Last updated: December 14, 2023
This Privacy Policy describes Our policies and procedures on the collection, use and disclosure of Your information when You use the Service and tells You about Your privacy rights and how the law protects You.
We use Your Personal Data to provide and improve the Service. By using the Service, You agree to the collection and use of information in accordance with this Privacy Policy.
The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.
For the purposes of this Privacy Policy:
Account means a unique account created for You to access our Service or parts of our Service.
Affiliate means an entity that controls, is controlled by or is under common control with a party, where “control” means ownership of 50% or more of the shares, equity interest or other securities entitled to vote for election of directors or other managing authority.
Application refers to Secret Memory, the software program provided by the Company.
Company (referred to as either “the Company”, “We”, “Us” or “Our” in this Agreement) refers to AppStudio RD.
Cookies are small files that are placed on Your computer, mobile Device or any other Device by a website, containing the details of Your browsing history on that website among its many uses.
Country refers to: Canada
Device means any device that can access the Service such as a computer, a cellphone or a digital tablet.
Personal Data or Personal Information is any information that relates to an identified or identifiable individual and it has the meaning provided in the EU General Data Protection Regulation of 2018 (the “GDPR”), and includes any information which, either alone or when combined with other information we hold, identifies an individual, such as name, mailing address, email address, IP address and telephone number. For legal residents of the State of California, who are covered by the California Consumer Privacy Act (“CCPA”), this definition includes any additional elements defined as such by the CCPA. In addition to meeting GDPR and CCPA compliance requirements, the terms of this privacy policy are applicable to all users regardless of location.
Service and Services refers to the Application or the Website or both.
Service Provider means any natural or legal person who processes the data on behalf of the Company. It refers to third-party companies or individuals employed by the Company to facilitate the Service, to provide the Service on behalf of the Company, to perform services related to the Service or to assist the Company in analyzing how the Service is used.
Third-party Social Media Service refers to any website or any social network website through which a User can log in or create an Account to use the Service.
Usage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
Website refers to AppStudio RD, accessible from https://www.studiord.ca
You means the individual accessing or using the Service, or the Company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.
The Company complies with the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the UK Extension to the EU-U.S. DPF and the Swiss-U.S. Data Privacy Framework (“Swiss-U.S. DPF”). If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles shall govern.
The Company is responsible for the processing of Personal Data it receives, under the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and Swiss-U.S. DPF and subsequently transfers to a third party acting as an agent on its behalf. The Company complies with the EU-U.S. DPF Principles and the Swiss-U.S. DPF Principles for all onward transfers of Personal Data from the EU, UK, and Switzerland, including the onward transfer liability provisions.
Under certain conditions, more fully described on the DPF website https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf?tabset-35584=2 , You may invoke binding arbitration when other dispute resolution procedures have been exhausted.
You have the right to access Personal Data covered by the DPF, and You have the right to correct, amend or request the deletion of such data. You may make requests to access, correct, amend, or request deletion of Your data by emailing secretmemorysupport@studiord.ca or by sending your request to https://studiord.ca/secret-memory-account-request/. The Company remains liable under the DPF if an agent processes Personal Data covered by the DPF in a manner inconsistent with the DPF, except where The Company is not responsible for the event giving rise to the damage.
While using Our Service, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. Personally identifiable information may include, but is not limited to:
Email address
First name and last name
Phone number
Usage Data
Usage Data is collected automatically when using the Service.
Usage Data may include information such as Your Device’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that You visit, the time and date of Your visit, the time spent on those pages, unique Device identifiers and other diagnostic data.
When You access the Service by or through a mobile Device, We may collect certain information automatically, including, but not limited to, the type of mobile Device You use, Your mobile Device unique ID, the IP address of Your mobile Device, Your mobile operating system, the type of mobile Internet browser You use, unique Device identifiers and other diagnostic data.
We may also collect information that Your browser sends whenever You visit our Service or when You access the Service by or through a mobile Device.
