Privacy Policy

Last Updated: 20 January 2025

We are committed to respecting the security and privacy of your data and ensuring transparency in our data-related actions. This Privacy Policy (hereinafter referred to as the "Privacy Policy") explains how Reforma Health FZCO (hereinafter referred to as the "Company," "we," or "us") collects, stores, uses, transfers, and discloses the personal data of our users (hereinafter referred to as "you") when you use our services (“Services”), such as when you:

  • Visit our website at hello@reforma.health, or any website of ours that links to this privacy notice
  • Download and use our mobile application, or any other application of ours that links to this privacy notice
  • Download and use our chatbot, or any other chatbot of ours that links to this privacy notice
  • Engage with us in other related ways, including any sales, marketing or events.

We reserve the right to modify this Privacy Policy from time to time. If we make any significant changes, we will notify you via email (sent to the email address you provided upon registration), through the Product, or by providing you with a new version of this Privacy Policy for acceptance, such as when we add new types of processing or collect additional personal data from you.

By continuing to use the Product after the effective date of an updated version of the Privacy Policy, you agree to the updated policy. In some cases, you may be required to explicitly consent to changes to continue using the Product. We recommend that you periodically review our website for the latest information on our data security practices. If you do not accept the terms of the Privacy Policy, we ask that you refrain from using the Product. Please stop using the Product and delete it if you do not agree with the terms of this Privacy Policy.

1. PERSONAL DATA AND INFORMATION WE COLLECT FROM YOU

We collect the following personal data and information from you:

(i) Contact information, such as your name, email address, mailing address, and phone number.

(ii) Preference information you provide and free-text information you submit while using the Product, such as product or content interests, communication, or marketing preferences.

(iii) Interaction information, such as your purchase history, viewed content, and sections of our service and website that you have visited.

(iv) Health or fitness information (including medical prescriptions, weight, height, gender, symptoms, nutrition, and water intake), which may contain special category data as defined by the GDPR.

(v) Device and usage information, which may include data related to your mobile device (e.g., mobile device identifier (similar to a website's IP address), device type, carrier, brand, model, operating system, advertising identifier or other similar information), usage of features or notifications on the device, signal strength related to Wi-Fi or Bluetooth, temperature, battery level, and similar technical data.

(vi) Location data that allows us to periodically determine your location, including your presence relative to or within third-party retail outlets.

We may collect this data and information even if you are not actively using the Product.

You will also have the option to allow us to import and export data from third-party services. This information may include exercise data, weight, calories burned, heart rate, steps/distance, and other health-related information.

We do not use information obtained from third-party services for advertising or similar purposes.

We do not disclose information obtained from third-party services to third parties without the explicit consent of the users.

We do not sell information obtained through third-party services to advertising platforms, data brokers, or resellers.

Granting permission to access third-party information may help you maximize the benefits of the service, and we will handle such third-party information in full compliance with this Privacy Policy.

If the information outlined in this section is aggregated or de-identified in such a way that it can no longer be reasonably linked to an identifiable individual, we may use it for any business purpose. To the extent that the information described in this section is associated with an identifiable individual and is protected as personal data under applicable data protection laws, it is referred to in this Privacy Policy as "Personal Data." We use pseudonymization for certain types of Personal Data. Please note that the provisions of Section 3 do not apply to pseudonymized Personal Data.

YOUR CONSENT TO PERSONAL DATA PROCESSING

By installing the Product and beginning to use it (or by explicitly accepting this Privacy Policy and explicitly consenting to the processing of your Personal Data), you explicitly agree that:

WE MAY STORE AND PROCESS YOUR PERSONAL DATA (INCLUDING SENSITIVE DATA, SUCH AS HEALTH DATA) PROVIDED BY YOU WHILE USING THE PRODUCT SOLELY FOR THE PURPOSES OF PROVIDING THE SERVICE, IMPROVING THE QUALITY OF OUR SERVICES, AND OTHER PURPOSES OUTLINED IN SECTION 2 OF THIS PRIVACY POLICY. SUCH SERVICES MAY INCLUDE SENDING YOU INFORMATION AND REMINDERS VIA THE PRODUCT OR TO THE EMAIL ADDRESS YOU HAVE PROVIDED.

THE PERSONAL DATA YOU PROVIDE TO US IN THE COURSE OF USING THE PRODUCT INCLUDES ACCOUNT DATA (E.G., YOUR NAME AND EMAIL ADDRESS), AS WELL AS SENSITIVE HEALTH DATA (E.G., BODY MEASUREMENTS, PHYSICAL ACTIVITY, AND OTHERS). DEPENDING ON THE DATA YOU PROVIDE, THE PRODUCT MAY ALSO CONTAIN INFORMATION ABOUT YOUR HEALTH STATUS (E.G., WEIGHT, BODY TEMPERATURE, AND OTHERS).

WE WILL NOT SHARE YOUR PERSONAL DATA WITH THIRD PARTIES EXCEPT WHERE NECESSARY TO PROVIDE YOU WITH SERVICES (E.G., TECHNICAL SERVICE PROVIDERS) OR WHERE WE HAVE OBTAINED YOUR EXPLICIT CONSENT.

