YOUR.MD AS, incorporated and registered in Norway with the company number 999260993 whose registered office is at c/o Advokatfirmaet Simonsen Vogt Wiig AS, Filipstad Brygge 1, 0252 Oslo, Norway is offering its Services which may be branded as Healthily and/or Your.MD, via its subsidiary Your.MD Limited, incorporated and registered in the UK with the company number 08727263 whose registered office is at Your.MD Ltd, 5th Floor, Lincoln House, 296-302 High Holborn, London WC1V 7JH, UK (hereinafter collectively referred to as: ‘Your.MD’, ‘Healthily’, ‘we’ or ‘us’).
Your personal data is controlled by Your.MD Ltd who is the data controller in regard to its Services. Should you have any privacy-related questions, please contact us at privacy@livehealthily.com.
We use your data to personalise your experience when you use our Services. We also use your data to improve the safety and security of the Services we provide, and for the purpose of analytics, marketing and communications.
LEGAL BASIS
Contract performance. This covers data that is processed by us in order to provide you with Services that you have requested.
Consent. Where you have consented to our use of your personal data, including health data.
Legitimate interests. This covers data processed by us for the purposes that can be reasonably expected within the context of your use of our Services to pursue our legitimate interests, in order to improve our Services and your experience, for general social benefits to enable free access to health information, for marketing our Services, exploring business opportunities, for scientific research and to enable us to offer a safe and secure service.
HEALTHILY APP IN COLLABORATION WITH THIRD PARTY
The Healthily App collaborates with and is supported by third parties (the “Co-branding Party”) in certain areas.
Co-branding Parties:
Dettol, owned by Reckitt Benckiser. None of your data is shared with the co-branding party without first obtaining your explicit consent.
PROVIDING OUR SERVICES AND PERSONALISING YOUR EXPERIENCE
We use your data to understand your health so that we can provide relevant information personalised to your needs. You can personalise your experience by adding health data into your profile, completing assessments, or using other services we offer. We will use this data to personalise Services such as the Smart Symptom Checker, and to recommend health plans, track your symptoms, assess your health, and display articles of interest to you.
APPS for users who create a profile. Legal basis: contract performance and consent for processing health data. Data collected: as stated in ‘The data we collect’ section of this Policy.
Smart Symptom Checker (in old versions of our Apps and Web App known as the Self-Assessment Tool or chatbot). We use your data so the chatbot can calculate the most likely condition based on your reported symptoms. We might use the Smart Symptom Checker's results to show you care options (relevant OneStop Health™ providers in your location), or to offer follow-up notifications for relevant conditions, symptom tracking, Health Plans, and receive articles about specific topics. If you use the Smart Symptom Checker on behalf of someone else the collected data is used only for that specific assessment.
Coronavirus (COVID-19) Risk Assessment Tool. Health data provided while completing the self-assessment. Your outcome will not be used for the Smart Symptom Checker's calculation.
Health Library. You can search the Health library and save your preferred articles. Some articles include a When to Worry feature, which helps you assess the need to visit a health professional. We might show you OneStop Health™ providers based on your Health Library search. For example, if you read an article about asthma, we will direct you to a OneStop Health™ provider that offers services for this condition. All the articles you will view will be stored in Health journey.
Health journey with Journal functionality. Health journey can store data about your wellbeing so you can track your symptoms and/or habits over time (Trackers), access your past Assessments reports (Reports) and Notes. Assessments for third parties are not stored as Reports, but we do save a record in our Technical Information logs. Health journey data will not be used in the Smart Symptom Checker’s calculation.
My personal details (My Account/Your Profile). We do not create third-party profiles. You can decide to create a profile for yourself or use our Services without one. We use your in-app Profile data to allow you to use our Services and personalise your experience. You cannot create a profile for an additional user.
My trackers with Goals functionality. You can track your symptoms and/or habits (free trackers and custom trackers) over time and sync with your health and fitness apps data to get useful insights relevant for your health. You can also set a goal you aim to achieve, monitor your weekly progress, and receive a weekly report. This data will not be used in the Smart Symptom Checker's calculation.
Health plans. If you set up trackers with goals functionality we will use this information to provide the Services to you. We will send you daily reminders for symptom tracking and health tips on how to improve your wellbeing.
My health history You can share your health history with us by selecting one or more conditions from the list (for example, high blood pressure, coronary artery disease, chronic kidney disease, diabetes, asthma, etc). This data will be used for the Smart Symptom Checker.
Backup your account. By signing in with your email/Google/Facebook account you give us permission to access and use your name and email address as outlined in this Policy. We use this data to enable you to access Your Profile from other devices. We recommend you sign out each time you leave the App so that your health data will be accessible only upon signing in.
Sync with other apps. The information gained through the use of ‘Sync with other apps’ will never be used to serve ads or disclosed to a third party that provides a health or fitness services without prior obtaining your permission.
Self-assessments. Health data provided while completing self-assessments and your subjective scores will not be used for the Smart Symptom Checker's calculation.
Notes. You can add your own data via the notes section. We don’t use this data for other features of our App, such as Smart Symptom Checker.
Push Notifications. We will send you push notifications based on the health data you provide when you use our Services. For example, we will use an assessment outcome to send you follow-up notifications for relevant conditions and to recommend that you track your symptoms for a period of time to see how they change. We will ask you if you are feeling any better and provide information relevant to your response. We will send you notifications to display articles based on your Health Library search and/or our OneStop Health™ providers available in your local area. We will also use your personal details - age, gender, and acquisition channel - to send push notifications related to these characteristics. For example, we will send you an article we think may be of interest to users in a certain age group. By enabling notifications, you will personalise your experience.
Back Pain Hub. The data collected from answers given to questions asked during the safety assessment will be used only for safety assessment purpose, namely to assess and triage your symptoms before giving you access to Back Pain Hub. The information regarding Posture, Activity Levels, Back Exercises, Relaxation Exercises and Pain Medication will be used to enable you to track your habits and will not be used for the Smart Symptom Checker’s calculation. We will send you daily reminders to track your habits only if you decide to opt-in to receiving notifications. Third party providers, available within Discuss and Healthily Loves sections, are OneStop Health™ providers, all verified by our team of doctors. We never share any of your health information with these providers.
OneStop Health™ Marketplace. Our OneStop Health™ marketplace consists of providers (OneStop Health™ providers) verified by our medical team that supply specific services, treatments and products to help with medical or health-related problems. Based on your reported symptoms, we use the information calculated by the chatbot to show you OneStop Health™ providers which might be useful to you (care options). If you click on the link of a OneStop Health™ provider you will leave the app and be redirected to that provider's service. In doing so, the way in which your data is processed will be determined by that provider's privacy policy. We create a local database on the device so we know if you have clicked on any providers. We will not disclose or share your data with any OneStop Health™providers.
