Last Updated: 14/12/2023

Introduction

Verba is committed to protecting the privacy and security of your personal and health-related data. This privacy policy outlines our practices in line with the General Data Protection Regulation (GDPR) and the Health Insurance Portability and Accountability Act (HIPAA).

Data Controller (GDPR) and Covered Entity (HIPAA)

Verba acts as the data controller (GDPR) and a covered entity (HIPAA) regarding the personal health information (PHI) collected and processed through our app.

Types of Data Collected

  • Personal Identification Information: Name, email, and other contact details.

  • Health Information: Journal entries that may contain health-related information.

  • Usage Data: Interaction with the app, including time logs and feature usage.

Lawful Basis for Processing (GDPR) and PHI Use and Disclosure (HIPAA)

  • Consent (GDPR): Explicit consent is obtained to process your personal data for specified purposes.

  • Contractual Necessity (GDPR): Processing necessary for the performance of our service.

  • Legal Obligation (GDPR): Compliance with legal requirements.

  • Treatment, Payment, and Healthcare Operations (HIPAA): Use of PHI for healthcare treatment, payment processing, or healthcare operational purposes.

Purpose of Processing

  • To provide mental health journaling services.

  • To facilitate communication between you and your therapist.

  • For internal research to improve our services.

Data Subject (GDPR) and Individual Rights (HIPAA)

Under GDPR and HIPAA, you have the right to:

  • Access your personal and health information.

  • Request corrections to your data.

  • Obtain a copy of your data in a portable format.

  • Request deletion of your data (subject to legal and regulatory requirements).

  • Withdraw consent for data processing (GDPR).

Data Sharing and Transfer

  • Therapists: Journal entries are shared with your designated therapist as part of the app’s functionality.

  • Third Parties: We do not sell or rent your data. We may share anonymized data with research partners.

  • International Transfers (GDPR): Safeguards are in place for data transfer outside the EEA.

Data Security

We implement stringent security measures to protect against unauthorized access, alteration, or destruction of data.

Data Retention

Data is retained as long as necessary for providing our services and as required by law. You may request the deletion of your data by contacting us.

Children's Privacy

Not intended for individuals under the age of 16 without parental consent.

Changes to This Policy

We reserve the right to modify this policy, with changes communicated through our website or the app.

Contact Information

For any inquiries about this policy or your data rights, please contact us at hello@myverba.com


Last Updated: 14/12/2023

Introduction

Verba is committed to protecting the privacy and security of your personal and health-related data. This privacy policy outlines our practices in line with the General Data Protection Regulation (GDPR) and the Health Insurance Portability and Accountability Act (HIPAA).

Data Controller (GDPR) and Covered Entity (HIPAA)

Verba acts as the data controller (GDPR) and a covered entity (HIPAA) regarding the personal health information (PHI) collected and processed through our app.

Types of Data Collected

  • Personal Identification Information: Name, email, and other contact details.

  • Health Information: Journal entries that may contain health-related information.

  • Usage Data: Interaction with the app, including time logs and feature usage.

Lawful Basis for Processing (GDPR) and PHI Use and Disclosure (HIPAA)

  • Consent (GDPR): Explicit consent is obtained to process your personal data for specified purposes.

  • Contractual Necessity (GDPR): Processing necessary for the performance of our service.

  • Legal Obligation (GDPR): Compliance with legal requirements.

  • Treatment, Payment, and Healthcare Operations (HIPAA): Use of PHI for healthcare treatment, payment processing, or healthcare operational purposes.

Purpose of Processing

  • To provide mental health journaling services.

  • To facilitate communication between you and your therapist.

  • For internal research to improve our services.

Data Subject (GDPR) and Individual Rights (HIPAA)

Under GDPR and HIPAA, you have the right to:

  • Access your personal and health information.

  • Request corrections to your data.

  • Obtain a copy of your data in a portable format.

  • Request deletion of your data (subject to legal and regulatory requirements).

  • Withdraw consent for data processing (GDPR).

Data Sharing and Transfer

  • Therapists: Journal entries are shared with your designated therapist as part of the app’s functionality.

  • Third Parties: We do not sell or rent your data. We may share anonymized data with research partners.

  • International Transfers (GDPR): Safeguards are in place for data transfer outside the EEA.

Data Security

We implement stringent security measures to protect against unauthorized access, alteration, or destruction of data.

Data Retention

Data is retained as long as necessary for providing our services and as required by law. You may request the deletion of your data by contacting us.

Children's Privacy

Not intended for individuals under the age of 16 without parental consent.

Changes to This Policy

We reserve the right to modify this policy, with changes communicated through our website or the app.

Contact Information

For any inquiries about this policy or your data rights, please contact us at hello@myverba.com


Last Updated: 14/12/2023

Introduction


Verba is committed to protecting the privacy and security of your personal and health-related data. This privacy policy outlines our practices in line with the General Data Protection Regulation (GDPR) and the Health Insurance Portability and Accountability Act (HIPAA).


Data Controller (GDPR) and Covered Entity (HIPAA)

Verba acts as the data controller (GDPR) and a covered entity (HIPAA) regarding the personal health information (PHI) collected and processed through our app.

Types of Data Collected

  • Personal Identification Information: Name, email, and other contact details.

  • Health Information: Journal entries that may contain health-related information.

  • Usage Data: Interaction with the app, including time logs and feature usage.

Lawful Basis for Processing (GDPR) and PHI Use and Disclosure (HIPAA)

  • Consent (GDPR): Explicit consent is obtained to process your personal data for specified purposes.

  • Contractual Necessity (GDPR): Processing necessary for the performance of our service.

  • Legal Obligation (GDPR): Compliance with legal requirements.

  • Treatment, Payment, and Healthcare Operations (HIPAA): Use of PHI for healthcare treatment, payment processing, or healthcare operational purposes.

Purpose of Processing

  • To provide mental health journaling services.

  • To facilitate communication between you and your therapist.

  • For internal research to improve our services.

Data Subject (GDPR) and Individual Rights (HIPAA)

Under GDPR and HIPAA, you have the right to:

  • Access your personal and health information.

  • Request corrections to your data.

  • Obtain a copy of your data in a portable format.

  • Request deletion of your data (subject to legal and regulatory requirements).

  • Withdraw consent for data processing (GDPR).

Data Sharing and Transfer

  • Therapists: Journal entries are shared with your designated therapist as part of the app’s functionality.

  • Third Parties: We do not sell or rent your data. We may share anonymized data with research partners.

  • International Transfers (GDPR): Safeguards are in place for data transfer outside the EEA.

Data Security

We implement stringent security measures to protect against unauthorized access, alteration, or destruction of data.

Data Retention

Data is retained as long as necessary for providing our services and as required by law.

Children's Privacy

Not intended for individuals under the age of 16 without parental consent.

Changes to This Policy

We reserve the right to modify this policy, with changes communicated through our website or the app.

Contact Information

For any inquiries about this policy or your data rights, please contact us at [Your Contact Information].




Privacy policy

Privacy policy