Biostrap USA, LLC.
Revised Privacy Policy

New! We recently revised our privacy policy. Please review the summary of changes and updated policy below. You can find the earlier policy in our archive.

Updated: April 30, 2018

Effective: May 24, 2018, unless you agree to this policy sooner, like when you create an account or pair your device. Then this policy is effective as of the date of your agreement.  You can view our previous archived privacy policy here.

Our culture at Biostrap is one of openness, collaboration and transparency.  We believe in the power of healthy choices and strive everyday to help make our world better. As a member of our Biostrap Community you are more than a customer to us and we appreciate your trusting us with information that is important to you. In this document, we want to demonstrate our transparency with how we use your data to deliver best in class biometric data and services to you. In good health and in support of your goals.

Here we describe our Privacy Policy practices (the “Policy”) covering Biostrap USA, LLC., (“Biostrap”, “we”, “us”, or “our”) and the types of information we gather from visitors to www.Biostrap.com (the “Site”), and users of our devices, computer programs, applications, software, APIs, products, and services (collectively the “Services”).

You will learn about the data we collect, how we use it, the controls we give you over your information, and the measures we take to keep it safe. When you use the Site or Services, please check the date of this Policy (which appears at the top) and review any changes since the last version. This Policy is subject to the provisions of our Terms and Conditions of Use, which are incorporated by reference. To see the Terms of Use click here. Specifically, we’ll cover:

  • Information We Collect
  • How We Use Information
  • How Information Is Shared
  • Your Rights To Access and Control Your Personal Data
  • Data Retention
  • Analytics and Advertising Services Provided by Others
  • Our Policies for Children
  • Information Security
  • Our International Operations and Data Transfers
  • Changes to This Policy
  • Who We Are and How To Contact Us

INFORMATION WE COLLECT

When you use our Services, we collect the below types of information.

INFORMATION YOU PROVIDE US

ACCOUNT INFORMATION

We collect two general types of information from users of our Site and Services - Personal and Aggregate Information as described below:

“Personal Information” consists of contact and biometric information. Contact information consists of information that we can use to verify and contact you such as your name, e-mail address, mailing and shipping address, phone number, gender, date of birth, credit card number, and social media account information, as well as information to help you pay for products and services, and determine your specific identity so that we can help answer any questions you may have or resolve issues with your account.

Some of this information is required in order to create an account on our Services, such as your name, a valid email address that is then linked to your account, self-selected password, date of birth, gender, height, weight, the pairing of at least one authentic Biostrap device (such as a Biostrap wristband), and in some cases your mobile telephone number. You may also choose to provide other types of optional information, such as a profile photo, your daily goals for number of steps, active calories, hours of sleep, and daily active time, as well as customizing your desired units of measure (i.e., Imperial or Metric), country information, and community username.

Biometric information consists of collected and derived data from your Biostrap device(s) that we use to provide our Services that are presented in our application. Biometric information may consist of data on your sleep, steps, active calories, activity time, resting heart rate, heart rate variability, respiratory rate, and oxygen saturation.  This information may be updated as we continually develop the functionality and utility of our application to provide you with accurate and useful information about your health.

“Aggregate Information” is information about your activities on the Site or in connection with your use of the Services that does not contain any way of identifying you individually  (such as frequency of visits to the Site, data entered when using the Site, vital statistics and trends, etc.). We use Aggregate Information to provide the Services, as well as to improve the use of our Site and to monitor, audit, and analyze information pertaining to our business metrics. Further, Aggregate Information may and can be used to determine trends and tendencies that may help with determining overall health.

ADDITIONAL INFORMATION

To help improve your experience or enable certain features of our Services, you may choose to share with us additional information such as your weight, personal goals, and sleep pattern.

If you choose to post on our discussion boards, or send messages to your friends on the Services using  our Remote Monitoring Program, we may also have access to information you share as part of these functionalities.

We may collect additional information such as the physical location of your device by, for example, using satellite, cell phone tower, wi-fi signals or your IP address. We may use your device’s physical location to provide you with location-based services and content. We may also share your device’s physical location, combined with information about what advertisements you viewed and other information we collect, with our marketing service providers to enable them to provide you with more localized content and to study the effectiveness of advertising campaigns. You may be able to allow or deny such uses and/or sharing of your device’s location by changing your device’s location settings, but if you choose to deny such uses and/or sharing, we and our marketing service providers may not be able to provide you with the location-based services and content.