We use the data we collect from you to present you with OneStop Health™ services in your local area which might be useful (for example, providers available in your country of residence or providers for a specific condition). For this service to be free, we need to track which users click on or see links to the providers. We use this data for analytics and billing purposes. When you click the link of a OneStop Health™ provider, you will be directed to their website and that provider will receive your IP address.
Data collected by OneStop Health™ providers may include personal information, but this is governed by their own privacy practices. The providers and other third-party websites or services may place cookies or other files on your computing or smart device, collect information or solicit personal information from you. We encourage you to be aware of the privacy practices of any third-party providers you interact with. We are not responsible or liable for your interaction with third-parties, the information requests initiated by them, or the subsequent use, treatment or dissemination of information you voluntarily choose to provide to them.
OneStop Health™ providers are also available within “Healthily Loves” and “Discuss” section of Back Pain Hub.
Dettol products. If you click on the link within Dettol products you will leave the App and be redirected to that Amazon service. In doing so, the way in which your data is processed will be determined by that Amazon's privacy policy. We will track your clicks on the link to measure engagement.
Make it local (Find health services near you). By accepting the location permission, you will be able to find services near you. This feature enables us to collect the longitude and latitude of your mobile device so that we can find services near you. We will only process your geolocation data when you use 'Find Places Nearby', and we won't store this data as we are using Google APIs. By using this feature, you consent to Google's Terms of Service and Privacy Policy, all of which is incorporated into this privacy policy.
For more information on how Places API and Place Details work, please see Place Search and Place Details. For more information on how Google processes your location data, please see Types of location data used by Google and Google Privacy Policy.
Weather (service provided by OpenWeather). By accepting the location permission, you will be able to see the local weather. This feature uses the longitude and latitude of your mobile device so that we can show you the weather and temperature at your current location. You can turn your location off within the App/My account settings/My settings/Get the local weather at any time.
Quizzes. We process data collected from quizzes created in brandquiz. We use your data only for the purpose of offering quizzes to you and we limit barndquiz to do the same. Please see section “Who has access to your data” of this privacy policy. Legal basis: contract performance or consent or legitimate interests, namely, to improve our Services. Data collected: as stated in ‘The data we collect’ section of this privacy policy.
Surveys. We process data collected from quizzes via the Typeform service. We use this data only for the purpose of offering quizzes to you and we limit Typeform to do the same. Please see section “Who has access to your data” of this privacy policy. Legal basis: contract performance or legitimate interests, namely, to improve our Services. Data collected: as stated in ‘The data we collect’ section of this privacy policy.
WEB APP
Smart Symptom Checker
You can access our symptom checker on website through our web app.
Legal basis: contract performance and consent for processing health. Data collected: as stated in ‘The data we collect’ of this policy, without any directly identifiable personal data.
Report
If you request us to send you the Assessment report (Report) to your email address we will ask you to choose a PIN number to secure the Report. This way we make sure that the Report is shared only with you and that no health data is stored together with your email address, meaning that the processing is still private and secure.
Coronavirus (COVID-19) Symptom Mapper
Legal basis: legitimate interests, namely general social benefits to enable free access to health information and consent for processing health data. Data collected: as stated in ‘The data we collect’ of this policy, without any directly identifiable personal data. We use the information you provide in order to enable you to use the service and for research as described in Coronavirus (COVID-19) research section.
My Coronavirus The People's Survey - COVID Positive People Survey
Legal basis: consent for participation and processing of health data for research purpose, consent for sharing health data. Data collected: as stated in ‘The data we collect’ of this policy, without any directly identifiable personal data. We use the information you provide for research as described in Coronavirus (COVID-19) research section.
SITE
You can access our site here.
Legal basis: legitimate interests, to improve our Site and your experience. Data collected: as stated in ‘The data we collect’ section of this policy, without directly identifiable personal data - namely, country, region, time zone, service preference, identifiers (IP address, analytics IDs) and applicable technical and analytical information.
Your Story
If you decide to share your story with us, such as by participating in COVID – 19 story, Menopause story or any other story, we will process your health information provided in an anonymised manner. We might use third-party provider service, such as Typeform, a third-party service provider we use for online surveys, and WordPress, a third-party service provider we use for creating and hosting relevant webpages. We will not collect any information that could directly identify you when you participate in a story.
Legal basis: contract performance, consent for processing health data for research purposes and/or for publishing withing Healthily platforms and/or social media. Data collected: anonymised health data.
TESTER PROGRAM
If you decide to participate in our usability tests (“User Tests”) available on/via various third party providers, we will use your personal data and any other data provided through our Services (“Tester data”) only for the purposes of User Tests. Third party providers will not process Tester data for purposes or by other means than as instructed by Healthily/Your.MD or as otherwise necessary to provide the services. Tester data may include personal data, including personal contact information such as name, address, telephone number, email address or other personal demographic information and health data. Legal basis: contract performance and/or consent. Data collected: as stated in ‘The data we collect’ section of this policy.
During the User Tests you might enter data about your health. If this happens, we will either anonymise this data or you will be asked to consent to health data processing for User Tests purpose. We will use technical and analytical data collected for analysis to help us improve our services. All the data you provide during the User Tests will be collected and stored by third party providers. Please see 'Third Party Technology and Providers' section of this privacy policy to learn how third party providers processes your data.
MVPs
We strive to provide the services that most interest you, which is why we regularly test new products and services (Minimum Viable Products or MVPs). Should you wish to use the MVPs, you will need to accept the MVP Privacy Policy and Terms of Service (MVP Policies). This privacy policy and the Healthily terms of service form part of the MVP Policies where applicable. The MVP policies are available on our site, and a link is displayed before you consent to using the MVP. If a specific MVP policy is not available, the terms of this privacy policy and the terms of service apply. In case of discrepancies between the MVP Policy and this privacy policy and/or the terms of service, the MVP Policy prevails. Legal basis: legitimate interests, to helps us improve our Services. Data collected: as stated in ‘The data we collect’ section of this policy.
FOR INTERNAL ANALYTICS
We collect data on how you use our Services so we can make improvements to the service we offer you. We use identifiers but do not link these to your name or email address, and we carry out troubleshooting, testing, research, and surveys. We also analyse your activities to understand how you use and interact with our Services. Legal basis: contract performance and/or legitimate interests, to helps us improve our Services (Site) and for general social benefits to enable free access to health informationfor users who do not create a profile. Data collected: Analytical information, Technical Information, as stated in ‘The data we collect’ section of this policy.
For example, we look at whether you click on a OneStop Health™ partner, conduct an assessment, view articles, use the health tracker, engage with notifications, and we will analyse the screens you use and if you added data into your profile. We check how you use our Services with the help of analytics providers (Google Analytics for Firebase, Google Analytics and Amplitude) and by processing Analytical Information (please see section “The data we collect” of this Policy). With the help of analytics ID assigned to you, we can use the data that you enter when talking to our chatbot (age and location, but not your name or email address) for our internal analytics and research. We do not process any information which could directly identify you in our analytical databases unless you use a service that requires us to do so. For example, we check how many users have finished an assessment or have visited our Site.
