PLEASE NOTE: This Policy only applies to the territory of the European Economic Area (EEA). Therefore, it will not be legally binding in any other state. Unless you're in EEA, please check the Privacy Policy applying to the country of your location.

PRIVACY POLICY

Effective: 29 December, 2023 Previous versions: 03 June, 2023

Please carefully read this Privacy Policy ("Policy"), which governs how Neuralab Tech Solutions, a company incorporated in the UAE, Dubai, with the address property № A1103-04, office 1 Tower A, The Opus tower by Omniyat, Business Bay, Dubai, UAE (hereinafter referred as "Company", "we"), collects, and processes personal data of its Service’s users.

The following basic terms and definitions are to be used in this Policy:

• Personal data means any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
• Processing of personal data means as any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
• Personal data subject means an individual to whom the personal data relates and who can be identified on the basis of personal data or who is identifiable.
• App means Twinby mobile application
• Service shall mean the App and the services provided through it
• User, your or you means the person or persons, using the App and/or using the Services provided via the App

1.About the Data Controller

The data controller of this App is the Company.

Contact details: privacy@twinby.com

2. Applicability and Acceptance of the Policy

This Policy defines the Personal Data, explains how Personal Data is collected, used, processed, and shared. Policy shall come into effect once accepted by the Personal Data subject.

In the event you disagree with any provision of this Policy or would not like your Personal Data to be processed, you should cease using the App immediately

3. Data Processing Legal Grounds; Personal Data Use

We process your personal data under the following legal bases:

Your consent.

According to this legal basis we may, for example, send you marketing emails. You have the right to withdraw your consent by reaching out to us via the contact details indicated in this Policy.

Performance of contract obligations; Under this legal basis we:

Provide our Service (according to the Terms of use).

Provide you with customer support.

Communicate with you regarding the use of the Service.

Legitimate interests, unless those interests are overridden by your interests or fundamental rights and freedoms that require protection of personal data.

We rely on legitimate interests in order to:

• Сommunicate with you regarding your use of our Service, for example in order to encourage you to use our Service more often. For such a purpose we may send you push or other notifications from time to time.
• Research and analyze your use of the Service.
• As we always aim to improve our Service, we may use this legal basis in order to make your experience with our App easier and more enjoyable, or to launch or test new features.
• To send you marketing communications.

The legitimate interest we rely on for this processing is our interest to promote our Service in a measured and appropriate way.

• To personalize our ads. The legitimate interest we rely on for this processing is our interest to promote our Service in a compliant way.
• To enforce our Terms of use and to prevent and fraudulent activity

Our legitimate interests for this purpose are enforcing our legal rights, preventing and addressing fraud and unauthorized use of the Service, non-compliance with our Terms of use.

• Compliance with obligations under the applicable law.

4.Personal Data Collection

General Provisions

The type of Personal Data we collect depends on how you are interacting with us. In many cases, you can choose whether or not to provide us with your Personal Data. However, but if you choose not to, you may not be able to use the App’s functionality to the full degree. When using the App, you provide us with the following types of Personal Data: (i) Personal Data you give us; (ii) Personal Data we collect automatically in the process of the App’s use; and (iii) Personal Data we obtained from other sources.

The App does not contain any links to other third-party websites or apps that may collect Personal Data about you, including through cookies or other technologies. If you use links submitted by other users via chat to visit other websites, apps or services this Policy will not apply to your use of, and activity on those other websites or apps. You should consult these other websites/apps privacy policies as we have no control over them and are not responsible for any information that is submitted to or collected by these third parties.

Personal Data you give us

You provide us information about yourself when you register for and/or use the Service, for example, your photo, email address, phone number, name, date of birth (age), gender, city, country, weight and height, attitudes towards drinking and smoking preferences, parental status. You can also submit optional information such as education, language skill, areas of interest, and fields of activity. This information will be public to the App users. We may also ask you to answer some questions relating to lifestyle and relationships.

You may also want to share some sensitive data, including your partner preferences, relationship expectations, etc.

By doing so you consent to such data being processed to the degree necessary for the Service’s use.

Additionally, we may offer you to use your social media accounts in order to log into the App. Thus, we will also process your social media ID. We can also ask you to provide some extra information in case we decide to conduct customer surveys and collect feedback on the satisfaction with the Service.

