View our Terms and Conditions
Healium, StoryUp, Honor Everywhere & Ecosystem AR Portal apps
Privacy Policy Notice
Version: 2.2 dated Feb 2, 2023 (Replacing the December 2022 Version)
Click here to review website policy notice.
At A Glance
| Privacy Notice Content | |
|---|---|
| What is personal data? | Information that can be used to identify someone or can be used with other information to identify someone. |
| Do you collect personal data? | Yes |
| Do you store personal data? | Yes |
| Do you process personal data? | Yes |
| Do you sell personal data? | No |
| Is data involved in a sales activity with a third party? | No |
| Do you recognize that I have rights regarding my data? | Yes |
In Detail
Healium, StoryUp, Honor Everywhere, and Ecosystem AR Portal apps are all about beautiful landscapes, reducing stress and learning about one’s own mental well being. The last thing that we want to do is create stress for our customers regarding how we use their data. The entire design of our application is built around securing protecting of your data. This privacy policy notice pertains to our Healium Application (both the AR and VR versions), StoryUp’s application, and is organized into nine sections:
- Purpose of Data Processing
- How We Get Data
- Data We Process
- Legal Basis for Data Processing
- Location of Data
- Use of Data After Processing
- Rights of the Individual
- Contacting Healium
- Updates to this Privacy Policy Notice
1) Purpose of Data Processing
The data that we collect allows us to process data for you to make use of our application. Data collected during the active use of the application is stored for your retrieval for future use.
2) How We Get Data
The data enters the Healium and StoryUp’s application one of four ways:
- Through the EEG headset device of your choice that syncs data with the Healium application.
- Through the smart device that has sensors to collect biometric information such as heart rate.
- Through you as the user, by entering responses and logging into the application
- Through retrieval from our cloud-based environment where data from your previous sessions are available for your use and review.
3) Data We Process
The categories of data that we collect are outlined in the table below. The table is organized into four parts:
- Category: This tells the type of data that we are collecting
- Direct/Indirect: There are generally two ways that the data collected in each category are associated with a person, either directly or indirectly. Directly related means that the data collected, by itself, can identify you as an individual. Indirectly related means that the data collected are related to you as an individual but would only be able to be connected to you if other direct identifiers were also present.
- Description: Details regarding the category of data collected are provided.
- Purpose: An explanation as to the reason why we need to collect this data is provided.
| Field Category | Direct/Indirect to Personal Data | Description | Purpose |
|---|---|---|---|
| Login | Direct | Email address, password (this is masked so we cannot see your password) | This information allows us to identify that you as the user are really you. |
| Demographics | Direct | Information about you, such as age, gender, what country you reside etc. | We use this information to provide aggregate data when using our application to allow for comparisons to people who have similar characteristics to one another such as age group. |
| Biometric Data | Direct | This information is collected through devices that you have connected with our application. These devices usually include a headband that is capable of transmitting EEG signals and Smartwatches or other wearables with sensors that can provide heart rate information. | The biometric data collected allows us to display a representation of your stress levels or meditation styles while engaging in a Healium session. It allows us to make recommendations during an active session or a future session as to techniques that you could put into practice to better manage stress as part of a healthy lifestyle. The biometric display is a self-awareness tool and not for diagnostic purposes. |
| Purchase Information | Direct | You are purchasing our application through an application store (store). In order to process payment, we receive information from the store that includes your username and subscription level. | This allows us to assign the correct service offering. We offer three service levels. |
| Device Information | Direct | As part of our data collection process, information about your device including your IP address, operating system type, and device type are retrieved. | This information serves three purposes:
|
4) Legal Basis for Data Processing
Healium is an application that requests your consent to use the application and asks you to renew that consent as signified by each time you login and use the application.
Our application involves the processing of personal data. We want to ensure that the individual who is using our application can legally consent to its use. While our application does not pose any harm to anyone under the age of 18, for consumer use, we are only intending to reach those ages of 18 and older.
Additionally, Healium will not share data with any non-contracted third party except for the following circumstances: court order, subpoena or as otherwise compelled by law.
5) Location of the Data
The data collected and used by the Healium application can be found in two places:
- On your smart device to which you downloaded the Healium application. This data is then processed into new data that tells you the progress you are making in an active session. This new data is then transmitted to the cloud.
- Healium utilizes a medical grade data security solution to store our data. The cloud-based environment stores information on servers located in the United States of America.
6) Use of Data After Processing
- All the data that is transferred to our cloud environment is retained by Healium for future reference and benchmarking on the client’s behalf. If the client decides to delete their account, all of the client’s personal data will also be deleted.
