Privacy Policy

FoodW Privacy Policy

[Last modified: September 6, 2023]

This privacy policy (“Privacy Policy” or “Policy”) governs the data processing practices of Mania Tech Ltd. (“Company”, “we”, “us”, or “our”) when access to or use of our web based application, available at: https://www.app.foodwizai.com/login (“Web App”) and the services and provided through the Web App (the “Services”).

This Privacy Policy constitutes an integral part of our Terms of Use (“Terms”), and it governs the data collection, process and transfer in respect with our Services, all in accordance with the relevant data protection and privacy laws and regulations, including, if relevant to the user’s jurisdiction, the EU General Data Protection Regulation (“GDPR”), the California Consumer Privacy Act of 2018 effective November 2020, and as amended by the California Privacy Rights Act, effective January 1, 2023. (collectively CCPA”), and any other applicable privacy laws and regulations. Definitions used herein but not defined herein shall have the meaning ascribed to them in our Terms.

If you are a California or Colorado resident, we recommend you to review our CCPA Privacy Notice.

This Privacy Policy does not cover your interaction with third-party content available in through the Services, this Privacy Policy may be different from third parties’ privacy practices and we shall not be liable or responsible for the acts of those third parties.

  1. 1.  POLICY AMENDMENTS

We reserve the right to amend this Policy from time to time, at our sole discretion. The most recent version of the Policy will always be posted on the website. The updated date of the Policy will be reflected in the “Last Modified” heading. We will provide notice if these changes are material and, where required by applicable law, we will obtain your consent. Any amendments to the Policy will become effective within 30-days upon the display of the modified Policy. We recommend you to review this Policy periodically to ensure that you understand our most updated privacy practices.

  1. 2.  CONTACT INFORMATION AND DATA CONTROLLER INFORMATION

Mania Tech Ltd. is incorporated under the laws of the State of Israel, is the Data Controller of (as such term is defined under the GDPR or equivalent privacy legislation).

For any question, inquiry or concern related to this Privacy Policy or the processing of your Personal Data, you may contact our privacy team as follows:

Data Protection Officer: Eran Heres, support@foodwizai.com

Mania Tech Ltd.,

10 ABA EVEN Blvd., Building C, Herzliya, 4672528, Israel Tel: +972-73-2300100

  1. 3.  WHAT INFORMATION DO WE COLLECT AND HOW DO WE USE IT

Non-Personal Data

During your interaction with our Services we may collect aggregated, non-personal non-identifiable information which may be made directly or indirectly through your use of the Services (“Non-Personal Data“). We are not aware of the identity of the user from which the Non-Personal Data is collected. The Non-Personal Data which is being collected may include your aggregated usage information and technical information

transmitted by your device, such as: browser version, operating system type and version, mobile network information, internet service provider, mobile carrier, device settings, etc.

Personal Data

We may also collect from you, during your access or interaction with the Services, individually identifiable information, namely information that identifies an individual or may with reasonable effort be used to identify an individual (“Personal Data or Personal Information”).

For avoidance of doubt, any Non-Personal Data connected or linked to any Personal Data shall be deemed as Personal Data as long as such connection or linkage exists.

We do not knowingly collect or process any Personal Data constituting or revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning a person’s health or data concerning a person’s sex life or sexual orientation (“Special Categories of Personal Data”).

The following table describes the Personal Data we may process if you use our Web App or our Services:

DATA SETS

PURPOSE AND OPERATIONS

LAWFUL BASIS UNDER THE GDPR

Online Identifiers:

When you access and use the Web App or interact and use our Services, we collect your Internet Protocol (“IP”) address or similar unique online identifiers generated (“Online Identifiers”).

We process such data to provide you our Services and to enable the operation of the Services and for security and fraud prevention purposes (i.e., to prevent or to be able to address any errors or technical issues in our Services).

Further, we use the Online Identifiers for tracking and provide you with personalized ads.

Where we collect such data for operation and security, we process your data based on our legitimate interest.

Where we use the Online Identifiers for personalized ads and tracking it will be based on your consent provided through the cookie consent manager (“CMP”) settings. You will be able to opt-out at any time.

Usage Data:

When you access the Web App or use our Services we may further collect information related to your use and interaction with our Service, web pages viewed, access time and date, activity logs, the features and content you interact with, conversions and your interaction with ads, social media related information etc.