Surveys. We use surveys to ask for information/feedback which helps us improve our Services or to conduct commercial research. You might be asked to participate in a survey via our Services or through our third-party providers. We might use your email address and/or telephone number for a survey, research, or testing if you choose to participate. If you confirm that you would like to receive notifications when we develop a specific feature, we will inform you when this feature is available. Or if we carry out a risk assessment survey, we will send you the results of the assessment via email. Your data will be transferred to Typeform, a third-party service provider we use for online surveys. We will not collect any information that could directly identify you when you participate in a survey. Legal basis: legitimate interests and/or consent, to helps us improve our Services. Data collected: your responses, your email and/or telephone number and IP address.
FOR SAFETY AND SECURITY
We usually process your data based on IDs attached to Your profile, so we do not see your name or email address. To safeguard your privacy, we store health data and data which could personally identify you in separate databases. We do store technical logs of your activities in the app. In line with best practice, only authorised staff members can access personal data, and only when required for user safety or critical systems issues. Legal basis: legitimate interests, to enable us to offer a safe and secure service. Data collected: As stated in Technical Information of this Policy; in ‘The data we collect’ section.
FOR MARKETING OR COMMUNICATION PURPOSES
We use your data to send you newsletters, respond to your requests, offer surveys, and for research and testing purposes. Legal basis: legitimate interests, for marketing our Services, exploring business opportunities and consent to show you relevant care options form third party providers. Data collected: email, full name (if provided), IP address or other identifier assigned by a third-party service provider.
NEWSLETTERS. We will use your email address to send you newsletters to update you about our Services, health tips, and more. If you're a business customer, we will send you emails to explore potential opportunities for collaboration. Your data will be transferred to MailChimp and Airship, a third-party service provider that we use for sending out newsletters.
EMAIL REQUESTS. We will use your email to respond to any queries you send to support@livehealthily.com and/or privacy@livehealthily.com. Your data will be transferred to Zendesk, a third-party service provider that we use for a support ticketing system. Please do not share any health data when sending emails to support@livehealthily.com and/or privacy@livehealthily.com as we do not respond to any case-specific health issues.
Facebook Lead Ads. We will use the information that you send us through a Lead Advert, which may consist of your email address and any additional information, to send you the selected content. The email address will be transferred to Mailchimp and Airship, a third-party service provider that we use for sending out newsletters.
CORONAVIRUS (COVID-19) RESEARCH
Legal basis: consent or legitimate interests, namely to support COVID-19 research that is also in line with our business interests to improve healthcare and selfcare by enabling access to free health information. We process the data in pseudonymised manner, meaning that we cannot directly identify you when processing this data and share the information for research purposes based on Article 9 (j) GDPR or consent in anonymised manner with third parties only for research purposes. Data collected: as stated in ‘The data we collect’ section of this policy, without directly identifiable personal data.
PARTICIPATION IN THIRD PARTY RESEARCH PROJECTS
If you decide to participate in a third party research project by providing your email address we will process this information on legitimate interests and/or consent basis and share this information with a third party researcher. Data collected: email address.
DIRECTLY IDENTIFIABLE PERSONAL DATA (only for users who decide to create a profile): full name, email address, Facebook/Google account name and email address.
INDIRECTLY IDENTIFIABLE PERSONAL DATA: First name or nickname, age, gender, location (country, region - not specific enough to identify the street), time zone, service preferences, acquisition channel), identifiers (profile ID attached to your profile data, IP address, analytics IDs, conversation/consultation ID, device ID).
HEALTH DATA. Any type of health data you share when using our Services and when participating in research projects and research surveys, such as health data collected through the chatbot, Health history, and Health data provided through specific services such as assessments, the racker, quizzes and tools (BMI calculator).
TECHNICAL INFORMATION. User agent (web browser type and version), device model, screen information, mobile service provider, installed app version, OS version, location (country and city), time zone, IP address at the time of usage, Healthily's unique identifiers (profile ID, conversation ID/consultation ID), records of events with Technical Information and your interaction with our App/Services. For example, logs on your usage of the Services, which include chat information, quizzes, self-assessments and tools, the BMI calculator, and the articles you have viewed in the Health Library and our OneStop Health™ Marketplace.
ANALYTICAL INFORMATION. Hashed IP address, hashed profile ID or guest profile ID, hashed conversation/consultation ID, analytics provider's unique user ID (Firebase ID) or client ID (Google Analytics ID), third-party cookies.
Information on how you use our Services:
General Activity (e.g. the screens you view, time spent, if you added data to your profile, whether you are in test groups, items on your home feed and interaction)
Sessions (e.g. when you started the session, duration)
App info (e.g. if you deleted/upgraded the App, version)
Authentication (e.g. whether you authenticated and which type of authentication)
Acquisition channel (e.g. which ad you clicked on to get to our Services)
Notification activity (e.g. whether you opted in or out of notifications)
Activity within our Services and features (e.g. your data and activities, assessment outcomes and feedback, whether you sent an input that failed to be understood by our chatbot, clicks on articles, whether you opened an assessment report, viewed assessment history, articles you view, share, whether you view/click on the partner, whether you are logging your feelings, tracking symptoms, receiving follow ups, syncing data with third-parties, whether you sign up for Health Plans and your interactions, logs on your usage of our Services).
We cannot provide all services necessary for the successful operation of our Services by ourselves. We therefore share collected information with third-party providers for the purpose of offering and improving the Services. The information we share will not identify you personally, and the providers will only use the data to offer services to us. However, we will use your email to send you newsletters and surveys. For privacy-related requests, see section “Your rights” of this Policy or send an email to privacy@livehealthily.com
THIRD-PARTY TECHNOLOGY AND PROVIDERS
Third party providers are data processors. This means they process your information on our behalf, in accordance with our instructions. We only allow your information to be used by them to offer services to us. How third party providers' use of information is controlled by the terms of their contract with us and any settings enabled by us through the user interface of their product.
Kickbox. We use Kickbox, an email address verification service provider, to validate the email address and find out whether an email can be delivered. Kickbox processes information under our direction. Kickbox may transfer personal information to companies that help them provide their service to us. Transfers to subsequent third-parties are covered by the service agreement between Kickbox and Healthily/Your.MD. Kickbox acknowledges that you have all the rights described in section “Your rights” of this Policy. Kickbox has no direct relationship with you. If you want to access, correct, amend, or delete inaccurate information you should direct your query to us by sending an email to privacy@livehealthily.com. If you make a request to delete the information, Kickbox will respond within 30 business days. Kickbox will retain personal information they process on our behalf for as long as is needed to provide services to us. Kickbox will retain any personal information needed to comply with their legal obligations, resolve any disputes, and enforce their agreements. Please refer to the Kickbox Privacy Policy for more information about Kickbox information processing.
