Privacy Policy

The controller of the personal data covered by this Privacy Policy is:
Pulse Mindfulness Inc.  
Email: info@pulsemindfulness.com

We have not appointed a Data Protection Officer unless and until required by applicable law. If you have privacy questions or wish to exercise your rights, please contact us at the email address above.

This Privacy Policy applies to personal data we process about:
- website visitors
- customers and prospective customers
- app users
- support contacts
- newsletter or marketing subscribers
- other individuals who interact with us

This Privacy Policy does not apply to third-party websites, apps, or services that we do not control, even if we link to them.

The personal data we collect depends on how you interact with us.

A. Information you provide directly
You may provide us with:
- first and last name
- email address
- telephone number
- shipping and billing address
- order details
- support messages and attachments
- marketing preferences
- any other information you choose to submit to us

B. Payment and transaction information
When you place an order, payment information is generally processed by our payment and commerce service providers. We may receive limited transaction-related information, such as:
- payment status
- payment method type
- transaction identifiers
- billing or order metadata
- purchase history

We do not necessarily store full payment card details ourselves.

C. Website, checkout, and device information
When you use our website or checkout, we and our service providers may automatically collect certain technical and usage information, such as:
- IP address
- browser type and language
- operating system and version
- device or browser identifiers
- approximate location derived from IP address
- pages viewed
- referral source
- interactions with the website or checkout
- cookie and consent preferences

D. App and product-related information
When you use the Pulse app and related services, we may process data needed to provide and support the service, such as:- account identifiers
- device or app instance identifiers
- firmware version
- ring pairing or connectivity information
- battery or diagnostic information
- app settings, preferences, and configuration data
- support and troubleshooting logs

Where settings or related app data are synced to backend infrastructure, we process that data to provide functionality, continuity across sessions or devices, support, security, and service improvement.

E. Support and communications data
If you contact us, we may process:
- your contact details
- the content of your messages
- order references
- attachments or screenshots you send us
- support history
- communication preferences

We use personal data for the following purposes, as relevant to your interaction with us:
- providing the website, checkout, app, and related services
- creating and maintaining accounts where applicable
- processing orders, payments, refunds, and fulfilment
- delivering products and related communications
- providing customer support and troubleshooting
- operating, securing, and improving our products and services
- maintaining service functionality and syncing settings where applicable
- detecting, preventing, and investigating fraud, abuse, and security incidents
- measuring performance and understanding how users interact with our website, checkout, and services
- sending service-related messages
- sending marketing communications where permitted by law
- running referral or similar promotional programs where offered
- complying with legal, tax, accounting, and regulatory obligations
- establishing, exercising, or defending legal claims

Where GDPR or similar laws apply, we rely on one or more of the following legal bases:

A. Performance of a contract
We process personal data where necessary to:
- take steps at your request before entering into a contract
- process purchases and payments
- fulfil orders
- provide the app, product functionality, support, and related services

B. Legitimate interests
We process personal data where necessary for our legitimate interests, including:
- operating and improving our website, app, products, and services
- securing our systems and preventing fraud
- responding to customer inquiries
- understanding business performance
- maintaining internal records
- defending legal claims

Where we rely on legitimate interests, we consider and balance the impact on your rights.

C. Consent
We rely on consent where required, including for example:
- sending certain marketing communications
- placing or using non-essential cookies or similar technologies
- processing other data where consent is legally required

You may withdraw consent at any time, but this will not affect processing that took place before withdrawal.

D. Legal obligation
We process personal data where necessary to comply with legal obligations, including obligations relating to taxation, accounting, fraud prevention, consumer law, and lawful requests from authorities.

We use cookies and similar technologies on our website and checkout for purposes such as:
- necessary site functionality
- security
- remembering preferences
- analytics and performance measurement
- advertising and campaign measurement
- embedded content and media where applicable

Where required by law, we ask for consent before using non-essential cookies or similar technologies.

For more detail about the cookies and similar technologies we use, the categories they fall into, and how to manage your preferences, please see our Cookie Policy.

We do not sell or rent personal data for money.

We may share personal data with the following categories of recipients where necessary:
- payment processors and commerce providers
- fulfilment, logistics, and shipping providers
- cloud hosting and infrastructure providers
- analytics, advertising, and tag-management providers
- customer support and communications providers
- security and fraud-prevention providers
- embedded media providers
- referral or affiliate program providers
- professional advisers such as lawyers, auditors, accountants, and insurers
- regulators, courts, law enforcement, or other authorities where required
- other parties in connection with a corporate transaction such as a merger, financing, acquisition, or asset sale

We require service providers acting on our behalf to process personal data under appropriate contractual and confidentiality obligations.