The Usage Data is used to operate and improve the Services correct any error in the Web App.

We may use such data for internal analytics and measurement to understand how our Services are used, so that we can improve it and to provide you with personalized interface.

We also use data about the ads you interact with to help advertisers understand the performance of their ad campaigns and provide them with reports.

Where we process the Usage Data subject to our contractual obligations with you, to enable the operation of the Web App and to improve our Services. Other purposes, such as operational and security, are based on our legitimate interest.

Where we collect such data for analytic and advertising purposes, we process the data based on your consent provided through the CMP setting.

Location:

Based on the IP address or other information we may obtain such as zip code, we can approximately know your location.

We use this information for language preference and contextual advertisement ads based on your general location.

We process such data base on our legitimate interest.

Account Information:

To become a user, you will need to create an account by providing us with your email address or by registration using your Gmail or Facebook account.

We will use this data in order to create you an account, provide you with account management, support and to provide the Services as well as to send you needed information

related to our Services and which

We process such data for the purpose of performing our contract with you, to provide the Services and to designate your account.

You represent and warrant that you will not provide us with inaccurate, misleading or false information.

related to our business engagement (e.g., send you a welcome message, notify you regarding any updates to our Services, send applicable invoices, etc.) and additional occasional communications and updates related to the Services, as well as promotional and marketing emails (“Direct Marketing”).

We may also use the information to authenticate you.

 

Transaction Information:

When you decide to become a user and to register to the Services under the “Premium Paid User” subscription plan, the payment is processed by Stripe do not keep any payment information; we just know you made the payment.

We will use third party payment processors, any transactions that are processed by these third party payment processors will be governed by their policies.

We process such data for the purpose of performing our contract with you and will enable you to use our Services and provide you with premium features within the Web App subject to the subscription terms.

Marketing Activities:

We may show you advertisements on our Service, and send you emails for marketing purposes. For this we process your email or Online Identifiers, and our third party advertisers will use the tracking technology to personalize the ads.

We process your data for our marketing campaigns. As a result, you will receive information about our products, such as, for example, special offers or new features and products available as part of our Web App and Services.

We process such data subject to your consent.

You may opt-out at any time through the unsubscribe link in the footer within the email or by contacting us directly.

Personal preferences and allergy As part of our Services you may provide us with information of certain materials and ingredients which you are dislike (i.e. vegetarian) or allergic to.

We will process this data in order to avoid and provide you with recipes which include materials and ingredients which you dislike or allergic to.

We process such data for the purpose of performing our contract with you and will enable you to use our Services.

We use various technologies to collect and store the information listed above, including cookies, pixel tags, local storage, databases and server logs. We use different technologies to process your information listed above, for the purposes listed above.

Therefore, the actual processing operation per each purpose of use and lawful basis detailed in the table above, may differ. Such processing operation usually includes set of operations, made by automated means, such as collection, storage, use, disclosure by transmission, erasure or destruction. Transfer of Personal Data to third party countries as further detailed in the International Data Transfer section is based on the same lawful basis as stipulated in the table above.

In addition, we may use certain Personal Data to prevent potentially prohibited or illegal activities, fraud, misappropriation, infringements, identity thefts and any other misuse of the Services and to enforce our policies and agreements, as well as to protect the security or integrity of our databases and the Services, and to take precautions against legal liability. Such processing is based on our legitimate interests.

4.  HOW WE COLLECT INFORMATION

Depending on the nature of your interaction with the Refine Services, we may collect information as follows:

  • Automatically – we may collect directly or indirectly gather information automatically, such as Non-Personal Information as well as Online Identifiers.
  • Provided by you voluntarily we will collect Personal Data if you choose to register or if you contact us for support, make a purchase or any information you uploaded to the Web App by you or on our Services.
  1. 5.  TRACKING TECHNOLOGIES

We use “cookies” and similar tracking technologies when you access our Web App and use our 0Services. A cookie is a small text file that a website places and stores on your device while you are viewing a website. Cookies are very helpful and can be used for various purposes. These purposes include: (i) allowing you to navigate between pages efficiently; (ii) enabling automatic activation of certain features; (iii) remembering your preferences; and (iv) making the interaction between you and our Services quicker and easier.

Cookie

Purpose

Privacy Policy

Google Analytics

Analytical & Measurement

www.google.com/policies/privacy/partners https://policies.google.com/technologies/managing?hl=en https://tools.google.com/dlpage/gaoptout

For additional information regarding our use of Google products, click HERE.