2. HOW WE USE YOUR PERSONAL DATA AND INFORMATION

We may use your information, including your Personal Data, and by accepting this Privacy Policy, you give us your explicit consent to do so for the following purposes:

  • To analyze, operate, maintain, and improve the Service and Product and marketing activities, and to add new features and services to the Product;
  • To assess your needs in order to determine suitable products or services;
  • To send product updates or warranty information;
  • To respond to your comments, questions, and requests and provide customer service;
  • To send you push notifications, both internal and external. IF YOU DO NOT WISH TO RECEIVE THESE NOTIFICATIONS, YOU CAN CHANGE YOUR PREFERENCES IN THE PRODUCT SETTINGS BASED ON YOUR DEVICE TYPE. YOU CAN ALSO CONTACT US AT hello@reforma.health;
  • To send you marketing messages;
  • To improve our Service and marketing activities, conduct research and analysis, including for scientific and academic purposes;
  • For any other purposes disclosed to you at the time of data collection or as specified in this Privacy Policy.

Opt-out/Unsubscribe. You can opt out of receiving our newsletters or marketing emails by following the unsubscribe instructions in each newsletter or marketing email, or by contacting us at hello@reforma.health.

Third-party information. Unless explicitly prohibited by applicable law, we may acquire marketing data about our customers from third parties and combine it with the personal data we already have to create more personalized advertising and products. Such data will never include sensitive or special categories of personal data. We will use this information solely for the specific purpose it was provided for. By accepting this Privacy Policy, you consent to such processing.

3. YOUR RIGHTS

Modification, correction, and erasure. You can modify, correct, delete, and update your Personal Data within the Product's account settings, or, if this is not possible, by contacting us at hello@reforma.health.

Access. You have the right to access the Personal Data you enter into the Product and ask us about the Personal Data we hold about you. You can do this through the Product settings or by writing to us at hello@reforma.health.

EU Residents. Individuals residing in the European Union have certain legal rights regarding their personal data, as set out in the General Data Protection Regulation ("GDPR"). Subject to any legal exceptions, you may have the right to request access to your personal data (including in a structured and portable format) and to request its update, deletion, or correction.

Correction of Personal Data and restriction of processing. You are responsible for ensuring the accuracy of the Personal Data you provide in the Product. Inaccurate information may affect your experience using the Product and our ability to contact you. If you believe your Personal Data is inaccurate, you have the right to contact us to request its correction by writing to hello@reforma.health. You also have the right to request the restriction of processing if you contest the accuracy of your Personal Data, and we need time to verify it.

Access to and portability of your Personal Data. The Service allows you to access and update your Personal Data within the Service. You have the right to request information about whether we hold any of your Personal Data, and to request access to it (including in a structured and portable format) via the Product settings or by contacting us at hello@reforma.health.

Erasure of your Personal Data. If you believe that your Personal Data is no longer necessary for the purposes for which it was collected or otherwise processed, or if you have withdrawn your consent or objected to the processing of your Personal Data, or if the processing of your Personal Data is otherwise not in accordance with the GDPR, you have the right to contact us and request the erasure of such Personal Data. You can do so by writing to hello@reforma.health. Please note that erasing certain Personal Data you have entered may affect your ability to use the Product and its features. The erasure of certain Personal Data may also take time due to technical reasons.

Right to object to the processing of your Personal Data. You may object to the processing of your Personal Data and prohibit us from processing your Personal Data by writing to hello@reforma.health. Please note that erasing certain Personal Data you have entered may affect your ability to use the Product and its features.

Notification obligations. We commit to notifying you promptly, and your data protection authority within the timeframes set by applicable law (72 hours), of any data breaches involving the Product.

Data protection authorities. In accordance with the GDPR, you also have the right (i) to restrict our use of your Personal Data and (ii) to lodge a complaint with your local data protection authority about any of our actions that you believe do not comply with the GDPR.

Please note that in the event of an unclear request for access, deletion, objection, or any other request for the exercise of rights, we may engage in dialogue with the individual to better understand the reasons for the request and to locate the information needed to respond. If this is not possible, we reserve the right to deny your request.

Under GDPR, we may also require you to confirm your identity (e.g., by requesting ID or other proof of identity) before you can exercise these rights, especially when it concerns special categories of personal data, such as health data. This is done to ensure that your request does not violate the rights of third parties and that the rights described in this section are exercised by the real data subject or an authorized person.

4. SHARING YOUR PERSONAL DATA AND INFORMATION

Sharing with third parties. We do not share your personal data with third parties without your explicit consent. We will only share your personal data and information with third parties as described in this Privacy Policy.

We may disclose your Personal Data:

(i) As required by law, such as to comply with a subpoena or similar legal process.

(ii) If we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others, investigate fraud, or respond to a government request.

