Privacy Policy

1. Introduction

UpLevel Technologies LLC ("UpLevel", "we", "us", or "our") operates multiple technology platforms and applications including:

• AirFrens® - Digital collectibles and social platform (airfrens.com)
• Vessel - AI-powered therapy enhancement platform (vesseltherapist.com)
• Fram3s - Next-generation digital platform (fram3s.com)
• Bit3 Wallet - Cryptocurrency wallet for Aptos blockchain (bit3wallet.com)
• FomoCam - AI photo sharing and creator monetization app (fomocam.app)

This Privacy Policy describes how we collect, use, store, and protect your personal information across all our platforms and services (collectively, the "Services").

By using our Services, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use our Services.

2. Information We Collect

2.1 Information You Provide

• Account Information: Email address, username, display name, password, and profile information
• Payment Information: Payment method details, billing address, and transaction history (processed through secure third-party payment processors)
• Wallet Information: (Bit3 Wallet) Public wallet addresses and transaction data on blockchain networks
• Therapeutic Data: (Vessel) AI-guided reflections, emotional themes, therapy session notes, and related mental health information
• User Content: Photos, NFTs, digital collectibles, posts, comments, and other content you create or upload
• Communications: Messages, support tickets, and correspondence with us or other users

2.2 Information Collected Automatically

• Device Information: Device type, operating system, browser type, IP address, device identifiers
• Usage Data: Pages viewed, features used, time spent, click patterns, and interaction data
• Location Data: Approximate location based on IP address (we do not collect precise GPS location)
• Blockchain Data: Public blockchain transactions and wallet interactions
• Cookies and Tracking: Cookies, web beacons, and similar technologies (see Cookie Policy below)

2.3 Information from Third Parties

• Social Media: Profile information when you connect social media accounts
• Authentication Providers: Authentication data from third-party login services
• Analytics Providers: Usage analytics and performance data
• Blockchain Networks: Public transaction data from blockchain networks (Aptos, etc.)

3. How We Use Your Information

3.1 Service Delivery

• Provide, maintain, and improve our Services
• Process transactions and manage digital assets
• Enable social features and user interactions
• Deliver AI-powered features and personalized experiences
• Facilitate NFT creation, minting, and marketplace transactions

3.2 Healthcare Compliance (Vessel)

For Vessel, we handle Protected Health Information (PHI) in compliance with HIPAA regulations:

• Provide AI-guided therapeutic tools and insights
• Generate therapy reports for patients and licensed therapists
• Store therapeutic data with end-to-end encryption
• Maintain audit logs for HIPAA compliance

3.3 Communication

• Send service-related notifications and updates
• Respond to your requests and support inquiries
• Send marketing communications (with your consent)
• Notify you of platform updates and new features
• Send SMS/text messages (with your express opt-in consent)

3.3.1 SMS and Text Messaging

We may offer SMS/text messaging services to communicate with you about our Services. By providing your mobile phone number and opting in to receive text messages, you expressly consent to receive:

• Transactional messages (account verification, security alerts, order confirmations)
• Service notifications (appointment reminders, status updates, platform alerts)
• Marketing messages (promotions, new features, special offers) - only with separate opt-in consent

Important SMS Terms:

• Consent: Your opt-in consent is not a condition of purchase or use of our Services
• Message Frequency: Message frequency varies depending on your usage and preferences. You may receive up to 10 messages per month for marketing messages, and unlimited transactional messages
• Carrier Rates: Message and data rates may apply. Check with your mobile carrier for details
• Supported Carriers: Compatible with major US carriers including AT&T, Verizon, T-Mobile, Sprint, and others
• Opt-Out: You can opt-out at any time by texting STOP to any message. You will receive a confirmation message. After opting out, you will no longer receive SMS messages from us (except as required by law)
• Help: For help, text HELP to any message or contact us at support@uplevel.llc
• Privacy: We collect your mobile phone number, carrier information, and message interaction data (delivery status, opt-out requests). This information is used solely for providing SMS services and is protected in accordance with this Privacy Policy

Proof of Consent: We maintain records of your SMS opt-in consent, including the date, time, method of consent, and the mobile number provided. You may request a copy of your consent record by contacting us at privacy@uplevel.llc

Vessel: For Vessel users, SMS messages may include appointment reminders and therapeutic session notifications. These messages may contain Protected Health Information (PHI) and are sent only with your explicit consent and in compliance with HIPAA regulations.

3.4 Security and Fraud Prevention

• Detect and prevent fraud, abuse, and illegal activities
• Protect the security and integrity of our Services
• Enforce our Terms of Service and policies
• Comply with legal obligations and law enforcement requests

3.5 Analytics and Improvement

• Analyze usage patterns and trends
• Conduct research and development
• Improve AI algorithms and recommendations
• Test new features and optimize user experience

4. Data Sharing and Disclosure

4.1 With Your Consent

We may share your information when you explicitly authorize us to do so.

