Sign In START YOUR 14 DAY FREE TRIAL

PRIVACY POLICY

Last updated on 26th August 2024


This Privacy Policy (hereinafter referred to as the “Policy”) details the critical aspects governing your personal data relationship with ‘Lisa K Fitness’ (hereinafter referred to as ‘Lisa K Fitness’, ‘we’, ‘us’, or ‘our’) which is operated by Kahunas FZE, a company incorporated under the laws of the United Arab Emirates, having its registered office at Coworking Business Centre, Sharjah Publishing City Free Zone, Sharjah, United Arab Emirates.


We may occasionally make changes to the Policy by publishing the changes on our website.

We hold the sincere belief that you should always know what data we collect from you, and the purposes for which such data is used. We also believe that you should have the ability to make informed decisions about what data you want to share with us. Therefore, we are fully transparent about how and why we collect, store, share and use your personal data through the various capacities in which you interact with us.


Your personal data relationship with Lisa K Fitness varies based on the capacity in which you interact with us and/or avail our products and services (collectively referred to as the “Services”), such as when you:


  1. Are a visitor to https://kahunas.io or any of our websites that link to this Policy (collectively referred to as the “Website”) or any pages thereof (in such instance you are referred to as a “Visitor”);

  2. Download and use our Mobile App, Desktop App, or any other application that links to this Policy;

  3. Have an account with us to avail our Services (in such instance you are referred to as a “Registered User”); or

  4. Engage with us in other related ways, including any sales, marketing, or events.


This Policy is a part of and should be read in conjunction with our Terms of Service, and will clarify the rights available to you vis-à-vis the personal data you share with us.


If you have any queries or concerns with this Policy, please contact our Grievance Officer as mentioned at the end. If you do not agree with the Policy, you are strictly prohibited from visiting our Website or Apps and using our Services.


  1. WHAT INFORMATION DO WE COLLECT?

    The information that we collect depends on the context of your interactions with us through our Website and Services, the choices you make, and the products and features you use. All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information.


    (A) INFORMATION THAT IS AUTOMATICALLY COLLECTED

    We automatically collect certain information when you visit, use, or navigate our Website or App or try to connect to our Services. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services, and other technical information. This information is primarily needed to maintain the security and operation of our Services, and for our internal analytics and reporting purposes. We also collect information through cookies and similar technologies.


    The information we collect includes:


    (1) Log and Usage Data: Log and usage data is service-related, diagnostic, usage, and performance information our servers automatically collect when you access or use our Website or Services and which we record in log files. Depending on how you interact with us, this log data may include your IP address, device information, browser type, and settings and information about your activity on the Website (such as the date/time stamps associated with your usage, pages and files viewed, searches, and other actions you take such as which features you use), device event information (such as system activity, error reports (sometimes called 'crash dumps'), and hardware settings).

    (2) Device Data: We collect device data such as information about your computer, phone, tablet, or other device you use to access our Website or Services. Depending on the device used, this device data may include information such as your IP address (or proxy server), device and application identification numbers, location, browser type, hardware model, Internet service provider and/or mobile carrier, operating system, and system configuration information.

    (3) Location Data: We collect location data such as information about your device's location, which can be either precise or imprecise. How much information we collect depends on the type and settings of the device you use to access the Services. For example, we may use GPS and other technologies to collect geolocation data that tells us your current location (based on your IP address). You can opt out of allowing us to collect this information either by refusing access to the information or by disabling your Location setting on your device. However, if you choose to opt out, you may not be able to use certain aspects of the Website or Services.


    (B) PERSONAL INFORMATION THAT YOU DISCLOSE TO US

    We collect personal information that you voluntarily provide to us when you register on the Services, express an interest in obtaining information about us or our products and Services, when you participate in activities on the Services, or otherwise when you contact us.

    (1) Your name, age, gender, phone number, e-mail address, mailing address;

    (2) Username, password, or other relevant unique identifier;

    (3) Credit card/debit card/other payment mode information to facilitate payments for our Services, and billing addresses.


