Zenytime Privacy Policy

I. INTRODUCTION

Zenytime LLC (“Zenytime”) respects your privacy and is committed to protecting your personal information including your identifiable health information. Identifiable health information is known as “protected health information” or “PHI.” PHI may include Heart Rate Variability (HRV), Respiratory Sinus Arrhythmia (RSA) and Breathing frequency (BF). This Privacy Policy (together with our Terms of Use) applies to www.zenytime.com, the Zenytime mobile games and application (collectively, “Services”) and the Zenytime Puck sensor (“Product”), and disclose the principles on which any personal data we collect from you, or that you provide to us, will be handled by us. The term "personal data" refers to information that relates to you, an identified person. This Privacy Policy tells you about the ways in which we protect your privacy and personal data we process about you.
Our Privacy Policy applies to personal data that we process when you use our Services and Product. It does not apply to any links to third parties websites and/or services, such as third-party applications, that you may come across when you use our Services. We encourage you to carefully familiarize yourself with privacy policies applicable to any websites and/or services operated by third parties. Please be aware that we are not responsible for the privacy practices of any third parties.
By accessing our website, using the Puck and our Services, you accept the privacy practices described in this Privacy Policy. Our Privacy Policy may change from time to time, and any changes will be reflected on this page, and may be followed by an email or other notification to you.

II. INFORMATION WE COLLECT

1) Data You Provide to us

By registering on our website, using our Services and using our Product we may collect voluntary information from you whether via email, while using our Puck sensor device or application and games services, or other information initiated by you. That information may constitute personal data: full name, e-mail address, phone number, postal address, password. Additionally, to provide a complete Zenytime experience, we may collect voluntary other personal information: date of birth, gender, height, weight, personal health information, and employee number. Moreover, if you contact our customer or sales services, a record of this correspondence or conversation may be kept.
We are the only owner of the information you disclose to us or that are collected on our website or through our Services including different mobile platforms integrated with our website and related software services. We will not use, sell or rent your personally identifiable information to anyone other than as permitted by the Privacy Policy, or specifically requested or authorized by you when accessing or using our services.
2) Data we collect
Our Services may automatically collect the following information from you that in certain circumstances may constitute personal data:
• The logging technology used in the Service automatically collects the URL of the site from which you came and the site to which you are going when you leave the Service. We also collect the Internet Protocol (IP) address and/or iOS device unique identifier (UDID) of the device you use to access the Service, information about the operating system of your device and information about whether or not you are logged into a specific iOS device, as well as the name of your Internet service provider.
• On our website we may use a standard technology called "cookies" to collect information about how our site is used. Cookies were designed to help a website operator determine that a particular user had visited the site previously and thus save and remember any preferences that may have been set. We may use cookies to keep track of information about your current web browsing session which will be discarded as soon as you log out or close your web browser. Most of the currently available browsers give you the option of managing cookies by, for example, disabling them entirely, accepting them individually, and deleting saved cookies from your hard drive. We would like to remind you that if you completely disable cookies on your browser, you might not be able to use some features of the Service. Our website, applications, and services may provide links and data transfer mechanisms to third-party (e.g. Facebook®, Twitter®, or Apple) websites and services. These sites and services are outside of our control and not covered by our Privacy Policy
• When using the Puck sensor device, as well as Zenytime games and application, we collect certain types of information in order to provide the services that you have requested. This information may include various personally identifiable information such as data about your use of our Services and devices, such as detailed information collected while playing games with your breath. This information may include data on your breath activity and heart rate activity, and other related biomechanical and biosensors information. We may also collect information about the devices and software you use to access our services. We will not use, sell or rent any personally identifiable information other than as permitted by the Privacy Policy (including for example by using such data in the aggregate) or specifically requested or authorized by you when accessing or using our software and related services

III. HOW THE INFORMATION IS USED

We use the collected personal data essentially to provide features available in our Services and to communicate with you, protect our rights and/or our property, develop, improve, and protect the Services; prevent and investigate fraud and other misuses, ensure the technical functionality and security of the Service, set up and maintain your registration with the Services, operate and improve our Products and services.
We use the data collected automatically to manage your account, improve user experience and customer service, obtain your feedback, analyze user behavior and activity, run a promotion, a contest, a reward or survey of the Service, develop, improve, and protect the Service; ensure the technical functionality and security of the Service, conduct research and measurement activities.
The data concerning health, which forms a part of the personal collected by us, may constitute sensitive personal data. We process sensitive personal data to the extent necessary or appropriate for compliance with relevant legal or contractual obligations via HIPPA. By accepting the Terms of Use of the Service you give your consent to the processing of sensitive personal data in accordance with this Privacy Policy.
• How We Disclose Data
We do not sell, lease, rent or otherwise disclose the personal data relating to our users to third parties unless otherwise stated below.
We will not disclose any personal information to any third party (excluding our contractors to whom we may provide such information for the limited purpose of providing services to us and who are obligated to keep the information confidential), unless (1) you have authorized us to do so; (2) we are legally required to do so, for example, in response to a subpoena, court order or other legal process and/or, (3) it is necessary to protect our property rights related to this website.
Additionally, we may disclose information to third parties in an aggregate format that does not constitute personal data and does not allow the identification of individual users.
We may share non-personal, aggregate information regarding user demographics, traffic and activity patterns, sales, and site and device usage with our partners, advertisers or sponsors. We may offer some services on or in collaboration with other Internet web sites. We may also provide you with access to third party applications, such as applications or extensions, through our website or in-app. Any information collected when you enable a third-party application on our site is processed under our Privacy Policy, but any information collected by a third-party application provider is governed by their privacy policies.
• How We May Use or Disclose Your Health Information
We use your PHI to provide you data analytics in our Services, or for healthcare operations purposes and for other purposes permitted or required by law. We need your written authorization to use or disclose your health information for any purpose not covered by one of the categories below. Subject to compliance with limited exceptions, we will not use or disclose your PHI for marketing purposes or sell your PHI, unless you have signed an authorization. You may revoke any authorization you sign at any time by providing written notice to us at the address below. If you revoke your authorization, we will no longer use or disclose your health information for the reasons stated in your authorization except to the extent we have already taken action based on your authorization.
We may disclose your PHI as required to comply with a court or administrative order. We may disclose your PHI in response to a subpoena, discovery request or other legal process in the course of a judicial or administrative proceeding, but only if efforts have been made to tell you about the request or to obtain an order of protection for the requested information.
We may disclose PHI for research purposes when an Institutional Review Board or privacy board has reviewed the research proposal and established protocols to ensure the privacy of your PHI and determined that the researcher does not need to obtain your authorization prior to using your PHI for research purposes. We may also disclose information about decedents to researchers under certain circumstances.
As permitted by HIPAA, we may disclose your PHI to Public Health Authorities, The Food and Drug Administration, Health Oversight Agencies, Coroners, Medical Examiners and Funeral Directors, Workers Compensation Agents, National Security and Intelligence Organizations, Military Command Authorities, and Correctional Institutions. We may use and disclose your PHI as required by law.
We may also disclose relevant PHI to a family member, friend, physicians or anyone else you expressly designate.

IV. YOUR RIGHTS

You may write or send an email to us at the address below with your specific request, including requesting a form to complete to obtain a copy of your PHI. Zenytime will consider your request and provide you a response.

You have the right to have incomplete, incorrect, outdated, or unnecessary personal data corrected, deleted, or updated. The easiest way to correct, delete, or update the personal data you have provided to the Service is to log in to the Service and enter the necessary changes in the profile settings of the Service. If you have additional questions regarding the correction, deletion, or updating of the personal data we hold about you, please contact us at privacy@zenytime.com
You have the right to opt out of receiving electronic direct marketing communications from us: All electronic direct marketing communications that you may receive from us, such as e-mail messages and SMS-messages, give you an option of not receiving such communications from us in the future. If you have any additional questions about electronic direct marketing received from us, please contact us at privacy@zenytime.com

V. INFORMATION PROTECTION

Zenytime takes great care of the security of your personal information by using industry standard techniques such as firewalls, encryption, and intrusion detection. We store your personal data on a secure server that is password protected and shielded from outside access by a firewall. We practice safety procedures intended to ensure, as far as possible, the security and integrity of all our information, including your personally identifying information. We review our security arrangements from time to time as we deem appropriate.

Our services are hosted and operated entirely within the United States of America, and any information you submit to us is presumed to be hosted on servers located within the USA, and you consent to this transfer of your personal information to United States jurisdiction by accessing or using our services.
However, no system or information can ever be fully protected against every possible hazard. As a result, we cannot assure or warrant the security or privacy of any information you provide to us and, accordingly, you do so at your own risk. We do not warrant or represent that personal data about you will be protected against, loss, misuse, or alteration by third parties.


VI. COPPA DISCLAIMER

We are committed to protecting the privacy of children. Our Services are not directed to children under 13. We do not intend to collect personal data from children under 13. A parent or guardian, however, may use the Zenytime Puck and Services to establish a Zenytime account fora minor. The parent or guardian is solely responsible for providing supervision of the minor's use of the Zenytime Services. The parent or guardian assumes full responsibility for ensuring that the registration information is kept secure and that the information submitted is accurate. The parent or guardian also assumes full responsibility for the interpretation and use of any information or suggestions provided through Zenytime for the minor.

VII. QUESTIONS
Should you have any questions regarding this Privacy Policy, your privacy as it relates to the use of the Service, or the protection of the personal data we hold about you, please contact us via e-mail at privacy@zenytime.com or by mail at 649 Mission Street, San Francisco, CA 94105. We seek to promptly resolve any concerns you may have.
Revised March 1st, 2017