What is IDRO?
IDRO is offering a smart patch that gives you insight in lactate values measured in sweat. The entire purpose of the service is to process and store information for you, much of which occurs on our servers. Most of our users state that the benefits for sports performance and other benefits from the service far outweigh the slight reduction in privacy. However, if you are not comfortable with us processing and storing your information, then you should not use the service or send us any data. In this privacy statement we give you insight into the personal data we collect, why we collect it and what we do with this personal data.
Your privacy is critically important to us. At IDRO, we have a few fundamental principles:
Your account is completely private by default.
You can add as much or as little data as you want.
You can delete your account and data at any time.
We are very protective of our user’s data and privacy.
It is easy to share your profile with friends or the public, but you do not have to.
Information you post or sync may be seen by others depending on your settings.
We do not sell your data, and only make money from people paying us directly.
We do automatic tracking and syncing in the background as much as possible, within the limitations that you gave us, so you do not have to do a lot of work to maintain your account and manually enter data every day.
Aggregate information may be used for research, quality assurance, and improving IDRO’s service.
Connecting a 3rd party service gives us access to that data, but does not send your IDRO info to them. It is a one way connection. This does not reduce the privacy or security of your account in any way.
Read this privacy statement before using our products and services, being: our website www.idro.world (hereinafter referred to as “Website”) and the mobile application of IDRO (hereinafter referred to as “App”).
Who We Are
IDRO B.V. including its affiliated companies (hereinafter referred to as "IDRO", "we", "us" or "our") takes your privacy very seriously. As responsible for the processing of your personal data, we ensure that your personal data is treated and secured with the utmost care. We always comply with applicable laws and regulations. In this privacy statement we give you insight into the personal data we collect, why we collect it and what we do with this personal data.
We process personal data on the basis of the following principles that are included in European privacy legislation:
2. performance of an agreement;
3. legal obligation; and
4. legitimate interest of IDRO or a third party (eg Responsible Party).
Legitimate interests include: advertising, marketing, security, auditing, fraud detection, prevention, (market) research into and analysis and improvement of our products and services, internal management, legal affairs and business management.
Information About Your Personal Data
IDRO may use your name, address, city and email address to send information messages (not marketing communications) that are necessary to use IDRO Wearable. Basis 2. applies.
To the extent permitted by applicable law, IDRO may use your name, address, city, email address and telephone number for marketing communications, such as newsletters. You can unsubscribe from this at any time. The newsletter may also contain information and offers from other parties. Every newsletter contains a link with which you can unsubscribe. The subscriber file of the newsletter will not be provided to third parties, unless you have given explicit permission for this. This data is kept until you cancel the subscription. Base 1. or 4. applies, depending on the processing.
COMPLIANCE WITH (LOCAL) LAW: To comply with applicable law, IDRO may be required to process your personal data for purposes other than set out in this privacy statement, for example, for law enforcement and in the event of a court order. Basis 3. applies.
FRAUD DETECTION: IDRO processes the personal data known to you for fraud detection and to prevent fraud and abuse. If we have a reasonable suspicion of any fraud, fraud or criminal activity attributable to you, or determine this, your personal data will be processed to prevent you from using our products and services in the future. Basis 3. or 4. applies.
CUSTOMER SERVICE: IDRO can collect and share your personal data to provide (international) customer service. For example, IDRO may collect (telephone) requests received by customer service and related responses, along with your name, address, city, email address, and phone number. In this way, IDRO can respond better to questions. Base 1. or 4. applies, depending on the processing.
How to Contact Us
If you have any questions, comments, or concerns about how we handle your Personal Data, then you may contact us by sending a message to info at idro.world
What information do we collect?
When you sign up for an account, we start building your profile and adding data to it. A basic user account has details like your name, email address, profile photo, cover photo, date of birth, and gender. These can be prefilled by Facebook login, or manually entered.
The IDRO app tracks some basic stats like steps, but it is mostly powered by the other services and devices you connect to it. We have many integrations and are constantly adding more. We will update this list as the data we collect evolves. The more services you connect to your account, the more data you will be able to see on your profile and in the app. What you feel comfortable connecting and sharing is up to you.
