Privacy English

Respect for your privacy is essential for ekilu so we want to inform you with total transparency of the treatments we can perform with your personal data and how we protect your personal information, so that you can make decisions about it. Therefore, we ask you to spend a few moments reading this Privacy Policy.

This Privacy Policy will be updated properly in your case, but every time we make a change we will inform you and publish it on our website https://ekilu.com so that you know it at all times.

Last update: March 07, 2024

What does this policy contain?

At ekilu we take the privacy of your data very seriously, as well as the transparency about how we collect, use and, where appropriate, share information about you. This policy complies with current regulations on data protection and privacy, and is organized to help you understand:

The legal basis that allows us to process your data
What data we collect
How we use the data we collect
How we share the data we collect
How we store and secure the data we collect
How you can access and control your data
Other relevant privacy aspects

This policy explains your rights regarding the processing of your data. These rights include the right of access, rectification, deletion, limitation, opposition and portability in relation to your personal data, in accordance with the provisions of the law.

By accepting this policy you are giving your express consent for the collection and processing of your data, for the purposes set forth herein, and under the conditions described below.

The data will be maintained for the period necessary to fulfill its purposes and, in any case, up to 5 years since the last activity of the user.

If you have doubts or do not agree with this policy, we ask you to cease access to our services and contact us at privacidad@ekilu.com.

The legal basis that allows us to process your data

The main objective of our Privacy Policy is to guarantee full compliance with current regulations regarding data protection and privacy and security in the processing of your personal data. Therefore, ekilu collects and uses your data only when it has the legal basis to do so, under the laws applicable in the European Union. This means that we collect and use your data only when:

We need it to be able to provide our services, including the personalization of our services, the operation of our services, the security of our services and the attention to you as a customer.
It satisfies a legitimate purpose that is not in opposition to your data protection rights, for example, for the research and development of new functionalities in our services.
You have given us your consent for a specific purpose.
It is necessary to comply with a legal obligation.

What data we collect

Data that you provide us

We collect data about you when you enter them on our website or app by creating or modifying your user profile, entering your food preferences or making a purchase with us. For example, we collect your contact information, such as your name and email.

It may happen that the user does not provide us with the requested data or provides it incorrectly. In these cases we could be unable to provide the service or consideration properly. Therefore, we want to remind you of the importance of the truthfulness and accuracy of the data entered.

Data we collect automatically when you use our services

We collect some data when you use our website and app, including browsing data, data from your devices and connection, and actions you perform within our website or app. For example, if you connect from a mobile, tablet or desktop computer, your IP address or language preferences, or your operating system, in order to provide you with a better user experience.

We also use cookies to recognize you from different devices and between different sessions, and adjust the user experience to your preferences. For more information, check our Cookies Policy.

Data we receive from other sources

We receive data from other sources when you link a third-party service to your user profile. For example, when you create a new account or login to your account through your Facebook profile, we receive your name and email to authenticate, according to your Facebook profile preferences.

How we use the data we collect

Below we explain the specific purposes for which we use the data we collect.

To provide our services and personalize your experience

The main purpose for which we use the data we collect is to provide our services and personalize your experience.

When we talk about providing our services we mean to authenticate you when you log in to your user account, filter your searches so as not to show you recipes with the ingredients that you have told us that you dislike or those to which you have intolerance or allergy, or save your recipes Favorites in your profile.

When we talk about personalizing your experience, we talk about making you the recommendations of recipes, tips or related products that are most relevant to you, depending on your goals, preferences and usage pattern of our website or app.

For this purpose, we automatically prepare a user profile, where we complement your registration data with other relevant data about your preferences and interests, such as your usage data from our website or app.

To promote the use of our services

ekilu has the authentic purpose of getting you and our entire generation to eat better.

We know that making the food choices that suit you best is a daily challenge, since healthier choices are not always our natural inclination. In addition, generating healthy eating habits and, in general, healthy living habits are not achieved overnight.

From ekilu we believe that reminders, whether in the form of notifications to your mobile, to your computer, or via email, are a fundamental part of our service, as they are key to helping you create and maintain such healthy eating habits.