The Company allows You to create an Account and log in to use the Service through the following Third-party Social Media services:
If You decide to register through or otherwise grant us access to a Third-Party Social Media service, We may collect Personal Data that is already associated with Your Third-Party Social Media service’s account, such as Your name, Your email address and the photo associated with your account’s profile.
You may also have the option of sharing additional information with the Company through Your Third-Party Social Media service’s account. If You choose to provide such information and Personal Data, during registration or otherwise, You are giving the Company permission to use, share, and store it in a manner consistent with this Privacy Policy.
The Company does not have access to, or the ability to decrypt Your vault. Our Zero-Knowledge encryption model ensures that only You can decrypt Your stored information.
The Company collects limited Personal Information from customers who register with our Services including a username and email address and phone number for the purpose of Account verification. If a customer decides to subscribe to our Service, we use the RevenueCat Platform for payment processing. More information about RevenueCat privacy policy can be found here. We use the customer registration information to authenticate users and provide access to the Application. As with any cloud-based services, when You download and use our product we automatically collect information on the type of Device You use, operating system version, a randomly-generated Device identifier, system performance information and IP address. We also use the email addresses used in the registration information to communicate with our users. When You register for a subscription to Secret Memory software, You automatically “opt-in” to receive email communication from us which shall concur with the CAN-SPAM Act of 2003.
End-users of Secret Memory will not receive consumer marketing email communications from us but may receive important communications related to changes to Services, maintenance notifications and security-related events. The Company will never have access to Your Password or records stored within Your Secret Memory Vault.
The Company collects and logs aggregate user statistics and Website traffic. Such information includes Website traffic statistics, date and time of visits, browser type used to access the Service, frequency of visits and to which pages, etc. We use this information to improve the Services delivered to our customers, to track and diagnose performance problems and administer the Website.
The Company does not have access to or knowledge of an Account holder’s password, encryption keys or access to his or her Secret Memory vault. Accordingly, any Account disclosure required by law, under a subpoena, would be limited to general Account information such as the Account holder’s name and Account term. The Company may disclose aggregated user statistics (for example, 30% of Secret Memory customers use the Service daily) in order to describe our Services to prospective partners, Affiliates and other third parties for lawful purposes. The Company will never disclose such data on an individual or identifiable basis to third parties except when we must comply with laws that require such disclosure to law enforcement authorities or other government third party officials such as subpoenas, or we believe in good faith that disclosure is necessary to protect our rights, protect Your safety or the safety of others and to investigate fraud.
The Company transmits limited Personal Information on vendor-sourced software, under strict confidentiality and security protocols, to provide essential business services including customer support, Account management, analytics, payment processing and live chat. Information we share is limited to email address and IP address.
The Company has data protection agreements with its vendors which limit the use of customer information to essential business functions. The Company does not sell, market or transact upon user information outside of its cybersecurity operations.
If The Company is involved in a merger, acquisition, or sale of all or a portion of its assets, You will be notified via email and/or a prominent notice on our Web site of any change in ownership or uses of Your Personal Information, as well as any choices You may have regarding Your Personal Information.
We may provide limited contact, payment and usage information to companies that provide services to help us with our business activities such as our live chat customer support or analytics provider. These companies are authorized to use such information only as necessary to provide these services to us.
The Company will only collect, use and disclose information to provide the Services to the customer, to provide customer support or as otherwise described in this Privacy Policy. The Company will offer individuals the opportunity to choose (opt-out) whether their Personal Information is (a) to be disclosed to a non-agent third party, or (b) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. The Company will provide individuals with reasonable mechanisms to exercise their choices.
While using Our Application, in order to provide features of Our Application, We may collect, with Your prior permission:
We use this information to provide features of Our Service, to improve and customize Our Service. The information may be uploaded to the Company’s servers and/or a Service Provider’s server or it may be simply stored on Your Device.
