Available in Greater London

Privacy Policy

Last Updated: July 15, 2020

Healthy.io (UK) Limited, a company registered in the UK (together with its parent company, affiliates, and/or related companies) (“Company”, “our”, “we” or “us”), provides its users and potential users (“you”, “User”, “your”) with access to its website located at  http://velieve.io (“Website”) and to its Velieve™ mobile application (the “App”), through which, together with a designated testing kit (the “Kit”, and together with the App, the “Product”)we provide our proprietary home-based urinalysis test, as well as remote medical consultation for treatment of urinary tract infections (UTI) (the “Consultation Portion”, and collectively with the Website, and the App and the Kit, the “Services”).

When collecting and processing personal information, we are the Controller of your data, as defined under the EU General Data Protection Regulation ("GDPR") (16/679). As we are committed to protecting your right to privacy under the GDPR and the Data Protection Act, 2018 we make available this Privacy Policy (the "Privacy Policy") to describe our practices regarding the information we may collect, or to which we may have access, through your use of our Services and the manner in which we may use such information, and the rights available to you.

Please read this Privacy Policy carefully before accessing and using our Services. If you disagree with any of the terms provided herein, you may not access or use our Services. Please note that you are under no legal obligation to provide us with personal information.

WHAT INFORMATION DO WE COLLECT?

Personal information is individually identifiable information, namely information that identifies an individual or may with reasonable efforts or together with additional information we have access to, enable the identification of an individual, or may be of a private or sensitive nature relating to an identified or identifiable natural person. 

According to the GDPR, identification of an individual also includes the association of such individual with a persistent identifier such as a name, an identification number, an IP address etc. Personal information does not include information that has been anonymized or aggregated; provided that such information can no longer be used to identify a specific natural person.

The information we collect from you when you use our Services, is as follows:

  • Personal Information you provide to us when you use our Services. We collect personal information from you and any devices you use, when you use or access our Services, register to receive services from us, download the App, provide us information on a web form, or through correspondence that you may have with us from time to time.

More specifically, we collect and use the following categories and types of personal information when you use our Services:

  • Demographic information – where you request to receive the Consultation Portion within the App. This includes your full name, date of birth, physical address, email and telephone number.

  • Information you provide when checking your eligibility to use the Services (the eligibility questionnaire) as well as self-completed statements regarding your symptoms and medical history, which together with your test results will be used in order to provide you the Services.

  • Shipping, delivery, postage, billing and other information used to transact and deliver you the Services, specifically where you request to have the Kit or any prescription medication (where available and applicable) shipped to you.

  • Unique identifiers, such as your IP address.

  • When contacting our customer support, we collect the content of your interaction with our customer support, which may include text and audio recording and transcripts of such communications.

  • Test results. When performing the urinalysis test using the App, you will provide us a scan you conduct using the smartphone camera. Such scan, when analysed by our algorithm and back-end servers, will allow us to determine your urinalysis test results. Where you receive the Consultation Portion within the App, your test results (e.g. Leukocytes, Nitrites and Blood levels in urine) will be shared with our medical partner (defined below as "The Consulting Partner") for the purpose of providing you medical treatment, where you consented. The test results are then anonymised and stored separately from any identifiable information.

  • Device information: We collect information from and about the smartphone device you use in order to perform the test using our App. This includes your device type, model and operating system and your location information as can be derived from your IP address.

  • Cookie data: We use third-party cookies on the Website to enable certain features, to better understand how you interact with the Website and to monitor web traffic routing and aggregate usage from the Website. We also use cookies for marketing purposes, and to evaluate the success of our advertising campaigns. We will always ask for your consent for accepting cookies. You can instruct your browser, by changing its options, to stop accepting cookies or to prompt you before accepting a cookie from the website you visit. Learn more about how we use cookies, please review our Cookie Notice.

  • Information mandated by applicable law. Information we are required or otherwise authorized to collect under applicable laws to authenticate or identify you or to verify the information we have collected from you via our Website or App.

WHY WE COLLECT AND PROCESS PERSONAL INFORMATION AND LEGAL BASIS OF PROCESSING

We collect, process and use your information for the purposes described in this Privacy Policy, based at least on one of the following legal grounds:

  • With your consent: We ask for your permission to send your communication about products, services and promotional events. Where you choose to receive the Consultation Portion of the Services within the App, we also ask for your explicit consent to process health information which is considered as special category data. Furthermore, we ask for your consent to share such information with our consulting partner, Medic Spot Ltd (the “Consulting Partner”) for the purpose of providing you Consultation Portion. Please visit our Terms of Use including without limitation the Consent for Telehealth services for more information on the Consultation Partner.

