Privacy &.
Terms Privacy Policy Terms of Service <p> Important notice </p>
<p> Recent Changes </p>
<p> Introduction </p>
<p> Definitions </p>
<p> What is Wysa App? </p>
<p> Who can use the service? </p>
<p> What data do we collect and how do we use it? </p>
<p> What data do We process for the purposes of Our Legitimate Interest? </p>
<p> How does Touchkin protect Your Data? </p>
<p> Where is Your data transmitted and stored? </p>
<p> How long do We retain Your data including Personal data? </p>
<p> Does Touchkin Use 3rd party Service providers or agents? </p>
<p> Does Touchkin share Your data with third parties? </p>
<p>
What are Your data protection rights?
</p>
<p>
Can Children under 13 use Wysa App?
</p>
<p>
Who can You contact for additional questions, comments or concerns?
</p>
<p>
Can Non-English speaking users use the Wysa App?
</p>
<p>
What are some Best Practices to follow to keep Your devices secure?
</p>
<p>
Changes to this Privacy Policy
</p>
<p>
Severability and Exclusion
</p>
<p>
Changes Log
</p>
<i>
</i> Privacy Policy Terms of Service <p>Wysa's Privacy Policy</p>
<p>This policy describes our
policies and procedures for collection, transmission, storage, processing, disclosure and
protection of any data, including, but not limited to, personal data provided by you as a user
while using the service.
user shall mean any person/ persons, who visits, uses, deals with and/
or transacts through wysa app (“privacy policy”).
please also read our terms of service
(“agreement”) which sets out the terms governing the services.
the terms and conditions, privacy
policy and any other terms and conditions as may be applicable shall hereinafter collectively be
referred to as “agreement” or “contract”.
</p>
<p>Initial
Effective Date: June 30, 2017 (GMT)
<br>Latest Revised Date: Apr 19, 2021 (GMT)
<br>Version: 3.2.0</p>
<p>Content</p>
<i>
</i>
<p> Important notice </p>
<i>
</i>
<p> Recent Changes </p>
<i>
</i>
<p> Introduction </p>
<i>
</i>
<p> Definitions </p>
<i>
</i>
<p> What is Wysa App? </p>
<i>
</i>
<p> Who can use the service? </p>
<i>
</i>
<p> What data do we collect and how do we use it? </p>
<i>
</i>
<p> What data do We process for the purposes of Our Legitimate Interest? </p>
<i>
</i>
<p> How does Touchkin protect Your Data? </p>
<i>
</i>
<p> Where is Your data transmitted and stored? </p>
<i>
</i>
<p> How long do We retain Your data including Personal data? </p>
<i>
</i>
<p> Does Touchkin Use 3rd party Service providers or agents? </p>
<i>
</i>
<p> Does Touchkin share Your data with third parties? </p>
<i>
</i>
<p>
What are Your data protection rights?
</p>
<i>
</i>
<p>
Can Children under 13 use Wysa App?
</p>
<i>
</i>
<p>
Who can You contact for additional questions, comments or concerns?
</p>
<i>
</i>
<p>
Can Non-English speaking users use the Wysa App?
</p>
<i>
</i>
<p>
What are some Best Practices to follow to keep Your devices
secure?
</p>
<i>
</i>
<p>
Changes to this Privacy Policy
</p>
<i>
</i>
<p>
Severability and Exclusion
</p>
<i>
</i>
<p>
Changes Log
</p>
<p>Important Notice:</p> 1.
If You are having suicidal thoughts or planning to act on suicidal thoughts, or if You
feel
that
You may be a danger to Yourself or to others, or if You otherwise have any medical or
mental
health emergency or severe mental health condition, or if You are in a crisis or trauma
or
abuse, please discontinue use of the Service immediately and call the relevant emergency
number
in Your country and notify the police or emergency medical Services.
For example, You
can
find
Your country-specific suicide emergency number at: Suicide.org -
Suicide
Prevention, Awareness, and Support 2.
If You are less than 18 years of age, please read through the Wysa Privacy Policy and
the
Wysa
Terms of Service with Your parent or legal guardian or check with Your Institution to
understand
eligibility before use.
Wysa is not to be used by children under 13 years.
3.
We do not require any personal identifiers or sensitive data hence we do not ask for it.
You have the option to limit sharing of Your Personal data (such as full name, date of
birth, contact numbers, address, financial identifiers, government-provided identifiers)
or Your medical-related data or any other sensitive data (such as religious or political
opinions, financial data) when You use the Wysa App and Services.
4.
Your interaction with the Wysa Bot is with an AI chatbot and not a human.
The Bot is
restricted
in the means of response, and the intended use is for providing evidence-based tools and
techniques to manage emotions and encourage mental well-being in a self-help context.
It
is
not
intended for providing diagnosis, treatment or cure of a condition or disease.
The Bot
cannot
and will not offer advice on issues it does not recognize.
5.
<b>The Wysa Well-being Coach Service</b> will use text-based messaging to apply
motivational interviewing and life coaching to help You work towards Your personal
well-being goals.
The Service will focus on building wellness and emotional resilience.
The underlying principle of the Well-being Coach Service is that You have the knowledge
and capacity to make desired changes in Your life.
The role that a Well-being Coach will
play is to support You in finding Your own way, help You tap into Your own strengths and
abilities, so that You can identify and use resources around You to fill any gaps.
6.
<b>The Wysa Therapist Service</b> is also a text-based messaging service.
It will use
person-centered supportive listening, motivational interviewing and CBT principles to
help You to take control of Your mental and emotional well-being.
Wysa Therapists will
draw on various evidence-based techniques to provide empathetic and non-judgmental
support.
The Wysa Therapist will listen to Your worries empathetically, promote
positivity and support You in making successful lifestyle changes, so that You can
manage Your situation better and build emotional resilience.
7.
Wysa Well-being Coach and Wysa Therapist services are not intended to be a replacement
for
face-to-face psychotherapy or to provide a diagnosis, prognosis, treatment or cure for a
disease/condition/disorder or disability or provide any type of state-regulated mental
health
services in Your country of residence.
It is an enabling and empowering mode of support,
rather
than treatment of illness or a health condition.
8.
By using the Wysa Well-being Coach or Wysa Therapist Services, You understand and agree
that
the
Coach assigned to work with You will be located remotely and may not be located in Your
country
or state of residence.
9.
Wysa Bot and Wysa Well-being Coaches and Wysa Therapists cannot and will not offer
medical
or
clinical advice.
In case You mention the need for such advice, they will suggest that
You
seek
advanced (medical) help.
10.
We take great pains to keep Your conversations private and secure as outlined here.
You can also keep Your conversations private and device secure by following
the
best practices outlined here of the Privacy Policy.
11.
For safety and security reasons, We strongly recommend that You keep Your conversations
with
Wysa App private.
We strongly recommend that You set automatic update of the Wysa App in
the
application manager settings of Your mobile device.
to get the latest Wysa App-based
features
and fixes.
Always exit the Wysa App version in Your mobile device by using the back
button
before upgrading to a newer version to prevent loss of ongoing or previous
conversations.
<p>Changes in v3.2.0 | Apr 19, 2021</p>
<br>
<b>Updates</b>
<ul>
<li>
Additional clarity on handling data where Wysa App is integrated with Your Institution system
</li>
<li>
Additional clarity on use of minimal and anonymous conversation messages for improving performance of Bot algorithms
</li>
<li>
Additional information around security controls and alignment to ISO 27001: 2013 and ISO 27701: 2019 global standards
</li>
<li>
Additional clarity on anonymized and minimal data shared with third parties
</li>
</ul>
<b>Removed</b>
<ul>
<li>
Video Call- based experimental Coach/therapist Service has been currently discontinued.
Section “What do we process when You use the Video Call Service?” removed
</li>
</ul>
<p>You can read the full list of changes in the Changes Log</p>
<p>
</p>
<p>Introduction</p>
<p>Welcome to Wysa App, the mobile and online service of Touchkin eServices Private Limited
(hereinafter <b>“Touchkin”</b>, <b>“Wysa”</b>, <b>“We”</b>, <b>“Us”</b>, or <b>“Our”</b>).
When you as a Data Subject (<b>“User”, or “You/r”</b>) use Touchkin’s Services, You trust us
with Your Data.
This Privacy Policy governs Your use of the mobile or web browser based
software application either on the wysa website or integrated within an Institution website
(hereinafter the <b>“Wysa App”</b> or <b>“Mobile Software”</b>) created by
Touchkin and also covers Your use of Our Website, other websites maintained by Us.
This
Privacy Policy along with Wysa Terms of Service constitutes a legal agreement
between You and Touchkin.</p>
<p>This Privacy Policy (<b>“Policy”</b> or <b>“Privacy Policy”</b>) has been drafted in
accordance with the Information Technology Act, 2000, the Information Technology (Reasonable
security practices and procedures and sensitive personal data or data) Rules, 2011,
including (but not limited to) requirements within General Data Protection Regulation (GDPR)
(EU) 2016/679 regulation, the UK-GDPR and where applicable the Health Insurance Portability and
Accountability Act (collectively referred to as <b>“Data Protection Laws”</b>).</p>
<p>For the purposes of processing Your data, Touchkin eServices Private Limited, the makers of
Wysa App will act as the <b>Data Controller</b>.
Touchkin is a private limited company,
incorporated and existing under the laws of India and having its registered office at No.
532, "Manjusha", First Floor, 2nd main, 16th Cross, II stage, Indiranagar, Bengaluru, KA
560038 IN.</p>
<p>
<b>What does this Privacy Policy apply to?</b>
</p>
<p>This Privacy Policy applies to the data You provide Us when You Use the Wysa App and Service.
