Terms

Terms and conditions

Latest update  8 Jul 2022.

Welcome to use the Veri.co service, which consists of i) veri.co website (hereinafter “Website”), ii) Veri hardware and all of its support components (hereinafter “Products”), iii) Veri.co software applications, which shall be available at the Website, Apple App Store or in other similar locations (hereinafter “Software App”). Website, Products and Software App shall be collectively referred as “Service”. 

The Service is offered and owned by Human Engineering Health Oy (business ID 3115245-3), which is a limited liability company formed under Finnish law, having its principal office at Hämeentie 31, Helsinki, Finland (hereinafter “we” or “Company”). 

By registering into the Service or by using the Service, a user of the Service (hereinafter “you” or “User”) accepts these terms and conditions as legally binding (hereinafter “Agreement”). The Agreement is therefore a contract, which creates legally binding terms between the User and the Company when the User uses the Service. The User must not use the Service if the User does not enter into the Agreement with the Company. To be noted, the Agreement contains certain specific terms and conditions for Users who are based in the United States of America  (hereinafter “US-based User”), which shall be applicable solely to the US-based Users. 

In order to be able to use the Service, the User shall create an account into the Service (hereinafter “Account”). 

Hereinafter the Company and the User may individually be referred to as “Party” and together as “Parties”.

1. GENERALLY

1.1. The Company reserves a unilateral right to change the Agreement and all related aspects of the Agreement, such as payments regarding the Service. The Company shall notify the User through email or the Service of such changes. The changes shall take effect 14 days after the notification. By using the Service after the changes, the User accepts the changes as legally binding.

1.2. Only at least 18-year-old natural persons may use the Service as Users. However, the Service may not be used, and the Agreement may not be accepted in the following situations:

    1.2.1. the User is legally incompetent, and/or 

   1.2.2. the User is prohibited from using the Service under any applicable law. 

1.3. For clarity, the Service is only provided for consumers for purposes which are outside their trade, business, craft, or profession.

1.4. By creating an Account into the Service and by using the Service, the User warrants that the User is legally qualified and entitled to enter into a binding legal relationship with the Company in the form of the Agreement and in compliance with applicable legislation.

2. ACCOUNT

2.1. The User may create the Account and use the Service by registering into the Service through the Software App.

2.2. The User must truthfully provide all information into the Service. 

2.3. The User shall be solely responsible for all activities performed through the Account and for the safe use of the username, password, maintenance, confidentiality and all other such matters in regard to the User’s Account.

2.4. Only the User may use the Service via the User’s Account. If the User becomes aware that someone else has used the User’s Account, the User must notify the Company immediately of the unauthorized access through email at hello@veri.co.

3. SERVICE 

3.1. The Service is a continuous glucose monitoring system that tracks the User’s blood glucose through a flexible filament. Thereby, the Service helps the User to understand the basics of the User’s metabolic health by providing metrics on how, e.g., exercising and diet may affect to the User’s blood glucose levels. 

3.2. The only purpose of the Service is to provide information to the Users; the purpose of the Service is not to provide medical, health or other similar professional services or advice to the User or any other third party. The Service may show inaccurate values at any point, and no medical decisions should be made based on the data from the Service.

3.3. The Service is only compatible with phones outlined in the Company’s website, and the Company does not assume responsibility for missing access due to a non-compatible phone. The Company reserves the right to alter the list of compatible phones at any time, and the User shall consult the list before starting to use the Service. 

4. PRECAUTIONS REGARDING THE SERVICE 

4.1. The Company is not a healthcare professional, and it does not provide medical, health or other similar professional services or advice to the User or any other third party. 

4.2. The Service does not contain medical, health or other similar professional services or advice to the User or any other third party, nor is the Service replacement for such services or advice.

4.3. Should you have: 

  • any questions related to medical, health or other similar matters, the Company expressly advises you to be in touch with a medical professional, or
  • medical, health or another similar emergency, the Company expressly advises you to be in touch with a medical professional. 

4.4. You should never: 

  • disregard any medical advice or delay seeking medical advice due to any possible information provided by or in connection with the Service, 
  • consider any information in the Service or in connection with the Service as any kind of medical, health or other similar diagnosis or treatment, or
  • use the Service or any information in the Service for any kind of medical, health or other similar diagnosis or treatment purposes. 

4.5. The communication through the Service or via email with the representative(s) of the Company shall not constitute nor create doctor-patient relationship between the User and the Company. 

5. PAYMENTS 

5.1. Payments for the Service are described in the Company’s website (https://www.veri.co/shop). The prices include value added tax (VAT), and the price for the delivery of the ordered Product. For clarity, the total order price will always be shown to the User.

6. USER'S PURCHASE ORDER OF A PRODUCT

6.1. A purchase order submitted by a User is an offer to purchase the chosen Product from the Company (hereinafter “Purchase Offer”). For the Purchase Offer to become an actual order confirmation of the Product, the Company shall need to separately accept the Purchase Offer (hereinafter “Order Confirmation”). To be noted, the Company may refuse to accept any Purchase Offer at its sole discretion.

