Privacy policy – Sidekick Health – Microsite

Approved: 30.04.2021

Published: 03.05.2021

Will be reviewed: 30.04.2023

General

SidekickHealth takes your privacy very seriously and is committed to protecting your personal information. In this privacy policy, we explain what information we collect from you as a user when you register your interest in participating in the program described on this site. Here we explain who receives your personal information, our legal basis for processing that personal data, how long we retain it, what your rights are as a user of the application, and other important facts relating to data protection laws. A separate Privacy Policy is used once users register for the Sidekick application.

1. Personal data collected and how that data is used

1.1. Information you provide when you register your interest for participation

If you come onto the site through a desktop we receive your phone number from you when you register your interest. The phone number is only used to provide you with a link to download the application and access the relevant program. For individuals that come in through a smartphone, Sidekick does not need any personal information to provide a link that enables individuals to access the relevant program.

Sidekick has access to individuals’ IP addresses once they visit the site. If individuals do not allow Cookies Sidekick does not process the IP address. (See section 6. how Sidekick handles Cookies).

1.2. Recipients, data storage and data retention regarding account registration

We use the Google Cloud SQL service to store your registration information. Google’s role is limited to storing information on our behalf; Google does not use the information for any other reason.

We store your information using the Google Cloud SQL service until you delete your Sidekick account or are inactive for two years.

The registration data is stored using Google Cloud SQL, whose databases are located in the EU. 

Sidekick uses Twilio to send SMS to international phone numbers but Nova sends SMS to Icelandic phone numbers

2. Outgoing text messages (SMS)

2.1. Sign-up

If you have input the relevant information for sign up, you will receive an SMS with a link to download the Sidekick application. That link will enable you to access the relevant program within the application.

3. Legal basis for processing personal data

The personal information referred to in section 1.1. and 2.1. mentioned above is processed based on your consent.

4. Protection of Personal Data

SidekickHealth takes precautions, including administrative, technical and physical measures, to safeguard your personal data against loss, theft and misuse, as well as against unauthorised access, disclosure, alteration and destruction. We store the personal data you provide encrypted on computer servers that are located in controlled facilities. We restrict access to personal data to our employees, contractors and agents who need access in order to operate, develop, or improve our services and the application.

When you enter sensitive personal data in the application we encrypt the transmission of such data using secure socket layer technology. We follow generally accepted standards to protect the personal data submitted to us, both during transmission and once we receive it.

5. Your rights as a user of the Sidekick Website

If you have granted your consent for processing certain personal data, you are entitled to withdraw your consent at any time according to data protection laws. However, that right does not affect the legitimacy of any data processing carried out before you withdrew your consent. You also enjoy other rights, such as the right to access your data, the right to have wrong or misleading information about you rectified, the right to have your personal data deleted, the right to restrict that the processing of your personal data, the right to object, and your right to data portability. Please note that some of your rights may be subject to certain conditions.

Users are never under any obligation to provide personal data. The consequences of not providing personal data are that the user will not be able to enjoy the application fully and what it has to offer.

6. Cookies

Cookies are small text files that are placed on your computer by websites that you visit. They are widely used to make websites work, or work more efficiently, and provide information to the owners of the site.

6.1. Necessary cookies

Some cookies are required to provide core functionality. The website won’t function properly without these cookies, and they are enabled by default and cannot be disabled.

Name Hostname Path Expiry  
cookieConsent .sidekick.health / 365 days  
Used by this site to store information about whether visitors have given or declined the use of cookie categories used on the site.
cookieSettings .sidekick.health / 365 days  
Used by this site to store information about whether visitors have given or declined the use of cookie categories used on the site.
VISITOR_INFO1_LIVE .youtube.com / 180 days 3rd party
A cookie that YouTube sets that measures your bandwidth to determine whether you get the new player interface or the old.

6.2. Analytical cookies

Analytical cookies help us improve our website by collecting and reporting information on its usage.

