Initial Effective Date: June 30, 2017
Latest Revised Date: May 24, 2018
PLEASE TAKE TIME TO REVIEW THIS INFORMATION CAREFULLY.
Table of Contents
Personal Information or personal data or personal identifiable information (PII) means information relating to an identifiable person who can be directly or indirectly identified in reference to an identifier. Personal identifiers would include full name, identification numbers, location address, email addresses, phone numbers and other identifiers within the definitions of General Data Protection Regulation (GDPR) (EU) 2016/679 regulation.
Non-Personal Information means any information that does not reveal Your specific identity either directly or indirectly. This includes information that is anonymized so that it does not allow easy identification of a specific individual.
Encryption is the process of transforming information into unreadable text so that it is only legible to those possessing an encryption key. The process of making encrypted information readable again is referred to as decryption.
Web Browser is a software program that allows user to access, retrieve and view information on the World Wide Web. Examples of browsers include Internet Explorer, Firefox, Google Chrome and Safari.
3. About the application
The Wysa App is a virtual AI chatbot that You can chat with, including upon Your choice, the ability to chat with a professional health coach, and through a conversational interface get access to tools and techniques to manage Your emotional wellness and to encourage You in building resilience. The Wysa App is primarily available for both iOS and android mobile systems. An additional service provided for users through the Wysa App is the facility to message a real Coach (“Coach Service”).
5. What information do we collect and how do we use it?
USER PROVIDED PERSONAL INFORMATION
If You accidently provided personal information during Your conversation with the Wysa App and want to rectify or delete that information, kindly write to us at the contact provided in section 7.b. at the earliest.
At present, when You download and setup Wysa app in Your mobile device, You do not need to go through a registration or sign-up process or share Personal Information before using the Service.
For Your privacy and security, You are advised to set your own Wysa App PIN to protect unauthorized access of Your conversation messages. The PIN is any four digit numeric password created by You and resides only with You within the Wysa App and in Your mobile device. You can do so by using "Set PIN" feature under more > settings in the Wysa App. When setting the PIN, You also need to choose three PIN recovery questions along with Your answers. The PIN along with the recovery questions and answers never gets transferred, stored or processed outside of Your mobile device. In the event that You forget Your PIN, You will be asked to choose and answer the three recovery questions. You will not be able to reset the PIN and the Wysa App will be inaccessible by You if You forget Your PIN and the security question and/or responses. You will need to reinstall the Wysa App to use the Service again. In such an event, all Your previous conversations with the Wysa App will be lost. Hence, You are advised to remember and be careful while answering the recovery questions, as only the exact same questions and answers provided at PIN creation will allow You to recover/reset Your PIN. You can update Your PIN using the ‘Update PIN’ option under settings. You can also remove Your PIN using the ‘Remove PIN’ option under settings. The PIN that You generate is personal to You, and You are responsible for maintaining the confidentiality and security of Your PIN. You are further responsible for restricting access to Your mobile device to prevent unauthorized access to the Wysa App. You agree to accept responsibility for all activities that occur under Your PIN. You should take all necessary steps to ensure that the PIN is kept confidential and secure and should inform Us immediately if You have any reason to believe that Your PIN has become known to anyone else, or if the PIN is being, or is likely to be, used in an unauthorized manner.
USER PROVIDED NON-PERSONAL INFORMATION
Your conversation messages
When You use the Service, all the conversation messages You have with the Wysa App are private. You provide Your messages by way of choosing pre-formatted responses or by way of free-text. Each submitted message gets processed in real-time by the Wysa App’s proprietary algorithms, and directed appropriately to subsequent context-based conversation based on a proprietary rule-based content management process. At no point during Your conversation with the Wysa app does another natural person have access to, or gets to monitor or respond to Your messages except at the time of using the Coach Service. The Wysa App’s proprietary algorithms also process all Your messages for positive and negative sentiments and for any self-harm or suicidal tendencies. This is done to enable the Wysa App to empathetically converse with You, and personalize Your conversation. There is no solely automated processing done by the Wysa app to determine what You should do - You are always asked to verify whether the Wysa app has understood Your conversation or sentiment or emotions or feelings correctly, before proceeding down a conversational path.
