Privacy Policy
Last modified: September 2024
This Privacy Policy outlines our practices regarding the collection, use, and disclosure of your information when you use our Service. It also informs you about your privacy rights and how the law safeguards them.
We utilize your personal data to enhance and deliver the Service. By using the Service, you consent to the collection and use of information as described in this Privacy Policy.
Introduction
HealthPal, (“HealthPal”, “Company”, ”we, “us”, or “our”), takes your privacy seriously. This Privacy Policy (the “Policy”) explains our data protection commitment and practices and describes the types of information we may process when you use our Websites and/or install and use the HealthPal-Heart Rate Monitor software application for mobile devices (”the App”, “our App”).
When we refer to personal data (or personal information), we mean any information of any kind relating to a natural person who can be identified, directly or indirectly, in particular by reference to such data or to an identification number (“Personal Data”).
Our Privacy Policy applies to all users and others who access the App (”Users”), this website, and other Company’s websites and landing pages (the “Website(s)”) and/or persons whose Personal Data we may process as a result of our business activities. We also refer to such persons by “you” in the text. The reference to the App and the Website(s) is the “Services”.
For the purposes of the General Data Protection Regulation (EU) 2016/679 and applicable national legislation implementing the GDPR and, if applicable, the UK Data Protection Act 2018 and the UK GDPR (hereinafter collectively the “GDPR”), we are the data controller, unless otherwise stated. We compiled this Privacy Policy and adjusted our processes towards Personal Data in compliance with GDPR as the highest standard for the protection of our users` personal data rights.
PLEASE READ THE FOLLOWING PRIVACY POLICY FOR INFORMATION REGARDING THE WAYS YOUR PERSONAL INFORMATION MAY BE PROCESSED CAREFULLY.
Scope
This Privacy Policy applies to Personal Data obtained through our Website(s), App, or when you otherwise interact with us.
The Company’s Website and App may contain links to other websites not under our control. We are not responsible for other websites' information practices or content. You should always review the policies of third-party products and services to make sure you are comfortable with how they collect and use your information.
Information We Process
Your privacy is our high priority, so we prefer, to the maximum possible extent, using instruments that disable the collection of clearly identifiable information and provide us with information in aggregated, encrypted, anonymized, and/or pseudonymized (non-identifiable) form. However, we understand that some categories of such information we use may be deemed Personal Data, in particular, for the purposes of GDPR. With regard to such Personal Data, the rules set out in this Privacy Policy are always strictly followed.
Information that you submit
You may provide personal information directly when you use our App. This information is necessary to adequately perform the contract between you and us. Without such information, it is impossible to provide the complete functionality of the App and perform the requested services. Depending on the App's functionality, the following information can be processed:
General Information. You may fill it in when you choose to track physical parameters for your convenience, and/or share by connecting the other app to our App:
Gender;
Date of birth or age;
Race;
Weight;
Height.
Contact Information. You may share it when you log in or create a profile in our App or Website or contact us via email:
Name;
E-mail address, and any other content included in the email;
Password or passcode;
Other information you decide to share when you log in via third-party services; it may also include technical identifiers necessary for the authentication service to run.
Health and well-being. The App may estimate various metrics such as:
Heart rate;
Heart rate variability;
Physical stress level;
Energy level;
Tension level;
Balance score;
Readiness score;
Sleep efficiency score;
Recovery score;
Sleep quality.
These indicators are based on RR intervals and other metrics the App collects when executing a measurement or importing the data from Apple Health if you decide to connect Apple Health to our App. You can always decline to save a measurement or delete a previously saved measurement through the App.
For measuring, the App technically accesses your camera required as a light sensor to estimate your heart rate. During a measurement, images from the camera feed are processed locally on your device and deleted immediately afterward. We cannot collect, store or use the data contained in your camera roll.
