Privacy Policy | Kardio

Privacy Policy

Introduction

Our privacy policy (the “Privacy Policy”) explains the information we collect, how we use and share it, how to manage your privacy controls and your rights in connection with our websites and the related mobile applications and services (collectively, the “Services”). Please also read our Terms of Service which sets out the terms governing the Services.

Kardio is headquartered in Santa Clarita and our Services are provided to you by Kardioactive, LLC. If you are a resident of the European Economic Area (“EEA”), Kardioactive, LLC is the controller of your personal data for the purposes of EEA data protection law.

This policy was written in English. To the extent a translated version conflicts with the English version, the English version controls. Unless indicated otherwise, this Privacy Policy does not apply to third party products or services or the practices of companies that we do not own or control, including other companies you might interact with on or through the Services.

Questions or comments about this Privacy Policy may be submitted by mail to the address below.

Kardioactive, LLC

17701 Ridgeline Ct

Santa Clarita, CA 91350

USA

Info@kardioactive.com

Information Kardio Collects

Kardio collects information about you, including information that directly or indirectly identifies you, if you or your other members choose to share it with Kardio. We receive information in a few different ways, including when you track, complete or upload activities using the Services. Kardio also collects information about how you use the Services. There are also several opportunities for you to share information about yourself, your friends, and your activities with Kardio. For example:

Account, Profile, Activity, and Use Information

We collect basic account information such as your name, email address, date of birth, gender, weight, username and password that helps secure and provide you with access to our Services.

Profile, activity and use information is collected about you when you choose to upload a picture, activity (including date, time and geo-location information as well as your speed and pace and perceived exertion) or post, join a challenge, add your equipment usage, view others’ activities, or otherwise use the Services.

We use your contact information so we can respond to your support requests and comments.

Location Information

We collect and process location information when you sign up for and use the Services. We do not track your device location while you are not using Kardio.

Content You Share

We gather information from the photos, posts, comments, kudos, ratings, reviews, and other content you share on the Services, including when you participate in partner events or create segments or routes.

Contacts Information

You can choose to add your contacts’ information by connecting your contacts from your mobile device or social networking accounts to Kardio. If you choose to share your contacts with Kardio, Kardio will, in accordance with your instructions, access and store your contacts’ information in order to identify connections and help you connect with them. Learn more about how we collect information about your contacts, how we use that information, and the controls available to you.

Connected Devices and Apps

Kardio collects information from devices and apps you connect to Kardio. For example, you may connect your Garmin watch or Flywheel account to Kardio and information from these devices and apps will be passed along to Kardio.

Health Information

Kardio may collect or infer health information. Certain health information may be inferred from sources such as heart rate or other measurements, including power, cadence, and weight or other indicators. Before you can upload health information to Kardio, you must give your explicit consent to the processing of that health information. You can withdraw your consent to Kardio processing your health information at any time.

Payment Information

When you make a payment on Kardio, you may provide payment information such as your payment card or other payment details. We use Payment Card Industry compliant third-party payment services and we do not store your credit card information.

Third-Party Accounts

Kardio allows you to sign up and log in to the Services using accounts you create with third-party products and services, such as Facebook, Google, or Apple (collectively, “Third-Party Accounts”). If you access the Services with Third-Party Accounts we will collect information that you have agreed to make available such as your name, email address, profile information and preferences. This information is collected by the Third-Party Account provider and is provided to Kardio under their privacy policies. You can generally control the information that we receive from these sources using the privacy controls in your Third-Party Account.

Technical Information and Log Files

We collect information from your browser, computer, or mobile device, which provide us with technical information when you access or use the Services. This technical information includes device and network information, cookies, log files and analytics information. Learn more about how we use cookies and manage your preferences by visiting our Cookies Policy.

The Services use log files. The information stored in those files includes IP addresses, browser type, internet service provider (ISP), referring/exit pages, platform type, date/time stamp, and number of clicks. This information is used to analyze trends, administer, protect and secure the Services, track member movement in the aggregate, and gather broad demographic information for aggregate use. IP addresses may be linked to session IDs, athlete IDs and device identifiers.

Other Information

We may collect information from you through third parties, such as when we collect your feedback through surveys.

We may also collect information about you from other members.

How Kardio Uses Information

Kardio uses the information we collect and receive as described below.

To provide the Services

We use the information we collect and receive to provide the Services, including providing you with the ability to:

Record your activities and analyze your performance. For example, to compare your past efforts, analyze your training, and (with your consent) use your heart rate information to provide you with interesting and useful performance analysis.
Interact with other users. For example, to compete on segments, participate in challenges, and use features that help users interact with one another, such as group activities
To visualize your activities in new ways. For example, by creating personal goals.

