Consumer Privacy Policy

POLICIES

CROSSHATCH U.S. PRIVACY NOTICE

Last Updated: October 16, 2023

Our Mission and Your Privacy Choices

Here at Olympus Technologies Inc., doing business as Crosshatch (referred to in this Privacy Notice as “Crosshatch,” “we,” “us” or “our”), our mission is to build a safer and privacy-enhanced way for you to receive Personalized Recommendations (defined below) based on your data (including your personally identifiable information), and therefore the privacy and the security of your information is very important to us. Put simply, you are in charge of how your data flows through Crosshatch, meaning you get to choose from what sources we collect your data and which third parties receive your Personalized Recommendations based on that data. And, unless stated otherwise in this Privacy Notice or if you explicitly direct us, we will not grant access to nor disclose your raw data to any of the third party applications we work with (referred to in this Privacy Notice as our “App Partners”), as only Personalized Recommendations will be disclosed. Whereas many third party applications and platforms scrape the Internet for data which they use to serve and profile you, our goal is to put you in the driver seat when it comes to your data, allowing you to control data collection, access and disclosure through our solution, and our App Partners to more safely and securely personalize your experiences on their websites.

‍

At Crosshatch, You Control Your Data

So how does Crosshatch work?

Your Trusted Apps and Authorized Sources. With Crosshatch, you get to decide to which App Partners we will disclose the recommendations, insights and inferences we generate about you using applications (including artificial intelligence applications) and other tools based on your relevant data (including your personally identifiable information) and your interactions with and queries to such App Partners (such recommendations, insights and inferences referred to in this Policy as “Personalized Recommendations”). You do so by enabling disclosure of Personalized Recommendations only to the App Partner of your choice (those apps to which you’ve enabled us to disclose Personalized Recommendations, your “Trusted Apps”).

For each such Trusted App, you also select the data sources that we can access to allow us to create, using our applications (including artificial intelligence applications), Personalized Recommendations (those sources that you’ve enabled us to access, your “Authorized Sources”). Authorized Sources can include your online calendar, your email, payment card or social media accounts or certain other of your third-party applications.

Accordingly, not only do you have full authority to decide which of our App Partners become your Trusted Apps, you also have full authority to determine which Authorized Sources we can access in order to create the Personalized Recommendations that we will disclose to your Trusted Apps.

Changing Your Choices. As noted above, here at Crosshatch we believe that your data belongs to you and therefore endeavor to use it in ways that benefit you. On this basis, you have the power to change your elections with respect to your Trusted Apps and the collection of your data from your Authorized Sources within the Personal Data Manager at any time; however, please note that such elections will only affect our access to data and creation and disclosure of Personalized Recommendations on a going forward basis.

The Vault. In order to enhance your privacy, Crosshatch has created a more secure environment for our data processing to safeguard your data. Solely with your permission and at your direction, as described above, Crosshatch accesses your Authorized Sources and syncs your relevant data to Crosshatch’s online data management repository, referred to in this policy as the “Vault”. Once your relevant data has been uploaded to the Vault, only your chosen Trusted Apps will be granted permission, at your direction, to make queries to the Vault based on your interactions with the Trusted App. In response to such queries from your relevant Trusted Apps, Crosshatch will access your relevant data within the Vault to create, based on such data and using our applications, Personalized Recommendations that will be disclosed to the relevant Trusted App. This means that none of our other App Partners will have such rights to request or receive Personalized Recommendations until you decide otherwise and that your Trusted Apps won’t have direct access through the Vault to all of your data collected from Authorized Sources.

Disclosure of Personalized Recommendations to Your Trusted Apps. Where you’ve granted your Trusted Apps permission to make queries to the Vault, and chosen the relevant Authorized Sources from which Crosshatch can generate Personalized Recommendations, your Trusted Apps will have no ability to access the Vault or to export your raw data stored within the Vault. Therefore, the only data we will disclose to your Trusted Apps (and therefore the only data your Trusted Apps will receive from the Vault) are the Personalized Recommendations we create with your permission. In other words, our Services merely enable your Trusted Apps to receive the Personalized Recommendations that we generate about you in order to adjust their products and services for you based on the specified data usage you consented to when connecting your Trusted Apps and Authorized Sources through Crosshatch.