  • When Performing the Services: Where you purchase the Kit from a UK-based pharmacy, we collect and process your Personal Information to provide you with the Services, following your acceptance of this Privacy Policy; Regardless of where you purchased the Kit, we will also collect and process Personal Information to communicate with you and send you service messages; to maintain and improve our Services; to develop new services and features for our Users; and to personalize the Services in order for you to get a better user experience.

  • Legitimate interests: We process your information for our legitimate interests while applying appropriate safeguards that protect your privacy. Our legitimate interests may span things like direct marketing (where we have a current relationship), detecting, preventing, or otherwise addressing fraud, abuse, security, usability, functionality or technical issues with our Services, protecting against harm to the rights, property or safety of our properties, users, or the public as required or permitted by law; enforcing legal claims, including investigation of potential violations of this Privacy Policy; comply and/or fulfil our obligations under applicable laws, regulations, guidelines, industry standards and contractual requirements, legal process, subpoena or governmental request; and in accordance with our Terms of Use.

WHERE DO WE PROCESS AND STORE USER’S PERSONAL INFORMATION?

Information regarding the Users will be maintained, processed and stored by us on secure cloud-based servers located in the UK. 

International transfers: Some data is transferred outside of the UK or accessed from outside the UK through our use of third-party processors. Such is held and processed on servers in various locations around the world, including, without limitation, the United States. We will also share your data with our parent company, Healthy.io Ltd., a company registered under the laws of the State of Israel. We rely on the European Commission's adequacy decisions about certain countries, as applicable (such as Israel), and ensure that (at any time before December 31, 2020) any data transfer to the United States or other countries outside the EU which have not received adequacy complies with a recognized mechanism under GDPR and that our third-party processors have security controls in place to protect your data and ensure your privacy. 

It’s our policy, irrespective of the jurisdictions wherein our Users are located, to maintain all User-supplied data in secure environments provisioned by third parties that have assured us of the safeguards which they implement to protect your privacy.

WITH WHOM WE SHARE PERSONAL INFORMATION

We may share your personal information with third parties (or otherwise allow them access to it) only in the following manners and circumstances:

  • Third Party Service Providers, operating as Processors: We partner with a number of selected service providers, whose services and solutions complement, facilitate and enhance our own such as cloud vendors (as mentioned above), courier companies, etc. ("Third Party Service Providers"). Each such Third-Party Service Provider may receive or otherwise have access to your personal information through your use of our Services, and may only use your personal information for such purpose(s) as expressly authorized by us. Such disclosure or access is strictly subject to the recipient's or user's undertaking of confidentiality and implementing appropriate safeguards as well as the prevention of any independent right to use your personal information, subject to applicable law.

  • The Consulting Partner, operating as a Sole Controller: The Consulting Partner, in charge of providing the remote medical consultation and generating drug prescription where necessary, is a certified platform which provides medical support to patients through the web. We and the Consulting Partner are considered Sole Controllers, with each processing data in their own manner and own determined purpose (we - for delivering the kit and producing the test results, and the Consultation Partner for providing medical diagnosis and generating a prescription). Note that the Consultation Partner may be subject to additional regulatory requirements stemming from its role as a healthcare service provider. The Consultation Partner will store any personal data along with any medical notes created by it in line with their information governance policies and regulatory framework. The Consultation Partner will periodically access records for the purposes of clinical governance in situations such as performing clinical audit and to improve the service. The use and processing of your personal data by the Consulting Partner is subject to the Consulting Partner’s own privacy policy, for which we do not accept any responsibility or liability, and any request in connection with such processing needs to be directed to the Consulting Partner. As mentioned above, our current Consulting Partner is Medic Spot Limited, and its privacy policy is available at https://www.medicspot.co.uk/privacy. We may change or add Consulting Partners at our discretion and will attempt to notify our Users of this change. 

  • Governmental/Law Enforcement Agencies and Legal Requests or Duties: We may disclose or otherwise allow access to Personal Information pursuant to a legal requirement or request, such as a subpoena, search warrant or court order, or in compliance with applicable laws and regulations. Such disclosure or access may occur with or without notice to you, if we have a good faith belief that we are legally required to do so, or that disclosure is appropriate in connection with efforts to investigate, prevent, or take action regarding actual or suspected illegal activity, fraud, or other wrongdoing.

  • Protecting Rights and Safety: We may share your personal information with others, with or without notice to you, if we believe in good faith that this will help protect the rights, property or personal safety of our Company, of any of our Users, or any members of the general public.

  • Our Affiliated Companies: We may share personal information internally within our affiliates for the purposes described in this Privacy Policy. In addition, should we or any of our affiliates undergo any change in control, including by means of merger, acquisition or purchase of substantially all of our assets, your personal information may be shared with the parties involved in such event. If we believe that such change in control might materially affect your personal information then stored with us, we will notify you of this event and the choices you may have via e-mail and/or prominent notice on the Website and/or App.

YOUR RIGHTS

You can make choices regarding our collection and use of the personal information you share with us. You can control your personal information that we have obtained by contacting us through the “Customer Support” page in the App or emailing the Company at support@velieve.io. By way of example, you may request (i) access to the personal information we’ve collected from/about you, (ii) that updates are made to your personal information, (iii) that we cease using your personal information to contact you, and (iii) we delete the personal information about you in our records. We will undertake to respond to your request within 30 days of receipt thereof. In some cases, your ability to access or control your personal information will be limited, as required or permitted by applicable law. If that should happen, the Company will notify you accordingly. How you can access or control your personal information will also depend on which Services you use. For example, if you ask us to delete your personal information, we may not be permitted to do so if retention of such information is required by our regulators. We will retain your information for up to 18 months from your last access to the Services, and thereafter only anonymised and aggregated information will be retained. We will also retain and use your information as necessary to comply with our legal obligations, resolve disputes, and to enforce our agreements.

For the removal of doubt, we expressly reserve the right to transfer, share or otherwise use non-personally identifiable information (e.g., anonymous, aggregated information) in our sole discretion and without the need for further approval.

MINORS, NON-UK RESIDENTS

To use our Services, you must reside in the UK and be over the age of sixteen (16). We do not knowingly collect personal information from non-UK residents or minors under the age of sixteen (16) and do not wish to do so. We reserve the right to request proof of age at any stage so that we can verify that minors under the age of sixteen (16) are not using the Services. If we learn that we have collected personal information from a child under sixteen (16) years, we will delete that information as quickly as possible, and stop providing Services for any user under sixteen (16) years. If you believe that we might have any such information, please contact us at support@velieve.io 

INFORMATION SECURITY

We take great care in implementing and maintaining the security of our Services. We employ industry standard procedures and policies to ensure the protection of personal information, and to prevent unauthorized use of any such information. Please note however, that regardless of the measures we take and the efforts we make, we cannot and do not guarantee the absolute protection and security of any personal information.

UPDATES TO THIS PRIVACY POLICY

From time to time, we may change the terms of this Privacy Policy. Changes will take effect once they are posted online and by accessing and/or using the Services after we make any such changes to this Privacy Policy, and you are deemed to have accepted such changes. If you do not agree with any of the amended terms, you must avoid any further use of the Services provided thereon.

GENERAL INFORMATION

This Privacy Policy, its interpretation, and any claims and disputes related hereto, shall be governed by the laws of England and Wales (without giving effect to its conflict of laws principles). Any and all such claims and disputes shall be brought in, and you hereby consent to them being litigated in and decided exclusively, by the courts of London, England and Wales.

Our App and Website may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites may have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal information to these websites

If you have a concern with how your personal information is being used, you can contact us or report this to the Information Commissioner’s Office (ICO) who oversees data protection in the UK. To find out more visit the ICO website https://ico.org.uk/concerns

Our Data Protection Officer is Eitan Gur, VP R&D, Healthy.io Ltd, e-mail: eitan@healthy.io.

HAVE ANY QUESTIONS?

If you have any questions (or comments) concerning this Privacy Policy, you are welcome to send us an email at: support@velieve.io and we will try to reply within a reasonable timeframe. By contacting us, and accessing the Website or App, you warrant and agree that you are free to do so, and that you are not providing us with information which violates any third party intellectual or privacy rights.