PRIVACY POLICY

ConnectedLife Privacy Policy

PRIVACY POLICY

ConnectedLife Privacy Policy

CONNECTEDLIFE | HEALTH – PLATFORM PRIVACY POLICY

Last Updated: Jan 2023

Our mission at ConnectedLife is to make the world’s health data useful so that people enjoy healthier lives. We have developed tools that collect and organize health data, utilised data science applications and created interventions and platforms that put insights derived from that health data to use for more holistic care management. We have three guiding product design principles, starting with the user (condition), aiming to simplify care, and leading on security and privacy. We will make such products available to health professionals to manage the care and well-being of their patients. We believe that providing transparency around the data and personal information you entrust to us is critical to complete that mission. Your privacy and trust are our utmost priority.

Our Privacy Policy (“Privacy Policy”) is designed to help you understand how we collect and use personal and other information through our health mobile applications, services, features, software, and web applications and from visitors to our website https://connectedlife.io (our “Products” or “Services”). This Policy describes the choices available to you to assist you in making informed decisions when using our Service.

When we say “ConnectedLife,” “our,” “we,” or “us,” we’re talking about ConnectedLife Health Pte. Ltd..

Please also read ConnectedLife’s Terms of Service (“Terms”), which describes the terms under which you use our Services.

1. Information We Collect

ConnectedLife receives or collects information when we operate and provide our Services, including when you install, access, or use our Services.

1.1 Information You Provide:

1.1.1. Account Information. Some information is required to create an account on our Services, such as your name, email address, password, date of birth, gender, height, weight, and your mobile telephone number. This information is provided to us using your Fitbit login account.
1.1.1.1. Mandatory data fields required for Account information include:
Name,
Email address,
Date of birth,
Mobile telephone number.
All other account information is optional.
1.1.2. Unique identifiers. Information such as your Fitbit user name and password to access our Services.
1.1.3. User’s Basic Well-Being and Health Information. Information is provided by the user through our mobile application, such as:
Symptoms experienced daily,
Temperature logging,
Medication regime,
Water intake logging.
1.1.4. Customer Support. You may provide us with information related to your user experience of our Services so we can provide you with customer support.
1.1.5. Health Coaching Services. Our health coaching services are a service for you to interact with a live health coach to provide you with non-medical coaching. Coaches may be provided by third parties, or by our third-party coaching service providers. If you use our Health Coaching Services, we collect information about such use, including the wellness plans, schedules, and actions you record with your coach, communications with your coach, notes your coach records about you, and other information submitted by you or your coach in the form of documents or self-logging data and information. By agreeing to use our Health Coaching Services, you also consent to be contacted by the health coaches to provide you with this service.

1.2 Automatically Collected Information:

1.2.1. Usage and Log Information. We collect service-related, diagnostic, and performance information. This includes information about your activity (such as how you use our Services, and the like), log files, and diagnostic, crash, website, and performance logs and reports.
1.2.2. Device Information. Your Fitbit device collects data to estimate a variety of metrics like the number of steps you take, your distance travelled, calories burned, weight, heart rate, sleep stages, active minutes, and location. The data collected varies depending on which device you use. When your device syncs with our applications, data recorded on your device is transferred from your device to our servers.
1.2.3. Mobile Device Information. Information such as your mobile device ID (similar to a website IP address), device type, operating system, and mobile service carrier.
1.2.4. Geolocation Information. The Services include features that use precise geolocation data, including GPS signals, device sensors, Wi-Fi access points, and cell tower IDs. We collect this type of data if you grant us access to your location. We may also derive your approximate location from your IP address.
1.2.5. Cookies. We use cookies to operate and provide our Services, including to provide our Services that are web-based, improve your experiences, understand how our Services are being used, and customize our Services. For example, we use cookies in our web-based services. We may also use cookies to understand which of our features, content, etc. are most popular and to show you relevant information related to our Services. Additionally, we may use cookies to remember your choices, such as your language preferences, and otherwise to customize our Services for you. Learn more about how we use cookies to provide you our Services.

1.3 Third-Party Information:

1.3.1. Information Others Provide About You. We receive information other people, organisations provide us, which may include information about you.
1.3.2. Third-Party Providers. We work with third-party providers to help us operate, provide, improve, understand, customize, support, and market our Services. For example, we work with companies to distribute our apps, provide our infrastructure, delivery, and other systems, process payments, help us understand how people use our Services, and market our Services. These providers may provide us information about you in certain circumstances; for example, app stores may provide us reports to help us diagnose and fix service issues. Please note that when you use third-party services, their own terms and privacy policies will govern your use of those services.

