Privacy policy

LAST UPDATED: Feb 7, 2021

This policy describes our policies and procedures for collection, use, storage, processing, disclosure and protection of any information, including, but not limited to, personal information provided by you as a user while using the service. user shall mean any person/ persons, who visits, uses, deals with and/ or transacts through the Zemedy app (“Privacy Policy”).

Thank you for choosing to be part of our community at Bold Health Limited (“company”, “we,’’ “us”, or “our”). We are committed to protecting your personal information and your right to privacy. If you have any questions or concerns about our policy, or our practices with regards to your personal information, please contact us at

When you visit our mobile application, and use our services, you trust us with your personal information. We take your privacy very seriously. In this privacy notice, we describe our privacy policy. We seek to explain to you in the clearest way possible what information we collect, how we use it and what rights you have in relation to it. We hope you take some time to read through it carefully, as it is important. If there are any terms in this privacy policy that you do not agree with, please discontinue use of our Apps and our services.

This privacy policy applies to all information collected through our mobile applications (“Apps”), and/or any related services, sales, marketing or events (we refer to them collectively in this Privacy policy as the “Sites”).

Please read this privacy policy carefully as it will help you make informed decisions about sharing your personal information with us.

1. Definitions

Personal Information or personal data or personal identifiable information (PII) means information relating to an identified or identifiable natural person who can be directly or indirectly identified by reference to an identifier such as full name, identification numbers, location address, online identifier and other identifiers within the definitions of The Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules 2011 and General Data Protection Regulation (GDPR) (EU) 2016/679 regulation.

Non-Personal Information means any information that does not reveal Your specific identity either directly or indirectly. This includes information that is anonymized so that it does not allow easy identification of a specific individual. Information under this Privacy Policy means both Personal and Non-Personal Information.

A Cookie is a small amount of data generated by a website and saved by your web browser. Cookies are used to store user preferences for a specific site. The use of cookies makes web-surfing easier. You may refuse to accept Cookies by activating the setting on Your browser which allows You to refuse the setting of Cookies. Encryption is the process of transforming information into unreadable text so that it is only eligible to those possessing an encryption key. The process of making encrypted information readable again is referred to as decryption.

Web Browser is a software program that allows users to access, retrieve and view information on the World Wide Web. Examples of browsers include Internet Explorer, Firefox, Google Chrome and Safari.

2. What information do we collect and how do we use it?

To provide You with Our Service, Bold Health will collect, store and use the following Information provided by You:


Zemedy does not collect Your Personal Information. Please do not share any Personal Information at any time in Your use of Our Service such as while in conversation with the Zemedy App or when You contact Us with inquiries or send Us feedback. By voluntarily providing Us with Your Personal Information, You are consenting to Our use of it in accordance with this Privacy Policy. If You provide Personal Information, You acknowledge and agree that such Personal Information may be transferred from Your current location to the globally-located secure cloud servers of Our authorized third-party data processor namely Amazon Web Services (AWS) or to Our own secure server locations.


For Your privacy and security, You are advised to set your own Zemedy App PIN to protect unauthorized access of app usage data. You can extend Your mobile device screen password to include Zemedy App. To do so use the “Enable passcode” feature under settings> security in the Zemedy App. You can also remove Your PIN using the ‘toggle’ option under security. The PIN that You use is personal to You, and You are responsible for maintaining the confidentiality and security of Your PIN. You are further responsible for restricting access to Your mobile device to prevent unauthorized access to the Zemedy App. You agree to accept responsibility for all activities that occur under Your PIN. You should take all necessary steps to ensure that the PIN is kept confidential and secure and should inform Us immediately if You have any reason to believe that Your PIN has become known to anyone else, or if the PIN is being, or is likely to be, used in an unauthorized manner. The Data Protection Law sets out a number of different reasons for collecting and processing Your Personal Information. The lawful basis for processing all Your Personal Information is for the performance of this Agreement and as agreed by You.


To provide You Our Service, Bold Health will collect, store and use the following non-personal Information provided by You:

How do We handle Your conversation messages?

When You use the Service, all the conversation messages You have with the Zemedy App are private. You provide Your messages by way of choosing pre-formatted responses or by way of free text. Each submitted message gets processed in real-time by the Zemedy App’s proprietary algorithms, and directed appropriately to the subsequent context-based conversation based on a proprietary rule-based content management process. At no point during Your conversation with the Zemedy App does another natural person have access to, or gets to monitor or respond to Your messages. Your messages are not processed to send You unwanted content. Your submitted messages or app usage habits or Website browsing habits are not used to sell to advertisers. We do not ‘monetize’ the messages or the Information You submit to Us. The messages You send and receive are encrypted and stored securely.

