Privacy Policy

Eight Investments Ltd., registered in Bulgaria, company number 204190944 (”we”, ”Healee”, ”us”), takes the privacy and security of your information very seriously.

We are committed to safekeeping all your personal data, including sensitive personal and health data.

Why do we process your personal data and who is responsible for it?

As regards staying compliant with the requirements of the private data protection laws (including, but not limited to, the General Data Protection Regulation (EU) 2016/679 (”GDPR”)), the legal entity responsible for protecting your private data, in its capacity of data administrator, is Eight Investments Ltd., registered in Bulgaria, company number 204190944 (”we”, ”Healee”, ”us”)

We deliver our services via the application, which is an online platform, allowing doctors (“Medical practitioners”) to communicate with you (“Patient” or “Patients”), in order to provide you with remote medical evaluations and online consultations, based on the condition history you report to Medical practitioners (“Services”)

The company is a data administrator, which processes data within the app, namely the data of its subscribes, both registered and anonymous, the medical practitioners and all remaining third persons, who do not fall within any of the above categories, but their data is processed within the app.

The medical practitioners process your data based on their professional knowledge and qualifications. They are data administrators with respect to the communication and consultations they provide to Healee users, insofar as they process patient data independently from us, based on a contract (??) with the Patient for a medical consultation/evaluation, define data volumes to be processed and how data is processed. We are not responsible for how your data is processed by the Medical practitioners, as they are the ones who determine what data to request from you and how to process the data while providing their services.

What personal data we collect

Data you provide

When using Healee, you may choose to not sign up and remain anonymous, or sign up by creating an account.

If you decide to use Healee without signing up, you will not be required to enter your email address, or any other personal information that could potentially identify you.

If you decide to sign up and create an account, you will be asked to provide an email address. Alternatively, you can choose to log in using a social account, such as Google or Facebook.

In either case, we do not have access to the email address or the social account id, as they are always store encrypted on our servers (see ”Where and how we store your data”).

Profile data

You may choose to add to your profile the following data:

  1. Names
  2. Year of birth
  3. Gender
  4. Hair and eye colour

Health data

You may choose to enter in the app the following health and medical data:

  1. Vital signs (body temperature, blood pressure, heart rate, respiratory rate, blood glucose)
  2. Body measurements
  3. Blood type
  4. Health conditions
  5. Symtpoms
  6. Treatments and medications
  7. Allergies
  8. Laboratory tests and results
  9. Images
  10. Written information (messages) you exchange with doctors

Debit/Credit Card information

This information is needed when and if you decide to pay for any of our services.

The following rules apply to the data you provide:

  1. You can change, update or delete any data you have entered in Healee. Once deleted, all data is removed permanently. This is valid for all types of data mentioned above.
  2. We do not have access to your email address. We also do not have access to the images and messages you exchange with doctors. All this data is stored encrypted on our servers and apart from you, only doctors have access to it (see ”Where and how we store your data”).
  3. We do not store any credit or debit card information. This information is maintained and payments are processed by a third party payment provider, in compliance with the payment card industry security standard.

Health data

You may choose to enter in the app the following health and medical data:

  1. Vital signs (body temperature, blood pressure, heart rate, respiratory rate, blood glucose)
  2. Height
  3. Weight

We will handle the information we import from Apple HealthKit in accordance with this Privacy Policy.

If you choose to upload a photo/video recording in the application, it is possible that we request access to the camera and/or microphone of your device. You will be explicitly asked if you allow this option. If you choose to grant the application access, the data will be used solely for the purpose and duration of the respective action (e.g., photo upload).

Child data

As a rule, we do not process child data. It is possible for the parent or custodian of the child to use the application for getting a medical consultation for the child. In this case, the data of the child is processed based on the consent given by the parent/custodian.

Do we share your personal data with anyone?

