Privacy Policy
FamilyProhealth Inc. ("we" "our" "us" "Company") provides a subscription based software platform offered via a mobile application (famhealth™) and website (http://www.familyprohealth.com), which enables remote health monitoring of family members and sharing of health related information ("Platform"). As part of the Platform, we are privy to various categories of personal data pertaining to you. We recognize that in sharing your personal data with us, you expect us to use and protect such data in compliance with all laws. Since personal data is integral to our Platform, we are committed to maintaining utmost transparency with you on our data processing activities.
This Privacy Policy ("Privacy Policy") sets out:
- What personal data we collect from you;
- How we collect the personal data;
- Why we collect the personal data ('basis' of processing);
- How we use and process the personal data;
- With whom it is shared;
- Where do we store it;
- Cross-border transfers of your personal data;
- How we safeguard your personal data;
- For how long do we keep it;
- Use of third party websites;
- Your rights; and
- Updates to this Privacy Policy.
1. Introduction
We enable people across the globe to track the health metrics of their family members and loved ones. Currently, we offer a subscription-based plan for the Platform, where the person subscribing to the Platform (the, "Subscriber") can monitor the health of theirfamily and loved ones(such as parents, relatives, etc.) (the "Beneficiary") remotely using the Platform; please note that for consistency, usage of the terms "you" or "your" applies to the Subscriber, Beneficiary and Third Party Contact (defined below), since personal data of these persons may be processed by us. The Beneficiary whose health metrics are proposed to be monitored will be nominated by the Subscriber. The Beneficiary will be provided with hardware device(s) developed by a third-party manufacturer to track various attributes of their health ("health tracking device"). The mobile application will capture the Beneficiary's health attributes (such as blood pressure, blood sugar, current weight, pulse rate, temperature, etc.) from the health tracking devices and the subscriber will be able to access these health records and other indicators via the Platform. Please note that the nature of attributes made available to you may differ based on the subscription plan opted. The functionality of the Platform is limited to tracking certain health metrics and should not be construed as a substitute for medical advice – please refer to our Terms of Use for further details.
2. What personal data we collect?
Personal data is information that can be used to identify you or used in combination with other information to determine your identity. The Platform combines two elements i.e., personal data collected from you at the time of subscribing to the Platform and personal data of the Beneficiary collected from the health tracking device provided to them. Accordingly, the nature of personal data collected from the Subscriber and Beneficiary vary. To ensure transparency in the distinction, we have listed below the personal data collected separately:
a. Subscriber:
When information is requested from us about the Platform and/or our Platform is accessed, we may collect certain personal data, such as your name, email address, contact number(s), and payment details (i.e., credit card number). We understand that the Subscriber and Beneficiary may wish to give other family members the ability to monitor the health of the Beneficiary ("Third Party Contact"). In such case, we may also collect their names, contact details, and address (on a case-to-case basis). We assume that such persons have consented to the Subscriber/Beneficiary's disclosure of their personal Data to us, and that the Subscriber/Beneficiary has disclosed such personal data is in compliance with applicable law.
b. Beneficiary:
The Beneficiary's personal data will be collected via two mediums (i.e., the health tracking device and mobile application) to reflect their health metrics on the Platform.
Health Tracking Device:
Once the Beneficiary is onboarded we will deliver the health tracking device device(s) to the Beneficiary at the address provided by the Beneficiary. Depending on the subscription plan availed by the Subscriber, the device may collect various health metrics of the Beneficiary. These will be collected by our mobile application via the Beneficiary's mobile device each time such mobile device is linked to the health tracking device.
Mobile Application:
When the Subscriber enrolls to access the Platform or following their enrollment, they nominate a Beneficiary. To register the Beneficiary, we collect certain personal data pertaining to the Beneficiary from the Subscriber via the mobile application (i.e., name, mobile number and date of birth). A Subscriber has the option to add or remove or make changes to Beneficiaries.