6.2. The Company shall provide an answer to the User for the Purchase Offer by means of an email within ten (10) calendar days from the submission of the Purchase Offer. 

6.3. If the Company discovers an error in the price of the Product ordered by the User before replying to the User’s Purchase Offer, the Company shall inform the User of the situation in writing and give the User the option of re-confirming the Purchase Order at the correct price or cancelling the Purchase Order. If the Company is not able to reach the User by using the contact details that have been provided by the User, the Purchase Order shall be considered cancelled, and a notice thereof shall be given by email.

7. DELIVERY OF PRODUCTS

Terms and conditions for all Users: 

7.1. The Products shall be dispatched to the address indicated in the order within the time indicated in the Order Confirmation. No delivery to so-called poste restante addresses shall be accepted. 

7.2. The User is solely responsible for all possible customs clearance, and the payment of any duties or taxes in connection to the delivery of the Products. The Company disclaims all legal responsibility for compliance with local import laws.

7.3. If the ordered Product cannot be delivered to the User within a reasonable time due to the actions or inactions of the User, the Company has a right to unilaterally cancel the Order Confirmation and charge the User for possible costs incurred by the Company due to the actions or inactions of the User. 

Special terms and conditions for US-based Users:

7.4. For the US-based Customers, the Company’s partner Postmeds Incorporation (doing business as Truepill) shall carry out all deliveries of Products, whereby the delivery of such Products shall be the sole responsibility of Truepill and fall under their terms and conditions.

8. CANCELLATIONS AND RETURNS

Terms and conditions for all Users: 

8.1. A User may cancel its Purchase Offer any time prior to the Company’s reply to the Purchase Offer. 

8.2. The Company reserves the right to cancel an Order Confirmation with any User with whom litigation is pending, or who is or has been in breach of the Agreement.

8.3. User has the right to freely cancel the purchase of a Product concluded through distance selling within 14 days of having received the Products (hereinafter “Cooling-Off Period”). A requirement for the Cooling-Off Period is that the said Product is returned unused and saleable within 14 days of having received the Products. The Company refunds successful cancellations and returns by paying the User a refund to the User’s bank account.

8.4. The Cooling-Off Period applies only to the first batch of Products when the subscription is based on a fixed term.

8.5. The Company may refuse cancellations and returns if the Product is not returned unused and saleable within 14 days of the User having received the Products.

8.6. If the User purchases a Product subject to an on-going subscription, this will create a recurring charge. If the User wants to cancel the subscription, the cancellation must be done no later than five (5) days before the next billing date in order to avoid the next payment of the subscription and the receival of the Product as per the subscription. Notwithstanding the aforementioned, where the User’s subscription is fixed term, the subscription cannot be cancelled during the fixed term outside the Cooling-Off Period. The subscription can be cancelled during the first term with a cancellation fee of 50USD/EUR/GBP depending of country of purchase. All fixed-terms cancellations must be completed before the first subscription renewal.

8.7. The Company may withhold refunds until it has received the Products back from the User.

8.8. All cancellations shall be made through the Service or by contacting the Company’s customer support at hello@veri.co.

Special terms and conditions for US-based Users:

8.9. Notwithstanding the aforementioned, due to the nature of the Products, where a Product is prescribed to a US-based User by a physician and the shipping process of the Product has begun, the User shall not be able to cancel the purchase of the Product; all cancellation actions must be taken prior to the prescription being accepted.

9. RIGHTS AND RESPONSIBILITIES OF THE USER

Terms and conditions for all Users:

9.1. The User is solely responsible for the User’s own use of the Service and all activities that are carried out via the User’s account. The User shall act in accordance with all of the applicable laws and regulations.  

9.2. The User is solely responsible for the User’s electronic devices, communication devices and other such devices and matters such as hardware condition, internet connection, antivirus, backup, and other similar issues. Furthermore, the User is solely responsible for securing and maintaining its own access to the Service. 

9.3. The User agrees to use the Service only for the purposes permitted by the Agreement. 

9.4. We have the right to remove the Account if the User violates this Agreement, law or good practice or has not signed into the Service for 12 months or for any other reason. 

9.5. The User agrees not to take up any actions that disturbs or in any other way hinders the Service or its servers or networks.

9.6. The Service may contain links to the third-party websites. If the User visits such websites, the User does so on its own responsibility and risk. Furthermore, the reliability assessment, of any possible information on the third-party websites, shall be on the User’s own responsibility and risk. 

9.7. The User agrees not to send, transmit or store material through the Service that is in violation of good practice or any applicable law. The User also agrees not to incite others to engage in any such activities. Furthermore, the User agrees not violate anyone’s intellectual property rights through the Service.  

