This notice describes how we collect and process users’ personal data by Gero LLC through Gero mobile device application (referred to as the “Gero app
”). Unless the context otherwise requires or as otherwise noted, the terms “Gero”, “we,” “us” and “our” refer to Gero LLC, a company incorporated and registered under the laws of the Russian Federation.We are committed to safeguarding the privacy of our users. We will not misuse your data.
From the data protection perspective, we are a data
controller for the information collected through the Gero app. You can contact us at: Gero LLC
Registered address: 22-3, Boytsovaya str., Moscow, Russian Federation 107150
Contact email address: [email protected]
Our EU Representative is:DPOEU LTD
Registered Address: Office 902, Oval, Krinou 3, Ayios Athanasios, 4103, Limassol, Cyprus
Email: [email protected]
Our Data Protection Officer is Vladislav Nekrutenko
, a certified privacy professional (CIPP/E, CIPM). You can contact him at [email protected]
.Table of Contents:Information we collect from you;Legal basis for processing;Third-party access to information;How long we keep your personal data;Your rights;Security of information;Changes to this notice.Information we collect from youInformation required for Healthspan and Biological Age calculation
We collect your step data, biological sex and date of birth, heart rate, and heart rate variability from the Apple Health app to calculate your Healthspan and Biological Age. We may ask you to share with us your date of birth or biological sex if it is not provided from the Apple Health app.
Also, we collect your data sources list from the Apple Health app (list of your devices such as iPhone, Apple Watch, fitness trackers, etc.) without device names assigned by the user (just vendor, model, device id, OS version, and other technical info such as hash code of device’s name) to detect steps/heart rate source device technical parameters needed for adjustments of calculations of Healthspan and Biological Age.Profile Information
To use all functions of Gero app, you will have to log in either via Facebook or by submitting your e-mail and to create a profile. Depending on how you log in we will capture different volumes of information.
When you are log in via Facebook, we will collect your name, surname, email of a user for registration, profile picture, timezone, birthday and/or age range, last name, first name, links to your profile and its picture, language, and timezone.
We need to collect your biological sex for our calculation while Facebook has gender information. We may collect it from Facebook if your biological sex is not provided from the Apple Health app.
When you are log in via submitting your e-mail, we will collect your name, email, and year of birth.
All mentioned parameters are used to pre-set your profile and user preferences in the Gero app and to send you occasional notifications with the information about our updates, new services, offers, and products.Health data for the research purposes
We also collect your heart rate and heart rate variability for research on how it can improve Healthspan calculation and can be used in a model for Healthspan calculation in the future.
We will collect the answers to questions about your health, e.g. "Had you ever been diagnosed with the disease or condition from the list: Congestive Heart Failure (CHF), Myocardial Infarction (MI), Chronic Obstructive Pulmonary Disease (COPD), stroke, dementia, diabetes, cancer?" or “Do you smoke?” for research how it can improve the calculation of Healthspan and Biological Age and can be used in a model for Healthspan Biological Age and other alike calculations in future.
We may also periodically ask you to answer some questions about yourself, your lifestyle, medical history, your current health and symptoms and collect these answers for the purpose of further prediction, model improvement, research on relations of lifestyle with health, or to try to track changes.
Your answers can be used in a model for Healthspan and Biological Age calculation in the future. You may skip any questions that you do not want to answer.Legal basis for processingPerformance of a contract
We process your profile information and information required for Healthspan and Biological Age calculation to provide you with our services based on our contractual obligations through the Gero app, namely to calculate your Healthspan and Biological Age. If you do not provide us with this data, then we will not be able to provide you with our services.Explicit consent
We process your health data, e.g. the heart rate and your heart rate variability and answers on questions about your health solely based on a consent from you which serves as a legal base for the processing of your information.
Based on the consent, we can develop and commercial product based on the model built using your health data.
Also, we may process your profile data (your email address) to send you notifications with the information about our updates, new services, offers, and products, but only if you allowed us entirely voluntarily to do so (i.e., based on your consent).
You can withdraw your consent at any time by contacting us directly. The withdrawal will not affect the lawfulness of processing based on consent before. Research purposes
We also process the Information required for Healthspan and Biological Age calculation and Health data for the research purposes to study a specific group or population, identify potential areas or targets for therapeutics development, conduct or support the development of drugs, diagnostics or devices to diagnose, predict or treat medical or other health conditions, work with public, private and/or non-profit entities on similar research initiatives.
We process this data for improving the quality of the Gero app and to improve the accuracy of Healthspan and Biological Age calculation in the future.Legitimate interest
We may process your profile information to comply with the legal regulations of the country of our establishment, such as payment of taxes and compliance with financial regulations, in our legitimate interests. Third-party access to information
We provide your personal data to service providers and suppliers for them to process personal data on our behalf.
Such service providers and suppliers enter into contractual agreements with Gero by which they observe confidentiality and data protection according to the data protection law and GDPR.
The following categories of third-party service providers are used in regard to your personal data processing:
email notification providers;
cloud storage providers and database management systems;
financial and business advisors;
auditors and accountants;
marketing companies and market research companies;
payment card processing companies.
The involvement of such providers/contractors may imply the transfer of personal data outside of the European Economic Area. To ensure compliance with data protection requirements on international transfers, the Standard Contractual Clauses (SCC) as adopted by the European Commission or other suitable safeguards will be signed with these providers. If you would like to obtain a copy of the SCC signed with the service providers, feel free to contact us by the means provided at the beginning of this document.
Please note that the third-party providers/contractors can only process your data on our behalf and do not use it for their own purposes.Other Disclosures
In addition to the disclosures for the purposes identified before, we may disclose information about you:
if we are required to do so by law, in connection with any legal proceedings or to establish, exercise or defend our legal rights; and
in case we sell, license or otherwise assign our company, corporate rights, Gero app, or its separate parts or features to third parties.
Except as provided in this privacy notice, we will not sell, share or rent your information to third parties.How long we keep your personal data
We will process your personal data as long as you use the Gero app. We undertake the obligation to erase or anonymize your personal data in case you would not use the Gero app for a long time (more than 2 years).
Still, we may retain your personal data for a longer time as necessary to comply with our legal obligations, resolve disputes and enforce our agreements.Your rights
To maintain control of your personal data, you may exercise certain rights regarding your information. In particular, you have the right to:Object to the processing of your information
. If we process your information in our legitimate interests, e.g., for our marketing purposes, you can object against it. We will consider your request and, if there are no compelling interests to refuse it, stop the processing for such purposes; Access your information
. You have the right to know if we process your information; obtain disclosure regarding certain aspects of the processing; and obtain a copy of the information undergoing processing;Verify your information and seek its rectification
. If you find that we process inaccurate or out-of-date information, you can verify the accuracy of your information and/or ask for it to be updated or corrected;Restrict the processing of your information
. When you contest the accuracy of your information, believe we process it unlawfully or want to object against the processing, you have the right to temporarily stop the processing of your information to check if the processing was consistent. In this case, we will not process the information for any purpose other than storing it until the circumstances of restriction cease to exist; Ask us to delete/destroy/otherwise remove your information
. If we are not obliged to keep the data for legal compliance, we will remove your information upon your request; Ask us to transfer your information to another organisation
if we process the information based on your consent or on the necessity to perform the contract; andWithdraw consent.
You have the right to withdraw the consent that you have given to the Gero with regard to the processing of your personal data at any time. Note that any withdrawal of consent shall not affect the lawfulness of processing based on consent before it was withdrawn or revoked by you.
You can complete the request to exercise your right by contacting us at [email protected]
If you believe that our use of personal information violates your rights, you can lodge a complaint with the competent data protection authority.Security of information
We take necessary and sufficient measures to protect your information from unauthorised or accidental access, destruction, modification, blocking, copying, distribution, as well as from other illegal actions of third parties.
Internally, immediate access to the data is only allowed to our authorised employees involved in maintaining our Gero app and conducting other processing activities. Such employees keep strict confidentiality and prevent unauthorised third-party access to personal information.Changes to this Notice
We may update this privacy notice from time-to-time by posting a new version on our app. We advise you to check this page occasionally to ensure you are happy with any changes. However, we will endeavour to provide you with an announcement about any significant changes.