Logo
    Cover

    Policy Privacy

    Privacy Policy

    Privacy Policy

    Heeroo, Inc. offers the Heeroo product family. For more information, see:

    • About Us and
    • Our commitment to protecting your personal information.

    This privacy notice explains how we handle and protect your personal information when you use the Heeroo product family. We understand that this notice includes a lot of information. We aim to provide you with a brief and easily accessible summary of how we collect, protect, store, and disclose your personal information. For more details, see:

    • Background on the Heeroo Data Management System and
    • Personal Information Security below.

    THIS SUMMARY IS NOT COMPLETE. YOU MUST READ THE RELEVANT SECTIONS OF THE PRIVACY NOTICE BELOW TO FULLY UNDERSTAND HOW WE HANDLE YOUR PERSONAL INFORMATION.

    We use personal information when you create your own Heeroo Data Management System account. You can use the Heeroo application (defined below) without creating a Heeroo Data Management System account (when applicable). Whether you create a Heeroo Data Management System account or use the Heeroo application without an account, we collect personal information if you request customer support and share system diagnostic data. We also use cookies on our websites. For more information, see:

    • Collection of personal information via the Heeroo Data Management System and
    • Country-Specific Provisions below and
    • Country-Specific Provisions supplement and/or modify specific provisions, as required by law, that appear to conflict with the overall content of this Privacy Policy. We use personal information to:

    (1) provide you with the Heeroo product and service family;

    (2) comply with legal obligations, including those related to safety, quality, and improvement of medical devices, complaints, and adverse incident reporting;

    (3) send you marketing communications when you have opted in; and

    (4) conduct research once personal information has been depersonalized, pseudonymized, aggregated, and/or anonymized, so it does not identify you by name. We conduct research to understand how our products and services are used, their effectiveness, and for real-world evidence studies. For more information, see:

    • Use of Personal Information,
    • Medical Devices and Other Legal Requirements,
    • Research,
    • Use of Cookies and Similar Technologies on Heeroo,
    • Retention of Personal Information, and
    • How Heeroo Sends Marketing and Other Materials below.

    We strictly limit access to your personal information to duly authorized personnel and strictly limit with whom we share your personal information. We will never sell your information to third parties for our commercial benefit. We share personal information with third-party providers to provide you with the Heeroo product family, such as our third-party cloud service providers who are required to keep your personal information confidential and secure. Wherever we provide your personal information to third-party providers, they are required to comply with the terms set out in this document and to keep your personal information confidential and secure and to use your personal information to the minimum extent necessary. We also share personal information with certain of our affiliated companies within the Heeroo group of companies, particularly to anonymize, pseudonymize, aggregate, and/or anonymize personal information for research purposes, or to perform troubleshooting/diagnostics and broader analysis to detect systemic problems.


    For more information, see +Personal Information Security, +Disclosure of Personal Information by Us, and +How to Share Information with Your Healthcare Provider or Others below. When your location grants you certain rights regarding your personal information, we will respond to your requests to exercise these rights.

    For more information, see +How Individual Users Can Access and Correct Personal Information and Your Rights below. We store personal information on servers provided by third-party companies located in Canada. For more information, see

    +Data Storage and

    +Transfers of Personal Information below.

    Please contact us first if you have any questions, comments, or complaints. You can do this by sending us an email at info@Heeroo.com for inquiries.



    Privacy Notice of Heeroo for Using the Heeroo Data Management System

    Release Date: November 2021

    Heeroo, Inc. ("Heeroo" or "we/us/our") recognizes the importance of data protection and privacy and is committed to protecting personal information, including health information. This privacy notice describes how your personal information, including health information, is collected and used by Heeroo and how it is uploaded, transmitted, and stored by you in the Heeroo Data Management System. References in this privacy notice to "affiliates" or "third parties" refer to Heeroo's affiliates and the third parties listed in the section titled

    +Disclosure of Personal Information by Us.

    Please read this privacy notice carefully before creating a Heeroo Data Management System account as it applies to your use of the Heeroo Data Management System and to the processing, transfer, and storage of your personal information, including health information in the cloud by Heeroo and certain affiliates as described below. Specifically, this privacy notice describes the privacy and data protection practices of Heeroo and applies only to personal information we process in the Heeroo Data Management System through:

    • Heeroo.com available for individual use;
    • The Heeroo app;
    • The Heeroo app, which can only be used by invitation; and
    • Use of the Heeroo customer service line.

    This also applies to the processing of your personal information by our affiliates and by our subcontractors if necessary to resolve a customer service issue related to the Heeroo Data Management System. You can find more information on how we process your personal information for customer support purposes in the privacy policies applicable to your country of residence, which you can access at https://www.Heeroo.com

    By creating a Heeroo Data Management System account and using Heeroo, the Heeroo app or the Heeroo app, you:

    • Affirm that you are of legal age to accept this privacy notice;
    • Agree either on your own behalf or on behalf of another person for whom you have the actual legal authority to accept this privacy notice; and
    • Accept this privacy notice.

