back home

XSweetTM Privacy Policy

Summary

Thank you for: (a) visiting the XSweetTM website located at XSweet.io (the “Site”); and/or (b) accessing the SweetTM mobile application (“App,” and together with the Site, “XSweetTM ”). XSweetTM and theXSweetTM Offerings (as defined below) are owned and operated by Palace Creative LLC. (“PC,” “we,”“our” or “us”). The following XSweetTM Privacy Policy (“Privacy Policy”) sets forth our policy with respect to the collection, storage, use and sharing of your personal information and other information that we collect from you.

Users with disabilities who wish to access this Privacy Policy in an alternative format can contactus by emailing us at: support@xsweet.io; or sending us U.S. Mail to: 3019 Ocean Park Blvd, Suite214, Santa Monica, CA 90405.

Background

This Privacy Policy covers our treatment of personal information and other information that we collect when an end-user visitor to the Site (“User,” “you” or “your”): (a) accesses and/or uses the Site; (b)downloads, attempts to download and/or uses the App and associated Software, as made available on the iPhone®, iPad® and iPod Touch®, as well as Android® and other mobile devices, where and to the extent available (collectively, “Mobile Devices”) by and through the Apple® App Store, the Google Play®store and other applicable venues, where and to the extent available (collectively, “Download Venues”);(c) accesses certain text, images, video, audio and other content and information relating to the XSweetTMOfferings as made available by: (i) PC (collectively, “XSweetTM Content”); and/or (ii) Creators (“CreatorContent,” and together with the XSweetTM Content, the “Content”); (d) registers for a XSweet Identity as an end-user of the App and/or Site (“Member”), as either a User or Creator; (e) purchases Sweet Coin; (f)purchases, in exchange for Sweet Coin, Creator Offerings; (g) purchases, in exchange for Sweet Coin, various PC-provided products and/or services including: (i) streaming video and/or music (“XSweetTMStreaming Content,” and together with the Creator Streaming Content, the “Streaming Content”); (ii)apparel, merchandise and other products (“XSweetTM Merchandise,” and together with the CreatorMerchandise, the “Merchandise”); (iii) digital assets, including skins, avatars, digital tokens and other customizations (“XSweetTM Digital Assets,” and together with the Creator Digital Assets, the “DigitalAssets”); (iv) designated exclusive areas of the XSweetTM Environment visual interface (“XSweetTM RealEstate”; and (v) avatar fashion and accessory features digital art, and various digital tokens (“Tokens,”and together with the XSweetTM Streaming Content, XSweetTM Merchandise, XSweetTM Digital Assets and XSweetTM Real Estate, the “XSweetTM Product Offerings”); (h) accesses certain message boards, comment sections, messaging functionality and other interactive features of the XSweetTM Offerings(“Interactive Services”); (i) accesses links to the XSweetTM and/or Member social media pages/accounts appearing on third-party social media websites (collectively, “Social Media Pages”), such as Discord®,Facebook®, Instagram®, X®, YouTube® and Tik Tok® (collectively, “Social Media Websites,” and together with the Site, App (and associated Software), Content, XSweet Identity, Sweet Coin, ReferralProgram, Creator Product and Service Offerings, XSweetTM Product Offerings, Profile Verification Services and Interactive Services, the “XSweetTM Offerings”); and/or (j) otherwise affirmatively consents to the terms of this Privacy Policy.

Capitalized terms not defined herein shall have the meanings set forth in the XSweetTM Mobile Application

End-User License Agreement and Website Terms and Conditions (“Terms and Conditions”). IF YOU DONOT AGREE TO TERMS OF THIS PRIVACY POLICY IN THEIR ENTIRETY, YOU MAY NOT ACCESSOR OTHERWISE USE THE SITE OFFERINGS.

Apple®, Apple Pay®, Apple TV®, iTunes®, iPhone®, iPad® and iPod Touch® are registered trademarksof Apple, Inc. (“Apple”). Discord® is a registered trademark of Discord Inc. (“Discord”). Facebook®, andInstagram® are registered trademarks of Facebook, Inc. (“Facebook”). Android®, Google Play®,YouTube® and Google Wallet® are registered trademarks of Google, Inc. (“Google”). X® is a registered trademark of X Corp. (“X”). Tik Tok® is a registered trademark of Byte Dance. Please be advised that PCis not in any way affiliated with Apple, Discord, Facebook, Google, Byte Dance or X, and the XSweetTMOfferings are not endorsed, administered or sponsored by any of the foregoing entities.

Additional Rights Applicable to Residents of the European Union and United Kingdom; Data Controller;EU and UK Representatives

Please note, PC is considered the “Data Controller” in connection with the Personal Data collected pursuant to this Privacy Policy for purposes of applicable data protection laws, including the EuropeanUnion’s (“EU”) General Data Protection Regulation (“GDPR”) and the United Kingdom General DataProtection Regulation (“UK GDPR”). For purposes of this Privacy Policy, “Personal Data” means any information concerning the personal or material circumstances of an identified or identifiable individual.Our Data Protection Officer may be contacted at DPO@xsweet.io.

This Privacy Policy is intended to comply with the GDPR and UK GDPR. If you are a resident of the EU orUK, you have the following rights, subject to certain limitations and exceptions imposed by the GDPR andUK GDPR, respectively:

1. Right to Access – this is the right to request copies, in a machine readable format, of those portions of your Personal Data that we have collected.

2. Right to Correct – this is the right to have Personal Data in our possession or control corrected if it is accurate or incomplete.

3. Right to Erasure – this is the right to ask us to delete or remove your Personal Data from our systems.

4. Right to Restrict Use – this is your right to block us from using, or to limit the ways we can use, your Personal Data.

5. Right to Data Portability – this is your right to request that certain of your Personal Data be transferred to a different provider.

6. Right to Object – this is your right to object to our use of your Personal Data, including when we use it for our legitimate interests, including for marketing purposes.

We ask individual Users to identify themselves and the information requested to be accessed, corrected or removed before processing such requests.

Please be advised that deleting your Personal Data may terminate your access to certain of theXSweetTM Offerings. If you wish to continue using the full complement of XSweetTM Offerings, you may not be able to delete all of the Personal Data that we have on file for you.

Please be further advised that, after you delete your Personal Data, residual copies may take a period of time before they are deleted from our active servers and may remain in our backup systems.

If you have questions relating to the above rights, you can contact us at: support@xsweet.io .

If you are not satisfied with how we have responded to any request that you submit to us regarding the above rights, you may be able to raise your complaint with the Data Protection Authority in your jurisdiction. You can find your national Data Protection Authority here.

