Why should I read this policy?
This policy describes how Zio Health Ltd collects, uses and protects your personal information.
What kind of information do we collect about you?
We collect information that helps us provide a service to you. Below, you find the types of data we collect and the reasons for why this data is collected:
Your email: When logging in to our services, you are identified by your email address. This allows you to recover your password, allows us to send you information about the services and answer any support requests you make.
Your age, health background information and habits: We collect this kind of data to provide you with a personalized experience, and to learn how it can be improved. You don't have to answer these types of questions if you don't want to.
Your current general wellness, mood or lifestyle: This allows you to track your progress and allows for us to better understand how or for whom it works.
Information about how, where and when you're using our services: By understanding how, where and when our services are used, we can improve your and all other users' experience of the services.
Purchasing and delivery information (in case you buy physical products from us): We need your address and payment details to enable your order of physical products. For our self-test IVD’s or medical devices we are required by law to store your information in case we need to make a recall.
For how long will you store information about me?
As long as you have an account with us, information will be stored. If you choose to terminate your account with us, your personal data will be retained for a maximum of 1 year and then erased. Information we use for sending newsletters or marketing will be retained until the time you choose to unsubscribe to this kind of information. We might store anonymised and aggregated data based on the information you provide even after you have ended your account with us. In this case, nothing that can identify you as an individual will be stored.
Who has access to the information you collect and keep regarding me?
Your personal data may be handled by staff who work for ZiO Health Ltd, no third party has access to your personal information as long as the law does not require us to share it. We have procedures in place to ensure that your personal information is handled in a safe and secure manner in accordance with applicable legislation. For more information, please contact us via email.
Where and how do you store my information?
Your personal data is stored in data centers within the European Economic Area. For technical reasons, our subcontractors may need to move information to other countries outside of the EU. If this happens, appropriate protection measures and standardized data protection measures approved by the UK Data Protection Legislation and (for so long as and to the extent that the law of the European Union has legal effect in the UK) the GDPR and any other directly applicable European Union regulation relating to privacy are used.
All communication between our websites, servers and apps are encrypted with industry standard techniques (HTTPS). The servers where data from our apps is stored are hosted by Amazon Web Services and physically located within the EU. The hosting provider managing our servers has the following security certifications to ensure that your data stays safe:
ISO 27001, 27017, 27018: Security Management Controls, Cloud Specific Controls, Personal Data Protection
SOC 1, 2, 3: Security, Availability & Confidentiality Reports
What are my rights?
Right to information: You can request a copy of the personal information ZiO Health Ltd has collected about you.
Right to rectification: We want to ensure that your information is up to date and correct. You can request that your information be corrected or removed if you consider it incorrect.
Right to be forgotten: You can request us to delete your personal information. We may not delete data that the law requires us to keep.
Data portability: You can request that ZiO Health Ltd transfer your personal data from our IT environment, either to another company or to you. This does not apply to information that the law requires us to keep.
Withdrawal of consent: You can withdraw your consent to share your information or to receive marketing / emails at any time. Either by unsubscribing from the mailing list or by contacting us through email.
Complaint: You can file a complaint with the Data Protection Authorities if you believe that we are treating your personal data in violation with GDPR.
How can I use my rights?
If you wish to use any of your rights, please contact us by email (you'll find our email address at the bottom of this policy). If you want to file a complaint with the computer inspection, you need to contact them.
What about cookies?
Cookies are files with a small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your computer's hard drive.
The GDPR (General Data Protection Regulation) is an important piece of legislation that is designed to strengthen and unify data protection laws for all individuals within the European Union. The regulation became effective and enforceable on the 25th of May 2018. ZiO Health Ltd has undertaken the required business and technology steps to operate in a manner compliant with GDPR.
Updates to this policy
We may update this policy and will then notify you via email or our apps. This policy was last updated on June 12th, 2020.
If you have any questions regarding this policy, regarding the use of your personal information or about your rights, please contact us at: firstname.lastname@example.org