Ů App Private Beta Privacy Policy

This Privacy Policy explains how Alchemic Sonic Environment LLC, a company based in the United Arab Emirates, collects, uses, discloses, stores, and otherwise processes personal information in connection with the private beta testing of the Ů app, including related onboarding, application forms, communications, feedback processes, testing activities, and associated websites or forms used to manage the beta program.

This Privacy Policy is intended to support transparency requirements under applicable privacy laws, including the EU General Data Protection Regulation, the UK GDPR, and applicable U.S. privacy laws, including the California Consumer Privacy Act as amended by the California Privacy Rights Act.

1. Who We Are

Controller: Alchemic Sonic Environment LLC
Mailing Address: 1101 17, Al Salehmiyah Tower, Riggat Al Buteen, Baniyas Road, Deira, Dubai, PO Box 682155, Dubai
Website: www.alchemicsonicenvironment.com
Privacy and Support Email: connect@alchemicsonicenvironment.com
Data Protection Officer: Sohini Chowdhury
EU Representative: Sohini Chowdhury, connect@alchemicsonicenvironment.com
UK Representative: Sohini Chowdhury, connect@alchemicsonicenvironment.com

Where required by applicable law, Alchemic Sonic Environment LLC acts as the controller of personal data collected in connection with the private beta program.

2. Scope of This Privacy Policy

This Privacy Policy applies to personal information we collect when you apply to join the private beta, create or activate a beta account, use the beta version of the Ů app, communicate with us about the beta, submit bug reports, survey responses, or feature requests, participate in user research or testing sessions, or visit related sign up pages, landing pages, or support pages connected to the beta.

This Privacy Policy does not apply to third party websites, app stores, device manufacturers, operating system providers, analytics providers, or other third parties that may have their own privacy notices.

3. Eligibility and Children

The private beta is intended for adults and is not directed to children under 13. We do not knowingly collect personal information from children under 13 in connection with the private beta. If you believe a child under 13 has provided personal information to us, please contact us so we can investigate and, where appropriate, delete the information.

If local law requires a higher minimum age for valid consent to certain processing activities, we may apply that higher age threshold where required.

4. Information We Collect

Depending on how you interact with the private beta, we may collect the following categories of personal information.

4.1 Information you provide directly

• name
• email address
• phone number, if provided
• country, region, or time zone
• account login details or identifiers
• beta application responses
• onboarding wellness questions and self reported responses that you choose to provide
• mood check in responses and other wellbeing related responses that you choose to provide
• customer support messages
• survey responses
• interview notes or research responses
• content of bug reports, feature requests, or user feedback
• marketing or communications preferences

4.2 App, device, and usage information

• device type
• operating system and version
• app version
• language settings
• unique device or installation identifiers
• crash data
• performance logs
• diagnostic data
• approximate location inferred from IP address or device settings, where applicable
• dates and times of use
• session activity
• features accessed
• screens viewed
• interaction events
• playback activity

4.3 Microphone access and audio related information

The current beta requests microphone access.

The Ů app requests microphone access to enable spoken interaction during guided deep-listening sessions. When you use a voice-enabled feature, your speech is transcribed on your device. The resulting transcript is sent to our servers, where it is processed by an AI model to generate a personalized response. Both your transcript and the AI-generated response are stored on our servers as part of your session record. Audio recordings of your voice may also be uploaded to and stored on our servers. These records are retained consistent with the practices described in Section 12.

If microphone access is used within the beta, the app will request permission through your device. You may withdraw that permission at any time through your device settings, and where available through in app controls for optional features.

4.4 Features that may be implemented during beta testing

During the beta period, additional features may be introduced, including voice analysis, wearable integration, heart rate collection, or biofeedback. If any of these features are activated, we may collect the information you choose to submit or enable through them. Where required by law, we will provide a separate, specific notice and obtain any consent required before collecting health related, biometric, or similarly sensitive data.

5. Sources of Personal Information

We collect personal information directly from you, automatically from your device and your interactions with the beta, from service providers that support authentication, hosting, analytics, support, surveys, communications, or crash reporting, from app stores or platform providers to the extent they share information with us, and from other users who invite you to participate, where applicable.