If you are located in the United Kingdom or the EU, you may contact Achieved Compliance Advocacy, ourappointed representative in the UK and the EU, at the following addresses:

EU
By email: EUCompliance@xsweet.ioBy mail:
UK
By email: EUCompliance@xsweet.ioBy mail:

Legal Basis

We collect Personal Data that you provide to us, e.g., if you email our customer service department, to fulfill your request to receive additional information or for the purpose of handling the contractual relationship that you have with PC. We only use and store your Personal Data if we have a legal basis for doing so, including where you have given us your express consent, where we have a legitimate business interest, or pursuant to the contractual relationship that exists between you and PC.

State Specific Privacy Rights

Residents of the States of California, Colorado, Connecticut, Montana, Oregon, Texas, Utah and Virginia, businesses organized under the laws of the State of California, as well as California-based employees of, and California residents who submit job applicants to, Company (collectively, “Covered Users”), are afforded additional rights pursuant to applicable state law. Please see our “Privacy Provisions for CoveredUsers” for a more complete description of your rights as a Covered User.

1. Your California Privacy Rights

Shine the Light. If you are a resident of the State of California and would like to learn how your “personal information” (as defined in the Shine the Light Law, Cal. Civ. Code § 1798.83) is shared with third-parties, what categories of personal information we have shared with third-parties in the preceding year, as well as the names and addresses of those third-parties, please e-mail us at: support@xsweet.io or send usU.S. Mail to: 3019 Ocean Park Blvd, Suite 214, Santa Monica, CA 90405.

Further, if you are a resident of the State of California and would like to opt-out from the disclosure of your personal information to any third-party for marketing purposes, please e-mail us at: support@xsweet.io or send us U.S. Mail to: 3019 Ocean Park Blvd, Suite 214, Santa Monica, CA 90405. Please be advised that where California State residents opt-out from permitting their personal information to be shared, such individuals may still receive selected offers directly from us, in accordance with applicable law.

California Consumer Privacy Act of 2018 (“CCPA”). In addition to the foregoing, if you are a resident of the State of California, certain other privacy-related rights may apply to you in accordance with the CCPA, including the right to opt-out of our sale of your personal information, as well as the right to know what personal information about you we have collected, whether your personal information was shared with third-parties in the preceding year and, if so, what categories of personal information were shared, as well as the categories of third parties with whom we shared that personal information. Please see our “PrivacyProvisions for Covered Users” for a more complete description of your rights under the CCPA as aCalifornia State resident.

The California Privacy Rights Act (“CPRA”). In addition to the foregoing, if you are a resident of the State of California, certain other privacy-related rights may apply to you in accordance with the CPRA, including the right to correct personal information we have collected about you, the right to opt-out of our use/sharing of your sensitive personal information, the right to know how long we retain your sensitive and non-sensitive personal information, the right to know what sensitive personal information about you we have collected, whether your sensitive personal information was shared with third-parties in the preceding year and, if so, what categories of sensitive personal information were shared, as well as the categories of third parties with whom we shared that sensitive personal information. Please see our“Privacy Provisions for Covered Users” for a more complete description of your rights under the CPRA asa California State resident.

Browser “Do Not Track” Signals. Most browsers contain a “do-not-track” setting. In general, when a “do-not-track” setting is active, the user’s browser notifies other websites that the user does not want her/his personal information and online behavior to be tracked and used, for example, for interest-based advertising. As required by California Online Privacy Protection Act (“CalOPPA”), we are required to inform you that, as is the case with most websites, we do not honor or alter our behavior when a Site user has activated the “do-not-track” setting on her/his browser; provided, however, that you may have certain rights with respect to the use of automated technologies to deliver targeted advertising to you, as well asto create profiles about you using your personal information.

2. Your Colorado Privacy Rights

If you are a resident of the State of Colorado, certain privacy-related rights may apply to you in accordance with the Colorado Privacy Act (“CPA”), including the right to opt-out of our sale/sharing of your personal information, as well as the right to know what personal information about you we have collected, whether your personal information was shared with third-parties in the preceding year and, ifso, what categories of personal information were shared, as well as the categories of third parties with whom we shared that personal information. Please see our “Privacy Provisions for Covered Users” for amore complete description of your rights under the CPA as a Colorado State resident.

3. Your Connecticut Privacy Rights

If you are a resident of the State of Connecticut, certain privacy-related rights may apply to you inaccordance with the Connecticut Data Privacy Act (“CDPA”), including the right to opt-out of our sale/sharing of your personal information, as well as the right to know what personal information about you we have collected, whether your personal information was shared with third-parties in the preceding year and, if so, what categories of personal information were shared, as well as the categories of third parties with whom we shared that personal information. Please see our “Privacy Provisions for CoveredUsers” for a more complete description of your rights under the CDPA as a Connecticut State resident.

4. Your Montana Privacy Rights

If you are a resident of the State of Montana, certain privacy-related rights may apply to you in accordance with the Montana Consumer Data Privacy Act (“MDPA”), including the right to opt-out of our sale/sharing of your personal information, as well as the right to know what personal information about you we have collected, whether your personal information was shared with third-parties in the preceding year and, if so, what categories of personal information were shared, as well as the categories of third parties with whom we shared that personal information. Please see our “Privacy Provisions for CoveredUsers” for a more complete description of your rights under the MDPA as a Montana State resident.

5. Your Nevada Privacy Rights

Nevada State residents have the right to submit opt-out requests to website operators instructing those website operators not to sell any “covered information” that the website operators have collected aboutNevada State residents to any third party data broker(s). Covered information includes a consumer’s name, postal and email address, telephone number and Social Security Number, and includes theInformation described below in the “Personal Information Collected” section.

If you are a Nevada State resident and you wish to exercise your right to request that we to stop the sale of your Information to third party data brokers, please e-mail us at: support@xsweet.io or send us U.S.Mail to: 3019 Ocean Park Blvd, Suite 214, Santa Monica, CA 90405. In your request, please specify that you want to exercise your rights to opt-out from the sale of covered information under the Nevada PrivacyLaw and specify the website that you visited and the email address you registered with. Please allow thirty (30) days for a response.

6. Your Oregon Privacy Rights

If you are a resident of the State of Oregon, certain privacy-related rights may apply to you in accordance with the Oregon Consumer Privacy Act (“OCPA”), including the right to opt-out of our sale/sharing of your personal information, as well as the right to know what personal information about you we have collected, whether your personal information was shared with third-parties in the preceding year and, if so, what categories of personal information were shared, as well as the categories of third parties with whom we shared that personal information. Please see our “Privacy Provisions for Covered Users” for a more complete description of your rights under the OCPA as an Oregon State resident.

