Effective Date:
March 14, 2025
Last Updated:
March 14, 2025
Welcome to our Privacy Policy. [Company Name] (the “Company,” “we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy describes how we collect, use, disclose, and protect your personal information when you use our websites, mobile applications, and services (collectively, the “Services”). It is designed to comply with all applicable U.S. privacy laws, including the California Consumer Privacy Act (as amended by the CPRA), the Virginia Consumer Data Protection Act, the Colorado Privacy Act, and other state privacy laws (e.g., Texas, Connecticut, Utah, Florida). We also incorporate relevant federal privacy requirements, especially for any health or mental health information we handle (such as HIPAA, 42 CFR Part 2, and the FTC Health Breach Notification Rule).
This Privacy Policy applies to personal information of consumers who use our Services. It does not cover information related to our employees or job applicants, or any information that is not considered “personal data” under applicable laws (such as fully de-identified or aggregate data). By using our Services, you agree to the collection and use of your information as described in this Policy, to the extent permitted by law. If you do not agree, please do not use the Services.
We collect various types of personal information from and about you. The types of data we collect, and how we collect them, are detailed below.
We collect personal information that you provide directly to us, such as when you create an account, fill out forms, use our Services, or communicate with us. This information may include:
Identifiers and Contact Information: Your name, email address, telephone number, mailing address, or other contact details.
Account Credentials: Username, password, and other security information for authentication and account access.
Profile Information: Information you include in your user profile or provide during registration (e.g., age, gender, preferences), if applicable.
Health and Mental Health Information: Information you share related to your health or mental well-being as part of using our Services (for example, health history, symptoms, treatment or therapy details). We recognize this may be sensitive personal data, and we handle it with special care as described in this Policy.
Communications: The content of communications you send to us, such as feedback, inquiries, or customer support requests, and any information you provide during those exchanges.
Payment Information: If you make purchases through our Services, we (or our payment processors) may collect payment card information or other financial data. (Note: We do not use payment information for any purpose other than processing your transactions and complying with legal obligations.)
When you use our Services, we automatically collect certain information about your device and usage of the Services:
Device and Internet Activity: IP address, device identifier, browser type, operating system, referring URLs, and information about your interactions with our website or app (e.g., pages viewed, links clicked).
Cookies and Tracking Data: We and our third-party partners use cookies, web beacons, and similar tracking technologies to collect information about your usage and preferences. This may include your browsing behavior on our site or app and engagement with our ads or content. We use this data to remember your settings, analyze site traffic, personalize content, and (with your consent or as permitted by law) for advertising or marketing. You can control cookies through your browser settings and other tools. Where required by law, we will obtain your consent for certain cookies, and we will honor global privacy control signals (such as “GPC”) as an opt-out of sale/sharing of data.
Location Information: If you enable location services, we may collect precise geolocation data from your device. You will be asked for permission before we collect precise GPS location. You can disable location access at any time in your device settings.
We may receive personal information about you from third-party sources, which we treat according to this Policy plus any additional restrictions imposed by the source or by law. For example:
Service Providers and Partners: We may receive data from service providers that help operate our Services (such as analytics providers, payment processors, or marketing partners). For instance, we might get aggregated app usage statistics from analytics tools.
Single Sign-On and Social Login: If you register or log in via a third-party platform (like Google, Apple, or Facebook), they may share with us certain information (such as your name, email, or profile information) as permitted under their privacy policies.
Referral and Program Partners: If our Services integrate with third-party services (for example, if a partner healthcare provider or employer gives you access to our Services), those parties might send us information to facilitate your access or to provide joint services. In such cases, we ensure any data sharing is done in compliance with relevant privacy laws and with appropriate agreements in place.
We will combine information from these sources with information you provide and information collected automatically for the purposes described in this Privacy Policy. We only obtain data from third parties if we have confirmed that those third parties have legal rights to share that information with us.
We use personal information for the following business and commercial purposes (all of which are in accordance with applicable laws):
To Provide and Improve Services: We process your information to operate our Services, provide you with the features and functionalities you request, and to maintain and improve the quality of our offerings. For example, we use your data to personalize your experience, remember your settings, and develop new content or features based on user interactions.
Account Management and Customer Support: We use contact and profile data to set up and maintain your account, authenticate you when you log in, and provide customer service or technical support. This includes using information to respond to your inquiries, troubleshoot issues, and repair errors.
