Last Revised: March 19, 2021

Changelog will be listed for all future commits. This Privacy Policy is meant to provide you with the information regarding how we, at SMART Solutions Ltd (”iBACK”), collect personal data relating to you, where do we collect it from, how do we process it, who do we share it with, how do we secure it, and how can you enforce your legal rights for cease of processing, amendment, deletion and ratification.

This Privacy Policy is not meant to be confusing. We made our best to make it human-readable and to ensure that this information is brought to you in a manner which allows you to consider whether you consent to our use of this personal data, or whether you wish for us not to provide you with the services.

Note that you are under no legal obligation to provide us with any personal data, and that your consent is the sole basis for our use of it.

For Clarity, Upright may offer certain services made available to users on a computer, device or tablet computer owned or controlled by the user, related to the tracking of your posture while using a desktop application, (the “Desktop Services“). This Privacy Policy does not govern your use of the Desktop Services. The Privacy Policy applicable to the Desktop Services, as may be updated from time to time, is available at:

a. How Do We Collect Personal Data?

We collect personal data in the following methods: First, we collect personal data when you register to our services or order our products. We do so by taking the personal data you filled out in our forms, as well as your use of the websites and applications. Then, we collect personal information when we interact with you: when you contact us through our support systems, when you send us emails or when you contact us via phone. We also use the device’s sensors you purchased from us to collect personal data.

b. What Personal Data Do We Collect?

We collect mainly information that relates to your use of our services, which includes: (i) information provided by you when you register to our services or order our products, such as: demographics, your first and last name, your email address, your gender, age, height, weight and approximate location (where the device was bought); (ii) information on why you bought our device; (iii) information relating to your use of the device, which includes the number of     hours you sit and move each day, the pain levels you experience, your postures and progress; and (iv) information about your health and wellbeing, which includes habits, work environment, fitness routines and training preferences.

We also collect the contents of all correspondence between ourselves and our Customers.

c. How Do We Process Personal Data?

We use your personal data in order to provide you with the services. This is the purpose of collecting the personal data and the main reason for processing. This includes, first and foremost, collecting personal data by the sensors in our end-devices and using it to analyze your current posture and activity and to keep it for future analysis.

We also keep your contact information, both to provide you with access to our application, to contact you with notifications about your device, use of the software and new features, as well as to let you know if we believe something was compromised.

We process your personal data also in order to create statistical, non-personally identifiable, data which is used to assist us in better understanding of features. This means that we can compare behavior, for example, of different age groups, people living in different locations, or different genders in overall performance of our product. By using this data we can help you use our products and services in a better way.

We also process your personal data to understand your device level data, your posture score, your movement levels, and additional technical information including whether you slouched, sat at a smooth angle, had some training, and how you interacted with or  without vibrations.

d. Who Has Access To Your Personal Data?

We do our best to ensure that your personal data remains secure. We provide our employees with limited, monitored, access, only on a need-to-know basis. We also use some contractors that are engaged by our company to provide us with services. Both our employees and contractors are under strict confidentiality agreements.

We also use a few, limited, third parties to process your information. These third parties are:

We also use applications to connect our databases, which include Delighted to Bigquery, Intercom to Bigquery, Shopify to Bigquery, Firebase to Bigquery, and Bigquery to Tableau.

We also comply with legal requests, meaning that if we get an authorized legal warrant to provide your personal data from a law enforcement authority, court or other authorized authority, we will act accordingly. We do not, however, comply with mass-surveillance of our end-users, and shall challenge such requirements in courts until resorting all efforts.

e. How Do We Secure Personal Information?

We secure personal information by storing it in industry-grade servers, when information may be encrypted to prevent abuse and misuse. We also make sure that our servers are checked, occasionally, for known vulnerabilities and bugs, and we update our operating systems periodically. We make sure that all access to our servers is logged, and in some cases use two-factor-authentication.

f. How Can We Contact You?

We may use your contact information to contact you from time to time with promotional offers, in order to provide you with content, training plans, exercises and instructions, articles, questionnaires, recommendations and updated related to our services, new features or information relating to a security breach, if it happens. We also may send you push notifications or text messages to update you with information relating to your specific use of the applications.

You can opt out from all notifications or any notifications using our services.

g. How Can You Review, Amend or Delete Your Personal Data?

We can provide you with a copy of your personal data if you contact us by sending an email to; after you do so, we will verify that this request is genuine, and send your personal data. If you find any of the personal data to be inaccurate, please let us know and we will amend it.

You can also request, post-review, that we remove personal data. In such a case, we will retain the minimum amount that we are required by law but will remove all excess data.

h. Can You Request That We Cease Processing?

Yes. You can contact us at and request that we cease processing your personal data. However, in such a case we will not be able to provide you with any of the services.

Please note that in some cases, we may prefer to remove personal data altogether than to cease processing due to costs. In such a case, we will provide you with a copy of your personal data.

i. Children and Minors.

