The information we receive, and how we use it, depends on what you do when you visit our website or use our services. We collect certain data when you visit our website and use our services or when you take part in our events or reply to our questionnaires. The information we collect maybe your non-personal information (that is not identifiable to you personally) differently than your personal information.
Certain information is collected even if you are not registered to our services. This may happen when you view pages, take part in surveys, competitions or events, write a comment on our website, share a page on a social network, order a product, etc.
When you order a product on our website, we have to retain certain data relating to your order, such as your delivery and billing address, even if you choose the option allowing you to order without creating an account. However, we will never have access or store your bank details since payments transactions are conducted and secured by our partners.
Our compliance to HIPAA
Collected non-personal information
If you visit our website to read or download information, such as information about a health condition or about one of our products, we may collect certain non-personal information about you from your computer. This information is collected from your computer's web browser, such as, the type of web browser software you use (for example, Google Chrome), operating system version, language preferences the name of the domain from which you access the Internet, the Internet address of the website from which you linked directly to our website, the date and time you access our website, which pages you have visited on our website, the search terms you use, the links on which you click. Note that if you only read or download information on our website, we do not collect or learn your name, e-mail address, home address, or other personal information about you.
In our services, we may use personal information that has been made anonymized without reference to the person (i.e., information that no longer reflects or references an individually identifiable user).
Cookies and related technologies
When you visit our service, we and our third-party service providers may collect certain information by automated means, such as cookies, web beacons and web server logs. We may place a text file called a cookie in the browser files of your computer when you visit. The cookie may be stored on your computer's hard drive.
Our ad networks and analytics service providers may also collect information about your use of other websites and online services over time, if those websites and online services also use the same service providers. We currently use Google Analytics to collect and process certain website usage data.
Collected personal information
Account and profile information
When you register to use our services, we may collect your identity data, (including name, telephone number, e-mail address, date of birth, password), body metrics data (personal health information, weight, height, gender, and whether you are a smoker or non-smoker, etc.), activity data (location, physical activity), other data (medical device serial number, IP address when such address is associated to a specific user).
Notes and other information
We also collect any information uploaded or otherwise input by you while using our services, including, but not limited to, information related to medications you are taking and other health-related information about you. You may optionally add information to your profile such as information about your activity level, medical conditions, and medications. You can add notes or tags to an electrocardiogram ("ECG") recording, including information such as symptoms, activities, and diet that are relevant to heart health. You may record or upload video or voice messages about your symptoms or activities and they will be included as transcribed notes with the applicable ECG recording.
Monitoring and Usage Data
We collect medical information while you use our services, such as human ECG data, including the ECG measurement itself, mobile device accelerometer data, average heart rate, local time, time zone and geographic location of ECG acquisition.
In some places on this website you have the opportunity to send us personal information about yourself, to elect to receive particular information, or to participate in an activity. For example, you may fill out a registration form, a survey, or an e-mail form and you may elect to receive educational material about our products and therapies.
You also may choose to allow us to personalize your visits to the website, in which case we will ask you for certain personal information to make your visits to our website more helpful to you. When this information is combined with the non-personal information that we collect through cookies (described above), we will be able to tell that you have visited our website before and can personalize your access to our website, for example, by telling you about new features that may be of interest to you.
If you choose to connect our service to third-party devices or services, such as Google Fit or Apple Health, we may request your permission to access health-related information from them, such as heart rate BPM (beats per minute), step count, activity sample, distance, active energy, blood glucose, oxygen saturation, resting energy, sleep analysis, diastolic blood pressure, systolic blood pressure, flights climbed, weight, and workouts. The third parties may offer you tools to limit which data that we access.
Clinical Interpretation Service
You may use the Clinical Interpretation Service, as defined in our Terms of Service, the Clinical Interpretation Service will send its analysis of your data, which we make available to you through the Service.
How we use the collected non-personal information
Because non-personal information cannot identify you or be tied to you in any way, there are no restrictions on the ways that we can use or share non-personal information. We are always looking for ways to better serve you and improve this website. We will use non-personal information from you to help us make this website more useful to visitors.
We also will use non-personal information for other business purposes, such as create reports for internal use to develop programs, products, services or content; customize the information or services that are of interest to you share it with or sell it to third parties; provide aggregated information on how visitors use our site, such as "traffic statistics" and "response rates," to third parties.
How we use the collected personal information
We may use the information we collect for the following purposes and as permitted in any other agreements we have with you. We may keep and use collected your personal information through this website and our services to provide you with granted access. In addition, we may keep and use your personal information: to respond to your requests; to personalize your access to our website, for example, by telling you about new features that may be of interest to you; to develop records, including records of your personal information; to contact you with information that might be of interest to you, including information about clinical trials and about products and services of ours and of others; for analytical purposes and to research, develop and improve programs, products, services and content; for healthcare providers, to link your name, and/or your IP address to web pages you visit, for compliance, marketing, and sales activities; to enforce this Privacy Statement and other rules about your use of this website; to protect our rights or property; to protect someone's health, safety or welfare; to comply with a law or regulation, court order or other legal process.
We may send you emails, text messages, and push notifications to your mobile device if they are enabled, to verify your account and for informational and operational purposes, such as account management, instructions, alerts, reminders, customer service, system maintenance, and other Service-related purposes. We may also permit users, such as health care providers, to use the Service to send you emails, text messages, and push notifications. In addition, we may send you newsletters, offers, surveys, and other promotional information related to our products and services.