- From time to time, Healium may extract an anonymized set of data from our cloud-based environment. This involves our taking a small sample of the data stored in the cloud. We then remove all of the personal data that would allow anyone to be able to identify whose data it is. All that is left is the session data. This non-identifiable data set is then used for our internal development.
- Healium does not sell data to any individual or entity.
- Healium does not participate in sales activity where data sets are sold to us or that we are under contract to process data on behalf of a third party.
7) Rights of the Individual
a. Individuals whose data are processed by Healium have the following rights related to protecting personal information:
- Right to Know: The individual has a right to know how their data is collected, used, and stored.
- Right to File Complaint: Individual may file a complaint with Healium about concerns related to how data is being processed.
- Right to Access: Individuals have a right to access information about data being stored about them.
- Right to Data Portability: All requests to access data by an individual and is approved per legal requirements will be provided through a common data format. These formats will either be a comma-separated values file or a PDF document.
- Right to be Forgotten: An individual may request that their individual data, contained within Healium, is erased. A request for eraser will be reviewed, and a decision communicated to the requestor as required by law.
b. To inquire about any of these rights regarding the Healium application, please contact us at hello@tryhealium.com or by writing to 1906 Corona Rd Suite 200, Columbia, MO 65203.
8) Contacting Healium
Questions about how personal data is processed, used, and stored can be directed to the Healium hello@tryhealium.com or by writing to 1906 Corona Rd Suite 200, Columbia, MO 65203.
9) Updates to this Privacy Policy
Healium reserves the right to change this privacy policy notice as needed. Notification of changes will be posted on our website https://www.tryhealium.com/privacy-policy/.
The date at the top of the privacy policy notice shows the date of the most recent privacy policy notice and references the date of the version it is replacing.
Website TryHealium.com Privacy Policy Notice
Version: 3.0 dated August 3, 2022
At A Glance
| Privacy Notice Content | |
|---|---|
| What is personal data? | Information that can be used to identify someone or can be used with other information to identify someone. |
| Do you collect personal data? | Yes |
| Do you store personal data? | Yes |
| Do you process personal data? | Yes |
| Do you sell personal data? | No |
| Is data involved in a sales activity with a third party? | No |
| Do you recognize that I have rights regarding my data? | Yes |
In Detail
Healium DBA for StoryUP, Inc. company, is all about reducing stress and learning about one’s own mental health. The last thing that we want to do is create stress for our customers regarding how we use their data. The entire design of our website is built around minimizing any data collected and maximizing the security of what is collected. These efforts are outlined in this privacy policy notice (Notice). This Notice is organized into:
- Purpose of Data Processing
- How We Get Data
- Data We Process
- Legal Basis for Data Processing
- Location of Data
- Use of Data After Processing
- Rights of the Individual
- Contacting Healium
- Updates to this Privacy Policy Notice
1) Purpose of Data Processing
The data that we collect allows us to process data for you to make use of our application. Data collected during the active use of the application is stored for your retrieval for future use.
2) How We Get Data
Data is collected through our website in one of the following ways:
- You may voluntarily provide the following Personal Data to us through your use of the Site by:
- contacting us through the completion of an online form
- requesting to subscribe to a newsletter or blog
- engaging in a chat through a chat box option located on the site
- making a purchase
- We automatically Personal Data through your use of this Site that are not directly linked to you, but are still considered to be personal data because your decisions generate the data. These automatic collections include pages visited, devices used, and location information.
3) Data We Process
The categories of data that we collect are outlined in the table below. The table is organized into four parts:
- Category: This tells the type of data that we are collecting
- Direct/Indirect: There are generally two ways that the data collected in each category are associated with a person, either directly or indirectly. Directly related means that the data collected, by itself, can identify you as an individual. Indirectly related means that the data collected are related to you as an individual but would only be able to be connected to you if other direct identifiers were also present.
- Description: Details regarding the category of data collected are provided.
