Document

PRIVACY NOTICE Last updated: February 16, 2025

This Privacy Notice for RAMA App ("we," "us," or "our") describes how and why we might access, collect, store, use, and/or share ("process") your personal information when you use our services ("Services"), including when you:

• Download and use our mobile application RAMA, or any other application of ours that links to this Privacy Notice • Engage with us in other related ways, including any sales, marketing, or events

Questions or concerns?

Reading this Privacy Notice will help you understand your privacy rights and choices. We are responsible for decisions about how your personal information is processed. If you do not agree with our policies and practices, please do not use our Services. For questions or concerns, please contact us at info.rama.app@gmail.com.

NOTE FOR EUROPEAN USERS: This app is currently in a preview state, and some features or processes, including data retention and security measures, may still be under development. We process your information in compliance with the General Data Protection Regulation (GDPR) and other applicable EU laws. European users can exercise their rights under GDPR by contacting us at info.rama.app@gmail.com.

SUMMARY OF KEY POINTS This summary provides key points from our Privacy Notice. You can find more details about these topics by clicking the link following each key point or using the table of contents below:

What personal information do we process?
When you visit, use, or navigate our Services, we may process personal information depending on how you interact with us and the Services, the choices you make, and the products and features you use. Learn more about personal information you disclose to us.

Do we process any sensitive personal information?
Some information may be considered "special categories of data" under GDPR, including data revealing racial or ethnic origins, sexual orientation, or religious beliefs. However, we do not process such sensitive personal information.

Do we collect any information from third parties?
We do not collect any information from third parties.

How do we process your information?
We process your information to provide, improve, and administer our Services; communicate with you; ensure security and fraud prevention; and comply with applicable laws. We may also process your information for other purposes with your consent. Learn more about how we process your information.

In what situations and with which parties do we share personal information?
We may share information in specific situations and with specific third parties. Learn more about when and with whom we share your personal information.

How do we keep your information safe?
We have appropriate organizational and technical measures in place to protect your personal information. However, no electronic transmission over the internet or information storage technology can be guaranteed to be 100% secure. Learn more about how we keep your information safe.

What are your rights?
Depending on where you are located geographically, applicable privacy law may mean you have certain rights regarding your personal information. European users have the right to access, rectify, or erase their data, restrict processing, and object to processing under GDPR. Learn more about your privacy rights.

How do you exercise your rights?
The easiest way to exercise your rights is by submitting a data subject access request or by contacting us at info.rama.app@gmail.com. We will act upon any request in accordance with applicable data protection laws.

TABLE OF CONTENTS

WHAT INFORMATION DO WE COLLECT?
HOW DO WE PROCESS YOUR INFORMATION?
WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR PERSONAL INFORMATION?
WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?
WHAT IS OUR STANCE ON THIRD-PARTY WEBSITES?
DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?
HOW DO WE HANDLE YOUR SOCIAL LOGINS?
HOW LONG DO WE KEEP YOUR INFORMATION?
HOW DO WE KEEP YOUR INFORMATION SAFE?
DO WE COLLECT INFORMATION FROM MINORS?
WHAT ARE YOUR PRIVACY RIGHTS?
CONTROLS FOR DO-NOT-TRACK FEATURES
DO UNITED STATES RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?
DO WE MAKE UPDATES TO THIS NOTICE?
HOW CAN YOU CONTACT US ABOUT THIS NOTICE?
HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?

1. WHAT INFORMATION DO WE COLLECT?

Personal Information You Disclose to Us

In Short: We collect personal information that you voluntarily provide to us.

We collect personal information that you voluntarily provide when you:

Register on the Services,
Express interest in obtaining information about our products and Services,
Participate in activities on the Services, or
Contact us directly.

Personal Information Provided by You:
The specific personal information we collect depends on your interactions with the Services and the choices you make. It may include:

Names, phone numbers, usernames, passwords, and email addresses.
Contact preferences and authentication data.

Sensitive Information:
We do not process sensitive personal information.

Social Media Login Data:
If you register using a social media account (e.g., Facebook), we collect certain profile information as described in "HOW DO WE HANDLE YOUR SOCIAL LOGINS?"

Application Data:
If you use our application(s), we may collect the following information (with your permission):

Geolocation Information: To enable location-based services. You can manage access via your device settings.
Mobile Device Access: For access to features like the camera, contacts, storage, and reminders. Access can be adjusted in your device settings.
Mobile Device Data: Such as your device ID, operating system, and IP address, collected automatically.
Push Notifications: To send updates about your account. You can opt out through device settings.

Information Automatically Collected
In Short: Some information—like IP address, browser type, and usage data—is collected automatically.

We automatically collect certain data to maintain the security and functionality of the Services, and for analytics and reporting purposes. Examples include:

Log and Usage Data: Service-related information such as IP addresses, browser details, and user activity.
Device Data: Information about your device, such as model and operating system.
Location Data: Collected via GPS or other technologies to provide location-based services, subject to your device settings.

