HEKA HEALTH PRIVACY POLICY

Effective Date:  July 5, 2018

Heka Health, Inc. ("Heka Health", “we” or “our”) is committed to respecting the privacy rights of our users.  We created this Privacy Policy to explain our practices for collecting, using, protecting and disclosing your information when you visit and use our website, branded or white-labeled applications, and services (collectively, “Services”).

This Privacy Policy applies to the data collected by us when you use our Services and does not apply to any websites, applications, or services that are owned or operated by third parties ("Third-Party Services"), which may have data collection, storage and use practices and policies that differ materially from this Privacy Policy.

In the case of our white-labeled applications, Heka Health is classified as a Data Processor that collects data and processes it on behalf of our clients, the Data Controllers.  Thus, if you sign up for our Services through an employer or healthcare provider program your data will be shared with them.  Remember that their use of your information will be governed by their privacy policies and terms. You can revoke your consent to share your data with any of these third-party organizations by deleting your personal account or asking the employer or healthcare provider administrator to remove you from their program.

By using our Services, you acknowledge that you have read and understood, and agree to the terms of this Privacy Policy (and as updated from time to time). Your use of our Services is at all times subject to our Terms of Use, which incorporates this Privacy Policy.  Any capitalized terms we use in this Privacy Policy without defining them have the definitions given to them in our Terms of Use.

INFORMATION WE COLLECT

When you use our Services, we collect the following types of information.

 

Information You Provide Us

 

Account Information. You may be asked to provide Heka Health certain information to create an account and/or profile on our Services such as your name, email address, password, and in some cases your nickname, year of birth, gender, country information, zip code, height, weight, and mobile phone number.

 

Third-Party Services. You may also choose to grant us access to your data from another Third-Party Service, such as activity data from Fitbit, Garmin or Apple. You can stop sharing the information from the Third-Party Service with us by removing/disconnecting our access to that Third-Party Service.

 

Additional Information.  If you contact us or participate in a survey, contest, or promotion, we collect the information you submit such as your name, contact information, and message.

Information We Receive From Your Use of Our Services

 

Personal Fitness & Health Data. Depending on which of our Services you use, we may collect data such as your activity level, weight, blood pressure and heart rate measurements in order to provide our Services.  This data may be collected via manual entry or via an integrated data connection to a Third-Party Service including data from devices such as activity trackers, weight scales, or blood pressure monitors. You can stop sharing the information from the Third-Party Service with us by removing/disconnecting our access to that Third-Party Service.

 

Location Information.  We collect your time zone and in some cases, your country information or zip code. This is either gathered from your mobile device, your integrated Third-Party Service, or can be manually entered or set by you.

Usage Information.  When you access or use our Services, we receive certain usage data. This includes information about your interaction with the Services, for example, when you install applications, create or log into your account, integrate with Third-Party Services, or update your data.

 

We collect data about the devices and computers you use to access the Services, including IP addresses, browser type, language, operating system, integrated Third-party Services, referring web pages, and pages visited.  We also use cookies, pixels, local storage, and software development kits (“SDKs”) for the to remember things about you so that we can provide you with a better experience.

HOW WE USE INFORMATION

We use the information we collect for the following purposes.

 

Provide and Maintain Our Services. Using the information we collect, we are able to deliver the Services to you and honor our Terms of Use contract with you. For example, we need to use your information to provide you with your dashboard to track your activity, weight, or blood pressure measurement trends; provide reminders; and to provide you customer support.

 

Develop and Improve Our Services.  We use the information we collect to research the effectiveness of our Services, improve and personalize the Services, and develop new Services. For example, we use the information to troubleshoot and protect against errors; perform data analysis and testing; and develop new features and Services.

 

Communicate with You.  We use your information when needed to send you Service notifications and respond to you when you contact us. We also use your information to promote new features or Services that we think you would be interested in or inform you of relevant updates on the program you enrolled in, for example, informing you of the start or end times of a wellness challenge. You can control marketing and program update communications via the “Unsubscribe” link in an email.

 

Promote Safety and Security.  We use the information we collect to promote the safety and security of our Services, our users, and other parties. For example, we may use the information to authenticate users, protect against fraud and abuse, respond to a legal request or claim, conduct audits, and enforce our terms and policies.

HOW INFORMATION IS SHARED

We do not share your personal information except in the limited circumstances below.  We will never rent or sell your Personal Information to any third party.

 

Information You Agree or Direct Us To Share. Certain portions of our Services are open to other users of our Services to view such as the display of your nickname and total steps during a wellness challenge.  Additionally, if you sign up for our Services through an employer or healthcare provider program remember that their use of your information will be governed by their privacy policies and terms. You can revoke your consent to share your data with any of these third-party organizations by deleting your personal account or asking the employer or healthcare provider administrator to remove you from their program.

