DashLX Privacy Policy

1. Your Consent

Your access to and use of our Service is subject to our Terms of Use and this Privacy Policy and all applicable laws. By accessing or using our Service in any way, you consent to our Terms of Use and our Privacy Policy. We encourage you to read all sections of both carefully.

2. Information Collection & Usage

2.1 Why Data Is Collected

We collect your data to provide and improve the Service. Our goals in collecting and sharing data are to provide value to individual users like you, to generate new scientific discoveries, and to provide you, by sharing some or all of your data with one or more of our Partners, with access to better events, products, services and experiences. When we share your data with third parties, we always do it with your explicit consent, and with the expectation that this sharing will help achieve one or more of these goals. To the extent that you feel that we are not achieving these goals we encourage you to contact us with your concerns and/or to cease using our Services.

2.2 Types of Data Collected

While you are using our Service, with your consent we obtain your data from several sources as follows.

2.2.1 Platform Data

We collect information from the devices and apps you connect to our platform (“Platform Data”) in the course of using the Service. For example, you may connect your smartwatch or mobile phone account to our platform and information from these devices and apps will be passed along to our platform via an API.

We also gather the information that you directly input or share on the Service, including information from features such as Daily Diary comments. To the extent you email us or participate in a survey or other communication we initiate, we gather that information as well.

When you make a payment to us, you may provide payment information such as your payment card or other payment details. Note that we use Payment Card Industry compliant third-party payment services and we do not store your credit card information.

2.2.2 Usage Data

We may collect information related to how you access and use our Service and Supplemental Service ("Usage Data"). This Usage Data may include information such as your computer's Internet Protocol address (e.g., IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers, and other diagnostic data.

2.3 Uses of Collected Data

2.3.1 Our use of your data

We use your data that we collect for a variety of purposes, including to:

1. provide and maintain the Service, and the Supplemental Service.
2. notify you about changes to our Service.
3. deliver instructions, updates, tips, and other relevant information you choose to receive.
4. allow you to participate in interactive and/or personalized features of our Service and our Supplemental Service.
5. allow you to participate in activities and events that we support, to the extent that you explicitly opt into them
6. allow you to participate in User Groups and other relationships with companies with which we partner, to the extent you explicitly opt into these relationships.
7. facilitate or conduct research, or publish scientific content.
8. provide customer care and support.
9. improve our Service performance, layout, and features through better understanding of users and usage patterns.
10. monitor the usage, performance, and security of the Service.
11. prevent, detect, and address technical issues.

2.3.1 Our sharing of your data with third parties and their approved use of your data

2.3.1.1 Partners’ User Groups

We may occasionally give you the opportunity to participate in User Groups that one of our Partners has asked us to establish, in exchange for your sharing your data with your partner.

We may share different types of user data with Partners. For instance, in some instances, we may share data that, on its own, is sufficient to identify you. Examples include your name, your email address, your date of birth, your street address, and so on. We may also share data that consists of everything else you generate individually. Data in this category, on its own, is insufficient to identify you but, combined with other data you provide, may become sufficient to identify you. Examples of data in this category include your age, zip code, gender, and activity data.

Finally, we may aggregate and summarize your data with that of other users to create anonymized pools of data. This type of data cannot be disaggregated and attributed back to individual users.

If you choose to join a User Group to receive the Supplemental Services that are available to members of that User Group, we may ask you for your consent to our sharing different types of data with the relevant Partner, and/or to our aggregation of your data into the data that we share with that Partner. In each instance, the information that we ask you to share will be specified at the time that you consent, and you may modify or terminate your consent at any time by visiting your personal Profile page, which you can find via the link at https://www.dashlx.com/manage-connections/

At any time, you can review the User Groups in which you have chosen to participate in your DashLX profile, and the data that you are sharing with us and with each Partner as a result. In that same DashLX profile you can change the User Groups in which you participate and the data you share.

To the extent you have asked us to share your data with a Partner, you should familiarize yourself with that Partner’s privacy policy and terms of use. Partners with whom we share data have agreed to our Partner-level terms of service. These include their agreement to comply within a reasonable period of time with requests from you that we relay to them regarding the use of your data.

2.3.1.2 Our Service Providers

We may employ third-party companies and individuals to facilitate our Service ("Service Providers"), to provide the Service on our behalf, to perform Service-related services, or to assist us in analyzing how our Service is used. Service Providers have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose. Your Personal Data will not be sold, exchanged, transferred, or given to any third party without your consent, other than for the express purpose of delivering the Service.

We may use Service Providers to monitor and analyze the use of our Service.

2.3.1.3 Our Cookies Policy

Our policies regarding our use of cookies are specified in our “DashLX Cookie Policy”, which you can find at https://www.dashlx.com/cookies

2.4 Protection of Data

2.4.1 Security Measures

The security of your data is important to us, and we work hard to protect your information. We strive to take reasonable and commercially appropriate measures to protect Personal Data from loss and misuse of any kind. Note that no method of transmission over the Internet or method of electronic storage is 100% secure, and that we cannot guarantee absolute security.

2.4.2 Transfer of Data

Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.

If you are located outside of the United States and choose to provide information to us, please note that we transfer the data, including Personal Data, to the United States and process it there.

