Borne | Privacy Policy

Mereo Technologies Inc. dba Borne, a Delaware corporation (“Borne” “we,” “us,” or “our”) operates the website located https://borne.ai and other related sites (collectively, the “Site”) and mobile application (the “App”), offering an immersive foreign language learning experience (together with the Site and App, the “Services”).

Borne respects and protects the privacy of the users that use our Services. We maintain strict policies to ensure the privacy of those who use our Services (“End Users,” “you,” or “your”) or those who may just visit our Site without otherwise using our Services (“Visitors”). This policy (“Privacy Policy”) describes the types of information we may collect from you and our practices for collecting, using, maintaining, protecting, and disclosing such information. This Privacy Policy also includes a description of certain rights that you may have over information that we may collect from you.

By using the Services, you agree to this Privacy Policy. If you do not agree with our policies and practices, your choice is to not use our Services.

Summary of Data Collection, Disclosure and Sale

Here is a short summary of data and the categories of data we have collected, disclosed, and sold over the last twelve (12) months. We do not sell data. The rest of this Privacy Policy provides more in-depth information on our privacy practices.

● Identifiers, such as contact details, such as real name, alias, address, telephone number, unique personal identifiers, online identifiers, IP address, email address, and account name.

o Do we collect? Yes

o Will we disclose this data as part of our business? Yes

o Will we sell this data? No

● Categories of PI described in the California Consumer Privacy Act, GDPR or otherwise (including name, email, phone number, mailing address, birthday,)

o Do we collect? Yes

o Will we disclose this data as part of our business? Yes

o Will we sell this data? No

● Commercial information: (Transaction information, purchase history, financial details, and payment information)

o Do we collect? Yes

o Will we disclose this data as part of our business? No

o Will we sell this data? No

● Geolocation data: (device location)

o Do we collect? Yes

o Will we disclose this data as part of our business? Yes

o Will we sell this data? No

● Internet or other electronic network activity information: (Browsing history, search history, online behavior, interest data, and interactions with our and other websites, applications, systems, and advertisements)

o Do we collect? Yes

o Will we disclose this data as part of our business? Yes

o Will we sell this data? No

● Inferences drawn from other personal information to create a profile about a consumer: (for example, an individual’s preferences and characteristics)

o Do we collect? Yes

o Will we disclose this data as part of our business? Yes

o Will we sell this data? No

● Biometric information

o Do we collect? No

● Characteristics of protected classifications under California or United States federal law

o Do we collect? No

● Audio, visual or similar information

o Do we collect? Yes

● Professional or employment related information

o Do we collect? No

● Non-public education information (per the Family Educational Rights and Privacy Act)

o Do we collect? No

INFORMATION THAT BORNE COLLECTS

Types of Information Collected

Personal Data

“Personal Data” is information by which you may be personally identified. Borne may collect the following Personal Data from you:

● Name;

● Email;

● Screen name / username; and

● Any other information voluntarily supplied by you to us reasonably necessary to perform the Services.

Your bank account information, payment information, and other identifying information may be collected by Borne through its third-party vendors, including our payment processors Apple and Google. Your data may be processed, collected, shared or stored by us and third-party vendors, including but not limited to open-source component providers, website service providers, website analytics providers, third party payment processors, or other service providers we use to conduct business. Such processing, collection, sharing or storing of data by such third parties may be processed, collected, shared or stored by Borne, with the exception of information collected by our payment processors.

Non-Personal Data

Non-personal data includes any data that cannot be used on its own to identify, trace, or identify a person. We may collect your device information, including GPS data and IP address. When non-Personal Data you give to us is combined with Personal Data we collect about you, it will be treated as Personal Data and we will only use it in accordance with this Privacy Policy.

How we collect information

We collect information when you provide it to us directly through an interaction with us; for example:

● When you use the Services, including but not limited to when you utilize components of our Services utilizing artificial intelligence (AI);

● When you apply or register for the Services;

● When you fill out contact or registration forms;

● When you fill out feedback forms;

● When you contact us through our Site or App;

● When you communicate through the Site or App or when using the Services;

● When you contact us for Service requests.

