Privacy Policy

At Nove8, we are committed to using technology to bring value, joy, and ease into everyday life. Whether it's enhancing your lifestyle, supporting your passions like pets or personal style or simply making daily tasks more convenient, we believe in the transformative power of innovation to create meaningful, positive change.

Protecting your privacy and maintaining the highest security standards are fundamental to our mission. We are committed to transparency and accountability in how we handle your personal data, ensuring you have clear insights and control over your information while seamlessly enjoying our Service.

WELCOME TO WOOFZ PRIVACY POLICY!

This Privacy Policy (the “Privacy Policy”) sets out the main principles on which the data collected from you, or that you provide to us, will be processed by us in connection with your use of “Woofz - Puppy and Dog Training” (the “App”), our websites (including but not limited to https://www.woofz.com) our blog, and all related services, features, materials, and content available for your use (collectively the “Service”) provided by NOVE8 LTD, a company duly incorporated in the Republic of Cyprus and registered address at Prodromos, 75, Oneworld Parkview House, Floor 4, 2063, Nicosia, Cyprus (“we”, “us”, “our” or the “Company”).

Depending on your location, selected payment method, or other relevant factors, access to the Service, particularly with respect to sales, billing, and payment processing, may be facilitated by NOVE8 LTD or one of its authorized partners acting as the Merchant of Record. These partners may include PETCARE PREMIUM INC., a company operating under the laws of Delaware, having its registered office situated at 131 Continental Dr, Suite 305, Newark, 19713, and county of New Castle, Delaware. The Merchant of Record does not provide the Service, manage subscriptions, or assume any obligations related to the operation, support, or performance of the Service. Your contractual relationship remains solely with NOVE8 LTD. Your rights and obligations under these Terms are unaffected by the designation of a Merchant of Record, and neither NOVE8 LTD nor its partners shall be jointly liable for each other’s obligations unless expressly stated in these Terms.

We encourage you to review our Privacy Policy in its entirety to gain insight into our data handling practices.

HOW TO REACH US?

We have carefully designed this Privacy Policy to be clear, transparent, and accessible. However, if you have any questions or concerns regarding your privacy rights or how we handle your personal data, please feel free to contact us through:

For EEA/UK and Non-EU/EEA Data Subjects:

Online Contact Form: https://woofz.com/contact-us

Mailing Address: Nove8 Ltd, Prodromos, 75, Oneworld Parkview House, Floor 4, 2063, Nicosia, Cyprus

Email: info@nove8.com

CHANGES TO THIS PRIVACY POLICY

We may revise this Privacy Policy from time to time to reflect:

• changes in applicable laws or regulatory requirements;
• updates to our data practices or the features and functionality of our Service provided to you;
• advancements in technology or other relevant changes.

Staying Informed. We encourage you to review this page periodically to stay informed about how we protect your personal data. The “Effective Date” at the top of this Privacy Policy indicates when the most recent changes were made.

Notification of Significant Changes. If we make material changes to this Privacy Policy that affect your rights or require your consent, we will notify you in advance through appropriate channels, such as:

• posting a prominent notice on our websites or in the App;
• sending an email to the contact information you have provided, if applicable.

Please note that your continued use of our Service following the Effective Date of the updated Privacy Policy constitutes your acknowledgment and acceptance of the changes.

CONTENTS

• WHAT IS PERSONAL DATA, AND WHO OVERSEES ITS PROCESSING?
• WHAT PERSONAL DATA DO WE COLLECT?
• WHAT ARE THE PURPOSES FOR PROCESSING YOUR DATA?
• WHAT ARE THE LEGAL BASIS FOR PROCESSING YOUR DATA?
• WHEN AND WHY DO WE SHARE YOUR DATA?
• WHERE IS YOUR DATA STORED AND TRANSFERRED?
• WHAT ACTIONS DO WE AVOID WHEN HANDLING YOUR DATA?
• WHAT ARE OUR RULES FOR STORING YOUR DATA?
• WHAT SECURITY MEASURES DO WE USE?
• HOW DO WE RESPOND TO SECURITY INCIDENTS?
• WHAT ARE YOUR RIGHTS OVER YOUR DATA?
• HOW CAN YOU MANAGE YOUR DATA?
• HOW WE PROCESS YOUR REQUESTS?
• PRIVACY NOTICE FOR CALIFORNIA RESIDENTS, US
• PRIVACY NOTICE FOR VIRGINIA, CONNECTICUT, COLORADO, UTAH, AND NEVADA, US

WHAT IS PERSONAL DATA, AND WHO OVERSEES ITS PROCESSING?

“Personal Data” refers to any information that identifies you as an individual or relates to an identifiable individual. NOVE8 LTD acts as the ‘controller’ of your Personal Data. As the controller, we determine the purposes and means of the processing of your personal data when you use our Service. In certain situations, as specified within this Privacy Policy, we may act as a ‘processor’ of your personal data, meaning we process data on behalf of another controller.

Additionally, certain aspects of our Service may be provided in partnership with Petcare Premium Inc., which act as ‘processors’ of your personal data. This means that Petcare Premium Inc., a company operating under the laws of Delaware, having its registered office situated at 131 Continental Dr, Suite 305, Newark, 19713, and county of New Castle, Delaware, also processes certain personal data as a data processor, operating strictly under our direction.

This partner processes your personal data solely for the purposes defined by us, ensuring compliance with applicable data protection laws and maintaining the security and confidentiality of your information.

This Privacy Policy is designed to reflect the requirements of the EU General Data Protection Regulation (GDPR) for users located within the European Union (EU), the European Economic Area (EEA), and Cyprus, as well as the UK General Data Protection Regulation (UK GDPR) for users in the United Kingdom. It also takes into account relevant U.S. privacy laws, such as the California Consumer Privacy Act (CCPA), to ensure compliance across all jurisdictions where our services are accessible. Further details on how we meet these obligations are provided in the sections below.

WHAT PERSONAL DATA DO WE COLLECT?

As you access and use our Service, we gather certain personal data through the following means:

Data Directly Provided by You:

Basic Information. We collect the information necessary to personalize your account and provide you with a tailored Service. This includes: your name and surname, email address, account and profile credentials, any other information you choose to share to personalize your account or profile, and optional information, such as preferences or interests, that you provide during onboarding or while using the App.

Purchase and Subscription Information. Payment information is required to process your subscription. This includes billing and shipping address, subscription plan details, and payment information. Note that we do not store or process your credit card information. This information is handled securely and directly by our third-party payment processing partners in accordance with their privacy policies.

Pet Information. Pet’s: name, age, breed, behavior traits or issues, daily routine, health concerns or other health-related information, origin, commands knowledge, owner's preferences for learning materials about pets, pet’s caregivers (family sharing).

Survey and Communication Information. We may collect any information you voluntarily provide when: participating in surveys, questionnaires, or Service testing, communicating with us or directed to us via letters, emails, and social media, or submitting reviews or testimonials regarding our Service. If you participate in any promotions or competitions we may run, we process information relevant to your participation. This data is processed to assess user opinions, improve our Service, and support the development of new features.

User-Generated Content. We process any content you publish or upload on our Service, including but not limited to posts, messages, images, and other materials, in accordance with the provisions set out in our Terms regarding User-Generated Content.

Data Automatically Collected by Us:

Log and Technical Information. When you access our website or use the App, certain information is automatically collected by your browser or device. This may include: your IP address, browser type, time zone, language settings, the date and time of your access, details about the features you use, actions you take within the Service, interactions with specific areas of the interface, and patterns of App usage, including session frequency and duration.

Device-Related Information. We collect information about the device you use to access our Service, including device model, type, unique device identifiers, operating system version, Internet service provider details, mobile carrier information, and hardware ID.

Other Sources. We may augment the information you provide with data obtained from third parties or other external sources. This additional data may include: details about how you interact with our Service or information from third parties to support marketing communications (only where you have opted in), refine our research, or enhance the delivery of our Service.

Data Collected via Cookies.

To provide you with an enhanced experience, our Service relies on technologies such as cookies, SDKs, and similar tools. These technologies assist us in tailoring your interactions, delivering relevant advertisements, and gaining insights into how our Service is used. They are triggered when you browse our website, navigate the App, or activate specific features. While you have the option to disable these tools in your settings, doing so may limit the availability or performance of certain functionalities; however, the essential aspects of our Service will remain accessible.

Please learn more about this in our Cookie Policy.

Please note that this Privacy Policy does not apply to information collected by:

Third-Party Service. Any third party, including through any application or content (including advertising) that may link to or be accessible from or through our Service.

Personnel and Job Applicants: This Privacy Notice does not apply to the collection of personal data from employees, job applicants, contractors, business owners, directors, officers, or other staff members except for California Residents.

Non-Personal Data: Information that cannot reasonably identify, relate to, describe, or be linked (directly or indirectly) to a specific individual is not considered personal data. This Privacy Notice does not govern the processing of such non-personal information.

WHAT ARE THE PURPOSES FOR PROCESSING YOUR DATA?

We collect and process personal data to deliver, enhance, and secure our Service, ensuring a seamless and personalized experience. Below, we outline the purposes for which your data is processed:

To Ensure Access to and Proper Delivery of our Service. We process your personal data to enable your access to and use of our Service. This includes: verifying your identity and providing uninterrupted access to our Service, promptly addressing any operational or technical problems.

To Fulfill Transactions. We collect the information required to process your transactions, which includes managing subscription payments and providing any related services to ensure seamless access to the features you have subscribed to.

To Customize Your Experience. We process your personal data to tailor the Service to your individual preferences and needs. By analyzing your interactions and behavior, we deliver content, recommendations, and features aligned with your specific goals. This allows us to provide you with a more personalized experience, targeted content, or recommendations for relevant products. We may also use algorithms or automated systems to analyze behavior and recommend features. These do not result in legally significant decisions unless explicitly stated.

To Analyze Usage and Performance. We use your personal data to gain insights into how you interact with our Service. This helps us identify the most popular features, assess the effectiveness of our content, and understand user behavior. These insights are used to refine functionality, improve usability, and ensure that the Service operates effectively and efficiently for all users.

To Improve the Service. We process personal data to enhance the overall quality and functionality of the Service. By refining features and developing new tools, we ensure that the Service evolves to meet your needs. Data is also used to optimize our offerings, conduct research and surveys, and perform financial analyses to assess billing, pricing, and other processes that may require improvement. These efforts enable us to create a better user experience and provide innovative, value-driven solutions.

For Advertising and Marketing Purposes. We may process your personal data to enhance and deliver targeted advertising within our Service and on third-party platforms. Your information helps us display personalized ads and content that reflect your interests and preferences. We work with external advertising networks, social media platforms, and analytics providers to promote our Service across various channels. Additionally, we analyze the performance of our marketing campaigns to assess their effectiveness and refine our advertising strategies for better engagement.

To Ensure the Security and Integrity of our Service. We process your personal data to safeguard the security and stability of our systems, networks, and users. Measures are taken to prevent unauthorized access, detect misuse or fraudulent activities, and ensure the integrity of our IT infrastructure through consistent monitoring and maintenance.

To Provide Support and Communicate with You. When you reach out to us with inquiries, concerns, or feedback, we process your personal data to assist you and address your requests. This may include sending responses via email, providing updates related to your use of our Service, or resolving reported issues. We may also review communications and interactions with you to ensure the quality of our support, improve staff training, and effectively handle any complaints you raise.

To Comply with Legal Obligations. We process your personal data to meet our responsibilities under applicable laws and regulations. This may involve using your information to investigate disputes or claims related to our Service or to respond to legal, governmental, or regulatory requests. Your information may also be processed to fulfill obligations related to anti-money laundering measures, fraud prevention efforts, tax compliance, sanctions adherence, or other legal requirements. Additionally, we may use your personal data to assert or protect our legal rights when appropriate.

WHAT ARE THE LEGAL BASIS FOR PROCESSING YOUR DATA?

We are committed to transparency in how we collect, use, and process your personal data. Under applicable data protection laws and other relevant regulations, we rely on specific legal bases for processing your personal data. The legal basis varies depending on the purpose of personal data processing, as outlined below.

*We provide you with the option to make purchases directly within our App or through our websites. Your payment information is processed securely through third-party payment systems and providers, and we do not collect, store, or process any sensitive payment data, such as your credit card number or expiration date.

In-App Purchases. If you purchase within our App, your payment will be processed through third-party payment providers, such as:

• Apple App Store (for iOS devices)
• Google Play Store (for Android devices)

These platforms handle all payment transactions independently, and we do not have access to, or store, your payment card details.

Website Purchases. If you choose to purchase a subscription or other services directly through our websites, the payment will be processed through an authorized third-party payment provider. In this case:

• You authorize the applicable payment provider to collect and process your payment details.
• We do not collect or store your payment information (e.g., credit card number, expiration date).

Payments on our website may be processed through Stripe or PayPal.

Payment Provider Privacy Policies. For all transactions, we strongly recommend reviewing the Privacy Policy of the payment provider processing your transaction. For example,

Stripe Privacy Policy

PayPal Privacy Policy

Security and Compliance. We take your financial security seriously and ensure that all payment providers we work with:

• Comply with PCI-DSS (Payment Card Industry Data Security Standard) regulations.
• Use encryption and fraud prevention mechanisms to safeguard transactions.
• Operate independently in processing and securing your payment details.

WHEN AND WHY DO WE SHARE YOUR DATA?

