This Privacy Policy outlines our practices regarding the collection, use, and disclosure of your information when you use our Service. It also informs you about your privacy rights and how the law safeguards them.
We utilize your personal data to enhance and deliver the Service. By using the Service, you consent to the collection and use of information as described in this Privacy Policy.
Interpretation
Terms with initial capital letters are defined as per the following conditions. These definitions apply whether the terms appear in singular or plural form.
Definitions
For the purposes of this Privacy Policy:
Affiliate: An entity that controls, is controlled by, or is under common control with a party, where "control" refers to owning 50% or more of the shares, equity interest, or other voting securities.
Application: Refers to Health Pal, the software program provided by the Company.
Business (for CCPA/CPRA purposes): Refers to the Company as the legal entity that collects and determines the purposes and means of processing Consumers' personal information. This includes entities for which information is collected and that, either alone or in collaboration with others, decides on the purposes and methods of processing Consumers' personal information while conducting business in the State of California.
CCPA/CPRA: Refers to the California Consumer Privacy Act (the "CCPA") as amended by the California Privacy Rights Act of 2020 (the "CPRA").
Company: Refers to Illumeos Technology Limited, also referred to as "the Company," "We," "Us," or "Our" in this Privacy Policy. Under GDPR, the Company is the Data Controller.
Consumer: Under the CCPA/CPRA, a natural person who is a resident of California. A resident includes (1) individuals present in the USA for purposes other than temporary or transitory, and (2) individuals domiciled in the USA who are temporarily outside the USA.
Data Controller: In the context of the GDPR, the Company is the entity that determines the purposes and means of processing Personal Data.
Device: Any device capable of accessing the Service, such as a smartphone or tablet.
GDPR: Refers to the EU General Data Protection Regulation.
Service: Refers to the Application.
Service Provider: Any individual or entity that processes data on behalf of the Company. This includes third-party companies or individuals engaged to facilitate, provide, or analyze the Service. Under GDPR, Service Providers are considered Data Processors.
Usage Data: Refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (e.g., page visit duration).
You: Refers to the individual accessing or using the Service, or the company or legal entity on whose behalf the individual is using the Service. Under GDPR, you may also be referred to as the Data Subject or User.
Types of Data Collected
Personal Data When using our Service, we may request certain personally identifiable information to contact or identify you. This may include:
Email address
Usage Data
Usage Data Usage Data is collected automatically while using the Service. This data may include:
Your Device’s IP address, browser type and version, pages visited, visit time and date, time spent on pages, unique device identifiers, and other diagnostic data.
Information from mobile devices, such as device type, unique ID, IP address, operating system, and browser type.
Data sent by your browser or mobile device when accessing the Service.
Information Collected while Using the Application With your consent, we may collect:
Pictures and other media from your device’s camera and photo library.
This information is used to enhance and customize the Service and may be uploaded to our servers or stored on your device. You can enable or disable this access through your device settings at any time.
Use of Your Personal Data We use Personal Data for the following purposes:
To provide and maintain our Service, including monitoring usage.
To fulfill contractual obligations related to our Service.
To communicate with you via email or push notifications regarding updates, product information, or service security.
To manage and respond to your requests.
For business transfers such as mergers or asset sales, where your data may be part of the assets transferred.
For other purposes like data analysis, identifying usage trends, and improving our Service and products.
Sharing Your Personal Data We may share your personal data:
During business transfers like mergers or acquisitions.
To comply with legal obligations or protect our rights and the safety of users.
Retention of Your Personal Data We will retain your Personal Data only as long as necessary for the purposes outlined in this Privacy Policy, including compliance with legal obligations and resolving disputes. Usage Data may be kept for internal analysis and to improve our Service, usually for shorter periods unless required otherwise by law.
Transfer of Your Personal Data Your Personal Data may be processed and stored in locations outside your jurisdiction where data protection laws may differ. By using the Service, you consent to this transfer. We will ensure that adequate safeguards are in place to protect your data.
