Jr. György Kozmann
We at Heartbit take your privacy very seriously. Please review the below to see how Heartbit processes your personal data and special categories of your personal data in connection with its activity on Heartbit’s website (the "Website"), the Heartbit Application (the "Application") and your individual account created when you choose to register with the Application ("Member Zone") (the Application and Member Zone collectively, the “Heartbit Services”). Heartbit Services are accessible through registration with the Application.
Once you decided that you wish to be a part of the Heartbit experience, you may download and register with our Application to create your own account with Heartbit and begin using the Heartbit Services (the "Account"). As long as your Account remains active and the Application is downloaded (i.e., until you decide to delete it) you will be able to change any of your personal data stored by Heartbit through various settings in the Application.
b. Heartbit makes sure, that any personal data processed relating to you is done only on existing legal grounds and that your rights as a data subject are always respected to the highest extent possible, including effective exercising of your rights as a data subject;
d. Heartbit ensures that you have options to control what personal data is collected and controlled about you. We are continuously working to enhance privacy options available to you, which we will explain in more detail.
When using its features, Heartbit Services collects data, including personal data that directly or indirectly
identifies you (i.e. personal data). We receive personal data in a few different ways, including data you have
provided during Registration in your Account or when you exercise, complete or upload activities using the
Heartbit Services. Heartbit also collects personal data about the way you use the Heartbit Services.
Personal data collected by Heartbit Services includes:
a. Personal data, that is mandatory for the creation of your Account are your name, email address, date of birth, gender, height, weight, step length, username and password that helps secure and provide you with access and enables the analytic functions of the Heartbit Services. These personal data are collected or can be provided in the course of registration with the Heartbit Services through third party service providers (i.e. Facebook and Google) or directly in the Application during registration (the “Registration”). These mandatory data are necessary to create your Account as well as to enable the functionality of the Device and the Application and to calculate and carry out measurements regarding your health;
b. We also collect personal data when you use the Application, including when you perform activities or choose to upload a picture displaying details of your activity (e.g., date, distance, detailed time and geo-location personal data as well as your speed and pace) or share a post within the Heartbit Services. Once you have created your Account and managed to pair your Device with your Account, Heartbit will also collect the model number of your Device;
c. Heartbit Services also collects location data from your phone and your watch when you use the Heartbit Services;
d. In order to measure your activities, Heartbit Service uses as a special Heartbit device (the "Device") mounted on the garments created for this purpose by Heartbit to monitor and collect raw ECG and heart rate data. Using such data, Heartbit Services will provide you with specific analytical data regarding your physical condition in a clear and easily understandable format (raw ECG and heart rate data together is referred to as "Health Data"). We note, that without the collection of Health Data, Heartbit Services will not be able to provide you with further data and analytics produced based on the raw data collected, leaving the functions of Heartbit Services severely limited and will only display real time data and running details during exercise;
e. Heartbit also collects and controls your personal data required for providing you with notification regarding the pre-order of the Device. This includes your name, country of residence and email address. In addition, based on your separate consent, Heartbit will collect and control additional data for marketing research purposes in connection to the Heartbit Services during and after the pre-order period. This data includes your year of birth, gender, phone number, activity level, what type of sports do you generally do, your activity level and information on where did you hear from Heartbit;
f. Upon accessing the Website we also collect various data from your browser, computer, regarding what device or platform you use during your visit. This technical personal data includes device and network data, cookies, log files and other various personal data. The Website and Heartbit Services also record various technical log files. Likely personal data stored in such log files include IP addresses, MAC addresses the type of browsers you use, details regarding your internet service provider, platform data (Android, iOS), date and time stamps, and number of clicks;
g. Heartbit aims to provide athletes and enthusiasts with regular updates, news and notifications on the latest trends and news regarding the world Heartbit and fitness tracking. Based on your consent, Heartbit will send you the regular letters featuring sports news, Heartbit Services and Heartbit merchandise.
Heartbit collects and processes personal data on various legal grounds.
