IconCoach Privacy Policy

This Privacy Policy explains how Sweetch Health Ltd. (“we”, “us” or “Sweetch”) collects and uses data from the application provided to you by Icon Group which we power. If not otherwise defined herein, capitalized terms have the meaning given to them in the Sweetch Terms of Service, which is available at https://sweetch.com/iconcoach_terms_en/ (the “Terms”).

Sweetch respects your privacy. Your ability to make informed choices about the use of your personal data is important to us. This Privacy Policy explains Sweetch’s policies regarding the collection, use, disclosure and protection of any information we receive.

 Personal Data We Collect

Personal data that you may provide through the Services or otherwise communicate with us includes:

We request additional personal data from you to enable particular features within our Services which you have selected to enable. For example, we request access to your device’s location data to provide personalized activity and weight plans and your device calendar to schedule a personalized plan. This personal data includes your:

You may provide us with the contact information of your friends, family members, contacts, or colleagues (“Friend/s”) such that your Friends will receive your progress updates. These progress updates will include information about your activity and other achievements. By providing us with such information you (a) represent and warrant that you have received each of your elected Friends’ consent for the provision of their personal data to us and for these purposes and (b) consent to sending your Friend such progress updates, which may include disclosure of your personal data to your Friend.

When interacting with our Services, certain data is automatically collected from your device or web browser. This data includes your:

Sweetch requires this information in order to provide you with certain features of our Service. It is your voluntary decision whether to provide us with any such personal information, but if you choose not to provide such information some features which require your personal information may not be available and we may not be able to provide you with the Services.

Children

Sweetch does not knowingly collect personal data from children under the age of 16. In the event you become aware that an individual under the age of 16 has enrolled without parental permission, please advise us immediately.

 Tools to Manage What Personal Data We Collect

When using our Services, we also provide in-time notice or obtain consent for certain practices. For example, we will obtain consent to use your location, access your calendar, or send push notifications.

In many cases, your mobile device platform will provide additional tools to allow you to control when your device collects or shares particular categories of personal data. For example, your mobile device may offer tools to allow you to manage location sharing. We encourage you to familiarize yourself with and use the tools available on your devices.

 Why and How Do We Use Your Personal Data?

We use your personal data in the following ways:

When you use our Services, we will use your personal data to provide the requested product or service. For example, if you contact our customer service, we will use information about you, such as your name and email address to help you resolve a problem or questions.

If you use our Services to track your fitness activity and your physical characteristics, such as your weight, , your self-reported PROM reports regarding your health and activities (collectively, your “Health Data”), we will collect your Health Data and data used to measure your fitness activity, such as your location and movement data, and store it so that you can review it and we can use it for the purpose of providing you with the Services. We may use your fitness data and Health Data to calculate further information about your activity, such as distance walked or run, or calories burned, so that the calculated information can be provided to you as part of the functionality of the Services. We may also use your Health Data to calculate further information about your disease management so that the calculated information can be provided to you as part of the functionality of the Services.

In some cases, to use particular features within our Services you may need to provide us with additional data or additional consent to use particular data in a certain way. For example, to allow us to personalize your activity plan, we may need access to your calendar. Similarly, to share content with your Friends, you may be required to provide your Friends’ contact. Moreover, on our initial communication with any of your Friends we will request their consent to be contacted.

Depending on where you reside, we may use the contact details you provided to send you marketing communications about similar Sweetch services where permitted by applicable law (unless you have opted-out). If you reside in the EU or another jurisdiction that requires you to opt-in to receive marketing communications, we will ask for your consent to send you marketing information. We may use the information that you provide to us to personalize communications on products and services that may be interesting for you.

If you do not want to receive marketing communications directly from us, you may opt-out by contacting us using the details listed below or by following the unsubscribe instructions that appear at the bottom of all marketing emails we send to you.

We may use personal data about how you use our Services to enhance your user experience and to help us diagnose technical and service problems and administer our Services.

To the extent permitted by applicable law, we may also use your personal data about how you use our Services to prevent or detect fraud, abuse, illegal use, violations of the Terms, and to comply with court orders, governmental requests or applicable law.

By analyzing all information we receive on an aggregated basis, including all information concerning users, compliance with medication regime and/or use of medical devices and fitness activity, we may compile data across a variety of platforms and users (“Aggregated Data”), provided that the Aggregated Data will not contain any personally identifiable information that may be used to identify you and contact you. Aggregated Data helps us understand trends and user needs so that new products and services can be considered and so existing products and services can be tailored to user desires. Aggregated Data is anonymous. We may share such Aggregated Data with our partners, without restriction, on commercial terms that we can determine in our sole discretion, to the extent allowed by applicable law.

As discussed above, we collect your Health Data to provide our Apps and other services to which our users subscribe. Because of the personal nature of this Health Data, we always strive to provide you with clear information about how this data will be used. Because your Health Data is considered sensitive personal data in certain jurisdictions, we take appropriate measures in protecting and using your Health Data and, where required by applicable law or under our internal policies, will obtain your consent prior to using your Health Data in any manner.