    BY ACCEPTING THIS PRIVACY NOTICE, YOU EXPLICITLY ACKNOWLEDGE THAT YOUR USE OF THE HEEROO DATA MANAGEMENT SYSTEM IS SUBJECT TO THIS PRIVACY NOTICE AND TO THE PROCESSING AND TRANSFER OF PERSONAL INFORMATION, INCLUDING HEALTH INFORMATION, AS DESCRIBED IN THIS PRIVACY NOTICE.

    BY CLICKING "ACCEPT," YOU PROVIDE YOUR EXPLICIT CONSENT FOR THE USE OF YOUR PERSONAL INFORMATION (DEPERSONALIZED) FOR RESEARCH PURPOSES, AS DEFINED IN THE SECTION TITLED +RESEARCH. BY CLICKING TO ACCEPT OR TO SIGN UP FOR RESEARCH, YOUR CONSENT IS GIVEN FREELY AND YOU ACKNOWLEDGE THAT YOU HAVE NO LEGAL OBLIGATION TO PROVIDE PERSONAL INFORMATION TO HEEROO.

    +About Us

    +Background on the Heeroo Data Management System

    The Heeroo Data Management System allows Heeroo to provide enhanced guidance to patients using Heeroo's systems and mobile applications. It also allows Heeroo to improve the quality, safety, and effectiveness of medical devices and systems and enables Heeroo to develop innovative and effective management of mental health diseases in the interest of public health. Please note that third parties may offer products, services, software, hardware, and mobile applications unauthorized by Heeroo and which they claim may be compatible with your sensor, the Heeroo app, and/or the Heeroo Data Management System. The use of such unauthorized third-party products, services, software, applications, or hardware may result in unauthorized use of Heeroo products. Heeroo does not recommend or endorse the use of the Heeroo Data Management System with these third-party products and services, and is not responsible if you do so, including, but not limited to, when your use of these products or services affects the integrity or accuracy of the information in your Heeroo Data Management System account. Heeroo is not responsible if you connect to these third-party products or services, or if you decide to download data from these third-party products or services to your Heeroo Data Management System account, or share data from your Heeroo Data Management System account with these third-party products or services. If you use these third-party products or services, your use is subject to their respective privacy policies and terms of use. When you use these third-party products, services, software, or applications and download information to your Heeroo Data Management System account, Heeroo will receive and process these data, including if you have downloaded health-related information. For more information on how Heeroo allows you to share your information with authorized third parties, please see:

    • Disclosure of Personal Information by Heeroo for more details.

    The usage of the Heeroo Data Management System may require compatible devices, internet access, data usage (fees may apply), certain software (fees may apply), and periodic updates, and the performance of the Heeroo Data Management System may be affected by these requirements. Your healthcare provider also has the option to create their own Heeroo Data Management System account and create patient profiles within this account. When you visit your healthcare provider, physically or through a virtual visit—be it via phone, videoconference, or any other method of contactless meeting—they can connect your reader to their Heeroo Data Management System account to view and print patient reports to remotely view patient reports and share these reports with other professionals in their practice. The Heeroo Data Management System allows patient users to create their own accounts, upload their own information, and share information with professional users. This enables professional users to remotely view patient reports and share these reports with other professionals in their practice. Your healthcare provider may also use the Heeroo Data Management System to send patient reports directly to their electronic medical records systems when permitted. By accepting the privacy terms contained in this notice, you agree and consent to this data sharing. You may choose to use the Heeroo app without creating an account, and if you have an account, you may choose to log out at any time. If you do not create an account or if you log out of your account, the features of the Heeroo app will be limited. All your personal information and marker values will not be stored. If you log out of your account, you can reconnect to the Heeroo app with the same account at any time to resume all features, store and save data, and share your information.


    When you agree to receive marketing communications and contests from us, we will combine your

    Heeroo Data Management System account profile (name, age range, mobile, email address, and country) with other information you have provided to us for marketing purposes, such as your address, and if you are a user of the Heeroo app, as outlined in the sections entitled

    +Use of Personal Information and

    +How Heeroo Sends Marketing and Other Documents.


    This privacy notice covers the collection of the following information:


    For users of the Heeroo app and other Heeroo platforms:

    • Your account profile that you fill out when you register or create a new account, which may include name, mobile phone number (if applicable), date of birth, country, and email address for adult users for their own use or for use by another adult (if you are authorized to do so) and in the case of pediatric use in addition to the email address of the parent/guardian, the child's name, date of birth, and country. In addition to the categories of information listed here, other categories of personal information may be collected from you in connection with certain programs. If and when such information collection is necessary, we will explain how this information is collected, used, and shared. Health-related information from your use of the various Heeroo platforms, such as how often you use the Heeroo platforms, the targets of certain markers, the values of these markers, and other markers studied and/or collected by any means.
    • To help us resolve any technical issues, when you contact us and share your troubleshooting/self-diagnostic data (see: +Use of Self-Diagnostic Data for more information);
    • Bluetooth login and logout data (if applicable); and
    • Information indicating whether information about your markers has been accessed by a user (if applicable).
    • For users of the Heeroo app: Your first name, last name, mobile phone number (if applicable), email address, country, and date of birth.
    • For users of the Heeroo app and the Heeroo app: Information about your mobile device, including information about your operating system and other troubleshooting and analytical data that may include serial numbers and free text notes.
    • For users of Heeroo: Information about your use of the website via cookies and other technologies (please see the section entitled + Use of Cookies and Similar Technologies on Heeroo for more information): your domain name; your browser type and operating system; your IP address; and other troubleshooting data.
    • For users of the Heeroo app who do not create a Heeroo Data Management System account:
    • To help us resolve any technical issues when you contact us and share your troubleshooting/self-diagnostic data (see + Use of Diagnostic Data for more information);
    • To help us analyze the performance of the Heeroo app through the use of Google Firebase Analytics; diagnostic information, including health-related information, via the Heeroo app for troubleshooting/diagnostic purposes and to perform a broader analysis to detect systemic problems.
    • To facilitate the initial connection between the Heeroo app if you have an Android device (see + Disclosure of Personal Information by Us for more information).