The mobile-based and/or web browser based AI chatbot service, digital premium service,
Well-being Coach Service and the Therapist
Service provided via Wysa App are collectively referred to as the "Service(s)".</p>
<p>This Privacy Policy is meant to help You understand what data We collect, why We collect it,
what We do with it, how You can manage and control the Use of Your data and the rights You
have to access and control Your Personal data.
Please read the definitions in the next
section to understand the terminologies used in this Privacy Policy.</p>
<p>We will always respect and protect Your privacy, and this forms a part of Our guiding
principles.
We have policies and procedures in place to protect the privacy and security of
Your Personal data.
Your trust means a lot to Us.
Wysa <b>
<u>does not</u>
</b> request Your
Personal Data.
If You inadvertently submit any Personal data then, We will process it with Your data basis this Agreement and will take reasonable measures to irreversibly redact any Personal Identifiable Information within 24 hours in Our system as described here .
Please <u>
<b>do
not</b>
</u> share any Personal data at any time during Your Use of Our Services.
Your data is secured with strong encryption during transmission and storage.</p>
<p>Your use of the Wysa App will be governed by this Privacy Policy as applicable to the Wysa
App together with all policies, notices, guidelines, disclaimers that are published and
shared with You from time to time including but not limited to Wysa Terms of Service.</p>
<p>Users may request additional Services from Touchkin or Touchkin affiliates.
Because the needs
and choices of each User may vary, We may provide separate privacy policies or addendums to
this Privacy Policy for certain additional Services.
Any applicable separate privacy
policies and addendums will explain the types of data We collect, their purposes of Use and
other policies that may apply to that Service.
When You choose to Use an additional Service,
You may be informed of the applicable privacy policy or addendum which applies in addition
to, and may modify this Privacy Policy, before You can access the additional Service.</p>
<p>Touchkin reserves the right to make changes to this Privacy Policy and to make such changes
effective for all data We may already have collected from You.
We will notify You via in-app
notifications when We make any changes to the Privacy Policy.
If the changes to the Privacy
Policy include changes to the collection, storing or processing Your Personal information in
a way that infringe into Your privacy, we will notify You clearly about the same and seek
Your consent for the same where required by the applicable laws and regulations.</p>
<p>Please note that by installing Wysa App, providing Your nickname and clicking the proceed
arrow within the Wysa App, You acknowledge and consent to this Privacy Policy and Our Terms of Service.</p>
<p>
</p>
<p>
</p>
<p>Definitions </p>
<p>
<b>Anonymization</b> is the process of removing personally identifiable data from data sets
so that the person can no longer be identified directly or indirectly.
<br>
<br>
<b>Cookie</b> is a small amount of data generated by a Website and saved by Your Web
browser.
Cookies are used to store User preferences for a specific site.
Use of cookies makes Web-
surfing easier.
You may refuse to accept Cookies by activating the setting on Your browser
which allows You to refuse the setting of Cookies.
<br>
<br>
<b>Data</b> or <b>Information</b> under this Privacy Policy means Both Personal and
Non-Personal data or information.<br>
<br>
<b>Data Controller</b> means the natural or legal person, public authority, agency or other
body which, alone or jointly with others, determines the purposes and means of the processing of
personal data.<br>
<br>
<b>Data Processor</b> means a natural or legal person, public authority, agency or other
body which processes personal data on behalf of the data controller.<br>
<br>
<b>Encryption</b> is the process of transforming data into unreadable text so that it is
only legible to those possessing an encryption key.
The process of making encrypted data readable again
is referred to as decryption.<br>
<br>
<b>Personal data</b> or <b>Personal Information</b> means data relating to an identified or
identifiable natural person who can be directly or indirectly identified by reference to an identifier
such as full name, identification numbers, location address, online identifier and other
identifiers within the definitions of The Information Technology (Reasonable Security Practices and
Procedures and Sensitive Personal Data or data) Rules 2011, General Data Protection
Regulation (GDPR) (EU) 2016/679 regulation and UK-GDPR.
Personally identifiable information
(PII) and Sensitive or Special Category of Personal data is covered within the definition of Personal
Data.<br>
<br>
<b>Pseudonymisation</b> means the processing of Personal data in such a manner that the
Personal data can no longer be attributed to a specific User without the use of additional
information, provided that such additional information is kept separately and is subject to
technical and organisational measures to ensure that the Personal data are not attributed to
an identified or identifiable natural person.<br>
<br>
<b>Non-Personal data</b> or <b>Non-Personal Information</b> means any data that does not
reveal Your specific identity either directly or indirectly.<br>
<br>
<b>Sub-Processor/s</b> is a processor who is sub-contracted some of the personal data
processing.<br>
<br>
<b>Web browser</b> is a software program that allows User to access, retrieve and view data
on the World Wide Web.
Examples of browsers include Internet Explorer, Firefox, Google
Chrome and Safari.<br>
<br>
</p>
<p>
</p>
<p>
</p>
<p> What is Wysa App?</p>
<p>The Wysa App is a virtual AI chatbot (<b>“Bot”</b> or <b>“Wysa Bot”</b>) that You can chat
with,
including upon Your choice, the ability to subscribe and to message a highly trained and
qualified mental well-being professional (<b>“Wysa Well-being Coach”</b> or <b>“Wysa
Therapist”</b>) or for Institution Users, to be able to use an institutional support
mechanism integrated within the Wysa App, and through a conversational interface get access
to tools and techniques to manage Your emotional well-being.
The Wysa App is primarily
available for both iOS and Android mobile systems and as a web browser based system either on the wysa
website or integrated within an Institution website.
Your Interaction with the Bot is with
an artificial intelligence chatbot and not a human.
The Bot is restricted in the means of response, and
the intended usage of Wysa App is for providing evidence-based tools and techniques to manage
emotions and encourage mental well-being as an early intervention tool in a self-help
context.
You make the choice of using the Bot, based on Your own estimate of need, and agree that
this is only suitable for basic self-help.
This is not intended to be a replacement for face-to-face
psychotherapy or to provide a diagnosis, prognosis, treatment or cure for a
disease/condition/disorder or disability.
The Bot cannot and will not offer advice on issues
it does not recognize.
Using the Wysa App, You can track and manage Your mood, and learn
context-sensitive evidence-based techniques that can help You feel better.
Wysa App and
Service is not intended for use in crisis such as abuse or complex or severe mental health
conditions that causes for example.
ideation of suicide, harm to self and others, or for any medical
emergencies.
Wysa App and Service cannot and will not offer medical or clinical advice.
It can only suggest that the user seeks advanced (medical) help.</p>
<p>
</p>
<p>
</p>
<p>Who can Use the Service?</p>
<p>You may Use the Service only if You are a natural/legal person, agree to this Agreement and
form
a binding contract with Wysa, and only in compliance with all applicable local, state,
national,
and international laws, rules and regulations.
If You are between 13 and 18 years of age,
please
read through this Wysa Privacy Policy and the Wysa Terms of Service with Your parent or
legal
guardian, and in such a case the Agreement shall be deemed to be a contract between Touchkin
and
Your legal guardian or parent and to the extent permissible under applicable laws,
enforceable
against You.
Anyone under 13 is strictly prohibited from creating an account and/or Using
the
Service.</p>
<p>If Your Institution specifies a different age restriction, such as at least 18 and above, as
a
condition of using this Service, that restriction shall apply rather than the one above.
</p>
<p>
If You use the Wysa Well-being Coach or Wysa Therapist Service, You will be asked to provide
a Parental or Legal Guardian consent if You reveal Your age to be between 13 and 18 years.
You will be required to inform Your parents or legal guardian and have them send Us an email
consent to wysa@touchkin.com or hello@wysa.ai, as
directed by Your Wysa Well-being Coach or
Wysa Therapist, using the same email ID that was used to subscribe to Our Service.
Without
receiving parental or legal guardian consent, We will be unable to offer Our full Services.
If Your parents or legal guardian contact Us We will collect minimal Personal
Information such as Your name, Your parents name, Your parent’s email address and the
consent message.
This data is securely stored in Our Google GSuite account with access to
only authorized users.
We have a signed Data Protection Addendum and Business Associate
Agreement With GSuite.
Your parental consent email will be retained within Our system for
a maximum of 10 years since Your last subscription with Us and as per Our Information
Retention Policy.
We process Your data for our Legitimate Interest to provide You Our Wysa
Well-being Coach or Wysa Therapist Service.
We will not use Your Personal data for any
Direct Marketing without Your Consent.
We will not sell Your Personal data to any
third party.
</p>
<p>
<strong>Institution or other Consumer users</strong>
</p>
<p>Corporations, schools, universities, hospitals, insurance, government, and other
organizations
(“Institution(s)”) may introduce Wysa App to their employees and members.
These Institutions
may
also replace certain Wysa Service(s) or integrate their own Services within the Wysa App
(“Institution Version'').
Such employees and members of Institutions are also User(s) of the
Wysa App or the Institution Version of Wysa App (“Institution User(s)”).
In such an event,
these
Institution(s) terms and their Privacy Policy shall also apply to Your Use of Wysa App and
Services.
In the event of any conflict with such additional terms and Privacy Policy, Wysa’s
Agreement shall apply.
Wysa App may carry links to material or Websites or Web Pages or
Services
managed by third parties on which the Institution and Touchkin may have no control,
agreement or
affiliation.
Please refer to documentation including terms and Privacy Policy provided by
such
third parties before Using Your Institution Version.</p>
<p>The Institution Version and its Services can only be accessed by authorized Institution
User(s)
after following installation and access instructions as shared by the Institution or their
Service provider.</p>
<p>
</p>
<p>
</p>
<p> What Data do We collect and how do We Use it?
