Privacy & Policy
Optimal Innovation Group Inc. (”OIG” and “we”), which owns and operates the Healthyher.Life community platform and marketplace websites (“HHL” and also the “Hub”), is committed to safeguarding your privacy.
Personal information we collect and what we use it for
We collect personal information for the purposes set forth below.
Customer Contact (“Members”) and authorized users
The information we collect from our Customer Contacts (“Members”) and authorized users who have access to use our Services includes limited personal information about you, such as your name, email and in some cases phone number, title(s), employer name(s), mailing address, credit card information for purchased Services, and any other personal information that you choose to provide to us to obtain the Services, or any other information which you communicate to us by email or any other form of communication. We also collect your IP Address, geographical location and track your information about your use of our Services. We track session information regarding your use of the Services.
The purpose for which we collect information from our Members and authorized users is to administer and support the delivery contracts and relationships we have with you or your employer and the authorized users of and Members who subscribe to our Services. We use this information to provide updates about these Services, to monitor compliance with the terms on which we offer our Services, to enable third parties to provide services related to our provision of Services to our Members and authorized users, to improve the Services, to provide you relevant HHL content, to deliver support related to the Services to you or your employer, to manage billing and other customer inquiries, send you information about other products or services that may be of interest to you. We may provide personal information to any competent legal or regulatory body in accordance with applicable law and regulation. We may provide personal information to a potential buyer or target (and to their or our agents and advisers) in connection with any proposed transaction involving all or any part of our business. If such a change happens to our business, the buyer or target will use your personal information in the same way as set out in this Policy or will inform you about how it will use your personal information as required by applicable law.
If you are accessing the Services, including our websites, the information we collect may include name, IP, physical and email addresses, phone number(s), unique advertising identifier and mobile device type, cookies and other trackers, non-cookie identifiers, browser data, and any other information you choose to share via an online Member registration, submission form or purchase transaction form. We also collect information about your use of the Services and web-browsing activities and what newsletters or other communications you agree to receive following your visit to the Services, including any of our websites.
We use the personal information (and any preferences indicated by you, where appropriate) to send you the data, tools and other information you have requested, to inform you about products and services we offer, to improve the Services, and, in some cases, to directly or indirectly provide you with third-party advertisements across your devices and sites you visit which may be of interest to you and may be based on any preferences you have indicated in your registration or request form.
OIG Vendors and Suppliers
We collect limited personal information from vendors and suppliers to OIG and the HHL website, such as name, email and in some cases your IP address, phone number, and postal business address, or other information you provide to us by email or any other method of communication, as a contact for the supplier of the business products and services being provided to OIG and HHL.
We use the personal information to administer and support the contracts we have with you. We also may use this information to improve the Services for our Members and authorized users, to contact you for purposes of dealing with support, billing and other inquiries about your products and services.
If you are accessing the Services to inquire about employment with OIG or HHL, the information we gather may include, but is not limited to: your name, physical and email addresses, and phone number(s) and if you are submitting an employment application and related information through the Services, your user name/password and any additional employment-related information that you choose to provide.
We use this information to process and manage your application for employment with OIG or HHL and may use the information to improve the Services.
We may collect your name, physical and email addresses, phone number(s), current and previous employers, current and former job titles, investment details, biographical information, gender, and educational history.
Links to other website
OIG and the HHL site may provide links to other websites from the Services. We encourage you to read those websites' individual privacy policies before providing any of your personal information to them. OIG is not responsible for those websites, their policies or practices.
Personal information: How long we keep it
OIG retains personal information only for as long as necessary for the uses we have set out above. Individual jurisdictions have different regulatory and legal retention requirements and OIG is bound to keep certain personal data in accordance with these requirements.
Personal information: How we store and process it
All personal information we gather from you may be processed and stored in any one of our locations and may subsequently be transferred to other countries for further processing, storage, or use by either OIG or third-parties on OIG’s behalf. Our staff who need to access personal information to perform their roles will have access to it and have agreed to comply with OIG’s policies on data protection.
OIG also uses a number of third-parties to provide services on its behalf. These services may include, but are not limited to, handling, processing and delivery of digital content by email, providing customer support, hosting websites, processing transactions, performing statistical analysis of our Services, and providing systems and software for administrative functions, such as sales processing, accounting and finance management, and procurement. In such cases, OIG remains the controller of the personal data, and the third-parties are only permitted to process the data in accordance with our instructions, and in compliance with all applicable data protection regulations in relation to their processing activities. For example, OIG utilizes a website hosting service provider with data servers located in the USA from Amazon Web Services (AWS), Google Cloud, and Equinix to host our website and to store our user data. OIG’s website host is also the Merchant & Service Provider for OIG and is certified as ISO 27001, ISO 27018, ISO 27701, and ISO 27017 compliant; copies of the website host provider’s certifications can be found here. Further, AWS utilizes EU Model Contract Clauses and maintains ISO27001 certifications and policies, as well as additional security measures. By using our website, you understand and agree that your personal information may be stored in any or all AWS, Google Cloud and Equinix servers residing in the USA.
OIG’s website host service provider ensures the end-to-end encryption for all Member and authorized users data at rest, in transit and in backups. For users’ data, the following provisions are in place:
PII data is encrypted at rest within the production database using AES 256-bit encryption.
Data is also encrypted at rest within all backups, including the DR backup.
Customer data in transit between the application and the client interface is encrypted using Transport Layer Security (TLS) 1.2 or later.
Protection of your personal information
We have technical and organizational security measures in place reasonably designed to protect against unauthorized access to, or unauthorized alteration, disclosure, or destruction of personal information. The security measures we use are appropriate to the nature, scope and purpose for which we use the personal data we collect. We require our third-party service providers to have appropriate security measures in place as well. Our measures include internal reviews of our data collection, storage, and processing practices and security measures, as well as physical security measures to guard against unauthorized access to systems where we store personal data. Our website host service provider honors the rights of individuals as outlined in worldwide privacy regulations, has ensured to OIG that its services and documentation meet standards and comply with key privacy regulations, including:
The EU’s General Data Protection Regulation (GDPR).
The California Consumer Privacy Act (CCPA) in the United States.
Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA)
Israel’s Protection of Privacy Law
We have processes in place related to complying with data subject requests and to provide notices as required under applicable law, to address complaints and to comply with breach reporting procedures and incident management plans. OIG networks are protected by industry-standard firewall and password protection systems. Our security and privacy policies are periodically reviewed and enhanced as necessary. Further information on our security and incident management is available from firstname.lastname@example.org .
Necessary cookies - Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.
Functional cookies - Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.
Clients & Suppliers
If you need to update your personal information or make a data subject request, please email us at email@example.com . Your email will be directed to the correct OIG team to take action with respect to your request.
If you need to update your preferences or personal information or make a data subject request, you need only email us at firstname.lastname@example.org or follow the instructions contained in any email we have sent to you to unsubscribe or change your preferences.
Exercise of Privacy Rights
We won’t discriminate against our customers who choose to exercise their rights to access, control, or delete their personal information. Some of our Services, however, may require your personal information. If you choose not to provide your personal information, you may not be able to use those Services.
What about children's privacy?
OIG does not separately identify, knowingly collect or intend to collect, any information that is specific to children.
What is a Data Subject Request?
OIG believes all users should have control over their personal information. If a Member or Authorized user of the HHL site (the Hub) wishes to receive a copy of their data, or to delete or request that corrections be made to their personal information, they may do so by contacting OIG at email@example.com . We respond to such requests in compliance with applicable law.
Last updated: October 2023