fbpx
CP_horizontal

Privacy Policy

Last updated: 27 November 2023

1. Introduction

Welcome to CoughPro, a mobile application, and www.coughpro.com, a website, provided by Hyfe Inc (hereafter “Hyfe”). This Privacy Policy is designed to help you understand how we collect, use, disclose, and safeguard your information when you use our services (“Services”), such as when you:

- Visit our website https://www.coughpro.com, or any website of ours that links to this privacy notice by using our app and/or website, you agree to the terms outlined in this policy
- Download and use our mobile application (CoughPro), or any application of ours that links to this privacy notice
- Engage with us in other related ways, including any sales, marketing, or events


Reading this privacy notice will help you understand your privacy rights and choices. If you do not agree without policies and practices, please do not use our Services. If you still have any questions or concerns, please contact us at privacy@coughrpo.com.


2. Information we collect

2.1 Personal information:

In short: We may collect and process the following types of personal information:
- Contact details (e.g., name, email address)
- Account information (e.g., username, password)
- Payment information (e.g., debit/credit card details, billing address)
- Contact preferences (e.g., via email, chat, or sms)

Sensitive information: We do not process sensitive information.

Payment Data: We may collect data necessary to process your payment if you make purchases, such as your payment instrument (e.g., credit card) number, and the security code associated with your payment instrument. All payment data is stored by Stripe and RevenueCat. You may find their privacy notice links here: https://stripe.com/en-ca/privacy and https://www.revenucat.com/privacy/.

2.2 Usage Data: We may collect information about how you interact with our app and website, including:

- Device information (e.g., device type, platform, operating system, version information, browser type and version). We collect device data such as information about your computer, phone, tablet, or other device you use to access the Services. Depending on the device used, this device data may include information such as your IP address (or proxy server), device and application identification numbers, location, browser type, hardwar model, internet service provider and/or mobile carrier, operating system, and system configuration information.

- Log and usage data (e.g., IP address, access times): Log and usage data is service-related, diagnostic, usage, and performance information our servers automatically collect when you access or use our Services and which we record in log files. These files may include your IP address, device information, browser type, and settings and information about your activity in the Services (such as the date/time stamps associated with your usage, pages and files viewed, searches, and other actions you take such as which features you use), device event information (such as system activity, error reports, sometimes called “crash dumps,” and hardware settings).

- Location information: We may request access or permission to track location-based information from your mobile device, either continuously or while you are using the mobile app, to provide certain location-based services, such as syncing your cough data with your timezone. If you wish to change our access or permissions, you may do so in your device’s settings.

- Cough data: Coughs are logged and time of each cough is collected and recorded in order to create rate and pattern statistics and offer insights.

- Push notifications (We may request to send you push notifications regarding your account or certain features of the application. If you wish to opt out from receiving these types of communications, you may turn them off in your device’s settings.)

3. How we use your information

We use your personal information for the following purposes:

- To facilitate account creation and authentication and otherwise manage user accounts. We may process your information so you can create and log in to your account, as well as keep your account in working order.
- To provide and maintain the app and website so that we can deliver Services to the user. We may process your information to provide you with the requested Services.
- To respond to user inquiries and offer support to users. We may process your information to respond to your inquiries and solve any potential issues you might have with the requested Services.
- To request feedback. We may process your information to request feedback and to contact you about your use of our Services.
- To improve and customize our Services. We may process your information in order to understand usage patterns and user preferences in order to make improvements to our Services and to offer customized Services that meet individual users’ needs.
- To send you updates, communications, and promotional offers. We may process your information to send you details about our products and services, changes to our terms and policies, and any price or feature offers that you may choose to select or not.
- To compile usage analytics and for reporting purposes. We may process your information to enable us to understand how users are accessing Services so that we may improve our offering.
- To enable user-to-user
- communications: We may process your information if you choose to use any of our offerings that allow for communication with another user.
-To determine the effectiveness of our marketing and promotional efforts. We may process your information to better understand how to provide marketing and promotional campaigns that are relevant to users.
-To save or protect an individual’s vital interest. We may process your information when necessary to save or protect an individual’s vital interest, such as to prevent harm.

4. The legal bases we rely on to process your information

In short: We only process your personal information when we believe it is necessary and we have a valid legal reason (legal basis) to do us under applicable law, like with your consent, to comply with laws, to provide you with services to enter into or fulfill our contractual obligations, to protect your rights, or to fulfill our legitimate business interests.

If you are located in the EU or UK, this section applies to you:

The General Data Protection Regulation (GDPR) and UK GDPR require us to explain the valid legal bases we rely on in order to process your personal information. As such, we may rely on the following legal bases to process your personal information:


- Consent. We may process your information if you have given us permission (i.e., consent) to use your personal information for a specific purpose. You can withdraw your consent at any time. Learn more about withdrawing your consent.

