Coupon
Redeem

Flexibits Privacy Policy

Last Updated: 2023-12-18

Flexibits, Inc. (“we,” “us,” “our”) works hard to build and maintain a relationship of trust with you. This Privacy Policy (the “Privacy Policy”) governs our collection, use, and disclosure of your Personal Information (as defined below) in connection with your use of our website(s) on which this Privacy Policy is linked (the “Sites”), such as www.flexibits.com and any services, transactions, or other engagements you might have with us including your use of our applications (collectively, “Services”).

This Privacy Policy explains what information we collect about you, how we use or disclose such information, how to exercise any rights you may have with respect to your Personal Information (including any rights to opt-out of certain uses of your information), and the safeguards we have in place to reduce the risk of unauthorized access and use. This Privacy Policy does not apply to the Personal Information (defined below) of our employees, independent contractors, and job applicants.

Please carefully read this Privacy Policy, which is part of our Terms of Service, before using our Sites and/or Services. If you do not agree with our Terms of Use or this Privacy Policy, you must refrain from using our Sites/Services. By accessing or using our Sites or Services, you agree to our use of your information consistent with our Terms of Use and this Privacy Policy.

ABOUT THIS PRIVACY POLICY

Privacy Policy Changes

This Privacy Policy is subject to change. We encourage you to review this Privacy Policy frequently for any revisions or amendments. Changes to this Privacy Policy will be posted on the Sites and will be effective immediately upon posting. You will be deemed to have been made aware of and have accepted the changes by your continued use of our Sites or Services. If we determine that a change to this Privacy Policy will result in using your Personal Information acquired before the change being used in a materially new way, we will provide you notice before using your Personal Information in the new way such as by sending you an email, posting a notice on our Sites, or sending a notice through our applications.

Conflict Between this Policy and Laws and Regulations

When federal, state, or local laws and regulations require a higher level of protection for your Personal Information, they take precedence over this Privacy Policy. The specific requirements of this Privacy Policy apply unless disallowed by applicable laws or regulations.

INFORMATION WE COLLECT

Personal Information

We collect information that personally identifies, relates to, describes, or is capable of being associated with you (“Personal Information”), including:

  • Identifiers such as name, email address, IP address, billing address, phone number, device ID;
  • Commercial Information such as transaction history, payment method information, content of correspondence with us such as emails, chats, or text messages, crash reports, usage analytics, customer satisfaction surveys;
  • User-Created Data such as events, tasks, meeting proposals, reminders, contacts, calendar names, meeting templates, notes; and
  • Geolocation Information (approximate).

The specific Personal Information we collect about you may vary based on how you use the Sites and/or Services and your relationship with us such as if you are a user of our products or if you are a contact person for a company with which we do business.

User-Created Data

When using our Services, you may create data such as calendars, events, tasks, and more that we refer to in this Privacy Policy as “User-Created Data”. We believe that User-Created Data should be kept on-device and not sent to us to the greatest extent possible; however, there will be times when User-Created Data will need to be sent to us in connection with providing the Services to you. We also believe that it is important for our users to understand how their User-Created Data is handled. Accordingly, we have created a Privacy at Flexibits FAQ which explains in more detail the instances when we need to receive and process User-Created Data off-device and steps we take to limit our ability to access User-Created Data as much as reasonably possible when it is stored on or transmitted through our servers.

Sites Activity

We may automatically collect information in connection with the actions you take on the Sites using a tool called Matomo. For example, each time you visit our website, we may automatically collect the type of web browser you use, the type of device you use, your operating system, your Internet Service Provider, the pages you view, referring and exit pages, the date and time of your visit, the number of clicks to, from, and within the Sites, and the duration of your visits to the Sites. This information is anonymized and therefore is not considered Personal Information as defined in this Privacy Policy.

Usage Analytics

Depending on which of our applications you use, we may collect analytics information about your use of our applications in order to understand how our applications are being used so we can improve them. This analytics data is transmitted to us approximately every 24-48 hours. This data may be anonymized and therefore, if anonymized, is not considered Personal Information as defined in this Privacy Policy. If you are using an application that collects analytics data, we will give you the option to disable analytics in your in-application account settings.

Communication Recordings

We may retain the content of text messages or other written/electronic communications between you and us. By communicating with us, you consent to our recording and retention of communications.

HOW WE COLLECT INFORMATION

Voluntary Disclosure

We may ask you to provide us with Personal Information when you communicate with us (online or offline), use the Sites, purchase Services, and at other times. You are not required to provide us your Personal Information; however, if you choose not to provide the requested information, you may not be able to use some or all of the features of the Sites or Services or we may not be able to fulfill your requested interaction.