We may also use your personal data in other ways and will provide specific notice at the time of collection and obtain your consent where necessary, provided that such uses are permitted by applicable law.

To process your personal data, we rely on certain legal bases, depending on how you interact with our Services and Apps.

When you use the Services by registering for the Services directly with us, the legal basis for collecting and processing your Personal Data is to perform a contract with you.

When you use the Service through your participation in program through your healthcare provider, the legal basis for collecting and processing your Personal Data is our legitimate interest in providing the service through the program you have opted to participate in.

When we collect your Health Data, we rely on your explicit consent to do so.

 If you reside or are located in the European Economic Area (“EEA”) and (i) you downloaded one of the Sweetch mobile applications (an “App”) and registered for the service directly with Sweetch, then Sweetch is considered the “data controller” of your personal data collected via the Services; and if (ii) you downloaded one of the Sweetch Apps as part of your participation in a program offered through a healthcare provider, Sweetch is considered the “data processor” of your personal data, and Sweetch will process your personal data in accordance with a data processing agreement it enters into with the healthcare provider, as set out in this Privacy Policy.

If you reside or are located in the United States and you registered for the Services through your healthcare provider, insurer, or any other covered entity, Sweetch’s provision of the Services to you will be subject to the Health Insurance Portability and Accountability Act of 1996, Subtitle D of the Health Information Technology for Economic and Clinical Health Act of 2009 (“HITECH”), and regulations and other guidance promulgated under both laws by the U.S. Department of Health and Human Services (collectively, “HIPAA”).

Sharing Your Personal Data

We do not share or sell the personal data that you provide us with third parties without your express and explicit consent, except as described in this Privacy Policy. We disclose personal data to third parties under the following circumstances:

 Protection and Management of Your Personal Data

We follow generally accepted industry standards to protect the personal data submitted to us, both during transmission and once we receive it. No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, while we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security

The personal data we collect (or process) in the context of our Services will be stored in the United States and other countries. Some of the data recipients with whom we share your personal data may be located in countries other than the country in which your personal data originally was collected. The laws in those countries may not provide the same level of data protection compared to the country in which you initially provided your data. Nevertheless, when we transfer your personal data to recipients in other countries, including the United States, we will protect that personal data as described in this Privacy Policy and in compliance with applicable law.

We take measures to comply with applicable legal requirements for the transfer of personal data to recipients in countries outside of the EEA that do not provide an adequate level of data protection. We use a variety of measures to ensure that your personal data transferred to these countries receives adequate protection in accordance with data protection rules; this includes signing the EU Standard Contractual Clauses, verifying the recipient has adopted Binding Corporate Rules or that the recipient adheres to the EU-US and Swiss-US Privacy Shield Framework.

We will retain your personal data for as long as your account is active or as needed to provide you the Services. If you wish to cancel your account or request that we no longer use your information to provide you the Services, please contact us at the email address listed below. We will retain and use your personal data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

With respect to Aggregated Data and de-identified data that does not include your Health Data we may use and retain such data indefinitely without further notice to you.

 Your Rights Relating to Your Personal Data

If you would like information in relation to your rights or would like to exercise any of them, you may contact us via privacy@sweetch.com or at our postal address provided below. If you reside or are located in the EEA or Australia, you may ask us to take the following actions in relation to your personal data that we hold:

We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions. If you would like to submit a complaint about our use of your personal data or response to your requests regarding your personal data, you may contact us at privacy@sweetch.com or submit a complaint to the data protection regulator in your jurisdiction. If you reside or are located in the EEA you can find your data protection regulator here. If you reside or are located in Australia you can find your data protection regulator here.

 Third Parties and Online Links to Other Sites

Sweetch users can link to other websites of third-parties that provide useful information/services. Any personal data you provide on the linked pages is provided directly to this third-party and is subject to that third-party’s provider’s privacy policy. We do not have access to the information collected by such partners. Except as described above, Sweetch is not responsible for the content or privacy practices of websites to which we link. Links from our Services to third-parties or other websites are provided for your convenience. We encourage you to learn about the privacy practices of each website before providing them with personal data. We cannot be held responsible for any third-party websites and accessing their content will be subject to their own privacy policies, which again – we advise you to check.

 Changes to Our Privacy Policy

Applicable law and our practices change over time. If we decide to update our Privacy Policy, we will post the changes on our Services. If we materially change the way in which we process your personal data, we will provide you with prior notice, or where legally required, request your consent prior to implementing such changes. We strongly encourage you to periodically read our Privacy Policy and keep yourself informed of our practices. This Privacy Policy was last modified in February 2020.

 Comments and Questions

If you have any comments, requests or questions about our privacy policy, please contact us at privacy@sweetch.com or use or our postal address:

Sweetch Health ltd.
48 Derech Begin
Tel Aviv 6618005
Israel