    Use of Personal Information When you register for a Heeroo Data Management System account, account profile data (name, mobile phone number (if applicable), country, date of birth, email address) are kept separate from the information you upload from Heeroo platforms. Heeroo employs technical and administrative measures to ensure data separation and will never combine these data unless otherwise specified below. Heeroo uses your personal information, including health information and data derived from your use of Heeroo platforms, and technical information about your mobile device if you use the Heeroo app, or the computer you use to access Heeroo in the following ways:

    For Heeroo app users:

    • To provide you with a Heeroo Data Management System account to give you access and present your information, including health information, in a user-friendly and effective manner, enabling you to store, back up, and retrieve your history of psychological health markers, values, and to ensure ongoing access to information on how you manage your psychological health;
    • To provide you with a Heeroo Data Management System account so you can share your stored readings in the Heeroo Data Management System with your connections via the Heeroo app;
    • If you are a parent or guardian, to allow you to create a Heeroo Data Management System account for your ward, and to enable you to manage their use of the Heeroo Data Management System account;
    • When you register, we will prepare and send you marketing information, which may be personalized based on the data uploaded (including if you live with a psychological illness) or linked to your Heeroo Data Management System account (including scans, alarms, connections, and events), including from your local Heeroo company. We do this so that you receive information relevant to you. You will have the option to accept these communications when you first provide us with your personal information and when you log in to your account. After your initial registration, you will also have the option to opt-out through each marketing communication you receive from us;
    • To contact you to learn more about your use of the Heeroo Data Management System and to offer you training and support in using our products;
    • To assist us in resolving any technical problems, when you contact us and share your troubleshooting/self-diagnostic data, including health information (whether or not you are logged into the Heeroo Data Management System account on the Heeroo app) (please also see +Use of Self-Diagnostic Data for more information) and to perform broader analysis to detect systemic problems;
    • To help us analyze the performance of the Heeroo app (whether or not you are logged into your Heeroo Data Management System account on the Heeroo app). Heeroo uses Google's Firebase Analytics to collect performance monitoring data for the Heeroo app in an aggregated and anonymized format. Performance monitoring data may include the app version, country, operating system level, device, radio, and operator. It will not include your phone's serial number or any other personal information, including health information;
    • When you are registered, we will combine usage data from the Heeroo app with data such as scans, alarms, connection and event data, purchase information from our online Heeroo stores, statistical information about the number of calls you make to our customer services, and statistical information on educational and marketing communications we send you, and use this combined information to:
    • Provide you with personalized services by providing you with relevant information. For example, if you use a reader, we may send you relevant information for using a reader or send you timely messages to help you use the Heeroo Data Management System more effectively.
    • Better understand you and improve our interactions with you. For example, we may link your support call or SMS to your recent online exchange with your assistant, or a purchase in our online store, which would enable us to assist you during your call;
    • Understand your preferences, improve our interactions with you, and offer you content, products, and promotions relevant to you. For example, if you are a new user of our products or have downloaded a new version of the Heeroo app, we may send you educational material relevant to you as a new user;
    • To better understand and know our customers' preferences and behaviors, after we have aggregated, anonymized, or de-identified your personal information.

    For users of the Heeroo Data Management System:

    • To assist us in resolving any technical problems with the Heeroo Data Management System, including when we contact you regarding significant product or performance issues, or when we respond to your queries or respond to your request for assistance, troubleshooting, or any performance issue, including where you share self-diagnostic data with us, including health information, as detailed in the privacy policies applicable in Canada, accessible at https://www.Heeroo.com; and
    • To better understand how you interact and use the Heeroo Data Management System, including its features, including contacting you to obtain further information about you and your use of the Heeroo system (please also consult +Research for more information).

    For Heeroo app users:

    • For users of the Heeroo app who do not set up a Heeroo Data Management System account:
    • To assist us in resolving any technical problems when you contact us and share your troubleshooting/diagnostic data, including health information (see +Use of Self-Diagnostic Data for more information).
    • to help us analyze the performance of the Heeroo application using Google's Firebase Analytics;

    For Android users only:

    to facilitate the initial connection between the Heeroo application via Bluetooth (see + Disclosure of Personal Information by Us for more information).