Cookies

We use cookies in a few instances. First, we use a cookie to store a person’s signed-in status if they sign-in at hub.flexibits.com. Second, we may use a cookie in connection with our development work to allow us to understand impacts of potential changes to our Sites or Services. We do not store any Personal Information in this cookie. Lastly, If you visit our Site from a third-party partner website, we may ask to store a cookie on your device. This cookie allows us to provide affiliate revenue to our affiliate partners if you try to subscribe to Flexibits Premium. We do not store any Personal Information in this cookie. Besides the foregoing cookies, we do not use any other cookies, tracking pixels, clear gifs, or other tracking technologies in connection with our Sites or Services.

HOW WE USE AND DISCLOSE INFORMATION

Generally

We use Personal Information for general business purposes, such as:

Processing Purpose Categories of Personal Information Processed
Provide you with access to and use of our Sites and Services
  • All categories of personal information.
Process payments, returns, or exchanges
  • Identifiers.
  • Commercial Information.
Service your account and provide support for your use of the Sites and Services
  • All categories of personal information.
Conduct surveys or market research
  • All categories of personal information.
Design, develop, and improve our Sites and Services
  • Identifiers.
  • Commercial Information.
  • Geolocation Information.
Market our products to you
  • Identifiers.
  • Commercial Information.
Perform data analytics
  • Identifiers.
  • Commercial Information.
  • Geolocation Information.
Operate physical security, information security, anti-fraud, and loss prevention programs
  • All categories of personal information.
Respond to governmental and other legal requests
  • All categories of personal information.
Meet our legal obligations and obtain legal advice
  • All categories of personal information.
Perform day-to-day business operations such as accounting and internal reporting
  • All categories of personal information.

Anonymous Information

If we collect or process anonymized information from you or about your use of our Sites or Services, we commit that we will not attempt to re-identify the information to make it personally identifiable.

Service Providers

We may from time to time establish a relationship with other businesses to provide services to us which may include corporate affiliates (“Service Providers”), including for:

  • Provision of the Sites and Services;
  • Facilitating marketing and non-marketing communications;
  • Marketing design and development;
  • Business analytics (both marketing and non-marketing related);
  • IT and network administration and support such as application development and support, crash reporting, data storage and management, website hosting, and data security;
  • Promotional event design and administration;
  • Payment processing;
  • Professional services such as legal and accounting;
  • Obtaining legal records;
  • Collection of accounts; and
  • Day-to-day business operations such as courier services, facilities management, and document destruction.

We only provide our Service Providers with the Personal Information necessary for them to perform these services on our behalf. Each Service Provider is expected to use reasonable security measures appropriate to the nature of the information involved to protect your Personal Information from unauthorized access, use, or disclosure. Service Providers are prohibited from using Personal Information other than as specified by us.

You may also be asked to provide Personal Information directly to a Service Provider. For example, we may connect you with a payment processor and request that you provide Personal Information directly to them.

Additional information about certain Service Providers we use to whom we disclose your Personal Information can be found in our Privacy at Flexibits FAQ.

Third-Party Selling and Targeted Advertising

We do not sell your Personal Information to third parties under any circumstance. We also do not share your Personal Information with third parties for targeted advertising or cross-context behavioral advertising purposes.

Requested Disclosures

We may disclose your Personal Information to third parties upon your request or if you are using a function of our Services that requires such disclosure. For example, we may disclose certain Personal Information if you request that we share a calendar invitation to a third party, we may disclose your approximate geolocation with AccuWeather if your application provides the weather at your location but we will not do so in a way that identifies you, or we may permit you to integrate our Services with Apple Maps.

OTHER PRIVACY AND SECURITY PROVISIONS

Security

We recognize the importance of safeguarding the confidentiality of Personal Information from loss, misuse, or alteration. Accordingly, we employ commercially reasonable administrative, technical, and physical safeguards to protect such Personal Information from unauthorized access, disclosure, and use. Even with these safeguards, no data transmission over the Internet or other network can be guaranteed 100% secure. As a result, while we strive to protect information transmitted on or through our Sites or Services, you do so at your own risk.

Other Websites & App Stores

Please be aware that third-party websites or app stores accessible through the Sites or recommended through our Services may have their own privacy and data collection policies and practices. We are not responsible for any actions, content of websites, or privacy policies of such third parties. You should check the applicable privacy policies of those third parties when providing information.

Compliance with Laws and Law Enforcement

We cooperate with government and law enforcement officials and private parties to enforce and comply with the law. We may disclose Personal Information and any other information about you to government or law enforcement officials or private parties if, in our discretion, we believe it is necessary or appropriate to respond to legal requests (including court orders, investigative demands, and subpoenas), to protect the safety, property, or rights of ourselves, consumers, or any other third party, to prevent or stop any illegal, unethical, or legally actionable activity, or to comply with law. We have not made any such disclosures in the past twelve months.

