
Jr. György Kozmann
CEO
We use cookies to personalise content and ads, to prove social media features and to analyse our traffic. We also share information about your use of our site with our social media, andvertising nad analytics partners. Read our Cookie Policy.
This privacy policy (the “Privacy Policy”) explains the types of personal data we, as Wearable Health Zrt. (registered seat: 1054 Budapest, Aulich utca 7.; company registry number: 01-10-049130) ("Heartbit") collect and process as data controller, the legal grounds for its collection, how we use and share that personal data and how to manage your privacy settings and your rights in connection with the services we offer. In order to fully understand how our services work, we invite you to read our Terms and Conditions.
We at Heartbit take your privacy very seriously. Please review the below to see how Heartbit processes your personal data and special categories of your personal data in connection with its activity on Heartbit’s website (the "Website"), the Heartbit Application (the "Application") and your individual account created when you choose to register with the Application ("Member Zone") (the Application and Member Zone collectively, the “Heartbit Services”). Heartbit Services are accessible through registration with the Application.
Our Website (www.theheartbit.com) uses cookies to enable the use of the Website and its functionalities as well as to provide you with the best possible user experience when checking out our latest news, events or information on our Application and merchandise. Cookies store information regarding your use of the Website, thereby enabling the site's operation, enhancing your browsing experience and making the site easier to use and also to provide you with personalized advertisement and marketing material. You will always have the option to customize and decide which cookies you will allow our Website to use during your browsing session. The Website uses the following cookies, which are (i) cookies required to enable core functionality and use of the Website (these cookies cannot be disabled as without them the Website cannot function properly), cookies (ii) that store information of your use of the Website and enhance your browsing experience (you may disable these cookies) and cookies (iii) that collect information of your browsing activity in order to provide your with personalized advertisements and marketing material (these cookies will not impair any functions of the Website and can be disabled also).
Fore more information about our Cookie Policy and the types of cookies present on the Website, please click here.
Once you decided that you wish to be a part of the Heartbit experience, you may download and register with our Application to create your own account with Heartbit and begin using the Heartbit Services (the "Account"). As long as your Account remains active and the Application is downloaded (i.e., until you decide to delete it) you will be able to change any of your personal data stored by Heartbit through various settings in the Application.
Before we move on to the details of this Privacy Policy, please take a look at our fundamental privacy
principles:
a. When using the Heartbit Services, you can share and publish details of your activities to other social media
platforms. In case you decide to share or publish posts to these platforms, any personal data or other
information will be processed pursuant to the privacy policy of these service providers and as such, Heartbit
will no longer remain in control and liable for data made public on those platforms. Please always be extra
cautious when you share any personal data via third parties and you should carefully review the privacy
practices of such third parties;
b. Heartbit makes sure, that any personal data processed relating to you is done only on existing legal grounds
and that your rights as a data subject are always respected to the highest extent possible, including effective
exercising of your rights as a data subject;
c. Heartbit is a constantly evolving project, that strives to provide you with the most advanced monitoring
service of your health data in practically any situation. In order to secure that we only use personal data for
the purposes defined in this Privacy Policy, we only use anonymized data while pursuing our goal of further
developing our services and carrying out business development and other scientific research. Accordingly, we
apply the latest technological methods to remove any links between data and the person whom it belongs to. As a
result, we only aggregate and publish data only after it was anonymized;
d. Heartbit ensures that you have options to control what personal data is collected and controlled about you.
We are continuously working to enhance privacy options available to you, which we will explain in more
detail.
Heartbit is headquartered in Budapest, Hungary and Heartbit Services are provided to you by Heartbit, using data
processors located in the European Union (“EU”). As such, by virtue of the provisions of the
General Data
Protection Regulation ("GDPR"), personal data collected about you are controlled in accordance
with EU data
protection law. Heartbit notes, that any processing or further forwarding of your personal data will remain
inside the territory of the EU.
This Privacy Policy was written in English. In case this English version is translated into a separate language
version, the English version will prevail. Unless indicated otherwise, this Privacy Policy only applies to
Heartbit Services, and it shall not be applicable in case of third party products or services or the practices
of companies that we do not own or control, including other companies you might interact with on or through the
Heartbit Services.
When using its features, Heartbit Services collects data, including personal data that directly or indirectly
identifies you (i.e. personal data). We receive personal data in a few different ways, including data you have
provided during Registration in your Account or when you exercise, complete or upload activities using the
Heartbit Services. Heartbit also collects personal data about the way you use the Heartbit Services.