Subsequently, once the Beneficiary is registered, the Beneficiary can provide additional personal data pertaining them.
Apart from the personal data submitted by the Beneficiary, the Platform will periodically collect personal data from the health tracking device supplied to the Beneficiary via a mobile device for the purposes of tracking the Beneficiary's health metrics. Subscribers and Third Party Contacts will not be entitled to view biometric readings of the Beneficiary unless expressly permitted by the Beneficiary. To allow for disclosure of biometric readings to the Subscriber and Third Party 3 Contacts, the Beneficiary has to alter the default settings on the Platform to permit such disclosure.
3. How we collect personal data?
As mentioned above, our primary sources of personal data are from the mobile application, web application, and the health tracking device. In addition to these, we may collect certain data via other mediums, such as:
a. Questionnaires/Surveys:
We may request the Beneficiary (or contact the Subscriber) to participate in surveys / questionnaires via the mobile application or e-mail to understand their needs to improve the Platform.
b. Location Data:
If permitted via the mobile application, we may collect the location of the Beneficiary to calculate the Beneficiary's daily movement to determine level of energy expended by them in the day and track calorie counts.
c. Third party service providers:
Our service providers assist us to maintain the Platform. The service providers may co-ordinate with the Subscriber and the Beneficiary on our behalf for guidance on using the Platform, rectify issues faced, provide updates on our software and act as the customer support desk. During our interaction with such service providers, certain personal data of the Subscriber or Beneficiary may be collected or disclosed to clarify and/or supplement our operations.
d. Cookies:
We may use cookies, in combination with pixels, local storage objects, and similar devices (collectively, "cookies"). This helps us provide you with a good experience, improve the Platform, and to personalize the Subscriber's and the Beneficiary's experience on the Platform. Unless you have adjusted your browser settings so that it will refuse cookies, our system will issue cookies as soon as you visit the Platform. If you do not wish to accept cookies in connection with the Platform, you will need to delete, and block or disable cookies via your browser settings. Please note that disabling cookies will affect the functionality of the Platform, and may prevent you from being able to access certain features on the Platform.
4. Why we collect your personal data?
Our collection of the personal data is for purposes defined under this document and activities undertaken in relation to these purposes. For any new purpose, we will ask you for your separate consent. We may also process your personal data if we have your consent to do so or if such processing is necessary to comply with our legal obligations or to carry out obligations or exercise rights, we or you may have in relation to this Privacy Policy and Platform provided by us. The personal data collected is processed for the below purpose:
- Fulfilling our contractual obligations to you and providing the Platform availed.
- Setting up your account and linking the relevant Subscriber and Beneficiary.
- Compare measured attributes and biometric readings of the Beneficiary against the thresholds (defined by default or modified by the Beneficiary, as the case may be) for such attributes and indicate the standing of such Beneficiary's attributes against the scale for thresholds under three heads 'high', 'low' or 'normal'.
- Send alert notifications to the Beneficiary and/or the Subscriber and/or other care givers in case a threshold is breached based on biometric readings for select attributes.
- Record and process attributes using automated processes for our algorithms which measures the health attributes of the Beneficiary on the threshold scale to recommend customized thresholds and prompt alert notifications.
- Research and development to improve the Platform.
- Assisting with use of our mobile application and health tracking devices.
- Prepare case studies and internal repositories for training our personnel and technologies to improve the services offered to you, and incremental features to it.
- For contacting you with recommendations, helping you optimally utilize the Platform and in case of requests for additional information / confirmations.
- To analyze user trends of our Platform, for marketing and advertising analytics.
- To generate statistical and aggregate data (in an anonymized manner) for internal analysis, research.
- Evaluating gaps in our systems and mobile applications and updating our Platform accordingly.
- Determining areas of interest of our customers and extracting user trends.
- Sharing marketing and promotional communications of products offered by us and our affiliates related to the Platform availed by you. You may choose to opt-out of these by clicking on the "unsubscribe" link provided under these communications.