 

For External Processing.  We transfer information to service providers and other partners who store and/or process it for us, based on our instructions, and in compliance with this policy and any other appropriate confidentiality and security measures. These partners provide us with services globally, including for information technology, sales, marketing, data analysis, and research.

 

For Legal Reasons or to Prevent Harm.  We may preserve or disclose information about you to comply with a law, regulation, legal process, or governmental request; to assert legal rights or defend against legal claims; or to prevent, detect, or investigate illegal activity, fraud, abuse, violations of our terms, or threats to the security of the Services or the physical safety of any person.  Our policy is to notify you of any legal process seeking access to your information, such as search warrants, court orders, or subpoenas, unless we are prohibited by law from doing so. Exceptions to our notice policy include exigent or counterproductive circumstances, for example, when there is an emergency involving a danger of death or serious physical injury to a person.

 

Aggregate, De-Identified Reports.  We may share non-personal information that is aggregated or de-identified so that it cannot reasonably be used to identify an individual. We may disclose such information publicly and to third parties, for example, in reports about activity levels and health outcomes, to partners under agreement with us.

 

Corporate Event.  Heka Health reserves the right to transfer all Personal Information in its possession to a successor organization in the event of a merger, acquisition, or bankruptcy or other sale of all or a portion of Heka Health’ assets. Other than to the extent ordered by a bankruptcy or other court, the use and disclosure of all transferred Personal Information will be subject to this Privacy Policy, or to a new privacy policy if you are given notice of that new privacy policy and an opportunity to affirmatively opt-out of it. Personal Information submitted or collected after a transfer, however, may be subject to a new privacy policy adopted by Heka Health’s successor organization.

YOUR RIGHTS TO ACCESS AND CONTROL YOUR INFORMATION

When logged into your account, you the ability to edit your account and profile information at any time.  You can also access and view much of your personal information including your activity level, weight, blood pressure and heart rate measurement trends.  If you desire to download your data to a CSV file format or you want to have your account and all your data fully deleted, please contact us at info@hekahealth.com.  Upon a written request for data deletion we will have all your information deleted within 30 days; however, Heka Health may retain an archived copy of your records as required by law or for other legitimate business purposes.

 

Objecting to and Restricting or Limiting Data Use. When logged into your account, you the ability to edit your account and profile information at any time and can control marketing communications via the “Unsubscribe” link in an email.  You can also stop sharing the information from the Third-Party Service with us by removing/disconnecting our access to that Third-Party Service.  If you are located outside the United States, please see “Additional Information for Non-US Residents.”

DATA RETENTION

We keep your account information, like your name, email address, password, and fitness and health data for as long as your account is in existence because we need it to operate your account and provide you with your personal statistics and other aspects of our Services. We also keep information about you and your use of our Services for as long as necessary for our legitimate business interests, for legal reasons, and to prevent harm.

CHILDREN'S PRIVACY

Heka Health does not solicit or knowingly collect personally identifiable information from children under the age of 13. If Heka Health obtains actual knowledge that it has collected personally identifiable information from a child under the age of 13, Heka Health will promptly delete such information from its database unless a parent or guardian provides consent in accordance with applicable law.

INFORMATION SECURITY

Heka Health has implemented and maintains reasonable security procedures and practices designed to protect against the unauthorized access, use, modification, destruction or disclosure of your Personal Information, however, despite these efforts, no security measures are perfect or impenetrable and no method of data transmission can be guaranteed against any interception or other type of misuse. In the event that your Personal Information is compromised as a result of a breach of security, Heka Health will promptly notify you that your Personal Information has been compromised as required by applicable law.

ADDITIONAL INFORMATION FOR NON-US RESIDENTS

If you are located outside the United States and choose to provide your information to Heka Health, your information will be transferred to the United States and processed there.  By providing your information and using our Services, you agree and consent to the collection, transfer, use, storage and disclosure of your information as described in this Privacy Policy.

If you reside in certain countries and under certain circumstances, you can object to, or seek to restrict, our processing of your information based on our legitimate interests as well as lodge a complaint with your local data protection authority.  You have a general right to object to the use of your information for direct marketing purposes. Please note that you can always delete your account at any time.

If you need further assistance regarding your rights, please contact us at info@hekahealth.com, and we will consider your request in accordance with applicable laws.

UPDATES TO PRIVACY POLICY

Heka Health reserves the right to, update, change or modify this Privacy Policy. Any material changes to this policy will be posted on our website and relevant application and will indicate when such changes will become effective. You may also be notified by email or other notification. You will be deemed to have agreed to any such modification or amendment by your decision to continue using the Service following the date in which the modified or amended Privacy Policy is posted on the Website. Use of information we collect now is subject to the Privacy Policy in effect at the time such information is used.

CONTACT US

If you have questions, suggestions, or concerns about this policy, or about our use of your information, please contact us at info@hekahealth.com.