yōjō Privacy Policy

Last updated: 6 October 2025

LUMINA HEALTH LIMITED t/a yōjō PRIVACY POLICY 

1. INTRODUCTION

1. We provide the Services and Devices and operate the website www.yojo.health. We are Lumina Health Limited (trading as yōjō), a company registered in England and Wales (Company No. 13473052), with its registered office at Kingsview, Brooks Close, Weybridge, Surrey, England, KT13 0LX. We are referred to in these this Privacy Policy as “yōjō”, “we”, “us”, or “our.”
2. The terms “Services”, “App” and “Devices” have the meanings ascribed to them in our Terms and Conditions (incorporating our Terms of Use and Terms of Sale). 
3. This page (which is intended to be read together with our Terms of Use and Terms of Sale) explains how we handle your personal data when you visit our website, make use of our Services, our App and/or our Devices, and contact us through our official social media pages or email. We will refer to it below and in the Terms of Use and the Terms of Sale as our “Privacy Policy”. 
4. In this Privacy Policy you will find the answers to the following questions:
   
   1. how we use your data;
   2. when we provide your data to others;
   3. how long we store your data;
   4. what is our marketing policy;
   5. what rights related to personal data you possess;
   6. how we use cookies;
   7. other issues that you should take into account.
5. In case of any inquiries or if you would like to exercise any of your rights provided in this Privacy Policy, you may submit such inquiries and requests by means provided in the “Contact Us” section on www.yojo.health.
6. You may also contact us regarding all privacy related issues by email: support@yojo.health
7. All the definitions used in this Privacy Policy have the same meaning as prescribed in our Terms of Use and Terms of Sale unless expressly provided otherwise in this Privacy Policy. This Privacy Policy forms an integral part of both our Terms of Use and our Terms of Sale.
8. This Privacy Policy is drafted in accordance with the UK General Data Protection Regulation ("UK GDPR"), the Data Protection Act 2018 ("DPA 2018"), the EU General Data Protection Regulation ("EU GDPR"), the California Consumer Privacy Act ("CCPA"), and where applicable, the Health Insurance Portability and Accountability Act of 1996 ("HIPAA") for users in the United States. We also aim to meet the data protection expectations of other jurisdictions in which our users reside.
9. In the event this Privacy Policy is translated into other languages and if there are differences between the English version and such translation, the English version shall prevail, unless otherwise provided.

2. HOW WE USE YOUR PERSONAL DATA
   
   1. This clause provides the following information:
      
      1. categories of personal data that we process;
      2. in case of the personal data that we did not obtain directly from you, the source and specific categories of that data;
      3. the purposes for which we may process your personal data; and
      4. the legal bases of the processing.
   2. We process your account data (“Account Data”). The Account Data may include your name and email address, phone number and other data that you provide while registering as well as your purchase and referral history. We obtain such data directly from you. We process account data for the purposes of operating our Site, providing our Services, ensuring the security of our Services and communicating with you. Your Account Data is processed at https://yojo.health. The legal basis for this processing is the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract as well as our legitimate interest, namely monitoring and improving our Services.
   3. We process information relating to provision of services by us to you, and/or our offering and selling of Devices to you (“Service Data”). The Service Data may include your contact details (such as your email address), bank account and transaction details as well as other information that you provide to us while filling up the relevant questionnaires (such may include sensitive personal data, related to your health, in case such data is necessary to provide the relevant service). The Service Data is processed to provide services as well as keep proper records of those transactions. The legal basis for this processing is the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract and our legitimate interests, namely the proper administration of our Services and business. In case of sensitive personal data, related to your health the legal basis for processing is your explicit consent.
   4. We may process information that you provide to us for the purpose of subscribing to our email messages and newsletters (“Messaging Data”). The Messaging Data is processed to send you the relevant messages and newsletters. The legal basis for this processing is your consent. Also, if we have already sold goods or provided services for you via our Services, and you do not object, we may also process Messaging Data on the basis of our legitimate interest, namely seeking maintain and improve customer relations.
   5. We may process information relating to any communication that you send to us (“Correspondence Data”). The Correspondence Data may include the communication content and metadata associated with the communication. The Correspondence Data is processed for the purposes of communicating with you and record-keeping. The legal basis for this processing is our legitimate interests, namely the proper administration of our Services and business, ensuring uniform and high-quality consultation practice and for investigating disputes between you and our employees.
   6. We may process information on your use of our Services (including without limitation the Site and our App) as well as on your Device (“Device Data”) when you are browsing our Site or using our Services. Device Data may include IP address, geographical location, browser type and version, operating system, pairing status, battery status, error/crash logs, device type, screen resolution and (in case you agree to share such) your location data as well as information on the motion activity and stimulation levels, use of our Services and apps (i.e. referral source, length of visit, page views and website navigation paths, as well as session logs and information about the timing, frequency and pattern of your service use). We obtain such data through the use of cookies and similar technologies. Device Data is processed to enhance our Services as well as to set default options. We also use such data to have a better understanding of how you use our Services as well as for securing our Services. The legal basis for this processing is our legitimate interest, namely the proper management of our Services and business.
   7. With your explicit consent, we will collect and process certain health-related and other data from your device (through the Device, our Services or third-party applications). All such health data will be processed in accordance with Article 9(2)(a) UK GDPR (explicit consent), and where applicable, Section 2(f) of the DPA 2018. This data is collected to enhance our services, make research (from anonymised data) and provide you with a personalized experience. The types of health data we may collect are the following:
      
