Last Updated: July 15, 2020
Healthy.io (UK) Limited, a company registered in the UK (together with its parent company, affiliates, and/or related companies) (“Company”, “our”, “we” or “us”), provides its users and potential users (“you”, “User”, “your”) with access to its website located at http://velieve.io (“Website”) and to its Velieve™ mobile application (the “App”), through which, together with a designated testing kit (the “Kit”, and together with the App, the
“Product”)we provide our proprietary home-based urinalysis test, as well as remote medical consultation for treatment of urinary tract infections (UTI) (the “Consultation Portion”, and collectively with the Website, and the App and the Kit, the “Services”).
WHAT INFORMATION DO WE COLLECT?
Personal information is individually identifiable information, namely information that identifies an individual or may with reasonable efforts or together with additional information we have access to, enable the identification of an individual, or may be of a private or sensitive nature relating to an identified or identifiable natural person.
According to the GDPR, identification of an individual also includes the association of such individual with a persistent identifier such as a name, an identification number, an IP address etc. Personal information does not include information that has been anonymized or aggregated; provided that such information can no longer be used to identify a specific natural person.
The information we collect from you when you use our Services, is as follows:
Personal Information you provide to us when you use our Services. We collect personal information from you and any devices you use, when you use or access our Services, register to receive services from us, download the App, provide us information on a web form, or through correspondence that you may have with us from time to time.
More specifically, we collect and use the following categories and types of personal information when you use our Services:
Demographic information – where you request to receive the Consultation
Portion within the App. This includes your full name, date of birth, physical
address, email and telephone number.
Information you provide when checking your eligibility to use the Services (the eligibility questionnaire) as well as self-completed statements regarding your symptoms and medical history, which together with your test results will be used in order to provide you the Services.
Shipping, delivery, postage, billing and other information used to transact
and deliver you the Services, specifically where you request to have the Kit or
any prescription medication (where available and applicable) shipped to you.
Unique identifiers, such as your IP address.
When contacting our customer support, we collect the content of your interaction with our customer support, which may include text and audio recording and transcripts of such communications.
Test results. When performing the urinalysis test using the App, you will provide us a scan you conduct using the smartphone camera. Such scan, when analysed by our algorithm and back-end servers, will allow us to determine your urinalysis test results. Where you receive the Consultation Portion within the App, your test results (e.g. Leukocytes, Nitrites and Blood levels in urine) will be shared with our medical partner (defined below as "The Consulting Partner") for the purpose of providing you medical treatment, where you consented. The test results are then anonymised and stored separately from any identifiable information.
Device information: We collect information from and about the smartphone device you use in order to perform the test using our App. This includes your device type, model and operating system and your location information as can be derived from your IP address.
Information mandated by applicable law. Information we are required or otherwise authorized to collect under applicable laws to authenticate or identify you or to verify the information we have collected from you via our Website or App.
WHY WE COLLECT AND PROCESS PERSONAL INFORMATION AND LEGAL BASIS OF PROCESSING
With your consent: We ask for your permission to send your communication about products, services and promotional events. Where you choose to receive the
When Performing the Services: Where you purchase the Kit from a UK-based
pharmacy, we collect and process your Personal Information to provide you with
you purchased the Kit, we will also collect and process Personal Information to
communicate with you and send you service messages; to maintain and improve our
Services; to develop new services and features for our Users; and to personalize the
Services in order for you to get a better user experience.
WHERE DO WE PROCESS AND STORE USER’S PERSONAL INFORMATION?
Information regarding the Users will be maintained, processed and stored by us on secure cloud-based servers located in the UK.
International transfers: Some data is transferred outside of the UK or accessed from outside the UK through our use of third-party processors. Such is held and processed on servers in various locations around the world, including, without limitation, the United States. We will also share your data with our parent company, Healthy.io Ltd., a company registered under the laws of the State of Israel. We rely on the European Commission's adequacy decisions about certain countries, as applicable (such as Israel), and ensure that (at any time before December 31, 2020) any data transfer to the United States or other countries outside the EU which have not received adequacy complies with a recognized mechanism under GDPR and that our third-party processors have security controls in place to protect your data and ensure your privacy.
It’s our policy, irrespective of the jurisdictions wherein our Users are located, to maintain all User-supplied data in secure environments provisioned by third parties that have assured us of the safeguards which they implement to protect your privacy.
WITH WHOM WE SHARE PERSONAL INFORMATION
We may share your personal information with third parties (or otherwise allow them access to it) only in the following manners and circumstances:
Third Party Service Providers, operating as Processors: We partner with a number of selected service providers, whose services and solutions complement, facilitate and enhance our own such as cloud vendors (as mentioned above), courier companies, etc. ("Third Party Service Providers"). Each such Third-Party Service Provider may receive or otherwise have access to your personal information through your use of our Services, and may only use your personal information for such purpose(s) as expressly authorized by us. Such disclosure or access is strictly subject to the recipient's or user's undertaking of confidentiality and implementing appropriate safeguards as well as the prevention of any independent right to use your personal information, subject to applicable law.
The Consulting Partner, operating as a Sole Controller: The Consulting Partner, in charge of providing the remote medical consultation and generating drug prescription where necessary, is a certified platform which provides medical support to patients through the web. We and the Consulting Partner are considered Sole Controllers, with each processing data in their own manner and own determined purpose (we - for delivering the kit and producing the test results, and the Consultation Partner for providing medical diagnosis and generating a prescription). Note that the Consultation Partner may be subject to additional regulatory requirements stemming from its role as a healthcare service provider. The Consultation Partner will store any personal data along with any medical notes created by it in line with their information governance policies and regulatory framework. The Consultation Partner will periodically access records for the purposes of clinical governance in situations such as performing clinical audit and to
Governmental/Law Enforcement Agencies and Legal Requests or Duties: We may disclose or otherwise allow access to Personal Information pursuant to a legal requirement or request, such as a subpoena, search warrant or court order, or in compliance with applicable laws and regulations. Such disclosure or access may occur with or without notice to you, if we have a good faith belief that we are legally required to do so, or that disclosure is appropriate in connection with efforts to investigate, prevent, or take action regarding actual or suspected illegal activity, fraud, or other wrongdoing.
Protecting Rights and Safety: We may share your personal information with others, with or without notice to you, if we believe in good faith that this will help protect the rights, property or personal safety of our Company, of any of our Users, or any members of the general public.
You can make choices regarding our collection and use of the personal information you share with us. You can control your personal information that we have obtained by contacting us through the “Customer Support” page in the App or emailing the Company at email@example.com. By way of example, you may request (i) access to the personal information we’ve collected from/about you, (ii) that updates are made to your personal information, (iii) that we cease using your personal information to contact you, and (iii) we delete the personal information about you in our records. We will undertake to respond to your request within 30 days of receipt thereof. In some cases, your ability to access or control your personal information will be limited, as required or permitted by applicable law. If that should happen, the Company will notify you accordingly. How you can access or control your personal information will also depend on which Services you use. For example, if you ask us to delete your personal information, we may not be permitted to do so if retention of such information is required by our regulators. We will retain your information for up to 18 months from your last access to the Services, and thereafter only anonymised and aggregated information will be retained. We will also retain and use your information as necessary to comply with our legal obligations, resolve disputes, and to enforce our agreements.
For the removal of doubt, we expressly reserve the right to transfer, share or otherwise use non-personally identifiable information (e.g., anonymous, aggregated information) in our sole discretion and without the need for further approval.
MINORS, NON-UK RESIDENTS
To use our Services, you must reside in the UK and be over the age of sixteen (16). We do not knowingly collect personal information from non-UK residents or minors under the age of sixteen (16) and do not wish to do so. We reserve the right to request proof of age at any stage so that we can verify that minors under the age of sixteen (16) are not using the Services. If we learn that we have collected personal information from a child under sixteen (16) years, we will delete that information as quickly as possible, and stop providing Services for any user under sixteen (16) years. If you believe that we might have any such information, please contact us at firstname.lastname@example.org
We take great care in implementing and maintaining the security of our Services. We employ industry standard procedures and policies to ensure the protection of personal information, and to prevent unauthorized use of any such information. Please note however, that regardless of the measures we take and the efforts we make, we cannot and do not guarantee the absolute protection and security of any personal information.
Our App and Website may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites may have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal information to these websites
If you have a concern with how your personal information is being used, you can contact us or report this to the Information Commissioner’s Office (ICO) who oversees data protection in the UK. To find out more visit the ICO website https://ico.org.uk/make-a-complaint.
Our Data Protection Officer is Eitan Gur, VP R&D, Healthy.io Ltd, e-mail: email@example.com.
HAVE ANY QUESTIONS?