Knose Health Privacy Policy

Effective date: Aug 2, 2024


In this Privacy Policy, we explain how EMOTION SENSE LTD (“we” or “us”) collects, stores, uses, and ​protects your personal data when you use our application “Knose” (the “App” or the “application”) or ​website https://knose.health (the “Website”). The Website and the Application are referred to together as ​the “Services”.


In this policy, we also explain your rights in respect of the personal data we hold about you and how we ​protect your privacy.


If you do not want us to process your personal data as described in this Privacy Policy, please do not use ​our App.


1. WHAT PERSONAL DATA WE COLLECT AND WHY


We do not collect any data when you use the Website. When you use the App, we collect certain data ​about you, which we call your Personal Data:


Purpose: To create your account with Knose.

Data categories: public FaceID key.

Collection: When you accept our Privacy Policy, you can sign up using Face ID. When you do, a key pair ​(public + private key) is generated. The private key is stored securely on the device, we don’t have ​access to it, and the public key is sent to our server for registration and is used later for verification of ​cryptographic signature.


Purpose: To connect your data to your account through an anonymised ID.

Data categories: Unique User ID.

Collection: When you accept our Privacy Policy and sign up with Face ID for the first time, we generate a ​Unique User ID for you.


Purpose: To provide you with core features of the App (for example, analysing your health data to detect ​patterns and anomalies).

Data categories: Health data from Apple Health (Activity Summary, Daily Flights Climbed Samples, Daily ​Step Count Samples, Active Energy Burned, Sleep start and end times). Self-reported sleep and activity ​norms.

Collection: This data is collected automatically when we have your Apple Health permissions. You ​provide us with sleep and activity norm information when you start using the App.


Purpose: To analyse our App performance via Google Analytics 4 Firebase, and improve it.

Data categories: Device and App Identifier Data, Approximate geolocation, session statistics, basic app ​usage data, conversion events, app engagement and retention, app stability metrics.

Collection: Collected automatically by GA4F. GA4F has no access to your health data or personal ​information such as name or email.


Purpose: To provide you with customer support.

Data categories: Email Address, Name, contents of communication.

Collection: We see and use this information when you contact Knose support to get help with your ​account.


Purpose: Knose AI Chatbot


The Knose AI chatbot supports you in understanding your health data by analysing the health data ​collected from Apple Health and sharing the insights with you. The chatbot is powered by Google’s ​Gemini AI, and your data is stored securely on Google Cloud servers.


How do we use your personal data?


  • We use your Personal Data in chatbot prompts, including your health data and the contents of your ​communication with the chatbot, so that the chatbot can provide relevant and safe responses to ​your requests.
  • To protect your privacy, we remove any IDs that can be associated with you or your device before ​sharing your Personal Data in chatbot prompts.
  • While communicating with the chatbot, do not provide any information that may directly identify you ​or any other people.


Are my conversations stored somewhere?


No, we do not store contents of your conversation.


2. PERSONAL DATA RETENTION


We keep your Personal Data for as long as your account is active.


If you want to delete your account and the Personal Data associated with it, send us a request at ​support@knose.health. We will delete your account within one month after receiving the request. It may ​take up to 90 days in some cases to complete the full erasure of your personal data stored in our ​backup systems.


To erase the data that is stored on the client in the App, you will simply need to delete the App.

If you choose to deactivate your account or delete the app, your data will not be recoverable if you ​decide to reinstall the app later, although you will still be able to log in using Face ID.


Please note that we may still retain certain data about you if needed because of applicable legislative ​requirements, any potential or ongoing dispute resolution, or in order to enforce our rights.


3. YOUR DATA PROTECTION RIGHTS


If you decide to exercise any of the rights you are entitled to under this section, please contact us at ​support@knose.health.


EEA/UK residents. Individuals residing in the European Economic Area (“EEA”) and the United Kingdom ​(“UK“) have certain statutory rights in relation to their Personal Data including under the General Data ​Protection Regulation (Regulation (EU) 2016/679) (“EEA GDPR“) and the Data Protection, Privacy and ​Electronic Communications (Amendments etc) (EU Exit) Regulations 2020 (SI 2020/1586), as may be ​amended from time to time (“UK GDPR“) (collectively, the “GDPR“), including the rights specified below.


  • Access to and portability of your Personal Data: You have a right to request information about ​whether we have any Personal Data about you and to receive a copy of such Personal Data. To ​request data export, please contact us at support@knose.health using the unique ID of your Knose ​App account, which you can find in Information and Settings
  • Deletion of your Personal Data: If you wish to close your account, you can do so by contacting us at ​support@knose.health using the unique ID of your Knose App account. Please note that we may still ​process some of your data even after honouring your deletion request, such as for the fulfilment of ​our legal obligations or for defence from claims.
  • Restriction of processing: You also have the right to demand restriction of the processing of your ​personal data, for example, if you contest the accuracy of the Personal Data, which inaccuracy is ​verified by us.
  • Right to object to processing or otherwise using your Personal Data: Where we are processing your ​personal data based on our legitimate interest, you may object to the processing or otherwise using ​your personal data.
  • Right to withdraw your consent at any time: Where you may have provided your consent to the ​processing of your personal data for a specific purpose, you have the right to withdraw your consent ​at any time for future processing by contacting us at support@knose.health with the unique ID of ​your Knose App account.
  • The right to lodge a complaint with your local data protection authority. Under GDPR, you have the ​right to lodge a complaint with a local data protection authority in the country of your residence, ​where you work, or where an alleged infringement of the applicable data protection law took place.


