When you use Babyndex, you’re trusting us with intimate personal information. We understand this is a big responsibility – from the moment we began developing our product to each time we process Personal data – and work hard to protect your information and put you in control.
We are committed to keeping your trust, which is why our policy as a company is to take every step to ensure that individual user’s data and privacy rights are protected and to provide transparency about our data practices.
You are in control – You may access your Personal data, modify, correct, erase, and update it by writing to us at [email protected] You may also download the information Babyndex collected about you by contacting us. Please be aware that erasing or modifying some Personal data inserted by you may affect your possibility to use Babyndex in the future.
Your data is safe with Babyndex
Your employer, your insurance company, even your relatives – none of them will ever know about the information and symptoms you log or the information you get in Babyndex until you tell them. We take all reasonable and appropriate measures to protect your Personal data from loss, theft, misuse or unauthorized access.
Data transfers are under legal control – Babyndex complies with the GDPR and we endeavour to comply with IVDR as set forth by the EU and we adhere to the Privacy Principles.
all collectively, the “App”.
General Information. When you sign up to use the App, you provide us with your Personal data about you such as:
Health. When you use the App, you may choose to provide personal information about your health such as:
(collectively, “Personal data”).
In order for us to process any Personal data under this category we will explicitly ask your consent at the registration screen.
When you access or use the App, we may automatically collect the following information.
App usage data, including, among others:
By creating a profile or signing up to use the App, you explicitly consent that:
PLEASE NOTE THAT WE WILL NEVER SHARE YOUR EXACT AGE OR ANY DATA RELATED TO YOUR HEALTH WITH ANY THIRD PARTIES.
We may use your Personal data, foremost for performing actions to visualise your fertile days and to improve the performance of the App including the purposes without limitation as follows:
We will not use the information gained through your use for advertising or similar services, or sell it to advertising platforms, data brokers, or information resellers. We will also never sell your Personal data as may be defined by applicable laws.
Lawfulness, fairness and transparency. We process Personal data lawfully, fairly and in a transparent manner.
Purpose limitation and data minimization. We collect Personal data for specified, explicit and legitimate purposes. We will not process Personal data in a way that is incompatible with the purposes for which it has been collected or subsequently authorized by you or collect any Personal data that is not needed for the mentioned purposes. For any new purpose of processing (e.g. further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes) we will ask your separate explicit consent. To the extent necessary for those purposes, we take all reasonable steps to ensure that Personal data is reliable for its intended use, accurate, complete, and current. We also undertake to minimise Personal data and to collect only such amounts and type of data that is strictly adequate, relevant and limited for the mentioned purposes.
Accuracy and storage limitation. We undertake every reasonable step to collect Personal data accurately and, where necessary, to keep data up to date, in order to ensure that Personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay. We keep Personal data in a form, which permits identification of data subjects for no longer than is necessary for the purposes for which the data are processed. We store personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to implementation of the appropriate technical and organisational measures required by law.
Notwithstanding the country or region you are coming from we are committed to grant you the vast privacy rights in respect to your Personal data.
Personalisation of content. We personalise content you see in the App (e.g. articles) based on Personal data that you insert into the App. You have a right to opt-out from such automated decision-making. Please note that this may affect your possibility to use the App.
Simply write us at [email protected] to exercise any of your privacy rights.
We commit to grant them within 30 days after receipt. It may take us up to 90 days in some cases, for example for full erasure of your Personal data stored in our backup systems. This is due to the size and complexity of the systems we use to store Personal data.
Please keep in mind that in case of a vague request we may engage the individual in a dialogue so as to better understand the motivation and content of the request. We may also refuse manifestly unfounded and excessive (repetitive) requests.
We might also require you to prove your identity in some cases. This is made to ensure that no rights of third parties are violated by your request.
Notification requirements. We commit to notify you, when it is needed under the law, within a reasonable period of time and your data protection authority within the timeframe specified in applicable law about Personal data breaches related to your Personal data.
Data Protection Authorities. Subject to applicable laws, you may have the right to lodge a complaint with your local data protection authority about any of our activities that you deem are not compliant with applicable law.
