Privacy Policy

1. Scope of This Privacy Policy

This Privacy Policy applies to all personal information we collect through the App, including information provided by you, collected automatically, or obtained from third parties. It covers our practices regarding the collection, use, disclosure, and protection of your personal information when you:

• Create an account or use the App’s features, such as the vacation outfit planning tool or creator-curated videos.
• Interact with affiliate links, third-party services, or user-generated content.
• Communicate with us via email, in-app messages, or other channels.
• Access the App from any location worldwide, subject to applicable local laws.

This Privacy Policy does not apply to information collected by third-party websites, services, or applications linked through the App, such as retail websites accessed via affiliate links. Those third parties have their own privacy policies, which we encourage you to review before providing personal information.

2. Information We Collect

We collect personal information and non-personal information to provide, improve, and personalize the Services. Personal information is data that can be used to identify you as an individual, either directly or indirectly. Non-personal information does not identify you and may be aggregated or anonymized. Below, we describe the types of information we collect and how we collect it.

2.1 Information You Provide

We collect information you voluntarily provide when using the App, including:

• Account Information: When you create an account, we collect your name, email address, and any other details you provide during registration or account management, such as a username or profile preferences.
• Travel Data: When you use the vacation outfit planning tool, we collect itinerary details, such as destinations, travel dates, activities, and weather conditions, to generate packing lists and outfit suggestions.
• User-Generated Content: When you upload content, such as images of clothing, accessories, or travel essentials, or attach retail links to your packing lists, we collect that content and any associated metadata (e.g., file names, timestamps).
• Communications: When you contact us via email (e.g., info@caliblissenterprisesllc.com), in-app support, or other channels, we collect your contact information, message content, and any attachments you provide.
• Social Sharing: If you choose to share packing lists, outfit plans, or other content with other users or on external platforms (e.g., social media), we collect information related to those sharing activities, subject to your privacy settings.

2.2 Information Collected Automatically

We collect certain information automatically when you use the App, using technologies such as cookies, web beacons, and device identifiers. This includes:

• Device Information: Information about your device, such as the operating system (e.g., iOS version), device model, IP address, unique device identifiers, browser type, and network information (e.g., mobile carrier, Wi-Fi status).
• Usage Data: Information about your interactions with the App, such as pages viewed, features used (e.g., outfit planner, creator videos), time spent on the App, click patterns, and navigation paths.
• Location Data: If you enable location services, we may collect your precise or approximate location (e.g., GPS coordinates, IP-based geolocation) to provide location-based features, such as destination-specific outfit recommendations or weather data. You can disable location services at any time through your device settings.
• Analytics Data: Aggregated or anonymized data about user behavior, such as the number of users creating packing lists or clicking affiliate links, collected to analyze trends and improve the App.

2.3 Information from Third Parties

We may receive information about you from third-party services integrated with the App, including:

• Analytics Providers: Services like Google Analytics and Mixpanel provide us with anonymized or pseudonymized data about user engagement, feature usage, and app performance, which may include device identifiers, IP addresses, or session data.
• Email Service Providers: SendGrid provides us with information about email delivery status, open rates, and click-through rates for transactional or promotional emails, linked to your email address.
• Affiliate Partners: Retail websites or affiliate networks may provide us with data about your interactions with affiliate links, such as clicks or purchases, to track commissions. This data is typically anonymized but may be linked to your account if you make a purchase.
• Social Media Platforms: If you share content from the App on social media or log in using social media credentials (if such a feature is implemented), we may receive information from those platforms, such as your public profile details, subject to their privacy policies and your consent.

We ensure that third-party data collection complies with applicable laws, such as GDPR and CCPA, and is governed by data protection agreements with these providers.

