Privacy Policy
Much & More Media, Inc.
This Privacy Policy explains what information Much & More Media, Inc. ("MMM," "we," "us") collects through the Gina website and app (the "Service"), how we use it, and the choices you have. Because Gina involves health-related information, we also maintain a separate Consumer Health Data Privacy Policy that describes how we handle that data; it is available on its own page and linked from our homepage. This beta is offered only in the United States and Canada.
Section 1 · Who and what this covers
This Policy covers the Gina website and app, operated by MMM, for users in the United States and Canada. It does not cover third-party services you connect, such as your wearable provider, which are governed by their own policies.
Section 2 · Information we collect
We collect: information you provide (such as your name, email, account details, and the notes and inputs you enter); health-related information you choose to share or connect, including data from a connected wearable; timing information you provide; and technical information about how you use the Service, such as device and usage data, collected through cookies and analytics to operate, secure, and improve it. Your wearable provider may also collect usage data about your interaction with its integration, as described in its own policy.
Section 3 · Your health data and your consent
We collect your health data only after you give separate, explicit, opt-in consent. We do not share it without a second, separate consent. We do not sell it, and we will not sell it absent a valid written authorization signed by you. You may withdraw consent, and request access to or deletion of your health data, at any time (Section 8). Withdrawing consent does not affect processing already carried out. Our full health-data practices are described in the Consumer Health Data Privacy Policy.
Section 4 · How we use your information
We use your information to provide and personalize the Service, to generate the reflections and reads you ask for, to maintain and secure the Service, to understand usage so we can improve it, to communicate with you, and to comply with law. We use health data only for the purposes you have consented to.
Section 5 · Automated processing, improvement, and de-identified data
Gina uses automated processing to turn your inputs into reflections; this supports your decisions and does not make legally or similarly significant decisions about you on its own. We improve the Service using de-identified or aggregated data that is not reasonably linkable to you. We do not use information that identifies you to train third-party artificial-intelligence models. Where we rely on a development or hosting platform, we maintain its model-training opt-out for our workspace.
Section 6 · How we share information
We do not sell your personal information for money, and we do not share it for cross-context behavioral advertising. We share information only as described here: with service providers who process data on our behalf under contracts that limit their use of it (for example, hosting, infrastructure, analytics, and the providers that power core features); with your wearable provider as needed to operate the integration you connected, and never with advertisers or data brokers; with your separate consent; and where required by law or to protect rights and safety. We may transfer information as part of a merger, acquisition, financing, or sale of assets; if we do, the recipient must honor this Policy and the Consumer Health Data Privacy Policy for the data transferred, and health data remains subject to the no-sale commitment and to any consent the law requires.
Section 7 · How long we keep your information
We keep information as long as needed to provide the Service to you and for legitimate business and legal purposes, then delete or de-identify it. Raw data we receive from your wearable provider is held no longer than the provider's cache limit, currently sixty (60) days, after which it is deleted. We may retain the account-bound reflections you rely on for your ongoing experience; any data used to improve the Service or held as a business asset is de-identified or aggregated. You can delete your account and data at any time (Section 8).
Section 8 · Your privacy rights
You can access, download, correct, or delete your information, and withdraw consents, in Settings or by contacting us. Deletion reaches the interpretations we derived from your data, not only the raw data. On request, we will provide the specific third parties and affiliates with whom we have shared your health data, and how to contact them. We will not discriminate against you for exercising these rights.
Depending on where you live, you may have additional rights. California residents have rights under the CCPA/CPRA, including to know, delete, correct, and limit the use of sensitive personal information, and to not be sold or have data shared for cross-context advertising, which we already do not do. Other US state residents (including Texas, Nevada, Washington, and others) have comparable rights under their state laws. Canada residents have rights under PIPEDA, including access and correction, and may contact the Office of the Privacy Commissioner of Canada. To exercise any right, contact us at the address in Section 15; we will verify your request and respond within the time the law allows.
Section 9 · Sensitive personal information
Some information we handle, including health-related data, is "sensitive." We use it only to provide the features you ask for and the purposes you consent to, and not to infer characteristics for advertising. You may limit our use of sensitive information as described in Section 8.
Section 10 · How we protect your information
We use reasonable administrative, technical, and physical safeguards, including encryption of data in transit and at rest, to protect your information. No system is perfectly secure, but we work to protect your data and to limit access to those who need it. If a breach affecting your information occurs, we will notify you and the authorities as required by law.
Section 11 · Children
The Service is for adults 18 and older. We do not knowingly collect information from children. If we learn we have, we will delete it.
Section 12 · International users and cross-border transfers
The Service is operated from the United States, and your information is processed in the United States and where our service providers operate. If you are in Canada, your information is transferred to and processed in the United States with your consent, as described in the Terms. The Service is not offered to residents of the European Union, the United Kingdom, or the EEA during this beta; before any such user is onboarded, we will implement the additional protections those laws require.
Section 13 · Cookies and analytics
Our website and app use cookies and similar technologies, and we use analytics, to operate and secure the Service and to understand how it is used so we can improve it. We do not use cookies or analytics for advertising, and we do not use them to sell or share your information or for cross-context behavioral advertising. Where the law requires it, we ask for your consent before placing non-essential cookies or running non-essential analytics, and you can also control cookies through your browser settings; disabling some may affect how the Service works. Wherever we collect personal information, we provide a link to our Consumer Health Data Privacy Policy.
Section 14 · Changes to this policy
We may update this Policy. If a change is material, we will notify you, and where the law requires it for health data, we will obtain your consent before the change takes effect. The "Effective date" above shows the current version.