A limited set of Your conversation messages gets anonymized before being processed for internal operations and for research purposes. This is done only to improve Your future experience when using Our Service. YOUR CONVERSATION IS NEVER SHARED WITH A THIRD PARTY WITHOUT YOUR EXPLICIT CONSENT.



Do We need to know Your full name?

When You use the Service, We will not ask for and will not require Your full name at any point in time during the conversation. After signing up, We take You through a one-time onboarding process. Here We ask for only Your nickname/name to help personalize Our conversation with You. Please do not share Your full name to maintain complete anonymity. You can change the nickname once provided to the Zemedy App by going to Settings > Account.

Why do We ask about Your thoughts, feelings (emotions), mood, major event or life changes, goals and energy levels?

When You use the Service, We may periodically ask You about Your thoughts, feelings or emotions, mood, major event/changes in life, Your resilience goals and Your energy levels. Your response is processed by Zemedy solely to provide You access to tools and techniques to manage Your emotional wellness and to encourage You in building resilience. Your Information is encrypted during transmission and is securely stored. YOUR INFORMATION IS NEVER SHARED WITH A THIRD PARTY WITHOUT YOUR EXPLICIT CONSENT.

How do we handle Your responses to health-related questions?

When You use the Service, You will be asked to respond to health-related questions. The response is voluntary and You can opt to not report to any of these questions. Zemedy App currently uses five validated assessment scales for understanding your IBS severity, quality of life and well-being. Other assessment scales may be introduced in the future. You will also be asked to share how You cope with day to day activities as part of the health questions. Health-related questions are a proven way to baseline and track the progress of Your symptoms. Your response is used solely for the purpose of providing you with feedback on the progression of your symptoms and to provide You access to validated and curated tools and techniques to manage your IBS Your response is encrypted during transmission and is securely stored. YOUR INFORMATION IS NEVER SHARED WITH A THIRD PARTY WITHOUT YOUR EXPLICIT CONSENT.

AUTOMATICALLY COLLECTED NON-PERSONAL INFORMATION To provide You with Our Service, Zemedy App will automatically collect, store and use the following non-personal Information:

Why do We collect Device Information and access logs when You use Our Service?

When You use the Service, We may also collect Non-Personal Information through the use of commonly-used information-gathering tools such as cookies, log files and web beacons. Such information may include standard information collected from Your mobile device (such as mobile application identifier, operating system, OS version, time zone, manufacturer, model and brand name) or from Our Website (such as browser type, browser language, Operating System, browser information including type and language settings) along with the actions You take on Our Website (such as the web pages viewed and the links clicked). We use this information to detect and deter unauthorized or fraudulent use of or abuse of the Service, and to optimize Your experience for e.g. to make sure the Zemedy App is displayed correctly on Your phone, or Your usage settings are applied.

Do We collect Passive Sensing Information from Your mobile device?

When You use the Service, the Zemedy App does not passively collect nor process any information from Your mobile device sensors, such as accelerometer, ambient light readings and screen on/off readings, including location (GPS) and call logs.

How do We use any Third-Party Software?

When You use the Service, non-personal device and app event information is pushed to third-party analytics software such as Firebase and Facebook Analytics via their secure API integrated within the Zemedy App. The events do not provide any individual user-specific information and are aggregated by this third-party software across all users and used to present charts, graphs and reports to help Us understand and improve Our Services. The events collected by the apps include session-based events; feedback and rating events; pin management events; tool access event; setting changes events; connectivity or network events; health-related question response events; notification access events; and app login event. Apart from the app-pushed events, the third-party software APIs also automatically collect some non-personal events. Firebase automatically collected events can be found here. Facebook Analytics automatically collected events can be found here. The use of Firebase is governed by Firebase Terms of Service, Use Policy and Crashlytics Terms of Service. The use of Facebook Analytics is governed by Facebook Data Policy and Terms of Service.