Why we collect and how we use your information. (Legal Basis)

We collect and use your Personal Data when we have a legitimate purpose to do so, including but not limited to the following reasons:

● to verify your eligibility to use the Services;

● when it is necessary for the general functioning of the Services, including to contact you;

● when it is necessary in connection with any contract you have entered into with us or to take steps prior to entering into a contract with us;

● when we have obtained your or a third party’s prior consent;

● when we have a legitimate interest in processing your information for the purpose of providing or improving our Services;

● when we have a legitimate interest in using the information for the purpose of contacting you, subject to compliance with Applicable Law; or

● when we have a legitimate interest in using the information for the purpose of detecting, and protecting against, breaches of our policies and applicable laws.

We may use aggregated (anonymized) information about our End Users, and information that does not identify any individual, without restriction.

Information Collected from Third Parties

● Information from our service providers: We may receive information about you from third-party service providers that we engage to assist in providing or adding to our Services.

● Third Party Collection. We do not control third parties' collection or use of your information when you utilize any Open-Source Components or any other Third-Party Materials (each defined in our Terms) as part of our Services. Use of your information by third-party service providers may be subject to such party’s terms, conditions, and policies governing the use of your information. Borne shall not be liable for responsible for any such collection, use or sale by such third-parties.

Accessing and Controlling Your Information

If you would like to prevent us from collecting your information completely, you should cease use of our Services. You can also control certain data via these other methods:

● Correction capabilities: You have the ability to access and correct any inaccuracies in your personally identifiable information by contacting us at support@borne.ai.

● Opt-out of non-essential electronic communications: You may opt out of receiving newsletters and other non-essential messages by using the ‘unsubscribe' function included in all such messages or by contacting us directly at support@borne.ai. However, you will continue to receive notices and essential transactional emails.

● Optional information: You can always choose not to fill in non-mandatory fields when you submit any form or information linked to our Services.

Under the United States California Consumer Privacy Act, the Virginia Consumer Data Protection Act, Nevada’s, Colorado’s, Connecticut’s, Virginia’s, and Utah’s privacy laws, and other state-specific consumer privacy laws regarding notice of information collected, residents of these states have statutory data rights. We provide the same control and rights over your data no matter where you choose to live in the United States. As a user of Borne, you have the following control over your data:

● Right to access: You have the right to access (and obtain a copy of, if required) the categories of personal information that we hold about you, including the information's source, purpose and period of processing, and the persons to whom the information is shared.

● Right to rectification: You have the right to update the information we hold about you or to rectify any inaccuracies. Based on the purpose for which we use your information, you can instruct us to add supplemental information about you in our database.

● Right to erasure: You have the right to request that we delete your personal information in certain circumstances, such as when it is no longer necessary for the purpose for which it was originally collected.

● Right to restriction of processing: You may also have the right to request to restrict the use of your information in certain circumstances, such as when you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.

● Right to data portability: You have the right to transfer your information to a third party in a structured, commonly used and machine-readable format, in circumstances where the information is processed with your consent or by automated means.

● Right to object: You have the right to object to the use of your information in certain circumstances, such as the use of your personal information for direct marketing

If you are a resident of the European Economic Area (EEA), you may have certain rights under the European Union’s General Data Protection Regulation (GDPR). The information collected from you by us must be explained as follows in order for GDPR compliance. Please email us if you have any questions or want to exercise your rights in accordance with this Privacy Policy under these applicable laws.

● Borne’s legal basis for the processing your data includes the necessity to contract with you and perform our Services.

● Borne's legitimate interests in collecting such data include legitimate interests of our business, including but not limited to performing Services for you and other End Users, collecting necessary information in order to safely and accurately perform such Services, fraud prevention, information security, direct marketing, and legal compliance.

● Borne does not collect categories of personal data from sources other than yourself.

● Borne may transfer personal data outside of the jurisdiction, such as in the United States, or otherwise where we conduct our Services.

