Privacy Policy

What is the purpose of this policy?

Bodyo, which manages the website www.bodyo.com, attaches great importance to the protection and confidentiality of your personal data, which we consider to be a sign of seriousness and trust.

The Data Privacy Policy is a clear demonstration of our commitment to ensuring that Bodyo complies with the applicable data protection rules and, in particular, with the General Data Protection Regulation (“GDPR”).

In particular, the Privacy Policy aims to inform you about how and why we process your data in connection with the services we provide.

Who does this policy apply to?

The Policy applies to you, regardless of where you live, if you are a client, an applicant for a position with Bodyo, or a visitor to www.bodyo.com.

Individuals under 15 years of age are advised that they may only use our services with the prior written consent of their parents, which must be sent to privacy@bodyo.com. If you believe that we may have information about your child under the age of 15 without your consent, please contact us.

Why do we process your data?

As part of the services we offer, we may need to process your personal data to:

  • to browse our website, to benefit from our services and so that we can respond to your requests (e.g.: requests for information, complaints, etc.) on the basis of our general terms of use and our legitimate interest in providing you with the best possible service

  • concerning professionals, to stay informed of our latest offers and events by email on the basis of our legitimate interest in identifying potential new customers, in accordance with the provisions of the CNIL accessible here.

  • concerning private individuals, to be informed of our latest offers and events by email on the basis, for consumers, of our legitimate interest in retaining our customers and on the basis of your consent, in the event that you are not yet a customer of our services.

  • follow us and comment on our publications on social networks on the basis of our legitimate interest in having a dedicated page on social networks.

  • apply for a position within Bodyo based on discussions we have with you during the recruitment process and our legitimate interest in recruiting and selecting candidates.

Your data is collected directly from you when you use our website and we undertake to process your data only for the purposes described above.

On the other hand, when you voluntarily post content on the pages we publish on social networks, you acknowledge that you are fully responsible for any personal information you may transmit, regardless of the nature and origin of the information provided.

For cookies, please see our dedicated Cookie Policy available on our website.

What data do we process and for how long?

We have summarized the categories of personal data we collect and the respective retention periods.

If you would like to know more about the retention periods applicable to your data, you can contact us at privacy@bodyo.com.

  • For private individuals, personal identification data (e.g., last name, first name) and contact information (e.g., email address) are kept for the entire duration of the provision of the service, in addition to the legal statute of limitations, which is generally 5 years.

  • For professionals, personal identification data (e.g. name, first name, position, company, service, etc.) and contact information (e.g. email address and business phone number, etc.) kept for the entire duration of the provision of the service, plus the legal statute of limitations, which is generally 5 years.

  • For individuals, economic and financial data (e.g. bank account number, verification code, etc.) kept for the duration necessary for the transaction and the management of invoicing and payments, plus the legal limitation periods, which are generally from 5 to 10 years.

  • For professionals, when there is a confusion between the name of your structure and your personal name (e.g.: auto-entrepreneur, VSE, etc.), economic and financial data (e.g.: bank account number, verification code, etc.) kept for the time necessary for the transaction and the management of the invoicing and payments to which are added the legal prescription periods which are generally from 5 years to 10 years

  • Email address in the context of our commercial prospecting campaigns by email kept for a maximum period of 3 years from the last contact we had with you.

  • Connection data (e.g. logs, IP address, etc.) kept for a period of 1 year.

  • Data indicated in the CV and cover letter kept for the duration of the recruitment process and then for 2 years from the date of your application.

  • Connection data (e.g. logs, IP address, etc.) kept for 1 year.

  • Cookies which are generally kept for a maximum of 13 months. For more details on how we use your cookies, you can consult our cookie policy, which can be accessed at any time on our website.

Once the retention periods described above have expired, the deletion of your personal data is irreversible and we will no longer be able to communicate them to you after this period. At most, we can only keep anonymous data for statistical purposes.

Please also note that in the event of litigation, we are obliged to keep all data concerning you for the entire duration of the processing of the case, even after the expiry of the retention periods described above.