OTHER OPTIONAL INFORMATION To improve Your experience, We provide optional features in the Zemedy App. If You choose to use such features, We may ask You for additional Information:

OPTIONAL: Your feedback and ratings When You use the Service, We ask You for Your feedback and Your rating of the Zemedy App. You can also provide feedback using the Feedback feature provided in the Zemedy App “settings” section. You can use this feature to email Us Your feedback. This feedback and rating are used by Us to improve the product and Your product experience. AS A BEST PRACTICE, IT IS ADVISED THAT YOU TAKE ADEQUATE PRECAUTIONS TO NOT SHARE YOUR HEALTH OR PERSONAL INFORMATION WHILE GIVING FEEDBACK OVER EMAIL NETWORKS.

OPTIONAL: Manage Notifications or reminders When You use the Service, You have the option to manage app-based notifications or reminders. The Zemedy App will ask Your preference for the time of day to receive notifications and will confirm Your local time to ensure reminders get sent as per Your preference. You can change or delete notifications at any time from Settings > Notification of Your Zemedy App. WE DO NOT SEND ANY MARKETING OR PROMOTIONAL NOTIFICATIONS TO YOU WITHOUT YOUR EXPLICIT PERMISSION.

OPTIONAL: Your Age Information When You use the Service, You have the option to provide Your age information in the form of an age number (not the date of birth). This information is processed by the Zemedy App to understand the age profile of Our users and to help provide them access to tools and techniques or provide other operational information relevant to their age range.) WE DO NOT ASK, COLLECT OR PROCESS YOUR SPECIFIC DATE OF BIRTH AT ANY TIME DURING YOUR USE OF THE SERVICE.

OPTIONAL: Location Information To use the apps, You are not required to provide Your location information (“geolocation”). Zemedy App does not collect Your Geolocation information. We do however check Your device clock and collect Your date-time settings to help us offer a safe and improved experience. If We collect or use Your geolocation data as an additional separate service, We will make sure that We provide notice and/or obtain Your consent. You can always turn off location sharing at any time using Your phone settings.

OPTIONAL: Contact Information for customer support There may be occasions where You wish to contact Us to seek support. If You contact Us via Our website or by other means, We may need some Information from You, which You may choose to provide. This includes Your name, contact info such as your email address, phone number, as well as information about Your mobile device or personal computer such as device type, and OS type. We will use this Information to address and investigate the issues You have forwarded to Us, to provide You support and to improve Our customer support service.

OPTIONAL: Contact Information for promotional events and customer surveys If You choose to participate in promotional events or surveys that Bold Health may offer from time to time, We may ask for your contact details (e.g., name, location, phone number, email address, gender and date of birth) to administer the event, such as to confirm participation eligibility for the event, to enable You to fill out a questionnaire, to conduct to deliver the prizes to You. NO PROMOTIONAL EVENT NOTIFICATIONS WILL BE SENT WITHOUT YOUR EXPLICIT PERMISSION TO RECEIVE MARKETING NOTIFICATIONS. Your survey submission will never be linked to Your Zemedy app account and hence Your Zemedy App conversations and activities will never identify You. Your submissions will reside in a secure and private storage area operated within the Zemedy G-suite account and managed by Google Forms (G-Suite security can be read here. The Zemedy G-Suite account is also protected by a two-factor secure authentication system. You can opt-out at any time by sending a request to to delete Your personal Information or to discontinue receiving any further communication on this matter. On receipt of Your email, We will verify and remove only the specific identifiable Information as requested by You, within 72 hours of receiving the request.) YOUR SUBMISSIONS WILL NEVER BE SHARED WITH A THIRD PARTY WITHOUT YOUR EXPLICIT CONSENT.

OPTIONAL: Follow on Instagram You have the option to follow Us on Instagram using Your Instagram account by going to settings. You can set up an Instagram account, if you do not own one and follow us at @tryzemedy. WE DO NOT ASSOCIATE YOUR INSTAGRAM ACCOUNT WITH YOUR Zemedy APP ACCOUNT.

3. Other Important Information for You

What Information will be processed by Us for purposes of legitimate interests? To provide the Service, We may use Your Information based on Our legitimate interests for the following purposes. We Use a legitimate interest basis to process Your Information in a way that might reasonably be expected as part of running Our business and which does not materially impact Your rights, freedom or interest.

To detect and deter unauthorized or fraudulent use of or abuse of the Service;

For transmission, use and disclosure to business associates or a third-party based on a business associate agreement. The business associate will not use or disclose personal information in any way that would violate the contract.

