The information contained in this document should be treated as confidential, provided only for the purpose of evaluation by the Recipient. This document, whether printed or in machine readable form, constitutes confidential, proprietary information and trade secrets which are the property of Alula Technologies. All disclosure and/or reproduction of this document, for tender purposes or verbally, is prohibited without express permission in writing by Alula Technologies.
This document contains proprietary and confidential information. All data submitted to RECEIVING PARTY is provided in reliance upon its consent not to use or disclose any information contained herein except in the context of its business dealings with Alula Technologies. The recipient of this document agrees to inform present and future employees of Alula Technologies, and the RECEIVING PARTY, who view or have access to its content of its confidential nature.
The recipient agrees to instruct each employee that they must not disclose any information concerning this document to others except to the extent that such matters are generally known to, and are available for use, by the public. The recipient also agrees not to duplicate or distribute, or permit others to duplicate or distribute, any material contained herein without Alula Technologies’ express written consent.
Alula Technologies retains all title, ownership, and intellectual property rights to the material and trademarks contained herein, including all supporting documentation, files, marketing material, and multimedia. This does not extend to any items belonging to our partners and/or clients.
BY ACCEPTANCE OF THIS DOCUMENT, THE RECIPIENT AGREES TO BE BOUND BY THE AFOREMENTIONED STATEMENT.
At Alula, we are committed to empowering you with a complete view of all your health data in a private account that you control.
Control. You are in control of the personal information you provide to us, which includes sharing, use, and retention.
Access. We empower you with access to your data as provided so that you are able to take charge of your health.
Transparency. We are committed to transparent collection, storage, sharing, and processing of your personal information and providing services to help you explore and understand your health.
Protection. The privacy and protection of your personal information is of the utmost importance to us. We are committed to strong security measures and providing you with information regarding collection, processing, and storage of your personal information.
Alula Technologies Limited (“we, “us”, “our” or “Alula”) operates the http://alulatechnologies.com/ , http://alulahealth.com and websites (“Sites”) and related services (together “Alula HealthCloud”). At Alula, our goal is to empower you with control and sharing of your health information. To this end, we collect, process, use and store the personal information that you provide to us from your mobile applications, provider portals, activity trackers, devices, and services.
Our Privacy Policy outlines:
This Privacy Policy applies to our Sites as well as to the API services and applications we provide, and related products and services, collectively known as the “Services.” In addition, our Cookie Policy explains our use of browser cookies and other similar tracking technologies, which are part of this Privacy Policy.
If you have any questions about this Privacy Policy or our privacy practices, we can be contacted in the following ways:
Full name of legal entity: Alula Technologies Limited
Postal address: 1 Mayfair Place, Devonshire House, London W1J 8AJ, England
Email address: dpo@alulatechnologies.com or info@alulatechnologies.com
By accepting our End User Terms of Service , you consent to the collection, use, storage, and disclosure of personally identifiable information as outlined in the End User Terms of Service and in this Privacy Policy.
We handle your personal information, including protected health information (PHI), in compliance with relevant healthcare privacy and security regulations and our contractual commitments to our clients. Currently we serve as a conduit between:
Through our service, you have the option to grant us authorisation to access, collect, use, store, and disclose your personal information, which may include sensitive data related to HIV, sexually transmitted diseases, mental health conditions and treatment, substance abuse conditions and treatment, and other relevant information, for the duration of your use of our services.
The following definitions are provided to assist with understanding our Privacy Policy.
Service or Services. Our Sites as well as the API services and applications we provide, and related products and services, as accessed by a user whether a user has an account or not.
Personal Information. Personal Information is information that can identify you, either alone or in combination with other information. This includes Protected Health Information that is identified under Protection of Personal Information Act (POPIA) in South Africa, General Data Protection Regulation (GDPR) in the European Union, the UK General Data Protection Regulation (UK GDPR) in the UK, and the Health Insurance Portability and Accountability Act of 1996 (HIPAA) in the United States of America. Please review the section “Information We Collect from You” for more details.
Anonymised (or De-identified) Information. De-identified or anonymised information does not identify you based on individual pieces of information or combinations of information. Your direct information (e.g., name) and indirect information (e.g., Device ID) are removed, such that you cannot be reasonably re- identified as an individual. This includes de-identified demographic information, de-identified location information, information about the computer or device from which you access the Alula HealthCloud or other online services, or other analyses we create.
Aggregate Information. Your individual information is combined and compiled with other individuals’ information for the purpose of analysis. The aggregation process involves de-identification of personal information such that you and other individuals cannot be reasonably re-identified as specific individuals.