(iii) If we are involved in a merger, acquisition, or sale of all or a portion of our assets, you will be notified via email and/or a prominent notice on our website of any change in ownership or use of your personal information, as well as any choices you may have regarding your personal information.

(iv) To any other third party with your prior explicit consent.

We share information we collect with third-party business partners who are committed to complying with applicable data protection laws (such as GDPR for EU residents). Our third-party business partners may share your Personal Data with their own third-party business partners, provided they have appropriate data protection safeguards, and use this information either for themselves or on behalf of their business partners to:

(i) Operate and improve their services;

(ii) Provide you with advertising and product information in the Product or other applications or websites based on variables such as your location and assess your engagement with them; and

(iii) Perform other purposes disclosed to you and for which you provide consent.

Depending on the service you use, we may share some of your Personal Data and information with third-party business partners who perform analytics and other tasks on our behalf (in some jurisdictions, such parties may be qualified as "processors" under applicable law). Here are some of the third-party services with which we may share some of your Personal Data and information:

  • Telegram – a messaging platform that allows users to communicate in real-time. We may share certain non-identifiable information about you and some personal data (but never health-related data) for marketing purposes and to provide you with better and more personalized service. Learn more about Telegram: https://telegram.org.
  • ChatGPT – an AI-based platform that enables communication and interaction with a virtual assistant. We may share certain non-identifiable information about you and some personal data (but never health-related data) for marketing purposes and to provide you with better and more personalized service. Learn more about ChatGPT: https://chat.openai.com.

Our third-party partners are either located in the EU or certified under the EU-US Privacy Shield, ensuring compliance with European data protection requirements. The privacy policies of these services are available on their respective websites. Please note that some third-party service providers' servers may be located in the US or outside the UAE.

BY USING THE PRODUCT AND THE SERVICE, YOU CONSENT TO THE USE OF COOKIES AND THIRD-PARTY SERVICES AND THE COLLECTION OF YOUR DATA (INCLUDING PROCESSING BY THIRD-PARTY SERVICE PROVIDERS) AND CERTAIN PERSONAL DATA UNDER A UNIQUE IDENTIFIER FOR THE PURPOSES OF TRACKING, ANALYSIS, AND IMPROVEMENT OF THE PRODUCT BY USING OUR SERVICES, YOU GIVE YOUR EXPLICIT CONSENT TO THE USE AND PROCESSING OF YOUR DATA AS DESCRIBED ABOVE.

Aggregated Information. We may also share aggregated, anonymized, or de-identified information that cannot reasonably be used to identify you. For example, we may share general demographic information on age and aggregated statistics on certain activities or symptoms based on collected data, in articles, blog posts, and academic publications, to help identify patterns among users.

5. DATA SECURITY

The security of your personal data is very important to us. When you provide us with your Personal Data, which is considered confidential or falls under "sensitive data categories" under applicable law, we encrypt the transmission of this information. We follow industry-standard practices to protect the Personal Data provided to us, both during transmission and after its receipt.

Among other things, we use the following security measures to protect your personal data:

  • Pseudonymization and tokenization of certain categories of your Personal Data;
  • Ensuring the integrity of Personal Data;
  • Encryption of your Personal Data during transmission and at rest;
  • Systematic vulnerability scanning and penetration testing;
  • Organizational and legal measures. For example, our employees have different levels of access to your Personal Data, and only those responsible for data management have access to your Personal Data, and only for limited purposes necessary for the operation of the Product. We hold our employees strictly accountable for any disclosure, unauthorized access, modification, destruction, or misuse of your Personal Data.

We also commit to conducting regular data protection impact assessments to ensure full compliance with the principles of "privacy by default," "privacy by design," and other internationally recognized data protection principles in the Product. We also commit to conducting a privacy audit in the event of a merger or acquisition.

Please note that no method of transmission or electronic storage is 100% secure. Therefore, we cannot guarantee its absolute security. If you have any questions about the security of our Product, you can contact us at hello@reforma.health.

6. DATA RETENTION AND STORAGE

We will retain your Personal Data for as long as the Product is installed on your mobile device in the relevant messenger or as long as it is necessary to provide you with services. If you delete the Product, we will delete your Personal Data, retaining only copies necessary to fulfill our legal obligations, resolve disputes, and enforce our agreements. If you wish to cancel your account or request that we no longer use your data to provide you services, please contact us at hello@reforma.health.

7. CHILDREN’S PRIVACY

General Age Restriction. We are committed to protecting children’s privacy. The Product is not intended for children, and we do not knowingly collect information from individuals under the age of 18. The Product does not knowingly collect Personal Data from individuals whom we know are under 18 years of age. If you become aware that anyone under the age of 18 is using the Product, please contact us at hello@reforma.health, and we will take the necessary steps to delete such information and/or remove their account.

8. CONTACT INFORMATION

If you have any questions or concerns regarding your privacy, any provisions of this Privacy Policy, or any of your rights, you may contact us at: hello@reforma.health.

Contact us

Thanks! We'll get in touch with you shortly
Oops! Something went wrong while submitting the form.