Subject to your privacy controls, your information, including parts of your profile, username, photos, members you follow and who follow you, clubs you belong to, your activities, the devices you use, and kudos and comments you give and receive will be shared on Kardio so that you may be able to participate in the Services, for example to show your place on a leaderboard. Certain information (e.g., your name, and some profile information) is also available to non-members on the web. Your precise location information, such as where you run or ride, may also be shared on Kardio or to non-members, in accordance with your privacy controls.

To customize your experience

We use the information we collect about you, your followers, and your activities to customize your experience. For example, we may suggest segments, routes, challenges, or clubs that may interest you, athletes that you may want to follow, or new features that you may want to try. If we know that you like to run, we may tell you about new running activities or show you sponsored content related to running. If we see that you run in a certain area, we may suggest a race in that area.

To protect you and the Services

We use the information we collect to protect members, enforce our Terms of Service and Community Standards, and promote safety. For example, we find and remove content that violates our terms, such as hate speech or spam, as well as suspend or terminate accounts that share such content.

To improve our Services

We also use the information we collect to analyze, develop and improve the Services. To do this, Kardio may use third-party analytics providers to gain insights into how our Services are used and to help us improve the Services.

To communicate with you

We use the information we collect to provide support in response to your requests and comments.

We may also use the information we collect to market and promote the Services, activities and events on Kardio, and other commercial products or services. This includes marketing and push communications, where you have not opted out of receiving such messages and notifications.

To process your subscription

We use the information we collect to process your subscription.

Aggregate Information

We do not sell your personal information. Kardio may aggregate the information you and others make available in connection with the Services and post it publicly or share it with third parties.

How Information is Shared

In addition to sharing aggregated data about our members as described above, we also share personal information in accordance with your preferences, as needed to run our business and provide the Services, and where required for legal purposes, as set forth below.

Service Providers

We may share your information with third parties who provide services to Kardio such as supporting, improving, promoting and securing the Services, processing payments, or fulfilling orders. These service providers only have access to the information necessary to perform these limited functions on our behalf and are required to protect and secure your information. We may also engage service providers to collect information about your use of the Services over time on our behalf, so that we or they may promote Kardio or display information that may be relevant to your interests on the Services or other websites or services.

Publicly Available Information

When you join the Kardio community, your profile and your activities are set to be viewable by everyone by default. Your name and other profile information is viewable by other Kardio members and the public and, subject to your privacy controls, additional information and content you share may also be viewable. For example, your photos and routes may be accessed by other Kardio members and non-members or viewable on publicly accessible Kardio pages or in search engine results. We provide a variety of tools to control the sharing of your information and encourage our members to adjust their controls to align with their desired experience.

Sharing Information and Activities

As a social network, we share your information with other Kardio members and the public in accordance with your privacy controls. You can choose to invite your contacts to view your location and activities using Kardio. You can also share your activities with your contacts via text, email, or on social media applications like Facebook, Instagram, and Twitter. If you link your Kardio account to other social networks and share your activities, they will be viewable on such third-party platforms, including your location information. You should use caution when sharing information via third parties and you should carefully review the privacy practices of such third parties.

Third Party Business via API or Other Integrations

We enable you to share your information and content with third party apps, plugins, or websites that integrate with the Services, as well as with third parties who work with Kardio to offer an integrated feature, such as a challenge sponsor or tracking watch. You can choose to share your profile data and activity data (including private activities). Information collected by these third parties is subject to their terms and policies. Kardio is not responsible for the terms or policies of third parties.

Affiliates and Acquirors of our Business or Assets

We may share your information with affiliates under common control with us, who are required to comply with the terms of this Privacy Policy with regard to your information. If Kardio becomes involved in a business combination, securities offering, bankruptcy, reorganization, dissolution or other similar transaction, we may share or transfer your information in connection with such transaction.

Legal Requirements

We may preserve and share your information with third parties, including law enforcement, public or governmental agencies, or private litigants, within or outside your country of residence, if we determine that such disclosure is allowed by the law or reasonably necessary to comply with the law, including to respond to court orders, warrants, subpoenas, or other legal or regulatory process. We may also retain, preserve or disclose your information if we determine that this is reasonably necessary or appropriate to prevent any person from death or serious bodily injury, to address issues of national security or other issues of public importance, to prevent or detect violations of our Terms of Service or fraud or abuse of Kardio or its members, or to protect our operations or our property or other legal rights, including by disclosure to our legal counsel and other consultants and third parties in connection with actual or potential litigation.

DMCA Notices

We may share your information with third parties when we forward Digital Millennium Copyright Act (DMCA) notifications, which will be forwarded as submitted to us without any deletions.

How We Protect Information

We take several measures to safeguard the collection, transmission and storage of the data we collect. We employ reasonable protections for your information that are appropriate to its sensitivity. The Services use industry standard Secure Sockets Layer (SSL) technology to allow for the encryption of personal information and credit card numbers. Kardio engages providers that are industry leaders in online security, including Services verification, to strengthen the security of our Services. The Services are registered with site identification authorities so that your browser can confirm Kardio’s identity before any personal information is sent. In addition, Kardio’s secure servers protect this information using advanced firewall technology.