7. Your Texas Privacy Rights

If you are a resident of the State of Texas, certain privacy-related rights may apply to you in accordance with the Texas Data Privacy and Security Act (“TDPSA”), including the right to opt-out of our sale/sharing of your personal information, as well as the right to know what personal information about you we have collected, whether your personal information was shared with third-parties in the preceding year and, if so, what categories of personal information were shared, as well as the categories of third parties with whom we shared that personal information. Please see our “Privacy Provisions for Covered Users” for amore complete description of your rights under the TDPSA as a Texas State resident.

8. Your Virginia Privacy Rights

If you are a resident of the State of Virginia, certain privacy-related rights may apply to you in accordance with the Virginia Consumer Data Protection Act (“VCDPA”), including the right to opt-out of our sale/sharing of your personal information, as well as the right to know what personal information about you we have collected, whether your personal information was shared with third-parties in the preceding year and, if so, what categories of personal information were shared, as well as the categories of third parties with whom we shared that personal information. Please see our “Privacy Provisions for CoveredUsers” for a more complete description of your rights under the VCDPA as a Virginia State resident.

9. Your Utah Privacy Rights

If you are a resident of the State of Utah, certain privacy-related rights may apply to you in accordance with the Utah Consumer Privacy Act (“UCPA”), including the right to opt-out of our sale/sharing of your personal information, as well as the right to know what personal information about you we have collected, whether your personal information was shared with third-parties in the preceding year and, if so, what categories of personal information were shared, as well as the categories of third parties with whom we shared that personal information. Please see our “Privacy Provisions for Covered Users” for a more complete description of your rights under the UCPA as a Utah State resident.

General Privacy Provisions


Privacy Policy Quick Links
Below are links to key sections of our Privacy Policy:

Personal Information Collected
Use and Sharing of Personal Information
Non-Personal Information Collection and Use
Behavioral Tracking
Security of Your Personal Information
Children's Privacy
Opt-Out/Unsubscribe
Individual Rights: Deleting, Modifying and Updating Your InformationChanges to this Privacy Policy
Contact Us

Personal Information Collected

Please see our Privacy Provisions for Covered Users for additional details regarding the categories ofpersonal information collected.

In order to open an account (“Account”), obtain a XSweet Identity and utilize certain of the XSweet®Offerings (including the App), each prospective Member will be required to complete the“know-your-customer” ("KYC”) and “anti-money laundering (“AML”) process with PC’s third partyKYC/AML service provider, Ondato UAB (“Ondato”). The information that you submit to Ondato, and its storage and use by Ondato, shall be governed by Ondato’s privacy policy. PC cannot guarantee the privacy practices of Ondato or any other third-party KYC/AML service provider(s).

In connection with the KYC process associated with obtaining a Sweet Identity token, prospectiveMembers may be required to provide some or all of the following to Ondato: (a) full name; (b) e-mail address; (c) mailing address; (d) telephone number; (e) date of birth; (f) any nickname, birth name, legal name, stage name or other name used by you and/or (g) any other information requested by Ondato on the applicable form (collectively, “Sweet Identity Registration Data”).

Although the Sweet Identity address is exclusive to XSweetTM as a tokenized identifier on the blockchain (“Token ID”), the Sweet Identity Registration Data and other personal data (tokenized or otherwise) represented by the Sweet Identity is not owned or accessible by PC under any circumstances except as required by law. By way of further explanation, the Sweet Identity is an autonomous and sovereign node encrypted and contained on a blockchain to provide an identity for the persona and assets of a Member who has passed the required KYC/AML process. This identity is entirely on the blockchain and exists in a true zero trust environment. This means that neither PC, nor any affiliated entity, has access to the Sweet Identity Registration Data or other personal data associated with the applicable Sweet Identity token. Further: (i) no data is transmitted between the SweetIdentity/Token ID and Site/App; (ii) no data is transmitted between Ondato and PC/the Site/the App; and

(iii) no User personal data is stored by the Token ID. PC may identify behavior that violates the Terms and Conditions and, if so, may send notice of that behavior to Ondato. Under certain circumstances, Ondato may elect, or be required by law, to send notice of the violative behavior and the associated personal identity to the proper authorities or to a custodian required by law to be retained by PC.

In order to obtain access to the XSweetTM Offerings as a Creator, PC may (in certain select instances)collect some or all of the following: (i) full name/Entity’s name; (ii) e-mail address; (iii) mailing address/Entity’s mailing address; (iv) telephone number Entity’s telephone number; (v) any nickname, birth name, legal name, stage name or other name used by you/Entity and/or (vi) any other information requested by PC (collectively, “Creator Registration Data”).

In order to purchase Sweet Coin, Users will be required to complete the registration process by and through the payment platform operated by GC Brush LLC (“GC Brush”). In connection with the process associated with purchasing Sweet Coin, Citizens may be required to provide some or all of the following to GC Brush: (A) full name; (B) e-mail address; (C) mailing address; (D) credit card, debit card, cryptocurrency account and/or any other payment method accepted by GC Brush and provided by you; and/or (E) any other information requested by PC (collectively, “Payment Data”). All payment information is linked to the applicable User’s Token ID, and no information is shared or released from GC Brush toPC/the Site/the App in connection with purchases. The information that you submit to GC Brush, and its storage and use by GC Brush, shall be governed by GC Brush’s privacy policy. PC cannot guarantee theprivacy practices of GC Brush or any other third-party payment processing service provider(s). ThePayment Data is not accessible by PC under any circumstances other than as required by law.

Ondato® is a registered trademark of Ondato. GCBrushPaymentsTM owned by GC Brush LLC. Please be advised that PC is not in any way affiliated with Ondato or GC Brush, and the XSweetTM Offerings are not endorsed, administered or sponsored by Ondato and/or GC Brush.

Use and Sharing of Personal Information

Please see our Privacy Provisions for Covered Users for details regarding our use and sharing ofpersonal information.

By submitting your personal information by and through the Site Offerings, you agree that we may share,sell, rent, lease or otherwise provide the personal information that we are able access to any third partyfor any purpose permitted by law, and we may work with other businesses to bring selected retail opportunities to our Users. These businesses and third parties may include, but are not limited to: (a)providers of direct marketing services and applications, including lookup and reference, data enhancement, suppression and validation; (b) e-mail marketers; (c) telemarketers (where permitted by applicable law); and (d) direct marketers. We will also use your personal information to send you promotional messages regarding various Company products and/or services, as well as third party products and/or services that we think may be of interest to you.

We may also employ other companies and individuals, such as Ondato, to perform certain functions on our behalf. Examples include conducting KYC checks, sending direct and electronic mail, removing duplicate information from User lists, analyzing data and providing marketing analysis. The agents performing these limited functions on our behalf shall have access to our Users’ personal information as needed to perform these functions for us, but we do not permit them to use User personal information for other purposes.