In addition to providing consent for the above usages of your data. The following section requires additional consent as it deals with Sensitive Personal Data. This data is used to provide you with services and improve the functionality and experience of ConnectedLife’s Product. You can Opt-in to the collection of this data

1.4 Sensitive Personal Data:

1.4.1. Biometric Data
Estimated Oxygen Variation (Fitbit Device),
Average Heart Rate (Fitbit Device),
Resting Heart Rate (Fitbit Device),
SpO2 Manual Logging,
PR bpm Manual Logging.

2. How We Use Information

ConnectedLife uses all the information to help us operate, provide, improve, understand, customize, support, market and develop new Services, in order to honour our Terms of Service contract with you. For example, we need to use your information to provide you with your application tracking your exercise, activity, and other trends; and to give you customer support.

Legal Basis for processing (for EEA users): If you are an individual in the European Economic Area (EEA), we collect and process information about you only where we have legal basis for doing so under applicable EU laws. The legal basis for us processing your personal data is that you have provided consent, which you may withdraw at any time. If you withdraw your consent, (please refer to section 10 for withdrawal details) this will not make processing which we undertook before you withdrew your consent unlawful. Your consent means we collect and use your information only for the reasons stated below where we need to:

2.1 Provide you user services and improve the ConnectedLife’s product functionality and user experience. For example, we need to use your information to provide you with your application tracking your symptoms, activity, and other trends; provide your care team with information to manage your care and to give you customer support.

2.2 Administer your account and back-up your data.

2.3 Record log entries for your information and troubleshooting issues with your system.

2.4 Send you notifications through the ConnectedLife app. You can manage your notification preferences within the mobile app menu.

2.5 To conduct research and analysis to better understand how users access and use our Services, both on an aggregated and individualized basis, in order to improve our Services, create new features, provide you new offerings which we think you would be interested in, respond to user preferences, and to protect your data.

2.6 Respond to your questions and concerns and provide customer support.

2.7 To promote safety and security of the Services, our users, and other parties. For example, we may use the information to authenticate users, facilitate secure payments, protect against fraud and abuse, respond to a legal request or claim, conduct audits, and enforce our terms and policies.

3. How We Share Information

ConnectedLife will share certain categories of your information with third parties only in certain circumstances as described below:

3.1 Identifiable Information. Personally Identifiable Information (PII) is information that contains data that could be used to directly or indirectly identify you, like your name, address, well-being and health information. We only share this information under extremely limited circumstances. Primarily, this information is shared with third parties to provide you necessary Services. For example, this information is shared on a limited basis to assist in managing the 24/7 call centre services. These third parties are authorized to use your personal information only as necessary to provide these services to us.

Specifically, we may share this information as follows:

3.1.1. Affiliates. We may disclose the information we collect from you to our affiliates and subsidiaries that provide services or conduct data processing on our behalf, or for logistics purposes. If we do so, their use and disclosure of your personal information will be based on our instructions, and in compliance with this policy and any other appropriate confidentiality and security measures.
3.1.2. Service Providers. We may disclose the information we collect from you to third party vendors, service providers, contractors or agents who perform functions on our behalf.
3.1.3. Business Transfers. If we are acquired by or merged with another company, or if substantially all of our assets are transferred to another company, we may transfer the information we have collected from you to the other company. We will continue to take measures to protect the confidentiality of personal information and give affected users notice before transferring any personal information to the new entity.
3.1.4. In Response to Legal Process. We also may disclose the information we collect from you in order to comply with the law, a judicial proceeding, court order, or other legal process, such as in response to a court order or a subpoena. To the extent legally allowed, we will notify you of such requests prior to disclosing any information sought.
3.1.5. To Protect Us and Others. We also may disclose the information we collect from you where we believe it is necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any person, violations of our Terms of Service or this Policy.

3.2 Research and Development. Anonymized Information about your symptoms, trends, medication and activity could be used for further development of AI detection and analysis models and research purposes. Research may be done to identify trends and markers that identify early signs of the onset of disease and deterioration of health so that preventative action can be taken sooner.

Specifically, we may share this information to the entities as follows:

3.2.1. Fitbit Inc. The use of Fitbit devices are crucial to the delivery of this service. As a partner to provide this solution, Fitbit may use anonymized information to conduct their own research to help improve services and future features. For more information on Fitbit’s privacy practices for devices and services please view Fitbit’s Privacy Policy
3.2.2. Research Institutes. Research institutes may use anonymized information to develop models and algorithms. Analysis of trends and correlation of symptoms to vitals are potential ways to identify the onset of disease.
3.2.3. Government entities. Government entities may use local, anonymized information to better plan healthcare responses.

