At ekin Nutrition, we believe that transparency is the key to any healthy relationship. We appreciate that you trust us with information that is important to you, and we want to be transparent about how we use it.
Here we describe the privacy practices for our application(s), macro exchange tracker app, coaching platform, software, websites, APIs, products, and services (the “Services”). You will learn about the data we collect, how we use it, the controls we give you over your information, and the measures we take to keep it safe.
These “Privacy Highlights” provide an overview of some core components of our data handling practices.
Information We Collect
We generally collect the following information:
- Information you share directly with us or authorize when you use our services. We collect and process your information in many ways starting when you place an order or create an account on our Services, such as your login and password, name, email address, date of birth, gender, height, weight and mobile telephone number and other related identifiable information. When you access or use our Services, we receive certain usage data that you share. This includes information about your interaction with the Services such as your food logs, sleep habits, water and fluid consumption, or other personal health information. You may also choose to provide other types of information, such as a profile photo, biography, geographic details or community username. You may choose to communicate on the platform with coaches and/or other members. You may choose to connect or enable any number of biofeedback devices including body composition analyzers or health device monitors or trackers, complete research surveys, share demographic psychographic or activity interests or data or post on our Forums or use other messaging features. If you contact us or participate in a survey, contest, or promotion, we collect the information you submit such as your name, contact information, message and other identifiable information. We also collect data about the devices and computers you use to access the Services, including IP addresses, browser type, language, operating system, mobile device information (including device and application identifiers), the referring web page, pages visited, location (depending on the permissions you have granted us), and cookie information. This information can generally be categorized as Registration Information, Self-Reported Information, and/or User Content as defined in our full Privacy Statement.
- Information from the Coaching services. Our platform enables one to one coaching services. You will receive automated coaching from the platform and the platform will enable for you to communicate with a live health, fitness, or wellness coach (“Coaching Services”). Your Coach will typically be someone with which you have contracted for his or her services. However, Coaches may be provided by third parties, such as your employer or insurance company, or by our third-party coaching service providers. If you use the Coaching Services, we collect information about such use, including the plan, goals, and actions you record with your coach, food entries and results, your calendar events, communications with your coach, notes your coach records about you, and other information submitted by you or your coach. This information also can generally be categorized as Registration Information, Self-Reported Information, and/or User Content as defined in our full Privacy Statement.
- Your Payment and card information. If you sign up for services through our platform, you provide your payment information, including your name, credit or debit card number, card expiration date, CVV code, and billing address. We do not store the credit card payment information, but do store and retain the other related details. Note that third-party payment processors may retain this information in accordance with their own privacy policies and terms.
- Information we receive from third parties. Your account will be connected to a Medical grade bio-electrical impedance body composition analysis device that will provide your body specific data to the platform. In addition, if you choose to connect your account on our Services to your account on another service, we may receive information from the other service. For example, if you connect to Facebook or Google, we may receive information like your name, profile picture, age range, language, email address, and friend list. You may also choose to grant us access to your exercise or activity data from another service or device like a movement tracking or body monitoring device. You can stop sharing the information from the other service with us by removing our access to that other service. We may partner with third parties, such as employers and insurance companies that offer our Services to their employees and customers. In such cases, those companies may provide us with your name, email address, or similar information (like a telephone number or subscriber ID) so that we can invite you to participate or determine your eligibility for particular benefits, such as discounts or free services.
- Information we receive through tracking technologies. We collect Web-Behavior Information via cookies and other similar tracking technologies when you use and access our Services (our website, mobile apps, products, software and other services or websites).
- Other information we collect. To the extent that information we collect is health data or another special category of personal data subject to the European Union’s General Data Protection Regulation (“GDPR”), we ask for your explicit consent to process the data. We obtain this consent separately when you take actions leading to our obtaining the data, for example, when you sign up for our Service, grant us access to your exercise or activity data from another service. You can use your account settings and tools to withdraw your consent at any time, including by stopping the use of the Service, removing our access to a third-party service, or deleting your non de-identified data or your account.
