Privacy Notice
Version #0.1.0
Created: 03 Aug 2022
Last Modified: 20 Jan 2025
This Privacy Notice describes the types of information gathered by Momentum Health ("we", "us", "our") in the process of providing the Momentum Health mobile application ("App"), the web application ("physician app"), (https://momentum.health/) (the "Site"), and supporting systems or that is shared periodically with Momentum Health employees to deliver services (collectively with the App, physician app, and the Site, the "Platform"), how we use it, with whom the information may be shared, what choices are available to you regarding collection, use and distribution of information and our efforts to protect the information you provide to us through the Platform.
By using the Platform, you hereby consent to allow us to process information in accordance with this Privacy Notice. Please also refer to our Terms of Use, which are hereby incorporated as if fully recited herein. Any defined terms found, but not defined herein, shall have the same definition as in the Terms of Use.Territoriality
This Privacy Notice is subject to the provisions of the Personal Information Protection and Electronic Documents Act ("PIPEDA"), General Data Protection Regulation ("GDPR"), and other applicable privacy laws. Momentum Health agrees that under the GDPR, it is a both a data "Processor" when our physician application is used as an intermediary tool between a physician/healthcare provider and a patient for remote management and monitoring of spine deformities. In such case, physicians/healthcare providers are our customers ("Customers") and act as "Controllers" for most of the information that is entered into the Platform (except as needed to establish, maintain, facilitate the customer relationship and provision of services, and/or monitor Platform performance and security, where we will act as a Controller as well). It is also possible to use the Platform as a standalone service for users to monitor their spine deformities themselves without being treated by a physician (both use cases, collectively, the "Services"). In this situation, we mainly act as the Controller of your PII.
And you, if you are an individual and reside in the United Kingdom, the European Economic Area, or Switzerland (collectively, and for the purposes of this Privacy Notice, the "EEA"), are a "Data Subject" with certain protected privacy rights concerning your "Personal Data." We will take commercially reasonable steps to maintain compliance with GDPR and PIPEDA requirements. Your Personal Data, Personal Information (as defined by PIPEDA), PHI (as defined below), and any other information that may identify you as a person, and thus may be referred to as Personally Identifiable Information (collectively, "PII").
The purpose of this Privacy Notice is to describe how we collect, use, disclose, retain and otherwise process PII in the course of our Services. While scoliosis and other spine deformities frequently affect individuals of young age, we must ensure that this notice is directed to the right person and must therefore validate that we obtain consent to the processing of PII from
the patient's parent/guardian in any situation where the "patient" is under 13 years old; or
the patient her/himself where she/he is 13 years old or older.
For the purpose of this privacy notice, "you" means either of these two persons as applicable, and "patient" means the individual whose spine deformities would be managed or monitored through the App, with the understanding that "you" may be the patient as long as you are 13 years old or older. If you're reading this but are under 13 years old, this document is not for you, but rather for mom, dad, or your legal guardian who must read this and provide verifiable consent in accordance with applicable privacy laws.
If you have any questions or concerns about the processing and handling of patient PII, you may reach out to Momentum Health's Privacy Officer at privacy@momentum.health.
Types of Data Collected
The Platform collects the following types of PII about patients: email address, phone number, first name, last name, province, state, country, ZIP/Postal code, city, address, video of patient's body (with patient's face blurred to the extent video is captured in accordance with our instructions) to generate 3D model, shoulder symmetry, trunk shift, patient's physician name, patient's weight and height as well as patient's surgical history. If using the App as a standalone service, we will collect this data directly from you, and if the App is used as part of the Platform with a physician, it is generally collected from your physician.
Complete details on each type of PII collected are provided in the dedicated sections of this Privacy Notice or by specific explanation texts displayed before the data collection.
Additional PII may be required for us to provide the Services.
We may also collect non-personal information. Non-personal information is non-personally identifiable or anonymous information about you, including but not limited to links and materials posted, the type of device you used and its operating system, browser information, the pages accessed most frequently, how pages and features are used, time spent on a page, when and how you use the App, search terms entered, and similar non-personal data.
Automatically tracking Internet Protocol (IP) addresses is one method of automatically collecting information about your activities online and information volunteered by you. An IP address is a number that is automatically assigned to your device whenever you surf the internet. Further, the Service may utilize web beacons, pixel tags, and third-party cookies, embedded links, and other commonly used information-gathering tools.
If non-personal information is paired to any of your PII, we will treat the non-personal information as if it were also PII.