9.8. If the User does not comply with this Agreement or the Company has justifiable reasons to suspect that the User does not comply with this Agreement, the Company may terminate the Agreement with direct legal effect, delete the Account of the User and implement any other similar procedure.

9.9. Any complaint of non-conformity of a Product or the Service must be communicated to the Company by the User via an email to hello@veri.co; the email shall at a minimum include a description of the non-conformity, adequate evidence of the non-conformity and any other such information that is essential for the confirmation of the non-conformity by the Company. All complaints of non-conformity shall be made within a reasonable time of the User having become aware of the non-conformity. The User understands and accepts that if the User claims for a refund of a Product from the Company due to non-conformity of the Product, the Company shall need to be able to verify the non-conformity of the Product. Therefore, if the User claims for a refund of a Product, the User has an obligation to provide the Company with the said Product and support the Company to a reasonable extent by examining and solving possible issues in the Product (e.g., by using Products as instructed by the Company or providing screenshots of malfunctions). To be noted, the User understands and accepts that if the User does not provide the Company with the Product that is allegedly subject to non-conformity, the User shall not have a right to request a refund from the Company of the said Product. 

9.10. The User agrees to be solely responsible for any failure to comply with the User’s obligations under this Agreement, and for their consequences.

9.11. The User agrees to not use or wear Products or Services negligently or in any way they are not meant to be used as per the Agreement. 

9.12. The User’s rights under the peremptory provisions of any applicable consumer protection law may not be limited by this Agreement. Therefore, in case of discrepancy between the Agreement and the peremptory provisions of an applicable consumer protection law, the peremptory provisions of the applicable consumer protection law shall have priority over the Agreement. 

Special terms and conditions for US-based Users:

9.13. US-based User understands and agrees that it needs to have prescription from a legally licensed physician to have a right to use the Service. US-based User also understands and agrees that the Service is not intended for use by individuals with diabetes or who are pregnant. 

9.14. The prescription of the US-based User shall be requested from the US-based User after the US-based User has completed a purchase order of a Product or the Service. The validity of the prescription shall be reviewed by Postmeds Incorporation (doing business as Truepill), and the approval or rejection of the prescription is determined solely by Truepill’s criteria and their employed physician’s opinion. The decision of Truepill cannot be disputed. If the prescription is rejected, the Company will refund the US-based User and cancel the purchase. 

10. RIGHTS AND RESPONSIBILITIES OF THE COMPANY

10.1. The Company operates only and solely as the provider of the Service. Thereby, the Company shall be responsible only for the matters, as determined in this Agreement or in peremptory provisions of applicable laws. 

10.2. The Company is not responsible for any actions a User takes or does not take based on the information in the Service. 

10.3. Under no circumstances shall the Company be liable for any direct or indirect damages arising out or in connection to the User’s use of or inability to use the Service.

10.4. The Company does not express or imply warranties or representations about the operation of features of the Service, and the Company does not promise that the Service will function without interruptions or errors. The Company is not responsible for any damages to the User, or third parties caused by the use, malfunctions, technical defects, or malicious software of the Service or third-party links or any other such causes. 

10.5. The Company has a right to disable the Service or a part of it due to maintenance, installation, modification, public order and safety, system overload or other similar cause. The Company may terminate (permanently or temporarily) the provision of the Service (or any part of them), either to the User or Users generally, entirely at the Company’s own discretion and without prior notice.  

10.6. The Service is provided on an “as is” and “as available” basis without warranties of any kind including, without limitation, representations, warranties and conditions of merchantability, fitness for a particular purpose, title, non-infringement, and those arising by statute or from a course of dealing or usage of trade.

10.7. The Company has undertaken reasonable efforts to ensure that the images of the Products in the Service are faithful reproductions of the physical Products. Despite the adoption of technical solutions to minimize inaccuracies, however, there may be some discrepancies (e.g., color resolution) between the images and the Products due to technical limitations. The Company shall not be liable for any inadequacy of the graphic representation of the Products displayed in the Service arising from such technical limitations.

10.8. All the Products displayed for sale in the Service benefit from the legal guarantee of conformity for products pursuant to the peremptory provisions of applicable consumer protection law.

10.9. The Service may also enable you to view, access, communicate and interact with third party sources, meaning e.g., third party websites and services. We do not assume any responsibility for the content, actions, or practices of, any such sources. Your interaction with such a source and your use of, and reliance upon, any content provided by such sources is at your sole discretion and risk.

10.10. The Company shall not be liable for any data loss or other damage or loss resulting from or in connection with the use of the Service, including any failure to provide adequate security or back up of the devices that you are using. 

10.11. The Company is not responsible for the content and uploaded materials of the Service or its correctness, except for the content and materials generated by the Company. Furthermore, the Company does not review or exercise editorial control in respect of the content or interactions, including their accuracy or suitability for purpose. 

