Last Updated: April 26, 2020
- Personal and other information we collect about you;
- How we use your information;
- How we may share your information with third parties; and
- Your choices regarding the personal information we collect about you.
2. Collection of Your Personal and Other Information
When you register for or use our Services, we collect Personal Information. By “Personal Information” we mean information that can identify or reasonably be linked to an individual, such as:
- Email addresses;
- Dates of birth
- Social Security numbers and other sensitive financial information such as bank account numbers; and
- Information contained in any image, photograph or profile you submit to us.
Certain aspects of the Services may also access certain features of your mobile device, including its camera and camera roll, and collect information from those features, such as photographs stored on your camera roll, or new photographs you take via the Services. You consent to this access.
You may choose not to provide Personal Information or prevent the Services from accessing certain features of your mobile device, (subject to the controls offered by your mobile device’s operating system), but this may prevent you from receiving certain features of the Services.
We also collect non-Personal Information relating to the Services, that is, information that does not personally identify an individual. The non-Personal Information we collect includes how you interact with the Services, information generally collected or “logged” by software when accessed or used by users, and information about your device.
Examples of the non-Personal Information we collect are:
- Information about your mobile device, such as its maker or operating system version;
- The features of the Services you use;
- What information and content you view or interact with using the Services; and
- Unique identifiers that are not connected and cannot reasonably be connected to your identity.
We will not use non-Personal Information to try to identify you, and if we associate any non-Personal Information with information that personally identifies you, then we will treat it as Personal Information. As discussed in more detail below, we sometimes use automatic information gathering technologies to gather non-Personal Information.
3. Use of Your Information
We may use the information we collect to:
- Assist us in providing, maintaining, and protecting the Services;
- Set up, maintain, and protect accounts to use the Services;
- Improve the operations of our Services;
- Process transactions;
- Provide customer service;
- Communicate with you;
- Perform research and analysis aimed at improving our products and services and developing new products or services;
- Manage and maintain the systems that provide the Services.
4. Disclosure of Your Information
We may disclose your Personal Information to third parties as described below.
We may disclose your Personal Information to provide the Services to you, or when you authorize or instruct us to do so, for example when you use the Services to submit content or profile information. We may also disclose your Personal Information and non-Personal Information to companies, agents, contractors, service providers, or others engaged to perform functions on our behalf. We may license third-party software to include in or use with the Services, in which case we may disclose Personal Information and/or Non-Personal Information to the licensor. For example, we use Q2/CorePro, Inc. to process ACH payments between your bank account and the bank account created in the NuMoola app, custodied with our banking partner.
We may also disclose your Personal Information to third parties when we believe, in good faith and in our sole discretion, that such disclosure is reasonably necessary to (a) enforce or apply the terms and conditions of the Services, including investigation of potential violations thereof, (b) comply with legal or regulatory requirements or an enforceable governmental request, (c) protect the rights, property or safety of us, our users or other third parties, (d) prevent a crime or protect national security, or (e) detect, prevent or otherwise address fraud, security or technical issues.
Finally, we reserve the right to transfer information (including your Personal Information) to a third party in the event of a sale, merger, or transfer of the assets of our company relating to the Services, if we enter into a joint venture with another business entity, or in the unlikely event of a bankruptcy, liquidation, or receivership of our business. We will use commercially reasonable efforts to notify you of such transfer, for example via email or by posting notice on our website.
Lastly, we may also disclose non-Personal Information, aggregated with information about our other users, to our clients, business partners, merchants, advertisers, investors, potential buyers, and other third parties if we deem such disclosure, in our sole discretion, to have sound business reasons or justifications.
5. Children Under the Age of 13
The Children’s Online Privacy Protection Act of 1998 and its rules (collectively, “COPPA”) require us to inform parents and legal guardians (as used in this Section 5, “parents”) about our practices for collecting, using, and disclosing personal information from children under the age of 13 (“children”). COPPA also requires us to obtain verifiable consent from a child’s parent for collection, use, and disclosure of certain personal information of a child. The Children’s Online Privacy Protection Act of 1998 and its rules (collectively, “COPPA”) require us to inform parents and legal guardians (as used in this Section 5, “parents”) about our practices for collecting, using, and disclosing personal information from children under the age of 13 (“children”). COPPA also requires us to obtain verifiable consent from a child’s parent for collection, use, and disclosure of certain personal information of a child.