We may use information to protect against, identify, and prevent fraud and other unlawful activity, claims and other liabilities. We also may use information to comply with and enforce applicable legal requirements, relevant industry standards, and our policies.
In the ordinary course of business, we will share some personal information with companies, such as Clinical interpretation services, that we hire to perform services or functions on our behalf. For example, we may use different vendors or suppliers to ship you products or services that you order on our website. In these cases, we provide the vendor with information to process your order such as your name and mailing address, name, date of birth, gender, height, weight, and whether you are a smoker or non-smoker, your ECG recordings; and any accompanying notes (including videos or voice messages) or tags you have provided.
In all cases in which we share your personal information with a third-party, we will not authorize them to keep, disclose or use your information with others except for the purpose of providing the services we asked them to provide. We will not sell, exchange or publish your personal information, except in conjunction with a corporate sale, merger, dissolution, or acquisition.
We may share any information we receive with vendors and service providers we use to help us provide the Service. Examples of these vendors and service providers include entities that process credit card payments, fulfill orders, and provide analytics and web hosting services. We require our vendors and service providers by contract to only use or disclose the information they process on our behalf as necessary to perform certain services on our behalf or comply with legal requirements.
If your physician or healthcare provider uses our services, you may also choose to connect to your physician or healthcare provider through the Service. If you connect to your physician or healthcare provider through the Service, we may share your information through the Service with them, including historical ECG information collected by the Service, which is authorized by you, or prior to the date you permitted the healthcare provider to access your information. Your physician or healthcare provider will handle any data it receives through the Service in accordance with their/its own privacy policies and you are encouraged to read corresponding privacy policies. We are not responsible for providers' activities with respect to the information they receive through the Service.
If you permit the Service to integrate with or connect to third-party devices and services, such as Google Fit or Apple Health, with your permission we will share some health-related information with them, such as your heart rate BPM, height, and weight. Such third-party devices and services may provide additional controls to limit the information the Service provide to them. If you connect our service account to a third-party device or service, you may be asked to share your information with that application. We will not share your information without your permission.
We may transfer information we collect about you to countries other than the country in which the information was originally collected. Please note that your information may be transferred to countries that may not have the same level of protection as the country in which you initially provided that information. When we transfer your information, we will protect it as described in this Policy.
We may access, preserve, and disclose collected information, if we believe doing so is required or appropriate to: comply with law enforcement requests and legal process, such as a court order or subpoena; respond to your requests; comply with the law, or protect your, our, or others' rights, property, or safety. We may cooperate with law enforcement authorities in investigating and prosecuting website visitors who violate our rules or engage in behavior which is harmful to other visitors (or illegal).
We may disclose your personal information to third parties if we feel that the disclosure is necessary to: enforce this Privacy Statement and the other rules about your use of this website; protect our rights or property; protect someone's health, safety or welfare; comply with a law or regulation, court order or other legal process.
Under the GDPR (General Data Protection Regulation) we control and process any personal information you provide to us electronically in the following ways. Unless otherwise defined, we only process your personal data for accounts and records, advertising, marketing, PR or staff administration purposes.
Under the GDPR (General Data Protection Regulation) your rights are as follows:
- The right to be informed;
- The right to access;
- The right to rectification;
- The right to erasure;
- The right to restrict processing;
- The right to data portability;
- The right to object; and
- The right not to be subject to automated decision-making including profiling.
We ensure the security of any personal information we hold by using secure data storage technologies and precise procedures in how we store, access and manage that information. Our methods meet the GDPR compliance requirement.
We are committed to ensuring the security and protection of the personal information that we process, and to provide a compliant and consistent approach to data protection. If you have any questions related to our GDPR compliance, please contact our Data Protection Officer via firstname.lastname@example.org
You may also contact us to: stop the sharing of your information with a specific provider; request information about any disclosures of your information that we have made; update your email preferences or ask us to remove your information from our mailing lists; or submit another type of request.
Security of Your Information
Security is very important to us. We also understand that security is important to you. We take reasonable steps to protect your personal information from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. For this purpose we maintain administrative, technical and physical safeguards designed to protect the personal information you provide against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use. For example, we use industry standard encryption to protect your data in transit, commonly referred to as transport layer security (“TLS”) or secure socket layer (“SSL”) technology. Once we receive your data, we protect it on our servers using a combination of administrative, physical and logical security safeguards. The security of the information stored locally in our software installed on your computing device requires that you make use of the security features of your device. We recommend that you take the appropriate steps to secure all computing devices that you use with our applications and service.
No method of transmission over the Internet, or method of electronic storage, is 100% secure or error-free, however. In particular, e-mail sent to or from this site may not be secure, and you should therefore take special care in deciding what information you send to us via e-mail. Therefore, while we use reasonable efforts to protect your information, we cannot guarantee its absolute security.
If a security breach causes an unauthorized intrusion into our system that materially affects you, then we will notify you as soon as possible and later report the action we took in response.
Document change record
The record of changes to the document releases and updates are according to the following revisions.
|1.00||15.05.19||Initial document version|
|1.01||30.04.20||Updated GDPR statement|