10.12. The Company has the right to remove materials and links (i) that have been denied or reported by the Company in the Service, or (ii) which, according to the Company is unlawful, contrary to good practice or this Agreement, inappropriate or erroneous, or (iii) harmful to the Company, other Users or third parties. The Company also has the right to remove materials and links from the Service if the materials or links contain any legally questionable or offensive information or content that is inappropriate for the Company.

10.13. The Service may derive anonymized data i) from the way the User uses the Service in general and ii) from the gathered data by the Products (hereinafter “Anonymized Usage Data”). The Company shall own all right, title, and interest in and to all Anonymized Usage Data, and therefore, the Company may freely use the Anonymized Usage Data for its own purposes. 

11. INTELLECTUAL PROPERTY RIGHTS

11.1. The Company owns and retains all proprietary rights in the Service and in all content, trademarks, trade names, service marks and other intellectual property rights related thereto. The Service contains the copyrighted material, trademarks, and other proprietary information of the Company and its licensors. You agree to not, in any possible situation, copy, modify, transmit, create any derivative works from, make use of, or reproduce in any way any copyrighted material, trademarks, trade names, service marks, or other intellectual property or proprietary information accessible through the Service. You agree to not remove, obscure, or otherwise alter any proprietary notices appearing on any content, including copyright, trademark and other intellectual property notices.  

11.2. If you provide any communications or materials to the Company by email, telephone, or otherwise, suggesting or recommending changes to the Service, including without limitation, new features or functionality relating thereto, or any comments, questions, suggestions, the Company is free to use such feedback irrespective of any other obligation or limitation between the Parties governing such feedback. The Company is free to use, without any attribution or compensation to any party, any ideas, know-how, concepts, techniques, or other intellectual property rights contained in feedback, for any purpose whatsoever, although the Company is not required to use any of such feedback.

12. LIMITATION OF LIABILITY

12.1. To the fullest extent allowed by any applicable law, in no event will the Company, its affiliates, business partners, licensors or service providers be liable to you or any third person for any direct or indirect, reliance, consequential, exemplary, incidental, special or punitive damages, including without limitation, loss of profits, loss of goodwill, loss of reputation, damages for loss, corruption or breaches of data or programs, service interruptions and procurement of substitute services, even if the Company has been advised of the possibility of such damages.

12.2. The User understands and accepts that the information in the Service is not as accurate as similar measures carried out by a licensed physician and that the information in the Service may be inaccurate due to measurement inaccuracies in the Product. The Company shall not be liable for any consequences or damages arising out of inaccurate information in the Service. 

12.3. Notwithstanding anything contrary herein, the Company’s liability to you for any cause whatsoever, and regardless of the form of the action, will at all times be limited to the aggregate amount of the payments made, if any, by you to the Company within two (2) months preceding the date of bringing a claim.

13. INDEMNIFICATION

13.1. You agree to defend, indemnify and hold harmless us and our affiliates, and our respective officers, directors, employees and agents, from and against any and all claims, damages, obligations, losses, liabilities, costs and expenses (including but not limited to attorney’s fees) arising from: (i) your use of, or inability to use, the Service; (ii) your violation of this Agreement; and (iii) your violation of any third party right, including without limitation any intellectual property rights or data protection right.

14. DATA PROTECTION 

14.1. Please see the Service’s Privacy Notice for more information on data protection.

15. TERM AND TERMINATION

15.1. This Agreement enters into force once the User accepts this Agreement by creating Account or by using Service. 

15.2. This Agreement is valid for indefinitely. The User may terminate this Agreement with immediate effect by email or through the Service. By terminating this Agreement, the User is not however exempt from the obligations the User has undertaken under this Agreement prior to the termination

15.3. If you shall not comply with the provisions set forth in this Agreement, the Company shall have the right, on its sole discretion, to terminate the Agreement between the Parties, with immediate effect by email or through the Service, and thereby deny such User’s access to the Service. 

15.4. Upon the termination of this Agreement, the Company shall close the User’s Account and remove any material the User has stored or posted through the Service if the User can be identified with that material. 

16. GOVERNING LAW AND DISPUTES 

16.1. This Agreement and the relationship between the Company and User shall, except to the extent prohibited by applicable law, be governed by and construed and interpreted in accordance with the laws of Finland without regard to its principles and rules on conflict of laws. The applicability of the United Nations Convention on Contracts for the International Sale of Goods (hereinafter “CISG”) is specifically excluded from the Agreement and the relationship between the Company and User. 

16.2. Disputes, between the Parties, arising from and in connection with the Agreement shall primarily be settled through negotiations. Secondarily, the User may seek to settle disputes arising from and in connection with this Agreement at the District Court of Helsinki.

17. MISCELLANEOUS

17.1. You do not have the permission to surrender, transfer or sublicense this Agreement unless you obtain a prior written consent from the Company. The Company has the unilateral right to assign, transfer or delegate any or all of its rights and obligations under the Agreement.