    (C) PAYMENT DATA

    We may collect data necessary to process your payment if you make purchases, such as your payment instrument number, and the security code associated with your payment instrument. All payment data is stored by Stripe. You may find their privacy notice link(s) here: https://stripe.com/ae/privacy.


    (D) THIRD PARTY SERVICES

    Besides Stripe, we may use other third-party service providers to help us operate our business and the services we provide to you.
    These third parties may have access to your personal data as required to perform their functions but are not permitted to share or use the data for any other purpose.


    (E) APPLICATION DATA

    If you use our application(s) like Mobile App or Desktop App, we also may collect the following information if you choose to provide us with access or permission as this information is primarily needed to maintain the security and operation of our application(s), for troubleshooting, and for our internal analytics and reporting purposes:


    (1) Mobile Data Access: We may request access or permission to certain features from your mobile device, including your mobile device's storage, and other features. If you wish to change our access or permissions, you may do so in your device's settings.


    (2) Mobile Device Data: We automatically collect device information (such as your mobile device ID, model, and manufacturer), operating system, version information and system configuration information, device and application identification numbers, browser type and version, hardware model Internet service provider and/or mobile carrier, and Internet Protocol (IP) address (or proxy server). If you are using our application(s), we may also collect information about the phone network associated with your mobile device, your mobile device’s operating system or platform, the type of mobile device you use, your mobile device’s unique device ID, and information about the features of our application(s) you accessed.


    (3) Push Notifications: We may request to send you push notifications regarding your account or certain features of the application(s). If you wish to opt out from receiving these types of communications, you may turn them off in your device's settings.


    (4) Health Data: With your explicit consent, we collect health data from Health Connect, including but not limited to steps, distance, exercise minutes, weight, body fat percentage, muscle mass, heart rate, temperature, sleep, and respiratory rate. This data is used to enhance your fitness tracking and coaching experience.



    (F) IMAGES, VIDEOS, FILES AND AUDIO.

    We may collect and use images, videos, files, and audio that you voluntarily upload, share, or transmit through our platform or services. These may include user-generated content, profile pictures, media attachments, or any other multimedia files. We collect this data to provide and improve our services, customize your user experience, facilitate communication, and fulfill any legal obligations. You have the ability to manage your images, videos, files, and audio on our platform or services. You may edit, delete, or update your content. Please be aware that certain information may remain stored in backup copies or archives for a limited period.



  2. CHILDREN'S PRIVACY

    Our services are not directed to children under the age of 13 (or other age as required by local law), and we do not knowingly collect personal data from children. If we become aware that a child has provided us with personal data, we will delete such data from our records.



  3. HOW DO WE PROCESS OR USE YOUR INFORMATION?

    We process your personal information for a variety of reasons, depending on how you interact with our Websites, Apps, and/or Services, including:


    (1) To facilitate account creation and authentication and otherwise manage user accounts – We may process your information so you can create and log in to your account, as well as keep your account in working order, and to identify the login information of multiple users from the same device.

    (2) To deliver and facilitate delivery of services to the user – We may process your information to provide you with the requested service.

    (3) To respond to user inquiries/offer support to users – We may process your information to respond to your inquiries and solve any potential issues you might have with the requested service.

    (4) To send administrative information to you – We may process your information to send you details about our products and services, changes to our terms and policies, and other similar information.

    (5) To enable user-to-user communications – We may process your information if you choose to use any of our offerings that allow for communication with another user.

    (6) To request feedback – We may process your information when necessary to request feedback and to contact you about your use of our Website, App, and/or Services.

    (7) To send you marketing and promotional communications – We may process the personal information you send to us for our marketing purposes, if this is in accordance with your marketing preferences. You can opt out of our marketing emails at any time.

    (8) To deliver targeted advertising to you – We may process your information to develop and display personalized content and advertising tailored to your interests, location, and more.

