Circular Health
Privacy Policy

Privacy Policy – Circular Health

Last Updated: 28 March 2025

Circular Health Ltd

Registered in Ireland

1. Who We Are

We are Circular Health Ltd, an Irish company committed to helping individuals navigate complex chronic illnesses such as Long COVID, ME/CFS, POTS, and MCAS.

This Privacy Policy outlines how we collect, use, and protect your personal data when you visit our website, join our waitlist, or use our app — in accordance with the General Data Protection Regulation (GDPR) and other applicable privacy laws.

2. What Data We Collect

📝 When You Join the Waitlist

When you sign up for early access via our waitlist (hosted on Typeform), we collect:

  • Email address
  • Self-reported experience managing your illness
  • Your biggest current challenge (optional)
  • Whether you'd like to join as an early beta tester

Some of this information may be considered health-related data under GDPR. We treat it with enhanced care and process it only with your explicit consent.

🌐 When You Visit Our Website

We collect basic analytics and performance data, including:

  • IP address
  • Browser and device type
  • Pages visited and time spent

This information is collected through PostHog and Vercel Analytics to help us understand user behavior and improve our website. No invasive cookies or marketing trackers are used.

👤 When You Use the App (In the Future)

When our app is live and you create an account, we may collect:

  • Name, email, and password
  • Information you choose to share about your health journey
  • App usage and engagement data

We will ask for clear consent before collecting any sensitive health information and will provide additional details at that time.

3. How We Use Your Data

We process your data to:

  • Communicate product updates and send early access invitations
  • Analyze anonymous insights to guide product development
  • Improve website experience and platform functionality
  • Provide personalized support within the app (once launched)

We do not:

  • Sell or rent your personal data
  • Use your information for third-party marketing
  • Share your identifiable health data without your consent

4. Legal Basis for Processing

We rely on the following legal bases under GDPR:

  • Explicit consent – for collecting and processing your waitlist and health-related responses
  • Legitimate interest – to improve our product and understand user needs
  • Contract – when you sign up for the app, we use your data to deliver the service

You may withdraw consent at any time by contacting us at privacy@joincircular.com.

5. How and Where Data Is Stored

We take strong steps to protect your data and store it using secure, privacy-focused tools:

Typeform

For waitlist submissions

PostHog and Vercel Analytics

For website analytics

Google Workspace

For internal communications

Notion

For anonymized research notes only

We do not store identifiable health-related data in Notion or Google Workspace.

Sensitive health data will be stored in HIPAA-ready infrastructure, with appropriate safeguards and access controls. We are actively working to ensure all processing environments meet both GDPR and health privacy standards.

6. Who Can Access Your Data

Your data is accessible only to authorized members of the Circular Health team. Where third-party services are used (e.g., analytics or form tools), we ensure they meet strong privacy and security standards, and we sign Data Processing Agreements (DPAs) or Business Associate Agreements (BAAs) where required.

7. Your Rights Under GDPR

Access your personal data

Request a copy of all data we hold about you

Correct inaccurate or incomplete data

Update your information at any time

Withdraw consent at any time

Opt out of data processing based on consent

Request deletion of your personal data

Exercise your "right to be forgotten"

Object to or restrict data processing

Limit how we use your data

Lodge a complaint

Contact your local Data Protection Authority

To exercise your rights, contact us at: privacy@joincircular.com

8. Data Retention

Waitlist data

Stored for up to 12 months or until product invitations are sent

Analytics data

Retained for up to 12 months in anonymized or aggregated form

App account data

Will be stored as long as your account is active (subject to app-specific data retention policy at launch)

9. Future Updates

We may update this Privacy Policy as our services evolve. If we make significant changes, we will notify users via email or on our website, and seek renewed consent if required.

10. Contact Us

For questions or concerns about this Privacy Policy:

Circular Health Ltd

privacy@joincircular.com

📍Registered in Ireland

(Full company details available upon request)

Return to Home