SIMY Privacy Policy

Effective Date: November 13, 2025 Last Updated: November 13, 2025

This Privacy Policy describes how AwakApp Inc. ("Company," "we," "our," or "us"), a California corporation, collects, uses, discloses, and protects personal information from users of SIMY (the "Service").

By using the Service, you acknowledge that you have read and understood this Privacy Policy and our Terms of Use, and you consent to the data practices described herein.

1. Eligibility and Age Restrictions

The Service is intended solely for users who are at least 18 years of age. By using the Service, you represent and warrant that you are 18 years or older. We do not knowingly collect, use, or disclose personal information from individuals under 18.

If we discover that we have collected personal information from someone under 18, we will delete such information promptly. If you believe we have inadvertently collected information from a minor, contact us immediately at privacy@simy.one.

No Obligation to Verify Age. We have no obligation to verify users' ages. Age eligibility is determined by self-certification, and users bear sole responsibility for any misrepresentation.

2. Geographic Restrictions

The Service is not available in countries subject to comprehensive U.S. economic sanctions, including Cuba, Iran, North Korea, Syria, and the Crimea, Donetsk, and Luhansk regions.

We may use automated IP-based geographic blocking but have no obligation to verify user location or prevent access from restricted jurisdictions. Users are solely responsible for compliance with all applicable local laws and export control regulations.

3. Information We Collect

3.1 Information You Provide

Account Information:

• Name, email address, and contact details
• Password and authentication credentials
• Payment information (processed by third-party payment processors)
• Profile information and preferences

User Content:

• Text, documents, files, and other content you input, upload, store, or create using the Service
• Communications with our support team
• Feedback and survey responses

Voice and Audio Data:

• Voice recordings, voice notes, and audio messages you create using the Service's voice features
• Audio files you upload to the Service
• Transcriptions of voice recordings generated automatically by the Service
• Voice metadata (duration, timestamp, file size, language)

Recording Consent and Compliance: By using voice recording features, you represent and warrant that:

• You have obtained all necessary consents to record all parties where required by applicable law, including two-party consent laws in states such as California, Florida, Illinois, and others
• You comply with all wiretapping, eavesdropping, and recording consent laws in your jurisdiction
• You will not record individuals without their knowledge and consent where legally required
• You are solely responsible for compliance with recording laws and obtaining necessary permissions

Biometric Data Notice: While we process voice recordings for transcription and AI improvement, we do not use voice data to create biometric voiceprints or voice-based authentication systems. However, in jurisdictions with biometric privacy laws (such as Illinois BIPA, Texas CUBI, or Washington state law), by using voice features you provide informed written consent to our collection, use, storage, and disclosure of voice recordings as described in this Privacy Policy for the retention period specified in Section 6.

You represent and warrant that you will not provide prohibited data types as specified in our Terms of Use, Section 5.2, including Protected Health Information (PHI), Payment Card Information (PCI), Social Security Numbers, or other sensitive personal data (except for voice data as described above). We have no obligation to monitor, detect, or prevent prohibited data input, and you bear sole liability for any consequences of inputting such data.

3.2 Information Collected Automatically

Technical Information:

• IP address and approximate geographic location
• Device type, operating system, and browser information
• Unique device identifiers

Usage Information:

• Pages viewed, features used, and actions taken within the Service
• Time, frequency, and duration of activities
• Referring and exit pages

Cookies and Similar Technologies:

• We use cookies, web beacons, and similar technologies to collect usage data and improve user experience
• You may control cookies through your browser settings, but disabling cookies may limit Service functionality

3.3 Information from Third Parties

Third-Party Integrations:

• If you connect third-party services (Slack, Microsoft Teams, Zoom, Google Workspace, etc.), we may receive information from those platforms as authorized by you
• We are not responsible for the data practices of third-party services

Public Sources:

• We may supplement your information with publicly available data to improve Service quality

4. How We Use Your Information

We use your personal information for the following purposes:

4.1 Service Provision and Improvement

• Operate and maintain the Service, including authentication, account management, and feature delivery
• Process payments and manage subscriptions through third-party payment processors
• Provide customer support and respond to your inquiries
• Personalize your experience by tailoring content and recommendations
• Improve Service quality, performance, and functionality through analysis and testing

