We, at BioBeat, put great efforts in making sure that your personal information is safe and used properly. We do not ask you to reveal your identity to us and we do not collect personal identifiers, as further described in this policy. We describe in this policy how we use and process information related to you (“Your Information”).
This policy explains our practices for processing Your Information on our BioBeat medical self-monitoring systems (the “Service”). We process Your Information subject to the terms of this policy.
The summary of this policy will give you a quick and clear view of our practices. Please take the time to read our full policy.
A SUMMARY OF THE POLICY
The Information That You Provide Us – We request minimal details in order to provide the Service. We may receive personal information when we communicate. Read More.
The Information That We Collect – We automatically log ‘traffic/session’ information including IP addresses and operating system. We collect session durations and additional activity information. Read More.
We do not Knowingly or Intentionally Identify you. – We do not collect names, IDs and other identifiers and do not make any efforts to reveal your identity. Read More.
Sharing information with others – We may share information with our service providers. We may transfer information as needed if we change our corporate structure, and we may share the information with our affiliate entities. Read More.
What Do We Do with Your Information? – We use Your Information to provide the Service, to maintain the Service make it better and continue developing it, and to protect us and the Service from misuse and law violations. Read More.
Aggregated and Analytical Information – We use aggregated data for legitimate business purposes and may use standard analytical tools. Read More.
Your Choice – You may terminate your use of the Service. Read More.
Data retention – We retain data as needed, to provide the Service and for legitimate and lawful purposes. Read More.
Transfer of data outside your territory – We may store and process information in various sites throughout the globe, including in sites operated and maintained by cloud based service providers. Read More.
Accessing Your Information – At any time you may request to access Your Information. We do not you’re your name, email address or other identifiers and we may not be able to accommodate your request. Read More.
Your EU Data Subject Rights – If we process information related to you when you are in the EU we will take commercially reasonable efforts in supporting your data subject rights. Exercising your rights will require you to identify yourself to us. Read More.
Information Security – We implement systems, applications and procedures to secure Your Information, to minimize the risks of theft, damage, loss of information, or unauthorized access or use of Your Information. Read More.
Changes to this Policy – We may update our policy from time to time after giving proper notice.
Contact Us – Please contact our Compliance Officer at: email@example.com for further information.
The Information That You Provide
When you use our Service, we will ask you to provide certain general details about you (age, height, weight, gender) and health information (pulse and blood pressure at rest), you may provide optional health information (such as illnesses, medicine, etc.). We will explicitly indicate the fields that are mandatory to complete.
When you contact us, or when we contact you, we may receive and process any personal information that you provide us.
The Information That We Collect
When you access the Service application, our servers log certain ‘traffic/session’ information from your device, such as the browser type, operating system and the Internet Protocol (IP) address.
When you use the Service application, we collect information about your Service activity, for example your log-in and log-out time, the duration of Service sessions, activity measures, etc.
We do not Knowingly or Intentionally Identify you
We do not ask you to provide us, and do not collect any direct identifiers such as your name, physical address, email address, telephone number, credit card number or a government issued ID.
We have no legal power to enforce internet service providers that allocated your IP addresses to access the Service online, to provide us identifying details from your account with these providers.
We do not take any intentional action to know your identity, based on Your Information.
We do not knowingly or intentionally match the information that you have provided us, or that we collect about you, with any external identifying data.
However, as part of the Service, we use reasonable practices and controls to secure Your Information and to use it properly and lawfully.
What Do We Do with Your Information?
We use Your Information to provide the Service to you and to other users, to enable the Service’s tools and features, to study and analyze the functionality of the Service and users’ activities, to improve the Service, to develop and offer additional features, functionality and services, to provide support, to measure Service activity and to maintain the Service.
We obey the law and expect you to do the same. If necessary, we may use Your Information to enforce our terms, policies and legal agreements, to comply with court orders and warrants, and assist law enforcement agencies, to collect debts, prevent fraud, misappropriation, infringements, identity thefts and any other misuse of the Service, and to take any action in any legal dispute and proceeding.
Sharing Your Information with others
We may share Your Information with additional individuals and entities subject to your instructions, including other users that you authorize to access your Service account, medical institutions and others. We may also share Your Information to service providers, vendors and other third parties, if necessary to fulfill the purposes for collecting the information and provide you with information, offers and additional services.
We may also share Your Information with companies or organizations connected, or affiliated with us, such as subsidiaries, sister-companies and parent companies, with the express provision that their use of such information will comply with this policy.
Additionally, a merger, acquisition or any other structural change may require us to transfer Your Information to another entity, provided that the receiving entity will comply with this policy.