      1. Breathing Rate
      2. Coaching Data: Consultation notes, in-app chat messages, engagement records and information related to your engagements with our coaches and counsellors.  
      3. Facial Scans: Short front-camera video processed on-device to estimate vital signs (heart rate, HRV using RMSSD, breathing rate, and blood-pressure estimate); no video or images are retained.
      4. Heart Rate Variability (HRV) Record: Measurements of heart rate variability using RMSSD (Root Mean Square of Successive Differences).
      5. Height Record: Data on your height.
      6. Resting Heart Rate Record: Measurements of your heart rate at rest.
      7. Stress Data
      8. Weight Record: Data on your weight.
   8. The health data we collect is used to:
      
      1. Personalise your yōjō” experience and your health and fitness insights;
      2. Deliver personalised coaching consultations and in-app chat support; 
      3. Encourage your frequent engagement with our Services and the Device and track and report back to you on your engagement;
      4. Enhance the accuracy of our Services and Devices;
      5. Offer tailored recommendations and feedback;
      6. Conduct research on the effectiveness of our Services and Devices;
      7. Monitor and improve the functionality of our Services and Devices.
   9. Where required by US law, we will obtain separate written authorisations for uses and disclosures of PHI under HIPAA. Please note that if you are a consumer directly using our Services for personal or household purposes, and not acting on behalf of a Covered Entity or healthcare provider, HIPAA will not apply to our processing of your data. Instead, your health data will be handled under applicable privacy laws including the UK GDPR, EU GDPR, and CCPA.
   10. We are committed to protecting your privacy and ensuring the security of your data. All health data collected will be stored securely and used in compliance with applicable privacy laws and regulations. You have the right to access, modify, or delete your health data at any time.
   11. You can withdraw your consent for the collection and processing of your health data at any time. If you choose to withdraw your consent, we will cease the collection of your health data and delete any previously collected data, subject to our retention policy and legal obligations.
   12. We may collect the following types of personal data to enhance your experience and support our product research and development initiatives:
       
