Privacy Policy

Last updated March 19, 2025

Your privacy is extremely important to us. This Privacy Policy details how PaxMea Ltd ("Paxmea", "we", or "us") gathers, uses, stores, transfers, and shares information about you when you visit or use our website, mobile app, and other online services and products (together known as the “Services”), as well as when you contact our customer support, interact with us on social media, or engage with us in any other way.

By using the Services, you promise us that:

you have read, understand, and agree to this Privacy Policy and data processing described, and
you are over 18 years of age.

You must not use the Services if you disagree with this or if you are unable to fulfill this commitment. In this situation, you have to:

delete your account and get in touch with us to ask that your data be deleted;
cancel any subscriptions using the tools offered by Apple (if you're using iOS) or Google (if you are using Android), any other app stores that might occasionally be available, or by us if you bought it straight from our website or other online services and products; and
remove the app from your devices.

Additional details for residents of California, and individuals in the EEA, UK, and Switzerland are provided at the end of this Privacy Policy.

Translations from the English version are just offered for convenience and transparency purposes. The English language version of this privacy statement will prevail over any translation if there is a discrepancy in meaning or interpretation. The only version that is legally binding is the original English text.

We may update this Privacy Policy from time to time. If we do, we will update the date at the top and may also give you additional notification in certain cases. If permitted by law, your continued use of the Services after this policy has been updated indicates your acceptance of changes made. Please do not use the Services if you disagree with the terms of the amended Privacy Policy. You will have the option to accept modifications to this policy.

Data We Collect from You

We collect personal information about you when you use the Services. This can come directly from you, like when you message us or select your areas for improvement, or it can come from other sources and third parties, like when you sign in with Apple or give us access to HealthKit data, or it can come automatically when you use our services, like when you use cookies or SDK technologies to get your IP address.

Data You Give Us

Personal data: your name, email address, date of birth, gender, associated social media details, and mailing address.
Payment information: financial account data such as your credit card number, to our third party service providers that serve us as a data and payment processors. We do not collect or store, or have access to full credit card number data, although we may receive some limited information, such as credit card-related data, such as a secure token reflecting your payment method, data about products or services purchased, date, time and amount for the purchase, the type of payment method used, limited digits of your card number.
Opinions and feedback: information from surveys, comments, feedback, and other data included in your interactions with us or provided through the Services. Some users also express how they are feeling when giving feedback or sending messages to us, but we do not infer any health-related characteristics from these details and only process them according to their intended purposes.
Additional Data You May Give: password, preferred language, goals, previous meditation experiences, sleep habits, physical attributes, kind and duration of physical activity you do, fitness level, moods, reflections shared during check-ins, nutritional preferences, or you can choose to track how much food and water you consume.
Special Wellness Data: some data we collect may be considered as a special category of personal data or sensitive data under certain data protection laws that we are subject to. When this is the case, for example, when we ask you whether you need a meal plan for diabetes or whether you choose to participate in a special program for limb loss or where you use our period tracker feature, we will strive to obtain your consent for processing of such data.

Data We Collect When You Use Our Services or Interact with Us

Usage information: sessions you attend, videos you view, content you hear, screens or features you use, and other relevant usage information.
Transaction details: information about purchases, such as prices, product descriptions, expiration dates of subscriptions or free trials, and the times and dates of transactions.
Device details: specifics about the computer or mobile device used to access the Services, such as the hardware model, operating system and version, device identifiers set by your device's operating system, and mobile network information.
Log details: your web browser type, app versions, access times and dates, pages you view, your IP address.
Communications: we may monitor and/or save our communications, including chat messages, phone calls, or video calls, especially when you give us feedback or participate in market research.

Data We Infer or Generate When You Use the Services

User ID: a unique identifier linked to your account.
Derived information: details about you based on other information we have collected such as your IP address to derive the approximate location of your device, in order to better tailor our services in accordance with your preference. Furthermore, we might use the data we have collected to better serve you through our offerings and services in the future.

Data We Gather from External Sources

Transaction details: information from third parties you interact with to install our application or subscribe to our service.
Social media data: should you choose to create or access your Paxmea account through a social media platform, we gain access to data from that platform, such as your name and other account details, in line with your settings for data sharing on that social media platform.
Calendar details: specifics from third-party calendar services that you opt to integrate with our services.
Data from third-party health apps: with your consent, we can receive data from your mobile device's health application (for example, Apple, Apple HealthKit or Google Health Connect), which includes sleep duration and goals, for your convenience in line with using the services. However, we do not draw conclusions about your health status from this data and only process it for the purpose it was originally provided.
Cookie data: we collect data through cookies and web beacons. You may choose to share your real email address or an anonymous one that uses the private email relay service. Apple will show you their detailed privacy information on the sign in with the Apple screen. Provided you give express permission on your device, we may receive (read) and/or write (share) data about your activity with/from Health App. You may decide to allow us to read (receive) the following information from the Health App: the number of steps, covered distance, weight, and dietary energy, and other data that you chose on the consent screen. If you grant access for us to write data (share with) Health App, we will transfer to Health App data on your workouts, weight, and dietary energy (calories intake). The pieces of data covered by Health Apps scope will be indicated to you by Apple or Google on their native pop-up screens, which we do not have control of. Before you decide to share your data with the Health App, we encourage you to review their privacy policy, as your data will subject to those policies. For more information on the Apple HealthKit, please see http://www.Apple.com/ios/health/, and on GoogleFit, please see https://www.google.com/fit/. You can withdraw our access to read/write data from the Health App at any time directly in the Health App.
Information you make public: we may gather data you have made publicly available, including from websites and online services you use, consumer research platforms, and/or business contact databases.

Purposes and Legal Bases for Processing Your Data

We collect and use your personal data to deliver and continuously improve the quality our Services. We also use this data to attract new customers to our products. Here’s a breakdown of how we use your data and the reasons we process it:

Provide our Service and Manage Your Account: We verify your identity, ensure you can access our Services, fixing or resolving any issues related to the Service's performance or technical problems, and customize your experience. For example, we might suggest personalized meditation or workout plans. (Performance of a contract or consent for sensitive data)
Communicate with You About the Service: We send reminders, motivational messages, or updates on your workouts and nutrition plans. You can change notification settings at any time. (Performance of a contract or legitimate interest)
Process Transactions and Orders: We process payments and manage your orders. This includes confirming purchases, providing receipts, or handling any issues like refunds. (Performance of a contract)
Analyse Service Usage and Improve: We review how you use the app to improve services, such as adding new features or optimizing workout programs based on your preferences. (Legitimate interest unless consent is required)
Send Marketing Communications: We may send you promotional offers or information about new products. You can opt-out anytime by following the unsubscribe link in emails. (Consent or legitimate interest in some cases)
Personalized Ads: We may show personalized ads based on your usage of the app, such as promoting fitness-related products. (Consent or legitimate interest if required by laws)
Comply with Legal Obligations: We use your data to comply with laws like tax regulations or respond to lawful requests from authorities. (Complying with legal obligations)
Prevent Fraud and Enforce Terms of Service: We use your data to protect against fraud and to enforce our Terms and Conditions of Use, ensuring proper app usage and security. (Legitimate interest)

Note: Some of the data we collect, like health-related data or device information, may be considered sensitive, and we’ll ask for your explicit consent to process it when necessary.