17.2. You agree that if the Company does not exercise or enforce any legal rights under the Agreement (e.g., the right to indemnification), it does not imply that the Company formally waives its rights, and the Company still has the right to exercise its rights.

17.3. You agree that any cause of action that you may have arisen out of or related to this Agreement must commence within two (2) months after the cause of action accrues, otherwise such cause of action is permanently barred.

17.4. If, by a court decision, any provision of this Agreement is declared void, then only that invalid provision will be removed from the Agreement, in which case the Agreement will continue to be valid.

17.5. Sections 3–13 and 15–17 shall prevail and stay in force even after the termination of the Agreement.

18. APPLE SPECIFIC TERMS

18.1. In addition, and notwithstanding anything contrary herein, the User shall be aware, regarding the Software App, that Apple Inc. (hereinafter "Apple") is not a party of this Agreement and does not own and is not responsible for any Software App. 

18.2. Thereby, Apple is not providing any warranty for any Software App and is not responsible for maintenance or other support services for Software App and will not be responsible for any other claims, losses, liabilities, damages, costs or expenses with respect to any Software App, including any third-party product liability claims, claims that any Software App fails to conform to any applicable legal or regulatory requirement, claims arising under consumer protection or similar legislation, and claims with respect to intellectual property infringement. 

18.3. Any inquiries or complaints relating to the use of any Software App, including those pertaining to intellectual property rights, must be directed to the Company and be sent to hello@veristable.com. The license you have been granted herein is limited to a non-transferable license to use the Software App on an Apple-branded product that runs Apple's iOS operating system and is owned or controlled by you, or as otherwise permitted by the Usage Rules set forth in Apple's App Store Terms of Use. 

18.4. In addition, you must comply with the terms of any third-party agreement applicable to you when using any Software App, such as your wireless data service agreement. Apple and Apple's subsidiaries are third-party beneficiaries of this Agreement and, upon your acceptance of the terms and conditions of this Agreement, will have the right (and will be deemed to have accepted the right) to enforce this Agreement against you as a third-party beneficiary thereof; notwithstanding the foregoing, our right to enter into, rescind or terminate any variation, waiver or settlement under this Agreement is not subject to the consent of any third party.

Privacy policy for the app

Last updated Jul 8, 2022

With this Veri App Privacy Notice we provide you information on why and how we process your personal data as a controller in connection to Veri App for the following purposes:

  1. Provision of Veri App to customers
  2. Strategic analysis of customer data to develop services and fulfill customer needs

Please find our General Privacy Notice behind this link: General Privacy Notice.

1. WHAT DEFINITIONS ARE USED IN THIS PRIVACY NOTICE?

Controller means a party that is in charge of the personal data processing activities.

Data subject is a term for a human being in accordance with data protection laws.

GDPR means the EU General Data Protection Regulation (679/2016).

Legal basis for processing means the legal basis with which the controller processes personal data of a data subject. Article 6 of the GDPR contains provisions on legal basis for processing.

Personal data means any data concerning a data subject or data with which a data subject can be identified with.

Privacy notice means a data protection document that has been drafted according to Articles 13 and 14 of the GDPR, and with which the controller may inform its data subjects of the ways their personal data is processed.

Processor means a party that processes personal data for and on behalf of the controller.

Profiling means the automatic processing of personal data, in which the personal characteristics of the data subject are assessed using personal data.

Purpose for processing means the reason why the controller processes personal data of a data subject. 

Special categories of personal data mean personal data revealing a person’s racial or ethnic origin, political opinions, religion or philosophical beliefs, trade union membership, data concerning health sexual orientation or activity and genetic and biometric data for identifying the person.

2. WHO IS THE CONTROLLER OF YOUR PERSONAL DATA?

Human Engineering Health Oy (business ID: 3115245-3) is the controller of your personal data. The address of the controller is Hämeentie 31, 00500 Helsinki, Finland.

Please note that our US-subsidiary Human Engineering Inc. shall act as a controller for the personal data of our US-based data subjects regarding the processing of prescription related data; Human Engineering Health Oy takes no part in those data processing activities. 

3. DO WE HAVE A DATA PROTECTION OFFICER?

Yes, we have appointed a DPO. You can contact our DPO by e-mail at dpo@veri.co.

4. WHY DO WE PROCESS YOUR PERSONAL DATA? WHAT PERSONAL DATA DO WE PROCESS? WHAT ARE THE LEGAL BASIS FOR PROCESSING?

We process your personal data for the below mentioned purposes of processing. Below you will also find information on what personal data we process and what are the legal basis for our processing activities. 

a. Provision of Veri App to customers

Explanation: Personal data is processed so that we can provide Veri App to our customers.

Category of data subjects: Customers 

Categories of default personal data: Name, address, phone number, email, date of birth and glucose data. Regarding US-based customers, we also process prescription related data to be legally able to provide them with Veri App.

Categories of optional personal data: Height, weight, photos, meal data and sex. 

