Skip to content

Privacy Policy

  1. Objective

This policy applies to all processing of personal data carried out by Spindle Health and has the objective of informing the user regarding the way in which Spindle Health carries out the processing of personal data (including details of the type of personal data collected and the purpose of processing) and regarding the rights of the user in relation to their personal data.

  1. Contact – How can I contact?

In case of having any questions about the Privacy Policy, the user can contact Spindle Health through the following means:

  • Headquarters are located at: 5221 Franconia Rd Unit 10106 Alexandria, VA 22310
  • Contact phone number is: 703-261-4184

The user may establish direct and effective communication with Spindle Health by written communication sent to any of the indicated addresses or also by sending an email to the address: info@spindle.health
In addition, information of the officer in charge of processing your personal data is listed below:

  • Trade name: Spindle Health
  • Identity of the controller: Spindle Health, Pllc
  • Address: 5221 Franconia Rd Unit 10106 Alexandria, VA 22310
  • Email: info@spindle.health
  1. Processing identification – How do we collect personal data?

In compliance with current regulations on the protection of personal data, especially:

  • Regulation (EU) 2016/679 of the European Parliament and Council, dated April 27, 2016 on the protection of natural persons regarding the processing of personal data and the free circulation of these data (hereinafter, the ‘GDPR’).
  • The Virginia Consumer Data Protection Act (VCDPA).

Spindle Health collects personal data in its possession when the user:

  • (i). completes the forms of https://spindle.health (‘Site’);
  • (ii). subscribes to the newsletter;
  • (iii). answers a poll or completes a web form;
  • (iv). completes a printed form;
  • (v). sends an email or communicates by phone, which are then loaded in the corresponding forms;
  1. Personal Data Collected – What personal data do we collect?

Spindle Health collects information when visiting their web page, and mainly by completing its registration forms.

The following data is collected: full name, email and phone number.

As a rule, when personal data is requested to use a service or access certain content, its delivery will not be mandatory, except for those cases where it is specifically indicated that it is data required for the provision of the service. In this case, the user may freely choose not to register and/or not to contract the services.

The user declares and guarantees that all the data provided by him are true and correct and undertakes to keep them updated. The changes may be communicated to the Data Protection Delegate or to the address indicated in Section 2 hereof.

Likewise, the user acknowledges that the data required by Spindle Health are necessary, adequate, and not excessive to carry out the purposes expressed in Section 5 hereof, which would be impossible to fulfill if said data are not provided.

Any false or inaccurate statement that occurs as a result of the information and data given, as well as the damages that such information may cause, will be the responsibility of the user.

  1. Purpose – What do we use personal data for?

The personal data requested to the user will be used for the following purposes:

  • To provide our Service and fulfill your requests. We use your information to provide and maintain our Service, to process and fulfill your requests, to communicate with you about your use of our Service or changes to our Service, to respond to your inquiries, and for other customer service and business administration purposes. For example, when you enroll in a newsletter, we may use your personal information to deliver that newsletter to you.
  • Identification and authentication purposes. We may use your information for identification and authentication purposes. For example, when you enter your account login ID and password to enter one of our registration or login portals, we use your login credentials to authenticate your identity.
  • Personalization. We use your information to tailor the content and information that we may send or display to you, to offer location customization, and personalized help and instructions, and to otherwise personalize your experience while using the Service. For example, if you allow us to collection geolocation data, we use this information to deliver content that is around your specific location and identify business location/listings around your location.
  • Marketing and promotional purposes. We may use your information to send you news and newsletters, event updates, and to communicate with you about new features, offers, events, or products, or to otherwise contact you about information we think may be of interest to you. We may also use your information to display advertisements to you on our site (including to sell advertising space on the Service) and on other unaffiliated websites and services.
  • Research and reporting. We may use your information to administer surveys and questionnaires (online and offline) for research and reporting purposes to help us better serve individuals by learning more about their needs and the quality of the products, services, and educational information we provide. The survey responses may be utilized to determine the effectiveness of our Service, various types of communications, advertising campaigns and/or promotional activities.
  • Combining information. We (and our third party business partners on our behalf) may merge, co-mingle, or otherwise combine information, including your personal information, in furtherance of the purposes described above.
  • To comply with legal obligations. We may use your information to comply with our legal obligations or to exercise or defend our rights or the rights of a third party, including complying with law enforcement or government authority requests and participating in compliance audits.
  • To protect us and others. We may use your information where we believe it necessary to investigate, prevent, or take action regarding suspected or actual illegal activities, fraud, situations involving potential threats to the safety of any person or to otherwise enforce this Policy, our Terms and Conditions, and the integrity of the Service.
  • Deidentified data. We may also deidentify or anonymize your data in such a way that you may not reasonably be re-identified by us or another party, and we may use this deidentified data for any purpose permitted under applicable law. To the extent we deidentify any data originally based on personal information, we will maintain and use such data in deidentified form and will not attempt to reidentify the data.