By making your personal information available to Company, you grant Company the right, subject to applicable law, to use that personal information to contact you regarding your use of the Site Offerings and/or with information regarding other Company products and/or services that we think may be of interest to you. If you wish to stop receiving future communications from us, please follow the instructions at the end of each such e-mail message or see the “Opt-Out/Unsubscribe” section below.

Where you submit personal information, we use the personal information that you make available to personalize your experience with the Site and to facilitate the provision of the applicable Site Offerings to you, including in connection with customer service and to otherwise respond to any inquiries made by you.

You also agree that we may contact you at any time with updates and/or any other information that we may deem appropriate for you to receive in connection with your continued use of the Site Offerings.

We may also use your personal information for internal business purposes, such as analyzing and managing our service offerings including, without limitation, the Site Offerings. We may also combine the information we have gathered about you with information from other sources.

By submitting your personal information by and through the Site Offerings, you agree that such act constitutes an inquiry and/or application for purposes of the Amended Telemarketing Sales Rule (16 CFR§310 et seq.), as amended from time to time (the “Rule”) and applicable state do-not-call regulations. As such, not with standing that your telephone number may be listed on the Federal Trade Commission’sDo-Not-Call List, and/or on applicable state do-not-call lists, we retain the right to contact you via telemarketing in accordance with the Rule and applicable state do-not-call regulations.

Where you provide “prior express consent” within the meaning of the Telephone Consumer Protection Act(47 USC § 227), and its implementing regulations adopted by the Federal Communications Commission(47 CFR § 64.1200), as amended from time-to-time (“TCPA”), you consent to receive telephone calls(including SMS text messages) from Company, delivered via automated technology, to the telephone number(s) that you provided. Please note that you are not required to provide consent under the TCPA in order to obtain access to the Site Offerings, and your consent simply allows Company to contact you via these means. Please be advised that by agreeing to this Privacy Policy, you are obligated to immediately inform us if and when the telephone number that you have previously provided to us changes. Without limiting the foregoing, if you: (a) have your telephone number reassigned to another person or entity; (b) give up your telephone number so that it is no longer used by you;(c) port your telephone number to a landline or vice versa; or (d) otherwise stop using that telephone number for any reason (collectively “Phone Number Change”), you agree that you shall promptly notify Company of the Phone Number Change via e-mail at: support@xsweet.io, or by using one of the methods set forth in the “Contact Us” section below.

We reserve the right to release current or past personal information: (i) in the event that we believe that the Site Offerings are being or have been used to commit unlawful acts; (ii) if the information is subpoenaed or requested pursuant to any court order or legal proceeding; provided, however, that, where permitted by applicable law, we shall provide you with e-mail notice, and opportunity to challenge the subpoena/court order, prior to disclosure of any personal information pursuant to a subpoena; (iii) if we are sold, merge with a third-party or are acquired by a third-party (collectively, “M&A Transactions”)(including where we share your personal information, including Sensitive Information, in connection with the due diligence process associated with a potential M&A Transaction); or (iv) if we are the subject of bankruptcy proceedings; provided, however, that if Company is involved in a bankruptcy proceeding orM&A Transaction, you will be notified via email and/or a prominent notice on the Site of any change in ownership or uses of your personal information, as well as any choices that you may have regarding your personal information.

You hereby consent to the disclosure of any record or communication to any third-party when we, in our sole discretion, determine the disclosure to be required by applicable law, including sharing your e-mail address with third-parties for suppression purposes in compliance with the CAN-SPAM Act of 2003, as amended from time to time, and other e-mail marketing laws. Users should also be aware that courts of equity, such as U.S. Bankruptcy Courts, might have the authority under certain circumstances to permit personal information to be shared or transferred to third-parties without permission.

Non-Personal Information Collection and Use

Please see our Privacy Provisions for Covered Users for more details regarding the categories and types of non-personal information collected.

IP Addresses/Browser Type: We may collect certain non-personally identifiable information about you and your desktop computer and/or mobile device when you visit many of the pages of the Site. This non-personally identifiable information includes, without limitation, the type of browser that you use (e.g., Safari, Chrome, Internet Explorer), your IP address, the type of operating system that you use (e.g., Windows or iOS) and the domain name of your Internet service provider (e.g., Verizon, AT&T). We use the non-personally identifiable information that we collect to improve the design and content of the Site Offerings and to enable us to personalize your Internet experience. We also may use this information in the aggregate to analyze usage of the Site Offerings.

Mobile Device, Geolocation and App Usage Information

We may collect certain non-personally identifiable information about you and your Mobile Device when you access the App and/or visit certain App pages. This non-personally identifiable information includes, without limitation, the following information pertaining to your Mobile Device and your use of the App: (a) Mobile Device platform type; (b) Mobile Device identifier; (c) SDK version; (d) API key (identifier for the App); (e) App version; (f) the model type, manufacture and Android version of the Mobile Device; (g) your App session start/stop time and date; and (h) the actions taken while utilizing the App. We use the non-personally identifiable information identified in this paragraph to improve the design and content of the XSweet™ Offerings and to enable us to personalize your App experience. We also may use this information in the aggregate to analyze XSweet™ Offerings usage, alter existing XSweet™ Offerings and/or develop new or different XSweet™ Offerings. You understand and agree that we may send push notifications about the XSweet™ Offerings to you by and through your Mobile Device.

Cookies: When a User visits the Site, we send one (1) or more cookies and/or gif files (collectively, “Cookies”) to assign an anonymous, unique identifier to the applicable User’s computer. A Cookie is a piece of data stored on your hard drive containing non-personally identifiable information about you. Cookies have many benefits to enhance your experience at the Site. To find out more about Cookies, please visit www.cookiecentral.com. We use Cookies to improve the quality of the Site Offerings, including for storing User preferences and tracking Site-User trends (such as pages opened and length of stay at the Site).

Most Internet browsers are initially set up to accept Cookies, but you can reset your browser to refuse all Cookies or to indicate when a Cookie is being sent. To disable and reject certain Cookies, follow the instructions associated with your Internet browser. Even in the case where a User rejects a Cookie, she or he may still use the Site Offerings; provided, however, that certain Site Offerings-related functions may be impaired or rendered inoperable if the use of Cookies is disabled. We reserve the right to retain Cookie data indefinitely.

Behavioral Tracking: We may place cookies on your device in order to identify you in our system, and we may use this information to help us send targeted marketing communications to our Users. From time to time we may also display advertising on our Site, and in that capacity use cookies to provide display advertising targeted to your interests. You may opt out of our display advertising partner(s)and their partners’ targeted advertising using the following links: http://www.aboutads.info/choices/ and http://www.networkadvertising.org/choices.