</p>
<ol>
<li>
<p>
<strong>How do We handle Your Personal Data?</strong>
</p>
<p>No identifiable information is solicited or stored in the Wysa app.
As data is not
related to an identifier or identifiable natural person, it will no longer be
Personal
data or Special Category of Personal data.
There is no user registration nor are You
asked to share Personal data when You install and use the Wysa App and Services.We
collect, transfer and securely store the unique vendor specific ID provided by the
Apple App Store or Android Play store when You install Wysa App on Your device.
This
is done for the purpose of generating a random pseudonymised user identifier.
This
pseudonymised identifier generated becomes the userId that is referred to for all
subsequent data transfers and linking Your data within the Wysa databases.
This
processing is based on Our Legitimate Interest.
Refer here to understand how
we protect Your data.
</p>
<p>
If Wysa App is integrated with Your Institution system, Your Institution may
securely share a unique random user identifier with Us.
This random identifier is
processed by Us on behalf of Your Institution for the purpose of accurately linking
You with Your provided data when You repeatedly access the Institution System and
the Wysa App and to provide the agreed analytics with Your Institution.
This processing will be based on Your Institutions contract
with Us.
</p>
<p>If You inadvertently share any personal identifier such as full name, dates,
locations,
phone numbers, email identifiers or medical terms during Your conversation with the
Wysa
App and Services, it is Our responsibility to redact such personal identifiers to
make
the data non-personal.
To ensure that no personal identifiers get stored in Our
systems,
We have developed a high recall AI-NLP algorithm that detects and irreversibly
redacts
identifiers, which include all numbers more than 2 digits, urls, emails, dates,
locations, names and medicalized terms, from Our storage systems.
Within 24 hours of
starting Your session, Our algorithms will process Your data, detect any personal
identifiers and irreversibly redact them.
None of Your conversation messages will be
lost, and only the specific personal identifier will be irreversibly redacted in Our
systems.
You can view
such
obfuscation in the Journey tab within the Wysa App.
This obfuscation processing is
based
on Our Legitimate Interest.
This is to ensure that no personal identifier and hence
no
Personal data inadvertently creeps into Our system and Wysa App is able to maintain
complete anonymity.
</p>
<p>You can always write to Us at the contact provided here.
if You want to
clarify, rectify or delete specific personal data that You shared with Us.
You can
also
read Your data protection rights here.<br>
</p>
<p>You have the Right to be Forgotten.
You can also, at any point of time, clear all
Your provided data by using the “reset my data” feature available in the Wysa App
settings.
Refer here in our Policy for more details.
DO NOTE THAT “RESET
MY DATA” DELETES ALL YOUR SUBMITTED DATA INCLUDING YOUR IDENTIFIERS, PAST
CONVERSATIONS, REMINDERS, ASSESSMENT RESPONSES AND ENABLED SETTINGS.
POST RESET, YOU
WILL NOT BE ABLE TO RECOVER YOUR PAST DATA AND YOU WILL BE CONSIDERED AS A NEW USER
OF THE APP.
HENCE, THIS FEATURE IS TO BE USED BY YOU AT YOUR DISCRETION.
</p>
</li>
<li>
<p>
<strong>How do We handle Your conversation messages?</strong>
</p>
<p>When You Use the Wysa Bot Service, You provide Your messages by selecting
pre-formatted
options or by way of free-text using keypad or by speech to text.
We collect,
transmit and securely store Your messages in
Our servers.
We process Your messages in real-time using safe AI/NLP algorithms that
detect
the context and direct You appropriately to subsequent conversation based on a
proprietary rule-based content engine.
At no point during Your conversation with the
Wysa Bot does another natural person have access to or get to monitor or respond to,
Your messages.
The Wysa App’s proprietary and closed rule-based algorithms process
all
Your messages for positive and negative sentiments.
This is done to enable the Wysa
App
to empathetically converse with You, and personalize Your conversation.
There is no
solely automated processing done by the Wysa App to determine what You should do.
You
are always asked to verify whether the Wysa App has understood Your conversation or
sentiment or emotions correctly, before proceeding down the conversational path.
</p>
<p>When You use the Wysa Well-being Coach or Wysa Therapist Service, You get to exchange
text-based messages with a mental health and well-being professional.
We collect,
transmit and securely store these messages in Our servers.
If
You inadvertently send any Personal identifiers in Your messages, such
identifiers are irreversibly hashed by Your Well-being Coach or Wysa Therapist
during conversation.
</p>
<p>Processing of Your conversation messages is based on Our Agreement that You agree at
the
time of installing and using the Wysa App.<br>
</p>
<p>Your data, messages or usage is not used for direct marketing nor is it sold to
advertisers.
We do not use the messages or the data You submit to Us as a way to generate revenue
for
Wysa.
We do not collect any Personally Identifiable Information from You.
At the
same
time, We do use anonymised and only the minimal data that is required to answer the
research question for research and statistical purposes based on Our Legitimate
Interest
to improve Our Product and Services and contribute to the development of
user-centered
mental wellbeing best practices globally.
The messages You send are strongly
encrypted
during transmission and storage.
You can read more about the security provided here of this Privacy Policy.<br>
</p>
<p>
We also use anonymized and minimal conversation messages to tag, train and continually improve the performance of our rule-based AI/NLP algorithms.
This processing is based on Our Legitimate Interest to provide the Bot Service and to keep improving and/or optimizing quality, safety and performance of Our Service.
</p>
<p>You have the Right to be Forgotten.
You can also, at any point of time, clear all
Your
provided data by using the “reset my data” feature available in the Wysa App
settings.
Refer here in our Policy for more details.<br>
</p>
<p>
</p>
<p>All the conversations You have with the Wysa App are private.
No one within or outside of
Touchkin has access to Your Data except to process based on Our Legitimate Interest as
identified here and based on principles of privacy by design and default.<br>
</p>
<p>
</p>
<p>We will do our best to irreversibly redact any Personally Identifiable data inadvertently
submitted by You as per Our Legitimate Interest.<br>
</p>
</li>
<li>
<p>
<strong>How do we handle Your name?</strong>
</p>
<p>When You Use the Service, We will not ask for and <u>will not</u> require Your full name
at any point of time during the conversation.
After installation, We take You through a
one time on-boarding process.
Here We ask for only Your <b>
<u>nickname</u>
</b>.
Processing of Your nickname is based on Our Agreement to help personalize Our
conversation with You.
We set character limits to prevent You from inadvertently
submitting Your full name.</p>
<p>ALWAYS USE NON-IDENTIFIABLE NICKNAME TO MAINTAIN COMPLETE ANONYMITY.
You can change the
nickname once provided to the Wysa App by typing #help and choosing “Change Name” from
the slider displayed.</p>
</li>
<li>
<p>
<strong>Why do We ask about Your thoughts, feelings (emotions), mood, major event or life
changes, goals, energy levels and safety plan?</strong>
</p>
<p>When You Use the Service, We may periodically ask You wellness-related information such as
Your thoughts, feelings or
emotions, mood, major events / changes in life, Your resilience goals and Your energy
levels.
Processing of Your response is based on Our Agreement and solely to provide You
evidence-based tools and techniques to manage emotions and encourage mental well-being
in a self-help context.
We use Your anonymized and minimal wellness-related information for
population-level research and statistical purposes as per Our Legitimate Interest (here of this Policy).</p>
<p>When You use the Service, You may be given an option to create a Safety Plan to help You
maintain a ready access of support resources and crisis helplines that You may want to
access when in need.
You may enter data such as life anchors, friendly places, support
networks, warning signs, calming activities.
Processing of Your data is based on Our
Agreement and solely to provide You access to Your own Safety Plan for Your own care.
</p>
<p>Your data is strongly encrypted during transmission and is securely stored.
Kindly refer
Our Security safeguards and rights You can exercise here</p>
<p>We will do our best to irreversibly redact any Personally Identifiable data inadvertently
submitted by You as per Our Legitimate Interest.</p>
</li>
<li>
<p>
<strong>How do We handle Your responses to mental well-being screening assessments?</strong>
</p>
<p>When You Use the Service, You will be asked to respond to validated assessments.
Response
is voluntary and You can opt to not report any of the assessments.
Wysa App currently
Uses four validated assessment scales for understanding Your emotional Well-being namely
Patient Health Questionnaire (PHQ9)- <i>to self-report any symptoms of depression</i>,
the Generalized Anxiety Disorder Assessment (GAD7) - <i>to self-report any symptoms of
anxiety</i>, and the Subjective Units of Distress Scale (SUDS)- <i>to self-report
the intensity of distress currently experienced</i>.</p>
<p>
If Wysa App is integrated with Your Institution system, Your Institution may additionally
share Your PHQ9 and GAD7 score, that Your Institution may collect, with Us.
This screening
data is processed by Us on behalf of Your Institution for the purpose of understanding Your
emotional Well-being, providing You the necessary Well-being tools and techniques and to
provide the agreed analytics with Your Institution.
This processing will
be based on Your Institutions contract with Us.
</p>
<p>You will also be asked to share how You cope with day to day activities as part of the
assessments.
Assessments are a proven way to baseline and track the progress of Your
self-reported symptoms.
Processing of Your assessment response is based on Our Agreement
and used for the purpose of determining if escalation is required and to provide You
access to scientific-evidence based tools and techniques to manage emotions and
encourage mental well-being in a self-help context.</p>
<p>YOUR RESPONSES TO THESE ASSESSMENT QUESTIONS ARE NOT PROCESSED TO FORM A DIAGNOSTIC
OPINION NOR PROCESSED FOR ANY MEDICAL PURPOSES OR FOR GIVING CLINICAL ADVICE.
