Privacy Policy

Last updated 10th Sept 2019

At Bearable we recognise the sensitive nature of health and personal data that you may store inside our mobile app and strongly believe in transparency and honesty. We deeply respect your privacy and we hope that you find our privacy policy clear and transparent. Please feel free to reach out to us at james@bearable.app with any questions.

This privacy statement explains how we, BEARABLE Limited (“Bearable”, “us”, “we” or “our”) use your personal data to provide you with the Bearable mobile application (The “Bearable App”) and website (www.bearable.app).

We are committed to protecting and respecting your privacy. We ask that you read this Privacy Statement carefully as it contains important information about what personal data we collect from you and how we will use it. Any questions you may have regarding this Privacy Statement are welcomed and should be sent to james@bearable.app.

This Privacy Statement should be read in conjunction with our Terms & Conditions. We strongly encourage you to review this Privacy Statement and Terms & Conditions carefully and ensure that they contain nothing that you are not prepared to agree to, before you decide to accept the Terms & Conditions and use our Bearable App or our website (www.bearable.app).

BEARABLE Limited is a company registered in England and Wales with company registration number 12089632. Our registered office is at Symal House Suite C2, 423 Edgware Road, London, United Kingdom, NW9 0HU

For the purpose of the General Data Protection Regulation (EU) 2016/679 and the Data Protection Act 2018 (together “Data Protection Legislation”), we are the ‘data controller’ (i.e. the company which determines the purposes and means of the processing of your personal data).

Bearable has appointed a Data Protection Officer, who can be contacted at  James@bearable.app.

To register an account, you have to enter your email address and choose a password.  You may also register using a Google Account or Facebook.  Once you have registered, you will benefit from the following functionality:

    • Automatic backup to our secure servers. as well as the ability to restore and recover your account and it’s associated data on another device

When you use the Bearable app or when you go on our website, some personal and non-personal data is collected, stored, and analyzed using internal and third-party tools.

There are two main purposes for which we process personal data and the type of data that is processed to fulfil each purpose:

1. To provide our services and understand your needs

First and foremost it is vital for us to stress that we do not and will never sell any personal data about you to third parties.  However you may still feel uncomfortable storing health information to a connected device.  Therefore, you should consider the safety and privacy of your personal data before using the Bearable app generally, and utilising the export feature of the app specifically.  You should refrain from sharing or exporting data unless you are certain that the receiving email address is authorised, credible, and secure.

When you use the Bearable app,  or when you go on our website, Bearable collects, stores, and uses some personal and non-personal data.  We mainly do this to provide you with our services, and our lawful basis for this processing is that it is necessary for the performance of a contract with you (i.e. our Terms and Conditions).

We may also occasionally send you informational and promotional messages as well as reminders to your smartphone via push notifications.  We will only send you such messages with your prior consent.

We are very thoughtful and selective about what we communicate and how often. You always remain in full control of your communication preferences with Bearable. You can change the settings within the app at anytime.

We also process your personal data in order to understand your needs and your use of our app and website, to analyze bugs and fix issues, and to bring you more useful features.  To sum it up, we process this data to provide you the best and most reliable experience of our services.  These processing activities are based on our legitimate interests in providing a reliable service to you, and improving it.

We do not process personal data that directly identifies you as a person (such as your first name, surname, email).

These are the types of data we collect for the above purposes:

Device data
This data informs us about the device you use to access our services, such as the model, name and identifiers, device settings, the application identifier, and crash information. On our website, we collect information about your browser and browser settings, the operating system you use, and the system settings of your device.

Event and usage data
When you use the app or when you go our website, our servers process anonymised data in order to understand your usage of our services, for example, which pages you visit or which tab in the app you open. We collect this information and use it as aggregate data to allow us to better understand which features are the most relevant or useful to our users as whole, and to communicate with you about relevant and timely information and promotional content.

IP address
We collect IP addresses provided by your browser or mobile device to deliver the service to your device. We also use the IP address to determine your approximate location for statistical and analytics purposes.

All the data we collect at Bearable is necessary for us to deliver the services you use. The amount we collect has been minimised wherever possible to respect your privacy.

To deliver personalised insights 

The data you track in Bearable about your health and activities is considered sensitive personal data.  Bearable does not store sensitive personal data without your explicit consent.  It is only when you give us explicit consent by creating a Bearable account, and giving us your consent declaration, that we start storing all your health and sensitive data on our secured servers.