Your consent to this Privacy Policy and any subsequent submission of your information represents your agreement to that transfer.

We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy, and to ensure that no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place, including the security of your Personal Data.

2.4.3 Disclosure of Data

We may disclose your Personal Data in the good faith belief that itis necessary to:

• comply with a legal obligation.
• protect and defend the rights or property of DashLX
• prevent or investigate possible wrongdoing in connection with the Service.
• protect the personal safety of users of the Service or the public.
• protect against legal liability.

Except as detailed elsewhere in this policy, we do not disclose a user’s Personal Data to any third-party for such third-party’s direct marketing purposes.

2.4.4 Third-Party Links

Our Service may contain links to other websites or services that are not operated by us. Additionally, other users may provide you with links to third party websites or applications. If you click on a third-party link, you will be directed to an external site or service. We have no control over and assume no responsibility for the content, policies, or practices of any third-party sites or services. We strongly advise you to review the policies of every site or service you visit.

2.5 Your Access To & Control Of Collected Data

As a user of our Service, you may review, alter, or remove your Personal Data in a number of ways.

• Personal information and some Platform Data can be directly accessed, added, removed, updated, or corrected by logging into the Service and navigating to the Profile page.
• You can manage our ability to continue collecting Platform Data by managing the devices and services you have linked to our platform. These connections and authorizations can be disabled at any time on your profile page to prevent further transfer of information from your devices and services to us (e.g., data we obtain from Garmin Connect via their API).
• You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent.
• You can change or cancel any instructions you have given us regarding your desire to share data with a Partner by updating your preferences on the profile page of your DashLX account.
• Upon your written request – and after verifying your personal identity in association with such request – we will remove or alter personal information from our database.

3. Specific Notices

3.1 Children’s Data

Our Service is not directed at nor intended for anyone under the age of 13: use of our Service is strictly limited to users that are 13 years of age and older. We do not knowingly collect or store any information or Personal Data for anyone under the age of 13. By accessing or using our Service, you represent that you are at least 13 years of age.

If you are a parent or guardian of a child under age 13 who has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from any child under age 13, we take steps to remove that information from our servers.

3.2 EU Residents’ Rights: GDPR

As an individual residing in the European Union (EU), you have the following rights associated with our use of your Personal Data under the EU’s (EU) General Data Protection Regulation (GDPR):

• rectify or edit incomplete or incorrect Personal Data
• withdraw consent for us to process or use your Personal Data in a particular way, or at all
• ‘be forgotten’ by having your Personal Data deleted from our current records
• obtain a copy of the Personal Data that we have retained and processed
• direct us to transfer your Personal Data to another data controller

Note that exercising these rights may impact the accessibility and functionality of the Service, as many aspects of access and usage are dependent upon the use of Personal Data. If you wish to exercise any of these rights, please contact us via email using the contact information below with the details regarding your specific data request.

3.3 HIPAA

We are not a healthcare provider and are not a “covered entity” as that term is defined In the the Health Insurance Portability and Accountability Act of 1996 (HIPAA). As a result, we are not subject to the security and privacy provisions of HIPAA regarding medical information.

3.4 “Do Not Track”

Some internet browsers incorporate a “Do Not Track” (DNT) feature that signals to websites you visit that you do not want to have your online activity tracked. Our Service does not currently register, respond to, or modify its practices when it receives DNT signals.

3.5 California Residents’ Rights: CCPA

Californian users of DashLX have additional rights afforded to them under the California Consumer Privacy Act (CCPA). These rights, and how we address them, may be found elsewhere in this Privacy Policy as follows:

• For more details about the personal information DashLX has collected in the past year, please see section 2.2 “Information Collection & Usage – Types of Data Collected”.
• For more details on how DashLX uses that information, please see section 2.3 “Information Collection & Usage – Uses of Collected Data”.
• For more details on who DashLX shares data with, please see sections 2.3 “Information Collection & Usage – Uses of Collected Data” and 2.4 “Information Collection & Usage – Protection of Data”.

DashLX does not “sell” (as defined in the CCPA) the personal information of DashLX users.

The CCPA gives California consumers various rights with respect to the personal information we collect, including the right to (subject to certain limitations):

• request to access the personal information DashLX has about you.
• request that DashLX delete all of your personal information.

California users may make a request by contacting us at info@dashlx.com. We will authenticate your request using the email address associated with your DashLX account and if necessary, proof of residency.

4. Privacy Policy Changes

We may update our Privacy Policy from time to time. The Privacy Policy on this site will always be the current, effective, and governing version of the Privacy Policy. The date of the latest update will be reflected at the start of this policy.

We reserve the right to update our Privacy Policy at any time, without prior notice, and will consider the changes made to be effective immediately. In some cases, particularly in the event of substantive changes to this Policy, we may provide you with additional notice of upcoming or recent changes. This additional notice may take the form of, for example, a statement on our website home page or a notice sent to you via email or push notification. We encourage you to review the current Privacy Policy regularly, as it governs your use of our Service. Your continued use of the Service after an update to this policy constitutes your acceptance of the revised Privacy Policy.

5. Contact Us

If you have any questions about the content of the Privacy Policy, or any need to contact us with any other questions or requests, please contact us by email: info@dashlx.com

‍