Important Disclosure Regarding Usage of Personalized Recommendations. Even though we endeavor to restrict your Trusted App’s usage of Personalized Recommendations to the specified use case disclosed to you at the time of connection, please remember that ultimately your Trusted Apps’ usage of Personalized Recommendations is pursuant to their own privacy practices. Accordingly, we encourage you to read and review your Trusted Apps’ privacy policies or terms of service to understand how they use and disclose your information, since, while we contractually obligate our App Partners to limit their use of such Personalized Recommendations to their stated use case, we cannot guarantee, and are therefore not responsible for, our App Partners’ privacy practices or data usage.

‍

Our Privacy Practices

In furtherance of our goal to build you a solution that puts you in control of your data, we want to be transparent with you about the role we play in the collection and processing of your information. Therefore, we have prepared this Privacy Notice to explain how we collect, access, use and disclose your personally identifiable information when you (1) sign up for a Crosshatch account, (2) permit us to collect your personally identifiable information from your Authorized Sources and (3) authorize us to create and disclose Personalized Recommendations to your Trusted Apps for the limited use cases disclosed by each such Trusted App, such as to explore your travel and locality preferences, entertainment choices or to provide financial insights (collectively, the “Services”). This Privacy Notice will further explain the rights and choices available to you, to the extent required by applicable law, to control our collection and processing of such information.

For the purposes of this Privacy Policy, “personally identifiable information” means any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual or household, as well as any other information related to a particular individual that constitutes “personal information,” “personal data” or “nonpublic personal information” under applicable privacy or data protection laws.

‍

What Personally Identifiable Information Do We Collect and From Where Do We Collect It?

We collect a variety of categories of personally identifiable information from you based on your use of and interaction with our Services as well as the Authorized Sources you connect us to when prompted to enable data syncing by one of our App Partners. For example, when you sign up for a Crosshatch account, we collect certain information about you (e.g., your name, username and password) that is distinct from the information we collect when you agree to sync your data from your Authorized Sources to the Vault (e.g., commercial or transactional information, health-related information or location data). Specifically, the categories of personally identifiable information we collect, and sources from which we collect it, include the following:

Information we collect from you, when you consent to provide it to us through your Authorized Sources. Depending on the sources you enable when you sync your data to the Vault via your Authorized Sources, we may collect, with your consent, the following categories of personally identifiable information, as applicable:

Identifiers, such as real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name or other similar identifiers;
Login data, such as your username and password, account number or a security token
Email or electronic communications, such as the content of your email, text or direct messages on electronic of other social media;
Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding your interactions with internet websites applications or advertisements;
Financial account and other commercial information, such as account information, records of products or services purchased, obtained or considered, and other transaction/purchase history;
Health-related data, such as your sleep patterns and quality, your diet or other nutritional information your fitness activities and goals, etc.;
Calendar data, such as your upcoming availability and/or recent or future appointments you’ve attended or plan to attend;
Location data, such as recent restaurants or retail locations you’ve visited
Inferences made about you based on data from your Authorized Sources, such as information used to create profiles about your preferences, characteristics, predispositions, behavior, attitudes and aptitudes; or
Data to help verify your identity or connect your accounts, such as date of birth, security questions and answers and one-time password.

As described above, you are in full control of which of your Authorized Sources can sync data to the Vault by electing to connect and sync your data from each relevant source when requested by the relevant App Partner. This means that the specific information we collect about you from the list above depends both on your consent and, where you’ve specifically agreed to such access, from which sources our App Partners request that we collect your data. As further described above in Changing Your Choices, you have the power to change your elections with respect to the collection of your data from your Authorized Sources within the Personal Data Manger at any time.

Information collected from you in connection with your Crosshatch account. When you create and maintain an account with us, we will collect the following categories of personally identifiable information to provide and administer your account:

Identification information, such as your email address and password, as well as the data needed to provide you with services that are reserved for registered users; and
Data to help verify your identity or connect your accounts, such as date of birth, security questions and answers and one-time password.

Information collected from the electronic device you use to connect. When you use a device, like your smartphone, tablet or computer, to connect to our Services through a third party application, we receive information (including personally identifiable information) about that device, including:

Device identifiers, such as device or mobile ID, internet protocol (IP) address, etc.;
Device information, such as time zone setting and location, device location; hardware model and operating system;
Technical data, such as which features within our Services you access, browser data and history and other technical data about the device.

