Shapa Privacy Policy

Shapa, Inc. (“Shapa”, “Shapa”, “we”, “our” or “us”) provides this Privacy Policy to inform you of our policies and procedures regarding the collection, use and disclosure of personal information we receive from users of www.myshapa.com (this “Site”). This Privacy Policy applies only to information that you provide to us or provide us with access to through this Site. This Privacy Policy may be updated from time to time. We will notify you of any material changes by posting the new Privacy Policy on the Site. You are advised to consult this policy regularly for any changes. Unless otherwise defined in this Privacy Policy, terms used in this Privacy Policy have the same meanings as in our Terms of Service, accessible at /legal/terms-of-service. As used in this policy, the terms “using” and “processing” information include using cookies on a computer, subjecting the information to statistical or other analysis and using or handling information in any way, including, but not limited to collecting, storing, evaluating, modifying, deleting, using, combining, disclosing and transferring information within our organization or among our affiliates within the United States.

Shapa provides a personalized experience that combines an innovative scale with a user-friendly app to recommend tailored activities and to motivate users to lead healthier, more active lives. Your privacy, as part of this experience, is important to us. This privacy policy applies to your use of our products, our mobile applications, our websites, including www.shapa.me, the software embedded in the same, and any subscriptions, memberships or other Shapa services or offerings (collectively, the “Service”), and explains what personal data we collect from you and how we use it. We encourage you to read the details below.

Data that we collect

Shapa collects data to operate effectively and provide you the best experiences with the Service. You provide some of this data directly, such as when you create a Shapa account, input data into your profile, respond to a questionnaire, or contact us for support. We get some of it by recording how you interact with the Service by, for example, using technologies like cookies, and receiving error reports or usage data from software running on your device. We may also obtain data from third parties (including other companies). For example, we may supplement the data we collect by purchasing demographic data from other companies. We also use services from other companies to help us determine a location based on your IP address in order to customize the Service to your location, or to help us process payments. The data we collect depends on the features and aspects of the Service you use, and includes the following. Name and contact data. We collect your first and last name, email address, postal address, phone number, and other similar contact data. Credentials. We collect passwords, password hints, and similar security information used for authentication and account access. Demographic data. We collect data about you such as your age, gender, country and preferred language. Interests and behaviors. We collect data about your interests and behaviors, such as what exercise routine you prefer, what lifestyle habits you have, and what health, diet and fitness goals you wish to achieve. In addition to those you explicitly provide, your interests and behaviors may also be inferred or derived from other data we collect. Payment data. We collect data necessary to process your payment if you make purchases, such as your payment instrument number (such as a credit card number), and the security code associated with your payment instrument. Usage data. We collect data about how you and your device interact with the Service. This includes data, such as the features you use, the items you purchase, the web pages you visit, and the search terms you enter. This also includes data about your device and the network you use to connect to the Service, including IP address, device identifiers (such as the IMEI number for phones), regional and language settings. It includes information about the operating systems and other software installed on your device, including product keys. And it includes data about the performance of the Service and any problems you experience with it. Contacts and relationships. We collect data about your contacts and relationships if you use the Service to connect with or manage contacts, or to communicate or interact with other people or organizations. Location data. We collect data about your location, which can be either precise or imprecise. Precise location data can be Global Position System (GPS) data, as well as data identifying nearby cell towers and Wi-Fi hotspots, we collect when you enable location-based services or features. Imprecise location data includes, for example, a location derived from your IP address or data that indicates where you are located with less precision, such as at a city or postal code level. Content. We collect the content of your files and communications when necessary to provide you with the Service. For example, we collect any photos, content or posts you upload to your Shapa account. We also collect the content of messages you send to us, such as feedback and product reviews you write, or questions and information you provide for customer support. When you contact us, such as for customer support, phone conversations or chat sessions with our representatives may be monitored and recorded. You have choices about the data we collect. When you are asked to provide personal data, you may decline. But if you choose not to provide data that is necessary to provide the Service, you may not be able to use some features or the Service itself.

How we use your data

Shapa uses the data we collect for three basic purposes, described in more detail below: (1) to operate our business and provide (including improving and personalizing) the Service we offer, (2) to send communications, including promotional communications, and (3) to display advertising.