    +Medical Devices and Other Legal Requirements

    Heeroo may use personal information, including health-related information, when required by law and, to the extent possible, we will anonymize, pseudonymize, aggregate, and/or anonymize the information to comply with various legal requirements. For example, as a distributor of medical devices, Heeroo has certain legal obligations to ensure the ongoing safety of our medical devices. This may require Heeroo to share personal information with regulatory authorities responsible for the quality and safety of medical devices (e.g., when your healthcare provider reports an adverse incident related to a Heeroo device). The information that Heeroo may be required to share is not used to identify you individually by your name or email address, except where there is a legal obligation to include this information, for example when a healthcare provider files a complaint or reports an adverse incident. Our parent company, 9493-6564 Quebec Inc., assists us as a subcontractor to ensure that this information does not identify a patient by anonymizing, pseudonymizing, aggregating, and/or anonymizing personal information. The legal requirements for which Heeroo may use this information include:

    • ensuring the ongoing safety of a device or device or application and any future development;

    • monitoring and improving the quality, safety, and efficacy of medical devices and systems;

    • validating upgrades and ensuring the safety of Heeroo's data management system;

    • performing broader analysis to detect systemic issues of public interest in the field of public health;

    • identifying options to improve the usability, performance, and security of the Heeroo data management system;

    • testing and evaluating the Heeroo data management system to improve product features and functionality; and

    • when required by law, responding to requests from any competent law enforcement agency, regulatory body or government, court or other third party when we believe that disclosure is necessary or appropriate to comply with a regulatory requirement, a judicial procedure, a court order, a government request or legal process served on us, or to protect the safety, rights or property of our customers, the public, Heeroo or others, and to exercise, establish or defend the legal rights of Heeroo or when we believe it is necessary to investigate, prevent, or take actions concerning illegal activities, suspected fraud, situations involving potential threats to the safety of any person, violations of this Privacy Statement or as evidence in litigation in which we are involved. We use the terms "anonymize" and "pseudonymize" interchangeably. Anonymized data are information that does not relate to an identified or identifiable person and from which a person cannot be identified, and this type of data is not subject to data protection and privacy laws.


    +Research

    Heeroo conducts research for limited purposes using your personal information after it has been anonymized, pseudonymized, aggregated, and/or made anonymous. These data include limited demographic data, namely year of birth and country of residence, and device-related data (such as the frequency and days of analysis or use of the various Heeroo systems, the frequency of use, the target ranges of certain markers, the average values of certain markers such as but not limited to: usage and purchase habits, recorded exercise and other recorded notes, and information generated by the various Heeroo systems, namely, Bluetooth login and logout information, information indicating whether information about the habits that you upload to the Heeroo data management system has been accessed by you). These informations may also include your responses to research surveys. Our parent company 9493-6564 Quebec Inc. assists us as a subcontractor to anonymize, pseudonymize, aggregate, and/or anonymize your personal information. When the data has been anonymized, it is no longer subject to privacy and data protection laws. A data set processed for research purposes will not include your name, address, phone number or email address. This anonymized, pseudonymized, anonymized or aggregated data set is securely held by Heeroo and will not be used to identify you individually by your name or email address. If you delete your account via the Heeroo data management system settings or via a request to customer service, the data that has already been or is in the process of being anonymized, anonymized, pseudonymized and/or aggregated for research purposes as described in this section will not be deleted. The research purposes for which Heeroo may use this data set include:

    • to create, access, preserve, use, and share information with affiliated companies and third-party researchers, entities, or healthcare professionals or public health authorities for the purpose of advancing scientific research through statistical analyses and other means;

    • evaluating how the Heeroo data management system is provided and used and its effectiveness, including its performance or impact on users (including basic user demographics, such as geography) based on real-world evidence and observational studies;

    • researching, developing, and testing healthcare systems and management; and

    • researching, developing, and testing medical devices, including new and existing features for product development, and advancing scientific research through analyses and statistical surveys and other means. Heeroo conducts research on product usage based on anonymized, pseudonymized, aggregated, and/or anonymized data for limited purposes, especially to help us understand the performance of the Heeroo application and Heeroo systems, to help us understand the issues that may require resolution with the application, and to help us understand how often the application has been downloaded from the App Store. If, in addition to using the Heeroo data management system, you use the Heeroo desktop software, please note that the information uploaded to the Heeroo data management system is hosted separately and independently from the Heeroo desktop software. Heeroo will not combine data from these two services (anonymized data obtained via the Heeroo desktop software and personal information uploaded and contained in the Heeroo data management system). Heeroo uses administrative, technical, and organizational measures to ensure that these data flows remain separate. We use the terms "depersonalized" and "pseudonymized" interchangeably. The General Data Protection Regulation (EU) 2016/679 (GDPR) defines "pseudonymization" as "the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information".

    • For more information about our ongoing scientific research projects, please contact us at info@Heeroo.com.


