Privacy Policy

Last updated: November 28, 2020


  1. Introduction
  2. Your choices and rights: how we give you choice and control
  3. What personal information we collect
  4. How we use your personal information
  5. Who we share your personal information with
  6. How your personal data is protected
  7. What Third Party Services, Cookies, or Analytics does the Website and the App use?
  8. Retaining and deleting your personal information
  9. Children
  10. Changes to this Privacy Policy
  11. How to contact us

1. Introduction

Thank you for choosing to be part of our community at Lilo Health! 

This Privacy Policy describes the most important details about the processing of your personal data by Lilo Health SRL (“Lilo”,"Company", "we", "us", "our"). We are committed to protecting your personal information and your right to privacy. If you have any questions or concerns about this privacy notice, or our practices with regards to your personal information, please contact us at

When you use our website (“Website”) and our mobile application (“App”),  and more generally, use any of our services (the "Services", which include the App and the Website), we appreciate that you are trusting us with your personal information. We take your privacy very seriously. 

In this privacy notice, we seek to explain to you in the clearest way possible what information we collect, how we use it and what rights you have in relation to it. We hope you take some time to read through it carefully, as it is important. If there are any terms in this privacy notice that you do not agree with, please discontinue use of our Services immediately.

We don't sell or rent your personal information to third parties. We don't share your information with anyone unless instructed by you.

2. Your choices and rights: how we give you choice and control

You can choose not to provide us with personal data

If at any point you decide to do this, you can continue to visit our Website and use the App, but we will not be able to provide you with services, even if you have already paid for them.

You can choose to turn off cookies in your browser settings

If you decide to turn off cookies, you can continue to visit our Website, but our online services might be less effective.

You can choose for us not to use your personal information for marketing purposes

We will ask for your consent to use your personal information for marketing purposes when you register for our Services, but you can choose to refuse your consent. If you have given your consent and want to retract it, you can either unsubscribe to the communications or opt out by contacting us at

You have the right to request that we:

  • Update any personal information which is out of date or incorrect; 
  • Delete any personal information which we have collected about you;
  • Restrict the way that we process your personal information;
  • Provide you with a copy of any personal information which we have collected about you

3. What personal information we collect about you 

Personal information is the term we use to describe information which we collect and which can be used to personally identify someone. For example, a name, a personal address or even an IP address.

Here is a list of the types of personal data we collect:

Information we collect automatically when you visit our Website

  • Technical information - such as your IP addresses, domain names, the country you’re visiting from, your browser type and version, time zone setting, operating system and platform.

  • Information on your visit - such as the full URL clickstream to, through and from our Website (including date and time), length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs) and methods used to browse away from the page.

Information we collect when you register to create a Lilo One Health Account and by use of our Services under this account

When you register to create an account in the App, you will submit your email address and select a plan you want to follow. Your payment will be fully processed by your App Store Provider (e.g. iTunes App Store for iPhones and Google Play Store for Android users).

You may choose to provide us with a variety of information within different features of the app and which can provide you with additional functions, including advanced personalisation:

  • Your age and gender
  • Your physical condition, medications taken, test results ("Medical data")
  • Information related to your physical or physiological behaviour
  • Information about your preferences based on your use of the Service as well as your responses to Polls, question pool that aims to personalise the App experience
  • Information about your use of the App, including the date and time of assignments, your Behaviour Score(s) assessment, the history of your plan choices and feedback during the “weekly meetings with Lilo Health Assistant”, and generally your interactions with the App.

Any contact information we collect during the account creation (e.g. email, phone number) will be separated from the rest of the data collected from you through the App using pseudonymisation. 

Please remember that if you choose to withdraw your consent to our processing of these categories of information, we will be unable to provide our services to you.

Information we collect from other sources:

You may choose to provide us with access to certain personal data stored by third parties. The information we have access to varies by site and is controlled by your privacy settings on that site and your authorisation. You may (and in order to use certain services may be required to) share information about or give us access to additional third-party websites or services. Should you do so, you agree that we may collect, store and use this information in ways consistent with this Privacy Policy.

