Privacy Policy of the Koa FoundationsWebsite

We know your privacy is important to you. It's important to us too.

This Privacy Policy applies to any collection and/or processing of personal data (hereinafter “Personal Data”) performed as a result of your use of the Koa Foundations website. Any personal data collected through the Foundations app itself, would be subject to the specific Privacy Policy of the Foundations app.

Please read this privacy policy (“Privacy Policy”) to understand more about:

1. Who collects, controls and process your personal data?

Koa Health B.V. (hereinafter “Koa”), a company registered in the Netherlands (registered number 78707838) with registered address at Prins Bernhardplein 200, 1097 JV, Amsterdam, The Netherlands.Koa is the Data Controller of all Personal Data collected through the App. Koa will not share your personal data with any other Data Controllers. Only Koa and its sub processors, following its instructions, will have access to your personal information as described in this Privacy Policy.

Where the App is offered by an employer (Customer) to its employees, Koa may provide aggregated insights related to usage of the App, so that they can understand its impact. For example, we may provide information on what percentage of people who used the App have found it to be beneficial. These insights will never include personal information and your employer will not be able to know your name, email address nor see any raw data you have entered into the App.

Koa may choose to conduct a study with invited users. In this case, users will be invited by Koa or a third-party agency and Koa will process personal data of those participants following the same purposes described in this Policy.You can contact Koa at privacy@koahealth.com for any privacy related matter. The Data Protection Office contact for Koa may be contacted at dpo@koahealth.com.

2. Why do we collect personal data about you and what do we do with it?

Inviting you to use Koa Foundations or any other new product that might be of interest

If you sign up on the website to register your interest in the app, we will process your personal data to send an invitation to use the app. We may retain your personal data for some time (see section 5) in order to invite you to try other new products from Koa Health.

Sending you information for your company about Koa Foundations or any other new product that might be of interest

If you sign up on the website to register your company’s interest in the app, we will process your personal data to send you relevant information about the App. We may retain your personal data for some time (see section 5) in order to invite you to try other new products from Koa Health. We may use third party services (such as Mailchimp or Typeform) to facilitate communication such as promotional emails.

3. What personal data do we collect about you and how?

When you sign up on the website to register your interest in the app, we might collect:

  • Email address
  • Name
  • Company
  • Job title
  • Contact Details

We collect through cookies (read our cookies policy) the following information:

  • User activity in the web page; Frequency of access to the web page, time spent in the web page, interaction with third party services through the web page.

4. Do we share personal data about you with others?

We do not share any personal information about you with other Data Controllers. We may share some of your personal data with service providers for specific activities such as hosting (e.g. AWS) or analytics (e.g. G Analytics). For more information, please read our cookies policy.

We only authorize our service providers to process your information following our instructions. We make sure that our service providers erase all your personal information right after their services are finished. Some of our service providers may be located outside the EEA, including in countries (such as the United States) whose level of data protection may not be the same as that of the country of origin of our customers. We take the appropriate measures to ensure those providers comply with EEA standards in every processing of personal data they perform on our behalf, by requiring guarantees such as Standard Contractual Clauses or Privacy Shield certificates.

Internal team members shall process your personal data following professional responsibilities and contractual obligations only for the purposes established in this Privacy Policy. We take appropriate measures to guarantee the fair and confidential use of all personal data by our employees.

5. How long do we keep your data?

We may retain your personal data for different periods of time, depending on the type of data involved and the purposes of the processing, but generally, following these criteria:

  • We will erase any of your data collected from the website after 12 months from last opening any email we sent you.
  • We will also erase or stop processing your data if you withdraw consent or require us to do so. In these cases, we will erase your data or anonymize it in such a manner that is no longer identifiable.

The data protection laws give you a series of rights regarding the personal information that we manage about you. Specifically, the rights of access, rectification, erasure, limitation, objection, portability, as well as not being subject to automated decisions and to remove your consent at any time.

You can exercise these rights by contacting us at privacy@koahealth.com, using if possible the same e-mail address with which you registered in the App and identifying the right you want to request. In the event that you decide to exercise one of these rights through a representative, it will be necessary to provide with the request, the documentation that proves this condition.

If you feel your data privacy rights have been breached, you also have the right to file a complaint with a Data Protection Control Authority (e.g., the Information Commissioner’s Office).


In order to register and use our services you must be over 16 years old. Therefore, by signing up you confirm that you meet this condition. We may contact you to confirm this. We do not knowingly collect information from those younger than 16 years. If you are a parent or guardian and believe that your child has used the application you may contact us at privacy@koahealth.com and we will respond promptly.

7. How do we keep your data safe?

Koa Health is responsible for ensuring the security, integrity and confidentiality of your personal information. Therefore, as part of our commitment and in compliance with current legislation, we have adopted the most demanding and robust security measures and technical means to prevent their loss, misuse or access without your authorization.

We protect all communications between the applications, website and the servers in line with best practice by using TLS for encryption and server authentication. We use ISO 27001 certified systems in order to protect your registration information including email and password. We store your personal data in an encrypted database.

Also, we promise to act quickly and responsibly in the event that the security of your data may be in danger, and to inform you if necessary.

Effective From: November 5, 2020