       1. Symptoms Logged: User-reported (voluntary) health symptoms.
       2. Purpose: To evaluate health issues and correlate improvements with Device and Services usage.
       3. Retention Period: Retained for 6 months since the last App usage and anonymised for research purposes.
   13. We do not make decisions based solely on automated processing, including profiling, which produce legal or similarly significant effects on you. Where any such automated decision-making is implemented in the future, you will be notified, and we will obtain your explicit consent where required by law. You will also have the right to request human intervention, express your point of view, and contest the decision.
   14. We may process any of your personal data identified in this Privacy Policy where necessary for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure. The legal basis for this processing is our legitimate interests, namely the protection and assertion of our legal rights, your legal rights and the legal rights of others.
   15. We may process any of your personal data identified in this Privacy Policy where necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, or obtaining professional advice. The legal basis for this processing is our legitimate interests, namely the proper protection of our business against risks.
   16. In addition to the specific purposes for which we may process your personal data set out in this clause 2, we may also process any of your personal data where such processing is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
   17. Where health-related data we process qualifies as Protected Health Information ("PHI") under HIPAA, we shall act as a "Business Associate" where we perform services on behalf of a "Covered Entity" or otherwise meet the definition under HIPAA. We shall comply with applicable HIPAA rules, including implementing appropriate administrative, physical, and technical safeguards to protect PHI, and entering into required Business Associate Agreements ("BAAs"). If you are a US-based healthcare provider using our Services in a professional capacity, please contact us at support@yojo.health to discuss our HIPAA compliance practices and BAAs.
   18. We collect and process only the minimum amount of personal data necessary for the purposes set out in this Privacy Policy. We do not repurpose your data in a way that is incompatible with these purposes unless required or permitted by law, or with your explicit consent.
3. WHEN WE PROVIDE YOUR DATA TO OTHERS
   
   1. We may disclose your personal data to any member of our group of companies (including our subsidiaries, our ultimate holding company and all its subsidiaries) insofar as reasonably necessary for the purposes set out in this Privacy Policy. Such may include internal administration purposes as well as provision/sharing of IT, payment (excluding health data) or marketing services (excluding health data) or data centres in the group.
   2. We may disclose your personal data to our insurers and/or professional advisers insofar as reasonably necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, obtaining professional advice, or the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.
   3. We may disclose your personal data to our anti-fraud, risks and compliance providers insofar as reasonably necessary for the purposes of protecting your personal data and fulfilling our legal obligations.
   4. We may disclose your personal data to our payment service providers. We will share service data with our payment services providers only to the extent necessary for the purposes of processing your payments, transferring funds and dealing with complaints and queries relating to such payments and transfers.
   5. We may disclose your personal data to other service providers insofar as it is reasonably necessary to provide specific services (including, providers of servers and maintenance thereof, email service providers (excluding health data), service providers used for data analysis or marketing (excluding health data), call centres (excluding health data), customer satisfaction surveys or market research (excluding health data)). We take all the necessary measures to ensure that such subcontractors would implement proper organisational and technical measures to ensure security and privacy of your personal data.
   6. In addition to the specific disclosures of personal data set out in this clause 3, we may disclose your personal data where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
   7. Persons indicated in this clause may be established outside the United Kingdom, European Union and European Economic Area. In case we will transfer your personal data to such persons, we will take all the necessary and in the legal acts indicated measures to ensure that your privacy will remain properly secured, including where appropriate, signing standard contractual clauses for transfer of data. To find out more information regarding appropriate safeguards you may contact us via email: support@yojo.health.
   8. Without your explicit consent we will not transfer any sensitive or health related data to advertising platforms, data brokers, or information resellers. We will transfer this data to third parties which provide or improve the application’s use case or features or providers of the services which ensure the functionality of the application or services.
   9. We do not sell or rent your personal data, including your sensitive or health-related data, to third parties. We do not share such data for cross-context behavioural advertising without your explicit opt-in consent.
   10. Where third parties act as our processors, they are contractually bound under a Data Processing Agreement ("DPA") to process your personal data only in accordance with our instructions and implement appropriate security safeguards. Where required under HIPAA, such third parties shall also enter into Business Associate Agreements with us.
   11. International data transfers are subject to appropriate safeguards such as the International Data Transfer Agreement (IDTA), the UK Addendum to the EU Standard Contractual Clauses (SCCs), or other legally approved mechanisms.
   12. A current list of our key third-party subprocessors, including cloud infrastructure, analytics, communication, and storage providers, is available upon request. We enter into binding contracts with all such providers requiring them to uphold comparable data protection standards.
4. HOW LONG DO WE STORE YOUR PERSONAL DATA
   
   1. Your personal data that we process for any purpose or purposes shall not be kept for longer than is necessary, or is legally permitted, for that purpose or those purposes. In any case it shall be kept for no longer than:
      
      1. Account Data will be retained for no longer than 5 (five) years following your last update on the Account;
      2. Service Data will be retained for no longer than 5 (five) years following the end of provision of Services;
      3. Device Data will be retained for no longer than 5 (five) years following the end of provision of Services;
      4. Messaging Data will be retained for no longer than 2 (two) years following the provision of consent or, in case, the messaging data is being sent to the present clients in order to maintain and improve customer relations, for no longer than 2 (two) years following the end of provision of the respective services, unless you respectively withdraw your consent earlier or object to such processing;
      5. Correspondence Data will be retained for no longer than 6 (six) months following the end of such communication.
      6. Health Data collected through your device will be retained for no longer than 6 (six) months since your last consent, once you revoke your consent health data will be deleted and not retained or anonymised, in case you delete the app, we will also delete or anonymize health data.
      7. Data collected for research and product improvement purposes (clause 2.11) will be retained as provided therein.
   2. In some cases, it is not possible for us to specify in advance the periods for which your personal data will be retained. i.e. Device Data will be retained for as much as will be necessary for the relevant processing purposes.
   3. Notwithstanding the other provisions of this clause 4, we may retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person. Where legally required, we may retain health and transaction data for a longer period to comply with obligations under tax laws, consumer protection laws, medical device regulations, or HIPAA (for example, a six-year retention requirement under 45 CFR §164.530(j))
5. MARKETING COMMUNICATION
   
   1. In case you consent, we will contact you via email or phone to inform on what we are up to. Please note, that your consent is not a condition of any purchase. Also, if we already have provided services to you and you do not object, we will inform you about our Companies or our members of our group Companies other products that might interest you including other information related to such via email or phone, when such were provided to us by you.
   2. When contacting you by phone as provided in clause 5.1 above, WhatsApp/SMS/text messages from us will be received through your wireless provider to the mobile number you provided. WhatsApp/SMS/text messages may be sent using an automatic telephone dialing system or other technology. Message frequency varies. Message and data rates may apply.
   3. You may opt-out of receiving any marketing communications at any time. You may do so by choosing the relevant link in any of our marketing messages or contacting us via means provided in our Services. If you are receiving both email and phone marketing communications on the grounds provided in section 5.1 above and you wish to opt-out of receiving them, you will need to opt out separately by following the relevant link in any of our marketing messages or contacting us via means provided in our Services.
   4. Upon you having fulfilled any of the provided actions we will update your profile to ensure that you will not receive our marketing communication in the future.
   5. Please be informed that as our business activities consists of a network of closely related services, it may take a few days until all the systems are updated, thus you may continue to receive marketing communication while we are still processing your request.
   6. In any case, the opt-out of the marketing communications will not stop you from receiving communication directly related to the provision of services.
   7. No mobile information will be shared with third parties/affiliates for marketing/promotional/sweepstakes purposes. All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared
      with any third parties. 
6. CONSENT TO RECEIVE COMMUNICATIONS
   
   1. By providing your contact details, including your email address and phone number, you hereby consent to receive communications from us, which may include but are not limited to:  
      
      1. Emails: customer service communications, service- and support-related communications, notifications, newsletters, service updates, and promotional offers related to our products and services.
      2. WhatsApp Messages: customer service messages, service- and support-related communications; promotional messages, special offers, and transactional communications related to your account.
      3. SMS Messages: Promotional messages, special offers, and transactional communications related to your account.
      4. Calls: Promotional calls, customer service calls, and service- and support-related communications.
   2. You acknowledge and agree that:
      
