Privacy

Home Privacy

 

 

 

SHLEEP PRIVACY POLICY

Last updated: August 2017

Who are we?

We are Shleep. We respect your privacy. We comply with the Relevant Legislation: the Dutch Data Protection Act/Wet Bescherming Persoonsgegevens (hereafter: the DDPA) and the Data Protection Directive 95/46/EC (hereafter: the DPD). We also anticipate to the new General Data Protection Regulation (hereafter: the GDPR), which will be the replacement of this legislation from May 2018. All aforementioned legislation will herafter also be referred to as the “Relevant Legislation”.

Purpose of this privacy policy

This is a Privacy Policy. In this document, we explain what kind of personal data we collect when you use the services that we offer via www.shleepbetter.com (hereafter: the Website) and the Shleep application (hereafter: the App). Together they will be referred to as the “Software”. We also explain how we store, protect and use your personal data and for which purposes.

What is personal data?

In this Privacy Policy, “personal data” means: (pieces of) information that could allow you to be identified. This definition is in accorandance with the Relevant Legislation.

Which personal data do we process?

In order to use our services, we will ask you to create an account. In this respect, we will ask you for personal data, under which your first name, last name, date of birth, e-mail address and password.

We may also process non-personal data whenever you interact with our Website or the App. This data may include your browser name, the type of your computer and technical information about your means to connect to our Website or App (such as the operating system and the utilized internet service providers).

How do we use the personal data?

We use your personal data for the purposes described below.

  • We use your data to verify your identity to access your account.
  • We use the data from the results of your sleep assessments for the purpose of assessing your sleeping habits.
  • We use your data to tailor our advice for a better service experience for you.

How long will we keep your personal data?

If the personal data is no longer necessary for the fulfilment of the purposes mentioned above, the data will be deleted. In no event will the personal data be kept longer than five years after the date on which the data have been updated for the last time.

Who do we share your personal data with?

In order to render our services, we need to share the personal data with Amazon Web Services, Inc. and/or affiliated Amazon companies, Google cloud platform – Europe-west1-b in Belgium and Strato Netherlands (herafter jointly the “Sub-contractors”). Sub-contractors provide us with cloud computing services. Sub-contractors will in this respect solely act as “(Sub) Data Processor” within the meaning of the Relevant Legislation. This means Sub-contractors are contractually obliged not to use the data for purposes other than those described in this Privacy Policy and we do not share data with them beyond what is necessary to assist us.

Besides the above, we will not share your data with third parties – unless we are legally obliged to do so.

Generic aggregated (non-personal) data

We may convert personal data into non-personal data and aggregate it with information collected from other users. In such case the data will be fully and irreversibly anonymized: they will not contain individual personal data. We may share such generic aggregated data with our business partners for industry analysis, demographic profiling, improvement of our services and other purposes.

How do we protect your personal data?

We work hard to protect your personal data from unauthorized or unlawful access, alteration, disclosure, use or destruction. We take the following security measures regarding your personal data:

  • Network connection with Secure Socket Layer (SSL) technology
  • Password and data encryption (AES-256)
  • Use ofa LTS Robust Framework (Laravel) with the latest security patches installed
  • OS virtual machine: Ubuntu 16LTS with latest security patches (updated monthly)
  • Scanning servers for viruses every 15 minutes
  • Split of application and database servers
  • Shleep use dedicated servers, not mixed with other potential harmful apps

Cookies

We may use the following types of cookies on our Website and App:

Technical cookies: these are cookies that are essential for the operation of our Website and App, they enable you to move around and use our features.

Analytical/statistical cookies: we use these cookies to track visitor statistics. We use these statistics to continuously improve the Website, the App and mailings, and thus offer you relevant content. These cookies also allow us to recognize and count the number of visitors and to see how visitors navigate when they’re using our Website or App. This helps us to improve user navigation and to ensure users to find what they need more easily.

Tracking cookies: these cookies monitor clicking behaviour and surfing habits. By means of these cookies we can see whether and when you view your profile, and whether you click through to our Website and App.

You can change your cookie settings in your browser, if you don’t want cookies to be sent to your device. Please note that some Website and App features or services may not function properly without cookies.

Third party websites

You may find advertising or other content on our Website and App that link to the websites and services of our clients, partners, suppliers, advertisers, sponsors, licensors or other third parties. We do not control the content or the links that appear on these websites and we are not responsible for the practices employed by websites linked to or from our Website and App. In addition, these websites or services, including their content and links, may be constantly changing. These websites and services may have their own privacy policies and customer service policies. Browsing and interaction on any other website, including websites that are linked to our Website or App, are subject to the terms and policies of that website.

(No) Export of data outside the European Union

As a rule, we will only process the personal data within the European Union (EU). We will only transfer data outside the EU, if the country where the data is being transferred to provides a sufficient level of privacy protection that meets the standards of European privacy protection.

This means the transfer of the data will always comply with the EU Data Directive and article 76 section 1 of the DDPA. From 25 May 2018, transfers outside the EU will always comply with chapter 5 of the GDPR.

Modifications to this Privacy Policy

We may update our Privacy Policy from time to time. When we change this Privacy Policy in a significant way, we will post a notification on our Website along with the updated Privacy Policy.

Your rights and who to contact

You have the right to tell us if you:

  • would like a copy of the personal information which we have processed about you;
  • would like us to correct, update, shield or delete your personal information in our records;
  • wish to report any misuse of your personal information.

If you have any questions, comments or concerns about how we handle personal data, please contact us at hello@shleepbetter.com. We will respond to such a request within 30 days of receipt by us.

Please note that you can always access and delete you personal data from our systems yourself. Then all your personal data will be deleted immediately. Only the aggregated data, as mentioned above, will remain.

SHLEEP B.V.

Vaartstraat 68-3

1075 RS Amsterdam
The Netherlands
hello@shleepbetter.com

Chamber of Commerce (“Kamer van Koophandel”) number: 68089791

VAT number: 857296978B01