  1. SHARING DATA CATEGORIES OF RECIPIENTS WE SHARE PERSONAL DATA WITH

We share your Personal Data with third parties, including with business partners or service providers that help us provide our Services. You can find here information about the categories of such third-party recipients.

CATEGORY OF RECIPIENT

DATA THAT WILL BE SHARED

PURPOSE OF SHARING

Advertisers

Online Identifiers, Usage Data, Location

We provide such information to our advertisers, so they will be able to display ads or content that best suit such web-page, as part of our Services.

Within the Company group

All types of data

We may share information about you with other members within the Company group as part of internal engagements and the related entities (applications, extensions, website, etc.) where we believe, for example, your inquiry is applicable to such entity or where required to meet our legal and regulatory obligations around the group or to offer relevant services and products that may interest you.

Service providers

All types of data

We employ other companies and individuals to perform functions on our behalf. Examples include: sending communications, processing payments, assessing credit and compliance risks, analyzing data, providing marketing and sales assistance (including advertising and event management), identifying errors and crashes,

conducting customer relationship management, and

  

providing training. These third-party service providers have access to Personal Data needed to perform their functions, but they are prohibited from using your Personal Data for any purposes other than providing us with requested services.

Compelled disclosure

Subject to your request

We may share Personal Data in the event you request us to do so. In such event, the provisions of your Personal Data will be subject to such third parties’ policies and practices only.

Enforcement Of Our Rights and Security Detections.

All types of data

We may disclose Personal Data to enforce our policies and agreements, as well as defend our rights, including the investigation of potential violations thereof, alleged illegal activity or any other activity that may expose us, you, or other users to legal liability, and solely to the extent required. In addition, we may disclose Personal Data to detect, prevent, or otherwise address fraud, security, or technical issues, solely to the extent required.

Any Acquirer of Our Business

All types of data

We may share Personal Data, in the event of a corporate transaction (e.g., sale of a substantial part of our business, merger, consolidation or asset sale). In the event of the above, our affiliated companies or acquiring company will assume the rights and obligations as described in this Policy.

Where we share information with services provider and agents, we ensure they only have access to such information that is strictly necessary in order for us to provide the Services. These parties are required to secure the data they receive and to use the data for pre-agreed purposes only, while ensuring compliance with all applicable data protection regulations (such service providers may use other non-personal data for their own benefit).

  1. 7.  YOUR RIGHTS

According to data protection and privacy laws may grant you with certain rights with regards to your Personal Data, all according to your jurisdiction. The rights may include one or all of the following: (i) request to amend your Personal Data we store accessing; (ii) review and access your Personal Data that we hold; (iii) request to delete your Personal Data that we hold (as long as we do not have a legitimate reason for retaining the data); (iv) restrict or object to the process your Personal Data; (v) exercise your right of data portability (vi) contact to a supervisory authority in your jurisdiction and file a complaint; and (vii) withdraw consent (to the extent applicable). If you wish to submit a request to exercise your rights, please fill out the Data Subject Request Form (“DSR”) available HERE.

For California and Colorado residents, please see our CCPA Privacy Notice.

When you contact us and request to exercise your rights regarding your Personal Data, we will require certain information from you in order to verify your identity and locate your data and that the process of locating and deleting the data may take reasonable time and effort, as required or permitted under applicable law. Data privacy and related laws in your jurisdiction may provide you with different or additional rights related to the data we collect from you, which may also apply.

You have the right to lodge a complaint with the EU Member State supervisory authority if you are not satisfied with the way in which we handled the complaint.

For additional rights under various jurisdictions, please refer to Section 12 “JURISDICTION-SPECIFIC NOTICES” herein below.

Certain rights can be easily executed independently by you without the need to fill out the DSR Form:

You can correct or delete the Account Information at any time, through the account settings on the Web App;

  • You can you can opt-out from receiving our marketing emails by clicking “unsubscribe” link;
  • you can withdraw consent for processing Personal Data for analytics or marketing purposes, by using the cookie setting on the Web App.

You may opt-out directly from third party retargeting cookies or other ad-technology trackers through self-regulatory services. For more information, please visit:

Digital Advertising Alliance (US) HERE Digital Advertising Alliance (Canada) HERE Digital Advertising Alliance (EU) HERE Network Advertising Initiative HERE

Use the Global Privacy Control (“GPC”) signals.