The Company does not collect any payment information. Security of payment data is provided by partners of the Company: CloudPayments, Apple, Google. You can find the terms of data processing and protection on the official resources of partners.

Personal Data We Collect Automatically

Some Personal Data can be collected in the process of the App’s use, including your URL, data obtained from your device (for example, language settings, IP address, location, time zone, type and model of a device, device settings, operating system, Internet service provider, mobile carrier, hardware ID, Spotify, VK ID, Google ID or Apple ID, content of social media posts).

Data obtained from other sources

When you decide to connect your profile in the App with your social media account (for example, Google, VK), we will get personal data from such social media accounts. This includes your name, user ID, profile picture, username, gender, age range, language, country, friend list, email address, and any other information you have made public.

Personal Data Sharing

Sometimes, in order to fulfill our obligations, including within the framework of Terms of use, we transfer user data to affiliates and partners, service providers, and third parties. We make sure that this process is safe. Here are those with whom we can partially share the data:

a) Partners and service providers. To provide the service, we engage trusted and reliable partners and suppliers. This includes payment processing, customer support, insurance, marketing or promotions. For example, we share information with banks for processing payments and refunds, and with an insurance company when a user chooses an insurance service. Please check the sections below to find out specifically what recipients we may share your data with. b) Third parties. After removing identification data such as name, telephone, and e-mail (if any), and combining the information received with similar information from other users, we may use, license and share the aggregated anonymized data (in such cases the data is always anonymized first). In the event of business reorganization, we may transfer user information as part of a sale, merger, or preparation for any of these events. In any case, we will bind the recipients to adopt adequate measures if personal data is involved. c) State, regulatory and law enforcement authorities. We can transmit information only on the grounds stipulated by the law in response to official requests, in order to comply with the requirements of the applicable law. This is done to detect, investigate, prevent and eliminate cases of fraud and other illegal actions related to security, as well as to prevent harm to the property or health of users of the Service, members of the public, employees of the Service or third parties. The information may be transmitted to State bodies and for the protection of the legitimate rights or property of the Service, for ensuring the fulfillment of the conditions of use of the service specified in Terms of use.

Recipients we may share your data with may include, for example: - Payment service providers; - Marketing platforms; - Cloud storage providers.

We also use metric programs (Yandex.Metrica, Google Analytics) to measure traffic and analyze user behavior, which helps us to constantly improve our service

In addition, we may transfer aggregated, anonymized or pseudonymized information that cannot be used to identify a specific person by third parties, including the types of third parties listed above, for the purpose of performing or participating in statistical research and/or reports.

Twinby is a global Platform, which means that we work with the data of our users all over the world and can transfer this data to other countries, inter alia, for the purposes of enhancing and updating the services Twinby and its affiliates provide. Additionally, such transfers can also take place within the framework of research Twinby and its affiliates perform. Regardless of the nature of such transfers, they will only be performed on legal grounds in a secure way. Before such a transfer, we will bind the recipients to adopt adequate measures in case it’s required by the law.

We may also transfer your personal data to countries outside the European Economic Area ("EEA"). Including countries which have different data protection standards to those which apply in the EEA.

If this should happen, special safeguards are foreseen to ensure that the protection travels with the data. These safeguards include entering into a contract incorporating the standard data protection clauses adopted by the Commission ("standard contractual clauses") or adopting any of the other instruments set out in the GDPR.

In some cases, for the purposes of the App’s development, its work’s optimization and enhancing its functionality, we can share some of your personal data with our partners, vendors and/or other third parties.

We guarantee that for the purposes of ensuring your personal data’s confidentiality and their processing’s safety, such processing will only be carried out in accordance with the applicable legislation.

Other than the provisions above in case such transferring is partially or entirely carried out in states not ensuring an adequate level of personal data protection from the perspective of applicable legislation, such transferring shall only be performed in accordance with all the provisions of the law and only in case there are applicable and solid legal grounds.

5.Protection of Personal Data. Security Measures

We take appropriate security, administrative and technical measures to protect any Personal Data you provide regarding the collection, storage and processing of Personal Data, as well as security measures to protect your Personal Data against unauthorized access, modification, disclosure or destruction.