To provide our Service effectively, we may need to share your personal data with certain third parties. Such sharing will be carried out in compliance with applicable privacy laws.

Third-Party Service Providers. We may share your personal data with carefully selected service providers that assist in operating, maintaining, and enhancing our Service. These may include, but are not limited to:

• hosting and cloud infrastructure providers;
• email communication service;
• payment processing partners;
• fraud prevention and cybersecurity vendors;
• analytics and data aggregation service;
• customer support and engagement platforms.

These third parties will only process your personal data under contractual obligations, ensuring they adhere to strict data protection standards, and they are prohibited from using your personal data for any purpose other than those specified in our agreements.

Third-Party Marketing Partners. If you have provided your explicit consent to receive marketing communications, we may share certain personal data (such as your email address) with our marketing service providers. This may include digital advertising platforms, social media advertising providers, or marketing automation tools that assist us in delivering targeted communications and promotions. You may withdraw your consent at any time by following the unsubscribe instructions provided in our emails.

Legal Compliance and Protection of Rights. We may disclose your personal data when required to do so under applicable law, regulation, or legal process, including:

• Compliance with legal obligations: To comply with any legal requests, court orders, or law enforcement investigations.
• App security and integrity: To prevent or address fraudulent, malicious, or unauthorized activities that may compromise the security of our Service.
• Protection of rights and safety: Where disclosure is necessary to protect our Company, customers, or the public against harm, legal violations, or imminent risks to personal safety.
• Emergencies: If necessary, to prevent death or serious bodily injury based on a legitimate good-faith belief.

Data Transfers Within Our Corporate Group. To support our global business operations and provide seamless services, we may share your personal data with our affiliated entities, subsidiaries, and trusted partners. These transfers are conducted strictly in accordance with applicable data protection laws and are governed by robust data protection agreements.

WHERE IS YOUR DATA STORED AND TRANSFERRED?

Data Storage. We primarily store and process your personal data within Cyprus and the European Economic Area (EEA) to ensure compliance with applicable data protection laws. Our commitment to data security and privacy means that all personal data is stored on secure servers that we either own or license from trusted third-party providers. These servers are protected using industry-standard security measures to prevent unauthorized access, data loss, or misuse.

Data Transfers Outside the UK & EEA. In certain circumstances, we may need to process or transfer your data to trusted third-party service providers outside Cyprus and the EEA to ensure the effective operation and delivery of our Service. This may include servers or partners based in the United States or other jurisdictions.

Before engaging any third-party processor located outside these regions, we conduct thorough risk assessments and ensure they meet strict privacy and security requirements aligned with international data protection standards. We do not transfer personal data to jurisdictions that lack adequate data protection frameworks.

Legal Safeguards for International Transfers. Whenever personal data is transferred outside Cyprus or the EEA, we comply with EU GDPR by implementing legally recognized safeguards, including Standard Contractual Clauses (SCCs) as approved by the European Commission, ensuring an equivalent level of data protection.

Where an adequacy decision is unavailable, we apply additional safeguards such as encryption, strict access controls, and security audits to mitigate risks associated with cross-border data transfers.

For additional information on Standard Contractual Clauses under EU law, please visit this link.

Data Minimization and Anonymization. To further enhance privacy and security, we apply principles of data minimization and anonymization, ensuring that only the necessary data is transferred outside the EEA to fulfill specific purposes. This reduces potential risks associated with international data transfers.

Your Consent to International Transfers. By using our Service and providing your personal data, you explicitly acknowledge and consent to its transfer, storage, and processing outside the EEA as outlined in this Privacy Policy. All transfers are conducted in strict compliance with applicable data protection laws to ensure your rights and personal data remain protected.

WHAT ACTIONS DO WE AVOID WHEN HANDLING YOUR DATA?

We are dedicated to respecting your privacy and safeguarding your personal data. In line with this commitment, we adhere to principles regarding the handling of your information, as detailed below:

No Sale, License, or Rental of Personal Data. We do not sell or rent your personal data for financial gain. Your personal data is only disclosed as outlined in this Privacy Policy.

Limited Sharing with Service Providers. We share your personal data exclusively with service providers who assist in delivering and supporting our Service, as described herein. We ensure that no data is shared with external providers or partners without appropriate data protection agreements or contractual terms in place to safeguard your information.

Protection of Children’s Data. We do not knowingly collect personal data from children who do not meet the minimum age requirement in their jurisdiction. If you are under the applicable minimum age, as defined in our Terms, you are not permitted to use our Service.