The data subject to treatment will not be used for purposes other than or incompatible with those mentioned above and that motivated its collection. Notwithstanding the foregoing, it is stated that the recorded data may be used, in addition to the purposes for which it was expressly collected, for the purpose of carrying out statistics, managing incidents or conducting market studies. However, in the event that personal data is processed for a purpose other than that initially specified when collecting said data, a compatibility analysis will be carried out by Spindle Health in accordance with applicable regulations. The processing will only be authorized if the original purpose is compatible with the new purpose or allowed in accordance with an independent legal basis. In these cases, the user will be informed of the changes in purpose or legal justification for the processing of their data.
We remind the user that they can oppose the sending of commercial communications (unsubscribe) and stop receiving emails from Spindle Health, reliably notifying Spindle Health, which will proceed to interrupt in the shortest possible time after receiving such communication. For this purpose, it may send an email to the address indicated in Section 2, a postal mail addressed to the address indicated in Section 2 hereof, or directly follow the unsubscribe instructions detailed at the end of each email of Spindle Health.

  1. How do we use your information?

We will use the information we collect about you for the following purposes:

  • Creating user account
  • Testimonials
  • Customer feedback collection
  • Administration info

If we want to use your information for any other purpose, we will ask for your consent and use your information only when we receive your consent and then only for the purpose(s) for which consent will be granted, unless we are required by law to do otherwise.

We will retain your personal information with us for 12 months after user accounts remain idle or for as long as necessary to fulfil the purposes for which it was collected, as detailed in this Privacy Policy.

  1. Consent

By providing personal data to Spindle Health, the user declares to accept its processing fully and without reservation by Spindle Health. The user gives his/her free, express and informed consent to Spindle Health’s use of the data collected for the purposes indicated in Section 5, as well as its incorporation into a Spindle Health database.

The Spindle Health carries out the processing of legitimised user data: (i) the contracting of Spindle Health services by the user, in accordance with the terms and conditions that are made available to the user at the end of the completion of the service request form (prior to possible contracting) and which the user (after reading them), and if the user agrees, can accept by ticking the box that has been included for this purpose; and (ii) the free, informed and unambiguous consent of the user, made after reviewing this privacy policy, where Spindle Health informs you of the processing it will carry out with your data, and if you agree, by ticking the box that has been included for this purpose in the service request form. Data processing that is not covered by any of the above legal bases will be carried out if Spindle Health considers it necessary to protect a legitimate interest and only if it does not infringe the fundamental rights and freedoms of the user.

  1. Validity – How long do we keep it?

The data will be destroyed or archived when it is no longer strictly necessary or relevant for the purposes described in Section 5 above. In particular, personal data will be kept for as long as the business relationship is in force (and to the extent that you have not previously requested their deletion) and for as long as obligations, indemnities and/or liabilities may arise under the business relationship or for the services provided.
Spindle Health informs you that it will retain information essential to identify the origin of the data stored for the duration of the client’s relationship with Spindle Health and/or revocation of the user’s consent in accordance with the information in Section 5 of this Privacy Policy and/or as long as required by applicable law.

