Privacy Policy

Privacy Policy of the Koa Health Website

Full Policy

This Privacy Policy applies to any collection and/or processing of personal data (hereinafter “Personal Data”) performed as a result of your use of the Koa Health website.

1. Who collects, controls and processes your personal data?

Koa Health Digital Solutions Limited (hereinafter “Koa”), a company registered in the United Kingdom (registered number 13298286) with registered address at 55 Baker Street, London WU1 7EU, UK.

Koa is the Data Controller of all Personal Data collected through the website. Koa will not share your personal data with any other Data Controllers without your consent. Only Koa and its sub-processors, following its instructions, will have access to your personal information as described in this Privacy Policy.

You can contact Koa at privacy@koahealth.com for any privacy-related matter. The Data Protection Officer (Judith Vieberink)​ contact for Koa may be contacted at dpo@koahealth.com.

2. Why do we collect personal data about you and what do we do with it?

Sending you information for your company about our products that might be of interest

If you sign up on the website to register your company’s interest in our products, we will process your personal data to send you relevant information about them. We might also collect your personal data using forms embedded in our LinkedIn ads. We may retain your personal data for some time (see section 5) in order to invite you to try other new products from Koa. We may use third party services to facilitate communication such as promotional emails.

Our legitimate interest in promoting new products and services is the basis for this processing. You can opt-out of these communications using the “unsubscribe” option in one of our emails.

Managing job offers and recruiting

If you are interested in one of our job offers, we will process your personal data for managing the recruitment process. We’ll get in touch if we think your application matches the needs of the advertised position. If you opt-in to receive communications on future job openings we will also get in touch if we think your application matches the needs of future positions. We might also ask for your feedback after the interviews, to help us improve the hiring process. We may retain your personal data for some time (see section 5)

Your consent is the basis for the collection and process of personal data to manage job offers and recruiting. You can remove this consent within the settings of the app, or at any time by contacting us at privacy@koahealth.com using, if possible, the same e-mail address with which you registered in the app.

3. What personal data do we collect about you and how?

When you sign up on the website or fill up a form in LinkedIn to register your interest in our products, we might collect:

  • Email address
  • Name
  • Company
  • Job title
  • Contact Details

When you apply to any of our job offers, we might collect:

  • CV or Resume
  • Name
  • Surname
  • Email
  • Phone

We collect through cookies (read our cookies policy) the following information:

User activity in the web page; Frequency of access to the web page, time spent in the web page, interaction with third party services through the web page, etc.

4. Do we share personal data about you with others?

We do not share any personal information about you with other Data Controllers, unless we have your consent. We may share some of your personal data with service providers for specific activities such as hosting (e.g. AWS), recruiting or analytics (e.g. G Analytics).

Digital Marketing Service Providers

We periodically appoint digital marketing agents to conduct marketing activity on our behalf, such activity may result in the compliant processing of personal information. Our appointed data processors include:

(i)Prospect Global Ltd (trading as Sopro) Reg. UK Co. 09648733. You can contact Sopro and view their privacy policy here: https://sopro.io/

Sopro are registered with the ICO Reg: ZA346877 their Data Protection Officer can be emailed at: dpo@sopro.io.

(ii) Hubspot Inc: You can contact Hubspot and see their privacy policy here: https://legal.hubspot.com/privacy-policy

We only authorize our service providers to process your information following our instructions. We make sure that our service providers erase all your personal information right after their services are finished. Some of our service providers may be located outside the EEA, including in countries (such as the United States) whose level of data protection may not be the same as that of the country of origin of our customers. We take the appropriate measures to ensure those providers comply with EEA standards in every processing of personal data they perform on our behalf, by requiring guarantees such as Standard Contractual Clauses.

Internal team members shall process your personal data following professional responsibilities and contractual obligations only for the purposes established in this Privacy Policy. We take appropriate measures to guarantee the fair and confidential use of all personal data by our employees.

5. How long do we keep your data?

We may retain your personal data for different periods of time, depending on the type of data involved and the purposes of the processing, but generally, following these criteria:

  • We will erase any of your data collected from the website after 12 months from last opening any email we sent you.
  • We will erase your information obtained for recruiting, after 12 months from the end of the recruitment process.
  • We will also erase or stop processing your data if require us to do so (See Section 6)

6. What rights do you have related to your personal data and how can you use them?

The data protection laws give you a series of rights regarding the personal information that we manage about you. Specifically, the rights of access, rectification, erasure, limitation, objection, portability, as well as not being subject to automated decisions and to removing your consent at any time.

You can exercise these rights by contacting us at privacy@koahealth.com using, if possible, the same e-mail address with which you registered on the website and identifying the right you want to request. In the event that you decide to exercise one of these rights through a representative, it will be necessary to provide with the request, the documentation that proves this condition.

If you feel your data privacy rights have been breached, you also have the right to file a complaint with a Data Protection Control Authority (e.g., the Information Commissioner’s Office).

In order to register and use our services you must be over 16 years old. Therefore, by signing up you confirm that you meet this condition. We may contact you to confirm this. We do not knowingly collect information from those younger than 16 years. If you are a parent or guardian and believe that your child has used the App you may contact us at privacy@koahealth.com and we will respond promptly.

7. How do we keep your data safe?

Koa is responsible for ensuring the security, integrity and confidentiality of your personal information. Therefore, as part of our commitment and in compliance with current legislation, we have adopted the most demanding and robust security measures and technical means to prevent their loss, misuse or access without your authorization.

We protect all communications between the website and the servers in line with best practice by using TLS for encryption and server authentication. We use ISO 27001 certified systems in order to protect your registration information including email and password. We store your personal data in an encrypted database.

Also, we promise to act quickly and responsibly in the event that the security of your data may be in danger, and to inform you if necessary.

Effective From: February 2024