Providing and improving our services. We use data to provide and improve the Service we offer and perform essential business operations. This includes operating the Service, maintaining and improving the performance of the Service, including developing new features, research, and providing customer support. Examples of such uses include the following.

Providing the Services. We use data to carry out your transactions with us and to provide the Service to you. The Service includes personalized features and recommendations intended to enhance your lifestyle and enjoyment, and tailor your Service experiences based on your activities, behaviors, interests and location.

a) Customer support. We use data to diagnose Service problems, repair customers’ devices, and provide other customer care and support services.

b) Product activation. We use data – including device and application type, location, and unique device, application, network and subscription identifiers – in order to activate software and devices that require activation.

c) Service Improvement. We use data to continually improve our Service, including adding new features or capabilities.

d) Security, Safety and Dispute Resolution. We use data to protect the security and safety of our Service and our customers, to detect and prevent fraud, to confirm the validity of software licenses, to resolve disputes and enforce our agreements.

e) Business Operations. We use data to develop aggregate analysis and business intelligence that enable us to operate, protect, make informed decisions, and report on the performance of our business.

Information Collection and Use

Our primary goals in collecting information are to provide and improve our Site, services, features and content, to administer your membership (together, the “Service”) and to enable users to enjoy and easily navigate the Site.

Personally Identifiable Information.

When you register with us through the Site, we will ask you for personally identifiable information. This refers to information about you that can be used to contact or identify you (“Personal Information”). Personal Information includes, but is not limited to your name and email address. We will use your Personal Information to create a Shapa account (“Account”) and you will become a member of Shapa (“Member”). We use your Personal Information mainly to provide the Service and to administer your Account and inquiries.

As a Shapa Member who has registered for the Service, you have the option of providing your Personal Information in order to grant Shapa access to your personal accounts with certain third party insurance company, financial and healthcare-related websites (collectively, “Third Party Websites”), so that Shapa can retrieve information that you have stored in your accounts with such Third Party Websites. You may also access the Service via certain Third Party Websites. By providing Shapa with the Personal Information required to access the Third Party Website via the Service or by accessing or registering to use the Service via a Third Party Website, you understand that Shapa will access, retrieve and store content from your Third Party Website account (“Healthcare and Financial Information”) in order to make it available and viewable through the Service. Depending on the Third Party Website to which you provide Shapa your Personal Information, Healthcare and Financial Information that is posted to your account with the Third Party Website (including Personal Information) will be viewable by you and Shapa via the Service. Other online services follow different rules regarding the use or disclosure of the Personal Information you submit to them. We encourage you to read the privacy policies or statements of the other online services you use. Please note that if the Third Party Website becomes unavailable or terminates Shapa’s access to your Third Party Website account, any Healthcare and Financial Information from that Third Party Website will no longer be available or viewable via the Service. You have the ability to disable the connection between the Service and any Third Party Website that you have chosen to access via the Service at any time via the “Settings” section of the Site.

We also collect the other information that you provide as part of registration and the administration of your Account (e.g., without limitation, zip code (on its own), city and state and individual preferences) (“Non-Identifying Information”).

We may publicly display on the Site certain Healthcare and Financial Information that is Non-Identifying Information, including, but not limited to, the names and contact information of doctors and names and prices for medical procedures.

We use your Personal Information (in some cases, in conjunction with your Non-Identifying Information) mainly to provide the Service and administer your inquiries.

Certain Non-Identifying Information would be considered a part of your Personal Information if it were combined with other identifiers (for example, combining your zip code with your street address) in a way that enables you to be identified. But the same pieces of information are considered Non-Identifying Information when they are taken alone or combined only with other non-identifying information (for example, your preferences). We may combine your Personal Information with Non-Identifying Information and aggregate it with information collected from other Shapa Members to attempt to provide you with a better experience, to improve the quality and value of the Service and to analyze and understand how our Site and Service are used. We may also use the combined information without aggregating it to serve you specifically, for instance to deliver a product to you according to your preferences or restrictions.