We DO NOT
collect or process Your sensitive medical data or Protected Health data (PHI), as
defined under the US law, that can directly or indirectly Identify You.
We use Your
anonymized assessment scores for population-level research and statistical purposes as
per Our Legitimate Interest (here of this Policy).We apply
organizational and technical measures to endeavour to irreversibly redact any Personally
Identifiable data inadvertently submitted by You as per Our Legitimate Interest.
</p>
<p>Your response is encrypted during transmission and is securely stored.
YOUR PERSONAL DATA IS
NEVER
SHARED WITH A THIRD PARTY WITHOUT YOUR EXPLICIT CONSENT.</p>
</li>
<li>
<p>
<strong>What data do We collect when working with a Wysa Well-being Coach or Wysa
Therapist?</strong>
</p>
<p>
<i>[This section applies only to the conversations with a Wysa Well-being Coach or Wysa
Therapist.
For some institutional versions of Wysa App, Wysa App may provide links
to support from the institution’s EAP service or health provider, in which case
their terms and Privacy Policy will apply.]</i>
</p>
<p>
When You use the Wysa Well-being Coach or Wysa Therapist Service, You get to exchange
text-based messages with a mental health and well-being professional.
We collect, transmit
and securely store these messages in Our servers.
Processing of Your conversation messages is
based on Our Agreement that You agree at the time of installing and using the Wysa App.
</p>
<p>When You Use the Wysa Well-being Coach Service or the Wysa Therapist Service, You can
schedule or reschedule a real-time text-based messaging session with Your assigned Coach
or Therapist.
We collect Your chosen session dates and time to confirm Your booking.</p>
<p>Processing of Your device time zone is based on Our Agreement to calculate Your local
date and time so that session bookings are accurately scheduled and for setting accurate
session reminder notifications.
At times, Wysa App may get Your local time wrong which
could affect the session scheduling.
PLEASE ALWAYS VERIFY YOUR LOCAL TIME DISPLAYED BY
WYSA APP IN THE SESSION SCHEDULING SCREEN BEFORE PROCEEDING WITH BOOKING OF A SESSION.
IF YOU NOTICE AN ERROR IN YOUR LOCAL TIME DISPLAYED, GO TO THE BOT MESSAGING INTERFACE
AND TYPE #TIME TO CHANGE YOUR TIME.
If You face any challenge changing Your local time
or booking a session, kindly write to Us at the contact provided here.
</p>
</li>
<li>
<p>
<strong>What do We process when You use SIRI or Google Assistant voice-based Service of
Wysa?</strong>
</p>
<p>If You choose to use Apple’s SIRI or Google’s Assistant to invoke the Wysa Bot Service,
You get the opportunity to talk to Wysa Bot.
These services convert Your voice into text
and pass this transcription to Wysa’s secure servers.
We do not get access to Your voice
patterns.
No Personal data gets asked or collected during use of this Service.
Please
<u>
<b>do not</b>
</u> share Your Personal Information at any time during use of this
Service.
</p>
<p>When You use SIRI, Apple may collect some Identifiers and Information from You to provide
their service for which You are subject to Apple’s terms and conditions and Privacy
Policy.
You can read Apple’s Privacy Policy here.
We do not access, receive or
collect any identifiers and information that is collected by Apple.</p>
<p>When You use Google Assistant, Google may collect some Identifiers and Information from
You to provide their service for which You are subject to Google’s terms and conditions
and Privacy Policy.
You can read Google’s Privacy Policy here.
We do not access, receive or
collect any identifiers and information that is collected by Google.</p>
</li>
<li>
<p>
<strong>How do We handle Your Device data when You Use Our Service?</strong>
</p>
<p>When You Use the Service, We collect, securely encrypt and transfer and store the
following data from Your mobile device: mobile application identifier, mobile operating
system, OS version, device make and model.
We process this data based on Our Legitimate
Interest to detect and deter unauthorized or fraudulent Use of or abuse of the Service,
to troubleshoot issues, for debugging app crashes and to optimize Your experience for
e.g.
to make sure the Wysa App is displayed correctly on Your phone, or Your usage
settings are applied.</p>
<p>
<strong>Do We use Cookies?</strong>
</p>
<p>We do not use any Cookies and beacons within Our Wysa App.</p>
<p>We use cookies and Web beacons on Our Website.
These collect and process data such as
browser type, browser language, Operating System, browser data including type and
language settings along with the actions You take on Our Website (such as the Web pages
viewed and the links clicked.
This data is collected after taking required consent from
the Users based on Our Cookie Policy.
We
do not share or sell Your provided data to any third party.
</p>
<p>
<strong>Do We collect Passive Sensing data from Your mobile device?</strong>
</p>
<p>When You Use the Service, the Wysa App <b>
<u>does not</u>
</b> passively collect nor
process any data from Your mobile device sensors, including accelerometer, ambient light
readings and screen on/off readings and call logs.</p>
<p>
<strong>Do We process Your location data?</strong>
</p>
<p>Wysa App <u>does not</u> process Your Geolocation at a level that makes Your data
personally identifiable.
Wysa may infer Your location through Your timezone or other
means at a country or state level to provide You appropriate resources.</p>
</li>
<li>
<p>
<strong>How do We use any Third Party Analytics tools and software?</strong>
</p>
<p>When You use the Service, Wysa App usage and system generated event data gets logged and
sent to third-party operations and analytics tools such as Google Analytics, Facebook
Analytics and
Firebase via their secure API integrated within the Wysa App.
No Personal Data is
shared.
Any event data sent to third party tools used for operations and analytics is
designed to ensure that it is cryptic and does not create a medical or psychological
profile of a user in the hands of the processor.
These events <u>
<b>do not</b>
</u> contain
any
conversational data provided by You during Your use of the Service.
We use random
Firebase generated Identifiers of the User to send in-app and push notifications.
Processing of events data is based on Our legitimate Interest to view Wysa App
engagement and Operational performance to improve Our Service Quality, Safety and
Performance.<br>
</p>
<p>No direct advertising or direct marketing is performed both within and outside the app.
However, to measure the effectiveness of our social media or other marketing campaigns,
We may install third-party modules (Google Analytics, Facebook Analytics, Firebase and branch.io) within
the Wysa App to help Us understand Service performance based on User use.
This helps us
make improvements to Our Service experience for Our Users.
Event data from these modules
is sent to third-party operations and analytics tools such as Google Analytics,Facebook
Analytics and
Firebase via their secure API integrated within the Wysa App.
No Personal data is
shared.
These events <b>
<u>do not</u>
</b> contain any conversational data provided by
You during Your use of the Service.
Processing of events data is based on Our Legitimate
Interest to view Wysa App engagement and Operational performance to improve Our Service
Quality, Safety and Performance.
<br>
</p>
<p>You have the right to object to the above processing.
Please read here on
Your rights.<br>
</p>
<p>Apart from the App-pushed events, the third party tool APIs also may automatically
collect some non-personal events.
Google Analytics automatically collected events can be found here .
The use of Google Analytics is governed by Google Data Policy and
Data Safeguards .
Facebook Analytics automatically collected events can
be found here
and here.
The use of Facebook Analytics is governed by Facebook Data Policy and Terms of Service.
Firebase
automatically collected events can be found here.
The use of
Firebase is governed by Firebase Terms of Service, Use Policy and Crashlytics Terms of
Service.
</p>
<p>Our Website is hosted on Strikingly, a third party Web management and analytics platform.
Strikingly helps Us collect Your Website visit and usage data for the purposes of
analytics and improve Your experience on our Website.
The Use of Strikingly is governed
by Strikingly’s Terms
of Service, Privacy and Cookie
Policy and GDPR
Compliance Statement.</p>
<br>
We use Branch.io to provide deeplink service for Our Institution Users, that helps provide
direct access to Wysa App and
Services and is governed by branch.io’s Terms of Service, Privacy Policy and Security &.
GDPR
Compliance.
We have a signed Data Processing Agreement (DPA) with Branch.io.
We use Mailgun to send confirmation messages to new users who subscribe to Our Services
based on Our promotions on Facebook, Google and Instagram.
We transmit Your email ID to Mailgun for this processing, but do not store Your email IDs in Touchkin servers.
The services provided by Mailgun are based on their
Terms of Service, Privacy Policy and Security &.
GDPR Compliance.
We have a
signed Data
Processing Agreement (DPA) with Mailgun.
<p>
</p>
</li>
<li>
<p>
<strong>What additional data do We collect from Institution Users?</strong>
</p>
<p>By using the code or link provided by the institution, You are identifying Yourself as
being a part of the cohort supported by the institution.
Your Institution may also get
access to your
aggregated and minimal usage data for their analytic and research purposes basis the consent
given by You to Your Institution.
We may collect Your Country, Division and in some
cases Your City to provide aggregated analytics.
We do not share Your
Personal conversational messages with the institution.
Any inadvertent personal identifiers
provided by You are removed prior to aggregation and sharing of any analytics with the
institution.
This processing of data of
Institution cohorts is based on the contract between the Institution and Touchkin.</p>
</li>
<li>
<p>
<strong>How do We handle Your App password?</strong>
</p>
<p>Wysa App does not use any passwords.
For Your privacy and security, You are advised to
set Your own Wysa App PIN to protect unauthorized access of Your conversation messages.
Your mobile device screen password is Your PIN.
To extend Your device password, use the
"Set Lock " feature under Wysa App settings.
You can also remove Your PIN Using the
‘Remove Lock” option under settings.
