Last Updated on November 14, 2023
Wellness Tech (“us”, “we”, or “our”) operates https://handm.app and Wellness Tech mobile application (jointly referred to as the “Service”).
Our Privacy Policy governs your visit to https://handm.app and Wellness Tech mobile application and describes how we collect, safeguard, and disclose information that results from your use of our Service.
We use your data to provide and improve the Service. By using the Service, you agree to the collection and use of information in accordance with this Policy. Unless otherwise defined in this Privacy Policy, the terms used in this Privacy Policy have the same meanings as in our User Terms and Conditions.
Our Terms of Service (the “Terms”) govern all use of our Service and together with the Privacy Policy and any other documents as the case may be constitutes your agreement with us (the “Agreement”).
Service: the https://handm.app website and Wellness Tech mobile application operated by Wellness Tech.
Personal Data: data about an individual who can be identified from those data (or from those and other information either in our possession or likely to come into our possession).
Usage Data: data collected automatically either generated by the use of Service or from Service infrastructure itself (for example, the duration of a page visit).
Cookies: a piece of data from a website that is stored within a web browser that the website can retrieve at a later time.
Data Controller: means a physical or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed. For the purpose of this Privacy Policy, we are a Data Controller of your data.
Data Processor (or Service Providers): means any natural or legal person who processes the data on behalf of the Data Controller. We may use the services of various Service Providers in order to process your data more effectively.
Data Subject: any individual who is the subject of Personal Data.
User: an individual using our Service. A User corresponds to a Data Subject, who is the subject of Personal Data.
We collect several different types of information for various purposes to provide and improve our Service to you.
While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you (“Personal Data”). Personally identifiable information may include, but is not limited to:
We may use your Personal Data to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt out of receiving any, or all, of these communications from us by emailing at care@handm.app.
We may also collect information that your browser sends whenever you visit our Service or when you access the Service by or through a mobile device (“Usage Data”).
This Usage Data may include information such as your computer's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
When you access the Service with a mobile device, this Usage Data may include information such as the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data.
We use cookies and similar tracking technologies to track the activity on our Service and we hold certain information.
Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Other tracking technologies are also used such as beacons, tags and scripts to collect and track information and to improve and analyze our Service.
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.
Examples of Cookies we use:We will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations and/or applicable laws, resolve disputes, and enforce our legal agreements and policies.
We will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer time periods.
Your information, including Personal Data, may be transferred to and maintained on computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.
If you are located outside United States and choose to provide information to us, please note that we transfer the data, including Personal Data, to United States and process it there.
Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.
Wellness Tech will take all the steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.
The security of your data is important to us but remember that no method of transmission over the Internet or method of electronic storage is absolutely, one hundred percent secure. While we endeavor to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law’s reach stretches well beyond California to require a person or company in the United States (and conceivable the world) that operates websites collecting personally identifiable information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals with whom it is being shared, and to comply with this policy. See more at: https://consumercal.org/about-cfc/cfc-education-foundation/california-online-privacy-protection-act-caloppa-3/
We honor Do Not Track signals and do not track, plant cookies, or use advertising when a Do Not Track browser mechanism is in place. Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked.
You can enable or disable Do Not Track by visiting the Preferences or Settings page of your web browser.
GDPR is the European Union regulation on the protection of natural persons with regard to the processing of personal data and on the free movement of such data. See more at: https://eur-lex.europa.eu/eli/reg/2016/679/oj.
If you are a resident of the European Economic Area (EEA), you have certain data protection rights. Wellness Tech aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data.
If and when Wellness Tech receives your personal information directly from you via the Services, it performs the functions of a Data Controller, as defined by the GDPR, and has the ability to determine how personal data is collected, for what purposes, and how this data is to be processed. As the data controller, Wellness Tech has implemented many technical and operational measures to ensure the most complete protection of personal data processed through the Services.
Wellness Tech processes your information in accordance with this Privacy Policy and uses industry standard safeguards to secure it.
If you are a EU Person, consents concerning your personal information are handled in compliance with the GDPR. If and when consent requirements under this Privacy Policy conflict with the GDPR, the GDPR will prevail in case you are a EU Person.
