top of page
UMH icon.png

Unlock My Heart

Effective Date November 2024

 

Privacy Policy

 

Unlock My Heart (UMH) 

1. Introduction 

Unlock My Heart ("UMH", "we", "our", or "us") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains our practices regarding the collection, use, disclosure, and safeguarding of your data when you use our mobile application (“App”) and related services (collectively, the "Service"). We urge you to read this policy carefully to understand how we handle your personal information. By using our Service, you consent to the data practices described in this policy. 

2. Information We Collect 

2.1 Personal Information You Provide
We collect the following types of personal information that you voluntarily provide to us: 

a) Account Information: 

- Full name 

- Email address 

- Date of birth
- Password (stored in encrypted form)
- Profile picture (optional) 

b) Identity Verification:
- Last 4 digits of Social Security Number (for U.S. users)
- Other government-issued ID number (last 4 digits, for non-U.S. users)
- We may also collect information from other forms of identification such as: 

- Driver's license
- Passport
- Government-issued ID 

- This information is collected solely for the purpose of verifying your identity and protecting your account. 

 

c) Payment Information:
- If applicable, for premium features (processed by a secure third-party payment 

- Full name 

- Mailing address

- Telephone number

- Email address 

- Credit or debit card information 

 

d) User-Generated Content:
- This is information that you wish to share with loved one including, but not limited to, 

- Notes, thoughts, and wishes
- Messages to loved ones
- Family tree information
- Photos, videos, and audio files
- Gift and item allocation information 

e) Pin-Holder Information:
- By providing us with this information, you acknowledge and agree that the designated individual(s) who will be able to access account upon your passing (“Pin-Holder”) reside in the United States and have given you his/her/their consent to provide his/her/their contact information to us.

-Names and contact information of designated Pin-Holder


 

f) Health-related Information:
(This is information of a health-related nature that you may wish to share with loved ones. Please note that this is considered sensitive information, and you should think carefully before providing this information to us.)

-Medical conditions (optional)
- End-of-life care preferences
- Organ donation wishes 

 2.2 Information Collected Automatically 

We automatically collect certain information about your device and how you interact with our Service: 

a) Device Information:
-Device type and model
-Operating system and version
- Unique device identifiers 

-Mobile network information 

b) Usage Data: 

- IP address 

- Browser type and version
- Time zone setting and location
- App features used and interaction data
- Error logs and crash reports 

c) Cookies and Similar Technologies:
- We use cookies and similar tracking technologies to enhance your experience and collect information about how you use our Service. 

 

3. How We Use Your Information 

We collect and use your personal information for the following purposes: 

a) Provide and Maintain the Service:
- Create and manage your account
- Authenticate your identity
- Enable core App functionality 

b) Personalization:
- Customize your experience
- Recommend features based on your usage 

c) Communication:
- Send important notices and updates
- Respond to your inquiries and support requests
- Send marketing communications (with your consent) 

d) Improve and Develop the Service:
- Analyze usage patterns to enhance features
- Troubleshoot and debug issues
- Develop new features and services 

e) Security and Fraud Prevention:
- Protect against unauthorized access
- Detect and prevent fraudulent activities
- Ensure the safety and security of user data 

f) Legal Compliance:
- Comply with applicable laws and regulations
- Respond to legal requests and prevent harm 

g) Aggregated Data Analysis:
- We may use anonymized, aggregated data for research purposes and to improve our services 

4. How We Protect Your Information 

At UMH, we protect your information using various security measures. We implement a robust data protection strategy that includes multiple classes of data protection. The classes described below are designed to ensure the highest level of security for your personal information (including the use of Firebase). However, we cannot guarantee the absolute security of your personal information.  We recommend that you use complex and unique passwords for your account and for third-party accounts linked to them. Please do not share your password with anyone. If you have reason to believe your interaction with us is no longer secure, please notify us immediately.

4.1 Data Protection Classes 

a) Class A: Complete Protection 
- This class applies to highly sensitive data such as full government ID numbers, passwords, and encryption keys.
- Data in this class is encrypted using advanced algorithms and is only accessible when the user is actively authenticated. 

b) Class B: Protected Unless Open
- This class applies to data that may need to be accessed while the user is not actively using the App, such as background processes. 

- Data is protected using asymmetric encryption techniques, allowing limited access under specific conditions. 

c) Class C: Protected Until First User Authentication
- This class applies to most user-generated content within the App.
- Data is encrypted and protected until the user first authenticates after device restart. 

d) Class D: No Protection
- This class is not used by UMH as we prioritize the security of all user data. 