You may also connect with friends on the Services or invite friends who have not yet joined by providing their email addresses, or accessing social networking accounts.

If you contact us or participate in a survey, contest, or promotion, we collect the information you submit such as your name, contact information, and message.

REMOTE MONITORING PROGRAM

Our Service contains the ability for you to share all of the biometric information gathered by Biostrap with other approved users, such as your friends, parents, physician, or a personal trainer (“Remote Monitoring Program”). This enables other people to track your health and fitness progress. The Remote Monitoring Program is disabled by default. By enabling the Remote Monitoring Program you understand and agree to share all of the biometric information collected by Biostrap with the users that you have designated.

Only your biometric information is shared when you grant access to other approved Biostrap users.  Meaning, none of your personal or account information is visible to these users, other than your name and email address. To access your biometric information, other users must request access via the email address associated with your account through our application. For you to access someone else’s information, you too must request access using the email address associated with their account through our application.

You may disable the Remote Monitoring Program at any time, but you should note that the other users that you have agreed to share your information with may have stored a copy of this information, and may use it without your permission. We assume no responsibility for other users’ use or misuse of the information you choose to share via the Remote Monitoring Program.

INFORMATION FROM THIRD-PARTY SERVICES

If you choose to connect your account on our Services to your account on another service, we may receive information from the other service. For example, if you connect to Facebook or Google, we may receive information like your name, profile picture, age range, language, email address, and friend list. You may also choose to grant us access to your exercise or activity data from another service. You can stop sharing the information from the other service with us by removing our access to that other service.

PAYMENT AND CARD INFORMATION

If you purchase Biostrap merchandise on our website, you provide your payment information, including your name, credit or debit card number, card expiration date, CVV code, and billing address. This information is encrypted and sent to our payment network. We do not have access to your payment information, other than your name and shipping address, payment card provider, and occasionally the last four digits of your payment card. We store your name and shipping address to fulfill your order and delete this information once the purpose for which we have collected it has been satisfied. Note that third-party payment processors may retain this information in accordance with their own privacy policies and terms.

INFORMATION WE RECEIVE FROM YOUR USE OF OUR SERVICES

DEVICE INFORMATION

Your device collects data to estimate a variety of metrics like the number of steps you take, distance traveled, calories burned, heart rate and heart rate variability, sleep pattern, respiratory rate, and oxygen saturation. The data collected varies depending on a number of factors such as your chosen activity, whether you utilize our shoe pod, the battery life of your device(s), the quality of connection between your device and your phone, etc. When your device syncs with our applications or software, data recorded on your device is transferred from your device to our secure servers for analysis.

USAGE INFORMATION

When you access or use our Services, we receive certain usage data that includes information about your interaction with the Services, for example, when you create or log into your account, pair your device to your account, synchronize an activity, or open or interact with an application on your Biostrap device.

HEALTH AND OTHER SPECIAL CATEGORIES OF PERSONAL DATA

To the extent that information we collect is health data or another special category of personal data subject to the European Union’s General Data Protection Regulation (“GDPR”), we ask for your explicit consent to process the data. We obtain this consent separately when you take actions leading to our obtaining the data, for example, when you pair your device to your account or grant us access to your exercise or activity data from another service. You can use your account settings to request the disablement or withdrawal of your connections at any time, including by stopping use of a feature, removing access to a third-party service, unpairing your device, or requesting the deletion of your data or your account by contacting us at privacy@biostrap.com.  These steps can also be accomplished through the Privacy Center section of Biostrap.com

HOW WE USE INFORMATION

We use the information you provide to offer and improve our Service, which includes processing the information for the following purposes.

PROVIDE AND MAINTAIN THE SERVICES

Using the information we collect, we are able to deliver the Services to you and honor our Terms of Service contract with you. For example, we need to use your information to provide you with your Biostrap dashboard tracking your exercise, activity, sleep, and other trends; to enable the community features of the Services; and to provide you with exemplary customer support.For the Services’ community features, we may use your information to help you find and connect with other users and to allow other users to find and connect with you as described in the Remote Monitoring Program section above. For example, your account contact information allows other users to add you under our Remote Monitoring Program to share data with your friends, family, trainer, and others. Another user can send you an invite to connect via our Remote Monitoring Program using the email address used for your Biostrap account and vise versa.  Meaning you can ask to monitor your friends account using the email address they use for their Biostrap account.