Personal Data is safeguarded from unauthorized access and unlawful processing or disclosure, as well as accidental loss, modification or destruction, through state-of-the-art technical and organizational measures. These are adjusted and updated continuously paired with technical developments and organizational changes. Additionally, Personal Data protection audits and other control measures are carried out on a regular basis. While we take reasonable precautions against possible security breaches, member database and records no service or internet transmission is completely secure and we cannot guarantee that unauthorized access, hacking, data loss, or other breaches will never occur. We urge you to take steps to keep your personal data safe and to log out of your account after use. If you or another service provider that you use suffer a data breach and you have used the same credentials with that service provider as you have with Twinby, your personal data may be compromised. If that happens, please report it to privacy@twinby.com

6.Retention of Information

We will store your personal data for as long as it is reasonably necessary for achieving the purposes set forth in this Privacy Policy (including providing services to you). We will also retain and use your personal data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Right to access

You have the right to obtain from the controller confirmation as to whether or not personal data are being processed by Twinby, and, where that is the case, access to the personal data and the following information: (i) the purposes of the processing; (ii) the categories of personal data concerned; (iii) the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations; (iv) where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period; (v) the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing; (vi) the right to lodge a complaint with a supervisory authority; (vii) the existence of automated decision-making, including profiling, and meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

Right to rectification

If you consider your personal data are inaccurate or incomplete, you have the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her. Your right to rectification only applies to the personal data you have provided to Twinby and not to data resulting from Twinby actions (e.g. performance reviews). Right to erasure To the extent legally admissible, you have the right to obtain from Twinby the erasure of your personal data without undue delay and Twinby shall have the obligation to erase personal data without undue delay where one of the following grounds applies: (i) the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed; (ii) you have withdrawn consent on which the processing is based according to point (a) of Article 6(1) GDPR, or point (a) of Article 9(2) GDPR, and where there is no other legal ground for the processing; (iii) you have objected to the processing pursuant to Article 21(1) GDPR and there are no overriding legitimate grounds for the processing, or you have objected to the processing pursuant to Article 21(2) GDPR; (iv) the personal data have been unlawfully processed (v) the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which Twinby is subject; (vi) the personal data have been collected in relation to the offer of information society services. Right to erasure does not apply if the processing is (i) for exercising the right of freedom of expression and information; (ii) for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; (iii) for reasons of public interest in the area of public health in accordance with points (h) and (i) of Article 9(2) GDPR as well as Article 9(3) GDPR; (iv) for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) GDPR in so far as the right referred to in paragraph 1 is likely to render impossible or seriously impair the achievement of the objectives of that processing; or (v) for the establishment, exercise or defence of legal claims. After the exercise of the right of erasure in the terms legally admissible your personal data will be deleted. Right to restriction of processing You shall have the right to obtain from the controller restriction of processing where one of the following applies: (i) the accuracy of the personal data is contested, for a period enabling the controller to verify the accuracy of the personal data; (ii) the processing is unlawful and you have opposed to the erasure of the personal data and have requested the restriction of their use instead; (iii) the controller no longer needs the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims; (iv) you have objected to processing pursuant to Article 21(1) pending the verification whether the legitimate grounds of the controller override yours. Right to data portability You have the right to receive your personal data provided by you, in a structured format, in common use and automatic reading. You also have the right to ask Twinby to transmit this data to another controller, as long as this is technically possible, where applicable under Article 20 GDPR. Right to object You shall have the right to object, on grounds relating to your particular situation, at any time to processing of personal data which is based on point (e) or (f) of Article 6(1), including profiling based on those provisions. Twinby shall no longer process the personal data unless it demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims. Right to lodge complaints with the supervisory authority You have the right to file complaints with the competent supervisory authority regarding matters related to the processing of your personal data.

8.Children's Privacy

The minimum age of the App’s users must be at least 18 years. The Company will not knowingly collect Personal Data from individuals under this age.

9.Amendments to the Policy

We have the right, at our discretion, to update or amend this Policy at any time. Should any material changes to this Privacy Policy happen, you will be notified through our Service or by other available means and will have an opportunity to review the revised Privacy Policy. By continuing to access or use the Service after those changes become effective, you agree to be bound by the revised Privacy Policy. This Policy may from time to time be translated into other languages. In the event of any contradictions between the English version of this Policy and its version in any other language, the English version will prevail.

10.Feedback

Should you have any requestions regarding this Policy in general or any personal data processing procedure Twinby carries out, please don’t hesitate to reach out to us via privacy@twinby.com