Baila Logo

Baila

Privacy Policy

Last Updated: May 1, 2025

Introduction

Baila ("We", "Us", "Our" and/or "Platform") takes User and/or Client ("You", "Your" and/or "Client") privacy seriously and provides this Privacy Policy to clarify best practices since they relate to information collected and/or processed through www.bailaapp.com (Our "Website" App, and/or "Site").

This Privacy Policy (the "Policy" or "Privacy Policy") explains what information we collect from you, why we collect it, and how we process, use, and/or disclose the data we receive from you in connection with our services (the "Service"). By using the Service, you consent to the practices described in this Policy.

The Privacy Policy is construed in accordance with international data protection laws and best practices together with any implementing regulations and sets out and executes key principles of data protection laws:

  1. Lawfulness
  2. Fairness and transparency
  3. Purpose limitation
  4. Data minimization
  5. Accuracy
  6. Storage limitation
  7. Integrity and confidentiality (security)
  8. Accountability

We only collect the personal data we need for our specified purposes as set out in the foregoing Privacy Policy. We periodically review the data we hold and delete anything we don't need. We may update this Policy from time to time and we will post updates together with the most recent date of modification. You are encouraged to revisit this page on a regular basis to find out changes in our Privacy Policy. Your continued use of the Site will be deemed your acceptance of those modifications. Therefore, if you do not agree to changes in our Privacy Policy you shall stop visiting our Site.

Personal Information

"Personally Identifiable Information" (the "Personal Information") refers to details collected on the Internet about an individual consumer, including an individual's first and last name, a physical street address, an email address, a telephone number, or any other information that permits a specific individual to be contacted physically or online.

Data Controller

Baila is a "Controller" of all personal data collected and used to provide Site and/or App and for any other purposes set out in this Privacy Policy. This means that we are responsible for deciding how and why your data is used and for ensuring that your data is handled legally and safely.

If you have any questions about this privacy policy, the data collection and processing practices of this platform, or your dealings with our Service, please contact us at: Leigh@leighthompson.com

Collection of Data

We collect various types of personal data (that identifies a person, directly or indirectly) either directly from you (e.g., when you sign up for an account, or send us a message through our Platform). The types of data include, but are not limited to:

  • Email address
  • First name
  • Last name
  • Password
  • Usage Data
  • Unique Device Identifiers
  • Demographic Data

Purposes of Data Processing

When we collect any personal information, we will do our best to store and process it securely. We will comply with our obligations and safeguard your rights under the applicable laws at all times. We process your data for the following purposes:

  1. Provision of our Service. To allow you access and use our Service.
  2. Enhance User Experience. To enhance our services and give you a better user experience when you use our Service.
  3. Diagnosis & Troubleshooting. To diagnose problems with our servers and to administer our Platform.
  4. Security. To prevent, detect and investigate illegal activities, breaches of any agreements entered into between you and us and threats to the security of the Service.
  5. Statistics. To produce aggregate statistical information about users and their activities on our Service that does not identify any person.
  6. Legal & Compliance. To investigate any claims or disputes concerning the use of our Service.
  7. Research & Development. To improve and enhance the safety and security of our Service, as well as to design and develop new features and products relating to the Service.

Sharing of Your Information

When we provide our Service we share personal information with other parties. When we share your personal information, we do our best to ensure that it is stored and handled as securely as it is with us. We may share your personal information with the following categories of recipients:

Service Providers. We use third-party service providers to provide our services to you which may have access to your data in limited circumstances. We ensure that these service providers do not make use of your personal data for any secondary purposes other than our express written instructions. The following are the categories of such service providers:

  • Hosting Service Providers - to host our Service, database (or parts thereof) and media files;
  • Payment Processors - to process payments;
  • Web Analytics Providers - to analyze how you interact with us;
  • Email Marketing Providers - to manage our marketing and promotional emails;
  • Chat Service Providers - to allow you to interactively communicate with us;

Business Transfers. If we ever sell, transfer, or merge parts of our business or assets, your data may be transferred to a third party. Any new owner of our business may continue to use your data in the same way that we have used it, as specified in this privacy policy (i.e. to communicate with you).

Law Enforcement. In some limited circumstances, we may be legally required to share certain data, which may rarely include your personal data, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority.

Staff. We may share some personal information about you with our employees, or independent contractors. We ensure that they handle your personal data according to this privacy policy, applicable laws and our internal policies.

Your Privacy Rights

Under applicable data protection laws, you have the following rights regarding the personal data we hold about you:

  • The right to be informed about our collection and use of your personal data. This Privacy Policy should tell you everything you need to know, but you can always contact us to find out more or to ask any questions you may have.
  • The right to access the personal data we maintain about you.
  • The right to have your personal data rectified if any of your personal data held by us is inaccurate or incomplete.
  • The right to be forgotten, i.e. the right to ask us to delete or otherwise dispose of any of your personal data that we hold.
  • The right to restrict (i.e. prevent) the processing of your personal data.
  • The right to object to us for using your personal data for a particular purpose or purposes.
  • The right to withdraw consent. This means that, if we are relying on your consent as the legal basis for using your personal data, you are free to withdraw that consent at any time.
  • The right to data portability. This means that, if you have provided personal data to us directly, we are using it with your consent or for the performance of a contract, and that data is processed using automated means, you can ask us for a copy of that personal data to re-use with another service or business in many cases.
  • Rights relating to automated decision-making and profiling. We do not use your personal data in this way.

How to Exercise Your Rights

To exercise any of these rights, please contact us. We aim to respond within three (3) business days of receiving a clear request. Complex or multiple requests may take longer, but we will keep you updated.

Note that conditions or limitations on these rights may apply depending on your legal jurisdiction.

Data Retention Period

We will keep your personal information only as long as is reasonably necessary for the purposes described in this privacy policy, or for a longer period as may be required by applicable laws. You can always request that we suspend or remove your personal data by writing to Leigh@leighthompson.com

Security Measures

We maintain physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of personal information. We also apply access restrictions to your personal data by our employees. Furthermore, we ensure to educate and train our employees about the importance of privacy and data protection continuously.

We use Secure Sockets Layer (SSL) encryption to protect the information you enter in the App or on the Website during its transmission to and from our Service.

When storing personal information, we protect its security by encryption and pseudonymization of data.

Although we take all these measures to maintain the safety and security of your personal information, you should be aware that no transmission over the Internet can ever be guaranteed to be secure. Therefore, we cannot fully guarantee the security of any personal information that you transfer over the Internet to us.

Third-Party Links

Our Service might include links to third-party websites to enhance user experience. These sites are not operated or controlled by us, and we assume no responsibility for their content, privacy policies, or practices. These third-party sites have their own policies and we urge users to review them before using their sites and services. Linking does not imply endorsement in any way and your use of these sites is at your own risk. We shall not be liable for damages arising from the use of third-party sites.

Children's Information

We recognize the importance of protecting the privacy and safety of children. Our Service is not designed for, targeted at, or intentionally marketed to children under the age of 18. We do not knowingly collect, use, or disclose personal data from children under 18 years of age.

We explicitly prohibit individuals under the age of 18 from using our Service. If we learn that we have inadvertently collected personal data from a child under 18 without the required parental consent, we will take immediate steps to delete such information and terminate the child's account.

If you are a parent or legal guardian and you believe that your child under the age of 18 has submitted personal information to us you can contact us at Leigh@leighthompson.com. We will promptly investigate the concern and, if necessary, remove the child's personal data from our records and deactivate any associated accounts.

International Transfer of Data

Your information, including personal data, may be transferred to and maintained on computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction. By using our Website, App or our services you consent to any transfer, storage or processing of your personal information outside of your country.

We rely on the fact that you have been properly informed in this privacy policy about us and our data processing activities, and by choosing to continue using our services you are deemed to have given us consent for the transfer of your personal information internationally. However, we will take all steps reasonably necessary to ensure that personal information is treated securely and in accordance with this Privacy Policy.

Cookies & Tracking

(a) What are Cookies?

We use cookies and other tracking technologies (collectively, "Cookies") on our Service. Cookies are small text files that may be stored on your device (e.g., computer, mobile phone, or other device) when you visit a website or App. They are generally used to facilitate browsing on the website or App, track actions within the website, measure website performance, and remember your preferences and login details, among other purposes.

(b) Why do we use Cookies?

These technologies allow us to deliver our Service to you and enhance your experience with us. We do not place any cookies on your device before obtaining your consent (except for the strictly necessary cookies which allow our Service to function).

The category of cookies is presented to you when we ask your consent to install cookies on your device. You can always change your cookie preferences.

(c) How to delete cookies?

It is you who decides whether we can set cookies on your device. You are also able to configure your browser to accept or reject cookies by default through your browser settings. You can refer to the official information provided by your browser software provider on how you can deactivate and delete cookies.

In the event that you set your browser to reject all cookies or delete our cookies, that may lead to the unavailability to access to some or all of the Service provided by us and that your experience when you use our Service may be less satisfactory.

Fair Information Principles

This privacy policy is crafted to align with the fair information principles established by the applicable international laws. In this policy, we detail our adherence to these principles. Below is a summary of the measures we take to ensure compliance.

Principle 1 - Accountability. We are committed to safeguarding your information. We oversee our compliance efforts and are available for contact on an ongoing basis using the details provided in the designated section of our Privacy Policy.

Principle 2 - Identifying purposes. We have identified the purposes of processing in the relevant section of this privacy policy.

Principle 3 - Consent. We make every effort to obtain consent before collecting personal information, although local laws may differ. You can contact us using the details provided in this Privacy Policy to request the deletion of your information.

Principle 4 - Limiting Collection. Personal data collected is limited to that which is necessary for the purposes identified in this privacy policy.

Principle 5 - Limiting Use, Disclosure, and Retention. We use your personal information only for the purposes for which it was collected. Details on the use, disclosure, and retention of your personal information are provided in the corresponding sections of this privacy policy.

Principle 6 - Accuracy. We keep any information accurate, complete and up-to-date. Where there are changes in the information we retain about you, you are encouraged to submit a request to make changes.

Principle 7 - Safeguards. We protect your personal information with appropriate safeguards, as outlined in the relevant section of this Privacy Policy, and ensure that our service providers implement suitable technical and organizational measures to protect your information from security breaches.

Principle 8 - Openness. We are open regarding our data collection and processing practices. You can find information about how we collect, use, process and disclose personal information in this privacy policy.

Principle 9 - Individual Access. You can submit a request to access your information we hold about you. You can use the contact details to get in touch with us.

Principle 10 - Challenging Compliance. You are welcome to direct any questions or inquiries concerning our compliance with this privacy policy to us.

Supplementary Notice to EU/UK Residents

The General Data Protection Regulation of the EU and the UK (collectively the "GDPR") gives the residents of the EU/UK certain rights when their personal data is being collected and processed. We are committed to complying with the GDPR, as far as it applies to us, and we have embedded data protection by design and default into our Service.

This privacy policy, in its entirety, conforms with the information disclosure obligations set out under the GDPR. Therefore, EU/UK residents should read the entire privacy policy to find out how we handle their personal information.

(a) Data Subjects Rights
As an EU or UK resident, you are entitled to the rights outlined in Chapter 3 of the GDPR, and we are committed to upholding them. These rights are also detailed in the relevant section of this Privacy Policy.

(b) International Transfer of Data
If you are a resident of the EU/UK, you should be aware that when you access and use our Service your personal information will be transferred to countries located outside the EU/UK. We rely on several legal bases to lawfully transfer your personal data outside of your jurisdiction, including:

  • Adequacy decision of the EU Commission, and, as applicable, the UK Government.
  • Standard Contractual Clauses (SCC) approved by the European Commission, or international data transfer agreements (IDTA) or international data transfer addendum adopted by the UK Government.

(c) Exercising Your Data Protection Rights
You may exercise your rights of access, rectification, cancellation, erasure, and opposition by contacting us. Please note that we may ask you to verify your identity before responding to such requests, such as by asking you questions about your use of the Service. If you make a request, we will try our best to respond to you as soon as possible.

Supplementary Notice to California Residents

If you are a consumer residing in California, the following section is relevant to you. It's important to be aware that the laws mentioned below may not always apply to us, as there are specific criteria that must be met for their application.

(a) California Shine the Light Law
California's Shine the Light Law, also known as the California Civil Code Section 1798.83 gives California residents the right to request information about how businesses share their personal information with third parties for direct marketing purposes.

Residents of California may ask us to provide them with a list of the types of personal information that we have disclosed during the preceding year to third parties for their direct marketing purposes, and the identity of those third parties. If you are a California resident and would like such a list, please contact us at Leigh@leighthompson.com

For all such requests, please indicate "CA Shine the Light" in the subject field and include your full name, email address, street address, city, state, and zip code in your request.

(b) California Consumer Privacy Act
The California Consumer Privacy Act of 2018 ("CCPA") and California Privacy Rights Act of 2020 ("CPRA") provide certain rights to residents of California. This section applies if you are a natural person who is a resident of California ("California Consumer") and use our Service. This notice supplements the information in our privacy policy. Certain terms used below have the meanings given to them in the CCPA and CPRA.

For more details on the categories of personal information, the purposes for which we collected such information and the sources from which we obtain your personal information contact us at Leigh@leighthompson.com

(c) Sale/Sharing of Your Data
We do not sell your personal data. We will share the personal information collected from and about you over the past twelve (12) months as discussed in this privacy policy for various business purposes.

(d) Your Privacy Rights and Choices
In addition to rights of access, correction and deletion, as described in the privacy policy, California Consumers may have certain additional rights in connection with the personal data we collect about you, many of which are subject to exceptions under applicable law:

  • The right to access, disclosure and portability. You may have the right to request, twice during twelve months, the following information about the personal data we have collected about you:
    • the categories and specific pieces of personal information we have collected about you;
    • the categories of sources from which we collected the personal information;
    • the business or commercial purpose for which we collected or sold the personal information;
    • the categories of third parties with whom we shared the personal information;
    • the categories of personal information that we sold or disclosed for a business purpose, and the categories of third parties to whom we sold or disclosed that information for a business purpose; and
    • the specific pieces of personal information we obtained from you in a format that is easily understandable, and to the extent technically feasible, in a structured commonly used, machine-readable format.
  • The right to nondiscrimination. We will not discriminate against you, alter our pricing, or offer a different standard of goods and services based on your decision to exercise these rights.
  • The right to opt-out of the sale or sharing of your personal information. You have the right to opt out of the sale or sharing of your personal information. California law broadly defines sale such that it may include allowing third parties to receive certain information, such as cookies IP address and/or browsing behavior, to deliver targeted advertising.
  • The right to limit the use of sensitive personal information. You possess the right to demand that we restrict the use or sharing of your confidential personal data strictly to what is essential for executing the services or delivering the goods you have solicited. We do not collect or share your sensitive information.

(e) How to exercise your access, correction and deletion rights.
California residents may exercise their California privacy rights, as far as applicable, by submitting a request via email at Leigh@leighthompson.com

Once we have verified your identity (and your agent, as applicable), we will respond to your request as appropriate. If we are unable to complete your requests fully for any of the reasons, we will provide you additional information about the reasons that we could not comply with your request.

(f) Authorized Agents
You have the option to appoint a representative (authorized agent) to submit requests on your behalf regarding your rights under the CPRA as outlined previously. We will undertake measures to confirm the identity of the individual attempting to exercise their rights as mentioned, and to verify that your representative is authorized to act on your behalf, either through a signed written authorization or a power of attorney provided to us.

CAN-SPAM Act

The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.

We collect your email address in order to:

  • Send information, respond to inquiries, and/or other requests or questions.
  • Process orders, send information and updates pertaining to orders.
  • We may also send you additional information related to our product and/or service.
  • Market to our mailing list or continue to send emails to our clients after the original transaction has occurred.

To be in accordance with CAN-SPAM we agree to the following:

  • NOT use false, or misleading subject lines or email addresses.
  • Identify the message as an advertisement in some reasonable way.
  • Monitor third-party email marketing services for compliance, if one is used.
  • Honor opt-out/unsubscribe requests quickly.
  • Allow users to unsubscribe by using the link at the bottom of each email.

If at any time you would like to unsubscribe from receiving future emails, you can follow the instructions at the bottom of each email, and we will promptly remove you from all correspondence.

Changes to Privacy Policy

This privacy policy may be amended by us from time to time. This may be done out of necessity (e.g., in order to reflect changes in the applicable laws), or if we change our business in a way that affects personal data protection.

Any changes will immediately be posted on our website and you will be deemed to have accepted the terms of the updated privacy policy on your first use of our Service following the amendments. Therefore, we strongly recommend you to revisit this page and check our privacy policy regularly in order to keep up-to-date.

Contact Information

Please submit any questions, concerns, or comments you have about this Privacy Policy or any request concerning your Personal Information to Leigh@leighthompson.com