You can also, at any point of time, clear all Your past conversations from Your mobile device by using the “reset my data” feature available in the Wysa app. Refer to “Reset my data” in the other optional information of this Policy for more details. DO NOTE THAT RESET MY DATA RESETS YOUR APP-BASED PROFILE BY REMOVING ASSOCIATION WITH ALL YOUR SUBMITTED INFORMATION INCLUDING PAST CONVERSATIONS, REMINDERS, ASSESSMENT RESPONSES AND ENABLED SETTINGS. POST RESET, YOU WILL NOT BE ABLE TO ACCESS YOUR PAST INFORMATION AND YOU WILL BE CONSIDERED AS A NEW USER. HENCE, THIS FEATURE IS TO BE USED BY YOU AT YOUR OWN DISCRETION.
A limited set of Your conversation messages gets anonymized before being processed for internal operations and for research purposes. This is done only to improve Your future experience when using Our Service. YOUR CONVERSATION IS NEVER SHARED WITH A THIRD PARTY WITHOUT YOUR EXPLICIT CONSENT.
From time to time a new version of the Wysa app is published in the Play Store or App Store. ALWAYS EXIT THE WYSA APP VERSION IN YOUR MOBILE DEVICE BY USING THE BACK BUTTON BEFORE UPGRADING TO A NEWER VERSION TO PREVENT LOSS OF ONGOING OR PREVIOUS CONVERSATIONS.
When You use the Service, We will not ask for and will not require Your full name at any point of time during the conversation. After sign up, We take You through a one time on-boarding process. Here We ask for only Your nickname to help personalize Our conversation with You. Please do not share Your full name to maintain complete anonymity. You cannot change the nickname once provided to the Wysa app.
Your thoughts, feelings (emotions), mood, major event or life changes, goals and energy levels
When You use the Service, We may periodically ask You about Your thoughts, feelings or emotions, mood, major event / changes in life, Your resilience goals and Your energy levels. Your response is processed by Wysa solely to provide You access to tools and techniques to manage Your emotional wellness and to encourage You in building resilience.
Your Information is encrypted during transmission and is securely stored. YOUR INFORMATION IS NEVER SHARED WITH A THIRD PARTY WITHOUT YOUR EXPLICIT CONSENT.
Your responses to health related questions
When You use the Service, You will be asked to respond to health related questions. Wysa currently uses three validated assessement scales for understanding Your emotional well-being namely Patient Health Questionnaire (PHQ9)- to screen for any depression symptoms, the Generalized Anxiety Disorder Assessment (GAD7) - to screen for any anxiety symptoms and the Subjective Units of Distress Scale (SUDS)- to screen for the intensity of disturbance or distress currently experienced. Other assessment scales may be introduced in the future.
You will also be asked to share how You cope with day to day activities as part of the health questions. Health related questions are a proven way to baseline and track progress of Your symptoms. Your response is used solely for the purpose of providing You with feedback on Your well-being and to provide You access to validated and curated tools and techniques to manage Your emotional wellness and to encourage You in building resilience.
Your response is encrypted during transmission and is securely stored. YOUR INFORMATION IS NEVER SHARED WITH A THIRD PARTY WITHOUT YOUR EXPLICIT CONSENT.
AUTOMATICALLY COLLECTED NON-PERSONAL INFORMATION
Device information and access logs when you use our Service
When You use the Service, We may also collect Non-Personal Information through the use of commonly-used information-gathering tools such as cookies, log files and web beacons. Such information may include standard information collected from Your mobile device (such as mobile application identifier, operating system, OS version, time zone, manufacturer, model and brand name) or from Our Website (such as browser type, browser language, Operating System, browser information including type and language settings) along with the actions You take on Our Website (such as the web pages viewed and the links clicked).
We use this information to detect and deter unauthorized or fraudulent use of or abuse of the Service, and to optimize Your experience for e.g. to make sure the Wysa App is displayed correctly on Your phone, or Your usage settings are applied.
Passive Sensing Information
When You use the Service, the Wysa app passively collects some non-personal information from Your mobile device sensors. The sensor data includes accelerometer, ambient light readings and screen on/off readings. These sensor readings are aggregated and used to understand any sleep disturbances and to provide You with appropriate tools to manage Your sleep. The aggregated data is also used to prepare Your sleep reports. WE DO NOT COLLECT OR PROCESS OTHER MOBILE DEVICE SENSOR DATA, INCLUDING LOCATION (GPS) and CALL LOGS.
Third Party Software
When You use the service, non-personal device and app event information is pushed to third-party analytics software such as Firebase and Facebook Analytics via their secure API integrated within the Wysa App. The events do not provide any individual user-specific information and are aggregated by this third-party software across all users and used to present charts, graphs and reports to help Us understand and improve Our Services. The events collected by the apps include session based events; feedback and rating events; pin management events; payment management events; tool access event; Coach Service events; setting changes events; connectivity or network events; health related question response events; fitness app connection events; app provided media use events; notification access events; app login event and data reset events.
Apart from the app-pushed events, the third party software APIs also automatically collect some non-personal events. Firebase automatically collected events can be found here. Facebook Analytics automatically collected events can be found here.
NO PERSONAL INFORMATION OR IDENTIFIERS ARE PUSHED BY THE WYSA APP TO THIS THIRD PARTY SOFTWARE.
OTHER OPTIONAL INFORMATION
To improve Your experience, We provide optional features in the Wysa app. If You choose to use such features, We may ask You for additional Information:
OPTIONAL: Your feedback and ratings
When You use the Service, We ask You for Your feedback and Your rating of Wysa. You can also provide feedback using the Feedback feature provided in the Wysa App more > settings. You can use this feature to email Us Your feedback. This feedback and rating is used by Us to improve the product and Your product experience.
AS A BEST PRACTICE, IT IS ADVISED THAT YOU TAKE ADEQUATE PRECAUTIONS TO NOT SHARE YOUR HEALTH OR PERSONAL INFORMATION WHILE GIVING FEEDBACK OVER EMAIL NETWORKS.
OPTIONAL: Your Saved Sessions
When You use the Service, You have the option to save a limited number of Your conversation sessions using “Save sessions” feature in the Wysa app menu. You also have the ability to delete these sessions from the Wysa app anytime You choose. This feature is solely for Your convenience and to help You play back some of Your earlier saved conversations.
If You want to access all Your past conversations including not-saved sessions, you can contact us by email at the details provided in section 7.b.
OPTIONAL: Manage Notifications or reminders
When You use the Service, You have the option to manage app-based notifications or reminders. The Wysa app will ask Your preference for the time of day to receive notifications and will confirm Your local time to ensure reminders get sent as per Your preference. You can change or delete notifications at any time by invoking help function. WE DO NOT SEND ANY MARKETING OR PROMOTIONAL NOTIFICATIONS TO YOU WITHOUT YOUR EXPLICIT PERMISSION.
OPTIONAL: Connecting Your Fitness App
When You use the service, You have the option to connect Google Fit or Apple Health app with the Wysa App. You can connect using the Connect Fit feature available in the Wysa App more > settings. This allows the app to collect and process Your activity data from the fitness app to understand Your activity levels and provide Your activity reports. You can disconnect this feature at any time by going to your fitness app settings and by disconnecting “Wysa”.
OPTIONAL: Authorize and Unauthorize Coach
When You use the Coach Service, You have the option to either share or stop sharing access to Your provided information including sleep, activity, mood, health related responses, alerts and tool usage with the coach. This feature can be activated or deactivated at any time during Your conversation by using the “Authorize/Unauthorize Coach” feature in the Wysa app more > settings.
