Privacy Policy

Effective Date: September 24, 2025

1. Introduction

Welcome to our challenge tracking platform (the "Platform" or "Service"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Platform.

By using our Platform, you consent to the data practices described in this Privacy Policy. If you do not agree with our policies and practices, please do not use our Service.

2. Information We Collect

2.1 Personal Information

We collect the following types of personal information:

  • Account Information: Name, email address, phone number, and password
  • Profile Information: Preferred name, location, gender, timezone, and difficulty preferences
  • Communication Preferences: Email and SMS notification preferences
  • Challenge Information: Challenge participation, completion status, and comments
  • Usage Data: Platform interaction data, login information, and feature usage

2.2 Automatically Collected Information

We automatically collect certain information when you use our Platform:

  • Device information (browser type, operating system)
  • IP address and location data
  • Session information and cookies
  • Platform usage analytics

2.3 SMS and Email Communications

When you provide your phone number and email address, we may send you SMS messages and emails related to your account, challenge updates, reminders, and other service-related communications.

3. How We Use Your Information

We use the collected information for the following purposes:

  • Provide, operate, and maintain our Platform
  • Process user registration and account management
  • Facilitate challenge participation and tracking
  • Send SMS and email communications based on your preferences
  • Verify phone numbers and email addresses
  • Provide customer support and respond to inquiries
  • Improve our Platform and develop new features
  • Ensure Platform security and prevent fraud
  • Comply with legal obligations and enforce our terms
  • Send administrative information and service updates

4. Information Sharing and Disclosure

4.1 Third-Party Service Providers

We share information with trusted third-party service providers who assist us in operating our Platform:

  • Twilio: For SMS messaging services. No mobile information is shared with third parties/affiliates for marketing/promotional purposes. Information sharing is limited to subcontractors supporting customer service functions.
  • SendGrid: For email delivery services. Personal information is not shared with third parties for marketing purposes without explicit consent.
  • Cloud Infrastructure Providers: For hosting and data storage services

4.2 Legal Requirements

We may disclose your information if required to do so by law or in response to:

  • Valid legal process (subpoenas, court orders)
  • Government investigations
  • Protection of our rights, property, or safety
  • Protection of users or the public

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the business transaction. We will notify you of any such change in ownership or control.

5. Data Security

We implement appropriate technical and organizational security measures to protect your personal information:

  • Encryption of data in transit and at rest
  • Secure authentication and access controls
  • Regular security assessments and monitoring
  • Employee training on data protection practices
  • Compliance with industry security standards

While we strive to protect your information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security but will notify you of any known security breaches as required by law.

6. Your Rights and Choices

6.1 Access and Control

You have the following rights regarding your personal information:

  • Access: Request access to your personal information
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your personal information
  • Portability: Request a copy of your data in a portable format
  • Restriction: Limit how we process your information

6.2 Communication Preferences

You can control your communication preferences:

  • Email: Unsubscribe from non-essential emails using the unsubscribe link or by updating your preferences
  • SMS: Opt out of SMS messages by replying "STOP" to any message or updating your preferences
  • Account Settings: Manage your communication preferences in your account settings

6.3 Account Deletion

You may request deletion of your account and associated data. We will process deletion requests within 30 days, though some information may be retained as required by law or for legitimate business purposes.

7. Consent and Opt-In Procedures

User Registration and Opt-Out Flow

The diagram below shows how users can register via web or SMS and all available opt-out procedures for compliance with communication preferences.

User Registration and Opt-Out Flow Diagram

Click image to view full size

7.1 Email Communications

We obtain affirmative consent before sending non-transactional emails:

  • Clear opt-in mechanisms during registration
  • Specific consent for different types of communications
  • Easy opt-out process with unsubscribe links in all emails
  • Opt-out requests honored within 10 days
  • Physical mailing address included in all non-transactional emails

7.2 SMS Communications

SMS communications are sent based on:

  • Explicit consent provided during phone number verification
  • Service-related messages for platform functionality
  • Challenge-related notifications based on your preferences
  • Clear opt-out instructions provided in messages

8. Data Retention

We retain your personal information for as long as necessary to:

  • Provide our services and maintain your account
  • Comply with legal obligations
  • Resolve disputes and enforce our agreements
  • Improve our services and conduct analytics

When you delete your account, we will delete or anonymize your personal information within 30 days, except where retention is required by law.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. When we transfer your information internationally, we ensure appropriate safeguards are in place to protect your privacy rights.

10. Children's Privacy

Our Platform is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information promptly.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will:

  • Update the "Effective Date" at the top of this policy
  • Notify you of material changes via email or platform notification
  • Post the updated policy on our Platform

Your continued use of our Platform after changes become effective constitutes acceptance of the updated Privacy Policy.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: privacy@humansuccesslab.com

Response Time: We will respond to your inquiry within 30 days

Data Protection Rights: For requests related to your personal data rights (access, correction, deletion), please include your account information and specify the nature of your request.

13. Legal Compliance

This Privacy Policy is designed to comply with applicable data protection laws, including:

  • General Data Protection Regulation (GDPR)
  • California Consumer Privacy Act (CCPA)
  • Telephone Consumer Protection Act (TCPA)
  • CAN-SPAM Act
  • Other applicable federal, state, and local privacy laws
Back to Login