4.2 Service Providers

We share data with trusted third-party service providers who assist us in:

• Cloud hosting and infrastructure (AWS, Google Cloud, Vercel)
• Payment processing (Stripe, Apple Pay, Google Pay)
• Analytics and monitoring (PostHog, Vercel Analytics)
• Email and communications (Resend)
• Customer support and helpdesk services

4.3 Blockchain Networks

Transactions on blockchain networks (Aptos, etc.) are public and permanently recorded. This includes:

• Wallet addresses
• Transaction amounts and timestamps
• NFT ownership and transfers
• Smart contract interactions

4.4 Therapists (Vessel Only)

For Vessel, therapeutic data is shared with your designated licensed therapist(s) to facilitate your care. This sharing is covered under HIPAA regulations and your consent.

4.5 Legal Requirements

We may disclose your information when required to:

• Comply with legal obligations, court orders, or government requests
• Enforce our Terms of Service and protect our rights
• Protect the safety and security of our users and the public
• Prevent fraud, abuse, or illegal activities

4.6 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

4.7 Public Information

Information you choose to make public, including:

• Public profile information and usernames
• Posts, photos, and content shared publicly
• NFTs and digital collectibles you create or own
• Blockchain transactions and wallet addresses

5. Data Security

We implement industry-standard security measures to protect your information:

• Encryption: End-to-end encryption for sensitive data, HTTPS/TLS for data in transit
• Access Controls: Role-based access controls and multi-factor authentication
• Apple Keychain: (Bit3 Wallet) Secure storage using Apple Keychain Services
• HIPAA Compliance: (Vessel) HIPAA-compliant infrastructure and processes
• Regular Audits: Security audits, penetration testing, and vulnerability assessments
• Data Backups: Regular encrypted backups with disaster recovery procedures

However, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

6. Data Retention

We retain your information for as long as necessary to:

• Provide our Services and fulfill the purposes described in this Privacy Policy
• Comply with legal obligations and regulatory requirements
• Resolve disputes and enforce our agreements
• Maintain security and prevent fraud

Vessel: Therapeutic data is retained for 7 years after account closure to comply with healthcare record-keeping requirements.

Blockchain Data: Data recorded on blockchain networks is permanent and cannot be deleted.

You may request deletion of your account and data at any time (subject to legal retention requirements).

7. Your Privacy Rights

7.1 Access and Portability

• Request access to your personal information
• Receive a copy of your data in a portable format
• View your account information and settings

7.2 Correction and Update

• Update or correct your personal information
• Modify your profile and preferences

7.3 Deletion

• Request deletion of your account and personal data
• Note: Blockchain data cannot be deleted; HIPAA requires 7-year retention for Vessel

7.4 Opt-Out

• Unsubscribe from marketing emails
• Disable certain data collection features
• Withdraw consent for data processing

7.5 California Privacy Rights (CCPA)

California residents have additional rights:

• Right to know what personal information is collected
• Right to know if personal information is sold or disclosed
• Right to opt-out of the sale of personal information (we do not sell personal information)
• Right to non-discrimination for exercising privacy rights

7.6 European Privacy Rights (GDPR)

EU/EEA residents have additional rights:

• Right to rectification and erasure
• Right to restrict or object to processing
• Right to data portability
• Right to withdraw consent
• Right to lodge a complaint with supervisory authorities

To exercise your privacy rights, contact us at privacy@uplevel.llc

8. Cookies and Tracking Technologies

We use cookies and similar technologies to:

• Remember your preferences and settings
• Authenticate your account and maintain sessions
• Analyze usage patterns and improve our Services
• Deliver personalized content and recommendations
• Measure advertising effectiveness

You can control cookies through your browser settings. Disabling cookies may limit functionality.

Types of Cookies We Use:

• Essential Cookies: Required for basic functionality
• Analytics Cookies: Help us understand how users interact with our Services
• Preference Cookies: Remember your settings and preferences
• Marketing Cookies: Used for advertising (with your consent)

9. Children's Privacy

Our Services are not intended for children under 13 years of age (or 16 in the EU). We do not knowingly collect personal information from children.

Vessel: Users must be 18+ or have parental consent for therapy services.

If we discover we have collected information from a child without proper consent, we will delete that information promptly.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Adequacy decisions for certain countries
• Binding Corporate Rules where applicable

By using our Services, you consent to the transfer of your information to the United States and other countries.

11. Third-Party Links and Services

Our Services may contain links to third-party websites, applications, and services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

• Posting the updated policy with a new "Last Updated" date
• Sending an email notification to your registered email address
• Displaying a prominent notice on our Services

Your continued use of our Services after changes become effective constitutes acceptance of the updated Privacy Policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

14. Specific Product Privacy Information

AirFrens®

• NFT and digital collectible ownership is publicly visible on blockchain
• Marketplace transactions are recorded on-chain
• Community posts and interactions may be publicly visible

Vessel

• HIPAA-compliant handling of all therapeutic data
• End-to-end encryption for all health information
• Business Associate Agreements (BAAs) with all sub-processors
• Right to access your health records at any time
• 7-year retention period for medical records

Bit3 Wallet

• Private keys stored securely using Apple Keychain Services
• We never have access to your private keys
• All blockchain transactions are public and permanent
• Transaction history linked to your wallet addresses

FomoCam

• Photos you upload are processed using AI enhancement
• Top 10 daily photos may become public NFTs
• AI model data does not store or retain your original images
• Leaderboard and engagement metrics are publicly visible

Fram3s

• Pre-launch data collection is limited to email addresses for notifications
• Full privacy terms will be provided at product launch