How We Use Your Data

Offer and maintain the Services, including fixing bugs to identify and rectify issues and health data (the legal basis for this processing is the performance of the agreement between you and Paxmea and/or your consent);
Enhance the Services, by developing new products and services (the legal basis for this processing is our legitimate interest in advancing and developing new offerings, by exploring methods to further improve our services and business);
Process transactions and fulfill orders (the legal basis for this processing is the performance of the agreement between you and Paxmea);
Send you transactional or relationship messages, such as receipts, account notifications, customer service responses, and other administrative communications (the legal basis for this processing is our legitimate interest in providing relevant information about our services, including your purchases from us);
Communicate with you about products, services, and events offered by Paxmea and others, solicit feedback, and send news, gifts, or other information we think will be of interest to you (see the “Your Choices” section below for information on how to opt out of marketing communications). (The legal basis for this processing is our legitimate interest in providing information about products and services that may be of interest to you unless applicable law requires us to obtain your consent, in which case we will do so);
Monitor and analyze trends, usage, and activities related to the Services (the legal basis for this processing is our legitimate interest in improving our Services and understanding the needs and expectations of our users);
Identify, investigate, and thwart fraudulent transactions and other unlawful activities, and safeguard the rights and assets of Paxmea and others, including to uphold our agreements and policies (the legal basis for this processing is our legitimate interest in preventing fraud and protecting and securing our assets, customers, employees and the public);
Adhere to legal requirements, such as by processing transactional records for tax filings and other compliance activities (the legal basis for this processing is compliance with our legal obligations under applicable law related to, for instance, taxation, and consumer protection law);
Generate anonymous or aggregated data that cannot be used to identify you (the legal basis for this processing is our legitimate interest in creating non-personally identifiable data to help improve our services, provide reports to third parties, and otherwise enhance and promote our business);
Customize your online experience and the advertisements you see on other platforms based on your preferences, interests, and browsing behavior (the legal basis for this processing is our legitimate interest in improving your experience with the Services and serving advertisements more relevant to your interests, unless applicable law requires us to obtain your consent, in which case we will do so); and
Organize contests, and promotions (the legal basis for this processing is our legitimate interest in conducting promotional activities that our users may choose to participate in).

Disclosures of Information

We may share details about you in the following ways and as detailed in this Privacy Policy or during the collection process:
With companies and contractors that provide services for us, including email service providers, payment systems, fraud prevention vendors, analytics providers, advertising partners, and other service providers;
To accountants, auditors, lawyers, and other external professional advisors to Paxmea, with the necessary contractual agreements for confidentiality;
If we believe disclosure is in accordance with, or required by, applicable law or legal process, including court order, subpoena, or other lawful requests by public authorities to meet national security or law enforcement requirements;
If we believe your actions are not in line with our user agreements or policies, if we believe you have violated the law, where necessary for the purposes of prevention, investigation, detection or prosecution of criminal offenses or the execution of criminal penalties, or to protect the rights, property, and safety of Paxmea or others, or if it is necessary for the establishment, exercise or defense of legal claims;
In the event of any merger, sale of company assets, financing or acquisition of all or a portion of our business by another company;
Between and among Paxmea, affiliates, subsidiaries, and other companies under common control and ownership;
If your Paxmea subscription was obtained through a third-party promotion, like being bundled with a third-party service or offered through a promotional code distributed by that third party, we may inform them that you redeemed the offer; and
With your permission or at your request. For example, you might choose to share activities you have taken through the Services using “share” or similar features or by linking your Paxmea account with third-party services.

We might also share disclose aggregated or other information not subject to obligations under the data protection laws of your jurisdiction with third parties.

Transfer of Data

Paxmea is based in the republic of Cyprus and has operations both domestically and internationally. Because of this, we and our service providers process information in nations that might not provide equivalent levels of data protection as your home jurisdiction. Where required by law, we offer sufficient protection for the transfer of personal data when mandated by law, such as by obtaining your consent, depending on the European Commission’s adequacy decisions, or carrying out Standard Contractual Clauses. Where relevant, you may request a copy of these Standard Contractual Clauses by emailing us at [email protected].

Privacy Rights

By logging into your account or sending us an email at [email protected], you can change some of your account details, including your name, password, and email address. You have the following rights, regardless of where you live, but subject to certain restrictions and requirements set forth by law:

to know more about the information we have about you;
to access information we have about you (including in a portable format);
to have information about you corrected; and
delete the information we have about you.

You also have the option, if applicable, to restrict the processing of sensitive personal data or to refuse to be profiled for decisions that have legally significant or comparable consequences. Paxmea does not, however, presently carry out any processing that results in those opt-out rights. Please be aware that even if you request that your information be deleted, we may still keep it if necessary by law.

Making Use of Your Rights

To exercise these rights, send us an email at [email protected]. We will not provide discriminatory treatment against anyone that exercises any of their rights.

Verification

We may ask you to provide information that matches the information we have on file in order to verify your request, where appropriate under applicable law (for example, requests to know, correct, or delete).

You may designate an authorized agent to exercise any of the rights set out in this Privacy Policy on your behalf. Although, authorized agents should use the same channels, but we may still ask you to personally verify your identity and may need documentation that the agent is authorized to act on your behalf.