  1. Confidentiality / Assignment / International Transfer – Do we disclose data to third parties?

Spindle Health will keep collected personal data private and confidential, and will not use it for purposes other than those set out in Section 5 hereof. Spindle Health requires its employees and third parties providing services that access the contents of the databases to sign confidentiality and personal data processing agreements (or include such obligations in the service agreements it signs with such providers, as indicated in the following paragraph).

The user’s personal data collected by Spindle Health will not be transferred, sold, exchanged, transmitted and/or communicated to third parties outside Spindle Health without the user’s consent, except for legal obligation and/or for the purpose of providing the services to the user. This does not include certain employees and service providers enabling Spindle Health to keep the Site operational, fulfil the objectives set out in Section 5 of this document and/or provide services to the user, who have undertaken the obligation to maintain the confidentiality of the data provided and undertake to comply with applicable regulations on the protection of personal data, at the time of contracting. Contracts with service providers stipulate the purpose, scope, content, duration, nature and purpose of data processing, the type of personal data, the categories of data subjects and the obligations and responsibilities of Spindle Health and contracted third parties.

In particular: Spindle Health may share the personal information provided with parent companies, affiliates, subsidiaries, related companies and/or intermediaries related to Spindle Health.

Spindle Health may share certain user-provided personal information internally within Spindle Health, with certain departments, such as administration, marketing, or IT.

  • In certain cases, Spindle Health transfers personal data based on legitimate interest and the economic and technical advantages associated with the use of specialized providers. In this sense:
    • Google Analytics. Spindle Health utilizes Google Analytics for website analytics. This integration involves Google collecting the user’s IP address and usage data. Users can refer to the privacy policy and other legal information of Google Analytics by visiting the following link:https://policies.google.com/privacy

Social Networks. Spindle Health also uses social networks, such as Facebook or Instagram, and has integrated functions of these networks into its services. The user may only use these social networks to the extent that they are registered in them and have accessed the corresponding social network with their user. These social networks have their own privacy policies and their own terms and conditions, over which Spindle Health has no interference or control.

Finally, you should be aware that Spindle Health may (and that Spindle Health reserves the right to) disclose your information in the following cases:

  • Business transfer: If we or our subsidiaries are acquired, merged, or invested in by another company, or if any of our assets are transferred or may be transferred to another company, whether as part of a bankruptcy or insolvency proceeding or otherwise, we may transfer the information we have collected about you to the other company. As part of the business transfer process, we may disclose certain information about you to lenders, auditors, and outside advisors, including lawyers and consultants.
  • Compliance with the law: We may disclose your personal information to comply with the law, a legal proceeding, a court order, or other legal process, such as in response to a court order or subpoena.
  • Protection and Facilitation of Rights: We may disclose your personal information when we believe it is appropriate to investigate, prevent, or take action against illegal activities, suspected fraud, situations that may pose potential threats to the safety of any person, or violations of our Terms and Conditions or this Policy. This disclosure may also include using your personal information as evidence in litigation in which we are involved. Additionally, we may disclose your personal information when necessary to assist you in exercising your rights under the Terms and Conditions of Spindle Health and this Privacy Policy.
  • Reasons related to public safety, national defense, or public health: In situations where there are well-founded reasons related to the safety of the community, national defense, or public health, your personal information could be disclosed.
  • Aggregate, anonymized, or de-identified information: We may disclose aggregate, anonymized, or de-identified information about you for any purpose permitted by applicable law.
  • Consent: We may disclose your personal information with your consent.
  1. Security – How do we ensure data security?

Spindle Health declares its intention to adopt the necessary technical and organisational measures to ensure the security, integrity and confidentiality of the data in accordance with the provisions of RGPD, and ,VCDPA in order to prevent its tampering, loss, consultation or unauthorised processing.

