Last updated: March 15, 2022
We care about your privacy and personal data
This policy describes our privacy practices – what Personal Information we collect about our Users, what we do with it, how we share it, and your rights regarding that Personal Information.
To read more about our privacy and data protection practices and how we use your data please see our privacy frequently asked questions section available at our website.
2. Your Consent – Please read Carefully!
3. Audio and Visual Data of Users
Cameras and microphones are utilized by ElliQ to enable interaction with and by ElliQ and the User. The Cameras and microphones monitor their immediate surroundings and ambient sound to detect whether the User is nearby, be prompted to receive and act upon User’s vocal instructions, and consider whether to initiate communication with the User. The ElliQ Devices will provide a visual light ring indication, to reflect that its microphone is on and is sensing the rooms sounds.
4. What types of data and information we may collect in connection with your use of the Services?
We may collect two types of data and information when a user uses or accesses ElliQ or the Services:
● Personal Information, which is information that identifies an individual or may with reasonable effort identify an individual, either alone or in combination with other information (such as an identification number), or may be of private or sensitive nature, all unless anonymized. Such categories of Personal Information may include:
○ Contact details of Users or User connected parties (e.g. family members) and billing information;
○ Demographic data (e.g. date of birth);
○ Lifestyle preferences and habits information (e.g. food likes and dislikes/ allergies/ sleeping habits);
○ Usage information and the contents of your interaction with ElliQ, which may include text/video/audio data of such communications;
○ Information you instruct us to obtain on your behalf through the Services from Compatible Services and Integrated Services.
○ The contents of your interaction with the Intuitions Robotics Team, which may include text/video/audio recording and transcripts of such communications, either via ElliQ or in any other communication method;
○ Health and wellbeing information you provide us through the Services or that you otherwise instruct us to obtain on your behalf through the Services, e.g. health data reported by you, physiological data, diagnosis, test results, treatments and prescriptions, and additional information relating to a User’s Health and wellbeing status. For more information regarding our assumed duties and privacy practices with respect to personal health information (PHI) please refer to Annex A: “PHI - Notice of Privacy Practices”);
○ Feedback, questions and complaints information;
○ Usage logs information;
○ Billing Information;
○ Location Data;
○ User login data;
○ Information mandated by Law: Information we are required or authorized by applicable national laws to require Users to provide us in order to authenticate or identify them or to verify the information we have collected or otherwise provide them with our Services.
● Non-personal Information, which is non-identifying and non-identifiable information, without particular reference to the identity of the User from or about whom such information was collected.
For the avoidance of doubt, any Non-personal Information connected or linked to any Personal Information shall be deemed as Personal Information as long as such connection or linkage exists. In this context it is important to note that Health Information may be categorized as either Personal Information or Non-Personal Information in accordance with the definitions above and the characteristics of each specific item of Health Information.
5. How do we collect personal information from our Users?
a. We collect Personal Information (including Health Information) from you that you voluntarily and actively provide us when you use or interact with our Services
By this, we refer to Personal Information (including Health Information) that you input to the Services or voluntarily make available for ElliQ to capture through the ElliQ sensors (microphone, camera, touchscreen etc.) in the course of your use of the Services. Such information may include:
● Registration Information: When a User registers for the Services or updates their Account details, such User will be required to provide us with his/her full name, e-mail address, phone number, wi-fi credentials, full address, date of birth, gender, family members, demographic and living situation details, billing information, and certain health conditions and wellbeing information. The User may also be required to input certain personal details which are related to the Services provided.
● Personal Information (including Health Information) transmitted by the User or received on behalf of the User from Compatible Services and Integrated Services, in the course of using the Services: In the course of using the Services, the User may share Personal Information (including Health Information) actively and voluntarily, such as the User’s preferences and habits, the Users’ wellbeing information such as sleep quality, food consumption, water intake, and the User’s health status, such as medication consumption, blood pressure test results, body temperature test results etc. or otherwise have the Services obtain such information on its behalf from Compatible Services and Integrated Services.
b. We collect Personal Information automatically when you use the Services.
This is information which we automatically receive from ElliQ, when you access or interact with our Services that concern the manner in which ElliQ or otherwise the Services are used or interacted with, and any information which is derived, learned, or detected as a result of such access or interaction. This information includes, but is not limited to:
● Technical Data. Wi-Fi data, the Internet Protocol (IP) address, Device Identifier, geolocation, time zone, the period of time the User interacted with ElliQ, the User’ response time, and other related timestamps and metadata.