4.2 Implementation of Data Protection 

- All personal identification information, including data from driver's licenses, passports, and government IDs, is stored using Class A: Complete Protection.
- User-generated content such as notes, wishes, and family tree information is stored using Class C: Protected Until First User Authentication. 

- Temporary data required for background processes uses Class B: Protected Unless Open. 

4.3 Additional Security Measures 

- Data Encryption: All data, regardless of its protection class, is encrypted both in transit and at rest using industry-standard encryption protocols.
- Access Controls: Strict access controls and authentication procedures are in place to ensure that only authorized personnel can access user data, and only when absolutely necessary.
- Regular Audits: We conduct regular security audits and vulnerability assessments to ensure the ongoing effectiveness of our data protection measures.
- Employee Training: All employees undergo regular training on data protection and privacy best practices. 

4.4 Data Breach Notification 

- We will notify users promptly in the event of a data breach, in accordance with applicable laws and regulations. 

 

5. Data Retention 

We retain your personal information for as long as necessary to provide the Service, fulfill the transactions you have requested as well as the purposes outlined in this Privacy Policy, or for other essential purposes such as complying with our legal obligations, resolving disputes, and enforcing our agreements, unless a longer retention period is required or permitted by law. The criteria used to determine our retention periods include: 

- The length of time we have an ongoing relationship with you 

- Whether there is a legal obligation to which we are subject
- Whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation, or regulatory investigations) 

 

We may also anonymize your personal information by removing identifying details rather than deleting the information altogether. 

 

6. Data Sharing and Disclosure 

We do not sell your personal information. We may share your information in the following circumstances: 

a) With Designated Pin-Holders:
- As per your explicit instructions and settings within the App 

b) Service Providers:
- With third-party vendors who help us operate our Service (subject to strict confidentiality agreements) 

c) Business Transfers:
- In connection with a merger, acquisition, or sale of all or a portion of our assets 

d) Legal Requirements:
- To comply with applicable laws, regulations, legal processes, or enforceable governmental requests 

e) Protection of Rights:
- To enforce our terms of service and protect our rights or the rights of others 

f) With Your Consent:
- For any other purpose disclosed to you with your consent 

g) Life Insurance Integration:
- With your explicit consent, we may share relevant information with partnered life insurance agencies to facilitate policy integration 

7. Your Rights and Choices 

Depending on your location, you may have certain rights regarding your personal information as well as how you communicate with us: 

7.1 Your Personal Information 

a) Access and Portability:
- Right to access personal information we hold about you
- Right to receive your personal information in a structured, commonly used format 

b) Correction:
- Right to correct inaccurate or incomplete personal information 

c) Deletion:
- Right to request deletion of your personal information 

d) Restriction:
- Right to restrict processing of your personal information 

e) Objection:
- Right to object to processing of your personal information 

f) Withdraw Consent:
- Right to withdraw consent at any time (where processing is based on consent) 

g) Account Deactivation:
- Right to temporarily deactivate your account without deleting your data 

To exercise any of the rights listed above, you may contact us by using this form [link to request form] or by contacting us using the contact information provided in Section 20. 

7.2 Your Preferred Form of Communication

a) Email:
-You can unsubscribe from emails that we send you by following the instructions near the bottom of the email or emailing us at privacy@unlockmyheart.com

b) Push Notification:
-You can opt-out at any time by adjusting your device settings, or uninstalling our App.

c) Text Messages:
-You can opt-out at any time by following the instructions in the text message you receive.

8. Data Portability Request Process

In accordance with the California Consumer Privacy Act (CCPA), UMH provides the following data portability options:

a) Requesting Data:

- You have the right to request a copy of your personal information in a portable and readily usable format.

- To request your data, please contact our Privacy Team at privacy@unlockmyheart.com.

b) Receiving Data:

- Upon verification of your identity, we will provide your personal information in a structured, commonly used, and machine-readable format within 45 days, free of charge.

c) Data Transfer:

- You may also request that we transfer your data directly to another service provider, where technically feasible.

9. Accessibility

UMH is committed to ensuring accessibility for all users, including those with disabilities. Our Privacy Policy is available in alternative formats upon request to provide equal access to information. If you require our Privacy Policy in a different format, please contact our Privacy Team at privacy@unlockmyheart.com.

10 Children's Privacy 

Our Service is not intended for use by children under the age of 13. We do not knowingly collect personal information from children under 13 in compliance with the Children's Online Privacy Protection Act (COPPA). If we become aware that we have collected personal data from a child under 13 without verifiable parental consent, we will take steps to delete such information from our servers.

California residents between 13 and 16 years old must have affirmative authorization to use the Service. We do not sell the personal information of users in this age group without such authorization. For more information, please see our California Privacy Notice. 

If you are a parent or guardian and believe your child under 13 has provided us with personal information without your consent, you may request the removal of this information by contacting us at privacy@unlockmyheart.com.

To comply with the Children's Online Privacy Protection Act (COPPA), UMH has implemented the following age verification and parental consent process:

a) Age Verification:
- Upon registration, all users are required to provide their date of birth.
- If you are identified as under the age of 13, you are subject to additional verification steps, including being prompted to provide contact information for a parent or guardian.

b) Parental Consent:
- If you are under the age of 13, UMH requires verifiable parental consent before allowing access to the Service.
- Your parents or legal guardians are required to complete a consent form, which may involve a small monetary transaction or a telephone call to our customer service.

c) Revocation of Consent:
- Your parents or legal guardians have the right to review the information collected from their children. Your parents or legal guardians may revoke their consent at any time and UMH will promptly disable your account and remove the personal information from our records. 

11. No International Data Transfers 

The Service is not intended to be accessed by or used by Users outside of the United States. We do not collect or transfer information outside of the United States. If you are outside of the United States and are able to access the Service, we ask that you cease use of the Service immediately. If you are located outside the United States and access the Service without our knowledge and choose to provide information to us, please note that we transfer the data, including personal information, to the United States and process it here. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer. 

12. ECPA Compliance 

UMH complies with the Electronic Communications Privacy Act (ECPA) and does not intercept or disclose any electronic communications without your consent or as permitted by law. Our Service is designed to protect the privacy and security of electronic communications you transmit through our platform.

 

13. Changes to This Privacy Policy 

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Effective Date" at the top of this policy. For significant changes, we will provide a more prominent notice (including, for certain services, email notification of privacy policy changes). We encourage you to review this Privacy Policy periodically for any changes. 

14. Third-Party Links and Services 

Our Service may contain links to third-party websites, resources, tools or services that are not owned, controlled or endorsed by UMH. We have no control over, and assume no responsibility for, the content, privacy policies, or practices (including, but not limited to, a privacy policy and security measures) of any third-party websites, resources, tools or services. We strongly advise you to review the privacy policies of any third-party websites or services you visit through our Service. 

15.  No International Use

The Service is controlled and operated from the United States and is not intended to subject UMH to any non-U.S. jurisdiction or law. The Service is not intended to be available outside of the United States. Any use of the Service is at your own risk, and you must comply with all applicable laws, rules, and regulations in doing so.

 

16. Do Not Track Disclosure 

Your browser setting may allow you to automatically transmit a "Do Not Track" (DNT) signal to websites and online services that you visit. Similarly to other businesses, we do not respond to these DNT signals because there is currently no consensus about what DNT means in this context and how to implement DNT signals. However, you have the options noted in this Policy to make choices about how your personal information is used. 

 

17. California Privacy Rights 

If you are a California resident, you have certain rights under the California Consumer Privacy Act (CCPA). For more information about these rights and how to exercise them, please see our California Privacy Notice. 

18.  Other U.S. Residents Privacy Rights

If you are a resident of certain other states, including Colorado, Connecticut, Montana, Oregon, Texas, Utah, and Virginia you may have certain additional rights regarding your personal information. For more information about these rights and how to exercise them, please click here. 

19. Posthumous Data Management 

UMH provides options for managing your digital legacy and your data after your passing: 

  1. Data Executor: You can designate a trusted individual to manage your account posthumously. 

To ensure the privacy and security of our users' data after their passing, UMH has established a verification process for designated individuals ("Data Executors") to access the user's account. The process is as follows:

  • Proof of Death: The Data Executor must provide a certified copy of the user's death certificate. 

  • Proof of Identity: The Data Executor must provide government-issued identification to verify their identity.

  • Proof of Designation: The Data Executor must provide documentation or prior confirmation from the user, as recorded within the UMH app, that designates them as the authorized individual to manage the account posthumously.

  • Verification Review: UMH will review the provided documentation and may request additional information or documentation as necessary to confirm the validity of the request. Account Access: Upon successful verification, UMH will grant the Data Executor access to the user's account in accordance with the user's pre-set preferences and instructions.

b) Data Deletion: You can set preferences for automatic data deletion after a specified period of inactivity 

c) Data Distribution: You can specify how and when your digital legacy should be shared with designated Pin-Holders.

 

20. Contact Us

For any questions or concerns about this Privacy Policy, your rights and/or our data practices, please contact us at:

 

Unlock My Heart Legal Team


Email: legal@unlockmyheart.com
Address: 12928 S.W. 132nd Court Miami, Florida 33186

Phone: +1 786-322-6976

By using our Service, you acknowledge that you have read and understood this Privacy Policy and agree to its terms. 

bottom of page