Categories of consent-based personal data: Sleep data and activity synced from Apple Health or Google Fit, and glucose data synced from LibreLink.

Legal basis for processing: Our contractual obligations towards our customer (GDPR, art. 6(1)(b)) and our customer’s consent for consent-based personal data as well as health data (GDPR, art. 6(1)(a)). 

b. Strategic analysis of customer data to develop services and fulfill customer needs 

Explanation: Personal data is processed so that we can develop our services and better fulfill customer needs. 

Category of data subjects: Customers 

Categories of personal data: Usage analytics and data as well as crash reports of Veri App.

Legal basis for processing: Consent (GDPR, art. 6(1)(a)). 

5. FROM WHERE DO WE COLLECT YOUR PERSONAL DATA?

We collect personal data related to Veri App:

  • from the data subjects themselves when they upload data into Veri App, 
  • via Veri App when it is used by a customer, and
  • third party service providers (e.g. Apple Health, Google Fit or LibreLink) if a data subject chooses to share personal data with Veri App from a third party service provider.

6. DO WE TRANSFER YOUR PERSONAL DATA?

Transfers to third party service providers: We may transfer your personal data to third party service providers (known in data protection terms as ‘processors’), as it is a normal course of doing business in a digitalized world. Such processors are for example data storage service providers and communications services providers. When personal data is transferred to third parties, we ensure that we conclude adequate personal data processing agreements and safeguards in relation to the data transfers. 

Currently we use the following services of processors in Veri App:

  • Amazon Web Services (AWS): Cloud platforming services / France for all other than US-based customers, and USA for US-based customers
  • Segment: Usage analytics and data/ USA (please note that processing requires customer’s consent)
  • Sentry: Error monitoring / USA (please note that processing requires customer’s consent)
  • Mixpanel: Usage analytics and data/ EU (please note that processing requires customer’s consent) 

Transfers outside the EU/EEA: For all other than US-based customers, Veri App’s servers are located in Paris, France, and hence, when we process personal data for the purposes of a) Provision of Veri App to customers, personal data is processed solely in the EU. If a customer provides us consent to process personal data for the purpose of b) Strategic analysis of customer data to develop services and fulfill customer needs, we may transfer personal data to the USA. When processing personal data outside the EU/EEA, we ensure an adequate level of data protection, for example through standard contractual clauses and other similar arrangements.

7. DO OUR PERSONAL DATA PROCESSING ACTIVITIES INCLUDE AUTOMATED DECISION MAKING?

Our personal data processing activities do not include automated decision making.

8. DO WE PROCESS SPECIAL CATEGORIES OF PERSONAL DATA IN VERI APP?

Yes. We process special categories of personal data in Veri App when we process customer’s glucose data, which can be identified as ‘health data’.

Special categories of personal data require special protection, as their processing could create significant risks to the fundamental rights and freedoms of the individual. We carry out all required measures to adequately protect special categories of personal data. 

9. HOW ARE US-BASED CUSTOMERS PRESCRIPTION DATA PROCESSED?

For the US-based customers, our partner Postmeds Incorporation (doing business as Truepill) shall provide all required prescriptions related to the use of Veri App based on the information the US-based customers provide to us via Veri App. 

10. DO WE COMPLY WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (HIPAA)?

Yes. In regard to the health data of our US-based customers, we comply with all of the requirements as per the Health Insurance Portability and Accountability Act of 1996 (hereinafter “HIPAA”).

11. HOW LONG DO WE RETAIN YOUR PERSONAL DATA?

We shall retain personal data as follows:

  • Personal data processed for the fulfillment of contractual obligations: personal data shall be processed for the duration of the agreement.
  • Personal data processed on the basis of consent: personal data shall be processed for as long as provide us your consent.

12. WHAT DATA PROTECTION RIGHTS DO YOU HAVE?

You may have the right to use the below listed data protection rights under the EU General Data Protection Regulation (679/2016):

  • Right to inspect (art. 15)
  • Right to rectify (art. 16)
  • Right to erasure (art. 17)
  • Right to restriction of processing (art. 18)
  • Right to data portability (art. 20)
  • Right to object (art. 21)
  • Automated individual decision-making, including profiling (art. 22)

If you would like to use your rights or inquire something about data protection, please be in touch with us in written form: dpo@veri.co

Your rights may only be exercised once your identity has been properly verified.

You may also have a right to lodge a complaint with the data protection authorities, if you think that the processing of your personal data infringes data protection laws.

13. CAN THIS PRIVACY NOTICE BE AMENDED?

We have a unilateral right to modify this privacy notice. We modify the privacy notice whenever necessary, for example in the case of changing legislation.  The modifications take effect immediately when we post the up-to-date version of this privacy notice to our website.

If we make significant changes to the privacy notice, or if there is a significant change in the way it is used, we will notify the data subjects.