Zendesk. We use Zendesk® (Zendesk, Inc.) as a support ticketing system which enables Healthily employees who respond to your emails to streamline communications in a single ticket, all within an organised workflow. This allows individual requests to be dealt with more quickly. Any information you share with us via email will be received by a Healthily support employee who will have access to information you share. This includes statistics such as when you last requested support, the nature of the issue, how it was resolved, and how long you had to wait for a resolution. Please refer to the Zendesk Privacy Policy, Zendesk Ticketing System, Zendesk EU Data Protection and How Zendesk Protects Personal Data for more information.
Mailchimp. We use Mailchimp to send out Healthily newsletters, for tester program correspondence, and surveys. MailChimp uses your data to host an email marketing service for us, and may share your data with third-parties for the same purpose. Your data is stored on a secure Mailchimp server. Mailchimp is not allowed to sell your data. Mailchimp will give access to/delete any personal information they hold about you within 30 days of a request. Please refer to the Mailchimp Privacy Policy for more information.You can unsubscribe from these emails by clicking the 'unsubscribe from the list' link in the footer of every email you receive from us.
Airship. We use Airship to send out Healthily newsletters, for tester program correspondence, surveys and to send push notifications. Airship uses your data to host an email marketing and communication services for us and may share your data with third-parties for the same purpose. Your data is stored in EU Datacenter. You may exercise any rights you may have to access, correct, amend or delete such data. You can unsubscribe from our email messaging by clicking the 'unsubscribe from the list' link in the footer of every email you receive from us. Please refer to Airship Privacy Statement for more information.
Typeform. If you decide to participate in one of our Surveys, we use Typeform, an online software service for form building and surveys. Typeform will collect the following information: your responses (these are managed by us and we take responsibility for this data, which may include personal data), usage data (data about your interaction with Typeform services), device and application data (IP address, browser type, operating system, geolocation), referral data (the source that referred you to us – link on site, email etc.), and email address (to send you Typeform notification emails). All data is hosted by Amazon Web Services (AWS). Typeform's main servers are located in Virginia, USA, and its backup servers are in Frankfurt, Germany. Typeform uses Transport Layer Security to secure data in transit.
Third-party Health Trackers. You can sync data collected by third-party trackers with our Health Tracker: Apple Health, Samsung Health, Google Fit. We will use this data solely for providing the trackers to you. The information gained through the use of ‘Sync with other apps’ will never be used to serve ads or disclosed to a third party that provides a health or fitness services or medical research without prior obtaining your permission.
brandquiz is an online software service company that we use for creating quizzes. The information brandquiz collects when performing this service for us is as follows: your responses, contact information (email address), log file information – such as connection logs (for example, web requests, IP address, browser type), timeline event logs (records of alerts and notifications that can help brandquiz to identify and diagnose the source of current system problems and help predict future problems) and analytical logs. brandquiz will pass on to us any request you have to exercise your rights (to delete, release or correct your data) as we are granted electronic access to your data. brandquiz stores the data in data centres managed by Amazon Web Services in Germany and analytics data in data centres in the USA that are managed by Intercom, Inc. Please refer to the brandquiz Privacy Policy and Data Processing Agreement for more information.
Facebook and Google Authentication. Facebook and Google Accounts. You can create your profile by signing in with your Google or Facebook account. By doing so you allow us to process this information. We use your email for authentication purposes in the Profile tables. We enable Google or Facebook authentication when you use the Apps. Some services allow you to use them as a guest without creating a profile, but this means you will not be able to retrieve your information later. Please refer to the Google Privacy Policy and Facebook Data Policy for more information.
Firebase Authentication feature enables you to sign in or create a profile with your email/Google/Facebook account. Firebase Authentication stores the following data: password (only relevant for users who created a profile with the 'email' authentication method), email address, phone number (only relevant for users authenticated with Facebook, for which the email address is not available). User Agent String and IP addresses are used for added security and to prevent misuse during sign up and authentication. For more information, please refer to the Firebase Data Processing and Security Terms.
Calendly. We use Calendly to book an interview in the course of the tester program. Calendly is an online software service for scheduling the interviews for our tester program without back-and-forth messages. The information Calendly collects as necessary for performing this service for us is as follows: name, email address, date, and time. Your data is stored in the United States or in other countries where Calendly or its third-party service providers have operations. Calendly will give access to/delete any personal information they hold about you within 60 days of a request. Please refer to Calendly Privacy Policy Notice for more information.
Zoom. We use Zoom to conduct and record an online interview (upon prior user’s consent) for our tester program communication. Zoom uses your data to host communication services for us and may share your data with third-parties for the same purpose. By using Zoom you acknowledge that your personal data may be transferred to or stored in the United States or in other countries around the world. If you are a resident of the European Economic Area (EEA), and your personal data is transferred outside of the EEA, Zoom will process it in a territory which the European Commission has determined provides an adequate level of protection for personal data, or implement appropriate safeguards to protect your personal data. Please refer to Zoom Privacy Statement for more information.
Google Meet. We also use Google Meet to conduct and record an online interview (upon prior user’s consent) for our tester program communication. Google Meet likewise uses your data to host communication services, so please refer to Google Meet Security & Privacy for Users for more information.
ChatBot. We use ChatBot to tailor your experience when using our website, namely to refer you to relevant OneStop Health™ provider or to suggest them to download our App. The information ChatBot may collect from you are first name, last name, e-mail address, and other contact information, as well as some other information (e.g., network, username, and user ID) in order to allow us to provide you our Services. Those data will not be used for any purpose which is not compliant with ChatBot Privacy Policy, which means that ChatBot will never share, sell, rent or trade your personal data with any marketing or promotional partners without your consent. For more information, please refer to ChatBot Privacy Policy.
OpenWeather. We use OpenWeather to further tailor your experience of using our App, namely to provide them information about weather and temperature at your current location. The use of this feature is completely optional, that is only if you permit our App to collect relevant geolocation data of the device. The only data that we share with OpenWeather are geolocation data of your device, which are used solely for the purposes of providing you with the information about local weather and temperature. For more information, please refer to OpenWeather Privacy Policy.
ADVERTISING PROVIDERS
We use third-party providers to advertise our Services on other platforms and acquire new users.
Google Ads. We use Google Ads, Google's online advertising program, to reach new customers and grow our business. We use features such as Search Ads, Display Ads and App Ads. You can find more information about these features here. With the aid of advertising cookies we can make advertising more effective. Without cookies, it is more difficult for us to reach our audience, or to know how many ads were shown and how many clicks we received. When you visit our Site or see an ad that uses Google Ads, either on Google services or on other sites and apps, various cookies may be sent to your browser. These may be set from a few different domains, including google.com, doubleclick.net, googlesyndication.com, https://ads.google.com/home/, or the domain of Google's partners' sites.
Google Marketing Platform (“GMP”). We use GMP as and acquisition channel to reach new users and achieve growth of our business. We don’t use this platform for remarketing purposes. For more information, visit their website and read their privacy policy.