Other Transfers

We may disclose Personal Information among businesses controlling, controlled by, or under common control with us. If we are merged, acquired, or sold, or in the event of a transfer of some or all of our assets, we may disclose or transfer Personal Information in connection with such transaction. We have not made any such disclosures in the past twelve months.

How Long We Retain Your Data

We retain your Personal Information in accordance with our record retention policies that factor in our business needs, providing reasonable support to you, and our legal, regulatory, tax, and/or accounting obligations. For example, certain Personal Information that we collect in connection with a support ticket, such as attachments to support tickets, are typically retained for no longer than six months. However, purchase and payment history may be retained for longer. If you have particular questions regarding our record retention policies, you may contact us.

Children’s Privacy

The Sites and Services are not intended for children under the age of 18 and we do not knowingly collect Personal Information from children under the age of 18. If we become aware that we have inadvertently received Personal Information from a child under the age of 18, we will delete such information from our records.

ADDITIONAL UNITED STATES PRIVACY RIGHTS

If you are a resident of California, Colorado, Connecticut, Utah, or Virginia you have additional rights to access and control your Personal Information. Exemptions may apply.

Right to Know

You have the right to request twice per 12-month period that we provide you (i) the categories or specific pieces of Personal Information we collected about you; (ii) the categories of sources from which your Personal Information was collected; (iii) the business or commercial purpose(s) for which we collected your Personal Information; (iv) the categories of Third Parties with whom we shared your Personal Information (if any); (v) the categories of Third Parties to whom we sold your Personal Information (if any); and (vi) our business or commercial purposes for selling/sharing Personal Information (if sold or shared). We are not permitted to provide access to specific pieces of Personal Information if the Personal Information is sensitive or creates a high risk of potential harm from disclosure to an unauthorized person such as payment method information. We will not provide specific pieces of Personal Information unless you expressly request them.

Right to Deletion

You have the right to request that we delete any Personal Information we have collected about you. Please understand that we are not required to honor a deletion request if a legal exemption applies such as if we need the information to complete a requested or reasonably anticipated transaction, help ensure security, enable internal uses that are reasonably aligned with your expectations, or comply with legal obligations.

Right to Correction

You may request that we correct information you believe to be inaccurate. When you make your request, please be sure to provide us the specific information that you believe is inaccurate and the correct information. You should also provide us with any documentation you believe supports your proposed correction, and we will take that documentation into consideration. We will only correct the information if we determine, based on the totality of the circumstances, that your correction is more likely than not accurate. We may also choose to delete the allegedly inaccurate information instead of correcting it.

Right to Appeal

You have the right to appeal our decision to deny, in full or in part, your exercise of privacy rights by submitting a request to appeal. If we deny your appeal, we will provide you with a written explanation of the reasons for our decision. If you are not satisfied with our explanation for the denial of your appeal, you may contact your state Attorney General to submit a complaint about the appeal results.

Submitting a Request

You may submit your request(s) by using our online privacy request form or by calling us at 1 (855) 207-7171.

After you submit your request, we may contact you to obtain additional information necessary to verify your identity. For example, we may require you to verify certain information in our files or submit a signed declaration under penalty of perjury verifying your identity. We will not process requests without verifying your identity, so please respond promptly. If you do not timely respond to our requests for information, we may deny your request.

We will process verified Right to Know, Deletion, and Correction requests within 45 days of receipt, subject to any applicable exemptions and extensions permitted by law up to 90 days. We will process verified Appeals within the timeframe prescribed by applicable state law, but generally within 45 days of receipt. If you request access to specific Personal Information and that information creates a high risk of potential harm from disclosure to an unauthorized person, we will withhold that information and replace it with a category identifier and/or redacted information. For example, if we withhold a payment card number, we will inform you that we have a payment card number on file and we may provide you with the card type and the last four digits of the card number. If you have an online account with us, we will provide the response to your request via the online account, otherwise, we will give you the option to choose between mail and electronic delivery. We will retain a copy of your request, including your deletion request, for at least two years as required by law.

Authorized Agent

If you are an authorized agent submitting a request on behalf of another person, you must provide a copy of a lawful power of attorney or a written signed authorization from the consumer along with proof of your identity. You may provide this documentation via email to [email protected] after submitting the request. We may contact you and the person on whose behalf you claim to act to verify your identity, the person’s identity, and your authorization to act on the person’s behalf.