Spindle Health does not guarantee absolute privacy when using the Site, since the possibility that unauthorised third parties may have knowledge of it cannot be excluded. The user acknowledges that the existing technical means that provide security are not impregnable and that even when all reasonable security precautions are taken, it is possible to suffer manipulation, destruction and/or loss of information. In the event that a security incident is detected and entails a significant risk to the data owner, such event will be reported without delay to the competent control authority, together with the corrective and remedial measures implemented and/or to be implemented.

Spindle Health is not responsible for the loss or deletion of data by users. Similarly, Spindle Health accepts no responsibility for possible damage caused by computer viruses.

Finally, the user must also take measures to protect their information. Spindle Health insists that you take every precaution to protect your personal information while on the Internet. At the very least, it is advisable to change your password periodically, using a combination of letters and numbers, and to make sure you are using a secure browser.

  1. Data owner rights and procedures to respond to their exercise – What rights do I have as a data owner?

The data owner user may at any time exercise the rights of access, rectification, cancellation, opposition, limitation of processing, portability, confidentiality and deletion of his/her personal data, in accordance with the provisions of articles 15 and following of the RGPD, the provisions of the VCDPA, as applicable.
The exercise of these rights may be carried out by the user him/herself by means of an e-mail addressed to info@spindle.health, or by written communication addressed to the Data Protection Officer at the following address info@spindle.health, or by any of the methods provided for in the applicable regulations referred to above. Spindle Health may request the data necessary to validate the identification of the data owner.

The deletion of some data shall not be carried out where it may cause damage to the legitimate rights or interests of third parties, or where there is a legal obligation to retain the data.

If you are located in the UK or EEA, and subject to national or local law exemptions, you have certain data protection rights in certain circumstances. Please contact us if you would like to exercise any of these rights.

  • Withdraw their consent at any time. Users have the right to withdraw consent where they have previously given their consent to the processing of their Personal Data.
  • Object to processing of their Data. Users have the right to object to the processing of their Data if the processing is carried out on a legal basis other than consent.
  • Access their Data. Users have the right to learn if Data is being processed by the Owner, obtain disclosure regarding certain aspects of the processing and obtain a copy of the Data undergoing processing.
  • Verify and seek rectification. Users have the right to verify the accuracy of their Data and ask for it to be updated or corrected.
  • Restrict the processing of their Data. Users have the right to restrict the processing of their Data. In this case, the Owner will not process their Data for any purpose other than storing it.
  • Have their Personal Data deleted or otherwise removed. Users have the right to obtain the erasure of their Data from the Owner.
  • Receive their Data and have it transferred to another controller. Users have the right to receive their Data in a structured, commonly used and machine readable format and, if technically feasible, to have it transmitted to another controller without any hindrance.
  • Lodge a complaint. Users have the right to bring a claim before their competent data protection authority.
  1. Appointment of a Data Protection Officer

Spindle Health has appointed delegate for the application and control of this Privacy Policy and the relationship with the application authority to James LaPlante who can be contacted by the following means:

  • Email: info@spindle.health
  • Telephone: 703-261-4184
  1. Training – Do we train?

The staff of Spindle Health whose functions are related to the processing of personal data are trained in order to ensure better protection of personal data and the rights of data subjects.

  1. Links to third parties – Does our Site contain links to other websites?

The Site may contain links to third party websites, with or without advertising content, whose privacy policies are foreign to Spindle Health. The linked sites are not related to Spindle Health and, their existence in no way presupposes that there is any kind of suggestion, invitation or recommendation to visit the target sites or any kind of link or association between Spindle Health and such sites. Spindle Health is not responsible for the content, use and activities of these linked sites, or for any actual or potential, material or moral, direct or indirect damages suffered by users and derived from the information contained in such sites or the relationship that users may establish with third parties whose services have been published on the Site. Notwithstanding the above, any feedback on these linked sites will be useful to Spindle Health in order to improve the services and/or ensure the integrity of the Site. Spindle Health undertakes to do everything possible to prevent the existence on its Site of links to sites with illegal content.

