Privacy Policy last updated March 2018
Version 3.0, 25 May 2018
Version 2.0, 27 March 2018
Version 1.0, 16 October 2016

If you have any queries about your Data Privacy, please contact our Data Protection Officer at dpo@ahahealth.io

Our Mission
Our Mission is to empower you to take ownership of your health, and to put you at the centre of your care.

Our Products and Services along with those that we recommend, and third party devices for sale on our website provide instant access to health and fitness data so you can track your health and wellness and take control. We aim to put you at the centre of your healthcare.

Our Privacy Promise
At AHA Health Limited we are committed to the principles of respecting your privacy, keeping your data safe, and letting you decide how your information is used and shared. This is our Privacy Promise:

  • We will only collect data that is useful to improving our products, services and your experience.
  • We will be transparent about our data practices and will explain them in clear language
    • We will never sell your data, and will only share personally identifiable data when you direct us to (or under the circumstances outlined in our Privacy Policy).
  • We will always take the security of your data seriously.

Our Privacy Policy

25 May 2018

AHA Health Limited (“We” or “our”) are committed to protecting and respecting your privacy.

We design products and tools that track everyday health and fitness to empower users to lead healthier lives. This privacy policy applies to our website located at www.ahahealth.io (“website” or “site”), the AHA store (“store”), the AHA Platform (“platform”) and our AHA mobile applications for iPhone OS and Android OS (each an “App” and together the “Apps”). The Website, Platform, Apps and Store are collectively referred to in this privacy policy as the “AHA Service”.

This policy (together with our Consumer Terms and Conditions (the “Terms“) and any other documents referred to in it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us.

Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. Any terms used in this policy shall have the same meaning as those used in the Terms. In the event of any conflict between the Terms and this policy, the Terms shall prevail.

By agreeing to the Terms you are accepting and consenting to the practices described in this policy.

For the purpose of the Data Protection Act 1998 (the “Act”), the data controller is AHA Health Limited of 71-75, Shelton Street, Covent Garden, London, WC2H 9JQ (the “Company”).

If you have any questions or there is something you are unclear about please contact us.

What Data Does AHA Health Collect?

When you create a AHA Account
If you want to use the AHA Service you must create a AHA account. When you create a AHA account, we ask for some personal information, including your address, email address, telephone number and date of birth.

When You Add Information To Your Account
You can customise your AHA experience by adding other types of information to your account, such as demographic details, health status, lifestyle information, Doctor’s address, emergency contact, adding a log or by setting an alerts, personalising your profile with photos or by participating in discussion boards. Whenever you add this type of data, we collect it and store it with your other account information.

When You Visit The Site
We collect some data from everyone who visits our website— even if you don’t have a AHA account.

Whenever you visit our Site, we collect industry standard log data that records information about your visit, such as your browser type, operating system, the URL of the page that referred you, the different actions you performed, and the IP address from the pages you visited. We use this type of information to provide you with information that’s relevant to your location and to make sure the Site is working properly. We also collect data from cookies. To see the full list of cookies we use and how we use them, please read our Cookie Policy.

When You Sync Your Device
The AHA Service can obtain data from a range of devices. When you sync your device, data about your activity is transferred from your device to our servers. This data is stored and used to provide the AHA Service. Each time a sync occurs, we also log data about the transmission. Some examples of the log data are the sync time and date, device battery level, and the IP address used when syncing.

When You Make Purchases From Our Store
If you are logged into your AHA account when you purchase something on our site, we associate that order with your account. We also store your shipping address so we can process your order through our fulfillment partner. We do not, however, view or store your credit card information. This is handled by our third-party payment processor. If you are not logged into your account at the time of purchase, we do not associate that data with your AHA account, however we save the data so that we can provide customer service related to the purchase.

When You Contact Us For Help
Whenever you contact AHA Health for help, we collect your name and email address along with any additional information you provide in your request and store it on our servers in order to provide you with customer service and to improve the AHA Service. If you contact us when you are already logged in to your account, the web form automatically pre-fills in certain information, so you don’t have to type it manually. You can also contact us through public forums such as Twitter or Facebook; however, we cannot maintain the privacy of your communication to us if you contact us through these channels.

How We Use Your Data
AHA Health uses your data to provide you with the best experience possible, to help you make the most of your health, and to improve and protect our Service. Here are some examples:

  • Height, weight, gender and age is used to create your health profile and calculate any health information we may provide.
  • Contact information is used to send you account notifications, and to inform you about new features or products we think you would be interested in.
  • Your data is used for research to understand and improve AHA products and services.
  • Logs and other data are used to troubleshoot AHA services; detect and protect against error, fraud or other criminal activity; and enforce the AHA Terms of use.
  • De-identified data that does not identify you may be used to inform the health community about trends; for marketing and promotional use; or for sale to interested audiences. See Sharing of De-identified Data That Does Not Identify You to learn more.
  • We use your data to troubleshoot the AHA Service, enforce the AHA Terms of Use, and/or detect and protect against error, fraud or other criminal activity.

What Data May be Shared With Third Parties?
First and foremost: We don’t sell any data that could identify you. We only share data about you when it is necessary to provide our services, when the data is de-identified and aggregated, or when you direct us or consent to share it.

Data That Could Identify You
Personally Identifiable Information (PII) is data that includes a personal identifier like your name, email or address, or data that could reasonably be linked back to you. We will only share PII data under the following circumstances:

With companies that are contractually engaged in providing us with services like order fulfillment, email management and credit card processing. These companies are obligated by contract to safeguard any PII they receive from us.

