Shopping Cart

Your cart is empty

Continue Shopping

Skiin Privacy Policy

EFFECTIVE DATE: SEPT 24, 2019

Welcome to SKIIN! This Privacy Policy (“Policy”) describes how SKIIN ., uses, and discloses

information that we obtain about your use of the skiin.com website (the “Site”) and the SKIIN

Mobile software (“the App”), collectively “the Service,” including information that we collect from

the SKIIN devices that you connect to a mobile device running the App. This document

describes the privacy policy between the purchaser, identified as (“you”) in the current

agreement, and Myant Inc. (“Myant”, “SKIIN” “us”, “our” or “we”) in regards to the SKIIN product.

SKIIN is a global company. If you are located in the United States or a country outside the

European Union, your information is stored in a location at the discretion of Myant. If you are a

European Union data subject, we store your information in the European Union. By using or

downloading the Service, you agree that your personal information, including any information

about your health that you provide directly to us or that we collect through your use of the

Service, may be transferred to, stored, and handled as described in this Policy.

The Information We Collect About You. We collect information directly from you, from devices

and third party services you connect, as well as automatically through your use of our Service.

When You Create, Update, or add information to Your Profile. When you register to use the

Service, we collect the personal information you provide us, including your name, email

address, password, gender, height, and birthdate. We also collect any additional information

you choose to add to your profile, including: weight, body mass index (BMI), whether you are a

smoker or non-smoker, medical conditions, blood pressure, information related to medications

you are taking, patient ID, sleep metrics, stress levels, activity levels, and other personal or

health information.

We collect additional information from Devices you connect to your App:

● When you Use a SKIIN Device. We collect your raw electrocardiogram (“ECG,” “EKG”)

measurement data, average heart rate, and location on the body where the ECG

recording was taken (e.g. body or chest). We collect additional information from your

mobile device at the time of recording, including accelerometer data, local time, local

time zone, and geographic location.

You may use your mobile device to add notes, tags, or voice memos to recordings you

make with any connected device. Many users use this feature to supplement ECG

readings with information about their symptoms, activities, or diet related to their specific

health conditions. Voice memos are automatically transcribed and included with the

applicable ECG recordings. Please note that we collect information provided through

notes, tags, or voice memos, including any personal or sensitive information you choose

to provide through this feature.

● Information Collected From Your Phone. In addition to the collection described above,

we collect basic information from your mobile device, including device model and OS

version, device ID, device language, activities within the App and how long the App is

open.

If you choose to connect your mobile device to a compatible third-party service, such as

Apple Health or Google Fit, with your permission, we collect information from your user

profile including: username and email address, heart rate BPM, step count and distance

traveled, activity sample, glucose and oxygen saturation levels, active and resting

energy levels, sleep analysis, blood pressure readings, and workout history.

● When You Use A Premium Feature. When you choose to participate in a premium

service, we collect additional information from you related to those services. Some

premium features are paid services. When you make payments through the Service, you

may need to provide your shipping address and financial account information, such as

your credit card number, to our third-party service providers. We may receive transaction

identifiers and summary information that does not include credit card or bank account

numbers.

● When You Contact Us. When you contact SKIIN directly, such as when you contact our

Customer Support team, we will receive the contents of your message or any

attachments you may send to us, as well as any additional information you choose to

provide.

How We Use Your Information

We process your information, including your personal information, for the following purposes:

● To provide our Service to you, to communicate with you about your use of our Service,

to respond to your inquiries, and for other customer service purposes.

● To tailor the content and information that we may send or display to you, to offer location

customization, and personalized help and instructions, and to otherwise personalize your

experiences while using the Service.

● To research and develop new products and features.

● For marketing and promotional purposes, to the extent permitted by law and, where

required, with your consent. For example, we may use your information, such as your

email address, to send you news and newsletters, special offers, and promotions, or to

otherwise contact you about products or information we think may interest you. We also

may use the information that we learn about you to assist us in advertising our services

on third party websites. You can opt-out of receiving marketing at any time as described

below.