Microsoft Ads. We use Microsoft Ads, Microsoft’s online advertising program, to build and manage advertising in the same we do with Google Ads, so we use the platform to target relevant search traffic on Microsoft Bing's search engine and other Microsoft’s products and networks. This is also done by using advertising cookies. For more information about Microsoft Ads, visit their website.
Facebook.
Facebook Ads. With the use of Facebook Ads we can redirect you from our Facebook profile to download the Apps from App Store or Google play, or directly to our Web App to enable you to use our Services. For more information on Facebook Ads, please refer to the Facebook Ads Basic and Facebook Data Policy.
Facebook Lead Ads. When you click on Facebook Lead Ad and submit the form with information such as your name and email address, we will use this information to send you the content you have requested from us directly to your email address. This information is stored in Mailchimp. All the information you share with us via Facebook Lead is stored on Facebook’ servers as well and Facebook will use it as described in its Data Policy.
Ads are shown to you based on your activity across Facebook Companies and Product, your activity with other business, websites and apps and your location. For more information please read About Facebook Ads.
Kevel. We use Kevel for advertising purposes of our Services by setting APIs infrastructure needed to build custom ad platforms for features such as sponsored listings, internal promotions and native ads. You can find more information on those features here. For more information regarding data collection and usage as part of the ad serving platform, please read Kevel Privacy Policy on Ad Serving.
RevX. We use RevX advertising and marketing services for the new users acquisition purposes (and not to retarget our existent users). To that end, RevX aims to gain installs of our app using ads on their own network of apps. For more information, visit their website or read their Privacy Policy.
InMobi. We use InMobi as an in-app performance advertising platform for scaling our mobile growth, in particular to display our ads via their advertising platform services for the purposes of acquisition of new users (and not to retarget our users) and to analyse the progress. For more information, visit their website or read their Privacy Policy.
Media.net. We use Media.net to display native ads within our content while you are using our Services. To learn how they process your data when using our Services, please read their privacy policy.
Taptica. We use Taptica for advertising purposes in order to place our ads on their network of ads so as to acquire new users and not to retarget our existent ones, as well as to be able to analyse our growth of the number of such newly acquired users. For more information, visit their website or read their Privacy Policy.
Taboola. We use Taboola for advertising purposes to place our ads by using their content discovery widget that may be seen on third-party websites that allow to place that widget on their websites or applications in order to redistribute our ads to visitors of those websites or applications, based on what it is believed the visitor would be most interested in reading or viewing. For more information, visit their website or read their Privacy Policy.
Samurai App. We use Samurai App for advertising purposes in the same way as we use InMobi and Taptica, that is mainly to place our ads on their network of ads to acquire new users (and not to retarget our existent users) and to analyse our growth of the number of newly acquired users. For more information, visit their website or read their Privacy Policy.
AppLovin. We use AppLovin for advertising purposes in the same way as we use other third-party advertising providers, namely to place our ads on their network of ads to acquire new users and not to retarget our existent users. For more information, visit their website or read their Privacy Policy.
ONESTOP HEALTH™ PROVIDERS
Addicaid,
AIDE,
Akira,
Altibbi,
AugmentCare,
Aura Health,
Antidote,
BetterPT,
Big White Wall,
Bisa,
Braive,
Brook,
CCBT,
Cera,
Chemist Direct,
ConnectMed,
Daily Yoga,
Doctor Care Anywhere,
Doctify,
Doctor Insta,
Doctor On Call,
Doc2Us,
Dr. Morton's,
Echo,
EYR,
First Derm,
Firstcheck,
GetDoc,
GPDQ,
HelloDoctor South Africa,
helloDoctor Ethiopia,
HealthExpress,
InnerHour,
KRY,
KingFit,
Knok,
Lark,
LetsGetChecked,
Life Circle,
London Osteoporosis Clinic,
Marie Stopes International,
MDacne,
Medbelle,
MedicSpot,
MedGrocer,
Minds for life,
Mimi,
MyHouseCall,
MyMeds,
My Online Therapy,
MyPocketDoctor,
mySugr,
myLAB Box,
National Migraine Centre,
NHS,
Obino,
Ostrichpillow,
PAPYRUS,
PayAsUGym,
Pacify,
Phlo,
Physio Fast Online,
Pliro,
Portea,
PrivateDoc,
Project Red Ribbon,
Pzizz,
Samsung Health,
Sehat,
Sexwise,
Siha Health,
SH:24,
Sleep Cycle,
Slide Safe,
Smoke Free App,
Supercarers,
TB Alert,
Testing for All,
The Pip,
Thriva,
Urban Massage,
Vida,
WellaHealth,
West Africa AIDS Foundation,
Zennya,
Zoom Doc,
1mg.
COMMUNICATION PROVIDERS
We use third-party services for our internal communications and communication with external partners, namely:
Skype www.skype.com/en/, https://www.skype.com/en/legal/,
Slack https://slack.com/,https://slack.com/privacy-policy,
Google Hangouts https://hangouts.google.com/, https://policies.google.com/privacy?gl=SI&hl=en-GB,
Gmail https://www.google.com/gmail, https://policies.google.com/privacy?gl=SI&hl=en-GB,
Zoom https://zoom.us/, https://zoom.us/docs/en-us/trust.html.
We do not share directly identifiable personal data with these services.
MANAGING PROJECTS, HOSTING, SOFTWARE DEVELOPMENT AND CLOUD STORAGE
Gatsby https://www.gatsbyjs.org/,
Github https://github.com/, https://help.github.com/articles/github-privacy-statement/,
Trello https://trello.com/en, https://trello.com/privacy?truid=trd2c0ae-6aa2-0b90-4a85-b5288442e268
Zeplin https://zeplin.io/, https://zeplin.io/privacy,
Jira https://www.atlassian.com/, https://www.atlassian.com/legal/privacy-policy,
Google drive www.google.com/drive/, https://policies.google.com/privacy?hl=en&gl=US
Dropbox https://www.dropbox.com/privacy2016,
Tableau https://www.tableau.com/tos, https://www.tableau.com/privacy
ANALYTICS PROVIDERS
With the help of analytics providers, we collect Analytical Information to help us improve our Services for you. We chose our providers carefully and set the most restrictive controls available to ensure they do not use your data for any purpose other than providing services to us.
Google Analytics for Firebase
Google Analytics for Firebase (GAF) allows us to collect data on how our apps are used, as described under 'Analytical Information' in section “The data we collect” of this policy. When you install our app, GAF collects the following data: unique identifiers, browser type and settings, operating system, mobile network information, IP Address (which is anonymised before any storage or processing takes place), crash reports, device identifiers, and an pp instance identifier — a randomly generated number that identifies a unique installation of our app. We use Analytical Information to improve and personalise our apps.
To learn more about how GAF processes your data, please refer to the following: Google Analytics for Firebase Use Policy, Information for Visitors of Sites and Apps Using Google Analytics, How Google uses information from sites or apps that use their services, and Terms of Service for Firebase Services.
