1. Scope of the Privacy Policy
1.1 Below is a description of how Aasa Health AB, org. no. 559116-7936, with address Pilgatan 10, apt 1002, 90331 Umeå ("Vitala," "us," or "we"), processes personal data in relation to you as a user of Vitala, and you as a visitor to our website www.vitala.health ("the Website").
1.2 We value personal privacy and take your privacy very seriously. It is therefore important for us to protect your personal data and ensure that our processing of them is done in a correct and lawful manner.
1.3 In this privacy policy, we explain the types of personal data we may process and the purposes for which we process them. We also explain our processing of personal data and the choices and rights you have in relation to it. We kindly ask you to carefully read through our privacy policy and familiarize yourself with its contents.
1.4 Please note that this privacy policy only concerns the processing of personal data for which Vitala is the data controller. This means that we are responsible for the handling and processing of your personal data. It also means that you should contact us with any questions or comments, or if you wish to exercise any of the rights you have in relation to our processing of your personal data.
2. Processed Personal Data - Users
2.1 Personal data refers to information that can be attributed to you. We may process the following personal data that can be attributed to you as a user of Vitala:
(a) contact information (name, email address, address, and phone number);
(b) health information for research purposes;
(c) cookies; and
(d) IP address.
2.2 Please note that providing your personal data is a requirement for entering into an agreement with us regarding the Vitala service.
3. Purposes of Processing and Legal Grounds - Users
3.1 Since Vitala is a training service where all the personal data listed in point 2.1 can be attributed to your health, these personal data are considered sensitive and are a prerequisite for us to provide you with the Vitala service. Therefore, when you register for the Vitala service, you are considered to have consented to our processing of these data as described below.
3.2 We process your contact information (point 2.1(a)) in order to handle our communication with you as a user of Vitala.
3.3 We process your contact information (point 2.1(a)) and health information for research purposes (point 2.1(b)) in order to conduct research on how Vitala’s exercise generator can be further improved and optimized through the analysis of results and behavior based on our exercises.
3.4 We process cookies and your IP address (point 2.1(c) - 2.1(d)) to develop Vitala and improve the user experience.
3.5 You have the right to revoke your consent to our processing of your personal data at any time. You can do this by either unregistering from the Vitala service or, if you only want to revoke your consent for research purposes, by contacting us at info@vitala.health. If you want to revoke your consent to our use of cookies, you can do so through our Cookie tool on our website: www.vitala.health.
4. Processed Personal Data - Website Visitors
4.1 We may process the following personal data that can be attributed to you
as a visitor of the Website:
(a) cookies;
(b) name;
(c) company;
(d) email address;
(e) phone number; and
(f) IP address.
4.2 Please note that the data mentioned in points 4.1(b) - 4.1(f) above are
only processed in relation to visitors of the Website who register for more
information on the Website.
5. Purposes of Processing and Legal Grounds - Website Visitors
5.1 We process cookie data (point 4.1(a)) in order to develop and improve the Website and user experience. This is done based on your consent. If you want to revoke your consent to our use of cookies, you can do so through our Cookie tool on our website: www.vitala.health.
5.2 We process the data in points 4.1(b) - 4.1(f) in order to develop our services and the Website, and to market our services to you. This is done based on our legitimate interest as the legal basis.
6. Storage of Personal Data
6.1 We store your personal data for as long as you use Vitala.
6.2 If you cease to be a user of Vitala, we will delete the personal data listed in points 2.1(a) - 2.1(d) within three months after you have ceased to be a user. However, we may continue to process your contact information (point 2.1(a)) and health information (point 2.1(b)) during the period of ongoing research.
6.3 Cookies (point 2.1(c) and 4.1(a)) are deleted no later than one year after the cookie is created. For more detailed information about our cookies and their usage, please refer to our Cookie Notice on our website: www.vitala.health.
6.4 We retain the information of visitors who have registered for more information (points 4.1(b) - 4.1(f)) for a maximum of two years after the registration has been made.
7. Recipients
7.1 We may disclose your personal data to our data processors, such as companies that provide IT and cloud services or payment administration services.
7.2 In case of suspected illegal activities or violation of our terms and conditions, we may disclose your personal data to law enforcement authorities, as well as to our legal advisors.
7.3 Provided that you have given your consent to the use of cookies, we will also share cookie data with Facebook and Google for behavioral analysis and targeted marketing.
7.4 We process as much of your personal data as possible within the EU/EEA. If personal data is transferred to a supplier or subcontractor outside the EU/EEA for processing, the recipient has always entered into contractual agreements with Vitala that ensure the recipient maintains a level of protection comparable to the EU/EEA, in accordance with the requirements of Chapter Vof the GDPR.
8. Information Security
8.1 As the data controller, we have implemented appropriate technical and organisational measures to protect your processed personal data. We have specific internal guidelines and processes to address information security matters and to prevent and detect breaches.
8.2 If your personal data is involved in a security incident (referred to as a "personal data breach"), we may contact you.
9. Your Rights
9.1 You have the right to receive confirmation as to whether we process
personal data concerning you, and if so, access to that personal data, as well
as information about the data and our handling of it. You can do this by
sending an email to info@vitala.health.
9.2 You have the right to have incorrect personal data concerning you rectified
by us without undue delay. Taking into account the purposes of the training,
you also have the right in certain cases to have incomplete personal data
completed. You can do this by sending an email to info@vitala.health.
9.3 You have the right to withdraw your consent to our processing of your
personal data at any time. Please note that this affects our ability to provide
you with our Vitala service. You can do this in the ways described in sections
3.5 or 4.1 above.
9.4 You have the right to object to our processing of your personal data for
direct marketing purposes. If you make such an objection, we will no longer
process your personal data for that purpose. You can do this by sending an
email to info@vitala.health.
9.5 You have the right, under certain circumstances, to have your personal
data erased by us, for example, if the data is no longer necessary for the
purposes for which it was collected, or if the data has been unlawfully
processed. You can do this by sending an email to info@vitala.health.
9.6 You have the right to request that we restrict the processing of your
personal data in certain cases. For example, if you dispute the accuracy of the
personal data, you can request that we restrict the processing of the data
while we verify its accuracy. You can do this by sending an email to
info@vitala.health.
9.7 If you have any concerns about our processing of your personal data, you
are welcome to contact us. You also have the right to lodge a complaint
regarding the processing of your personal data with the Swedish Data
Protection Authority (IMY). For more information about IMY, please visit their
website - www.imy.se.
10. Additions and Amendments
We may make updates or changes to this privacy policy. If we do, we will notify you in an appropriate manner, such as via email. If this occurs, we kindly ask you to carefully review the updated privacy policy.
11. Contact Us
If you have any questions regarding our processing of your personal data, please feel free to contact us at info@vitala.health or by mail at:
Aasa Health AB
Attention: Data Protection
Pilgatan 10, Apt 1002
SE-90331 Umeå
Sweden