WHAT ARE OUR RULES FOR STORING YOUR DATA?

We store your personal data only for as long as it is necessary and relevant to achieve the purposes for which it was originally collected. This includes providing our Service, maintaining security, resolving disputes, and complying with legal and regulatory obligations.

Retention Periods. When your personal data is no longer required for its original purpose, we will either securely delete or anonymize it so that it can no longer be linked to you. If you deactivate or delete your account, we will retain your personal data for no longer than two (2) months, unless retention is required for legal, regulatory, or contractual obligations. In cases where legal or regulatory requirements necessitate longer retention, we will store only the minimum personal data necessary and ensure it is appropriately protected.

Exceptions to Deletion Requests. Even if you request the erasure of your personal data, certain circumstances may require us to retain minimal ​​personal data, including:

• Legal compliance: To adhere to applicable laws, regulations, or law enforcement requests.
• Dispute resolution: To investigate, defend, or settle legal claims.
• Contract enforcement: To uphold our agreements and protect our legitimate business interests.

Once retention is no longer required for these purposes, we will ensure the final deletion or anonymization of your personal data securely.

WHAT SECURITY MEASURES DO WE USE?

We take data security seriously and have implemented both organizational and technical safeguards to protect your personal information against unauthorized access, loss, alteration, or misuse.

Organizational Security Measures. We enforce strict internal policies and procedures to maintain the security and confidentiality of personal data, including:

• Access Control Policies: Only authorized personnel with a legitimate need can access sensitive data.
• Physical Security: Our premises and data storage facilities are secured through restricted access, surveillance, and security protocols.

Technical Security Measures. We deploy state-of-the-art cybersecurity protections to safeguard your personal data, including:

• Encryption & Pseudonymization: Sensitive data is encrypted at rest and in transit to prevent unauthorized access.
• Secure Networks & Firewalls: We use firewalls and endpoint protection to prevent cyber threats.
• Backups & Disaster Recovery: Our systems include secure backups and failover mechanisms to ensure resilience against data loss or service disruptions.

Acknowledgment of Security Limitations. We take commercially reasonable measures to protect your personal data, utilizing security technologies and best practices to guard against unauthorized access, data breaches, and cyber threats. However, no security system is entirely impervious to risks. Ensuring the safety of your information is an ongoing effort that involves continuous monitoring, risk evaluation, and enhancement of security protocols. The presence of a security incident does not automatically imply non-compliance with legal requirements or industry standards.

HOW DO WE RESPOND TO SECURITY INCIDENTS?

Immediate Assessment and Containment. In the unlikely event of a personal data breach, we will promptly assess the incident, contain its impact, and evaluate the risks to individuals’ rights and freedoms. Our breach response may involve actions such as logging affected users out, resetting passwords, and enhancing security protocols to mitigate potential harm. By maintaining strong personal security practices and promptly reporting any concerns, you can help us protect your information effectively.

Regulatory Reporting Obligations. If the breach is likely to result in a high risk, we will notify affected individuals without undue delay, providing details of the breach, mitigation steps, and recommended protective actions. When required, we will report the breach to the relevant supervisory authority within 72 hours of becoming aware. All breaches will be documented, and measures will be implemented to prevent recurrence.

To report a personal data breach or seek assistance, please contact us via https://woofz.com/contact-us. We will address your concerns accordingly.

WHAT ARE YOUR RIGHTS OVER YOUR DATA?

As a resident of the European Union (EU), European Economic Area (EEA), or the United Kingdom (UK), you are entitled to certain rights regarding your personal data under the General Data Protection Regulation (GDPR) and the UK GDPR. Below is a summary of your key rights and how you can exercise them:

Right to Access Your Data. You have the right to request access to the personal data we hold about you. Upon request, we will provide a copy of your personal data along with details about how it is processed, shared, and stored.

Right to Rectification. If your personal data is inaccurate, incomplete, or outdated, you have the right to request corrections or updates to ensure it is accurate and complete.

Right to Erasure (‘Right to be Forgotten’). You can request the deletion of your personal data where:

• the data is no longer necessary for the purposes for which it was collected;
• you withdraw consent and there is no other legal basis for processing;
• you object to processing and there are no overriding legitimate grounds;
• your data was unlawfully processed; or
• deletion is required to comply with a legal obligation.

Your right to erasure may not apply where processing is necessary for legal compliance, public interest, or the establishment, exercise, or defense of legal claims.

Right to Restrict Processing. You may request that we restrict the processing of your personal data if:

• you contest its accuracy (while we verify the accuracy);
• processing is unlawful, and you prefer restriction over deletion
• we no longer need the data, but you require it for legal claims; or
• you object to processing, pending verification of our legitimate interests.