How We Use Information
We generally process Personal Information for the following reasons:
- To provide, maintain or improve our Services. Using the information we collect, we are able to deliver the Services to you and honor our Terms of Service contract with you. This includes processing payments, shipping to customers, creating customer accounts and authenticating logins, and delivering results and powering tools like meal planning, nutrition analysis and coaching through the platform. We use your information to connect you and your coach, allowing you to communicate with them through our Services, and help you achieve your goals to lead a healthier life.
- To analyze, improve personalize and develop our Services. We also use the information we collect to improve and personalize the Services and to develop new ones. For example, we are constantly working to improve our ability to grade and evaluate your nutrition and maximize the granularity of our results. We may also need to fix bugs or issues, analyze the use of our website to improve the customer experience or assess our marketing campaigns. We use the information to troubleshoot and protect against errors; perform data analysis and testing; conduct research and surveys. We also use your information to make inferences and show you more relevant content. We may personalize advice based upon your goals, results, performance or interests.
- To communicate with you. We use your information when needed to send you Service notifications and respond to you when you contact us. We also use your information to promote new features or products that we think you would be interested in. You can control marketing communications and most Service notifications by using your notification preferences in account settings or via the “Unsubscribe” link in an email.
- For external processing. We transfer information to our service providers, and other partners who process it for us, based on our instructions, and in compliance with this policy and any other appropriate confidentiality and security measures. These partners provide us with services including for customer support, information technology, payments, sales, marketing, data analysis, research, and surveys.
- For promotion of safety and security. We use the information we collect to promote the safety and security of the Services, our users, and other parties. For example, we may use the information to authenticate users, facilitate secure payments, protect against fraud and abuse, conduct audits, and enforce our terms and policies. We may preserve or disclose information about you to comply with a law, regulation, legal process, or governmental request; to assert legal rights or defend against legal claims; or to prevent, detect, or investigate illegal activity, violations of our terms, or threats to the security of the Services or the physical safety of any person.
- For Nutrition Research. We constantly work to improve and incorporate the latest nutrition research and knowledge available. Researchers and partners can utilize and include your de-identified Information and Self-Reported Information in a pool of customer data for analyses aimed at making scientific discoveries aimed at improving the Services or the population in general.
- You have the choice to participate in non de-identified Nutrition Research by providing your consent. “non de-identified Nutrition Research” refers to research aimed at publication in peer-reviewed journals and other research funded by the federal government (such as the National Institutes of Health – NIH) conducted by us.
- We may be sponsored by, conducted on behalf of, or in collaboration with third parties, such as non-profit foundations, academic institutions or pharmaceutical companies. We may study a specific group or population, identify potential areas or targets for therapeutics development, conduct or support the development of drugs, diagnostics or devices to diagnose, predict or treat medical or other health conditions, work with public, private and/or non-profit entities on research initiatives, or otherwise create, commercialize, and apply this new knowledge to improve health care. Our Research uses Aggregate and/or Individual-level Information and Self-Reported Information as specified in the appropriate Consent Document(s).
- Your Non De-identified and Self-Reported Information may be used for our Nutrition Research only if you have consented to this use by completing a Consent Document.
- To Enable Referral information and sharing. When you refer a person to us or choose to share your results with another person, we will ask for that person’s email address. We will use their email address solely, as applicable, to make a referral or to communicate your sharing request to them, and we will let your contact know that you requested the communication. By participating in a referral program or by choosing to share information with another person, you confirm that the person has given you consent for us to communicate (e.g., via email) with him or her. The person you referred may contact us at email@example.com to request that we remove this information from our database. For more information on our referral program, see our terms and conditions.
- To Conduct Surveys Or Polls, And Obtain Testimonials
- We value your feedback and may send you surveys, polls, or requests for testimonials to improve and optimize our Services. You are in control of the information you would like to share with us. If you do not wish to receive these requests, you can manage them in your Account Settings.