Although it may appear that we collect financial information from you on the Service, it is actually collected and processed through a third-party service provider ("Payment Processor") to process payments for the Service. The Payment Processor may collect financial information such as banking information or credit card number, name, CVV code or date of expiration, from you on the Service. We do not hold your financial information. We disclaim any liability relating to mistakes made by, or liability arising from, the Payment Processor.
We may also collect anonymous, non-identifying and aggregate information such as the type of browser you are using, the type of operating system you are using, the date and time of any request, language preference, referring site, and the domain name of your Internet service provider.
Finally, as part of the functionality of the App or physician app, patient users may provide us information related to such user's current physical health ("Health Information"). You may not upload Health Information concerning another individual. Health Information is collected pursuant to our relationships with you and/or our Customers (your healthcare provider(s)), and are subject to the terms and conditions of our agreements with such Customers as covered entities, such as business associate agreements, or are subject to other laws and regulations applicable to PHI. Our practices with respect to Health Information, including any such Health Information that consists of or includes protected health information ("PHI") under the Health Insurance Portability and Accountability Act of 1996, as amended by the Health Information Technology for Economic and Clinical Health (HITECH) Act, enacted as part of the American Recovery and Reinvestment Act of 2009, are governed by and described in the applicable Customer's privacy policy or notice of privacy practices. Please review the applicable Customer's policies and notices or contact them directly for more information on such practices.
Mode, Place, and Methods of Processing the Data
Momentum Health takes appropriate security measures designed to prevent unauthorized access, disclosure, modification, or data destruction. Those include physical, administrative, technical and technological safeguards designed to protect PII taking into account its quantity, sensitivity, and the underlying risks for data subjects' rights and freedom. Notably, we use multi-factor authentication and encrypt any sensitive PII in our database when saving and decrypt when viewing.
PII is processed using computers or tech-enabled tools, following organizational policies and procedures strictly related to the purposes indicated. In some cases, PII may be accessible to Momentum Health employees involved with our Platform's operation, solely on a need-to-know and need-to-access basis. Data may also be accessible to external parties appointed, if strictly necessary, as data processors or sub-processors by us. External parties may include third-party technical service providers, hosting providers, and IT companies, which are bound by binding written agreement with provisions required under applicable law, including restrictions limiting their processing to only what is necessary for them to provide their services needed from us in the context of our own services. Those parties are listed in this privacy notice (see below).
Legal Basis of Processing
Momentum Health may process PII relating to users if one of the following applies, to the extent provided or permitted under applicable privacy law:
You have given consent for one or more specific purposes.
Provision of PII is necessary for the performance of an agreement with you.
Processing is necessary for compliance with a legal obligation.
Processing is necessary for the legitimate interests pursued by the Controller or by a third party.
In any case, Momentum Health, when it is a Controller, will gladly help clarify the specific legal basis that applies to the processing, mainly whether the provision of PII is a statutory or contractual requirement or a requirement necessary to enter into a contract. In the event we are acting as a Processor, we will refer you to the Controller for this information.
Place
The data is processed at Momentum Health's operating offices, hosting facilities, and, for some data, the offices or hosting facilities of third-party (sub-)processors. Data is stored in AWS us-east-1 (United States). Canadian hosting (AWS ca-central-1) is available upon request for healthcare organizations requiring Canadian data residency. In some cases, data may be accessible from other jurisdictions via third-party sub-processors to the extent permitted under applicable laws. BY VISITING THE SITE AND USING THE SERVICE AND/OR PLATFORM, YOU UNEQUIVOCALLY AND UNAMBIGUOUSLY CONSENT TO THE COLLECTION AND PROCESSING IN SUCH COUNTRIES OF ANY INFORMATION COLLECTED OR OBTAINED BY US THROUGH VOLUNTARY SUBMISSIONS, AND, TO THE EXTENT POSSIBLE, THAT CANADIAN LAW GOVERNS ANY SUCH COLLECTION AND PROCESSING.
Depending on the user's location, data transfers may involve transferring the user's data to a country other than their own. To find out more about the processing of such transferred data, users can consult the section containing details about the processing of PII. Users are entitled to learn about cross-border data transfers. If any such transfer occurs, users can find out more by checking the relevant sections of this document or inquiring directly with Momentum Health.
Retention Time
PII is processed and stored for as long as required to fulfill the purpose for which it is collected.
