This policy explains how we handle your personal data. Here’s a quick summary first, with key takeaways. It is not a substitute for reading the full policy, along with our Terms of Use.
* Data minimization and purpose limitation;
* We limit children’s access to the app;
* No sale of personal data;
This Privacy Policy explains how Curaby health app by Anton Fisko and its affiliated entities (“we” or “us”) complies with the provisions of the General Data Protection Regulation (“GDPR”), the UK GDPR and any other applicable data protection laws and regulations. This Privacy Policy explains how Curaby health collects, stores, uses, transfers, and shares personal data from our users (“you”) in connection with the Curaby health mobile application,* and the Curaby.org website, including all subdomains, products and services related to it (the “Website”) (all collectively, the “Services”).
*The App may be listed under a different name depending on your location.
We may change this Privacy Policy from time to time. If the changes are material, we will notify you by email or through the App. If permitted by law, your continued use of the Services after this policy has been updated indicates your acceptance of changes made. In some cases, you will be given a choice to accept changes to this policy. If you do not accept the terms of the updated Privacy Policy, please do not use the Services.
The latest updates to this policy are available on our Website.
We collect personal data about you when you interact with the Services. This can be directly from you or from other sources and third parties.
Personal data you provide to us directly:
General information: When you sign up to use the Services, we may collect personal data such as your name, email address, year and month of birth, place of residence and location information including time zone and language. We may be able to infer your sex and/or gender by your use of the Services. You may also choose to input information such as your first name or the name you would like us to call you. This is led by you and it will not affect your use of the Services should you choose not to enter this information.
Well-being: When you use the Services, you can choose to input personal data about yourself, such as your weight; height; body mass index (BMI); body temperature; menstrual cycle dates; pregnancy and details relating to your pregnancy (if you select the pregnancy mode); other symptoms and stages that are related to your menstrual cycle; perimenopause and menopause symptoms; general well-being and health; symptoms, which may include information relating to your sex life; or other information, like your physical and mental well-being, water intake and sleep duration.
Third-party services (including wearables): With your consent, you may also allow us to connect to third-party services, such as Apple HealthKit and Google Health Connect. This enables us to import information about your health and activities into the App without the need for you to log it yourself. This imported data may include fitness activities, weight, height, BMI, calories burned, heart rate, number of steps/distance traveled, body temperature, sleep and other activity data. This data provides you with general insights into your activities and helps us to make better predictions regarding your cycle. We will process this data in order to provide you with App functionality and features. Importing this data is subject to the Google Health Connect and Apple HealthKit privacy policies and terms. Please also check the applicable terms and privacy policies of the wearable devices that you may use to connect to Curaby health. Your wearable provider may collect usage data relating to your connection for its own business purposes, including to improve its services.
Personal data we collect automatically:
When you access or use the Services, we may automatically collect the following information:
Device information: device model; information about the operating system and its version; unique device identifiers; enabled device accessibility features (e.g., display features, hearing features, and physical and motor features); mobile operator and network information; device storage information or version of your device system.
Location information: IP address for an approximate location (not precise location); time zone or information about your mobile service provider.
Data about your use of the Services, including: frequency of use; areas and features of the Services that you access or use; payment transaction information (excluding full payment card details) or engagement with particular features.
To collect this and other information, we may use cookies and other similar technologies.
Data from external sources: we may receive personal data about you from third parties. For example, we may obtain information from third parties to enhance or supplement your existing information, including to customize your experience and for statistical purposes and analytics.
Depending on which features of the Services you use, we will process your personal data based on one or more of the following legal bases (we have included some examples):
* Your consent: you can give us permission to process your health data to provide the Services.
* To fulfill our contractual obligations to you in order to provide the Services to you: we may process your personal data to fulfill our contractual obligation to you for activities such as management of your Curaby health account and other administrative purposes.
* Legitimate interest: we may process your personal data based on our legitimate interests in order to manage our Services better. For example, we may use your personal data in order to:
identify and fix bugs;
determine genuine user interaction with the Services (rather than bots);
monitor the App and analyze its performance and reliability;
inform you of matters concerning your subscriptions;
conduct vulnerability scanning to protect the security of the Services; and
review aggregated App usage trends.