    Use of Self-Diagnostic Data

    When you share your troubleshooting/self-diagnostic data, the following information will be transmitted to us and collected by us (whether or not you are logged into the Heeroo Data Management System account on the Heeroo app):

    • Information about your device, reader, and/or sensor (serial number and/or model of your device, reader, or sensor) when you report a fault; data on configuration information, error codes, battery-related information, software and hardware versions, phone model, operating system, and other technical diagnostic information;
    • Health-related information, as this information may be necessary to diagnose the fault;
    • Information you may have entered into the Heeroo app, on your reader or device, including but not limited to: food, exercise, medications, reminders, and free-text information, as they may be necessary to diagnose the fault. When you contact us to report a fault, we collect your name, address, phone number, country, and email address. Your use of customer support is governed by the privacy policies applicable in Canada.

    Use of Cookies and Similar Technologies on Heeroo

    • We use cookies and similar technologies on Heeroo to collect technical information. Cookies are text files containing small amounts of data that are downloaded to your computer when you visit a website. Cookies are useful because they allow us to recognize your computer and enhance your experience on our websites. We also use Google's Invisible reCAPTCHA service to maintain the integrity of Heeroo. The use of the Invisible reCAPTCHA service is subject to Google's privacy policy and terms of use. Your web browser (such as Internet Explorer, Firefox, Safari, or Chrome) then sends these cookies or similar technologies back to the website on each visit so that we can recognize you. These cookies can only be read by the server that sent them to your browser. Our systems may not recognize Do Not Track (DNT) headers or similar mechanisms from some or all browsers. Through our use of cookies and similar technologies on Heeroo, we collect the following technical information: your domain name, browser type, and operating system; the web pages you view, the links you click on, the IP address, the duration of your visit on Heeroo, the referral URL or the web page that led you to Heeroo, and troubleshooting and analysis data to help us provide you with the Heeroo Data Management System. We may combine this automatically collected information with other information we have about you. You can control and manage your cookies in various ways. Remember that any settings you change will not only affect these cookies used by Heeroo. These changes may apply to all websites you visit (unless you choose to block cookies from specific websites).

    Heeroo uses the following types of cookies:

    • Cookies that are strictly necessary for us to operate and secure access to Heeroo and to recognize you when you log into your Heeroo Data Management System account.
    • Functionality and security cookies may also be used to help Heeroo display the correct date and time for your user sessions and to help us protect the integrity of Heeroo and ensure the security of Heeroo. To learn more about cookies, visit https://www.allaboutcookies.org.

    Data Storage

    • Heeroo uses Amazon Web Services (AWS), OVH, or Microsoft Azure to host your Heeroo Data Management System accounts in the cloud. The servers hosting the Heeroo Data Management System accounts are located in Canada. The personal information and health-related information that you upload to your Heeroo Data Management System account will be stored in Canada or otherwise in accordance with the data storage and privacy requirements of your selected country. Heeroo has implemented appropriate security measures and controls to protect your personal information. For more information on our server locations and which servers your personal information, including health-related information, is stored on, please visit https://Heeroo.com

    Retention of Personal Information

    Heeroo will retain the personal information associated with your Heeroo Data Management System account for the following periods:

    • Creation/use of a Heeroo Data Management System account: for a period of 6 months following your last use of your account, and, when you contact us for customer support, for a period of at least 2 years but no more than 10 years from the last date the device was made available to the public by Heeroo, or longer if required by law;

    • Diagnostic/troubleshooting data (U.S. only): in accordance with the requirements of the U.S. Food and Drug Administration for diagnostic and troubleshooting data, contact information is retained as long as a customer support ticket remains active. Once we have resolved or closed your customer support ticket, we retain your contact details and the details of the fault for more than 2 years after you reported the fault or 10 years after the product is no longer manufactured. For more information, visit https:// Heeroo.com;

    • Marketing: once you have signed up, we will provide you with marketing-related information until you unsubscribe or for a period compliant with legal requirements;

    • Medical devices and other legal requirements: as legally required for a maximum period of ten (10) years from the last date the device was made available to the public by Heeroo or any other retention period required by law; and

    • Research: for a maximum period of 10 years from the date the last device was made available for sale by Heeroo in your country once the information has been depersonalized, pseudonymized, aggregated, or made anonymous.

    Except as otherwise indicated above, Heeroo will continue to store your personal information as long as you have an active Heeroo Data Management System account. Your Heeroo Data Management System account will be considered inactive once there has been no activity for six (6) months. Once your Heeroo Data Management System account is considered inactive or when you delete your account, all personal information will be permanently and irrevocably deleted, unless (1) Heeroo is required or permitted to retain the personal information or (2) with respect to such information that has already been or is in the process of being anonymized, anonymized, pseudonymized, and/or aggregated for the purposes set forth in the section entitled +Research. We will inform you in advance by sending an email to the email address associated with your Heeroo Data Management System account so that you have the opportunity to ensure that your account remains up-to-date and available for your use. The section entitled +Delete your Heeroo Data Management System account explains how you can delete your account and what happens to your personal information once your account has been deleted.