Therefore:
PII collected and/or processed for a purpose to which you have consented will be retained until you revoke your consent, unless another legal basis and purpose exist for processing such PII.
PII collected for the performance of a contract between Momentum Health and a business customer is retained until such contract has been entirely performed, termination or completion of the services, or the business customer asks for the data to be deleted.
PII collected for Momentum Health's legitimate interests shall be retained as long as needed to fulfill such purposes. Users may find specific information regarding Momentum Health's legitimate interests within the relevant sections of this document or by contacting Momentum Health.
Momentum Health may be allowed to retain PII for a more extended period whenever the user has given consent to such processing, as long as the purpose of processing disclosed to the user has not been accomplished and such consent is not withdrawn. Furthermore, Momentum Health may be obliged to retain PII for a more extended period whenever required to perform a legal obligation or upon order of an authority.
Once the retention period expires, the user's PII will be securely deleted.
We store our logs and other technical records for a minimum of one (1) year.
The Purposes of Processing
The data concerning the user is collected to allow Momentum Health to provide its Services, as well as for the following purposes: user database management, managing contacts and sending messages, handling payments, interaction with external social networks and platforms, contacting the user, hosting and backend infrastructure.
Users can find further detailed information about such purposes of processing and the specific PII used for each purpose in the respective sections of this document.
Detailed Information on the Processing of PII
PII is collected for the following purposes and using the following services and third parties:
Performing the Services
To perform the Services, we collect and process video of patient's body (with patient's face blurred to the extent video is captured in accordance with our instructions) to generate 3D model, shoulder symmetry, trunk shift, patient's physician name, patient's weight and height as well as patient's surgical history.
Internal Uses
We may use your PII to respond to your inquiries, fulfill your requests for information, track usage trends, conduct experiments, prevent fraud, develop and improve the Service and other offerings, and perform research and analytics.
Contacting the User
Mailing List or Newsletter (The Momentum Health Web Application)
By registering on the mailing list or for the newsletter, your email address will be added to the contact list of those who may receive email messages containing information of commercial or promotional nature concerning the Momentum Health web application. Your email address may also be added to this list due to signing up via the Momentum Health website or the Momentum Health web application, or after making a purchase. You may unsubscribe at any time from commercial emails and other types of commercial electronic communications by clicking the unsubscribe mechanism provided within such communications.
PII collected: address, city, company name, cookies, country, email address, first name, last name, phone number, job role, province, state, usage data, and ZIP/Postal code.
Phone Contact (The Momentum Health Web Application)
Users that provide their phone number might be contacted for commercial or promotional purposes related to the Momentum Health web application (to the extent permitted under applicable laws, including in accordance with consent requirements where applicable) or for fulfilling support requests.
PII collected: phone number.
Contact Form (The Momentum Health Web Application)
By filling in the contact form with patient's PII, you authorize the Momentum Health App to use these details to reply to requests for information, quotes, or any other kind of request as indicated by the form's header.
PII collected: address, city, company name, country, email address, first name, last name, phone number, job role, province, state, and ZIP/Postal code.
Displaying Content from External Platforms
This type of service allows users to view content hosted on external platforms directly from the pages of the Momentum Health web application and interact with them.
This type of service might still collect web traffic data for the pages where the service is installed, even when users do not use it.
Handling Payments
Payment processing services enable the Momentum Health Platform to process payments by credit card, bank transfer, or other means, through the Payment Processor. The Platform shares only the information necessary to execute the transaction with the financial intermediaries handling the transaction. Some of these services may also enable sending timed messages to you, such as emails containing invoices or notifications concerning the payment.
Hosting and Back-End Infrastructure
This type of service has the purpose of hosting data and files that enable the Momentum Health Platform to run and be distributed. Additionally, these services provide the infrastructure to run specific features or parts of the application. Some of these services work through geographically distributed servers, making it difficult to determine the actual location where the PII is stored.
Amazon Web Services (AWS)
AWS is a hosting and backend service provided by Amazon Web Services, Inc.
PII collected: various types of data as specified in the privacy policy of the service.
Place of processing: See the AWS privacy policy - Privacy Policy.
Managing Contacts and Sending Messages
This type of service makes it possible to manage a database of email contacts, phone contacts, or any other contact information to communicate with you.
User Database Management
This type of service allows Momentum Health to build user profiles by starting from an email address, a personal name, or other information that the user provides to this application and then tracking user activities through analytics features. This PII may also be matched with publicly available information about the user (such as social networking profiles) and used to build private profiles that the Momentum Health can display and use for improving this application.
