Legal
Privacy Policy
Last updated April 4, 2026
This Privacy Policy explains how we collect, use, and protect your personal data when you use the Prio Health website and application.
1. Data Controller
The "Controller" responsible for your personal data under the General Data Protection Regulation (GDPR) is:
Lutz Wenker
Vogtlandstraße 18
49477 Ibbenbüren
Germany
Email: support@liveprio.app
2. Information We Collect
We process personal data that you provide to us directly or that is collected automatically through your use of the website.
Waitlist & Contact Data
When you sign up for our waitlist or contact us, we collect:
- Identification data (Name, Email address)
- Technical metadata (Timestamp, User Agent, IP address — anonymized where possible)
- Consent records (Timestamp of your agreement to this policy)
Apple Health / HealthKit Data
Important: Prio Health does not process Apple Health data in this web product. HealthKit data is only accessed via the iOS mobile application if you explicitly grant permission.
- We do not sell HealthKit data.
- We do not use HealthKit data for advertising or marketing.
- Data resides locally on your device or in your private encrypted iCloud backup unless specific features require temporary cloud processing (which is always disclosed separately).
3. Legal Bases for Processing
We process your data based on the following legal grounds under the GDPR:
- Article 6(1)(a) Consent: For marketing communications (waitlist updates). You can withdraw this at any time.
- Article 6(1)(b) Contract: To provide the services you requested (responding to inquiries).
- Article 6(1)(f) Legitimate Interest: For website security, fraud prevention, and basic performance analytics.
- Article 9(2)(a) Explicit Consent: For any health-related data processing within the mobile application.
4. Recipients of Your Data
We use trusted service providers to operate our platform:
- Brevo (Sendinblue): Email marketing and waitlist management.
- FormSubmit.co: Handling website contact inquiries.
- Cookiebot: Management of cookie consent.
- Hosting Providers: Vercel / Netlify (depending on deployment).
We have entered into Data Processing Agreements (DPA) with these providers to ensure your data is protected according to GDPR standards.
5. International Data Transfers
For some services, data may be transferred to servers outside the European Economic Area (EEA), particularly to the USA.
To ensure an adequate level of data protection, we rely on the EU-U.S. Data Privacy Framework or use Standard Contractual Clauses (SCCs) approved by the European Commission.
6. Data Retention
We store your data only as long as necessary:
- Waitlist Data: Until you unsubscribe or the app launch phase is complete.
- Contact Requests: Deleted 6 months after the final response, unless legal retention (e.g., tax law) applies.
- Log Files: Automatically deleted after 30 days.
7. Your Rights (DSAR)
Under the GDPR, you have the following rights regarding your personal data:
- Right to access (Art. 15)
- Right to correction (Art. 16)
- Right to erasure (Art. 17)
- Right to restrict processing (Art. 18)
- Right to data portability (Art. 20)
- Right to object (Art. 21)
To exercise these rights, please email support@liveprio.app. We will verify your identity before processing requests.
8. California (CCPA/CPRA) Disclosures
If you are a California resident, the following applies:
- Categories Collected: Identifiers, commercial info, internet activity, professional info (for creators), and health info (via app only).
- Do Not Sell or Share: We do not "sell" your personal information. We do not "share" it for cross-context behavioral advertising.
- Retention: Logic matches our global retention policy by data category.
9. Complaint Authority
You have the right to lodge a complaint with a data protection authority. The relevant authority for us is:
Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen (LDI NRW).