I-M-Ó-N INTERNATIONAL PC (hereinafter also referred to as
“us”, “we”, “our” and “I-M-Ó-N”) respects your privacy and is
committed to protecting your personal data. “Personal data”
means any information relating to an identified or identifiable
This privacy notice aims to give you information on how we
collect and process your personal data when you visit or use
our mobile app (the “ App”), and through the usage of I-M-O-
N’s algorithmic questionnaires, mobile bio-device, nutrition
plan, exercise plan, lab testing results, lifestyle
recommendations and wellness feedback based on your :
health history, profile and status, daily activity measurements,
daily nutritional habits, including any data you may provide
through any of the mentioned means, and inform you about
your privacy rights and how the law protects you.
Users under the age of 16 years may not create, register or
use an I-M-O-N account without parent's or guardian’s
permission and supervision.
The information provided does not concern third-party
websites, pages or services that can be accessed via
hyperlinks on the App. Clicking on those hyperlinks may allow
third parties to collect or share data about you. We do not
control these third-party websites and are not responsible for
their privacy policies.
IMON collects location data to enable the Exercise Feature and make use of Google Fit even when the app is closed or not in use, in order to to complete the evaluation of this physical condition and calculate the distance he did
Who we are
I-M-O-N is the data controller ("Controller") for the use and
processing of your personal data as described in this Privacy
Scope of the processing
We process personal data only to the extent necessary to
provide a functional App. The processing of personal data
takes place regularly only with the consent of the data subject
or based on other legal provisions that permit data processing
(for more information see the section “Purpose/Activities and
Personal data may be integrated into the App either manually
or automatically by you, or directly collected by us through the
bio-Device and the Lab testing. Personal data also includes
personal data of a special category (health data) in
accordance with Art. 9 GDPR.
What data we process
Personal data, or personal information, means any information
about an individual from which that person can be identified. It
does not include data for which it is no longer possible to trace
the data subject to whom this data relates (anonymous data).
Whenever you access or use our Services, we may process
(e.g. collect, use, store, transfer) different kinds of personal
data about you which we have grouped together as follows:
Identification Data and Personal Characteristics
When you use our Services, we process certain of your:
Identification Data (Name, Email, Username, Phone Number,
Country, City, Date of birth, User ID, IP addresses, residential
address); Personal Characteristics (weight, height, and
gender, body mass index, fat percentages and others.),
Bio-device Collected Data
When you use the I-M-O-N bio-device, we mainly collect data
that accurately calculates body composition, body fat
percentage, body fat mass, muscle mass, basal metabolic rate
Metabolism and Wellness Data and Measurements
When you use the I-M-O-N questionnaires, I-M-O-N bio-
devices and carry out I-M-O-N lab testings, we mainly collect
• Metabolic evaluation via multiple parameters health,
nutrition, physical activity, medical history, family history,
• Metabolic diary and indicators of metabolic function
• Calculation of the user's metabolic type/profile via medical
and biorhythmic history
• Nutrition plan based on antioxidant and regulatory action
with combinations of meals in grams with portions / and meals
• Physical activity plan (interface with Google FIT to record
data and calculate exercise algorithms)
• Metabolomic parameters via dry urine test
• Evaluation of sleep quality, physical condition, hydration
• Health Goals
When you use the I-M-O-N App, we occasionally ask you to
provide us with feedback about your goals, general wellness,
based largely on the WHO guidelines, in order to monitor how
the app is improving your overall metabolism and well-being.
This user feedback is completely optional.
When you use our Services, our servers automatically record
certain information about how a person uses our Services
whether through the use of log files, and scripts, including
without limitation device carrier-related information,
configuration information, information about your interaction
with our Services and your usage patterns, Device information
(e.g. Phone model, phone version, phone os, phone
brightness, battery level).
Aggregated and anonymous Data
We also collect, use and share Aggregated Data such as
statistical or demographic.
Aggregated Data could be derived from your personal data but
is not considered personal data in law as this data will not
directly or indirectly reveal your identity. For example, we may
aggregate your usage data to calculate the percentage of
users accessing a specific website feature.
However, if we combine or connect Aggregated Data with your
personal data so that it can directly or indirectly identify you,
we treat the combined data as personal data which will be
How we use your personal data
We use the Personal Data you provide or which we collect
mainly for the following purposes:
PROVIDE THE SERVICE
Purpose: provide you the service as described in our
terms and conditions (i.e. Creation of User Account;
Provision of exercises and lifestyle recommendations
based on your health measurements, nutrition, sleep
and physical activity habits).
Types of data: Identification Data (Email, Username,
Phone Number, Country, City, Date of birth, IP
addresses), Personal Characteristics (weight, height,
and gender); Sensitive data - Health data (WHO
questionnaires, nutrition diary, lab vital tests);
Legal Basis (relevant to the GDPR): The processing
of personal data is based on Art. 6. (1) (a) GDPR your
consent, Art. 6. (1) (b) GDPR the necessity of the
processing for the performance of the contract. The
legal basis for the processing of sensitive data (IMON
Collected Data, Health, Wellness Data and
Measurements) is the Art. 9 (2) (a) GDPR, i.e. your
Retention Period: Your personal data is stored for this
purpose for 60 days after your user account is deleted
or the termination of the service provision (it could be
extended to 3 months in case of justified necessity).
