Who we are
We are Upright Health, Inc., a California corporation. Our website address is: https://brainfood.uprighthealth.com.
At Upright Health, we are committed to safeguard the privacy of our Website visitors at https://brainfood.uprighthealth.com and our daily customers.
This policy applies where we are acting as a data controller with respect to the personal data (in accordance with Article 4 (1) GDPR) collected of our Website visitors and registered customers whenever and where we determine the purposes and means of the storing and/ or processing of that personal data to be collected.
In this policy, "we", "us" and "our/s" refer to Upright Health Inc.
What personal data may be collected and/ or stored and how we use your personal data
The storing and/ or processing of data through our website are based on our legitimate interest (in accordance with Article 6(1)(f) GDPR) to monitor and improve our website and the services associated with our website. With respect thereto, we may store and/ or process personal data following the provisions of Article. 13(1) GDPR.
We may also collect and/ or store information uploaded to/ submitted to your account ("account data"). The account data refers to all data added to our system by your proactive act of submitting the data to our database. Account data may include your personal data such as your name and email address, or if you sign up for coaching sessions, your address so that we know what part of the world you’re in. The account data may be stored and/ or processed for the purposes of operating our website, providing our services, ensuring the security of our website and services, maintaining back-ups of our databases and communicating with you. We store and/ or process this data due to our interest in administration of our website and our business, as well as in qualitative data assessment to monitor and improve our services with respect to the needs of our clients. With respect thereto, we make use of our tracking System explained herein.
This data may also include data that you provide to us for the purpose of subscribing to Email notifications and/or newsletters ("notification data"). The notification data may be stored and/ or processed for the purposes of sending you the relevant notifications and/or newsletters you agreed to receive by providing your data for.
We may further store and collect the information contained in an enquiry you submit to us regarding our services ("enquiry data"), as well as data related to communication initiated by your proactive act of transferring a message to us (“correspondence data”). Both sets of data may include any form of communication content and metadata associated with this communication. Both, enquiry data and correspondence data may be stored and/ or processed for the purposes of offering certain Services related to us, as well as to perform marketing.
We may also store and collect data that you provide in the course of the use of our services ("service data"). Service data may be stored and/ or used for the purposes of ensuring the quality and proper functioning of our website and our Software.
Wherever payment information is necessary and provided by you, we may store the data provided for throughout the payment transaction (“transaction data”). Transaction data may be stored and/ or processed to secure payments and your identity related to such payments.
Retaining and Deleting of Personal Data
All personal data that we store and/ or process for any purpose or purposes mentioned herein shall not be kept for longer than is necessary for that or those purposes. All data collected and stored for the purposes mentioned under subsection 1. of this policy will be retained for as long as the purpose for which we retained the data in the first place continuously subsists following the date at which the website and its contents are viewed from your personal computer/ mobile device and where applicable information is provided through your proactive act of submitting such data to our database.
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue. For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
Irrespectively of the period determined above, we recognize that in certain cases (such as in the event of disclosure due to litigation) it is not possible for us to specify in advance the periods for which your personal data will be retained.
You may at any given point in time instruct us to provide you with any personal information we hold about you; provision of such information will be subject to the supply of appropriate and sufficient evidence of your identity. As sufficient and appropriate evidence, we accept a copy of your national identity card, or your passport, accompanied by a utility bill stating your current address of residence.
We may withhold personal information that you request to the extent permitted by law.
You may instruct us at any time not to process your personal information for marketing purposes. We will use your personal information for marketing purposes only if expressly agreed to our use of your personal information for marketing purposes.
Your principal rights under data protection law shall remain unaffected by the provisions contained herein. With respect thereto, we guarantee to be mindful of your principal rights in accordance with the General Data Protection Regulation (https://gdpr-info.eu/), foremost but not conclusively regulated in Chapter 3 GDPR.
You may exercise any, or all of these rights with respect to the storing and/ or processing of your personal data by written notice to [email protected].
Providing personal data to others
We do not generally disclose personal data to others, however, we may disclose any of the above-mentioned data to any member of our company in accordance with Article 13(1)(e) GDPR insofar as reasonably necessary for the purposes, and on the legal bases, set out in this policy. We may disclose any of the above-mentioned data to our insurers and/or professional advisers insofar as reasonably necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, obtaining professional advice, or the establishment, exercise or defense of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.
We may also disclose transaction data, to our payment service providers whenever financial transaction relating to our website and services are being conducted. We will share transaction data with our payment service providers only to the extent necessary for the purposes of processing your payments, refunding payments and/ or dealing with complaints relating to such payments any refunds.
In addition to the disclosures of personal data set out herein, we may disclose your personal data where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your interests as a natural person or the interests of another natural person. We may also disclose your personal data where such disclosure is necessary with respect to litigation whether in court proceedings or in an administrative or out-of-court procedure.
In any event in which personal data is disclosed, we guarantee to follow all provisions made under Articles 13(1)(e) and 14(1)(e) GDPR.
Example case where data is disclosed to other: If you email us to sign up for a training session, we would enter your information into our scheduling service provider’s database where it will be securely stored. If you sign up for our mailing list, your information is stored with our mailing list service provider. If you provide payment details for a transaction, that information is processed securely with our payment processor. None of our third party service providers, to the best of our knowledge, will resell or share your information.
Third Party Cookies include: Google Analytics, MailChimp, and Facebook.
If you would not like to be tracked during your visit you can install a Do Not Track Plugin for Google Chrome or enable the Do Not Track feature in Firefox. These plugins/extensions are provided as a reference and are not supported in any way by Upright Health, Inc. Be advised that these plugins are known to cause some errors in the functioning of our online programs.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
Adverts and sponsored links, embedded content on our website
Social Media Platforms
On our website, we may use social media sharing buttons which help share web content directly from web pages to a social media platform. Whenever you use a social sharing button, be advised that you do so on your own discretion and note that the social media platform may track and save your request to share a web page respectively through your social media platform account.
How we protect your data
We use SSL encryption on this site for the transmission and access of any and all sensitive information. While this is standard practice across the internet, we cannot guarantee that this will prevent all unlawful access of information. This is one reason we limit how much of your data we collect.
What data breach procedures we have in place
In case of a data breach of sensitive data, we will notify users promptly within 72 hours of discovery of the breach.
Contact and Communication
This website is powered by Upright Health, Inc., registered in 609 Price Ave. Suite 103, Redwood City, CA 94063 under registration number C3403622.
If you have any concerns or if there is anything you would like to ask us, you can contact us via Email [email protected].
If you wish to contact us, please keep in mind that you do so at your own discretion and that you provide any personal details requested at your own risk. Your personal information is kept private and stored securely until it is no longer required by law or due to ceasing of purpose. We use any information submitted to provide you with further information about the products/ services we offer or to assist you in answering any questions or queries you may have.
We may update this policy from time to time whenever legal alterations are coming into effect. We therefore, encourage you to check this page occasionally to ensure you are happy with any changes to this policy. However, we may notify you of changes to this policy either by means of email or through the private messaging system on our website.