      1. Emails: You may unsubscribe from promotional emails at any time by clicking the unsubscribe link provided in such emails. However, essential transactional emails, such as order confirmations or service updates, will still be sent to you as necessary.
      2. WhatsApp Messages: By providing your phone number, you consent to receive WhatsApp messages, including promotional offers. You may opt-out of receiving promotional WhatsApp messages by replying “STOP” to any such message. Transactional WhatsApp messages may still be sent as needed.
      3. SMS Messages: By providing your phone number, you consent to receive SMS messages, including promotional offers. You may opt-out of receiving promotional SMS messages by replying “STOP” to any such message. Transactional SMS messages may still be sent as needed.
      4. Calls: You consent to receive promotional and service-related calls at the phone number provided. You may revoke this consent at any time by contacting the us or following any opt-out instructions provided during the call.
   3. Your consent to receive such communications is not a condition of purchasing any goods or services. Where required by applicable laws (e.g. the UK Privacy and Electronic Communications Regulations 2003 (PECR), the CAN-SPAM Act, or the CCPA), we will obtain your prior opt-in consent for direct marketing and allow you to opt out at any time.
7. YOUR RIGHTS
   
   1. In this clause, we have summarised the rights that you have under data protection laws. Some of the rights are complex thus we only provide the main aspects of such rights. Accordingly, you should read the relevant laws (first and foremost the General Data Protection Regulation (EU) 2016/679) and guidance from the regulatory authorities for a full explanation of these rights.
   2. Your principal rights under data protection law are the following:
      
      1. the right to access data;
      2. the right to rectification;
      3. the right to erasure of your personal data;
      4. the right to restrict processing of your personal data;
      5. the right to object to processing of your personal data;
      6. the right to data portability;
      7. the right to complain to a supervisory authority; and
      8. the right to withdraw consent.
   3. The right to access data. You have the right to confirmation as to whether or not we process your personal data and, where we do, access to the personal data, together with certain additional information. That additional information includes details of the purposes of the processing, the categories of personal data concerned and the recipients of the personal data. Providing the rights and freedoms of others are not affected, we will supply to you a copy of your personal data. The first copy will be provided free of charge, but additional copies may be subject to a reasonable fee.
   4. The right to rectification. You have the right to have any inaccurate personal data about you rectified and, taking into account the purposes of the processing, to have any incomplete personal data about you completed.
   5. In some circumstances you have the right to the erasure of your personal data  Those circumstances include when: (i) the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed; (ii) you withdraw consent to consent-based processing and there are no other legal basis to process data; (iii) you object to the processing under certain rules of applicable data protection laws; (iv) the processing is for direct marketing purposes; or (v) the personal data have been unlawfully processed. However, there are exclusions of the right to erasure. Such exclusions include when processing is necessary: (i) for exercising the right of freedom of expression and information; (ii) for compliance with our legal obligation; or (iii) for the establishment, exercise or defence of legal claims.
   6. In some circumstances you have the right to restrict the processing of your personal data. Those circumstances are when: (i) you contest the accuracy of the personal data; (ii) processing is unlawful but you oppose erasure; (iii) we no longer need the personal data for the purposes of our processing, but you require personal data for the establishment, exercise or defence of legal claims; and (iv) you have objected to processing, pending the verification of that objection. Where processing has been restricted on this basis, we may continue to store your personal data, however we will only further process such data in any other way: (i) with your consent; (ii) for the establishment, exercise or defence of legal claims; (iii) for the protection of the rights of another person; or (iv) for reasons of important public interest.
   7. You have the right to object to our processing of your personal data on grounds relating to your particular situation, but only to the extent that the legal basis for the processing is that the processing is necessary for: the performance of a task carried out in the public interest or the purposes of the legitimate interests pursued by us or by a third party. If you make such an objection, we will cease to process the personal information unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the establishment, exercise or defence of legal claims. 
   8. Further to clause 7.7 above, if you are a California resident: 
      
      1. you may also have the following rights under the CCPA:
         