Upright is meant for adults. We do not provide our services for children or minors. If you are over 14 and under 18, you need to provide us with parental permission to process and retain the information, and specifically, let us know.

j. Cookies

Our website uses first party and third party cookies. A cookie is a small file placed on your browser’s environment which allows us to identify you as a unique user. It does not contain any personal information, nor can it be used to by anyone but ourselves and our third party service providers (who provide third party cookies).

You may opt out from storing cookies on your device altogether, or specifically from our website in your browser’s settings. However, this may impair your use of our services.

k. Can We Amend This Privacy Policy?

Yes. We may amend this privacy policy from time to time. In case of any material change, we will make reasonable efforts to post a clear notice on the Upright website and/or mobile application and/or will send you an e-mail (to the extent that you provided us with such e-mail address) regarding such change. Such material changes will take effect seven (7) days after such notice was provided the Upright website and/or mobile application or sent via e-mail, whichever is the earlier. Otherwise, all other changes to this Privacy Policy are effective as of the stated “Last Revised” and our services on or after the Last Revised date will constitute acceptance of, and agreement to be bound by, those changes.  Please note that updates and changes will be logged in our changelog hereunder. No update shall have any retroactive effect

l. What Happens In Case of Merger?

If our company is acquired, merged, or otherwise transfers its business into a new entity, we might be required to merge databases as well. In such case, we will provide you with a 14-day notice to either delete your information or request that we cease processing. If no response arrives, we may merge databases.



Согласие на обработку персональных данных клиентов - физических лиц

Пользователь, регистрируясь в Приложении или на интернет-сайтах, или ПравильнаяОСАНКА.РФ  принимает настоящее Согласие на обработку персональных данных (далее - Согласие). Действует свободно, своей волей и в своем интересе, а также подтверждая свою дееспособность, Пользователь дает свое согласие ООО «СМАРТ Солюшнс», расположенное по адресу: 634012, Томская обл., г. Томск, Косарева ул., д.15, к.1, - 65, ОГРН 1177031077640, ИНН 7017428252, на обработку своих персональных данных со следующими условиями:

  1. Это соглашается на обработку персональных данных как без использования средств автоматизации, так и с их использованием.
  1. Согласие дается на обработку следующих моих персональных данных:

Персональные данные, не являющиеся специальными или биометрическими: фамилия, имя, отчество, дата рождения, пол, рост, вес, номера контактных телефонов; адреса электронной̆ почты; серия и номер паспорта; кем и когда выдан паспорт; адрес прописки; пользовательские данные (сведения о теме; тип и версия ОС; тип и версия Браузера; тип устройства и разрешение его экрана; источник, откуда пришел на сайт, с какого сайта или по какой рекламе; какие кнопки нажимает пользователь; ip-адрес; реквизиты полиса ОМС (ДМС), страховой номер индивидуального лицевого счета в Пенсионном фонде России (СНИЛС), данные о состоянии здоровья, заболеваниях, случаях обращения за медицинской помощью.

  1. Персональные данные не являются общедоступными.
  1. Цель обработки персональных данных - обработка входящих запросов физических лиц с целью оказания консультирования; аналитики действий физического лица в приложении или на веб-сайте и сайте веб-сайта; проведение рекламных и новостных рассылок.
  1. Основанием для обработки персональных данных является: ст. 24 Конституции Российской Федерации; ст. 6 Федерального закона № 152-ФЗ «О персональных данных»; Устав ООО «СМАРТ Солюшнс»; настоящее согласие на обработку персональных данных.
  1. В процессе обработки с персональными данными будут следующие действия: сбор; запись; систематизация; накопление; хранение; уточнение (обновление, изменение); извлечение; использование; передача (распространение, предоставление, доступ); блокирование; удаление; уничтожение.
  1. Настоящим Пользователь выражает согласие и разрешает объединять персональные данные в информационную систему персональных данных и обрабатывать персональные данные с помощью средств автоматизации либо без использования средств автоматизации, а также с помощью иных программных средств.
  1. Персональные данные обрабатываются до отписки физического лица от рекламных и новостных рассылок. Также обработка персональных данных может быть прекращена по запросу субъекта персональных данных. Хранение персональных данных, зафиксированных на бумажных носителях, осуществляется согласно Федеральному закону №125-ФЗ «Об архимном деле в Российской Федерации» и в нормативно-правовом актом в области архивного дела и архивного хранения.
  1. Согласие может быть отозвано субъектом персональных данных или его представителем путем направления письменного заявления ООО «СМАРТ Солюшнс» или его представителю по адресу, указанному в начале данного Согласия.
  1. В случае отзыва субъекта персональных данных или его представителем согласия на обработку персональных данных ООО «СМАРТ Солюшнс» вправе продолжить персональные данные без согласия субъекта персональных данных при наличии оснований, в пунктах 2-11 части 1 статьи 6, части 2 статьи 10 и части 2 статьи 11 Федерального закона №152-ФЗ «О персональных данных» от 27.07.2006 г.
  1. Настоящее согласие действует все время до момента прекращения обработки персональных данных, из в п.8 и п.9 данного Согласия.