Privacy Policy
Elemind Technologies, Inc. Privacy Statement
Effective Date: May 31, 2024
YOUR PRIVACY IS IMPORTANT TO US
This Privacy Statement explains how Elemind Technologies, Inc., (“Elemind”) collects, uses, processes and shares information about you (including your personal information) when you visit our website or use our Services. If you have questions about these practices, please contact us using the contact details provided below.
Elemind understands the importance of protecting all of the information it collects when providing services to its customers and website visitors. When you use our products, learn about Elemind or otherwise interact with us and our employees, you trust that we will protect your data and use that data only to provide the Services you request. We understand we must always earn and deserve the trust you place in Elemind when you share your information with us. Given this understanding, we will never use your data in any way not described in this Privacy Statement – and you will always have the choice to stop providing data, to no longer allow us to share data, or to ask that we no longer retain your data. If you would like to make any of these choices, please let us know by contacting us at privacy@elemindtech.com.
[ADDED: For purposes of applicable data protection laws, including the UK General Data Protection Regulation (“UK GDPR”) and, where applicable, the EU General Data Protection Regulation (“EU GDPR”), Elemind Technologies, Inc., 45 Prospect St, Cambridge, MA, 02139, is the controller of your personal information in connection with the Services, except where we expressly state otherwise.]
[ADDED: If and to the extent Elemind is required to appoint a representative in the United Kingdom under Article 27 UK GDPR, we will identify that representative and provide their contact details in the then-current version of this Privacy Statement.]
WHEN DOES THIS PRIVACY STATEMENT APPLY?
This Privacy Statement applies to Elemind and to our controlled affiliates and subsidiaries (collectively “Elemind” or “we”). References to our “Services” in this Privacy Statement include our public-facing website at www.elemindtech.com (“Website”), Elemind’s platform, Elemind’s app and Elemind products, including its headband - and any applications Elemind provides in order to provide access to its platform (and any application updates or variations). This Privacy Statement applies to personal information collected through the Services and Website and not to any website or service that refers or links to a different privacy statement or privacy policy.
Personal Information includes any data that could be used to identify you as a unique individual and includes information such as your name, address, email address, location, account login information and the IP or MAC address of the device(s) you use to access the Services. Sensitive Personal Information includes information that can identify you and includes data such as health information, sensor or biometric information, subjective information that you may enter into the Elemind App, etc. Elemind does not share, trade, rent, sell or otherwise disclose your sensitive information except as may be required by law or with your express consent.
Some information collected by Elemind is altered so that it can no longer be used to identify any particular individual (sometimes referred to as “aggregation” or “anonymization”). Because the information is no longer capable of identifying you, such data is not considered either Personal Information or Sensitive Personal Information.
NOTICE TO USERS OF ELEMIND SERVICES
Elemind collects, processes, and shares the data you provide as described below so that it can provide you with the Services you request. Elemind does not collect or process your personal information unless you grant us permission to do so after having an opportunity to review this Privacy Statement and by continuing to use the Services. If you have questions about how Elemind processes your personal information, please contact Elemind at privacy@elemindtech.com.
You must be at least 13 years old to use our Services and we do not knowingly collect, use, process, or disclose personally identifiable data from any visitor to the Website that is under the age of 13. None of our Services or products are directed to users under the age of 13 unless their parent or guardian consents. Should we discover any user under the age of 13 using our Services, we will immediately revoke their access to the Services, cancel their subscription (if any) and delete any information they have provided to us.
Because the data we collect belongs to you, you may ask us to inform you of how we use and disclose your data, you may request access to the data and you may be entitled to dispute the accuracy and completeness of the information we have collected and amend it as appropriate unless we provide you with reasonable reasons why we cannot provide this information to you (for instance if we receive the data from a third party (or no longer possess the data).
WHAT PERSONAL INFORMATION DOES ELEMIND COLLECT?
Elemind does not collect or process your personal information unless you consent, and you can always decide to withdraw your consent. If you withdraw your consent, we will promptly stop collecting, processing, or using your data for any purpose. Of course, should you elect not to have Elemind collect or process your data, Elemind may not be able to provide its Services to you.
We collect information about you from different sources and in various ways when you use our Services. This includes information: i) you provide directly and voluntarily; ii) that is collected automatically, iii) obtained through publicly available sources or other third-party data sources; and iv) inferred or generated from other data. Our collection of data also depends on your choices (described in more detail below). Certain information is collected once when you first access the Services. Other information related to the Services (for instance data collected as you use the headband, Elemind App or otherwise use the Services) is collected on an ongoing basis through your continued use of the Services.
[ADDED: LEGAL BASES FOR PROCESSING (UK AND EEA USERS)
Where the UK GDPR or EU GDPR applies, we must have a legal basis to process your personal information. Depending on the specific processing activity, Elemind relies on one or more of the following legal bases:
• Performance of a contract: we process your personal information where this is necessary to enter into and perform our contract with you, including to create and manage your account, provide the Services, process payments, and provide customer support.
