Last Updated on 18th Dec 2020
Welcome to the App, Xume and or Software Application and/or Website, xume.co (hereinafter collectively known as “Xume”) owned and hosted by MAJA Solutions LLP (hereinafter, “MAJA”) a limited liability company, operating under the laws of India, having its registered office at 54 Jolly Maker Chambers 2, Nariman Point, Mumbai - 400 021 India and providing its services worldwide.
MAJA has already put in place procedures in accordance with industry standards to safeguard and secure your information. MAJA currently runs, checks and tests its platform to ensure that it is not prone to any attacks from known viruses, malware, bloatware, trojans and spyware. However, we recommend you to run your own antivirus program when you access the platform or download any content from it. MAJA is not responsible for and accepts no liability for any damage to your computer system or loss of data caused by using this platform or arising as a result of having used the platform.
Why personal data is collected?
MAJA requires the following personal data information to understand your needs and customize our platform according to them, improve our products and service and for other reasons such as:
- dentify a user and provide the same experience across Apps and Web.
- Internal record keeping.
- Periodically send promotional emails about new products, special offers or other information that Xume thinks a user might find interesting
- Market research purposes.
- To improve our products and services.
- To customize the platform according to user’s interests through calculated information based on the data collected by us.
- Information from Integrated Services like Facebook or Google
If you decide to register through or otherwise grant access to a third-party social networking or integrated service such as Facebook or Google, Xume will collect personal information (your full name and email address) that is already associated with your integrated services account in order to autofill the registration form. By doing so, you are giving Xume the permission to use, store and share it in a manner consistent with this privacy notice.
Partners, What we share and Why We share :
- Partner Name : Apple App Store, and Google Play Store
What we share : The fact that you have downloaded Xume App from the App Store (if you are an iOS user) or from the Play Store (if you are an Android user).
Why we share it : To allow Xume App to be distributed via the App Store or Play Store, and so you can restore your download in the future if needed.
Partner Name : Google Analytics
Why we share it : To understand where our website visitors come from (so we know where potential new markets for Xume), what sorts of devices they are using (so we can optimize the website for those devices), and whether visitors make return visits to the site (so we can develop more useful and informative content).
Partner Name : Google Firebase
What we share : Your phone number, the fact that a Facebook user is attempting to sign into Xume using their Facebook account (if attempted), the fact that a Google user is attempting to sign into Xume using their Google account (if attempted), and a Xume App-generated user-linked email address.
Why we share it : To: enable login via SMS, email, or social accounts; understand user engagement, retention and journeys; to ensure single account access via multiple numbers, and to troubleshoot crashes.
Partner Name : Sendgrid
What we share : Your email address, Xume user ID, Xume generated email body, which may include your first name, names of certain contacts (without providing access to your contacts) and application navigation links.
Why we share it : To send users emails that are relevant to them, to accurately reflect their communication preferences, and to allow users to navigate directly from the email to relevant in-app screens.
Partner Name : Facebook
What we share : That a Facebook user has used Facebook to login to Xume.
Why we share it : To enable login via Facebook, and to deliver advertisements and relevant Xume App updates on Facebook to existing Xume users, and users who have logged in using Facebook
What personal data is collected?
MAJA may collect the following information:
- Demographic information such as postcode, preferences and interests
- Login and account information including unique user ID and password
- Data on physical features, such as weight, height, body measurements, etc.
- Goals and Preferences mentioned in User Profile to help personalise your scores and recommendations
- Program and subscriptions purchased
- Device IDs, Network access, storage information on device, battery information
- IP addresses, referred headers, web beacons and tags etc.