● Usage Data and Inferences Thereof. Information concerning when, how and where was ElliQ and the Services used or accessed by the User.
c. We collect Personal Information (including Health Information) from other sources.
● Solely pursuant to your explicit consent, pursuant to your request and on behalf of you, we may receive information from other sources, such as from your authorized representatives, such as your primary contact added by you or your healthcare provider (e.g. doctor, private medical facility or otherwise) for the purpose of providing the Services to you. The information received may include names, address details, authorized representative information and health information, such as the treatments you receive and your medication consumption. Please refer to Annex A: “PHI – Notice of Privacy Practices” for more information regarding our assumed duties and our privacy practices with respect to your PHI.
6. Our legal basis for collection and use of your information
● With your consent: We ask for your agreement to process your information for specific purposes and you have the right to withdraw your consent at any time.
● When performing our services and providing them to you under the Terms: We collect and process your Personal Information in order to provide you with the Service, following your acceptance of the Terms; to maintain and improve our Service; to develop new services and features for our Users; and to personalize the Services for you in order to ensure a better user experience.
7. Why do we collect personal information?
We use your Personal Information for the following purposes:
● To provide, operate and bill for, the Services;
● To provide you with a personalized experience of the Services.
● To provide you with ongoing customer assistance and technical support;
● To be able to contact you with general or personalized service-related notices and promotional messages (as further detailed in Section 8 below);
● To provide you with professional assistance, only upon your request;
● To further develop, customize, expand, and improve our Services, based on Users’ common or personal preferences, experiences and difficulties;
● To help us to update, expand and analyze our records to identify new customers;
● To determine your eligibility to use ElliQ;
● To create aggregated statistical data and other aggregated and/or inferred information, which we, our business partners and your Health Care Provider (when applicable) may use to provide and improve our respective Services;
● To enhance our data security and fraud prevention capabilities; and
● To comply with any applicable laws and regulations, and/or respond to or defend against legal proceedings brought against us or our affiliates.
8. How we share your personal data with third parties
We keep the information processed by us in strict confidence and only share your information with third parties in very limited circumstances and for very specific purposes, as described below:
● Business partners, suppliers and subcontractors, whose services and solutions complement, facilitate and enhance our own. These include hosting, database and server co-location services, data analytics services, and systems that analyze crashes, functionality and usability and our business, legal and financial advisors (collectively, "Third Party Service Providers").
Such Third-Party Service Providers may receive or otherwise have access to your Personal Information, depending on each of their particular roles and purposes in facilitating and enhancing the Service, and may only use your Personal Information for such purposes. Such disclosure or access is strictly subject to the recipient's or user's undertaking of confidentiality obligations, and the prevention of any independent right to use this data except as required to help us provide you the Service.
● With Compatible Services approved by you for such purpose.
● Any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries for the purposes set out above;
If Intuition Robotics or substantially all of its assets are acquired by a third party, in which case personal data held by it about its members and customers will be one of the transferred assets. We will notify you of this event and the choices you may have via e-mail and/or prominent notice on our Services.
● Law enforcement, legal proceedings, and as authorized by law, pursuant to a legal requirement or request, such as a subpoena, search warrant or court order, or in compliance with applicable laws and regulations. Such disclosure or access may occur with or without notice to you, if we have a good faith belief that we are legally required to do so, or that disclosure is appropriate in connection with efforts to investigate, prevent, or take action regarding actual or suspected illegal activity, fraud, or other wrongdoing.
● We may (but are not obligated to) share your Personal Information with others, with or without notice to you, in cases of emergency or if we believe in good faith that this will help protect the rights, property or personal safety of our company, any of our Users, or any members of the general public.
We may share anonymized information with third parties such as our partners, research groups, universities, advertisers or connected sites.
9. Where we store your personal data
Your information will be maintained, processed and stored by us and our authorized affiliates (as applicable) in secured cloud storage, provided by our Third-Party Service Providers.
10. Security of your personal data
We take great care in implementing and maintaining the security of the Services and of your Personal Information. We employ industry standard procedures and policies to ensure the safety of your information, reduce the risks stemming from loss of information and prevent unauthorized use of any such information. However, we do not and cannot guarantee that unauthorized access will never occur and reiterate that no measure can provide absolute information security.
11. How long do we keep your information?
We will retain your personal information for as long as you use our Services and for a reasonable time thereafter. After you have terminated your use of our Services, we will retain your personal information for at least 6 years and thereafter may store it in an aggregated and anonymized format, or as otherwise necessary to comply with applicable laws and regulations.
If you withdraw your consent to us processing your Personal Information, and notify us of such withdrawal to our customer support, we will delete your Personal Information from our systems (except to the extent such data in whole or in part is required to comply with any applicable rule or regulation and/or to respond to or defend against legal proceeding brought against us or our affiliates).
12. Your rights
If the law applicable to you grants you such rights, you may ask to access, correct, or delete your Personal Information that is stored in our systems. You may also ask for our confirmation as to whether or not we process your Personal Information.
Subject to the limitations in law, you may request that we update, correct, or delete inaccurate or outdated information. You may also request that we suspend the use of any Personal Information whose accuracy you contest while we verify the status of that data.
Subject to the limitations in law, you may also be entitled to obtain the Personal Information you directly provided us (excluding data we obtained from other sources) in a structured, commonly used, and machine-readable format and may have the right to transmit such data to another party.
If you wish to exercise any of these rights, contact us with an explicit request at our Support Services at (855)-888-1295 or at firstname.lastname@example.org.
When handling these requests, we may ask for additional information to confirm your identity and your request.
Please note, upon request to delete your Personal Information, we may retain such data in whole or in part to comply with any applicable rule or regulation and/or to respond to or defend against legal proceedings brought against us or our affiliates
13. Additional Information for California Residents
If you are a California resident using the Services, the California Consumer Privacy Act (“CCPA”) may provide you the right to request access to and deletion of your Personal Information.
In order to exercise the right to request access to and deletion of your Personal Information, please see the information on section 12, above. We do not discriminate based on the exercise of any privacy rights that you might have under this Section.
Intuition Robotics does not sell user Personal Information to third parties for the intents and purposes of the CCPA.
All requests must be labeled “California Removal Request” on the email subject line. All requests must provide a description of the content you want removed and information reasonably sufficient to permit us to locate that content. We do not accept California Removal Requests via postal mail, telephone, or facsimile.
Please note, upon request to delete your Personal Information, we may retain such data in whole or in part to comply with any applicable rule or regulation and/or to respond to or defend against legal proceedings brought against us or our affiliates.
14. Questions and Complaints
Our Privacy team will investigate the complaint and determine whether a breach has occurred and what action, if any, to take. We take every privacy complaint seriously and will make all reasonable efforts to resolve your complaint promptly and in accordance with applicable law.
You can file a complaint with your local supervisory authority for data protection at any time, however we recommend that you contact us first so we can try to resolve it.
Annex A: Personal Health Information (PHI) - Notice of Privacy Practices
1. SCOPE AND APPLICABILITY
Since the Services are, in their essence, digital companion services which we provide to the User, at the User request and on the User behalf, they are not subject to the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).
However as we take the confidentiality of your health information very seriously we use our best reasonable efforts to adopt the strict rules of HIPAA in maintaining the privacy of Protected Health Information as such term is defined under the HIPAA ("PHI") and to provide you with notice of our assumed duties and privacy practices with respect to PHI (“NPP”).
This NPP describes how we may use and disclose PHI about you, as well as how you obtain access to such PHI. This NPP also describes your rights with respect to your PHI.
2. WHAT IS PHI?
PHI is information that may identify you and that relates to your past, present, or future physical or mental health or condition, the provision of health care products and services to you or payment for such services.
3. USE AND DISCLOSURES OF PHI
● Treatment. We may use and disclose your PHI to provide and coordinate the treatment and services that you request to receive from us. For example, we may disclose PHI to pharmacists, doctors, nurses, and other personnel involved in your health care. This helps to coordinate your care and make sure that everyone who is involved in your care has the information that they need about you to meet your health care needs.
● Payment. We may use and disclose your PHI in order to obtain payment for the health care products and services provided to you through the ElliQ Solution. For example, with your permission, we may contact your insurer, pharmacy benefit manager or other health care payor to determine whether it will pay for health care products and services you need and to determine the amount of your co-payment. The information on or accompanying the bill may include information that identifies you, as well as information about the Services or products that were provided to you. We may also disclose your PHI to other health care providers or HIPAA covered entities you are associated with, who may need it for their payment activities related to their engagement with you.
● Healthcare Operations. We may use PHI to improve the Properties and Services, marketing activities permitted under HIPAA (such as suggesting a health-related product that we make available to our Users or analyzing the benefits of using the ElliQ Solution), customer support, and other internal business management purposes.
WE MAY ALSO USE AND DISCLOSE YOUR PHI WITHOUT YOUR PRIOR AUTHORIZATION FOR THE FOLLOWING PURPOSES:
● Third-Party Business Associates and Subcontractors. We may contract with third parties to perform certain services for us, such as billing services, or consulting services. These Third Party Service Providers, referred to as Business Associates and/or Subcontractors, may need to access your PHI to perform services for us and in such case we will use our best efforts to ensure they are required by contract and law to protect your PHI and only use and disclose it as necessary to perform their services for us.
● To Communicate with Individuals Involved in Your Care or Payment for Your Care. We may disclose to a family member, other relative, close personal friend, or any other person you identify as a designated point of contact, PHI directly relevant to that person's involvement in your care or payment related to your care. If a person has the authority by law to make health care decisions for you, we will generally regard that person as your "personal representative" and treat him or her the same way we would treat you with respect to your PHI.
● Food and Drug Administration ("FDA"). We may disclose to persons under the jurisdiction of the FDA, PHI relative to adverse events with respect to drugs, foods, supplements, products and product defects, or post-marketing surveillance information to enable product recalls, repairs, or replacement.
● Public Health. We may disclose your PHI to public health or legal authorities charged with preventing or controlling disease, injury, or disability, including the FDA.
● Law Enforcement. We may disclose your PHI for law enforcement purposes as required or permitted by law for example, in response to a subpoena or court order, in response to a request from law enforcement, and to report limited information in certain circumstances.
● Health Oversight Activities. We may disclose your PHI to an oversight agency for activities authorized by law. These oversight activities include audits, investigations, inspections, and credentialing, as necessary for licensure and for the government to monitor the health care system, government programs and compliance with civil rights laws.
● Judicial and Administrative Proceedings. If you are involved in a lawsuit or a dispute, we may disclose your PHI in response to a court or administrative order. We may also disclose your PHI in response to a subpoena, discovery request, or other lawful process instituted by someone else involved in the dispute, but only if efforts have been made, either by the requesting party or us, to first tell you about the request or to obtain an order protecting the information requested.
● As Required by Law. We will disclose your PHI when required to do so by federal, state or local law.
4. YOUR HEALTH INFORMATION RIGHTS:
● Obtain a paper copy of the Notice upon request. You may request a copy of our current Notice at any time. Even if you have agreed to receive the Notice electronically, you are still entitled to a paper copy. You may obtain a paper copy at our site, at: www.elliq.com/pages/elliq-privacy-policy, or by contacting us at: email@example.com.
● Request a restriction on certain uses and disclosures of PHI. You have the right to request additional restrictions on our use or disclosure of your PHI by sending a written request to firstname.lastname@example.org. We are not required to agree to the restrictions, except in the case where the disclosure is to a health plan for purposes of carrying out payment or health care operations, is not otherwise required by law, and the PHI pertains solely to a health care item or service for which you, or a person on your behalf, has paid in full.
● Inspect and obtain a copy of PHI. With a few exceptions, you have the right to access and obtain a copy of the PHI that we maintain about you. If we maintain an electronic health record containing your PHI, you have the right to request to obtain such PHI record in an electronic format. To inspect or obtain a copy of your PHI, you must send a written request to email@example.com. You may ask us to send a copy of your PHI to other individuals or entities that you designate. We may deny your request to inspect and copy in certain limited circumstances. If you are denied access to your PHI, you may request that the denial be reviewed.
● Request an amendment of PHI. If you feel that the PHI we maintain about you is incomplete or incorrect, you may request that we amend it. To request an amendment, you must send a written request to firstname.lastname@example.org. You must include a reason that supports your request. If we deny your request for an amendment, we will provide you with a written explanation of why we denied it.
● Receive an accounting of disclosures of PHI. Apart from certain disclosures, you have a right to receive a list of the disclosures we have made of your PHI, in the six years prior to the date of your request, to entities or individuals other than you. To request an accounting, you must submit a request in writing to email@example.com. Your request must specify a time period.
Notification of a Breach. You have a right to be notified following a breach of your unsecured PHI.