         1. the right to know the categories and specific pieces of personal information we collect about you;
         2. the right to delete personal information we have collected from you (subject to certain exceptions);
         3. the right to opt out of the sale or sharing of your personal information; and
         4. the right to non-discrimination for exercising your CCPA rights;
      2. we do not use or disclose sensitive personal information for purposes other than those specified under the CCPA; and
      3. you may authorise an agent to make a request on your behalf under applicable US state privacy laws by providing the agent with signed written permission.
   9. You may also have rights under other US state laws such as the Virginia Consumer Data Protection Act (VCDPA), Colorado Privacy Act (CPA), Connecticut Data Privacy Act (CTDPA), and similar laws in effect or coming into effect. Where applicable, these include the right to confirm whether we are processing your personal data, to access and correct inaccuracies, to delete data, and to opt out of targeted advertising, sale of personal data, or profiling in furtherance of decisions that produce legal effects.
   10. You have the right to object to our processing of your personal data for direct marketing purposes (including profiling for direct marketing purposes). If you make such an objection, we will cease to process your personal data for this purpose.
   11. You have the right to object to our processing of your personal data for scientific or historical research purposes or statistical purposes on grounds relating to your particular situation, unless the processing is necessary for the performance of a task carried out for reasons of public interest.
   12. The right to data portability. To the extent that the legal basis for our processing of your personal data is:
       
       1. consent; or
       2. performance of a contract or steps to be taken at your request prior to entering into a contract, necessary to enter into such, 

you have the right to receive your personal data from us in a structured, commonly used and machine-readable format. However, this right does not apply where it would adversely affect the rights and freedoms of others.

13. If you consider that our processing of your personal information infringes data protection laws, you have a legal right to lodge a complaint with a supervisory authority responsible for data protection. You may do so in the EU member state of your habitual residence, your place of work or the place of the alleged infringement. Our data processing and activities are supervised in the United Kingdom by the Information Commissioner’s Office (www.ico.gov.uk):  Tel: +44 (0)303 123 1113; email casework@ico.gov.uk; address Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF. 
14. To the extent that the legal basis for our processing of your personal information is consent, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing before the withdrawal.
15. In addition to specific measure provided in this clause or the Services you may also exercise any of the rights indicated herein by contacting us by email: support@yojo.health.

8. COOKIES
   
   1. Cookies are small textual files containing an identifier that is sent by a web server to your web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
   2. We will ask you to consent to our use of cookies in accordance with the terms of this Privacy Policy when you first visit our website. We will also ask you for consent for all non-essential cookies (including analytics and advertising cookies) through our cookie management platform in compliance with PECR and ePrivacy Directive requirements. You can withdraw consent at any time via the cookie settings tool.
   3. Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.
   4. Cookies that we use in the Services we use cookies of three main types, for the following purposes:
      
      1. Required cookies: used to ensure proper performance of the Services, security of customers and their data, provision of high-quality services;
      2. Functional cookies: used to enhance the Services user experience, analyse the use of the system and in accordance to such improve the provision of services;
      3. Advertising cookies: used to observe user online behaviour and optimize marketing campaigns according to such information.
   5. We rely on user consent for cookies that are not strictly necessary, as required by UK and EU law. Our cookie management tool allows users to manage their cookie preferences. To the extent that cookie data includes personal data, our lawful basis for processing is either consent or our legitimate interests (e.g., security and fraud prevention).
9. COOKIES USED BY OUR SERVICE PROVIDERS
   
   1. Our service providers use cookies and those cookies may be stored on your computer when you visit or use our Services.
   2. We may use:
      