Appeals

If we deny your request, you may appeal our decision by emailing [email protected]. If you are in the EU and have concerns about the result of the appeal, you may contact your Local Data Protection Authorities, which can be found on the EDPM website: edpb.europa.eu/about-edpb/members_en

Other Choices

Marketing Communications

You may opt out of receiving promotional emails from Paxmea by following the instructions in those emails or by emailing us at [email protected].

Mobile Push Notifications/Alerts

We send push notifications, including promotional ones, to your mobile device with your permission. By adjusting your mobile device's notification settings, you can deactivate these messages whenever you want.

Information for California Residents

Additional disclosures mandated by the amended California Consumer Privacy Act are provided in this section. For more details about the personal information we collect, including the categories of sources, please contact us at [email protected].

Types of personal data we collect

Names, phone numbers, email addresses, social media handles, and unique identifiers (like IP addresses) associated with your device or browser are examples of identifiers. Characteristics of protected classifications under state or federal law, like age and gender. Commercial data, including your payment details and Paxmea product or service purchases. Estimated geolocation data. Activity on the Internet or other electronic networks, including browsing habits and details about how you use and engage with the Services. Audio, electronic, visual, or similar information, such as profile photo or personal information you may provide during customer support calls and call recordings. Professional, employment, and educational information that you voluntarily give us, such as details about your employer or professional experience. Additional personal data you submit, such as your thoughts, preferences, objectives, and prior meditation experience, as well as any other data included in communications, surveys, or product reviews. conclusions made from the information above, like product preferences and buying patterns.

Business or commercial purposes for which we may use your data

Perform or provide the services, including your account maintenance, customer support, order and transaction processing, and customer information verification. for example, by creating new goods and services and making improvements to the existing ones. Debug, for example, to find and fix mistakes and other problems with functionality. Discuss marketing and other transactional or relationship-related messages with you. Analyze usage, for example, by keeping an eye on patterns and actions related to service use. Customize your online experience by, for example, adjusting the advertisements and content you see on the Services and other platforms according to your browsing habits, interests, and preferences. legal justifications, like assisting in the detection and defense against security incidents or other malevolent, dishonest, fraudulent, or unlawful activity.

Parties with whom information may be shared

Businesses that help us with customer service, order and subscription fulfillment, advertising measurement, communications and surveys, data analytics, fraud prevention, cloud storage, bug fix management and logging, and payment processing are examples of companies that offer services to us. Third parties that you agree to share your information with, like academic researchers or social media companies, or other third parties for legitimate purposes, such as adhering to the law or for other legitimate purposes outlined in our Disclosure section.

The aforementioned rights are available to California consumers under the Privacy Rights section. In order to, among other things, display advertisements for Paxmea on other websites and services, we use cookies and other tracking technologies, and we permit our advertising partners to use them as well. According to some privacy laws, these actions might be categorized as "sales," "sharing," or "targeted advertising." You can send an email to [email protected] to opt out of these practices. We don't intentionally "sell" or "share" personal information about customers younger than sixteen.

Information for Individuals in EEA, Switzerland, and UK

If you use the Services while in the United Kingdom, Switzerland, or the European Economic Area, you are subject to the following sections. For personal data covered by this Privacy Policy, Paxmea is the data controller.

Data Retention

Unless applicable law mandates storage for a longer period of time, we only keep personal data for as long as is required for the purposes for which it is processed and no longer than six years.

Data Subject Requests

Subject to certain limits and conditions provided under law, in addition to the rights described under the Privacy Rights section above, you have the right to:

You can object to specific processing (such as receiving direct marketing) or ask that we limit processing in specific situations (such as keeping but not processing further while a claim is being resolved).
Retract any consent you may have given.
Ask Paxmea to move specific data to a different data controller.
Complain to a supervisory authority about our data protection procedures.

o Please see this directory for contact details: https://edpb.europa.eu/about-edpb/board/members_en.
o If you are in the United Kingdom, please see this site for contact details: https://ico.org.uk/global/contact-us/.
o If you are in Switzerland, please visit this FDPIC site for contact details: https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/contact.html.

You can get in touch with us using the information below if you would like to exercise any of these rights but are unable to do so through the Services or your device.

Contact Us

You may contact us at any time for details regarding this Privacy Policy, its previous versions, or our information practices. For any questions concerning your account or your personal data please contact us at [email protected].