Who Controls and Owns HealthMetric?
Management Science Associates, Inc.
(“MSA”) controls and owns HealthMetric.
For more information, contact firstname.lastname@example.org.
If you live in the European Economic Area, United Kingdom, or Switzerland, Management Science Associates, Inc. controls your personal data and provides you with HealthMetric and related services. If you are seeking to exercise any of your statutory rights relating to HealthMetric, please contact our Data Protection Officer at MSADataProtectionOfficer@msa.com. You may also contact MSA at:
Management Science Associates, Inc.
6565 Penn Avenue
Pittsburgh, PA 15206
What Types of Personal Data Does HealthMetric Collect?
When a User accesses or uses HealthMetric, all data entered by the User, including, but not limited to, the following types of Personal Data, are collected:
- All data manually entered into HealthMetric
- All data that has been authorized to use (read and/or write)
- All data collected to establish your account such as:
- your name
- community where you reside
- email address
- cell phone number
- mobile carrier
- HealthMetric username and password.
- IP addresses
- browser type
- phone type
- internet service provider (ISP)
Information We Receive From Your Use of HealthMetric. Your device collects data to estimate a variety of metrics. The data collected varies depending upon which device you use. When your device syncs with our application or software, data recorded on your device is transferred from your device to our servers.
Location Services. HealthMetric includes features that use and collect location data. We collect this type of data if you grant us access to your location. You can always remove our access to your location using the HealthMetric account settings.
Usage Data. When you access or use our services, we receive certain usage data. This includes information about your interaction with the HealthMetric, for example, when you view or search content, install applications or software, create or log into your account, pair your device to your account, or otherwise open or interact with HealthMetric. We also collect data about the devices and computers you use to access HealthMetric, including IP addresses, browser type, language, operating system, mobile device information (including device and application identifiers), the referring web page, pages visited, location (depending on the permissions you have granted us), and cookie information.
Information We Receive From Third-Parties. If you choose to connect your account on our services to your account on another service, we may receive information from the other service. For example, we may receive information like your name, profile picture, age range, language, email address, and friend list. You may also choose to grant us access to your exercise or activity data from another service. You can stop sharing the information from the other service with us by removing our access to that other service.
Health and Other Special Categories of Personal Data. To the extent that information we collect is health data or another special category of Personal Data subject to the European Union’s General Data Protection Regulation (“GDPR”), we ask for your explicit consent to process the data. We obtain this consent separately when you take actions leading to our obtaining the data, for example, when you pair your device to your account or grant us access to your exercise or activity data from another service. You can use your account settings and tools to withdraw your consent at any time, including by stopping use of a feature, removing our access to a third-party service, unpairing your device, or deleting your data or your account.
Failure to provide certain Personal Data may make it impossible for HealthMetric to provide its services.
Some of our pages utilize framing techniques to serve content to and from our partners while preserving the look and feel of our site.
How We Use Information
MSA uses the information it collects from you for the following purposes:
Improve, Personalize and Develop HealthMetric. MSA uses the information it collects to improve and personalize HealthMetric and to develop additional features. For example, MSA uses the information to troubleshoot and protect against errors, perform data analysis and testing, conduct research and surveys, and develop new features and services.
Communicate With You. MSA uses your information when needed to send you service notifications and respond to you. MSA also uses your information to promote new features and/or products it thinks you would be interested in. You can control marketing communications and most service notifications by using your notification preferences in account settings or via the “unsubscribe” link in an email.
Promote Safety and Security. MSA uses the information it collects to promote the safety and security of HealthMetric, its users, and other parties. For example, it may use information to authenticate users, protect against fraud and abuse, respond to a legal request or claim, conduct audits, and enforce its terms and policies.
Personal Data concerning the User is collected for the following additional purposes:
- Analytics within the HealthMetric app;
- Analytics of Health Information collected and/or entered into other health and fitness applications
- Displaying content from external platforms;
- Integrating such Personal Data (in de-identified form) with additional laboratory and other data for use in analytics and related contexts; and
- Providing third parties with information and services in its sole and absolute discretion but in any event, MSA shall do so with my Personal Data only: (i) after my Personal Data has been de-identified; and (ii) for the purposes of health management and/or health research, and I hereby grant MSA complete permission to receive, use, and disclose my Personal Data in de-identified form to such third parties as contemplated under this paragraph.
How and Where Will Personal Data Be Processed?
Method of Processing
MSA processes the Personal Data of Users in a proper manner and takes appropriate security measures to prevent unauthorized access, disclosure, modification, or destruction of the Personal Data.
The Personal Data processing is carried out using computers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated. In addition to MSA, in some cases, the Personal Data may be accessible to certain types of persons in charge, involved with the operation of the site (administration, sales, marketing, legal, system administration) or external parties (such as third party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as data processors by MSA. The updated list of these parties may be requested from MSA at any time.
The Personal Data is processed at MSA’s operating offices and in any other places where the parties involved with the processing are located. For further information, please contact MSA.
The Rights of Users
MSA provides account settings and tools to access and control your Personal Data, as described below, regardless of where you live. If you live in the European Union, European Economic Area, United Kingdom or Switzerland (“the Designated Countries”), you have a number of legal rights with respect to your information, which your account settings and tools allow you to exercise, as outlined below.
Accessing and Exporting Data. By logging into your account, you can access much of your Personal Data, including your dashboard with your daily exercise and activity statistics. To receive the entirety of your Personal Data collected by HealthMetric in a commonly used file format, please contact MSA’s Data Protection Officer at MSADataProtectionOfficer@msa.com.