Google API:
Information from Google APIs will adhere to Google API Services User Data Policy, including Limited Use requirements.

2. HOW DO WE PROCESS YOUR INFORMATION?

In Short: We process your information to deliver and improve our Services, communicate with you, ensure security, and comply with legal obligations.

We process your personal information for the following purposes:

Account Creation and Management: To facilitate account creation, login, and maintenance.
Service Delivery: To provide requested services and support.
Communication: To send you administrative updates, marketing communications, and user feedback requests.
Order Fulfillment: To manage purchases, payments, and returns.
User-to-User Communications: To enable communication between users if applicable.
Marketing and Advertising: To deliver personalized content and targeted advertising based on your preferences.
Security and Fraud Prevention: To monitor and protect against unauthorized activities.
Usage Analytics: To understand trends and improve the Services.
Compliance and Legal Requirements: To fulfill legal obligations or protect individual safety.

3. WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR INFORMATION?

In Short: We process your personal information only when we have a valid legal basis to do so under applicable laws, such as your consent, contractual necessity, legitimate interests, or legal obligations.

For Users in the EU or UK

We rely on the following legal bases:

Consent: With your explicit consent for a specific purpose. You may withdraw your consent at any time.
Contractual Obligations: To fulfill a contract or pre-contractual requests.
Legitimate Interests: To achieve business objectives that do not override your fundamental rights (e.g., improving Services, fraud prevention).
Legal Obligations: To comply with legal or regulatory requirements.
Vital Interests: To protect an individual’s life or safety.

For Users in Canada

Consent may be express (explicit) or implied, based on the circumstances. In some cases, processing may occur without consent, such as:

To address emergencies or legal subpoenas.
To investigate fraud or breach of an agreement.
To fulfill journalistic or publicly available purposes.

4. Sharing Personal Information

Business Transfers: Information might be shared during mergers, acquisitions, or similar business dealings.
Google Maps APIs: Location data from GPS, Wi-Fi, and cell towers might be shared for mapping purposes.
Affiliates: Shared with affiliates under similar privacy standards.
Public Interactions: Personal information shared in public areas of the services may become viewable by others indefinitely.

5. Third-Party Websites

Links or advertisements from third parties on their services are not under their control.
They disclaim responsibility for the privacy and security practices of these third-party platforms.

6. Cookies and Tracking Technologies

Usage: Used to enhance site functionality, secure accounts, and tailor advertisements.
Third-Party Use: Service providers and third parties use tracking technologies for analytics and marketing.
Google Analytics: Tracks service usage and supports targeted advertising. Opt-out options are available via provided links.

7. Social Logins

Logging in through social media accounts provides the organization with profile data such as name, email, profile picture, and more.
Usage is confined to the purposes outlined in the privacy notice, but users are advised to consult their social media platform’s privacy policy for details.

Action Points for Users:

Opt-Out Options: Review and utilize opt-out tools for cookies, targeted advertising, and Google Analytics features.
Social Login Awareness: Be cautious about what information is shared when using social logins.
Review Privacy Notices: Check third-party and social media privacy notices to understand their practices.

8. Data Retention

Retention Period: Personal information is kept only as long as needed for specified purposes or as required by law.
Post-Processing: When information is no longer needed, it is deleted, anonymized, or securely stored until deletion is feasible.

9. Data Security

Security Measures: Reasonable technical and organizational steps are taken to safeguard personal data.
Limitations: Despite these measures, no system is completely secure. Users are advised to access services in a secure environment.

10. Eligibility

Use Permissions: Our app is intended only for individuals 18 and older.
Policy: Data from children under 18 is not knowingly collected or processed.
Action on Violations: Accounts associated with minors will be deactivated, and data deleted if discovered.

11. User Privacy Rights

Regional Rights: Depending on location (e.g., EEA, UK, Switzerland, Canada, some U.S. states), users may have rights to:
- Access, rectify, or erase data.
- Restrict or object to data processing.
- Data portability.
- Avoid automated decision-making.
Consent Withdrawal: Users may withdraw consent at any time, though this does not retroactively affect lawful processing.
Marketing Opt-Out: Users can unsubscribe from promotional emails and communications.

Practical Steps for Users

Account Management: Update or delete account information via account settings.
Cookie Management: Adjust browser settings to manage or reject cookies, though functionality may be impacted.
Concerns and Queries: Contact via email (therama-app@gmail.com) for privacy-related questions or requests.

Key Reminders for Users:

Regularly review and manage your privacy settings to align with your preferences.
Utilize provided contact options for any concerns about data handling.
Be proactive in managing cookies and opt-out choices to maintain control over personal information.