You can also opt out of interest-based advertising with some of the service providers we use, such as Google HERE, Google Analytic HERE.

  1. 8.  DATA RETENTION

In general, we retain the Personal Data we collect for as long as it remains necessary for the purposes set forth above, all under the applicable regulation, or until you will express your preference to opt-out, where applicable.

The retention periods are determined according to the following criteria:

  1. For as long as it remains necessary in order to achieve the purpose for which the Personal Data was initially processed. For example: if you contacted us, we will retain your contact information at least until we will address your inquiry.
  2. To comply with our regulatory obligations. For example: transactional data will be retained for up to seven years (or even more under certain circumstances) for compliance with our bookkeeping obligations purposes.
  3. To resolve a claim we might have or a dispute with you, including any legal proceeding between us, until such dispute will be resolved, and following, if we find it necessary, in accordance with applicable statutory limitation periods.

Other circumstances in which we will retain your Personal Data for longer periods of time include: (i) where we are required to do so in accordance with legal, regulatory, tax or accounting requirements, or (ii) for us to have an accurate record of your dealings with us in the event of any complaints or challenges, or (iii) if we reasonably believe there is a prospect of litigation relating to your Personal Data. Please note that except as required by applicable law, we will not be obligated to retain your data for any particular period, and we may delete it for any reason and at any time, without providing you with prior notice if our intention to do so.

  1. 9.  SECURITY MEASURES

We work hard to protect Personal Data we process from unauthorized access or unauthorized alteration, disclosure or destruction. We have implemented physical, technical and administrative security measures for the Refine Services that comply with applicable laws and industry such as: encryption using SSL, we minimize amount of data that we store on our servers, restrict access to Personal Data to Company’s employees, contractors and agents, etc. Note that, we cannot be held responsible for unauthorized or unintended access that is beyond our control, and we make no warranty, express, implied or otherwise, that we will always be able to prevent such access.

Please contact us at: support@foodwizai.com if you feel that your privacy was not dealt with properly, in a way that was in breach of our Privacy Policy or if you become aware of a third party’s attempt to gain unauthorized access to any of your Personal Data. We will make a reasonable effort to notify you and the appropriate

authorities (if required by applicable law) in the event that we discover a security incident related to your Personal Data.

  1. 10. INTERNATIONAL DATA TRANSFER

Our data servers in which we host and store the information are located in the US. The Company’s HQ are based in Israel in which we may access the information stored on such servers or other systems such as the Company’s ERP, CRM and other systems. In the event that we need to transfer your Personal Data out of your jurisdiction, we will take appropriate measures to ensure that your Personal Data receives an adequate level of protection as required under applicable law. Furthermore, when Personal Data that is collected within the European Economic Area (“EEA“) is transferred outside of the EEA to a country that has not received an adequacy decision from the European Commission, we will take necessary steps in order to ensure that sufficient safeguards are provided during the transferring of such Personal Data, in accordance with the provision of the standard contractual clauses approved by the European Union. Thus, we will obtain contractual commitments and or assurances from the data importer to protect your Personal Data, using contractual protections that EEA and UK regulators have pre-approved to ensure your data is protected (known as standard contract clauses), or rely on adequacy decisions issued by the European Commission. Some of these assurances are well recognized certification schemes.

  1. ELIGIBILITY AND CHILDREN PRIVACY

The Refine Services are not intended for use by children (the phrase “child” shall mean an individual that is under the age defined by applicable law which with respect to the EEA is under the age of 16 and with respect to the US, under the age of 13) and we do not knowingly process children’s information. We will discard any information that we receive from a user that is considered a “child” immediately upon our discovery that such a user shared information with us. Please contact us at: support@foodwizai.com if you have reason to believe that a child has shared any information with us.

  1. 12. JURISDICTION-SPECIFIC NOTICES
    1. 12.1.Additional Information for California Residents

This section applies only to California residents. Pursuant to the CCPA and as amended by the CPRA. Please see the CCPA Privacy Notice, available HERE, which discloses the categories of Personal Information collected, purpose of processing, source, categories of recipients with whom we share the Personal Information for a business purpose, whether the personal information is sole or shared, the retention period, and how to exercise your rights as a California resident.