Other sources, including service providers and identity verification services. When needed to provide our Services, or to help prevent fraud, abuse or other security threats, we may also receive information about you directly from third parties, including our services providers or identity verification services.

‍

Our Use of Your Personally Identifiable Information

As noted above, our primary use of your personally identifiable information is to put you in the driver seat when it comes to access to and disclosure of your data, allowing you to control data collection and access via the Vault, and our App Partners to more safely and securely personalize your experiences on their websites based on that data with your consent for specific use cases.

In addition to the purpose stated above and in order to operate our business and provide our Services, we may also use your personally identifiable information for the following purposes:

To provide and improve our Services, and to further conduct other internal operations necessary to run our business and provide other services to you;
To conduct research and development, including undertaking internal research to provide, develop, customize, maintain and improve our Services;
To create Personalized Recommendations for your Trusted Apps, based on the information we’ve collected about you, to help your Trusted Apps to provide services and/or a better user experience to you for the specified use case;

To provide support to you or to our App Partners, including to help respond to your inquiries related to our Services or App Partner’s products or services where you’ve consented;
To investigate any misuse of our Services or App Partner’s products or services, including suspected criminal activity or other unauthorized access to our Services;
To engage in business transactions, in the event we engage in a corporate sale, merger, reorganization, financing due diligence, investment, bankruptcy, receivership sale of assets, dissolution, transition of service to another provider, or similar event;
To satisfy legal and compliance obligations, including to comply with applicable law or respond to valid legal process, including from law enforcement or government agencies, to investigate or participate in civil discovery, litigation, or other adversarial legal proceedings, protect you, us, and others from fraudulent, malicious, deceptive, abusive, or unlawful activities, and to enforce or investigate potential violations of our Terms of Service or policies; or
For any other purpose with your consent

‍

With Whom Do We Disclose Your Personally Identifiable Information?

Remember that when you authorize an App Partner to become a Trusted App, you are directing us to disclose Personalized Recommendations to such App Partner (from the Authorized Sources you select) and therefore give us the permission and authority to act on your behalf to access and transmit your information (including your personally identifiable information) to your Trusted Apps from your chosen Authorized Sources for the provision of our and their products and services.

Accordingly, in connection with the Services, we may disclose your data (including your personally identifiable information) to the following third parties:

Your Trusted Apps, subject the Note About Your Trusted Apps below and your right to change your elections as set forth in Changing Your Choices above;
Our advisors, attorneys and others, to enforce any contract with you;
With our data processors and other service providers, partners, or contractors in connection with the services they perform for us or our App Partners, such as identity verification, fraud prevention payment processing or data storage services;
With our attorneys, advisors, accountants, regulators and others, if we believe in good faith that disclosure is appropriate to comply with applicable law, regulation, or legal process (like a court order or subpoena);
To third parties in connection with a future business transaction, such as in connection with a change in ownership or control of all or a part of our business or assets (e.g., a merger, acquisition, reorganization, or bankruptcy);
With third party service providers, advisors and others, as we believe reasonably appropriate to prevent malicious or fraudulent activities, or otherwise protect the rights, privacy, safety, or property of you, our App Partners, our payment processors, and others; or
For any other notified purpose with your consent or at your direction.

A Note About Your Trusted Apps. As discussed above, you have full control of which of our App Partners are authorized to be one of your Trusted Apps. Therefore, while some of the above disclosures are necessary for the operation of our business and/or performance of the Services, only you get to decide which App Partners qualify as Trusted Apps and therefore receive access to Personalized Recommendations based on relevant data from your chosen Authorized Sources. Furthermore, remember that once Personalized Recommendations are disclosed to your Trusted Apps, your Trusted App’s usage and disclosure of Personalized Recommendations is subject to their own privacy practices; therefore, we encourage you to read and review your Trusted Apps’ privacy policies or terms of service to understand how they use and disclose your information, since, while we contractually obligate our App Partners to limit their use of such Personalized Recommendations to the specified use case you consented to at the time of connection, we cannot guarantee, and are therefore not responsible for, our App Partners’ privacy practices or data usage.

We do not and will not sell or rent your personally identifiable information.

‍

How Long Do We Keep Your Personally Identifiable Information?