• Consent: we process certain types of personal information, including Sensitive Personal Information such as health, sensor, neural activity and other biometric data collected through the headband and the Elemind App, on the basis of your consent. In particular, for users in the United Kingdom and the European Economic Area, we rely on your explicit consent to process special category data (such as health-related and biometric data) in accordance with Article 9(2)(a) UK/EU GDPR. You may withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
• Legitimate interests: we process personal information where this is necessary for our legitimate interests and these are not overridden by your interests or fundamental rights and freedoms. This includes our legitimate interests in operating, improving and securing the Services, conducting analytics, preventing fraud and misuse, and communicating with you about our products and services. You have the right to object to processing based on legitimate interests as described below.
• Legal obligations: we process certain personal information where this is necessary to comply with our legal obligations, for example relating to tax, accounting and regulatory requirements, or to respond to lawful requests from public authorities.
If you have questions about the legal bases we rely on for any specific processing activity, you can contact us at privacy@elemindtech.com.]
INFORMATION YOU PROVIDE DIRECTLY.
Elemind collects personal information you voluntarily provide to us, including, for example:
Your contact Information (e.g., name, email address, phone number, etc.) when signing up for or using the Services.
Information you choose to input into certain web-forms or features of the Elemind App (for instance demographic information such as gender, age weight, height, etc.)
Contextual and behavioral information. This includes subjective descriptions such as sleep quality, mood, use of certain substances, exercise habits and sleep preferences. All such data is voluntarily input through use of the Elemind App by the user.
Payment information such as credit or debit card numbers, account and authentication information and billing, shipping and contact details including transaction history and related information.
Information provided when you contact Elemind with questions, warranty issues, support requests, etc.
Other information you provide to us when filling out applications or webforms or when you contact us for Services or support (caller identification, date and time, etc.).
You will always have control over what data you choose to provide directly to Elemind in connection with the Services (for instance by not providing requested inputs, skipping questions, not filling in fields, etc.). As could be expected given the nature of the Services, however, not providing requested information may impact whether you can use the Services, how well the Services function for you and/or your ability to fully benefit from the Services.
INFORMATION COLLECTED AUTOMATICALLY.
When you use our Services (even if only visiting the Website), some information is collected automatically, for example:
Device information (model, operating system version, mobile network information, operating system and system settings, browser type, browser language, Internet Protocol (IP) address, country and time zone in which your device is located, and the Platform pages you viewed and how long you viewed them, and similar identifiers).
Mobile Application Information (application data and metadata stored on your device when permitted by your operating system settings)
Data related to your use of the Services including which services you have requested, which pages of the website you viewed or interacted with, etc.
Account credentials, including usernames, emails, and passwords. We use this information to connect activity conducted on our website to user accounts made through the app, such as subscription information, changes to account details, contact information, or billing information.
INFORMATION COLLECTED FROM YOUR DEVICE AND/OR THE ELEMIND APP
As you might expect, to provide useful Services to you and to allow you to interact more personally with your device or the Elemind App, we collect data from those sources for the purposes of providing the Services and improving the services we provide. This includes:
Sensor-derived data (i.e., biometric data), including movement information derived from accelerometry, and neural activity measured through electroencephalogram (EEG), and device battery level. This data allows us to provide targeted stimulation that tracks features of your brainwaves. In addition, these types of data are used to provide you feedback about your health, including the quantity and quality of your sleep. This data may be used (anonymously) to improve Elemind’s products and services or to develop new ones.
Processed data, including data derived from sensor data, such as ballistocardiogram, sleep stage estimations, EEG features such as sleep spindles or slow waves, or other health information. Sensor data and other data types may be processed together to measure stress levels, sleep quality, or other health metrics. We collect this data to provide feedback to you about your health and performance and to personalize our product experience to your unique physiology and behavioral patterns. We may also collect this information in an anonymized format to develop new products and features.
Device and usage data, such as date and time of device usage, device firmware version, device status such as error or performance metrics, mobile device model and operating system information, engagement with various app pages and features, Bluetooth transmission information, and location data. We use this data to provide customer service, and to improve the functionality of our hardware and software.
Our Website may store and retrieve data using cookies set on your device. These include:
Shopify uses cookies for or the purposes of basic website functions, user preferences, analytics, and marketing. Here is further detail on Shopify’s cookie policy (see: Merchant storefronts). https://www.shopify.com/legal/cookies
Google uses cookies for ad-related purposes. For more information, please see https://support.google.com/adspolicy/answer/54817?hl=en.
Meta uses cookies for ad related purposes. For more information, please see https://www.facebook.com/privacy/policies/cookies&sa=D&source=docs&ust=1716921759394681&usg=AOvVaw1FCbshh5cMoM9yoIJ4x2ez.
INFORMATION OBTAINED FROM OTHER THIRD-PARTY SOURCES.
Elemind may also collect data from third parties including those having (or potentially having) information about you that is relevant to the Services we provide. Elemind may also obtain information from other services to which you subscribe. By using the Services, you consent to our obtaining such information. We protect information obtained from third parties according to the practices described in this Privacy Statement, plus any additional restrictions imposed by the source of the information. You should also confirm what third party privacy practices apply to your publicly available personal information.
HOW DOES ELEMIND USE COOKIES AND OTHER DATA COLLECTION TECHNOLOGY?
