Privacy Policy
Last updated: 8 June 2026
1. Who we are
WorkMyHealth provides a workplace wellness platform. For end-user activity data, the workspace's organization is the data controller and WorkMyHealth acts as data processor.
2. Data we collect
Account data (email, name), workspace data (organization name, settings), and activity data (logged trainings, points). We do not collect location data and do not sync with third-party health apps unless you explicitly enable an integration.
3. How we use data
To deliver the Service, authenticate users, render scoreboards, send transactional emails (invitations, password resets), and bill subscriptions.
4. Legal basis (GDPR)
Contract performance for service delivery, legitimate interest for security and product improvement, and consent where required (e.g., marketing emails).
5. Sharing
We share data only with sub-processors strictly needed to run the Service (hosting, payment processing, email delivery). We do not sell personal data.
6. Storage and security
Data is stored in the EU. Each workspace is logically isolated with row-level security. We use industry-standard encryption in transit and at rest.
7. Retention
We keep workspace data while the workspace is active. On deletion, data is removed within 30 days, except where retention is legally required.
8. Your rights
You have the right to access, rectify, delete, restrict, and port your personal data, and to lodge a complaint with your data protection authority. Contact privacy@workmyhealth.com.
9. Cookies
We use only essential cookies needed for authentication and session management. No advertising trackers.
10. Contact
Questions: privacy@workmyhealth.com