WHY DOES THIS MATTER?
At ChiKeey, we take data protection seriously.
We are working on developing products and applications that enable you to track your lifestyle choices, mood, energy, and stress to impact your quality of experiences. We feel that data does not get much more personal than this, and thus respect your privacy. Safety of your data is of paramount importance to us. We therefore hope that you take a moment to review this policy.
ABOUT THIS POLICY
- What personal data we collect from partners as well as users
- How we store and process the data
- Users and partners’ legal rights and how to exercise them
WHAT PERSONAL DATA DO WE COLLECT AND PROCESS?
We process the following general account data as inserted by you:
- E-mail address
- Birth date and year
- Height and weight
- Notes and tags
We track and collect the following data through a wearable device and the technology platform used:
- Heart rate
- Movement data
- Temperature data
- IP address and high-level location
- User ID (randomly generated)
- Metadata regarding website/app/technology use
This information is used to produce evaluation data regarding the quality of your mood, stress, energy, and stress level.
Measurement data is collected automatically by the tracking functions through a wearable device. Data is sourced from the wearable devices through partnerships and via an API.
Data is also produced by combining the data listed above and by calculating evaluation data regarding mood, energy, and stress level.
PURPOSES AND LEGITIMATE GROUNDS FOR PROCESSING OF PERSONAL DATA
To develop the product to provide you the service
We process personal data in the first place to develop the product that will be able to offer the service to our Users.
Legal grounds for processing
We process personal data on the basis of a user contract, which is formed in connection with the creation of an account and acceptance of our terms and conditions. We may also process certain information to comply with legal obligations, such as consumer protection legislation.
Furthermore, we process the personal data to pursue our legitimate for aggregated analytics and trend detection. When choosing to use your data on the basis of our legitimate interests, we carefully weigh our own interests against your right to privacy.
Measurement data or any data derived from measurement data is used for advertising only subject with your explicit consent.
SHARING YOUR PERSONAL DATA
We may share data with our group companies, subsidiaries and affiliates. Otherwise we do not share personal data with third parties outside of our organization unless one of the following circumstances applies:
For legal reasons
We may share personal data with third parties outside ChiKeey’ organization if we have a good-faith belief that access to and use of the personal data is reasonably necessary to: (i) meet any applicable law, regulation, and/or court order; (ii) detect, prevent, or otherwise address fraud, security or technical issues; and/or (iii) protect the interests or safety of ChiKeey or our Users in accordance with the law. Where possible, we will inform Users about such transfer and processing.
To our authorized service providers
For other legitimate reasons
With your explicit consent
We may share personal data with third parties outside ChiKeey organization for other reasons than the ones mentioned before, when we have the User’s explicit consent to do so. The User has the right to withdraw this consent at all times.
We may aggregate and anonymize data collected through partnerships and wearable devices and applications. Such data will be anonymous and cannot be connected to an individual User, therefore no longer qualifying as personal data. We may use this type of anonymous data for analytics, statistics, research, communications and PR purposes as well as for trend detection and for benchmark data.
HOW LONG DO WE KEEP YOUR DATA?
ChiKeey does not store personal data longer than is legally permitted and necessary for the purposes specified above. The storage period generally depends on the duration of the development lifecycle, unless data has been deleted upon request.
Backups are deleted as soon as reasonably possible, typically within 6 months.
SAFEGUARDING YOUR DATA
We do our best to keep your data safe and secure.
We use administrative, organizational, technical, and physical safeguards to protect the personal data we collect and process. Measures may include, for example, where appropriate, encryption, pseudonymization and access right systems. Our security controls are designed to maintain an appropriate level of data confidentiality, integrity, availability, resilience and ability restore the data. We regularly test our Service, systems, and other assets for security vulnerabilities.
We will take all reasonable precautions to ensure that our staff and employees who have been specifically granted access to information about you have received adequate training to ensure that they process that information only in accordance with this policy and with our obligations under applicable legislations.
Should despite of the security measures, a security breach occur that is likely to have negative effects to your privacy, we will inform you and relevant authorities as required by applicable data protection laws.