    1. Additional Information for Colorado Residents

This section applies to Colorado residents acting only as an individual or household context (and not in a commercial or employment context, as a job applicant or as a beneficiary of someone acting in an employment context). Pursuant to the Colorado Privacy Act (“CPA”) please see below the disclosure of the categories of Personal Data that are collected or processed, the purposes, how consumers can exercise their rights, and appeal such decision, categories of third-parties the controller shares or sells the Personal Data, or sells the Personal Data for advertising and how to opt-out.

Personal Data” as defined in the CPA means information that is linked or reasonably linkable to an identified or identifiable individual and does not include publicly available information that is lawfully made available from government records, or that a consumer has otherwise made available to the public; de-identified or aggregated consumer information; or information excluded from the CPA scope, such as: Health or medical

information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPPA) or 42 CFR Part 2- “Confidentiality Of Substance Use Disorder Patient Records”, Personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or and the Driver’s Privacy Protection Act of 1994, Children’s Online Policy Protection Act of 1998 (COPPA), Family Educational Rights and Privacy Act of 1974, national Security Exchange Act of 1934, higher education data and employment data.

“Sensitive Data” include (i) racial or ethnic origin, religious beliefs, mental or physical health condition or diagnosis, sex life or sexual orientation; (ii) Genetic or biometric data that can be processed to uniquely identify an individual; or (iii) child data.

Under CPA, the Company needs to provide a privacy notice that identifies the categories of Personal Data that are collected or processed, the purposes, how consumers can exercise their rights, and appeal such decision, categories of third-parties the controller shares or sells the personal data, or sells the Personal Data for advertising and how to opt-out.

Highlights Sections

In Section 3 to the Privacy Policy, we describe our collection and processing of Personal Data, the categories of Personal Data that are collected or processed, and the purposes for which Personal Data is processed, stored or used. We will not collect additional categories of Personal Data or use the Personal Data we collected for materially different, unrelated, or incompatible purposes without obtaining your consent. Additionally, Section 6 to this Privacy Policy details and discloses the categories of third-parties we share for business purposes. Section 7 to this Privacy Policy details and discloses your rights and Personal Data shared or sold for targeted advertising.

Deletion Right Exemptions

Only you, or someone legally authorized to act on your behalf, may make a request to know or delete your Personal Data. If the request is submitted by someone other than you, proof of authorization (such as power of attorney or probate documents) will be required. The deletion right is not absolute and in certain circumstances we may deny such request. We may deny your deletion request, in full or in part, if retaining the information is necessary for us or our service provider(s) for any of the following reasons: (1) complete the transaction for which we collected the Personal Data or Personal Information, provide the service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you; (2) detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities; (3) debug products to identify and repair errors that impair existing intended functionality; (4) exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law; (5) comply with the law or legal obligation; (6) engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent; (7) enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us; (8) make other internal and lawful uses of that information that are compatible with the context in which you provided it. We will delete or de-identify personal information not subject to one of these exceptions from our records and will direct our processors to take similar action.

Response Timeline

We will respond to your request within 45 days after receipt of a verifiable Consumer Request (no more than twice in a twelve-month period). We reserve the right to extend the response time by an additional 45 days when reasonably necessary and provided consumer notification of the extension is made within the first 45

days. If we refuse to take action on a request, you may appeal our decision within a reasonable period time by contacting us at: support@foodwizai.com and specifying you wish to appeal. Within 60 days of our receipt of your appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If the appeal is denied, you may submit a complaint as follows: Colorado AG at https://coag.gov/file-complaint/.

If you have an account with us, we may deliver our written response to that account or via email at our sole discretion. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. You do not need to create an account for submitting a request.

Any disclosures we provide will only cover the 12-months period preceding our receipt of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable.

    1. Additional Information for Connecticut Residents

Under the Connecticut Data Privacy Act, Public Act. No. 22-14 (the “CDPA”) if you are a resident of Connecticut, acting in an individual or household context (and not in a commercial or employment context or as a representative of business, non-profit or governmental entity), your rights with respect to your personal data are described below.

Personal Data means any information that is linked or reasonably linkable to an identified or identifiable individual and does not include publicly available information that is lawfully made available from government records, or that a consumer has otherwise made available to the public; de-identified or aggregated consumer information; or information excluded from the CDPA scope, such as: HIPAA, GBPA, non-profit entities, higher education, employment data and FCRA, Driver’s Privacy Protection Act of 1994, Family Educational Rights and Privacy Act, Farm Credit Act.