12. Do-Not-Track (DNT) Features

What is DNT?: A browser setting that signals a user's preference not to be tracked online.
Current Status: There is no uniform standard for recognizing or implementing DNT signals, so the company does not respond to them.
Future Changes: If a standard is adopted, the company will update its practices and notify users through a revised Privacy Notice.

13. Privacy Rights for U.S. Residents

Applicable States: Residents of California and Texas have specific privacy rights.
Rights Overview:
- Request access to personal information and processing details.
- Correct inaccuracies in personal information.
- Obtain a copy of personal data.
- Request deletion of personal data.
- Withdraw consent for processing personal data.
Limitations: Rights may be restricted under applicable laws.

Categories of Personal Information Collected

The company states it has not collected personal information across the following categories in the past 12 months:

Category	Examples	Collected
A. Identifiers	Name, address, phone number, email address, account name, IP address.	NO
B. Personal Information	Contact info, education, employment history, financial information.	NO
C. Protected Characteristics	Gender, age, race, marital status, ethnicity, national origin.	NO
D. Commercial Information	Transaction details, purchase history, payment data.	NO
E. Biometric Data	Fingerprints, voiceprints.	NO
F. Internet Activity	Browsing history, search history, interactions with ads/websites.	NO
G. Geolocation Data	Device location.	NO
H. Sensory Information	Images, audio, video, or call recordings.	NO
I. Professional Information	Job title, work history, professional qualifications.	NO
J. Education Information	Student records, directory information.	NO
K. Inferences	Profiles summarizing preferences and characteristics.	NO
L. Sensitive Information	Sensitive personal information as defined by applicable laws.	NO

Additional Information

Other Data Collection: Personal information may be collected outside these categories through:
- Customer support interactions.
- Participation in surveys or contests.
- Direct engagement for service facilitation or inquiries.

Additional Details on Privacy Practices

Sources of Personal Information

For detailed information on the sources of personal information collected, refer to the section “What Information Do We Collect?”

How Personal Information is Used and Shared

Uses of Personal Information:
Personal information is used for internal business purposes, such as technological development and research. This does not qualify as "selling" personal data.
Disclosure Practices:
Personal information may be disclosed to service providers under written contracts. For more details, see “When and With Whom Do We Share Your Personal Information?”
No Selling of Personal Information:
In the past 12 months, the company has not disclosed, sold, or shared personal data for business or commercial purposes. They will not engage in these practices in the future.

Your Privacy Rights

General Rights for U.S. Residents:

Right to Know: Confirm whether your personal data is being processed.
Right to Access: Obtain access to personal data the company has collected.
Right to Correct: Correct any inaccuracies in your personal data.
Right to Delete: Request deletion of personal data.
Right to Obtain Data Copy: Receive a copy of the personal data you provided.
Right to Non-Discrimination: Ensure fair treatment regardless of exercising your rights.
Right to Opt Out: Stop processing personal data for targeted advertising, sale, or profiling decisions.

State-Specific Rights:
Residents in certain states (e.g., California) may also have:

The Right to Know categories of third parties receiving disclosed data.
The Right to Limit Use of sensitive personal data.

How to Exercise Your Rights

Submit a data subject access request via email at info.rama.app@gmail.com or by using the contact information provided in the Privacy Notice.
Designate an authorized agent to act on your behalf with appropriate proof of authorization.

Verification Process

Identity verification is required for requests to ensure accuracy and security.
Additional information may be requested if verification cannot be completed with existing records.

Appeals Process

If a request is denied, an appeal can be submitted via email.
A written explanation of the appeal decision will be provided.
If denied again, a complaint may be filed with the state attorney general.

California "Shine the Light" Law

California residents may request:

Categories of personal information disclosed for direct marketing purposes.
Names and addresses of third parties with whom information was shared in the previous calendar year.
Requests should be submitted in writing, as outlined in the “How Can You Contact Us About This Notice?” section.

Additional Information on Privacy Updates and Contacting Us

14. Updates to the Privacy Notice

The Privacy Notice will be updated periodically to ensure compliance with relevant laws.
Indication of Changes:
- Updated versions will display a "Revised" date at the top.
- If there are significant changes, you will be notified through a prominent notice or direct communication.
Recommendation: Regularly review the Privacy Notice to stay informed about the protection of your information.

15. Contact Information

For questions or comments about this Privacy Notice:

Email: info.rama.app@gmail.com
Postal Address:
Alquimista Innovations LLC
1309 Coffeen Avenus STE 1200
Sheridan, WY 82801
United States

16. Reviewing, Updating, or Deleting Personal Data

Depending on your location and applicable laws, you may request:
- Access to the personal data collected.
- Correction of inaccuracies.
- Deletion of your personal data.
- Withdrawal of consent for data processing.

How to Make a Request:
Submit a data subject access request to review, update, or delete your data.