Effective May 25, 2018
Questions or concerns about how we handle your data can be mailed to the address below or via https://www.myfooddiary.com/support.
As is true of most websites, we gather certain information automatically and store the data in server log files. This data includes the visitor’s browser type, language preference, referring site, file requested, IP address, and the date and time of each file request. This information is used to analyze trends, administer and secure our services, track user movement in the aggregate, and gather broad demographic information for aggregate use.
We collect personal data required to fulfill our obligations under our Terms of Service. This data is used to provide a personalized user experience and offer fitness recommendations based on your particular needs. For example:
In order to join our Affiliate Program, you will need to provide your contact information and website address. We use this information to aid in the tracking of referrals and to pay you. Your information will not be distributed to any third parties, and you will not have access to any of our members’ personal data.
We do not intentionally collect sensitive personal information, such as social security numbers, genetic data, health status, or religious affiliation. Although we do not intentionally collect any sensitive personal information, we recognize that you might wish to store this information in your account, such as in your personal notes. If you store any sensitive personal information on our servers, you are responsible for complying with any regulatory controls regarding that data.
Children under 13 years of age are not permitted to create or use a MyFoodDiary account. We do not knowingly collect information or direct any of our content specifically to children under 13. If you live in a country with a different minimum age limit and you are below the minimum age for providing consent for data collection, you may not use our services without obtaining your legal guardians' consent.
MyFoodDiary processes personal information on the following legal bases:
We share your personal data with your consent or as necessary to complete transactions, communicate with you, or provide services you have requested. For example, we share your credit card information with our credit card processor in order to complete the transaction. We do not sell personally identifiable information to 3rd parties.
When you choose to share your MyFoodDiary data with another online service (e.g., Fitbit, Facebook, and Twitter), we will send the data you have agreed to share. Information collected by these third parties is subject to their terms of service and privacy policies. We are not responsible for the practices of third parties.
We reserve the right to disclose your personally identifiable information as required by law, including complying with court orders and other legal or regulatory processes. Additionally, we may share personal data with law enforcement, our legal counsel, or other consultants as needed to protect our business interests, employees, members, and the general public from fraud, abuse, and other harmful acts.
We may share aggregated demographic information and analyses about our user base with our partners. This data does not contain personally identifiable information. For example, we may share the gender distribution of our membership with our affiliates.
Google Analytics provides us with statistics about our site traffic. We also use Remarketing with Google Analytics for advertising purposes. Third-party vendors, including Google, show our ads on sites across the Internet. We and third-party vendors, including Google, use first-party cookies (such as the Google Analytics cookie) and third-party cookies (such as the DoubleClick cookie) together to inform, optimize, and serve ads based on someone's past visits to our website.
We will not facilitate the merging of personally identifiable information with non-personally identifiable information unless we have robust notice of and the user's affirmative consent (i.e., opt-in) to that merger.
We use web beacons (typically invisible images) to track advertising performance on various ad networks, including Bing, Google, and Facebook. These networks may also show you targeted ads based on your browsing activity. You can opt out of these behavioral ads at http://preferences-mgr.truste.com/
We may share your information with third parties when we forward Digital Millennium Copyright Act (DMCA) notifications, which will be forwarded as submitted to us.
We may retain, preserve or disclose your information if we determine that disclosure is reasonably necessary or appropriate to prevent death or serious bodily injury.
In the event MyFoodDiary or its parent company, Aligned Web Solutions, Inc., goes through a business transition, such as a merger, acquisition by another company, or sale of all or a portion of its assets, your personally identifiable information will likely be among the assets transferred. You will be notified via prominent notice on our website for 30 days of any such change in ownership or control of your personal information.
We take data security seriously. We have implemented a variety of technical and procedural controls to meet the Payment Card Industry Data Security Standards (PCI DSS) for handling your sensitive data, including the use of security scanning services, firewalls, security patches, web application firewalls, data encryption, and intrusion detection systems.
In order to secure your information during transmission, we offer data encryption using Transport Layer Security (TLS) technology. Secure URLs begin with https:// rather than http://. Our security certificate is supplied and certified by Comodo.
We submit to daily security scans that check our servers for vulnerabilities. If a security vulnerability is found, the scanning service will notify us immediately.
While we work hard to protect your personal information, data transmission over the Internet and data storage cannot be guaranteed to be absolutely secure, and we cannot warrant the security of the information you transmit. Transmitting personal information is done at your own risk.
Generally, we retain your personal data for as long as your account is active or as needed to provide you services.
We may retain certain account data indefinitely unless you delete it or request its deletion. For example, we do not automatically delete inactive user accounts, so unless you choose to delete your data, we may retain your account information indefinitely. Doing so allows for the easy reactivation of your account.
Web server logs are retained for a minimum of 1 year.
You may access your personal data by signing into your account and viewing your account details.
If you find your data is incomplete or incorrect, you may correct your information using the forms provided on our website.
You can easily delete food, exercise, body, and personal notes data by logging into your account, clicking the "settings" icon, choosing "My Data," and then selecting the data you wish to remove. If you would like to remove contact and billing information, you will need to cancel your account and submit your request using our contact information provided in this document.
We are under a contractual obligation with Visa, Mastercard, Discover, and American Express to follow the requirements set forth in the Payment Card Industry Data Security Standard (PCI DSS). For example, we are required to store web server logs (including IP addresses) for a minimum of 1 year. As a result of this contractual obligation and our legitimate interest of safeguarding the data stored, some personal data cannot be removed at the time of your request.
You can modify or remove all non-essential data provided to us. Deleted data is permanently removed. Data essential to maintaining your account can be edited but not removed while your account is active.
If you have contacted us about privacy concerns and we have been unable to resolve the issue to your satisfaction, you have the right to bring the complaint to the relevant data protection authority, which has the power to enforce privacy laws in your country.
You may export your food, exercise, and weight data in comma-separated values (CSV) files, which can be viewed using a spreadsheet application (e.g., Microsoft Excel).
You have the right to withdraw your consent to the processing of your information at any time. In certain cases, we may continue to process your information after you have withdrawn consent if we have a legal basis to do so or if your withdrawal of consent was limited to certain processing activities.
You have the right to object to our handling of your personal data at any time. If you object to our use of your personal data for direct marketing purposes, such as an email newsletter, we will honor your request as quickly as reasonably possible. We will review all other objections on the grounds of each situation based on any legal requirements or legitimate interests we may hold processing the data.