- For individuals located in the Designated Countries: Our legal basis for processing your Personal Information for the purpose described above is based on our legitimate interest. We think it is important to continue improving our Services to ensure your continued enjoyment.
- For GDPR uses. For personal data subject to the GDPR, we rely on several legal bases to process the data. These include when you have given your consent, which you may withdraw at any time using your account settings and other tools; when the processing is necessary to perform a contract with you, like the Terms of Service; and our legitimate business interests, such as in improving, personalizing, and developing the Services, marketing new features or products that may be of interest, and promoting safety and security as described above.
Control: Your Choices, Rights To Access Your Personal Data
We give you account settings and tools to access and control your personal data, as described below, regardless of where you live. If you live in the European Economic Area, United Kingdom, and Switzerland (the “Designated Countries”), you have a number of legal rights with respect to your information, which your account settings and tools allow you to exercise, as outlined below. In addition, we give you the ability to share information in a variety of ways you choose.
- Accessing and Exporting Data. By logging into your account, you can access much of your personal information, including your dashboard with your statistics. Using your account settings, you can also download information in a commonly used file format.
- With whom you share your information. You may choose when and with whom you share your information or you may direct us to disclose your information to others, including friends, family members, health care professionals, or other individuals outside our Services, including through third party services that accept our data and social networks. If you choose to participate in a challenge or contest, information like your profile photo, posted messages, personal statistics, and achievements, is not governed by your privacy preferences and will be visible to all other participants.
- Editing and Deleting Data. Your account settings let you change and delete your personal non-de identified information. For instance, you can edit or delete the profile data you provide and delete your account if you wish. If you choose to delete your account, it may take up to 90 days to delete data stored in our backup systems. This is due to the size and complexity of the systems we use to store data. We may also preserve data for legal reasons or to prevent harm, including as described in the How We Use Information section.
- Objecting to Data Use. We give you account settings and tools to control our data use. For example, through your privacy settings, you can limit how your information is visible to other users of the Services; using your notification settings, you can limit the notifications you receive from us; and under your application settings, you can revoke the access of third-party applications that you previously connected to your account. If you live in a Designated Country, in certain circumstances, you can object to our processing of your information based on our legitimate interests, including as described in the How We Use Information section. You have a general right to object to the use of your information for direct marketing purposes. Please see your notification settings to control our marketing communications to you about other products. In addition to the various controls that we offer, if you reside in a Designated Country, you can seek to restrict our processing of your data in certain circumstances. Please note that you can always delete your account at any time. If you need further assistance regarding your rights, please contact us at firstname.lastname@example.org, and we will consider your request in accordance with applicable laws. If you reside in a Designated Country, you also have a right to lodge a complaint with your local data protection authority.
We keep your account Registration Information, such as your name, email address, and password, for as long as your account is in existence because we need it to operate your account. We keep other information, like your nutrition data, until you use your account settings or tools to delete your account because we use this data to provide you with your personal statistics and other aspects of the Services. We keep other information, like de-identified data indefinitely. We also keep information about you and your use of the Services for as long as necessary for our legitimate business interests, for legal reasons, and to prevent harm, including as described in the How We Use Information and How Information Is Shared sections.
Analytics And Advertising Services Provided By Others
- Google Analytics. Google Analytics is used to perform many of the tasks listed above. We use the User-ID feature of Google Analytics to combine behavioral information across devices and sessions (including authenticated and unauthenticated sessions). We have enabled the following Google Analytics Advertising features: Remarketing, Google Display Network Impression Reporting, Google Analytics Demographics and Interest Reporting, and DoubleClick Campaign Manager integration. We do not merge information collected through any Google advertising product with individual-level information collected elsewhere by our Service. Learn more about how Google collects and uses data here. To opt out of Google Analytics Advertising Features please use Google Ad Settings. To opt out of Google Analytics entirely please use this link.