Safety and Security
If necessary, we may use your personal data to promote the
safety and security of our services and our users. We may use
your personal data to monitor operations, authenticate users,
detect and protect against fraud and other criminal activity and
enforce our Terms and Conditions and other policies. We will
rely on our legitimate interests when processing personal data
in detecting and preventing fraud and illegal conduct or, if
necessary, for complying with a legal obligation to which we
Manage and Defend Legal Claims
If necessary we may use your personal data to manage and
defend legal claims, e.g. in connection with a dispute or a
court proceeding. We will in such case process the personal
data collected which is necessary in order to manage and
defend the legal claim in question. The processing is based on
our legitimate interest of managing and defending legal
claims. Your personal data is stored for this purpose for such
a period as is necessary in order to manage or defend the
For this purpose, we may also share certain information with
other parties, please see below.
Fulfill Legal Obligations
Finally, we may use your personal data to fulfil legal
obligations that we have, e.g. accounting requirements or
obligations under data protection laws. We will in such case
process the personal data collected which is necessary in
order to fulfill the legal obligation in question. Your personal
data is stored for such a period as is necessary in order to
fulfill respective legal obligations.
For this purpose, we may share your personal data with other
parties, see below.
How we collect your data
We use different methods to collect data from and about you
Direct interactions: You may give us your personal
data (sensitive data included) by filling in forms or by
corresponding with us by post, email or otherwise.
This includes personal data you provide when you:
o use our products or Services - When you use
our Services, we may receive or collect
information or data about you or relating to
you such as product reviews, comments, etc.
o create an account on our App - Depending on
the jurisdiction in which you are based, you
may be required to provide log-in information
to use our Services and create an account to
access the full features of our Services which
may include your Email, Username, Phone
o give us feedback or contact us - Any
information that you provide to our customer
support team from the correspondence that
you send to us, any conversations you have
with us and any feedback that you give us.
Third parties: We may receive personal data about
you from third parties.
How we share your data
We will only share your personal data in connection with
providing you with the service as agreed per our Terms and
In general, we do not disclose the personal data about you to
third parties without your consent or otherwise as specified in
The circumstances in which we may disclose or share your
personal data under this policy, include as follows:
Lawful requests: we may be required to disclose
personal data in response to lawful requests by public
authorities, including to meet national security or law
Third party service providers: we may use third party
service providers to provide certain data processing
services for us (acting as our authorized data
processors), such as:
o analytics service providers.
o contact, financial and transaction data from
providers of technical, payment and support
or delivery services (if applicable); and
o Data Hosting service providers
When acting as our authorized data processors, they are
required to only process data in accordance with our
instructions and are subject to appropriate legal, confidentiality
and security obligations.
We require all third parties to respect the security of your
personal data and to treat it in accordance with the law. Our
third-party service providers may only process your personal
data for specified purposes and in accordance with our
instructions and are not permitted to use your personal data
for their own purposes.
We do not transfer your personal data outside the European
A processing of personal data outside the EU will only take
place on the basis of an adequacy decision of the European
Commission or, in case of no adequacy decision in place (e.g.
US) in accordance with standard contractual clauses
approved by the European Commission and appropriate
How we protect your data
We keep your data safe adopting the best practices and
highest standards in terms of security. All data handling is
GDPR (General Data Protection Regulation) compliant.
All required technical and organisational security measures
have been adopted.
We take various steps to protect your Personal Data from
unauthorized access, use or modification and unlawful
destruction and disclosure, for example:
we adopt encryption technology (such as SSL) to
transfer and store your Personal Data;
we limit the access to your Personal Data on a strict
we put in place physical, electronic, and procedural
safeguards in line with industry standards.
Please be aware that, despite our efforts, we do not warrant or
guarantee that unauthorized access will never occur as no
method of transmitting or storing information is completely
We have adopted appropriate procedures to deal with any
suspected personal data breach and will notify you and any
applicable regulator of a breach where we are legally required
to do so.
DATA RETENTION AND STORAGE
In principle, unless otherwise stated, your personal data will
only be stored until the purpose of the collection and storage
no longer applies. In accordance with your consent, data may
also be stored for longer, as long as you do not withdraw your
Furthermore, data may be stored if this has been provided for
by the competent legislator in regulations, laws or other
regulations to which we are subject. Data will also be blocked
or deleted if a storage period prescribed by the
aforementioned standards expires, unless there is a need to
continue storing the data for the purpose of concluding or
fulfilling a contract.
In the event of termination - for whatever reason - of the
agreement between the user and the provider, the provider
shall keep all content, information and (personal) data
uploaded by the user available for retrieval by the user for
further 60 days (it could be extended to 3 months in case of
justified necessity) after termination. After expiry of this period,
the aforementioned content will be irrevocably deleted or
anonymized in accordance with data protection regulations.
