This Policy describes how Sonohaler ApS collects, protects and uses the personally identifiable information (“Personal Information”) that you provide and we collect when you use the Sonohaler mobile application (App) and any of our products or services (Services). When you use our Services, you accept that we may use your Personal Information as set out below, and we commit that we will comply with this Policy in doing so.
This Policy applies to all Personal Information held by Sonohaler in connection with use of our Services, whether about Users of our Services or other individuals. If you provide or enable us to collect information about another individual, you are responsible for ensuring that you have consent to do so. It also applies to the Personal Information of individuals who interact with Sonohaler otherwise than in relation to use of our Services (such as individual researchers, job applicants, consultants or health professionals), to the extent applicable to their situation.
It also describes the choices available to you regarding our use of your Personal Information and how you can access and update this information. This Policy does not apply to the practices of companies that we do not own or control, or to individuals that we do not employ or manage, except that we require that any third party we share Personal Information with provides equal protection as we do under this Policy.
Automatic collection of information
Our top priority is customer data security and, as such, we exercise the no logs policy. We process only minimal Personal Information, as necessary to maintain the App and provide the Services, including development of new Services, sending communications, and Sonohaler internal business purposes.
Collection of personal information
When you use our App or otherwise interact with us, you may be asked to provide certain Personal Information (for example, your name and e-mail address). We receive and store any information you provide to us when you create an account, fill any online forms in the App Mobile Application. When required, this information may include the following:
- Personal details such as name, country of residence, etc.
- Contact information such as email address, address, etc.
- Geolocation data of the mobile device such as latitude and longitude.
- Information about your health, medication, device and App use and medical history.
- Any other materials you willingly submit to us such as articles, images, feedback, etc.
Some of the Personal Information we collect relates to health and medical matters, which are especially sensitive. We will not use or disclose Personal Information gathered in the health context for advertising, marketing or other use-based data mining purposes other than for the benefit of the individual, improving health management, or for the purpose of health research, and then only with permission.
Managing personal information
You are able to delete certain Personal Information we have about you. The Personal Information you can delete may change as the App or Services change. When you delete Personal Information, we may maintain a copy in our records for the duration necessary to comply with our obligations to our affiliates and partners, and for the purposes described below. If you would like to delete your Personal Information or permanently delete your account, you can do so by contacting us.
Storing personal information
We will retain and use your Personal Information for the period necessary to improve Services to you, comply with our legal obligations, resolve disputes, and enforce our agreements unless a longer retention period is required or permitted by law. We may use any aggregated data derived from or incorporating your Personal Information after you update or delete it, but not in a manner that would identify you personally. Once the retention period expires, we will make reasonable efforts to delete Personal Information. Therefore, the right to access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after the retention period.
Use and processing of collected information
In order to make our App and Services available to you, or to meet a legal obligation, we need to collect and use certain Personal Information. If you do not provide the information that we request, we may not be able to provide you with the requested products or services. Some of the information we collect is directly from you via our App or website. However, we may also collect Personal Information about you from other sources. Any of the information we collect from you may be used for the following purposes:
- Create and manage user accounts
- Run and operate our App and Services
- development of new Services
- communicating with you, and
- Sonohaler internal business purposes such as market analysis and financial reporting
Processing your Personal Information depends on how you interact with our App, where you are located in the world and if one of the following applies: (i) You have given your consent for one or more specific purposes. This, however, does not apply, whenever the processing of Personal Information is subject to California Consumer Privacy Act or European data protection law, or other laws imposing similar restrictions; (ii) Provision of information is necessary for the performance of an agreement with you and/or for any pre-contractual obligations thereof; (iii) Processing is necessary for compliance with a legal obligation to which you are subject; (iv) Processing is related to a task that is carried out in the public interest or in the exercise of official authority vested in us; (v) Processing is necessary for the purposes of the legitimate interests pursued by us or by a third party.
We may use user data collected from the Services for our general business purposes, but when doing so we will ensure that any Personal Information is removed, and the data is anonymised and/or aggregated.
Note that under some legislations we may be allowed to process information until you object to such processing (by opting out), without having to rely on consent or any other of the following legal bases below. In any case, we will be happy to clarify the specific legal basis that applies to the processing, and in particular whether the provision of Personal Information is a statutory or contractual requirement, or a requirement necessary to enter into a contract.
Information transfer and storage
Depending on your location, data transfers may involve transferring and storing your information in a country other than your own. You are entitled to learn about the legal basis of information transfers to a country outside the European Union or to any international organization governed by public international law or set up by two or more countries, such as the UN, and about the security measures taken by us to safeguard your information.
The rights of users
You may exercise certain rights regarding your information processed by us. In particular, you have the right to do the following: (i) you have the right to withdraw consent where you have previously given your consent to the processing of your information; (ii) you have the right to object to the processing of your information if the processing is carried out on a legal basis other than consent; (iii) you have the right to learn if information is being processed by us, obtain disclosure regarding certain aspects of the processing and obtain a copy of the information undergoing processing; (iv) you have the right to verify the accuracy of your information and ask for it to be updated or corrected; (v) you have the right, under certain circumstances, to restrict the processing of your information, in which case, we will not process your information for any purpose other than storing it; (vi) you have the right, under certain circumstances, to obtain the erasure of your Personal Information from us; (vii) you have the right to receive your information in a structured, commonly used and machine readable format and, if technically feasible, to have it transmitted to another controller without any hindrance. This provision is applicable provided that your information is processed by automated means and that the processing is based on your consent, on a contract which you are part of or on pre-contractual obligations thereof.
The right to object to processing
Where Personal Information is processed for the public interest, in the exercise of an official authority vested in us or for the purposes of the legitimate interests pursued by us, you may object to such processing by providing a ground related to your particular situation to justify the objection. You must know that, however, should your Personal Information be processed for direct marketing purposes, you can object to that processing at any time without providing any justification. To learn, whether we are processing Personal Information for direct marketing purposes, you may refer to the relevant sections of this document.
How to exercise these rights
Any requests to exercise User rights can be directed to Sonohaler through the contact details provided in this document or on our website. These requests can be exercised free of charge and will be addressed by Sonohaler as early as possible.
We secure information you provide on computer servers in a controlled, secure environment, protected from unauthorized access, use, or disclosure. We maintain reasonable administrative, technical, and physical safeguards in an effort to protect against unauthorized access, use, modification, and disclosure of Personal Information in its control and custody. However, no data transmission over the Internet or wireless network can be guaranteed. Therefore, while we strive to protect your Personal Information, you acknowledge that (i) there are security and privacy limitations of the Internet which are beyond our control; (ii) the security, integrity, and privacy of any and all information and data exchanged between you and our App cannot be guaranteed; and (iii) any such information and data may be viewed or tampered with in transit by a third-party, despite best efforts.
In the event we become aware that the security of the App has been compromised or users Personal Information has been disclosed to unrelated third parties as a result of external activity, including, but not limited to, security attacks or fraud, we reserve the right to take reasonably appropriate measures, including, but not limited to, investigation and reporting, as well as notification to and cooperation with law enforcement authorities. In the event of a data breach, we will make reasonable efforts to notify affected individuals if we believe that there is a reasonable risk of harm to the user as a result of the breach or if notice is otherwise required by law. When we do, we will send you an email.
Changes and amendments
If you would like to contact us to understand more about this contract or wish to contact us concerning any matter relating to it, individual rights or your Personal Information, you may send an email to firstname.lastname@example.org
This document was last updated in August 2021.