This privacy statement explains how we, BEARABLE Limited (“Bearable”, “us”, “we” or “our”) use your personal data to provide you with the Bearable mobile application (The “Bearable App”) and website (www.bearable.app).
We are committed to protecting and respecting your privacy. We ask that you read this Privacy Statement carefully as it contains important information about what personal data we collect from you and how we will use it. Any questions you may have regarding this Privacy Statement are welcomed and should be sent to firstname.lastname@example.org.
This Privacy Statement should be read in conjunction with our Terms & Conditions. We strongly encourage you to review this Privacy Statement and Terms & Conditions carefully and ensure that they contain nothing that you are not prepared to agree to, before you decide to accept the Terms & Conditions and use our Bearable App or our website (www.bearable.app).
BEARABLE Limited is a company registered in England and Wales with company registration number 12089632. Our registered office is at Symal House Suite C2, 423 Edgware Road, London, United Kingdom, NW9 0HU
For the purpose of the General Data Protection Regulation (EU) 2016/679 and the Data Protection Act 2018 (together “Data Protection Legislation”), we are the ‘data controller’ (i.e. the company which determines the purposes and means of the processing of your personal data).
Bearable has appointed a Data Protection Officer, who can be contacted at James@bearable.app.
To register an account, you have to enter your email address and choose a password. You may also register using a Google Account or Facebook. Once you have registered, you will benefit from the following functionality:
When you use the Bearable app or when you go on our website, some personal and non-personal data is collected, stored, and analyzed using internal and third-party tools.
There are two main purposes for which we process personal data and the type of data that is processed to fulfil each purpose:
First and foremost it is vital for us to stress that we do not and will never sell any personal data about you to third parties. However you may still feel uncomfortable storing health information to a connected device. Therefore, you should consider the safety and privacy of your personal data before using the Bearable app generally, and utilising the export feature of the app specifically. You should refrain from sharing or exporting data unless you are certain that the receiving email address is authorised, credible, and secure.
When you use the Bearable app, or when you go on our website, Bearable collects, stores, and uses some personal and non-personal data. We mainly do this to provide you with our services, and our lawful basis for this processing is that it is necessary for the performance of a contract with you (i.e. our Terms and Conditions).
We may also occasionally send you informational and promotional messages as well as reminders to your smartphone via push notifications. We will only send you such messages with your prior consent.
We are very thoughtful and selective about what we communicate and how often. You always remain in full control of your communication preferences with Bearable. You can change the settings within the app at anytime.
We also process your personal data in order to understand your needs and your use of our app and website, to analyze bugs and fix issues, and to bring you more useful features. To sum it up, we process this data to provide you the best and most reliable experience of our services. These processing activities are based on our legitimate interests in providing a reliable service to you, and improving it.
We do not process personal data that directly identifies you as a person (such as your first name, surname, email).
These are the types of data we collect for the above purposes:
This data informs us about the device you use to access our services, such as the model, name and identifiers, device settings, the application identifier, and crash information. On our website, we collect information about your browser and browser settings, the operating system you use, and the system settings of your device.
Event and usage data
When you use the app or when you go our website, our servers process anonymised data in order to understand your usage of our services, for example, which pages you visit or which tab in the app you open. We collect this information and use it as aggregate data to allow us to better understand which features are the most relevant or useful to our users as whole, and to communicate with you about relevant and timely information and promotional content.
We collect IP addresses provided by your browser or mobile device to deliver the service to your device. We also use the IP address to determine your approximate location for statistical and analytics purposes.
All the data we collect at Bearable is necessary for us to deliver the services you use. The amount we collect has been minimised wherever possible to respect your privacy.
The data you track in Bearable about your health and activities is considered sensitive personal data. Bearable does not store sensitive personal data without your explicit consent. It is only when you give us explicit consent by creating a Bearable account, and giving us your consent declaration, that we start storing all your health and sensitive data on our secured servers.
You can withdraw your consent at any time by simply deleting your account in the app.
Here is the type of data we collect and store when you create an account:
Personal data used for account creation
We need some of your personal data (only your email address) in order to create your Bearable account.
Health and sensitive data
We store health data, such as your mood levels and individual symptom levels, your medication and supplements and other health factors you track in the app (e.g. sleep quality, exercise, diet and food diary, general daily activities such as work, tv, grocery shopping etc.).
The provision of this information is entirely voluntary, and it is up to you how much information to input.
If you create an account with Bearable, your personal data, including sensitive data and data related to your health, is stored on your device and is also stored and processed on Bearable servers. This is done so we can offer you the option of backing up your data and to enable additional features (such as the ability to transfer, restore, and recover data between Apple and Android devices).
By creating an account with Bearable you explicitly consent that:
i. Bearable may store and process personal data you provide through the usage of the Bearable app and through the account creation process solely for the purpose of providing Bearable services to you and to improve Bearable’s service features. Such Bearable services may include sending you information and reminders through the Bearable app, e.g. via push notification or to the email address you provided to Bearable, where you have separately agreed to receive such messages.
ii. Such personal data you provide to Bearable through the account creation process for the purpose of providing Bearable’s service includes personal data you enter into the Bearable app, such as your account data (e.g. your email address), and your health data which may include your mood levels and individual symptom levels, your medication and supplements and other health factors you track in the app (e.g. sleep quality, exercise, diet and food diary, general daily activities such as work, tv, meditation etc.). All of your health data is encrypted on the server end and cannot be read by anyone but yourself.
You may withdraw your consent to this use of your data at any time by deleting your Bearable account. This can be requested by e-mailing email@example.com. You can also delete your data from the settings page within the Bearable App.
We believe that data privacy is a basic human right. At BEARABLE we strive to ensure that your rights are respected.
Here are some key facts about your privacy that we would like you to know:
i. Our products and services have been designed to minimise the use of your personal data. We only collect and process your personal data for the purposes that have been previously outlined.
ii. Your data is highly secured on our servers (using the Firestore database, which encrypts all of your data, as seen here to protect your data from unauthorized access). You can contact us at firstname.lastname@example.org if you have any questions about the security of our services.
iii. We do not retain your personal data in an identifiable format for longer than necessary to deliver our services.
iv. Bearable does not engage in any automated decision-making or profiling activities.
As a user of Bearable’s services and website, you may exercise your user rights to:
i. Request information on, or a copy of, your personal data processed by Bearable. Upon your request, this information will be provided to you electronically.
ii. Gain access to your personal data by requesting a backup of your data (as explained in the next section) in a format that is readable by other companies or organisations (data portability).
iii. Correct your personal data and health data in the app settings and in the tracking categories available in the Bearable app.
iv. Withdraw your consent from data processing at any time by deleting your account (as explained in the support section of the app) and/or deleting the Bearable app from your smartphone, and/or unsubscribing from our newsletter by clicking the link at bottom of the email or by contacting email@example.com.
v. Request the complete deletion of your data, including all past data sent to third-party services used for tracking and analysis, by reaching out to firstname.lastname@example.org Your data will be deleted within 30 days.
vi. Object to our processing of your personal data, or ask us to restrict your personal data pending a decision on whether we can lawfully continue to process it.
vii. File a complaint with the relevant supervising authority if you believe Bearable is processing your personal data under violation of applicable data protection regulations.
We apply security measures to protect against the misuse, loss, and/or alteration of personal data under our control. Though we cannot ensure or guarantee that misuse, loss or alteration of information will never occur, we use all reasonable efforts to prevent it. Although we make good faith efforts to store the non-public information entered into the App in a secure operating environment that is not available to the public, we cannot guarantee complete security. We cannot and do not guarantee that our security measures will prevent third party “hackers” from illegally accessing our site or App and obtaining access to content or information thereon.
If you have an account with Bearable, your personal profile data (email address) is stored separately from your health (mood, symptoms, medication, your customised health factors) data and your service settings. This allows us to ensure the highest possible level of privacy for your health data. Your password is stored using one-way encryption (“hashing” plus “salting”) and it cannot be read by us.
Your data is transmitted between your device and Bearable’s servers using the HTTPS protocol for encryption. HTTPS is the same technology used to create secure connections for your web browser and is indicated by a padlock icon in the URL bar of your browser.
We will share some of your personal data with third parties outside Bearable only where it is strictly necessary to provide our services to you, where required by law or where we have another legitimate interest to do so. Personal data may be shared in the following circumstances:
We believe the biggest threat to the security and privacy of your personal data is if someone, probably someone you know, gains access to any of your devices. The data you enter into Bearable is private and it should stay that way. We have outlined some ways to keep your devices secure below.
Protect your device:
i. Activate either PIN, TouchID (iPhone 5S models onwards), or FaceID (iPhone X onwards) authentication for your device. This automatically encrypts your Bearable data and prevents any person from using your device without your permission.
ii. Set up a feature that will allow you to erase all the data from your device if it’s been lost or stolen. For iOS, activating this feature is a two-step process: first, you need to Activate “Find My iPhone” via iCloud (see instructions on Apple Support pages) and then enable “Erase your device” (see instructions on Apple Support pages).
Any personal data collected from you may only be transferred to countries outside the European Union / the European Economic Area (EEA) observing applicable privacy regulations and ensuring that your privacy rights remain protected. This includes ensuring that all such transfers are subject to approved safeguards which meet the requirements of Data Protection Legislation (for example, through the use of EU Commission approved standard contractual clauses).
1. Tracking of basic user events for Firebase
2. User Authentication
3. Database Storage
4. Tracking of app crashes and their reasons through Firebase Crashlytics
Bearable will not exchange any personal data with Apple’s Health Kit app without your prior approval. Approval is given by you in the relevant settings of the Health Kit app or within the Bearable app during initial user profile setup or via app settings and can be revoked by you at any time. If you have given your approval, Bearable may interact with the Health Kit app on your iOS device and read information from it, such as Steps, Sleep, Blood Pressure, Heart Rate and Weight data.. This may include a transfer of your personal data to Apple servers located outside the European Union.
You can choose if and to what extent your personal data is exchanged between Bearable and the Health Kit app by granting or revoking appropriate permissions in the Health Kit app settings. Please refer to the Privacy Information of Apple Health for further information.
Bearable will not exchange any personal data with Google Fit without your prior approval, such approval is given by you in the relevant settings of Google Fit or within the Bearable app during initial user profile setup or via app settings and which can be revoked by you at any time. If you have given your approval, Bearable may interact with Google Fit on your Android device and read information from it, such as Steps, Sleep, Blood Pressure, Heart Rate and Weight data. This may include a transfer of your personal data to Google servers located outside the European Union.
You can choose whether or not your personal data is exchanged between Bearable and Google Fit by granting or revoking appropriate permissions in Google Fit settings. Please refer to the Privacy Information of Google Fit for further information.
Blocking all cookies will have a negative impact upon the usability of many websites. If you block cookies, you may not be able to use all the features on our website.
The Bearable app and our website also use third-party analysis and tracking services to track the performance of our services, understand how you use our services, and offer you an improved and safer experience.
Information on your usage of our website or of the Bearable app may be collected and processed by Bearable, or a third party engaged by Bearable using a unique identification number assigned to you. Information about your usage will be deleted as soon as this information is no longer required for the purpose collected, and will always be anonymized before sharing with third parties besides those mentioned underneath.
You may withdraw your consent at any time, by either disabling cookies on your device or following the instructions on how to withdraw your consent individually for each third party provider Bearable uses for its third party tracking and analysis services.
For the purpose of tracking the performance of our services and to improve Bearable services Bearable uses the following third party services:
Google analyzes this information to offer reports for Bearable on website usage and online usage of associated services. Google may also transfer this information to third parties either when this is required by law or when third parties are contracted by Google to process this data. Google will not allow your IP address to be linked to any other personal data. You can prevent cookies from being stored on your computer by changing your browser settings; however, if you choose to do this, your experience when visiting our website or using some of our features may be altered.
By using Bearable’s website, you consent to have non-personal data used and processed by Google as described above. You can withdraw consent for this use of your data at any time, but this withdrawal only applies to future activities.
For the Bearable App itself, we use Mixpanel, a third-party application analytics service, to collect data from real-world application usage that is used to improve the Bearable product — for example, to determine frequency of usage of particular product features. None of the data that is run through Mixpanel is attached to any personally identifiable information.
Bearable uses your personal data, such as your email address, to contact you with messages, emails, and newsletters. These include push notifications, in-app messages and emails to deliver health content and occasional promotional materials that may be of interest to you.
Such services are only provided to you if you have signed up for the newsletter or given your consent for these notifications. You consent to push notifications when you activate Bearable’s push notifications in your device settings. You also consent to Bearable contacting you via email if you have contacted Bearable for questions or support requests in connection with our services or the Bearable app. You can withdraw your consent at any time. You can unsubscribe from our newsletter by clicking the unsubscribe link at the bottom of the message, and you can disable notifications sent by Bearable in your device settings.
Bearable does not knowingly collect or use personal data from children under the age of 16. By registering to a Bearable account you are required to confirm that you are at least 16 years old.
If Bearable gains actual knowledge that the information has been collected from children under the age of thirteen in the United States in contradiction with the Children’s Online Privacy Protection Act of 1998 and the regulation thereunder, Bearable will not disclose this data and reserves the right to immediately delete the account and wipe all related information, including health and sensitive data of the user, from our servers.
If you are located in the EU, you can only use our services if you are over the relevant age at which you can provide explicit consent to the processing of your data under the laws of your country or if you have the consent of your parent or legal guardian. If you are a parent and learn that your child is using Bearable without your permission or if you have any specific question about data privacy at Bearable, do not hesitate to get in touch with us at email@example.com.