Privacy Policy
This page is designed to help you understand why and how we use your personal data. By personal data we mean information that relates to a living individual that can identify or be identified with that individual.
We are Visible, a trading name of Visible Health Inc. a company registered at 251 Little Falls Drive, Wilmington, Delaware 19808 USA.
We may use your personal data to:
- enable you to access the Visible app and website (the “app”);
- provide you with information and support in connection with chronic illness;
- provide you with insights based on data from a wearable device;
- generate insights to inform product development;
- generate anonymized statistics to share with others for the purposes of research, providing you have explicitly opted in; and
- send you information about the app, our company and the development of the app.
- The above is an overview of how your personal data may be processed and is by no means exhaustive – please see below for information on how specific types of personal data are collected, processed and shared.
Below, we have tried to provide you with as much information as we possibly can to explain how your personal data may be used. This means there is a lot of information on this page. To help with finding the information that is most relevant to you, we have split this information into different sections using subheadings.
You may contact us by email on info@makevisible.com.
How is your data processed to enable you to access the app?
What kinds of data do we collect?
We obtain the following personal data directly from you:
- your user name;
- your year of birth;
- a valid email address; and
- your approximate location (for example which country you live in).
We refer to this information as the “access data”.
How do we use your access data?
We use your access data to log you in to the app and to verify that you are a real person and determine whether you are eligible for Visible services. Due to language, logistics and resources we’re only able to support certain Visible services in certain geographies. We use your approximate location to determine what level of services are available to you.
Our legal basis for processing this data is contractual necessity. Without this processing we wouldn’t be able to authorize you to access and use the app.
How is your data processed to provide wellness information and support?
What kinds of data do we collect?
When you first register for the app and at various points after that we will ask you questions about your illness, your symptoms and the types of exertion that affect you. Thereafter, you may complete check-ins where you enter data including information about symptoms, and record biometric data such as heart rate using the app. We refer to this personal data below as “wellness data”.
How do we use your wellness data?
We use your wellness data to help you track and understand your illness, for example by allowing you to identify trends and generate wellness reports.
Our legal basis for processing this data is your consent, which you can withdraw at any time by notifying us using the contact details contained in the “Your rights and how to exercise them” below, and deleting the app. We shall ensure that any such consent obtained is explicit consent.
Please note that without your consent to do this, we will be unable to offer you access to the app. This is because your wellness data is necessary for us to provide the support and information.
How is your data processed to provide you with insights based on data from a wearable device?
What kinds of data do we collect?
If you connect a wearable device to the Visible app, we collect data such as resting heart rate, heart rate variability, gyroscope and accelerometer data. We refer to this information as “biometric data”.
In addition, if you are an Android user, we will request your permission to access geolocation data in order to connect to your wearable device to the app. This is because the Bluetooth framework on Android requires location permissions to find nearby devices. We refer to this information as “nearby devices data”.
Taken together, we refer to this personal data below as “wearable data”.
How do we use your biometric data?
We use your biometric data to help you track and understand your illness, for example by allowing you to measure your heart rate over time and receive pacing notifications.
Our legal basis for processing this data is your consent, which you can withdraw at any time by notifying us using the contact details contained in the “Your rights and how to exercise them” below, and deleting the app. We shall ensure that any such consent obtained is explicit consent.
Please note that without your consent to use your biometric data, we will be unable to offer you access to certain features and functionalities which require access to your biometric data. You will still be able to use other features of the app which do not require access to your biometric data.
How do we use your nearby devices data?
We do not store your nearby devices data, or use it for any means other than connecting your wearable to the app. This data is not shared with Visible and is stored locally on your device only. We do not know your precise location when you use the app.
Our legal basis for processing this data is your consent, which you can withdraw at any time by notifying us using the contact details contained in the “Your rights and how to exercise them” below, and deleting the app. We shall ensure that any such consent obtained is explicit consent.
Please note that without your consent to access your nearby devices data, we will be unable to offer you access to certain features and functionalities which require access to a wearable device. You will still be able to use other features of the app which do not require access to a wearable device.
How is your data processed to generate insights to inform product development?
We also use your access data, wellness data and wearable data to generate insights that may then be used by us to inform product development. This means that we may use this data to better understand the needs of our users and make prioritization and design decisions based on these needs. Our legal basis for processing this data is consent, which you can withdraw at any time by notifying us using the contact details contained in the “Your rights and how to exercise them” below, and deleting the app. As some of the data involved relates to your health, then we shall ensure that any such consent obtained is explicit consent.