- Other relevant information
- MAJA uses industry standard, HTTPS protocol for secure encryption and submission of the personal and credit card data you provide voluntarily on Xume. Unfortunately due to the nature of the digital environment, MAJA cannot ensure that all of your Information will never be disclosed in ways not otherwise described in this Policy. Therefore, although MAJA uses industry standard practices to protect your privacy, no method of transmission over the Internet, or method of electronic storage, is hundred percent secure. If you believe your Personal Information has been compromised, please contact us at the details set forth in Contact Us section in this Policy. If MAJA learns of a security systems breach, MAJA will attempt to notify you electronically and the authorities of the occurrence of the breach in accordance with applicable law.
- Your Information may be stored and processed in India or any other country in which MAJA or our service providers or third-parties, as referred in this Policy, maintain facilities.
- MAJA uses commercially reasonable safeguards to help keep the Information collected through the Platform(s) secure and take reasonable steps (such as requesting a unique password) to verify your identity before granting you access to your account. However, MAJA cannot ensure the security of any Information you transmit on the Platform(s) or guarantee that Information on the Platform(s) may not be accessed, disclosed, altered, or destroyed.
- When You access Our Platform(s), We offer the use of a secure server. The secure server software (SSL) encrypts all Information You put in before it is sent to Us.
Cookies and Cache:
- MAJA places both permanent and temporary Cookies in your device. Most Cookies are "session cookies," which means they are automatically deleted from your device at the end of a session.
- You can stop Cookies from being downloaded on your device from the Platform(s) at any time by selecting the appropriate settings in your browser. You can also delete your browser Cookies or disable them entirely. The browsers will tell you how to change your browser settings to notify you when a Cookie is being set or updated, or to restrict or block certain types or all Cookies. In case you decline to download Cookies from Xume you may not be able to use certain features on Xume, but this may significantly impact your experience with Xume and may make parts of Xume non-functional or inaccessible. We recommend that you leave them turned on.
Your rights in the personal data collected
Further, you have the right to request the following in regards to your personal data:
- Complete access to the personal data collected by us
- Correction of any personal data in case the same as collected by us is inaccurate or inadequate
- Complete or partial erasure/ deletion of personal data
- Right to object the processing of any personal data (by providing legitimate grounds only)
- Withdrawal of consent with regards to collection of data in case consent has already been provided by you (services shall be restricted accordingly)
MAJA reserves its right to change these policies periodically by updating this page and shall post the same on Xume. Also, in case there is any material change in the manner of processing personal data, a prior notice shall be posted on Xume and the same shall be sent to the registered email address of the users. In case there is any legal obligation to make material changes in processing of personal data, we shall request your consent prior to implementation of the required changes. Write to us at [email protected]
if you have any concerns with the current policy or any changes MAJA may make in the future
Duration of maintaining and using Your Information:
- Following deactivation of your account, MAJA may retain certain Information (including Your Personal Information and User Content) for a reasonable time for backup, archival, and/or audit purposes.
- User shall have the right to request access to and rectification or erasure of Personal Information or restriction of processing concerning you or to object to processing as well as the right to information/data portability by connecting to Us at [email protected]
MAJA will not sell, distribute or lease your personal information to third parties unless MAJA has your permission or is required by law to do so. However, MAJA reserves the right to disclose information to third parties if we believe we are required to do so by law or have a good-faith belief that such access or disclosure is reasonably necessary to:
- Abide by any applicable law, regulation, legal process or governmental request;
- Detect, prevent, or otherwise address fraud, security or technical issues
- Respond to user support requests;
- Protect the rights, property or safety of MAJA, its users and the public.
Grievances and Disputes
Customers based in the European Union (EU), European Economic Area and customers who are subject to the GDPR or any other UK or EU privacy law or is a European Union Data Subject, without prejudice to any other administrative of judicial remedy available to them, shall have the right to lodge a complaint with the Supervisory Authority, as stated under Article 77 of the GDPR.
In order to ensure compliance by us and our customers based in the European Union (EU), European Economic Area and customers who are subject to the GDPR or any other UK or EU privacy law or is a European Union Data Subject, the list of the supervisory authority as stated under Article 51 of the GDPR can be accessed through https://edpb.europa.eu/about-edpb/board/members_en.