6.2.1. Google AdSense and AdWords

This website uses the online advertising tool Google Adsense and Google AdWords services provided by Google. In this context, the so-called ‘Conversion-Tracking’ is used. The conversion tracking cookie is set when a user clicks on a Google advertisement. These cookies are invalidated after 365 days and are not used for personal identification. If this cookie has not yet expired when the user visits certain pages of SidekickHealth, Google and SidekickHealth will be able to tell that the user clicked on a specific advertisement and proceeded to that page. Every customer of Google Adwords receives an anonymous individual cookie. Therefore cookies cannot be tracked across the websites of different Google AdWords customers. The information collected through the conversion cookie serves to generate statistics for Google AdWords. Google AdWords customers are able to retrieve the total number of users clicks on advertisements that have been marked for conversion tracking. However, the data gathered and evaluated will remain anonymous and the identity of the user cannot be traced. Users that do not want to participate in Conversion-Tracking can easily delete the cookies stored on their device through their browser. These users are will not be included in the conversion tracking statistics.

6.2.2. Mouseflow

This website uses Mouseflow: a website analytics tool that provides session replay, heatmaps, funnels, form analytics, feedback campaigns, and similar features/functionality. Mouseflow may record your clicks, mouse movements, scrolling, form fills (keystrokes) in non-excluded fields, pages visited and content, time on site, browser, operating system, device type (desktop/tablet/phone), screen resolution, visitor type (first time/returning), referrer, anonymized IP address, location (city/country), language, and similar metadata. Mouseflow does not collect any information on pages where it is not installed, nor does it track or collect information outside your web browser. If you’d like to opt out, you can do so at https://mouseflow.com/opt-out. If you’d like to obtain a copy of your data, make a correction, or have it erased, please contact us first or, as a secondary option, contact Mouseflow at privacy@mouseflow.com.

For more information, see Mouseflow’s Privacy Policy. For more information on Mouseflow and GDPR.

Name Hostname Path Expiry  
_ga .sidekick.health / 365 days  
Contains a unique identifier used by Google Analytics to determine that two distinct hits belong to the same user across browsing sessions.
_ga_Z20XETDWEX .sidekick.health / 365 days  
Contains a unique identifier used by Google Analytics to determine that two distinct hits belong to the same user across browsing sessions.
_gcl_au .sidekick.health / 365 days  
Used by Google AdSense and Google AdWords for experimenting with advertisement efficiency across websites using their services.
mf_initialDomQueue .sidekick.health / Session Local Storage
Registers data on visitors’ website-behaviour. This is used for internal analysis and website optimization.
mf_transmitQueue .sidekick.health / Session Local Storage
Collects data on the user’s navigation and behavior on the website. This is used to compile statistical reports and heatmaps for the website owner.
mf_user .sidekick.health / 90 days Local Storage
This cookie establishes whether the user is a returning or first time visitor. This is done simply by a yes/no toggle – no further information about the user is stored. This cookie has a lifetime of 90 days.

6.3. Marketing cookies

Marketing cookies track visitors across websites to allow publishers to display relevant and engaging advertisements.

Name Hostname Path Expiry  
_fbp .sidekick.health / 90 days  
Facebook Pixel advertising first-party cookie. Used by Facebook to track visits across websites to deliver a series of advertisement products such as real time bidding from third party advertisers.
fr facebook.com / 90 days 3rd party
Facebook Pixel advertising first-party cookie. Used by Facebook to track visits across websites to deliver a series of advertisement products such as real time bidding from third party advertisers.
c_user/xs/wd/spin/sb facebook.com / 90 days 3rd party
Used by Facebook to deliver a series of advertisement products such as real time bidding from third party advertisers.

7. Name and contact details of SidekickHealth

SidekickHealth ehf.

Org. no 680912-1490

Vallakór 4, 

203 Kópavogur,

Iceland

Email: contact@sidekickhealth.com

8. Data Protection Officer

If you have further questions about how SidekickHealth handles your personal data, or if you want to exercise your rights, you may contact our data protection officer:

Email: privacy@sidekickhealth.com

9. Right to file a complaint with the Data Protection Authority

If you have any concern that SidekickHealth handles your personal data legitimately, you have the right to file a complaint with the regulatory authority.