Back to Home

GDPR Compliance

Last updated: June 25, 2023

At Stay Healthyr, we are committed to protecting your personal data and ensuring compliance with the General Data Protection Regulation (GDPR). This document outlines how we collect, process, and protect your data in accordance with GDPR requirements.

1. Data Controller

Stay Healthyr is the data controller for all personal data collected through our application and website. For any questions regarding our GDPR compliance or your data, please contact our Data Protection Officer at support@stayhealthyr.com.

2. Personal Data We Collect

We may collect the following personal data:

  • Identity information (name, email address, phone number)
  • Technical information (IP address, device information, browser type)
  • Health and fitness data (weight, height, activity levels, nutrition information)
  • User-generated content (profile information, photos uploaded to the app)
  • Usage data (how you interact with our service)

3. Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Contractual necessity: Processing necessary to fulfill our contract with you when you use our service
  • Consent: Processing based on your specific, informed, and unambiguous consent
  • Legitimate interests: Processing necessary for our legitimate interests, such as improving our services and ensuring security
  • Legal obligation: Processing necessary to comply with legal requirements

For special categories of data (such as health data), we obtain your explicit consent before processing.

4. Your Data Protection Rights

Under GDPR, you have the following rights regarding your personal data:

  • Right to access: You can request a copy of your personal data that we hold.
  • Right to rectification: You can request that we correct any inaccurate or incomplete data.
  • Right to erasure: You can request that we delete your personal data in certain circumstances.
  • Right to restrict processing: You can request that we restrict the processing of your data in certain circumstances.
  • Right to data portability: You can request a copy of your data in a structured, commonly used, and machine-readable format.
  • Right to object: You can object to the processing of your personal data in certain circumstances.
  • Rights related to automated decision-making: You can request human intervention in automated decisions that significantly affect you.

To exercise any of these rights, please contact us at support@stayhealthyr.com. We will respond to your request within 30 days.

5. Data Storage and Security

We implement appropriate technical and organizational measures to ensure the security of your personal data. These include:

  • Encryption of personal data during transmission and at rest
  • Regular testing and evaluation of security measures
  • Restricted access to personal data
  • Data backup procedures
  • Staff training on data protection

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting requirements. Different types of data may be kept for different periods based on their purpose and necessity.

7. International Data Transfers

If we transfer your personal data outside the European Economic Area (EEA), we ensure that appropriate safeguards are in place, such as:

  • Standard contractual clauses approved by the European Commission
  • Binding corporate rules for transfers within a corporate group
  • Transfers to countries with adequacy decisions

8. Data Breach Procedures

In the event of a personal data breach, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach, where feasible. If the breach is likely to result in a high risk to your rights and freedoms, we will also notify you without undue delay.

9. Data Protection Impact Assessments

For processing activities that are likely to result in high risk to individuals' rights and freedoms, we conduct Data Protection Impact Assessments (DPIAs) to identify and minimize risks.

10. Use of Cookies and Similar Technologies

Our website uses cookies and similar tracking technologies. You can control the use of cookies through your browser settings. For detailed information about the cookies we use, please visit our Privacy Policy.

11. Children's Data

Our service is not intended for children under 16 years of age. We do not knowingly collect personal data from children under 16. If we become aware that we have collected personal data from a child under 16 without verification of parental consent, we will take steps to remove that information from our servers.

12. Contact Us

If you have any questions about our GDPR compliance or want to exercise your data protection rights, please contact us:

  • By email: support@stayhealthyr.com

You also have the right to lodge a complaint with a supervisory authority if you believe your data has been processed unlawfully.

This GDPR Compliance statement was last updated on June 25, 2023.