    Disclosure of Personal Information We share personal information, including health-related information, with the following parties, and in each case, only the minimum amount of personal information necessary for the purposes for which the third party is engaged is shared:

    • Healthcare Providers: If your healthcare provider has created a professional user account in the Heeroo Data Management System, your healthcare provider can use the Heeroo Data Management System to create patient profiles and connect your reader to their data management system account to view and print a patient report and remotely view patient reports and share these reports with other professionals in their practice. Heeroo discloses this information in accordance with its contract with your healthcare provider and processes this data as a "processor." At the request of your healthcare provider, Heeroo may also share your personal information with your healthcare provider's electronic medical records system (but only in countries where this is permitted or where you have agreed or otherwise consented to such sharing). When Heeroo shares your personal information and health information, it does so under a data-sharing agreement with your healthcare provider.
    • IUCPQ and Partner Universities: We share your personal information with the Institut Universitaire de Cardiologie et de Pneumologie de Québec and other university centers for research purposes and to improve our services, but also to offer you the most optimal services at the forefront of scientific discoveries.
    • MIND-MAP: We share your personal information with our parent company to assist us as a subcontractor in the process of de-identification, pseudonymization, aggregation, and/or anonymization, and we assist in IT operations to support the diagnostic data platform. MIND-MAP (a subsidiary of Heeroo) as the developer and operator of Heeroo and the Heeroo app, will process your personal information, including health-related information, as a "processor." MIND-MAP may need to process personal information to resolve a customer service or technical issue when the problem cannot be resolved by your local Heeroo customer support team.
    • Third-party Providers: We share personal information with third-party providers only to provide, maintain, host, and support the Heeroo Data Management System. Heeroo uses Amazon Web Services (AWS), Microsoft Azure, and other cloud providers (see below) to host the Heeroo Data Management System accounts in the cloud. We provide your personal information to third-party providers to help us deliver your Heeroo Data Management System account; they are required to keep your personal information confidential and secure and to use your personal information to the minimum extent necessary. Where possible, Heeroo uses third-party service providers to report system errors so that we can support and improve the Heeroo Data Management System and, in such cases, the information sent to these third parties does not involve the use of your personal information. Heeroo uses third-party service providers to deliver the Heeroo Data Management System and the Heeroo app. For example, we use third-party service providers to report when the Heeroo app crashes or encounters certain analytic errors so that we can support and improve the apps, and when such crashes or analytic errors occur, the app will send certain information about the incident to these third parties. The information sent to these third parties does not involve the use of your personal information. For users of the Heeroo app with Android devices, Android requires that location service permissions be granted to connect apps with Bluetooth devices (whether or not you are logged into a Heeroo Data Management System account). Google's location services include features that collect precise user location data, including GPS signals, device sensors, Wi-Fi access points, and cell tower IDs. These data will be collected by Google if a user allows access to their location. For more information about Google's privacy practices concerning these data, please visit the Android support website. After the initial connection between the Heeroo app and a sensor, you can choose to stop sharing location data with Google using your mobile device settings, but you will need to enable Google location services to connect a new sensor. Heeroo will not use your personal information derived from Google's location services. Heeroo also uses third-party providers to send surveys and collect your responses for research purposes, and, if required by law, will obtain your consent to do so.
    • Local Companies Affiliated with Heeroo: When you agree to receive direct marketing communications from us, we may share your personal information with local companies affiliated with Heeroo with whom we jointly market a product or service or conduct a program or activity. This will only occur when you consent to sharing, for example, when you agree to receive marketing communications from Heeroo (or its affiliates) as described in this privacy notice. When we need the help of Heeroo companies in your country for diagnostics/troubleshooting and the fault you reported, we will share the minimum of your personal information necessary for them.
    • Heeroo's Third-party Partners: We may also share your personal information with third parties when you have expressly asked us to do so and/or consented to share your personal information, including when you use the sharing feature in the Heeroo Data Management System. When you use this sharing feature, your personal information, including health information from your sensor or reader, such as your glucose targets, glucose values, recorded insulin, recorded food, exercise, and other recorded notes may be shared. When you choose to share your personal information on Heeroo platforms, including health information, the use of your personal information, including health information by the third-party partner of Heeroo is not governed by this privacy notice and will be governed by the third-party's privacy policy. You can choose to stop sharing the data from your Heeroo Data Management System account at any time by ceasing to use Heeroo platforms and tools. Please then inform your Heeroo medical advisor.
    • Other Third Parties: We may share anonymized, pseudonymized, aggregated, and/or anonymized information with Heeroo-affiliated companies and with other third parties for related research purposes as indicated above. These are details that Heeroo holds and ensures the security of and will not be used to individually identify you by your name or email address. We will not sell or license your personal information to third parties, except in the context of the sale, merger, or transfer of a product line or division, so that the purchaser can continue to provide you with information and services. We will not sell your personal information for commercial purposes to third parties, and we may only share your personal information with third parties when you have given your consent or when the law allows it. We reserve the right to disclose your personal information to respond to requests from any competent law enforcement agency, regulatory body, government entity, court, or other third party when we believe disclosure is necessary or appropriate to comply with a regulatory requirement, judicial procedure, court order, government request, or legal process served on us, or to protect the safety, rights, or property of our clients, the public, Heeroo, or others, and to exercise, establish, or defend the legal rights of Heeroo or when we believe it is necessary to investigate, prevent, or take measures concerning illegal activities, suspected fraud, situations involving potential threats to the safety of any person, violations of this privacy statement, or as evidence in litigation in which we are involved. Your personal information may be subject to foreign laws and may be accessible by foreign governments, courts, law enforcement agencies, and regulatory bodies.