4.2 AI Model Training and Development

We use your User Content to develop, train, fine-tune, and improve our artificial intelligence models, algorithms, and machine learning systems. This includes:

• Using User Content as training data for AI models
• Creating derivative works and improvements to AI capabilities
• Generating anonymized, aggregated, or de-identified datasets
• Developing new features and AI-powered functionality

Voice Data Processing and AI Training:

• Voice recordings are automatically transcribed to text using speech recognition technology
• Voice transcriptions are treated as User Content and may be used to train AI language models
• Voice recordings themselves may be analyzed to improve speech recognition accuracy, voice-to-text conversion quality, and natural language understanding
• Audio patterns and characteristics may be analyzed in aggregate to enhance AI performance
• We do not use voice data to create individual biometric voiceprints for identification or authentication purposes
• Voice data used in AI training may be retained in anonymized or aggregated form

This use is perpetual and survives account deletion, as User Content (including voice transcriptions and audio analysis) may be incorporated into trained AI models that cannot feasibly be "untrained." You grant us an irrevocable license for these purposes as described in our Terms of Use, Section 8.1.

Opt-Out: You may request to opt out of future use of your User Content (including voice data) for AI training by contacting privacy@simy.one. We will make commercially reasonable efforts to honor such requests within 90 days where technically feasible. However:

• Opt-out does not apply retroactively to models already trained
• We are not obligated to retrain or modify existing models
• Opt-out does not apply to anonymized or aggregated data
• Opting out may reduce Service quality for you, particularly for voice-related features

4.3 Analytics and Business Operations

• Create anonymized, aggregated analytics about Service usage and performance
• Conduct research and development for new features and services
• Monitor and analyze trends to improve user experience
• Ensure security and detect, prevent, and respond to fraud, abuse, or violations

4.4 Communications

• Send transactional communications (account notifications, service updates, security alerts)
• Provide customer support responses
• Send administrative messages about Terms of Use or Privacy Policy changes

We do not use your personal information for behavioral advertising or marketing communications without your explicit consent.

4.5 Legal and Compliance

• Comply with legal obligations, including responding to lawful requests from authorities
• Enforce our Terms of Use and policies
• Protect our rights and property and those of our users
• Respond to legal claims and disputes

5. Information Sharing and Disclosure

We do not sell your personal information to third parties, and we do not use it for behavioral advertising.

We may share your information in the following limited circumstances:

5.1 Service Providers

We share information with third-party service providers who perform services on our behalf, including:

• Cloud hosting and infrastructure providers
• Payment processors (who handle payment information directly)
• Email and communication service providers
• Analytics and monitoring tools
• Customer support platforms

These service providers are contractually obligated to use your information only for providing services to us and to maintain appropriate security measures. However, we are not liable for their data practices, security failures, or breaches.

5.2 Business Transfers

In the event of a merger, acquisition, reorganization, sale of assets, or bankruptcy, your information may be transferred to the acquiring or surviving entity. We will notify you via email or prominent notice on the Service before your information is transferred and becomes subject to a different privacy policy.

5.3 Legal Requirements and Protection

We may disclose your information when we believe in good faith that disclosure is necessary to:

• Comply with applicable laws, regulations, legal processes, or governmental requests
• Enforce our Terms of Use or other policies
• Detect, prevent, or address fraud, security, or technical issues
• Protect the rights, property, or safety of the Company, our users, or the public

5.4 Third-Party Integrations

If you connect third-party services (Slack, Teams, Zoom, etc.), information may be shared with those platforms according to their privacy policies and your authorization. We are not responsible for third-party data practices.

5.5 Aggregated and Anonymized Data

We may share anonymized, aggregated, or de-identified information that cannot reasonably be used to identify you, including for research, analytics, marketing, or other business purposes.