You may also allow us to connect to third-party services, such as Apple Health, to enable us to import Personal Data about your health and activities into the App, as provided by its features. When you choose to have this data imported, you are subject to Apple Health privacy policies and practices. We may collect, once you allow us, the following data from Apple Health:
Weight
Heart Rate Variability
Heart Rate
Date of Birth
Sleep changes
Height
Sleep
Gender
Activity and workouts
The health and well-being information you submit is stored locally on your device. This information is never disclosed to third parties (except our authorized service providers) unless you share it yourself.
You can remove or alter your personal information at any time. Once you uninstall the App, your Personal Data will be removed from our storage, but some categories of your personal information may be stored for a longer period, as prescribed by this Policy and/or applicable laws (this may include, without limitation, storage of your consent log).
Information you submit during the onboarding process in the App. Our App may include functionality for personalizing the App prior to full access to the App`s features. While completing the quiz, you may need to pick or submit some categories of Personal Data, so we can personalize the App for you. At this stage, we will not access or collect your health, gender, age, or other sensitive information about you and it will be processed locally on your device. Instead, we will rely on a contract basis and our legitimate interest to process some technical identifiers and log information necessary for the App to function and for us to provide you with the requested service. Once you complete the onboarding process we will ask you for your consent to process the full scope of Personal Data for the purposes described in this Policy.
Other data you may submit to us. Also, we may collect other data that you submit to our Websites or App as you participate in any interactive features of them, participate in a survey, contest, promotion, sweepstakes, activity, or event, apply for a job, request customer support, communicate with us via third party social media sites or otherwise communicate with us.
Other persons` Personal Data. If you are providing information (including Personal Data) about someone else, you must have the authority to act for them and to consent to the collection and use of their Personal Data as described in this Privacy Policy.
Information collected automatically
Information from the App. When you use the App, information about your device and user behavior may be collected and processed automatically. This information is generally non-personal, i.e. it does not, on its own, permit direct association with any specific individual. However, a set of this information may allow us to identify you as a separate user of our Services, therefore we treat such information as Personal Data and protect it as prescribed by law. We process Personal Data based on the contract between you and us or our legitimate interest in improving our App and giving our users the best experience. If we do not access such data, we may not be able to provide you with all the App`s features. To process your Personal Data for our marketing purposes, we rely either on legitimate interest or your consent basis, as the case may be.
Device Details. When you use a mobile device to access our App, some details about your device are reported subject to your privacy choices as provided by iOS functionality. For example, device identifiers and other metadata. Device identifiers are small data files or similar data structures stored on or associated with your mobile device, uniquely identifying your mobile device (but not your personality). Device identifier enables generalized reporting and analytics. In this regard, the following information may be collected and processed:
Information about the device itself: type of your device, type of operating system, and its version, model, and manufacturer.
Information about the internet connection: mobile carrier, IP address, timestamp, and duration of sessions.
Location-related information: IP address, the country code/ region/ state/ city associated with your SIM card or your device, language setting, and time zone.
Device identifiers and technical identifiers (e.g. IDFA).
Information about the App: name, API key (identifier for application), version, and App properties can be reported for automated processing and analysis.
Cookies and similar technologies. When you use the App, cookies and similar technologies may be used (pixels, web beacons, scripts). A cookie is a text file containing small amounts of information downloaded to your device when you access the App. The text file is sent back to the server each time you use the App. This enables us to operate the App more effectively. For example, we will know how many users access specific areas or features within our App and which links they clicked on. We use this aggregated information to understand and optimize how our App is used, improve our marketing efforts, and provide content and features that interest you. We may ask advertisers or other partners to serve ads or services to the App, which may use cookies or similar technologies.
Log file information. Log file information is automatically reported each time you request to access the App. It can also be provided when the App is installed on your device. When you use our App, analytics tools automatically record certain log file information, including the time and date when you start and stop using the App and how you interact with the App.
In-app events. When you use our App, analytics tools automatically record in-app information (tutorial steps, leveling up, payments, in-app purchases, custom events, progression events, etc.).