6. How We Use Personal Information

• to review and manage beta applications
• to create and administer beta accounts
• to provide, operate, maintain, and improve the beta
• to personalize certain beta experiences, including based on mood and wellness related self reported inputs
• to troubleshoot issues and monitor performance, stability, and security
• to communicate with you about access, updates, support, policy changes, and beta administration
• to respond to questions, requests, and support tickets
• to collect and analyze user feedback
• to conduct product research, quality assurance, and internal analytics
• to protect against fraud, abuse, unauthorized use, and other harmful activity
• to enforce our terms, policies, and other legal rights
• to comply with legal and regulatory obligations
• to establish, exercise, or defend legal claims
• with your permission, or where otherwise permitted by law, to send limited updates about the beta or related offerings

We may also use aggregated or deidentified information for analytics, testing, product improvement, reporting, and research, provided that such information is not reasonably capable of being linked back to you.

7. Legal Bases for Processing Under EU and UK Law

If the EU GDPR or UK GDPR applies, we rely on one or more of the following legal bases, depending on the context.

• Contract, to take steps at your request before giving access to the beta and to provide and administer the beta where processing is necessary for that relationship
• Legitimate interests, to operate, secure, improve, test, evaluate, and manage the beta, communicate with testers, analyze usage, and resolve product issues, provided our interests are not overridden by your rights and interests
• Consent, where required, including for certain optional tracking technologies, optional research activities, or sensitive data processing
• Legal obligation, where processing is necessary to comply with applicable law
• Legal claims, where necessary to establish, exercise, or defend legal claims

Where we rely on consent, you may withdraw it at any time, but that will not affect the lawfulness of processing carried out before withdrawal.

8. Sensitive Data and Health Related Information

The current beta includes mood check in prompts, onboarding wellness questions, and microphone access. Depending on applicable law, certain responses of this kind may be treated as health related or otherwise sensitive personal data, particularly where they are used to infer mental or emotional state.

At this stage, we intend to treat the following categories with added care where they are collected through the beta.

• mood or emotional state check in responses
• self reported stress, calm, focus, fatigue, or similar wellbeing indicators
• microphone enabled inputs, to the extent they are used within beta features

The following features may be implemented during the beta testing period: voice analysis, wearable integration, heart rate collection, and biofeedback.

If any of these features are activated, we may collect the information you choose to submit or enable through them. Where required by law, we will provide a separate, specific notice and obtain your explicit consent or rely on another valid legal basis before processing health related, biometric, or similarly sensitive personal data.

We do not intend to collect sensitive personal data unless it is reasonably necessary for the beta feature you choose to use.

9. California Notice at Collection

If you are a California resident, we collect the categories of personal information described in this Privacy Policy for the business and commercial purposes described above. We do not collect more personal information than is reasonably necessary and proportionate for the disclosed purposes.

Depending on your interaction with the beta, we may collect the following categories of personal information under California law.

• identifiers
• customer records information
• internet or other electronic network activity information
• geolocation data, such as approximate location
• audio information, if collected or submitted through microphone enabled features
• professional or employment related information, if you choose to provide it in an application or survey
• inferences drawn from the above information to help evaluate beta experience or app performance
• sensitive personal information, only where you voluntarily provide it or where a feature specifically requests it and applicable law permits or requires that processing

We do not sell personal information for money. We do not share personal information for cross context behavioral advertising as those terms are defined under California law unless we specifically state otherwise and offer any rights required by law. We do not use or disclose sensitive personal information for purposes other than those permitted by applicable law unless we provide any additional notice and choices required.

10. Disclosure of Personal Information

We may disclose personal information to the following categories of recipients.

• hosting, cloud storage, and infrastructure providers
• analytics, diagnostics, and crash reporting providers
• customer support and communications providers
• authentication and security providers
• survey, scheduling, or research support providers
• professional advisers such as lawyers, auditors, insurers, and consultants
• regulators, law enforcement, courts, or other authorities when required by law or to protect rights and safety
• acquirers, investors, lenders, or counterparties in connection with a transaction involving all or part of our business, subject to appropriate confidentiality and legal safeguards

We require service providers and contractors to process personal information only on our instructions and to protect it appropriately, where required by law. Where third party service providers, SDK providers, analytics tools, crash reporting providers, hosting providers, authentication providers, or related entities receive access to personal information, we require them to provide the same or an equivalent level of protection for that personal information as described in this Privacy Policy and required by applicable law.

11. International Transfers and Storage

Because we are based in the United Arab Emirates and may use service providers in other countries, your personal information may be transferred to, stored in, or accessed from countries other than the country where you live. In particular, personal information collected through the private beta may be stored on servers located in the United States and the United Kingdom.

Where required by the EU GDPR or UK GDPR, we will implement appropriate safeguards for restricted transfers, which may include standard contractual clauses, the UK international data transfer addendum, adequacy decisions where available, or other lawful transfer mechanisms.