Customers. Customers are business partners of Alula that may incorporate our Services as a component or feature of the Customer’s products (e.g., a chronic condition management platform that uses data from Alula HealthCloud to measure your activity levels) or may deliver features within our Services (e.g., a pharmacy that provides your prescription history).
Whenever you access or use our Services, we may process (e.g., collect, use, store, transfer, etc.) different kinds of Personal Data about you, depending on which Alula Technologies service you use: (a) the VitalScore/VitalScore Lite (mobile/web) app, or (b) the Alula Technologies Websites, or (c) AlulaHealth Website. References to VitalScore/ VitalScore Lite refers to your personal wellness data score and measurements based on the use of rPPG technology that processes video clips generated by your camera of your mobile device when taking a 30-second video selfie to assess your general wellness which is intended for Investigational Use Only.
Our Services are not medical advice and should not be a used as a substitute for clinical judgment by a health care professional.
Our Service is intended to improve your awareness of your general wellness and is not intended to diagnose, treat, mitigate, or prevent any disease, symptom, disorder, or abnormal physical condition.
You must consult with a health care professional or emergency services if you believe you may have a medical issue and need medical attention. We will process the relevant personal data about you in accordance with this Privacy Policy, and as follows:
We gather personal information as part of providing services to all our users. Upon becoming a user of our services, we will only gather information that you voluntarily authorise for submission. Personal information may include data you report about yourself and/or information collected from devices or third parties. We strongly believe in maintaining the confidentiality of all personally identifiable information that identifies an individual, including your past, present, or future physical or mental health condition, and your Digital Health Check data.
Account Information: We may collect personal information, including but not limited to, identifying data such as name, email address, password, and address information to set up and manage your account. If our services are provided by your employer or their service provider, your personal information may be forwarded to set up our services for your use. Depending on the services used and your location, we may also collect your South African Identity number, passport number, National Insurance number, Social Security number, date of birth, current benefit coverage, and other official identifiers, such as a driver's license number.
Health Information: We may collect information such as personal activities, health and wellness data, medications, tests, medical records, and health issues submitted through the services. We will only use this information for the purposes to which you expressly consent.
Sensitive Information: Certain information you provide is considered sensitive information and may include genetic information, HIV testing or status, mental health, race, ethnicity, and sexual orientation. This information may be recorded in information shared with us by a third party such as a doctor. We will only use this information for the purposes to which you expressly consent.
Device Information: We may collect device identifiers such as serial number, device type, IP address, browser type, language preferences, and location, operating system, date and time of your access, internet service provider, or mobile carrier, internet domain and host name, and referral URL.
Cookies and Similar Technologies: We use cookies and similar technologies as described in our Cookie Policy. We recommend that you review that policy to learn about our practices and the controls available to you.
Profile Information: We collect the information that you voluntarily enter into a user profile. This may include pictures, nicknames, and other personal details. This information is available to third parties that you consent to sharing your personal information through our services.
Research and Studies Information: Your personal information is collected when you voluntarily participate in research and studies through our services.
Information from Your Use of Services: We collect information related to your use of our services, such as which healthcare provider you use, which menus you use, pages you view, or search results you click on. You may interact with our support team during the use of our services, in which case, we would collect information about your communications.
If you visit the site, whether or not you become a user of our services, please note that we will maintain web logs to record data about all visitors and customers who use this site and interact with the services, and we will store this information. These logs may contain IP address information, types of operating systems you use, the date and time you visited the site, and, if you are a user of our services, information about the type of any personal tracker or other device or service you connect to the services and information about the data uploaded from any such device or service.
All web logs are stored securely and have restricted access by a very limited number of employees who must adhere to strict guidelines regarding user data security and privacy.
We utilise your personal information to provide you with our Services, employing various methods.
Here is how we use your information:
Alula Services: If you choose to create an Alula account, we may use your personal information to inform you about or present products or services that we believe may interest you.
We may also use non-personal information to analyse data into useful information. This process of data analysis is done using Anonymised and Aggregate Information, is non-personal, and allows us to find correlations and patterns in the data.
We prioritise the protection of your personal information and uphold strict standards regarding its sharing. This is how we handle your data:
Your privacy and consent are paramount, and we adhere to stringent protocols to safeguard your personal information.
The protection of your data is our top priority. We implement rigorous security measures to safeguard your personal information and ensure its confidentiality and integrity.
This is how we protect your data:
Despite our comprehensive security measures, it is important to note that no data transmission or storage system is entirely infallible. If you have any concerns about the security of your interactions with our Site or Services or suspect unauthorised access to your account, please contact us immediately at dpo@alulatechnologies.com. We take all reports of potential security breaches seriously and will investigate and address them promptly to ensure the ongoing protection of your data.