We use and may allow others to use cookies and similar technologies (e.g., pixels) to operate our Website and to help collect data through the Services or through available applications. Please read our Cookie Notice for more information on our use of cookies and how you can control them.
DO NOT TRACK
Some web browsers (including Safari, Chrome, Internet Explorer, and Firefox) incorporate a “Do Not Track” (“DNT”) or similar feature that signals to websites that a user does not want to have their online activity and behavior tracked. If a website that responds to a DNT signal receives the DNT signal, the browser can block that website from collecting certain information about the user. Not all browsers offer a DNT option and DNT signals are not yet uniform. For this reason, many website operators, including Elemind, do not respond to DNT signals. Instead, you can use the range of other tools to control data collection and use, including the cookie controls and advertising controls described in our Cookie Notice.
HOW DOES ELEMIND USE PERSONAL INFORMATION?
Elemind uses personal information collected for the purposes described in this Privacy Statement or as otherwise disclosed to you. We use personal information to:
Provide and deliver the Services using the data you provide, data automatically collected, and data we collect from the headband or the App.
Communicate with you regarding the Services or other products you may be interested in. We use data you provide for this purpose.
Resolve issues with the Services and to enhance your experience and enjoyment using our Services. We use data you provide, data automatically collected, and data from the headband or the App for this purpose.
Operate our business (including by improving our internal operations, securing our systems, conducting analytics, and detecting fraudulent or illegal activity). This typically involves data automatically collected as described above.
Provide customer support and respond to your questions.
Communicate with you about our products and services and those of our selected third-party partners so you can choose to sign up for those services. We may use your name and email address for this purpose; and
Only as we are required to do so, to comply with valid requests from government or law enforcement.
HOW DOES ELEMIND SHARE INFORMATION?
Elemind will only share your data if you consent to that sharing (and you can always opt-out of future sharing). We may provide de-identified or aggregated data to third parties – but that data will not be linked to you, nor could you be re-identified from that data.
Elemind does not share your sensitive personal information with any third party.
Upon obtaining consent, Elemind may share personal information with third parties who have committed to respect and protect your personal information in a manner at least as protective as Elemind and in a way entirely consistent with this privacy statement. We only share this data to better provide and evolve our services, to provide partner services or other offerings or to operate our business. This may include:
Sharing personal information with third-party service providers that perform services on behalf of Elemind (i.e., for web hosting, translation or data storage). Any third party with which we share personal information must agree to safeguard it in substantially the same manner as described herein and in accordance with all applicable laws.
Sharing personal information with third parties for purposes of offering additional products that we believe you may find useful. You may always ask that we stop providing this information and/or opt-out of receiving any marketing communications from these third parties.
If Elemind is involved in a merger, sale, acquisition, divestiture, restructuring, reorganization, dissolution, bankruptcy or other change of ownership or control (in whole or in part), we may share your personal information, but it will at all times remain protected as described herein.
Advertising and analytics purposes. We may disclose to or allow access to certain information about you for purposes of advertising or analytics. Again, with respect to advertising, you will always have the right to opt-out from any marketing messages or materials.
Elemind will share personal information when you consent to such sharing.
Further, we may disclose your personal information (but not your sensitive personal information):
If we believe that disclosure is necessary to: (i) detect, prevent or address fraud and other illegal activity, or (ii) identify, contact or bring legal action against someone who may be causing injury to or interference with (either intentionally or unintentionally) our rights or property, other users, or anyone else;
In connection with any legal or other investigation, including an investigation related to a suspected breach of our Terms of Use ;
When we genuinely believe that such disclosure is required or permitted by law, including when responding to subpoenas, warrants, production orders, or similar orders; or
Current or Future Third Party Integrations
We may provide you with the option of integrating our products with other applications such Apple Health or Google Fit in order to help you track your progress. If you direct us to connect our products or Services to applications such as Apple Health or Google Fit, we will access and import certain data from such applications (in accordance with your privacy settings in such applications) and we will transfer certain data to such applications, including processed data, in-app survey data, usage data, and demographic information. You can turn off the connection to such applications at any time in the settings of our products. We recommend that you review the privacy policy of the third-party provider of the application as this will, amongst other things, cover what happens to any information that is shared with the provider of the application after the connection is turned off.
HOW DOES ELEMIND PROTECT PERSONAL INFORMATION?
Elemind takes state of the art technological and other means to protect all of the information that we collect and process as described herein. Unfortunately, other actors are continually working to illegally obtain data - and no system is entirely secure. This being so, we cannot guarantee that a security breach will not occur. We need your cooperation to help secure data and ask that you use appropriate security measures to protect your personal information when using our Services.
INFORMATION RETENTION
We retain personal information only as long as is necessary to fulfill the legitimate business need for which the personal information collected (such as to provide you with the Services). We may retain the data for a longer period to comply with legal obligations (e.g., regulatory, contractual, tax, accounting), to resolve disputes, to enforce agreements and other, similar purposes.
The criteria we use to determine how long to retain your personal information include:
The length of time we have an ongoing relationship with you and provide services to you (which may depend on whether your account has gone inactive);
Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions