Last Updated: October 26, 2018 / V2.0
1. Name and address of the controller
We are controller within the meaning of the GDPR, who determines the purposes and means of processing personal data. All contact addresses can be found at https://www.avawomen.com/about/. If you have any questions regarding data protection, please do not hesitate to contact us:
Switzerland (Company No. CHE-194.144.871)
Our data protection coordinator (currently Naemi Benz) can also be reached via the following contact details:
E-mail address: firstname.lastname@example.org
Ava is supervised by the following regulatory authorities:
For Switzerland/EU/EFTA: Swissmedic, Hallerstrasse 7, CH-3000 Bern
For the United States of America: U.S. Food and Drug Administration, 10903 New Hampshire Avenue, Silver Spring, MD 20993.
2. Information We Collect.
Ava’s Products enable customers (the “User” or “you”) to track their fertility for purposes of conception, or certain non-medical insights during pregnancy. When providing these Products, Ava collects both personally identifiable information (“PII”), which can be used to identify an individual user, and non-personally identifiable information (“non-PII”), as set forth below.
a. Information you provide to us directly
- Purchase: You can browse the Site without providing your identity or data, and we collect PII only if you voluntarily provide it to us. If you choose to buy a Product on our Site, we require you to provide various PII, such as your e-mail address, first name, last name, and credit card information including the zip code and cv number. You may also provide Ava with certain optional information at your sole discretion. This information is used to enable Ava to provide you with access to certain areas of the Site, to personalize and to communicate with you about the Services.
- Account and Device Activation: When you activate your Device, you will be asked to download the App and create an account, where you enter information about yourself, such as username, password and e-mail address, first name, gender, age, menstrual cycle, height, weight, fertility history and other information generally affecting conception and your fertility. We use this information to personalize your data and to be able to provide services, such as informational emails about the product purchased.
- Fertility Information: The Device is intended to be worn at night. When worn, the Device collects data on key physiological parameters such as skin temperature, resting pulse, breathing rate, etc. (collectively “Fertility Information” or “FI”). The Device synchronizes the collected FI recorded with the App on your mobile device using a wireless Bluetooth connection, and the FI is then stored on servers operated by a third party service provider on behalf of Ava. This FI is stored and used to provide the Services of our Products and is associated with your account. Each time a synchronization occurs, the Device logs data about the transmission. Some examples of the log data are the sync time and date, device battery level, and the IP address used when syncing.
- Communication: We collect communications between you and Ava, such as services related emails regarding account management, notices regarding technical issues or changes to the Products, some of which you cannot opt out. Personal correspondence, such as emails or letters, or third party correspondence about you may go into a file specific to you will only be stored for as long as it is necessary for the execution of the contractual relationship between you and us.
- Product satisfaction data: We collect data on your satisfaction with the Products. Such data will be processed to analyze user satisfaction and to improve our Products. Such data will only be stored for as long as it is necessary for the purpose the data was obtained for.
b. Other information collected
- Traffic data: When you use the Site and the App, Ava collects information about that visit (known as “Traffic Data”). Traffic Data is stored as anonymous, aggregate and non-PII data. Traffic Data is not stored together with other PII of the user.
Such Traffic Data includes Device information, location information, and web navigational data, subject to the permissions you have granted. This information is compiled and analyzed for marketing purposes, to measure traffic and usage trends for the Products so we can enhance your experience during a Product purchase and use.
- Log files: Ava gathers certain information automatically and stores it in log files. This information may include internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, URLs, operating system, date/time stamp, and/or clickstream data (collectively, “Log Files”). The temporary storage of the Log Files by the system is necessary to enable delivery of the Site to your computer and to ensure the functionality of the Site. Ava may combine this automatically-collected log information with other information we collect about you. We do this to improve marketing, analytics, and site functionality. The Log Files will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. In the case of the collection of data for the purpose of providing the Site, data will be deleted when the session in question has ended. A storage going beyond this is possible.
- Newsletter: You can subscribe to a free Newsletter on the Site. We use third party providers for the dispatch and administration of Newsletters. When you register for the Newsletter, your personal data, such as name and e-mail address, will be transmitted to the third party provider. In addition, the third party provider saves the date and time of registration for the newsletter in log files and can also collect further information that is not known to us.
Your consent to the processing of the data will be obtained before or during registration and reference will be made to this data protection declaration. The data will be used exclusively for the dispatch of the Newsletter. The data is deleted as soon as it is no longer required for the purpose of its collection. Your e-mail address will therefore be stored as long as the Newsletter subscription is active. The subscription of the Newsletter can be cancelled by you at any time. For this purpose, there is a corresponding link in every Newsletter. This also enables the withdrawal of the consent to the storage of personal data collected during the registration process.
- Device identifiers: In the course of using a mobile device like a tablet or phone to access our Products, we may access, collect, monitor, store on your device, and/or remotely store one or more “device identifiers.” Device identifiers are small data files or similar data structures stored on or associated with your mobile device, which uniquely identify your mobile device. A device identifier may be data stored in connection with the device hardware, data stored in connection with the device’s operating system or other software, or data sent to the device by Ava. A device identifier may deliver information to us or to a third party partner about how you browse and use Products and may help us or others provide reports or personalized content or ads, if applicable. Some features of the Products may not function properly if use or availability of device identifiers is impaired or disabled.
- Information from third parties: Ava reserves the right to receive from time to time information about you and your activities on the App from third party service providers, including without limitation advertising companies, which can include aggregated non-PII information.
3. How We Use Your Information and Legal Basis.
Furthermore, we use Traffic Data, as far as permitted and necessary, to learn more about your use of the Site and App and to improve the quality of the content and functionality of the Site and App, as well as to target our offerings to the people most interested in them based on their use of the Site. The collected PII enables Ava to help you efficiently access your information after you sign in, to provide personalized content and information to you and others, and to develop and test new products and features. We use non-PII to monitor metrics such as total number of visitors, traffic, and demographic patterns, or to diagnose or fix technology problems.
If you have given your consent to the processing of your PII for certain purposes, we will process your PII within the scope of and based on this consent, insofar as we have no other legal basis and we require such a basis. A given consent can be revoked for the future at any time.
4. Confidentiality and Sharing Your Information.
As part of our business activities, we may disclose your PII to third parties (as listed below) in Switzerland, the EU or other countries for the purposes set out above and where appropriate. If we transfer data to a country without adequate legal data protection, we ensure an adequate level of protection by means of data transfer agreements (namely on the basis of the so-called standard contractual clauses of the European Commission) or rely on an alternative legal basis for processing such as contract and mandate processing, the establishment, exercise or enforcement of legal claims, overriding public interests, published personal data or because it is necessary to protect the integrity of data subjects.
a. Third party service providers
Ava may hire other companies to perform certain business-related functions, such as maintaining databases, sending email messages, offering and developing certain features of the Products, conducting research and analytics, and maintenance and security. When we employ another company to perform a function of this nature, we only provide them with the personal information that they need to perform their specific function. We may also share non-PII, aggregated or anonymized information without restriction.
b. Third party coaching services
Each Product available for purchase consists of different bundles.
Certain bundles provide you with a defined amount of time (“Minutes”) for an individual consultation with an Ava-certified, independent fertility coach (“Coach”). In case you make use of such consultations, you consent that PII such as your name and email address will be shared with, and only with, the specific Ava-certified coach you will consult with. Solely PII that the coaches need to perform their specific services will be shared with them. Under no circumstances FI collected by the Device will be shared. Any other PII that you disclose in a consultation with the Ava-certified coach remains completely confidential between you and the coach. A given consent can be revoked for the future at any time.
c. Third party advertisers
d. Legal requirements
Ava may disclose any collected data if required to do so by law or in the good faith belief that such action is necessary to (i) comply with a legal obligation or assist government enforcement agencies, (ii) in case of legal proceedings protect and defend the rights or property of Ava or other Users, (iii) protect against legal liability; or (iv) protect the security or integrity of the Services. This may include responding to legal requests from other jurisdictions where we have a good faith belief that the response is required by law in that jurisdiction, affects users in that jurisdiction, and is consistent with internationally recognized standards.
e. Merger and acquisitions; bankruptcy
Your PII may be provided to a party if Ava files for bankruptcy, or there is a transfer of the assets or ownership of Ava in connection with proposed or consummated corporate reorganizations, such as mergers, acquisitions or other change of control. We will ensure that the information-receiving party will be bound to the same level of confidentiality protection as Ava and will handle your personal information with the same level of care as Ava. You will continue to own your FI.
5. How We Process and Store Your Information.
Ava has technical, organizational and physical safeguards in place to help protect against unauthorized access to use or disclose user data we maintain. Under our security practices and policies, access to personally identifiable information is authorized only for those who have a business need for such access.
We work hard to protect personal data that we collect and store. If you become aware of any unauthorized attempt to access, use or disclose personal data, please email us immediately. We will work relentlessly to address any problems. You are solely responsible for maintaining the confidentiality of any ID or password used for accessing the Services, and you are solely and fully responsible for all activities that occur under your password or account. Ava has no control over the use of an account and expressly disclaims any liability derived therefrom. Should you become aware that any unauthorized party may be using your password or account, please notify us promptly.
b. Storing and processing your information / International Data Transfers
Your information is stored and processed on servers located in the United States or Europe, either by us or by a third party acting on behalf of Ava such as Amazon Web Services, or in any other country in which Ava or its service providers may operate. In those circumstances, we as Data Controller ensure that we have the necessary safeguards in place for any international transfers outside the EU and Switzerland. Information may also be stored locally on the devices you use to access the Services.
6. Updating Your Information and Opting Out.
a. Changing or deleting your account information
You can access, review and change your profile and data that you have provided to Ava by logging into the App and entering in the new information yourself. Logging into the App will also allow you to delete the account. You must promptly update your personal information if it changes or is inaccurate. In the event of the death of an Ava User, please contact us. We will usually conduct our communication via email; should we require any other information, we will contact you at the email address you have provided in your request.
b. Opting out
You may opt out of receiving electronic communications from us or from our partners that you consented to recieve communication from, by following the instructions in those emails, i.e., by clicking on the “unsubscribe link” provided in such communications. As noted above, you cannot opt out of certain communication, such as non-promotional emails regarding your account, payment, and/or concerning the error free use of the Ava Product or Services. Our Service may also deliver notifications to your phone or mobile device. You can disable these notifications by changing the settings on your mobile device.
c. How long we keep your personal information
The PII collected by us will only be stored for as long as it is necessary for the execution of our Services or the other purposes pursued with the processing and/or a legal obligation to store and document or a predominant private or public interest exists. As soon as the PII collected by us are no longer required for the above-mentioned purposes, they will be deleted or anonymized as far as possible. Non-PII information gathered, compiled or analyzed by Ava in connection with its performance of the Services provided under Agreement, including without limitation any analyzes or reports of aggregated or anonymized data, can be used for any scientific purposes as determined by Ava in its reasonable discretion.
7. Children’s Privacy.
Ava is for adults only. Ava does not intentionally collect personal information from anyone under the age of 18. If you are under the age of 18, please do not attempt to register with us at this Site or provide any personal information about yourself to us. If we learn that we have collected personal information from a child according to article 8 GDPR, we will promptly delete that information. If you believe that we might have any information from a child according to article 8 GDPR, please contact us.
8. Other Websites.
9. Your Rights.
You have the right to information, correction, limitation of data processing, deletion of your PII, objection, revocation of the declaration of consent under data protection law for the future and data transferability within the framework of the data protection law applicable to you and to the extent provided for therein (such as in the case of the GDPR). In addition, you have the right to assert your claims in court or to file a complaint with the responsible data protection authority.
Switzerland’s competent data protection authority is the Federal Data Protection and Information Commissioner.