You can withdraw your consent at any time by simply deleting your account in the app. 

Here is the type of data we collect and store when you create an account:

Personal data used for account creation
We need some of your personal data (only your email address) in order to create your Bearable account.

Health and sensitive data
We store health data, such as your mood levels and individual symptom levels, your medication and supplements and other health factors you track in the app (e.g. sleep quality, exercise, diet and food diary, general daily activities such as work, tv, grocery shopping etc.).  

The provision of this information is entirely voluntary, and it is up to you how much information to input.

It’s important to clarify that your health data is encrypted safely on our services and the only personal data it is attached to is your email address.  You can find a detailed explanation of what you consent to when creating an account with Bearable in the next section of our Privacy Policy.

If you create an account with Bearable, your personal data, including sensitive data and data related to your health, is stored on your device and is also stored and processed on Bearable servers. This is done so we can offer you the option of backing up your data and to enable additional features (such as the ability to transfer, restore, and recover data between Apple and Android devices).

By creating an account with Bearable you explicitly consent that:

i. Bearable may store and process personal data you provide through the usage of the Bearable app and through the account creation process solely for the purpose of providing Bearable services to you and to improve Bearable’s service features. Such Bearable services may include sending you information and reminders through the Bearable app, e.g. via push notification or to the email address you provided to Bearable, where you have separately agreed to receive such messages.

ii. Such personal data you provide to Bearable through the account creation process for the purpose of providing Bearable’s service includes personal data you enter into the Bearable app, such as your account data (e.g. your email address), and your health data which may include your mood levels and individual symptom levels, your medication and supplements and other health factors you track in the app (e.g. sleep quality, exercise, diet and food diary, general daily activities such as work, tv, meditation etc.).   All of your health data is encrypted on the server end and cannot be read by anyone but yourself.

You may withdraw your consent to this use of your data at any time by deleting your Bearable account.  This can be requested by e-mailing james@bearable.app.  You can also delete your data from the settings page within the Bearable App.

We believe that data privacy is a basic human right. At BEARABLE we strive to ensure that your rights are respected.

Here are some key facts about your privacy that we would like you to know:

i. Our products and services have been designed to minimise the use of your personal data. We only collect and process your personal data for the purposes that have been previously outlined.

ii. Your data is highly secured on our servers (using the Firestore database, which encrypts all of your data, as seen here to protect your data from unauthorized access). You can contact us at james@bearable.app if you have any questions about the security of our services.

iii. We do not retain your personal data in an identifiable format for longer than necessary to deliver our services.

iv. Bearable does not engage in any automated decision-making or profiling activities.

As a user of Bearable’s services and website, you may exercise your user rights to:

i. Request information on, or a copy of, your personal data processed by Bearable. Upon your request, this information will be provided to you electronically.

ii. Gain access to your personal data by requesting a backup of your data (as explained in the next section) in a format that is readable by other companies or organisations (data portability).

iii. Correct your personal data and health data in the app settings and in the tracking categories available in the Bearable app.

iv. Withdraw your consent from data processing at any time by deleting your account (as explained in the support section of the app) and/or deleting the Bearable app from your smartphone, and/or unsubscribing from our newsletter by clicking the link at bottom of the email or by contacting james@bearable.app.

v. Request the complete deletion of your data, including all past data sent to third-party services used for tracking and analysis, by reaching out to james@bearable.app Your data will be deleted within 30 days.

vi. Object to our processing of your personal data, or ask us to restrict your personal data pending a decision on whether we can lawfully continue to process it.

vii. File a complaint with the relevant supervising authority if you believe Bearable is processing your personal data under violation of applicable data protection regulations.

We apply security measures to protect against the misuse, loss, and/or alteration of personal data under our control.  Though we cannot ensure or guarantee that misuse, loss or alteration of information will never occur, we use all reasonable efforts to prevent it.  Although we make good faith efforts to store the non-public information entered into the App in a secure operating environment that is not available to the public, we cannot guarantee complete security. We cannot and do not guarantee that our security measures will prevent third party “hackers” from illegally accessing our site or App and obtaining access to content or information thereon.

How Bearable stores your personal data

If you have an account with Bearable, your personal profile data (email address) is stored separately from your health (mood, symptoms, medication, your customised health factors) data and your service settings. This allows us to ensure the highest possible level of privacy for your health data. Your password is stored using one-way encryption (“hashing” plus “salting”) and it cannot be read by us.