OUR PILLAR: CONTINUE TO IMPROVE OUR SERVICES

We use the information you provide us to improve our existing Services and develop new ones that match your personal needs. For example, we use the information to troubleshoot, improve accuracy, and protect against errors; perform data analysis and testing; conduct research and surveys to improve our Services; and develop new features that are valuable to our customers.

When you allow us to collect and analyze your information, we use that information to provide and improve features of the Services, such as recording a workout,whether you have properly recovered from a previous one, or if your sleep was adequate.

We also use your information to customize content and information based on analytical inferences. Here are some examples:

  • Information like your height, weight, gender, and age allows us to improve the accuracy of your daily exercise and activity metrics such as  the number of calories you burned and the distance you traveled.
  • Based on your sleep data, we may make inferences about your sleeping patterns, provide you a sleep score, and offer insights to help you improve your sleep.
  • Based on analysis of your data we may recommend you take it easy if we sense that your heart rate variability is lower than normal.

COMMUNICATE WITH YOU

We use your information when needed to send you Service notifications and respond to you when you contact us. We also use your information to promote new features or products that we think you would be interested in. You can control marketing communications and most Service notifications by using your “update subscription preferences” in account settings or via the “unsubscribe from this list” link in an email.

PROMOTE SAFETY AND SECURITY

We use the information we collect to promote the safety and security of the Services, our users, and other parties. For example, we may use the information to authenticate users, facilitate secure payments, protect against fraud and abuse, respond to a legal request or claim, conduct audits, and enforce our terms and policies.

We use cookies and similar technologies for the purposes described above. For more information, please refer to our Cookie Statement.

For personal data subject to the GDPR, we rely on several legal bases to process data. These include when you have given your consent, which you may withdraw at any time by completing our GDPR Subject Data Form and requesting modification of your consent; when the processing is necessary to perform a contract with you, such as the services described in our Terms of Service; and our legitimate business interests, such as in improving, personalizing, and developing the Services, marketing new features or products that may be of interest, and promoting safety and security as described above. Please note that our process for modifying/accepting a withdrawal of your consent is manual and not automatic, and therefore there may be a delay between the receipt of your request and us processing it.

HOW INFORMATION IS SHARED

We do not share your personal information except in the limited circumstances described below.

You may direct us to disclose your information to others, such as when you use our forums, including our social media channels, our Remote Monitoring Program, and other social tools. For certain information, we provide you with privacy preferences in our Privacy Center to control how your information is visible to other users of our Services. Just remember that if you choose to participate in a challenge, information such as your profile, posted messages, total steps in the challenge, personal statistics, and achievements, is not governed by your privacy preferences and will be visible to all other challenge participants.You may also authorize us to share your information with others, for example, with a third-party application when you give access to your account, or with your employer when you choose to participate in an employee wellness program. Remember that their use of your information will be governed by their privacy policies and terms. You can revoke your consent to share with third-party applications or employee wellness programs using your account settings.

FOR EXTERNAL PROCESSING

We transfer information to our corporate affiliates, service providers, and other partners who process data for us, based on our instructions, and in compliance with our policies and any other appropriate confidentiality and security measures. These partners provide us with services such as website hosting, data analysis, payment processing, order fulfillment, information technology and related infrastructure provision, customer service, email delivery, text messaging, credit card or other payment account processing, auditing and similar services, and surveys.

Contracts with our service providers require them to keep your information confidential. We will not sell or trade your Personal Information with unaffiliated third parties. These third party service providers are not authorized to retain, share, store or use your Personal Information for any purposes other than to provide the services for which they have been contracted to provide. When you submit your Personal Information, you also provide us permission to use your Personal Information to contact you by email, telephone, cell phone, direct mail, or text message about certain offers made available by us or third parties that we believe you might be interested in based on information you have provided to us. You may always opt-out of this processing at any time.