3. How We Use Your Information

We use your personal information to provide, operate, and improve the Services, as well as to comply with legal obligations and protect our legitimate interests. The specific purposes for which we use your information include:

• Providing the Services: To create and manage your account, generate visual packing lists, deliver creator-curated videos, and enable features like itinerary planning and retail link integration.
• Personalization: To tailor the App experience to your preferences, such as suggesting outfit combinations, retail links, or travel tips based on your itinerary, location, or browsing history. Personalization may involve automated decision-making, subject to your consent where required (e.g., under GDPR Article 22).
• Communications: To send you transactional emails (e.g., account verification, password resets), push notifications, or in-app messages about your account, travel plans, or new features. We may also send promotional emails or notifications about creator content, discounts, or travel tips, with your consent where required by law (e.g., CAN-SPAM Act, GDPR).
• Analytics and Improvement: To analyze user behavior, feature usage, and app performance using tools like Google Analytics and Mixpanel, enabling us to optimize the App, fix bugs, and develop new features.
• Affiliate Marketing: To track clicks and purchases through affiliate links, calculate commissions, and ensure transparency with users, in compliance with FTC Guidelines on Endorsements and Testimonials (16 CFR Part 255).
• Social Sharing: To facilitate sharing of packing lists or outfit plans with other users or on external platforms, subject to your privacy settings and consent.
• Customer Support: To respond to your inquiries, provide technical support, and resolve issues, using the information you provide in communications.
• Legal Compliance: To comply with applicable laws, regulations, and legal processes, such as responding to court orders, subpoenas, or data subject requests under GDPR or CCPA.
• Security and Fraud Prevention: To protect the security of the App, detect and prevent fraud, abuse, or unauthorized access, and investigate violations of our Terms and Conditions.
• Business Operations: To support internal operations, such as auditing, accounting, or managing our relationships with third-party service providers.

We process personal information based on one or more legal bases, depending on the purpose and your jurisdiction:

• Consent: For optional features like personalized recommendations, promotional emails, or location-based services, where you provide explicit consent (e.g., under GDPR Article 6(1)(a)).
• Contract: To fulfill our obligations under the Terms and Conditions, such as providing the Services when you create an account (e.g., GDPR Article 6(1)(b)).
• Legitimate Interests: For purposes like analytics, security, and app improvement, where our interests are not overridden by your rights (e.g., GDPR Article 6(1)(f)).
• Legal Obligation: To comply with laws, such as data retention or disclosure requirements (e.g., GDPR Article 6(1)(c)).

4. How We Share Your Information

We may share your personal information with third parties in certain circumstances, as described below. We do not sell your personal information, as defined under CCPA or GDPR, but we may share it for business purposes or with your consent.

4.1 Service Providers

We share personal information with third-party service providers who perform services on our behalf, including:

• Analytics Providers: Google Analytics and Mixpanel receive anonymized or pseudonymized data (e.g., IP addresses, device identifiers) to analyze user behavior and app performance.
• Email Service Providers: SendGrid processes your email address and related data to send transactional or promotional emails.
• Cloud Hosting Providers: We use cloud services to store and process data, such as user accounts, packing lists, and uploaded images, ensuring secure storage and access.
• Customer Support Tools: We may use support platforms to manage and respond to your inquiries, which may process your contact information and message content.

These providers are bound by data protection agreements that require them to process your information only for specified purposes and in compliance with applicable laws, such as GDPR and CCPA.

4.2 Affiliate Partners

When you click affiliate links or make purchases through retail websites, we share limited data (e.g., click IDs, transaction details) with affiliate networks or retailers to track commissions. This data is typically anonymized but may be linked to your account if necessary for attribution. We disclose our affiliate relationships in accordance with FTC regulations.

4.3 Social Sharing

If you choose to share packing lists, outfit plans, or other content with other users or on external platforms (e.g., social media), we share the information you designate for sharing, subject to your privacy settings. You are responsible for managing what you share and reviewing the privacy policies of external platforms.

4.4 Legal and Regulatory Requirements

We may disclose your personal information to comply with legal obligations, such as:

• Responding to court orders, subpoenas, or other legal processes.
• Cooperating with law enforcement or regulatory authorities, such as investigations into fraud or intellectual property infringement.
• Complying with data protection laws, such as fulfilling data subject requests under GDPR or CCPA.
• Protecting our rights, property, or safety, or that of our users or third parties, including in litigation or dispute resolution.

4.5 Business Transfers

In the event of a merger, acquisition, reorganization, sale of assets, bankruptcy, or other change of control, we may transfer your personal information to a successor entity or third party, provided they agree to comply with this Privacy Policy and applicable laws. We will notify you of such transfers as required by law (e.g., GDPR Article 14).

4.6 With Your Consent

We may share your personal information for other purposes if you provide explicit consent, such as participating in a promotional campaign, contest, or creator collaboration. You may withdraw consent at any time, as described in Section 6.

