE REGARDING “SALES” OF PERSONAL INFORMATION AND/OR “SHARING” FOR “CROSS-CONTEXT BEHAVIORAL ADVERTISING”

In the preceding twelve months, Instabridge Sweden AB has “sold” and/or “shared” personal information for cross‑context behavioral advertising purposes. Such activities may involve providing your personal information to trusted third‑party advertising partners, who may use it to deliver targeted advertising across various digital contexts. We make these disclosures in accordance with applicable law. We do not sell AI Personalisation data. We do not share AI Personalisation data for cross-context behavioral advertising as part of the AI Feature.

 

DISCLOSURE REGARDING OPT-OUT PREFERENCE SIGNALS 

Instabridge Sweden AB does “sell” and “share” personal information for cross‑context behavioral advertising. If you do not wish for your personal information to be used for these purposes, you may exercise your right to opt out. To do so, please click on the “Do Not Sell My Personal Information” link available on our website, in the app, or contact us at privacy@eyecon-app.com. We will process your opt‑out request in accordance with the CCPA and other applicable laws.

 

DISCLOSURE REGARDING INDIVIDUALS UNDER THE AGE OF 16 

Instabridge Sweden AB does not have actual knowledge of any “sale” of personal information of minors under 16 years of age. Eyecon/Instabridge does not have actual knowledge of any “sharing” of personal information of minors under 16 years of age for “cross-context behavioral advertising.”

 

DISCLOSURE REGARDING SENSITIVE PERSONAL INFORMATION

Instabridge Sweden AB only uses and discloses sensitive personal information for the purposes set forth in Section 7027(m) of the CCPA regulations. For AI Personalisation, we use and disclose Sensitive Personal Information only for purposes permitted under 11 CCR § 7027(m), and only as reasonably necessary and proportionate to provide the AI Personalisation feature you request via specifically opting in to that processing.

NON-DISCRIMINATION

California residents have the right not to receive discriminatory treatment by us for the exercise of their rights conferred by the CCPA.

NOTICE OF FINANCIAL INCENTIVE

This Notice of Financial Incentives aims to inform you about any programs, benefits, and other financial incentive offerings, including price or service differences (collectively, “Incentive Offerings”), that we may provide in connection with the collection of your personal information so that you may make an informed decision on whether to participate in our Incentive Offerings. Such Incentive Offerings may be deemed “financial incentives” under the CCPA. 

The material aspects of any Incentive Offering, along with the personal information collected in connection with an Incentive Offering, will be described at the time you are presented with the Incentive Offering. 

Examples of our Incentive Offerings may include: 

  • One-Time Discount. We may offer you a discount on your data purchase or an amount of free data if you provide us your email address and agree to receive marketing communications. 
  • Refer-a-Friend Program. We may offer a discount on your future purchase when you provide your personal information along with your friends’ or colleagues’ personal information, and they make a purchase. The referred party may also receive a reward in the form of a discount on the first order and/or a free service for making a purchase through your referral. 

You can opt-in to an Incentive Offering by following the instructions that accompany the presentation of the Incentive Offering. If you subsequently wish to withdraw from the Incentive Offering, you may request such withdrawal by contacting us as set forth in “Contact Us” above.  

Each Incentive Offering may be based upon our reasonable and good-faith determination of the estimated value of such an offer to our business, taking into consideration the value of the offer itself and the anticipated revenue generation that may be realized.