SHARING, SELLING AND TRADING AGGREGATE INFORMATION COLLECTED ONLINE WITH THIRD PARTIES

Aggregate Information may be used to improve the Site and Services, to monitor traffic and general usage patterns on the Site, and for other general business purposes which we determine in our sole discretion. Thus, we may disclose or sell Aggregate Information to third parties for a variety of business reasons. Aggregate Information will not include any Personal Information and we will not disclose any Personal Information except as expressly stated elsewhere in this Privacy Policy. For example, we may disclose Aggregate Information to (i) organizations approved by Biostrap that perform research in the areas of fitness, health and wellness; (ii) other users of the Services or the Site for purposes of providing a comparison of across users; and (iii) advertisers and other third parties for general marketing and promotional purposes.

FOR LEGAL REASONS OR TO PREVENT HARM

We may preserve or disclose information about you to comply with a law, regulation, legal process, or governmental request; to assert legal rights or defend against legal claims; or to prevent, detect, or investigate illegal activity, fraud, abuse, violations of our terms, or threats to the security of the Services or the physical safety of any person.

We may share non-personal information that is aggregated or de-identified so that it cannot reasonably be used to identify an individual. We may disclose such information publicly and to third parties, for example, in public reports about exercise and activity, to partners under agreement with us, or as part of the community benchmarking information we provide to users of our subscription services.

If we are involved in a merger, acquisition, or sale of assets, we will continue to take measures to protect the confidentiality of personal information and give affected users notice before transferring any personal information to a new entity.

Please note that on some portions of the Site, users can choose to have their Personal Information displayed. The default for these portions of the Site is that Personal Information is private, other than your username and any other information you choose to display publicly. If users choose to have their Personal Information displayed on the Site, we will not be responsible for this disclosure and such display shall not be considered a breach of this Policy.

YOUR RIGHTS TO ACCESS AND CONTROL YOUR PERSONAL DATA

We provide you the right to access and control your personal data, as described below, regardless of where you live. If you live in the European Economic Area, United Kingdom, and Switzerland (the “Designated Countries”), you have a number of legal rights with respect to your information, that you can access and exercise through our Privacy Center , as outlined below.

Accessing and Exporting Data. By logging into your account, you can access much of your personal information, including your dashboard with your daily exercise and activity statistics. Using the information provided in our Privacy Center, you can acquire a download of your information in a commonly used file format, such as data about your activities and sleep.  You can also email us at privacy@biostrap.com for a copy of your data.

Deleting Data. Your account settings allows you the option to ask us to delete your personal information. If you choose to delete your account, please note that while most of your information will be deleted within 30 days, it may take up to 90 days to delete all of your information, like the data recorded by your Biostrap device and other data stored in our backup systems. This is due to the size and complexity of the systems we use to store data. We may also preserve data for legal reasons or to prevent harm, including as described in the previous How Information Is Shared section.

Objecting to Data Use. We give you account settings and tools to control our data use. For example, using your notification settings, you can limit the notifications you receive from us; and under your application settings, you can revoke the access of other Biostrap users that you previously connected to your account. You can also use the Biostrap application to unpair your device from your account at any time.If you live in a Designated Country, in certain circumstances, you can object to our processing of your information based on our legitimate interests, including as described in the How We Use Information section. You have a general right to object to the use of your information for direct marketing purposes. Please see your notification settings to control our marketing communications to you about Biostrap products and Services. Please refer to our Cookie section for your options to control how we and our partners use cookies and similar technologies for advertising.

Restricting or Limiting Data Use. In addition to the various controls that we offer, if you reside in a Designated Country, you can seek to restrict our processing of your data in certain circumstances. Please note that you can always ask us to delete your account at any time.If you need further assistance regarding your rights, please contact our Data Protection Officer via Privacy@biostrap.com, and we will consider your request in accordance with applicable laws. If you reside in a Designated Country, you also have a right to lodge a complaint with your local data protection authority.

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.

DATA RETENTION

We keep your account information, like your name, email address, and password, for as long as your account is in existence because we need it to provide our Services to you. In some cases, when you give us information for a feature of the Services, we delete the data after it is no longer needed for the feature. We keep other information, like your exercise or activity data, until you use your account settings or tools to delete the data or your account because we use this data to provide you with your personal statistics and other aspects of our Services. We also keep information about you and your use of the Services for as long as necessary for our legitimate business interests, for legal reasons, and to prevent harm, including as described in the How We Use Information and How Information Is Shared sections.

