PRIVACY NOTICE
This Privacy Notice for Ziva Health Inc. (“Company,” “we,” “us,” or “our”) describes how and why we collect, store, use, and share (“process”) your information when you use our services (“Services”), including:
- Visiting our website at https://ziva.health or any website that links to this Privacy Notice.
- Downloading and using our mobile application (Ziva Health Inc) or any other application linked to this Privacy Notice.
- Using our dashboard, AI-driven wellness tools, and other digital platforms that interact with your health data.
- Engaging with us in other related ways, including sales, marketing, research, or events.
Key Privacy Considerations
- You Own Your Data: Ziva Health respects your right to control your personal health data.
- AI Training & De-identified Data: We may use de-identified user data to improve our AI-powered wellness tools and services. Personal identifiers are removed before any AI training.
- No Medical Advice: Our platform provides personalized holistic wellness insights, but it does not diagnose, treat, or replace medical advice from healthcare professionals.
- Your Privacy Rights: You have choices about how your data is used. Please review this Privacy Notice carefully to understand your rights and options.
SUMMARY OF KEY POINTS
This summary provides key points from our Privacy Notice, but you can find more details about any of these topics by clicking the link following each key point or by using our Table of Contents below. You can also click here to go directly to our Table of Contents.
What personal information do we process?
When you visit, use, or navigate our Services (website, mobile app, dashboard, and digital platforms), we may process personal information depending on how you interact with Ziva Health Inc., the choices you make, and the products and features you use. This may include your name, email, weight, blood pressure, blood sugar, health conditions and other wellness or wearables -related health data.
Do we process any sensitive personal information?
We may process sensitive personal information (such as health-related data) only with your consent or as otherwise permitted by applicable law.
Do we receive any information from third parties?
We may receive data from third-party health devices (such as wearables, Apple HealthKit, or other integrated services) with your authorization. However, we do not purchase or receive user data from third-party data brokers.
How do we process your information?
We process your information to:
- Provide, improve, and administer our Services.
- Communicate with you.
- Enhance security and fraud prevention.
- Ensure compliance with legal requirements.
- Train and improve our AI-powered wellness insights using de-identified data (personal identifiers are removed before AI model training).
We process your information only when we have a valid legal reason to do so.
In what situations and with which parties do we share personal information?
We do not sell personal data. However, we may share information in specific situations, such as:
- With third-party service providers who assist in delivering our Services.
- When required by law enforcement or regulatory authorities.
- To protect the security and integrity of Ziva Health and its users.
How do we keep your information safe?
We have organizational, technical, and security measures in place to protect your personal information. However, no electronic transmission over the internet or information storage system can be 100% secure, so we cannot guarantee absolute security against unauthorized access or cyber threats.
Do you own your data?
Yes, you own your personal data. Ziva Health does not claim ownership of the health and wellness data you provide. However, by using our Services, you grant us permission to process, store, and (if applicable) use de-identified data for AI model training and service improvement.
Is Ziva Health HIPAA-compliant?
Ziva Health is not a “covered entity” under HIPAA. While we prioritize industry-standard security for handling health-related data, information processed through our platform is not considered “Protected Health Information (PHI)” under HIPAA regulations.
What are your rights?
Depending on where you are geographically located, applicable privacy laws may grant you certain rights regarding your personal information. These may include:
- The right to access, update, or delete your personal data.
- The right to opt out of data processing in certain circumstances.
- The right to withdraw consent for AI-based wellness insights.
How do you exercise your rights?
The easiest way to exercise your rights is by emailing support@ziva.health or contacting us through our platform. We will consider and act upon any request in accordance with applicable data protection laws.
TABLE OF CONTENTS
- WHAT INFORMATION DO WE COLLECT?
- HOW DO WE PROCESS YOUR INFORMATION?
- WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR PERSONAL INFORMATION?
- WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?
- DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?
- HOW DO WE HANDLE YOUR SOCIAL LOGINS?
- IS YOUR INFORMATION TRANSFERRED INTERNATIONALLY?