● Borne stores this information for as long as necessary to conduct Services. We will delete any data that has not been used for a period of five (5) years or longer.

● Borne does not use automated decision-making, such as profiling, during your application process.

● If you are a citizen where which GDPR applies, you have the right to object to or restrict data processing, the right to erasure also known as the right to be forgotten, and the right to data portability.

● At any time, you have the right to withdraw your consent for us to use, store, or collect your data and file a complaint with your local supervisory authority.

Exercise Your Data Rights

We acknowledge your right to request access, amendment, or deletion of your data. We also recognize that you have the right to prohibit sale of your data, but we do not sell data. You can exercise the rights described above, by sending an email to support@borne.ai. Only you, or an agent authorized to make a request on your behalf, may make a request related to your personal information.

We cannot respond to your request if, (i) we cannot verify your identity; or (ii) your request lacks sufficient details to help us handle the request. We will make best efforts to respond to your request withing forty five (45) days of its receipt. If we cannot respond in forty five (45) days, we will inform you, in writing, the reason for the delay and will respond to your request within ninety (90) days. Any information we provide will only cover the twelve (12)-month period preceding the request's receipt.

We do not charge a fee to process or respond to your request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request. We are not obligated to provide responses to your data requests more than twice in a twelve (12)-month period.

Automated Data Collection Methods

As you navigate through and interact with our Site or App, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including: details of your visits to our Site, including traffic data, location data, logs, and other communication data and resources you may access or use on our Site, App, or Services.

● Cookies. A cookie is a small file placed on your computer. We use cookies to help manage our website, report on your interaction with the Site, keep track of username and passwords, keep track of click-stream data, and personalize the Site.

● Log Files. We use means through the Services to collect IP addresses, location data, and access times. We use this information to optimize our Services, verify location, and maintain system security.

● Voice Recordings. We keep record and record your conversations you have using our Services while on the App. This information will be stored by us for as long as necessary to provide the Services. We will delete any data that has not been used for a period of five (5) years or longer.

How Long Do We Store Personal Data?

We will only retain your Personal Data for as long as is necessary to fulfill the purposes for which it is collected. This length of time may vary according to the nature of your relationship with us.

Text Message Communications

When you provide us with your mobile phone number, you explicitly consent to receive text messages regarding your account and our services, which may include security alerts, updates, and service notifications. The frequency of these messages may vary depending on your user activity and the preferences you set.

Opting Out of Text Messages

You may opt-out of receiving text messages from Borne at any time by following the instructions provided in any of the messages you receive, or by updating your preferences in your account settings on our App. Please note that opting out of text message notifications may impact the use of our services and the timeliness of the information you receive regarding your account.

Not Directed to Persons Under 13

Our Services are not intended for anyone under 13, and we do not knowingly collect Personal Data from children under 13. Participation in our Services is limited to individuals of 13 years old or older. If you are under 13, do not use or register on the Services, use any of the interactive submission features on our Site, or provide any information about yourself to us. If we learn we have collected or received Personal Data from a child under 13 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 13, please contact us at the email address listed below. California residents under 16 years of age may have additional rights regarding the collection and sale of their personal information.

Do Not Track Settings

We do not track our Users over time and across third party websites to provide targeted advertising and do not specifically respond to Do Not Track (“DNT”) signals.

WHO WE SHARE DATA WITH

We may use aggregated (anonymized) information about our End Users and Visitors, and information that does not identify any individual, without restriction. We do not sell Personal Data specific personal or transactional information to anyone except as described herein.

We do not sell Personal Data specific personal or transactional information to anyone except as described herein.

We disclose information to third-party service providers that we use to provide the Services to you. Such use of your information by such third-parties may be subject to their terms, conditions, and policies related to the use and privacy of your information. You acknowledge that Borne has no control over or liability for third parties which may collect your information by use of our Services.

Affiliates and Subsidiaries

We may, for our legitimate interests, share your information with entities under common ownership or control with us who will process your information in a manner consistent with this Privacy Policy and subject to appropriate safeguards.