ANALYTICS AND ADVERTISING SERVICES PROVIDED BY OTHERS

We work with partners who provide us with analytics and advertising services. This includes helping us understand how users interact with the Services, serving ads on our behalf across the internet, and measuring the performance of those ads. These companies may use cookies and similar technologies to collect information about your interactions with the Services and other websites and applications. To learn more and about your privacy choices, please refer to our Cookie section.

OUR POLICIES FOR CHILDREN

We appreciate the importance of taking additional measures to protect children’s privacy.Biostrap allows parents to set up accounts for their children to use our  devices. These accounts are subject to a separate Privacy Policy that explains what information we collect to set up these accounts, what information we collect from a child’s use of our Services, and how we use and share that information. Parents or guardians must consent to the use of their child’s data in accordance with this special Privacy Policy for Children in order to create such an account.Persons under the age of 13, or any higher minimum age in the jurisdiction where that person resides, are not permitted to create accounts unless their parent or legal guardian has consented in accordance with applicable law. If we learn that we have collected the personal information of a child under the relevant minimum age without parental consent, we will take steps to delete the information as soon as possible. Parents who believe that their child has submitted personal information to us and would like to have it deleted may contact us at privacy@biostrap.com.

INFORMATION SECURITY

We work hard to keep your data safe. We use a combination of technical, administrative, and physical controls to maintain the security of your data. This includes using Secure Socket Layer  (“SSL”) to encrypt many of our Services. No method of transmitting or storing data is completely secure, however. If you have a security-related concern, please contact Customer Support by emailing support@biostrap.com.

If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised), please immediately notify us of the problem. Please note that emails you send to us through our Site are not encrypted, and we strongly advise you not to communicate any confidential information through these means.

OUR INTERNATIONAL OPERATIONS AND DATA TRANSFERS

We operate internationally and transfer information to the United States and other countries for the purposes described in this policy. We rely on multiple legal bases to lawfully transfer personal data around the world. These include your consent and the EU-US and Swiss-US Privacy Shield, which require certain privacy and security protections. Biostrap USA, LLC. complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. Under these Frameworks, we are subject to the Federal Trade Commission’s investigatory and enforcement powers. Biostrap USA, LLC has certified to the Department of Commerce that it adheres to the Privacy Shield Principles.  If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.  To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/

If you have any questions or complaints about how we are complying with the Privacy Shield principles, please contact us at privacy@biostrap.com. If we can’t resolve your concern, you may submit a complaint to your local data protection authority. In certain circumstances, you may also have the right to invoke binding arbitration to resolve your concern. To learn more about binding arbitration, see Annex I to the EU-U.S. Privacy Shield and Annex I to the Swiss-U.S. Privacy Shield.

As we've indicated elsewhere, Biostrap may sometimes share your personal information with third parties for processing on our behalf. We are responsible for this third-party processing if it violates the Privacy Shield principles, unless we can show that we were not responsible for the violation.

Please note that the countries where we operate may have privacy and data protection laws that differ from, and are potentially less protective than, the laws of your country. You agree to this risk when you create a Biostrap account and click “I agree” to data transfers, irrespective of which country you live in. If you later wish to withdraw your consent, you can delete your Biostrap account as described in the Your Rights To Access and Control Your Personal Data section.

CHANGES TO THIS POLICY

We will notify you before we make material changes to this policy and give you an opportunity to review the revised policy before deciding if you would like to continue to use the Services. You can review previous versions of the policy in our archive.

LINKS TO OTHER WEBSITES

The Site may contain links to websites operated by third parties that are unrelated to Biostrap. Those websites may have their own privacy policy or no privacy policy at all. We do not have any responsibility for those websites, and we provide the links solely for the convenience of our visitors.

WHO WE ARE AND HOW TO CONTACT US

If you have questions, suggestions, or concerns about this policy, or about our use of your information, please contact us at privacy@biostrap.com.No matter where you live, whether in the European Economic Area, United Kingdom, Switzerland, or United States,  Biostrap USA, LLC. controls your personal data and provides you with the Services. If you are seeking to exercise any of your statutory rights, please contact our Data Protection Officer at privacy@biostrap.com.

You may also contact us at:Biostrap USA, LLC.

Attn: Legal Department (Privacy Policy)260 Mt. Olive Dr.Bradbury CA 91008

Phone: (323) 999-4757

Archive of Previous Privacy Policies