Sensitive Data” means data revealing racial or ethnic origin, religious beliefs, mental or physical health condition or diagnosis, sex life, sexual orientation, citizenship, or immigration status; The processing of genetic or biometric data for the purpose of uniquely identifying an individual; Personal data collected from a known child; Precise geolocation data. In certain cases, we will process precise geolocations data if you explicitly enable the GPS permission within our properties.

Under CDPA, the Company is required to provide you with a clear and accessible privacy notice that includes: categories of Personal Data processed, purpose of processing, instructions for exercising consumer rights and appealing decisions, categories of Personal Data shared with third parties, categories of third parties with whom data is shared, and any sale of data or targeted advertising.

Please read the “Highlights Sections” and “Deletion Right Exemptions” paragraphs under the CPA Additional Information.

Response Timeline

We shall respond to your request within 45 days of receipt. The response period may be extended once by 45 additional days when reasonably necessary, taking into account the complexity and number of requests and we inform you of such extension within the initial 45 day response period, together with the reason for the extension.

If we decline to take action on your request, we shall so inform you without undue delay, within 45 days of receipt of your request. The notification will include a justification for declining to take action and instructions on how you may appeal. Within 60 days of our receipt of your appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If the appeal is denied, you may submit a complaint to the Connecticut Attorney General at link: https://www.dir.ct.gov/ag/complaint/ or (860) 808-5318.

We shall provide information in response to your request free of charge, up to twice annually, unless requests are manifestly unfounded, excessive or repetitive. If we are unable to authenticate your request using commercially reasonable efforts, we may request additional information reasonably necessary to authenticate you and your request. If we cannot authenticate you and your request, we will not be able to grant your request.

    1. 12.4.Additional Information for Virginia Residents

Under the Virginia Consumer Data Protection Act, as amended (“VCDPA”) if you are a resident of Virginia acting in an individual or household context (and not in an employment or commercial context), you have the following rights with respect to your Personal Data.

Personal Data means any information that is linked or reasonably linkable to an identified or identifiable natural person, and does not include publicly available information that is lawfully made available from government records, that a consumer has otherwise made available to the public; de-identified or aggregated consumer information; Information excluded from the VCDPA scope, such as: HIPAA, GBPA, non-profit entities, higher education, employment data and FCRA, Driver’s Privacy Protection Act of 1994, Family Educational Rights and Privacy Act, Farm Credit Act.

The VCDPA requires the Company to disclose the categories of Personal Data processed, purpose of processing, how you can exercise your rights, including how a you may appeal our decision with regard to the consumer request, the categories of Personal Data shared with third parties and with whom, and if the Company sells Personal Data to third parties or processes Personal Data for targeted advertising.

Please read the “Highlights Sections” and “Deletion Right Exemptions” paragraphs under the CPA Additional Information.

Response Timeline

We will respond to your request within 45 days after receipt of a verifiable Consumer Request (no more than twice in a twelve-month period). We reserve the right to extend the response time by an additional 45 days when reasonably necessary and provided consumer notification of the extension is made within the first 45 days. If we refuse to take action on a request, you may appeal our decision within a reasonable period time by contacting us at: support@foodwizai.com and specifying you wish to appeal. Within 60 days of our receipt of your appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If the appeal is denied, you may submit a complaint to the Virginia Attorney General at https://www.oag.state.va.us/consumercomplaintform.

If you have an account with us, we may deliver our written response to that account or via email at our sole discretion. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. You do not need to create an account for submitting a request.

Any disclosures we provide will only cover the 12-months period preceding our receipt of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable.

We shall provide information in response to your request free of charge, up to twice annually, unless requests are manifestly unfounded, excessive or repetitive. If we are unable to authenticate your request using commercially reasonable efforts, we may request additional information reasonably necessary to authenticate you and your request. If we cannot authenticate you and your request we will not be able to grant your request.

12.5. Additional Information for Utah Residents (Effective January 2024)

Under the Utah Consumer Privacy Act (“UCPA”) if you are a resident of Utah, acting in an individual or household context (and not in a commercial or employment context) your rights with respect to your Personal Data are described below. Personal Data means data which is linked or reasonably linkable to an identifiable individual, and does not include de-identified data and publicly available data or data that is processed not within the scope of UCPA.

Please read the “Highlights Sections” paragraph under the CPA Additional Information.