Last Updated: 17 August 2018
What information does the Website obtain and how is it used?
Healthora does collect or transmit any personally identifiable information about you, such as your name, address, phone number automatically. Healthora initially collects only your Email address which is essential for providing services and updates, rest of the information is collected gradually as you use more of our services.
Can users see their personal data?
Healthora itself does not collect, transmit, or maintain user data. The user data is maintained by our Data processors. Please refer to Data Processing Addendum.
Do you share personal information?
As no personal information is collected, transmitted, or maintained by Healthora, we do not share personal information with anyone. Personal information is collected, transmitted, and maintained by our Data processors and is not shared by any third party.
Do advertising companies collect data?
Healthora has no facility for collecting, transmitting, or maintaining user data, however our partner advertising companies may collect, transmit, or maintain user data if you interact with them.
Do you use vendors or analytics providers?
Healthora uses Data processors such as Google for collecting, transmitting, analyzing and maintaining user data.
Do you comply with the Children’s Online Privacy Protection Act (COPPA)?
Yes. We do not solicit nor gather any data from children under the age of 13. If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she shouldcontact us at our “Contact Us” page.
- Google’s use of the DoubleClick cookie enables it and its partners to serve ads to your users based on their visit to your sites and/or other sites on the Internet.
You can read more about Google’s Advertising and Cookies here: http://www.google.com/policies/privacy/ads/
How long will the data be stored for?
Your data will remain in our servers for a certain period of time as mentioned in the Data Processing Addendum.
What are my rights over my personal data?
Unless subject to an exemption under any law, you have the following rights with respect to your personal data: –
- The right to request a copy of your personal data which we hold about you;
- The right to request that we correct any personal data if it is found to be inaccurate or out of date;
- The right to request your personal data is erased where it is no longer necessary to retain such data;
- The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;
- The right to object to the processing of personal data for direct marketing and processing for the purposes of scientific/historical research and statistics
- The right to lodge a complaint with the Information Officer set in this document.
How can I contact you about privacy questions?
If you have questions or concerns about our collection and use of your personal information, please contact us at our “Contact Us” page.
Data Processing Addendum
This DPA shall not replace or supersede any agreement or addendum relating to processing of Personal Data negotiated by User and referenced in the Agreement, and any such individually negotiated agreement or addendum shall apply instead of this DPA.
In the course of providing the Service to User pursuant to the Agreement, Healthora may process Personal Data on behalf of User. Healthora agrees to comply with the following provisions with respect to any Personal Data submitted by or for User to the Service or collected and processed by or for User through the Service. Any capitalized but undefined terms herein shall have the meaning set forth in the Agreement.
Data Processing Terms
In this DPA, “Data Protection Legislation” means European Directives 95/46/EC and 2002/58/EC (as amended by Directive 2009/136/EC) and any legislation and/or regulation implementing or made pursuant to them, or which amends, replaces, re-enacts or consolidates any of them (including the General Data Protection Regulation (Regulation (EU) 2016/279)), and all other applicable laws relating to processing of Personal Data and privacy that may exist in any relevant jurisdiction.
“data controller”, “data processor”, “data subject”, “Personal Data”, “processing”, and “appropriate technical and organisational measures” shall be interpreted in accordance with applicable Data Protection Legislation;
The User agree that Healthora is the data controller and that WordPress and Google Analytics are its data processor in relation to Personal Data that is processed in the course of providing the Service. Healthora shall comply at all times with Data Protection Legislation in respect of all Personal Data it provided to WordPress and Google Analytics pursuant to the Agreement.
The subject-matter of the data processing covered by this DPA is the Service ordered by User through Healthora. The processing will be carried out until the term of User’s ordering of the Service ceases. Further details of the data processing are set out in Annex 1 hereto.
In respect of Personal Data processed in the course of providing the Service, Website:
1. Shall process the Personal Data only in accordance with the documented instructions from User (as set out in this DPA or the Agreement or as otherwise notified by User to Healthora (from time to time) If Healthora is required to process the Personal Data for any other purpose provided by applicable law to which it is subject, Healthora will inform User of such requirement prior to the processing unless that law prohibits this on important grounds of public interest;
2. Shall implement and maintain appropriate technical and organisational measures designed to protect the Personal Data against unauthorised or unlawful processing and against accidental loss, destruction, damage, theft, alteration or disclosure. These measures shall be appropriate to the harm which might result from any unauthorised or unlawful processing, accidental loss, destruction, damage or theft of the Personal Data and having regard to the nature of the Personal Data which is to be protected;
3. Healthora remains responsible for its subcontractors’ compliance with the obligations of this DPA. Any subcontractors to whom Website transfers Personal Data will have entered into written agreements with Healthora requiring that the subcontractor abide by terms substantially similar to this DPA.
4. Shall ensure that all Healthora personnel required to access the Personal Data are informed of the confidential nature of the Personal Data and comply with the obligations sets out in this Clause;
5. At the User’s request and cost (and insofar as is possible), shall assist the User by implementing appropriate and reasonable technical and organisational measures to assist with the User’s obligation to respond to requests from data subjects under Data Protection Legislation (including requests for information relating to the processing, and requests relating to access, rectification, erasure or portability of the Personal Data) provided that Healthora reserves the right to reimbursement from User for the reasonable cost of any time, expenditures or fees incurred in connection with such assistance;
6. At the end of the applicable term of the Service, upon User’s request, shall securely destroy or return such Personal Data to User;
7. If Healthora becomes aware of any accidental, unauthorised or unlawful destruction, loss, alteration, or disclosure of, or access to the Personal Data that is processed by Website in the course of providing the Service (an “Incident”) under the Agreement it shall without undue delay notify User and provide User (as soon as possible) with a description of the Incident as well as periodic updates to information about the Incident, including its impact on User Content. Healthora shall additionally take action to investigate the Incident and reasonably prevent or mitigate the effects of the Incident;
Healthora shall provide information requested by User to demonstrate compliance with the obligations set out in this DPA.