Privacy Policy

Last Updated: May 19th 2023

Before reading our Privacy Policy there are a few things that we think are especially important for our users to understand about how we manage their data.

1. Reputable Health does not and will never sell any personal data without the consent of the user.  We understand that to achieve our mission of becoming the decentralized reputation platform for health & wellness, we will need to aggregate anonymized health data points, health stacks and other experiment data so that we create a fast learning health optimization recommendation model and a community where everyone can benefit from each other.  Our promise is to make any such aggregation, opt-in by the user, so that they can decide how they’re data is being used.    

2. Reputable Health does not track or share any personal data with third party companies unless you specifically choose to enable that option (e.g. with Google Fit or Apple Health).

3. To protect your privacy, any health data that you choose to track for your own purposes is encrypted before it is backed up on our servers.

4. Reputable Health is compliant with GDPR and other data handling policies and practices.

5. Reputable Health tracks as little personally identifiable data as possible to protect its users. 

We recognise the sensitive nature of the health and personal data that you choose to track with Reputable Health and strongly believe in the importance of data security, privacy, and anonymity. We take your privacy seriously and we hope that you find our privacy policy clear and transparent. 

Introduction

Reputable Labs Inc. (“Reputable Health” or “Reputable DAO” or “We” or “Us”) is committed to protecting the privacy of users of the Reputable Health platform (the “Platform”) and the patient information they store and transmit through the Platform. This Privacy Policy explains the information that we collect through the Platform, how we use it, and how we protect the privacy and security of that information. By using the Platform to store and transmit information, you are signifying your agreement to this Privacy Policy. If you do not agree to any term of this Privacy Policy, you should not use the Platform or provide information to Reputable Health.

In addition to this Privacy Policy, Reputable Health has adopted Terms of Use for the Platform that govern your use of the Platform and Reputable Health’s service. A copy of the Terms of Service is available at https://reputable.health/terms-of-service.

Information Reputable Health Collects and Uses

To register an account, you have to enter your email address and choose a password.  You may also register using a Google Account, Apple Account or Facebook.  Once you have registered, you will benefit from the following functionality:

  • Access to platform to view any data that you choose to submit
  • Automatic backup to our secure servers. as well as the ability to restore and recover your account and it’s associated data on another device

There are two main purposes for which we process personal data and the type of data that is processed to fulfill each purpose:

1. To provide our services and understand your needs

First and foremost it is vital for us to stress that we do not and will never sell any personal data about you to third parties without your consent.  However you may still feel uncomfortable storing health information to a connected device.  Therefore, you should consider the safety and privacy of your personal data before using the Reputable Health app generally.  

When you use the Reputable Health app, or when you go on our website, Reputable Health collects, stores, and uses some personal data (e.g. your email address).  We mainly do this to verify you as a user so that we can provide you with our services and to send you service messages by email, and our lawful basis for this processing is that it is necessary for the performance of a contract with you (i.e. our Terms and Conditions).

We may also occasionally send you marketing and promotional messages as well as reminders to your smartphone via push notifications.  We will only send you such messages with your prior consent.

We are very thoughtful and selective about what we communicate and how often. You always remain in full control of your communication preferences with Reputable Health. You can change the settings within the app at any time.

We also process your personal data and non-personal data in order to understand your needs and your use of our app and website, to analyze bugs and fix issues, and to bring you more useful features.  To sum it up, we process this data to provide you the best and most reliable experience of our services and we aim for it to be as anonymized as possible.  These processing activities are based on our legitimate interests in providing a reliable service to you, and improving it or on your consent where you have opted in by accepting the use of certain cookies on our app or website.

These are the types of data we collect for the above purposes:

Device data
This data informs us about the device you use to access our services, such as the model, name and identifiers, device settings, the application identifier, and crash information. On our website, we collect information about your browser and browser settings, the operating system you use, and the system settings of your device.

Event and usage data
When you use the app or when you go to our website, our servers process anonymised data in order to understand your usage of our services, for example, which pages you visit or which tab in the app you open. We collect this information and use it as aggregate data to allow us to better understand which features are the most relevant or useful to our users as a whole, and to communicate with you about relevant and timely information and promotional content.

IP address
Through our use of cookies (see below) and if you consent, we collect IP addresses provided by your browser or mobile device to deliver the service to your device. We also use the IP address to determine your approximate location for statistical and analytics purposes.

The amount we collect has been minimized wherever possible to respect your privacy.

2. To deliver personalized insights 

The data you track in Reputable Health about your health and activities is considered sensitive personal data.  Reputable Health does not store sensitive personal data without your explicit consent.  It is only when you give us explicit consent by creating a Reputable Health account, and giving us your consent declaration, that we start storing  health data that you choose to provide  on our secured servers.

You can withdraw your consent at any time by simply deleting your account in the app. 

Here is the type of data we collect and store when you create an account:

Personal data used for account creation
We need some of your personal data (only your email address) in order to create your Reputable Health account.

Health and sensitive data
With your consent, we store health data, such as your sleep, activity and readiness levels along with individual symptom levels, your medication and supplements and other health factors you track in the app.  

The provision of this information is entirely voluntary, and it is up to you how much information to input.

You may also allow us to connect to third-party services, such as Oura, Apple HealthKit and Google Fit, to enable us to import Personal Data about your health and activities into the App. This imported data may include activity level, weight, calories burned, heart rate, sleep, blood pressure, blood glucose,  temperature, number of steps/distance traveled, and other data about your health. We will process this data in order to provide you with the App functionality described below.  When you choose to have this data imported you are subject to the Oura, Google Fit and Apple HealthKit privacy policies and practices. 

It’s important to clarify that your health data is encrypted on our services and the only personal data it is attached to is your email address.

Principles of Processing

Data minimization and purpose limitation. We will not process Personal Data in a way that is incompatible with the purposes for which it has been collected or subsequently authorized by you or collect any Personal Data that is not needed for the mentioned purposes. For any new purpose of processing we will ask your separate consent. 

No sale of Personal Data. We will not sell or rent your Personal Data. We will not disclose your Personal Data except as otherwise described in this Privacy Policy. We may share your Personal Data with our service providers solely as described in this Privacy Policy. We will also not use information received through your use of the Oura, HealthKit and Google Fit framework for advertising or similar services, or sell it to advertising platforms, data brokers, or information resellers.

YOUR CONSENT FOR PROCESSING HEALTH AND SENSITIVE DATA

If you create an account with Reputable Health, your personal data, including sensitive data and data related to your health, is stored on your device and is also stored and processed on Reputable Health servers. This is done so we can offer you the option of backing up your data and to enable additional features (such as the ability to transfer, restore, and recover data between Apple and Android devices).

By creating an account with Reputable Health you explicitly consent that:

i. Reputable Health may store and process personal data you provide through the usage of the Reputable Health app and through the account creation process solely for the purpose of providing Reputable Health services to you and to improve Reputable Health’s service features. Such Reputable Health services may include sending you information and reminders through the Reputable Health app, e.g. via push notification or to the email address you provided to Reputable Health, where you have separately agreed to receive such messages.

ii. Such personal data you provide to Reputable Health through the account creation process for the purpose of providing Reputable Health’s service includes personal data you enter into the Reputable Health app, such as your account data (e.g. your email address), and your health data which may include your sleep, activity, mood levels and individual symptom levels, your medication and supplements and other health factors you track in the app.  All of your health data is encrypted on the server end.

You may withdraw your consent to this use of your data at any time by deleting your Reputable Health account.  This can be requested by emailing hello@reputable.health. You can also delete your data from the settings page within the Reputable Health App at any time.

YOUR RIGHTS

We believe that data privacy is a basic human right. At Reputable Health we strive to ensure that your rights are respected.

Here are some key facts about your privacy that we would like you to know:

i. Our services have been designed to minimize the use of your personal data. We only collect and process your personal data for the purposes that have been previously outlined.

ii. Your data is highly secured on our servers.  You can contact us at support@reputable.health if you have any questions about the security of our services.

iii. We do not retain your personal data in an identifiable format for longer than necessary to deliver our services.  As soon as we can, we encrypt your email address and create an anonymised user ID so that your health data is not directly connected to your email address on our systems.  

iv. Reputable Health does not engage in any automated decision-making or profiling activities.

As a user of Reputable Health services and website, you may exercise your user rights to:

i. Request information on, or a copy of, your personal data processed by Reputable Health. Upon your request, this information will be provided to you electronically.

ii. Gain access to your personal data by requesting a backup of your data (as explained in the next section) in a format that is readable by other companies or organizations (data portability).

iii. Correct your personal data and health data in the app settings and in the tracking categories available in the Reputable Health app.

iv. Withdraw your consent from data processing at any time by deleting your account (as explained in the support section of the app) and/or deleting the Reputable Health app from your smartphone, and/or unsubscribing from our newsletter by clicking the link at bottom of the email or by contacting support@reputable.health.

v. Request the complete deletion of your data, including all past data sent to third-party services used for tracking and analysis, by reaching out to support@reputable.health. Your data will be deleted as soon as possible and within 30 days.

vi. Object to our processing of your personal data, or ask us to restrict your personal data pending a decision on whether we can lawfully continue to process it.

vii. File a complaint with the relevant supervising authority if you believe Reputable Health is processing your personal data under violation of applicable data protection regulations. The servers that make the Platform and Reputable Health’s service available worldwide are located in the United States. All matters relating to the Platform and Reputable Health’s service are governed by the laws of the State of California, without reference to its conflicts of law rules that would result in the Platform of the laws of another jurisdiction. Please note that any information you provide will be transferred to the United States, and by using the Platform and/or Reputable Health’s service or providing Reputable Health with information, including health data, you authorize this transfer.

DATA SECURITY

We apply security measures to protect against the misuse, loss, and/or alteration of personal data under our control.  Though we cannot ensure or guarantee that misuse, loss or alteration of information will never occur, we use all reasonable efforts to prevent it and keep our security methods and systems under close review.  Although we make good faith efforts to store all personal information entered into the App in a secure operating environment that is not available to the public, we cannot guarantee complete security. We cannot and do not guarantee that our security measures will prevent third party “hackers” from illegally accessing our site or App and obtaining access to content or information thereon.

How Reputable Health stores your personal data

If you have an account with Reputable Health, your personal profile data (email address) is stored separately from your health (sleep, activity, mood, symptoms, medication, your customized health factors) data and your service settings. This allows us to ensure the highest possible level of privacy for your health data. Your password is stored using one-way encryption (“hashing” plus “salting”).

Your data is transmitted between your device and Reputable Health’s servers using the HTTPS protocol for encryption. HTTPS is the same technology used to create secure connections for your web browser and is indicated by a padlock icon in the URL bar of your browser.

Disclosure of your personal data 

We will share some of your personal data with third parties outside Reputable Health only where it is strictly necessary to provide our services to you, where required by law, where we have another legitimate interest to do so or where you specifically consent to it.  Personal data may be shared in the following circumstances:

  • Third Party Support Service Providers: For example: technology service providers, payment providers, data storage providers, and marketing platforms (e.g. for sending marketing emails),
  • Third Party Apps: some of your personal data may be shared with other Apps but only if you agree to that.  Please see the section below for further information.
  • When required to do so by law, regulation or court order;
  • in response to a legitimate request for assistance by the police or other law enforcement agency. 
  • to seek legal advice from Reputable Health’s external lawyers or in connection with litigation with a third party; or
Reputable Health’s recommendations for protecting your personal data

We believe the biggest threat to the security and privacy of your personal data is if someone, probably someone you know, gains access to any of your devices. The data you enter into Reputable Health is private and it should stay that way. We have outlined some ways to keep your devices secure below.

Protect your device:
i. Activate either PIN, TouchID (iPhone 5S models onwards), or FaceID (iPhone X onwards) authentication for your device. This automatically encrypts your Reputable Health data and prevents any person from using your device without your permission.

ii. Set up a feature that will allow you to erase all the data from your device if it’s been lost or stolen. For iOS, activating this feature is a two-step process: first, you need to Activate “Find My iPhone” via iCloud (see instructions on Apple Support pages) and then enable “Erase your device” (see instructions on Apple Support pages).

For Android, download and set up Find My Device (formerly Android Device Manager) from the Google Play Store and, if needed, use the connected web interface to lock or wipe your phone remotely.

Data transfer to third party service providers

We may transfer personal data to third party service providers who support our business as follows:  

Google Firebase

In the Reputable App we use Firebase (https://www.firebase.com/), a framework maintained by the Google subsidiary Firebase residing in San Francisco, CA, USA, through which we use to track and administer the following real-time functions:

1. Tracking of basic user events for Firebase
2. User Authentication
3. Database Storage
4. Tracking of app crashes and their reasons through Firebase

Crashlytics

For all mentioned Firebase services, only anonymized or pseudonymized user data is transmitted to Firebase (Google).

Firebase’s privacy policy is available under https://www.firebase.com/terms/privacy-policy.html

We use Firebase Crashlytics to track app crashes as they occur, and to prevent future ones. In case of an app crash, a report is created that contains the type and OS of the device, your last activities in the app, and your geolocation in pseudonymous form, and that is sent to Google.