Google BigQuery
We can draw and analyse data from GAF using Google BigQuery. For more information, please see Google Service Specific Terms. We use Tableau Software for graphic visualisations of the data extracted from Firebase Analytics and BigQuery. For more information, please see the Tableau Software Privacy Policy.
Google Optimise is used with GAF data to quickly and easily identify areas of our App which require improvement. We use this service to provide A/B tests, and to see which flow or design works best from a user perspective. We do this by splitting users into test or control groups to see which performs best. Visit Google Optimise for more information.
AWS Analytics does not access or use your data for any purpose other than to provide services to us, as legally required, and to maintain AWS services. Strong encryption of your data is in place. You can refer to the AWS Privacy Notice for more information. Please note, AWS Analytics is only used in our iOS App.
Google Analytics (GA) is usedon our Site and Web App. When you visit the Web App or our Site, your web browser automatically sends your IP address and information on how you use the Service to GA. Processing is based on a GA-created browser ID by using cookies. GA uses IP addresses to provide and protect the security of the service, and for us to know the country you use our Services in. GA anonymises the IP address before any storage or processing takes place by obfuscating the last few digits. Please refer to the IP Anonymisation in Analytics. GA processes the data based on a GA identifier called Client ID, which is stored in a cookie. Identifiers such as cookies and GA user IDs measure and report statistics about your interactions on our Site and/or Web App. GA stores cookies on your device to keep track of how you use our Site/Web App statistics without personally identifying you. We use the data collected by GA to improve the quality of our Site and Web App and to analyse Site/Web App usage. For more information, please read How Google uses cookies. Google has an EU Privacy Shield certificate and uses Standard ISO 27001 security measures. For more information on operational security and disaster recovery, please visit: How Google analytics secures your web traffic and Safeguarding your data. For general information, please read the following: How Google uses information from sites or apps that use their services, Safeguarding your data and the Google Privacy Policy.
AppsFlyer provides a software development kit which allows the tracking of mobile application use, installations and downloads. It helps determine where the user came from (for example, Facebook, Google Ads, organic user) so we can track and analyse your characteristics and activities. To do this, we may upload some of your data to the AppsFlyerplatform and servers. Please refer to the AppsFlyer Privacy Policy for information on how AppsFlyer processes your data.
Fabric is a business division of Google Inc. and we use their Fabric Crashlytics for crash reporting and beta testing of our mobile App. It helps us understand our App by tracking information about how publicly-released and beta versions of our App are functioning. For more information, please refer to Crashlytics Privacy Policy, Fabric Privacy and Security and the Google Privacy Policy.
Facebook Pixel is an analytics tool that allows us to measure the effectiveness of our advertising by understanding the actions you take on our Site. We have placed a pixel code on the header of our Site so that when you visit our Site and take an action (such as clicking on the Web App), the Facebook pixel is triggered and reports this action. We then know when you take an action and will be able to reach you again in future through targeted Facebook ads. With Facebook Pixel we relay conversions back to Facebook which enables retargeting. For more information, please read the Facebook Data Policy and visit The Facebook pixel.
Outbrain Pixel is an analytics tool that help us understand whether you have successfully landed on our Site or installed the App. For more information, please read Outbrain Privacy Policy.
Amplitude
We use Amplitude for our internal analytics. Amplitude stores the following data: analytic identifier, location, sex and year of birth (but not your name, email address or any other directly identifiable personal data). All data is stored in an AWS US region. For more information, please refer to Amplitude Privacy Policy.
TESTER PROGRAM
If you decide to participate in User Tests, this will be performed via UserTesting platform (UserTesting).
UserTesting may collect individually identifiable information or other data. Any information stored on UserTesting Platform is treated as confidential and all the information is stored securely and is accessed by authorized personnel only. UserTesting implements and maintains appropriate technical, security and organizational measures to protect personal data against unauthorized or unlawful processing and use, and against accidental loss, destruction, damage, theft or disclosure. Please refer to the UserTesting Privacy Policy for more information.
THIRD PARTY RESEARCHERS
We share your information in an anonymised manner with third party researchers, namely Imperial College of Science Technology and Medicine, London.
SOCIAL MEDIA (Facebook, Twitter, Instagram, Snapchat, Pinterest, TikTok)
When using our Services through social media note that the information you share including health data will be processed by social media provider and might be used to build a profile of you and could result in receiving adverts including relating to health issues. This processing is not controlled by us and we do not have access to the data stored within social media about you. For more information read social media privacy notices, Facebook, Twitter, Instagram, Snapchat, Pinterest, TikTok.
LAWFUL PURPOSES
Your data will be disclosed only when necessary for lawful purposes, our legal obligations and rights as stated herein, and will be limited to such purposes:
a) if required by law, for example to comply with a court order, subpoena, regulation, legal process or other governmental request
b) to exercise or protect the rights, property or personal safety of our company, our users or others
c) to enforce this privacy statement, including investigation of potential violations d) upon fulfilling legal requirements of local legislation to supply certain services a third-party might legally request from us
e) to detect, prevent, or otherwise address fraud, security, or technical issues
f) if we are involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified of any change in ownership or uses of your data
g) to respond to claims that any content published within our Services or our Services violate any right of a third-party.
We follow generally accepted industry standards and internal procedures to protect the data submitted to us during transmission, storing, and processing. We store your data for as long as is needed to provide our Services.We may store it for longer, but only in a way that it cannot be tracked back to you. We delete all personally identifiable data we have about you within 30 days of receiving your data deletion request. Please make sure you request a copy of your data before you ask to delete your data, as your data will not be retrievable afterwards.
We delete the logs we keep of the IP addresses you have used after approximately six months. When the data is no longer needed, we delete it using reasonable measures to protect the information from unauthorised access or use. Any information you send to care@livehealthily.com and/or privacy@livehealthily.com will be deleted as soon as we respond to your enquiry and/or the information is no longer needed.
We are committed to keeping your data up-to-date. You can exercise your rights within our App or ask us to do so for other services by sending an email to privacy@livehealthily.com. We may decline to process requests that are unreasonably repetitive, require disproportionate technical effort, jeopardise the privacy of others, are impractical, or if we are required to retain such information by law or for legitimate business purposes. In the event of a suspicious request made in bad faith or accompanying unlawful behaviour, we reserve the right to deny any request you make. We will not respond to any enquiry emails which we do not understand, where the request is not clearly specified, or pertains to health questions as we do not offer case-specific advice.
RIGHT TO WITHDRAW YOUR CONSENT
You can withdraw your consent for the use of your Health history in Account Settings at any time by visiting your Account Settings/Health history/Delete your health history. Once you have done so, we won't use this data for our Services, and it will be deleted from your account (in-App profile).
You can change notification preferences within your Account settings and choosing ‘My trackers’ option. By clicking the button next to the tracked symptom, the health tracker history in the App will be deleted and you will no longer receive tracking reminders.
To withdraw consent for general notifications you can choose ‘Get notification’ option within your Account Settings/My Settings or you can use the notification settings within your mobile device (please see section “Your rights”, 'Opt-Out of this Policy').