Delete Your Personal Data You have the right to request the deletion of your Personal Data. You can manage or delete information through the Service settings or contact us directly. Note that we may retain certain data as required by law or for legitimate business purposes.
Disclosure of Your Personal Data
Business Transactions If we are involved in a merger, acquisition, or asset sale, your Personal Data may be transferred. We will notify you before any such transfer occurs.
Law Enforcement We may disclose your Personal Data if required by law or in response to valid requests from public authorities.
Other Legal Requirements We may disclose your Personal Data to:
Comply with legal obligations
Protect the rights or property of the Company
Investigate or prevent wrongdoing related to the Service
Ensure the safety of Service users or the public
Guard against legal liability
Security of Your Personal Data We prioritize the security of your Personal Data but cannot guarantee absolute security. While we use reasonable measures to protect your data, no method of transmission or storage is 100% secure.
Third-Party Service Providers Our Service Providers may have access to your Personal Data. These third-party vendors collect, store, use, process, and transfer information about your activity on our Service according to their own Privacy Policies.
Analytics
We use third-party services to monitor and analyze the use of our Service:
Google Analytics Google Analytics is a web analytics service provided by Google that tracks and reports website traffic. Google uses this data to analyze and monitor Service usage and may share this information with other Google services. You can opt out of certain Google Analytics features through your device settings or by following the instructions provided by Google in their Privacy Policy: https://policies.google.com/privacy
For more information on Google's privacy practices, please visit: https://policies.google.com/privacy
Firebase Firebase is an analytics service provided by Google Inc. You can opt out of some Firebase features through your device settings or by following the instructions provided by Google in their Privacy Policy: https://policies.google.com/privacy
For information on how Google safeguards your data, visit: https://support.google.com/analytics/answer/6004245
To learn more about the type of information Firebase collects, see: https://policies.google.com/technologies/partner-sites
Advertising
We may employ Service Providers to display advertisements to you, helping support and maintain our Service.
Google AdSense & DoubleClick Cookie
Google, as a third-party vendor, uses cookies to serve ads on our Service. The DoubleClick cookie allows Google and its partners to deliver ads based on your visit to our Service or other websites on the Internet. You can opt out of the DoubleClick Cookie for interest-based advertising by visiting the http://www.google.com/ads/preferences/
AdMob by Google
AdMob is provided by Google Inc. You can opt-out of the AdMob service by following the instructions onhttps://support.google.com/ads/answer/2662922?hl=en. For more information on how Google uses collected information, please visit the https://policies.google.com/technologies/partner-sites page or view Google's https://policies.google.com/privacy.
AppLovin
AppLovin is provided by AppLovin Corporation. To opt-out of the AppLovin service, visit the https://www.applovin.com/optout. For more information, please visit AppLovin's https://www.applovin.com/privacy.
Payments
We may offer paid products and services within the Service, utilizing third-party payment processors to handle transactions. We do not store or collect your payment card details; this information is provided directly to our third-party payment processors, whose use of your personal information is governed by their Privacy Policy. These payment processors comply with PCI-DSS standards, managed by the PCI Security Standards Council, a collaborative effort among brands like Visa, Mastercard, American Express, and Discover. PCI-DSS requirements ensure the secure handling of payment information.
Apple Store In-App Payments
You can view their Privacy Policy at https://www.apple.com/legal/privacy/en-ww/.
Behavioral Remarketing
The Company employs remarketing services to advertise to you after you have accessed or visited our Service. We and our third-party vendors utilize cookies and non-cookie technologies to recognize your device and understand how you use our Service. This enables us to tailor our Service to your interests and deliver advertisements that are more relevant to you.
