Privacy Policy

We know your privacy is important to you. It's important to us too.

This Privacy Policy applies to any collection and/or processing of personal data (hereinafter “Personal Data”) performed as a result of your use of the Koa Landing Page website (The “Website”). Any personal data collected through the stress assessments and health questionnaires, would be subject to the specific Privacy Policy.

Please read this privacy policy (“Privacy Policy”) to understand more.

1. Who collects, controls and processes your personal data?

Koa Health B.V. (hereinafter “Koa”), a company registered in the Netherlands (registered number 78707838) with registered address at Prins Bernhardplein 200, 1097 JV, Amsterdam, The Netherlands.

Koa is the Data Controller of all Personal Data collected through the Website. Koa will not share your personal data with any other Data Controllers. Only Koa and its sub processors, following its instructions, will have access to your personal information as described in this Privacy Policy.

2. Why do we collect personal data about you and what do we do with it?

Inviting you to use our products and services

If you sign up on the website to register your interest in our products, we will process your personal data and send you invitations to use our products or to complete our questionnaires.

Improving the functioning of the website and our services:

We process personal data to improve the Web performance, usability and to provide a better service. This includes aspects related to performance, navigation, availability and usability. To do this we consider things like how often and for how long you use the Web, how you navigate between screens, and which screens you spend more time on. We might also ask for your feedback through email or the Website. If you decide to share with us your feedback, we will also use this information to improve our service. In some cases the functionality of the Website uses third party services to support analytics and navigation and these functions may involve cookies as described in our cookies policy.

Our legitimate interest is the legal basis for this processing. Where we use cookies for this purpose, your consent is the basis for collecting and processing personal data for this purpose. Sensitive data (such as stress levels or breathing rates) is not collected or processed for this purpose.

Sending you information for your company about Koa Foundations or any other new product that might be of interest

If you sign up on the website to register your company’s interest in the app, we will process your personal data to send you relevant information about the Website. We may retain your personal data for some time (see section 5) in order to invite you to try other new products from Koa Health. We may use third party services to facilitate communication such as promotional emails.

3. What personal data do we collect about you and how?

When you sign up on the website to register your interest in the app, we might collect:

  • Email address
  • Name

We collect through cookies (read our cookies policy) the following information:

  • User activity in the web page; Frequency of access to the web page, time spent in the web page, interaction with third party services through the web page.

4. Do we share personal data about you with others?

We do not share any personal information about you with other Data Controllers. We may share some of your personal data with service providers for specific activities such as hosting (e.g. AWS) or analytics (e.g. G Analytics). For more information, please read our cookies policy.

We only authorize our service providers to process your information following our instructions. We make sure that our service providers erase all your personal information right after their services are finished. Some of our service providers may be located outside the EEA, including in countries (such as the United States) whose level of data protection may not be the same as that of the country of origin of our customers. We take the appropriate measures to ensure those providers comply with EEA standards in every processing of personal data they perform on our behalf, by requiring guarantees such as Standard Contractual Clauses.

Internal team members shall process your personal data following professional responsibilities and contractual obligations only for the purposes established in this Privacy Policy. We take appropriate measures to guarantee the fair and confidential use of all personal data by our employees.

5. How long do we keep your data?

We may retain your personal data for different periods of time, depending on the type of data involved and the purposes of the processing, but generally, following these criteria:

  • We will erase any of your data collected from the website after 12 months from your last interaction with us.
  • We will also erase or stop processing your data if you withdraw consent or require us to do so. In these cases, we will erase your data or anonymize it in such a manner that is no longer identifiable.

The data protection laws give you a series of rights regarding the personal information that we manage about you. Specifically, the rights of access, rectification, erasure, limitation, objection, portability, as well as not being subject to automated decisions and to remove your consent at any time.

You can exercise these rights by contacting us at, using if possible the same e-mail address with which you registered in the Website and identifying the right you want to request. In the event that you decide to exercise one of these rights through a representative, it will be necessary to provide with the request, the documentation that proves this condition.

If you feel your data privacy rights have been breached, you also have the right to file a complaint with a Data Protection Control Authority (e.g., the Information Commissioner’s Office).

In order to register and use our services you must be over 18 years old. Therefore, by signing up you confirm that you meet this condition. We may contact you to confirm this. We do not knowingly collect information from those younger than 18 years. If you are a parent or guardian and believe that your child has used the application you may contact us at and we will respond promptly.

7. How do we keep your data safe?

Koa Health is responsible for ensuring the security, integrity and confidentiality of your personal information. Therefore, as part of our commitment and in compliance with current legislation, we have adopted the most demanding and robust security measures and technical means to prevent their loss, misuse or access without your authorization.

We protect all communications between the applications, website and the servers in line with best practice by using TLS for encryption and server authentication. We use ISO 27001 certified systems in order to protect your registration information including email and password. We store your personal data in an encrypted database.

Also, we promise to act quickly and responsibly in the event that the security of your data may be in danger, and to inform you if necessary.

Effective From: February 2022.