Your data is transmitted between your device and Bearable’s servers using the HTTPS protocol for encryption. HTTPS is the same technology used to create secure connections for your web browser and is indicated by a padlock icon in the URL bar of your browser.

Disclosure of your personal data 

We will share some of your personal data with third parties outside Bearable only where it is strictly necessary to provide our services to you, where required by law or where we have another legitimate interest to do so.  Personal data may be shared in the following circumstances:

  • Technical Service Providers: For example: technology service providers, payment providers, data storage providers, and marketing platforms (e.g. for sending marketing emails),
  • Third Party Apps: some of your personal data may be shared with such Apps.  Please see the section below for further information.
  • When required to do so by law, regulation or court order;
  • in response to a legitimate request for assistance by the police or other law enforcement agency;
  • to seek legal advice from Bearable’s external lawyers or in connection with litigation with a third party; or
  • in connection with the sale, purchase or merger of our business.  

Bearable’s recommendations for protecting your personal data

We believe the biggest threat to the security and privacy of your personal data is if someone, probably someone you know, gains access to any of your devices. The data you enter into Bearable is private and it should stay that way. We have outlined some ways to keep your devices secure below.

Protect your device:
i. Activate either PIN, TouchID (iPhone 5S models onwards), or FaceID (iPhone X onwards) authentication for your device. This automatically encrypts your Bearable data and prevents any person from using your device without your permission.

ii. Set up a feature that will allow you to erase all the data from your device if it’s been lost or stolen. For iOS, activating this feature is a two-step process: first, you need to Activate “Find My iPhone” via iCloud (see instructions on Apple Support pages) and then enable “Erase your device” (see instructions on Apple Support pages).

For Android, download and set up Find My Device (formerly Android Device Manager) from the Google Play Store and, if needed, use the connected web interface to lock or wipe your phone remotely.

Any personal data collected from you may only be transferred to countries outside the European Union / the European Economic Area (EEA) observing applicable privacy regulations and ensuring that your privacy rights remain protected.  This includes ensuring that all such transfers are subject to approved safeguards which meet the requirements of Data Protection Legislation (for example, through the use of EU Commission approved standard contractual clauses). 

Google Firebase

  • In the Bearable App we use Firebase (https://www.firebase.com/), a framework maintained by the Google subsidiary Firebase residing in San Francisco, CA, USA, through which we use to track and administer the following real-time functions:

1. Tracking of basic user events for Firebase

2. User Authentication

3. Database Storage

4. Tracking of app crashes and their reasons through Firebase Crashlytics

For all mentioned Firebase services, only anonymized or pseudonymized user data is transmitted to Firebase (Google). Firebase’s privacy policy is available under https://www.firebase.com/terms/privacy-policy.html.

  • We use Firebase Crashlytics to track app crashes as they occur, and to prevent future ones. In case of an app crash, a report is created that contains the type and OS of the device, your last activities in the app, and your geolocation in pseudonymous form, and that is sent to Google. Information on the functionality of Crashlytics is available under https://firebase.google.com/products/crashlytics/
  • We use Firebase Authentication to allow you to sign up and log in – Most apps need to know the identity of a user. Knowing your identity allows us to securely save user data in the cloud and provide the same personalized experience across all of the your devices.
  • Your data is safely stored on the secure Firestore database, which automatically encrypts all data before it is stored, as can be read here.   The location of our Firestore is EU-West3 (Frankfurt, Germany). 

Apple Health (iOS)

Bearable will not exchange any personal data with Apple’s Health Kit app without your prior approval. Approval is given by you in the relevant settings of the Health Kit app or within the Bearable app during initial user profile setup or via app settings and can be revoked by you at any time. If you have given your approval, Bearable may interact with the Health Kit app on your iOS device and read information from it, such as Steps, Sleep, Blood Pressure, Heart Rate and Weight data.. This may include a transfer of your personal data to Apple servers located outside the European Union.

You can choose if and to what extent your personal data is exchanged between Bearable and the Health Kit app by granting or revoking appropriate permissions in the Health Kit app settings. Please refer to the Privacy Information of Apple Health for further information.

Google Fit

Bearable will not exchange any personal data with Google Fit without your prior approval, such approval is given by you in the relevant settings of Google Fit or within the Bearable app during initial user profile setup or via app settings and which can be revoked by you at any time. If you have given your approval, Bearable may interact with Google Fit on your Android device and read information from it, such as Steps, Sleep, Blood Pressure, Heart Rate and Weight data. This may include a transfer of your personal data to Google servers located outside the European Union.

