French | 中文 | Deutsch | Nederlandse | Portuguesa | English
Last updated: June 24, 2022
Data collected by MI will not be shared or processed for any other reason than outlined in this policy. Should the purpose of data collection change, MI will inform all users of AmDTx by email and re-obtain consent for the change in data collection.
What We Collect
Anonymous Data refers to data that by itself does not permit the identification of a specific individual. We collect such information only insofar as is necessary or appropriate to fulfil the purpose of your interaction with the Apps or the Site. We may collect the following types of Anonymous Data when you use the Apps or the Site.
Measurement data produced by the Apps. We may collect the Apps version, device hardware model, device operating system (OS) version, language and region settings, timestamp, self assessments of mood and stress, measurement mode (finger/face), heart rate, and waveforms related to your heart signal obtained from the processing of the camera input.
Geolocation information. We may collect the geolocation (e.g. GPS) of your mobile device at the time of a saved measurement only with your permission. We do not access or track your geolocation information in the background.
Apps usage and interactions. We may collect statistics about the behavior of users of the Apps to understand how they interact with the Apps and for error reporting. For instance, we may monitor which part of the Apps and its related features you are interested in and your usage patterns.
Notifications. The Apps have notifications that remind the user of the meditation time set by the user. Permissions can be turned off manually.
Personal Data is data that can be used to identify or contact you. MI is strongly committed to protecting the privacy of its user community.
The Apps require access to the camera on your device in order to measure your heart rate. Images from the camera feed are processed locally on your device and cleared immediately afterwards. We do not collect any images obtained from the camera feed.
We do require registration to access MI Apps, allowing you to access and use the Apps by providing Personal Data. Depending on your use of the Services, that may include:
Information you provide by completing forms on MI Apps or Site — your name, email, age, gender, login, and password details. We may ask for this information if you register as a user of the Services, subscribe to our newsletters, or if you contact us;
Information about your activity on and interaction with MI Apps or Site (such as your IP address, the type of device or browser you use, and your actions on the Apps);
Information about the ways people visit and interact with our Apps or Site, in the form of traffic analytics. Communications you send to us (for example, when you ask for support, send us questions or comments, or report a problem);
Information that you submit on or to MI in the form of comments, contributions to discussions, or messages to other users; and
The email address associated with your Google account, if you choose to sign up using your Google credentials. MI will also request permission to access your name, profile picture, and friend list (these permissions are governed by Google’s privacy policies and can be managed through your Google privacy settings). We never post anything to your Facebook, Twitter, or other third-party accounts without your permission.
How We Use Your Data
The Anonymous Data you provide allows us to perform analysis and generate the appropriate statistics relevant to you. We use the Anonymous Data to better understand our users as well as to improve the content and functionality of the Apps. For example, collecting the waveforms related to the heart signal allows us to perform research and development, improve the Apps, and develop new features or services. If we do collect information regarding your GPS location with your permission, we will not share such information without your express consent.
We may conduct research on our end user's demographics, interests, and behaviour based on the Anonymous Data. This research may be compiled and analysed on an aggregated basis. MI may share with its affiliates, agents, and business partners this “aggregated” data compiled from the information that it collects from users. These aggregate data do not identify you personally. We may also disclose aggregated data in order to describe our services to current and prospective business partners, and to other third parties for other lawful purposes.
If you contact us by email, we may use the email address you provide to answer your question or resolve your problem. MI also may use that email address to tell you about new features, solicit your feedback, or just keep you up-to-date with MI and our products. You can always opt out of email marketing by clicking on the “Unsubscribe” link appended to the end of a promotional email from us.
MI deems Personal Data confidential and does not disclose such information without the express informed consent of the user. User consent shall be secured through an express action by the user such as clicking a check-box, providing an electronic signature, or another substantially similar method, after clear and conspicuous disclosure immediately above such check-box or electronic signature indicating that the user is agreeing to the disclosure of his or her information by MI. A pre-checked box will not be considered evidence of consent. MI will not release Personal Data to any person or organisation not specifically authorised by the individual user, unless such disclosure is required pursuant to a lawful request from a federal, state, local, or foreign law and civil enforcement agencies. If MI discloses Personal Data pursuant to such a request, it shall notify users. We will not rent or sell Personal Data to anyone.
European Union Users
AmDTx is compliant under the EU General Data Protection Regulation (EU GDPR).
Data protection law in Europe requires a “lawful basis” for collecting and retaining personal information from citizens or residents of the European Economic Area. Our lawful bases include:
Performing the contract we have with you: In certain circumstances, we need your personal data to comply with our contractual obligation to deliver the Services.
Legitimate interests: This is a technical term in data protection law which essentially means we have a good and fair reason to use your data and we do so in ways which do not hurt your interests and rights. We sometimes require your data to pursue our legitimate interests in a way that might reasonably be expected as part of running our business and that does not materially impact your rights, freedom or interests.
