Privacy Policy

Last Updated: February 25, 2019


Welcome to BROOK (the "Service" or the "App"). We at Brook Inc. ("we", "us", "our") respect your privacy. This policy (the "Policy") explains our privacy practices for the Service. It describes the ways your personal data is processed, the purposes for which it is processed, what we do with it, and the rights and options available to you with respect to your personal data.


This Policy is incorporated into the Service's Terms of Use (the "Terms") and constitutes an integral part of the Terms.


Please note that unless you change the App settings when you first sign up for the Service, or at any time after that, our Service will continue to operate in the background of your mobile device. You can always turn off our Service through the “settings” menu of your mobile device.


The following are key points of the Policy, highlighted to you for your convenience. They do not substitute the full Policy, which we encourage you to read.



Key points

Introduction

The App is a powerful machine learning real-time healthy lifestyle management tool that uses our innovative analytics tools to collect and combine personal data from user input and Third Parties, together with clinical knowledge, to create insights and recommendations to help users stay as healthy as possible. By accessing or using the Service in any way, or by registering as a user, you agree to be bound by these Terms.

Personal Data we collect


We collect your full name, email and other personal information including your date of birth, gender, height, weight, and information related to your health, medical conditions and wellness. We also ask for permission to access information through Third Party Platforms (such as the Apple Health Kit and other fitness apps you may use). If you give us permission, we collect your geographical location as well as information pertaining to your day-to-day activities and other activities on the App.

Use of collected information


We use the information we collect to provide and operate our proactive healthy lifestyle management solution, to operate all other aspects of the Service and to send you push notifications to enhance the Service and prevent misuse, if you agree to receive push notifications.

Sharing collected information


Your personal data may be shared with our contractors or data analysis service providers for the purpose of providing you with the Service. Your personal data may also be shared with third- party professionals (“Professionals”) who are listed on the App and with whom you choose to communicate. Your personal data may also be accessed, with your permission, through Third Party Platforms. Your personal data may also be shared with your health insurance provider (your “Insurer”) if your Insurer has partnered with us to provide services to the Insurer’s members, and you have opted to link your user account with your Insurer’s account. We may also share aggregated and de-identified data with others for the purpose of operating, maintaining and enhancing the Service.

Choice


It is your choice whether to let us access Third Party Platforms that contain your personal data. If you give us permission to do so, you may then opt-out of sharing with us certain, or all information generated from Third Party Platforms. You may also revoke your permission for us to access Third Party Platforms at any time.

Information Security


We implement measures to reduce the risks of damage and unauthorized access or use of information, but they do not provide absolute information security.

Changes to this Privacy Policy


We may change this Policy, by notifying you of such changes. Your continued use of the Service after the changes take effect indicates your acceptance of the amended Policy.


Note: The term “App” refers to the platform through which you access the Service.


Full Policy

1.- Personal Data we collect

Although the full Service is available only to registered users, registration is not required and unregistered users who do not create a profile and a user account may use basic portions of the Service that are available to all users. To sign-up, you must provide us with certain contact and personal details, such as your full name and an active e-mail address and to enter a username and password. By using the Service and/or signing up we may ask you to actively provide us with other Service-related personal data such as your age, gender, height, weight, food intake or other attributes that define you as a user.


If you give us permission to do so, we may also collect your geographical location, including position coordinates provided by your mobile device. We essentially use your location-based information to provide the Service and to enhance its capabilities.


We may collect additional information to enhance the Service’s capabilities, such as information regarding your day to day behavior (sleep, location, movement, system clock etc.), if you give us permission to do so, as well as other activities on the App, such as the content you viewed or searched for on the App, and your session durations.


Keep in mind that personal data that you actively provide, allow us to access through Third Party Platforms, or other geographical location or behavioral content (collectively, the “Content”), may contain or be indicative of, your personal and health condition (depending on the particulars of the Content).


We may collect Content and other personal data from third party platforms for which you have provided us permission and access to, such as Apple iOS HealthKit, Google Fit and Fitbit (“Third Party Platforms”). You may, at any time, opt-out of sharing certain service provider or Third Party Platform information with us, as further explained in the section titled “Choice” below. The Service’s functionality may also let you actively submit additional information, whether through using our Service or via Third Party Platforms.


When using the App, Content may be provided in textual, audio or visual form. If you choose to share Content in visual form, the App will request your permission to access your device’s camera (to snap a photo) or memory storage (to let you select an existing photo).


We will use this Content, combined with our analytics tools, to create our real-time health and wellness management solution, and for additional purposes outlined in this Policy.


We may use integration tools such as iOS HealthKit or GoogleFit for purposes of collecting and analyzing health and medical information and we may use third party tools to collect this information.


PLEASE DO NOT SHARE WITH US CONTENT THAT MAY BE INDICATIVE OF PERSONAL OR HEALTH INFORMATION ABOUT YOURSELF OR OTHER INDIVIDUALS, WHICH YOU DO NOT WANT US TO HAVE. YOU ARE SOLELY RESPONSIBLE FOR ANY CONTENT THAT YOU SHARE WITH US.


When you engage in certain activities on our Service, such as submitting a customer-service request, you may be asked to provide personal data depending on the activity or request. When we process your inquiries or requests, we may also require additional personal data from you, to verify your account and identity.

2.- Children

We do not knowingly or intentionally collect information about children who are under the age of 16. If you are a minor, you may not use the Service and may not provide any personal details to us.