Therefore, when you provide ekilu with your contact information, you agree that we can use them so that ekilu or an external company of our maximum trust with which we collaborate, can send you this type of reminders and any type of commercial communication related to ekilu, with the purpose to promote the use of our services and that you achieve your goals of eating better.

However, at any time you want you can unsubscribe from our commercial communications by email, from the link that appears in the same email, or by contacting us at hello@ekilu.com. Also, you can decline to receive notifications on your mobile device or desktop computer, from the preferences of those devices.

To communicate with you

We use your contact information to send you communications via email, such as confirmation of the creation of a new account, your password recovery request, service updates, security alerts, or administrative messages.

We also use your contact information to respond to your requests for help or to your feedback messages and suggestions about our services.

For advertising and promotions relevant to you

We share some data anonymously with our advertising and commercial partners in order to Serve you advertising and product promotions that are relevant to you. We promise to do it respecting the strictest privacy regulations.

For research and development

At ekilu we are constantly looking for ways to improve our services and make them more useful, fast, smart and safe for you.

We use aggregated information on the use of our website and app to understand how our services are used, and identify trends and usage patterns, and define from that understanding the developments that we must make in our services.

How we share the data we collect

We share information that we collect with some service providers that help us operate, improve and promote our services. Within this group we include web and app development providers, advertising providers, hosting services, data storage and processing, virtual infrastructure (cloud), data analysis and backup.

If a service provider has access to information from our users, it is done through a service provision contract that offers the guarantees to comply with the law, and under strict compliance with the corresponding privacy procedures and policies that ensure protection of the information of our users.

How we store and secure the data we collect

We use virtual data storage and processing services, with proven solvency in the medium and in line with industry standards. Whenever within our reach, we prioritize the location of these services in the European Economic Area. In some cases where this is not possible, for example with services from companies located in the United States, we ensure that the location of these services is in countries included in the list of countries with adequate level of protection of the Spanish Agency for Protection of data.

We implement all the security measures that are within our reach to protect your data:

Identification and control measures for data access, including password control
Update measures of computers and devices with access to data
Antivirus update measures on computers and devices with access to data
Firewall security measures on computers and devices with access to data
Periodic data backup (back-up)
Periodic verification of security measures

Periodic verification of security measures

Below we explain your rights in relation to your data, and how to exercise them.

As a ekilu user you have the possibility to exercise your rights of access, rectification, deletion, limitation, opposition and portability in relation to your personal data, in accordance with the provisions of the law.

We want to explain in a brief and simple way the rights in terms of data protection that assist you and how you can exercise them:

Right to request access to your personal data. You can directly access your data by logging into your account using your email and password. You have the right to request a copy of the personal data that ekilu keeps you via email privacy@ekilu.com.

Right to request rectification. You have the right to rectify information stored about you if it is not accurate. If the information we store needs to be updated, or you think it may be wrong, you can do so by logging into your user profile by logging into your account using your email address and password, or send us an email atprivacy@ekilu.com.

Right of deletion, also known as “right to be forgotten”: You have the right to the deletion of the personal data that concerns you when the causes provided by law concur. These data will only be kept blocked and accessible to certain people in the event that we need them to meet any legal claim or obligation. To request the exercise of the right of suppression send us an email through the email privacy@ekilu.com.

Right to request the limitation of the treatment: You have the right to request the limitation of the processing of your data through the email privacy@ekilu.com.

This right can be exercised in certain circumstances such as:

that you inform us of the inaccuracy of your personal data, during the period we need to verify their accuracy.
that the treatment is illegal and you do not want us to erase your personal data.
that you have opposed any treatment that ekilu performs based on legitimate interest, during the term we need to verify that your right prevails over said interest.
that ekilu no longer needs the personal data for the purposes of the treatment, but you need them for the formulation, exercise or defense of claims.

Right to object to treatment. You have the right to object to the processing of data that concerns you, at any time, as established by law.

Right to data portability. You have the right to receive the data that you have provided to us in a structured format, for common use and mechanical reading, and to transmit them to another person responsible for the treatment without being prevented by ekilu, when the treatment is based on consent, and is carried out by automated means.