For example, we use identity information to prevent fraud and abuse and to keep the Services secure. We may also send you promotional communications about our Services, subject to your right to control whether we do so.
We analyse how users interact with our app so we can understand better what elements of the design are working well and which are not working so well. This allows us to improve and develop the quality of the mobile experience we offer all our users.
For UK residents seeking independent advice about data protection, privacy, data sharing issues and your rights, you can contact:Information Commissioner’s OfficeWycliffe House, Water Lane Wilmslow Cheshire, SK9 5AFTelephone: 0303 123 1113 (local rate) or 01625 545 745Email: firstname.lastname@example.org
Security Policy/Procedures and Standard of Care
The security of your personal data is of paramount importance to us. We take all measures reasonably necessary to protect against the unauthorised access, use, alteration or destruction of Personal and Anonymous data.
While all data is encrypted in transit and in storage, no method of transmission over the Internet or electronic storage is completely secure, so MI cannot guarantee its absolute security. By using the Site or the Apps, you accept this risk.
Your account information is protected by a password, which you should choose carefully and keep secure.
All Personal and Anonymous data is stored on encrypted servers hosted by Amazon Web Services (AWS).
Personal information is collected inside of the Am app through forms and drop-down menus where individuals actively consent to share their personal information. The information is immediately de-identified and securely stored until the user account with which it is associated is deleted. Accounts can be deleted upon written request to email@example.com. Accounts are also deleted after 2 years of inactivity. Data associated with deleted all user accounts are anonymised and retained for an indefinite amount of time for research and development purposes. Anonymisation is the process of removing personal identifiers, both direct and indirect, that may lead to an individual being identified.
If you contact us via email, your email will be retained for communication purposes for a reasonable time thereafter.
All data is encrypted in storage.
All data is encrypted in transit.
Upon discovery of a data breach, notice shall be made to all affected users of MI products no later than 72 hours after the discovery of the breach. Incidents will also be reported to relevant stakeholders and to the relevant authorities.
Users residing in certain countries, including the EU, are afforded certain rights regarding their personal information. Except where an exception or exemption applies, these rights include the ability to access, correct, and request deletion of your personal information. While these rights are not applicable globally, all MI users can manage their personal information.
Opting out: To opt out of any data processing activity conducted by MI or any third-party service providers employed by MI, email us with your request at the email address listed in the Contact Us section of this policy. You may opt out of all data processing activities with the exception of data processing that supports account creation and logging into your user account, in the event that you have created a user account for an MI product or service.
Data minimisation: At all times, MI collects, processes and stores only the minimum amount of personal data needed to deliver specific, individual features of its products and services, as described in this Policy.
Right to restrict: You may restrict the processing of your personal data by emailing us at the address listed in the Contact Us section of this policy with an explanation for the particular reason(s) for wanting the restriction.
Right to object: You may object to the processing of all or part of your personal data, or for a specific purpose of data processing, at any time.
Withdrawal of consent: You may at any time withdraw consent for the use of their personal data by MI.
Automated processing: You have the right to request that your data is not subject to a decision based solely on automated processing, including profiling, which produces legal or any other significant effects concerning you. To opt out of any automated processing activity conducted by MI or any third-party service providers employed by MI, email us with your request at the email address listed in the Contact Us section of this policy.
To enforce your data rights, modify or delete the personal information you’ve provided to us, please contact us as described below (see "Contact Us"). We may retain certain information as required by law or as necessary for our legitimate business purposes.
MI strives to respond to all requests to exercise user rights as quickly as possible, and no longer that within 2 months of receiving the request.
We do not knowingly collect Personal Data from children under the age of 13, unless consent is given or authorised by the parent or legal guardian. If you are under 13, you should not provide any data to us without the permission of your parent or legal guardian. If you have reason to believe that a child under the age of 13 has provided Personal Data to us without the consent of the parental or legal guardian, please contact us (firstname.lastname@example.org), and we will endeavour to delete that information from our databases.
Google Analytics cookies. Google Analytics uses first-party cookies to track visitor interactions and collect information about how visitors use the Site. Google Analytics collects information anonymously. It reports website trends without identifying individual visitors. We then use the information to compile reports and to help us improve our site. You can opt out of Google Analytics – for more information on opting out of being tracked by Google Analytics across all websites you use, visit this Google page.
To modify or delete the personal information you’ve provided to us in one of our Apps, please write to us using the contact form available inside of the App in which you have registered an account.
Data Protection Officer
MI has a Data Protection Officer who ensures the laws protecting personal data are applied and adhered to. MI's DPO is:
Avetis MuradyanEmail: email@example.com
Complaints or Questions
We try to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We encourage people to bring concerns to our attention if they think that our collection or use of information is unfair, misleading or inappropriate.
Please contact us at firstname.lastname@example.org.
If you would like to to permanently terminate your account and delete your personal data, please contact us at email@example.com, and we will process it within 7 business days.
Effective and accessible healthcare for every human.