If we want to share Your Information in any other circumstances we will receive your prior written consent.
Aggregated and Analytical Information
We use anonymous, statistical or aggregated information and may share it with our partners for legitimate business purposes. We will share Your Information with third parties for legitimate purposes, only if we reasonably believe that Your shared Information does not identify you.
We retain different types of information for different periods, depending on the purposes for processing the information, our legitimate business purposes as well as pursuant to legal requirements under the applicable law.
We may keep aggregated non-identifiable information without limitation, and to the extent reasonable we will delete or de-identify potentially identifiable information, when we no longer need to process the information.
In any case, as long as you use the Service, we will keep information about you, unless we are required by law to delete it, or if we decide to remove it at our discretion.
Transfer of data outside your territory
We may store and process information in various sites throughout the globe, including in sites operated and maintained by cloud based service providers. If you are a resident in a jurisdiction where transfer of Your Information to another jurisdiction requires your consent, then you provide us your express and unambiguous consent to such transfer.
If you are a resident of the European Economic Area (EEA), Your Information is processed and stored by Amazon Web Services (AWS) Cloud in the Ireland on our behalf in accordance with the highest degree of security of AWS.
To the extent necessary under EU privacy laws and regulations, we will implement data onward transfer instruments, such as the Controller to Processor Standard Contractual Clauses, the Controller to Processor Standard Contractual Clauses, the Privacy Shield Framework and a statement of compliance with the Privacy Shield Principles, and such other lawful instruments to transfer Your Information, as may be available from time to time.
At any time, you may disable your account through the Service application.
We request and collect minimal details that we need for the purposes described in this policy. At any time, you may opt to terminate your use of the Service. Thereafter, we will stop collecting any information from you. However, we may store and continue using or making available certain information that is related to you. For further information, please read the Data Retention section in this policy.
Accessing Your Information
At any time, you may contact our Compliance Officer at: firstname.lastname@example.org and request to access information that we keep about you. We may need to ask you to provide us certain credentials to make sure that you are who you claim you are and we will make reasonable efforts to locate Your Information on our systems. Note that we do not keep your name, email address or other identifiers and we may not be able to accommodate your request. If you find that Your Information is not accurate, complete or updated, then please provide us the necessary information to correct it.
Your EU Data Subject Rights
We collect and receive information that has no direct identifiers. If we process information related to you when you are in the EU, we will take reasonable efforts in supporting your following data subject rights:
Right to access the data that we keep about you. We may need to ask you to provide us certain credentials to make sure that you are who you claim you are. If you find that the data is not accurate, complete or updated, then you may provide us with the necessary information to rectify it.
Right to withdraw your consent to the processing of Your Information. Exercising this right will not affect the lawfulness of processing based on consent before its withdrawal.
Right to request to delete or restrict access to Your Information. We may postpone or deny your request if your personal information is in current use for providing our Service or to other legitimate purposes such as compliance with regulatory requirements.
If you exercise one (or more) of the above-mentioned rights, in accordance with the provisions of applicable law, you may request to be informed that third parties that hold Your Information, in accordance with this Policy, will act accordingly.
Right to ask to transfer Your Information in accordance with your right to data portability.
Right to object to the processing of Your Information for direct marketing purposes.
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affecting you.
You have a right to lodge a complaint with a data protection supervisory authority.
We do periodical assessments of our data processing and privacy practices, to make sure that we comply with this policy, to update the policy when needed, and to verify that the policy is displayed properly and accessible.
If you have any concerns about the way we process Your Information, you are welcome to contact our Compliance Officer at: email@example.com , or write to us to: BioBeat Ltd., [p.o 7707 Zoran ]. We will look into your inquiry and make good-faith efforts to resolve any existing or potential dispute with you.
We and our hosting services implement systems, applications and procedures to secure Your Information (including encryption of the information), to minimize the risks of theft, damage, loss of information, or unauthorized access or use of information.
These measures provide sound industry standard security. However, although we make efforts to protect your privacy, we cannot guarantee that the Service will be immune from any wrongdoings, malfunctions, unlawful interceptions or access, or other kinds of abuse and misuse.
From time to time, we may update this policy. If the updates have minor if any consequences, they will take effect 7 days after we post a notice on the Site. Substantial changes will be effective 30 days after our notice was initially posted. Until the new policy takes effect, you can choose not to accept it and terminate your use of the Site. Continuing to use the Site after the new policy takes effect means that you agree to the new policy.
Note that if we need to adapt the policy to legal requirements, the new policy will become effective immediately or as required.
Please contact our Compliance Officer at: firstname.lastname@example.org for further information.
Last updated: January 24, 2018.