Privacy Policy
Privacy Policy
This Privacy Policy describes Our policies and procedures on the collection, use, and disclosure of Your information when You use the Service and informs You of Your privacy rights and how the law protects You.
We use Your Personal Data to provide and enhance the Service. By using the Service, You agree to the collection and use of information in accordance with this Privacy Policy.
Interpretation
Capitalized words in this Privacy Policy are defined terms. These definitions will have the same meaning whether they appear in singular or plural form.
Definitions
For the purposes of this Privacy Policy:
Affiliate refers to an entity that controls, is controlled by, or is under common control with a party, where "control" means the ownership of at least 50% of shares or voting rights.
Application refers to Health AI, the software program provided by the Company, designed to Peppervale Software and support heart rate health.
CCPA and/or CPRA refers to the California Consumer Privacy Act, as amended by the California Privacy Rights Act of 2020.
Company (also referred to as "We," "Us," or "Our" in this Agreement) refers to Peppervale Software. For the purpose of the GDPR, the Company is the Data Controller.
Consumer, for purposes of CCPA/CPRA, refers to a California resident, as defined in the law.
Data Controller, under GDPR, is the legal entity determining the purposes and means of Personal Data processing, in this case, the Company.
Device means any electronic device capable of accessing the Service, such as a smartphone or tablet.
GDPR refers to the General Data Protection Regulation (EU).
Service refers to the Application, designed to support heart rate monitoring and health tracking.
Service Provider refers to any natural or legal person who processes data on behalf of the Company. This includes third-party companies or individuals that assist in facilitating the Service, providing the Service, or analyzing how the Service is used. For GDPR purposes, Service Providers are considered Data Processors.
Usage Data is collected automatically, either generated by the use of the Service or from the Service infrastructure itself, such as the duration of a page visit.
You refers to the individual accessing or using the Service, or a company or other legal entity on behalf of which such individual is accessing or using the Service. Under GDPR, You may be referred to as the Data Subject or User.
Types of Data Collected
Personal Data While using Our Service, We may ask You to provide Us with certain personally identifiable information. This information can be used to contact or identify You and may include:
Email address
Heart rate and health data collected by the Application
Any additional data or information provided through the Application, including information from surveys, feedback, or other means to help improve the Service.
Usage Data Usage Data is collected automatically and may include information such as Your Device’s IP address, browser type, browser version, pages of the Service that You visit, the time and date of Your visit, time spent on each page, unique device identifiers, and diagnostic data. When You access the Service on a mobile device, We may also collect information including Your mobile device’s unique ID, IP address, mobile operating system, and mobile Internet browser type. This data helps us understand how the Service is accessed and used to improve functionality and user experience.
Information Collected While Using the Application To enable certain features, We may request Your permission to access the camera or photo library on Your Device, for example, to use features related to heart rate monitoring. You can grant or revoke this permission in Your Device’s settings.
Use of Your Personal Data
The Company may use Personal Data for the following purposes:
To provide and maintain the Service: Including monitoring usage patterns to optimize and enhance functionality.
To communicate with You: By email or other methods, including mobile notifications, to provide updates, alerts, security notifications, and other information necessary for operating the Service.
To manage requests: To handle and respond to requests or inquiries made through the Service.
For business analysis and improvement: To better understand usage patterns and user preferences, which helps us enhance our Service and make it more effective.
Retention of Your Personal Data
We retain Your Personal Data only for as long as necessary for the purposes outlined in this Privacy Policy and to comply with legal obligations. The Company will retain Usage Data for a shorter period, except when this data is necessary for security enhancements or to improve the functionality of the Service, or if we are legally obligated to retain it longer.
Transfer of Your Personal Data
Your information, including Personal Data, may be processed at the Company’s offices or other locations where the involved parties are situated. This may mean transferring Your data to computers in jurisdictions where data protection laws differ. By submitting Your Personal Data and using the Service, You consent to this transfer. We will take reasonable measures to ensure that Your data is handled securely and in accordance with this Privacy Policy, and that transfers occur only when there are adequate data protection controls in place.
You have the right to delete Your Personal Data. The Service may provide options to delete certain information directly from within the Service. You may also contact Us directly to request the deletion of any data You have provided. However, please note that We may need to retain certain information if We have a legal obligation or a lawful basis to do so.
Business Transactions: If the Company is involved in a merger, acquisition, or asset sale, Your Personal Data may be transferred. We will notify You before Your Personal Data is transferred and becomes subject to a different Privacy Policy.
Law Enforcement: Under certain circumstances, We may be required to disclose Your Personal Data if required by law or in response to valid requests by public authorities (e.g., a court or government agency).
Other Legal Requirements: We may disclose Your Personal Data if necessary to comply with legal obligations, protect the rights or property of the Company, prevent or investigate possible wrongdoing related to the Service, protect the personal safety of Users or the public, or protect against legal liability.
Security of Your Personal Data
We strive to protect Your Personal Data using commercially reasonable security measures. However, no method of electronic storage or transmission over the Internet is 100% secure, so We cannot guarantee absolute security.
Our Service Providers may have access to Your Personal Data, and these third-party vendors collect, store, and process data in accordance with their Privacy Policies.
Analytics
We may use third-party analytics services to monitor and analyze usage, such as:
Google Analytics: This service collects, tracks, and reports data about Service usage, which helps us improve and optimize functionality. For more information on Google’s data policies, visit their Privacy Policy.
Firebase: A service from Google that assists in analyzing user activity. For details, refer to the Firebase Privacy Policy.
Legal Basis for Processing Personal Data We may process Personal Data under various legal bases, including consent, contract necessity, legal obligations, vital interests, public interest tasks, and legitimate interests pursued by the Company.
Your Rights under the GDPR If You are within the EU, You have specific rights regarding Your Personal Data, including:
Access: The right to access and obtain a copy of Your Personal Data.
Correction: The right to request corrections to inaccurate or incomplete data.
Erasure: The right to request deletion of Your Personal Data, subject to legal requirements.
Data Portability: The right to receive Your Personal Data in a structured, commonly used format.
Objection: The right to object to processing based on legitimate interests.
Withdraw Consent: The right to withdraw consent where processing is based on Your consent.
For California residents, CCPA/CPRA provides rights related to Your Personal Data, including:
The right to access specific pieces of Personal Data collected, and information about data collection practices.
The right to request the deletion of Your Personal Data, subject to exceptions.
The right to request that Your Personal Data is not sold to third parties.
The right to not face discrimination for exercising these rights.
Our Service is not intended for individuals under the age of 13, and We do not knowingly collect Personal Data from those under 13. If We discover that We have inadvertently collected such data, We will delete it as soon as possible. If parental consent is required by law for collecting data from minors, We will obtain it as required.
Our Service may contain links to third-party websites. These websites are not operated by Us, and We are not responsible for their privacy practices. We recommend reviewing the Privacy Policy of every website You visit.
We may update this Privacy Policy occasionally, and changes will be posted on this page. We will notify You of any significant changes through email or prominent notices within the Service before the changes take effect. We encourage You to review this Privacy Policy periodically for updates.
If You have questions about this Privacy Policy, please contact us:
By email: feedback@peppervalesoftware.com
By visiting this page on our website: https://www.peppervalesoftware.com