  • Information from Social Networking Sites and Mobile App Providers. Our Services include interfaces that allow you to connect and authenticate with social networking sites and/or mobile app providers, such as Google, Apple or Facebook. If you connect to such sites and/or providers through our Services, you authorise us to access, use and store the information that you agreed such sites and/or providers could provide to us based on your settings on that site and/or provider. We will access, use and store that information in accordance with this Privacy Policy. You can revoke our access to the information you provide in this way at any time by amending the appropriate settings from within your account settings on the applicable site and/or provider.

4. How we use your personal information

We only ever use your information in line with data protection laws - in particular, the EU General Data Protection Regulation, otherwise known as GDPR. In short, this means we only use it where we have a legal basis to do so. These are the general legal basis for which we use your information:

  • Consent - you have given clear consent to us to process your personal information for a specific purpose.
  • Our contract - processing your personal information is necessary for a contract you have with us, or because we have asked you to take specific steps before entering into that contract.
  • Legitimate interests - processing your personal information is necessary for our legitimate interests or those of a third party, provided those interests are not outweighed by your rights and interests.

Why do we process your personal data (“purpose of processing”):

  • To provide you with the Service and personalise it 
  • To understand, diagnose, troubleshoot and fix problems with the Service
  • To analyse for the purpose of operation, security and optimisation of our Services
  • To develop and evaluate new features, technologies and improvements to the Service
  • For marketing, promotional and advertising purposes
  • To comply with the legal obligations and requests from law enforcement authorities
  • To comply with contractual obligations we have to third parties, such as under license agreements, and to respond appropriately to reports of intellectual property infringements or unauthorised content.
  • To establish, enforce, or defend against legal claims
  • For business planning, reporting and forecasting
  • For research, contests or surveys

5. Who we share your personal information with 

In Short:  We only share information with your consent, to comply with laws, to provide you with services, to protect your rights, or to fulfill business obligations.

Personal data that you can share yourself

You may decide to share certain information & readings, for which you are in full control:

  • Medical data, submitted by you through the use of the App, to anyone you deem relevant via text export directly through the App
  • Medical data, your full name, age and gender, behavioural data & data on how you use the App, submitted by you through the use of the App, to the doctor of your choice through the App via a Lilo Doctor Code. All doctors and their identity is first verified by Lilo Health SRL before we generate a dedicated Lilo Doctor Code. By the use of the Lilo Doctor Code, you consent to sharing information with the doctor of your choice.

Information we may share

Buyers of our company

We share your personal data with buyers or potential buyers when we negotiate or sell our business. In that case, Lilo will continue to ensure that your personal data remains confidential and Lilo will notify you before your personal data is forwarded to the buyer or before another Privacy Policy becomes applicable to your personal data.

6. How your personal data is protected

In Short: We aim to protect your personal information through a system of organisational and technical security measures.

The security of our users' personal data is an utmost priority for us. We have taken appropriate technical and organisational measures to protect your personal data. However, we cannot guarantee a complete protection for data transmitted to us against all dangers at all times, because information via the internet is not completely secure. The Website is operated through a safe SSL-connection. If a SSL-connection is activated, third parties are prevented from reading any data that are transferred by you to us. 

We have implemented a variety of pseudonymization, encryption, access and data retention policies to protect your data that you submit to us via the App from unauthorised access as well as unnecessary retention of personal data in our systems (for details in Section 8 “Retaining and deleting your personal information” of this Privacy Policy).

Your password is an essential part of the security of your Lilo account, so we recommend that you choose a strong password that you only use for your Lilo account, do not reveal this password to anyone, and access only through a secured network. 

7. What Third Party Services, Cookies, or Analytics does the Website and the App use? 


In order to offer you a convenient online service featuring numerous functions, our Website uses text files (“Cookies”) containing information to identify returning visitors for the time of their visit to our Website. Cookies are usually saved on your device and do not cause any harm. Cookies facilitate the transfer of specific content, such as entering data, which has already been supplied, and help us identify popular sections of our Website. The processing of data when using Cookies is based on our legitimate interests of a statistical analysis of the User relationship for marketing and quality assurance purposes according to Art. 6 (1) f. GDPR.

OPT-OUT: You can deactivate the use of Cookies in the settings of your browser at any time. To find out how to change the settings, please consult the help function of your browser.

Processing your Payment 

Any payment card information you use to make a purchase on the Service is collected and processed directly by our payment processors, such as Stripe.

Your payment will be processed by Stripe, who collects, uses and processes your information, including payment information, in accordance with their privacy policies. You can access their privacy policy via the following link: Stripe’s services in Europe are provided by a Stripe affiliate—Stripe Payments Europe Limited (“Stripe Payments Europe”)—an entity located in Ireland. In providing Stripe Services, Stripe Payments Europe transfers personal data to Stripe, Inc. in the US. 

Use of Google Firebase for the App 

In order to track information related to the use of the App we use the tool “Google Firebase”, a real-time database offered by Firebase Inc., a company related to Google LLC, Mountain View, CA, USA (“Google”). Google Firebase is a real-time database, which may embed real-time information on our App. Data (such as device information, gender, age) are hereby only transferred and used in anonymised form to Firebase to servers that are for example located in the USA. Google LLC, USA is certified according to the EU-US agreement “Privacy Shield”, which guarantees the level of data protection applicable in the EU. The data processed by Google may be affected by an automated decision making via “profiling”. The privacy policy for Firebase is available at

Use of Google Analytics for the Website

We use the tool “Google Analytics” in order to study usage-related trends, to distribute advertisements that are optimised for the user, and to measure the results generated by published advertisements. The data collected with the use of Google Analytics is managed in accordance with Google’s privacy policy, which is available at

Use of Cloud Firestore 

We use Cloud Firestore, a cloud database operated by Firebase Inc., a company related to Google LLC, to store data. All data is stored on servers located in the European Union (Frankfurt, Germany). For more information on privacy and the security of the data collected with the use of Cloud Firestore, please visit

8. Retaining and deleting your personal information 

In Short:  We keep your information for as long as necessary to fulfil the purposes outlined in this privacy notice unless otherwise required by law.

We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy notice, unless:

  • a longer retention period is required or permitted by law (such as tax, accounting or auditing obligations, we will retain necessary personal data for as long as necessary under applicable law). 
  • there is an issue with your account that has not yet been resolved, such as an open invoice on your account or request that has not yet been fulfilled or a dispute that has not yet been resolved, we will retain the necessary personal data until the problem is resolved

If you request deletion of your data, we will delete your personal data within 30 days from your request. You can request so by sending an email to

9. Children 

In Short:  We do not knowingly collect data from or market to children under 18 years of age.

We do not knowingly solicit data from or market to children under 18 years of age. By using the App, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor dependent’s use of the App. 

If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. 

If you become aware of any data we may have collected from children under age 18, please contact us using the contact details in the Section 11 “How to contact us”.

10. Changes to this Privacy Policy

In Short: Yes, we will update this notice as necessary to stay compliant with relevant laws.

We may amend this Privacy Policy from time to time.

When it comes to significant changes to this Privacy Policy, we will notify you via a clear and context-appropriate notification within the App, or by sending you an email or push notification. We can also notify you in advance. Therefore, make sure you read such notifications carefully.

11. How to contact us 

Thank you for reading this Privacy Policy. If you have questions or comments about this notice, you may contact our Data Protection Officer (DPO). You can reach them by sending an email to, or by post to:

Lilo Health SRL

Avenue Aviateur de Caters 13

1310 La Hulpe


Lilo Health SRL is the data controller for the personal data processed under this Privacy Policy.

We hope you enjoy our Lilo Service!

© Lilo Health SRL.