The PIN that You Use is personal to You, and You
are responsible for maintaining the confidentiality and security of Your PIN.
PLEASE
KEEP YOUR PIN SAFE AND DO NOT SHARE IT WITH ANYONE.
The PIN You set remains in Your
device and is not collected, transmitted and stored in Our servers.
</p>
</li>
<li>
<p>
<strong>What do We do with Your feedback and ratings?</strong>
</p>
<p>When You Use the Service, You have an option send Your feedback from within the Wysa App and
through Our Website.
to the Wysa
App.Feedback can be given using the Feedback feature provided in the Wysa App setting.
Personal data, if any provided in
Your privately shared feedback messages, will be manually redacted before any processing of Your feedback.
We will always take Your explicit consent before revealing Your nickname or name for social proof purposes.
If You contact Us from Our Website “Contact Us”, We will collect minimal
Personal Information provided by You such as Your name, Your email address, and Your
message along with Your Consent.
This data is securely stored in Our Google GSuite account with access to only
authorized users.
We have a signed Data Processing Agreement and Business Associate
Agreement With GSuite.
We will Use this data to address Your requests to provide You
support and to improve Our Services.
Your Email will be retained within Our system for a
maximum of 10 years since last correspondence as per Our Information Retention Policy.
We process Your data for our Legitimate Interest.
We will not use Your Personal data for any
Direct Marketing without Your Consent.
We will not share or sell Your personal data to any
third party.
If You have subscribed
to the Well-being Coach Service or Wysa Therapist Service, We will collect anonymous
feedback post Your sessions.
Processing Your anonymous feedback and rating is based on
Our Agreement and used by Us to improve the product and Your Service quality, safety and
performance.</p>
<p>AS A BEST PRACTICE, IT IS ADVISED THAT YOU TAKE ADEQUATE PRECAUTIONS TO NOT SHARE YOUR
SENSITIVE HEALTH OR PERSONAL DATA WHILE GIVING FEEDBACK OVER EMAIL NETWORKS.</p>
</li>
<li>
<p>
<strong>How do We handle notifications or reminders?</strong>
</p>
<p>When You Use the Service, You have the option to activate or deactivate push
notifications or reminders in Your Wysa App settings.
The Wysa App will ask Your
preference for the time of day to receive notifications and will confirm Your local time
to ensure reminders get sent as per Your preference.
You can cancel or restrict
notifications at any time by invoking help function (type #help) or from Your Wysa App
settings.If You use the Coach or Therapist Service, You also have the option and convenience
to save Wysa Session reminders to
Your calendar management software in Your mobile device.
Processing of Your
notifications is based on Our Legitimate Interest to send Service information and
reminders that help improve Wysa App engagement.</p>
<p>WE WILL NOT SEND ANY MARKETING MESSAGES WITHOUT YOUR CONSENT.
ANY MESSAGING SENT WITH
YOUR CONSENT WILL ALWAYS GIVE YOU AN OPTION TO UNSUBSCRIBE FROM RECEIVING SUCH MESSAGES
OR NOTIFICATIONS IN THE FUTURE.</p>
</li>
<li>
<p>
<strong>How do We handle Your age-range related data?</strong>
</p>
<p>When You Use the Wysa Bot Service, You have the option to provide an age-range (Under 20,
20-30, 30-45, Above 45) during Your conversation.
Processing of this age-range data is
based on Our Agreement and to understand the age profile of Our Users and to help
provide them access to tools and techniques or provide other operational Information
relevant to their age range.
</p>
<p>WE DO NOT ASK, COLLECT OR PROCESS YOUR SPECIFIC AGE OR DATE OF BIRTH AT ANY TIME DURING
YOUR USE OF THE SERVICE.</p>
</li>
<li>
<p>
<strong>How do We handle User Incident support?</strong>
</p>
<p>Touchkin has an Incident Management Policy that guides all our User Issue and Incident
management support.
There may be occasions where You wish to contact Us to seek support
or to complain about any of Our Services.If You contact Us directly in Our Email,
either via Our Apps or Website, We will collect minimal Personal Information such as Your
name, Your email address, Your phone number (if You provide), subscription receipts, as
well as, where required, data about Your mobile device or personal computer such as device
type, and OS type.
This data is securely stored in Our Google GSuite account with access to
only authorized users.
We have a signed Data Processing Agreement and Business Associate
Agreement With GSuite.
We will Use this data to address and investigate the issues or
requests You have forwarded to Us, to provide You support and to improve Our customer
support Service.
Your Email will be retained within Our system for a maximum of 10 years
since last correspondence as per Our Information Retention Policy.
We process Your data for
our Legitimate Interest.
We will not use Your Personal data for any Direct Marketing without
Your Consent.
We will not share or sell Your personal data to any third party.
</p>
<p>Your issues or complaints or requests about Wysa App and Services are taken very seriously.
You will
need to send an email request from Your Google or Apple email ID to wysa@touchkin.com or hello@wysa.ai.
We will respond to Your complaints
within 3 business days.
Some of Your complaints may take longer to resolve.
We will
continuously provide You with an update until Your complaints are satisfactorily
resolved.</p>
</li>
<li>
<p>
<strong>How do We handle data provided during promotions and surveys?</strong>
</p>
<p>We do not promote offers of third party services as a part of the in-app experience.
From
time-to-time, we send out in-app or push notifications to share discounts and new
releases in the Wysa App.
These are shared only with existing users for Existing
Services.
Processing of Your Non-Personal data such as Nickname, Timezone, App usage to
send such notifications is based on Our Legitimate Interest and to provide You with
Service discounts and improve Your experience of the Wysa App.</p>
<p>If You choose to participate in a Wysa promotional event on social media or elsewhere
outside of the Wysa App, You may be asked to opt-in to complete a survey questionnaire.
Your voluntary submissions including Your personal data such as email address will be
processed only for the following purposes - to send You additional data about the
programme, to enrol or on-board You to the programme and to correspond with You on
programme related matters.
Your survey submission will never be linked to Your Wysa app
account and hence Your Wysa App conversations and activities will never identify You.
Your submissions will reside in a secure and private storage area operated within the
Wysa G-suite account and managed by Google Forms (G-Suite security can be read at
here ).
The
Wysa G-Suite account is also
protected by a multi-factor secure authentication system.
You can opt out at any time from
the programmes by sending Us an email request from Your Google or Apple email ID to hello@wysa.ai to delete Your personal data or to
discontinue receiving any further communication on this matter.
On receipt of Your
email, We will verify and remove only the specific Personal data as requested by You,
within 72 hours of receiving the request.
YOUR SUBMISSIONS WILL NEVER BE SHARED WITH A
THIRD PARTY.</p>
</li>
<li>
<p>
<strong>How do We handle Your Payment data when You subscribe to Our Services?</strong>
</p>
<p>
<i>[For some institutional versions of Wysa App, Wysa App may provide links to support
from the institution’s EAP service or health provider, in which case their terms and Privacy Policy will apply.]</i>
</p>
<p>If You choose to purchase or Use a fee-based Service and pay for such Service by means of
in-app purchases via iTunes or Google Play, We do not collect, retain and store Your
personal, financial and credit/debit card data.
This is because Your card settlements
including card and personal details will be handled by appropriate third-party payment
agencies.</p>
<p>We do not not collect any personal data from the play stores post-purchase.
Only the
payment confirmation and subscription details get collected from the play store and
processed (collect, transmit and store) by Us.
Processing of this data is for Our
Legitimate Interest to support You for any payment or subscription related requests,
issues or clarifications.</p>
</li>
<li>
<p>
<strong>What do We process when You follow Us on Instagram</strong>
</p>
<p>You have the option to follow Us in Instagram Using Your Instagram account by going to
Wysa App settings.
You can set up an Instagram account, if You do not own one and follow
Us at @wysa_buddy.
WE DO NOT ASSOCIATE YOUR INSTAGRAM ACCOUNT WITH YOUR
WYSA APP ACCOUNT.</p>
</li>
<li>
<p>
<strong>What data do We process for the purposes of Our Legitimate Interest?</strong>
</p>
<p>We Use Legitimate Interest basis to process Your data in a way which might reasonably be
expected as part of running Our business and which does not materially impact Your
rights, freedom or interest.
When providing Our Services, We may process Your data based
on Our Legitimate Interest for the following purposes.</p>
<ul>
<li>To create a pseudonymized random user identifier from Apple App Store or Android Play
store identifier.
</li>
<li>To do our best to irreversibly redact any Personally Identifiable data inadvertently
submitted by You;</li>
<li>To monitor, detect and deter unauthorized or fraudulent Use of or abuse of the
Service;</li>
<li>For Uses and disclosures required by law;</li>
<li>For disclosures for judicial and administrative proceedings;</li>
<li>For disclosures for law enforcement purposes;</li>
<li>For Uses and disclosures for public health reporting purposes;</li>
<li>For Uses and disclosures to avert a serious threat to health or safety to You, Us,
or others;</li>
<li>For improving and/or optimizing Our Service quality, safety and performance;</li>
<li>To enable Us to troubleshoot and provide customer support, and to respond
effectively to Your inquiries and claims;</li>
<li>For purposes of research and statistical analysis;</li>
<li>For sending limited in-app and push notifications such as service information,
service reminders and service promotions;</li>
<li>
For purposes of servicing You towards Wysa’s Gift Card program.
</li>
<li>To allow migration of Your Wysa app data when You change Your mobile device;</li>
<li>To accurately and positively identify Your Personal data at Your request when
exercising Your data protection rights;</li>
</ul>
<p>You have the right to object to any of the above processing.