You can choose whether or not your personal data is exchanged between Bearable and Google Fit by granting or revoking appropriate permissions in Google Fit settings. Please refer to the Privacy Information of Google Fit for further information.

Facebook Login

Bearable uses Facebook Login to allow our users to create and log in to their Bearable account with their Facebook credentials. If you sign up for Bearable using Facebook, you authorise us to collect your basic profile information available via Facebook such as your name and email address.  This information is collected by Facebook and is provided to us under the terms of Facebook’s privacy policy. You can control the data we receive from Facebook in the privacy settings within your Facebook account.

Our website uses cookies, which are small text files that are intended to make the site better for you to use. In general, cookies are used to retain preferences, store information for things like shopping carts, and provide tracking data to third-party applications like Google Analytics. You may, however, disable cookies on Bearable’s site. The most effective way to do this is to disable cookies in your browser. We suggest consulting the help section of your browser or doing your own web research on how to disable cookies. In the meantime, here is a short guide to help:

  1. Most browsers allow you to refuse to accept cookies—for example:
    1. in Internet Explorer (version 10) you can block cookies using the cookie handling override settings available by clicking “Tools,” “Internet Options,” “Privacy,” and then “Advanced”;
    2. in Firefox (version 24) you can block all cookies by clicking “Tools,” “Options,” “Privacy,” selecting “Use custom settings for history” from the drop-down menu, and unticking “Accept cookies from sites”; and
    3. in Chrome (version 29), you can block all cookies by accessing the “Customize and control” menu, and clicking “Settings,” “Show advanced settings,” and “Content settings,” and then selecting “Block sites from setting any data” under the “Cookies” heading.

Blocking all cookies will have a negative impact upon the usability of many websites. If you block cookies, you may not be able to use all the features on our website.

  1. You can delete cookies already stored on your computer—for example:
    1. in Internet Explorer (version 10), you must manually delete cookie files (you can find instructions for doing so at http://support.microsoft.com/kb/278835 );
    2. in Firefox (version 24), you can delete cookies by clicking “Tools,” “Options,” and “Privacy”, then selecting “Use custom settings for history”, clicking “Show Cookies,” and then clicking “Remove All Cookies”; and
    3. in Chrome (version 29), you can delete all cookies by accessing the “Customize and control” menu, and clicking “Settings,” “Show advanced settings,” and “Clear browsing data,” and then selecting “Delete cookies and other site and plug-in data” before clicking “Clear browsing data.”

The Bearable app and our website also use third-party analysis and tracking services to track the performance of our services, understand how you use our services, and offer you an improved and safer experience.

Information on your usage of our website or of the Bearable app may be collected and processed by Bearable, or a third party engaged by Bearable using a unique identification number assigned to you. Information about your usage will be deleted as soon as this information is no longer required for the purpose collected, and will always be anonymized before sharing with third parties besides those mentioned underneath.

Your consent for Bearable tracking and analysis

By using our app and our website you consent that Bearable may use cookies and third-party services, and collect your usage data under a unique identifier, for the purposes of tracking, analysis, and improvement of our website and app.

You may withdraw your consent at any time, by either disabling cookies on your device or following the instructions on how to withdraw your consent individually for each third party provider Bearable uses for its third party tracking and analysis services.

For the purpose of tracking the performance of our services and to improve Bearable services Bearable uses the following third party services:

Google Analytics

Our website and mobile app both use Google Analytics,  an analysis service operated by Google Inc. (“Google”). Google Analytics uses cookies (text files) stored on your computer to allow for anonymous analysis of your website and mobile app use and interactions with both (for example what screens you are visiting most in the Bearable App) in order to personalize your experience and improve our services. Information produced via cookies will be transferred to and stored on a server in the USA operated by Google.  We use Google Analytics on our website and mobile app to recognize a computer when a user visits the website or users the mobile app, track users as they navigate the website or mobile app, improve the website and mobile app’s usability, analyze the use of the website and mobile app, administer the website and mobile app, prevent fraud and improve the security of the website.

Google analyzes this information to offer reports for Bearable on website usage and online usage of associated services. Google may also transfer this information to third parties either when this is required by law or when third parties are contracted by Google to process this data. Google will not allow your IP address to be linked to any other personal data. You can prevent cookies from being stored on your computer by changing your browser settings; however, if you choose to do this, your experience when visiting our website or using some of our features may be altered.