3.3 Anonymized Information. We may share your aggregated and de-identified information, which is anonymized and does not identify you. We may use this information in a variety of ways, including within a decentralised data and services exchange platform to further innovation and provide new services and products, where data is shared while guaranteeing control, auditability, transparency and compliance for all stakeholders involved. We will provide you with the information when this happens. We may also share this anonymized information with third parties and partners under agreement with us for marketing, advertising, research, or similar purposes.

3.4 Information We Share With Your Consent. We may share personally identifiable information with third parties provided we receive your consent to share that information. For example, you may opt into providing information to ConnectedLife’s service providers and/or business partners to receive special offers. Information will never be shared for these purposes without your consent.

3.5 Information Obtained from Third Parties. If others provide us your information, we will only use that information for the specific reason for which it was provided to us.

3.6 Updating Your Information. To review and update your personal information, you may view and edit your information from within the app. We will retain your information for as long as your contract agreement is active or as needed to provide services to you. If you wish to terminate your contract agreement or request that we no longer use your information to provide services to you, contact us at customer@connectedlife.io. We will retain and use your information as necessary to comply with our legal obligations.

4. Your Rights to Personal Data Access and Control

We provide you with account settings and tools to access and control your personal data, as described below, regardless of where you live. If you live in certain jurisdictions, you may have legal rights with respect to your information, which your account settings and tools allow you to exercise, as outlined below.

4.1 Accessing and Exporting Data. By logging into your account, you can access much of your personal information, including a diary of your past symptoms and activity statistics. To download your information and data please contact us at customer@connectedlife.io to request for a copy of your data.
4.2 Editing and Deleting Data. If you choose to delete your account, please contact us at customer@connectedlife.io to request for account deletion. Please note that it may take up to 90 days to delete all of your information, like the data recorded by your Fitbit device and other data stored in our backup systems. This is due to the size and complexity of the systems we use to store data. We may also preserve data for legal reasons or to prevent harm, including as described in the How Information Is Shared section.
4.3 Objecting to Data Use. To revoke access to your data, please contact us at customer@connectedlife.io to inform us that you wish to revoke data access.

5. Data Retention

We keep your account information, like your name, email address, and password, for as long as your account is in existence because we need it to operate your account. We keep other information, like your wellness and health data, until you delete your account with us because we use this data to provide you with personal notifications and statistics and other aspects of the Services. We also keep information about you and your use of the Services for as long as necessary for our legitimate business interests, for legal reasons, and to prevent harm, including as described in the How We Use Information and How We Share Information sections.

6. Marketing, Advertising, and Analytics

6.1 Cookies, Tracking and Ads. We may automatically collect information about your use of our Services through cookies, web beacons, and other technologies, such as your domain name; your browser type and operating system; web pages you visit; links you click; your IP address; the length of time you visit our website and/or use our services; and the referring URL, or the webpage that led you to our Site.
We may use technologies to understand how many individuals are accessing ConnectedLife Services or accessing features within the app. We use this aggregated information to understand and optimize how ConnectedLife devices and the app are used and to provide content and features that are of interest to you. Please refer to our Cookie Policy for more information about your choices around cookies and related technologies and third-party advertising.

6.2 Email & SMS Communications. You may choose to submit your email address through a submission form located on our website to sign up for communications from ConnectedLife. You may also provide your mobile phone number to ConnectedLife in connection with account registration or otherwise. The email address and mobile phone number associated with your account may also be used to send you news about ConnectedLife, such as new features or marketing promotions, account updates, promotional offers, and information regarding your contract and other premium services. We may use one or more service providers to administer these messages. ConnectedLife does not share your email address or phone number with spammers or any other non-affiliated third parties for their own marketing purposes without your permission. You may opt out of receiving newsletter or marketing communications from us by following the unsubscribe instructions or by contacting us at hello@connectedlife.io.

6.3 Security. The security of your personal information is important to us. We follow generally accepted industry standards to protect the information transmitted to us to the best of our abilities, both during transmission and upon receipt. No method of transmission or electronic storage is 100% secure. Therefore, we cannot guarantee its absolute security. If you have any questions about the security of our Products can contact us at hello@connectedlife.io.

7. Information Security

We work hard to keep your data safe. We use a combination of technical, administrative, and physical controls to maintain the security of your data. No method of transmitting or storing data is completely secure, however. If you have a security-related concern, please contact us at hello@connectedlife.io.