Personal data collected by Heartbit Services includes:
a. Personal data, that is mandatory for the creation of your Account are your name, email address, date of
birth, gender, height, weight, step length, username and password that helps secure and provide you with access
and enables the analytic functions of the Heartbit Services. These personal data are collected or can be
provided in the course of registration with the Heartbit Services through third party service providers (i.e.
Facebook and Google) or directly in the Application during registration (the “Registration”).
These mandatory
data are necessary to create your Account as well as to enable the functionality of the Device and the
Application and to calculate and carry out measurements regarding your health;
b. We also collect personal data when you use the Application, including when you perform activities or choose
to upload a picture displaying details of your activity (e.g., date, distance, detailed time and geo-location
personal data as well as your speed and pace) or share a post within the Heartbit Services. Once you have
created your Account and managed to pair your Device with your Account, Heartbit will also collect the model
number of your Device;
c. Heartbit Services also collects location data from your phone and your watch when you use the Heartbit
Services;
d. In order to measure your activities, Heartbit Service uses as a special Heartbit device (the
"Device")
mounted on the garments created for this purpose by Heartbit to monitor and collect raw ECG and heart rate data.
Using such data, Heartbit Services will provide you with specific analytical data regarding your physical
condition in a clear and easily understandable format (raw ECG and heart rate data together is referred to as
"Health Data"). We note, that without the collection of Health Data, Heartbit Services will not
be able to
provide you with further data and analytics produced based on the raw data collected, leaving the functions of
Heartbit Services severely limited and will only display real time data and running details during exercise;
e. Heartbit also collects and controls your personal data required for providing you with notification regarding
the pre-order of the Device. This includes your name, country of residence and email address. In addition, based
on your separate consent, Heartbit will collect and control additional data for marketing research purposes in
connection to the Heartbit Services during and after the pre-order period. This data includes your year of
birth, gender, phone number, activity level, what type of sports do you generally do, your activity level and
information on where did you hear from Heartbit;
f. Upon accessing the Website we also collect various data from your browser, computer, regarding what device or
platform you use during your visit. This technical personal data includes device and network data, cookies, log
files and other various personal data. The Website and Heartbit Services also record various technical log
files. Likely personal data stored in such log files include IP addresses, MAC addresses the type of browsers
you use, details regarding your internet service provider, platform data (Android, iOS), date and time stamps,
and number of clicks;
g. Heartbit aims to provide athletes and enthusiasts with regular updates, news and notifications on the latest
trends and news regarding the world Heartbit and fitness tracking. Based on your consent, Heartbit will send you
the regular letters featuring sports news, Heartbit Services and Heartbit merchandise.
Heartbit collects and processes personal data on various legal grounds.
In the following points we list the legal grounds Heartbit relies on to collect, use, share, and otherwise
process the personal data we receive about you for the purposes described in this Privacy Policy:
1. To fully experience Heartbit Services: Heartbit Services is designed to analyse and process
Health Data and
provide you with the most advanced health statistics possible. In order for us to fulfil our duties towards you
in this respect, we require to collect both personal data as well as Health Data;
a. Personal Data: Legal grounds to process your personal data (that is not Health Data but is
required to
provide you with Heartbit Services) is provided by your consent pursuant to Article 6 (1) lit. a.) and our
obligation to perform Heartbit Services under Article 6 (1) lit. b.) of the GDPR;
b. Health Data: Health Data will always be collected and processed based on your prior explicit
consent pursuant
to Article 9 (2) lit. a.) GDPR. This consent, like any other, can be withdrawn at any time. We stress that
without the processing of Health Data you will not be able to experience the full capabilities of the Heartbit
Services.
People under the age of 16: Due to applicable data protection regulations, Heartbit Services
will not be
available for persons under the age of 16. Accordingly, potential users under the required age limit will not be
able to register with the Heartbit Services and create an Account. When calculating the age of each potential
user, Heartbit only relies on the information received for the purposes of creating your Account or as part of
the essential data listed in Clause 1. a.) above. Heartbit undertakes no responsibility for the validity of the
received personal data an the provided age of the user.