By using Bearable’s website, you consent to have non-personal data used and processed by Google as described above. You can withdraw consent for this use of your data at any time, but this withdrawal only applies to future activities.

Sendgrid

Sendgrid is an online marketing platform operated by Twilio Inc., a company headquartered in the San Fransisco, California, in the United States.  Bearable uses Sendgrid (whose privacy policy can be found here) to store your e-mail address, which you provide upon signing up on our mobile app.  You can only sign-up having ticked the checkbox that indicates you have read our Privacy Policy and Terms & Conditions.  Sendgrid provides a means of sending out marketing emails in mass to all of our subscribers.  These will be sent out very selectively and thoughtfully, and might include details about offers on the Bearable Premium App service, as well as general updates on App developments (such as new features).

Mixpanel

For the Bearable App itself, we use Mixpanel, a third-party application analytics service, to collect data from real-world application usage that is used to improve the Bearable product — for example, to determine frequency of usage of particular product features.  None of the data that is run through Mixpanel is attached to any personally identifiable information.

Mixpanel is a third-party application analytics service operated by Mixpanel Inc, a company headquartered in San Francisco Bay Area in Western United States.  Their privacy policy can be found here.

RevenueCat

The App uses RevenueCat to manage trial versions and paid subscriptions. RevenueCat’s Privacy Policy can be found here.

———————————

The above mentioned companies are either EU-based or have put in place appropriate safeguards to ensure that European data privacy requirements are met. The privacy policy of these services can be found on their respective websites.

Read more about the EU-US Privacy Shield Framework.

Bearable uses your personal data, such as your email address, to contact you with messages, emails, and newsletters. These include push notifications, in-app messages and emails to deliver health content and occasional promotional materials that may be of interest to you.

Such services are only provided to you if you have signed up for the newsletter or given your consent for these notifications. You consent to push notifications when you activate Bearable’s push notifications in your device settings. You also consent to Bearable contacting you via email if you have contacted Bearable for questions or support requests in connection with our services or the Bearable app. You can withdraw your consent at any time. You can unsubscribe from our newsletter by clicking the unsubscribe link at the bottom of the message, and you can disable notifications sent by Bearable in your device settings.

Bearable may also use surveys to receive your feedback, e.g. on the performance of the app or on certain health topics. Such information given by you via such surveys is processed by Bearable for the purposes as set forth in this privacy policy.

In order to provide these services, Bearable may forward information such as your email address to third-party providers in order to carry out such newsletter services, surveys or notifications.  The third-party provider we are currently using for this is Sendgrid, an online marketing platform operated by Twilio Inc., a company headquartered in the San Fransisco, California, in the United States.  Bearable uses Sendgrid to store your e-mail address, which you provide upon signing up on our mobile app.  You can only sign-up having ticked the checkbox that indicates you have read our Privacy Policy and Terms & Conditions.  Sendgrid provides a means of sending out marketing emails in mass to all of our subscribers.  These will be sent out very selectively and thoughtfully, and might include details about offers on the Bearable Premium App service, as well as general updates on App developments (such as new features).

The privacy policy of these services can be found on their respective websites. These companies have put in place appropriate safeguards to ensure that European data privacy requirements are met.

Bearable does not knowingly collect or use personal data from children under the age of 16. By registering to a Bearable account you are required to confirm that you are at least 16 years old.

If Bearable gains actual knowledge that the information has been collected from children under the age of thirteen in the United States in contradiction with the Children’s Online Privacy Protection Act of 1998 and the regulation thereunder, Bearable will not disclose this data and reserves the right to immediately delete the account and wipe all related information, including health and sensitive data of the user, from our servers.

If you are located in the EU, you can only use our services if you are over the relevant age at which you can provide explicit consent to the processing of your data under the laws of your country or if you have the consent of your parent or legal guardian. If you are a parent and learn that your child is using Bearable without your permission or if you have any specific question about data privacy at Bearable, do not hesitate to get in touch with us at james@bearable.app.

BEARABLE reserves the right to amend this Privacy Policy from time to time to reflect changes in the law, our data collection and data use practices, the features of Bearable’s services, or advances in technology. Please check this page periodically for changes. If we make a change to this Privacy Policy that, in our sole discretion, is material, we will notify you by posting notice of these changes in this Privacy Policy.

Close Bitnami banner
Bitnami