5. Cookies and Similar Technologies

We use cookies, web beacons, pixel tags, and similar technologies to collect information automatically, enhance the App’s functionality, and personalize your experience. Cookies are small text files stored on your device that help us track usage and preferences. Our use of cookies is detailed in our Cookie Policy, which is incorporated herein by reference and available within the App.

The types of cookies and technologies we use include:

• Essential Cookies: Necessary for the App’s core functionality, such as maintaining your session, enabling account login, and saving your packing lists.
• Analytics Cookies: Used by Google Analytics and Mixpanel to collect anonymized data about user behavior, such as page views, feature usage, and session duration, to improve the App.
• Marketing Cookies: Used to deliver personalized recommendations or promotional content, such as creator videos or affiliate links, based on your interests, with your consent where required.
• Social Media Cookies: Enable sharing of content on external platforms, such as social media, if you use those features.

You can manage cookie preferences through your device settings or the App’s privacy settings, including opting out of non-essential cookies. However, disabling essential cookies may affect the App’s functionality. For more details, including how to opt out, please review our Cookie Policy.

6. Your Rights and Choices

Depending on your jurisdiction, you have certain rights regarding your personal information, as provided by laws like GDPR, CCPA, UK GDPR, PIPEDA, and others. These rights may include:

• Access: Request a copy of the personal information we hold about you, including categories of data, sources, purposes, and recipients.
• Rectification: Correct inaccurate or incomplete personal information in your account or by contacting us.
• Erasure: Request deletion of your personal information, subject to legal retention obligations (e.g., tax or audit requirements).
• Restriction: Restrict certain processing activities, such as analytics or marketing, where permitted by law.
• Portability: Receive your personal information in a structured, commonly used, and machine-readable format, or have it transferred to another controller (under GDPR).
• Objection: Object to processing for direct marketing, analytics, or other purposes based on legitimate interests, where applicable.
• Withdraw Consent: Withdraw consent for data processing (e.g., personalized recommendations, promotional emails) at any time, without affecting the lawfulness of prior processing.
• Opt-Out of Sale: Under CCPA, opt out of the “sale” of your personal information. We do not sell personal information, but certain data sharing (e.g., with analytics providers) may be considered a “sale” under CCPA.
• Non-Discrimination: We will not discriminate against you (e.g., by denying services or charging different prices) for exercising your rights.

To exercise these rights, please contact us at info@caliblissenterprisesllc.com or submit a request through the App’s privacy settings, if available. We will respond to requests within the timelines required by law, such as 30 days under GDPR or 45 days under CCPA, and we may require identity verification to process sensitive requests (e.g., data access or deletion).

You can also manage your privacy preferences by:

• Adjusting notification settings in the App to opt out of push notifications or promotional emails.
• Disabling location services through your device settings to prevent collection of location data.
• Opting out of non-essential cookies or analytics tracking, as described in our Cookie Policy.
• Deleting your account through the App’s settings or by contacting us, which will remove your personal information, subject to retention obligations.

If you are not satisfied with our response to your request, you may lodge a complaint with your local data protection authority, such as the Information Commissioner’s Office (ICO) in the UK, the Data Protection Commission (DPC) in Ireland, or the California Privacy Protection Agency (CPPA) for California residents.

7. Data Security

We implement reasonable technical, administrative, and organizational measures to protect your personal information from unauthorized access, use, disclosure, loss, or alteration, in accordance with industry standards and applicable laws. These measures include:

• Encryption of data in transit (e.g., using TLS/SSL) and at rest, where feasible, to prevent interception or unauthorized access.
• Access controls to limit employee and contractor access to personal information, based on the principle of least privilege.
• Regular security assessments, vulnerability scans, and software updates to address potential risks.
• Data protection agreements with third-party service providers (e.g., Google Analytics, Mixpanel, SendGrid) that require them to implement equivalent security measures.
• Incident response protocols to detect, investigate, and mitigate data breaches or security incidents.

Despite these measures, no system or transmission over the internet is completely secure, and we cannot guarantee the absolute security of your personal information. You are responsible for maintaining the security of your account credentials (e.g., using strong passwords, enabling two-factor authentication if available) and using secure devices and networks when accessing the App. If we become aware of a data breach that may affect your personal information, we will notify you and relevant authorities as required by law, such as GDPR Article 33 or CCPA regulations.