Company also uses web analytics services provider Google® Analytics. Google® Analytics is a web analytics service provided by Google Inc. (“Google®“). Google® Analytics uses cookies and similar technologies to analyze how Users use the Site. The information generated about Site usage (including your shortened IP address) is transmitted to Google® in the U.S. This information is used to evaluate visitors’ use of the Site, compile statistical reports on Site activity, and provide other services related to the Site Offerings. Google® may also collect information about Site visitors’ use of other websites. For more information about Google® Analytics, or to opt out of Google® Analytics, please go to: https://tools.google.com/dlpage/gaoptout/

Cross Device Tracking: Company may track Users’ use of the Site Offerings across multiple devices, including personal computers and mobile devices.

Aggregate Data: Company reserves the right to transfer and/or sell aggregate or group data about Users of the Site Offerings for lawful purposes. Aggregate or group data is data that describes the demographics, usage and other characteristics of Users as a group, without disclosing personally identifiable information.

Interactive Services and Social Media Websites

If you engage in any interaction with PC, other Users or any third-party via the Interactive Services and/or by and through any Social Media Pages, you should be aware that: (a) the personal information that you submit by and through such Interactive Services and/or Social Media Pages can be read, collected and/or used by other users of these websites/services (depending on your privacy settings associated with your accounts with the applicable Social Media Websites), and could be used to send you unsolicited messages or otherwise to contact you without your consent or desire; (b) your IP address may be read, collected and/or used by other users of these websites/services; and (c) where PC responds to any interaction on such Social Media Pages, your account name/handle may be viewable by any and all members/users of PC’s social media accounts. We are not responsible for the personal information that you choose to submit via Interactive Services and/or any Social Media Websites.

Your interactions with the Social Media Pages are governed by the privacy policies of the applicable Social Media Websites. We encourage you to review the privacy policies and settings of the Social Media Pages with which you interact to help you understand those Social Media Websites’ respective privacy practices. If you have questions about the security and privacy settings of any Social Media Pages that you use, please refer to the applicable Social Media Website’s privacy notices or policies.

Third-Party Websites

This Site may contain links to third-party owned and/or operated websites including, without limitation, the Social Media Websites. Company is not responsible for the privacy practices or the content of such websites. In some cases, you may be able to make a purchase through one of these third-party websites. In these instances, you may be required to provide certain information, such as a credit card number, to register or complete a transaction at such website. These third-party websites have separate privacy and data collection practices and Company has no responsibility or liability relating to them.

Security of Your Personal Information

We endeavor to safeguard and protect our Users’ personal information. When Users make personal information available to us, their personal information is protected both online and offline (to the extent that we maintain any personal information offline). Where our registration/application process prompts Users to enter sensitive data (such as medical information, driver’s license/ID card number, health insurance information, data collected from an automated license plate recognition system, Social Security Number and credit card information) and when we store and transmit such sensitive data, that personal information is encrypted with advanced TLS (Transport Layer Security).

Access to your personal information is strictly limited, and we take reasonable measures to ensure that your personal information is not accessible to the public. All of our Users’ personal information is restricted in our offices, as well as the offices of our third-party service providers. Only employees or third-party agents who need User personal information to perform a specific job are granted access to User personal information. Our employees are dedicated to ensuring the security and privacy of all User personal information. Employees not adhering to our firm policies are subject to disciplinary action. The servers that we store User personal information on are kept in a secure physical environment. We also have security measures in place to protect the loss, misuse and alteration of personal information under our control.

Please be advised, however, that while we take every reasonable precaution available to protect your data, no storage facility, technology, software, security protocols or data transmission over the Internet or via wireless networks can be guaranteed to be 100% secure. Computer hackers that circumvent our security measures may gain access to certain portions of your personal information, and technological bugs, errors and glitches may cause inadvertent disclosures of your personal information; provided, however, that any attempt to breach the security of the network, our servers, databases or other hardware or software may constitute a crime punishable by law. For the reasons mentioned above, we cannot warrant that your personal information will be absolutely secure. Any transmission of data at or through the Site, other Site Offerings or otherwise via the Internet or wireless networks, is done at your own risk.

In compliance with applicable federal and state laws, we shall notify you and any applicable regulatory agencies in the event that we learn of an information security breach with respect to your personal information. You will be notified via e-mail in the event of such a breach. Please be advised that notice may be delayed in order to address the needs of law enforcement, determine the scope of network damage, and to engage in remedial measures.

Minors

Please see our Privacy Provisions for Covered Users for more details regarding the personal information of minors.

Visitors under eighteen (18) years of age are not permitted to use and/or submit their personal information at the Site. Company does not knowingly solicit or collect information from visitors under eighteen (18) years of age. Company encourages parents and guardians to spend time online with their children and to participate and monitor the interactive activities of their children.

Opt-Out/Unsubscribe

Please see our Privacy Provisions for Covered Users for instructions on how Covered Users can opt-out of the sale of their personal information to third parties.

To opt-out of receiving e-mail and other forms of communications from us, you can: (a) follow the instructions included in the applicable e-mail message or other communication; or (b) e-mail us at: support@xsweet.io.

Notwithstanding the foregoing, we may continue to contact you for the purpose of communicating information relating to your request for Site Offerings, as well as to respond to any inquiry or request made by you. To opt-out of receiving Site Offerings-related and/or inquiry response-related messages from Company, you must cease requesting and/or utilizing the Site Offerings and/or cease submitting inquiries to Company, as applicable.

Individual Rights: Deleting, Modifying and Updating Your Personal Information

Please see our Privacy Provisions for Covered Users for instructions on how Covered Users can access and/or delete personal information that we have collected.

At your request, we will: (a) inform you of what personal information we have on file for you, in a machine-readable format; (b) amend the personal information that we have on file for you; and/or (c) completely remove personal information that you have provided to us, or that we have collected, from our servers/databases. You may make such a request by e-mailing us at: support@xsweet.io. We ask individual Users to identify themselves and the information requested to be accessed, corrected or removed before processing such requests.

Please be advised that deleting your personal information may terminate your access to certain of the Site Offerings. If you wish to continue using the full complement of Site Offerings, you may not be able to delete all of the personal information that we have on file for you.

Transfer of Personal Information Internationally

If you are visiting the Site from a country other than the country in which our servers are located, your communications with us may result in the transfer of personal information across international boundaries. By visiting the Site and/or otherwise communicating electronically with us, you consent to such transfers. Even if your jurisdiction does not have the same privacy laws as the jurisdiction where our servers are located, we will treat your information as subject to the protections described in this Privacy Policy.

Changes to this Privacy Policy

Company reserves the right to change or update this Privacy Policy at any time by posting a notice on the Site that we are changing our Privacy Policy. If the manner in which we use personal information changes, Company will notify Users by: (a) sending the modified policy to our Users via email; and/or (b) by any other reasonable means acceptable under applicable state and federal law. You will have a choice as to whether or not we use your information in this different manner and we will only use your information in this different manner where you affirmatively consent to such use.

