Free shipping on orders over $149
BP 170 new product launch promotion 5% OFF (Applied at checkout)
BAND2 PROMOTION 20% OFF (enter Band20OFF at checkout)
This Privacy Policy (“Policy”) from Biospace, Inc., DBA InBody (“InBody”) is regarding and covers the Services, as defined below. This Policy states how we collect, use, disclose, and protect the Personal Information that an End User and/or an Analysis Facility provides us using the Service(s). This Policy is made counterpart to, and is deemed executed concurrently with, the Terms of Service for Analysis Facility/End User and a LookinBody Web Subscription Agreement entered between you and InBody, if applicable. You agree to the following:
Definitions
Services We Provide
This Policy applies to the following:
Information We Collect
Information We Collect from an End User:
Information We collect from an Analysis Facility:
An Analysis Facility may be asked to provide InBody with Personal Information of Facility Users who may access the Site. Such information can include their full name, telephone number, email address, and date of birth. The Staff member is a sub-tier account to the Admin account with limited access to the Site. Each Analysis Facility may have a different staff structure, and the level of access to the End User’s information, will be determined by InBody at our sole discretion by reference to the Facility User's responsibility and role at the Analysis Facility. A Facility User’s personal information is used to create account logins for the Site during the creation of an Administrator account and/or Staff member account. The Facility User is responsible for the accuracy of the information, any changes or updates on the account, and the confidentiality of the login credentials for the Site. A Facility User may be asked to provide identifiable information to InBody if they call in for support.
Analysis Facility – Covered Entity
In the event when a Covered Entity purchases the LookinBody Web Subscription, InBody becomes its Business Associate and both parties must comply with Privacy and Security Rules of HIPAA. An Analysis Facility that is a Covered Entity hereby represents and warrants to InBody that such Analysis Facility has obtained the necessary Authorization Form, to ensure that such Analysis Facility has consent to disclose each End User’s Personal Information and Personal Health Information which shall comply with HIPAA and other applicable state and federal privacy laws. The Covered Entity that discloses the Personal Health Information to InBody must enter into and comply with terms of a mutually agreeable Business Associate Agreement.
Information Collected Automatically
We may automatically collect the following information from your use of the Service(s) through cookies, web beacons, and other technologies: your domain name, browser type, operating system, web pages you view, links you click, your IP address, the length of time you visit our Site and/or use our App, mobile device, mobile number, and the referring URL, the webpage that led you to our Site etc. We may also have access to other data such as location, calls, mobile camera, photo gallery, and contacts, if you allow. Note that this information that is automatically collected does not include Protected Health Information.
Cookies and Other Collection Tools
We may use our cookies and other collection tools to track information about your use of our Site and other Services, or to track aggregate and statistical information about User activity. A cookie is a small file containing a string of characters that is sent to your computer when you visit a website; in this case the Site. When you visit the Site again, the cookie allows that site to recognize your browser. Cookies may store user preferences and other information such as a login credential and/or password. You can reset your browser to refuse all cookies or to indicate when a cookie is being sent. Other technologies are used for similar purposes as a cookie on other platforms where cookies are not available or applicable. Some cookies allow us to make it easier for you to navigate our Site and other Services, while others are used to enable a faster login process or to allow us to track your activities on our Site. All cookies are allowed, by default, but you can adjust this setting and clear cookie for all sites or for certain pages. You can disable or remove first-party and third-party cookie information and data. If you remove cookies, things like saved preferences on websites might get deleted and some website features or services may not function as well. But if you prefer, you can edit your browser options to block them in the future. The help portion of the toolbar on most browsers will tell you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie, and/or how to disable cookies altogether.
The application of this Privacy Policy is subject to the required equipment(s) and application(s) to upload and/or download the data to and from our server and is subject to the requirements or provisions of any applicable federal and state legislation, federal and state regulations, agreements or the ruling of any court or other lawful authority. All Analysis Facility Users, and InBody employees and contractors, with access to End User’s Personal Information are required to comply with this Privacy Policy.
Use of Information
Use of End User’s Information: by Analysis Facility
Other uses and disclosures of Personal Information not covered by this Policy and permitted by the applicable laws that apply to us may be made with your consent, your written authorization or that of your legal representative, or where permitted or required by applicable law. If we are authorized to use or disclose Personal Information about you, you or your legal representative may revoke that authorization in writing at any time with the Analysis Facility, except to the extent that we have taken action relying on the authorization or if the authorization was obtained as a condition of obtaining your account, or if we are legally required to make a particular use or disclosure of your information. You should understand that we will not be able to take back any disclosures we have already made with your authorization.
Disclosure of Information
We may share your Personal Information, with the following entities for the purpose described below provided that our sharing of your Personal Information and their use of your Personal Information complies with HIPAA and other applicable state and federal privacy laws.
Business transfers:
We may disclose Personal Information in connection with the sale, merger, sale of assets or reorganization of InBody or its affiliates. In such an event, your information will transfer to the acquiring company. Notice of such a transfer will be provided by posting to the Site or via another form of communication.
Third Parties:
We have a relationship with third-party service providers including, but not limited to, LookinBody Company and InBody Co., Ltd. They help us provide services to you, administer our business, and design, maintain, improve our Service(s), systems, procedures, protocols, and security.
When we allow our contracted third-party service provider to have access to your Personal Information, they are permitted to use it only for purposes that are consistent with this Policy. We ensure, through agreements in place, that these third parties have equivalent level of protection established in their organizations for sturdy protection of your information. If a substantial change in our or our associates’ business model occurs, that impacts the use of your information, an updated privacy policy will be provided. Below is the list of some of the third parties that may use your Personal Information:
Use of Personal Information: By LookinBody Company
We may collaborate with other companies and individuals to perform services on our behalf. Any such subcontractor will be treated with and under the compliance of 45 CFR § 164.502(b). Examples of providers include data analysis firms, credit card processing companies, customer service and support providers, email and SMS vendors, web hosting and development companies and fulfillment companies. Companies may also include our co-promote partners for Services that we jointly develop and/or market with. These third parties may be provided with access to the Personal Information needed to perform functions for us, but the use will be subject to contracts and agreements in place that protect the confidentiality of the information. Third party integration with our Services, such as Site, may require access to the Personal Information in a non-traditional manner which will be subject to different set of Terms.
Law enforcement:We may disclose and report to law enforcement agencies information related to activities that we reasonably believe to be unlawful, or that we reasonably believe may aid a law enforcement investigation into unlawful activity. In addition, we reserve the right to release your information to law enforcement agencies if we determine, in our sole judgment, that the release of your information may help protect the safety or property of any person or entity.
Required or Permitted by law:We may disclose your information to others as required or permitted by law. This may include disclosing your information to governmental entities, or pursuant to court orders, subpoenas, warrant, summons or similar process.
Protection for Us and Others:We may disclose the information we collect from you where we believe it is necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any individuals, violations of our Terms or this Policy, or as evidence in litigation in which we are involved.
Data That You May Direct us to ShareYou can direct us to share your data with other parties or users. For example, you may authorize us to share your data with other End Users through the mobile App, with your employer as part of a wellness program or with other End Users or Analysis Facilities in connection with your participation in contests, challenges or other events. You may also direct us to share your Personal Information with any other third-party app or website which will be subject to different set of terms and conditions.
Consent
Data Retention and Deletion
We and our affiliates actively retain Personal Information for ten years for our relationship for the purposes described above or as permitted or required by federal law. Aggregation of data will take place after ten years of your inactivity. Your Personal Information is aggregated when you are inactive on the App AND have not used the Product for ten years. When your information is aggregated, your Protected Health Information, name, ID, phone number, and email address, is deleted permanently. Only the de-identifiable information is kept for development, improvement, and/or marketing purposes. Inactivity is defined by two requirements:
Inactivity or cancellation of the subscription by the Analysis Facility from the Product or the Service does not impact your access to previous test results or the test results produced by InBody wearable products. If you are continuously using the Product, your information will be retained until you become inactive for ten years or delete the information by making a request to the Facility.
Data can be deleted (i) if an Administrator of the Site deletes the data or account on the Site; or (ii) if you manually delete the test results on the App (which does not mean that data has been deleted on the Facility’s Site).
To delete your Personal Information permanently, you must talk to your Administrator or Staff Member to delete your information. Analysis Facility has Custody and Control over data that was acquired at their Facility. However, if you do not have a Facility and you use personal or home use device(s) independently, you may delete your test results or withdraw your account to permanently delete your account and information therein.
Deleting records and Personal Information is permanent; however, please note that in some cases we may be required to retain certain information where permitted or required by law, including without limitation if such information is the subject of a legal dispute. LookinBody Company may wait for a certain time before permanently deleting your records or Personal Information in order to help avoid accidental or malicious removal of your information.
BackupsA Backup is defined as data stored that matches the data on the Analysis Facility’s Product(s). The Backup will be maintained for the duration of the End User account or LookinBody Web active account until data is permanently deleted from the account. Data may be stored in the Backup even after someone deletes an End User account or information to avoid accidental or malicious deletion of your information. After a reasonable time period has passed, the data will be deleted permanently or restored if requested. After the data is deleted permanently, the Backup will be deleted, subject to any legal requirements.
Data Accuracy
InBody works hard to ensure that the information within its Custody and Control is accurate. Nevertheless, the End User should be vigilant of the accuracy of their own Personal Information. The method for updating Personal Information depends on the information source. Personal Information comes from one of the following:
Information you delete, update, or add on the App is stored only on your phone, viewable to you,nd will impact your manually inputted test results, Personal Use device, and Wearable device results. It is in our Custody but Controlled by you. If you wish to update your Personal Information on any other device you should consult your Analysis Facility or update it yourself on the device. To update your personal information on the Site, make a request to the Facility User. Understand that any change to your Personal Information will not impact your previous tests.