We also use your Personal Information to contact you with Shapa newsletters, marketing or promotional materials and other information that may be of interest to you. If you decide at any time that you no longer wish to receive such communications from us, please follow the unsubscribe instructions provided in any of the communications or update your preferences via the “Settings” section of the Site. (See “Changing or Deleting Information,” below.)

Log Data

When you visit the Site, our servers automatically record information that your browser sends whenever you visit a website (“Log Data”). This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, pages of our Site that you visit, the time spent on those pages, information you search for on our Site, access times and dates, and other statistics. We use this information to monitor and analyze use of the Site and the Service and for the Site’s technical administration, to increase our Site’s functionality and user-friendliness, and to better tailor it to our visitors’ needs. We also use this information to verify that visitors to the Site meet the criteria required to process their requests. We do not treat Log Data as Personal Information or use it in association with other Personal Information, though we may aggregate, analyze and evaluate such information for the same purposes as stated above regarding other Non-Identifying Information.

Cookies

Like many websites, we use “cookies” to collect information. A cookie is a small data file that we transfer to your computer’s hard disk for record-keeping purposes. We use cookies for two purposes. First, we utilize persistent cookies to save your login information for future logins to the Site. Second, we utilize session ID cookies to enable certain features of the Site, to better understand how you interact with the Site and to monitor aggregate usage by Shapa Members and web traffic routing on the Site. Unlike persistent cookies, session cookies are deleted from your computer when you log off from the Site and then close your browser. You can instruct your browser, by changing its options, to stop accepting cookies or to prompt you before accepting a cookie from the websites you visit. If you do not accept cookies, however, you may not be able to use all portions of the Site or all functionality of the Service.

The use of cookies by our third party partners is not covered by our privacy policy. We do not have access or control over these cookies. Our third party partners use session ID cookies to provide on-line chat services and track visitors to our site. Our third party partners employ clear gifs (a.k.a. Web Beacons/Web Bugs), images, and scripts that help them better manage content on our site. We do not tie the information gathered to our Customers’ or Users’ personally identifiable information.

Promotions

From time to time we may provide you the opportunity to participate in surveys, contests or sweepstakes (collectively, “Promotions”) on our Site. If you decide to participate, we will request certain Personal Information from you. Participation in these Promotions is completely voluntary and you have a choice whether or not to disclose this information. We use this information to administer your participation in each Promotion.

Shapa Blog

Shapa offers a publicly accessible blog, accessible at /resources/ (the “Blog”). You should be aware that any information you provide on the Blog, including, but not limited to, comments, may be read, collected and used by others who access the Blog. To request removal of your Personal Information from the Blog, contact us at [email protected]. In some cases, we may not be able to remove your Personal Information, in which case we will let you know if we are unable to do so and why.

Google Maps

As part of the Service, Shapa makes available a feature that utilizes Google Maps to access location-related information about healthcare providers. If you choose to access and use Google Maps as a part of the Service, you understand and agree that your use of Google Maps will be subject to Google’s Privacy Policy, as amended from time to time by Google, accessible at http://www.google.com/intl/en/privacy/ and incorporated by reference into this Privacy Policy.

We may post customer testimonials and feedback on the Site which may contain Personal Information. We will obtain a Member’s consent via email prior to posting the testimonial or feedback in conjunction with such Member’s Personal Information.

Phishing

Identity theft and the practice currently known as “phishing” are of great concern to Shapa. Safeguarding information to help protect you from identity theft is a top priority. We do not and will not, at any time, request your credit card information, your login information or national identification numbers in a non-secure or unsolicited e-mail or telephone communication. For more information about phishing, visit the Federal Trade Commission’s website.

Information Sharing and Disclosure

Please note that Shapa does not sell, rent or trade Personal Information with third parties for such third parties’ promotional or marketing purposes.

Aggregate Information and Non-Identifying Information. We may share aggregated information that does not include Personal Information and we may otherwise disclose Non-Identifying Information and Log Data with third parties for enhancement of features of the Service, industry analysis, demographic profiling and other purposes. Any aggregated information shared in these contexts will not contain your Personal Information.

Service Providers. We may employ third party companies and individuals to facilitate our Service, to provide the Service on our behalf, to perform Site-related services (e.g., without limitation, maintenance services, database management, web analytics and improvement of the Site’s features) or to assist us in analyzing how our Site and Service are used. These third parties have access to your Personal Information only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

Compliance with Laws and Law Enforcement. Shapa cooperates with government and law enforcement officials and private parties to enforce and comply with the law. We will disclose any information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate to respond to claims and legal process (including but not limited to subpoenas), to protect the property and rights of Shapa or a third party, to protect the safety of the public or any person, or to prevent or stop activity we may consider to be, or to pose a risk of being, any illegal, unethical or legally actionable activity.

Business Transfers. Shapa may sell, transfer or otherwise share some or all of its assets, including your Personal Information, in connection with a merger, acquisition, reorganization or sale of assets or in the event of bankruptcy.

Changing or Deleting Your Information and Data Retention

All Members may review, update, correct or delete the Personal Information in their Account by contacting us or by making edits via the “profile” section of the Site. If you completely delete all such information, then your Account may become deactivated.

We will retain your information, including Personal Information, for as long as your Account is active or as needed to provide you the Service. If you would like us to delete your record in our system, please contact us at [email protected] with a request that we delete your Personal Information from our database. We will use commercially reasonable efforts to honor your request. We may retain an archived copy of your records as required by law or for legitimate business purposes.

Security

Shapa is very concerned with safeguarding your information. The security of your personal information is important to us. But remember that no method of transmission over the Internet, or method of electronic storage, is 100% secure. When you enter sensitive information or otherwise provide Shapa with access to sensitive information (such as login information and Personal Information), we encrypt that information using secure socket layer technology (SSL). In some cases, we also encrypt sensitive information where it is stored on our systems. Shapa has been verified by Verisign for its use of SSL encryption technologies. In addition, Shapa tests the Site daily for any failure points that would allow hacking.

We will make any legally required disclosures of any breach of the security, confidentiality, or integrity of your unencrypted electronically stored “personal data” (as defined in applicable state statutes on security breach notification) to you via email or conspicuous posting on this Site in the most expedient time possible and without unreasonable delay, insofar as consistent with (i) the legitimate needs of law enforcement or (ii) any measures necessary to determine the scope of the breach and restore the reasonable integrity of the data system.

Shapa Offers and Links to other Websites

Our Site contains links to other websites and offers for third party products or services that may be complementary to your use of the Site. If you click on a third party link, you will be directed to that third party’s website. The fact that we link to a website is not an endorsement, authorization or representation of our affiliation with that third party, nor is it an endorsement of their privacy or information security policies or practices. We do not exercise control over third party websites. These other websites may place their own cookies or other files on your computer, collect data or solicit personal information from you. Other sites follow different rules regarding the use or disclosure of the personal information you submit to them. We encourage you to read the privacy policies or statements of the other websites you visit.

Fitness Platforms

As part of the functionality of the Shapa app, users can optionally connect to fitness platforms to receive feedback on their activity level. Fitness data is not collected automatically. You can optionally grant access to a fitness platform of your choice during the onboarding process, or through the Settings menu in the mobile iOS / Android app. Fitness data is collected in multiple ways. For Google Fit and Apple Health, data is collected directly from your mobile device after you have granted access to use these platforms. For other fitness platforms, data is collected securely via HTTPS through REST APIs. Data collected from these fitness platforms are only used to provide fitness metric feedback. Your fitness data will only be stored on our servers, encrypted at rest and in transit, and will not be sold or transferred to any third parties.

 

Social Media Widgets

Our Web site includes Social Media Widgets, such as the Share this button or interactive mini-programs that run on our site. These Features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the Feature to function properly. Social Media Features and Widgets are either hosted by a third party or hosted directly on our Site. Your interactions with these Features are governed by the privacy policy of the company providing it.

Our Policy Toward Children

This Site is not directed to individuals under 18. We do not knowingly collect personally identifiable information from children under 13. If a parent or guardian becomes aware that his or her child has provided us with Personal Information without their consent, he or she should contact us at [email protected]. If we become aware that a child under 13 has provided us with Personal Information, we will delete such information from our files.

Contacting Us