Contact Us

If you have any questions about this Privacy Policy or our privacy practices in general, you may email us at: support@xsweet.io or send us U.S. Mail to: 3019 Ocean Park Blvd, Suite 214, Santa Monica, CA 90405.

Privacy Provisions for Covered Users

These Privacy Provisions for Covered Users (“Provisions”) supplement, and do not limit in any way, the Privacy Policy set forth above. These Provisions apply solely to the Covered Users, who are residents of the States of California, Colorado, Connecticut, Montana, Oregon, Texas, Virginia and Utah, as well as businesses organized under the laws of the State of California. We adopt these Provisions in compliance with the CCPA, CPRA, CPA, CDPA, MDPA, OCPA, TDPSA, VCDPA and UCPA (collectively, “Applicable State Laws”). Any terms defined in Applicable State Laws have the same meaning when used in these Provisions. Users with disabilities who wish to access these Provisions in an alternative format can contact us by emailing us at: support@xsweet.io or sending us U.S. Mail to: 3019 Ocean Park Blvd, Suite 214, Santa Monica, CA 90405.

Categories of Information We Collect

We collect (or our third party services providers such as Ondato and GC Brush collect) information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular Covered User or device (“personal information”). In particular, we have collected the following categories of personal information about Covered Users within the last twelve (12) months:

Examples
Collected
Category
A. Identifiers.
A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, telephone number or other similar identifiers.
YES
B.Personal information categories listed in Applicable State Laws.
A name, signature, Social Security number, physical characteristics or description, postal address, telephone number, passport number, driver's license or State identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information or health insurance information. Some personal information included in this category may overlap with other categories.
YES
C.Protected classification characteristics under Applicable State Laws or federal law.
Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status or genetic information (including familial genetic information).
YES
D.Commercial information.
Records of personal property, products or services purchased, obtained, or considered or other purchasing or consuming histories or tendencies.
NO
E.Biometric information.
Biometric information. Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health or exercise data.
NO
F. Internet or other similar network activity.
Internet or other similar network activity. Browsing history, search history, information on a User's interaction with a website, application or advertisement.
YES
G. Geolocation data.
Physical location or movements.
NO
I. Professional or employment-related information. Current or past job history or performance evaluations.
Current or past job history or performance evaluations.
NO
J.Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C.Section 1232g,   34C.F.R. Part 99)).
Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information or student disciplinary records.
NO
K. Inferences drawn from other personal information.
Inferences drawn from other personal information. Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities and aptitudes.
NO
L. Sensitive Personal Information.
A Social   Security   number,   driver’s   license   number,   state identification card number, or passport number. Account log-in information, financial account, or debit or credit card number used in combination with any required security code, access code, password, or log-in credentials necessary to access an account. Precise geolocation, racial or ethnic origin, religious   or philosophical beliefs, or union membership. The contents of a consumer’s U.S. mail, electronic mail, or text messages unless the business is the intended recipient, and a consumer’s genetic data.
YES
Examples
Collected
Category
A. Identifiers.
B. Personal information categories listed in Applicable State Laws.
C. Protected classification characteristics under Applicable State Laws or federal law.
D. Commercial information.
E. Biometric information.
F. Internet or other similar network activity.
G. Geolocation data.
I. Professional or employment-related information. Current or past job history or performance evaluations.
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C.Section 1232g, 34C.F.R. Part 99)).
K. Inferences drawn from other personal information.
L. Sensitive Personal Information.
A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, telephone number or other similar identifiers.
A name, signature, Social Security number, physical characteristics or description, postal address, telephone number, passport number, driver's license or State identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information or health insurance information. Some personal information included in this category may overlap with other categories.
Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status or genetic information (including familial genetic information).
Records of personal property, products or services purchased, obtained, or considered or other purchasing or consuming histories or tendencies.
Biometric information. Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health or exercise data.
Internet or other similar network activity. Browsing history, search history, information on a User's interaction with a website, application or advertisement.
Physical location or movements.
Current or past job history or performance evaluations.
Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information or student disciplinary records.
Inferences drawn from other personal information. Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities and aptitudes.
A Social   Security   number,   driver’s   license   number,   state identification card number, or passport number. Account log-in information, financial account, or debit or credit card number used in combination with any required security code, access code, password, or log-in credentials necessary to access an account. Precise geolocation, racial or ethnic origin, religious   or philosophical beliefs, or union membership. The contents of a consumer’s U.S. mail, electronic mail, or text messages unless the business is the intended recipient, and a consumer’s genetic data.
YES
YES
YES
NO
NO
YES
NO
NO
NO
NO
YES

A Social   Security   number,   driver’s   license   number,   state identification card number, or passport number. Account log-in information, financial account, or debit or credit card number used in combination with any required security code, access code, password, or log-in credentials necessary to access an account.

Precise geolocation, racial or ethnic origin, religious or philosophical beliefs, or union membership. The contents of a consumer’s U.S. mail, electronic mail, or text messages unless the business is the intended recipient, and a consumer’s genetic data.

Personal information does not include:

  • Publicly available information from government records.
  • Publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (20 U.S.C. section 1232g, 34 C.F.R Part 99) (FERPA).
  • De-identified or aggregated User information.
  • Information excluded from the scope of Applicable State Laws, such as:some text
    • health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data; and
    • personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.

We obtain (or our third party services providers such as Ondato and GC Brush obtain) the categories of personal information listed above from the following categories of sources: (with the specific categories of personal information indicated in parenthesis):

  • Directly from our Covered Users. For example, from online registration forms that our Covered Users submit to us in connection with the products and/or services that we offer by and through the Site and App. (Categories A, B, C, F and L)
  • Directly and indirectly from activity on the Site/App. This includes the type of browser that you use (e.g., Safari, Chrome, Internet Explorer), your IP address, the type of operating system that you use (e.g., Windows or iOS), the domain name of your Internet Service Provider, the Mobile Device identifier, the SDK version and the type of operating system your Mobile Device is using. In addition, we obtain certain Site/App usage details and analytics as the same are collected automatically by us and our third party partners. (Category F)
  • From third-parties that interact with us in connection with the products and/or services that we offer to our Covered Users. For example, third party entities that assist us in sending direct and electronic mail, removing duplicate information from Covered User lists, analyzing data and providing marketing analysis. (Categories A, B, C, F and L)


Retention of Personal Information and Sensitive Personal Information

We retain all categories of your personal information (including the information set forth in the “Personal Information Collected” section above) that we collect for the maximum period permitted by applicable law.