Information on the functionality of Crashlytics is available under https://firebase.google.com/products/crashlytics/

We use Firebase Authentication to allow you to sign up and log in – Most apps need to know the identity of a user. Knowing your identity allows us to securely save user data in the cloud and provide the same personalized experience across all of the your devices.
Your data is safely stored on the secure Firestore database, which automatically encrypts all data before it is stored, as can be read here.

The Google Privacy Policy is available at https://policies.google.com/privacy.

For more information on app crash data, go to the information provided by Crashlytics at https://try.crashlytics.com/terms/privacy-policy.pdf.

Facebook/Google/Apple Logins

Reputable Health enables Facebook/Google/Apple Logins to allow our users to create and log in to their Reputable Health account with their Facebook/Google/Apple credentials. If you sign up for Reputable Health using one of these platforms, you authorize us to collect your basic profile information available via that platform such as your name and email address. This information is collected by the platform and is provided to us under the terms of their own privacy policy. You can control the data we receive from Facebook/Google/Apple in the privacy settings within your Facebook/Google/Apple account.

Please refer to the privacy policy of the respective platform for more detail about the way in which these platforms collect and use your personal data.    

Segment

The Reputable App uses Segment, a data platform offered by Segment.io, Inc, 100 California St #700, San Francisco, CA 94111, United States. We use the Segment data platform to securely pass data between platforms such as the Reputable Health App and Google Analytics. This enables us to unify customer data across touchpoints on different platforms such as our website and app. So that we can optimize, personalize, and improve the experiences and services that we provide to our users. Segment data is encrypted at rest and protected by TLS in transit. Segment’s Data Processing Agreement (DPA) and Privacy Policy reflects the requirements of the GDPR… The Segment libraries generate an anonymous Id for each user. An anonymous Id is a randomly generated 36 character string automatically assigned to a user on their first visit to a website or mobile application. The anonymous Id links events performed by the user as they navigate around the Reputable Health app, website, and other touchpoints such as emails and push notifications.

More information is available at: https://segment.com/legal/privacy/

Zendesk

Like many businesses, we use Zendesk to assist with customer support.  

More information available here: https://www.zendesk.co.uk/company/privacy-and-data-protection/

Data transfer to third party apps:

We may transfer personal data to third party apps if you choose to enable this option: 

Oura

Reputable Health will not exchange any personal data with Oura without your prior approval. Approval is given by you in the relevant settings of the Oura app or within the Reputable Health app during initial user profile setup or via app settings and can be revoked by you at any time. If you have given your approval, Reputable Health may interact with the Oura app on your iOS or Android device and read information from it, such as Steps, Sleep, Mindfulness, Activity, Heart Rate and Weight data. 

You can choose if and to what extent your personal data is exchanged between Reputable Health and the Oura app by granting or revoking appropriate permissions in the Oura app settings. Please refer to the Privacy Information of Oura for further information about how Oura treats your personal data.

For more information about Oura’s privacy policy visit: https://ouraring.com/en/privacy-policy-oura-health

Apple Health (iOS)

Reputable Health will not exchange any personal data with Apple’s Health Kit app without your prior approval. Approval is given by you in the relevant settings of the Health Kit app or within the Reputable Health app during initial user profile setup or via app settings and can be revoked by you at any time. If you have given your approval, Reputable Health may interact with the Health Kit app on your iOS device and read information from it, such as Steps, Sleep, Mindfulness, Blood Pressure, Heart Rate and Weight data. 

You can choose if and to what extent your personal data is exchanged between Reputable Health and the Health Kit app by granting or revoking appropriate permissions in the Health Kit app settings. Please refer to the Privacy Information of Apple Health for further information about how Apple treats your personal data.

For more information about Apple’s privacy policy visit: https://www.apple.com/legal/privacy/en-ww/

Google Fit

Reputable Health will not exchange any personal data with Google Fit without your prior approval, such approval is given by you in the relevant settings of Google Fit or within the Reputable Health app during initial user profile setup or via app settings and which can be revoked by you at any time. If you have given your approval, Reputable Health may interact with Google Fit on your Android device and read information from it, such as Steps, Sleep, Blood Pressure, Heart Rate and Weight data. 

You can choose whether or not your personal data is exchanged between Reputable Health and Google Fit by granting or revoking appropriate permissions in Google Fit settings.

Reputable Health’s use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.

Please refer to the Privacy Information of Google Fit for further information.

More information is available at: https://www.google.com/fit/ & https://policies.google.com/privacy (general information on Google Analytics and data protection).