8. Which Countries We Transfer Your Personal Information To

Our system is built to store and process data within or as close to your location as possible. We have set up multiple variants of our system to ensure this is the case. Using cloud services allows us to provide our services in multiple geographical locations to ensure that your data stays within a set geographical range. For example, for customers located in Europe, we have set up our system infrastructure within European boundaries and all services run through this separated infrastructure.
On occasion, we may need to transfer your personal information to locations outside the jurisdiction in which we provide our for the purposes set out in this privacy policy. This may entail a transfer of your information from a location within the European Economic Area (the “EEA”) to outside the EEA, or from outside the EEA to a location within the EEA. Please see ‘How we share information’ for more detail on how the information may be shared with ConnectedLife offices and third party service providers.
The level of information protection in countries outside the EEA may be less than that offered within the EEA. Where this is the case, we will implement appropriate measures to ensure that your personal information remains protected and secure in accordance with applicable data protection laws. Where our third party service providers process personal data outside the EEA in the course of providing services to us, our written agreement with them will include appropriate measures, usually standard contractual clauses.

9. Other Rights and Important Notices

You agree to our information practices, including the collection, use, processing, and sharing of your information as described in this Privacy Policy, as well as the transfer and processing of your information to other countries globally where we have or use facilities, service providers, or partners, regardless of where you use our Services. Please note that the countries where we operate may have privacy and data protection laws that differ from, and are potentially less protective than, the laws of your country. You agree to this risk when you have an account with us and agree to our Terms and Conditions, irrespective of which country you live in. If you later wish to withdraw your consent, you can terminate your account with us.

10. Your Rights Regarding Your Personal Information

The European Union’s General Data Protection Regulation and other applicable data protection laws, in particular California, provide certain rights for data subjects.
The right to access – You are entitled to request details of the information we hold about you and how we process it.
The right to rectification, erasure, restriction of processing, data portability – You may also have a right in accordance with applicable data protection law to have it rectified or deleted, to restrict our processing of that information, to stop unauthorised transfers of your personal information to a third party and, in some circumstances, to have personal information relating to you transferred to another organisation.
You may also have the right to lodge a complaint in relation to ConnectedLife’s processing of your personal information with a local supervisory authority.
The right to object to processing – If you object to the processing of your personal information, or if you have provided your consent to processing and you later choose to withdraw it, we will respect that choice in accordance with our legal obligations.
Your objection (or withdrawal of any previously given consent) could mean that we are unable to perform the actions necessary to achieve the purposes set out above (see ‘How we use information’) or that you may not be able to make use of the Services and Products offered by us. Please note that even after you have chosen to withdraw your consent we may be able to continue to process your personal information to the extent required or otherwise permitted by law, in particular in connection with exercising and defending our legal rights or meeting our legal and regulatory obligations.
We must ensure that your personal information is accurate and up to date. Therefore, please advise us of any changes to your information by email to hello@connectedlife.io.

11. Notification of Privacy Policy Changes

We may update this privacy statement to reflect changes to our information practices or changes to our services. If we make any material changes, we will notify you by means of a notice in the app or website prior to the change becoming effective. We encourage you to periodically review this statement for the latest information on our privacy practices. Your continued use of our Services confirms your acceptance of our Privacy Policy, as amended. If you do not agree to our Privacy Policy, as amended, you must stop using our Services.

12. Data Controllers

There are a number of entities through which ConnectedLife provides Services and Products. The system development team is located in Singapore and is controlled by ConnectedLife Health Pte Ltd. IT systems are built on Cloud systems such as Microsoft Azure or Google Cloud Platform and is managed exclusively by ConnectedLife in Singapore.

Microsoft Azure allows multiple versions of the ConnectedLife system to be deployed in the locations of the users. For more information on the location of Azure servers relevant to your location, please see Azure Regions.

Google Cloud Platform allows multiple versions of the ConnectedLife system to be deployed in the locations of the users. For more information on the location of GCP servers relevant to your location, please see Cloud Locations.

Depending on the location where the Services and Products are provided, another undertaking or entity in the ConnectedLife group may be the data controller in relation to your personal data.

13. Contact Us

If you have questions about this policy, or need help exercising your privacy rights, please contact our Data Protection Officer at support.data@connectedlife.io.

You may also contact us at:

ConnectedLife Health Pte Ltd
Attn: Privacy Policy
101 Upper Cross Street
#05-16 People’s Park Centre
Singapore 058357

Our EU representative details are as follows:

OBELIS S.A
Bd. Général Wahis, 53 1030 Brussels,
Belgium
Tel: +32.2.732.59.54
Fax: +32.2.732.60.03
Email: mail@obelis.net
www.obelis.net