1. To fully experience Heartbit Services: Heartbit Services is designed to analyse and process Health Data and provide you with the most advanced health statistics possible. In order for us to fulfil our duties towards you in this respect, we require to collect both personal data as well as Health Data;
a. Personal Data: Legal grounds to process your personal data (that is not Health Data but is required to provide you with Heartbit Services) is provided by your consent pursuant to Article 6 (1) lit. a.) and our obligation to perform Heartbit Services under Article 6 (1) lit. b.) of the GDPR;
b. Health Data: Health Data will always be collected and processed based on your prior explicit consent pursuant to Article 9 (2) lit. a.) GDPR. This consent, like any other, can be withdrawn at any time. We stress that without the processing of Health Data you will not be able to experience the full capabilities of the Heartbit Services.
People under the age of 16: Due to applicable data protection regulations, Heartbit Services will not be available for persons under the age of 16. Accordingly, potential users under the required age limit will not be able to register with the Heartbit Services and create an Account. When calculating the age of each potential user, Heartbit only relies on the information received for the purposes of creating your Account or as part of the essential data listed in Clause 1. a.) above. Heartbit undertakes no responsibility for the validity of the received personal data an the provided age of the user.
2. To enable the proper functioning of the Website: Heartbit will require to process certain technical data and user preferences to enable the functionalities of the Website, as well as to provide you with the best possible user experience. Legal grounds for the processing of such data is provided by Heartbit's obligation to perform services as well as its legitimate interest under Article (1) lit. b.) and f.) of the GDPR;
3. To facilitate pre-orders and perform orders of the Device: Currently, you have the chance to register yourself for a pre-order list for the Device, which may only be purchased later through the Website;
a. Notification to inform you of Device availability: In order to provide you with notifications on the availability of the Device, We will process your pre-order data as long as the pre-order period lasts. Once the pre-order period ends, we will notify you of this event and you will be offered the chance to be the first to place your order for the Device. legal grounds for the pre-order pursuant to Article 6 (1) lit. b.) of the GDPR;
b. Marketing research based on the pre-order information: In case you provide your separate consent upon pre-ordering the Device, we will process your data mentioned in Clause 1. e.) for the special purposes of conducting market research and to provide information through newsletters on Heartbit Services. Legal grounds for the pre-order marketing content is provided by your consent pursuant to Article 6 (1) lit. a.) of the GDPR;
c. To facilitate orders and manage payment data: Once you place your order for a Device at any time, we will need to process your payment, delivery and any other required personal data to fulfilment of our contractual and other obligations e.g. throughout payment, following payment to comply with statutory accounting and tax obligations. Legal grounds to process these data are the requirement to perform orders and to comply with legal obligations pursuant to Article 6 (1) lit. b.) and c.) of the GDPR;
4. To provide you with the latest news and updates on Heartbit Services: In case you provide your separate consent for us to send you updates and notifications on the latest news on Heartbit Services, we will process your email address for the purpose of sending newsletters. Legal grounds for processing your email address is provided by your consent pursuant to Article 6 (1) lit. a.) of the GDPR;
5. To comply with our statutory legal and regulatory obligations: where necessary to comply with a legal obligation, a court order, or to exercise and defend legal claims; In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. In these cases, where processing of your personal data is necessary for compliance with a legal obligation to which Heartbit is subject, our legal grounds to process your personal is derived from Article 6 (1) lit. c.). Here we note, that we will only share personal data with companies, outside organizations or individuals if we have well established grounds to access, use, preserve or disclose personal data to the extent it is reasonably necessary to meet any applicable law, regulation, legal process or enforceable governmental request, detect, prevent, or otherwise address fraud, security or technical issues or protect against harm to the rights, property or safety of our users or the public as required or permitted by law.
6. To protect your vital interests, or those of others, such as in the case of emergencies: We will also process your data in case it is required to prevent, to detect and to investigate crime and serious violations and obligations. In these cases, the legal grounds In these cases our legal grounds to process your personal data in addition to your consent is further derived from Article 6 (1) lit. d.) of the GDPR;
7. Defence of legal claims and litigation: In these cases our legal grounds to process your personal data is derived from Article 6 (1) lit. f.) of the GDPR whereby processing is necessary for the purposes of the legitimate interests pursued by Heartbit or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
8. To fulfil our legitimate interest: We will process your data where necessary for the purposes of Heartbit’s legitimate interests, such as our interests in protecting our members, our partners’ interests and our commercial interests in ensuring the sustainability of the Heartbit Services. Legal grounds to process your personal data in such cases is derived from Article 6 (1) lit. f.) of the GDPR.