How is your data processed to allow anonymized statistics to be shared with others for research purposes?
We also use your wellness data to generate anonymous statistics that may then be shared with third parties for research purposes. We will only share your data with third parties for research purposes if we have explicitly sought your consent to do so on a case-by-case basis. Where this is the case, your wellness data will be anonymized so that you won’t be identifiable from that data. Our legal basis for processing this data is consent, which you can withdraw at any time by notifying us using the contact details contained in the “Your rights and how to exercise them” below. As the data involved relates to your health, then we shall ensure that any such consent obtained is explicit consent.
How is your data processed to enable us to send you information about the app, our company and the development of the app?
We will use your access data (see the “How is your data processed to enable you to access the app” section above for more details as to what this data is) to contact you and provide you with information about our activities and developments and improvements to the app. We do so on the basis of our legitimate interests in keeping you up-to-date with changes in our business and products. In doing so, we will offer you an opportunity to refuse marketing when your details are first collected and in subsequent messages.
Who do we share personal data with?
Internally, we only grant access to identifiable personal data to those people that need access to that data to carry out their role. Externally, we may share from time to time share personal data with the following categories of recipients:
- our service providers, for instance:
- companies that manage our IT infrastructure;
- companies that provide us with cloud based IT systems;
- companies that provide technical services to us, including companies that process and generate insights on biometric data; and
- our external advisors, for instance IT consultants, data scientists, accountants and lawyers,
and where we share personal data with service providers we will always ensure that the service provider is committed contractually to only use personal data in compliance with our instructions and data protection law;
- our regulators, law enforcement, intelligence services and other government authorities, where they require us to do so; and
- potential buyers of or investors in our business where necessary in connection with a due diligence exercise.
Transfers of personal data outside of the European Economic Area (EEA)
The EEA is a group of countries that share the same basic data protection law, and therefore the law assumes that where your personal data is transferred between these countries it enjoys a similar level of protection.
We store and process personal data both within the EEA and the USA.
In circumstances where third parties assist us in providing the services (suppliers), personal data may be transferred outside the EEA, including to the USA.
For data transferred to the USA, we ensure compliance with UK and EU data protection laws, by requiring our suppliers to enter into Data Processing Agreements, incorporating Standard Contractual Clauses (SSCs) approved by the European Union. These clauses ensure that the level of protection for personal data is equivalent to what would be in place if the data remained within the EEA.
We can provide more information on the non-EEA countries to which we transfer your personal data on request.
How long is your data retained for?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. You can ask us to delete your personal data by requesting an account deletion in the app (see “Your rights and how to exercise them”).
Your rights and how to exercise them
The law gives you certain rights in respect of the personal data that we hold about you. Below is a short overview of those rights (for more information about the rights you have in respect of your personal data please visit the Information Commissioner’s Office website: www.ico.org.uk).
If you wish to exercise any of the rights set out below, please email us at info@makevisible.com. We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Access
With some exceptions designed to protect the rights of others, you have the right to a copy of the personal data that we hold about you.
Access to the personal data we hold on you is free of charge however, we may make a reasonable charge for additional copies of that data beyond the first copy, based on our administrative costs.
Where you have given us your personal data (i.e. you have input it into the app), you may have the right to receive your copy of this data in a common electronic format. If you wish, we can provide copies of this data to other people, if it is technically feasible to do so.
Correction
You have the right to have the personal data we hold about you corrected if it is factually inaccurate. This right does not extend to matters of opinion.
Deletion
You can request deletion of your personal data by tapping "delete account" within the Profile tab of the Visible app. This will trigger a data deletion process which will erase your access, wellness and wearable data from our servers.
In certain cases, such as where you have opted into share your data with third parties for research purposes, data has been anonymised and cannot be deleted as it cannot be linked back to you.
Objection
You have the right to object to our processing of your personal data where we rely on “legitimate interests” as our legal basis for processing, but we may be able to continue processing if our interest outweighs your objection.
Opting out of marketing
You have the right to require us to stop using your personal data to send you marketing information. If you want us to stop sending you marketing information, the quickest and most efficient way is to use the provided “unsubscribe” links in our communications (although you can contact us directly if you prefer).