This section notifies parents of:
- the types of information we may collect from children;
- how we use the information we collect;
- our practices for disclosing that information;
- our practices for notifying and obtaining parents’ consent before we collect personal information from children, including how a parent may revoke consent; and
- all operators that collect or maintain information from children through the Services.
Information We Collect from Children
A child can access many parts of the Services and its content and use many of its features without a parent providing us with the child’s personal information. However, some content and features are available only to registered users or require us to collect certain information, including personal information, from children.
We only collect as much information about a child as is reasonably necessary for the child to participate in an activity through the Services, and we do not condition his or her participation on the disclosure of more personal information than is reasonably necessary.
Although our Services’ registration and account setup is intended for parents, and it is the parents that typically register and setup accounts for themselves and their children through the Services, children can register with our sites and applications to view content, and use our services and features, among other things.
In order to register with the Services, you must provide us with the following information on behalf of your child: the child’s first name and a birth date (to validate the child’s age). We also require you to create a username and password for your child that he or she will use to access their account on the Services. We may request additional information from you about your child, but this information is optional. We specify whether information is required or optional when we request it, and we will not require you to provide more information on behalf of your child than is reasonably necessary in order to participate in an online activity.
We enable registered users approved by parents (such as a child’s grandparents) to communicate with the child through the Services through chore assignments and reviews, gift-related messages, and other personalized messages sent to the child by approved registered users. We do not monitor or review this content before it is sent to the child. Even though a parent must first approve which registered users are able to communicate with a child, we nevertheless encourage parents to educate their children about safe technology use and to monitor their children’s use of these social features. The nature of the messaging features on the Services does not allow children to disclose personal information about themselves.
Consistent with the requirements of COPPA, in any instance where we ask for age and determine the user is age 12 or under, we will ask for a parent to verify consent through a series of micro-deposits into a linked bank account. Upon creation an account within the app, we will initiate 2 micro-deposits into the parents’ bank account. Once those values are entered and verified in the app, this will serve as consent. If you believe your child is using the Services or participating in an activity that collects personal information and you or another parent/guardian have NOT received and verified these deposits in the app, please feel free to contact us at email@example.com. We will not use parent emails provided for parental consent purposes for any other purpose, unless the parent has expressly opted in to email communications or has separately participated in an activity that allows for such email contact.
We obtain verifiable parental consent from parents by micro-deposits into the parent’s bank account as part of linking the funding source to the NuMoola platform. Our banking partner will initiate two micro-deposits into the bank account connected to the parent account. Once those deposits have been verified, we will take this as consent.
How We Use Your Child’s Information
We use the personal information we collect from your child to:
- register him or her with the Services;
- allow him or her to make and monitor his or her financial transactions through the Services;
- assign him or her chores, savings milestones, and other activities on the Services;
- track his or her performance in games or other activities on the Services;
- communicating with him or her regarding his or her performance in games or other activities on the Services;
- send him or her money for completing activities on the Services.
Our Practices for Disclosing Children’s Information
We do not share, sell, rent, or transfer children’s personal information other than as described in this subsection.
We may disclose aggregated information about many of our users, and information that does not identify any individual or device. For example, we may disclose the average age range of children who use the Services, or the average amount that children are paid as a weekly allowance through the Services.
In addition, we may disclose children’s personal information:
- to third parties we use to support the internal operations of our Services and who are bound by contractual or other obligations to use the information only for such purpose and to keep the information confidential and secure;
- if we are required to do so by law or legal process, such as to comply with any court order or subpoena or to respond to any government or regulatory request;
- if we believe disclosure is necessary or appropriate to protect the rights, property, or safety of NuMoola, our users, or others, including to:
- protect the safety of a child;
- protect the safety and security of the Services; or
- enable us to take precautions against liability; and
- to law enforcement agencies or for an investigation related to public safety.
In addition, if NuMoola is involved in a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of NuMoola’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding or event, we may transfer the personal information we have collected or maintain to the buyer or other successor.