Please read here on Your rights.</p>
</li>
<li>
<p>
<strong>What do We process when You use the Android speech-to-text feature?</strong>
</p>
<p>During Use of Wysa App, You may get an opportunity to talk with the Bot apart from typing.
For Android phone Users of Our Service, You will need to give permission to activate Your
device Mic to speak to the Bot.
On Mic activation, the Google Android provided Speech
Software Development Kit (SDK)/API within Your smartphone device gets initiated.
The Android
SDK/API converts Your speech to text and displays the text in Your chat.
The converted text
data is securely transferred to Our secure servers.
We <u>do not</u> get access nor collect
nor
store Your voice data in Our servers.
No Personal data gets asked during use of this
Service.
Please <u>do not</u> share Your Personal or sensitive Information at any
time during use
of this Service.
The Mic is deactivated when You stop speaking and will not be always
listening.
The lawful basis for processing of Your transcribed text is governed by this
Agreement.
The processing of Your voice for the purpose of converting to text is performed
by Android SDK/API which is governed by Google’s Terms and Condition and Privacy Policy.
Google may collect some Identifiers and Information from You to provide their service for
which You are subject to Google’s terms and conditions and Privacy Policy.
You can read
Google’s Privacy Policy here.
We do not
access,
receive or collect any identifiers and information that is collected by Google.
PLEASE SPEAK
CLOSE TO THE DEVICE MICROPHONE FOR IMPROVED TRANSLATION.
If you accidentally submitted any
Personal Information, please write to us for any rectification at the contact provided here.
</p>
<p>
The same Android SDK/API playback the BOT message for You.
PLEASE ENSURE YOUR MOBILE DEVICE
VOLUME IS KEPT IN OPTIMAL LISTENING MODE.
Please note that You may experience some
performance issues if You have low internet speeds.
You have the Right to be Forgotten.
You can also, at any point of time, clear all Your
provided data by using the “reset my data” feature available in the Wysa App settings.
Refer
here in our Policy for more details.
</p>
</li>
<li>
<p>
<strong>How do We handle Your data when used for Research purposes?</strong>
</p>
<p>
We use minimal non-longitudinal data for research and statistical analysis purposes and
towards peer-reviewed publications.
This data is completely anonymized by way of de-
identification using non-identifying one-way cryptographic functions prior to use.
Here, the
pseudonymized user identifiers are deidentified so as to completely anonymize Your data.
As a policy, we never use Your entire longitudinal conversation messages, provided either to
the Bot or to Our Coach/Therapist, for research.
If at all, We only use limited PII redacted
conversation message data collected at random and specific bot endpoints for research and
statistical analysis.
Any research performed by Our Coach/Therapist on Your provided data
during Coach/Therapist Service, is based on informed consent taken from You.
For research conducted by independent researchers or Institutions, only aggregated and
minimal de-identified data of the research participant is shared basis Your consent and
approval received by the researcher or Institutions from their Institutional Review Board
(IRBs).
We sign a Collaboration and Data Sharing Agreement with the researcher or
Institution which includes data protection clauses before sharing any de-identified
aggregate
data.
<br>
You can always write to us at wysa@touchkin.com or hello@wysa.ai to restrict processing of Your data for Research purposes.
</p>
</li>
<li>
<p>
<strong>What data do we process as part of Gift Card purchase?</strong>
</p>
<p>
When You purchase a “Gift Card” from Us, You will be asked by the payment gateway to
provide Your email address and phone number for the purpose of creating a payment
account, payment processing and verification.
Payment Processing and verification is based
on payment gateway’s Terms of Service and Privacy policy.
The Payment security practices
followed by the Payment Gateway is outlined here and their Responsible Disclosure Policy
.
On successful payment confirmation from the payment gateway, We will issue the Gift
codes on the payment completion screen, which You can then forward to the Recipient to
avail Gift Card services as per Wysa Terms of Service.
Your card settlements including
payment card and personal details will be handled by the payment gateway provider as per
their Terms and Privacy Policy.
Your Personal Information including Card details will not be
collected or stored at Our end.
Only the payment confirmation,
such as Order Identifier, receipts, gets collected from the Payment Gateway provider and processed (collect, transmit and store) by Us.
Processing of
this data is for Our Legitimate Interest to support You for any payment related requests,
issues or clarifications.
If You have any questions regarding Your Gift Card please write to
us
at wysa@touchkin.com or hello@wysa.ai.
</p>
</li>
<li>
<p>
<strong>What additional processing is performed?</strong>
</p>
<p>
There is no additional or different processing performed beyond the purpose for which Your
data was collected as mentioned here from a to v.
If there is any
additional or different
purpose for processing we will always inform these transparently to You by mentioning it in
this Privacy Policy.
We will notify You when we make a change in Our policy.
Please read
this Privacy Policy from time to time.
</p>
</li>
</ol>
<p>
</p>
<p>
</p>
<p>How does Touchkin protect Your data?</p>
<p>To fulfil Our commitment to respecting and protecting Your privacy and the confidentiality of
Your Personal data, Touchkin has implemented industry-standard security safeguards to
prevent unauthorized access or disclosure, misuse, alteration or destruction of Your data.
More specifically, We will comply with all applicable data protection and security laws in
order to assure confidentiality, availability, integrity, privacy and security of Your data.
</p>
<p>We do not ask for any User registration or account profile creation during the setup of the
app.
We collect, transfer and securely store the vendor specific ID provided by the Apple
App Store or Android Play store when You install Wysa App on Your device.
This is done for
the purpose of generating a random pseudonymised user identifier.
This pseudonymised
identifier generated becomes the userId that is referred to for all subsequent data
transfers and linking within the Wysa databases.
All Your data is encrypted by strong AES-256 protocols and securely
stored.
This processing is based on Our Legitimate Interest.
You always have the Right to be
Forgotten.
You can at any point of time, clear all Your provided data including all
identifiers by Using the “reset my data” feature available in the Wysa App settings.
Refer
here in our Policy for more details.
</p>
<p>Inadvertently collected personal data may be transferred outside the country before being
automatically detected and irreversibly redacted in 24 hours.
All data transmitted from Your
mobile device to Our servers are encrypted using strong TLS protocols via Secure Socket
Layer (SSL).
Data is transmitted to Our secure database servers using TLS and Salted
Challenge Response Authentication Mechanism (SCRAM) and encrypted at-rest using AES-256
protocols.
Our Infrastructure is managed by MongoDB ATLAS and Amazon Web Services (AWS).
Both MongoDB and AWS are industry leaders in the provision of hosting Services.
You can find
out more about AWS GDPR compliant security program and controls here.
We
operate Our databases on Mongodb Atlas to provide secure storage with end-to-end encryption.
You can find out more about Mongodb Atlas GDPR compliant security program and controls here and here.
Access to stored data is protected by multi-layered security controls including firewalls,
role-based access controls, Multi-factor authentications and strong password policies.
We
carry out technical, privacy and security due-diligence before finalizing and signing
agreement with sub-processors.
We have a rigorous hiring process including reference checks
for all employees, subcontractors and consultants.
All Wysa staff members directly
interacting with the user and building the product have to complete the basic GDPR and HIPAA
awareness training at the time of joining the company.
We have information privacy and security policies aligned to ISO 27001: 2013 (ISMS) and ISO 27701: 2019 (PIMS) global standards
and have put procedures in place that provide for adequate security controls.
Twice a year we conduct Vulnerability Assessment and Penetration testing (VAPT) of our Apps and Infrastructure to ensure no vulnerabilities exist in our Information System.
On an annual
basis we conduct an internal security audit to ensure compliance to Our policies and
procedures.</p>
<p>Because no method of electronic transmission or method of data storage is perfect or
impenetrable, We cannot guarantee that Your data will be absolutely safe from intrusion
during transmission or while stored in Our systems.
To help protect Your privacy and
confidentiality of Your data, We also need to ask for Your cooperation regarding the
following: Please do not copy and transmit Your chat conversations, well-being data and/or
Personal data with other people.
Also, please notify at the contact information provided here, in the event You suspect any unauthorized Use of Your account
or any other
breach of security.
</p>
<p>
</p>
<p>Where is Your data transmitted and stored?</p>
<p>To provide the Service in a reliable and responsible manner, Touchkin stores all Your data on
secure Virtual Private Cloud servers physically located in the USA.
All communication
between the processing and storage Virtual Private Cloud servers are established over secure
Virtual Private Cloud peering networks.
We have taken appropriate safeguards by contracting
with our sub-processors, MongoDB and AWS which includes standard contractual clauses
approved by the European Union (EU) data protection authorities.
</p>
<p>
</p>
<p>How long do We retain Your data including Personal
data?</p>
<p>Inadvertently received personal data from the Wysa app will be in the system for a maximum of
24 hours before being processed for irreversible redaction as outlined here.</p>
<p>Touchkin retains Your data with appropriate redactions of any potential personal identifiable
information.for the length of time needed to fulfil the Agreement or to fulfil any of the
applicable purposes mentioned as Our Legitimate Interest, or to comply with requirements of
applicable Data Protection or consumer Laws.</p>
<p>We may retain Your data with appropriate redactions of any potential personal identifiable
information.
even after Your subscription ends if retention is reasonably necessary.
This
could be in situations where We need to comply with applicable Data Protection or consumer
Laws, or on request of a returning subscriber, or to provide and complete customer support
Service, or to detect and deter unauthorized or fraudulent Use of or abuse of the Service.
Where not specified we retain Your data for a maximum of 10 years since receipt and as per our Information Retention policies.
</p>
<p>You have the Right to be Forgotten.
