This Privacy Policy (hereinafter referred to as the “Policy”) of InBody applies to the following (collectively, the “Service” or “Services”): (i) InBody's body composition analysis devices (the “Products”); (ii) InBody software, including body composition data collection, processing and analysis software and mobile applications (collectively, the “App”); (iii) InBody websites including but not limited to https://deu.lookInBody.com and www.inbodyusa.com (collectively, the “Site”); (iv) the data, analyses and other content collected, processed, analyzed, generated or delivered by a Product, the App, or the Site, including without limitation, text, graphs, calculations, copy, audio, video, photographs, illustrations, images, graphics and other visuals (the “InBody Content”); and (v) other related InBody products and/or services. In this Policy, the words “InBody”, “we”, “us” and “our” refer to Biospace, Inc., a California corporation, doing business as InBody.
This Policy states how we use and protect the privacy of the personal information that (i) an end user of the Service (the “End User”) provides to us through using the Product and Service at a facility where the Product is located (the “Analysis Facility”) or through the Internet and (ii) the employee, representative or staff member of an Analysis Facility (“Facility User”) provides through using the Service to access data regarding a User. Such End User or Facility User is also referred to as “you” in this Policy. You should read this Policy in its entirety before accessing or using the Service. We are dedicated to safeguarding and protecting the personal information that you provide. Your personal information will always be used in accordance with this Policy
We reserve the right to change and amend any part of this Policy at any time and without prior notice. Details of these updates will be made available on the Site. We advise you to check the Site from time to time to make sure that you agree with any changes and amendments. Your continued use of our Site, Products and other Services constitutes your acceptance of this Policy and any updates. This Policy is incorporated into, and is subject to, the Terms of Use for End Users (if you are an End User) and the Terms of Use for Analysis Facility (if you are a Facility User) (hereinafter referred to as the “Terms”).
While this Policy is intended to generally describe our privacy practices, our goal is to also provide more detailed information at times when it’s most meaningful to you. The use of the Site, Products and other Services give us consent to collect and process data gathered as result of using the Site, Products and other Services from you in accordance with this Policy.
Our contracted servers in North America and Asia collect personal information that the User provides by (i) registering to use our Products and other Services at an Analysis Facility and (ii) accessing and using our Site, Products and Service. Personal information may include your telephone number, age, gender, weight, height and body composition data that is collected from a User through a Product (collectively, the “InBody Results”). The User's body composition data may include total body weight, muscle mass, body fast mass, percent body fat and other data. We may also collect data that is useful for improving our Products, Site, other Services, and the User's experience.
Information Specifically Applicable to an End User:You as the End User may provide personal information to us through the Site, the App, through the use of a Product at an Analysis Facility or the use of a personal wearable Product. We or the Analysis Facility may also collect body composition information that is identifiable to an End User during the time of registration and/or use of a Product. When an End User registers to use or uses a Product, we require the following information: an ID, your weight, telephone number, age, gender, and height. If you wish to be left anonymous and unidentifiable, you may use a Product as a guest. Not only can the guest test be anonymous, but it cannot be traced back to you. However, a guest will not be able to participate in any challenges or contests. After the use of any Product, we collect body composition measurements and this information will be associated with your registered ID and/or telephone number. This only applies to End Users who do not use the Product as a guest. Also, depending on the model of the Product, additional body composition measurement information may be stored, such as visceral fat level, leg lean mass and other data.
We may automatically collect the following information about your use of our Site or Services through cookies, web beacons, and other technologies: your domain name; your browser type and operating system; web pages you view; links you click; your IP address; the length of time you visit our Site and or use our Services; and the referring URL, or the webpage that led you to our Site. Please see the section below entitled “Cookies and Other Tracking Mechanisms” for additional information.
Information Specifically Applicable to an Analysis Facility:An Analysis Facility may be asked to provide InBody with identifiable information of Facility Users who may or may not have access to the Site. Such information can include their full name, telephone number, email address, date of birth and similar information. Each Analysis Facility will have a different staff structure, and the level of access to End User information on the Site that a particular Facility User has will be determined by InBody at our sole discretion by reference to the Facility User's responsibility and role at the Analysis Facility. A Facility User’s personal information will only be used to create account logins for the Site during the creation of an administrator level account for the Analysis Facility.
We may automatically collect the following information about your use of our Site or other Services through cookies, web beacons, and other technologies: your domain name, browser type, location, device, operating system, web pages you view, links you click, your IP address, the length of time you visit our Site and/or use our Service, and the referring URL, or the webpage that led you to our Site. Please see the section below entitled “Cookies and Other Collection Tools” for additional information.
We use your information to allow you to enjoy the full benefits of being able to monitor your physical activity through measuring, recording, analyzing and displaying your body composition measurement results. This is our main reason to request such information: to personalize your InBody experience. The collection of personal information also helps us create, develop, operate, deliver, and improve our Products or other Services, and content. This information is also used for anti-fraud purposes in some cases. For example, we may use your date of birth to verify identity, assist the with identification of Users, and to determine appropriate services.