2. To enable the proper functioning of the Website: Heartbit will require to process certain
technical data and
user preferences to enable the functionalities of the Website, as well as to provide you with the best possible
user experience. Legal grounds for the processing of such data is provided by Heartbit's obligation to perform
services as well as its legitimate interest under Article (1) lit. b.) and f.) of the GDPR;
3. To facilitate pre-orders and perform orders of the Device: Currently, you have the chance to
register
yourself for a pre-order list for the Device, which may only be purchased later through the Website;
a. Notification to inform you of Device availability: In order to provide you with
notifications on the
availability of the Device, We will process your pre-order data as long as the pre-order period lasts. Once the
pre-order period ends, we will notify you of this event and you will be offered the chance to be the first to
place your order for the Device. legal grounds for the pre-order pursuant to Article 6 (1) lit. b.) of the GDPR;
b. Marketing research based on the pre-order information: In case you provide your separate
consent upon
pre-ordering the Device, we will process your data mentioned in Clause 1. e.) for the special purposes of
conducting market research and to provide information through newsletters on Heartbit Services. Legal grounds
for the pre-order marketing content is provided by your consent pursuant to Article 6 (1) lit. a.) of the
GDPR;
c. To facilitate orders and manage payment data: Once you place your order for a Device at any
time, we will
need to process your payment, delivery and any other required personal data to fulfilment of our contractual and
other obligations e.g. throughout payment, following payment to comply with statutory accounting and tax
obligations. Legal grounds to process these data are the requirement to perform orders and to comply with legal
obligations pursuant to Article 6 (1) lit. b.) and c.) of the GDPR;
4. To provide you with the latest news and updates on Heartbit Services: In case you provide
your separate
consent for us to send you updates and notifications on the latest news on Heartbit Services, we will process
your email address for the purpose of sending newsletters. Legal grounds for processing your email address is
provided by your consent pursuant to Article 6 (1) lit. a.) of the GDPR;
5. To comply with our statutory legal and regulatory obligations: where necessary to comply
with a legal
obligation, a court order, or to exercise and defend legal claims; In certain situations, we may be required to
disclose personal data in response to lawful requests by public authorities, including to meet national security
or law enforcement requirements. In these cases, where processing of your personal data is necessary for
compliance with a legal obligation to which Heartbit is subject, our legal grounds to process your personal is
derived from Article 6 (1) lit. c.). Here we note, that we will only share personal data with companies, outside
organizations or individuals if we have well established grounds to access, use, preserve or disclose personal
data to the extent it is reasonably necessary to meet any applicable law, regulation, legal process or
enforceable governmental request, detect, prevent, or otherwise address fraud, security or technical issues or
protect against harm to the rights, property or safety of our users or the public as required or permitted by
law.
6. To protect your vital interests, or those of others, such as in the case of emergencies: We
will also process
your data in case it is required to prevent, to detect and to investigate crime and serious violations and
obligations. In these cases, the legal grounds In these cases our legal grounds to process your personal data in
addition to your consent is further derived from Article 6 (1) lit. d.) of the GDPR;
7. Defence of legal claims and litigation: In these cases our legal grounds to process your
personal data is
derived from Article 6 (1) lit. f.) of the GDPR whereby processing is necessary for the purposes of the
legitimate interests pursued by Heartbit or by a third party, except where such interests are overridden by the
interests or fundamental rights and freedoms of the data subject which require protection of personal data, in
particular where the data subject is a child.
8. To fulfil our legitimate interest: We will process your data where necessary for the
purposes of Heartbit’s
legitimate interests, such as our interests in protecting our members, our partners’ interests and our
commercial interests in ensuring the sustainability of the Heartbit Services. Legal grounds to process your
personal data in such cases is derived from Article 6 (1) lit. f.) of the GDPR.
When you choose to share personal data with others
Heartbit makes it possible to share personal data you wish to make public with other Heartbit members and the
public on other social platforms as mentioned in the beginning of this Privacy policy. Personal data shared on
these platforms will be visible by other users based on the settings you have chosen in your privacy settings on
the respective social platform. Please always make sure to chose the privacy options you prefer when sharing
content on other social platforms.
With service providers of Heartbit
Heartbit may share your personal data with service providers and other recipients, to support and improve its
features and services and also to perform pre-orders or process payments. Service providers in these cases will
only receive access to personal data which is absolutely necessary to perform these tasks and provide features
on the behalf of Heartbit. These recipients must adhere to the requirements set out in this Privacy Policy are
always strictly required to protect and secure your personal data provided to them.
When it is required from us by law or court order
We may retain and forward personal data with particular types of third parties, which include in particular law
enforcement agencies (police, state secret service, international crime fighting organisations), public or
governmental agencies, or private litigants, also from outside your country of residence, if we are obliged to
disclose personal data based on the word of the law or reasonably necessary to comply with the law or when is
required to respond to court orders, warrants, or other legal or regulatory processes. Personal data may also be
processed if Hearbit determines that disclosure is reasonably necessary to prevent the death or serious bodily
injury of any person, to address issues of national security or other issues of public importance.
