Last updated: December 28, 2018
The privacy of your data — and it is your data, not ours! — is a big deal to us. We may use images, videos, and other content uploaded to help our services get better. We take your privacy seriously and know that your do too. We wont abuse the trust you're putting in us with your data.
Identity & Access
When you sign up for Never Second, we ask for your name, and email address. That's so you can personalize your new account, and we can send you invoices, updates, or other essential information. We’ll never sell your personal info to third parties, and we won't use your name or company in marketing statements without your permission, either. We may anonymize data that you provide and use that for research purposes or to enhance our algorithms. This is to hopefully provide you with a better experience. We may also provide scrubbed data to companies interested in making better products that can help you achieve the goals you're working towards.
When you pay for Never Second, we ask for your credit card and billing address. That's so we can charge you for service, calculate taxes due, and send you invoices. Your credit card is passed to our payment processor. This should never be done through our servers. Instead it should be done in your browser or mobile device. We store information related to your payment account. We use Stripe and so do not hold any of your specific payment information on our servers other than your customer account id and payment source id. This is so that we can charge your account when appropriate and provide gyms the ability to charge your account when appropriate.
When you write to Never Second with a question or to ask for help, we'll keep that correspondence, and the email address, for future reference. When you browse our marketing pages, we'll track that for statistical purposes (like conversion rates and to test new designs). We also store any information you volunteer, like surveys, for as long as it makes sense.
The only times we’ll ever share your info:
- To provide products or services you've requested, with your permission.
- To investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our Terms of Service, or as otherwise required by law.
- To provide anonymized data to specific companies we're working with to make
Your Rights With Respect to Your Information
You may have heard about the General Data Protection Regulation (“GDPR”) in Europe. GDPR gives people under its protection certain rights with respect to their personal information collected by us on the Site. Accordingly, Never Second recognizes and will comply with GDPR and those rights, except as limited by applicable law. The rights under GDPR include:
- Right of Access.This includes your right to access the personal information we gather about you, and your right to obtain information about the sharing, storage, security and processing of that information.
- Right to Correction.This is your right to request correction of your personal information.
- Right to Erasure.This is your right to request, subject to certain limitations under applicable law, that your personal information be erased from our possession (also known as the “Right to be forgotten”). However, if applicable law requires us to comply with your request to delete your information, fulfillment of your request may prevent you from using Never Second services and may result in closing your account.
- Right to Complain.You have the right to make a complaint regarding our handling of your personal information with the appropriate supervisory authority.
- Right to Restrict Processing.This is your right to request restriction of how and why your personal information is used or processed.
- Right to Object.This is your right, in certain situations, to object to how or why your personal information is processed.
- Right to Portability.This is your right to receive the personal information we have about you and the right to transmit it to another party.
- Right to not be subject to Automated Decision-Making.This is your right to object and prevent any decision that could have a legal, or similarly significant, effect on you from being made solely based on automated processes. This right is limited, however, if the decision is necessary for performance of any contract between you and us, is allowed by applicable European law, or is based on your explicit consent.
Many of these rights can be exercised by signing in and directly updating your account information. If you have questions about exercising these rights or need assistance, please contact us at firstname.lastname@example.org .
Processors We Use
As part of the services we provide, and only to the extent necessary, we may use certain third party processors to process some or all of your personal information. For identification of these processors we list them here:
- Amazon Web ServicesWe use AWS to manage your email address and password. We don't store your password, hashed or otherwise, on our servers.
- StripeWe use Stripe to process all payments.
Never Second won't hand your data over to law enforcement unless a court order says we have to. We flat-out reject requests from local and federal law enforcement when they seek data without a court order. And, unless we're legally prevented from it, we'll always inform you when such requests are made.
Security & Encryption
All data is encrypted via SSL/TLSwhen transmitted from our servers to your browser or mobile device. The database backups are also encrypted. Data isn't encrypted while it's live in our database (since it needs to be ready to send to you when you need it), but we go to great lengths to secure your data at rest.
When you delete your account, we'll ensure that nothing is stored on our servers past 30 days. Some data is deleted immediately from our servers dependent on the action and some is not. Also, in the case that we do machine learning and include some of your data, the models will reflect your data, but wont necessarily directly identify your data. We will develop frequent models that should reflect recent changes in the data and take your deletions into account.
Location of Site and Data
This Site is operated in the United States. If you are located in the European Union or elsewhere outside of the United States, please be aware that any information you provide to us will be transferred to the United States. By using our Site, participating in any of our services and/or providing us with your information, you consent to this transfer.
Changes & Questions
Never Second may update this policy once in a while - we'll notify you about significant changes by emailing the account owner or by placing a prominent notice on our site. You can access, change, or delete your personal information at any time by contacting email@example.com.