5. How we share / disclose your personal data (and with whom)?
While all operations pertaining to your personal data is carried out solely by us, in certain instances we are constrained to share your personal data with third parties for operational reasons. Predominantly across our customer base, we have noticed that the Subscriber and the Beneficiary could be in two different countries. As such, we engage local entities for delivery of the devices to the Subscriber and the Beneficiary, maintenance of the application, processing payments, and setting up local customer support desks. However, any disclosures to third parties are solely need based and in proportion to the functions carried out by such third party. We have discussed the nature of disclosures made by us below:
a. Legal obligation.
We are duty bound to disclose or share your personal information to comply with any legal obligation, any lawful request from government, court of law, regulators, or law enforcement officials and as may be required to meet national security or law enforcement requirements or civil claims or prevent illegal activity.
b. Third party service providers.
We may share personal data with third parties where required by law and where it is necessary to administer our working relationship with you. Your Personal Data may be shared with vendors and third-party service providers that help us provide, support and deliver the Platform to you, such as logistical partners, payment processing entities, customer support providers, information technology support, cloud services provider, data storage centers, management providers and external advisors (e.g., financial advisor, legal consultants, etc.). Your personal data and login credentials may be shared with third party service providers for information security and enabling access to your account.
c. Business Transfers.
If we are involved in a merger, acquisition, spin off, divestiture, reorganization, bankruptcy, acquiring any business, sale of our assets, financing and legal due diligence, your personal data may be shared or transferred as part of such a transaction (or the personal data held by us may be one of the transferred assets).
d. Protection.
We may disclose personal data when such disclosure is necessary to comply with applicable law or to enforce or apply our policies, our contract with you, or other agreements; or to respond to any claims or protect the rights of a third party, to protect the safety of any person or to prevent any illegal activity; and/or to protect the rights, property or safety of the Company, our employees or other persons.
Any third parties with whom we share your personal data are limited (by law and/or by contract) in their ability to use your personal data and the purposes for which they use it. We will ensure that any third parties with whom we share your personal data are subject to privacy and security obligations consistent with data protection standards maintained by us and in-line with global best practices. In respect of third-party service providers who are processing data on our behalf, we only permit them to process personal data for (limited) specified purposes and in accordance with our instructions.
6. Cross-border transfers of your personal data.
Owing to the nature of our Platform, we may at times be required to transfer the Beneficiary's personal data outside their country of residence, to give access to the overseas Subscribers. Additionally, for the purposes set out in "Why we collect your personal data?", we may transfer copies of your personal data outside your country. We take appropriate measures to ensure such entities offer at least the same levels of data protection adhered to by us and protect your Personal Data in accordance with this Privacy Policy.
7. How do we safeguard your data?
The main risk of our processing of your personal data is if it is misused, lost, subject to unauthorized access or unlawfully modified. This could lead to your personal data being in the hands of someone else that may use it fraudulently or make public, information that you would prefer to keep private. We take reasonable and appropriate technical and organizational measures, in compliance with applicable law, to protect your personal data from loss, misuse, disclosure, alteration, unauthorized access and destruction and take all appropriate precautions to safeguard the confidentiality of personal data, including anonymization, minimization, encryption and periodical audit of our information security systems.
Although we make every effort to ensure security, the transmission of information over the internet is not completely secure. As such, you acknowledge that we cannot guarantee the security of your personal data transmitted to us over the internet that any such transmission is at your own risk, including unauthorized access to your personal data by third parties by circumventing our security measures. Once we receive your personal data, we use strict procedures and security features to prevent unauthorized access from loss, misuse and unauthorized access, disclosure, alteration, and destruction.
While we have put in place procedures to deal with any suspected data security breach, we expect you to use secure channels and devices to access our Platform, keep your passwords relating to accessing any accounts and/or information with us confidential. You and any applicable regulator will be notified of a suspected breach where we are legally required to do so. We shall not be responsible for any unauthorized access to your personal data in our possession and/or any harm caused due to such access unless it is solely attributable to any negligence on our account.