These third-party vendors collect, store, use, process, and transfer information about your activity on our Service in accordance with their Privacy Policies, allowing us to:
Measure and analyze traffic and browsing activity on our Service
Display advertisements for our products and/or services on third-party websites or apps
Measure and analyze the performance of our advertising campaigns
Some third-party vendors may use non-cookie technologies that may not be affected by browser settings that block cookies, and your browser may not allow you to block these technologies. You can use the following third-party tools to decline the collection and use of information for interest-based advertising:
The NAI's opt-out platform: http://www.networkadvertising.org/choices/
The EDAA's opt-out platform: http://www.youronlinechoices.com/
The DAA's opt-out platform: http://optout.aboutads.info/?c=2&lang=EN
You can opt-out of all personalized advertising by enabling privacy features on your mobile device, such as Limit Ad Tracking (iOS) and Opt Out of Ads Personalization (Android). Please refer to your mobile device's Help system for more information.
We may share information, such as hashed email addresses (if available) or other online identifiers collected on our Service, with these third-party vendors. This allows our third-party vendors to recognize and serve ads to you across devices and browsers. For more information about the technologies used by these third-party vendors and their cross-device capabilities, please refer to each vendor's Privacy Policy listed below.
The third-party vendors we use include:
Google Ads (AdWords)
Google Ads (AdWords) remarketing service is provided by Google Inc. You can opt-out of Google Analytics for Display Advertising and customize Google Display Network ads by visiting the http://www.google.com/settings/ads. Google also recommends installing the https://tools.google.com/dlpage/gaoptout for your web browser, which allows you to prevent your data from being collected and used by Google Analytics. For more information on Google's privacy practices, visit the https://policies.google.com/privacy.
The Facebook remarketing service is provided by Facebook Inc. For more information about interest-based advertising on Facebook, visit https://www.facebook.com/help/516147308587266. To opt-out of Facebook's interest-based ads, follow https://www.facebook.com/help/568137493302217.
Facebook complies with the Self-Regulatory Principles for Online Behavioural Advertising established by the Digital Advertising Alliance. You can also opt-out from Facebook and other participating companies through the Digital Advertising Alliance in the USA at http://www.aboutads.info/choices/, the Digital Advertising Alliance of Canada in Canada at http://youradchoices.ca/, or the European Interactive Digital Advertising Alliance in Europe at http://www.youronlinechoices.eu/, or use your mobile device settings to opt out.
For more details on Facebook's privacy practices, please visit Facebook's Data Policy: https://www.facebook.com/privacy/explanation.
Disclosure of Personal Information
In the past twelve (12) months, we may have used or disclosed, and may continue to use or disclose, the following categories of personal information for business or commercial purposes:
Category A: Identifiers
Category B: Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))
Category D: Commercial information
Category F: Internet or other similar network activity
Please note that these categories are as defined in the CCPA/CPRA. This does not imply that all examples within each category were disclosed; rather, it reflects our good faith belief that some information from each applicable category may have been disclosed.
When we disclose personal information for business or commercial purposes, we enter into a contract that specifies the purpose and requires the recipient to keep the information confidential and not use it for any purpose other than performing the contract.
Legal Basis for Processing Personal Data under GDPR
We may process your Personal Data based on the following legal grounds:
Consent: You have given us explicit consent to process your Personal Data for specific purposes.
Performance of a Contract: Processing is necessary to fulfill our contractual obligations to you or to take steps prior to entering into a contract with you.
Legal Obligations: Processing is required to comply with legal obligations that we are subject to.
Vital Interests: Processing is essential to protect your or another person's vital interests.
Public Interests: Processing is necessary for tasks carried out in the public interest or in the exercise of official authority vested in us.
Legitimate Interests: Processing is required for purposes of our legitimate interests, provided these interests are not overridden by your rights and freedoms.
If you have questions about the specific legal basis for processing your Personal Data or whether providing Personal Data is a statutory or contractual requirement, please contact us for clarification.