Opt-out options. You can withdraw your consent to sharing of your Personal data in accordance with this subsection anytime by using one of the following options:
PLEASE NOTE THAT WE WILL NEVER SHARE YOUR EXACT AGE OR ANY DATA RELATED TO YOUR HEALTH WITH THIRD PARTIES. We only choose third parties that are reliable, spell out the rights and obligations of each party and can make sufficient data protection guarantees. Third-party services that handle Personal Data of our customers, including analytics software, email services, cloud servers, etc. have a standard data processing agreement available on their websites for you to review.
We engage processors that perform particular operations with your Personal data for us.
Processors are companies that help us run the App, support our communication with you or perform other App-related activities. They may process certain Personal data on our behalf to accomplish the goals related to the App functions and associated activities. Processors act only in accordance with our instructions and process only the amount of Personal data as we instruct them to process. We remain fully liable for any acts or omissions of our processors and undertake to execute formal data processing agreements with them to the extent required by applicable law.
We acknowledge the following personal data stored in the user account of Babyndex, Sinfonic Innovation Management Bt., Isaszegi út 55, Gödöllő 2100, Hungary, in the user database of Babyndex website, online store and app will be handed over to the following trusted data processors. The data transferred by the data controller, the nature and purpose of the data processing activity performed are the followings:
Infrastructure and security necessary for the operation of the app, the online store and the website
Payments and invoices necessary for the operation of the online store
Website, web services and courses trackers necessary for marketing, reaching out to users who need our services
Privacy Shield notice.
In the context of an onward transfers we have responsibility for the processing of Personal data we receive under the Privacy Shield. We remain liable under the Principles (as defined below) if our processor processes such Personal data in a manner inconsistent with the Principles and GDPR, unless we prove that we are not responsible for the event giving rise to the damage. For any onward transfer we commit to execute a formal agreement with any receiving party or processor acting on our behalf.
If we receive Personal data subject to our certification under the Privacy Shield and then transfer it to a third-party service provider acting as an agent on our behalf, we have certain liability under the Privacy Shield if both (i) the agent processes the Personal data in a manner inconsistent with the Privacy Shield and (ii) we are responsible for the event giving rise to the damage.
We may share aggregated, anonymized or de-identified information, which cannot reasonably be used to identify you, with our partners or research institutions. For example, we may share, including, without limitation, in articles, blog posts and scientific publications, general age demographic information and aggregate statistics about certain activities or symptoms from data collected to help identify patterns across users. Sharing such data contributes to the advancement of scientific research on women’s health.
We may also share some of your Personal data in the following special circumstances:
If you choose to delete the App, deactivate your account, we retain your Personal data for as long as your account is active and a reasonable period thereafter in case you decide to re-activate the Services.
You should be aware that we may retain certain Personal data and other information after your account has been terminated or deleted in an aggregated, anonymized form. Any posts or comments you submit may remain visible if and after you delete your account. We are not obligated to remove your posts or comments. We reserve the right to use your information in any aggregated data collection after you have terminated your account, however we will ensure that the use of such information will not identify you personally. We will also retain your Personal data as necessary to comply with legal obligations, resolve disputes and enforce our agreements.
If you remove data from your account, you will no longer see it in the App, but some backups of the data may remain in our archive servers for a reasonable period of time due to technical solutions we use. However, we undertake to delete any such backups within a reasonable period of time.
We take reasonable steps in order to ensure compliance of such third parties with any applicable laws that might govern processing of your Personal Data.
We take all reasonable and appropriate measures to encrypt, pseudonymize, or anonymize personal data wherever possible. This way we protect all collected Personal data from loss, theft, misuse and unauthorized access, disclosure, alteration and destruction, taking into account the nature of the Personal data that we process and risks associated with special categories of Personal data we collect (information about health). Among others, we utilize the following information security measures to protect your Personal data:
Organizational and legal measures. We have an internal security policy to ensure that team members are knowledgeable about data security. We build awareness about data protection to strengthen operational security, including guidance about email security, passwords, two-factor authentication, device encryption, and VPNs. Our employees who have access to personal data and non-technical employees receive extra training. Also, employees have different levels of access to your Personal data and only those in charge of data management get access to your Personal data and only for limited purposes required for the operation of the App. We impose strict liability on our employees for any disclosures, unauthorized accesses, alterations, destructions, misuses of your Personal data.