- HOW LONG DO WE KEEP YOUR INFORMATION?
- HOW DO WE KEEP YOUR INFORMATION SAFE?
- WHAT ARE YOUR PRIVACY RIGHTS?
- DO CALIFORNIA RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?
- DO WE MAKE UPDATES TO THIS NOTICE?
- HOW CAN YOU CONTACT US ABOUT THIS NOTICE?
- HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?
1.WHAT INFORMATION DO WE COLLECT?
Personal Information You Disclose to Us
In Short: We collect personal and health-related information that you provide to us, including data from wearable devices and user-uploaded health records, to deliver and improve our Services.
Personal Information Provided by You
We collect personal information that you voluntarily provide when you:
- Register for or use our Services (website, mobile application, dashboard or related platforms).
- Express interest in obtaining information about our products, features, or services.
- Upload health data, manually input information, or sync wearable devices.
- Contact us directly at support@ziva.health.
The types of personal information we collect include but are not limited to:
- Name
- Email address & age
Sensitive Information
With your explicit consent, or as permitted by applicable law, we process the following sensitive categories of information:
- Health and wellness data, including medical conditions, blood pressure, weight, symptoms, and vitals.
- Data from wearable devices, such as heart rate, activity levels, sleep patterns, blood oxygen levels, blood glucose, resting heart rate, respiratory rate, activity, body temperature and stress levels.
- Genetic or biometric data, where applicable, for wellness tracking and insights.
- Other health-related information, such as daily nutrition, activities, medications, allergies, or chronic conditions.
Wearable & Device Data Collection
With your authorization, we collect and process health and wellness data from third-party wearable devices and health platforms, including but not limited to:
- Apple HealthKit
- Fitbit
- Garmin
- Oura Ring
- Whoop
- Other integrated fitness trackers and continuous health monitoring devices
This data may include:
- Heart rate, resting heart rate, respiratory rate heart rate variability (HRV), and stress levels.
- Activity levels, steps, and movement patterns.
- Sleep tracking data, including sleep duration and quality.
- Blood pressure, oxygen saturation, blood glucose and other physiological metrics.
- Any additional data categories available through wearables that you choose to share.
Important: Ziva Health does not sell, share, or use wearable device data for advertising purposes. We only collect and process this data with your explicit consent to enhance our personalized health insights and services.
User-Uploaded Health Data
Users may choose to manually upload health-related data, including but not limited to:
- Medical conditions, activities and diagnoses
- Blood pressure, weight, blood sugar, blood oxygen readings and other vitals
- Medications and supplement usage
- Lab test results
- Personalized wellness notes, nutrition data and self-tracking logs
By providing this information, you grant Ziva Health permission to store, process, and analyze the data for the purposes of delivering personalized insights, tracking health progress, and improving service recommendations. Additionally, we may use deidentified and aggregated data for artificial intelligence (AI) training, algorithm improvement, and research to enhance our Services. This deidentified data cannot be linked back to any individual user and will never be sold or shared for advertising purposes.
Payment Data
We may collect data necessary to process payments for in-app or web purchases, including:
- Payment card details (e.g., credit/debit card number, expiration date, security code).
- Billing address and transaction history.
All payment data is securely processed and stored by Stripe or Apple Pay or Google Pay.
Social Media & Email Login Data
If you choose to register or log in using social media or email services, we may collect and store information related to:
- Your Facebook, Google, Apple ID, Twitter, or Outlook account details (only as required for authentication).
- Any profile data you authorize during the sign-in process.
For more details, see “HOW DO WE HANDLE YOUR SOCIAL LOGINS?” below.
Mobile & Device Data Collection
If you use our mobile applications, we may request access to:
- Mobile device features, including Bluetooth, camera, calendar, reminders, and SMS messages, to enable app functionalities.
- Mobile device metadata, such as model, operating system, IP address, and network carrier information.
Push Notifications
We may request to send push notifications about your account activity, app updates, and health insights. You can opt out in your device settings.
All personal information provided must be accurate, complete, and up to date. Users are responsible for notifying Ziva Health of any changes to their data.
Information Automatically Collected
In Short: Some information, such as IP addresses, device characteristics, and usage data, is collected automatically when you use our Services.
We automatically collect technical and usage data when you visit, use, or navigate our Services. While this information does not directly identify you, it may include:
- IP address
- Device model, operating system, and browser type
- Language preferences and geolocation data
- App usage patterns and engagement metrics
Like many businesses, we collect this data through cookies, tracking technologies, and analytics tools.
Log & Usage Data
We track:
- Timestamps and activity logs, such as pages viewed and features accessed.
- Error reports, system activity, and performance diagnostics.
Device Data
We collect:
- Device metadata, such as model, browser version, and system configuration.
- Mobile network details (carrier, connection type).
Location Data
We collect location data only with your permission. You can disable location access in your device settings.
2. HOW DO WE PROCESS YOUR INFORMATION?
In Short: We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law. We may also process your information for other purposes with your consent.
We process your personal information for a variety of reasons, depending on how you interact with our Services, including:
- To facilitate account creation and authentication and otherwise manage user accounts. We may process your information so you can create and log in to your account, as well as keep your account in working order.
- To deliver and facilitate delivery of services to the user. We may process your information, including data from wearable devices, to provide you with the requested service and to offer personalized health insights and recommendations.
- To share data with your healthcare provider. With your consent, we process and share your wearable device data with the medical professional who invited you to join the platform. This is to enhance the monitoring of your health and the provision of medical care.
- To respond to user inquiries/offer support to users. We may process your information to respond to your inquiries and solve any potential issues you might have with the requested service.
- To send administrative information to you. We may process your information to send you details about our products and services, changes to our terms and policies, and other similar information.
- To enable user-to-user communications. We may process your information if you choose to use any of our offerings that allow for communication with another user.
- To request feedback. We may process your information when necessary to request feedback and to contact you about your use of our Services.
- To send you marketing and promotional communications. We may process the personal information you send to us for our marketing purposes, if this is in accordance with your marketing preferences. You can opt out of our marketing emails at any time in the notification section of the app.
- To deliver targeted advertising to you. We may process your information to develop and display personalized content and advertising tailored to your interests, location, and more.
- To protect our Services. We may process your information as part of our efforts to keep our Services safe and secure, including fraud monitoring and prevention.
- To identify usage trends. We may process information about how you use our Services to better understand how they are being used so we can improve them.
- To determine the effectiveness of our marketing and promotional campaigns. We may process your information to better understand how to provide marketing and promotional campaigns that are most relevant to you.
- To save or protect an individual’s vital interest. We may process your information when necessary to save or protect an individual’s vital interest, such as to prevent harm.
- To improve AI-driven insights and service recommendations. We may process deidentified and aggregated data to train artificial intelligence (AI) models, enhance algorithm accuracy, and improve the overall effectiveness of our Services. This deidentified data cannot be linked back to any individual user and is never sold or shared for advertising purposes.
3. WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR INFORMATION?
In Short: We may disclose aggregated information about our users, and information that does not identify any individual, without restriction.We only process your personal information when we believe it is necessary and we have a valid legal reason (i.e., legal basis) to do so under applicable law, like with your consent, to comply with laws, to provide you with services to enter into or fulfill our contractual obligations, to protect your rights, or to fulfill our legitimate business interests.
If you are located in the EU or UK, this section applies to you.
The General Data Protection Regulation (GDPR) and UK GDPR require us to explain the valid legal bases we rely on in order to process your personal information. As such, we may rely on the following legal bases to process your personal information:
- Consent. We may process your information, including data from wearable devices, if you have given us permission (i.e. consent) to use your personal information for a specific purpose. This includes sharing your wearable data with the healthcare provider who invited you. You can withdraw your consent at any time. Click here to learn more.
- Performance of a Contract. We may process your personal information when we believe it is necessary to fulfill our contractual obligations to you, including providing our Services or at your request prior to entering into a contract with you.
- Legitimate Interests. We may process your information when we believe it is reasonably necessary to achieve our legitimate business interests and those interests do not outweigh your interests and fundamental rights and freedoms. For example, we may process your personal information for some of the purposes described in order to:
- Send users information about special offers and discounts on our products and services
- Develop and display personalized and relevant advertising content for our users
- Analyze how our Services are used so we can improve them to engage and retain users
- Support our marketing activities
- Diagnose problems and/or prevent fraudulent activities
- Understand how our users use our products and services so we can improve user experience
- Legal Obligations. We may process your information where we believe it is necessary for compliance with our legal obligations, such as to cooperate with a law enforcement body or regulatory agency, exercise or defend our legal rights, or disclose your information as evidence in litigation in which we are involved.
- Vital Interests. We may process your information where we believe it is necessary to protect your vital interests or the vital interests of a third party, such as situations involving potential threats to the safety of any person.
If you are located in Canada, this section applies to you.
We may process your information if you have given us specific permission (i.e., express consent) to use your personal information for a specific purpose, or in situations where your permission can be inferred (i.e., implied consent). You can withdraw your consent at any time. Click here to learn more.
In some exceptional cases, we may be legally permitted under applicable law to process your information without your consent, including, for example:
- If collection is clearly in the interests of an individual and consent cannot be obtained in a timely way
- For investigations and fraud detection and prevention
- For business transactions provided certain conditions are met
- If it is contained in a witness statement and the collection is necessary to assess, process, or settle an insurance claim
- For identifying injured, ill, or deceased persons and communicating with next of kin
- If we have reasonable grounds to believe an individual has been, is, or may be victim of financial abuse
- If it is reasonable to expect collection and use with consent would compromise the availability or the accuracy of the information and the collection is reasonable for purposes related to investigating a breach of an agreement or a contravention of the laws of Canada or a province
- If disclosure is required to comply with a subpoena, warrant, court order, or rules of the court relating to the production of records
- If it was produced by an individual in the course of their employment, business, or profession and the collection is consistent with the purposes for which the information was produced
- If the collection is solely for journalistic, artistic, or literary purposes
- If the information is publicly available and is specified by the regulations
4. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?
In Short: We may share your personal information in specific situations described in this section and/or with the following third parties. We may disclose aggregated, anonymized, or deidentified data about our users, as well as information that does not identify any individual, without restriction.
We may share your personal information in the following situations:
- Legal and Compliance Requirements: We may disclose your personal information if required to do so by law, legal process, court order, or at the request of governmental authorities, law enforcement agencies, or regulatory bodies. We may also disclose information when we believe in good faith that such disclosure is necessary to protect our legal rights, enforce our Terms of Service, investigate fraud, prevent security threats, or protect the safety of users or the public.
- Business Transfers: If Ziva Health undergoes a merger, acquisition, sale of assets, financing, or other business restructuring, your personal information may be shared, transferred, or disclosed as part of that transaction. The use of your personal data post-transfer will be governed by the privacy policy of the acquiring entity. We will make reasonable efforts to ensure your personal data remains protected during and after any such transaction.
- Healthcare Providers: With your explicit consent, we may share your wearable device data and other health-related information with licensed healthcare providers, medical professionals, or institutions involved in your care. This data sharing is intended to facilitate continuous health monitoring, enhance medical decision-making, and improve your overall health outcomes.
- Third-Party Service Providers and APIs (Google, Apple, and Others): We may share certain personal data with third-party APIs and service providers (e.g., Google Maps API, Apple HealthKit, and other location-based or wearable data integrations) to enable platform functionality. For instance:
- Location Data: If you use location-based services, we may share your geolocation with Google Maps, Apple Maps, or similar providers to enhance navigation and personalization features. You can manage or revoke location permissions in your device settings.
- Wearable and Health Data: If you connect Apple HealthKit, Google Fit, or other wearable integrations, we may exchange health and activity data in accordance with their respective privacy policies. Ziva Health does not sell or use HealthKit or Google Fit data for advertising purposes.
- Other Third-Party Integrations: If you enable third-party features or services, we may share necessary data with the corresponding provider, subject to their respective terms and privacy practices.
- Affiliates: We may share your information with affiliated companies, including our parent company, subsidiaries, joint ventures, or other entities under common control. These affiliates are required to handle your personal data in accordance with this Privacy Policy and applicable data protection laws.
- Business Partners: We may share limited personal information with trusted business partners to provide you with enhanced services, exclusive offers, or relevant promotions. These partners are required to adhere to privacy safeguards and process data in compliance with applicable laws.
We do not sell, rent, or trade your personal data for marketing purposes without your explicit consent.
5. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES??
In Short: We may use cookies and other tracking technologies to collect, store, and analyze information about user interactions with our Services.
We may use cookies, Universal IDs, web beacons, tracking pixels, and other similar tracking technologies to enhance your experience, improve security, personalize content, and analyze usage trends. These tracking technologies help us:
- Authenticate and secure user sessions
- Store user preferences and facilitate navigation
- Monitor and measure the performance of our platform
- Deliver relevant content and targeted advertising
- Prevent fraudulent activity and unauthorized access
You can manage your cookie preferences through your browser settings. Please note that disabling certain cookies may affect the functionality of our Services.
6. HOW DO WE HANDLE YOUR SOCIAL LOGINS?
In Short: If you choose to log in using a social media account, we will only access the necessary information required for authentication.
Our Services provide the option to register and log in using third-party social media credentials (e.g., Facebook, Google, Apple, Twitter, LinkedIn). If you choose this option, we will receive certain profile information from the respective provider, which may include:
- Name
- Email address
- Profile picture (if applicable)
- Any additional details authorized by you during the login process
We do not have control over how these third-party social media providers handle your personal data. Their use of your information is subject to their own privacy policies and terms of service. We strongly encourage you to review their policies to understand how they collect, process, and share your personal information.
If you wish to revoke our access to your social media login, you may do so through your account settings on the respective third-party platform or by contacting us directly.
7. IS YOUR INFORMATION TRANSFERRED INTERNATIONALLY?
In Short: Your information may be transferred, stored, and processed outside of your country of residence, including in the United States, where our servers are located.
Our servers and primary data centers are located in the United States, and we may process and store your personal information in other jurisdictions where we or our service providers operate. This may include countries with different data protection laws than your home country.
For Residents of the European Economic Area (EEA) and the United Kingdom (UK):
If your data is transferred outside of the EEA or UK, we will implement safeguards to ensure your data remains protected, including:
- European Commission’s Standard Contractual Clauses (SCCs): We use SCCs for intra-group data transfers and third-party service provider agreements. These legally binding clauses ensure that your personal information receives an adequate level of protection.
- Other Appropriate Safeguards: Where applicable, we use additional measures such as data encryption, access controls, and compliance monitoring to ensure your data remains secure.
Our Standard Contractual Clauses can be provided upon request. We have implemented similar appropriate safeguards with our third-party service providers and partners and further details can be provided upon request.
8. HOW LONG DO WE KEEP YOUR INFORMATION?
In Short: We retain your personal information only for as long as necessary to fulfill the purposes outlined in this privacy notice, or as required by law.
We retain personal data, including wearable device data, for the duration of your use of our Services and as necessary to:
- Comply with legal, tax, accounting, and regulatory requirements
- Resolve disputes and enforce our agreements
- Maintain business operations and security monitoring
Retention Period:
Unless legally required to retain data for longer, we will not keep personal information for more than twelve (12) months following the termination of a user account.
Upon expiration of the retention period, we will:
- Permanently delete your data from our active databases
- Anonymize data for research, analytics, or operational improvements (where applicable)
- Securely store backup archives until deletion is technically feasible
If deletion is not immediately possible due to technical constraints, we will restrict access to your data, ensuring that it is no longer actively processed.
9. HOW DO WE KEEP YOUR INFORMATION SAFE?
In Short: We implement strict organizational, technical, and administrative security measures to protect your personal data. However, no system is completely secure, and we cannot guarantee absolute protection against unauthorized access or data breaches.
We take the security of your personal information seriously and have implemented commercially reasonable and legally compliant security measures to protect your data against unauthorized access, loss, misuse, alteration, or disclosure. These measures include but are not limited to:
- Encryption of data in transit and at rest using industry-standard protocols
- Access controls and authentication mechanisms to restrict unauthorized access
- Regular security audits, vulnerability assessments, and penetration testing
- Firewalls and intrusion detection systems to monitor and prevent unauthorized access
- Compliance with applicable data protection laws and security frameworks
Despite these measures, no method of transmission over the internet or electronic storage is 100% secure. We do not and cannot guarantee that your personal information will never be accessed, stolen, altered, or destroyed by cybercriminals, hackers, or unauthorized third parties.
By using our Services, you acknowledge that:
- Transmission of data is at your own risk.
- We are not liable for unauthorized access that occurs beyond our reasonable control.
- You are responsible for safeguarding your account credentials and ensuring you access our Services through secure networks.
If you believe your data may have been compromised, please contact us immediately at [insert contact details] so we can take appropriate action.
10. WHAT ARE YOUR PRIVACY RIGHTS?
In Short: You have legal rights regarding your personal data, including access, correction, deletion, and the ability to withdraw consent. If you are in the EEA, UK, or Canada, you may have additional rights under applicable laws.
In certain jurisdictions, including the European Economic Area (EEA), United Kingdom (UK), and Canada, you have specific legal rights regarding your personal information, which may include:
- Right of Access: You may request a copy of the personal data we hold about you.
- Right to Rectification: You may request correction of any inaccurate or incomplete personal data.
- Right to Erasure: You may request deletion of your personal information, subject to legal and contractual obligations.
- Right to Restrict Processing: You may request that we limit the processing of your data in certain situations.
- Right to Data Portability: Where applicable, you may request a copy of your data in a structured, machine-readable format.
- Right to Object: In certain circumstances, you may object to our processing of your personal data.
You may exercise these rights by contacting us using the details provided in the “HOW CAN YOU CONTACT US ABOUT THIS NOTICE?” section. We will review and process your request in compliance with applicable data protection laws.
Filing a Complaint
If you believe we are unlawfully processing your personal data, you have the right to file a complaint with your local data protection authority:
- EEA & UK: EU Data Protection Authorities
- Switzerland: Swiss Federal Data Protection and Information Commissioner (FDPIC)
Withdrawing Your Consent
If we rely on your express or implied consent for processing your data, you may withdraw that consent at any time by:
- Updating your preferences in the app settings.
- Contacting us using the details provided in the “HOW CAN YOU CONTACT US ABOUT THIS NOTICE?” section.
However, withdrawing consent does not affect the legality of processing conducted before withdrawal, nor does it affect processing based on other lawful grounds.
Opting Out of Marketing Communications
You can opt out of receiving marketing emails by:
- Clicking the unsubscribe link in our emails.
- Updating your push notification and contact preferences within the app.
- Contacting us directly.
Important: Even if you opt out of marketing messages, we may still send you service-related communications, including security alerts, account notifications, and other essential updates.
Managing Your Account
To review, update, or delete your account, you may:
- Log into your account settings and make changes.
- Request account termination by contacting us.
If you request account termination, we will deactivate or delete your account and data from our active databases. However, we may retain certain information as required for:
- Fraud prevention and security monitoring.
- Legal, regulatory, and compliance purposes.
- Resolving disputes and enforcing our legal terms.
Contacting Us About Your Privacy Rights
If you have any questions or requests related to your privacy rights, please contact us:
Email: support@ziva.health
11. DO CALIFORNIA RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?
In Short: Yes, if you are a resident of California, you are granted specific rights regarding access to your personal information.