When we need to protect our business interest
Heartbit is determined to detect and combat any breaches of our Terms and Conditions or to prevent any fraud or
any means of abuse committed against Heartbit Services, any of its members or any third-party. Heartbit will
protect its operations, property and other legal rights provided under law which may lead to us disclosing data
to the legal counsel, consultant or other third parties we may choose to engage regarding these matters.
However, we are determined that when seeking advice of these third parties, we will always make sure, that
arrangements for the co-operation with these third parties provide adequate protection to personal data shared
in the process.
What does Hearbit do to protect personal data
We take several measures to protect and safeguard the personal data we process. These solutions and features are
located and active on the Website and in the Heartbit Services to ensure that data processed and controlled by
Heartbit is constantly protected against outside attacks and are only accessible to members and authorized
parties. Heartbit understands that technology is rapidly evolving, that is why Heartbit deploys state of the art
technology, that conforms with current standards to safeguard personal data processed by us.
To help ensure that the measures we take are more effective in preventing unauthorized access to your private
personal data, you should be aware of the security features available to you through your browser. Our Website
applies HTTPS protocol for its operation in order to protect the privacy of our users. Most browsers have the
ability to notify you if you change between secure and insecure communications, receive invalid services
identification personal data for the Services you are communicating with, or send personal data over an
unsecured connection. Heartbit recommends that you enable these browser functions to help ensure that your
communications are secure when visiting the Website or using Heartbit Services.
Disclaimer
Although Heartbit endlessly strives to protect your personal data by deploying state of the art technology,
absolute security can not be guaranteed. Despite our best efforts Heartbit cannot fully ensure or warrant the
security of personal data processed by Heartbit. Transmitting personal data is done at your own risk.
Privacy Setting
Heartbit offers several features and settings to help you manage your privacy and how you share your activities.
Privacy controls are located in various parts and features of the Application and control different aspects of
data processing done by Heartbit. The following privacy setting are available in the Application:
Updating mandatory Account data
You may correct, amend or update mandatory personal data in your Account at any time by adjusting them in your
Account settings, under the "Mandatory Data" section. If you need further assistance correcting inaccurate
personal data, please contact Heartbit. Heartbit will generally respond to your request within 30 business days.
Deleting personal data and your account
Once you have decided to delete your account, all your personal data, including your Account, activities and
corresponding Health Data cannot be reinstated and will be lost permanently.
Content you have shared with others, such as photos, or that others have copied may remain visible after you
have deleted your Account or deleted specific personal data from your own Account.
Heartbit also provides you the option to remove individual running details or Health Data available for each
individual exercise session in the Member Zone without deleting your Account or other running details or
personal data.
Management of Health Data
During your workout sessions, the Device and the Application will collect and generate various types of Health
Data. Until you choose to synchronize, running details and ECG data will remain on your device. Running details
and ECG data will only transfer to Heartbit if you synchronize. You will be able to how to synchronize and
manage transfer of your Health Data in the Application.
In accordance with applicable regulations, you have the following rights as a data subject:
• You have the right to access your personal data: you can obtain information relating
to the processing of your
personal data, and request a copy of such personal data;
• You have the right to rectify your personal data: where you consider that your
personal data are inaccurate or
incomplete, you can request that such personal data to be modified according to your request;
• You have the right to erase your personal data: you can request the deletion of your
personal data to the
extent permitted by applicable law;
• You have the right to restrict the use of your personal data: you can request the
restriction of the
processing of your personal data;
• You have the right to withdraw your consent to the processing of your personal data:
where you have given your
consent for the processing of your personal data, you have the right to withdraw your consent at any
time;
• You have the right to data portability: where legally applicable, you have the right
to have the personal data
you have provided to us be returned to you or, where technically feasible, transferred to a third party;
• Furthermore, you have the right to object to the processing of your personal data at any
time to the extent we
process your personal data for the purposes of our legitimate interests and/or of direct marketing.
If you wish to exercise the rights listed above, please contact us on the address shown in Clause 7 below or if
you are a member, please use the features available in the Application.
Right to Access and Porting
You can access much of your personal data by logging into your Account and request data in a readable format by
clicking on the "DOWNLOAD DATA" button under privacy settings any time. If you require additional access or if
you do not have an Account or the Application, please contact us on the address shown in Clause 7 below.