Health Data Collection & Processing

Our app collects and processes health-related data to enhance users’ wellness and insights and recommendations based on health assessments. Specifically, we access activity, nutrition, heart rate, and body sensor data to compare it with measurements taken during health checkups conducted in our POD device. This comparison allow us to provide users with a comprehensive health overview, personalize health insights, and offer tailored tips on maintaining and improving health.

All health data is used solely to support user wellness and is protected according to applicable data privacy regulations. We do not share health data with third parties for marketing or advertising purposes, and it is accessed only by authorize personnel to deliver our services. Additionally, users have full control over their health data and can manage their permissions within the app settings.

What rights do you have to control the use of your data?

The applicable data protection regulations give you specific rights that you can exercise, at any time and free of charge, to control the use we make of your data.

  • Right of access and copy of your personal data as long as this request is not in contradiction with business secrecy, confidentiality, or the secrecy of correspondence.

  • Right to rectify personal data that are erroneous, obsolete or incomplete.

  • The right to object to the processing of your personal data for commercial prospecting purposes.

  • Right to request the deletion (“right to be forgotten”) of your personal data that are not essential to the proper functioning of our services.

  • Right to the limitation of your personal data which allows to photograph the use of your data in case of dispute on the legitimacy of a processing.

  • Right to the portability of your data which allows you to recover part of your personal data in order to store them or transmit them easily from one information system to another.

  • The right to give instructions on what to do with your data in the event of your death, either through you or through a trusted third party or a beneficiary.

For a request to be taken into account, it is imperative that it be made directly by you at privacy@bodyo.com. Any request that is not made in this manner cannot be processed.

Requests cannot be made by anyone other than you. We may therefore ask you to provide proof of identity if there is any doubt about the identity of the requester.

We will respond to your request as soon as possible, within one month of receipt, unless the request is complex or repetitive. In this case, the response time may be up to three months.

Please note that we can always refuse to respond to any excessive or unfounded request, particularly with regard to its repetitive nature.

Who may have access to your data?

WE NEVER TRANSFER OR SELL YOUR DATA TO THIRD PARTIES OR BUSINESS PARTNERS. ALL YOUR PERSONAL DATA IS USED EXCLUSIVELY BY OUR TEAMS OR BY OUR IT SERVICE PROVIDERS.

Specifically, we only share your data with those who are authorized to use it to provide our service to you, such as our IT department or our customer relations department.

Your personal data is also transferred to our IT service providers who are only used to operate our service such as our data host or our technical email tool.

We would like to point out that we check all our IT service providers before hiring them to make sure that they comply with the applicable data protection regulations.

How do we protect your data?

We implement all the technical and organizational means required to guarantee the security of your data on a daily basis and, in particular, to fight against any risk of destruction, loss, alteration, or disclosure of your data that would not be authorized (e.g.: training, access control, passwords, etc.).

Can your data be transferred outside the European Union?

Unless strictly necessary and on an exceptional basis, we never transfer your data outside the European Union and your data is always hosted within the European Union. In addition, we make every effort to use only service providers who host your data within the European Union.

Should our service providers nevertheless transfer your personal data outside the European Union, we take great care to ensure that they implement appropriate safeguards to ensure the confidentiality and protection of your data.

Who can you contact for more information?

To best ensure the protection and integrity of your data, we have formally appointed an independent Data Protection Officer (“DPO”) to our supervisory authority.

You can contact our DPO at any time and free of charge at privacy@bodyo.com to obtain more information or details on how we process your data.

How can you contact the CNIL?

You can contact the “Commission nationale de l’informatique et des libertés” or “CNIL” at any time at the following address CNIL Complaints Department, 3 place de Fontenoy – TSA 80751, 75334 Paris Cedex 07 or by telephone at 01.53.73.22.22.

Can the policy be changed?

We may modify our privacy policy at any time to adapt it to new legal requirements and to new processing operations that we may implement in the future.

Certified compliant by Dipeeo ®.