Communication: We use your contact information to send you service-related communications (e.g., confirmations, invoices, technical notices, updates, security alerts). We may also send you news and updates about our Services or upcoming features. You can opt out of non-essential communications (such as marketing emails) at any time by using the unsubscribe link or contacting us.
Health Services Delivery: If you utilize mental health or other healthcare-related features of our Services, we use your information to facilitate those services. This may include sharing relevant data with your care providers (with your consent or as permitted by law) to ensure you receive proper treatment or guidance. We do not use information about your mental or physical health for advertising or marketing without your express consent.
Analytics and Product Development: We analyze usage information (including trends in how users navigate our Services) to understand user behavior and preferences. This helps us improve our interface, content, and algorithms. Where feasible, we use aggregated or de-identified data for these analytical purposes.
Marketing and Personalization: With your consent where required, we may use your information to personalize and deliver content and advertisements (including third-party ads) relevant to your interests. We may create audiences (e.g., groups of users with certain characteristics) to tailor our marketing messages. If you are a resident of a state that grants the right to opt out of targeted advertising, we will honor any opt-out request from you (see Your Privacy Rights below).
Legal Compliance and Protection: We may use or disclose your information as we believe necessary or appropriate to comply with applicable laws, regulations, lawful requests and legal processes, such as to respond to subpoenas or requests from government authorities. We also use information to enforce our terms and conditions, to detect or investigate fraud, abuse or security issues, and to protect the rights, property, or safety of our users, ourselves, and others.
Other Purposes with Consent: If we intend to use your personal data for a purpose that is not described in this Privacy Policy, we will explain that purpose at the time of collection and, if required, will obtain your consent. We will not use your personal information in ways that are incompatible with the purposes for which it was collected without notifying you and obtaining your consent if required.
We will only process personal data in a manner that is reasonably necessary and proportionate to achieve the purposes described above, or other purposes that we explain to you and are compatible with the original purpose of collection. We do not use your personal information for fully automated decisions that produce legal or similarly significant effects on you without human involvement; if we ever engage in such activity, we will comply with applicable law requirements (including providing notice and obtaining consent where required).
We may share your personal information with third parties, but only in the ways described below. We do not disclose your personal data to unrelated third parties for their own direct marketing purposes, and we do not sell your personal information for monetary or other valuable consideration. We also do not share your personal information for targeted advertising purposes unless you direct us to or as permitted by law (and you have the right to opt out of such sharing as described in Your Privacy Rights). The categories of third parties with whom we share data include:
Service Providers (Processors): We share personal data with third-party companies and individuals who perform services on our behalf. These service providers are contractually bound to process personal data only as needed to provide their services (for example, cloud hosting providers, IT support, email/SMS delivery services, payment processors, analytics companies, or marketing agencies). They are also required to keep your information confidential and secure. Sharing data with service providers for business purposes is not considered a “sale” of data under most privacy.
Healthcare Providers and Partners: If you use our mental health or telehealth Services, we may share relevant personal and health information with doctors, therapists, or clinics that are involved in your care (our “Care Providers”), but only as allowed by law and professional ethics. For example, our platform might connect you with a licensed therapist; in that case, information you provide for therapy will be accessible to that therapist. These Care Providers are often subject to healthcare privacy laws like HIPAA or 42 CFR Part 2, and we coordinate with them to protect your data. Any sharing of substance use disorder treatment records will fully comply with 42 CFR Part 2 (meaning we will not disclose those records without your written consent except in circumstances permitted by that law).
Affiliates: We may share your information with our parent company, subsidiaries, joint ventures, or other companies under common control with us (“affiliates”), in which case we will require them to honor this Privacy Policy. For instance, if Awesome U expands and sets up a related service under another corporate entity, your information might be shared between the Company and that affiliate to support and improve Services provided to you.
Business Partners: In some cases, we may partner with other organizations to offer co-branded services, promotions, or features (for example, a collaboration with a research institution or a wellness program through your employer). If you engage with such offerings, we might share information with the relevant partner with your consent or as necessary to fulfill the service. We will inform you at the time of data collection if any information will be shared with a partner and you will have the opportunity to opt out of that sharing if required by law.
Legal and Safety Disclosures: We may disclose information about you to government or law enforcement officials, regulators, or private parties as required by law or if we believe in good faith that such disclosure is reasonably necessary to (i) comply with any applicable law, regulation, subpoena/court order, or legal processftc.gov; (ii) enforce our Terms of Service or other agreements; (iii) detect, prevent, or otherwise address fraud, security or technical issues; or (iv) protect the rights, property, or safety of our users, the Company, or the public. This may include exchanging information with other companies and organizations for cybersecurity or fraud protection.
Corporate Transactions: If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of company assets, or transition of our Services to another provider, your information may be transferred to a successor or affiliate as part of that transaction. In such cases, we will ensure the recipient agrees to handle your personal data in accordance with this Privacy Policy or inform you and obtain your consent if required by law.
In the preceding 12 months, we have collected and shared the categories of personal information described in the Information We Collect section above for the purposes outlined here. We have disclosed personal identifiers, contact information, and internet activity to our service providers (such as our cloud hosting and analytics providers) in order to operate and improve our Services. We may have shared limited personal information (such as an email address or user ID) with business partners for joint service delivery to you, but only with your knowledge or participation. Importantly, we have not sold personal information to third parties for their independent use, and we have not shared sensitive personal information for behavioral advertising. If our practices change in the future such that we plan to sell personal data or share it for targeted advertising, we will update this Privacy Policy and provide required notices and opt-out mechanisms (including posting a clear “Do Not Sell or Share My Personal Information” link on our website, as required by California law).
We will provide additional disclosures or seek consent for data sharing in special circumstances as required by specific laws. For example, if we ever engage in the sale of sensitive personal data (such as precise geolocation, health data, or certain biometric identifiers), Texas law requires that we include a clear notice of that in this Policy. We currently do not sell sensitive personal data. If that ever changes, we will prominently post the required “NOTICE: We may sell your sensitive personal data” (and similarly for biometric data) and obtain any necessary opt-in consent before such sale.
You may have certain rights regarding your personal information under various U.S. state privacy laws. We are committed to honoring your rights and have processes in place for you to exercise them. The rights available to you may depend on your state of residence, but
we extend many of these core rights to all our users in the United States
as a courtesy. These rights include:
Right to Know/Access: You have the right to request that we disclose what personal information we have collected about you, including the categories of data, the sources of that data, the purposes for collecting it, and the categories of third parties with whom we share itoag.ca.gov. You can also request a copy of the specific pieces of personal information we maintain about you.
Right to Correct: You have the right to request that we correct any inaccurate personal information we hold about youtermageddon.comtermageddon.com. If you cannot update your information through your account settings, please contact us to make the correction. We may need to verify the accuracy of the new information you provide.
Right to Delete: You have the right to request deletion of the personal information we have collected from you and retained, with certain exceptionstermageddon.com. For example, we may retain information as required or permitted by law (such as for legal compliance or internal business purposes). If we must retain any data (e.g., for a legal obligation), we will inform you of that in our response.
Right to Data Portability: You may have the right to obtain a copy of your personal data in a portable and, to the extent technically feasible, readily usable formattermageddon.com, so you can transmit it to another entity. Where applicable, we will provide the information in a commonly used electronic format.
Right to Opt Out of “Sale” of Personal Data: You have the right to opt out of the sale of your personal information to third partiestermageddon.com. As noted above, we do not currently sell personal data. If we ever plan to sell your information, we will provide a method for you to opt out (such as a “Do Not Sell My Info” link or browser-based global privacy control signals). We will honor any valid opt-out preference signal that is required by law to be recognized by businesses (for instance, California’s regulations recognize user-enabled Global Privacy Control signals as a valid opt-out request for sales/sharing).
Right to Opt Out of Targeted Advertising: You have the right to opt out of the use of your personal data for targeted advertising purposes (also called cross-context behavioral advertising). This means you can request that we do not use or share your information to advertise to you based on your behavior across different websites or apps. If you wish to opt out of targeted advertising, you can adjust your cookie settings through our cookie banner or browser settings, or contact us to record your preferences. We also honor industry opt-out signals where legally required, as noted above.
Right to Opt Out of Profiling (Certain Automated Decisions): In some states, you have the right to opt out of profiling in furtherance of decisions that produce legal or similarly significant effects for you. We do not engage in such profiling without your consent. If we introduce automated processing of your data to evaluate or predict personal aspects that could significantly affect you (for example, credit worthiness, insurance risk, etc.), we will provide appropriate notice and the ability to opt out.
Right to Limit Use of Sensitive Personal Information: California residents have the right to direct businesses to limit the use and disclosure of sensitive personal information to that which is necessary to provide the services or as otherwise permitted by law. We do not use sensitive personal information (such as data about your health, precise geolocation, or other sensitive characteristics) for purposes that would trigger the right to limit under California law. We only use such information to provide you with services (for example, to facilitate your therapy or health services) or other permissible purposes. Therefore, we believe our use of sensitive data is already limited to what is allowed. However, if you still wish to request that we further limit use of your sensitive information, you may contact us and we will honor any requests as required by applicable law.
Right to Appeal: If we decline to take action on a request you make in exercising any of the above rights, you have the right to appeal our decision. For residents of states like Virginia, Colorado, and Connecticut, we will provide an appeal process. If you are unhappy with our refusal to fulfill a request, please send an email to our contact address with the subject “Privacy Request Appeal” and an explanation of your concerns. We will review your appeal and respond within the timeframe required by law (generally 45 days). If we ultimately deny your appeal, we will inform you of any further recourse. For example, Virginia residents may contact the Virginia Attorney General if they have concerns about the result of an appealtermageddon.com. Likewise, you may contact your state’s Attorney General or privacy regulator to lodge a complaint.
Right to Non-Discrimination: We will not discriminate against you for exercising any of your privacy rights. This means we will not deny you services, charge you different prices, or provide a different level of quality because you exercised your rights under a privacy law. In certain jurisdictions, however, we may offer financial incentives that involve the collection or sale of personal information (for example, a discount program or rewards club). If we ever offer such programs, participation will be entirely voluntary and based on your consent (opt-in), and we will provide a clear explanation of the material terms of the incentive. You have the right to withdraw from such incentive programs at any time without penaltytermageddon.com. (At this time, we do not offer any programs that provide a price or service difference in exchange for your data.)
Exercising Your Rights:
You may exercise the rights described above by contacting us using the information in the Contact Us section below. Specifically, you can:
(1) email us at [email protected] with your request; or
(2) call our toll-free privacy line at (302) 208-6816.
Please indicate which right you wish to exercise and provide us with enough information to verify your identity. We will only use the information you provide in a request to verify your identity or authority to make the request and to track and fulfill your request. In some cases, we may need additional information to confirm your identity (for example, we might ask for details about your last interaction with our Services or ask you to confirm a code sent to your email address on file). If we cannot verify your identity, we may be unable to fulfill certain requests (such as providing specific personal data or deleting data). But in that event, we will communicate the reason we cannot comply.
If you are making a request through an authorized agent (such as an attorney or someone acting on your behalf), we will require proof of the authorization. For example, California law allows you to designate an authorized agent to make CCPA requests on your behalf; we will accept requests from an agent if they present valid written authorization from you, or proof of power of attorney, and we are able to verify the identity of the agent. We will also verify your identity directly (or your agent’s authority) in certain cases, as required by law, before responding to an agent-submitted request.
We aim to respond to consumer requests as soon as possible and within the timeframes set by applicable laws (generally within 45 days, with the possibility of an extension by an additional 45 days when reasonably necessary). There is no fee for making a request, but if a request is manifestly unfounded or excessive (for example, repetitive), we may charge a reasonable fee or refuse to act on it, as permitted by law.
We understand that some of the personal information we collect is sensitive, and we take additional steps to protect it. “Sensitive personal data” (or “sensitive personal information”) may include information such as health and medical information, mental health details, precise geolocation, racial or ethnic origin, biometric identifiers, sexual orientation, and other information defined as sensitive under various laws.
Where required by law, we will obtain your opt-in consent before processing sensitive personal data. For example, the laws in Colorado, Connecticut, Virginia, and Texas require affirmative consent to process sensitive personal data such as health information. By providing us with your health or mental health-related information as part of our Services, you are consenting to our use of that information for the purposes of providing the Services and as otherwise described in this Policy. We do not use sensitive data for purposes that you would not reasonably expect in context, without your consent.
If you are using our Services to receive healthcare (including mental health) services from licensed providers (e.g. therapy or psychiatric services delivered through our platform), please note that those providers may provide you with a separate Notice of Privacy Practices under the Health Insurance Portability and Accountability Act (HIPAA). For example, if you engage in therapy sessions with one of our partner clinics or providers, that provider is likely a “covered entity” under HIPAA and will give you a HIPAA Notice explaining how your protected health information (PHI) will be used and disclosed. In such cases, Awesome U may be acting as a “business associate” of the provider, and any PHI we handle will be governed by HIPAA rules. The HIPAA Notice will supersede this Privacy Policy for PHI in the event of a conflict. This Privacy Policy, however, will continue to apply to personal information that is not subject to HIPAA. We encourage you to review any HIPAA Notice provided by your care provider.
For substance use disorder treatment information that may be provided through our Services, we follow the federal confidentiality rules set forth in 42 CFR Part 2. These rules generally require your written consent before we disclose any information that would identify you as having a substance use disorder, except in very limited circumstances allowed by law. We will not share or use any substance abuse treatment records in a way that violates Part 2. Any consent you provide for use or disclosure of such records can be revoked by you at any time, as described in those rules.
We also comply with the FTC’s Health Breach Notification Rule for any personal health records we maintain that are not covered by HIPAA. This means that if there is a breach of unsecured identifiable health information, we will notify you without unreasonable delay, and no later than the timeframe required by law. We will also notify the Federal Trade Commission (and, if the breach affects a large number of individuals, the media) as required. We hope never to have such an incident, but we want you to know that we take our obligation to protect your health data seriously and will follow all applicable breach notification laws in the unfortunate event of a data security incident.
Importantly, we do not share your health or mental health information with third-party advertisers or marketing platforms without your explicit consent. We do not use any information from therapy sessions or health records to inform advertising decisions. As the FTC has emphasized in enforcement actions, companies should not use or disclose health information for marketing without permission. We adhere to this principle. Any use of health-related data is strictly for your benefit in receiving services (e.g., to connect you with providers or track your progress) or for compliance and operational purposes. If we ever want to use your health data for research or product development beyond providing services to you, we will either de-identify the information or obtain your consent as required.
We have implemented reasonable administrative, technical, and physical security measures designed to protect your personal information from unauthorized access, disclosure, alteration, and destruction. This includes measures such as encryption in transit (e.g., HTTPS for our website), encryption at rest for sensitive records, access controls to limit access to your information to authorized personnel, and regular security training for our staff. We also maintain policies and procedures to address suspected incidents and will act promptly in the event of any breach of security.
While we strive to protect your information, no security measures are perfect or impenetrable.
No method of transmission over the Internet, or method of electronic storage, is 100% secure.
Therefore, we cannot guarantee absolute security. You should also take steps to protect your personal data by maintaining strong passwords, not sharing credentials, and using secure networks to access our Services. If you believe that your interaction with us is no longer secure (for example, if you suspect the security of your account has been compromised), please contact us immediately.
We retain personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. For example, we may retain certain transaction details and correspondence as needed to comply with legal obligations (such as financial record-keeping or reporting obligations) or for legitimate business purposes such as audit, security, fraud prevention, and ensuring continuity of our services. We also may retain backup copies of data for a period of time or as required by our disaster recovery policies.
Once personal information is no longer needed for the purposes for which it was collected, we will delete, anonymize, or aggregate it within a reasonable timeframe. If deletion is not feasible (for example, because the data is stored in backup archives), we will securely store the data and isolate it from further processing until deletion is possible. We assess our data retention practices periodically to ensure we are not retaining data longer than necessary. In all cases, our retention and deletion practices are in line with the principle of data minimization and the requirements of applicable laws.
Our Services are not directed to individuals under the age of 18, and we do not knowingly collect personal information from children and teenagers under 18 without parental consent. If you are under 18, please do not use our Services or send us any personal information. In the event we learn that we have inadvertently collected personal information from a minor under 18, we will take prompt steps to delete that information. If you are a parent or guardian and you believe we have information about a child, please contact us so we can resolve the issue.
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make changes, we will revise the “Last Updated” date at the top of this Policy. If changes are significant, we will provide a more prominent notice (such as by posting a notice on our website or emailing users of the changes). We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.
Any changes to this Policy will become effective when posted, unless indicated otherwise. If we make changes that materially affect how we handle personal information previously collected from you, we will endeavor to provide you with an opportunity to consent to such changes (or opt out of such changes) before they take effect, if required by law.
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, you can contact us using the information below. We are here to help and will respond as promptly as we can.
Email: [email protected]
Toll-Free Phone: (302) 208-6816
Mailing Address: Awesome U – Privacy Office, 2810 N Church St PMB 93045 Wilmington Delaware 19802-4447 United States
For users in states with privacy laws, you may also have the right to contact your state’s Attorney General or privacy regulator regarding our privacy practices. We invite you to contact us first so we can address your questions or concerns directly.
Thank you for trusting Awesome U with your personal information. We value your privacy and are committed to safeguarding it in compliance with all applicable laws and regulations.