Information we may disclose to 3rd parties

  1. With our doctors, in order for them to be able to provide our services to you
  2. With other companies and organisations, if we are legally bound to do so, as part of fraud protection and credit risk reduction efforts
  3. With tax authorities and other government institutions in cases of inspections and audits, as well as with partners of the Company (e.g., a company carrying out an independent financial audit or lawyers establishing and exercising and legal claims.

Information you may share with 3rd parties

If you so desire, Healee enables you to share all or part of your data with 3rd parties, by providing them with a dedicated link that leads to and visualises the specific data you have shared. Such 3rd parties may be:

  1. your personal doctor, or any other doctor who is not on our team and with whom you may want to share data, for consultative/diagnostic/treatment purposes
  2. other people with whom you may want to share some of your personal and/or heath information. For example, users of a web forum dedicated to the condition you have, whom you may want to ask for advice/opinion

You set the parameters of the data share - precisely what type information it contains, for what time period. For example, you can share all your health data you have entered over the last three months. You can deactivate a data share at any time, thus revoking access for all parties you have sent it to.

How we may use your data

  1. To facilitate the access of the Practitioners to the relevant information related to the provision of their services
  2. To process your payment for the services we have provided to you
  3. To notify you in case we change or update the software and the associated infrastructure
  4. To administer our systems and troubleshoot potential problems
  5. To let you know about new features we think might be useful to you
  6. For analysis and business intelligence purposes, new product development, system and performance improvement efforts

Where and how we store your data

We do not store your data on your device. All of your personal and health data is stored on secure servers in the US.

We do not store any credit or debit card information. This information is maintained and payments are processed by a third party payment provider, in compliance with the payment card industry security standard.

All your data transmitted between your device and our servers is encrypted using Secure Socket Layers (SSL) technology.

All sensitive personal data that can potentially identify you, such as email address, images and messages, is encrypted not only before being transmitted, but on our servers too.

We store your data for a period of two years after your last activity in the application.

Legal grounds for processing your data

We process your data for the purposes described above, based on your consent, and you voluntarily download and use the application, and upload data in it.

Your explicit consent is legal grounds for processing the special categories of data we are processing, namely – information about your health condition. Although we do not see this information, as it is only accessible by you and the Medical practitioner you have chosen, we process this information in the application, in an encrypted form, so that the purpose of the application can be fulfilled.

We process the data for the purposes of business analysis and intelligence, development of new products, enhancement of systems and parameters, based on our legitimate interest and objective to constantly improve and develop our products.

Transfer of personal data

Your personal data will be gathered, stored, processed, revealed and destroyed in compliance with EU law, the Terms and Conditions and this Privacy policy.

The data may be stored in servers outside of your local jurisdiction.

Transferring of data outside of the European Economic Area (EU, Norway, Iceland and Liechtenstein) is performed solely in case all necessary data protection measures have been taken, according to the General Data Protection Regulation (EU) 2016/679.

Your rights

You have the right to request access to the information we are processing, to request that we delete it, correct any errors in your data, limit the processing of your data, to object to processing of your data, as well as to exercise your right to export and transfer your data.

You can exercise the following rights directly from within the application:

  • delete your data from within “Settings”, “Account data”, “Delete your account”. Please, note that deleting the application from your device does not delete your account and the data within
  • correct your data by directly editing the information in the Profile section of the application
  • export your data from within “Settings”, “Account data”, “Export”
  • access your data, which has been made possible by accessing your profile in the application
  • using the Send feedback option, you can also exercise other rights

You can also exercise your rights by contacting us at support@healee.com

You can withdraw at any time the consent based on which we process your data, without this withdrawal affecting the legality of the processing carried out with your consent up to the withdrawal. You can exercise your right to withdraw your consent by deleting your profile data or your account.

Your personal data are not subject to automated decision making, including profiling.

You have the right to file a complaint about how we process your data, with the Bulgarian Personal Data Protection Commission (PDPC), or you can contact us at support@healee.com, to get more information regarding your complaints.

Changes to Privacy Policy

We have the right to change this Privacy Policy at any time, without prior notice. You will be notified of any such changes upon next login in the platform.