Managing Your Settings

Privacy Controls

Kardio offers several features and settings to help you manage your privacy and share your activities. Most privacy controls are located in your privacy controls page, but some are specific to individual activities.

Adjust Notification and Email Preferences

Kardio offers various ways to manage the notifications you receive. You can choose to stop receiving certain emails and notifications by indicating your preference here. You may also unsubscribe by following the instructions contained at the bottom of marketing or promotional emails. Any administrative or service-related emails (to confirm a purchase, or an update to this Privacy Policy or our Terms of Service, etc.) generally do not offer an option to unsubscribe as they are necessary to provide the Services you requested.

Updating Account Information

You may correct, amend or update profile or account information at any time by adjusting that information in your account settings. If you need further assistance correcting inaccurate information, please contact Kardio at info@kardioactive.com.

Deleting Information and Accounts and Downloading Your Data

You can delete your account or download your data using our self-service tools.

After you make a deletion request, we permanently and irreversibly delete your personal data from our systems, including backups. Once deleted, your data, including your account, activities and place on leaderboards cannot be reinstated. Following your deletion of your account, it may take up to 90 days to delete your personal information and system logs from our systems. Additionally, we may retain information where deletion requests are made to comply with the law and take other actions permitted by law.

Note that content you have shared with others, such as photos, or that others have copied may also remain visible after you have deleted your account or deleted specific information from your own profile. Your public profile may be displayed in search engine results until the search engine refreshes its cache.

Kardio also provides you the option to remove individual activities you have posted without deleting your account. Once removed,the activities may remain on Kardio’s systems until you delete your account.

Your Rights and Our Legal Bases

We provide the same suite of privacy tools and controls to all of our members worldwide. Particular rights may be available to you if you reside in certain locations, such as the EEA, Brazil or California. Learn more about your rights and how to exercise them.

Your Legal Rights in the EEA

If you are habitually located in the EEA, you have the right to access, rectify, download or erase your information, as well as the right to restrict and object to certain processing of your information. Kardio’s lead supervisory authority in the EEA is the Data Protection Commission of Ireland. Learn more.

Our Legal Bases

Kardio relies on a number of legal bases to collect, use, share, and otherwise process the information we have about you for the purposes described in this Privacy Policy, including:

as necessary to provide the Services and fulfill our obligations pursuant to the Terms of Service. For example, we cannot provide the Services unless we collect and use your location information;
where you have consented to the processing;
where necessary to comply with a legal obligation, a court order, or to exercise and defend legal claims;
to protect your vital interests, or those of others, such as in the case of emergencies; and
where necessary for the purposes of Kardio’s or a third party’s legitimate interests, such as our interests in protecting our members, our partners’ interests in collaborating with our members, and our commercial interests in ensuring the sustainability of the Services.

Transfers

The Services are operated from the United States. If you are located outside of the United States and choose to use the Services or provide information to us, you acknowledge and understand that your information will be transferred, processed and stored in the United States, as it is necessary to provide the Services and perform the Terms of Service. United States privacy laws may not be as protective as those in your jurisdiction.

Retention of Information

We retain information as long as it is necessary to provide the Services to you and others, subject to any legal obligations to further retain such information. Information associated with your account will generally be kept until it is no longer necessary to provide the Services or until your account is deleted. In addition, you can delete some items of information (e.g., profile information) and you can remove individual activities from view on the Services without deleting your account. For example, after you withdraw your consent to Kardio processing your health-related information, Kardio will delete all health-related information you upload. Following your deletion of your account, it may take up to 90 days to fully delete your personal information and system logs from our systems. Additionally, we may retain information to comply with the law, prevent fraud, collect fees, resolve disputes, troubleshoot problems, assist with investigations, enforce the Terms of Service and take other actions permitted by law. The information we retain will be handled in accordance with this Privacy Policy.

Information connected to you that is no longer necessary and relevant to provide our Services may be de-identified or aggregated with other non-personal data to provide insights which are commercially valuable to Kardio, such as statistics of the use of the Services. For example, we may retain publicly available segments or routes and other depersonalized geolocation information to continue to improve the Services and we use aggregated information in Kardio Metro and our Global Heatmap. This information will be de-associated with your name and other identifiers.

Privacy Policy Information

Kardio reserves the right to modify this Privacy Policy at any time. Please review it occasionally. If Kardio makes changes to this Privacy Policy, the updated Privacy Policy will be posted on the Services in a timely manner and, if we make material changes, we will provide a prominent notice. If you object to any of the changes to this Privacy Policy, you should stop using the Services and delete your account.