PRIVACY POLICY

Please read this Privacy Policy ("Policy") carefully. The users, subscribers, partners, and viewers ("Users") accept the terms of this Policy by accessing and/or utilizing the services of POTOLO (the "Company"). The Users acknowledge that they agree to this Policy and accept the rights and obligations created by it. This Policy is drafted to outline the privacy policy of the Company. This Policy is designed to comply with applicable laws and standards.

1. INTRODUCTION

1.1. Purpose of the Privacy Policy

This Policy has been meticulously crafted to serve as a comprehensive guide outlining the manner in which POTOLO collects, utilizes, processes, and safeguards the personal information of its Users. The paramount importance of privacy and data protection is recognized by the Company, especially in the context of its app-based services, which encompass a wide array of functionalities including, but not limited to, ordering food from kitchen partners, hiring workers for tasks or projects, obtaining health consultations from certified professionals, accessing gyms nearby with flexible memberships, managing fleets with smart solutions, facilitating dry cleaning services with convenient pickup and delivery options, and selling bus tickets to other travelers. Given the diverse nature of these services and the corresponding data collection that includes, but is not limited to, location data, health information for consultations, and payment information, this policy delineates the principles and practices that the Company adheres to in compliance with global data protection regulations such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), ensuring the Users' privacy is respected and protected.

1.2. Scope and Application

The scope of this Policy extends to all personal information collected by the Company through the app, regardless of the manner in which Users access or utilize the services. This Policy is applicable to all platforms, technologies, and devices through which the app's services are made available to Users. It is designed to inform Users about their privacy rights and the choices available to them regarding the collection, use, and disclosure of their personal information. Furthermore, this Policy applies to the Company's interactions with its Users and any information collected directly from Users or through third parties for the purpose of providing the app's services efficiently and effectively.

1.3. Agreement to Terms

By accessing, downloading, or using the app's services, Users explicitly agree to the collection, use, processing, and sharing of their personal information in accordance with the terms outlined in this Policy. If a User does not agree with any part of this Policy, they are advised not to use or access the services provided by the app. Continued use of the app following the posting of changes or updates to the Policy will constitute the User's acceptance of those changes. It is the responsibility of the User to review this policy periodically to stay informed about how the Company is protecting their personal information.

1.4. Updates and Changes to the Privacy Policy

The Company reserves the right to modify, amend, or update this Policy at any time and for any reason without prior notice to reflect changes in legal or regulatory obligations, the evolution of the app's services, or advancements in privacy practices. The date of the latest revision will be prominently displayed at the top of the policy document. Users are encouraged to review the Policy regularly to stay informed about how their personal information is being protected. Significant changes to the Policy will be communicated to Users through the app or other appropriate channels, ensuring Users are aware of what information is collected, how it is used, and under what circumstances, if any, it is disclosed.

2. INFORMATION COLLECTION

2.1. Types of Information Collected

2.1.1. Personal Identification Information

Personal Identification Information encompasses data that allows for the direct identification of an individual User. This category includes, but is not limited to, the User's full name, email address, postal address, and telephone number. Such information is pivotal for the Company to provide personalized services, facilitate communication, and ensure the delivery of products or services requested through the app.

2.1.2. Payment Information

The Company collects Payment Information to process transactions initiated by Users within the app. This information includes credit card numbers, bank account details, and any other financial data required to complete purchases or bookings. The secure processing of Payment Information is paramount, and the Company employs robust encryption and security measures to protect this sensitive data from unauthorized access or misuse.

2.1.3. Health Information

For Users availing of health consultation services through the app, the Company collects Health Information, which may include medical histories, treatment information, and other health-related data. This information is collected to provide tailored health consultations and services from certified professionals. The Company is committed to maintaining the highest standards of confidentiality and privacy with respect to Health Information, adhering strictly to applicable health data protection regulations.

2.1.4. Location Data

Location Data is collected to enhance the functionality of services such as food delivery, gym access, and other location-based offerings provided by the app. This data enables the Company to offer personalized recommendations, deliver services efficiently, and optimize User experience based on geographical proximity.

2.1.5. Device and Usage Information

To further refine and customize the User experience, the Company collects Device and Usage Information. This includes data pertaining to the type of device used to access the app, operating system, browser type, internet protocol address, mobile network information, and how the app is utilized. Analyzing this information assists in improving app performance, diagnosing technical issues, and tailoring services to User preferences and device capabilities.

2.2. Methods of Collection

The Company may employ various methods to collect personal information, ensuring transparency and consent in its data collection practices.

2.2.1. Information You Provide

A significant portion of the data collected by the Company is provided directly by Users through the app interface or via communication with customer service. This includes information entered when registering for an account, completing transactions, engaging in consultations, or utilizing other services offered through the app.

2.2.2. Information Collected Automatically

The Company may utilize technologies such as cookies, web beacons, and similar tracking mechanisms to collect information automatically as Users interact with the app. This automatic data collection facilitates the understanding of how the app is used, helps in customizing the User experience, and improves service offerings.

2.2.3. Information From Third Parties

In certain instances, the Company may receive personal information about Users from third-party sources. These sources may include partners involved in providing services through the app, marketing affiliates, and publicly available sources. The integration of this information allows for the enhancement of services provided, ensuring a comprehensive and User-centric experience.

3. USE OF INFORMATION

3.1. Providing Services

The collection of personal information by the Company is primarily directed towards the provision of its diversified and multifaceted app-based services. This encompasses facilitating the ordering of food from kitchen partners, enabling the hiring of workers for various tasks or projects, providing health consultations by certified professionals, offering access to gyms nearby with flexible memberships, managing fleets with innovative solutions, arranging for the dry cleaning of clothes with convenient pickup and delivery, and facilitating the sale of bus tickets to other travelers. The utilization of Users' personal identification information, location data, and specific service-related information enables the Company to tailor and optimize the service delivery process, ensuring that the services provided are not only relevant but also of the highest quality and efficiency. The Company's commitment to enhancing User experience is reflected in the meticulous use of the collected information to facilitate User transactions, service requests, and interactions within the app's ecosystem, thus ensuring a seamless and satisfactory User journey.

3.2. Payment Processing

To ensure the secure and efficient processing of transactions initiated within the app, the Company employs the collected payment information, including, but not limited to, credit card details and bank information. This information is crucial for the facilitation of purchases, bookings, and other financial transactions associated with the services offered through the app. The Company adheres to stringent security standards and protocols to protect and secure payment information, thereby safeguarding Users' financial data against unauthorized access, misuse, or any form of compromise. The trust placed by Users in the Company's handling of their financial transactions is of paramount importance, and as such, the Company employs advanced encryption technology and complies with all applicable financial data protection regulations to ensure the integrity and confidentiality of payment processing operations.

3.3. Customer Support

In the context of providing timely and effective customer support, the Company utilizes personal information to address and resolve User inquiries, complaints, or feedback. This includes leveraging personal identification information and relevant service usage details to understand and respond to User needs, enhance the quality of customer service, and ensure a responsive and User-friendly support system. The Company's customer support operations are designed to be comprehensive, User-centric, and geared towards fostering positive User experiences, thereby reinforcing the Company's commitment to excellence in service delivery and customer satisfaction.

3.4. Marketing and Communications

The Company may engage in marketing and communication activities to inform Users about new services, promotions, updates, and other information that may be of interest. This includes the use of personal identification information and communication preferences to tailor marketing messages and ensure that Users receive relevant and personalized information. The Company respects Users' privacy preferences, including the option to opt-in or opt-out of receiving marketing communications as per the 10DLC requirements, thereby empowering Users to control the nature and frequency of the marketing and communication material they receive. The strategic use of information for marketing purposes is aimed at enhancing User engagement, promoting new and existing services, and building a strong, interactive community around the Company's app-based offerings.

3.5. Improvement of Services

To continuously enhance and innovate the app's services and features, the Company may analyze collected data, including device and usage information, feedback, and User interactions within the app. This analytical approach enables the Company to identify trends, User preferences, and areas for improvement, thereby facilitating the development of new services, optimization of existing ones, and customization of the User experience. The Company's dedication to service improvement is driven by a commitment to offering Users an evolving and dynamic app ecosystem that not only meets but exceeds their expectations in terms of functionality, usability, and overall value.