By exercising your right to data portability, you will have the right to have personal data transmitted directly from responsible to responsible when technically possible.

You can contact us through the email privacy@ekilu.com.

In addition to the specific means established for each right, you can exercise your rights of access, rectification, deletion, limitation, opposition and portability in relation to your personal data, by writing to NOODDLE APP, S.L. with the reference “Data Protection”, to Bilbao street, 12 Duplicate, office nº 5, 50.004, Zaragoza, Spain.

In any case, if you consider that ekilu does not comply with the applicable legislation, you have the right to file the corresponding claim with the supervisory authority.

Other relevant privacy aspects

Data from HealthKit:

Our app will not use information gained through the use of the HealthKit framework for advertising or similar services.
We will not disclose any information gained through HealthKit to a third party without express permission from the user. Even with permission, would only share information to a third party if they also provide a health or fitness service to the user.
We will never sell information gained through HealthKit to advertising platforms, data brokers, or information resellers.
If the user consents, we may share their HealthKit data with a third party for medical research.
We will not use information gained through the use of the HealthKit framework for marketing purposes (for example, sending marketing emails, or providing offers to the user)
We will only use HealthKit data to show user progress within the app.

Data from Google Fit:

We won't use Google Fit APIs to sell information to third parties, such as advertising platforms, data brokers, or any information resellers.
We won't disclose information obtained through Google Fit APIs to third parties in violation of this policy.
We won't use Google Fit APIs for applications, services, or features designed to collect or combine user data for human subjects research, medical research, or any other similar research overseen by an Institutional Review Board or Ethics Committee unless we receive prior written approval to such use from Google.
We won't use Google Fit APIs for any purpose or in any manner involving Protected Health Information, as defined by the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations ("HIPAA") unless we receive prior written approval to such use from Google.
We won't use Google Fit APIs with any product or service that may qualify as a medical device pursuant to Section 201(h) of the Federal Food Drug & Cosmetic Act if the user data will be used by the medical device to perform its regulated function.
We will only use Google Fit data to show user progress within the app.

Privacy Commitment Regarding Health Connect Data:

Our application integrates with Health Connect to enhance your experience and provide you with personalized health insights. In doing so, we are committed to protecting your privacy and ensuring the responsible handling of your data. Below are our promises to you regarding the use of Health Connect data:

No Sale of Information: We guarantee not to sell any information obtained via Health Connect to third parties. This includes, but is not limited to, advertising platforms, data brokers, or any entities dealing in the resale of information.
Third-Party Disclosure: We pledge not to disclose any data acquired through Health Connect to third parties in a manner that violates this commitment.
Research Usage: Our use of Health Connect is not for applications, services, or features aimed at collecting or aggregating user data for human subjects research, medical research, or any research activities governed by an Institutional Review Board or Ethics Committee, without explicit prior written consent.
Protected Health Information: We will not use Health Connect for purposes or in any manner that involves Protected Health Information (PHI), as outlined by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and its implementing regulations, without obtaining prior written approval.
Regulated Medical Devices: Our application does not use Health Connect data in conjunction with any product or service that could be classified as a medical device under Section 201(h) of the Federal Food, Drug, & Cosmetic Act, in instances where user data contributes to the medical device's regulated functions.
Purpose of Use: The data from Health Connect will solely be utilized to display user progress and achievements within our application, enhancing user experience by providing personalized health insights.

By setting forth these commitments, we aim to transparently communicate our data handling practices and assure you of our dedication to privacy and data protection. Our use of Health Connect data is designed with your best interests in mind, focusing on delivering value without compromising your privacy.

Other:

As explained in our document entitled "Terms and Conditions", the website https://ekilu.com, and its app version, is owned by NOODDLE APP, S.L. This company is responsible for the processing of your personal data.

NOODDLE APP, S.L. is domiciled at Bilbao street, 12 Duplicado, office nº 5, 50.004, Zaragoza, Spain, and is registered in the Mercantile Registry of Zaragoza, volume 4423, folio 168, page Z-65929.

You can go to this address with the reference "Data Protection", for any matter related to it.