Any factors of the Personal Information that are dynamic (changes frequently) for example Weight, Age or Phone Number, should be updated by you or the Analysis Facility accordingly. As the Analysis Facility and you have full authority to change or update any part of the Personal Information, InBody and its affiliates do not take responsibility for test results and/or decisions made, based on the inaccurate Personal Information.
Accessing and Correcting Personal Information
You and the Analysis Facility have full authority to add, update, or delete any part of your Personal Information. Yet you may request access or correction of your Personal Information to us. To access or request correction of your Personal Information, please contact us at Info@InBody.com.We may require you to verify your identity before allowing you to access your Personal Information. We may decline your access because of security or legal reasons but you can submit a written request to us and we will try to address the issues as soon as possible.
Children’s Privacy
We are mindful that the Services will be attractive and of benefit to potential users under the age of 18 or local age of majority and it is our policy, regardless of the country in which the Analysis Facility is located, to ensure that parents or legal guardians can monitor data collected in respect of such users. Our Service(s) is available to End Users who are below the age of 18 or local age of majority. The parent or legal guardian of any End User aged below 18 years of age is required to consent to the collection and use of his/her child’s Personal Information and Personal Health Information at the time of registering and use of our Services. When you consent to this Policy, if applicable, you consent to the collection, use, and disclosure of Personal Information and Personal Health Information of your child. A parent or legal guardian of any child who has not attained 18 years of age or local age of majority can review his/her child’s Personal Information and Personal Health Information, ask to have it deleted, and refuse to allow any further collection or use of the child’s information from the Analysis Facility.
Safeguards
We work very hard to protect the data you provide. We take reasonable and appropriate measures to protect the data you submit, including physical, organizational, and technological security measures. Furthermore, we promise to never sell your Personal Information. Please be aware, however, that the Internet is a global communications vehicle open to threats, viruses, and intrusions from others. By accepting this Policy, the End User and Analysis Facility each acknowledge that unintentional data loss may occur despite the efforts made in good faith by InBody, its third-party affiliates, or an Analysis Facility.
The purpose of access and process by the third-party affiliates in different countries will remain consistent with this Policy. Processing and access may be possible from other countries whose data protection laws may differ from the jurisdiction in which you live. As a result, this information may be subject to access requests from governments, courts, or law enforcement in those jurisdictions according to laws in those jurisdictions. If you are an Analysis Facility or a Facility User, you represent and warrant to InBody that you attained all necessary consent and provided all necessary notices as required by applicable laws for the purposes of this Policy.
Technical Safeguards
We use a variety of security measures, including encryption and authentication tools to help protect your information. Third parties, including, but not limited to, LookinBody Company utilize extended levels of security to protect the electronic data.
Physical Safeguards
We review our information collection, storage and processing practices, including physical security measures, to guard against unauthorized access to our office. Third Parties such as LookinBody Company restrict their offices to authorized personnel only, also other forms of restriction are applied to enter the department with access to the server.
Administrative Safeguards
We restrict access to Personal Information and Personal Health Information to InBody employees, contractors, and agents who need to know Personal Information or Personal Health Information in order to process something for us. They are subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations. Third parties are also required to limit the access to our server(s), to authorized personnel only, who use the information for the purposes indicated in this Policy.
Incident Management
InBody and its third-party affiliates have developed a comprehensive incident readiness and response plan designed to identify the cause, extent and nature of an incident involving Personal Information and Personal Health Information and to allow timely reporting in accordance with our contractual terms or legal obligations.
Anti-Discrimination
We promise not to retaliate or discriminate against anyone exercising consumer rights under the California Consumer Protection Act or any other applicable consumer protection regulation, and we reserve the right to adjust our pricing based on services offered.
Terms and Conditions
Your continued use of our Services, and any disputes arising from them, is subject to this Policy as well as our Terms. Please visit our Terms, which explain other terms governing the use of our Services.
Links
The Site may provide links to other sites that provide information related to our Services. Once you link to another site, you are subject to the privacy policy of the new site. You can also find a list of Services at our website www.inbodyusa.com.
Update
We reserve the right to change and amend any part of the Policy at any time and without prior notice. Details of these updates will be made available on the Site. We advise you check the Site from time to time to make sure that you agree with any changes and amendments. Your continued use of our Services constitutes your acceptance to this Policy and any updates. This Policy is incorporated into the Terms of Service for End User (if you are an End User) and the Terms of Service for Analysis Facility (if you are a Facility User).
Contact Information
If you have any questions or comments regarding this Policy, our information handling practices, or any other aspects of your privacy and the security of information, please send an email to consumer@inbody.com or contact us at
InBody
13385 Cerritos Corporate Dr., Suite C
Cerritos, CA 90703