You can enable or disable access to this information at any time, through Your Device settings.
The Company may use Personal Data for the following purposes:
To provide and maintain our Service, including to monitor the usage of our Service.
To manage Your Account: to manage Your registration as a user of the Service. The Personal Data You provide can give You access to different functionalities of the Service that are available to You as a registered user.
For the performance of a contract: the development, compliance and undertaking of the purchase contract for the products, items or Services You have purchased or of any other contract with Us through the Service.
To contact You: To contact You by email, telephone calls, SMS, or other equivalent forms of electronic communication, such as a mobile application’s push notifications regarding updates or informative communications related to the functionalities, products or contracted Services, including the security updates, when necessary or reasonable for their implementation.
To provide You with news, special offers and general information about other goods, Services and events which we offer that are similar to those that You have already purchased or enquired about unless You have opted not to receive such information.
To manage Your requests: To attend and manage Your requests to Us.
For business transfers: We may use Your information to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Data held by Us about our Service users is among the assets transferred.
For other purposes: We may use Your information for other purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns and to evaluate and improve our Service, products, services, marketing and Your experience.
We may share Your Personal Information in the following situations:
The Company will retain Your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use Your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain Your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.
The Company will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of Our Service, or We are legally obligated to retain this data for longer time periods.
Upon request The Company will provide any users regardless of location with information about whether we hold, or process on behalf of a third party, any of Your Personal Information. To request this information please contact us at secretmemorysupport@studiord.ca or send your request to https://studiord.ca/secret-memory-account-request/. You may deactivate Your Secret Memory Account and delete Your personally identifiable information at any time by contacting us at secretmemorysupport@studiord.ca or or by sending your request to https://studiord.ca/secret-memory-account-request/ clearly indicating that You wish to deactivate and delete such information. If Your Personal Information changes, or You seek to exercise any rights under GDPR or CCPA, please submit the request to Customer Support at secretmemorysupport@studiord.ca or send your request to https://studiord.ca/secret-memory-account-request/. In your request, please make clear what Personal Data is concerned and the change required. We will comply with Your request promptly, but in any event within 30 days of Your request (45 days for requests under the CCPA). We may need to retain certain information for recordkeeping purposes or to complete transactions that You began prior to requesting such change or deletion.
We will retain Your information for as long as Your Account is active or as needed to provide You Services. We will retain and use Your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
In accordance with the European Union General Data Protection Regulation (GDPR), Children’s Online Privacy and Protection Act (COPPA) and the California Consumer Privacy Act (CCPA) The Company does not intentionally collect personally identifiable information from nor solicit children under eighteen years of age.
Other than as disclosed in this Privacy Policy, at no time will The Company disclose identifiable Personal Information to any third parties without Your express, written consent. The Company does not sell customer information to third parties for any purpose.
Your information, including Personal Data, is processed in the Google Cloud Infrastructure, in the MUX Infrastructure and in any other places where the parties involved in the processing are located. It means that this information may be transferred to and maintained on computers located outside of Your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from Your jurisdiction.
Your consent to this Privacy Policy followed by Your submission of such information represents Your agreement to that transfer.
The Company will take all steps reasonably necessary to ensure that Your data is treated securely and in accordance with this Privacy Policy and no transfer of Your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of Your data and other Personal Information.
You have the right to delete or request that We assist in deleting the Personal Data that We have collected about You.
Our Service may give You the ability to delete certain information about You from within the Service.
You may update, amend, or delete Your information at any time by signing in to Your Account, if You have one, and visiting the Account settings section that allows You to manage Your Personal Information. You may also contact Us to request access to, correct, or delete any Personal Information that You have provided to Us.
Please note, however, that We may need to retain certain information when we have a legal obligation or lawful basis to do so.
If the Company is involved in a merger, acquisition or asset sale, Your Personal Data may be transferred. We will provide notice before Your Personal Data is transferred and becomes subject to a different Privacy Policy.