Each type of account has different content and various amounts of personally identifiable information, so you may be comfortable with connecting some and not others. For example, you might be comfortable connecting your public photos from Instagram, but not the locations you've been to on Foursquare.
We use our access to your accounts only to load the information we need, never to write or modify your data in any way. We load data once when your account is first connected, and then periodically to keep your account up to date. This data is processed and stored on IDRO servers so it can be accessed through the website, mobile app and other platforms. When you disconnect an account, we also delete all the associated data that was imported from that account.
The following are some of the commonly used services we integrate with, and the data that can come from it.
We load your count of daily steps from a variety of sources. You can select which is the primary source in settings. The common sources for steps include Apple Health, Google Fit, Fitbit, and others.
From the iPhone app, we load various data-points from HealthKit (aka Apple Health) during the initial install and keep them synced occasionally throughout the day. When installing the app, you will be able to choose which data types you want to sync. The possible options include: steps, workouts, sleep, heart rate, weight, bodyfat percentage, blood pressure, blood glucose, and menstrual cycles. Pro users can also use details like calories, carbs/protein/fat intake, mindfulness time, and more if it is available in HealthKit.
Setting up IDRO syncing will upload the data from your phone to our servers.
Runs, swims, walks, biking and other types of physical activity. The details we get include the start time, duration, pace, calories, etc. If available, we also load the latitude/longitude coordinates to plot it on a map. We also load your heart rate information if available.
These are required to log in to your account and for basic web browsing features. When you visit the Services, a cookie will be stored on your computer.
The Services use log files. Stored information includes IP addresses, browser type, internet service provider (ISP), referring/exit pages, platform type, date/time stamp, and number of clicks. This information is used to analyse trends, administer, protect and secure the Services, track member movement in the aggregate, and gather broad demographic information for aggregate use. These files may be stored on our servers or on analytics platforms that we use.
Who can see your content?
We only use your data to power your profile page, and will never share or sell your details to any 3rd parties. Data in your account can also be used to order print goods like posters and books for your own personal usage, which may require more access by IDRO staff to generate.
API ACCESS & EXPORTING
There is currently no public API to get data out of IDRO.
YOUR COMPANY ON IDRO
If your company has a IDRO membership, you may be able to join your company on IDRO.
HOW WE COLLECT AND USE PERSONAL DATA
We collect your Personal Data in several ways and for various purposes, including:
When you register for an account or interact with our Services.
When you input Fitness and Wellness Data within our Services or use our Services that collect or infer such data from mobile device sensors.
When you use or interact with a wearable or other connected device.
When you give us permission to sync Apple Health data in the iPhone app.
When you give us permission to sync Samsung or Google Fit data in the Android app.
When you give us permission to collect Location Data in the mobile apps.
When you connect an integration to sync data to your account.
When you communicate with us or sign up for promotional materials.
When you engage with our online communities or advertising.
When you access third party products and services.
When you connect with us through social media.
When we collect data from third parties or publicly-available sources.
When we leverage and/or collect cookies, device IDs, Location, data from the environment, and other tracking technologies.
When we aggregate or centralize data.
When we link you to friends across platforms.
When you take fitness tests or assessments; share content or achievements; or invite friends.
When we provide you geographically relevant Services, offers, or advertising.
When you ask us to customize products, or Services.
When we comply with Legal Requirements or Obligations, Law Enforcement, and for Public Safety Purposes ( Country/Region-Specific Disclosures may apply).
HOW INFORMATION IS SHARED
To other Users/IDRO Registered Users
To Affiliates and Partners
To Service Providers and Vendors
For Advertising and Marketing
For Certain Analytics and Improvement
For Interest-Based Advertising
For Legal Compliance, Law Enforcement, and Public Safety Purposes
In the event of an actual or contemplated sale
PUBLICLY AVAILABLE INFORMATION
Subject to your privacy settings, some of your information and content may be publicly accessible. Having an account on the service will make your name, profile photo and cover photo viewable so people can send a friend request. More sensitive details like your recent activity will remain private unless made public, or a friend request is accepted.