      1. Google Analytics cookies to observe our website traffic. Cookies used for this purpose help us detect website errors as well as measure website bandwidth. You can view the privacy policy of Google Analytics here;
      2. YouTube cookies to display in our website content uploaded in YouTube. Cookies used for this purpose help us maintain integrity, create informative and dynamic website. You can view the privacy policy of YouTube here ;
      3. X (previously Twitter) cookies to display in our website content posted in X. Cookies used for this purpose help us maintain integrity, create informative and dynamic website. You can view the privacy policy of X here;
      4. DoubleClick cookies to control the display of ads to our users. Cookies used for this purpose help us distinguish users that already use our services and reduce or stop displaying our ads to such users. You can view the privacy policy of DoubleClick here;
      5. Facebook cookies to manage the display of ads to our users. Cookies used for this purpose help us distinguish users that already use our services and reduce or stop displaying our ads to such users. You can view the privacy policy of Facebook here;
      6. Instagram cookies to manage the display of ads to our users. Cookies used for this purpose help us distinguish users that already use our services and reduce or stop displaying our ads to such users. You can view the privacy policy of Instagram here;
      7. TikTok cookies to manage the display of ads to our users. Cookies used for this purpose help us distinguish users that already use our services and reduce or stop displaying our ads to such users. You can view the privacy policy of TikTok here;  
      8. Google Tag Manager cookies to control advertising cookies. Cookies used for this purpose help us properly distribute ads to users. You can view the privacy policy of Google Tag Manager here;
      9. Hotjar cookies to observe how users use our website. Cookies used for this purpose help us observe the performance of the website and analyse how we can improve our website. You can view the privacy policy of Hotjar here;
      10. Visual Website Optimiser cookies that are used for collecting information on how visitors interact with the pages on website. You can view the privacy policy of Visual Website Optimiser here.
10. HOW CAN YOU MANAGE COOKIES
    
    1. Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain up-to-date information about blocking and deleting cookies via information provided in the relevant browser website, for example Chrome; Firefox; Internet Explorer; Safari.
    2. Blocking all cookies will have a negative impact upon the usability of many websites.
    3. If you block cookies, you will not be able to use all the features on our Services. 
11. THIRD PARTY WEBSITES
    
    1. In the Services you may find links to and from partner sites, information sources and related party websites. Please take note that such third-party website that you will visit by clicking on links have their own privacy policies and we take no responsibility regarding such privacy policies. We recommend familiarising with privacy policies of such websites before providing any personal data to such.
12. CHILDREN PERSONAL DATA
    
    1. Our Services and Devices are not directed at, and we do not knowingly collect personal data from, individuals under the age of 18. If we become aware that we have inadvertently collected data from a child under 18 without valid parental consent or legal basis, we will delete such data as soon as possible.
    2. If you are a parent or legal guardian and believe that we may have collected personal data from your child without your consent, please contact us immediately at support@yojo.health. 
13. GENERAL
    
    1. California Privacy Addendum If you are a California consumer or resident, in addition to the information provided in this Privacy Policy, you may have the additional rights and information provided to you under the California Consumer Privacy Act. 
    2. We do not knowingly sell personal information nor share it with third parties for direct marketing purposes. However, if we do so in the future, you will be notified and have the right to opt-out of the “sale” of personal information. 
    3. In the event of a data breach that is likely to result in a high risk to your rights and freedoms, we will notify you and the relevant supervisory authority without undue delay and in accordance with applicable laws, including Article 34 UK GDPR.
    4. We will retain, use, or disclose personal information we collect or process on your behalf, only for the purposes described in this Privacy Policy, and will notify you if this changes.
    5. You have the right to not be subject to discrimination if you exercise any of your rights.
    6. We do not currently recognize or respond to browser-initiated Do Not Track signals. Instructions to enable for the following browsers are here: Chrome,  Firefox,  IE,  Edge,  Safari,  Opera.
14. UPDATING YOUR PERSONAL DATA
    
    1. Please let us know if the personal information that we hold about you needs to be corrected or updated.
15. CHANGES TO THIS PRIVACY POLICY
    
    1. Any changes to this Privacy Policy will be published on our Site and, in case of material changes, we may inform you about such via email or by other means which we will deem the most fitting in a particular case. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your data. If we make material changes that affect your rights or obligations, we will seek your explicit consent where required by law.
16. QUERIES AND CONCERNS
    
    1. We have appointed a Data Protection Officer (DPO) to oversee compliance with this Privacy Policy and data protection laws. If you have any queries or concerns about our Privacy Policy or anything relating to our collection, processing, storage, retention and use otherwise of your personal data, please contact our DPO at: 

Email: support@yojo.health

Address: Kingsview, Brooks Close, Weybridge, Surrey, England, KT13 0LX

‍

‍