Our Policies For Children
How We Secure Information
We implement measures and systems to ensure confidentiality, integrity, and availability of our data. We work hard to keep your data safe. We use a combination of technical, administrative, and physical controls to maintain the security of your data. No method of transmitting or storing data is completely secure, however. If you have a security-related concern, please contact Customer Support.
- De-identification/Pseudonymization, encryption, and data segmentation. Registration Information is stripped from Sensitive Information. This data is then assigned a random ID so the person who provided the data cannot reasonably be identified. We use industry standard security measures to encrypt sensitive personal data both when it is stored (data-at-rest) and when it is being transmitted (data-in-flight). Additionally, data are segmented across logical database systems to further prevent re-identifiability.
- Limiting access to essential personnel. We limit access of information to authorized personnel, based on job function and role. Our access controls include multi-factor authentication, single sign-on, and a strict least-privileged authorization policy.
- Detecting threats and managing vulnerabilities. We use state of the art intrusion detection and prevention measures to stop any potential attacks against its networks. We have integrated continuous vulnerability scanning in our build pipeline and regularly engage third-party security experts to conduct penetration tests.
Risks and Considerations
There may be some consequences of using the Services that you haven’t considered.
- While highly unlikely, you may discover things about yourself that may be upsetting or cause anxiety and that you may not have the ability to control or change.
- In the event of a data breach it is possible that your data could be associated with your identity, which could be used against your interests.
In the event that we go through a business transition such as a merger, acquisition by another company, or sale of all or a portion of the assets, your Personal Information will likely be among the assets transferred. In such a case, your information would remain subject to the promises made in any pre-existing Privacy Statement.
Key Definitions. These definitions add to the descriptions above.
- Aggregate Information: information that has been combined with that of other users and analyzed or evaluated as a whole, such that no specific individual may be reasonably identified.
- De-identified Information: information that has been stripped of your Registration Information (e.g., your name and contact information) and other identifying data such that you cannot reasonably be identified as an individual, also known as pseudonymized information.
- Individual-level Information: information about a single individual’s Nutrition, Body Composition Analysis or other traits/characteristics, but which is not necessarily tied to Registration Information.
- Personal Information: information that can be used to identify you, either alone or in combination with other information. We collect and store Personal Information:
- Registration Information: includes information you provide about yourself when registering for and/or purchasing our Services (e.g. name, email, address, user ID and password, and payment information).
- Blood Work Information: information regarding your blood work, generated through processing of your blood by us or by its contractors, successors, or assignees; or otherwise processed by and/or contributed to us.
- Self-Reported Information: includes information you provide directly to us, including your disease conditions, other health-related information, personal traits, ethnicity, family history, and other information that you enter into surveys, forms, or features while signed in to your account.
- Sensitive Information: includes information about your health, nutrition, and certain Self-Reported Information such as racial and ethnic origin, sexual orientation, and political affiliation.
- User Content: includes all information, data, text, software, music, audio, photographs, graphics, video, messages, or other materials – other than Blood Testing, Body Composition or Nutrition Information and Self-Reported Information-generated by users of our Services and transmitted, whether publicly or privately, to or through us.
- Web-Behavior Information: includes information on how you use our Services collected through log files, cookies, web beacons, and similar technologies, (e.g., browser type, domains, page views).
10. Changes to this Privacy Statement
Whenever this Privacy Statement is changed in a material way, a notice will be posted as part of this Privacy Statement and on our website for 30 days. After 30 days the changes will become effective should you wish to continue to use the Services. We may provide additional “just-in-time” disclosures or additional information about the data collection, use and sharing practices of specific Services. Such notices may supplement or clarify our privacy practices or may provide you with additional choices about how we process your Personal Information.
11. Contact Information
If you have questions about this Privacy Statement, or wish to submit a complaint, please email our Privacy Administrator at email@example.com, or send a letter to:
ekin Nutrition LLC
4800 S. Louise Ave, #308
Sioux Falls, SD 57106
*This Privacy Statement was last updated on August 27, 2019.