Right to Data Portability. You have the right to receive your personal data in a structured, commonly used, and machine-readable format and, where feasible, request the direct transfer of this personal data to another service provider.

Right to Object to Processing. You have the right to object to the processing of your personal data where:

• processing is based on legitimate interests or public interest unless we demonstrate compelling legitimate grounds that override your interests.
• your data is used for direct marketing purposes, in which case we will immediately stop processing for this purpose.

Right to Withdraw Consent. If we rely on your consent to process your personal data, you have the right to withdraw that consent at any time. This will not affect the lawfulness of processing conducted before consent was withdrawn.

Right to Lodge a Complaint. If you believe your privacy rights have been violated, you have the right to file a complaint with your local data protection authority (DPA).

• EU Residents: You can find your relevant supervisory authority here.
• UK Residents: You can lodge a complaint with the UK’s Information Commissioner’s Office (ICO) here.

To exercise your rights, please contact us via info@nove8.com or write to us at the address set forth above.

If you reside outside the European Union (EU), European Economic Area (EEA), or the United Kingdom (UK), you may have specific privacy rights under your country’s applicable data protection laws. Below is a summary of key rights based on various jurisdictions:

United States and State-Specific Privacy Rights

If you are a resident of California, Virginia, Colorado, Connecticut, or other U.S. states with privacy laws, you may have certain rights under laws such as the California Consumer Privacy Act (CCPA), the California Privacy Rights Act (CPRA), the Virginia Consumer Data Protection Act (VCDPA), the Colorado Privacy Act (CPA), and others.

If applicable, you have the right to:

• Access Your Data: Request details about the categories and specific pieces of personal data we collect, use, disclose, or sell.
• Request Deletion: Ask us to delete your data, subject to legal exceptions.
• Opt-Out of Sale or Sharing of Data: If applicable, opt out of the sale or sharing of your data for targeted advertising or analytics purposes.
• Correct Your Data: Request correction of inaccurate personal information we maintain.
• Limit Use of Sensitive Data: If applicable, restrict the processing of sensitive personal information.
• Non-Discrimination: You will not be discriminated against for exercising your privacy rights.

If you are a California resident, you may also use an authorized agent to submit requests on your behalf.

Canada. Personal Information Protection and Electronic Documents Act (PIPEDA)

If you are a resident of Canada, you have the following rights under PIPEDA:

• Right to Access and Portability: Request a copy of the data we hold about you.
• Right to Correction: Request modifications to any inaccurate or incomplete personal information.
• Right to Withdraw Consent: If we process your data based on consent, you can withdraw it at any time.
• Right to Challenge Compliance: You can challenge our privacy practices with Canada’s Office of the Privacy Commissioner (OPC).

Brazil. Lei Geral de Proteção de Dados (LGPD)

If you are a resident of Brazil, you are entitled to rights under the LGPD, including:

• Right to Confirm Processing: Request confirmation on whether we process your data.
• Right to Access and Correction: Request access to or corrections of your data.
• Right to Anonymization or Blocking: Request anonymization, blocking, or deletion of unnecessary or excessive data.
• Right to Data Portability: Receive your data in a structured format or transfer it to another provider.
• Right to Withdraw Consent: Revoke your consent for data processing at any time.

For privacy concerns, you may contact the Brazilian Data Protection Authority (ANPD) at ANPD website.

Australia – Privacy Act 1988 & Australian Privacy Principles (APPs)

If you are a resident of Australia, you have rights under the Privacy Act 1988, including:

• Right to Know: Request information about how we collect, use, and disclose your data.
• Right to Access and Correction: Request copies of your data and corrections if inaccurate.
• Right to Restrict Processing: Limit how we use your personal information.

HOW CAN YOU MANAGE YOUR DATA?

We provide you with the ability to access, update, and delete your personal data in accordance with applicable privacy laws.

Accessing, Correcting, or Updating Your Data. You can review, modify, or update your personal data at any time by contacting us via https://woofz.com/contact-us

Deleting Your Data. If you wish to delete your personal data, you may do so using the following methods:

Option 1: Submit a request via our support form at: https://woofz.com/contact-us

Please include a brief description of your request.

Option 2: Delete Your Account via the App

Android Users:

Open Profile → Settings.

Select My Account.

Press Delete Account and confirm on the popup.

Contact our support team via info@nove8.com for final confirmation.

iOS Users:

Open Profile → Settings.

Select Manage Account Details.

Press Delete Account and confirm on the popup.

