Japa Health Privacy Policy

Last Updated:  September 8, 2021

At Japa Health, we think of your Personal Information as exactly that—Personal to you.  Japa’s commitment to you is that, at its core, your data belongs to you.  Under that commitment, Japa believes that you have the right to benefit and profit from your own data and information before anyone else may.  With Japa, you will continuously control external access to your data in real time, and we remain committed to that promise.

As you review this Policy, you will notice that it contains a lot of disclosures, many of which are required under applicable laws and regulations.  We strongly recommend that you read this Policy in full, but we want to highlight the following points:

  • We may collect your Personal Information via automated means such as cookies and other trackers, when you provide your Personal Information directly to us, and from third party services if you agree to integrate those services within your use of the platform;
  • We may collect various categories of Personal Information such as identifiers, fitness and wellness data, device information, and location information;
  • We may use your Personal Information for such purposes as processing any orders and payments, to personalize your experience with Japa, and to contact you with updates and offers; and
  • We do not sell your Personal Information.

1. Who’s This Policy For And What Does It Cover?

At Japa Health, Inc. (“Japa Health” or “we”), our goal is to empower people to realize their full potential, and that includes  helping them retain control over their Personal Information and being transparent about what we do with it.  This Privacy Policy (“Policy”) is for actual or prospective customers and users of the Japa Health personal wellness platform, which includes our mobile application (the “Mobile App”),  the Japa.Health website (the “Site”), and any other online services we operate that link to this Policy (collectively with the Mobile App and Site, the “Services”).  The Policy describes how we may collect, use, and share your Personal Information in connection with operating the Services.  It also explains related rights and choices you may have. 

You may see other privacy notices when we collect your Personal Information for certain purposes.  Those notices supplement this Policy.  This Policy also contains a statement specific to residents of California.  To the extent the statement differs from other parts of the Policy, the statement governs with respect to California residents.

2. What is “Personal Information”?

When we say “Personal Information,” we mean information that can reasonably be linked to a particular individual or their household.  Generally speaking, your Personal Information includes your unique identifiers (full name, phone number, email address, user name, etc.), and information about your characteristics, conditions or behavior that is associated with one of your identifiers or could otherwise reasonably be linked to you. 

“Non-Personal Information,” on the other hand, has been anonymized, aggregated or de-identified such that it cannot reasonably be linked to a particular individual or their household.

3. Personal Information We Collect And How We Collect It

Categories

Depending on the nature of your interactions with us, we may collect some or all of the following types of Personal Information:

  • “Identifiers,” such as first and last name, address, email address, phone number, user name, signature, IP address, cookie ID and similar information.
  • “Financial Information,” such as payment card information
  • “Fitness and Wellness Data,” such as your self-reported physical or mental health condition. 
  • “Demographic Information,” such as age or gender.  Demographic information may include characteristics of protected classifications under applicable law.
  • “Device or Browser Information,” such as device or browser type and configuration
  • “Location Information,” such as your mobile device’s approximate location when you access the Site or Mobile App.  Where required by applicable law or app store rules, we won’t access location data on your mobile device unless you first consent.
  • “Commercial Information,” such as your shopping or purchasing history on our Services
  • “User Content,” such as comments or other content posted to our Site or shared with us via email, browsing activity, social media content, interactions with our Service, and interactions with marketing communications sent on our behalf
  • “Internet Activity” or “Usage Data,” such as information about how you use a Service
  • Other categories disclosed to you at the point of collection

Collection Sources

From You When You Provide It To Us

You aren’t required to provide any Personal Information to access the public Site, but you may choose to provide some when you fill out a form on the site.  For example, if you choose to communicate with us by using the “Contact Us” page on the Site, we may collect your full name, email address, phone number, business or employer name, and any comments you choose to provide.  Additionally, you may choose to provide certain Fitness and Wellness Data to maximize the benefits of our platform and allow you to keep an eye on your health goals and needs. “Fitness and Wellness Data” includes data you provide related to your dietary habits, dietary restrictions, fitness activity, fitness goals, lifestyle, life events, fitness goals, height, weight, measurements, fitness level, heart rate, sleep data, BMI, biometric data, and similar types of data relating to physiological condition, and activity.  We collect this data in order to provide the Services and to tailor features and services to your interests and goals, including providing meal suggestions, reporting and analytics, workout plans, and meal planning related services, and product recommendations. 

Use of the Services (other than the public Site) is limited to registered users.  If you create an account, we collect your email address and other Identifiers.  You will be required to create a unique password. To protect your privacy and the security of the Services, we use a third-party authentication provider that manages establishing, resetting, and storing user passwords and manages your ability to access the application.  You may review how this service respects your privacy by visiting https://auth0.com/privacy.

Automatically From Your Computer or Mobile Device When You Access Our Services

Like most online services, our Services may passively collect some information from users’ devices in order to make features function correctly.  Some of this data may be collected through the use of browser cookies or similar online tracking technologies, which are explained below. In many cases, we limit this type of collection to Non-Personal Information.  However, this data may include Personal Information such as online Identifiers, Device or Browser Information, Location Information or Internet Activity in some circumstances.

From Third Party Sources

If we offer the ability to integrate our Service with a third party app or service, and you choose that feature, we may receive some of your Personal Information from that third party.  We may obtain information about you from other third party sources.  For example, we may collect Identifiers or Internet Activity that you have chosen to disclose on social media platforms. 

We may combine information collected from other sources with information collected from you or your device.  To the extent the information, alone or in combination, constitutes Personal Information, we will treat it as Personal Information as described in this Policy.

4. How We Use Personal Information

We use Personal Information for the following purposes:

  • To process orders and payments
  • To maintain your account
  • To secure our Services against fraud, malicious activity, or conduct that may violate our terms of use;
  • To analyze how our Services are used;
  • To personalize and improve your experience on the Service;
  • To make health and wellness recommendations to you based on our unique analytics;
  • To provide you with information about a product or service you’ve shown interest in, or another product or service we think you might like;
  • To notify you about changes to our products or Services;
  • To provide you with periodic product newsletters, catalogues and offers;
  • To contact you and provide you with help if you have a customer service issue;
  • To contact you to fill out surveys and participate in other types of market research;
  • To comply with our legal obligations
  • In any other way we may describe when we collect the information; and
  • For any other purpose with your consent.

We may use Non-Personal Information for any purpose.

5. How We Share Personal Information

Vendors

We may share Personal Information with contractors, service providers, and other vendors who assist or support us in providing the Services.  Examples of these third party services may include hosting of our Services, storing data, performing analytics, processing payments, or sending marketing communications.  Our agreements with vendors prohibit them from retaining, using or disclosing the Personal Information we share with them for any purpose other than providing services to us. 

Mandatory Disclosures And Legal Proceedings

We may have a legal obligation to disclose Personal Information to government authorities or other third parties pursuant to a valid regulatory request, subpoena or court order.  We may also need to disclose and otherwise process your Personal Information in accordance with applicable law to prevent physical harm or financial loss, protect the vital interests of a person, enforce our various policies or terms of use, protect our property, services and legal rights, prevent fraud, support auditing, compliance and corporate governance functions, or comply with applicable law.

Change In Control Or Merger

We may transfer your information in the event of the sale of substantially all of the assets of our business to a third-party or in the event of a corporate merger, consolidation, acquisition or reorganization. However, in such event, any acquirer will be subject to the provisions of our commitments to you or we will not disclose your information.

With Your Direction Or Consent

We will share your Personal Information with other third parties as you may direct or otherwise consent. 

6. Children’s Privacy

Our Site is not directed to children (individuals under the age of 18).  We do not knowingly collect, maintain, or process children’s Personal Information unless the child’s parent or guardian consents and provides the information.  If we determine that we have received a child’s Personal Information from a source other than the child’s consenting parent/guardian, we will immediately delete the information.