California Civil Code Section 1798.83, also known as the “Shine The Light” law, permits our users who are California residents to request and obtain from us, once a year and free of charge, information about categories of personal information (if any) we disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which we shared personal information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to us using the contact information provided below.
If you are under 18 years of age, reside in California, and have a registered account with Services, you have the right to request removal of unwanted data that you publicly post on the Services. To request removal of such data, please contact us using the contact information provided below (support@ziva.health) and include the email address associated with your account and a statement that you reside in California. We will make sure the data is not publicly displayed on the Services, but please be aware that the data may not be completely or comprehensively removed from all our systems (e.g., backups, etc.).
CCPA Privacy Notice
The California Code of Regulations defines a “resident” as:
(1) every individual who is in the State of California for other than a temporary or transitory purpose and
(2) every individual who is domiciled in the State of California who is outside the State of California for a temporary or transitory purpose
All other individuals are defined as “non-residents.”
If this definition of “resident” applies to you, we must adhere to certain rights and obligations regarding your personal information.
What categories of personal information do we collect?
We have collected the following categories of personal information in the past twelve (12) months:
| Category | Examples | Collected |
| A. Identifiers | Contact details, such as real name, alias, postal address, telephone or mobile contact number, unique personal identifier, online identifier, Internet Protocol address, email address, and account name | YES |
| B. Personal information categories listed in the California Customer Records statute | Name, contact information, education, employment, employment history, and financial information | NO |
| C. Protected classification characteristics under California or federal law | Gender and date of birth | YES |
| D. Commercial information | Transaction information, purchase history, financial details, and payment information | YES |
| E. Biometric information | Fingerprints and voiceprints | NO |
| F. Internet or other similar network activity | Browsing history, search history, online behavior, interest data, and interactions with our and other websites, applications, systems, and advertisements | YES |
| G. Geolocation data | Device location | YES |
| H. Audio, electronic, visual, thermal, olfactory, or similar information | Images and audio, video or call recordings created in connection with our business activities | YES |
| I. Professional or employment-related information | Business contact details in order to provide you our Services at a business level or job title, work history, and professional qualifications if you apply for a job with us | NO |
| J. Education Information | Student records and directory information | NO |
| K. Inferences drawn from other personal information | Inferences drawn from any of the collected personal information listed above to create a profile or summary about, for example, an individual’s preferences and characteristics | YES |
We may also collect other personal information outside of these categories through instances where you interact with us in person, online, or by phone or mail in the context of:
- Receiving help through our customer support channels;
- Participation in customer surveys or contests; and
- Facilitation in the delivery of our Services and to respond to your inquiries.
We also may receive information about you from third parties who have received your information because you subscribe to or otherwise participate in their services or because you use their digital equipment (“Third-Party Data Sources”).
For example, we may receive data from wearables or activity trackers that you already possess and not provided by us (“Third-Party Health Devices”). If you supply information from Third-Party Health Devices to us by manually entering that information through the Apps or the Sites, that information will be considered information from you and a User Submission. If you enable one or more Third-Party Health Devices to supply information to us automatically, that information will be considered information from you delivered through your Third-Party Data Sources and will also be a User Submission.
In addition to Third-Party Health Devices, Third-Party Data Sources may include other third-party sources of data, such as Apple HealthKit. When you authorize these Third-Party Data Sources to supply information to us, that information will be considered information from you delivered through your Third-Party Data Sources and will also be a User Submission.
We will use the Personal Information that you provide for the purpose of providing you with an engaging and personalized experience in using the Services
How do we use and share your personal information?
More information about our data collection and sharing practices can be found in this privacy notice.
You may contact us by email at support@ziva.health, or by referring to the contact details at the bottom of this document.
If you are using an authorized agent to exercise your right to opt out we may deny a request if the authorized agent does not submit proof that they have been validly authorized to act on your behalf.
Will your information be shared with anyone else?
