Welcome to Myndlift, an online therapist-guided home brain training system, based on neurofeedback (the “Service”). The Service is owned and operated by Myndlift Ltd. (“Company”, “we”, “us”).
We respect your privacy and are committed to protect your personal information. This Privacy Notice (the “Notice”) explains our privacy practices for the Service we offer through our website and web application. The Notice also describes the rights and options available to you with respect to your personal information.
The Service operates through our website at www.myndlift.com (the “Website”), a web application (that is used by you - the therapist or neuro-coach) (the “Web Application”), and a mobile application for end users (the “Application”).
PERSONAL DATA WE PROCESS
To set up your account on the Service, we collect your full name, email address, phone number and professional affiliation.
Initial Account Sign-up Information. The Service is available to registered users only. When you sign up for the Service, we collect your full name, email address, address, phone number and professional affiliation (i.e., name of clinic).
We may also collect your payment information, such as your credit card details or other supported payment methods on the Service.
You are not legally required to provide us your information.
You do not have a legal duty to provide us the above Information. However, you will not be able to sign up to and use the Service without providing us the information.
We collect analytic information about your use of the Service.
Analytics Information. When you access the Service, we use our own and third-party analytics tools, such as Google Analytics, to automatically collect aggregated information about your use of the Service. For example, we may record the frequency and scope of your use of the Service, the duration of your sessions and your interaction with the Service.
HOW WE PROCESS AND USE PERSONAL DATA
We process your data for the following purposes:
To operate the Service and provide its functionality and features.
We process your Initial Account Sign-up Information and Payment Information to facilitate the access to and use of the Service, as well as to operate the Service and provide you its features and functionality. We will also process your Initial Account Sign-up Information to facilitate our internal managerial, archival, administrative and audit activities.
To personalize and improve the Service.
We process your Analytics Information to understand how users interact with the Service so that we can personalize and improve it.
The legal basis under EU law for processing your Analytics Information is our legitimate interest in understanding how the Service is used in order to personalize and improve it.
WHEN IS YOUR PERSONAL DATA SHARED WITH OTHERS
We do not sell your personal information to third parties.
We will not share your information with third parties, except in the events listed below or when you provide us your explicit and informed consent.
We will share your information with our service providers helping us to operate the Service
We will share your personal information with service providers who assist us with the internal operations of the Service. These companies are authorized to use your personal information only as necessary to provide these services to us and not for their own purposes. The service providers we use are listed here.
If you violate the law, we will share your information with competent authorities.
If you violate any applicable law, your information will be shared with competent authorities and with third parties (such as legal counsels and advisors), for the purpose of handling the violation.
The legal basis under EU law for such processing is our legitimate interest in enforcing our legal rights.
We will share your information if we are legally required.
If we are required to disclose your information by a judicial, governmental or regulatory authority.
The legal basis under EU law for this processing is our compliance with the legal obligations we are subject to.
We will share your information if the operation of the Company is organized within a different framework.
If the operation of the Company is organized within a different framework, or through another legal structure or entity (such as due to a merger or acquisition), provided that those entities agree to be bound by the provisions of this Notice, with reasonably necessary changes taken into consideration.
The legal basis under EU law for this processing is our legitimate interest in business continuity, following a structural change.
What are cookies?
Cookies are text files, comprised of a small amount of data, that are saved on your computer or other device (e.g., smartphone, tablet, etc.) when you use the Internet and visit various websites.
Necessary. Cookies that are strictly necessary for the functioning of the Service. The Service cannot operate properly without these cookies.
Analytics. Analytics cookies operated by third parties, such as LinkedIn, Google, and Facebook, that assist us in understanding how users interact with the Service by collecting data that, by itself, does not directly identify you.
Marketing. Marketing cookies operated by third parties, such as LinkedIn, Google, and Facebook, that track your use of the Service and allow us to tailor content, both on and off the Service, that we believe is relevant to you.
Our cookie management tool provides you detailed information about the cookies we use and enables you to control their use.
We use a cookie management tool to provide you more information about the cookies we use. It also enables you to control the use of analytics and marketing cookies. You can change your mind at any time by enabling or disabling certain cookies or categories of cookies. However, you cannot disable the ‘necessary’ cookies because the Service cannot operate without them. By enabling cookies, you give your consent to collect the data they are intended for. Click here to open our cookie management tool.