Depending on the part of the service you use, we may use providers such as:
- Shopify and related commerce providers for checkout, order management, and ecommerce functionality
- payment processors for payment transactions
- Google services, such as analytics or tag-management tools, for analytics, measurement, and site functionality
- Meta services for campaign measurement, marketing, and retargeting where used
- Cloudflare or similar providers for security and content delivery
- Firebase / Google Cloud for app-related backend infrastructure, syncing, and storage where applicable
- Klaviyo or similar providers for email communications
- Vimeo, YouTube, or similar providers for embedded media where applicable
- Cookiebot / Usercentrics for consent management and cookie declarations
- referral or affiliate tools where applicable

The categories of personal data these providers may process in our setup generally include contact details, order details, transaction metadata, device and browser information, IP address, approximate location, usage data, cookie identifiers, and support or account-related information, depending on the service involved.

Personal data may be processed in the United States, Belgium, the Netherlands, Finland, and other jurisdictions where we or our service providers operate.

Where personal data is transferred outside the EEA, UK, or other jurisdictions with transfer restrictions, we take steps to use an appropriate transfer mechanism where required, such as:
- adequacy decisions
- standard contractual clauses
- other lawful safeguards recognized under applicable law

We keep personal data only for as long as necessary for the purposes described in this Privacy Policy, including to provide services, comply with legal obligations, resolve disputes, enforce agreements, and protect our legal rights.

Retention periods vary depending on the type of data and the reason we hold it. In general:
- account and app-related data are kept while your account or service relationship remains active and for a reasonable period afterward as needed for support, security, continuity, and legal purposes
- order, transaction, tax, and accounting records are kept for as long as required by applicable legal and financial recordkeeping obligations
- support communications are kept as long as reasonably necessary to handle the issue, improve support, and protect our rights
- marketing consent and opt-out records are kept as needed to respect and document your communication choices
- analytics, diagnostic, and security logs are kept for a limited period appropriate to the purpose for which they were collected
- cookie consent records are kept as needed to demonstrate consent choices and compliance

If data is no longer required, we will delete it, anonymize it, or securely isolate it where appropriate.

We use reasonable technical and organizational measures designed to protect personal data against unauthorized access, disclosure, loss, misuse, and alteration.

These measures may include:
- encryption in transit and at rest where appropriate
- access controls and role-based permissions
- authentication protections
- logging and monitoring
- vendor due diligence and contractual protections
- data minimization and confidentiality practices

No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

We aim to process personal data in a clear and transparent way. Where applicable, you may have choices about:
- whether to provide certain information
- whether to receive marketing communications
- whether to accept non-essential cookies
- whether to withdraw consent for processing that depends on consent

Depending on where you live, you may have some or all of the following rights:
- right to access personal data we hold about you
- right to request correction of inaccurate or incomplete data
- right to request deletion of personal data in certain circumstances
- right to request restriction of processing in certain circumstances
- right to data portability where applicable
- right to object to certain processing, including certain direct marketing
- right to withdraw consent where processing is based on consent
- right to lodge a complaint with a supervisory authority or other regulator where applicable

To exercise your rights, contact us at info@pulsemindfulness.com.

We may need to verify your identity before responding. We may also decline or limit a request where permitted by law.

If you are a resident of a US state with an applicable privacy law, you may have rights such as:
- the right to know or access certain personal data we hold about you
- the right to request deletion of certain personal data
- the right to request correction of inaccurate personal data
- the right to opt out of certain targeted advertising or certain sharing activities where applicable
- the right to non-discrimination for exercising your privacy rights
- the right to appeal a denial of your request where required by applicable law

To submit a privacy request, contact us at info@pulsemindfulness.com.

We do not use sensitive personal data to infer characteristics about you unless disclosed otherwise at the time of collection and permitted by applicable law.

Our services are not directed to children under 13, and we do not knowingly collect personal data from children under 13 without appropriate authorization where required by law.

If you believe a child has provided personal data to us in violation of applicable law, please contact us and we will take appropriate steps.

Where permitted by law, we may send you communications about our products, services, updates, promotions, or related content.We may communicate through channels such as:
- email
- social media platform audiences and related advertising tools
- retargeting or campaign-measurement tools where used
- referral-program communications where offered

Where required by law, we will obtain consent before sending direct marketing.

You can opt out of marketing emails by using the unsubscribe link in the email or by contacting us at info@pulsemindfulness.com. You can also manage cookie-based marketing preferences through our cookie settings tool where available.

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, services, or legal obligations.

When we do, we will post the updated version and revise the effective date at the top of the policy. Where required or appropriate, we may provide additional notice.

If you have questions about this Privacy Policy or want to exercise your rights, please contact:

Pulse Mindfulness Inc.  
Email: info@pulsemindfulness.com