You may contact us to request further information about the safeguards relevant to your personal information, subject to applicable confidentiality and legal limitations.

12. Data Retention

We retain personal information for as long as reasonably necessary for the purposes described in this Privacy Policy, including to administer the beta, evaluate results, improve the app, maintain appropriate business records, resolve disputes, enforce agreements, and comply with legal obligations.

Retention periods may vary depending on the type of information and the reason we collected it. In general, beta application and account information is retained for the duration of the beta and a reasonable period afterward, support, diagnostics, and security logs may be retained for troubleshooting, fraud prevention, and compliance purposes, and feedback, survey responses, and research outputs may be retained to support product development and internal records. Where information is no longer needed, we will delete it, anonymize it, or securely store it in a form that limits active use, unless retention is required by law.

13. Your Privacy Rights

Depending on where you live and subject to applicable law, you may have the right to request access to personal information we hold about you, request correction of inaccurate personal information, request deletion of personal information, request restriction of processing, object to certain processing, withdraw consent where processing is based on consent, request portability of certain personal information, opt out of certain profiling, targeted advertising, sale, or sharing activities where applicable, appeal a decision we make about your privacy rights request where applicable under U.S. state law, and lodge a complaint with a supervisory authority or regulator.

If you are in the EU or UK, you may also have the right to object to processing based on legitimate interests and the right to lodge a complaint with your local data protection authority or the UK Information Commissioner’s Office, as applicable.

If you are a California resident, you may have the right to know what personal information we collect, use, disclose, and retain, request deletion of personal information subject to exceptions, request correction of inaccurate personal information, know the categories of sources from which personal information is collected, know the categories of third parties to whom personal information is disclosed, know whether we sell or share personal information, limit the use and disclosure of sensitive personal information where applicable, and not be discriminated against for exercising your privacy rights.

14. How to Exercise Your Rights

To exercise your privacy rights, please contact us at connect@alchemicsonicenvironment.com or by mail at 1101 17, Al Salehmiyah Tower, Riggat Al Buteen, Baniyas Road, Deira, Dubai, PO Box 682155, Dubai.

We may need to verify your identity before responding to your request. In some cases, we may ask for additional information reasonably necessary to verify the request and protect personal information.

Where processing is based on your consent or device permissions, you may withdraw consent at any time by changing your device settings, disabling optional features in the app where available, or contacting us at connect@alchemicsonicenvironment.com.

You may also authorize an agent to make certain requests on your behalf where permitted by law. We may request proof of the agent’s authority and may require identity verification.

If you are entitled to appeal a decision on a privacy request, you may do so by contacting us at connect@alchemicsonicenvironment.com.

15. Security

We use reasonable administrative, technical, and organizational safeguards designed to protect personal information against unauthorized access, loss, misuse, alteration, or disclosure. However, no method of transmission over the internet or method of storage is completely secure, and we cannot guarantee absolute security.

16. Third Party Services and Platform Providers

The beta may be distributed or supported through third party platforms, including app stores, analytics tools, communications tools, survey tools, crash reporting services, hosting providers, or identity providers. Those third parties may process personal information under their own privacy notices and contractual arrangements. You should review the privacy notices of relevant third parties, including the app store or platform through which you access the beta.

17. Automated Decision Making and Profiling

We do not engage in automated decision making that produces legal or similarly significant effects on individuals in connection with the private beta unless we explicitly tell you otherwise and comply with applicable legal requirements.

If we use limited analytics, personalization, or inference tools to improve the beta experience, such processing will not be used to make legally significant decisions about you without additional notice where required.

18. Testimonials, Feedback, and User Research

If you provide feedback, participate in interviews, submit testimonials, or otherwise contribute ideas about the beta, we may use that information to evaluate and improve the app and related services. If we want to publicly attribute a testimonial, quote, name, likeness, or identifiable statement to you, we recommend using a separate release or consent mechanism.

19. Do Not Track and Similar Signals

Some browsers and devices may offer privacy preference signals, including Do Not Track or similar technologies. Because there is not a universally adopted standard for all such signals, we do not currently respond to them unless required by applicable law. If we are required to recognize a legally binding opt out preference signal, we will do so to the extent required.

20. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will post the updated version and revise the effective date above. Where required by law, we will provide additional notice or obtain consent.

21. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at:

Alchemic Sonic Environment LLC
1101 17, Al Salehmiyah Tower, Riggat Al Buteen
Baniyas Road, Deira, Dubai, PO Box 682155, Dubai
Email: connect@alchemicsonicenvironment.com
Data Protection Officer, EU and UK Representative: Sohini Chowdhury