For the purpose of the EU GDPR regulation, Holistal is the data controller.
1. Personal data we may process
We may collect and process the following personal data:
1.1 Information you provide to us. You may provide us information about you by filling in forms on our website Holistal.com and/or Holistal mobile or web-based application, by e-mail or otherwise or whilst using our service, including applications buttons, browsers, plugins and application programming interfaces (the Service). This includes information you provide when you register to use the Service, answering assessment questions, selecting and ranking of personal goals, performing actions, opting into a challenge, performance of the challenge, collection of points, when you report a problem with the Service and similar. The information you give us may include your name, address, e-mail address and phone number, financial and credit card information, personal description.
1.2 The assessment may include questions regarding sleep, eating and exercise habits. Furthermore, when answering assessment questions, you may provide us with information regarding your perceived general state of health.
1.3 Web browser Usage Information that we collect. In respect of each of your visits when using the Service we may collect the following (i) technical information, including the Internet protocol address used to connect your device to the Internet, your login information, browser type and version, operating system and platform; and (ii) information about your visit or usage.
1.4 Application Usage Information. When you use our mobile application, our servers will automatically record information that your mobile device sends or transmits, including, but not limited to, the model and device ID number of your mobile device, user settings, location (if you enable this feature) and information about your use of the application.
2. Use of personal data
2.1 We may use personal data:
a) to provide support in any matters regarding the service
b) to allow you to participate in interactive features of the Service (when you choose to do so);
c) to fulfil our obligations arising from any agreements entered between you and us and to provide you with the information, products and services that you request from us;
d) to notify you about changes to the Service;
e) to improve the user’s health and for the user to be able to monitor development in such areas; and
f) to ensure that content from the Service is presented in the most effective manner for you and the device you are using to access the Service.
2.2 We also store, track and monitor Application Usage Information, however, only in the form of general usage and is non-personal. We use this information to provide and improve the Service, develop new products, and offer products and services that may be of interest to you.
3. Disclosure of personal data
3.1 We may share personal data to:
a) Your employer. The information shared is your email and points collected. This does not include data regarding your perceived state of health.
b) Customer support on need basis from you.
c) Your personal coach by approval by you and limited to only the coach permitted by you.
3.2 We may also disclose personal data to third parties:
The disclosure of personal data is limited to 3.1 and 3.2. no other parties will have access to any personal information regarding our users.
4. Storage and transfer of personal data
4.1 Personal data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (EEA). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers or business partners. By submitting your personal data, you consent to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with governing law.
4.2 We have also ensured that your personal is protected through DPO and other from time to time applicable agreements with all our third-party suppliers. All non EU third parties we are working with or choose to work with are accredited by GDPR or in accordance with US Privacy Shield.
5. Opt-out or deletion
You may at any time opt-out from our service and/or ask for deletion of your personal information by emailing: firstname.lastname@example.org
6.2 We use persistent cookies to save information like your search preferences, your account settings and login information, so that we can remember you and your settings when you return to the site. We use session cookies to enable certain features of the site or the Service, but unlike persistent cookies, session cookies are deleted when you leave or log off from the site and/or when you close your browser. Third-party advertisers on the site may also place or read cookies on your browser.
6.3 Most Internet browsers automatically accept cookies but you can instruct your browser, by changing its options, to stop accepting cookies or to prompt you before accepting a cookie from the websites you visit. If you do not accept cookies, however, you may not be able to use all features of the site or all functionality of the Service.
6.4 We may also use third parties to collect non-personal usage analytics for our Service and web site.
7. Links to other websites
Our site and the Service may, from time to time, contain links to and from the websites of our partner networks, advertisers and other third parties. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
8. Your rights
8.1 You have the right to ask us not to process your personal data.. You can exercise your right to prevent such processing by opting out from our service and request for deletion. Email email@example.com to exercise that right.
8.2 You may review, update, correct or delete personal data that we process about you by contacting us at firstname.lastname@example.org or, where applicable, by making the appropriate modifications in your account preferences through the Service. If you completely delete all such information, then your account may become deactivated. If you would like us to delete your record in our system, please contact us and we will attempt to accommodate your request.