Successors in Interest

We may, for our legitimate interests, share your information with a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, in which Personal Data about our End Users is among the assets transferred. You will be notified of any such change by a prominent notice displayed on our Services or by email. Any successor in interest to this Privacy Policy will be bound to the Privacy Policy at the time of transfer.

Law enforcement and other governmental agencies

We may share your information when we believe in good faith that such sharing is reasonably necessary to investigate, prevent, or take action regarding possible illegal activities or to comply with legal process. This may involve the sharing of your information with law enforcement, government agencies, courts, and other organizations.

Service Providers

We may, for our legitimate interests, share certain information with contractors, service providers, third party authenticators, and other third parties we use to support our business. Some of the functions that our service providers provide are as follows:

● Server infrastructure and storage;

● Business analytics services;

● User and identity verification management;

● Open-Source Components (as defined in our Terms);

● Payment processing;

● Site log analytics service for activity, performance, and troubleshooting;

● Services management;

● Conducting our Services; and

● Email management services.

We may use and disclose your personal data that you have voluntarily provided to us to third parties who contract with us to conduct our Services. We hereby acknowledge that any such disclosure shall be in compliance with all applicable data privacy laws in any given disclosure (“Applicable Law(s)”) and further acknowledge compliance with any such policies of covered third party entities we may work with.

THIRD-PARTY SERVICES AND WEBSITES

Borne is not responsible for the privacy policies or other practices employed by services, websites, products, or otherwise linked to, or from, or made available by, our Services nor the information or content contained therein, and we encourage you to read the privacy statements of any linked third party. This includes sharing information via social media websites.

DATA STORAGE AND HOW BORNE PROTECTS YOUR INFORMATION

Borne stores basic End User data on our servers including but not limited to name, email, username, Account information, and voice recordings. Payments are not always required by End Users. If an End User makes a purchase and a payment is required, then payment information is processed by our partners or service providers. Personal Data about End Users and Visitors that Borne collects is stored within the United States by Borne. The Services are provided from the United States, but may be available in other regions which Borne offers its Services. Borne does not seek users or seek to provide access to the Services in any country or territory that (a) is the target of any laws administered by the United States Department of the Treasury's Office of Foreign Assets Control ("OFAC") or any other governmental entity imposing economic sanctions or trade embargoes ("Economic Sanctions Laws"), or (b) is located, organized, or resident in a country or territory that is, or whose government is, the target of sanctions imposed by OFAC or any other U.S governmental entity. If you are using the Services from the EEA or other regions with laws governing data collection and use, please note that you are agreeing to the transfer of your Personal Data to the United States. Such locations may have laws which are different, and potentially not as protective, as the laws of your own country. By providing your Personal Data, you consent to any transfer and processing in accordance with this Privacy Policy.

Borne employs physical, electronic, and managerial control procedures to safeguard and help prevent unauthorized access to your information. We choose these safeguards based on the sensitivity of the information that we collect, process and store and the current state of technology. Our outsourced service providers who support our operations are also vetted to ensure that they too have the appropriate organizational and technical measures in place to protect your information.

Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your Personal Data, we cannot guarantee the security of your information transmitted to the Services. Any transmission of information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Services. In the event that there is a breach in the information that we hold; we shall notify of such breach via email or via a notice on the Services.

CHANGES TO THE PRIVACY POLICY

It is our policy to post any changes we make to our Privacy Policy on this page. If we make material changes to how we treat our End Users’ or Visitors’ Personal Data, we will notify you by email to the primary email address specified in your account or through a prominent notice on the Services. Such changes will be effective when posted. The date the Privacy Policy was last revised is identified at the top of the page. Your continued use of our Services following the posting of any modification to this Privacy Policy shall constitute your acceptance of the amendments to this Privacy Policy. You can choose to delete the App and discontinue of use the Services if you do not accept any modified version of this Privacy Policy.

QUESTIONS AND COMMENTS

If you have any questions or comments about this Privacy Policy, or if you would like to file a request about the data we hold or file a deletion request, please contact Customer Support at support@borne.ai.

Last Update: August 26, 2024