8. International Data Transfers

The App is hosted and operated in the United States, and your personal information may be transferred to, stored, or processed in the United States or other countries where our service providers (e.g., cloud hosting, analytics, or email providers) operate. These countries may have data protection laws that differ from those in your jurisdiction, and they may not provide the same level of protection.

For users in the European Union, United Kingdom, or other regions with strict data protection laws, we ensure that international data transfers comply with applicable requirements, such as:

• GDPR and UK GDPR: We use mechanisms like Standard Contractual Clauses (SCCs), approved by the European Commission, to safeguard transfers outside the European Economic Area (EEA) or UK. Where applicable, we rely on adequacy decisions for countries deemed to have adequate data protection by the EU or UK.
• CCPA and Other Laws: We comply with U.S. state and federal regulations governing cross-border data sharing, ensuring transparency and user rights.

We conduct transfer impact assessments, where required, to evaluate the risks of international data transfers and implement supplementary measures to protect your data. For more information on our data transfer practices, please contact us at info@caliblissenterprisesllc.com.

9. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. The retention period depends on the type of information and the purpose for which it is used:

• Account Information: Retained for the duration of your account’s existence, unless you request deletion. After account deletion, we may retain limited data for legal or operational purposes (e.g., tax records, dispute resolution) for up to 7 years, as required by law.
• Travel Data and User-Generated Content: Retained until you delete your packing lists or content, or your account is terminated. Residual data may be retained in backups for up to 90 days.
• Usage and Analytics Data: Retained in anonymized or aggregated form for as long as needed to analyze trends and improve the App, typically up to 3 years for pseudonymized data.
• Communications: Retained for as long as necessary to provide support or fulfill your request, typically up to 1 year after the communication is resolved, unless required for legal purposes.

When personal information is no longer needed, we securely delete or anonymize it using industry-standard methods, such as overwriting or cryptographic erasure. If you request deletion of your data under GDPR or CCPA, we will comply within the required timeframe, subject to legal retention obligations.

10. Children’s Privacy

The App is not intended for use by individuals under the age of 18, and we do not knowingly collect personal information from children under 18. If we become aware that a child under 18 has provided personal information, we will take steps to delete it promptly, unless required to retain it by law (e.g., for legal compliance). If you are a parent or guardian and believe your child has provided personal information to the App, please contact us at info@caliblissenterprisesllc.com, and we will assist you in removing the information.

We comply with the Children’s Online Privacy Protection Act (COPPA) (15 U.S.C. § 6501 et seq.) and equivalent laws in other jurisdictions, such as GDPR Article 8, which impose strict requirements for collecting data from children. Our practices ensure that the App is designed for adult users and does not target or appeal to children.

11. Third-Party Links and Services

The App contains affiliate links to third-party retail websites and integrates third-party services, such as Google Analytics, Mixpanel, and SendGrid, to enhance functionality and provide analytics or communications. These third parties may collect and process your personal information in accordance with their own privacy policies, which we encourage you to review. We are not responsible for the data practices, security, or content of third-party websites or services, and your interactions with them are at your own risk.

When you click an affiliate link or make a purchase, the retail website may collect information such as your name, payment details, or purchase history, governed by their privacy policy. Similarly, third-party plugins may collect data like IP addresses, device identifiers, or email addresses for analytics or email delivery purposes. We disclose these integrations in this Privacy Policy and ensure that our agreements with third parties include data protection obligations, as required by GDPR, CCPA, and other laws.

To opt out of data collection by third-party services, you can:

• Adjust your cookie preferences in the App or your device settings, as described in our Cookie Policy.
• Disable analytics tracking through the App’s privacy settings, where available.
• Follow opt-out instructions provided by third-party providers, such as Google Analytics and Mixpanel.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or the App’s functionality. The updated Privacy Policy will be effective immediately upon posting within the App, and we may notify you via email, in-app notifications, or other methods, as required by law (e.g., GDPR Article 13, CCPA).

Your continued use of the App after the effective date of the updated Privacy Policy constitutes your acceptance of the changes. If you do not agree with the updated Privacy Policy, you must discontinue using the App and may request deletion of your account. We encourage you to review this Privacy Policy periodically to stay informed of how we protect your personal information.