Privacy Policy for the Website and Services

Last updated Jul 8, 2022

With this General Privacy Notice we provide you information on why and how we process your personal data as a controller for our general purposes (for other purposes than the provision of Veri App): 

  1. Provision of Veri App products to corporate customers for resale purposes
  2. Delivery of Veri App products to customers
  3. Processing of payments
  4. Communications
  5. Business partner relationships
  6. Electronic direct marketing
  7. Cookies
  8. Compliance with legal obligations
  9. Recruiting

Please find our Veri App Privacy Notice behind this link: Veri App Notice.

1. WHAT DEFINITIONS ARE USED IN THIS PRIVACY NOTICE?

Controller means a party that is in charge of the personal data processing activities.

Data subject is a term for a human being in accordance with data protection laws.

GDPR means the EU General Data Protection Regulation (679/2016).

Legal basis for processing means the legal basis with which the controller processes personal data of a data subject. Article 6 of the GDPR contains provisions on legal basis for processing.

Personal data means any data concerning a data subject or data with which a data subject can be identified with.

Privacy notice means a data protection document that has been drafted according to Articles 13 and 14 of the GDPR, and with which the controller may inform its data subjects of the ways their personal data is processed.

Processor means a party that processes personal data for and on behalf of the controller.

Profiling means the automatic processing of personal data, in which the personal characteristics of the data subject are assessed using personal data.

Purpose for processing means the reason why the controller processes personal data of a data subject. 

2. WHO IS THE CONTROLLER OF YOUR PERSONAL DATA?

Human Engineering Health Oy (business ID: 3115245-3) is the controller of your personal data. The address of the controller is Hämeentie 31, 00500 Helsinki, Finland.

Please note that our US-subsidiary Human Engineering Inc. shall act as a controller for the personal data of our US-based data subjects regarding the processing of prescription related data; Human Engineering Health Oy takes no part in those data processing activities.

3. DO WE HAVE A DATA PROTECTION OFFICER?

Yes, we have appointed a DPO. You can contact our DPO by e-mail at dpo@veri.co.

4. WHY DO WE PROCESS YOUR PERSONAL DATA?

We process your personal data for the below mentioned purposes of processing. Below you will also find information on what personal data we process and what are the legal basis for our processing activities. 

4.1. Provision of Veri App products to corporate customers for resale purposes 

Explanation: Personal data is processed so that we can provide Veri App products to our corporate customers for resale purposes. 

Category of data subjects: Representatives of corporate customers 

Categories of personal data: Name, title, phone number, email and possible other data disclosed to us.  

Legal basis for processing: Contractual obligations between us and our customer (GDPR, art. 6(1)(b)).

4.2. Delivery of Veri App products to customers

Explanation: Personal data is processed so that we can send Veri App products to customers. 

Category of data subjects: Customers (natural persons) and representatives of corporate customers

Categories of personal data: Name, address, phone number and email.  

Legal basis for processing: Our contractual obligation towards our customer (GDPR, art. 6(1)(b)).

4.3. Processing of payments

Explanation: Personal data is processed so that we can process payments made for the use of Veri App. 

Category of data subjects: Customers (natural persons) and representatives of corporate customers 

Categories of personal data: Name and payment data.

Legal basis for processing: Our contractual obligation towards our customer (GDPR, art. 6(1)(b)).

4.4. Communications

Explanation: Personal data is processed for communications purposes.

Category of data subjects: Persons who contact us.

Categories of personal data: Basic information and contact details and data related to communications.

Legal basis for processing: Our legitimate interests, according to which we carry out our communications (GDPR, art. 6(1)(f)). Our interests are in line with those of the people who contact us, as they expect us to process their data for communications purposes.

NB! You may have a right to object data processing for these purposes (see section concerning your rights). 

4.5. Business partner relationships

Explanation: Personal data is processed to maintain our relationships with our business partners. 

Category of data subjects: Representatives of business partners.

Categories of personal data: Basic information and contact details.

Legal basis for processing: Performance of our contractual obligations (GDPR, art. 6(1)(b)).

4.6. Electronic direct marketing 

Explanation: Personal data is processed to market our services.

Category of data subjects: Customers and potential customers

Categories of personal data: Contact details and customer relationship data. 

Legal basis for processing: 

  1. Our legitimate interests when processing personal data of our existing customers, as we need to market our services in order to carry out business (GDPR, art. 6(1)(f)). Our interests override the interests of our customers since we carry out direct marketing in accordance with applicable laws. 
  2. Consent for potential customers (GDPR, art. 6(1)(a)).

NB! You may have a right to object data processing for these purposes (see section concerning your rights). 

4.7. Cookies

Explanation: Personal data is processed in cookies of our websites.

Category of data subjects: People visiting our websites.

Categories of personal data: IP addresses.

Legal basis for processing: Consent based on the Act on Electronic Communications Services of Finland (917/2014). 

Please have a look at our Cookie Notice for more information about cookies used in our websites. 