    How to Share Information with Your Healthcare Provider

    The Heeroo Data Management System allows users to share information with healthcare providers and professional users of Heeroo. When you use the sharing feature in the Heeroo app, we may share your personal information with your healthcare provider or with other third parties. We may also share your personal information with third parties when you have expressly asked us to do so and/or have given your consent to share your data with our partners and third parties. You can choose to share information with healthcare providers by allowing your healthcare provider to connect your reader to their professional user account in the Heeroo Data Management System or by using the sharing feature in the Heeroo app. When you use the Heeroo app's sharing feature, you can send reports containing your personal information and blood glucose data to your healthcare provider. When your healthcare provider has created a professional user account in the Heeroo Data Management System, they have the ability to use the Heeroo Data Management System to create patient profiles and connect your reader to their data management system account to view and print a patient report, remotely view patient reports, and share these reports with other professionals in their practice. When you provide your healthcare providers with access to your Heeroo Data Management System account, or when your healthcare provider creates a Heeroo Data Management System account for you, Heeroo (through the Heeroo Data Management System) will process your personal information on behalf of your healthcare provider to protect your vital interests as determined by your healthcare provider. Heeroo will process your personal information, including health information, as a “processor” for the healthcare they provide you in order to protect your vital interests, and your healthcare provider will be the controller of your personal information in such cases. Heeroo may also share your personal information with your healthcare provider when you have consented or chosen to connect your Heeroo Data Management System account to your healthcare provider's electronic medical records system if you are located in a country that requires such consent.


    Personal Information Security

    We have implemented administrative, technical, and physical protection measures to protect your personal information, including health information, against unauthorized or illegal access, accidental loss, destruction, damage, misuse, disclosure, and alteration, including the use of cryptographic technologies. Heeroo restricts access to personal information to its employees on a need-to-know basis. Personal information, including health information, can only be accessed by duly authorized personnel, respecting the principles of proportionality and necessity, and all personal information is treated confidentially. Please keep in mind that no Internet or Wi-Fi transmission is 100% secure, so please exercise caution when uploading personal information, especially health information, to your Heeroo Data Management System account. Heeroo sensors transmit personal information on metabolic markers such as, but not limited to, to mobile apps and Heeroo readers using NFC (Near Field Communication) and Bluetooth technologies. Both NFC and Bluetooth are secure means of transferring information between devices. NFC has the additional protection level by requiring very close physical proximity. Encrypted Bluetooth connections for Heeroo sensors are established during an NFC communication between a Heeroo sensor and a Heeroo mobile app. Please note that the Heeroo Data Management System may be unavailable during routine maintenance periods. You are responsible for protecting against unauthorized access to your Heeroo Data Management System account. We recommend securing access to Heeroo by logging out, choosing a robust password for your Heeroo Data Management System account that no one else knows or can easily guess, implementing security settings on your mobile device or computer such as a password to access it, keeping your device locked when not in use, and keeping your account information and password private. Heeroo is not responsible for lost, stolen, or compromised passwords or for any activity on your Heeroo Data Management System account from unauthorized users when caused by you. If you believe your account has been compromised, please contact us as soon as possible at info@Heeroo.com.


    Every user must enter their date of birth and country so that we can determine if the user is a child under the law of their country. If a birthdate characteristic of a child is entered, the user must provide a parent/guardian's email address before a Heeroo Data Management System account is created. The parent/guardian must consent to the child's use of the Heeroo data management system. Following such consent, a Heeroo Data Management System account will be created for the parent/guardian for use by a child. When a child wishes to use features of the Heeroo Data Management System that disclose their personal information, including health-related information, to any other party, the child is prevented from doing so without obtaining the consent of their parent/guardian. Before a child can perform such an action, the parent/guardian must enter their password to enable this functionality. We will send a notice to parents/guardians via their registered email address when these settings have been accessed, and it is the parent/guardian's responsibility to manage these settings for the child. At any time, a parent/guardian can stop the collection of a child's personal information, including health-related information, by requesting Heeroo to delete the Heeroo Data Management System account used by a child by contacting us at info@Heeroo.com. and the team will delete the account used by the child, but we retain the information that has already been or is in the process of being anonymized, aggregated, pseudonymized, and/or anonymized for the purposes stated in the sections entitled +Research and we may need to retain certain personal information as required by law. See +Retention of Personal Information for more information.