OPTIONAL: Your Age Information
When You use the Service, You have the option to provide Your age information in the form of an age range (Under 20, 20-30, 30-45, Above 45). This information is processed by the Wysa app to understand the age profile of Our users and to help provide them access to tools and techniques relevant to their age range.
WE DO NOT ASK, COLLECT OR PROCESS YOUR SPECIFIC AGE OR DATE OF BIRTH AT ANY TIME DURING YOUR USE OF THE SERVICE.
OPTIONAL: Reset My Data
When You use the Service, You have the option to reset all the Information in the Wysa App by using the “Reset my data” feature in the Wysa App more > settings. Reset my data resets the entire app, clears all Your conversation messages, clears Your saved sessions, clears Your completed tools, clears reminders or any enabled settings or activities and health-related responses. YOU CANNOT REVERSE OR RECOVER YOUR PAST INFORMATION AFTER A RESET.
If You no longer wish to use the Service or if You no longer wish for the Wysa App to use or collect Your Information, You may choose to delete Your entire account directly by uninstalling the Wysa App. We will take reasonable measures to delete your Information collected.
OPTIONAL: Your conversation with Our Website widget
When You visit our website, You have the option to converse with Our web-based widget. This widget has been built using Landbot.io, a third party platform. This widget is a marketing feature provided by Us and guides You in a conversational mode to download Our Wysa app from the play stores. We process Your provided non-personal information for the purpose of engaging with You on the widget only and do not collect, transfer or store Your information in any manner.
OPTIONAL: Contact Telephone numbers in your address book
If You want to invite friends or contacts to use Wysa, You may send them invitations directly via SMS, WhatsApp or email directly from Your mobile device using the address book in Your mobile phone. When You use the invitation (under “more -> “Share”) function in the Wysa App, We will access your address book. After You have identified your friends, You can send invitations directly to them and contact via SMS or email on your mobile device. Touchkin does not send invitations as part of this Service – only You do. To ease sharing, We provide a predefined text along with a public link to access the website. Touchkin has no visibility and no control on any additional Information You may add or edit to this predefined text when You send it to Your contacts. As a security best practice, it is advised that You take adequate precautions to not share Your health or Personal Information while sharing over social networks.
Further, We will only show Information from the telephone number fields in Your mobile device’s address book. WE DO NOT COLLECT CONTACT NAMES OR ANY INFORMATION FROM OTHER DATA FIELDS IN THE ADDRESS BOOK.
OPTIONAL: Location Information
To use the apps, You are not required to provide Your location information (“geolocation”). However, We provide features that utilize geolocation for Your convenience and to improve Your experience. For example, You might need additional support or services when travelling.
In all cases, collection and use of Your geolocation is one-time-only, so We delete the geolocation after We use it and do not retain it. Also, We do not aggregate Your geolocation to create a history.
In other cases where We collect or use Your geolocation data in an additional separate service, We will make sure that We provide notice and/or obtain Your consent. You can always turn off location sharing at any time using Your phone settings.
OPTIONAL: Contact Information for customer support
There may be occasions where You wish to contact Us to seek support. If You contact Us via Our website or by other means, We may need some Information from You, which You may choose to provide. This includes Your name, contact info such as your email address, phone number, as well as information about Your mobile device or personal computer such as device type, and OS type. We will use this Information to address and investigate the issues You have forwarded to Us, to provide You support and to improve Our customer support service.
OPTIONAL: Contact Information for promotional events and customer surveys
If You choose to participate in promotional events or surveys that Touchkin may offer from time to time, We might ask your contact details (e.g., name, mailing address, phone number, email address, gender and date of birth) to administer the event, such as to confirm participation eligibility for the event, to enable You to fill out a questionnaire, to conduct to deliver the prizes to You. NO PROMOTIONAL EVENT NOTIFICATIONS WILL BE SENT WITHOUT YOUR EXPLICIT PERMISSION TO RECEIVE MARKETING NOTIFICATIONS.