● To better understand how users access and use our Service, both on an aggregated and

individualized basis, in order to improve our Service and respond to user desires and

preferences, and for other analytical purposes.

● To tailor the content and information that we may send or display to you, to understand if

a recorded EKG is your personal data or a guests’ data, to offer location customization,

and personalized help and instructions, and to otherwise personalize your experiences

while using the Service.

● To administer surveys and questionnaires.

● To comply with legal obligations, as part of our general business operations, and for

other business administration purposes.

● Where we believe necessary to investigate, prevent or take action regarding illegal

activities, suspected fraud, situations involving potential threats to the safety of any

person or violations of our Terms of Use or this Privacy Policy.

How We Share Your Information. We may share your information, including personal

information, as follows:

● With Your Consent. With your prior consent, we may share information from the

Service with other third-party partners, including your personal information and data

collected from your devices.

● Your Healthcare Providers Or Family. With your consent, we may share your

information, including information collected from your connected devices, with your

healthcare providers and/or family members (e.g., immediate family or friends) that you

designate to receive your information.

● Clinical Trial Studies. By using this service you consent to Myant sharing information

collected by the service with physicians and staff of clinical trial programs who may use

the Service as a means of collecting data for the trial study. If the Service is used as part

of a clinical trial study, we will use and share information about the clinical trial collected

through the Service in accordance with our agreement with the clinical trial program and

any privacy notices provided to you as part of the clinical trial program.

● Other Health-focused Mobile Apps. By using this service you consent that we may

share your profile information and data collected from your connected devices with other

health-focused mobile applications installed on your mobile device to help you track your

health and wellness information. If you share your information with these apps, your

personal information, including your health information, will be used in accordance with

those apps separate privacy policies, not this one.

● Aggregate and De-Identified Information. We may share aggregate or de-identified

information—so that it cannot reasonably be used to identify an individual—with third

parties for marketing, advertising, research or similar purposes.

● Health Researchers. We may share data collected through the Service with healthcare

researchers and other research organizations, including de-identified profile information

and data collected from your connected devices. For example, we may share

information such as your gender, height, weight, information about medications you have

provided, and data from your connected devices, but we will not share your name or

other information that could identify you.

● Affiliates. We may disclose the information we collect from you to our affiliates or

subsidiaries; however, if we do so, their use and disclosure of your personal information

will be subject to this Policy.

● Service Providers. We may disclose the information we collect from you to third party

vendors, service providers, contractors or agents who perform functions on our behalf,

such as providers of hosting, email communication, customer support services,

analytics, marketing, and advertising, based on our instructions, and in compliance with

this policy and any other appropriate confidentiality and security measures.

● Business Transfers. If we are acquired by or merged with another company, if

substantially all of our assets are transferred to another company, or as part of a

bankruptcy proceeding or reorganization, we will give affected users notice before

transferring any personal information to a new entity.

● In Response to Legal Process. We also may disclose the information we collect from

you in order to comply with the law, a judicial proceeding, court order, or other legal

process, such as in response to a court order or a subpoena.

○ Please note: Our policy is to notify you of legal process seeking access to your

information, such as search warrants, court orders, or subpoenas, unless we are

prohibited by law from doing so. In cases where a court order specifies a nondisclosure

period, we provide delayed notice after the expiration of the nondisclosure

period. Exceptions to our notice policy include exigent or

counterproductive circumstances, for example, when there is an emergency

involving a danger of death or serious physical injury to a person.

● To Protect Us and Others. We also may disclose the information we collect from you

where we believe it is necessary to investigate, prevent, or take action regarding illegal

activities, suspected fraud, situations involving potential threats to the safety of any

person, violations of our Terms of Use or this Policy, or as evidence in litigation in which

SKIIN is involved.

● Third Party Analytics. We use automated devices and applications, such as Google

Analytics and Mixpanel, to evaluate usage of our Service. We also may use other

analytic means to evaluate our Service. We use these tools to help us improve our

Service, performance, and user experiences.

