Privacy Policy
1. INTRODUCTION
Welcome to the Wellx. Our registered users share their identity, health data, and their wearable devices to improve their health & get access to their insurance benefits.
This Privacy Policy applies to Wellx App on Android and iOS devices.
2. DATA WE COLLECT
Personal Information:
At Wellx, we ask for following personal informations from the users for account creation and validation purposes: name, work email, and phone number. We require this to validate if the user is employee of our client businesses.
Health Data:
As wellness and insurance company, we request access to user's health data, including BMI, height, weight, steps, activity, and sleep. We log this data to personalize Wellx experience for our members and improve their health.
Wearable Devices:
Fitness tracking device or mobile smartphone collects data to estimate a variety of metrics like your steps, distance traveled and active minutes moved. Not every device tracks every one of these metrics. The data collected varies depending on the device you use. When your device syncs with our applications and software, data recorded on your device is transferred from your device or device app to our service.
When you pair your device to your account, you grant us access to your exercise or activity data from that device service. You can use your account settings and tools to withdraw this consent at any time by stopping use of a feature, removing our access to a third-party service, unpairing your device, or deleting your data or your account.
3. DATA ACCESS
At Wellx, we prioritize the privacy and security of your personal information. We only access, process, and share your data as necessary to deliver our services and benefits. Here's how your data may be accessed:
No Selling or Marketing Sharing
We do not sell, rent, or share your information with third parties for their own direct marketing purposes.Employer and Insurance Partner Access
If you are enrolled in Wellx through a corporate wellness or insurance program, your employer and/or their insurance provider (our partner) may be given access to certain health and activity data. This access is strictly limited to the administration, monitoring, and improvement of your wellness and insurance benefits.
Access is granted only where:There is a valid agreement between Wellx and your employer and/or their insurance provider, and
You have consented by registering for Wellx through that program.
Third-Party Service Providers
We may engage third-party vendors to support our platform (e.g., cloud hosting, analytics). These vendors only receive the minimum necessary data and are contractually required to:Keep your data secure,
Process it solely for the purposes we specify,
Not use it for their own benefit or marketing.
Legal Disclosures
We may disclose your data where required by law (e.g., court orders or legal obligations), or to prevent fraud or serious harm.Withdrawing Consent
You can withdraw consent at any time by changing your device permissions, unpairing your wearable, adjusting your account settings, or deleting your account. After withdrawal, data sharing with employers or insurance partners will cease, though previously shared data may remain in use for legitimate purposes unless deletion is specifically requested
4. DATA SECURITY
At Wellx , we take the security and privacy of our users' data seriously. User's information is stored on highly secure servers hosted by Amazon Web Services (AWS) in the United Arab Emirates (UAE). Here's how we ensure the safety of our users' data:
Secure Infrastructure: Our servers are safeguarded by robust encryption protocols, ensuring that the data remains confidential and protected from unauthorized access.
AWS Security Measures: AWS provides state-of-the-art security features, including network firewalls, data encryption at rest and in transit, and regular security audits and monitoring to detect and prevent potential threats.
PostgreSQL Database: Our user data is stored in a PostgreSQL database, known for its reliability, performance, and security features. We follow best practices for database security, including access control, data encryption, and regular backups to prevent data loss.
Compliance: We adhere to industry standards and regulations to safeguard our user's data, including GDPR (General Data Protection Regulation) and local data protection laws in the UAE.
Continuous Monitoring and Updates: Our team regularly monitors our systems for any security vulnerabilities and applies updates and patches promptly to ensure ongoing protection
Privacy Matters: We respect privacy of our users and only collect and store data that is necessary for providing our services. We do not share personal information with third parties without consent.