Please remember that some services are engaged in personal data profiling and may obtain information related to your personality and/or your device by using technologies that do not belong to our scope of responsibility. For example, when your user ID is linked to your Facebook account, Facebook may use your device information in association with categorized data already recorded in its databases (e.g. your age, gender or other demographic indication). We do not control, supervise or stand surety for how the third parties process your personal data that might be collected by their means (not through our App). Any information request regarding the disclosure of your personal information should be directed to such third parties.
Payment Information. Our e-commerce providers responsible for billing, processing, and charging for in-app purchases and web subscriptions, handle your Personal Data and keep it safe and secure. We cannot access or use your credit or debit card information.
Information collected through the Website(s). When you access and use our Websites, we may, once we obtain your consent or under another legitimate basis, automatically process the following data:
Web Logs. As is true with most websites and services delivered over the Internet, we may gather certain information and store it in log files when you interact with our Websites. This information includes internet protocol (IP) addresses as well as browser type, internet service provider, URLs of referring/exit pages, operating system, date/time stamp, the information you search for, locale and language preferences, identification numbers associated with your device, your mobile carrier, and system configuration information.
Analytics information from Websites. We collect anonymized and aggregated analytics information when you use our Websites to help us improve our products and services.
Google Analytics. Our Services use Google Analytics, a web analytics service of Google Ireland Limited (Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland). The use includes the "Universal Analytics" operating mode. This facilitates the assignment of data, sessions, and interactions across several devices to a pseudonymous user ID and, thus, the analysis of a user's activities across devices. Google allows its users to opt out of Google’s personalized ads and to prevent their data from being used by Google Analytics.
Cookies and other tracking technologies. We use cookies to enable the Websites functionality, make it easier for you to navigate our site, and help us with our marketing efforts. You can decide whether to accept or reject cookies other than essential cookies. You can manage your cookie preferences by clicking on the "Cookies Settings" or the equivalent button on our cookie banner. For more general information on Cookies, please visit http://www.allaboutcookies.org/. You can also change your browser's settings to delete already set cookies and not to accept new ones. Please learn more about our cookies practices in our Cookie Policy.
Information received from third parties
We may also obtain information from third parties, such as:
Our authorized resellers, distributors, and partners if there is a lawful basis to do so. For example, we get analytic information from the Apple App Store.
Other third parties, such as email campaigns, marketing partners, and publicly available sources. We may use this information to enhance the information we already maintain about you, in addition to other purposes described in this Privacy Policy.
Social media and authentication services. We may have access to certain information from a third-party social media or authentication service if you log into our App or Website through the service or otherwise provide us with access to information from the service. Any access that we may have to such information from a third-party social or authentication service is in accordance with the authorization procedures determined by that service. By authorizing us to connect with a third-party service, you authorize us to access and store your name, email address(es), profile picture URL, and other information that the third-party service makes available to us, and to use and disclose it under this Privacy Policy. You should check your privacy settings on these third-party services to understand and change the information sent to us through these services.
Legal Basis and Purpose of Processing Your Personal Data
Without first notifying you, we will not collect or use your Personal Data. We will handle your Personal Data using one or more of the following legal bases, depending on which features of our Services you use:
Contract. We use your Personal Data to fulfill our contractual obligations and provide the Services to you.
Consent. For example, after installing the App on the welcome screen, we may ask you to permit us to process your Personal Data.
Legitimate interest. We may process your Personal Data in relation to our interests in providing the Services to you, our legitimate commercial interests, our interest in protecting the security and integrity of the Services, and wider societal benefits, as allowed under the law.
Legal obligations. We may be obligated to process some of your Personal Data to comply with applicable laws and regulations.
Sharing Your Information
General principles and prohibitions. We will only share your information with third parties in the ways described in this Privacy Policy. Without your permission, we do not share Personal Data with third parties for their marketing purposes (including direct marketing). We do not share identifiable health data with third parties for marketing and other purposes not related to providing you access to our Services. We will not rent or sell your Personal Data to any third parties.
