Uphold Privacy Policy

Agnosys Technologies Limited ("Agnosys," "we," "us," or "our") is committed to protecting your privacy and ensuring transparency about how we collect, use, and share information. This Privacy Policy describes how we process your personal information when you use the Uphold mobile application, web services, or related tools (collectively, the "Service"). By using Uphold, you agree to the terms described below.

Introduction

Uphold is a habit-tracking and accountability app designed to help users reduce digital dependency and encourage in-person engagement. To provide accurate insights and accountability reporting, Uphold uses a secure Virtual Private Network (VPN) connection to track website domains and app usage patterns. This policy explains what data we collect, why we collect it, how we protect it, and your rights under applicable laws, including Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) and Nigeria's Data Protection Regulation (NDPR).

Information We Collect

We collect the following categories of information when you use the Service:

• Account Information: name, email address, and authentication credentials.
• Subscription and Billing Data: payment method, billing details, and transaction records (handled securely by third-party processors).
• Usage Information: device identifiers, IP address, operating system, and app activity.
• VPN Monitoring Data: anonymized logs of visited domains (not full URLs or page content) to generate reports and insights.
• Communication Data: messages and support requests sent to our team.
• Analytics Data: aggregated data on app performance and engagement to help improve user experience.

How VPN Data Is Processed and Protected

When VPN monitoring is activated, Uphold routes device traffic through a secure VPN tunnel to identify visited websites at the domain level. We do not inspect or record the content of communications, passwords, or message bodies. Collected domain data is encrypted in transit and at rest and used only to generate insights, usage summaries, and accountability reports. Users are notified during onboarding that VPN tracking is part of the service, and explicit consent is required before activation.

How We Use Your Information

We use personal and activity data to:

• Operate, maintain, and improve the Service;
• Provide personalized insights and wellness recommendations;
• Generate accountability reports for authorized partners;
• Communicate important updates, support messages, and security notices;
• Prevent misuse, enforce our Terms of Service, and comply with legal obligations.

We do not use VPN data for targeted advertising or profiling beyond app functionality.

Legal Bases for Processing

We process your data under the following legal bases:

• Consent: When you enable VPN tracking or create an account.
• Contractual necessity: To deliver the services you request.
• Legitimate interest: To improve product performance, ensure security, and promote digital wellness.
• Legal obligation: To comply with applicable laws or respond to lawful requests.

Users can withdraw consent or deactivate VPN tracking at any time via the app settings or by contacting us.

Accountability Partners and Reports

Uphold allows users to optionally share summarized activity reports with selected accountability partners. These reports contain aggregated domain-level insights and engagement summaries, not detailed browsing data. Accountability partners must consent to receiving such reports, and users can disable sharing at any time.

Cookies and Tracking Technologies

Uphold's website and web dashboard may use cookies, web beacons, or similar technologies to store preferences, authenticate users, and measure engagement. You can manage or disable cookies through your browser settings, but some functionality may be limited.

Data Retention and Deletion

We retain data only as long as necessary to provide the Service or as required by law. When you delete your account, your identifiable personal data and VPN activity logs are permanently deleted or anonymized within 30 days. Backups are securely destroyed within a reasonable timeframe thereafter.

Data Security

We use administrative, technical, and physical safeguards to protect your data, including:

• End-to-end encryption of VPN traffic data;
• Secure data centers with restricted access;
• Regular security assessments and encryption key rotation;
• Staff confidentiality agreements and access controls.

While we take all reasonable measures, no security system is impenetrable. You agree to use the Service responsibly and maintain the confidentiality of your login credentials.

International Data Transfers

Your information may be processed in Canada, Nigeria, or other jurisdictions where our servers and partners operate. We ensure appropriate safeguards, including contractual data protection clauses, are in place for international transfers in line with PIPEDA and NDPR requirements.

Your Rights

You have the following rights regarding your personal data:

• Access and obtain a copy of your data;
• Request correction or deletion of inaccurate or outdated data;
• Withdraw consent to data processing;
• Object to processing for legitimate reasons;
• Request data portability where technically feasible.

Requests can be made via email to clientservices@agnosyshealth.com. We respond within 30 days, subject to verification.

Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, or legal obligations. We will notify users of significant updates via email or in-app notice. Continued use of the Service after updates indicates your acceptance of the revised Policy.

Contact Information

If you have questions, concerns, or wish to exercise your privacy rights, please contact us at: