well privacy policy.
This Privacy Policy explains how data that you share with Well is processed and protected.
The terms “user” and “you” refer to a person that uses Well Application (“Well”, “App” or “Well App”), visits Stoic website, interacts with Stoic social media (together as “Services”) or contact Well or Stoic.
The terms "Well", “Stoic” and “we” refer to a company incorporated in the US which is responsible for processing personal data as described in this Privacy Policy:
Stoic App Inc.
2261 Market Street #4243
San Francisco, CA 94114
DATA WE PROCESS
1. Data from Well App
Well has no access to user’s account data, Apple ID or Google ID. We do not collect user’s name or contact details (unless user contacts us directly).
When you open Well App we automatically collect certain data about the App and how you engage with it, such as your device Internet Protocol (“IP”) address, approximate location, the pages of the App that you open, time, type, frequency and duration of your activities in the App.
We do not have access to any content you add in the App, for instance notes in the diary. We can also not see what questions are displayed to you in the App and what answers you give.
Example: we know that a person with a certain IP address was meditating on 25th of March 2021 from 9am till 9.30am and then made a note, but we do not have access to that note.
Some of the data we collect we do not obtain directly from the App but from third parties - analytic services we cooperate with to give you the best experience. For this purpose cookies may be installed on your device. Well does not use cookies for marketing, advertising, sold to third parties purposes. The only cookies Well App uses are those provided by analytical services we cooperate with to obtain information on users’ activity in the App.
In case of an error of the App we collect data and information (through third party products) on your phone called Log Data. This Log Data may include information such as your device Internet Protocol (“IP”) address, device name, operating system version, the configuration of the App when utilizing service, the time and date of your use of the service, and other statistics.
When user utilizes AI features in the Well app data such as user’s input are collected by AI services we cooperate with. This information may be stored on OpenAI servers and Well app Inc. is not responsible for its safety at any moment.
Legal grounds:
Contract – the data we process are necessary to provide you with service which is delivering content and exercises that address your individual needs. It’s also necessary to fix technical problems that may occur while using the App
Legitimate interest – we process data to develop our service and offer users more advanced product.
1. Purchase and financial data
Well has no access to users’ Apple ID and financial information they provide in the process of purchasing Well App subscription.
We do not collect and do not have access to your name, address, phone number, e-mail address, id number, credit card information, bank account details or anything else that can personally identify you while you make a purchase.
Purchases made through the Apple In-App purchase feature are subject solely to Apple’s terms and conditions and Apple’s Privacy Policy.
Well is not liable for any in-app purchases. You can request a refund directly from the Apple App Store here.
Revenuecat is a service provider that imposes the performance of the purchasing process.
The controllers for your financial data are the entities listed above.
2. Contact data
If user contacts Well we collect user’s data.
We collect data you share when you contact us either directly or fill in form on our website. When you contact us via email we collect your email address and may collect your name or other contact details (ie. telephone number) if you provide us with them. The contact form requires giving your name and email address.
We have access to detail of your social network profile if you contact us via Facebook, Instagram, LinkedIn, Twitter, Discord, or Mastodon.
Data we collect includes also content of the messages you send us.
We use this data to give you response and research your question or concerns properly.
If you express interest in our Services and send us your contact details we may occasionally send you message in connection with our Services we present information and offerings from Well. If you do not wish to receive any further information from us, you can object by clicking the link which you will find in email received from us or by sending us a message with your request.
Legal grounds:
Contract – address requests and get feedback regarding Services.
Legitimate interest – contact regarding new App features, update or useful information about Services etc.
3. Data from Stoic and Well website
When user visits Stoic website limited analytical data such as user’s device Internet Protocol (“IP”) address, approximate location, the pages opened, time and duration of the visit is collected by analytical services we cooperate with.
For this purpose cookies may be installed on your device. Well does not use cookies for marketing, advertising, sold to third parties purposes. The only cookies Stoic website uses are those provided by analytical services we cooperate with to obtain information on website usage and traffic.
Legal grounds:
Legitimate interest - we process data to understand visitors’ needs and develop our Services.