3.6. Legal Obligations

In adherence to legal and regulatory obligations, the Company may use collected information to comply with laws, regulations, legal processes, or governmental requests. This includes the use of personal information in the context of legal proceedings, audits, security investigations, or other legal or compliance-related purposes. The Company's approach to fulfilling its legal obligations is characterized by a commitment to the highest standards of legal compliance, integrity, and ethical conduct. The utilization of User information for legal purposes is conducted with utmost respect for privacy rights and in strict accordance with applicable data protection laws and regulations. Whether responding to lawful requests for information from law enforcement agencies, complying with data protection regulations, or engaging in efforts to prevent fraud and protect the security and integrity of the app and its Users, the Company ensures that such uses of personal information are justified, proportionate, and necessary for the specified legal purpose.

In fulfilling its legal obligations, the Company remains vigilant in its duty to protect Users' privacy and personal information, adhering to principles of transparency and accountability. The Company's legal team continuously monitors regulatory developments and legal requirements to ensure compliance and safeguard the interests of both the Company and its Users. By integrating legal compliance seamlessly into its operations and decision-making processes, the Company not only upholds its legal responsibilities but also reinforces its commitment to operating in an ethical, responsible, and User-focused manner.

In conclusion, the use of information by POTOLO is multifaceted and encompasses a broad spectrum of activities essential for the provision and improvement of its services, customer support, marketing communications, and compliance with legal obligations. The Company's policies and practices regarding the use of information are underpinned by a commitment to privacy, security, and compliance, ensuring that Users' personal information is handled with the highest level of care and integrity.

4. INFORMATION SHARING AND DISCLOSURE

4.1. With Service Providers

POTOLO may engage with a variety of third-party service providers to facilitate the seamless delivery of its app-based services, which range from food ordering to health consultations, and from fleet management to ticket sales for travelers. These service providers perform critical functions on behalf of the Company, such as payment processing, data analysis, email delivery, hosting services, customer service, and marketing assistance. In order to perform these services, third-party service providers have access to the personal information necessary to execute their duties effectively. However, the Company implements stringent contractual obligations to ensure that these service providers protect the information and use it solely for the purposes for which they were engaged, adhering to privacy standards that are as protective as the Company's own policies. The Company endeavors to carefully vet each service provider for compliance with relevant data protection laws and insists on adherence to confidentiality agreements and data processing terms that restrict their use of, access to, and the protection of personal information.

4.2. For Legal Reasons

The Company reserves the right to share personal information with third parties if required to do so by law or if such action is necessary to comply with legal processes, respond to claims, or protect the rights, property, or safety of the Company, its Users, or the public. This includes complying with legal obligations such as court orders, warrants, or subpoenas, participating in legal proceedings, responding to requests from public and governmental authorities, enforcing our terms and conditions, conducting investigations, and protecting against fraud, security breaches, or technical issues. In such cases, the Company makes every effort to notify affected Users about the legal demands for their personal information, unless providing such notice is prohibited by the legal process itself, by court order we receive, or by applicable law, or unless the request is an emergency. In these situations, our commitment is to protect our Users' privacy and legal rights to the fullest extent allowed by law.

4.3. Business Transfers

In the event of a merger, acquisition, bankruptcy, dissolution, reorganization, sale of some or all of the Company's assets, or transition of service to another provider, Users' personal information may be among the assets transferred. This includes personal identification, payment information, health data, location data, and device and usage information. The Company's practice in such transactions is to notify Users before their personal information is transferred and becomes subject to a different privacy policy. The Company commits to ensuring the confidentiality of personal information is maintained and that any potential transfer is performed in compliance with applicable privacy laws and regulations, ensuring a seamless transition for Users and the continued protection of their privacy.