Accessing Your Child’s Personal Information
At any time, you may review your child’s personal information maintained by us, require us to correct or delete the personal information, and/or refuse to permit us from further collection or use of the child’s information. You can also authorize us to collect your child’s personal information, but refuse to permit us to share that information with third parties.
You can review, change, or delete your child’s personal information by:
- Logging into your account and visiting your child’s account profile page.
- Sending us an email at firstname.lastname@example.org. To protect your privacy and security, we may require you to take certain steps or provide additional information to verify your identity before we provide any information or make corrections.
The following are all operators that may collect or maintain personal information from children through the Services:
Amazon Web Services, Inc.
Amazon Web Services, Inc.
P.O. Box 81226
Seattle, WA 98108-1226
6. Automatic Information Gathering Technologies
When you use the Services (e.g., navigate to a specific location within the mobile app), we collect non-Personal Information (discussed above in Section 2) regarding that use. For example, to improve and gain other insights regarding our Services, we collect how, when, and which parts of the Services or its features you use. Also, we may use your device’s unique identifier (UDID) or other unique identifiers to assist us in collecting and analyzing this data.
To help us collect this information, we use third-party software and services. These third parties’ collection and use of non-Personal Information are subject to their own privacy policies, which you can read here:
7. Transparency and Choice
You may request access to your Personal Information by sending an email to email@example.com. We will try to locate and provide you with your Personal Information and give you the opportunity to correct this data, if it is inaccurate, or to delete it, at your request. But, in either case, we may need to retain it for legal reasons or for legitimate business purposes. You may also remove any content that you submit on the Services using the deletion or removal options within the Service. However, we (and you) are not able to control information that you have already shared with other users or made available to third parties through the Services.
If you need further assistance with removing any content you submitted through the Services, you can email us at firstname.lastname@example.org. Removal of your submitted content may not ensure complete or comprehensive removal from our computer systems.
We ask individual users to identify themselves and the information requested to be accessed, corrected, or removed before processing such requests, and we may decline to process requests that are unreasonably repetitive or systematic, require disproportionate technical effort, jeopardize the privacy of others, would be extremely impractical (for instance, requests concerning information residing on backups), or relate to information that is not associated with your Personal Information. In any case, where we provide information access and correction, we perform this service free of charge, except if doing so would require a disproportionate effort.
Please be aware that if you request us to delete your Personal Information, you may not be able to continue to use the Services. Also, even if you request that we delete your Personal Information, we may need to retain certain information for a limited period of time to satisfy our legal, audit and/or dispute resolution requirements.
You can opt out of receiving marketing e-mails from us by clicking on the “unsubscribe” link in the e-mails. Please note that it may take up to ten (10) business days for your opt-out request to be processed. Also, even if you opt out of marketing e-mails, we may continue to send you certain account-related e-mails, such as notices about your account and confirmations of transactions you have requested.
8. Information Security
We utilize reasonable information security measures to safeguard your Personal Information against unauthorized access, modification, or destruction. For example, we utilize Transport Layer Security (TLS) or similar encryption technology when sensitive data is transmitted over the Internet, and use firewalls to help prevent external access into our network. However, no data transmission over the Internet and no method of data storage can be guaranteed to be 100% secure. Therefore, while we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its security.
9. Your California Privacy Rights
A California resident who has provided Personal Information to a business with whom he/she has established a business relationship for personal, family, or household purposes (“California Customer”) is entitled to request information about whether the business has disclosed Personal Information to any third parties for the third parties’ direct marketing purposes. In general, if the business has made such a disclosure of Personal Information, upon receipt of a request by a California Customer, the business is required to provide a list of all third parties to whom Personal Information was disclosed in the preceding calendar year, as well as a list of the categories of Personal Information that were disclosed.
California Customers may request further information about our compliance with California’s privacy law by e-mailing email@example.com. Please note that we are only required to respond to one request per customer each year, and we are not required to respond to requests made by means other than through this e-mail address.
10. Third Party Websites
Please note that the Services may link or integrate with third-party sites, services or apps. We are not responsible for the privacy or security policies or practices or the content of such third parties. Accordingly, we encourage you to review the privacy and security policies and terms of service of those third parties so that you understand how those websites collect, use, share and protect your information.