Article 6(1)(a) of the GDPR serves as the legal basis for processing operations for which Wellness Tech obtains consent for a particular purpose. If the processing of personal data is necessary for the performance of a contract to which you are a party, as is the case, for example, when processing operations are necessary to provide a service, the processing is based on Art. 6(1)(b). The same applies to such processing operations which are necessary for carrying out pre-contractual measures, for example in the case of inquiries concerning Wellness Tech Services. If Wellness Tech is subject to a legal obligation by which processing of personal data is required, such as for the fulfillment of tax obligations, the processing is based on Art. 6(1)(c). If the processing of personal data may be necessary to protect your vital interests or that of another EU Person, then the processing is based on Art. 6(1)(d). Finally, processing operations could be based on Article 6(1)(f) if processing is necessary for the purposes of the legitimate interests pursued by Wellness Tech or by a third party, except where such interests are overridden by your fundamental rights and freedoms under the GDPR.
(a) Right of Confirmation
You may obtain confirmation of whether or not your personal data is being processed. If you wish to exercise
your
right of confirmation, you may contact Wellness Tech using the contact information as provided below.
(b) Right of Access
You may obtain information about your stored personal data at any time and a copy of this information. If you
wish
to exercise your right of access, you may contact Wellness Tech using the contact information as provided
below.
(c) Right to Rectification
You may request the rectification of any inaccurate personal data. Taking into account the purposes of the
processing, you have the right to have inaccurate or incomplete personal data completed or deleted, by means of
first appropriately identifying yourself and then providing a supplementary statement. If you wish to exercise
your right of rectification please contact Wellness Tech using the contact information as provided below.
(d) Right to Erasure (Right to be Forgotten)
You may request the erasure of your personal information by contacting Wellness Tech using the contact
information
as provided below. Furthermore, you may delete your User Account information by accessing your User Account
settings page on the website. Please note that while any changes you make will be reflected in active user
databases within a reasonable time, Wellness Tech may retain all information you submit for the prevention of
fraud and abuse, analytics, satisfaction of legal obligations, or where Wellness Tech otherwise reasonably
believes that it has a legitimate reason to do so, such as for archiving purposes within the public interest.
(e) Right to Restriction of Processing
As an EU Person, you have the right to restrict processing where one of the following
applies:
(i) The accuracy of the personal data is contested by the data subject, for a period enabling
the controller to
verify the accuracy of the personal data;
(ii) The processing is unlawful and the data subject opposes the erasure of the personal data
and requests instead
the restriction of the controllers use of such data;
(iii) The controller no longer needs the personal data for the purposes of processing, but they
are required by
the data subject for the establishment, exercise, or defense of legal claims;
(iv) The data subject has objected to processing pending the verification whether the
legitimate grounds of the
controller override those of the data subject.
(f) Right to Data Portability
You may request to receive your personal data in a structured, commonly used and machine-readable format. You
have
the right to transmit this data to another controller without interference.
Furthermore, you may have the personal data transmitted directly from one controller to another, where technically feasible and where such transmission does not adversely affect the rights and freedoms of others.
(g) Right to Object to Automated Decision Making You may object to decisions based solely on automated processing, including profiling, which produces legal effects or similarly significantly affects you, as long as the decision is not (i) necessary for entering into, or the performance of, a contract between you and Wellness Tech; (ii) authorized by European Union or Member State law to which you are subject; or (iii) based on the data subject’s explicit consent.
(h) Right to Object to Processing
You may object to the processing of your personal data using the contact information as provided below, unless
there are legitimate grounds for the processing within the public interest, or for the establishment, exercise,
or defense of legal claims.
If Wellness Tech processes personal data for direct marketing purposes, you shall have the right to object at
any
time to the processing of your personal data for such purposes. This right also applies to profiling to the
extent
that the processing is related to such direct marketing purposes. If you object to Wellness Tech processing your
personal data for direct marketing purposes, then Wellness Tech will no longer process the personal data for
such
purposes.
Wellness Tech only retains personally identifiable information about you for as long as your User Account remains active and for as long as it needs to provide you with the Services or otherwise fulfill the purposes for which Wellness Tech had initially 7 collected such information, unless otherwise required by law. Wellness Tech will retain and use information as necessary to comply with its legal obligations, for archival purposes, to assist in the resolve of disputes, and to enforce its agreements.
If and when sharing of information involves cross-border data transfers, for instance to the United States of America and other jurisdictions, Wellness Tech uses EU Standard Contract Clauses or other suitable contracts and safeguards to permit data transfers from the EU to other countries. The Standard Contractual Clauses commit companies transferring and receiving your personal information to protecting the privacy and security of your data. Copies of Wellness Tech’s current Standard Contractual Clauses are available on request using the contact details listed below.