Please keep in mind that in case of a vague request to exercise any of the aforementioned rights, we ​may ask for more details if needed to complete your request. If this is impossible, we reserve the right to ​refuse to grant your request.


Following the provisions of the applicable law, we might also ask you to prove your identity in order for ​you to invoke the mentioned rights. We do so to ensure that no rights of third parties are violated by ​your request and that the mentioned rights are exercised by an actual data subject or an authorised ​person.


We will process your request within one month after receiving it. We may extend this period by up to an ​additional two months where necessary, taking into account the complexity and number of the requests. ​If we extend the response period, we will let you know as soon as possible. We will not discriminate ​against you for exercising your rights under the law.


4. SECURITY MEASURES


We use reasonable and appropriate information security safeguards to help keep your personal data ​secure and in an effort to protect it from accidental loss and unauthorised access, use, alteration, and ​disclosure.


Unfortunately, the transmission of information via the Internet is not completely secure. Although we ​take measures to do our best to protect your personal data, we cannot guarantee the security of the ​collected information transmitted to or through our Services or an absolute guarantee that such ​information may not be accessed, disclosed, altered, or destroyed. Any transmission of your personal ​data is at your own risk. We are not responsible for the circumvention of security measures contained in ​the App.


If you want to report a security incident related to our Services, please contact us at ​support@knose.health.


5. CHILDREN’S PRIVACY


Our Services are not intended for or directed at children under 18, and we do not knowingly collect or ​solicit any information from anyone under the age of 18 or knowingly allow any such persons to use our ​Services (in accordance with the eligibility requirements under our Terms and Conditions).

If you are under 18, do not: (i) use or provide any information in our Services or through any of its ​features, or (ii) provide any information about yourself to us, including your name, address, telephone ​number, or email address. If you are a parent or guardian and believe we have collected information ​from your child who is under the age of 18, please contact us at support@knose.health.


6. SHARING OF YOUR PERSONAL DATA


We may disclose the information we process about you, including your personal data, as follows:


  • We may disclose your personal data and other collected information to third-party organisations ​such as contractors, business partners, service providers, and vendors that we use to support our ​business and who assist us in providing our Services.
  • We disclose your personal data to Google (USA) through Firebase Services and Google Gemini AI ​(USA), both acting as our backend infrastructure and data processors for the App and Knose AI ​chatbot performance and safeguards.
  • We may disclose your personal data in response to legal requests and for purposes of preventing ​harm. We may access, preserve, and share your information in response to a legal request (like a ​search warrant, court order, or subpoena), government, or regulatory request if we have a good faith ​belief that the law requires us to do so. This may include responding to legal, government, or ​regulatory requests from jurisdictions where we have a good faith belief that the response is ​required by law in that jurisdiction, affects users in that jurisdiction, and is consistent with ​internationally recognised standards. We may also access, preserve, and share information when we ​have a good faith belief it is necessary to: (i) detect, prevent, and address fraud and other illegal ​activity; (ii) protect ourselves, you, and others, including as part of investigations; and (iii) prevent ​death or imminent bodily harm. Information we receive about you may be accessed, processed, and ​retained for an extended period when it is the subject of a legal request or obligation, governmental ​investigation, or investigations concerning possible violations of our terms or policies, or otherwise ​to prevent harm.


7. CROSS-BORDER DATA TRANSFERS


If you use our Services outside of the United Kingdom, your Personal Data will be stored outside your ​home country, including in the United Kingdom, for the purposes described in this Policy. The privacy ​protections and the rights of authorities to access your personal information in such countries may not ​be equivalent to those of your home country.


8. CONTACT US


If you have any questions about this Privacy Policy, please contact us via email at support@knose.health.


9. CHANGES TO OUR PRIVACY POLICY


The date this Privacy Policy was last reviewed is indicated at the top of the page. We may modify or ​update this Privacy Policy from time to time. Some changes do not require your consent or notification: ​for example, when we make changes for the sake of transparency, when we add a new purpose of ​processing that is compatible with the existing purposes, or a new processing activity that falls under the ​users’ reasonable expectations. However, if the changes made may pose a risk to your rights and ​freedoms (for example, by including a new purpose of processing that is not compatible with the existing ​purposes of processing, a new legal basis, or a new category of personal data to be collected or a new ​data subject, all of which are not reasonably expected by the users), we will ask for your consent to ​those changes separately from this Privacy Policy. If you did not receive a request for your consent to ​the changes or refused to give consent, those changes will not apply to you. This can negatively affect ​some of our Services provided to you if those Services inevitably require consent to the changes.