7. Cookies And Online Tracking

What Are Cookies?

A browser cookie is a small piece of data that a website stores in your device’s browser, or your mobile device may place in its storage.  It holds information that the site uses to function properly, remember your preferences, or personalize your experience.  A typical cookie contains a cookie ID, which is a unique string of characters used to identify your browser during the browsing session, or in some cases, during subsequent browsing sessions.  Cookies, cookie ID’s and similar pieces of data may be considered Personal Information (Identifiers or Internet Activity) under applicable law.

Other online technologies, similar to cookies, may allow users to be identified and tracked across multiple browsing sessions, and in some cases tracked across different websites and online services for marketing or advertising purposes.  These technologies include, but are not necessarily limited to, pixels, web beacons and scripts (collectively with browser cookies, “Cookies”).

How Cookies May Be Used On Our Services

Currently, our Site only uses Cookies that are essential to proper functioning of the Site, enable us to offer Services to you, or help us understand your usage of Services.  We don’t use any Cookies that could allow third parties to track you across different sites for targeted advertising purposes.

How You Can Block Cookies

You can block, disable or delete cookies at any time more broadly by changing the settings in your browser. However, blocking, disabling, or deleting cookies may limit your ability to view all the pages of our Site or other sites.  You can find more information about cookies and other options you may have for restricting them at www.cookiesandyou.com, and www.aboutads.info/choices and www.youronlinechoices.eu.

“Do Not Track” Signals

Your browser may offer a Do Not Track (DNT) setting.  If you turn that setting on, your browser sends a signal to websites indicating that you don’t want to be tracked over time or across third party sites.  We don’t currently respond to these signals because there is not yet a common understanding of how to process them or a consensus on what “tracking” means. 

8. Your Rights And Choice

Opt-Out Of Marketing Communications

You may opt-out of our marketing emails by using the unsubscribe link provided in the email.

Your Browser And Device Settings

See Section 7 for options to restrict Cookies.

Area-Specific Rights And Choices

If you are a California resident, you may have other rights and choices. See Section 13.

9. Links To Third Party Sites

Our Site may contain links to third-party websites, products or services.  If you use these links, you will leave our site. Such links do not constitute or imply an endorsement, sponsorship or recommendation by us of the third party, the third-party website or the information contained therein, and we shall not be responsible or liable for your use thereof. Such use shall be subject to the terms of use and privacy policies applicable to those sites.

10. Third Party Direct Marketing

We don’t share Personal Information with third parties for their direct marketing purposes without your consent.

11. Quality And Retention of Personal Information

We take reasonable steps to keep the Personal Information we possess accurate and to delete incorrect or unnecessary Personal Information.  We retain personal information only as long as necessary to fulfill the purposes outlined in this Privacy Policy or otherwise communicated to you, unless a longer period is required by applicable law. 

12. Security

The security of your Personal Information is important to us, but remember that no method of transmission over the Internet, or method of electronic storage, is 100% secure.  While we strive to use commercially reasonable means to protect your Personal Information, we cannot guarantee its absolute security.

13. California Residents (CCPA Statement)

This statement makes additional disclosures to California residents (i.e., “consumers”), and describes rights they have, under the California Consumer Privacy Act of 2018, as amended.(the “CCPA”).  You can learn more about the CCPA here:  https://oag.ca.gov/privacy/ccpa

The rights described in this statement may not apply if you are interacting with us on behalf of an organization that is our customer, vendor or partner.

Collection Of Personal Information

The categories of Personal Information we have collected about consumers in the past 12 months are listed in Section 3. 

Sale Or Disclosure Of Personal Information

We don’t sell consumers’ Personal Information.