    (9) To protect our Services – We may process your information as part of our efforts to keep our Services safe and secure, including fraud monitoring and prevention.

    (10) To identify usage trends – We may process information about how you use our Website, App, and/or Services to better understand how they are being used so we can improve them.

    (11) To determine the effectiveness of our marketing and promotional campaigns – We may process your information to better understand how to provide marketing and promotional campaigns that are most relevant to you.

    (12) To save or protect an individual's vital interest – We may process your information when necessary to save or protect an individual’s vital interest, such as to prevent harm.

    (13) Enhance the development of the platform – We may process your information for machine learning and/or A.I.

    (14) To make payments for our Services – We use this data to enable you to make payments for our Services. We use a third-party service provider to manage payment processing.



  4. LEGAL BASES TO PROCESS YOUR INFORMATION

    We may rely on the following legal bases to process your personal information:


    1. Consent – We may process your information if you have given us permission (i.e., consent) to use your personal information for a specific purpose. You can withdraw your consent at any time.

    2. Performance of a Contract – We may process your personal information when we believe it is necessary to fulfil our contractual obligations to you, including providing our Services or at your request prior to entering into a contract with you.

    3. Legitimate Interests – We may process your information when we believe it is reasonably necessary to achieve our legitimate business interests and those interests do not outweigh your interests and fundamental rights and freedoms. For example, we may process your personal information for some of the purposes described in order to:

    4. (a) Send users information about special offers and discounts on our products and services;

      (b) Develop and display personalized and relevant advertising content for our users

      (c) Analyse how our Services are used so we can improve them to engage and retain users;

      (d) Support our marketing activities;

      (e) Diagnose problems and/or prevent fraudulent activities

      (f) Understand how our users use our products and services so we can improve user experience.

    5. Legal Obligations – We may process your information where we believe it is necessary for compliance with our legal obligations, such as to cooperate with a law enforcement body or regulatory agency, exercise or defend our legal rights, or disclose your information as evidence in litigation in which we are involved.

    6. Vital Interests – We may process your information where we believe it is necessary to protect your vital interests or the vital interests of a third party, such as situations involving potential threats to the safety of any person.



  5. COOKIES AND TRACKING TECHNOLOGIES THAT WE USE

    We may use cookies and similar tracking technologies (like web beacons and pixels) to access or store information.


    Cookies are text files which are sent from our server and downloaded to your device when you visit our Website. They are useful because they allow us to recognize your device when you return. You can disable them through your browser should you so wish. They are useful because they allow us to recognize your device when you return. You can disable them through your browser should you so wish. We use cookies to see which parts of our Website are used by Registered Users/Visitors and to record the number of visits to our Website.


    Web beacon (also known as Clear GIF, Web Bugs or Pixel Tag) is a tiny picture file embedded on the Website/App that tracks your behavior and navigation. It is similar to a cookie in what it does, but it does not get downloaded on to your device. We use web beacons to manage cookies, record visits, and to learn marketing metrics. We also use web beacons to track and monitor email opening rates as well as link clicks.


    Usually, browsers have default setting to accept cookies until you change your browser settings. You can choose to reject and remove cookies from our Website by changing your browser settings. If you reject or remove our cookies, it could affect how our Website works.



  6. INFORMATION WE GET FROM OTHERS

    We may receive data about you from other sources i.e., expert calls, smart watches, surveys, and such data may be added to our Website/App from time to time. Such data may include your behavior towards various content posted on our Website/App from other sources.



  7. RETENTION OF DATA

    We will store any personal data we collect from you as long as it is necessary, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements), in order to facilitate your use of the Services and for ancillary legitimate and essential business purposes – these include, without limitation, for improving our Services, attending to technical issues, and dealing with disputes.


    Your personal data will primarily be stored in electronic form. We may enter into agreement with third parties to collect, store, process your personal data but under full compliance with applicable laws. We may need to retain your personal data even if you seek deletion thereof, if it is needed to comply with our legal obligations, resolve disputes and enforce our agreements.