Privacy Shield Information For EU and Swiss Individuals

SKIIN complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield

Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and

retention of personal information transferred from the European Union and Switzerland to the

United States pursuant to the Privacy Shield. SKIIN has certified to the Department of

Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the

terms of this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall

govern. To learn more about the Privacy Shield program, and to view our certification, please

visit http://www.privacyshield.gov.

In compliance with the Privacy Shield Principles, SKIIN commits to resolve complaints about

your privacy and our collection or use of your personal information pursuant to the Privacy

Shield. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy

should first contact SKIIN at the contact address below.

SKIIN

Attn. Privacy

100 Ronson Drive

Etobicoke, TO M9W 1B6

[email protected]

SKIIN has further committed to refer unresolved privacy complaints under the Privacy Shield

Principles to BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider

located in the United States and operated by the Council of Better Business Bureaus. If you do

not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily

addressed, please visit https://www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more

information and to file a complaint.

Please note that if your complaint is not resolved through these channels, under limited

circumstances, a binding arbitration option may be available before a Privacy Shield Panel.

The Federal Trade Commission has jurisdiction with enforcement authority over SKIIN’s

compliance with the Privacy Shield.

The Privacy Shield Principles describe SKIIN’s accountability for personal data that it

subsequently transfers to a third-party agent. Under the Privacy Shield Principles, SKIIN shall

remain liable if third party agents process the personal information in a manner inconsistent with

the Privacy Shield Principles, unless SKIIN proves it is not responsible for the event giving rise

to the damage.

Note that SKIIN may be required to release the personal data of EU and Swiss individuals

whose data is pursuant to the Privacy Shield in response to legal requests from public

authorities including to meet national security and law enforcement requirements.

Cookies

Cookies are small text files stored on your device and used by web browsers to deliver

personalized content and remember logins and account settings. In addition to improving user

experience, we use cookies and similar technologies for analytic and advertising purposes. You

can manage your cookies locally by adjusting your browser settings, or you can opt-out of

targeted advertising through cookies by visiting networkadvertising.org/choices or

aboutads.info/choices. Because there is not yet a common understanding of how to interpret Do

Not Track signals, we are unable to respond to Do Not Track requests from browsers, however

we are monitoring for updates and will revisit this policy once a common standard is

established.

Third-Party Links

Our Service may contain links to third-party websites. Any access to and use of such linked

websites is not governed by this Policy, but instead is governed by the privacy policies of those

third party websites. We are not responsible for the information practices of such third party

websites.

Consent

Myant will obtain consent before any collection, use or disclosure of any personal identifiable

information (PII) and protected health information (PHI) for purposes that we have identified.

Individuals who sign up for a SKIIN account will provide explicit consent during account

creation.

By using the Service or providing us with any PII and PHI, you consent to the transfer to, and

processing, sharing and storage of your information as set forth in this Privacy Policy. Please

note that other countries may have privacy and data protection regulations that are not on par

with the regulations in Canada, and may not provide the same level of protection.

We will always ask for your consent if we ever share or use your PII and/or PHI for a purpose

other than what is in this Privacy Policy. At any point, you are able to withdraw your consent by

contacting us at [email protected]

Security of My Personal Information

Your privacy is important to us and we enforce privacy measures to ensure that your PII and

PHI is protected against unauthorized access, use and modification. A combination of technical,

administrative and physical safeguards are used to maintain the highest level of security.

All data is protected through an AES256-bit encrypted database and data during any transfer

between the database, server and mobile application is encrypted using HTTPS.

Our data exists in a private virtual cloud, hosted by Amazon Web Services (AWS). AWS

provides features that help in maintaining secure data through security groups, network access

control lists and flow logs. AWS has ISO 27001, ISO 27017, and ISO 27018 certifications,

ensuring it meets international standards for information security management systems, security

controls for cloud services and security techniques for protection of personally identifiable

information.