We will retain your Personal Data for as long as is reasonably
necessary for the various purposes mentioned above or to
otherwise comply with any applicable laws and regulations
concerning the mandatory retention of specific types of
All personal data processed and collected to provide our
Services outside of the device in which the App is installed is
stored in cloud service providers managed by us.
All personal data is stored in cloud service providers located in
the European Union (EU).
Under certain circumstances, you have certain rights under
data protection laws in relation to your personal data:
TO BE INFORMED
You have the right to be provided with clear, transparent and
easily understandable information about how we use your
personal data, and your rights. This is what we are doing,
TO ACCESS YOUR PERSONAL DATA
You have the right to request access to your personal data
and request a copy of your personal data that we store. If you
have created a user account, you can view certain information
directly from our Services on your user interface or by sending
us a specific request to email@example.com
TO UPDATE YOUR PERSONAL DATA
You have the right to request that personal data that is
incorrect or incomplete is corrected or completed. If you have
created a user account, you can update certain information
directly in your account or by sending us a specific request to
TO WITHDRAW CONSENT
If we rely on your consent to the use of your personal data you
have the right to, at any time, withdraw your consent by
sending us a specific request to firstname.lastname@example.org.
The consent withdrawal does not affect the legality of the
processing carried out previously on the basis of the consent.
TO DELETE YOUR PERSONAL DATA (RIGHT TO BE
You can at any time request - by sending us a specific request
to email@example.com - that your user account is
deleted. Moreover, under certain circumstances, you have the
right to request that your personal data shall be deleted.
Please note that if you request us to remove your Personal
Data, you may not be able to use our Services.
We may, however, still need to keep your personal data if we
are obligated to keep certain data in order to fulfill legal
obligations or to manage or defend legal claims.
TO RESTRICT THE USE OF YOUR PERSONAL DATA
You have, under certain circumstances, the right to request -
by sending us a specific request to firstname.lastname@example.org
- that the use of your personal data is restricted. If you have
requested restriction of the use of your personal data, please
note that you cannot use the platform during the time that the
use of your personal data is restricted.
TO OBJECT TO THE USE OF YOUR PERSONAL DATA
Certain use of your personal data may be based on our or
others’ legitimate interest. You have the right to object to the
use of your personal data based on a legitimate interest - by
sending us a specific request to email@example.com -
for reasons which concerns your particular situation. In such a
situation, we will stop using your personal data where the use
is based on a legitimate interest, unless we can show that the
interest overrides your privacy interest or that the use of your
personal data is necessary in order to manage or defend legal
TO NOT TO BE SUBJECT TO A DECISION BASED SOLELY
ON AUTOMATED DECISION-MAKING
You may have the right not to be subject to such type of
automated decision-making about you, unless: (a) you gave
us your explicit consent to use your personal data to make our
decision; (b) we are allowed by law to make our decision; or
(c) our automated decision was necessary to enable us to
enter into a contract with you.
TO TRANSFER YOUR PERSONAL DATA (DATA
You have the right to obtain a copy of certain information that
you have provided to us in a structured machine-readable
format which allows you to transfer the data to another
recipient, by sending us a specific request to
How to complain
If you have any concerns about our use of your personal
information, you can make a complaint to us at the email to
As a data subject, you have a right to lodge a complaint with
the competent supervisory authority under the conditions
provided in Article 77 GDPR or seek a remedy in the national
courts if you think that your rights in relation to your personal
data have been breached. However, we would be grateful if
you could give us the opportunity to address your complaint in
the first instance by using the contact details provided at the
end of this policy.
If you have questions, suggestions, or concerns about this
Policy, or about our use of your Personal Data, please contact
us at firstname.lastname@example.org
I-M-O-N INTERNATIONAL PC
LOFOS NYMFON 1,
AGIOS STEFANOS 14565 ATHENS
Responding to Your Requests
Subject to applicable law, we reserve the right to charge a fee
for requests that are duplicative, or require excessive technical
means (for example, developing new systems or
fundamentally changing current practices).
In certain situations, we may not be able to respond to your
request. These situations may include, without limitation,
relating to national security and national defense
relating to public safety, public health, and major
relating to criminal investigation, prosecution and trial;
where there is sufficient evidence that you do not
have good faith intentions or you may abuse rights;
where a response will result in serious damages to the
legitimate rights and interests of you or other
individuals and organizations.
What we may need from you
We may need to request specific information from you to help
us confirm your identity and ensure your right to access your
personal data (or to exercise any of your other rights). This is
a security measure to ensure that personal data is not
disclosed to any person who has no right to receive it. We
may also contact you to ask you for further information in
relation to your request to speed up our response.
Time limit to respond
We try to respond to all legitimate requests within one month.
Occasionally it could take us longer than a month if your
request is particularly complex or you have made a number of
requests. In this case, we will notify you and keep you
Updates to this policy
modify and revise it from time to time. Any information that we
information is collected.
be posted on this page, and where appropriate, notified to you
by email or notifications via the App. We therefore encourage
you to review it from time to time to stay informed of how we
are processing your data.
This version was last updated on July 12, 2022.