Non-Discrimination Notice

We will not discriminate against any consumer for exercising their privacy rights under law or this Privacy Policy.

California “Do Not Track” Disclosure

Do Not Track is a web browser privacy preference that causes the web browser to broadcast a signal to websites requesting that a user’s activity not be tracked. If Do Not Track is enabled, we do not collect information about your use of our Sites.

ADDITIONAL INFORMATION FOR PERSONS LOCATED IN THE EUROPEAN ECONOMIC AREA, SWITZERLAND, OR THE UNITED KINGDOM

Flexibits informs you below in accordance with Art. 12, 13 GDPR about the processing of personal data by the Fantastical and Cardhop services as well as about your respective privacy rights.

You will find a list of personal data processed by Flexibits in the sections "What personal information do we collect?" and "What data is sent to Flexibits when using Fantastical Openings?". The purpose of processing is to provide the Flexibits services and all functions of our specific services. In addition, Flexibits may process your location to provide weather forecasts and location-specific information. Flexibits also collects data about your use of Flexibits services in order to continuously develop and improve its services.

The legal bases for data processing are:

  • Art. 6 para. 1 lit. b GDPR, where processing is required to make the provision of the services to you possible at all;
  • Art. 6 para. 1 lit. c GDPR, to the extent that Flexibits is legally obliged to retain certain data or provide it to authorities;
  • Art. 6 para. 1 lit. a GDPR, in cases where Flexibits asks you for your consent to certain data processing;
  • Art. 6 para. 1 lit. f GDPR, insofar as the processing of personal data is necessary for the legitimate interests of Flexibits and your rights and freedoms do not prevail.

When using Flexibits services, personal data is transferred to servers located in the USA. The legal basis for this transfer is the standard contractual clauses of the EU Commission agreed between you and Flexibits. Flexibits maintains comprehensive measures to protect your data.

Your data will be stored as long as you maintain your accounts. As soon as you delete data or your account, Flexibits will also delete your data from its servers. There may be short delays for technical reasons. We must retain certain data, such as invoices, for a longer period due to retention obligations under tax law.

Providing your data is neither legally nor contractually required. However, it is possible that Flexibits will not be able to provide you with its services or individual services if you do not provide certain data.

Automated decision-making, in particular profiling, does not take place.

Under the conditions of the statutory provisions of the General Data Protection Regulation, you have the following rights as a data subject:

  • Access pursuant to Art. 15 GDPR to the personal data stored about you in the form of meaningful information on the details of the processing and a copy of your data;
  • Rectification in accordance with Art. 16 GDPR of incorrect or incomplete data stored by Flexibits;
  • Erasure pursuant to Art. 17 GDPR of data stored by Flexibits, unless the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims;
  • Restriction of processing in accordance with Art. 18 GDPR if the accuracy of the data is disputed, the processing is unlawful, Flexibits no longer needs the data and you refuse to delete it because you need it to assert, exercise or defend legal claims or you have lodged an objection to the processing in accordance with Art. 21 GDPR.
  • Data portability pursuant to Art. 20 GDPR, insofar as you have provided Flexibits with personal data on the basis of consent pursuant to Art. 6 para. 1 lit. a GDPR or on the basis of a contract pursuant to Art. 6 para. 1 lit. b GDPR and these have been processed by Flexibits using automated procedures. You will receive your data in a structured, commonly used and machine-readable format or Flexibits will transmit the data directly to another controller if this is technically feasible.
  • Objection pursuant to Art. 21 GDPR to the processing of your personal data, insofar as this is carried out on the basis of Art. 6 para. 1 lit. e, f GDPR and there are reasons for this arising from your particular situation or the objection is directed against direct advertising. The right to object does not exist if overriding, compelling legitimate grounds for the processing can be demonstrated or the processing is carried out for the establishment, exercise or defense of legal claims. If the right to object does not exist for individual processing operations, this is indicated there.
  • Withdrawal of your consent in accordance with Art. 7 para. 3 GDPR with effect for the future.
  • Complaint pursuant to Art. 77 GDPR to a supervisory authority if you believe that the processing of your personal data violates the GDPR. As a rule, you can contact the supervisory authority of your usual place of residence, your place of work or the registered office of the EU representative of Flexibits.

Controller within the meaning of Art. 4 No. 7 GDPR is
Flexibits, Inc.
223 Wall Street #238
Huntington NY, NY 11743

You can reach our EU representative at the following contact details:
FX Data UG (haftungsbeschränkt)
Verhoevenstrasse 4
81739 Munich
Germany
[email protected]

CONTACT US

If you have any questions about our Sites, Services, or this Privacy Policy, please contact us using the methods available on our Contact page or by email at [email protected].