To unsubscribe from our newsletters you can click the 'unsubscribe' link which is present in every email you receive.
You can withdraw your consent for email collection for research purpose by sending us an email to privacy@livehealthily.com, subject: withdrawal consent for research.
RIGHT TO OBJECT AND TO RESTRICTION OF PROCESSING
We process your data on a legitimate interests basis if you use our service without creating a profile, when using our Site, or receiving newsletters or business emails. We limit the amount of data we collect, and this data cannot directly identify you. To exercise your right to object or restrict processing, please send us an email to privacy@livehealthily.com.
RIGHT TO ACCESS, COPY, RECTIFICATION
You can request your data by visiting My account settings/My data and choosing the ‘Export data’ option. You will be able to download your data to your device. We will send your data within 30 days of receipt of your request. If we need to acquire your data from a third party, this might take longer.
To prevent malicious activity, we reserve the right to request a copy of your ID, passport, or other official identification documents before sending you the data.
You can use the My personal details section within the App to change the data you added to your Account.
You have the right to request rectification of inaccurate personal data that cannot be rectified within our Services by sending an email to privacy@livehealthily.com.
RIGHT TO ERASURE
Apps. You can delete your data at any time by visiting My account settings/My data and choosing ‘Delete your account’ option. When you select the ‘Delete your account’ option, we anonymise your data by deleting all directly identifiable personal data from our databases and you won't be able to retrieve them. Please make sure you ask for a copy of the data before you request us to erase it, should you want to keep it.
For Research, please send an email to privacy@livehealthily.com (subject: deletion request for research).
We will delete the personally identifiable data within 30 days of receiving your request. We reserve the right to delete your profile after a long period of inactivity.
USERS WHO DO NOT CREATE A PROFILE
If you use our Web Apps (Symptom Mapper, Symptom Checker), App without creating a profile (Guest user of old versions of our Apps that have access only to limited Services), you should be aware that we are not able to accommodate your request for the deletion/access/copy of your data because we do not store any data that could directly personally identify you. Similarly, we cannot carry out such a request if you are a Site visitor as we do not store any data that could personally identify you. If you stop using our Services, we will delete all collected data within six months. We do not create a third-party profile when you do an assessment for someone else. For this reason, we are not able to personally identify such a person, nor enable the exercise of rights.
TESTER PROGRAM
You can request correction/access and erasure of your data at any time by sending an email to privacy@livehealthily.com (subject: Tester program).
UserTesting. If you wish to request access to, correction, or deletion of personal data you have submitted to the UserTesting corporate website, contact UserTesting at [gdpr-request@usertesting.com](mailto: gdpr-request@usertesting.com) or as determined in the User Taster Agreement or other service agreement that you have entered into with UserTesting. or as determined in the User Taster Agreement or other service agreement that you have entered into with UserTesting.
OPTING OUT
We make sure we do not collect more information than is needed to provide our Services and we strive to limit our Providers to do so as well. We have integrated protocols to allow us to process Health Data in a way that does not directly identify you. However, you are always free to opt out of data collection by not using our Services or by uninstalling the app.
Facebook Lead Ads. If you have subscribed to receiving selected content via Facebook Lead ad, you can unsubscribe by clicking “unsubscribe” link which is present in every email you receive.
Notifications. You can deactivate notifications by changing the notification settings in accordance with the instructions of the operating system running on your device. If you are using iOS , you will be asked to accept or refuse push notifications after the app is downloaded. If you do not accept, you will not receive push notifications. If you do accept, mobile phones will allow you to disable push notifications later on by using the settings on your mobile phone.If you are an Android user, you will automatically receive push notifications after the app is downloaded. You can disable these within the mobile phone settings.
Back Pain Hub notifications. You can edit your notification preferences within the Hub Settings.
Kickbox. If you want to access, correct, amend, or delete inaccurate data held by Kickbox you should direct your query to privacy@livehealthily.com. If you request to remove this data Kickbox will respond within 30 business days.
Make it local (Find services near you). You can withdraw your consent at any time by disabling your location permission for our app within the settings of your mobile phone. You can exercise your right to access or rectify and delete your data with Google by accessing your account.
OpenWeather. You can withdraw your consent at any time by disabling your location permission for our App within the settings of your mobile phone or within My account settings/My settings/Get the local weather. For exercising your right to access or rectify and delete your data with OpenWeather, click here.
Analytics. You can opt out of our information processing and Google Analytics for Firebase by sending an email to privacy@livehealthily.com and/or opt out of Google Analytics by installing this browser add-on https://tools.google.com/dlpage/gaoptout.
AppsFlyer Analytics. You can opt out of tracking by sending an email to privacy@appsflyer.com or by completing the form on their website https://www.appsflyer.com/optout. The opt out is specific to AppsFlyer activities and does not affect other tools that we may use. If you choose to opt out, AppsFlyer will stop tracking data for that device going forward. The services will stop across all applications, not only ours.
Typeform. Enables you to exercise your right to access, rectification, erasure, restriction and objection by opening a support ticket via the Help Centre. You can send a request via https://typeform.com/help.
Zendesk. Correcting, updating and removing your information. If you seek to exercise your data protection rights in respect of personal information stored or processed by Zendesk on our behalf (including to seek access to, or to correct, amend, delete or restrict processing of such personal information) you should direct your query to us by sending an email to privacy@livehealthily.com. We will then instruct Zendesk to remove the personal information and they will respond within 30 days. They will retain personal information which they process and store on our behalf for as long as is needed to provide services to us.
Calendly. Enables you to exercise your rights to access, data portability, and deletion of your personal data by submitting a verifiable consumer request to support@calendly.com.
Zoom. Enables you to exercise your rights to access, data portability, rectification, and erasure by submitting a request to privacy@zoom.us.
ChatBot. Enables you to exercise your rights in relation to access, update, amend, correct, or delete your personal data by submitting a request to support@livechatinc.com.
We follow generally accepted industry standards and internal procedures to protect information submitted to us.
STORING
We store identifiable personal data and health data in separate databases. This means that whatever you enter or do in our App, it is not connected to data that could personally identify you. We normally process your data with the help of identifiers, namely profile ID, consultation/ conversation ID and analytic identifiers to avoid personal identification. In limited cases when required for user safety or critical systems issues, authorised personnel can access personal data along with Health Data. Your IP address is used to determine location, but it is normally masked (hashed) when stored on our backend.
We store your information for as long as needed to provide our Service. We may store the information longer, but only in a way that it cannot be tracked back to you. We use AWS and Google Cloud Platform for storing of information.