    If you are a Registered User, please be advised that after you terminate your usage of a Service, we may, unless legally prohibited, delete all data provided or collected by you from our servers.


    When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.



  8. DATA TRANSFER

    Your personal data may be transferred to, and processed in, countries other than the country in which you are resident.
    These countries may have data protection laws that are different from the laws of your country. We ensure that appropriate safeguards are in place to protect your personal data when transferred internationally.



  9. TRACKING BY OUR ADVERTISEMENT PARTNERS

    Upon receiving your specific consent, we may share the data we collect from cookies or web beacons with our advertisement partners to track your visits, establish your non-personal identity and present you with targeted advertisements about our Services.



  10. SHARING YOUR INFORMATION

    In the ordinary course of business, we may employ other companies and people to assist us in providing certain components of our Services in compliance with the provisions of this Policy. To do so, we may need to share your data with them.


    Additionally, we may also need to share your data in the following situations:

    (1) Business Transfers – We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.

    (2) Other Users – When you share personal information (for example, by posting comments, contributions, or other content to the Services) or otherwise interact with public areas of the Services, such personal information may be viewed by all users and may be publicly made available outside the Services in perpetuity. Similarly, other users will be able to view descriptions of your activity, communicate with you within our Services, and view your profile.


    We have not disclosed, sold, or shared any personal information to third parties for a business or commercial purpose in the preceding twelve (12) months, and will not sell or share personal information in the future belonging to website visitors, users, and other consumers.



  11. THIRD PARTY LINKS

    We may display links to third-party websites or applications on our Website or Apps for advertising or providing you with relevant content. We will not be responsible for such third-party websites or applications if you choose to access them. If you provide any data to such website/application, please ensure you read their policies given that you will no longer be bound by this Policy in doing so.


    We may receive data whenever you visit a third-party link through our Website/App which includes the date and time of your visit to the third-party website, the web address or URL, technical information about the IP address, browser and the operating system you use and, if you are logged into Lisa K Fitness, your username.



  12. DATA BREACH NOTIFICATION

    In the event of a data breach, we will notify affected users promptly and will take all necessary steps to mitigate the breach as required by applicable laws and regulations. We are committed to keeping our users informed about any risks to their personal data.



  13. SECURITY OF YOUR INFORMATION

    We have implemented appropriate and reasonable industry-standard technical and organizational security measures designed to protect the security of any personal information we process by using a variety of security technologies and procedures to help protect your data from unauthorized access, use, loss, destruction or disclosure. When we collect particularly sensitive data (such as a credit card number or your geo-location), it is encrypted using industry-standard cryptographic techniques. Your password is your first line of defense once you set up a Lisa K Fitness account, we recommend that you set a strong password which you never share with anyone.


    However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. Although we will do our best to protect your personal information, transmission of personal information to and from our Services is at your own risk. You should only access the Services within a secure environment. we shall not be responsible for any breach of security or the disclosure of personal data for reasons outside our control, such as hacking, social engineering, cyber terrorism, espionage by third parties, or any events by way of force majeure such as sabotage, fire, flood, explosion, acts of God, civil commotion, strikes or industrial action of any kind, riots, insurrection, war or acts of government.



  14. YOUR PRIVACY RIGHTS

    Your privacy rights under various laws are described below, however, failure to mention any such right is unintentional and shall not be considered as a breach:


    1. Right to be Informed – You have a right to be informed about:

    2. (a) whether we collect and use your personal information;

      (b) the categories of personal information that we collect;

      (c) the purposes for which the collected personal information is used;

      (d) the manner in which any of your personal data is collected or used;

      (e) whether we sell or share personal information to third parties;

      (f) the categories of personal information that we sold, shared, or disclosed for a business purpose;

      (g) the categories of third parties to whom the personal information was sold, shared, or disclosed for a business purpose;

      (h) the business or commercial purpose for collecting, selling, or sharing personal information; and

      (i) the specific pieces of personal information we collected about you.