Personnel. We share your Personal Data only with our employees and contractors, agents, and auditors who need to know or otherwise access Personal Data according to their scope of professional responsibilities and who are bound in writing by confidentiality and other obligations sufficient to protect Personal Data under this Privacy Policy.
Protection measures. While integrating external services, we choose service providers that can assure they apply all necessary technical and organizational measures to protect users` personal data. However, we cannot guarantee the security of any information transmitted from us to any such processor due to technical accidents that may arise out of our reasonable control. Provided that we followed all demands of applicable personal data protection legislation, we are not responsible for any accidental loss or unauthorized access to your Personal Data through the fault of third parties.
Disclosures made by you
Certain features of our Services allow you to make some of your measurements public, in which case it will become readily accessible to anyone. We urge you to consider the sensitivity of any data you share at your discretion.
Service providers and subcontractors
Processing to make the App run
We occasionally engage outside businesses to process your Personal Data on our behalf. They are the “processors” of your Personal Data. Processors assist us in managing the Services, facilitate our communication with you, and carry out other related tasks. To complete these objectives, they may process specific Personal Data on our behalf, acting under our instructions and subject to demands of applicable data protection laws. To the degree applicable legislation requires, we will execute data processing agreements with our processors and maintain responsibility for their actions.
We may engage the following third-party service providers to provide us with the necessary infrastructure for the delivery and improvement of our services:
Third-Party Service Providers
Our Service Providers may have access to your Personal Data. These third-party vendors collect, store, use, process, and transfer information about your activity on our Service according to their own Privacy Policies.
Analytics
Google Analytics Google Analytics is a web analytics service provided by Google that tracks and reports website traffic. Google uses this data to analyze and monitor Service usage and may share this information with other Google services. You can opt out of certain Google Analytics features through your device settings or by following the instructions provided by Google in their Privacy Policy: https://policies.google.com/privacy
For more information on Google's privacy practices, please visit: https://policies.google.com/privacy
Firebase Firebase is an analytics service provided by Google Inc. You can opt out of some Firebase features through your device settings or by following the instructions provided by Google in their Privacy Policy: https://policies.google.com/privacy
For information on how Google safeguards your data, visit: https://support.google.com/analytics/answer/6004245
To learn more about the type of information Firebase collects, see: https://policies.google.com/technologies/partner-sites
Advertising
We may employ Service Providers to display advertisements to you, helping support and maintain our Service.
Google AdSense & DoubleClick Cookie
Google, as a third-party vendor, uses cookies to serve ads on our Service. The DoubleClick cookie allows Google and its partners to deliver ads based on your visit to our Service or other websites on the Internet. You can opt out of the DoubleClick Cookie for interest-based advertising by visiting the http://www.google.com/ads/preferences/
AdMob by Google
AdMob is provided by Google Inc. You can opt-out of the AdMob service by following the instructions onhttps://support.google.com/ads/answer/2662922?hl=en. For more information on how Google uses collected information, please visit the https://policies.google.com/technologies/partner-sites page or view Google's https://policies.google.com/privacy.
Payments
We may offer paid products and services within the Service, utilizing third-party payment processors to handle transactions. We do not store or collect your payment card details; this information is provided directly to our third-party payment processors, whose use of your personal information is governed by their Privacy Policy. These payment processors comply with PCI-DSS standards, managed by the PCI Security Standards Council, a collaborative effort among brands like Visa, Mastercard, American Express, and Discover. PCI-DSS requirements ensure the secure handling of payment information.
Apple Store In-App Payments
You can view their Privacy Policy at https://www.apple.com/legal/privacy/en-ww/.
Your Rights
Your Rights under the CCPA/CPRA
If you are a California resident, the CCPA/CPRA grants you specific rights regarding your personal information:
Right to Notice: You are entitled to be informed about the categories of personal data we collect and the purposes for which it is used.