When you choose to share personal data with others
With service providers of Heartbit
When it is required from us by law or court order
We may retain and forward personal data with particular types of third parties, which include in particular law enforcement agencies (police, state secret service, international crime fighting organisations), public or governmental agencies, or private litigants, also from outside your country of residence, if we are obliged to disclose personal data based on the word of the law or reasonably necessary to comply with the law or when is required to respond to court orders, warrants, or other legal or regulatory processes. Personal data may also be processed if Hearbit determines that disclosure is reasonably necessary to prevent the death or serious bodily injury of any person, to address issues of national security or other issues of public importance.
When we need to protect our business interest
Heartbit is determined to detect and combat any breaches of our Terms and Conditions or to prevent any fraud or any means of abuse committed against Heartbit Services, any of its members or any third-party. Heartbit will protect its operations, property and other legal rights provided under law which may lead to us disclosing data to the legal counsel, consultant or other third parties we may choose to engage regarding these matters. However, we are determined that when seeking advice of these third parties, we will always make sure, that arrangements for the co-operation with these third parties provide adequate protection to personal data shared in the process.
What does Hearbit do to protect personal data
We take several measures to protect and safeguard the personal data we process. These solutions and features are located and active on the Website and in the Heartbit Services to ensure that data processed and controlled by Heartbit is constantly protected against outside attacks and are only accessible to members and authorized parties. Heartbit understands that technology is rapidly evolving, that is why Heartbit deploys state of the art technology, that conforms with current standards to safeguard personal data processed by us.
To help ensure that the measures we take are more effective in preventing unauthorized access to your private personal data, you should be aware of the security features available to you through your browser. Our Website applies HTTPS protocol for its operation in order to protect the privacy of our users. Most browsers have the ability to notify you if you change between secure and insecure communications, receive invalid services identification personal data for the Services you are communicating with, or send personal data over an unsecured connection. Heartbit recommends that you enable these browser functions to help ensure that your communications are secure when visiting the Website or using Heartbit Services.
Although Heartbit endlessly strives to protect your personal data by deploying state of the art technology, absolute security can not be guaranteed. Despite our best efforts Heartbit cannot fully ensure or warrant the security of personal data processed by Heartbit. Transmitting personal data is done at your own risk.
Heartbit offers several features and settings to help you manage your privacy and how you share your activities. Privacy controls are located in various parts and features of the Application and control different aspects of data processing done by Heartbit. The following privacy setting are available in the Application:
Updating mandatory Account data
You may correct, amend or update mandatory personal data in your Account at any time by adjusting them in your Account settings, under the "Mandatory Data" section. If you need further assistance correcting inaccurate personal data, please contact Heartbit. Heartbit will generally respond to your request within 30 business days. Deleting personal data and your account
Once you have decided to delete your account, all your personal data, including your Account, activities and corresponding Health Data cannot be reinstated and will be lost permanently.
Content you have shared with others, such as photos, or that others have copied may remain visible after you have deleted your Account or deleted specific personal data from your own Account. Heartbit also provides you the option to remove individual running details or Health Data available for each individual exercise session in the Member Zone without deleting your Account or other running details or personal data.
Management of Health Data
During your workout sessions, the Device and the Application will collect and generate various types of Health Data. Until you choose to synchronize, running details and ECG data will remain on your device. Running details and ECG data will only transfer to Heartbit if you synchronize. You will be able to how to synchronize and manage transfer of your Health Data in the Application.
