Last updated: 12/21/21
We hope you find this policy clear and transparent. If you have any questions, please reach out to us at email@example.com.
We care deeply about the security and privacy of the personal data that is entrusted to us. Please read this policy carefully as it contains important information about the personal data that we collect, how we use it, your rights and choices, and how you can contact us about our privacy practices.
What information we collect
Personal data is any information that relates to an identified or identifiable individual or that is linked or linkable to them by Even.
Personal data used for account creation
An account is required to use Even Mind. To register an account, you have to enter your email address and a password. You may also register using a Google Account or Sign in with Apple. When using Sign in with Apple, you can choose to hide your email address for an additional layer of privacy.
Health and sensitive data
We store health data, such as your mood and energy levels, symptom levels, and other health factors you track in the app (e.g. sleep, steps, activity, etc.).
The provision of this information is entirely voluntary, and it is up to you how much information to input.
Your health data is encrypted safely on our services and the only personal data it is attached to is your email address.
This is data that tells us what hardware and software you are using to access the App, such as device model, operating system version, application version, and crash information. On our website, we collect information about your browser and browser settings, the operating system you use, and system settings of your device.
Anonymized app usage data
We collect aggregate, anonymous statistics, such as the percentage of users who use particular features. We use this information to better understand which features are most relevant or useful to our users as a whole.
We collect IP addresses provided by your browser or mobile device to deliver the Service to your device. We also use the IP address to determine your approximate location for statistical and analytics purposes.
How we process your data
Even does not store sensitive personal data without your explicit consent. It is only when you give us explicit consent by creating an Even account that we start storing your health and sensitive data on our secured servers.
You can withdraw your consent at any time by simply deleting your account in the app. Deleting your account will also delete your health and sensitive data from our servers.
We use the information we collect to operate and improve our website, apps, and customer support. We do not process personal data that directly identifies you as a person (such as your email address).
Your data will be stored by us as long as this is necessary for your use of the Service. The anonymized app usage data can also be stored indefinitely for research and product improvement purposes.
We do not, and will never sell any personal data about you to third parties.
We do not pass on your data to third parties, unless we are legally entitled or obliged to do so, or you have given us your consent.
We take significant precautions to protect your data and to prevent misuse. But remember that no method of transmission over the internet, or method of electronic storage is 100% secure and reliable, and Even cannot guarantee its absolute security.
How we protect your data
Your personal profile data (email address) is stored separately from your health data (mood, energy, symptoms). This allows us to ensure the highest possible level of privacy for your health data.
Data and metadata is encrypted under the 256-bit Advanced Encryption Standard, and each encryption key is itself encrypted with a regularly rotated set of master keys.
The App communicates with our servers via encrypted connections using the HTTPS protocol.
How you can protect your data
One of the biggest threats to the security of your data is if someone gains access to one of your devices. We have outlined some steps you can take to secure your data below.
Enable Passcode / Face ID in Even Mind
Enabling this setting will make Even Mind automatically lock between uses.
Secure your device
- Activate passcode, Touch ID, or Face ID authentication for your device.
- Enable the ability to erase your device if it has been lost or stolen. To activate this feature see the instructions for setting up “Find My” on the Apple Support pages.
We use third-party tools in order to deliver our services to you.
In detail we use the following tools:
- Google Firebase
In the App we use Firebase (https://www.firebase.com/), a framework from Google’s subsidiary Firebase, based in San Francisco, CA, USA, through which we use the following services:
- Your data is securely stored on a Firestore database, which automatically encrypts all data before it is stored. You can read more about Firestore encryption here.
- Google Cloud Identity Platform
In the App we use Google Cloud Identity Platform to allow you to sign up and log in. This services enables us to securely save your data in the cloud and provide the same personalized experience across all of your devices. For information on the functionality of Google Cloud Identity Platform, please visit https://cloud.google.com/identity-platform.
Cookies, tracking, and payment data
You may, however, disable cookies on our website. The most effective way to do this is to disable cookies in your browser. Blocking all cookies will have a negative impact upon the usability of many websites. If you block cookies, you may not be able to use all the features on our website.
The App and our website use third-party analysis and tracking services to track the performance of our services, understand how you use our services, and offer you an improved and safer experience.
For the purpose of tracking the performance of our services and to improve our services, Even uses the following third-party services:
Exporting or deleting information
You may export your data (as a .csv file) at any time from the “Profile” page in the mobile application. The “Profile” page can be accessed from the “Settings” page.
You may delete your account at any time from the “Profile” page in the mobile application. Deleting your account also deletes all of your saved data from our servers.
Deleted information may be kept in backups for up to 90 days. Backups are encrypted and are only accessed if needed for disaster recovery.
We may delete your information at any time and for any reason, such as technical needs, legal concerns, abuse prevention, removal of idle accounts, data loss, or any other reason.
Links to other sites
Our services may contain links to other sites. If you click on a third-party link, you will be directed to that site. Note that these external sites are not operated by us. Therefore, we strongly advise you to review the privacy policies of these websites. We have no control over, and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.
Even does not knowingly collect or use personal data from children under the age of 16. By registering an Even account, you are required to confirm that you are at least 16 years old.
In the case we discover that a child under 16 has provided us with personal information, we immediately delete the account and wipe all related information from our servers. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us so that we will be able to take necessary actions.
Information for European Union Customers
By using the Service and providing your information, you authorize us to collect, use, and store your information outside of the European Union.
International Transfers of Information
Information may be processed, stored, and used outside of the country in which you are located. Data privacy laws vary across jurisdictions, and different laws may be applicable to your data depending on where it is processed, stored, or used.
We reserve the right to amend this policy from time to time to reflect changes in the law, our data collection and data use practices, or advances in technology. Please check this page periodically for changes. If we make changes to this policy that, in our sole discretion, is material, we will notify you by posting a notice of these changes in this policy.
For help with this policy and any other question, please contact us at firstname.lastname@example.org