Right to Know/Access: You can request details about our collection and use of your personal information. Once we verify your request, we will provide you with:
The categories of personal information we have collected about you.
The sources from which we collected this personal information.
The business or commercial purposes for collecting or selling your personal information.
The categories of third parties with whom we share your personal information.
The specific pieces of personal information we hold about you.
Right to Correct: You have the right to correct or update any inaccurate personal information we hold about you. After verifying your request, we will make reasonable efforts to correct the information and instruct our Service Providers to do the same, unless exceptions apply.
Right to Limit Use and Disclosure of Sensitive Personal Data: You can request restrictions on the use or disclosure of certain sensitive personal information we have collected about you, subject to certain exceptions. For more information or to make such a request, please refer to the "Limit the Use or Disclosure of My Sensitive Personal Information" section or contact us.
Right to Delete: You can request the deletion of your personal data under specific conditions. Once your request is confirmed, we will delete (and direct our Service Providers to delete) your personal information, subject to certain exceptions. We may deny your request if retaining the data is necessary for purposes such as:
Completing a transaction or providing a service you requested.
Addressing security incidents or fraud prevention.
Debugging and repairing product errors.
Exercising free speech or upholding another consumer's rights.
Complying with the California Electronic Communications Privacy Act.
Conducting public or peer-reviewed research where deletion might impair the research, provided you consented to this use.
Supporting internal uses aligned with your expectations based on our relationship.
Meeting legal obligations.
Performing other lawful uses that are consistent with the context in which you provided the information.
Right to Non-Discrimination: You have the right not to face discrimination for exercising your CCPA/CPRA rights. This means we cannot:
Deny you goods or services.
Charge you different prices or rates, including discounts or benefits.
Provide a different level or quality of goods or services.
Suggest you will receive different pricing or quality compared to others.
Exercising Your CCPA/CPRA Data Protection Rights
To exercise your rights under the CCPA/CPRA, please refer to the "Do Not Sell My Personal Information" and "Limit the Use or Disclosure of My Sensitive Personal Information" sections for information on opting out and limiting the use of sensitive information.
If you are a California resident and wish to exercise your rights, you can contact us.
Only you or someone authorized by you, who is registered with the California Secretary of State, may submit a verifiable request regarding your personal information.
When submitting your request, please ensure that:
You provide sufficient information to verify your identity or confirm that you are an authorized representative.
Your request is detailed enough for us to understand, assess, and respond appropriately.
We cannot process your request if:
We cannot verify your identity or authority to make the request.
We cannot confirm that the personal information pertains to you.
We will provide the required information free of charge within 45 days of receiving your verifiable request. If necessary, we may extend this period by an additional 45 days, with prior notice.
Disclosures will cover only the 12-month period preceding the receipt of your verifiable request.
For data portability requests, we will provide your personal information in a format that is easy to use and allows for the transmission of the information to another entity without difficulty.
Limit the Use or Disclosure of My Sensitive Personal Information
As a California resident, you have the right to restrict the use and disclosure of your sensitive personal information to only what is necessary to perform the services or provide the goods that an average consumer would reasonably expect.
We handle sensitive personal information only as required to deliver our services. For detailed information on how we use your personal data, please refer to the "Use of Your Personal Data" section or contact us directly.
Links to Other Websites
Our Service may include links to websites not operated by us. If you follow a link to a third-party site, you will be directed to that site’s own privacy policy. We recommend that you review the privacy policies of any third-party sites you visit.
We are not responsible for the content, privacy practices, or policies of external sites or services.
Changes to this Privacy Policy
We may revise our Privacy Policy occasionally. Any updates will be posted on this page, with the "Last updated" date updated accordingly. We will notify you of significant changes via email and/or through a prominent notice on our Service before the changes take effect.
Please review this Privacy Policy periodically to stay informed of any changes. Changes are effective as soon as they are posted on this page.
Contact Us
If you have any questions regarding this Privacy Policy, please reach out to us.By Email: guangpingsheng01@gmail.com!