* Legal obligation: We may be obligated to process some of your personal data to comply with applicable laws and regulations.
Data minimization and purpose limitation: We will not process personal data in a way that is incompatible with the purposes for which it has been collected or authorized by you or collect any personal data that is not needed for the mentioned purposes.
No sale of personal data: We will not sell or rent your personal data for monetary gain. We will not disclose your personal data except as otherwise described in this Privacy Policy. We will share your personal data with our service providers who support our Services as described in this Privacy Policy. We will also not use information received through your use of the Apple HealthKit or Google Health Connect framework for advertising or similar services, or sell it to advertising platforms, data brokers, or information resellers.
If you would like to remove your data, you can remove the App from your device.
Please keep in mind that if we receive a vague request, we may contact you to better understand the request. We may also refuse to comply with or charge a reasonable fee for a request that is manifestly unfounded and/or excessive (repetitive) requests.
We will require you to prove your identity. Normally, we will verify that the request is coming from the same email that you provided when registering. If you have not registered your account, we may ask you to undergo additional verification checks to ensure we can appropriately respond to you.
We will not share your personal data with third parties except as specified within this Privacy Policy.
We will require you to prove your identity. Normally, we will verify that the request is coming from the same email that you provided when registering. If you have not registered your account, we may ask you to undergo additional verification checks to ensure we can appropriately respond to you.
With your consent, we may share some of your non-health personal data with third parties to promote the Services.
In some situations, we engage other companies to process your personal data on our behalf. We refer to these companies or service providers as “processors.”
Processors are companies that help us run the Services, support our communication with you, or perform other App-related activities. They process certain personal data on our behalf to accomplish the goals related to the App functions and deliver the Services. We remain responsible for any acts or omissions of our processors, and we enter into data processing contracts with them to the extent required by applicable law.
Here are some of the main processors we rely on:
* Apple, Inc. for payments
* Google LLC, USA for payments
We may aggregate, anonymize, or de-identify your personal data so that it cannot reasonably be used to identify you. We may share such data with third parties such as academic research institutions or use the data for statistical purposes. For example, we may share or use general age and demographic information and aggregate statistics about certain activities or symptoms from data collected to help identify patterns across users in articles, blog posts, and scientific publications. Sharing such data may contribute to the advancement of scientific research on health.
For certain targeted academic or user research studies, we will contact you and rely on your consent.
* in response to subpoenas, court orders, or legal processes, to the extent permitted and as required by applicable law (including to meet national security or law enforcement requirements);
when disclosure is required to maintain the security and integrity of the Services or to protect any user’s security or the security of other persons, consistent with applicable laws. In such cases, we may also delete some of your personal data;
to assert legal rights or defend against legal claims;
in the context of an acquisition or transfer of any party of our business or in connection with the business reorganization; and
depending on the circumstance, we may rely on legitimate interest or legal obligation as our legal basis for the processing activities above.
Except as set forth below, we will retain your personal data for as long as needed to provide you with the Services or otherwise fulfill the purposes for which it was collected.
Impact of App deletion or inactivity: If you choose to delete the App from your device or your account becomes inactive, we will retain your personal data for a period of three years in case you decide to reactivate the Services or reinstall the App. After three years of inactivity, we will delete your personal information.
Limitations: You should be aware that although we will delete, anonymize or otherwise de-identify your data where possible, we may retain certain personal data and other information after your account has been terminated or deleted. This is as required and permitted by applicable law, like the GDPR, and will include the following circumstances:
* as necessary to comply with legal obligations;
* establishment, exercise or defense of legal claims; and
* for archiving purposes in the public interest, scientific or historical research or statistical purposes.
If you would like to remove your data, you can remove the App from your device.
General age limitation: The Services are not intended for children, and we do not knowingly collect personal information from children under 13 years old through the Services.
Age limitation for residents of the European Economic Area (EEA), United Kingdom (UK) and Canada: Due to legal requirements, we do not allow the use of the Services by residents of EEA or the UK younger than 16 years old.