- Performance of a Contract. We may process your information when we believe it is reasonably necessary to achieve our legitimate business purposes and those purposes do not outweigh your interests and fundamental rights and freedoms. For example, we may process your personal information for some of the purposes described in order to:

   - Analyze how our Services are used so we can improve them to engage and retain users
   - Support our marketing efforts
   - Diagnose problems and/or prevent fraudulent activities
   - Understand how our users use our products and services to we can improve user experience

- Legal Obligations. We may process your information where we believe it is necessary to compliance with our legal obligations, such as to cooperate with a law enforcement body or regulatory agency, exercise or defend our legal rights, or disclose your information as evidence in litigation in which we are involved.

- Vital interests. We may process your information where we believe it is necessary to protect your vital interest or the vital interests of a third party, such as situations involving potential threats to the safety of any person.

In legal terms, we are generally the “data controller” under European data protection laws of the personal information described in this privacy notice, since we determine the means and/or purposes of the data processing we perform.

If you are located in Canada, this section applies to you:

We may process your information if you have given us specific permission (i.e., express consent) to use your personal information for a specific purpose, or in situations where your permission can be inferred (i.e., implied consent). You can withdraw your consent at any time.


In some exceptional cases, we may be legally permitted under applicable law to process your information without your consent, including, for example:

- Consent Implied by the Nature of the Transaction:
In some cases, if the collection, use, or disclosure of personal information is necessary to fulfill a transaction or provide a service that an individual has requested, consent may be implied.

- Legal Requirements:
Processing personal information without consent may be permitted if it is required by law. For example, if there is a legal obligation to collect or disclose certain information, organizations may be exempt from obtaining explicit consent.

- Safeguarding Life, Health, or Security:
Personal information may be processed without consent if it is necessary to protect an individual's life, health, or security. This exception is typically interpreted narrowly.

- Investigations and Legal Proceedings:
Organizations may be allowed to process personal information without consent for the purpose of conducting investigations or participating in legal proceedings.

- Business Transactions:
In the context of business transactions, such as mergers or acquisitions, personal information may be transferred without consent if certain conditions are met, and the information is used for the purpose for which it was collected.

5. Data sharing and disclosure

In short: We may share information in specific situations described in this section and/or with the following categories of third parties.

Vendors, Consultants, and Other Third-Party Service Providers

We may share your data with third-party vendors, service providers, contractors or agents (“third parties”) who perform services for us or on our behalf and require access to such information to do that work. We have contracts in place with our third parties, which are designed to safeguard your personal information. This means that they cannot do anything with your personal information unless we have instructed them to do it. They will also not share your personal information with any organization apart from us. They also commit to protect the data they hold on our behalf and to retain it for the period we instruct.

These third parties may include the following categories of service provider:

- Cloud computing services
- Data analytics services
- Data storage service providers
- Payment processors
- Performance monitoring tools
- Testing tools
- Sales & Marketing tools

6. Cookies and other tracking technologies

In short: We may use cookies and other tracking technologies to collect and store your information.

Web Cookies
A “Web Cookie” is a string of information which assigns you a unique identification that a website stores on a user’s computer, and that the user’s browser provides to the website each time the user submits a query to the website. We use cookies on the website to keep track of services you have used, to record registration information regarding your login name and password, to record your user preferences, to keep you logged into the Website and to facilitate purchase procedures. Hyfe also uses Web Cookies to track the pages that users visit during each website session, both to help us improve users’ experiences and to help us understand how the Website is being used. As with other Non-Personally-Identifying Information gathered from users of the Website, Hyfe analyzes and discloses in aggregated form information gathered using Web Cookies, so as to help Hyfe, its partners and others better understand how the Website is being used. Website users who do not wish to have web cookies placed on their computers should set their browsers to refuse web cookies before accessing the website, with the understanding that certain features of the website may not function properly without the aid of web cookies. Website users who refuse web cookies assume all responsibility for any resulting loss of functionality.

7. Information transferred internationally

In short: We may transfer, store, and process your information in countries other than your own.
Our servers are located in the United States. If you are accessing our Services from outside the United States, please be aware that your information may be transferred to, storred, and processed by us in our facilities and by those third parties with whom we may share your personal information, in the United States and other countries.

If you are a resident of the European Economic Area (EEA), United Kingdom (UK), or Switzerland, then these countries may not necessarily have data protection laws or other similar laws as comprehensive as those in your country. However, we will take all necessary measures to protect our personal information in accordance with this privacy notice and applicable law.

European Commission’s Standard Contractual Clauses:

We have implemented measures to protect your personal information, including by using the European Commission’s Standard Contractual Clauses for transfers of personal information within our company and between us and our third-party providers. These clauses require all recipients to protect all personal information that they process originating from the EEA or UK in accordance with European data protection laws and regulations. Our Standard Contractual Clauses can be provided upon request. We have implemented similar appropriate safeguards with our third-party service providers and partners and further details can be provided upon request.

8. How long we keep your information

In short: We keep your information for as long as necessary to fulfill the purposes outlined in the privacy notice unless otherwise required by law.

We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy notice, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements). No purpose in this notice will require us to keep your personal information for longer than twelve (12) months past the termination of your user account.
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion or anonymization is possible.

9. How we keep your information safe

In short: We aim to protect your personal information through a system of organizational and technical security measures.
We have implemented appropriate and reasonable technical and organizational security measures designed to protect the security of any personal information we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. Although we will do our best to protect your personal information, transmission of personal information to and from our Services is at your own risk. You should only access the Services in a secure environment.