If you purchased a subscription via the App Store or Google Play, your account will be deleted automatically with no further action required.

If you purchased a subscription on our website, you must send a request to our support team via our contact form at: https://woofz.com/contact-us

Important Considerations for Account Deletion. If you delete your Account, you will lose access to all associated subscriptions, progress, and Content (including User-Generated Content) in the App. Once your Account is deleted, we may not be able to restore any lost data. If you purchased a subscription via our website, deleting your Account means you will no longer have access to your subscription.

For any further assistance, please contact our support team via https://woofz.com/contact-us

HOW DO WE PROCESS YOUR REQUESTS?

If you submit a request to exercise your data protection rights, we will process it as follows:

Response Timeframe. We aim to respond to valid requests within 30 days from the date of receipt. If your request is complex or we receive a high volume of requests, we may require additional time. In such cases, we will inform you of the extension and provide a revised timeline for our response.

Right to Decline Requests. We reserve the right to decline requests that are manifestly unfounded, excessive, or repetitive under applicable privacy laws. If your request falls into this category, we will notify you of our decision and provide reasons where required by law.

Identity Verification. To protect your privacy and prevent unauthorized access, we may request additional information to verify your identity before processing your request. This step is necessary to ensure:

• the requestor is entitled to access or modify the personal data.
• the rights and privacy of third parties are not compromised.

If we are unable to reasonably verify your identity, we may be unable to fulfill your request. We will inform you of this and provide guidance on any alternative steps you may take.

PRIVACY NOTICE FOR CALIFORNIA RESIDENTS, US

General Details. Residents of certain U.S. states, such as California, may have additional rights regarding their personal information under applicable state laws. These include the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), among other state privacy laws. Where specific legal provisions in this notice do not apply, the Privacy Policy shall govern the processing and handling of personal information.

Exercising Your Rights. Only you or an authorized representative legally permitted to act on your behalf may submit a request related to your personal information. Please refer to the previous section for details on the rights available to you and how to exercise them. In addition to those rights, this section provides further information about the processing, collection, and disclosure of personal information under U.S. State Privacy Laws.

Definition of Personal Information. Personal Information refers to any information that identifies, relates to, describes, or can reasonably be linked to you as an individual.

Pursuant to the CCPA, the term “personal information” excludes:

• Information that is publicly available through official government sources.
• Consumer data that has been de-identified, anonymized, or aggregated in a manner that prevents re-identification

Data Controller Responsibilities. NOVE8 LTD is responsible for determining how your personal information is collected, used, disclosed, and shared in accordance with applicable U.S. privacy laws, including the CCPA and other state-level privacy regulations.

No Sale of Personal Information. We do not sell your personal information in exchange for money, nor are we in the business of trading or monetizing user information. However, like many online businesses, we collaborate with advertising and analytics partners to deliver relevant ads across different platforms.

How This May Be Considered “Selling” or “Sharing” Under the CCPA? Under the CCPA, the sharing of personal information for targeted advertising or cross-context behavioral advertising may be classified as “selling” or “sharing”, even if no money is exchanged. This means that certain activities, such as allowing advertising networks to collect identifiers or browsing behavior to show you personalized ads, could be considered data sharing under California law.

Your Right to Opt-Out of Targeted Advertising and Data Sharing. Even though we do not sell your personal information for direct monetary gain, you still have the right to opt out of any sharing of your personal information with our advertising and analytics partners. This includes:

• Targeted advertising and personalized marketing.
• Behavioral tracking and analytics-based audience insights.

You can exercise this right by:

• Submitting an opt-out request via https://woofz.com/contact-us
• Configuring your browser or device settings to restrict online tracking.

Please note that under California’s “Shine the Light” law (California Civil Code § 1798.83), residents of California may request information about the disclosure of their personal information to third parties for direct marketing purposes. If applicable, you may submit such a request by contacting us.

Do Not Track. The “Do Not Track” (DNT) feature is a privacy preference that some web browsers offer, allowing users to indicate their preference not to be tracked by websites or online services. However, at this time, there is no universally accepted standard for implementing DNT signals, and not all browsers support this feature. Consequently, we do not currently respond to DNT signals.

Request for Access: you have the right to ask for access to (i) the personal and sensitive information we have about you and how we use it; and (ii) the categories, sources, and third parties that have received your personal information or to whom it has been “sold” or disclosed in the past 12 months. You can make this request once a year at no cost. Please ensure the subject line reads “California Privacy Rights Request,” and include relevant details such as your name, street address, city, state, and zip code. Once we validate your request, we will provide the requested disclosure within 30 days of receipt, unless an extension is necessary. If we require additional time due to the complexity of the request or the high volume of requests, we may extend the response period by an additional 30 days. In such cases, we will notify you within the initial 30-day period, explaining the reason for the extension and the expected response timeline.

Under the CCPA, privacy rights extend beyond users to all individuals, including job applicants, employees, independent contractors, and business partners who are California residents. These individuals may request information about our information collection practices regarding their personal information and may also exercise rights to access, delete, correct, or opt out of certain information sharing as permitted under California law. To make a request, please follow the instructions outlined in this Privacy Policy.

Categories of Personal Information Collected & Disclosed. We collect the following categories of personal information in connection with the Service. The table below outlines:

• the specific categories of personal information we collect.
• the business purposes for which this information is collected and disclosed.
• the categories of service providers to whom we have disclosed this personal information in the past 12 months.

PRIVACY NOTICE FOR VIRGINIA, CONNECTICUT, COLORADO, UTAH, AND NEVADA, US

We include this section for residents of other US states with privacy laws that may impact them. These privacy laws include the Virginia Consumer Data Privacy Act (“VCDPA”), the Connecticut Data Privacy Act (“CTDPA”), the Utah Consumer Privacy Act (“UCPA”), the Colorado Privacy Act (“CPA”), and the Nevada Privacy Law (“NPL”), the Montana Consumer Data Privacy Act (“MCDPA”), the Oregon Consumer Privacy Act (“OCPA”), and the Texas Data Privacy and Security Act (“TDPSA”). This section is intended to comply with these laws by supplementing the information provided elsewhere in the Privacy Policy.

Collection of Personal Information. We may collect personal information as described and categorized elsewhere in this Privacy Policy. The specific definitions of sensitive information vary by state law.

Use of personal information. We may collect, use, and disclose personal information for the purposes outlined in this Privacy Policy. This includes providing services, improving our products, and complying with legal obligations.

Disclosure of Personal Information. We may disclose personal information to third parties and service providers as described in this Privacy Policy. We ensure such disclosures comply with applicable laws to protect your privacy and rights.

General Privacy Rights

Residents of Colorado, Connecticut, Virginia, Utah, Montana, Oregon, and Texas are entitled to the following rights concerning their personal information:

• Access: You have the right to request and receive a copy of the personal information we have collected about you.
• Correction: You can request corrections to inaccurate or outdated personal information.
• Deletion: You have the right to request the deletion of your personal information, subject to specific exceptions under the law.
• Data Portability: You can request that personal information be provided in a portable, easy-to- read format to enable its transfer to another service provider.
• Opt-Out Rights:
  • Targeted Advertising: You can opt out of your personal information being used for targeted advertising.
  • Sale of Personal Information: You can opt out of the sale of your personal information to third parties. Note: We do not sell personal information for monetary consideration.
  • Profiling: You can opt out of automated decision-making processes that profile you for significant decisions, such as those affecting your legal, financial, or employment status.

State-Specific Rights. Each state has unique provisions under its privacy laws. Below are additional details for residents of Montana, Oregon, Texas, and Nevada.

Montana

• Profiling Opt-Out*: You may opt out of the use of your personal information for profiling purposes.
• Data Sales Opt-Out: You can opt out of the sale of personal information.

*We do not engage in profiling or sell personal information for monetary consideration.

Oregon

• Access, Correction, and Deletion Rights: You can request access to your personal information, correct inaccuracies, or request its deletion.
• Data Sales and Targeted Advertising Opt-Out: You have the right to opt out of the sale of your personal information and the use of your information for targeted advertising.
• Compliance: We fully comply with the requirements of the Oregon Consumer Privacy Act (OCPA) to safeguard your rights and personal information.

Texas

• Transparency: You have the right to know the types of personal information we collect, process, and store about you.
• Data Correction and Deletion: You may request corrections to inaccuracies or deletion of your personal information.
• Opt-Out Rights: You can opt out of targeted advertising and profiling practices.

Nevada

• Sale of Information*: Nevada residents have a limited right to opt out of the sale of personal information.

*We do not engage in selling personal information for monetary consideration.

How to Exercise Your Rights. To exercise any of the rights outlined above:

• Submit a Request: Contact us using the methods specified in our Privacy Policy. Include your full name, state of residence, and details of the request to help us process it efficiently.
• Verification Process: We may require you to verify your identity to protect your personal information and comply with legal obligations.
• Response Timeline: We will respond to verifiable requests within the timeframe specified by applicable state laws (typically 30 to 45 days).