Vigo Health, SIA
Kronvalda blvd. 4, Riga, LV-1010, Latvia
Data Protection Officer
The information provided above is intended to address the Controller for the resolution of data protection matters and revoke your permission to process data.
“App” – refers to downloadable mobile, tablet or computer software owned or operated by Vigo Health, SIA. References to “App” include any and all audial, visual, interactive content and features available through such application.
“Data Controller”, “Vigo”, “We” or “Us” – refer to Vigo Health, SIA and any of our officers, managers, employees, contractors, and agents currently in legal relationship with Vigo Health, SIA. To the extent applicable through legal agreements the term also refers to our affiliates, service providers and licensors, and their officers, managers, and employees.
“Data Protection Officer” or “DPO” – refers to the party employed or contracted by the Data Controller or Processor to supervise the enforcement of national and international regulations within the scope of data processing.
“Content” – any and all information visual, audial or textual and any other form of the material provided by Vigo Health through software applications, websites, and any other channel owned by Vigo Health, SIA. Including photos, videos, audio, chat conversations and other information modules available in Our Services.
“Services” – refers collectively to any and all Websites, Applications and Content provided and managed by Vigo Health, SIA, including any related services software, hardware and technology used to provide the foregoing.
“Processor and Processors” – private persons and legal entities authorized by Vigo Health and granted access to process specific User data categories exclusively by this entity in the name of Vigo Health.
“Users” – refers to any persons directly involved in accessing and utilizing the Services. References to “access” and/or “use” of the Services (and any variations thereof) include the acts of accessing or browsing the Services, and accessing or using the Content.
VIGO HEALTH CERTIFIES THAT YOUR DATA WILL NOT BE ACCESSED BY ANY THIRD PARTIES WITHOUT YOUR CONSENT.
- Protect the integrity, availability and security of User personal data;
- Protect rights and legal interests of Our Services and Users;
- Utilize third party services to process pseudonymised User data (behavioral data analytics).
Types of Data collected
We collect and store information that you provide directly and indirectly when accessing Services. Including when you register for the App, create a profile, submit information and updates about your condition, when Users update your email preferences, respond to a survey, contact us with questions or comments, or provide other feedback. The collected usability information and therapy progress data you provide to Us by accessing Services.
We will not request specific sets of specific information such as government identifiers, social security numbers, or other financial information except in connection with payment processing. We will not ask for sets of sensitive information such as marital status, religious, political beliefs, sexual orientation, and other sensitive information that is unrelated to fulfilling our Purpose. Please do not provide this information to us, including through emails, feedback forms or otherwise.
The Personal Data is freely provided by the User, or collected automatically when accessing Services.
Failure to provide certain sets of Personal Data may lead to withholding the provision of Services.
Users are responsible for any Personal Data of third parties obtained, published, or shared through the App and confirm that they have the third party’s consent to provide the Data to the Data Controller.
Personal Data Collected
By default, this includes User Data such as:
- Full name;
- Date of birth;
- Personal ID;
- Address, email, phone number;
- Credit card information;
- Contact persons;
- User IP.
Certain connections of the User, such as personal information of some family members, if the User agrees to it. Any other data User has made publicly available.
Emotional and physical health and disability data are collected before submitting the User application and signing up for use of the App and while using it.
Behavioral data is collected while using the App and accessing Our website.
Therapy progress data is collected while using the App for automated Content adjustment.
The use of the collected Data
By signing up to use Services, you consent to us processing your physical and mental health data to track your therapy progress. You consent to receive communication via email, push notifications in the App, by phone, or any other means found necessary by us. You have the right to restrict how we contact you by contacting us at info[at]vigo.health
If you are receiving Services through your employer or health plan, we will not share any information about your health, therapy progress with your employer or the health plan. We may send de-identified information to your employer, insurance company, or health plan for billing purposes.
We may send identifiable information to the provider of your non-employer insurance plan for billing purposes if you are receiving Services through your healthcare provider, non-employer insurance company, or medical care service provider.