4.4. With Your Consent

Aside from the circumstances described above, the Company may share personal information with companies, organizations, or individuals outside of POTOLO when we have the explicit consent of the User to do so. This consent-based sharing is typically related to services that require the integration of third-party offerings with those of the Company or to accommodate the User preferences. This includes the opt-in options for receiving marketing communications, promotional offers, or information about third-party services that may be of interest. Users have the right to withdraw their consent at any time, effectively halting further sharing of their information under this provision. The Company places the utmost importance on ensuring that Users' choices and consent are respected and acted upon with transparency and integrity, maintaining the principle that User information is shared externally only with clear, affirmative consent from the User.

5. DATA RETENTION AND SECURITY

5.1. Retention Period

POTOLO is committed to retaining personal information only for as long as necessary to fulfill the specific purposes for which it was collected and to comply with our legal and regulatory obligations. This retention period is dependent upon the nature of the information collected and the purpose for which it is collected and processed. For instance, transactional records, including payment information, are retained in accordance with relevant tax and accounting laws, whereas personal identification information and health data used for providing services and customer support are retained for the duration of the User's relationship with the Company plus a period thereafter as dictated by legal, contractual, or ethical obligations. The Company conducts regular reviews of all personal information held to determine its continued relevance and deletes or anonymizes data when it is no longer necessary for its collected purpose or when the retention period expires, whichever comes first. In certain cases, Users may request the deletion of their information before the expiry of the retention period, in which case the Company will evaluate such requests in accordance with applicable laws and its data retention policies.

5.2. Security Measures

The security of personal information is of paramount importance to the Company. To protect User data against unauthorized, illegal, or unlawful access, alteration, disclosure, or destruction, the Company employs a comprehensive suite of security measures that include physical, technical, and administrative safeguards. These measures are designed to provide a level of security appropriate to the risk of processing personal information. Technical safeguards include the use of encryption, firewalls, and secure server facilities. Administrative measures involve the implementation of access controls and least privilege, ensuring only authorized personnel have access to personal information for approved purposes. The Company also engages in regular security assessments and audits to evaluate and enhance its security posture. Employee training in data protection and privacy is conducted periodically to reinforce the importance of security and to ensure that all staff members are aware of and comply with our security practices and policies.

5.3. Breach Notification

In the unfortunate event of a data breach that is likely to result in a risk to the rights and freedoms of individuals, the Company is committed to promptly notifying the affected individuals and relevant authorities in accordance with applicable data protection laws. This notification will include, as far as is reasonably possible, the nature of the data breach, the categories and approximate number of individuals concerned, the likely consequences of the breach, and the measures taken or proposed to be taken by the Company to address the breach, including, where appropriate, measures to mitigate its possible adverse effects. The Company's approach to breach notification is guided by a commitment to transparency, accountability, and the protection of the User privacy. Efforts to investigate the breach will be initiated promptly, with the aim of swiftly identifying the cause, implementing measures to prevent future occurrences, and complying with our legal and regulatory notification and reporting obligations.

6. YOUR RIGHTS AND CHOICES

Users may request access, correction, deletion, portability, or restriction of their personal data, withdraw consent, and opt out of marketing communications, subject to applicable laws.

7. COOKIES AND TRACKING TECHNOLOGIES

Cookies are used to improve functionality, analyze usage, and personalize experiences. Users may manage cookie preferences through browser settings.

8. INTERNATIONAL DATA TRANSFER

Personal information may be transferred internationally using lawful mechanisms such as Standard Contractual Clauses and appropriate safeguards.

9. CHILDREN'S PRIVACY

The restaurant platform is not intended for children under thirteen (13). The Company does not knowingly collect personal information from children.

10. LINKS TO OTHER SITES

The platform may contain links to third-party websites. The Company is not responsible for their privacy practices.

11. COMPLIANCE WITH GLOBAL REGULATIONS

POTOLO complies with GDPR, CCPA, and other applicable data protection laws and supports Users' statutory rights.

12. CONTACT INFORMATION

Email: contact@potolo.com

Address: Suite 325 100 Matawan Road, Matawan, NJ 07747

13. POLICY UPDATES

This Policy may be updated periodically. Continued use of the services constitutes acceptance of the updated Policy.