3.- Third Party Platforms

You may choose to share certain Content, on or through Third Party Platforms. Through the settings of another Third Party Platform account, you may choose to have content that you interact with on the account, transmitted to and shared with the Service. For example, you may “share” and we may access Service-related Content through Third Party Platforms. We can only access the information that your Third Party Platform makes available to us, according to your privacy settings on such Third Party Platform and the authorizations you granted us while completing the registration process. Only you can initiate and control the access to your Third Party Platform accounts and the actions engaged in them through this App. We do not and will not store your Third Party Platform accounts’ password.

By doing so, you agree to share information between us and the Third Party Platforms, for the purposes set forth in this Policy. Note, however, that your use of such Third Party Platform and the Third Party Platform’s use of Content are governed by the Third Party Platform’s respective terms of use and privacy policy, and in no event by this Policy.

4.- Third Party Professionals

You may choose to select a Professional listed on the App and communicate directly with the Professional. If you choose to communicate with a Professional, the Professional will need to receive certain personal information about you in order to provide you with the Professional’s services. By selecting a Professional, you consent to the sharing of your personal information with the Professional.

If your Insurer offers you the option to link your user account with your Insurer’s account and you choose to link the accounts, we will share your personal information with your Insurer. By choosing to link your user account with your Insurer account, you consent to the sharing of your personal information with your Insurer.

5.- Use of collected information

We will use the information outlined above, for the following purposes:

6.- Sharing collected information

We may share the information outlined above, with others, in any of the following instances:


In any case other than the above, your personal data will only be shared with others if you provide your explicit prior consent.

7.- Aggregated or anonymized information

We may use de-identified, statistical or aggregated information, including information that we process according to this policy, to properly operate the Service, to develop and improve the quality and functionality of the Service, to enhance your experience, to create new services, including customized services, to change or cancel existing features and for other research, development and statistical purposes. We may share, publish, post, disseminate, transmit or otherwise communicate or make available such information to suppliers, business partners, sponsors, developers, affiliates and any other third party, at our sole discretion, provided however, that we will not knowingly, or intentionally share information that can be reasonably used to reveal your identity without your consent.

8.- Choice

It is your choice whether to let us access information from Third Party Platforms. If you give us permission to access your accounts from Third Party Platforms, you may, at any time, opt-out of sharing with us certain, or entire categories of information. You may also revoke your permission at any time.

9.- Transfer of data outside your territory

The personal data we collect (or process) in the context of the Service will be stored in the United States. Some of the data recipients with whom we share your personal data may be located in countries other than the country in which your personal data originally was collected. The laws in those countries may not provide the same level of data protection compared to the country in which you initially provided your data. Nevertheless, when we transfer your personal data to recipients in other countries, including the United States, we will protect that personal data as described in this Policy and in compliance with applicable law. If you reside or are located in the European Economic Area (“EEA”) we take measures to comply with applicable legal requirements for the transfer of personal data to recipients in countries outside of the EEA that do not provide an adequate level of data protection. We use a variety of measures to ensure that your personal data transferred to these countries receives adequate protection in accordance with data protection rules; this includes signing the EU Standard Contractual Clauses, verifying the recipient has adopted Binding Corporate Rules or adheres to the EU-US and Swiss-US Privacy Shield Framework.

10.- Data retention

We retain the information outlined above for as long as is necessary in order for us to provide you with the Service or as required under applicable law.

Generally, as long as you are a user of the Service, we do not delete information related to you, unless there are technical reasons that require us to retain only portions of the data, or if we are required by law to delete it.

Please note that we will retain and disclose information when we deem it necessary to satisfy orders issued by courts and government authorities. We will notify you about the disclosure, only if we are explicitly permitted to do so. In any case, we may keep any aggregated or anonymous information for statistical, development, marketing and other purposes, indefinitely.

Be advised that removing or uninstalling the App from your smartphone or other device to which the App is activated will not automatically cause the personal data or Content to be deleted from the Service. However, we will delete your personal data and Content from the Service upon your request.

11.- Accessing, updating or deleting your personal data

If you would like information in relation to your rights or would like to exercise any of them, you may contact us via privacy@brook.health or our postal address provided below. If you reside or are located in the EEA, you may ask us to take the following actions in relation to your personal data that we hold:

We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions. If you would like to submit a complaint about our use of your personal data or response to your requests regarding your personal data, you may contact us at privacy@brook.health or submit a complaint to the data protection regulator in your jurisdiction. You can find your data protection regulator here:

http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm

12.- Information Security

We implement measures to reduce the risks of damage, loss of information and unauthorized access or use of information. However, these measures do not provide absolute information security. Therefore, although efforts are made to secure your personal data, it is not guaranteed, and you cannot expect that the Service will be immune from information security risks.

13.- Changes to this Privacy Policy

We may change this Policy from time to time. Substantial changes will take effect 30 days after you are given notice of such changes through the Service. Other changes will take effect 7 days after you are given notice. However, if the Policy is amended to comply with legal requirements, the amendments will become effective immediately upon their initial posting, or as required. The most up-to-date Policy will always be accessible through the App.

In any event, we will seek your explicit consent if we wish to have substantial changes to the Policy apply to personal data we collected prior to those changes.

Your explicit consent to the amended Policy or continued use of the Service after the changes take effect each indicate your acceptance of the amended Policy. If you do not agree to the amended Policy, you must uninstall the App and refrain from using the Service.

14.- Comments and Questions

If you have any comments, requests or questions about this Policy, please contact us at privacy@brook.health or use or our postal address:

Brook Inc
311½ Occidental Ave South
Seattle, Washington
98104