In accordance with applicable regulations, you have the following rights as a data subject:
• You have the right to access your personal data: you can obtain information relating to the processing of your personal data, and request a copy of such personal data;
• You have the right to rectify your personal data: where you consider that your personal data are inaccurate or incomplete, you can request that such personal data to be modified according to your request;
• You have the right to erase your personal data: you can request the deletion of your personal data to the extent permitted by applicable law;
• You have the right to restrict the use of your personal data: you can request the restriction of the processing of your personal data;
• You have the right to withdraw your consent to the processing of your personal data: where you have given your consent for the processing of your personal data, you have the right to withdraw your consent at any time;
• You have the right to data portability: where legally applicable, you have the right to have the personal data you have provided to us be returned to you or, where technically feasible, transferred to a third party;
• Furthermore, you have the right to object to the processing of your personal data at any time to the extent we process your personal data for the purposes of our legitimate interests and/or of direct marketing.
If you wish to exercise the rights listed above, please contact us on the address shown in Clause 7 below or if you are a member, please use the features available in the Application.
Right to Access and Porting
You can access much of your personal data by logging into your Account and request data in a readable format by clicking on the "DOWNLOAD DATA" button under privacy settings any time. If you require additional access or if you do not have an Account or the Application, please contact us on the address shown in Clause 7 below.
Right to Rectify, Restrict, Limit, Delete
You can also rectify, restrict, limit or delete much of your personal data by logging into your Account, such as to edit your Account details, delete photos you have posted, remove individual activities from the Member Zone without deleting your Account, or completely delete your Account. If you are unable to do this, please contact us at Heartbit. Heartbit will generally respond to your request within 30 business days.
Right to Object
Where we process your personal data based on our legitimate interests explained above, you can object to this processing in certain circumstances. In such cases, we will cease processing your personal data unless we have compelling legitimate legal grounds to continue processing or where it is needed for legal reasons.
Right to Revoke Consent
Where you have previously provided your consent, such as to permit us to process Health Data or other health-related data about you, you have the right to withdraw your consent to the processing of your personal data at any time. For example, you can withdraw your consent by updating your settings or delete your Account. In certain cases, we may continue to process your personal data after you have withdrawn consent if we have a legal basis to do so or if your withdrawal of consent was limited to certain processing activities.
Retention of Personal data
Notwithstanding the above, personal data processed based on your consent or Health Data processed based on your prior explicit consent will be deleted upon your request. We will not continue processing such data once you have exercised your right for deletion of such personal data.
You can delete only some items of personal data (e.g., profile personal data) and you can remove individual activities from view on the Heartbit Services without deleting your account. Following your deletion of your account, it may take up to 30 business days to fully delete your personal data and system logs from our systems.
Use of anonymized data
As mentioned, Heartbit only uses and analyses anonymized Health Data, namely Health Data which does not relate to an identified or identifiable natural person or to personal data rendered anonymous in such a manner that the data subject is not or no longer identifiable. Heartbit does not process any Health Data relating to an Account after it was deleted or the consent to the processing for that Health Data was revoked. Anonymized data means, that such data no longer carries any connection to the data subject from whom it originated. Accordingly, Heartbit only use anonymized data while pursuing its goal of further developing its services and carrying out business development and other scientific research.
complaint regarding the way we process your data, please contact us on the following email address:
Lodging a complaint
If you are not satisfied with the way your request was handled, you can lodge a complaint with the competent Hungarian supervisory authority, which is the Hungarian National Authority for Data Protection and Freedom of Information (in Hungarian Nemzeti Adatvédelmi és Információszabadság Hatóság) or pursue your claims in front of the competent Hungarian courts.
HeartBit is a 3-lead 5-sensor ECG system integrated into a flexible (silicon) chest strap and a compact measurement device to provide laboratory-like heart muscle analysis.
Thank you for being interested in pre-ordering HeartBit!
We are so happy you have joined us. Our team will contact you within 24 hours.
Wearable Health (WH) Plc. specializes in the research & development of innovative cardiac medical devices.
Inventor and Lead Developer
Head of Development
The HeartBit development team consists of 5 PhD members who complement each other in mechanical engineering, information technology and health sciences.
The inventor and lead developer of the devices is Professor Dr. György Kozmann, who has over 50 years of international scientific research experience in physics, biology and information technology.
Our team is a strong, agile and disciplined development organization with experience in Body Surface Mapping, physiological sensors, communications technology and mobile applications.
The company collaborates closely with the Cardiac Bioelectric Imaging Research Laboratory at the Medical Informatics R&D Centre at the University of Pannonia in Hungary.