Right to Rectify, Restrict, Limit, Delete
You can also rectify, restrict, limit or delete much of your personal data by logging into your Account, such as
to edit your Account details, delete photos you have posted, remove individual activities from the Member Zone
without deleting your Account, or completely delete your Account. If you are unable to do this, please contact
us at Heartbit. Heartbit will generally respond to your request within 30 business days.
Right to Object
Where we process your personal data based on our legitimate interests explained above, you can object to this
processing in certain circumstances. In such cases, we will cease processing your personal data unless we have
compelling legitimate legal grounds to continue processing or where it is needed for legal reasons.
Right to Revoke Consent
Where you have previously provided your consent, such as to permit us to process Health Data or other
health-related data about you, you have the right to withdraw your consent to the processing of your personal
data at any time. For example, you can withdraw your consent by updating your settings or delete your Account.
In certain cases, we may continue to process your personal data after you have withdrawn consent if we have a
legal basis to do so or if your withdrawal of consent was limited to certain processing activities.
Retention of Personal data
We retain personal data as long as it is necessary to provide the Heartbit Services. Personal data associated
with your Account will generally be kept until it is no longer necessary to provide the Heartbit Services or
until your Account is deleted. However, in certain cases we may retain personal data for a longer period to
comply with our statutory obligation prescribed by law. This personal data is also processed in accordance with
this Privacy Policy.
Notwithstanding the above, personal data processed based on your consent or Health Data processed based on your
prior explicit consent will be deleted upon your request. We will not continue processing such data once you
have exercised your right for deletion of such personal data.
You can delete only some items of personal data (e.g., profile personal data) and you can remove individual
activities from view on the Heartbit Services without deleting your account. Following your deletion of your
account, it may take up to 30 business days to fully delete your personal data and system logs from our systems.
Use of anonymized data
As mentioned, Heartbit only uses and analyses anonymized Health Data, namely Health Data which does not relate
to an identified or identifiable natural person or to personal data rendered anonymous in such a manner that the
data subject is not or no longer identifiable. Heartbit does not process any Health Data relating to an Account
after it was deleted or the consent to the processing for that Health Data was revoked. Anonymized data means,
that such data no longer carries any connection to the data subject from whom it originated. Accordingly,
Heartbit only use anonymized data while pursuing its goal of further developing its services and carrying out
business development and other scientific research.
Changes to this Privacy Policy
Heartbit reserves the right to modify this Privacy Policy at any time, therefore we invite you to review its
contents from time to time. Updates to this Privacy Policy will be posted on the Heartbit Services in a timely
manner and, if we make material changes, we will provide a prominent notice. If you object to this Privacy
Policy or any of the changes to this Privacy Policy, you should stop using the Heartbit Services and delete your
Account.
In a world of constant regulatory and technological changes, we may need to regularly update this Privacy Policy.
We invite you to review the latest version of this Privacy Policy online and we will inform you of any material
changes through the Application or the Website.
If you have any questions relating to our use of your personal data under this Privacy Policy or have any
complaint regarding the way we process your data, please contact us on the following email address:
info@theheartbit.com
Lodging a complaint
If you are not satisfied with the way your request was handled, you can lodge a complaint with the competent
Hungarian supervisory authority, which is the Hungarian National Authority for Data Protection and Freedom of
Information (in Hungarian Nemzeti Adatvédelmi és Információszabadság Hatóság) or pursue your claims in front of
the competent Hungarian courts.
HeartBit is a 3-lead 5-sensor ECG system integrated into a flexible (silicon) chest strap and a compact measurement device to provide laboratory-like heart muscle analysis.
Thank you for being interested in pre-ordering HeartBit!
We are so happy you have joined us. Our team will contact you within 24 hours.
Wearable Health (WH) Plc. specializes in the research & development of innovative cardiac medical devices.
CEO
Inventor and Lead Developer
Head of Development
The HeartBit development team consists of 5 PhD members who complement each other in mechanical engineering, information technology and health sciences.
The inventor and lead developer of the devices is Professor Dr. György Kozmann, who has over 50 years of international scientific research experience in physics, biology and information technology.
Our team is a strong, agile and disciplined development organization with experience in Body Surface Mapping, physiological sensors, communications technology and mobile applications.
The company collaborates closely with the Cardiac Bioelectric Imaging Research Laboratory at the Medical Informatics R&D Centre at the University of Pannonia in Hungary.