  1. Children’s Privacy

At Spindle Health, we recognize the importance of protecting the privacy of children. Our commitment to safeguarding the personal information of minors is unwavering. We may collect and process personal information from children under the age of 13, but only in compliance with all applicable laws and regulations, including obtaining parental or guardian consent as required.

If you are a parent or guardian and you believe that we have collected personal information from your child without appropriate consent, please contact us immediately, and we will take prompt action to address the situation.

For residents of California: We do not sell the personal information of California consumers who are 16 years old or younger unless we have obtained prior parental authorization. If your child is under the age of 13, we insist on receiving parental or guardian consent for the collection and processing of their personal information. If your child falls within the age range of 13 to 16 years, they can opt-in to allow the sale of their personal information. Our websites and services designed for children will incorporate age verification and ensure the necessary consents are obtained.

For EU residents: We do not collect or process personal information of individuals in the EU under the age of 16 without explicit consent from a parent or guardian. Our websites and services directed towards children will include age verification and require the appropriate consents.

  1. Cookies – Do we use cookies?

When you visit the Site, Spindle Health may store certain information on your computer in the form of a “cookie” or similar file. The Site uses cookies to (i) track advertising, (ii) collect traffic data from the Site, and (iii) improve the user experience when using the Site.

The user should be aware that, in order to browse the Site, it is not necessary for him or her to allow the installation of cookies sent by the Site. This may only be required in relation to certain services. You may delete cookies from your computer hard drive, prevent access to your computer through your browser or by choosing the corresponding option when asked about the possibility of using cookies for these purposes and in accordance with Spindle Health Cookie Policy.

Cookies are files of information that a website or the provider of certain services on the site transfers to the hard drive of the user’s computer via the browser. Cookies by themselves cannot personally identify the user (although they may contain the user’s IP address) but they allow them to recognise the user’s browser, and to capture and store certain data (the user’s operating system, the domain name of the website from which the Site was linked, among others). Spindle Health reserves the right to hire the services of third parties to analyse and understand the users of the Site, who may not use the information collected for purposes other than improving Spindle Health’s services.

  1. Approval

Your use of the Site constitutes your acknowledgement and approval of Spindle Health’s Privacy Policy and Spindle Health’s Terms and Conditions, if any. Likewise, the user accepts Spindle Health’s Privacy Policy and Spindle Health’s Terms and Conditions by completing the request for services.

  1. Do United States residents have specific Privacy Rights?

You may have certain rights regarding our processing of your personal information under applicable local law. If our processing of your personal information is governed by such laws, this section provides you with additional information regarding your rights and our processing of your personal information under applicable local law.

MARKETING COMMUNICATIONS

We may send periodic promotional emails to you. You may opt-out of promotional emails by following the opt-out instructions contained in the email. Please note that it may take up to 10 business days for us to process opt-out requests. If you opt-out of receiving promotional emails, we may still send you emails about your account or any services you have requested or received from us.

DATA RETENTION

Your personal information will be held for only so long as it is necessary for the purpose for which it was originally collected, and in accordance with applicable local law. We will retain your personal information for the period necessary to fulfill the purposes outlined in this Policy. When assessing retention periods, we first examine whether it is necessary to retain the personal information collected and, if retention is required, work to retain the personal information for the shortest possible period permissible under applicable law. To determine the appropriate retention period for personal information, we consider the amount, nature and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of the personal information, the purposes for which we process the personal information, and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

YOUR PRIVACY CHOICES AND RIGHTS

Depending on the jurisdiction in which you live, you may have the following rights under applicable local law:

  • Right to request access and a copy of your personal information and information relating to how it is processed;
  • Right to request deletion of your personal information;
  • Right to request the correction or update of the personal information we hold about you;
  • Right to opt-out of “sales” of your personal information and “sharing” of your personal information for cross-context behavioral advertising purposes (as these terms are defined under applicable law)
  • Right to opt-out of targeted advertising;
  • Right to limit our use of your sensitive personal information;
  • Right to not be unlawfully discriminated against for exercising your rights.