  • For uses and disclosures required by law;

  • For disclosures for judicial and administrative proceedings;

  • For disclosures for law enforcement purposes;

  • For uses and disclosures for public health reporting, and other public health activities;

  • For uses and disclosures to avert a serious threat to health or safety to You, Us, or others;

  • For using minimal de-identified data to improve and/or optimize the Service;

  • To enable Us to provide customer support, and to respond effectively to Your inquiries and claims;

  • For uses and disclosures for oversight activities such as audits, investigations, and inspections;

  • For uses and disclosures for research purposes (subject to qualifications and exceptions);

  • For any direct marketing purposes;

  • To allow You to use the apps on multiple devices and transfer Your app account to another device;


By using the Service, You hereby agree to the use of Your Information for the above-mentioned purposes.

How does Bold Health protect Your information?

To fulfil Our commitment to respecting and protecting Your privacy and the confidentiality of Your Personal Information, Bold health has implemented industry-standard safeguards to prevent unauthorized access or disclosure, misuse, alteration or destruction of Your information. More specifically, We will comply with all applicable data protection and security laws in order to assure security, availability, processing integrity, confidentiality and privacy of data. All Information between the Zemedy App and server is encrypted and transmitted via SSL. Because no method of electronic transmission or method of data storage is perfect or impenetrable, We cannot guarantee that Your Information will be absolutely safe from intrusion during transmission or while stored in Our systems. To help protect Your privacy and confidentiality of Your Information, We also need to ask for Your cooperation regarding the following: Please do not copy and transmit Your chat conversations, health data and/or Personal Information with other people. Also, please notify us at the contact information provided at the end of this policy, in the event You suspect any unauthorized use of Your account or any other breach of security via Our contact information.

Where is Your Information transmitted and stored?

To provide the Service in a reliable and responsible manner, Bold Health processes and stores Your Information on secure servers which may be physically located in different countries around the world, including countries outside the United Kingdom. By continuing to use the Service, You agree that your Information may be internationally transferred and that Bold Health can process and store Your Information in a country other than where You submitted it. Jurisdiction and Cross Border Transfer of Information Our Services are global and Your information (including any voluntarily provided Personal Information) may be stored and processed in any country where We have operations or where We engage with partner/s, and We may transfer information to countries outside of Your country of residence, to countries which may have Data Protection Law that is different from those of Your country. However, We will take adequate safeguards and steps reasonably necessary to ensure that any such transfers protect Your privacy, fundamental rights and freedoms, and the exercise of Your rights, in accordance with this Privacy Policy and in compliance with Data Protection Law.

How long does Bold Health keep Your Information?

Bold Health retains any Information You provide or automatically collected while Your account is in existence, for the length of time needed to fulfil any of the applicable purposes of use described in this Privacy Policy, or to comply with applicable Data Protection Law. We may retain Your Information even after Your account is closed if retention is reasonably necessary. These could be in situations where We need to comply with applicable Data Protection Law, regulations or legal obligations, provide and complete customer support service, resolve disputes between or with Bold Health users, or to detect and deter unauthorized or fraudulent use of or abuse of the Service.

Does Bold health use outside service providers or agents?

To facilitate and provide You with the Service, it sometimes is necessary for Bold Health to request third party partner service providers or agents to help Us process and/or store your Information. We strictly evaluate the partner service providers and agents, and We make every effort to ensure that they have established appropriate and secure information administration and organizational control systems, and We strictly require that they comply with confidentiality obligations and applicable laws and regulations including Data Protection Law as relevant. We also require that they access Your Information only to the extent necessary to perform tasks on Our behalf.

Does Bold Health give Your Information to third parties?

Other than as described in this Privacy Policy and, where relevant, other applicable privacy policies or addendums, Bold Health will never provide Your Information to any third parties without Your explicit consent, unless We believe in good faith that We are required or permitted to do so under applicable contracts and laws, or to protect and defend Bold Health’s rights and/or property. We may be involved in the transaction of a merger, acquisition, sale of assets, business reorganization, bankruptcy etc. During such a process, We may sell, transfer or otherwise share some or all of Our assets which may include Your Information. However, in such an event of sale or transfer, We shall reasonably ensure that Your Information collected and stored by the Us is stored and used by the transferee in a manner that is consistent with this Privacy Policy. Any such third party to whom We transfer or sell shall have the right to continue to use the Information that You provide to Us or collected by Us immediately prior to such transfer or sale. On completion of the sale or transfer, the privacy policy of the third party shall apply with respect to Your Information. To stay updated about such business transactions, please read this Privacy Policy from time to time.