We may also use certain criteria to determine whether and when to delete certain categories of collected personal and sensitive personal information including:

  • Date of collection.
  • Frequency of consumer interaction with us.
  • Last interaction the consumer had with us.
  • Whether the purpose of collection has been completed.

Use of Personal Information

We may use or disclose the personal information that we collect for one or more of the following business purposes (with the specific categories of personal information indicated in parenthesis:


  • To provide you with offers for products or services that we think may be of interest to you. (Categories A, B, C and F)
  • To provide your information to third parties that provide you with e-mail, direct mail and telemarketing messages concerning certain third-party products and/or services that they believe may be of interest to you. (Categories A, B, C and F)
  • For customer service purposes and to respond to inquiries from you. (Categories A, B and C)
  • To carry out operations associated with, or your employment and/or job application submitted to, us. (Categories A, B, C and L)
  • For testing, research, analysis and product development. (Categories A, B, C and F)
  • As necessary or appropriate to protect our rights, property or safety, and that of our clients or others. (Categories A, B, C, F and L)
  • To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations. (Categories A, B, C, F and L)
  • As described to you when collecting your personal information or as otherwise set forth in Applicable State Laws. (Categories A, B, C, F and L)
  • To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which personal information held by us is among the assets transferred. (Categories A, B, C, F and L)

We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated or incompatible purposes without providing you with notice.

Sharing Personal Information

Subject to your right to opt-out of such sharing/sale, we may share, rent and/or sell your personal information: (a) with/to third parties for marketing purposes; and (b) for the other business purposes set forth above.

When we disclose personal information to a third party service provider or contractor, we enter into a contractual relationship that describes the purpose for which such third party may use the personal information and requires that third party to both keep the personal information confidential and not use it for any purpose other than the performance of its services under the applicable contract. Please note, we do not collect information about Covered Users that we actually know are less than eighteen (18) years of age and we do not share or sell the personal information of Covered Users that we actually know are less than eighteen (18) years of age. Without limiting the foregoing, we have not shared or sold the personal

information of Covered Users that we actually know are less than sixteen (16) years of age in the preceding twelve (12) months.

In the preceding twelve (12) months, we have disclosed the following categories of personal information for a business purpose:

Category A. Identifiers.

Category B. Personal information categories listed in Applicable State Laws.

Category C. Protected classification characteristics under Applicable State Laws or federal law. Category F. Internet or other similar network activities.

We disclose your personal information for a business purpose to the following categories of third parties (with the specific categories of personal information indicated in parenthesis):

  • Our affiliates. (Categories A, B, C and F)
  • Service providers. (Categories A, B, C and F)
  • Only where you expressly opt-in to such use, third parties who purchase and/or license your personal information for marketing purposes, including: (a) providers of direct marketing services and applications, including lookup and reference, data enhancement, suppression and validation;

(b) e-mail marketers; (c) telemarketers (where permitted by applicable law); and (d) direct marketers. If a third party purchaser of your personal information wants to resell it, that purchaser is required by law to obtain your consent to do so. (Categories A, B, C and F)

  • Third parties to whom you authorize us to disclose your personal information in connection with the products and/or services that we provide to you. (Categories A, B, C and F)

In the preceding twelve (12) months, we have sold the following categories of personal information to third parties:

Category A. Identifiers.

Category B. Personal information categories listed in Applicable State Laws.

Category C. Protected classification characteristics under Applicable State Laws or federal law. Category F. Internet or other similar network activities.

In the preceding twelve (12) months, we have sold the above referenced categories of personal information (including: (a) full name; (b) mailing address; (c) e-mail address; (d) telephone number; (e) date of birth; and (f) gender) to the third parties who purchase and/or license your personal information for marketing purposes.

Your Rights and Choices

Applicable State Laws provide Covered Users (residents of California, Colorado, Connecticut, Montana, Oregon, Texas, Utah and Virginia) with specific rights regarding their personal information. This section describes your rights under Applicable State Laws and explains how to exercise those rights.

Opt-Out from the Sale of Your Personal Information

You have the right to opt-out of our sale of your personal information to third parties. To exercise your right to opt-out of our sale of your personal information to third parties, please submit a verifiable Covered User request to us by either:

  • Emailing us at: support@xsweet.io
  • Sending us U.S. Mail to: 3019 Ocean Park Blvd, Suite 214, Santa Monica, CA 90405.

We endeavor to act on all opt-out requests as soon as practicable, but in all cases within fifteen (15) days of the receipt of your request.

Opt-Out from the Sharing of Your Personal Information

You have the right to opt-out of our sharing your personal information with third parties. To exercise your right to opt-out of our sharing your personal information with third parties, please submit a verifiable Covered User request to us by either:

  • Emailing us at: support@xsweet.io
  • Sending us U.S. Mail to: 3019 Ocean Park Blvd, Suite 214, Santa Monica, CA 90405.

We endeavor to act on all opt-out requests as soon as practicable, but in all cases within fifteen (15) business days of the receipt of your request. Subject to the aforementioned fifteen (15) business day period, where we receive and confirm your verifiable opt-out request, we will cease sharing your Personal Information with third parties.

Opt-Out from the Use and/or Sharing of Your Sensitive Personal Information

You have the right to limit our use of your sensitive personal information, including any sensitive information from Category B (Personal information categories established by Applicable State Laws), Category C (Protected classification characteristics under Applicable State Laws) and Category L (Sensitive Personal Information) to those uses which: (i) are necessary to perform the services or provide the goods requested by you; (ii) help us to ensure security and integrity of your personal information to the extent the use of your sensitive personal information is reasonably necessary and proportionate for these purposes; (iii) are short-term, transient uses including, but not limited to, non-personalized advertising shown as part of your then-current interaction with the Site, provided that your personal information is not disclosed to another third party and is not used to build a profile about you or otherwise alter your experience outside the then-current interaction with the Site; (iv) involve performing services on behalf of Company, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing storage, or providing similar services on behalf of Company; and (v) include activities to verify or maintain the quality or safety of a service or device that is owned by, manufactured by, manufactured for, or controlled by, Company, and to improve, upgrade, or enhance the service or device that is owned by, manufactured by, manufactured for, or controlled by, Company.

You also have the right to opt-out of our sharing your sensitive personal information with third parties, including any sensitive information from Category B (Personal information categories established by Applicable State Laws), Category C (Protected classification characteristics under Applicable State Laws) and Category L (Sensitive Personal Information).

To exercise your right to limit our use of your sensitive personal information and/or opt-out of our sharing your sensitive personal information with third parties, please submit a verifiable Covered User request to us by either:

  • Emailing us at: support@xsweet.io
  • Sending us U.S. Mail to: 3019 Ocean Park Blvd, Suite 214, Santa Monica, CA 90405.