    +How individual users can access and correct personal information and your rights

    You can correct the information in your profile (your name, your mobile phone number (if applicable), your country, your date of birth (except for children), your email address, and your password) via the account settings of the Heeroo Data Management System or through the settings of your Heeroo App or Heeroo Application. We are not able to correct or modify the sensor readings that you have uploaded to your Heeroo Data Management System account or the data downloaded from a Heeroo reader, but we will assist you in deleting your Heeroo Data Management System account and creating a new one so that you can upload the correct information. Depending on your place of residence, you may have the right to: (a) access personal information we hold about you; (b) ask us to correct any inaccurate personal information we hold about you; (c) delete any personal information we hold about you; (d) restrict or stop processing personal information we hold about you; (e) object to the processing of personal information we hold about you; and/or (f) receive all personal information you have provided to us based on your consent in a commonly used and machine-readable structured format or have such personal information transmitted to another company using the export function in your Heeroo Data Management System account, when accessible. Please note that Heeroo is not required by law to adopt or maintain systems that are technically compatible with other companies. It may be that Heeroo cannot directly transmit your personal information to another company. Children may also have the right to access personal information held about them via the Heeroo Data Management System. When we receive a request for access to a child's personal information from the child's parent/guardian, we may respond directly to the parent/guardian of the child. We will always seek to verify the identity of the person seeking access to a child's information, whether it is the child themselves or a parent or guardian. To request the exercise of these rights, please contact us using one of the methods described in the section entitled +Contact Us.

    +Delete your Heeroo Data Management System account

    If you wish to delete your Heeroo Data Management System account, you can do so by logging into your Heeroo Data Management System account via www.Heeroo.com and using the account deletion feature. Please note that if you delete your account, all data from the Heeroo Data Management System account will be deleted, but we retain information that has already been or is in the process of being anonymized, aggregated, pseudonymized, and/or anonymized for the purposes stated in the sections entitled +Research. We may also need to retain certain personal information when required by law. See +Retention of Personal Information for more information. Once your Heeroo Data Management System account is deleted, you will no longer have access to the Heeroo Data Management System, and the deletion of your account is irreversible. Therefore, you are not able to reactivate your Heeroo Data Management System account or retrieve personal information, including health-related information, so you may download and save the required information before asking us to delete your Heeroo Data Management System account. If you have chosen to share the information from your Heeroo Data Management System account with your healthcare provider or with other connections and you delete your account, these people will no longer be able to see your metabolic readings. Please note that if your healthcare provider has created their own account in the Heeroo Data Management System and created a patient profile that is specific to you, the deletion of your account from the Heeroo Data Management System may have no effect on the account or patient profile created by your healthcare provider.

    +Third-Party Links to Heeroo

    Heeroo may contain links to third-party websites. Any access and use of these linked websites are not governed by this privacy notice but are rather governed by the privacy notices specific to each of these third-party websites. We are not responsible for the information practices of these third-party websites.

    +Contact Us

    If you have any questions, comments, or complaints regarding our privacy practices, or if you wish to exercise any of your rights outlined in the section entitled +How individual users can access and correct personal information and your rights, please contact us by clicking on the "Contact Us" link on any of our websites or by emailing us at info@Heeroo.com. You can also contact your Heeroo medical advisor.

    +Changes to this Privacy Notice

    If we make significant changes to our privacy practices, an updated version of this privacy notice will reflect those changes. You will be notified of updates to this privacy notice by email, via the Heeroo app, or during your next login to Heeroo. You will be notified if there is a new version of this privacy notice and will be invited to read and accept it so that you can continue to access and use your Heeroo Data Management System account through the Heeroo sensor or Heeroo application. Notwithstanding your rights under applicable law, we reserve the right to update and modify this privacy notice without prior notice to reflect technological advancements, legal and regulatory changes, and good business practices to the extent that it does not modify the privacy practices as set out in this privacy notice. If you do not accept the changes made to this privacy notice, you must delete your Heeroo Data Management System account by logging into your account via www.Heeroo.com or by using the account deletion feature. See +Retention of Personal Information for more information.


    Please note that all personal information, including health information you provide directly via the Heeroo Data Management System or that is provided to us by your healthcare provider, or shared by you with your healthcare provider via Heeroo may be protected by the Health Insurance Portability and Accountability Act and its implementing regulations ("HIPAA"), and Heeroo may use and disclose your personal information in accordance with our notice on Heeroo's privacy practices available on Heeroo. When you share your personal information, including health information, with us directly or with your healthcare provider via the Heeroo Data Management System and you agree to receive marketing communications from Heeroo, you authorize Heeroo to use and disclose your personal information so that Heeroo (or its affiliates) may send you advertising and marketing information about mental health care or other products and services. You understand that once your information is disclosed pursuant to this authorization, it may be re-disclosed and may no longer be protected by HIPAA. You understand that neither Heeroo nor your healthcare providers can condition your treatment, payment, insurance enrollment, or eligibility for benefits on your choice to accept marketing communications from Heeroo. This authorization will remain in effect as long as you share personal information with us directly or with your healthcare provider via the Heeroo Data Management System account and agree to receive marketing communications. You understand that you can revoke this authorization at any time by opting out of receiving marketing communications by clicking the unsubscribe link at the bottom of marketing emails we send you, by changing your Heeroo preferences, or by contacting us at info@heeroo.com, but that this revocation will only apply to the extent that we have not already acted on this basis.


    © 2024 Heeroo. All rights reserved DOC0001-001_rev-A_fr-CAN