You can also, at any point of time, clear all Your
provided data by Using the “reset my data” feature available in the Wysa App settings.
Refer
here in our Policy for more details.</p>
<p>
</p>
<p>
</p>
<p>Does Touchkin Use 3rd party Service providers or
agents?</p>
<p>To facilitate and provide You with the Service, it sometimes is necessary for Touchkin to
request third party service providers or agents to help Us process and/or store Your data.
We strictly evaluate the Service providers and agents, and We make every effort to ensure
that they have established appropriate and secure data administrative, organizational and
security control of their systems, and We strictly require that they comply with
confidentiality and non-disclosure obligations and applicable laws and regulations including
relevant Data Protection Laws.
We also require that they access Your data only to the extent
necessary to perform tasks on Our behalf.
</p>
<p>WE COMPLY WITH DATA PROTECTION LAWS BY HOLDING AGREEMENTS WHICH INCLUDES DATA PROCESSING
ADDENDUM (DPA) WITH ALL OUR 3RD PARTY DATA SUB-PROCESSORS.
IN OUR ROLE AS A DATA CONTROLLER
OR AS A BUSINESS ASSOCIATE.
WHERE APPLICABLE, WE ALSO HAVE SIGNED BUSINESS ASSOCIATE AGREEMENT (BAA) TO COMPLY WITH HIPAA REQUIREMENTS.</p>
<p>Both Our 3rd party data sub-processors (MongoDB and AWS) get periodically audited by
independent auditors for platform security, privacy and compliance controls.
Some of the
Compliance includes ISO27K, SOC2 Type II, FIPS 140-2.</p>
<p>
</p>
<p>
</p>
<p>Does Touchkin share Your data with third parties?
</p>
<p>Other than as described in this Privacy Policy and, where relevant, other applicable privacy
policies or addendums, Touchkin will never provide Your conversational data to any third
parties without Your explicit consent, unless We believe in good faith that We are required
or permitted to do so under applicable contracts and laws, or to protect and defend
Touchkin’s rights and/or property.
</p>
<p>We do not collect any Personally Identifiable Information from You.
At the same time, We do
use anonymised and only the minimal data that is required to answer the research question
for research and statistical purposes based on Our Legitimate Interest to improve Our
product and contribute to the development of user-centered mental wellbeing best practices
globally.
We also use third parties to tag and/or translate anonymized and only minimal conversation messages to continually improve the performance of our rule-based AI/NLP algorithms based on Our Legitimate Interest to provide the Bot Service and to keep improving and/or optimizing Our Service quality, safety and performance.
As required by Data Protection Laws and as per the Non-Disclosure agreements
executed with data sub-processors, third-parties, health psychologists and well-being Coaches
and research partners, they are required to protect the data shared with them and are
required to keep Your data private and secure.</p>
<p>In the future, if We are involved in the transaction of a merger, acquisition, sale of
assets, business reorganization, bankruptcy, We may sell, transfer or otherwise share some
or all of Our assets which may include Your data.
However, in such an event of sale or
transfer, We shall reasonably ensure that Your data collected and stored by the Us is stored
and Used by the transferee in a manner that is consistent with this Privacy Policy.
Any such
third party to whom We transfer shall have the right to continue to Use the data that You
provide to Us or collected by Us immediately prior to such transfer or sale.
On completion
of the sale or transfer, the Privacy Policy of the third party shall apply with respect to
Your data.
To stay updated about such business transactions, please read this Privacy Policy
from time to time.
</p>
<p>
</p>
<p>
</p>
<p>What are Your data protection rights?</p>
<p>You have certain rights under the Data Protection Laws in relation to Your Personal data.
Any
inadvertently obtained Personal data is auto-redacted within 24 hours in Our systems.
Beyond
that, for the non-personal data held by Us We do provide You the following rights.</p>
<p>We have tried to make it as easy as possible for You to have control over Your data.
To
exercise any of Your rights, You will need to send an email request from Your Google or
Apple email ID to the contact information provided here.
Please note
that We may
require to verify You before responding to any requests to exercise Your rights.
We may also
limit Your individual rights requests (a) where denial of access is required or authorized
by law.
(b) when granting access would have a negative impact on other's privacy.
(c) to
protect our rights and properties.
or (d) where the request is unjustified or excessive.</p>
<p>
<b>Right to rectification and Right to restrict processing</b>
</p>
<p>You will need to send an email request with reasons from Your Google or Apple email ID to the
contact information provided here at any time to rectify or restrict
processing
of Your data basis the Agreement.
Touchkin will provide You with a request form that You
will need to fill and submit back to Us via email.
After verifying You and examining Your
request, We will respond to You over email on the action decided and/or taken within one
calendar month from verification.
We may at times be unable to address Your request, if We
are unable to correctly identify You.</p>
<p>
<b>Right to object</b>
</p>
<p>You have the right to object to processing of Your data only for the purposes listed here, basis Our Legitimate Interest, by sending Us an email
request with reasons from
Your Google or Apple email ID to the contact information provided here.
After
verifying You and examining Your request, We will respond to You over email with our
decision and/or action taken within one calendar month of receipt of request.
We may at
times be unable to address Your request, if We are unable to correctly identify You.</p>
<p>
<b>Right of access</b>
</p>
<p>You always have the access to view Your latest conversations with the Bot or view Your older
conversation messages within the Journey tab of the Wysa App.
All Your sessions with a Wysa
Well-being Coach or Wysa Therapist are also accessible through the Coach or Therapist tab
within the Wysa App.
</p>
<p>
Due to limited functionality within the Web browser based Wysa App, You may not be able to
view Your past conversations with the Bot.
If You want to access Your past conversations,
You will need to send Us an email request to the contact information provided here.
After verifying You and examining Your request, We will
respond to You over email on
the action decided and/or taken within one calendar month from verification.
We may at times
be unable to address Your request, if We are unable to correctly identify You.
</p>
<p>IF YOU EXERCISE YOUR RIGHT TO BE FORGOTTEN AND RESET YOUR DATA, YOU WILL LOSE THE RIGHT TO
ACCESS YOUR DATA AS IT WILL BE PERMANENTLY DELETED..
</p>
<p>You can also access your other Personal data collected such as vendor specific ID provided by
the App/Play store, mobile operating system, OS version, device make and model.You will need
to send an email request with reasons from Your Google or Apple email ID to the
contact information provided here.
at any time, if You have any
further questions
around access to Your Personal data.
Touchkin will provide You with a request form that You
will need to fill and submit back to Us via email.
After verifying You and examining Your
request, We will respond to You over email on the action decided and/or taken within one
calendar month from verification.
We may at times be unable to address Your request, if We
are unable to correctly identify You.</p>
<p>
<b>Right to data portability</b>
</p>
<p>If You replaced Your mobile device that had the Wysa App installed and You are a paid
subscriber of Our Services, You can place a request along with Your subscription receipt and
the reasons to transfer Your data from Your older device to Your replaced mobile device.
If
You are not a paid subscriber, We will need to accurately verify You, before we can process
Your request.
You can also place a request to receive a digital copy of Your data in a
machine readable format.
We may charge You a small fee for this Service.</p>
<p>You will need to send an email request with reasons from Your Google or Apple email ID to the
contact information provided here.
After verifying You and examining
Your request,
We will respond to You over email with our decision and/or action taken within one calendar
month from verification.
We may at times be unable to address Your request, if We are unable
to correctly identify You.
</p>
<p>
<b>Right to Erasure or Right to be Forgotten</b>
</p>
<p>When You Use the Service, You have the option to reset Your data in the Wysa App by using
the “Reset my data” feature in the Wysa App settings.
Reset my data, automatically
without any manual intervention, clears all Your conversation messages, clears Your
completed tools, clears reminders or any enabled settings or activities and
well-being-related assessment responses.
Your identifiers will be permanently redacted
from
Our Database.
YOU CANNOT REVERSE OR RECOVER YOUR PAST DATA POST A RESET.
</p>
<p>You will need to send an email request with reasons from Your Google or Apple email ID to
the contact information provided here, if You have any further
questions
around Your right to be forgotten.
After verifying You and examining Your request, We
will respond to You over email on the action decided and/or taken within one calendar
month from verification.
We may at times be unable to address Your request, if We are
unable to correctly identify You.</p>
<p>
<b>Right to authorize and unauthorize Your data with Your Well-being Coach or
Therapist</b>
</p>
<p>
<i>[This section applies only to the conversations with a Wysa Well-being Coach or Wysa
Therapist.
For some institutional versions of Wysa App, Wysa App may provide links
to support from the institution’s EAP service or health provider, in which case
their terms and Privacy Policy will apply.]</i>
</p>
<p>When You Use the Wysa Well-being Coach Service or Wysa Therapist Service, You have the
option to either share or stop sharing access to specific data with the Wysa Well-being
Coach or Wysa Therapist.
Data that can be shared includes assessment scores and activity
with the Bot.
This feature can be activated or deactivated at any time during Your
conversation by Using the “Authorize/Unauthorize Well-being Coach” feature in the Wysa
App settings.
</p>
<p>
You can also opt-in or opt-out of sharing your Wysa Bot messages with Your Coach or
Therapist by typing #sharechat in the Wysa Bot.
</p>
<p>
<strong>Do California residents have specific privacy rights?</strong>
</p>
<p> This section provides additional disclosures required by the California Consumer Privacy
Act
(or “CCPA”).
California law permits Users who are California residents to request and
obtain from Us
once a year, free of charge, a list of the third parties to whom We have disclosed their
Personal data (if any) for direct marketing purposes in the prior calendar year, as well
as the type of Personal data disclosed to those parties.