We endeavor to act on all such requests as soon as practicable, but in all cases within fifteen (15) business days of the receipt of your request. Subject to the aforementioned fifteen (15) business day period, where we receive and confirm your verifiable opt-out request, we will cease using your Sensitive Personal Information/sharing your Sensitive Personal Information with third parties (and direct our service providers and contractors to do the same).

Access to Specific Information and Data Portability Rights

You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past twelve (12) months. Once we receive and confirm your verifiable Covered User access/portability request, we will disclose to you:

  • The categories of personal information we collected about you.
  • The categories of sources for the personal information we collected about you.
  • Our business or commercial purpose for collecting or selling that personal information.
  • The categories of third parties with whom we have shared that personal information.
  • The specific pieces of personal information we collected about you (also called a data portability request).
  • If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:some text
    • sales, identifying the personal information categories that each category of recipient purchased; and
    • disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.

Deletion Request Rights

You have the right to request that we delete any of your personal information that we collected about you and retained, subject to certain exceptions. Subject to the time period allotted to comply with such requests, where we receive and confirm your verifiable Covered User deletion request, we will delete (and direct our service providers, contractors and third parties to whom we sold/shared your personal information, to delete) your personal information from our (their) records, unless an exception applies; provided, however, that in some cases, strictly for regulatory compliance purposes and to better evidence/honor opt-out/unsubscribe requests (and for no other purposes), we may retain certain items of your personal information on a de-identified and aggregated basis in such a manner that the data no longer identifies you.

We may deny your deletion request if retaining the information is necessary for us or our service providers, contractors and/or third parties to whom we sold/shared your personal information, to:

  1. Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our obligations in connection with our contract with you.
  2. Detect security incidents, protect against malicious, deceptive, fraudulent or illegal activity, or prosecute those responsible for such activities.
  3. Debug products to identify and repair errors that impair existing intended functionality.
  4. Exercise free speech rights, ensure the right of another Covered User to exercise their free speech rights or exercise another right provided for by law.
  5. Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.).
  6. Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
  7. Enable solely internal uses that are reasonably aligned with Covered User expectations based on your relationship with us.
  8. Comply with a legal obligation.
  9. Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

Right to Request Correction of Inaccurate Personal or Sensitive Personal Information

You have the right to request correction of inaccurate personal and/or sensitive personal information that we collect. Upon receiving a verifiable consumer request for correction, we will make commercially reasonable efforts to correct information identified as inaccurate. Where we correct inaccurate personal and/or sensitive personal information, we shall instruct all service providers and/or contractors that maintain such personal and/or sensitive personal information in the course of providing services to us to make the necessary corrections in their respective systems.

Exercising Access, Data Portability, Right to Correct and Deletion Rights

To exercise your access, data portability and/or deletion rights described above, please submit a verifiable User request to us by either:

  • Emailing us at: support@xsweet.io; or
  • Sending us U.S. Mail to: 3019 Ocean Park Blvd, Suite 214, Santa Monica, CA 90405.

The verifiable Covered User request must:

  • Provide sufficient information that allows us to reasonably verify that you are: (1) the person about whom we obtained personal information; or (2) an authorized representative.
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm that the personal information relates to you. Making a verifiable Covered User request does not require you to create an account with us. We will only use personal information provided in a verifiable Covered User request to verify the requestor’s identity or authority to make the request.

Response Timing and Format

We endeavor to respond to all verifiable Covered User requests to exercise access, data portability, right to correct and deletion rights within forty-five (45) days of the receipt thereof. If we require more time (up to ninety (90) days), we will inform you of the reason and extension period in writing. We will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the twelve (12) month period preceding the receipt of your verifiable request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily usable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable Covered User request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Opt-Out Preference Signal Processing

Opt-Out is the default, Users will have to opt-in

Right to Opt-Out of Profiling

You have the right to opt-out from any Profiling that may be conducted by Company. For purposes of these Provisions, "Profiling" means any form of automated processing performed on your personal data to evaluate, analyze or predict personal aspects related to you or your economic situation, health, personal preferences, interests, reliability, behavior, location or movements. You have the right to opt-out of our Profiling you. To exercise your right to opt-out of our Profiling you, please submit a verifiable Covered User request to us by either:

  • Emailing us at: support@xsweet.io
  • Sending us U.S. Mail to: 3019 Ocean Park Blvd, Suite 214, Santa Monica, CA 90405.

We endeavor to act on all Profiling opt-out requests as soon as practicable, but in all cases within forty-five (45) days of the receipt of your request.

Right to Opt-Out of Targeted Advertising

You have the right to opt-out from Targeted Advertising conducted by Company. For purposes of these Provisions, "Targeted Advertising” means displaying advertisements to you where the advertisements are selected based on personal data obtained from your activities over time and across nonaffiliated websites or online applications to predict your preferences or interests. You have the right to opt-out from Targeted Advertising. To exercise your right to opt-out of our Targeted Advertising, please submit a verifiable Covered User request to us by either:

  • Emailing us at: support@xsweet.io
  • Sending us U.S. Mail to: 3019 Ocean Park Blvd, Suite 214, Santa Monica, CA 90405.

We endeavor to act on all Targeted Advertising opt-out requests as soon as practicable, but in all cases within forty-five (45) days of the receipt of your request.

Authorized Agents

Covered Users may permit an Authorized Agent to exercise any rights granted under Applicable State Laws as set forth above. In order to utilize an Authorized Agent, you must provide the Authorized Agent with written permission from you to act on your behalf for these purposes. When you use an Authorized Agent to submit a request to delete, request to correct or a request to know, we may require the Authorized Agent to provide proof that you gave the agent signed permission to submit the subject request. We may also require you to do either of the following: (a) verify your own identity directly with us; or (b) directly confirm with us that you provided the Authorized Agent permission to submit the request.

For California residents, only you or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable Covered User request related to your personal information.

Non-Discrimination

We will not discriminate against you for exercising any of your rights under Applicable State Laws. Unless permitted by Applicable State Laws, we will not:

  • Deny you goods or services;
  • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties;
  • Provide you a different level or quality of goods or services;
  • Retaliate against any employee, job applicant or independent contractor; and/or
  • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

Changes to this Privacy Notice

We reserve the right to amend this Privacy Notice in our discretion and at any time. When we make changes to this Privacy Notice, we will notify you by email or through a notice on the Site’s homepage.

Contact Information

If you have any questions or comments about this Privacy Notice, our Privacy Policy, the ways in which we collect and use your personal information, your choices and rights regarding such use, or wish to exercise your rights under Applicable State Laws, please do not hesitate to contact us by either:

  • Emailing us at: support@xsweet.io
  • Sending us U.S. Mail to: 3019 Ocean Park Blvd, Suite 214, Santa Monica, CA 90405.