The Personal Data used for each purpose is outlined in the specific sections of this document. We may use any of the information we collect to:
- identify the User;
- prepare User agreement and invoices;
- customize the Content for the physical and mental condition of the User;
- inform the User upon any changes in the App;
- for purposes of business planning and analytics;
- comply with any binding legal acts;
- contact the User about activity within the App;
- allow Us to operate our Services, including payment processing, administration, internal operations, troubleshooting, data analysis, testing, research, statistical and survey purposes;
- manage User access to our Services;
- contact Users directly about unusual activity in their account;
- create reports for our affiliates, licensors, service providers and Users or prospective Users that may include aggregate information about the use of various aspects of the Services;
- carry out our obligations and enforce our rights arising from any contracts entered into between Users and Us, including billing and collection;
- notify Users about changes to Our Services;
- protect the integrity and maintain the security of our Services, including secured areas of the App or Website;
- in any other way that we describe when Users provide the information; and
- for any other purpose for which Users have consented to.
Mode and place of processing the Data
The Data is processed at the Data Controller’s operating offices and in any other places where the parties involved with the processing are located. For further information, please contact the Data Controller at hello[at]vigo.health.
The Data is retained for the Service provision period but not longer than to fulfill the purposes outlined in this document. The User can at any time request suspension or erasure of Data by directly contacting the Controller at hello[at]vigo.health. The Data is retained until the User or the Controller closes the User account and is no longer accessing Services. In some instances pseudonymised health Data may be kept for up to one year after closing User account, for example:
Stored securely on our backup recovery system servers for analytical purposes;
Stored securely to protect our legal interests or comply with any binding legal requirements;
Stored securely within systems of third-party service providers for the agreement or legally required period;
Stored securely while there is any judicial commitment to storage or analysis of the data.
Methods of processing
The Data Controller processes the User Data to retain availability, integrity and security. The Controller ensures appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data.
The Data processing is carried out using computers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated. In addition to the Data Controller, in some cases, the Data may be accessible to upper management, involved with the operation of the site (administration, sales, marketing, legal, system administration) or external parties (such as third party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by the Data Controller. The updated list of these parties may be requested from the Data Controller at any time at hello[at]vigo.health.
Categories of data Processors
All personal data and any other identifiable information collected by the Controller during the provision of Services is stored in a safe data storage space and shall not be disclosed to any third parties, except:
- Disclosure of personal data is mandatory for public interest and is regulated under public legal acts or data processing functions are assigned to a third party within a secure agreement (user data analytics service provision, payment processing, bookkeeping service provision, banks);
- It is stipulated by public legal acts and is mandatory for protecting Our legal interests;
- The User has given their indisputable consent.
With User consent we may share their personal data with third-party service providers such as:
- Data security, website hosting, cloud hosting, storage solutions, software as a service (SaaS), and other IT services;
- Pharmacovigilance and medical queries handling services;
- Legal, regulatory, tax services;
- Translation, legalization and notarization services;
- Customer relationship management (CRM) services;
- External salesforce services;
- Access control and security services.
The User’s Personal Data may be used for legal purposes by the Data Controller, in Court or in the stages leading to possible legal action arising from improper use of this Application or the related services.
The User declares to be aware that the Data Controller may be required to reveal personal data upon request of public authorities.
The rights of Users
Users have the right, at any time, to consult the Data Controller’s Data Protection Officer on the Personal data contents, origin, to verify their accuracy, or to ask to supplement, update, correct, erase, to block any data held in violation of the law, as well as to oppose their treatment for any and all legitimate reasons. Requests should be sent to the Data Controller’s Data Protection Officer at the contact information set out above.
The User has a right to withdraw his consent to data collection and processing by writing a letter to hello[at]vigo.health.
The withdrawal of consent does not affect any data collected and processed prior to receiving the letter, with an exception of data removal request.
The consent withdrawal does not affect any data collected and processed for any other legitimate reason.
Third Party Websites, Apps and Social Media
Our Website and App may, from time to time, contain links to and from the websites and/or apps of third parties. If you follow a link to any of these websites or apps, please note that these websites and apps have their own Privacy Policies and that we do not accept any responsibility or liability for these policies or your use of those websites and apps.