AFFILIATES AND ACQUIRORS OF OUR BUSINESS OR ASSETS
TRANSFERS OF YOUR PERSONAL DATA TO OTHER COUNTRIES
The Personal Data IDRO processes, and all associated Services and systems, including registration, is housed on servers in the United States. If you are located outside of the United States, please be aware that Personal Data we collect will be processed and stored in the United States (the data protection and privacy laws in the United States may offer a lower level of protection than in your country/region).
European Union rights
If you are habitually located in the European Union, you have the right to access, rectify, download or erase your information, as well as the right to restrict and object to certain processing of your information. While some of these rights apply generally, certain rights apply only in certain limited circumstances. We describe these rights below:
You can access much of your information by logging into your account.
RECTIFY, RESTRICT, LIMIT, DELETE
You can also rectify, restrict, limit, or delete much of your information by logging into your account and deleting particular integrations, data points, or the entire account.
Where we process your information based on our legitimate interests explained above, or in the public interest, you can object to this processing in certain circumstances. In such cases, we will cease processing your information unless we have compelling legitimate grounds to continue processing or where it is needed for legal reasons.
Where you have previously provided your consent, such as to permit us to process health-related data about you, you have the right to withdraw your consent to the processing of your information at any time. For example, you can withdraw your consent by updating your settings or disconnecting an integration. In certain cases, we may continue to process your information after you have withdrawn consent if we have a legal basis to do so or if your withdrawal of consent was limited to certain processing activities.
Should you wish to raise a concern about our use of your information (and without prejudice to any other rights you may have), you have the right to do so with your local supervisory authority.
Consent as a Basis for Processing
In some cases, we will ask for your consent to process your Personal Data. You may indicate your consent in a number of ways, including, as permitted by law, ticking a box or connecting an integration, to indicate your consent when (i) providing us with your Personal Data through our Services or a form (including enrolling in Promotions); or (ii) registering or creating an account with us. Due to different countries' laws governing consent for the collection and use of Personal Data, the requirements for consent will differ across regions. We may request your consent for a number of activities including:
IDRO Marketing and Communication
Third Party Marketing
Collecting Mobile Device IDs, Advertising IDs, and Data from Sensors
Processing Sensitive Personal Data
Collecting and Sharing Location Data
Transfer of Data
To Enable Social Sharing and Connect with Us on Social Media
MANAGING PREFERENCES AND WITHDRAWING CONSENT
You may at any time withdraw your consent with future effect and without affecting the lawfulness of processing of your Personal Data based on the consent you provided before you withdrew it, and exercise other controls regarding website and online data collection, interest-based advertising, your communication settings, and app preferences. Depending on the Service, collection and use of Personal Data may be required for the Services to work. To withdraw your consent, you can delete your account at gyrosco.pe/delete/ which will stop the future processing of data.
We do very little advertising, and mostly rely on word of mouth for growth. Occasionally we will do advertisments to get more users for the service. Interest-based advertising is advertising that is targeted to you based on your web browsing and app usage over time and across websites or apps.
How We Protect Information
We will retain your Personal Data for as long as you maintain an account or as otherwise necessary to provide you the Services. Since part of the service is keeping your history for you to view later, we will generally retain data as much as possible. We will also retain your Personal Data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Where permissible, we will also delete your Personal Data upon your request. If you have questions about our data retention practices, please contact us through our Support Team.
We implement appropriate technical and organizational safeguards to protect against unauthorized or unlawful processing of Personal Data and against accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Personal Data. Please be advised, however, that we cannot fully eliminate security risks associated with the storage and transmission of Personal Data.
Although we strive to employ reasonable protections for your information that are appropriate to its sensitivity, we do not guarantee or warrant the security of the information you share with us and we are not responsible for the theft, destruction, loss or inadvertent disclosure of your information or content.
LINKS TO OTHER WEBSITES
We do not knowingly collect Personal Data online from children under 13 (note that the minimum age may vary based on country/region, and on local law). If you become aware that a child has provided us with Personal Data without parental consent, please contact us through our Support Team. If we become aware that a child under 13 has provided us with Personal Data without parental consent, we will take steps to remove the data and cancel the child's account.
That’s it! Thanks for reading.
This privacy statement was last updated on Dec. 08, 2020 and created for the beta-version of the app.