Privacy Policy - General

PLATFORM INTRODUCTION

In compliance with data protection laws, we are obligated to furnish you with essential information about our data processing activities, your rights regarding your personal data, and how we use it. This policy outlines such information, and it is crucial that you read and understand its contents.
This policy (together with our end-user license agreement available at www.lifesetwellbeing.com/ eula (the EULA) or as presented during your initial use or installation of our Platform (as defined in the EULA) and any additional terms referenced in the EULA, collectively referred to as our Terms of Use) pertains to:

• Your utilization of all versions of our Platform, whether through a mobile app (Mobile Platform) or online via our website (Web Platform), upon downloading or streaming a copy of the Platform onto your personal computer, mobile device, or other suitable electronic device (Device).
• Any other interactions you have with us, whether by phone, computer, or other means, under this policy governing the processing of your personal data.

Please carefully review the following sections to comprehend our data practices and how we manage your personal information.

WHO WE ARE

LifeSet Ltd is a registered company in Ireland under registration number 727537, with a registered address at 95 Beech Grove, Lucan, Dublin, K78 TW74. We are the data controller responsible for your personal data (referred to as "we," "us," or "our" in this policy).For any inquiries regarding this privacy policy, you can contact our data protection officer:

Name: Matthew MacNabb

Email: matthew@lifesetwellbeing.com

Address: LifeSet Ltd, 95 Beech Grove, Lucan, Dublin, K78 TW74, Ireland

CONSENT

Before accessing or installing the Platform, you will be asked to provide your consent to our processing of your personal data (where 'consent' is the appropriate lawful basis, as explained in this policy). You have the right to withdraw your consent at any time by contacting us. Withdrawal of consent will not affect the legality of processing performed prior to your withdrawal. We may need to retain certain information, including health data, strictly required for insurance or legal compliance. We will delete unnecessary information to comply with our legal obligations. We may retain fully anonymised data in aggregated sets for analysis or research purposes.

THE DATA WE COLLECT ABOUT YOU

We may collect, use, store, and transfer various types of personal data, including:

• Identity Data
• Contact Data
• Device Data
• Content Data
• Usage Data
• App Data
• Marketing and Communications Data

Please note that health data constitutes 'Special Category' personal data under data protection laws. We do not gather information about criminal convictions or offences. When collecting Special Categories of Personal Data, we will obtain explicit consent and ask again if the purpose of processing changes. We do not collect financial or transaction data if access is granted by your employer, family member, or friend.

DESCRIPTION OF CATEGORIES OF PERSONAL DATA

Identity Data: Name, age, gender, etc.

Contact Data: Email address, phone number, etc.

Device Data: Mobile device type, unique identifiers, mobile network info, operating system, etc.

Content Data: Login info, digital content uploaded to the Platform.

Usage Data: Details of Platform use and site visits.

Marketing and Communications Data: Preferences for marketing communications.

App Data: Accessing the Platform through a mobile app.

AGGREGATED DATA AND ANONYMISATION

We may use aggregated data for statistical analysis, providing anonymised summaries of workforce wellbeing to employers. Aggregated data is not personally identifiable. Anonymised data may be used for research to enhance our services or by other entities. The lawful basis for anonymisation is legitimate interests or explicit consent.

HOW IS YOUR PERSONAL DATA COLLECTED?

We collect and process personal data as follows:

• Information you provide: Filling forms, corresponding, registering, subscribing to services, etc.
• Information we collect: Automatic data collection through Platform use, utilizing cookies and similar technologies.
• Information from other sources: Third-party providers, employers, authorized users, etc.

HOW WE USE YOUR PERSONAL DATA

We use your personal data lawfully and transparently for various purposes, including:

• Installing and registering you on the Platform
• Delivering Services, including in-App notifications
• Managing our relationship, updating you about changes
• Conducting surveys and contests
• Administering and protecting our business and Platform
• Providing content and recommendations
• Anonymising data for research and scientific purposes

DISCLOSURES OF YOUR PERSONAL DATA

We may share your personal data with:

• External Third Parties as outlined in the Glossary
• Specific third parties such as Stripe, Inc, GoCardless, and Xero
• Potential new owners in business transfers

We do not share Health Data with employers, third-party marketing providers, or databases.

FRIENDS & FAMILY ACCESS

Authorised Users can assign/revoke access licenses to friends/family (over 16). No anonymised health data will be shared from friends/family groups.

MARKETING

We do not share personal data for third-party marketing.

INTERNATIONAL TRANSFERS

We may transfer data outside the UK/EEA, ensuring protection via Standard Contractual Clauses.

DATA SECURITY

We maintain security measures to safeguard personal data and notify of breaches when necessary.

DATA RETENTION

Personal Data is retained while your account is active, deleted when you request account closure or if your employer discontinues.

YOUR LEGAL RIGHTS

You have rights regarding your personal data, including access, correction, erasure, restriction, transfer, withdrawal of consent, and objection. Contact us to exercise these rights. You also have the right to lodge a complaint with the ICO or an EU member state authority.

CHANGES TO PRIVACY POLICY

This privacy policy may change, and updates will be posted on our website.

THIRD-PARTY LINKS

Our Sites may link to third-party websites, each with its privacy policies

GLOSSARY

1. LAWFUL BASIS

Consent means processing your personal data where you have signified your agreement by a

statement or clear opt-in to processing for a specific purpose. Consent will only be valid if it is a

freely given, specific, informed and unambiguous indication of what you want. You can withdraw

your consent at any time by contacting us.

Legitimate Interest means the interest of our business in conducting and managing our business

to enable us to give you the best service/product and the best and most secure experience. We

make sure we consider and balance any potential impact on you (both positive and negative) and

your rights before we process your personal data for our legitimate interests. We do not use your

personal data for activities where our interests are overridden by the impact on you (unless we

have your consent or are otherwise required or permitted to by law). You can obtain further

information about how we assess our legitimate interests against any potential impact on you in

respect of specific activities by contacting us.

Performance of Contract means processing your data where it is necessary for the performance

of a contract to which you are a party or to take steps at your request before entering into such a

contract.

Comply with a legal obligation means processing your personal data where it is necessary for

compliance with a legal obligation that we are subject to.

Protecting your vital interests means processing your data where your vital interests are at

stake, such as in an emergency situation, where we would consider and balance any potential

impact on you (both positive and negative) and your rights before we process your personal data

pursuant to this justification.

2. THIRD PARTIES

2.(A) EXTERNAL THIRD PARTIES

Service providers acting as processors based in the United Kingdom who provide IT and system administration services including mobile application marketplaces and mobile operating system.  

Professional advisers acting as processors or joint controllers including lawyers, bankers, auditors and insurers based in the United Kingdom who provide consultancy, banking, legal, insurance and accounting services. O

ffices of Revenue Commissioners, regulators and other authorities acting as processors or joint controllers based in Ireland who require reporting of processing activities in certain circumstances.

3. YOUR LEGAL RIGHTS

You have the right to:

• Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
• Request correctionof the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
• Request erasureof your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
• Object to processingof your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
• Request restriction of processingof your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios:
• (a) if you want us to establish the data’s accuracy;
• (b) where our use of the data is unlawful but you do not want us to erase it;
• (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or
• (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
• Request the transferof your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
• Withdraw consent at any timewhere we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.