Some of these services may also enable sending timed messages to the user, such as emails based on specific actions performed on the Momentum Health website and Momentum Health web application.
Selling Goods and Services Online
The PII collected is used to provide the user with services or goods, including payment and possible delivery. The PII collected to complete the payment may include the credit card information or the bank account used for the transfer, or any other possible means of payment. The kind of data collected by this application depends on the payment system used.
We may use anonymous information that we collect to improve the design and content of our Service, and to enable us to personalize your internet experience. We also may use this information in the aggregate to analyze how our Site is used, as well as to offer you programs or services.
Cookies
To enhance your online experience with us, our web pages may use "cookies." Cookies are text files that our web server may place on your hard disk to store your preferences. Cookies, by themselves, do not tell us your email address or other PII unless you choose to provide this information to us. Once you choose to provide PII, however, this information may be linked to the data stored in the cookie. Certain features of the Platform may not function properly without the aid of cookies. Our Platform uses session cookies, which are necessary to allow you to seamlessly navigate from one page or area of the Site to another during your visit, and these are normally deleted when you close your web browser.
Our Platform may use Google Analytics, a web analytics service provided by Google LLC ("Google"). For more information on how Google uses data when you use our Platform, please follow this link: https://policies.google.com/technologies/partner-sites. You may be able to opt-out of some or all of Google Analytics features by downloading the Google Analytics opt-out browser add-on, available at https://tools.google.com/dlpage/gaoptout. Google may additionally use your information as described at https://policies.google.com/technologies/partner-sites. You may be able to opt-out of Google's collection and/or use of your information. Please visit Google's Ads Preferences Manager or the Google Analytics opt-out browser add-on for more information.
As you use the internet, you leave a trail of electronic information at each website you visit. This information, which is sometimes referred to as "clickstream data", can be collected and stored by a website's server. Clickstream data can reveal the type of computer and browsing software you use and the address of the website from which you linked to our Site. We may use clickstream data as a form of non-personally identifiable information to determine how much time visitors spend on each page of our Site, how visitors navigate through the Site, and how we may tailor our web pages to better meet the needs of visitors. We will only use this information to improve our Platform.
How "Do Not Track" Requests are Handled
This application does not support "Do Not Track" requests.
To determine whether any of the third-party services it uses honor "Do Not Track" requests, users should read their privacy policies.
How We Share Your PII
We will not share your personal information except: (a) for the primary purposes for which you provided it, such as to aid in the identification, monitoring, and/or treatment of scoliosis, and as otherwise described in the Terms of Use, and as may reasonably or foreseeably be required to give effect to such primary purposes; (b) with your consent, or at your direction, including running analytics; (c) as may be required by law or as we think necessary to protect our organization or others from injury (e.g., in response to a court order or subpoena, in response to a law enforcement agency request, or when we believe that someone is causing, or is about to cause, injury to or interference with the rights or property of another); or (d) with persons or organizations with whom we contract to carry out internal operations or business activities (such as our cloud hosting provider, and our security auditors). With your knowledge and consent, we may share your personal information with our business partners and Customers (your healthcare providers).
We may also share aggregate information with others, including affiliated and non-affiliated organizations.
Finally, we may transfer your PII to a third party, or our successor-in-interest, in relation to, or in the event of, a merger, acquisition, sale of all or substantially all of our assets, reorganization, bankruptcy, or other change of control. After such disclosure or transfer, the third party or successor in interest may use the information in accordance with applicable law.
The Rights of Users
You may exercise certain rights regarding patient's PII processed by Momentum Health.
Depending on the circumstances, including the jurisdiction in which patients are located, you may be entitled to a variety of rights regarding their PII. Those may include the following:
Withdraw their consent at any time. You have the right to withdraw consent after you have previously given your consent to the processing of patient PII. Please note, however, that you must be informed that consent withdrawal may prevent us from fulfilling request for services, providing our services or some of them depending on the data involved.
Object to processing of their data. You have the right to object to the processing of patient data if the processing is carried out on a legal basis other than consent. Further details are provided in the dedicated section below.
Access their data. You have the right to learn if Momentum Health is processing patient PII, obtain disclosure regarding certain aspects of the processing, and obtain a copy of the data undergoing processing.
Verify and seek rectification. You have the right to verify patient PII accuracy and ask for it to be updated or corrected.