- Purpose: An explanation as to the reason why we need to collect this data is provided.
| Field Category | Direct/Indirect to Personal Data | Description | Purpose |
|---|---|---|---|
| Login | Direct | Email address, password (this is masked so we cannot see your password) | This information allows us to identify that you as the user are really you. |
| Demographics | Direct | Information about you, such as your name, email address
This information is stored in our HubSpot CRM. The privacy policy notice for HubSpot can be found here. |
We use this information to provide aggregate data when using our application to allow for comparisons to people who have similar characteristics to one another such as age group. |
| Purchase Information | Direct | Purchase: If you purchase a product through our online store, Stripe, our third-party payment processor, will collect your email address, first and last name, shipping address, phone number, and credit card and billing information. Stripe’s privacy notice can be found here | This allows us to assign the correct service offering. We offer three service levels. |
| Device Information | Direct | As part of our data collection process, information about your device including your IP address, operating system type, and device type are retrieved. | This information serves three purposes: 1. Allows us to determine any technical difficulties that may arise and how best to fix them. 2. Allows us to monitor our application’s performance for any type of cyber security threat. 3. Allows us to know what technical features to add to future versions of our application. |
| Location Information | Indirect | Based on the IP address utilized by your device we will get information about your general location to the national and state/provincial level | This allows us to monitor internal compliance with the privacy and security laws where our clients reside and best address international transfer requirements and incident response. |
| Cookies* *Please remember Cookies are handled by your internet browser. Each browser has a way to turn them off if you so choose. Check your browsers instruction guide for assistance. | Indirect | “Cookies” are small files of information that are stored by your web browser software on your computer hard drive, mobile or other devices (e.g., smartphones or tablets).
We use the following third party applications to process cookies: (A link to their respective privacy policy notices are provided) |
• Estimate audience size and usage patterns • Save your preferences for future visits • Recognize when your device when you whereby the preference set are recognized • Compile aggregate data about site traffic and site interactions to resolve issues and offer better site experiences and tools in the future |
| Website performance information | Indirect | Google reCAPTCHA: You may be asked to check a box indicating that you are not a robot or Google reCAPTCHA may detect abusive traffic without user interaction. Google reCAPTCHA works by transmitting certain types of information to Google, such as the referrer URL, IP address, visitor behavior, operating system information, browser and length of the visit, cookies, and mouse movements. Your use of Google reCAPTCHA is subject to Google’s Privacy Policy and Terms of Use which can be found here. | • We use Google reCAPTCHA, a free service provided by Google, Inc., to protect our Site from spam and abuse. Google reCAPTCHA uses advanced risk analysis techniques to decipher humans and bots. |
4) Legal Basis for Data Processing
Healium’s website is requests your consent for the use of any personal information that is directly connected to you (as outlined above). By visiting the website and navigating its contents you are providing Healium with a legitimate business interest to process indirect personal data so that you can make use of our website.
We want to ensure that the individual who is using our application can legally consent to its use. While our website does not pose any harm to anyone under the age of 18, for consumer use, we are only intending to reach those of ages 18 and older.
Additionally, Healium will not share data with any non-contracted third party except for the following circumstances: court order, subpoena or as otherwise compelled by law.
5) Location of the Data
Data that is processed on our website is stored in our HubSpot Customer Resource Management System and Google Analytics. Links to the privacy policy notices can be found in the table in part 3 above.
6) Use of Data After Processing
- All the data, whether indirect or direct, are stored in our HubSpot Customer Resource Management System for a period of time that does not exceed 10 years.
- Healium does not sell data to any individual or entity.
- Healium does not purchase data from any individual or entity.
- Healium does not participate in sales activity where data sets are sold to us or that we are under contract to process data on behalf of a third party.
7) Rights of the Individual
a. Individuals whose data are processed by Healium have the following rights related to protecting personal information:
- Right to Know: The individual has a right to know how their data is collected, used, and stored.
- Right to File Complaint: Individual may file a complaint with Healium about concerns related to how data is being processed.
- Right to Access: Individuals have a right to access information about data being stored about them.
- Right to Data Portability: All requests to access data by an individual and is approved per legal requirements will be provided through a common data format. These formats will either be a comma-separated values file or a PDF document.
- Right to be Forgotten: An individual may request that their individual data, contained within Healium, is erased. A request for eraser will be reviewed, and a decision communicated to the requestor as required by law.
b. To inquire about any of these rights regarding the Healium application, please contact us at hello@tryhealium.com or by writing to 1906 Corona Rd Suite 200, Columbia, MO 65203.
8) Contacting Healium
Questions about how personal data is processed, used, and stored can be directed to the Healium hello@tryhealium.com or by writing to 1906 Corona Rd Suite 200, Columbia, MO 65203.
9) Updates to this Privacy Policy Notice
Healium reserves the right to change this privacy policy notice as needed. Notification of changes will be posted on our website https://www.tryhealium.com/privacy-policy/.
The date at the top of the privacy policy notice shows the date of the most recent privacy policy notice and references the date of the version it is replacing.