Within the past 12 months, we disclosed the following categories of Personal Information for a business purpose (to the categories of recipients listed):

  • Identifiers (to vendors)
  • Demographic Information (to vendors)
  • Location Information (to vendors)
  • Device/Browser Information (to vendors)
  • Internet Activity (to vendors)

Your Rights As a Californian

California residents have the right to make the following requests to covered businesses.  The requests may be made by a consumer, by a consumer on behalf of the consumer’s minor child, or by a person authorized by the consumer to act on the consumer’s behalf.

Right To Request Information About Collection, Disclosure or Sale of Personal Information  

You have the right to request that a business disclose to you: (i) the categories and specific pieces of Personal Information the business has collected about you within the past 12 months, (ii) the categories of sources from which the Personal Information is collected, (iii) the business or commercial purposes for collecting or selling Personal Information, and (iv) the categories of third parties with whom the business shares Personal Information. 

If a business sells Personal Information, or discloses it for a business purpose, you also have the right to request that the business disclose the following with respect to the 12-month period preceding your request: (i) the categories of Personal Information that the business sold about you and the categories of third parties to whom the Personal Information was sold, and (ii) the categories of Personal Information that the business disclosed about you for a business purpose. 

This type of request may be referred to as a “Request to Know.”  Before we can honor a Request to Know, we need to verify that the person making it is the consumer whose Personal Information we have.  Our method for verifying any particular request weighs information we receive as part of the request, the sensitivity of the consumer information at issue, and the risk of harm to the consumer from unauthorized disclosure. 

Right to Request Deletion of Personal Information

You have the right to request that a business delete any Personal Information that the business has collected from you.  This type of request may be referred to as a “Request to Delete.” 

Before we can honor a Request to Delete, we need to verify that the person making the request is the consumer whose Personal Information we have.  Our method for verifying any particular request weighs information we receive as part of the request, the sensitivity of the consumer information at issue, and the risk of harm to the consumer from unauthorized deletion.

We are not required to delete Personal Information if we still need it in order to complete the transaction for which the information was collected, provide a good or service requested by you (or that we reasonably anticipate based on our relationship with you), perform a contract with you, comply with a legal obligation, enable internal uses that are consistent with the context in which you provided the information, or accomplish any other objective recognized as an exception to the right to deletion under applicable law.

Right to Opt-Out of the Sale of Personal Information

You have the right to direct a business that sells Personal Information about you to third parties not to sell your Personal Information.  This type of request may be referred to as a “Request to Opt-Out.”  Because we don’t “sell” Personal Information as defined by the CCPA, we don’t offer an opt-out mechanism.

Right to Non-Discrimination

You have the right not to receive discriminatory treatment by a business for the exercise of your privacy rights under the CCPA. 

How to Submit a Request To “Know” or “Delete”

You can submit a Request to Know or Delete to privacy@japa.health. The request must state “CCPA Request” and include:

  • your first and last name;
  • an email address at which you can be reached for purposes of the request;
  • the California county in which you reside;
  • for a Request to Know, the disclosure(s) you are requesting;
  • for a Request to Delete, a clear statement that you want us to delete your Personal Information; and
  • the reason(s) you believe we have collected, disclosed or sold your Personal Information, specifically, within the past 12 months (for example, you purchased a product or received a communication from us)

If you are submitting a request on behalf of another consumer as their authorized representative, you must include the foregoing information about the consumer and attach a copy of a power of attorney appointing you as a duly authorized representative under California Probate Code sections 4000 to 4465 or written permission from the consumer to make the request. 

After confirming receipt of your request, we’ll contact you if we need more information in order to verify it.  If we can’t verify a request, we may deny it.

14. Changes To This Policy

We reserve the right to update or change our Privacy Policy at any time and you should check this Privacy Policy periodically.  If we make any material changes to this Privacy Policy, we will notify you either through the email address you have provided us, or by placing a prominent notice on our website.

15. Contact Us

If you have any questions or concerns about this Policy, please contact us via privacy@japa.health.