We do not share your personal information with non-affiliated third parties for marketing purposes. We may share your information, including your personal information, with the following entities for the purpose described below.
Analysis Facility:We may disclose an End User’s personal information to Facility Users where the End User used one of our Products and opened an account. During the use of our Product or registration, the End User’s information may be accessed by Facility Users so that they can deliver the Service to the End User. The End User’s registration at an Analysis Facility or use of our Product at an Analysis Facility constitutes the End User’s consent and authorization to provide such End User’s personal information to the Analysis Facility.
Payment:We may use and disclose personal information provided by an Analysis Facility to pay unpaid balance on products, services or accounts owed to us by the Analysis Facility. For example, we may review personal information contained in previously submitted applications to obtain reimbursement for services rendered. Previously submitted information that the Analysis Facility may have submitted may include a credit card number, expiration date, security code and other information. We use secure servers when collecting any form of data such as payments. All payment information provided to us is transmitted via Secure Socket Layer (SSL) technology and then encrypted within our database.
Business transfers:We may disclose personal information in connection with the sale, merger, sale of assets or reorganization of InBody. In such an event, your information will transfer to the acquiring company. Notice of such a transfer will be provided by posting to the Site or via another form of communication.
Third Parties:We may disclose personal information to third parties outside of the InBody family that provide a service to us, such as billing and data processing companies. If required by applicable law such as the Health Insurance Portability and Accountability Act of 1996, we will abide by specific rules relating to the protection of your personal information.
Law enforcement:We may disclose and report to law enforcement agencies information related to activities that we reasonably believe to be unlawful, or that we reasonably believe may aid a law enforcement investigation into unlawful activity. In addition, we reserve the right to release your information to law enforcement agencies if we determine, in our sole judgment, that the release of your information may protect the safety or property of any person or entity.
Permitted by law:We may disclose your information to others as required or permitted by law. This may include disclosing your information to governmental entities, or pursuant to court orders, subpoenas, warrant, summons or similar process.
Protection for Us and Others:We may disclose the information we collect from you where we believe it is necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any individuals, violations of our Terms or this Policy, or as evidence in litigation in which we are involved.
Other Use of Personal Information:Other use and disclosure of personal information not covered by this Policy and permitted by applicable law that apply to us will be made only with your written authorization or that of your legal representative. If we are authorized to use or disclose personal information about you, you or your legal representative may revoke that authorization in writing at any time, except to the extent that we have taken action relying on the authorization or if the authorization was obtained as a condition of obtaining your account. You should understand that we will not be able to take back any disclosures we have already made with authorization.
Data That Does Not Identify You (De-Identified Data)We may share or sell aggregated, de-identified data that does not identify you, with partners and the public in a variety of ways, such as by providing research or reports about health and fitness or in connection with contests, challenges or other events. When we provide this information, we perform appropriate procedures so that the data does not identify you and we contractually prohibit recipients of the data from re-identifying it back to you.
Data That You May Direct Us to ShareYou can direct us to share data with other parties. For example, you might authorize us to share data with other End Users through our mobile App, with your employer as part of a wellness program or with other End Users or Analysis Facilities in connection with your participation in contests, challenges or other events. Once you direct us to share your data with a third party, that data is governed by the third-party’s privacy policy.
We may use our cookies and other collection tools to track information about your use of our Site and other Services, to track aggregate and statistical information about User activity or to display advertising. A cookie is a small file containing a string of characters that is sent to your computer when you visit a website; in this case the Site. When you visit the Site again, the cookie allows that site to recognize your browser. Cookies may store user preferences and other information such as a login credential and/or password. You can reset your browser to refuse all cookies or to indicate when a cookie is being sent. However, some website features or services may not function properly without cookies. Other technologies are used for similar purposes as a cookie on other platforms where cookies are not available or applicable. Some cookies allow us to make it easier for you to navigate our Site and other Services, while others are used to enable a faster login process or to allow us to track your activities on our Site.
Do Not Track (DNT)InBody does not track its customers over time and across third party websites to provide targeted advertising and therefore does not respond to Do Not Track (DNT) signals. However, what happens to your data depends on how a website responds to the request. Many websites will still collect and use your browsing data to improve security and generate reporting statistics. If you are visiting such sites, your browser may allow you to set the DNT signal so that third parties know you do not want to be tracked. InBody currently does not take action in response to these signals, but, if and when a standard is established and accepted, we may reassess how to respond to these signals.
Deleting and Disabling CookiesAll cookies are allowed by default, but you can adjust this setting and clear cookies for all sites or for certain pages. Cookies can also help a website remember your location, so it can provide you with locally relevant content, like weather. You can disable or remove first-party and third-party cookie information and data from your devices. If you remove cookies, things like saved preferences on websites might get deleted. But if you prefer, you can edit your browser options to block them in the future. The help portion of the toolbar on most browsers will tell you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie, and/or how to disable cookies altogether.