4. Social media data
Well maintains social media profile pages on Facebook, Instagram, LinkedIn, Twitter, Discord, and Mastodon ("fan pages").
When you visit our fan pages, Well collects communications, content and other information that you provide us. If you have an account on Facebook, Instagram, LinkedIn, Twitter, Discord, or Mastodon, we automatically have access to your public information.
Whenever you interact with fan pages, Facebook, Instagram, LinkedIn, Twitter, Discord, or Mastodon uses cookies and similar technologies to track the usage behaviour of fan page visits. On this basis we receive only statistical, depersonalised (anonymised) information about visitors to our fan page. We do not have access to your personal information which is performed exclusively by Facebook, Instagram, LinkedIn, Twitter, Discord, or Mastodon.
Legal basis:
Consent – you may adjust your preferences through your Facebook, LinkedIn, Twitter, Discord, or Mastodon settings.
RETENTION PERIOD
We will keep your data as long as it is necessary for the purposes described above.
When you rise valid objection to receiving information from us or processing your personal data on legitimate interest basis we will keep your data no longer than it is necessary to perform the contract or for legal purposes.
Retention period for personal data from social media lasts as long as the relevant page, content or user exists on Facebook, LinkedIn, Twitter, Discord, or Mastodon.
PARTNERS
We work with third-party service providers to provide website and application development, hosting, maintenance and backup.
We share users’ data with analytical services that support us with data analyses.
Personal data related to subscriptions and payments are – as it was explained above – solely processed by relevant App Stores providers and do not lie within Well competence.
When using Well App, you may agree that we will share some health-related information with third party devices and services, such as Apple HealthKit. We do not share your information without your permission.
CHILDREN
Well App is not directed to individuals under the age of sixteen (16) and we do not knowingly collect personal data from children under age of 16. However, if law requires that you must be older in order for Well to lawfully process your personal data without parental’s consent then you must acquire this minimum age.
USER’S RIGHTS
General user’s rights
You can access, correct or change your personal information. You can change most of your information yourself in the Well app. For other cases please contact us.
If we rely on your consent in order to process certain personal data, you have right not to provide your consent or to withdraw your consent at any time. This does not affect the lawfulness of the processing based on consent before its withdrawal.
Well App provide you with ability to obtain your data and easily transfer them to other service provider.
You can anytime decide to delate your data – it will be done automatically when you remove Well App from your device.
If you do not wish to receive information from Well, you can any time object by clicking the link which you will find in an email received from us.
Additional user’s rights under GDPR
If GDPR applies to you can exercise additional rights such as:
- Right to object. In certain circumstances, you may have the right to object processing your personal data by Well (for example when legal basis for processing is Well’s legitimate interest and there are no legal grounds to refuse the request).
- Right of erasure. In certain circumstances, you may have the right to the erasure of personal data that we hold about you (for example if it is no longer necessary for the purposes for which it was originally collected).
- Right to restrict processing. When you contest the accuracy of your information, believe we process it unlawfully or want to object against the processing, you have the right to temporarily stop the processing of your information.
- If you believe that we violate your data rights, you have the right to file a complaint with relevant data protection authority. We would, however, appreciate the chance to deal with your concerns before you make a complaint so please contact us in the first instance.
Additional user’s rights under CCPA
If CCPA applies to you:
We hereby declare that we do not sale your personal information to a third party in exchange for monetary or other benefits or value; additionally to general user’s rights listed above you have:
• Right of deletion of your personal information that we hold. This is subject to certain exceptions.
• Right to know. You have right to require that we disclose the following information about you we hold:
- categories of personal information collected
- categories of sources of personal information
- categories of personal information we have disclosed or shared with a third party for a business purpose
- categories of third parties with whom we have shared your personal information
- the business purposes for collecting personal information
- a copy of the specific pieces of personal information we have collected about you.
• Right to non-discrimination: the right not to be subject to discriminatory treatment for exercising their rights under the CCPA.
Our European Union representative is:
Maciej Łobodziński
If you have questions or requests regarding your privacy please contact us at m@getstoic.com