OPTIONAL: Payment Information
If You choose to purchase or use a fee-based service and pay for such service by means of in-app purchases via iTunes or Google Play, we will not collect, retain and store Your personal, financial and credit/debit card information. This is because Your card settlements including card and personal details will be handled by appropriate third-party payment agencies.
6. Other Important Information for You
What Information will be processed by Us for purposes of legitimate interests?
To provide the Service, We may use Your Information based on Our legitimate interests for the following purposes:
- To detect and deter unauthorized or fraudulent use of or abuse of the Service;
- For transmission, use and disclosure to business associates or third party based on a business associate agreement. The business associate will not use or disclose personal information in any way that would violate the contract.
- For uses and disclosures required by law;
- For disclosures for judicial and administrative proceedings;
- For disclosures for law enforcement purposes;
- For uses and disclosures for public health reporting, and other public health activities;
- For uses and disclosures to avert a serious threat to health or safety to You, Us, or others;
- For using minimal de-identified data to improve and/or optimize the Service;
- To enable Us to provide customer support, and to respond effectively to Your inquiries and claims;
- For uses and disclosures for oversight activities such as audits, investigations, and inspections;
- For uses and disclosures for research purposes (subject to qualifications and exceptions);
- For any direct marketing purposes;
- To allow You to use the apps on multiple devices and transfer Your app account to another device;
By using the Service, You hereby agree to the use of Your Information for the above mentioned purposes.
How does Touchkin protect Your information?
To fulfil Our commitment to respecting and protecting Your privacy and the confidentiality of Your Personal Information, Touchkin has implemented industry-standard safeguards to prevent unauthorized access or disclosure, misuse, alteration or destruction of Your information. More specifically, We will comply with all applicable data security laws in order to assure security, availability, processing integrity, confidentiality and privacy of data. All Information between the Wysa App and server is encrypted and transmitted via SSL.
Because no method of electronic transmission or method of data storage is perfect or impenetrable, We cannot guarantee that Your Information will be absolutely safe from intrusion during transmission or while stored in Our systems.
To help protect Your privacy and confidentiality of Your Information, We also need to ask for Your cooperation regarding the following: Please do not copy and transmit Your chat conversations, health data and/or Personal Information with other people. Also, please notify at the contact information provided in Section 7.b, in the event You suspect any unauthorized use of Your account or any other breach of security via Our contact information.
Where is Your Information transmitted and stored?
To provide the Service in a reliable and responsible manner, Touchkin processes and stores Your Information on secure servers which may be physically located in different countries around the world, including countries outside India.
By continuing to use the Service, You agree that your Information may be internationally transferred and that Touchkin can process and store Your Information in a country other than where You submitted it.
How long does Touchkin keep Your Information?
We may retain Your Information even after Your account is closed if retention is reasonably necessary. These could be in situations where We need to comply with applicable laws, regulations or legal obligations, provide and complete customer support service, resolve disputes between or with Touchkin users, or to detect and deter unauthorized or fraudulent use of or abuse of the Service.
Does Touchkin use outside service providers or agents?
To facilitate and provide You with the Service, it sometimes is necessary for Touchkin to request third party partner service providers or agents to help Us process and/or store your Information. We strictly evaluate the partner service providers and agents, and We make every effort to ensure that they have established appropriate and secure information administration and organizational control systems, and We strictly require that they comply with confidentiality obligations and applicable laws and regulations. We also require that they access Your Information only to the extent necessary to perform tasks on Our behalf.
Does Touchkin give Your Information to third parties?
As required by law and as per the agreements executed with business associates, third-party health coach and partners must protect the privacy of data Wysa will share with them and they are required to keep Your Information private and secure.
Does Touchkin use third-party modules?
Touchkin uses third party advertising agencies to place advertisements on the internet or in other media. To measure the effectiveness of the advertisements to determine how much to pay to the advertising agencies, We may install third-party modules within the Wysa app. We may also install other third-party modules within the Wysa app in order to deliver the Service and help Us understand how the Service is used.