Your Rights under GDPR
We are committed to respecting your Personal Data and ensuring you can exercise your rights. If you are located in the EU, you have the following rights under the GDPR:
Right to Access: You can request access to your Personal Data and obtain a copy of the data we hold about you. You can access, update, or delete your Personal Data through your account settings or by contacting us directly.
Right to Rectification: You can request corrections to any inaccurate or incomplete Personal Data we hold about you.
Right to Object: You can object to the processing of your Personal Data if it is based on our legitimate interests, particularly if you have concerns about our processing activities.
Right to Erasure: You can request the deletion of your Personal Data when it is no longer necessary for the purposes for which it was collected.
Right to Data Portability: You can request that we transfer your Personal Data to you or another organization in a structured, commonly used, and machine-readable format. This applies to automated data which you provided consent for us to use or which is necessary for the performance of a contract.
Right to Withdraw Consent: You can withdraw your consent for processing your Personal Data at any time. Please note that this may affect your access to certain features of the Service.
Exercising Your GDPR Rights
To exercise your rights of access, rectification, cancellation, or opposition, please contact us. We may ask you to verify your identity before processing your request. We will make every effort to respond promptly. You also have the right to lodge a complaint with a Data Protection Authority regarding our handling of your Personal Data.
This section of the Privacy Policy applies to California residents and supplements the information provided elsewhere. It outlines your rights under the CCPA/CPRA.
Categories of Personal Information Collected
We may collect the following categories of personal information from California residents within the past twelve months:
Category A: Identifiers
Examples include real name, alias, postal address, unique personal identifier, online identifier, IP address, email address, account name, driver's license number, passport number, or similar identifiers.
Collected: Yes
Category B: Personal Information Categories Under California Customer Records Statute
Examples include name, signature, Social Security number, physical characteristics, address, phone number, passport number, driver's license number, insurance policy number, education, employment history, financial information, medical information, or health insurance information.
Collected: Yes
Category C: Protected Classification Characteristics
Examples include age, race, color, ancestry, national origin, citizenship, religion, marital status, medical condition, disability, sex, sexual orientation, veteran status, genetic information.
Collected: No
Category D: Biometric Information
Examples include fingerprints, faceprints, voiceprints, iris or retina scans, and other biometric data.
Collected: No
Category E: Internet or Network Activity
Examples include interaction with our Service.
Collected: Yes
Category F: Geolocation Data
Examples include approximate physical location.
Collected: No
Category G: Sensory Data
Examples include audio, visual, thermal, or similar information.
Collected: No
Category H: Professional or Employment-Related Information
Examples include job history or performance evaluations.
Collected: No
Category I: Non-Public Education Information
Examples include grades, transcripts, and student financial information.
Collected: No
Category J: Inferences
Examples include profiles reflecting preferences, characteristics, and behavior.
Collected: No
Category K: Sensitive Personal Information
Examples include account login details and geolocation data.
Collected: Yes
Exclusions Under CCPA/CPRA
Personal information does not include:
Publicly available information from government records
Deidentified or aggregated consumer information
Information excluded from CCPA/CPRA, such as:
Health or medical information under HIPAA or CMIA
Information covered by privacy laws like the FCRA, GLBA, FIPA, or the Driver's Privacy Protection Act
Sources of Personal Information
We collect personal information from:
Directly from You: Via forms or preferences you provide on our Service.
Indirectly from You: Through observing your activity on our Service.
Automatically from You: Using cookies set by us or our Service Providers.
Use of Personal Information
We may use or disclose personal information for "business purposes" as defined by the CCPA/CPRA, including:
Operating and providing our Service.
Responding to your inquiries and improving our Service.
Complying with legal requirements and responding to law enforcement.
Conducting internal administrative tasks and security measures.
Other one-time uses as described.
If you are a California resident, the CCPA/CPRA grants you specific rights regarding your personal information:
Right to Notice: You are entitled to be informed about the categories of personal data we collect and the purposes for which it is used.