    3. Right of Access – You have a right to access the personal data you have provided by requesting us to provide you with the same.


    4. Right of Rectification – You have a right to request us to amend or update your personal data if it is inaccurate or incomplete.


    5. Right to Erasure – You have a right to request us to delete your personal data. If you ask us to delete your personal information, we will respect your request and delete your personal information, subject to certain exceptions provided by law, such as (but not limited to) the exercise by another consumer of his or her right to free speech, our compliance requirements resulting from a legal obligation, or any processing that may be required to protect against illegal activities.


    6. Right to Restrict – You have a right to request us to temporarily or permanently stop processing all or some of your personal data.


    7. Right to Object – You have a right, at any time, to object to our processing of your personal data under certain circumstances. You have an absolute right to object to us processing your personal data for the purposes of direct marketing.


    8. Right to Data Portability – You have a right to request us to provide you with a copy of your personal data in electronic format and you can transmit that personal data for using another third-party’s product/service.


    9. Right not to be subject to Automated Decision-Making – You have a right to not be subject to a decision based solely on automated decision making, including profiling.


    10. Right to Non-Discrimination for the exercise of Privacy Rights – We will not discriminate against you if you exercise your privacy rights.


    You can make any such request for exercising your rights by contacting us through our Grievance Officer, whose details are provided in the end. We will consider and act upon any request in accordance with applicable data protection laws.


    Withdrawing your consent: If we are relying on your consent to process your personal information, which may be express and/or implied consent depending on the applicable law, you have the right to withdraw your consent at any time. You can withdraw your consent at any time by contacting the Grievance Officer whose details are provided in the end. However, please note that this will not affect the lawfulness of the processing before its withdrawal nor, when applicable law allows, will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent.


    Opting out of marketing and promotional communications: You can unsubscribe from our marketing and promotional communications at any time by clicking on the unsubscribe link in the emails that we send, or by contacting the Grievance Officer whose details are provided in the end. You will then be removed from the marketing lists. However, we may still communicate with you — for example, to send you service-related messages that are necessary for the administration and use of your account, to respond to service requests, or for other non-marketing purposes.


    Rectification or Account termination: If you would at any time like to review or change the information in your account or terminate your account, you can:

    (1) Log in to your account settings and update your user account.

    (2) Contact us using the contact information provided.

    Upon your request to terminate your account, we will deactivate or delete your account and information from our active databases. However, we may retain some information in our files to prevent fraud, troubleshoot problems, assist with any investigations, enforce our legal terms and/or comply with applicable legal requirements.


    Verification Process: Upon receiving your request, we will need to verify your identity to determine you are the same person about whom we have the information in our system. These verification efforts require us to ask you to provide information so that we can match it with information you have previously provided us. For instance, depending on the type of request you submit, we may ask you to provide certain information so that we can match the information you provide with the information we already have on file, or we may contact you through a communication method (e.g., phone or email) that you have previously provided to us. We may also use other verification methods as the circumstances dictate. We will only use personal information provided in your request to verify your identity or authority to make the request. To the extent possible, we will avoid requesting additional information from you for the purposes of verification. However, if we cannot verify your identity from the information already maintained by us, we may request that you provide additional information for the purposes of verifying your identity and for security or fraud-prevention purposes. We will delete such additionally provided information as soon as we finish verifying you.



  15. GRIEVANCE OFFICER CONTACT INFORMATION

    For any queries or concerns regarding this Privacy Policy or your data, please contact our Grievance Officer: Name: Vicky CoveyFox Email: Vicky@kahunas.io



  16. CONTROLS FOR DO-NOT-TRACK FEATURES

    Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track ('DNT') feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this Policy.