AWS. AWS has multiple security certificates https://aws.amazon.com/security/.The data we collect from you may be transferred to, and stored at, a destination outside and inside of the European Economic Area (EEA), namely the AWS regions in the US and EU. It may also be processed by staff operating outside the EEA who work for us, or for one of our Providers. Your data will still be safe - we have entered into the AWS data processing addendum to make sure your personal information (IP address) is safe, namely:
a) that the AWS will use the data only to provide its storing services
b) that it will not disclose data to any third-party
c) that the AWS restricts its personnel to process your data without their authorisation
d) that we stay in control of correcting, blocking, deleting, retrieving your data
e) that AWS is responsible for implementing and maintaining the technical and organisational measures
f) that AWS is certified under ISO 27001 and agrees to maintain an information security program for the service that complies with the ISO 27001 standards or such other alternative standards as are substantially equivalent to ISO 27001 for the establishment, implementation, control, and improvement of the AWS Security Standards
g) that AWS may use subcontractors, but will restrict their access only for the purposes of offering AWS services. By using and downloading our Services, you agree to the transfer, storing and processing, as stated herein. We will take all the reasonably necessary steps to ensure that your data is treated securely and in accordance with this privacy policy. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your data, we cannot guarantee the security of your data transmitted to our Site; any transmission is at your own risk.
Google Cloud Platform. We store all analytical data on Google Cloud Platform (GCP). We control the stored data while Google is the processor. This means that Google processes the data only for the purposes of providing GCP services and technical support to us, in accordance with data processing and security terms https://cloud.google.com/terms/data-processing-terms. We control what happens to the data and can access it at any time. We have chosen to store the data in the US. Google stores data in a multi-tenant environment on Google-owned servers. The data and file system architecture are replicated in multiple geographically dispersed data centres. Google also logically isolates stored data. We have control over specific data sharing policies. Those policies, in accordance with the functionality of the Services, enable us to determine the product sharing settings applicable to this privacy policy. We may choose to make use of certain logging capability that Google may make available via the services. Google complies with legal frameworks relating to the transfer of data such as EU-US and Swiss-US Privacy Shield. Get more information on Google Cloud Platform and the terms: https://cloud.google.com/product-terms.
Firebase Hosting. We use Firebase Hosting for our Site. Firebase Hosting is a production-grade web content hosting for developers. Zero-configuration SSL is built into Firebase Hosting, so content is always delivered securely. Please refer to the Firebase Data Processing and Security Terms for more information.
Tekasco HealthStream system, owned by Tekasco Ltd (“Tekasco”). We use Tekasco HealthStream system for Coronavirus (COVID-19) Symptom Mapper. We control the data stored, while Tekasco is the processor. Tekasco has put in place commercially reasonable physical, electronic, and managerial procedures to safeguard and secure our data from unauthorized access. All Tekasco HealthStream applications and databases are physically managed by Microsoft Azure in secure data centers within the United Kingdom. All data centers are SAS 70 Type II certified, SSAE16(“SOC 2”)/HIPAA/HITRUST Compliant, and feature proximity security badge access and digital security video surveillance. Tekasco security procedures utilise industry best practices from sources including The Centre for Internet Security, Microsoft, Red Hat and more. Tekasco maintains numerous full backups of our data. These backups are stored in a geographically and logically separated environment. Tekasco as well runs monthly Vulnerability Assessments on their production environment. For more information about Tekasco, please visit Tekasco website.
SECURITY
To guarantee your privacy, we securely encrypt, limit, and restrict access to your personal details.
We encrypt all your data at rest and any directly identifiable personal information is double encrypted with two keys at both the infrastructure and application level. We have restricted access to production environments and monitoring of your activities. The information is encrypted and key protected, and we have integrated commercially reasonable efforts to make sure your information remains secure when processed by us. However, please be aware that no security measures are impenetrable. If you have any concerns about the security of our Services, please contact us at privacy@livehealthily.com.
To ensure security of processing we engage third-party providers for penetration testing (security testing) - a controlled form of hacking in which a professional tester, working on behalf of an organisation, uses the same techniques as a criminal hacker to search for vulnerabilities in the company's networks or applications. During security testing, the third-party provider may have access to your personally identifiable data. Security testing providers are contractually bound to take all necessary technical and organisational measures to protect data, and they are not allowed to transfer it to third-parties or use it for any other purpose besides security testing for us.
TRANSFERS
EU Territory We delete logs we keep of the IP address within six months. We store your personally identifiable data for the duration of the provision of our Services or up to 30 days after your deletion request. This section shall not prevent any technical storage or access to information for the sole purpose of carrying out the transmission of a communication, or as strictly necessary for us to provide the Services you requested. We reserve the right to delete your profile after an extended period of inactivity.
US Territory We will retain collected information for the period necessary to fulfill the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by applicable legislation. We reserve the right to delete your profile after an extended period of inactivity.
Storing might be different depending on which territory is collecting the information and the applicable legislation, but we always strive to store the information only if it is needed for the purposes of providing, improving or personalising our Services.
For information about cookies, please see our Cookie Policy which is hereby incorporated into this Policy. You can manage cookies on our Site at any time by visiting Cookie settings section available in the footer of our Site. You can turn off cookies by changing your specific browser settings. You may disable cookies or delete any individual cookie set by Google Analytics. Google Analytics supports an optional browser add-on that - once installed and enabled - disables measurement by Google Analytics for any site you visit. This add-on only disables Google Analytics measurement. You can use Ads Settings to manage the Google ads you see and disable personalisation. Even if you opt out of personalised ads, you may still see ads based on factors such as your general location derived from your IP address, your browser type, and your search terms. You can also manage many companies' cookies used for online advertising via the consumer choice tools created under self-regulation programs in many countries, such as the US-based aboutads.info choices page or the EU-based Your Online Choices. Finally, you can manage cookies in your web browser. For more information visit https://policies.google.com/technologies/ads?hl=en and read our Cookie Policy.
Should you have any privacy-related questions, please contact us at privacy@livehealthily.com. If we are not able to help, we will forward your enquiry to our External Data Protection Officer (DPO), ePrivacy GmbH, represented by Prof. Dr. Christoph Bauer, Große Bleichen 21, 20354 Hamburg. Should you have any concerns or complaints that our DPO is not able to resolve, you have the right to lodge a complaint with our supervisory authority Der Hamburgische Beauftragte für Datenschutz und Informationsfreiheit, Prof. Dr. Johannes Caspar, Kurt-Schumacher-Allee 4, 20097 Hamburg. If you are a UK customer, you can lodge a complaint with the Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF. Our EU Representative is ePrivacy, Holding GmbH, Große Bleichen 21, 20354 Hamburg, Germany. For more information, click here.
We update this Privacy Policy to reflect changes in our data processing practices. Because we are constantly adding new services and features, we may not make an immediate upgrade of the Privacy Policy unless material changes occur. We encourage you to periodically review https://www.livehealthily.com/legal/privacy or the Simply legal section of our Services for the latest information on our privacy practices. You will be informed about material changes to our data processing practices with a push notification, or by other means. We integrate new providers on the OneStop Health™ Marketplace and technologies regularly, so if you do not see the relevant provider's Privacy Policy included here, please contact us for the latest information.
Matteo Berlucchi, CEO