Right to Know/Access: You can request details about our collection and use of your personal information. Once we verify your request, we will provide you with:
The categories of personal information we have collected about you.
The sources from which we collected this personal information.
The business or commercial purposes for collecting or selling your personal information.
The categories of third parties with whom we share your personal information.
The specific pieces of personal information we hold about you.
Right to Correct: You have the right to correct or update any inaccurate personal information we hold about you. After verifying your request, we will make reasonable efforts to correct the information and instruct our Service Providers to do the same, unless exceptions apply.
Right to Limit Use and Disclosure of Sensitive Personal Data: You can request restrictions on the use or disclosure of certain sensitive personal information we have collected about you, subject to certain exceptions. For more information or to make such a request, please refer to the "Limit the Use or Disclosure of My Sensitive Personal Information" section or contact us.
Right to Delete: You can request the deletion of your personal data under specific conditions. Once your request is confirmed, we will delete (and direct our Service Providers to delete) your personal information, subject to certain exceptions. We may deny your request if retaining the data is necessary for purposes such as:
Completing a transaction or providing a service you requested.
Addressing security incidents or fraud prevention.
Debugging and repairing product errors.
Exercising free speech or upholding another consumer's rights.
Complying with the California Electronic Communications Privacy Act.
Conducting public or peer-reviewed research where deletion might impair the research, provided you consented to this use.
Supporting internal uses aligned with your expectations based on our relationship.
Meeting legal obligations.
Performing other lawful uses that are consistent with the context in which you provided the information.
Right to Non-Discrimination: You have the right not to face discrimination for exercising your CCPA/CPRA rights. This means we cannot:
Deny you goods or services.
Charge you different prices or rates, including discounts or benefits.
Provide a different level or quality of goods or services.
Suggest you will receive different pricing or quality compared to others.
To exercise your rights under the CCPA/CPRA, please refer to the "Do Not Sell My Personal Information" and "Limit the Use or Disclosure of My Sensitive Personal Information" sections for information on opting out and limiting the use of sensitive information.
If you are a California resident and wish to exercise your rights, you can contact us through:
Email: feedback@illumeostech.com
Website: www.illumeostech.com
Only you or someone authorized by you, who is registered with the California Secretary of State, may submit a verifiable request regarding your personal information.
When submitting your request, please ensure that:
You provide sufficient information to verify your identity or confirm that you are an authorized representative.
Your request is detailed enough for us to understand, assess, and respond appropriately.
We cannot process your request if:
We cannot verify your identity or authority to make the request.
We cannot confirm that the personal information pertains to you.
We will provide the required information free of charge within 45 days of receiving your verifiable request. If necessary, we may extend this period by an additional 45 days, with prior notice.
Disclosures will cover only the 12-month period preceding the receipt of your verifiable request.
For data portability requests, we will provide your personal information in a format that is easy to use and allows for the transmission of the information to another entity without difficulty.
As a California resident, you have the right to restrict the use and disclosure of your sensitive personal information to only what is necessary to perform the services or provide the goods that an average consumer would reasonably expect.
We handle sensitive personal information only as required to deliver our services. For detailed information on how we use your personal data, please refer to the "Use of Your Personal Data" section or contact us directly.
Our Service may include links to websites not operated by us. If you follow a link to a third-party site, you will be directed to that site’s own privacy policy. We recommend that you review the privacy policies of any third-party sites you visit.
We are not responsible for the content, privacy practices, or policies of external sites or services.
We may revise our Privacy Policy occasionally. Any updates will be posted on this page, with the "Last updated" date updated accordingly. We will notify you of significant changes via email and/or through a prominent notice on our Service before the changes take effect.
Please review this Privacy Policy periodically to stay informed of any changes. Changes are effective as soon as they are posted on this page.
If you have any questions regarding this Privacy Policy, please reach out to us:
By Email: feedback@illumeostech.com
By Visiting Our Website: www.illumeostech.com