Restrict the processing of patient data. You have the right, under certain circumstances, to restrict the processing of patient data. In this case, Momentum Health will not process patient PII for any purpose other than storing it.
Have patient PII deleted or otherwise removed. You have the right, under certain circumstances, to obtain the erasure of patient PII from Momentum Health.
Receive patient data and have it transferred to another controller. You have the right to receive patient data in a structured, commonly used, machine-readable format, and, if technically feasible, to have it transmitted to another controller without any hindrance. This provision is applicable provided that the data is processed by automated means and that the processing is based on your consent, on a contract that you are part of, or on precontractual obligations.
Lodge a complaint. You have the right to bring a claim before their competent data protection authority.
Details About the Right to Object to Processing
Where PII is processed for the public interest, in the exercise of an official authority vested in Momentum Health or for the legitimate interests pursued by Momentum Health, you may object to such processing by providing a ground related to their particular situation to justify the objection.
How to Exercise These Rights
Any requests to exercise those rights can be directed to Momentum Health's Privacy Officer through the contact details provided above. They are subject to the validation of your and the patient's identity and other legal requirements as the case may be. These requests can be exercised free of charge and will be addressed by Momentum Health as early as possible and always within one month, subject to exceptions and other specific provisions provided under applicable laws.
Additional Information about Data Collection and Processing
Legal Action
Patients' PII may be used for legal purposes by Momentum Health in court or the stages leading to possible legal action arising from improper use of this application or the related services. You declare you are aware that Momentum Health may be required to reveal PII upon request of public authorities.
Additional Information About Users' PII
In addition to the information contained in this privacy notice, this App may provide patients with additional and contextual information concerning particular services or the collection and processing of PII upon request.
Information Not Contained in This Notice
This Notice does not cover the processing activities of our customers (physicians) and other independent third parties, which are responsible to adopt, maintain and display their own privacy notice describing their practices over which we have no control. Please read their privacy notice carefully.
More details concerning the collection or processing of PII may be requested from Momentum Health's Privacy Officer at anytime. Users may use the contact information at the beginning of this document.
'EEA' Privacy Rights
If you currently reside in the EEA, the GDPR applies to your PII and you are a Data Subject. The GDPR requires that we, as a Controller, have a legal basis to process your PII. As previously described in this Privacy Notice, we process your personal data pursuant to the following legal bases: your consent; performance of a contract with you (namely, our Master Services Agreement or our Terms of Use); for our legitimate interests; and as necessary to comply with our legal obligations.
In addition to the rights discussed above, you also have the right to:
Be informed: this is your right to be informed about what PII of yours we are processing, why, and who else the data may be passed to; and
Be free of automated decision making and profiling: this is the right to not be subject to a decision based solely on automated processing.
You can find instructions for enforcing some of these rights below. Otherwise, if you wish to find out more about these rights, please contact us at privacy@momentum.health.
Changes to This Privacy Notice
Momentum Health reserves the right to make changes to this Privacy Notice at any time by giving notice to users on this page and possibly within the Platform or — as far as technically and legally feasible — sending a notice to users via any contact information available to Momentum Health. Users are strongly recommended to check this page often, referring to the 'Last Modified' date listed at the top. Should the changes affect processing activities performed based on the users' consent, Momentum Health shall collect new consent from the user where required and in the form required under applicable law. Your continued access to or use of the Platform following our notice of changes to this Privacy Notice (or other acceptance method) means you accept such changes.
California Privacy Rights
California law allows California residents to request information regarding our disclosures to third parties in the prior calendar year, if any, of their personally identifiable information. To make such a request, please contact us at privacy@momentum.health with "Request for Privacy Information" in the subject line. Please include enough detail for us to locate your file; at a minimum, your name, email, and username, if any. We will attempt to provide you with the requested information within thirty (30) days of receipt. We reserve our right not to respond to requests sent more than once in a calendar year, or requests submitted to an address other than the one posted in this notice. Please note that this law does not cover all information sharing. Our disclosure only includes information covered by the law.
Children and Young People's Information
We recognize that some of our users are under the age of 13 and that they may want to participate in all of the Services that Momentum Health offers. Full participation in the Platform requires the collection and submission of the personally identifiable data. Rather than restricting access to the Platform to those 13 years of age or older, we have opted to make its online services available to all users. In doing so, we want to comply with the requirements of The Children's Online Privacy Protection Act ("COPPA"), which requires that website operators ("Operators") adhere to specific guidelines regarding the collection and handling of personally identifiable information about children under the age of 13. For more information about COPPA and your child's rights to online privacy, visit the Children's Privacy section of the FTC's website (or you may visit www.ftc.gov and search "Children's Privacy").
COPPA requires that Operators provide parents and/or legal guardians (each, a "Parent") with certain information and obtain parental consent prior to permitting children under the age of 13 to access and use the Site.
What types of information do we collect about children? Children can view content on the public portion of the Site without any personal information being collected. We do not knowingly collect personal information from children unless they register for an account to access the areas of the Platform requiring a login. During our registration process we may collect the personal information described in the Types of Data Collected Section of this Privacy Notice to the extent reasonably necessary to provide the Services requested (and as consented to by the Parent(s)). We may collect personal information from Parents in order to allow kids to participate in certain features located on our Platform. These features may include sending content, and other similar activities. In the course of a child's participation in these features, a child may also provide us additional information about himself or herself, such as Health Information upon uploading a video or picture to the Platform. We also allow registered users to update their contact information. If a Parent allows us to collect personal information about their child, the child will have access to and be able to use all Services to which the Parent consents.
How do we use and share the personally identifiable information that we have collected about children? Momentum Health may, from time to time, send your child email communications about their account and for other administrative reasons, for which we will contract with third parties to perform these communication services on its behalf and may disclose a child's information to such third parties. Except as otherwise disclosed in this Privacy Notice, we do not share any information about a child with any affiliated entity or with any third parties unless the disclosure is reasonably necessary: to comply with law, including, for example, to comply with a court order or subpoena; to enforce our Terms of Use or Master Services Agreement or Platform rules; or to protect the safety and security of our guests and our Site.
How do we notify and obtain consent from Parents for the collection of information from a child? Before allowing a child to use a feature of our Platform that might result in the disclosure of the child's information to third parties on the Internet, we require the Parent to consent to this Privacy Notice and our Terms of Use, and to provide us with evidence confirming their identity, as discussed in our consent process. This information is retained by us as evidence that we received parental consent. To obtain parental consent, we require a valid credit card to be provided during account creation (even when no charge is applied) as a method of verifying parental involvement. Account registration and payment processing are handled through the respective app stores (Apple App Store and Google Play Store), which enforce their own age verification and parental consent mechanisms. For Healthcare Professional Services, parental consent is obtained by the healthcare organization in accordance with their policies and applicable law.
How can Parents access, change or delete personally identifiable information about their child? Parents may at any time refuse to permit us to collect further personal information from their child through the Platform. Parents may access, change, or delete the personally identifiable information that we have collected from their child by emailing us at privacy@momentum.health.
How will we notify Parents if our Children's Privacy Notice changes? We may amend our Privacy Notice at any time. We may provide notice to Parents (as described above in this Privacy Notice) regarding any material changes in the way we intend to collect, use, and/or share a child's personal information. Please note that, at all times, Parents should keep their contact information up to date to ensure they receive such notice. We will apply material changes in our Privacy Notice only in conformance with applicable law, including any applicable provisions of COPPA that require parental consent.
Who do Parents contact with questions or concerns about our Privacy Notice? If you need further assistance, please contact us at privacy@momentum.health.
Definitions and Legal References
PII (or Data) — Any information that directly, indirectly, or in connection with other information — including a personal identification number — allows for the identification or identifiability of a natural person.
User — The individual using this application who, unless otherwise specified, coincides with the data subject.
Data Subject — The natural person to whom the PII refers, also referred herein as the "Patient".
Data Processor — The natural or legal person, public authority, agency, or other body that processes PII on behalf of the controller, as described in this privacy notice.
Sub-Processor — This refers to any additional third party who processes PII on behalf of the data processor in fulfilling contractual obligations and services.
Data Controller — The person, public authority, agency, or other body that determines the purposes and means of processing PII, including the security measures concerning the operation and use of this application.
Service — The service provided by the Momentum Health Platform or Momentum Health team.
European Union (EU) — Unless otherwise specified, all references made within this document to the European Union (EU) include all current member states to the European Union and the European Economic Area.
Legal Information
This privacy notice has been prepared based on provisions of multiple legislations, including Art. 13/14 of Regulation (EU) 2016/679 (General Data Protection Regulation).
This Privacy Notice relates to the Momentum Health Site, App, physician app, Services, Platform, and supporting services unless otherwise stated within this document.