  17. COMPELLED DISCLOSURE

    In addition to the purposes set out in the Policy, we may disclose any data we collected or processed from you if it is required:

    (1) Under applicable law or to respond to a legal process, such as a search warrant, court order, or subpoena;

    (2) To protect our safety, your safety or the safety of others or in the legitimate interest of any party in the context of national security, law enforcement, litigation, criminal investigation or to prevent death or imminent bodily harm;

    (3) To investigate fraud, credit risk or violation of our Acceptable Use Policy;

    (4) In connection with legal proceedings brought against HealthifyMe, its officers, employees, affiliates, customers or vendors;

    (5) To establish, exercise, protect, defend and enforce our legal rights; or

    (6) When we do a business deal or negotiate a business deal, or our assets are merged or acquired by the other business entity, or during restructuring of business or re-organization, we may have to share information provided by you with the other business entities.



  18. ACCESS, CORRECTION AND DELETION

    Based on the applicable laws of your country, you may have the right to request access to the personal information we collect from you, change that information, or delete it. To request to review, update, or delete your personal information, please contact the Grievance Officer.



  19. Health Data Collection and Use
    1. Types of Data Collected:

      We may collect the following types of health and fitness data through Google Health Connect, with your explicit consent:


      • Heart Rate
      • Steps
      • Active Calories Burned
      • Exercise Information
      • Distance Traveled
      • Floors Climbed
      • Heart Rate Variability
      • Oxygen Saturation
      • Respiratory Rate
      • Sleep Data
      • VO2 Max
      • Weight
      • Activity Recognition
      • Body Sensor Data
      • Resting Heart Rate
      • Blood Glucose Levels
      • Blood Pressure
      • Basal Metabolic Rate
      • Total Calories Burned
      • Body Fat Percentage
      • Body Water Mass
      • Lean Body Mass
      • Bone Mass
      • Height
      • Body Temperature
      • Basal Body Temperature

    2. Purpose of Data Collection

      The health and fitness data collected through Google Health Connect / Apple Health Kit will be used solely for the following purposes:


      • Personalized Insights: To provide you with personalized insights and recommendations that enhance your health and wellness experience.
      • App Functionality Improvement: To improve the functionality and features of our app, ensuring a better user experience and more tailored health services.
      • Health Monitoring: To assist in tracking and monitoring your health metrics, allowing for better management of your fitness and wellness goals.
      • Research and Development: To conduct research and development activities aimed at improving our services and creating new health-related features. All research activities will use de-identified or anonymized data where possible.

    3. Data Handling and Protection

      • Limited Use: We adhere strictly to Google's Health Connect / Apple Heath Kit Permissions policy, including the Limited Use requirements, meaning that your health data will only be used for the purposes explicitly stated and agreed upon.
      • Data Security: We implement robust security measures to protect your health data from unauthorized access, disclosure, alteration, or destruction.
      • Data De-identification: Where possible, we will de-identify your data to protect your privacy. De-identified data is stripped of personal identifiers and cannot be traced back to you as an individual.

    4. User Control and Consent
      • Explicit Consent: Your health data will only be accessed and used with your explicit consent. You can revoke this consent at any time through the app settings.
      • Transparency: You will be informed about the specific types of data being collected and how they will be used before providing consent.
      • Data Access: You have the right to access the data collected from you, request corrections, or request deletion of your data. To request deletion, please contact us via email at our contact email: support@kahunas.io or submit a request through our Google Form .

    5. Sharing of Data
      • No Third-Party Sharing: We do not share your health data with third parties unless required by law or with your explicit consent for specific purposes.
      • Internal Use Only: Data collected will be used internally within our organization to improve services and for the purposes outlined in this policy.


  20. UPDATES TO PRIVACY POLICY

    We may update this Policy from time to time. The updated version will be indicated by an updated 'Revised' date and the updated version will be effective as soon as it is accessible. If we make material changes to this Policy, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification.
    We encourage you to review this privacy notice frequently to be informed of how we are protecting your information.



  21. FURTHER INFORMATION

    For additional information or to contact our legal department please submit a message through the chat button located in bottom right of our website.