6. Data Retention

Personal Data: We retain your personal information for as long as your account is active or as needed to provide the Service. Upon account deletion, we generally delete personal data within 90 days, except:

• User Content used for AI training may be retained indefinitely as it is incorporated into trained models and anonymized datasets
• Information required for legal, security, or operational purposes (e.g., transaction records, fraud prevention, legal compliance) may be retained longer as required or permitted by law
• Backups may retain information according to standard retention schedules

Voice and Audio Data Retention:

• **Active voice recordings:** Retained while your account is active or until you delete them
• **Voice transcriptions:** Treated as User Content and subject to the same retention policies as text content
• **Voice data used for AI training:** May be retained indefinitely in anonymized or aggregated form as part of trained models
• **Voice metadata:** Retained for operational purposes and may be included in backups
• **After account deletion:** Voice recordings are generally deleted within 90 days, but transcriptions and data incorporated into AI models may be retained as described above

You may request deletion of your voice data used for training by contacting privacy@simy.one. We will honor such requests within 90 days where technically feasible, but previously trained models will not be retrained.

No Guarantee of Specific Retention Periods. While we generally follow the retention periods above, we make no guarantees and may delete data at any time. We have no obligation to maintain backups or enable data recovery beyond our standard operational procedures.

7. Your Privacy Rights

7.1 Rights Under GDPR (European Economic Area, UK, Switzerland)

If you reside in the EEA, UK, or Switzerland, you have the following rights under the General Data Protection Regulation (GDPR):

• **Right to Access:** Request confirmation of whether we process your personal data and obtain a copy of your personal data.
• **Right to Rectification:** Request correction of inaccurate or incomplete personal data.
• **Right to Erasure ("Right to be Forgotten"):** Request deletion of your personal data in certain circumstances.
• **Right to Restriction of Processing:** Request that we limit processing of your personal data in certain circumstances.
• **Right to Data Portability:** Request a copy of your personal data in a structured, commonly used, machine-readable format.
• **Right to Object:** Object to processing of your personal data for direct marketing or based on legitimate interests.
• **Right to Withdraw Consent:** Where processing is based on consent, withdraw consent at any time (without affecting prior processing).
• **Right to Lodge a Complaint:** File a complaint with your local data protection authority if you believe we have violated your rights.

Legal Basis for Processing:

• Contractual necessity (to provide the Service)
• Legitimate interests (Service improvement, security, AI development)
• Legal obligations (compliance with law)
• Consent (where required)

International Data Transfers: Your data may be transferred to and processed in the United States. We use Standard Contractual Clauses (SCCs) approved by the European Commission to ensure adequate protection.

7.2 Rights Under CCPA/CPRA (California Residents)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

• **Right to Know:** Request disclosure of the categories and specific pieces of personal information we have collected about you, the sources, purposes, and third parties with whom we share it.
• **Right to Delete:** Request deletion of your personal information, subject to certain exceptions (e.g., legal obligations, security, fraud prevention).
• **Right to Correct:** Request correction of inaccurate personal information.
• **Right to Opt-Out of Sale/Sharing:** We do not sell personal information or share it for cross-context behavioral advertising, so there is nothing to opt out of.
• **Right to Limit Use of Sensitive Personal Information:** We do not use sensitive personal information (as defined by CPRA) for purposes beyond those permitted without consent.
• **Right to Non-Discrimination:** You will not receive discriminatory treatment for exercising your privacy rights.

Authorized Agents: You may designate an authorized agent to submit requests on your behalf by providing written authorization.

Response Time: We will respond to verifiable requests within 45 days (extendable by 45 days if necessary).

7.3 Rights Under Other Laws

Users in other jurisdictions may have similar rights under applicable data protection laws. Contact us at privacy@simy.one to inquire about your rights.

7.4 Exercising Your Rights

To exercise any of the above rights, contact us at privacy@simy.one with:

• Your name and email address associated with your account
• A description of your request
• Verification of your identity (we may request additional information to verify your identity)

Response Time: We will respond to requests within the timeframes required by applicable law (typically 30 days for GDPR, 45 days for CCPA). However:

• We have no obligation to respond to requests from users in jurisdictions without applicable data protection laws
• We may refuse requests that are manifestly unfounded, excessive, or repetitive
• We may charge a reasonable fee for manifestly unfounded or excessive requests

Limitations: Some requests may be subject to legal or operational limitations (e.g., we cannot delete data required for legal compliance or incorporated into anonymized datasets).

8. Data Security

We implement reasonable administrative, technical, and physical safeguards designed to protect your personal information from unauthorized access, loss, misuse, alteration, or disclosure.

However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security. You acknowledge and accept the inherent security risks of internet transmission and electronic storage.

