Last updated: March 27, 2024
Version No. 1.0This Privacy Policy (hereinafter referred to as “Privacy Policy”, or “Privacy Terms”, or the “Policy”) is entered into as of the date of executing this Agreement by the “User” by accepting electronically (hereinafter referred to as the “Effective Date”) by and between:
APEX SYNERGIES DMCC, registered and acting according to the applicable legislation of the United Arab Emirates, with the principal place of business at Unit No: RET-R5-074 Retail R5 - Jumeirah Lake Towers - Dubai - United Arab Emirates, hereinafter referred to as the “Company”, on the one hand, and
The Individual or legal entity who has accepted this Privacy Policy, hereinafter referred to as the “User”, on the other hand,
“You” or “Your(s)” or “Their” shall mean the “User(s)” of the Platform who view, access, use, or utilize any of the Platform Services in any way via any medium.
When You access, view, use and/or utilize the Website, Platform, and Platform Services (together, “MevoLife”, “we”, “our”, “us”, or the “Company”) available at and/or through the Website or Platform Services via any of its Domains, including but not limited to content, functionality, products, and any other interactions and engagements, collectively the (“Platform Services”), you acknowledge and affirm your continued acceptance of the Privacy Terms of this agreement. So please read these Privacy Terms carefully.
This Privacy Policy describes the Company's policies and procedures on collecting, processing, transferring, and storing information when you view, access, use or utilize, or collectively (“Utilizing”) the Platform Services, on any Device, and tells you about privacy rights and how the law protects your Personal Data.
The Platform uses your Personal Data to provide and improve the Company’s Platform, Platform Services, and the Product(s). By Utilizing the Platform Services, you agree for us to collect and use the information in compliance with this Policy.
The Policy is in compliance with Articles 12, 13 and 14 of the GDPR and with the CCPA terms and conditions.
Interpretation
The words in which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or plural.
Definitions
For these Terms, the following definitions shall be used:
“Client” shall mean an individual or legal entity seeking the Product(s) from the Merchant via the Platform or Platform Services.
"Customer" shall mean an individual or legal entity, and with a combined reference to the Merchant and the Client of the Platform or Platform Services.
“Device” shall mean any device that can access the Service, such as a computer, a smartphone, a digital tablet, or any other format that can access the Platform Services whether natively or via web.
“DPA” shall mean the Data Processing Agreement for data processing purposes of the Customer(s).
“GDPR” shall mean general data protection rules relating to the protection of natural persons about the processing of personal data and rules relating to the free movement of Personal Data.
“Merchant” or "Seller" shall mean the suppliers in the field of professional fitness, whether an individual (trainers, coaches, nutritionists), or a legal entity (gyms, health clubs), and other sellers of the “Product(s)”.
“Personal Data” shall mean any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, location data, an online identifier, etc.
“Platform” shall mean the overarching digital space that resides on top of the software or the technology provided by the Company, which is accessed by the User(s) and is interconnected with various services, including the ones provided and activated by the Company, its affiliates, associates, partners, distributors, service providers, or third parties, or on behalf of the licensor to facilitate the performance of all Content, information, functionality, purchases, subscription, sales, services and support towards the User(s). The Platform encompasses Website, Software, Mobile Apps, SaaS, SaaS Product(s), Product(s), White Label Product(s), Gateway(s), Services, Marketplace, and all other elements that are accessible, usable, or operational for User(s) both online and offline, seeking to utilize any provided services. Wherever ‘Platform’ is mentioned, it shall infer to and include the ‘Platform Services’ as part of and within its meaning.
“Platform Services” shall mean any access, making use of, and/or utilization of the Website, Platform, Software, Mobile Apps, other services, and any other engagements available at and/or through the Website or the Platform, including but not limited to mevolife.com, its domains or subdomains, and/or the domains of any affiliates, distributors, service providers, third-party services, integrated services, and mobile applications by the User(s). Wherever ‘Platform Services’ is mentioned, it shall infer to and include the ‘Platform’ as part of and within its meaning.
“Processing” shall mean any operation or set of operations that are performed on Personal Data or sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
“Product” shall mean any Goods and Services (including Digital Goods & Services, and Physical Products) on the Platform or Platform Services that are fitness-related, or under any other approved product categories over the Platform, for sale or sold via any Approved Gateway.
“Usage Data” shall mean the data collected automatically and generated when the Customer(s) are using the Website infrastructure (for example, the duration of a visit, website usage, and the number of users).
"User" shall mean any individual or legal entity who views, accesses, uses, or utilizes the Website, the Platform, or the Platform Services, and with a combined reference to the Customer(s) and the Visitor(s).
"Website" shall mean the domain - mevolife.com, its subdomains, and/or any affiliates, distributors, service providers, or third-party services and/or integrated domains and subdomains, and mobile applications.
Personal Data:
While Utilizing the Platform Services, you may provide certain personally identifiable information that can be used to contact or identify you. Personal Data that we collect may include, but is not limited to:
The Company has the right, at any time, at its sole discretion, to request you to confirm your personal information or any other information related to providing the Platform Services.
Usage Data is collected automatically when Utilizing the Platform Services, and/or when you buy the Company’s or Merchant(s)’ Product(s).
Usage Data may include information, type of the Device, your visited pages, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
When you Utilize the Platform Services, the Company has the right to collect, process and transfer the following data:
The Company uses Cookies and similar tracking technologies to track the activity on the Platform Services, and stores certain information. Tracking technologies are beacons, tags, and scripts to collect and track information and improve and analyze the Platform Services.
The technologies that the Company uses may include (but are not limited):
Cookies can be “Persistent” or “Session” Cookies. Persistent Cookies remain on your personal Devices when you go offline, while Session Cookies are deleted as soon as you close the web browser.
The Company uses both Sessions and Persistent Cookies for the purposes set out below:
Necessary/Essential Cookies
Type: Session Cookies
Administered by the Company
Purpose: These Cookies are essential for providing you with services available through the Website and the Platform Services, and enabling you to use some of its features. They help to authenticate users and prevent fraudulent use of your Accounts. Without these Cookies, certain services that you have asked for cannot be provided, and the Company only uses these Cookies to provide you with such services or the overall Platform Services.
Cookies Policy/Notice Acceptance Cookies
Type: Persistent Cookies
Administered by the Company
Purpose: These Cookies identify if you have accepted the use of cookies on the Platform Services.
Functionality Cookies
Type: Persistent Cookies
Administered by the Company
Purpose: These Cookies allow the Platform Services to remember the choices you make when using the Platform, such as remembering your login details or language preference. The purpose of these Cookies is to provide you with a more personal, streamlined experience and to avoid having to re-enter preferences every time you Utilize the Website or the Platform Services.
Advertising Cookies
Administered by the Company
Purpose: Those cookies can be turned on and off by the Platform to deliver our potential User(s) the best advertising experience. They do not contain personal information and are based on your actions over the Platform Services.
GOOGLE ANALYTICS: Personal data and information obtained by way of such cookies concern the use that you make of the Website and will be transmitted from your browser to Google Inc., with registered office at 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States of America, and stored on Google’s servers. Google’s norms on privacy, which we kindly invite you to read, are available at the following URL: http://www.google.com/intl/it/privacy/privacy-policy.html.
The information on personal data concerning Google Analytics services is available at the following URL: http://www.google.com/intl/en/analytics/privacyoverview.html.
FACEBOOK ADS/COOKIES PRIVACY POLICY: This policy explains how Facebook uses cookies and personal data. Except as otherwise stated in this policy, the Privacy Policy will apply to our processing of the data that we collect via cookies: https://www.facebook.com/privacy/policies/cookies/
BROWSING DATA: computer systems and procedures responsible for the correct functioning of the Platform Services automatically acquire, whilst operating, some Personal Data concerning the User's browsing history. For instance, within this category, the Company may find:
Data Voluntarily Provided by You
Data freely and optionally provided by you via email to any of the email addresses of the Company or via form submission, may be used for purposes communicated to you occasionally. Besides email addresses required to answer you, additional Personal Data included within any communication received by the Company via any medium, may be processed. Personal Data collected as such will be retained and processed solely for preservation and to send correspondence. This data will not be shared nor sold to 3rd parties.
The Company may use Personal Data for the following purposes:
Maintenance of the Website and the Platform Services, including monitoring the usage of the Website and Platform Services,
Execution of Contractual Terms: the development, compliance and undertaking of the purchase contract for the Product(s), items, or services you have purchased or any other contract with the Company through the Website or Platform Services.
Opportunity Sharing: sending news, special offers and general information about services and events that the Company offers, like those you have already used unless you have opted not to receive such information.
Request Fulfillment: To attend to and manage your requests within the Website and Platform Services.
Continuity of Service: the Company may use your information to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or another sale or transfer of some or all the Company assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Data held by the Company about the Website and the Platform Services Users is among the assets transferred.
Other Purposes: the Company may use your information for other purposes, such as data analysis, identifying usage trends, determining the effectiveness of the Website’s and Platform Services’ promotional campaigns, evaluating and improving the Website, Platform Services, Product(s), and services, marketing, and your experience.
The Company may share your Personal Data in the following situations:
The Company’s use of your Personal Data shall be in compliance with the DPA.
The Company will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy and in accordance with the DPA.
The Company will retain and use your Personal Data to the extent necessary to comply with the Company’s legal obligations (for example, if we are required to retain the Company’s Personal Data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.
The Company will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period, except when this Personal Data is used to strengthen the security or improve the Website's and the Platform Services’ functionality, or the Company is legally obligated to retain this data for longer periods.
The Company will retain your personal data on its Internal Servers, and/or with the Cloud or Hybrid Service Providers of its database or database service that will provide the safest and most stable data protection.
Your information, including Personal Data, is processed by the Company’s operating offices and in any other places where the parties involved in the processing are located. This information may be transferred to — and maintained on — computers outside your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.
Your consent to this Privacy Policy, followed by submission of such information, represents your agreement to that transfer.
The Company will take all steps reasonably necessary to ensure that your Personal Data is treated securely and following this Privacy Policy, and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place, including the security of your Personal Data and other personal information.
The Company agrees to transfer any of your Personal Data in accordance with the DPA.
Business Transactions
If the Company is involved in a merger, acquisition or asset sale, your Personal Data may be transferred. The Company will provide notice before your Personal Data is transferred and becomes subject to a different Privacy Policy.
Law Enforcement
Under certain circumstances, the Company may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).
Other Legal requirements
The Company may disclose your Personal Data in the good faith belief that such action is necessary to:
The Company’s Website and Platform Services do not address anyone under 18 (eighteen). The Company does not knowingly collect personally identifiable information from anyone under 18 (eighteen). If you are a parent or guardian and are aware that a child in your care has provided the Company with Personal Data, please get in touch with us immediately.
If the Company becomes aware that we have collected Personal Data from anyone under 18 (eighteen) without verification of parental consent, the Company takes steps to remove that Personal Data from our servers or/and any storage used by the Company.
If the Company needs to rely on consent as a legal basis for processing your information and your country requires consent from a parent, the Company may require your parent’s consent before the Company collects and uses that information.
You are not allowed to enter any information or open an Account for any individual under 18 (eighteen) years, and are fully responsible for such an act, and thereby indemnify the Company against any harm such information entered into the Website, the Platform Services, or shared in any other way by you may cause.
The Company takes all reasonable steps to protect information that is received from you from accidental or unlawful destruction, loss, alteration, and unauthorized disclosure or access. The Company has put in place appropriate physical, technical and administrative measures to safeguard and secure your information, and the Company makes use of privacy-enhancing technologies such as SSL and/or encryption. If you have any questions about the security of your personal information, you can contact us at [info(at)mevolife(dot)com].