Unless you terminate your Crosshatch account or request deletion of your data held within the Vault, we retain your personally identifiable information for no longer than reasonably necessary to fulfill the purpose(s) set forth in this Privacy Notice, unless a longer retention period is required under applicable law. We consider the following criteria to determine our data retention periods:

The type of information collected and the purposes for which it was collected;
Whether you have requested retention or deletion of such information;
Whether we have a legitimate reason to retain such information;
Whether we have a legal obligations to retain such information (e.g., for backups, archiving and prevention of fraud or abuse) or where such retention is required by law; and
Whether it is advisable in light of our legal position or where we have a reasonable belief that we have a legitimate reason to do so.

‍

How Do We Protect Your Personally Identifiable Information?

The security and confidentiality of your personally identifiable information is important to us. That’s why we have technical, administrative and physical controls in place that are designed to protect your personally identifiable information from unauthorized access, use and disclosure. Even so, despite our reasonable efforts, no security measure is ever completely sufficient, perfect or impenetrable.

You are also responsible for keeping your personally identifiable information secure. We strongly recommend that you keep passwords unique from other identifiers such as your login information or account ID to help protect your privacy. In addition, you should make sure you only use trusted wireless connections in transmitting any personally identifiable information.

‍

What Rights Do You Have to Control Your Personally Identifiable Information?

Where required by applicable privacy laws, you may have the following rights to control our collection, disclosure and retention of your personally identifiable information:

Right to Know. The right to request that we identify to you (1) the categories of personally identifiable information we have collected or shared about you, (2) the categories of sources from which the personally identifiable information was collected, (3) the business purpose for which we use this information, and (4) the categories of third parties with whom we disclose or have disclosed your personally identifiable information for a business purpose;

Right to Access. The right to request that we provide you access to or disclose to you the specific pieces of personally identifiable information we have collected about you;

Right to Delete. The right to request that we delete personally identifiable information that we have collected from you, subject to certain exceptions (you can also request that we delete your Crosshatch account entirely which will also ensure deletion of your personally identifiable information synced from your Authorized Sources, subject to certain exceptions);

Right to Correct. The right to request that we correct inaccurate personally identifiable information (to the extent such an inaccuracy exists) that we maintain about you; and

The right to not be discriminated or retaliated against for exercising any of the above rights.

To exercise your privacy rights, you or your designated agent can contact us to submit any of the above types of requests by:

Emailing us at privacy@crosshatch.io; or
Calling us at [Coming Soon].

‍

Minors and Children Under 13

Our products and services are not intended for nor directed at minors and therefore we do not knowingly collect or access any personally identifiable information from any individual under the age of 18 or knowingly track the use of our products or services by minors. To the extent we have any personally identifiable information related to individuals under the age of 18, we have no actual knowledge that we “sell” or “share” (as such terms are defined in applicable privacy laws) such individuals’ personally identifiable information.

If you believe we might have any information (including personally identifiable information) from or about an individual under the age of 18, please contact us by: support@crosshatch.io

‍

How to Contact Us

If you have any questions or complaints, or you wish to send us comments about this Privacy Notice, please contact us: privacy@crosshatch.io

‍

Changes to this Privacy Notice

This Privacy Notice is effective as of the date that this Privacy Notice is posted. We may amend this Privacy Notice at any time. If we make any material change to this Privacy Notice, we will prominently post the updated Privacy Notice and indicate at the top when it was updated. If you disagree with our Privacy Notice changes, you may choose not to use or access our products or services, or request that we delete your account.

‍

California’s Shine the Light Law

Under California Civil Code Section 1798.83 (California’s “Shine the Light Law”), if you are a California resident and your business relationship with us is primarily for personal, family or household purposes, you may request certain data regarding our disclosure, if any, of personally identifiable information to third parties for the third parties’ direct marketing purposes.

To make such a request, please send an e-mail message to privacy@crosshatch.io with “Request for California Privacy Information” in the subject line. You may make such a request up to once per calendar year. If applicable, we will provide you, by e-mail, a list of the categories of personally identifiable information disclosed to third parties for their direct marketing purposes during the immediately preceding calendar year, along with the third parties’ names and addresses. Please note that not all disclosure of personally identifiable information is covered by Section 1798.83’s requirements.

Responding to Do Not Track Signals. Some browsers have a “Do Not Track” feature that lets you tell websites that you do not want to have your online activities tracked. These browser features are still not uniform, so we are not currently set up to respond to those signals.