You are responsible for:

• Maintaining the confidentiality of your account credentials
• Promptly notifying us of any unauthorized access or security breach
• Not inputting prohibited data types that heighten security risks

We are not liable for:

• Security breaches caused by third parties
• Unauthorized access resulting from your actions or negligence
• Data loss or corruption beyond our reasonable control

9. Data Breach Notification

In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify you without undue delay and, where required by law (such as GDPR), within 72 hours of becoming aware of the breach.

Notification will be provided via email to your registered address or through the Service.

In jurisdictions without breach notification requirements, we have no obligation to notify users of data breaches.

10. Children's Privacy

The Service is intended solely for users 18 years of age or older. We do not knowingly collect, use, or disclose personal information from individuals under 18.

If you are under 18, do not use the Service or provide any information to us.

If we learn that we have collected personal information from someone under 18, we will delete that information as quickly as reasonably possible. If you believe we have collected information from a minor, contact us immediately at privacy@simy.one.

11. Third-Party Services and Links

The Service may contain links to third-party websites, applications, or services, and may integrate with third-party platforms (Slack, Teams, Zoom, Google Workspace, etc.).

We are not responsible for the privacy practices, content, or security of third-party services. Your use of third-party services is governed by their respective privacy policies and terms.

We encourage you to review the privacy policies of any third-party services you use in connection with the Service.

12. International Data Transfers

Your information may be transferred to, processed, and stored in the United States and other countries where our service providers operate. These countries may have different data protection laws than your country of residence.

For EEA, UK, and Swiss users: We use Standard Contractual Clauses (SCCs) approved by the European Commission or other appropriate safeguards to ensure your data receives adequate protection.

By using the Service, you consent to the transfer of your information to the United States and other countries.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, the Service, or applicable laws.

Material changes will be communicated at least 30 days before taking effect via:

• Email to your registered address
• Prominent notice on the Service or our website
• In-app notification

The "Last Updated" date at the top of this Privacy Policy indicates when it was last revised.

Continued use of the Service after the effective date of changes constitutes your acceptance of the updated Privacy Policy. If you do not agree to the changes, you must discontinue use and may delete your account.

14. Your Responsibilities

By using the Service, you acknowledge and agree that:

You are solely responsible for:

• Ensuring you meet eligibility requirements (18+ years old, not in sanctioned jurisdictions)
• Compliance with all applicable laws and regulations
• Not inputting prohibited data types (PHI, PCI, SSN, etc.)
• Maintaining the security of your account credentials
• Reviewing and understanding this Privacy Policy and our Terms of Use

We have no obligation to:

• Verify your age, location, or eligibility
• Monitor, detect, or prevent prohibited data input
• Provide warnings or alerts regarding prohibited data or uses
• Maintain specific data retention periods or enable data recovery beyond standard procedures
• Respond to privacy requests from jurisdictions without applicable data protection laws

15. Contact Information

For questions, concerns, or requests regarding this Privacy Policy or our data practices, contact us at:

AwakApp Inc.

• **Privacy Requests & Data Rights:** privacy@simy.one
• **General Inquiries:** info@simy.one
• **Customer Support:** support@simy.one
• **Website:** https://simy.team
• **Mailing Address:** AwakApp Inc., California, United States

For GDPR-related inquiries in the EEA: We do not currently have a designated representative in the EEA. Please contact privacy@simy.one.

For users in jurisdictions with specific requirements, please include your location in your inquiry so we can direct it appropriately.

16. Acknowledgment

By using the Service, you acknowledge that:

✓ You have read and understood this Privacy Policy

✓ You consent to the collection, use, and disclosure of your information as described

✓ You understand that your User Content may be used to train AI models

✓ You consent to voice recording, transcription, and use of voice data for AI training

✓ You are responsible for obtaining all necessary recording consents from other parties

✓ You are 18 years of age or older

✓ You are not located in a sanctioned jurisdiction

✓ You will not input prohibited data types (except voice data as described)

✓ You accept the limitations and disclaimers in this Privacy Policy

✓ You understand we have limited obligations to monitor, verify, or enforce compliance

IF YOU DO NOT AGREE, DO NOT USE THE SERVICE.

International Contact:

• General inquiries: info@simy.one
• Privacy requests: privacy@simy.one
• Support & cancellations: support@simy.one