LINKS TO OTHER WEBSITES
The Company’s Website may contain links to other websites not operated by us. You will be directed to that third party's website if you click on a third-party link. The Company strongly advises you to review every site's privacy policy.
The Company has no control over and assumes no responsibility for any third-party sites or services' content, privacy policies or practices.
CHANGES TO THIS PRIVACY POLICY
The Company may update the Policy from time to time. The Company is not obliged to notify you and any other third parties of any changes to the Policy on this page.
The Company has the right to update the Policy. The Company will let you and any other third parties know via updating the “Last Updated” date at the top of this Policy.
You and any other third parties are advised to review this Policy periodically for any changes. Changes to this Privacy Policy are effective when posted on this page.
GDPR NOTICE
The legal basis for processing your Personal Data is Art. 6 sec. 1 a) b), f) Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals about the processing of personal data and the free movement of such data and repealing Directive 95/46 / MI Laws UE.L.2016.119.1) (GDPR), where the legitimate interest of the Company is related to providing the Platform Services, and/or the Software for you.
Personal Data will be processed until an objection to data processing or termination is made, but no longer than 10 (ten) years.
You have the right to access, correct, delete, or restrict his or her Personal Data or object to the processing, as well as the right to transfer the Personal Data and complain to the supervisory authority.
In the case of obtaining data and processing them based on Art. 6 sec. 1-year a) GDPR – you have the right to withdraw consent at any time, without prejudice to the lawfulness of the processing carried out based on consent to its withdrawal.
Under the GDPR, the Company is a data controller for the Personal Data collected from all categories of data subjects listed above, with the following exceptions: the Company is a data processor of user logs, administrative user logs, and some account settings information. In addition, the Company is a data processor for any of the information provided by you through the Website or Platform Services that transit. Where the Company is a data processor, the Company processes data on your behalf under your data processing instructions.
INFORMATION FOR CALIFORNIA RESIDENTS
This section provides additional disclosures required by the California Consumer Privacy Act (or “CCPA”).
Please see the list of “Categories of Personal Information We Collect” above in this Policy for a list of the personal information the Company has the right to collect about California consumers in the last 12 (twelve) months, along with the Company business and commercial purposes and categories of third parties with whom this information may be shared. For more details about the personal information the Company collects, including the categories of sources, please see “Collecting and Using Personal Data”.
Categories of Personal Information We Collect
Internet or other electronic network activity, such as browsing behavior, information about your usage, and interactions with the Website, the Platform Services, and/or the Software.
Parties with Whom the Information May Be Shared
Third parties that provide services to the Company include those that assist us with Customer support, subscription and Order fulfillment, advertising measurement, communications and surveys, data analytics, fraud prevention, cloud storage, bug fix management and logging, and payment processing. The Company advertisers and marketing partners, help determine the popularity of the Content, deliver advertising and Content targeted to your interests and assist in better understanding your online activity.
Subject to certain limitations and exceptions, the CCPA provides California users with the right to request to know more details about the categories and specific pieces of personal information, to delete their personal information, to opt-out of any “sales” that may be occurring, and to not be discriminated against for exercising these rights.
The Company does not “sell” the personal information we collect (and will not sell it in the future without providing a right to opt-out). The Company does allow our advertising partners to collect certain device identifiers and electronic network activity via the Company Website or the Platform Services to show ads that are targeted to your interests on other platforms. To opt-out, you can adjust Device settings to limit ad tracking via the Website.
California Users may make a rights request by emailing us at [info(at)mevolife(dot)com]. The Company will verify your request by asking you to provide information that matches the information the Company has on file about you. You can also designate an authorized agent to exercise these rights on your behalf. Authorized agents should submit requests through the same channels, but the Company will require proof that the person is authorized to act on your behalf and may also still ask you to verify his/her identity with the Company directly.
If there is any conflict between the terms of this Privacy Policy and the DPA, the DPA shall govern.
HIPAA rules and regulations, if applicable, are defined in our Privacy Policies.
How We May Use or Disclose Your Health Information
Platform and the Merchants collect health information about you and store it in an electronic health record. The medical record is directly the Merchant’s property, but the information in the medical record belongs to you. The law permits us to use or disclose your health information for the following purposes:
1. Treatment: The Merchant uses medical information about you to provide your medical care or use it to provide the Services as best as possible. The Merchant discloses medical information to our employees and others who are involved in providing the care you need.
2. Payment: We use and disclose medical information about you to obtain payment for the services we provide. Only the Merchant is responsible for the protection of your medical information and shall act in accordance with HIPAA rules and regulations.
3. Health Care Operations: The Merchant may use and disclose medical information about you to operate this medical practice. We may use and disclose this information to review and improve the quality of care we provide or the competence and qualifications of our professional staff. Or we may use and disclose this information to get your health plan to authorize services or referrals. The Merchant may also use and disclose this information as necessary for medical reviews, legal services and audits, including fraud and abuse detection and compliance programs and business planning and management. The Merchant may also share your medical information with our "business associates," such as our billing service, who perform administrative services for us. We have a written contract with each of these business associates that contains terms requiring them and their subcontractors to protect the confidentiality and security of your protected health information. We may also share your information with other healthcare providers, healthcare clearinghouses or health plans that have a relationship with you when they request this information to help them with their quality assessment and improvement activities, their patient-safety activities, their population-based efforts to improve health or reduce health care costs, their protocol development, case management or care-coordination activities, their review of competence, qualifications and performance of health care professionals, their training programs, their accreditation, certification or licensing activities, or their health care fraud and abuse detection and compliance efforts.
4. Marketing: Provided we do not receive any payment for making these communications, we may contact you to give you information about products or services related to our Services, case management or care coordination or to direct or recommend other providers or settings of care that may be of interest to you.
5. Sale of Health Information: We will not sell your health information without your prior written authorization. The authorization will disclose that we will receive compensation for your health information if you authorize us to sell it, and we will stop any future sales of your information to the extent that you revoke that authorization.
6. Required by Law: As required by law, the Merchant will use and disclose your health information, but we will limit our use or disclosure to the relevant requirements of the law. When the law requires us to report abuse, neglect or domestic violence, or respond to judicial or administrative proceedings, or to law enforcement officials, we will further comply with the requirement set forth below concerning those activities.
7. Judicial and Administrative Proceedings: We may, and are sometimes required by law, to disclose your health information in the course of any administrative or judicial proceeding to the extent expressly authorized by a court or administrative order. We may also disclose information about you in response to a subpoena, discovery request or other lawful process if reasonable efforts have been made to notify you of the request and you have not objected or if a court or administrative order has resolved your objections.
8. Law Enforcement: We may, and are sometimes required by law, to disclose your health information to a law enforcement official for purposes such as identifying or locating a suspect, fugitive, material witness or missing person, complying with a court order, warrant, grand jury subpoena and other law enforcement purposes.
9. Public Safety: We may, and are sometimes required by law, to disclose your health information to appropriate persons in order to prevent or lessen a serious and imminent threat to the health or safety of a particular person or the general public.
10. Specialized Government Functions: We may disclose your health information for military or national security purposes or to correctional institutions or law enforcement officers who have you in their lawful custody.
11. Change of Ownership: In the event that our business is sold or merged with another organization, your health information/record will become the property of the new owner, although you will maintain the right to request that copies of your health information be transferred to another data processor.
12. Breach Notification: In the case of a breach of unsecured protected health information, we will notify you as required by law. If you have provided us with a current email address, we may use email to communicate information related to the breach. In some circumstances, our business associate may provide the notification. We may also provide notification by other methods as appropriate. [Note: Only use email notifications if you are certain they will not contain PHI and will not disclose inappropriate information. For example, if your email address is "digestivediseaseassociates.com" an e-mail sent with this address could, if intercepted, identify the patient and their condition.]
13. Fundraising: We may use or disclose your demographic information in order to contact you for our fundraising activities.
When We May Not Use or Disclose Your Health Information
Except as described in these Privacy Practices, we will, consistent with our legal obligations, not use or disclose health information that identifies you without your written authorization. If you do authorize us to use or disclose your health information for another purpose, you may revoke your authorization in writing at any time.
Your Health Information Rights
1. Right to Request Special Privacy Protections: You have the right to request restrictions on certain uses and disclosures of your health information by a written request specifying what information you want to limit and what limitations on our use or disclosure of that information you wish to have imposed. If you tell us not to disclose information to your commercial health plan concerning healthcare items or services for which you paid in full out-of-pocket, we will abide by your request unless we must disclose the information for treatment or legal reasons. We reserve the right to accept or reject any other request and will notify you of our decision.
2. Right to Request Confidential Communications: You have the right to request that you receive your health information in a specific way or at a specific location. For example, you may ask that we send information to a particular email account or to your work address. We will comply with all reasonable requests submitted in writing, which specify how or where you wish to receive these communications.
3. Right to Inspect and Copy: You have the right to inspect and copy your health information, with limited exceptions. To access your medical information, you must submit a written request detailing what information you want access to, whether you want to inspect it or get a copy of it, and if you want a copy, your preferred form and format. We will provide copies in your requested form and format if it is readily producible, or we will provide you with an alternative format you find acceptable, or if we can’t agree and we maintain the record in an electronic format, your choice of a readable electronic or hardcopy format. We will also send a copy to any other person you designate in writing. We will charge a reasonable fee which covers our costs for labor, supplies, postage, and, if requested and agreed to in advance, the cost of preparing an explanation or summary.
4. Right to Amend or Supplement: You have a right to request that we amend your health information that you believe is incorrect or incomplete. You must make a request to amend in writing and include the reasons you believe the information is inaccurate or incomplete. We are not required to change your health information and will provide you with information about our denial and how you can disagree with the denial. We may deny your request if we do not have the information if we did not create the information (unless the person or entity that created the information is no longer available to make the amendment), if you would not be permitted to inspect or copy the information at issue, or if the information is accurate and complete as is. If we deny your request, you may submit a written statement of your disagreement with that decision, and we may, in turn, prepare a written rebuttal. All information related to any request to amend will be maintained and disclosed in conjunction with any subsequent disclosure of the disputed information.
5. Right to a Paper or Electronic Copy of this Notice: You have a right to notice of our legal duties and privacy practices with respect to your health information, including a right to a paper copy of this Notice of Privacy Practices, even if you have previously requested its receipt by email.
Changes to this Notice
We reserve the right to amend this Notice of HIPAA at any time in the future. Until such amendment is made, we are required by law to comply with the terms of this Notice currently in effect. After an amendment is made, the revised Notice of HIPAA will apply to all protected health information that we maintain, regardless of when it was created or received. We will keep a copy of the current notice posted in our reception area, and a copy will be available at each appointment.
Complaints
Complaints about this Notice of HIPAA or how this medical practice handles your health information should be directed to our Privacy Officer at [info(at)mevolife(dot)com].
If you are not satisfied with the manner in which this office handles a complaint, you may submit a formal complaint to the local DHHS Office of Civil Rights at OCRMail@hhs.gov
The complaint form may be found at www.hhs.gov/ocr/privacy/hipaa/complaints/hipcomplaint.pdf.
You will not be penalized in any way for filing a complaint.
HIPAA Disclaimer
Only the Merchant is responsible for Processing and using your medical records according to this Privacy Policy and the DPA.
If you have an unresolved privacy or data use concern that the Company has not addressed satisfactorily, please contact us at [info(at)mevolife(dot)com].
If you have any questions about this Policy, you can contact us:
Email: [info(at)mevolife(dot)com].