10. Collection of information from minors

In short: We do not knowingly collect data from or market to children under 18 years of age.
We do not knowingly solicit data from or market to children under 18 years of age. By using the Services, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor dependent’s use of the Services. If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we may have collected from children under age 18, please contact us at privacy@coughpro.com.

11. Your security rights

In short: In some regions (like the EEA, UK, Switzerland, and Canada), you have certain rights under applicable data protection laws. These may include the right:
- To request access and obtain a copy of your personal information
- To request rectification or erasure
- To restrict the processing of your personal information
- If applicable, to data portability
- To not be subject to automated decision-making

In certain circumstances, you may also have the right to object to the processing of your personal information. You can make such a request by contacting us using the contact details provided in the section “Contact us about this notice,” below.

We will consider and act upon any request in accordance with applicable data protection laws.

If you are located in the EEA or UK and you believe we are unlawfully processing your personal information, you also have the right to complain to your Member State data protection authority or UK data protection authority.

Withdrawing your consent: If we are relying on your consent to process your personal information, which may be express and/or implied consent depending on the applicable law, you have the right to withdraw your consent at any time. You can withdraw your consent at any time by contacting us by using the contact details provided in the section, “Contact us about this notice,” below.

Opting out of marketing and promotional communications: You can unsubscribe from our marketing and promotional communications at any time by clicking on the unsubscribe button in our emails, or by contacting us using the details provided in the section, “Contact us about this notice,” below. You will then be removed from the marketing lists. However, we may still communicate with you to, for example, send you service-related messages that are necessary for the administration of your account, to respond to service requests, or for other non-marketing purposes.

Account information: If you would at any time like to review or change the information in your account or to terminate your account, you can log into your account settings and update your user account. Upon your request to terminate your account, we will deactivate or delete your account and information from our active databases. However, we may retain some information for our files to prevent fraud, troubleshoot problems, assist with any investigations, enforce our legal terms and/or comply with applicable legal requirements.

12. Controls for Do-Not-Track features

Most web browsers and some mobile operating systems include a Do-Not-Track (“DNT”) feature or setting you can activate or signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage, no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this privacy notice.

13. Other regions that may have specific privacy rights

In short: You may have additional rights based on the country you reside in.

Australia and New Zealand

We collect and process your personal information under the obligations and conditions set by Australia’s Privacy Act of 1988 and New Zealand’s Privacy Act 2020 (Privacy Act).

This privacy notice satisfies the notice requirements defined in both Privacy Acts, in particular: what personal information we collect from you, from which sources, for which purposes, and other recipients of your personal information.

If you do not wish to provide the personal information necessary to fulfill their applicable purpose, it may affect our ability to provide our Services, in particular:

- Offer the products or services that you want
- Respond to or help with your requests
- Manage your account
- Confirm your identity and protect your account

At any time you have the right to request access to or correction of your personal information. You can make such a request by contacting us using the contact details in the section “Contact us about this notice,” below.

If you believe that we are unlawfully processing your personal information, you have the right to submit a complaint about a breach of the Australian Privacy Principles to the Office of the Australian Information Commissioner and a breach of New Zealand’s Privacy Principles to the Office of New Zealand Privacy Commissioner.

14. Updates to this notice

In short: We may occasionally update this notice as needed to comply with relevant laws.

We may update this privacy notice from time to time. The updated version will be indicated by an updated “Revised” date and the updated version will be effective as soon as it is accessible. If we make material changes to this privacy notice, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this privacy notice regularly to stay informed about how we are protecting your information.

15. Contact us about this notice

If you have questions or comments about this notice, you may contact our Data Protection Officer (DPO), Paul Rieger, by email at privacy@coughpro.com. Or contact us by post at 8039 Crossbow Landing, Graniteville, SC 29829, USA.
If you are a resident in the EEA or Switzerland, we are the “data controller” of your personal information. We have appointed Adam Brogden to be our representative in the EEA and Switzerland. You can contact him directly regarding our processing of your information by email at contact@gdprlocal.com, by visiting https://hyfeinc.gdprlocal.com/eu or by phone at +353 15549700, or by post at:
2 12A Lower Main Street
Dublin, Lucan Co K78 X5P8
Ireland

If you are a resident of the United Kingdom, we are the “data controller” of your personal information. We have appointed Adam Brogden to be our representative in the UK. You can contact him directly regarding our processing of your information by email at contact@gdprlocal.com, by visiting https://hyfeinc.gdprlocal.com/uk or by phone at +441 772217800, or by post at:
1st Floor Front Suite
27-29 North Street
Brighton, East Sussex BN1 1EB
England

If you have any further questions or comments, you may also contact us by post at the following corporate address:

Attn: Privacy Officer
Hyfe Inc.
1209 Orange Street
Wilmington, DE 19801
USA

16. Reviewing, updating, or deleting the data we collect from you

You have the right to request access to the personal information we collect from you, change that information, or delete it. To request such action, please email us at privacy@coughpro.com.

CP_horizontal
© 2024 All Rights Reserved.