COOKIES, TRACKING AND PAYMENT DATA

With your consent our website uses certain non-essential cookies, which are small text files that are intended to make the site better for you to use. In general, cookies are used to retain preferences, store information for things like shopping carts, and provide tracking data to third-party applications like Google Analytics. You may, however, disable cookies on Reputable Health’s site. The most effective way to do this is to disable cookies in your browser. We suggest consulting the help section of your browser or doing your own web research on how to disable cookies. In the meantime, here is a short guide to help:

1. Most browsers allow you to refuse to accept cookies—for example:

  1. in Internet Explorer (version 10) you can block cookies using the cookie handling override settings available by clicking “Tools,” “Internet Options,” “Privacy,” and then “Advanced”;
  2. in Firefox (version 24) you can block all cookies by clicking “Tools,” “Options,” “Privacy,” selecting “Use custom settings for history” from the drop-down menu, and unticking “Accept cookies from sites”; and
  3. in Chrome (version 29), you can block all cookies by accessing the “Customize and control” menu, and clicking “Settings,” “Show advanced settings,” and “Content settings,” and then selecting “Block sites from setting any data” under the “Cookies” heading.

2. Blocking all cookies will have a negative impact upon the usability of many websites. If you block cookies, you may not be able to use all the features on our website.

3. You can delete cookies already stored on your computer—for example:

  1. in Internet Explorer (version 10), you must manually delete cookie files (you can find instructions for doing so at http://support.microsoft.com/kb/278835 );
  2. in Firefox (version 24), you can delete cookies by clicking “Tools,” “Options,” and “Privacy”, then selecting “Use custom settings for history”, clicking “Show Cookies,” and then clicking “Remove All Cookies”; and
  3. in Chrome (version 29), you can delete all cookies by accessing the “Customize and control” menu, and clicking “Settings,” “Show advanced settings,” and “Clear browsing data,” and then selecting “Delete cookies and other site and plug-in data” before clicking “Clear browsing data.”

We obtain your consent before we use any non-essential cookies on your device when you choose to access our website.  You may withdraw your consent at any time, by either disabling cookies on your device or following the instructions on how to withdraw your consent individually for each third party provider Reputable Health uses for its third party tracking and analysis services.

For the purpose of tracking the performance of our services and to improve Reputable Health services Reputable Health uses the following third party services:

Google Analytics

Our website and mobile app both use Google Analytics,  an analysis service operated by Google Inc. (“Google”). Google Analytics uses cookies (text files) stored on your computer to allow for anonymous analysis of your website and mobile app use and interactions with both (for example what screens you are visiting most in the Reputable Health App) in order to personalize your experience and improve our services. Information produced via cookies will be transferred to and stored on a server in the USA operated by Google.  We use Google Analytics on our website and mobile app to recognize a computer when a user visits the website or users the mobile app, track users as they navigate the website or mobile app, improve the website and mobile app’s usability, analyze the use of the website and mobile app, administer the website and mobile app, prevent fraud and improve the security of the website.

Google analyzes this information to offer reports for Reputable Health on website usage and online usage of associated services. Google may also transfer this information to third parties either when this is required by law or when third parties are contracted by Google to process this data. Google will not allow your IP address to be linked to any other personal data. You can prevent cookies from being stored on your computer by changing your browser settings; however, if you choose to do this, your experience when visiting our website or using some of our features may be altered.

By using Reputable Health’s website, you consent to have non-personal data used and processed by Google as described above. You can withdraw consent for this use of your data at any time, but this withdrawal only applies to future activities.

YOUNG USERS

This service is not intended for children under the age of 16.  Reputable Health does not knowingly collect or use personal data from children under the age of 16. By registering to a Reputable Health account you confirm that you are at least 16 years old.

If Reputable Health gains actual knowledge that the information has been collected from children under 16, we reserve the right to immediately delete the account and wipe all related information, including health and sensitive data of the user, from our servers.

If you are a parent and learn that your child is using Reputable Health without your permission or if you have any specific question about data privacy at Reputable Health, do not hesitate to get in touch with us at support@reputable.health.

CHANGES TO THIS PRIVACY POLICY

Reputable Health reserves the right to amend this Privacy Policy from time to time to reflect changes in the law, our data collection and data use practices, the features of Reputable Health’s services, or advances in technology. Please check this page periodically for changes. If we make a change to this Privacy Policy that, in our sole discretion, is material, we will notify you by posting notice of these changes in this Privacy Policy.