We may disclose your personal information with our service providers pursuant to a written contract between us and each service provider. Each service provider is a for-profit entity that processes the information on our behalf.
We may use your personal information for our own business purposes, such as for undertaking internal research for technological development and demonstration. This is not considered to be “selling” of your personal information.
Ziva Health Inc. has not disclosed or sold any personal information to third parties for a business or commercial purpose in the preceding twelve (12) months. Ziva Health Inc. will not sell personal information in the future belonging to website visitors, users, and other consumers.
Your rights with respect to your personal data
Right to request deletion of the data — Request to delete
You can ask for the deletion of your personal information. If you ask us to delete your personal information, we will respect your request and delete your personal information, subject to certain exceptions provided by law, such as (but not limited to) the exercise by another consumer of his or her right to free speech, our compliance requirements resulting from a legal obligation, or any processing that may be required to protect against illegal activities.
Right to be informed — Request to know
Depending on the circumstances, you have a right to know:
- whether we collect and use your personal information;
- the categories of personal information that we collect;
- the purposes for which the collected personal information is used;
- whether we sell your personal information to third parties;
- the categories of personal information that we sold or disclosed for a business purpose;
- the categories of third parties to whom the personal information was sold or disclosed for a business purpose; and
- the business or commercial purpose for collecting or selling personal information.
In accordance with applicable law, we are not obligated to provide or delete consumer information that is de-identified in response to a consumer request or to re-identify individual data to verify a consumer request.
Right to Non-Discrimination for the Exercise of a Consumer’s Privacy Rights
We will not discriminate against you if you exercise your privacy rights.
Verification process
Upon receiving your request, we will need to verify your identity to determine you are the same person about whom we have the information in our system. These verification efforts require us to ask you to provide information so that we can match it with information you have previously provided us. For instance, depending on the type of request you submit, we may ask you to provide certain information so that we can match the information you provide with the information we already have on file, or we may contact you through a communication method (e.g., phone or email) that you have previously provided to us. We may also use other verification methods as the circumstances dictate.
We will only use personal information provided in your request to verify your identity or authority to make the request. To the extent possible, we will avoid requesting additional information from you for the purposes of verification. However, if we cannot verify your identity from the information already maintained by us, we may request that you provide additional information for the purposes of verifying your identity and for security or fraud-prevention purposes. We will delete such additionally provided information as soon as we finish verifying you.
Other privacy rights
- You may object to the processing of your personal information.
- You may request correction of your personal data if it is incorrect or no longer relevant, or ask to restrict the processing of the information.
- You can designate an authorized agent to make a request under the CCPA on your behalf. We may deny a request from an authorized agent that does not submit proof that they have been validly authorized to act on your behalf in accordance with the CCPA.
- You may request to opt out from future selling of your personal information to third parties. Upon receiving an opt-out request, we will act upon the request as soon as feasibly possible, but no later than fifteen (15) days from the date of the request submission.
To exercise these rights, you can contact us by email at support@ziva.health, or by referring to the contact details at the bottom of this document. If you have a complaint about how we handle your data, we would like to hear from you.
12. DO WE MAKE UPDATES TO THIS NOTICE?
In Short: Yes, we will update this notice as necessary to stay compliant with relevant laws.
We may update this privacy notice from time to time. The updated version will be indicated by an updated “Revised” date and the updated version will be effective as soon as it is accessible. If we make material changes to this privacy notice, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this privacy notice frequently to be informed of how we are protecting your information.
13. HOW CAN YOU CONTACT US ABOUT THIS NOTICE?
If you have questions or comments about this notice, you may contact us by email at support@ziva.health
If you have any further questions or comments, you may also contact us by post at the following corporate address:
Ziva Health Inc.
171 Main Street , Ste 666
Los Altos 94022
United States
Phone: (+1)6503971090
14. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?
Based on the applicable laws of your country, you may have the right to request access to the personal information we collect from you, change that information, or delete it. To request to review, update, or delete your personal information, please submit a request by sending an email to support@ziva.health