4.8. Compliance with legal obligations

Explanation: Personal data is processed to comply with our several legal obligations as a legal person.

Category of data subjects: Customers 

Categories of personal data: Data required by law.

Legal basis for processing: Performance of our legal obligations (GDPR, art. 6(1)(c)). 

4.9. Recruiting

Explanation: Personal data is processed to carry out recruiting.

Category of data subjects: Job applicants.

Categories of personal data: Contact details, CV data, videos and pictures, bank data and possible other data disclosed to us by the data subject.

Legal basis for processing: Our legitimate interests, according to which we carry out our recruiting (GDPR, art. 6(1)(f)). Our interests are in line with those of the job applicants, as they expect us to process their data for recruiting purposes. 

NB! You have a right to object data processing for these purposes (see section concerning your rights). 

5. FROM WHERE DO WE COLLECT YOUR PERSONAL DATA?

We collect personal data concerning you from various sources. The sources of information we use depend on our processing purposes:

Sources of data in connection to provision (for resale purposes) and delivery of Veri App products, payments and communications: We collect data from the data subjects themselves, and from delivery services providers, payment services providers and communications services providers when a data subject uses their services. 

Sources of data in connection to business partners and our legal obligations: We collect data from the data subjects themselves, our business partners and different public sources (e.g. trade register and social media).  

Sources of data in connection to our website: We collect data with cookies. 

Sources of data in connection to our legal obligations: We collect data from the data subjects themselves and different public sources (e.g. trade register and social media). 

Sources of data in connection to our website: We collect data from data subjects themselves when they apply for a job vacancy at our company. 

6. DO WE DISCLOSE OR TRANSFER YOUR PERSONAL DATA?

Transfers to third party service providers: We may transfer your personal data to third party service providers (known in data protection terms as ‘processors’), as it is a normal course of doing business in a digitalized world. Such subprocessors are for example data storage service providers and communications services providers. When personal data is transferred to third parties, we ensure that we conclude adequate personal data processing agreements and safeguards in relation to the data transfers. 

Currently we use the following services of processors in our activities:

  • Chargebee: Payment services / EU, USA, Asia-Pacific (APAC) and Australia
  • Circle.so: Community platform / USA
  • Google Inc. (Workspace/Firebase): Data storage, email and other related basic functions / EU, USA, Chile, Singapore and Taiwan
  • Intercom: Chat services / EU, USA and Australia
  • Mailchimp: Marketing services / EU, USA, Australia, Brazil, Canada, India, Mexico and UK.
  • Meta (Facebook pixel): Electronic direct marketing / EU and third states 
  • Notion: Project management / USA
  • OGOship: Shipping services / EU and third states
  • Slack: Communications / EU and third states 
  • Stripe: Payment services /EU, USA, Colombia, Malaysia, Philippines and Canada
  • Typerform: Customer feedback services / EU, USA and UK
  • Zapier: Application automation services / EU, USA, Australia, Canada and UK

Transfers outside the EU/EEA: Your personal data may be processed outside the EU and the EEA area. In these situations, we ensure an adequate level of data protection, for example through standard contractual clauses and other similar arrangements.

7. HOW LONG DO WE RETAIN YOUR PERSONAL DATA

We shall retain personal data as follows:

  • Personal data processed for the fulfillment of contractual obligations: personal data shall be processed for the duration of the agreement.
  • Personal data processed for compliance with legal obligations: personal data shall be processed for as long as we have a legal obligation to process data. 
  • Personal data processed on the basis of consent: personal data shall be processed for as long as provide us your consent.
  • Personal data processed on the basis of our legitimate interests (other than recruiting): personal data shall be processed for as long as is necessary for the fulfillment of processing purpose.
  • Personal data processed in recruiting: personal data shall be processed for a period of 12 months from the receival date of the job application or end of deadline in a job advertisement. 

8. WHAT DATA PROTECTION RIGHTS DO YOU HAVE?

You may have the right to use the below listed data protection rights under the EU General Data Protection Regulation (679/2016):

  • Right to inspect (art. 15)
  • Right to rectify (art. 16)
  • Right to erasure (art. 17)
  • Right to restriction of processing (art. 18)
  • Right to data portability (art. 20)
  • Right to object (art. 21)
  • Automated individual decision-making, including profiling (art. 22)

If you would like to use your rights or inquire something about data protection, please be in touch with us in written form: dpo@veri.co

Your rights may only be exercised once your identity has been properly verified.

You may also have a right to lodge a complaint with the data protection authorities, if you think that the processing of your personal data infringes data protection laws.

9. CAN THIS PRIVACY NOTICE BE AMENDED?

We have a unilateral right to modify this privacy notice. We modify the privacy notice whenever necessary, for example in the case of changing legislation.  The modifications take effect immediately when we post the up-to-date version of this privacy notice to our website.

If we make significant changes to the privacy notice, or if there is a significant change in the way it is used, we will notify the data subjects.