Jurisdiction and Cross Border Transfer of Information
Touchkin has tried to make it as easy as possible for You to have control over Your Personal Information. If You have provided and We process Your Personal Information based on this contract, You can always send Us a written email request at the contact information provided in section 7.b at any time to confirm, rectify, or restrict processing of Your Personal Information. Upon verification of Your identity, We will respond to Your request within a reasonable period of time and in accordance with relevant laws. Touchkin will provide You with a request form that You will need to fill and submit back to Us via email. We will verify and remove only the specific identifiable information as requested by you, within 72 hours of receiving the filled request form.
You have the right to object to processing of Your personal information that is based on legitimate interests for the purposes explicitly mentioned in section 6.a by sending Us a written email request at the contact information provided in section 7.b.
How do You get access to Your entire conversation with the Wysa app?
You can send Us a written email request at the contact information provided in section 7.b at any time to have access to Your conversation messages with the Wysa app. Upon verification of Your identity, We will respond to Your request within a reasonable period of time and in accordance with relevant laws.
- IF YOU HAD “RESET YOUR DATA”, ONLY THE CONVERSATION MESSAGES POST THE LAST RESET WILL BE AVAILABLE FOR ACCESS.
- IF YOU HAVE CANCELLED THE SERVICE OR HAVE UNINSTALLED THE WYSA APP PRIOR TO MAKING A REQUEST FOR ACCESS, THEN WE WILL BE UNABLE TO PROVIDE YOU ACCESS TO YOUR CONVERSATION MESSAGES.
7. Additional information for You
Use of Services by Children
The Wysa app is intended for a general audience and is not directed to or intended to be used by children under the age of thirteen (13) years.
We understand the special necessity to protect children's privacy on Wysa, and We do not knowingly collect any Personal Information from children.
If, however, You believe We have collected any Personal Information from children, then please send Us a written request. Refer to Section 7.b for Our contact details.
If We learn that We have inadvertently collected Personal Information from children, We will deactivate the relevant account(s) upon identification and will take reasonable measures to promptly delete such Personal Information from Our records.
You are responsible for any use of Your credit/debit card or other payment instrument used by minors to make an in-app purchase.
Whom to contact for additional questions, comments or concerns
Touchkin eServices Private Limited
1st Floor, Manjusha, No 532
16th Cross, 2nd Main Road, 2nd Stage
Indiranagar, Bangalore, 560038
Karnataka - INDIA
For any technical issues, please contact us at email@example.com with Your questions
Can Non-English speaking users use the Wysa app?
The Wysa App has been built and is currently provided only for English language users.
To ensure wider reach, Touchkin will, in the near future, launch Wysa in other international languages. We will keep You updated of this development.
Best Practices to follow to keep your devices secure
You are also responsible for helping to protect the security of your Personal Information. You are responsible for maintaining the security of any personal computing device on which You utilize the Services.
US Federal Trade Commission (FTC) publishes information for users on how to secure your personal information and devices. These can be found at the following public link.
Touchkin strongly believes in security and safety of Information in Your mobile device. As a responsible service provider, We therefore like to share important device based security information for Your attention. These have been sourced from US FTC best practices and guidelines. Always refer back to the US FTC link provided above for more details and future security updates.
- Always lock Your mobile screen by setting a password. Use strong passwords and keep passwords private.
- Always keep Your mobile operating system up-to-date.
- Enable remote access of Your devices to enable You to locate and control Your devices remotely in the event Your device gets stolen.
- Install anti-virus software to protect against virus attacks and infections
- Avoid phishing emails. Do not open files, click on links or download programs sent by strangers
- Be wise about using Wi-Fi. Before You send Personal Information over Your laptop or smartphone on a public wireless network in a coffee shop, library, airport, hotel, or other public place, see if Your Information will be protected.
9. Severability and Exclusion
10. Governing Law and Dispute Resolution
Touchkin is a company based in India. By browsing/using the Services, You hereby acknowledge that Touchkin is not responsible or liable in any manner to comply with any local laws of Your territory except India.