SECURITY AND DATA RETENTION
We retain your personal data as long as you are a registered user of the Service and thereafter for compliance and legal purposes.
We retain your personal data as long as you are a registered user of the Service. Thereafter, we will continue to retain your personal information as necessary to comply with our legal obligations, resolve disputes, establish and defend legal claims.
We implement measures to secure your Information.
We implement measures to reduce the risks of damage, loss of information and unauthorized access or use of information. However, these measures do not provide absolute security. Therefore, although efforts are made to secure your personal information, it is not guaranteed, and you cannot expect that the Service will be completely protected from information security risks.
INTERNATIONAL DATA TRANSFER
We will transfer your Information internationally only in accordance with applicable data protection laws.
The Service, by its nature as an online service, may store and process Information in various locations throughout the globe, including through cloud services.
Transfer of Information outside the EU. Information we collect from you will be processed in Israel, which is recognized by the European Commission as having adequate protection for personal data.
When we transfer your information from within the EU to the United States or other countries that are not recognized by the European commission as having adequate protection for personal data, we will endeavor to do so while using adequate safeguards determined by the European commission, such as the privacy shield framework for the United States.
YOUR EU RIGHTS
You have the right to access, update or delete your Information and obtain a copy of your Information.
If you are an individual in the EU, you have the following rights:
Right to Access your personal data that we process and receive a copy of it.
Right to Rectify inaccurate personal data we have concerning you and to have incomplete personal data completed.
Right to Data Portability, that is, to receive the personal data that you provided to us, in a structured, commonly used and machine-readable format. You have the right to transmit this data to another service provider. Where technically feasible, you have the right that your personal data be transmitted directly from us to the service provider you designate.
If the legal basis for processing your personal information is your consent, you may Withdraw Your Consent at any time. If you do that, we will still process certain information on a legal basis other than consent, as described in this Notice. Withdrawing your consent will not affect the lawfulness of data processing we carried out based on your consent before such withdrawal.
Right to Object, based on your particular situation, to using your personal data on the basis of our legitimate interest. However, we may override the objection if we demonstrate compelling legitimate grounds, or for the establishment, exercise or defense of legal claims. You may also object at any time to the use of your personal data for direct marketing purposes.
Right to Restrict processing your personal data (except for storing it) if you contest the accuracy of your personal data, for a period enabling us to verify its accuracy; if you believe that the processing is unlawful and you opposes the erasure of the personal data and requests instead to restrict its use; if we no longer need the personal data for the purposes outlined in this Policy, but you require them to establish, exercise or defense relating to legal claims, or if you object to processing, pending the verification whether our legitimate grounds for processing override yours.
Right to be Forgotten. Under certain circumstances, such as when you withdraw your consent, you have the right to ask us to erase your personal data. However, we may still process your personal data if it is necessary to comply with a legal obligation we are subject to under laws in EU Member States or for the establishment, exercise or defense of legal claims.
If you wish to exercise any of these rights, contact us at email@example.com.
We reserve the right to ask for reasonable evidence to verify your identity before we provide you with information. Where we are not able to provide you with information that you have asked for, we will explain the reason for this.
You have a right to submit a complaint to the relevant supervisory data protection authority.
Subject to applicable law, you have the right to lodge a complaint with your local data protection authority. If you are in the EU, you can lodge a complaint to the supervisory authority, in particular in the Member State of your residence or place of work, of an alleged infringement of the GDPR. For a list of supervisory authorities in the EU, click here.
We do not knowingly collect information from minors under the age of 13.
The Service is not intended for minors under the age of 13. We do not knowingly or intentionally collect information from minors under the age of 13.
If we change this Policy, we will provide notice of such change.
From time to time, we may change this Notice, in which case we will notify you of the updated Notice by email. The latest version of the Notice will always be accessible on the web application and on www.myndlift.com.
We are the data controller of the personal data we collect through the Service.
Myndlift Ltd. is the data controller of the personal data we collect and process through the Service.
You can contact us at firstname.lastname@example.org
If you have any questions or requests concerning your personal data or about our privacy practices and policies, you may contact our Data Protection Officer, at: email@example.com.
Last Update: August 24, 2020