These rights may be limited or denied in some circumstances. For example, we may retain your personal information where required or permitted under applicable law. You may also opt-out of our “sale” or “sharing” of your personal information through privacy preference signals recognized under applicable local law, such as the Global Privacy Control (GPC), but please note that this signal will be linked to your browser only. For more information on the GPC and how to use a browser or browser extension incorporating the GPC signal, see https://globalprivacycontrol.org/.

VERIFICATION PROCESS

In order to protect your information, we will confirm a requestor’s identity before responding to any request. To start the process, you must provide your name and email. We will ask you at least one question, and you must reply by email with the correct answer for each question based on your previous interaction with us. If we still cannot verify your identity as required by applicable laws, we will let you know and may ask additional questions. Otherwise, we will acknowledge your request and contact you later with our full response. We will only send verification questions from info@spindle.health. Before sending a verification response, please double-check the email address. If you receive an email that appears to be from us but is not from our verification email address listed above, do not respond. Any information we gather through this process will only be used for consumer verification, security procedures, or fraud-prevention. We will delete any verification information as soon as practical after processing your request.

AUTHORIZED AGENTS

You may designate an authorized agent to exercise your rights under applicable laws on your behalf. Pursuant to applicable laws:

  • You must provide the authorized agent written permission to exercise your rights under applicable laws on your behalf.
  • We may deny a request from an authorized agent on your behalf if the authorized agent does not submit proof that he, she, or it has been authorized by you to act on your behalf if we request such proof, as permitted by applicable laws.
  • Even if you use an authorized agent to exercise your rights under applicable laws on your behalf, pursuant to applicable laws we may still require that you verify your own identity directly to us.

FINANCIAL INCENTIVES

“Financial incentive” means a program, benefit, or other offering, including payments to consumers as compensation, for the disclosure, deletion, sale, or sharing of personal information.

The law permits financial incentives or a price or service difference if it is reasonably related to the value of the consumer’s data. A business must be able to explain how the financial incentive or price or service difference is reasonably related to the value of the consumer’s data.

The explanation must include:

  • a good-faith estimate of the value of the consumer’s data that forms the basis for offering the financial incentive or price or service difference; and
  • a description of the method the business used to calculate the value of the consumer’s data.\n We may decide to offer a financial incentive (e.g., price or service difference) in exchange for the retention, sale, or sharing of a consumer’s personal information.

We do not offer financial incentives to collect personal information and we will not discriminate against you if you exercise any of the rights provided by applicable laws set forth in this Privacy Policy. Please note that a legitimate denial of a request for information, deletion, or to opt-out is not discriminatory, nor is charging a fee for excessive or repetitive consumer requests as permitted by applicable laws.

APPEALS

If we decline to take action regarding your request, we will inform you of our decision and reasoning behind it. If you wish to appeal our decision, please email us at Within sixty (60) days of receipt of an appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If your appeal is denied, you may contact the Attorney General to submit a complaint.

false

  1. Modifications – Is this the most current version?

This is the current version of the Spindle Health Privacy Policy, updated on June 17, 2024.

Spindle Health may at any time and without prior notice, modify this Privacy Policy. Such modifications will be operative from their publication on the Site or when they are notified to users by any means, whichever occurs first. The user must keep informed about the terms included here by entering periodically.

POLICY GENERATED BY

Trade name: illow
Identity of the controller: People & Privacy, Inc.
Address: 651 N Broad St., Suite 206, City of Middletown, New Castle, Delaware (19709), United States
Email: rodrigo@illow.io