Editing and Deleting Data. Your account settings let you change and delete certain of your Personal Data. For example, you may edit or delete the profile data you inputted in HealthMetric through your account settings. You may request the entirety of your Personal Data be deleted through the “Help: Privacy Question” section in account settings and submitting a request to MSA. If you choose to delete your account, please note that while most of your information will be deleted within thirty (30) days, it may take up to ninety (90) days to delete the entirety of your information. We may also preserve data for legal reasons to prevent harm. Please note that deleting and/or removing HealthMetric from your device(s) does not delete, or request a delete, of your account and Personal Data.
Objecting to Data Use. We give you account settings and tools to control our data use. For example, through your account settings, you can limit how your information is visible to other users of HealthMetric; using your notification settings, you can limit the notifications you receive from MSA; and under your application settings, you can revoke access of third-party applications that you previously connected to your HealthMetric account.
Restricting or Limiting Data Use. In addition to the various controls that we offer, if you reside in a Designated Country, you can seek to restrict our processing of your data in certain circumstances. Please note that you can always delete your account at any time.
If you need further assistance regarding your rights, please contact our Data Protection Officer at MSADataProtectionOfficer@msa.com, and we will consider your request in accordance with applicable laws. If you reside in a Designated Country, you also have a right to lodge a complaint with your local data protection authority.
Users have the right, at any time, to know whether their Personal Data has been stored and can consult MSA to learn about their contents and origin, to verify their accuracy or to ask for them to be supplemented, canceled, updated or corrected, or for their transformation into anonymous format or to block any Personal Data held in violation of the law, as well as to oppose their treatment for any and all legitimate reasons. Requests should be sent to MSA’s Data Protection Officer at MSADataProtectionOfficer@msa.com.
HealthMetric does not support “do not track” requests.
To understand if any of the third party services it uses honor the “do not track” requests, please read their privacy policies.
MSA works hard and takes precautions to keep your data safe. We utilize a combination of technical, administrative, and physical controls to maintain the security of your data. This includes the measures to encrypt much of the data submitted to and collected by HealthMetric. However, no method of transmitting or storing data is completely secure. If you have a security-related concern, please contact MSA’s Data Protection Officer at MSADataProtectionOfficer@msa.com.
In the case of breach of Personal Data, MSA shall without undue delay notify affected Users by describing the nature of the breach, providing contact information of its Data Protection Officer, and advising of the likely consequences of the breach.
In support of MSA’s efforts to keep your data safe, we recommend Users employ their devices’ password features and ensure that the settings on such devices allow Users to encrypt data.
MSA is committed to providing our members with meaningful information and choices about the information they share through HealthMetric and the services. The GDPR requires organizations to have legal bases to collect, use, share, and otherwise process information about users residing in the European Union. If you habitually reside in the European Union, there are particular rights available to you. While some of these rights apply generally, certain rights only apply depending on the legal bases we rely on to process data. We’ve explained these legal bases and your rights below.
To provide HealthMetric and the Services
With your consent
We ask for your permission to process your Personal Data for certain purposes and you have the right to withdraw your consent at any time. We ask for your consent to:
- Collect or infer health information which is used to provide helpful statistics and visualizations.
- Send you marketing communications.
- Collect and process information from third-party products, services, devices, and apps which are connected to HealthMetric.
When we process data you provide to us based on your consent, you have the right to withdraw your consent at any time via your account settings. You also have the right to port or transfer the data.
Legal obligation or for the establishment, exercise or defense of legal claims
We process data where we have a legal obligation to do so, for example, where we’re responding to valid and binding legal process from law enforcement agencies for certain data. In addition, processing may be needed for us to establish, exercise or defend civil or criminal claims in connection with actual or potential litigation including to protect HealthMetric and related services, our property or other legal rights, including those of our members or partners.
To protect vital interests
We process data where it is necessary to protect an interest which is essential to someone’s life or protect any person from serious bodily injury. This includes processing information to combat harmful conduct both on and off of our Services.
Carrying out a task in the public interest
Where set forth by the law of the European Union or a member state thereof, we may process users’ data to perform processing in the public interest. This may include protecting against harm and undertaking research for social good. You have the right to object to, and seek restriction of, our processing of your Personal Data when we process data using this legal basis.
In furtherance of legitimate interests
We process your information for our legitimate interests, and those of third parties, while applying appropriate safeguards that protect your privacy, rights and interests. We do this to:
- Market HealthMetric and other commercial products or services. For example, our partners may pay us to promote their products, services, events, gear or devices on HealthMetric. This is one of the ways we are able to provide the Services on a sustainable basis. We provide controls and safeguards for our members, including the ability to object.
- Maintain our business by conducting research and continuously improving the services so as to offer innovative and customized offerings to our members and partners.
- Convert it into aggregated form (by removing certain information, such as your name, and combining the resulting information with similar information from other members) for use by us and our partners. Our partners may use this information to improve infrastructure or for other commercial purposes, including developing useful insights.
- Promote the services, including email and in-product marketing campaigns to inform members about our services.
- Encourage users to find new ways to interact, including activities, followers, clubs, or events. We rely on our legitimate interest in retaining members when ensuring that we offer new opportunities of interest to our users.
You have the right to object to, and seek restriction of, our processing of your Personal Data based on legitimate interests. Please contact MSA’s Data Protection Officer at MSADataProtectionOfficer@msa.com if you object to us using your information.
More details concerning the collection or processing of Personal Data may be requested from MSA at any time at its contact information.
Cookie. Small piece of data stored in the User’s/your device.
Usage Data. When you access and use HealthMetric, we may automatically collect certain details of your access to and use of the app or website, including traffic data, logs, and other communication data. We may collect information about your mobile device or computer and internet connection, including the device’s unique device identifier, IP address, operating system, browser type, and phone type.
User. The individual using HealthMetric, which must coincide with or be authorized by the Personal Data subject, to whom the Personal Data refers.
Version 1.2 (Modified 07/30/2019)