If we believe, after due consideration, that doing so is reasonably necessary to comply with a law, regulation, or valid legal process. If we are going to release your data, we will do our best to provide you with notice in advance by email, unless we are prohibited by a court order from doing so or where the request or legal process is directly related to a regulatory investigation. In the latter case, we will ensure user information we disclosed is treated as confidential.

If it is necessary in connection with the sale, merger, bankruptcy, sale of assets or reorganization of our company, your PII can be sold or transferred as part of that transaction as permitted by law. The promises in this Privacy Policy will apply to your data as transferred to the new entity.

Data That Does Not Identify You (De- identified Data)
AHA Health may share or sell aggregated, de-identified data that does not identify you with partners and the public in a variety of ways, such as by providing research or reports about health and fitness. When we provide this information, we take legal and technical measures to ensure that the data does not identify you and cannot be associated back to you.

Data that You Direct Us to Share
You can direct us to share data with other parties. For example, you might authorize us to link your AHA account with healthcare provider; or direct us to share data with your employer as part of a wellness program.

By Providing us with your NHS number we will automatically link to the NHS to provide enhanced services when available, unless you specifically request us not to do so. This can be done by emailing us at info@ahahealth.io.

Once you direct us to share your data with a third party, that data is governed by the third-party’s privacy policy. You can revoke your consent to share with the third party at any time in your AHA account settings.

Other Ways You Might Share Your Data

Contests and Giveaways
We may offer opportunities to participate in contests, giveaways and other promotions. Any data you submit in connection with these activities will be treated in accordance with this Privacy Policy, unless the rules for those offers notes otherwise.

Surveys
We may also ask you to participate in surveys that help us understand your use of our products and services. Any PII you provide to us in these surveys will only be used in relation to that survey and as stated in this Policy.

How Long We Save Your Data
We store your PII for as long as you remain a AHA customer and satisfy the regulatory requirement if any to store data.

How To Edit or Modify Data
Any data that you provide to AHA Health through the Site can be modified from your dashboard or preferences. If you remove data from your User Account, it will no longer appear to visible to you. Backups of that data will remain in association with your User Account and in our archive servers.

How To Deactivate Your AHA Account
You can deactivate your AHA account by contacting Customer Support. When you do, data that can identify you will be removed from the Service, including but not limited to your email, name, photo(s). Backup copies of this data will be removed from our server based upon an automated schedule, which means it may persist in our archive for a period of time. We may continue to use your de-identified data.

The AHA Policy For Children
The AHA Service is not directed at persons under the age of 18. We do not knowingly collect any PII from those under the age of 18. If you are aware of a user under the age of 18 using the AHA Service, please contact us.

Can I Opt-out Of Receiving AHA Emails?
You can opt-out of receiving summaries, notifications and promotional emails by changing the notification preferences in your account settings or by unsubscribing via the “Unsubscribe” link in any AHA email. Opting-out of these emails will not end transmission of important service-related emails that are necessary to your account maintenance.

How Does AHA Health Keep My Data Safe?
We use a combination of technical and administrative security controls to maintain the security of your data. If you have a security-related concern, please contact us.

Cookie Policy
We use cookies and other technologies like pixel tags and web beacons, to make our site better. Cookies are text files that are sent by servers to web browsers and stored on your computer. They tell us which parts of our Site you’ve visited so we can figure out which promotions you may like to see or to alert you to software compatibility issues. If you delete cookies or block them from being stored, you may not get the full AHA experience.

Web beacons and pixel tags are images embedded in a webpage or email for the purpose of measuring and analysing usage and activity. AHA Health, or third party service providers acting on our behalf, may use web beacons and pixel tags to help us analyse usage and improve our functionality.

This Site uses third party service providers, listed below, to help us analyse certain online activities and improve our services. For example, these providers help us measure the performance of our online campaigns or analyse visitor activity on the Site. We may also permit these providers to use cookies and other technologies to perform these services for us. We send data to third party analytics providers so we can use their tools to understand how you and other AHA users use our services.

We use advertising cookies to present you with opportunities to purchase AHA products on our website, and retargeting cookies, to present you with AHA advertising on other websites based on your interaction on our site.

Does AHA Health Honor “Do Not Track” Signals
Although we would like to honor the browsers set with a “Do Not Track” signal, we are currently unable to honor those signals. We believe that consumers should exercise choice regarding the collection of this type of data, which is why we disclose the cookies used and provide links to opt-out of those collection practices below.

We use the following cookies and data analytics platforms:

Cookies:
ApNexus: The ApNexus Cookies page provides information about their cookie and gives you the option to opt out-of this program.

DataXu: The DataXu Data Collection for our Platform page explains their privacy practices and gives you the option to opt-out of this program.

DoubleClick and DoubleClick Floodlight: This cookie and web beacon is owned by Google. You can adjust Google’s use of cookies by visiting Google’s Ads Settings. You may permanently opt-out of the Google DoubleClick cookie.

Google Adwords Conversion: You can adjust the Google Ads Settings and opt-out of this program.

Data Analytics:
Mixpanel: We use Mixpanel as our primary analytics tool to understand how our customers use the AHA Service and Mixpanel People to contact you about the use of our product, for example, to contact you if you have trouble syncing your Device. You can read the MixPanel Privacy Policy and opt-out.

We use Google Analytics and Optimizely analytics cookies allow us to see how you use our services so we can improve your experience. We encourage you to read the Google Privacy Policy. If you prefer to not have data reported by Google Analytics, you can install the Google Analytics Opt-out Browser Add- on. Likewise, you can read the Optimizely Privacy Policy and opt out.