During SKIIN account creation, a complex password (between 8 to 30 characters and a

minimum of one special character or number) is required for all users. The authentication

process requires email confirmation before a user is able to log into the application. Resetting

forgotten passwords will also require email confirmation.

Only authorized individuals are able to access users’ PII and PHI data on secure databases,

which can only be accessed through secure passwords. Employees are required to sign

documentation that obliges them to protect users’ PII and PHI, and will only be able to access

PII and PHI in order to fulfill their job requirements.

We also encourage you to take your own security measures, such as:

1. Not sharing your password with anyone else

2. Remembering to log out of the Service if accessing it on someone else’s personal device

3. Updating your password regularly

4. Having a password on your personal device

5. Locking your personal device when not in use

Security Breaches

As per the Personal Information Protection and Electronic Documents Act (PIPEDA), we are

required to keep records and notify any involved individuals of all breaches and to report to the

Privacy Commissioner of Canada of any security breaches that pose a significant risk of harm to

any individual or the public.

Access to and Deleting My Personal Information

We acknowledge the right of EU and Swiss individuals to access their personal data pursuant to

the Privacy Shield. You may modify personal information that you have submitted by logging

into your account and updating your profile information. Please note that copies of information

that you have updated, modified or deleted may remain viewable in cached and archived pages

of the Service for a period of time.

We store information associated with your account until your account is deleted. You can delete

your account at any time by contacting Customer Support at [email protected] Please note

that it may take a bit of time to delete your account information, and we may preserve it for legal

reasons or to prevent harm, including as described in the How Information Is Shared section.

What Choices Do I Have Regarding Promotional Emails?

We may send periodic promotional emails to you. You may opt-out of such communications by

following the opt-out instructions contained in the email. Please note that it may take up to 10

business days for us to process opt-out requests. We may still send you emails about your

account or any services you have requested or received from us.

Users Under 18

Our services are not designed for users under 18. If we discover that a user under 18 has

provided us with personal information, we will delete such information from our systems.

GDPR – Rights For EEA Users and SKIIN’s Capabilities for Worldwide Users

What Rights Do I Have? Individuals located in the European Economic Area (EEA) have

certain rights in respect of your personal information and SKIIN will provide these capabilities to

all our worldwide users, including:

● the right of access to your personal data;

● the right to correct or rectify any inaccurate personal data;

● the right to restrict or oppose processing of personal data;

● the right to erase your personal data; and

● the right to personal data portability.

We rely on your consent as a lawful basis processing personal data for the following purposes:

● initial collection of personal data through the Service;

● providing you with marketing or promotional communications. You may opt out of such

communications at any time by clicking the “unsubscribe” link found within SKIIN email

updates and changing your contact preferences.

We process personal data in order to perform our contract with you.

Additionally, we process personal data based on our “legitimate interests” in providing you the

Service as described in the section “How We Use Your Information”, including:

● To enable the Service to function as expected;

● To communicate with you in response to customer service inquiries, to deliver nonpromotional,

service-related emails, or to administer surveys and questionnaires; and

● To tailor your experience based on your general region. For example, we process

Clinical Interpretation Service requests from EEA-based users through an EEA-based

Clinical Interpretation Service partner.

In some cases, SKIIN may process personal information pursuant to a legal obligation or to

protect your vital interests or those of another person.

How May I Exercise My Individual Rights? SKIIN users located worldwide may access and

update their personal information as follows:

● Account holders may access and update personal information through their account

settings in the SKIIN platform;

● Account holders may exercise their rights to data deletion and data portability by

contacting SKIIN’s Data Controller Representative at [email protected].

● SKIIN does not retain any personal information from users who do not create SKIIN

accounts.

Please note that SKIIN may request additional information from you to verify your identity before

we disclose any personal or account information.

Changes to this Policy

This Policy is current as of the Effective Date set forth above. We may change this Policy from

time to time, so please be sure to check back periodically. We will post any changes to this

Policy on our Service. If we make any changes to this Policy that materially affect our practices

with regard to the personal information we have previously collected from you, we will endeavor

to provide you with notice in advance of such change.