8. For how long do we keep your personal data?
We keep your personal data for as long as we need it for the purposes set out under this Privacy Policy and as per applicable laws. The length of time for which we retain personal data depends on the term of the Subscriber's subscription and/or as required to comply with applicable laws and to establish, exercise or defend our legal rights. We will actively review the personal data we hold and delete it securely, if there is no longer a need for it to be retained. In some cases, we may anonymize and keep your personal data In an aggregated format for research, preparing case studies, and improving our Platform.
9. Third party websites.
You may, from time to time, during your use of our platforms, access links to or other websites operated by third parties (e.g., healthcare newsletters and bulletins). Third party websites have their own terms and conditions and privacy policies, and you should read these carefully before you submit any information to these websites. We do not endorse or otherwise accept any responsibility or liability for the content of such third-party websites or third-party terms and conditions or policies.
10. Your rights.
You have certain rights in relation to your personal data. We have provided an overview of these rights below together with what this entails for you.
a. Right to confirmation and access:
You have the right to obtain from us (a) confirmations on whether your personal data is being processed by us; and (b) brief summaries of your personal data processed or being processed by us. You may also request us for further information on the matters covered in this Privacy Policy.
b. Right to correction, etc.:
With regards to the personal data you have provided us, you have the right to correct inaccurate or misleading personal data, complete any incomplete personal data, and update the personal data. We will take reasonable steps to notify all relevant persons to whom we have disclosed your personal data about any corrections, completion, or updates, made to your personal data. If we do not agree to correct, complete, or update your information, we will provide you with an adequate written justification for the same.
c. Right to withdraw consent:
Decline to provide your consent and/or, in the limited circumstances where our processing is based on your having provided consent to the collection, processing and transfer of your personal data for a specific purpose, you have the right to withdraw your consent for that specific processing at any time we will no longer process your personal data for the purpose or purposes you originally agreed to, unless we have another basis for doing so by law. Do note that withdrawal of consent may significantly impact our ability to provide our Platform to you. As such, you acknowledge that you accept limited functionality of the mobile application and health
If you have any questions or concerns about our use of your personal data or if you want to exercise of any rights, please contact us at CDO@familyprohealth.com. To process your request, we may request you to provide us with reasonable information to satisfy us of your identity. We will consider all such requests and provide our response within a reasonable period (and in any event within the period specified under applicable law), and (subject to applicable law) may charge you a reasonable fee for complying with your requests. Please note, however, that certain personal data may be exempt from such requests in certain circumstances, for example if we need to keep using the information to comply with our own legal obligations or to establish, exercise or defend legal claims. If an exception applies, we will tell you this when responding to your request. We are not obliged to comply any request, which may harm the rights of any other person.11. Updates to this Privacy Policy and uses of your personal data.
Any changes we make to our privacy policy in the future will be posted on our mobile application, website or sent to you by email. If a change requires your consent, we will notify you and obtain your consent for the same. However, please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
12. Keep us updated.
It is important that the personal data we hold about you is true, accurate and current. Please keep us informed if your personal data changes during your subscription with us.
13. Do you have any questions?
We are conscious about upholding your privacy and will endeavor to address any concern(s) relating to it. If you have any questions, or concerns about this Privacy Policy or would like to exercise your rights in relation to your personal data, you can contact our designated Grievance Officer, who shall address any discrepancies, complaints or grievances arising from compliance with this Privacy Policy.
Your concerns can be sent in writing to: 1209 Orange Street, City of Wilmington, County of New Castle, DE 19801 and/ or by e-mail to: grievanceofficer@familyprohealth.com. \
Please address your communication as Attn: Grievance Officer, FamilyProhealth Inc. We will investigate and attempt to address any request or resolve any complaint or dispute regarding the use or disclosure of your personal data