Web Beacons, Pixel Tags and Other TechnologiesWe, along with certain third parties, also may use technologies called beacons that communicate information from your device to a server. Web beacons can be embedded in online content, videos, and emails, and can allow a server to read certain types of information from your device, know when you have viewed particular content or a particular email message, determine the time and date on which you viewed the web beacon, and the IP address of your device. A pixel tag is a similar type of technology placed on a website for the purpose of tracking activity on websites and is often used in combination with cookies. Currently we do not use these web beacons and pixel tags to analyze the use of our Site or Service to provide content and ads that are relevant to you.
Data is stored for as long as it is legally permissible and you maintain a Lookin’Body Web or similar InBody account. There are three (3) ways in which data can be deleted: (i) If an administrator of the account, such as a Facility User deletes the data; (ii) If the End User deletes the data through the InBody mobile App; or (iii) If the End User requests permanent deletion of data or deactivates his or her account by contacting one of our InBody representatives.
InBody will only store an End User’s processed data upon the End User’s agreement and request. If incorrect data is being stored by us despite our efforts to ensure that this data is correct and up to date, we will immediately correct this data upon the End User’s request. If the End User wishes the stored data to be deleted, we will immediately delete this data upon the End User’s request. If it is not possible to delete the data for legal reasons, the data will be blocked instead. The End User can also withdraw his or her consent given to InBody for processing and storing the End User’s data at any time. Consent can be withdrawn by sending an email to: Lbweb@Inbodyusa.com.
An Analysis Facility also has the ability to modify or delete the data of an End User who used a Product at the Analysis Facility, including data transferred from a personal wearable Product at an Analysis Facility.
A backup is defined as data stored on a hard disk(s) that matches the data on the Analysis Facility’s Product. The backup will be maintained on hard disk(s) for the duration of the End User account or Lookin’Body Web account being active until data is permanently deleted from the account. After the data is deleted, the backup will be deleted off the hard disk(s) after a retention period, subject to any legal requirements. Backups are intended to reduce the risk of data loss from hard disk(s) crashes and user errors such as accidental deletion of data. Some data can be recreated but other data cannot.
RetentionInBody makes no guarantees that any data can be recovered, regardless of where the data is stored, even in backed up volumes. Accidents happen, whether caused by human error, hardware or software errors, natural disasters, or other events. By accepting this Policy, the End User and Analysis Facility each acknowledges that unintentional data loss may occur despite the efforts made in good faith by InBody or an Analysis Facility. Commercially reasonable best efforts will be made to ensure reliability for all data. We can give no guarantee regarding the security of the data we collect, although commercially reasonable best efforts has been made to ensure that data is not compromised.
We are mindful that the Products and other Services will be attractive and of benefit to potential users under the age of 18 and it is our policy, regardless of the country in which the Analysis Facility is located, to ensure that parents or legal guardians can monitor data collected in respect of such users. We try to achieve this through adopting an approach which is compliant with the United States legislation known as the Children’s Online Privacy Protection Act (COPPA). Our Site, App, Products and Service are all available to End Users who are below 18 years of age. The parent or legal guardian of any End User aged below 18 years of age is required to consent to the collection and use of his/her child’s personal information at the time of registering and use of our Products and other Services. A parent or legal guardian of any child who has not attained 18 years of age can review his/her child’s personal information, ask to have it deleted, and refuse to allow any further collection or use of the child’s information. If the parent or legal guardian wishes to exercise this right, he/she should contact us in writing using the information below. We only collect personal information that is required to provide the Service. Parents or legal guardians must communicate this consent through the completion of a consent form, which is available from us. These consent forms must be verified as follows: (1) in the case of a parent or legal guardian, a Parental Consent Form in respect of the child must be completed and then verified by InBody and/or the Analysis Facility; and (2) Parents or legal guardians will receive a copy of all email communications that are sent to their child, until such child has attained the age of 18. This will enable them to monitor data in respect of such child.
If you have questions about parental consent, you may contact us via email at steven@Inbody.com or by telephone at +31 (0)2 0238 6080.
We work very hard to protect the processed data you provide, and we collect the data from you in such a way that unauthorized access, disclosure, or destruction is not made without proper protocol. We take reasonable and appropriate measures to protect the processed data you submit. Just be aware that the Internet is a global communications vehicle open to threats, viruses, and intrusions from others. As such, we cannot promise, and you should not expect, that we will be able to protect your information at all times and in all circumstances. We use a variety of security measures, including encryption and authentication tools to help protect your information. We review our information collection, storage and processing practices, including physical security measures, to guard against unauthorized access to our Product(s). We restrict access to personal information to InBody employees, contractors, and agents who need to know that information in order to process it for us, who are subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations.
Your continued use of our Site, Products and other Services, and any disputes arising from them, is subject to this Policy as well as our Terms. Please visit our Terms, which explain other terms governing the use of our Products and Service.
The Site may provide links to other sites that provide information related to our Products or Service. Once you link to another site, you are subject to the privacy policy of the new site. You can also find a list of Products at our website www.Inbody.com/nl
If you have any questions or comments regarding this Policy, our information handling practices, or any other aspects of your privacy and the security of information, please send an email to steven@inbody.com.