As the owner of your health data, you have full control over how it is managed within our Services. Here is a user-friendly guide outlining how you can access, modify, or delete your personal information:
By following these steps, you can effectively manage, modify, and control your personal information within our Services, ensuring that your data is handled according to your preferences and needs.
You authorise the personal information that is collected, stored, maintained, processed, and used within our Services.
We will delete your data as soon as we have no further need for it. For sensitive personal data, in most cases this will be within 48 (forty-eight) hours. For other non- account data, it will be within 6 (six) months.
You may request to delete any personal information and to de-authorise the collection, use, storage, and disclosure of personal information in the future by sending us an email at dpo@alulatechnologies.com . Any such deletion or de- authorisation will have no effect on sharing of personal information before we receive and are able to act upon such a request.
During the use of our Services, you may authorise us to send your personal information to customers or third parties who are providing you value. You will have full transparency regarding whom within the ecosystem you previously sent your personal information. To delete a copy of your records from these entities, you will need to follow their policies and procedures for data deletion.
You can export a copy of your personal information that is stored within our Services. If you have questions about exporting Personal Information from our Services, please contact dpo@alulatechnologies.com.
We work with multiple medical and wellness providers to enable you to obtain and hold copies of your personal information. We may also provide tools for you to manually enter health data or collect data from devices. While we strive to collect complete and accurate information from the sources provided to us, we do not have control over the accuracy, completeness, or quality of information entered or sent to us. For example, you may identify incorrect, incomplete, or outdated information from a third-party provider. If you have questions or find issues with your personal information, it is your responsibility to identify issues and ensure corrections are made to the original source of information.
You are responsible for the handling, sharing, re-sharing, and distribution of your personal information. We disclaim any responsibility or liability for any consequences arising from your disclosure of personal information. Furthermore, if you transmit personal information electronically to another person, whether on or off our Site or Services, we shall not be held accountable for any harm or consequences resulting from third-party use or re-sharing of your information. We strongly advise sharing personal information only with individuals and third parties whom you trust.
Additionally, we emphasise the importance of safeguarding the integrity of your data. It is your responsibility to ensure that your personal accounts and login credentials are kept secure and inaccessible to unauthorised individuals. When using public or shared devices, such as those in libraries or internet cafes, always remember to log out of our Site or Services.
If you access our Site or Services via your employer's network or through public internet connections, such usage is undertaken at your own risk. It is incumbent upon you to verify the privacy and security policies of the company regarding internet usage.
Please note that we cannot verify the identity of any non-employee individuals you may encounter while using our Site or Services, nor can we vouch for the authenticity of any information provided by others.
When using our Site, you may encounter links to other websites. It is important to understand how your privacy and security may be affected when navigating these third-party sites. Below are a few guidelines for navigating Third-Party Sites liked from Alula Technologies:
By staying informed about privacy policies, exercising caution, and being mindful of consent, you can navigate third-party sites linked from our platforms while safeguarding your privacy and security. If you have any concerns or questions regarding data sharing practices, feel free to reach out to us for assistance.
Please refer to our End User Terms of Service for further details on data sharing and your rights and responsibilities as a user.
To close your account and ensure the deletion of your personal information, please follow these steps:
By following these steps, you can effectively close your account while ensuring that your personal information is handled responsibly and in compliance with applicable laws and regulations. If you have any further questions or concerns, please do not hesitate to reach out to us at dpo@alulatechnologies.com . Your privacy and data security are our top priorities.
We are committed to keeping you informed about any changes or events that may affect your personal information.
Notifications: You will be notified in the event of a data breach impacting your personal information, as required by law. We will provide instructions on any further actions you may need to take. You will also be notified if there is a Business Transfer involving your personal information, and if the recipient intends to use your information differently from what is outlined in this Privacy Policy. In such cases, you have the option to delete or export your personal information as described above, or to close your account.
Data Retention: We ensure that identifiable information about you is retained only for as long as necessary to fulfil our business purposes or to meet legal requirements. This information is held for no longer than 24 (twenty-four) months.
Children: We do not permit individuals under the age of 13 (thirteen) yeas old to create accounts that grant access to our secure Site unless they obtain prior consent from a parent or guardian.
Changes to this Privacy Policy: Our Privacy Policy may be updated in the future. If changes are made, we will notify you by posting updates on our Site and other relevant platforms. Each update will be accompanied by an effective date. If you disagree with any changes, you have the option to delete your account by contacting us at dpo@alulatechnologies.com .
Your feedback is valuable to us. If you have any questions or suggestions on how we can enhance our privacy policy regarding personal information, please feel free to email us at dpo@alulatechnologies.com . We are here to address any concerns you may have and continuously improve our practices to better protect your data.
Last update date: 10 April 2024