Please note that Wysa does
not share or sell Personal data You may provide when using Our Service with third
parties for direct marketing purposes as a matter of policy.
Subject to certain
limitations and exceptions, California based
Users can still write to Us at the contact information provided here to know
more details about specific pieces of personal information they would have shared, to
delete
their personal information, to opt out of any “sales” that may be occurring, and to not
be discriminated against for exercising these rights</p>
<p>
After verifying You and examining Your request, We will respond to You over email on the
action decided and/or taken within 45 calendar days from verification.
We may at times
be
unable to address Your request, if We are unable to correctly identify You or due to any
of
the limitations and exceptions provided within CCPA.
</p>
<p>
<strong>What are the controls for Do-Not-Track features?</strong>
</p>
<p>Do Not Track (“DNT”) is a privacy preference that Users can set in certain web browsers.
We do not respond to DNT signals transmitted by web browsers.</p>
<p>
<strong>Right to Breach notification</strong>
</p>
<p>In addition to the right to request disclosures of Your data specified in the Right to
access above, We will notify You as required by Data Protection Laws if there has been a
breach of the security of Your identifiable Personal data within 72 hours of breach
confirmation.</p>
<p>
<strong>Concerns and Complaints</strong>
</p>
<p>If You have any concerns or grievances about this Privacy Policy You will need to send an
email request from Your Google or Apple email ID to wysa@touchkin.com or hello@wysa.ai with Attn.
to our Data Protection
Compliance Officer Mr.
Vinod Subramanian and Our Co-founder Mr.
Ramakant Vempati.
We
will respond to You within 48 hours and help resolve Your concerns or complaints.</p>
<p>If You are not satisfied with Our resolution, You have the right to complain to a Data
Protection supervisory authority in Your country or state of residence.
We will fully
cooperate with the supervisory authority.
Contact details
for Data Protection Authorities in the EU are available here.
</p>
<p>
</p>
<p>
</p>
<p>Can children under 13 use Wysa App?</p>
<p>The Wysa App is intended for a general audience and is not directed to or intended to be Used
by children under the age of thirteen (13) years.</p>
<p>We understand the special necessity to protect children's privacy on Wysa App, and We do not
knowingly collect any Personal data from children.</p>
<p>If, however, as a legal Parent or guardian, You believe We have collected any Personal data
of Your child, then You will need to send an email request from Your Google or Apple email
ID to the contact information provided here.
After verifying You and
examining
Your request, We will respond to You over email on the action decided and/or taken within
one calendar month from verification.
We may at times be unable to address Your request, if
We are unable to correctly identify the User.
If We have inadvertently collected Personal
data from Your child, We will deactivate the relevant account(s) upon identification and
will take reasonable measures to promptly delete such Personal data from Our records.</p>
<p>Please be responsible and do not share or Use Your credit/debit card or other payment
instrument with Your child to make any in-app purchase.
</p>
<p>
</p>
<p>
</p>
<p>Who can You contact for additional questions,
comments or concerns?</p>
<p>For any product, services, subscription, technical or payment-related issues, please contact
Us from Your Google or Apple email ID to wysa@touchkin.com or hello@wysa.ai with Your questions.
</p>
<p>Our mail address for all communication is: </p>
Touchkin eServices Private Limited<br>
1st Floor, Manjusha, No 532<br>
16th Cross, 2nd Main Road, 2nd Stage<br>
Indiranagar, Bengaluru, 560038<br>
Karnataka - INDIA<br>
<p>
</p>
<p>
</p>
<p>Can Non-English speaking users use the Wysa App?
</p>
<p>The Wysa App has been built and is currently provided only for English language users.
</p>
<p>To ensure wider reach, Touchkin will, in the near future, launch Wysa in other international
languages.
We will keep You updated of this development.</p>
<p>
</p>
<p>
</p>
<p>What are some Best Practices to follow to keep
Your devices secure?</p>
<p>You are also responsible for helping to protect the security of Your Personal data.
You are
responsible for maintaining the security of any personal computing device on which You
utilize the Services.</p>
<p>US Federal Trade Commission (FTC) publishes information for Users on how to secure Your
personal data and devices.
These can be found at the following public link.
</p>
<p>FTC
- How to Keep Your Personal Information Secure</p>
<p>Touchkin strongly believes in security and safety of data in Your mobile device.
As a
responsible Service provider, We therefore like to share important device based security
data for Your attention.
These have been sourced from US FTC best practices and guidelines.
Always refer back to the US FTC link provided above for more details and future security
updates.</p>
<ul>
<li>Always lock Your mobile screen by setting a password.
Use strong passwords and keep
passwords private.</li>
<li>Always extend Your mobile screen password to set a Wysa App PIN to keep Your
conversations with Wysa App private.</li>
<li>Always keep Your mobile operating system up-to-date.</li>
<li>Enable remote access of Your devices to enable You to locate
and control Your devices remotely in the event Your device gets stolen.</li>
<li>Install anti-virus software to protect against virus attacks and infections </li>
<li>Avoid phishing emails.
Do not open files, click on links or download programs from an
unknown source.</li>
<li>Be wise about Using Wi-Fi.
Before You send Personal and sensitive data over Your laptop
or mobile device on a public wireless network in a coffee shop, library, airport, hotel,
or other public place, see if Your data will be protected.</li>
</ul>
<p>
</p>
<p>
</p>
<p>Changes to this Privacy Policy</p>
<p>We may modify Our Privacy Policy from time to time for various reasons including to improve
Our privacy practices, to ensure Our Users Right to be Informed, to reflect changes to Our
Service, and to comply with relevant laws.
If and when this policy is changed, We will post
the new notice on our Website and Wysa App and notify You through an in-app notification
automatically or as otherwise required by relevant law.
It is Your responsibility to check
Our Website and Wysa App periodically for updates or changes to Our policy.
We encourage You
to review changes carefully.
If the changes to the Privacy Policy include
changes to the collection, storing or processing Your Personal information in a way that
infringe into your privacy, we will notify you clearly about the same and seek your consent
for the same where required by the applicable laws and regulations.
If You agree to the
changes, then please continue to Use Our
Service.
If You, however, do not agree to any of the changes and You no longer wish to Use
Our Service, You may choose to unsubscribe Service or uninstall Our App.
Continuing to Use
Our Service after a notice of change has been communicated to You or published on Our
Service constitutes Your acceptance of changes and consent to the modified Privacy Policy.
</p>
<p>
</p>
<p>
</p>
<p>Severability and Exclusion</p>
<p>We have taken every effort to ensure that this Privacy Policy adheres with the applicable
laws, including Data Protection Laws.
The invalidity or unenforceability of any part of this
Privacy Policy shall not prejudice or affect the validity or enforceability of the remainder
of this Privacy Policy.
This Privacy Policy does not apply to any data other than the data
collected by Touchkin while providing the Services.
</p>
<p>
</p>
<p>Changes Log</p>
<p>
<b>v3.2.0 | Apr 19, 2021</b>
</p>
<b>Updates</b>
<ul>
<li>
Additional clarity on handling data where Wysa App is integrated with Your Institution system
</li>
<li>
Additional clarity on use of minimal and anonymous conversation messages for improving performance of Bot algorithms
</li>
<li>
Additional information around security controls and alignment to ISO 27001: 2013 and ISO 27701: 2019 global standards
</li>
<li>
Additional clarity on anonymized and minimal data shared with third parties
</li>
</ul>
<b>Removed</b>
<ul>
<li>
Video Call- based experimental Coach/therapist Service has been currently discontinued.
Section “What do we process when You use the Video Call Service?” removed
</li>
</ul>
<br>
<p>
<b>v3.1.0 | Feb 10, 2021</b>
</p>
<b>Updates</b>
<ul>
<li>
Additional clarity on the retention of data.
</li>
<li>
Additional data processed from Institution users in section “What additional data do We collect from Institution Users?”
</li>
</ul>
<br>
<p>
<b>v3.0.0 | Feb 03, 2021</b>
</p>
<br>
<b>Overall</b>
<ul>
<li>An overall review and necessary updates were made to align Privacy Policy to ISO/IEC 27001:2013 (Information Security Management System) and ISO/IEC 27701:2019 (Privacy Information Management System).
</li>
</ul>
<b>Additions</b>
<ul>
<li>
Included “For purposes of servicing You towards Wysa’s Gift Card program” as a Legitimate Interest basis.
</li>
<li>
Three new subsections added at the end of “What Data do We collect and how do We Use it?” <br>
<br>
<ol>
<li>What do we process when You use the Video Call Service? (experimental service for android users only)</li>
<li>How do We handle Your data when used for Research purposes?</li>
<li>What data do we process as part of Gift Card purchase?</li>
</ol>
</li>
</ul>
<b>Updates</b>
<ul>
<li>
Included details on use of branch.io and mailgun third party analytics software services.
</li>
<li>
<b>
</b> UK GDPR mentioned as another regulation requirement for this Privacy Policy.
</li>
<li>
Additional items included in “Definition” Section.
</li>
<li>
Additional clarity on need for parental consent for those between 13 and 18 years in “Who can use the Service” Section.
</li>
<li>
Updated link to Wysa Cookie Policy in “Do we use Cookies?” Section.
</li>
<li>
Additional clarity on the retention of data
</li>
<li>
Additional clarity on “Do California residents have specific privacy rights?”
</li>
<li>
Additional clarity on “What are the controls for Do-Not-Track features?”
</li>
<li>
Additional clarity on changes to privacy policy
</li>
</ul>
<b>Removed</b>
<ul>
<li>
Section “Governing Law and Dispute Resolution” to align with EU GDPR laws
</li>
</ul>