Does Bold Health use third-party modules?

Bold health uses third party advertising agencies to place advertisements on the internet or in other media. To measure the effectiveness of the advertisements to determine how much to pay to the advertising agencies, We may install third-party modules within the Zemedy app. We may also install other third-party modules within the Zemedy App in order to deliver the Service and help Us understand how the Service is used.

What are Your data protection rights?

You have certain rights under the Data Protection Law in relation to the Personal Information that You share with Us. We have tried to make it as easy as possible for You to have control over Your Personal Information. To exercise any of Your rights, please email a request at the contact Information provided in this policy. Please note that We will require You to verify Your identity before responding to any requests to exercise Your rights. We may also limit Your individual rights requests (a) where denial of access is required or authorized by law; (b) when granting access would have a negative impact on other’s privacy; (c) to protect our rights and properties; or (d) where the request is unjustified or excessive. If You have provided and We process Your Personal Information based on this contract, You can always send Us a written email request at the contact Information provided in this policy at any time to check, rectify, erase, or restrict the processing of Your Personal Information. Upon verification of Your identity, We will respond to Your request within one month and in accordance with relevant Data Protection Law. Bold Health will provide You with a request form that You will need to fill and submit back to Us via email. We will verify and erase from our servers only the specific identifiable Information as requested by You, within 72 hours of receiving the filled request form. You have the right to object to the processing of Your Personal Information that is based on legitimate interests for the purposes explicitly mentioned in this policy by sending Us a written email request at the contact Information provided in this policy. You have the right of data portability to receive a digital copy of Your Personal Information in a machine-readable format. You can send Us a written email request at the contact Information provided in this policy. Upon verification of Your identity, We will respond to Your request within one month and in accordance with relevant Data Protection Law. We may charge You a small fee for this service. We do not ask for any Personal Information during Your use of Service. We may at times be unable to address Your request if We are unable to correctly identify You.


If You are not happy about any aspect of the way We collect, share or Use Your Personal Information, please let Us know at the contact Information provided in this policy. You have the right to complain to a Data Protection supervisory authority in Your state of residence.

4. Security

We do our very best to protect ToC BV and the App from unauthorized access, disclosure or destruction of data held by us. We do this through the following protective measures:


All personal information is stored in a separate, extra secure, server that is accessible by you as a user only. So we can assure a very high level of privacy for your personal data.


Data on your device is secured by encryption, only if you have created an account. We follow the NHS Data Standards.

Your data is transferred from your device to our server using HTTPS and TLS for encryption. This means that all information that is sent remains confidential and is not legible by third parties.


Our web development is in compliance with ISO 27001. The ISO 27001 standard sets specific requirements for the security measures and prescribes how safety risks should be assessed and dealt with.

Our hosting provider is in compliance with ISO 27001, ISO 9001, NEN 7510 and has prepared ISAE 3402 type I and II reports. All standards have the aim to secure your data.


In Short: We do not knowingly collect data from or market to children under 13 years of age.

We do not knowingly solicit data from or market to children under 13 years of age. By using the Apps, you represent that you are at least 13 or that you are the parent or guardian of such a minor and consent to such minor dependent’s use of the Apps. If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we have collected from children under age 13, please contact us at


In Short: Yes, we will update this policy as necessary to stay compliant with relevant laws.

We may update this privacy policy from time to time. The updated version will be indicated by an updated “Revised” date and the updated version will be effective as soon as it is accessible. If we make material changes to this privacy policy, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this privacy policy frequently to be informed of how we are protecting your information.


If you have questions or comments about this policy, you may contact our Data Protection Officer (DPO), Jossy Onwude, by email at, or by post to:

Bold Health Limited

Jossy Onwude

The Stables 28 Britannia Street

London, London WC1X 9JF

United Kingdom

8. Governing Law and Dispute Resolution

This Privacy Policy shall be governed by and construed in accordance with the laws of the United Kingdom. The courts in the United Kingdom shall have exclusive jurisdiction in relation to any disputes arising out of or in connection with this Privacy Policy. Bold health is a company based in London. By browsing/using the Services, You hereby acknowledge that Bold Health is not responsible or liable in any manner to comply with any local laws of Your territory except the United Kingdom.