We may employ third party companies and individuals to facilitate our Service (“Service Providers”), provide the Service on our behalf, perform Service-related services or assist us in analyzing how our Service is used.
These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
We may use third-party Service Providers to monitor and analyze the use of our Service.
Google Analytics
Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google
uses the data collected to track and monitor the use of our Service.
This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network.
For more information on the privacy practices of Google, please visit the Google Privacy Terms web page: https://policies.google.com/privacy?hl=en-US We also encourage you to review Google's policy for safeguarding your data: https://support.google.com/analytics/answer/6004245.
MixPanel
Mixpanel is a business analytics service. The MixPanel platform is used to analyze data and improve user
experiences.
For more information on the privacy practices of Mixpanel, please visit the Mixpanel Privacy Terms web page: https://mixpanel.com/legal/privacy-policy/
Sentry
The Sentry software monitors performance and errors. A Sentry product is used to notify, analyze, and resolve
product issues that may hinder user satisfaction. It does not issue any personal data.
For more information on the privacy practices of Sentry, please visit the Sentry Privacy Terms web page: https://sentry.io/privacy/.
Mailgun
Mailgun is an email delivery service for sending, receiving, and tracking emails.
https://www.mailgun.com/legal/privacy-policy/.
Amazon Web Services (AWS)
AWS is a cloud computing service used for app development and for executing code on the backend.
For more information on the privacy practices of AWS, please visit the AWS Privacy Terms web page: https://aws.amazon.com/privacy/.
A third-party authentication app
We use Facebook, Google and Apple third-party authentication app to generate login codes that help users confirm
themselves when they log in from a new device for the first time.
For more information on the privacy practices of Facebook, please visit the Facebook Privacy Terms web page: https://www.facebook.com/privacy/policy/.
For more information on the privacy practices of Apple, please visit the Apple Privacy Terms web page: https://www.apple.com/legal/privacy/.
Google OAuth (Google LLC)
Google OAuth is a registration and authentication service provided by Google LLC and is connected to the Google
network. For more information on the privacy practices of Google, please visit the Google Privacy Terms web
page:
https://policies.google.com/privacy?hl=en-US.
We use information collected from Google OAuth service in order to authenticate users in our Service and for other needs described in the “Data usage” part of this Privacy Policy. Place of processing: United States – Privacy Policy.
We may provide paid products and/or services within Service. In that case, we use third-party services for payment processing (e.g. payment processors).
We will not store or collect your payment card details. That information is provided directly to our third-party payment processors whose use of your personal information is governed by their Privacy Policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information.
The payment processors we work with are:
Stripe:
Their Privacy Policy can be viewed at https://stripe.com/privacy.
Our Service may contain links to other sites that are not operated by us. If you click a third party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit.
We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.
OUR SERVICES ARE NOT INTENDED FOR USE BY CHILDREN UNDER THE AGE OF 13 (“Children”).
We do not knowingly collect personally identifiable information from Children under 13. If you become aware that a Child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from Children without verification of parental consent, we take steps to remove that information from our servers.
We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.
We will let you know via email and/or a prominent notice on our Service, prior to the change becoming effective and update “effective date” at the top of this Privacy Policy. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.
Wellness Tech takes and addresses its users’ privacy concerns with the utmost respect and attention. Wellness Tech will investigate and attempt to resolve all complaints regarding use and disclosure of your personal information by reference to the principles of this Privacy Policy. If you believe that there was an instance of non-compliance with this Privacy Policy with regard to your personal information (an inquiry) or you would like to make or follow-up on a complaint, please contact Wellness Tech at:
In your message, please describe in as much detail as possible the nature of your inquiry or the ways in which you believe that Wellness Tech Privacy Policy has not been complied with. Wellness Tech will investigate your inquiry or complaint promptly.
If you are a EU Person, you may lodge a free complaint with the DPA (data protection authorities) in the country where you live if you are unsatisfied with how your complaint is handled by Wellness Tech. If you are an EU resident, you can find your DPA by visiting the European Commission Website on Data Protection Authorities.
By using our website or other services provided by us, you acknowledge that you represent and warrant that you have read, understand, and agree to our Privacy Policy.