Conducting periodical data protection impact assessments in order to ensure that the App fully adheres to the principles of ‘privacy by design’, ‘privacy by default’ and others. We also commit to conduct an information audit when required by law to undertake a privacy audit in case of Company’s merger or takeover and .
General age limitation. We are committed to protecting the privacy of children. The App is not intended for children and we do not intentionally collect information about children under 13 years old. The App does not collect Personal data from any person the Company actually knows is under the age of 13. If you are aware of anyone under 13 using the App, please contact us at [email protected] and we will take required steps to delete such information and (or) delete her account.
Age limitation for EU residents. Due to requirements of the GDPR you shall be at least 16 years old in order to use the App. To the extent prohibited by applicable law, we do not allow use of the App by the EU residents younger than 16 years old. If you are aware of anyone younger than 16 using the App, please contact us at [email protected] and we will take steps to delete such information and (or) delete her account.
Courses. You must be at least 18 years old to use the Courses. We do not process any Personal data of anyone below 18 in the Courses.
We may contact you from time to time via email or through other means to communicate with you about products, services, offers, promotions, rewards, and events offered by us and others, and provide news and information that we think will be of interest to you. You can always opt out of receiving emails by unsubscribing via the “Unsubscribe” link contained in the email. Opting-out of these emails will not end transmission of important service-related emails that are necessary to your use of the App. If applicable laws prescribe so, certain exclusions may apply to the residents of some countries regarding an active opt-in for any email communications from us. We may ask such users to provide their consent for any such communications at the registration screen or separately.
Babyndex may provide links to other sites as a courtesy to our users. Babyndex is not responsible for the content or operation of these other sites. Babyndex cannot guarantee the privacy policies of these other sites and we recommend you consult the privacy policies of such sites directly before use.
The Company is based in the European Union and Personal data we collect is governed by EU law. Please be advised that EU law and laws of other countries may not offer the same protections as the law of your jurisdiction.
In addition, you agree that Personal data collected may be stored and processed in the United States, where the Company purchases services from, or in any other country in which the Company or its affiliates, subsidiaries or agents maintain facilities, and by using the App, you consent to any such transfer of Personal data outside of your country.
Please bear in mind that we may transfer your Personal data to the United States which data protection is not deemed adequate under applicable data protection law.
Complaints and Dispute Resolution. In compliance with the Privacy Shield Principles, we commit to resolve complaints about our collection or use of your Personal data. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact us at [email protected] or mailing address:
Babyndex, Sinfonic Innovation Management Bt.
Isaszegi út 55., Gödöllő 2100, Hungary
We have further committed to refer unresolved Privacy Shield complaints to JAMS, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit the following link for more information or to file a complaint. The services of JAMS are provided at no cost to you.
Arbitration. You may also be able to invoke binding arbitration for unresolved complaints but prior to initiating such arbitration, a resident of a European country (including Switzerland) participating in the Privacy Shield must first: (1) contact us and afford us the opportunity to resolve the issue; (2) seek assistance from JAMS; and (3) contact the U.S. Department of Commerce (either directly or through a European Data Protection Authority) and afford the Department of Commerce time to attempt to resolve the issue. If such a resident invokes binding arbitration, each party shall be responsible for its own attorney’s fees. Please be advised that, pursuant to the Privacy Shield, the arbitrator(s) may only impose individual-specific, non-monetary, equitable relief necessary to remedy any violation of the Privacy Shield Principles with respect to the resident. The arbitration option may not be invoked if the individual’s same claimed violation of the Principles (1) has previously been subject to binding arbitration; (2) was the subject of a final judgment entered in a court action to which the individual was a party; or (3) was previously settled by the parties.
U.S. Federal Trade Commission Enforcement. Our Privacy Shield compliance is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).