Under certain circumstances, the Company may be required to disclose Your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency). The Company does not have access to or knowledge of any Account holder’s master password, encryption keys or access to their Secret memory vault. Accordingly, any Account disclosure required by law, under a subpoena, would be limited to general Account information such as the Account holder’s name, email address and Account term.
The Company may disclose Your Personal Data in the good faith belief that such action is necessary to:
The Company hosts its infrastructure with Google Cloud in a highly secure server environment with 24×7 monitoring, surveillance and support to prevent unauthorized access and data security. Advanced security measures including firewalls, security guards and surveillance are taken to ensure the continued service and protection of your data from natural disaster, intruders and disruptive events. More information about Google Cloud Security can be found here. We use the MUX Infrastructure to stream and store the videos that You create with Our Service. More information about MUX privacy policy can be found here.
The annual payment for your Secret Memory subscription is processed by a third party, RevenueCat Inc. We do not hold any financial information about you and we cannot, in any way, be held responsible in the event of leaks relating to your financial information.
Data Encryption
Secret Memory is a Zero Knowledge security Application. Zero Knowledge is a system architecture that guarantees the highest levels of security and privacy by adhering to the following principles:
Secret Memory software runs on iPhone*, iPad*, Android* and Android Tablets* operating systems. (*Note: These trade names are protected by the registered trademarks of their respective owners).
The security of Your Personal Data is important to Us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While We strive to use commercially acceptable means to protect Your Personal Data, We cannot guarantee its absolute security.
It is the user’s responsibility to protect the security of their Secret Memory Password. Access to Secret Memory Services are protected by a unique username/email and Password that is known by You only. The Company has designed internal security processes that encrypt customer passwords to protect it from being divulged or accessed by anyone other than You. Neither The Company employees nor any of its contractors can obtain or access Your password. Neither The Company employees nor any of its contractors will ask You for Your password via mail, email or telephone nor any other unsolicited manner.
California Consumers have the following rights under the California Consumer Protection Act (CCPA):
Right to Notice: Under the CCPA, businesses must inform consumers at or before the point of collection what categories of Personal Information will be collected and the purposes for which these categories will be used.
Right to Access: Consumers have the right to request that a business disclose the categories of Personal Information collected; the categories of sources from which Personal Information is collected; the business or commercial purpose; the categories of third parties with which the business shares Personal Information; and the specific pieces of Personal Information the business holds about a consumer.
Right to Opt-Out: Consumers have the right—at any time—to direct businesses that sell Personal Information about the consumer to third parties to stop this sale, known as the right to opt out.
Right to Request Deletion: Consumers also have the right to request deletion of Personal Information, but only where that information was collected from the consumer.
Right to Equal Services and Prices: The CCPA prohibits businesses from discriminating against consumers by denying goods or services, charging a different price or rate for goods or services, providing a different level or quality of goods or services, or suggesting that they will do any of these things based upon a consumer’s exercise of any CCPA rights.
Our Service does not address anyone under the age of 13. We do not knowingly collect personally identifiable information from anyone under the age of 13. If You are a parent or guardian and You are aware that Your child has provided Us with Personal Data, please contact Us. If We become aware that We have collected Personal Data from anyone under the age of 13 without verification of parental consent, We take steps to remove that information from Our servers.
If We need to rely on consent as a legal basis for processing Your information and Your country requires consent from a parent, We may require Your parent’s consent before We collect and use that information.
Our Service may contain links to other websites that are not operated by Us. If You click on a third party link, You will be directed to that third party’s site. We strongly advise You to review the Privacy Policy of every site You visit.
We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.
We may update Our Privacy Policy from time to time. We will notify You of any changes by posting the new Privacy Policy on this page.
We will let You know via email and/or a prominent notice on Our Service, prior to the change becoming effective and update the “Last updated” date at the top of this Privacy Policy.
You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.
If You have any questions about this Privacy Policy, You can contact us:
