Wizzer - Your go-to-place for parenting

WIZZER INC. PERSONAL DATA AND PRIVACY POLICY

1. WHO ARE WE?

WIZZER INC. is a corporation organized under the laws of the State of Delaware, U.S.A.,

domiciled at 74 E Glenwood Ave Unit 5423, Smyrna, Delaware, U.S.A. (hereinafter the

"Company" or "Wizzer") is a technology company that provides information services for parents,

through which it offers its customers information on social and emotional skills aimed at

developing the emotional intelligence of children and adolescents, with the mission of providing

parents with tools for emotional development in the upbringing of their children.

In this policy we will refer to ourselves as "Wizzer"

"We"

"Us" or the "Company"

. We are

responsible (who determines what is done with your Personal Data, in accordance with Law

1581 of 2012 -

"GDPL") for the treatment and use in general of your Personal Data through our

website, application and digital platform and through our customer service channels for any of

the above services.

Below is our information for your knowledge:

Company Name: Wizzer Inc

TAX ID: 32-0743478

Address: 74 E Glenwood Ave Unit 5423

E-mail: info@wizzerapp.com

Website: www.wizzerapp.com

2. PERSONAL DATA POLICY

For Wizzer, your privacy is paramount. This document will explain Wizzer's approach when

processing personal information (any information linked or that can be associated to one or

more specific or determinable natural persons) of the people with whom we interact through any

of our channels provided by Wizzer, the type of data we will process and the conditions under

which the personal data you have provided us will be kept. Wizzer is always committed to the

current regulations regarding the protection of personal data, guaranteeing the exercise of your

Habeas Data rights.

The Policy aims to protect the constitutional right of Habeas Data that all individuals must know,

update, and rectify the personal information that has been collected and stored in the various

databases of Wizzer. Personal data will only be collected and processed when it has been

previously authorized by the data subject, and its processing is guaranteed under the

parameters noted above. It also details the general corporate guidelines that are considered in

order to protect the data subject, the purposes of information processing, the area responsible

for handling complaints and claims, and the procedures that must be exhausted to know,

update, rectify and delete information and the respective channels for them to exercise them.The purpose of this document is to establish the criteria for the collection, storage, use, transfer,

circulation, and deletion of personal data processed by Wizzer. In this sense, Wizzer has

provided this policy for the processing of personal data (the "Policy") in order to clearly regulate

and disclose the relevant aspects in relation to the personal data of the community, including,

but not limited to employees, suppliers, third parties and users of its platform, who have granted

authorization for the handling of their data to Wizzer.

3. PRINCIPLES OF THE PROCESSING OF PERSONAL DATA.

During the time we process your personal data, we will guarantee the application of the general

principles established in the GDPL:

a) Legality Principle: The processing of personal data must obey a legitimate purpose, for

which we will faithfully comply with the provisions of the GDPL and other applicable provisions.

b) Principle of Purpose: We will always treat your personal data according to a legitimate

purpose which will be previously informed to the data subject of the personal data.

c) Principle of Freedom: We will only process your personal data when we have the prior,

express, and informed consent of the data subject or there is an exception in accordance with

the GDPL. As a data subject, you can always refuse the processing of your sensitive data.

d) Principle of Truthfulness or Quality: The personal data we will process must be truthful,

complete, accurate, updated, verifiable and understandable.

e) Principle of Transparency: We guarantee that at any time and without restrictions, the data

subject or his legal representative may access information about their personal data and how

they are treated.

f) Principle of Access and Restricted Circulation: The processing of your personal data will

be carried out only by the persons to whom you have authorized and/or to whom the information

must be shared in accordance with the GDPL.

g) Security Principle: The information subject to treatment by us will be handled with the

technical, human, and administrative measures necessary to provide security to the records,

avoiding its adulteration, loss, consultation, use, or unauthorized or fraudulent access.

h) Principle of Confidentiality: We are committed that the persons involved in the processing

of your personal data that are not public will be obliged to ensure the confidentiality of the

information, even after the end of their relationship with any of the tasks that comprise the

treatment, and may only make provision or communication of personal data when it

corresponds to the development of authorized activities.

i) Principle of Accountability: That which is based on the approach of recognition and

commitment of the organizations in order to increase the standards of protection to ensure and

guarantee people an adequate treatment of their personal data. This principle entails anobligation for us to be accountable for our activities in terms of personal data protection, to

accept responsibility for them, and to disclose the results in a transparent manner.

4. PURPOSES.

Personal data is processed by the Company for the following purposes:

4.1. General purposes:

a) To use the data provided in communication campaigns, disclosure and promotion or offer of

products, activities and/or services through the following channels: email, WhatsApp, SMS, calls

or any official communication channel of the Company.

b) Send promotional messages, marketing, advertising, and other information based on your

preferences and social media advertising through social media platforms. This includes the

possibility of sending messages through instant messaging applications and, eventually, your

inclusion in groups that carry out this type of communications, from which the user may

withdraw at any time.

c) Sending communications regarding the Company's services and, in general, the provision of

our services through any channel including, but not limited to, social networks, text messages,

push notifications, email, phone call, etc.

d) To carry out management and collection activities of your obligations as a user of our

services. This includes pre-judicial and judicial collection management, in charge of us or third

parties through the following channels: WhatsApp, phone call, WhatsApp call, email, text

message or any official communication channel of the Company.

e) Keep historical records of and maintain contact with the data subjects, regarding the services

provided.

f) Perform the existing contractual relationship with its employees, suppliers, third parties and

users of its platform, including the payment of contractual obligations.

g) To develop new programs, software, systems and technological tools.

h) Register the information of its employees, suppliers, third parties and users of its platform and

the database registry of each one.

i) Support in external/internal audit processes.

j) Collect, hold, manage, and use the information to perform control and prevention of fraud,

control and prevention of money laundering and financing of terrorism, transparency and

business ethics programs, and other corporate responsibility controls.k) To carry out the necessary activities to manage requests, complaints, and claims from users

or third parties; and direct them to the areas responsible for issuing the corresponding

responses.

l) Transmit the information collected to third parties with whom the Company contracts the

storage and management of personal data, under the standards of security and confidentiality to

which the Company is obliged as contained in the relevant laws and internal policies.

m) Transfer personal data to third parties located in any country that provides a level of

protection of personal data equal to or greater than that of Colombia.

4.2. Employment purposes:

a) To perform and manage the labor relationship; collect, record, and update my personal data

in order to inform, communicate, organize, control, attend, and accredit the activities related to

your status as an employee.

b) Manage the data to carry out the payment processes; use if it is necessary, the personal data

in order to establish access controls to the logical or physical infrastructure.

c) To perform tasks before the corresponding authorities with respect to the social security

system.

d) To attend medical, sanitary, or general emergencies.

e) To carry out selection, evaluation, and employment process.

f) Share personal data with banking entities, companies that offer benefits to our active workers,

among others.

4.3. Purposes for users and customers:

a) Management and provision of information services provided by the Company.

b) Classification, security, and access to the Company's platform.

c) Processing of personal data in accordance with the instructions and use made by the

Company's customers of its services, i.e., use and access to the cloud computing platform.

d) Sharing data for free or for a fee to third parties, for the purpose of marketing analysis,

product preferences or scoring of users of the Company's platform.

5. WHAT DATA DO WE COLLECT AND HOW DO WE USE IT?

5.1. How do we collect personal data?The Company collects information directly from you, from your use of our partners’ applications

and platforms, as well as from any third parties you have authorized to share information with

us.

a) Direct

Information you provide to us directly, such as requesting information services by accessing and

using the Company's platform, or in the administration of our cloud computing services.

b) Indirect

Where permitted by law, the Company may collect information about you from third parties such

as partners, credit bureaus, government entities, or others, in accordance with the rules

applicable to the transfer and transmission of personal data.

c) Activities

We may collect your data if you agree to participate in surveys, sweepstakes, or promotional

activities.

d) Website and/or Platform

When you visit our websites or our platform, we may collect personal information from you

automatically through cookies or similar third-party technologies.

5.2. Automated Decisions

Automated decision making occurs when an electronic system processes information or

personal data to decide without human intervention. Part of our procedures, especially

anti-fraud measures and identity verification, rely on automated decision-making mechanisms.

5.3. Retention of Information

The Company will retain and use personal information for the period necessary to:

1. 2. 3. 4. Comply with the purposes described in this Policy;

Comply with applicable legal and regulatory obligations;

Comply with evidentiary purposes in legal, administrative or litigation proceedings;

Execute and fulfill contracts entered with each of the stakeholders (employees,

suppliers, business partners, among others).

5.4. Type of Information Collected

a) Information About Users: personal identifiable information (name, gender, age, email, etc.).

b) User Content and Social Media Information: personal data in content such as posts, file

uploads, and communications.c) Cookies: The Company uses its own or third-party cookies to ensure the proper functioning

of the site.

6. RIGHTS OF THE DATA SUBJECTS OF PERSONAL INFORMATION AND

APPLICABLE PROCEDURE

The data subjects of personal data shall have the right to:

a) Access free of charge to the data provided that have been subject to processing.

b) Consultation. You may consult your personal data in our databases.

c) Rectification and Updating. The Company undertakes to rectify and update your incomplete

or inaccurate personal information.

d) Suppression. You have the right at any time to request the deletion of your personal data if it

is not prevented by a legal or contractual provision.

e) Revocation. You may revoke your consent to the processing of your personal data at any

time, if it is not prevented by a legal or contractual provision.

f) Request proof of the authorization granted.

g) File complaints before the Superintendence of Industry and Commerce (SIC) for

violations of the provisions of the regulations in force.

h) Refrain from answering questions about sensitive data.

i) Be informed by the Company, upon request, regarding the use it has given to their personal

data.

7. PROCEDURE FOR THE EXERCISE OF DATA SUBJECT'S RIGHTS

Requests will be processed within 15 working days from the day following the date of receipt.

This may be extended under certain circumstances, in which case the Company will notify the

user.

8. DUTIES AND RESPONSIBILITIES OF THE COMPANY

The Company as responsible or in charge of the processing of personal data complies with the

duties and obligations set forth in articles 17 and 18 of the GDPL:

a) Guarantee the data subjects, at all times, the full and effective exercise of the right of Habeas

Data.

b) Request and keep, under the conditions provided for in this law, a copy of the respective

authorization granted by the data subject.c) Duly inform the data subject about the purpose of the collection and the rights he/she is

entitled to.

d) Keep the information under the security conditions necessary to prevent its adulteration, loss,

consultation, or unauthorized access.

e) Ensure that the information is truthful, complete, accurate, and updated.

f) Rectify the information when it is incorrect.

g) Process queries and claims.

h) Inform the data protection authority (SIC), when there are violations to security codes.

9. CHANGES IN THE POLICY

In the event of changes to this policy, these will be published at info@wizzerapp.com to keep

you informed and updated on the conditions of use of your data.

10. PROCESSING OF SENSITIVE DATA

We will only process sensitive personal data for what is strictly necessary, requesting prior and

explicit consent.

11. PROCESSING OF DATA OF CHILDREN AND ADOLESCENTS

The Company will only process the personal data of minors when:

(i) they are of a public nature,

(ii) they come from information provided by employees or contractors,

(iii) or when their processing is duly authorized by the parents or legal representatives.

12. TRANSFER OF PERSONAL DATA TO THIRD PARTIES

We will not give your personal data to other entities without first obtaining your prior consent,

except:

● When necessary for subscription management via Apple’s App Store.

● When required by law.

● When sharing with third-party suppliers under strict confidentiality.

13. TRANSFER OF PERSONAL DATA TO THIRD COUNTRIES

Personal data may be sent to countries that do not have an adequate level of protection of

personal data only under prior, express, and informed authorization of the data subject, or when

permitted by law.

14. SECURITY AND CONFIDENTIALITY

To comply with the principle of security, we implement internal security mechanisms to prevent

adulteration, loss, or unauthorized access. This includes:

● Secure encryption mechanisms where possible.

● Measures against fraud, especially for subscription management.

● Strict access controls.

15. SUBSCRIPTION-RELATED UPDATES

a) Subscription Model: Wizzer uses a subscription-based model for premium features.

b) Apple Payment Handling: All subscription transactions (billing, refunds, auto-renewal) are

exclusively handled via Apple. The Company does not store payment details.

c) Refund Requests: Must be addressed to Apple Support under Apple’s App Store policies.

d) Subscription Status: Wizzer stores metadata (active, canceled, trial) to manage user

access but does not retain any sensitive financial data.

e) Managing Subscriptions: Deleting the app does not cancel your subscription; you must

cancel through your Apple ID settings.

f) Pricing Experiments: Some users may see different subscription pricing. The final price is

determined by what you see on Apple’s in-app purchase screen.

16. CONTACT INFORMATION

Company Name: Wizzer Inc

TAX ID: 32-0743478

Address: 74 E Glenwood Ave Unit 5423

E-mail: info@wizzerapp.com

Website: www.wizzerapp.com

17. EFFECTIVE DATE

This Policy is effective as of 8/15/2024.

ANNEX 1

Definitions:

● Authorization: Prior, express, and informed consent.

● Claim: The exercise of the right to correct, update, or delete personal data.

● Consent: The data subject’s free, unequivocal will.

● Controller: Natural or legal person, public or private, who decides on the database.

● Database: The organized set of personal data that is subject to processing.

● Data of Minors: The provision of personal data of minors must be made with the

authorization of parents or legal representatives.● Processor: Natural or legal person who performs data processing on behalf of the

controller.

● Data subject: Natural person whose personal data is subject to processing.

● Sensitive data: Data that affect the privacy of the data subject or whose improper use

may generate discrimination.

● Transfer: When the controller sends personal data to a recipient inside or outside the

country.

● Transmission: The physical or automated operation that allows capturing, recording,

reproducing personal data.

● Users: Users of Wizzer’s platform.

ANNEX 2

Authorizations:

As the data subject, you authorize Wizzer Inc. to collect, store, process, and transmit your

personal data under the terms described in this Policy, including subscription-related data used

for Apple’s App Store compliance.

Effective Date: 8/15/2024 (or [Insert Date])

By using Wizzer, you acknowledge and agree to this Privacy Policy which includes all original

content plus the subscription-related updates for Apple compliance.