View our Terms and Conditions

Privacy Policy Notice

Version: 2.0 dated August 3, 2021

Data privacy questions and answers

Healium, a StoryUP, Inc. company, is all about reducing stress and learning about one’s own mental health. The last thing that we want to create is stress for our customers in how we use their data. The entire design of our application is built around the security and privacy of your data. This privacy notice is designed to assist you in understanding how we collect, use, share and safeguard the information relating to you as an identified or identifiable natural person that we maintain in an accessible form (“Personal Data”). This privacy notice applies to Personal Data that you provide to us in using our website, including our online store (collectively, “Site”), our Healium application (“App”), and the products and services provided through our Site and App (“Services”).

1) About Healium

2) How We Use Personal Data

3) How We Collect Personal Data

4) Personal Data We Collect

5) Cookies & Other Tracking Technologies

6) Third Party Processors

7) Legal Basis for Personal Data Processing

8) Storage and Retention of Personal Data

9) Rights of the Individual

10) Security

11) Third-Party Links

12) Children’s Privacy

13) Notice to Nevada Residents

14) Notice to California Residents

15) Contacting Healium

16) Updates to this Privacy Notice

1) About Healium

Healium is a clinically validated mental fitness channel that uses virtual and augmented reality apps for the self-management of stress and anxiety. Unlike traditional meditation, Healium is active, immersive, and visual. It’s the world’s first virtual and augmented reality media channel powered by brainwaves and heart rate.

Our office is located at 4013 Frontgate Drive, Suite 107, Columbia, Missouri 65203. See “Contacting Healium” below for additional information.

2) How We Use Personal Data

The Personal Data that we collect allows us to process data for you to make use of our Services. Data collected during the active use of the App is stored in the Healium Dashboard for your retrieval for future use.

Additionally, we may use the Personal Data we collect to:

–Process your subscription.

–Process and fulfill your product order.

–Email you our newsletter or blog posts.

–Contact you regarding our products and services that may be of interest to you.

–Communicate with you about our Site, App, or Services, or to inform you of any changes to the same.

–Provide support.

–Maintain and improve our Site, App, and Services.

–Defend our legal rights and the rights of others.

–Efficiently maintain our business.

–Comply with applicable law.

From time to time, Healium may extract an anonymized set of data from our cloud-based environment. What this means is we take a small sample of the data stored in the cloud, and then remove all of the Personal Data leaving just the session data in place. This non-identifiable data set is then used for the development of our solutions.

3) How We Collect Personal Data

We collect Personal Data that you voluntarily provide to us or that is automatically collected through your use of the Site and App. Personal Data is collected through the App in one of four ways:

–A compatible EEG headset device that syncs data with the App.

–A smart device that has sensors to collect biometric information such as heart rate.

–You as the user, by entering responses and logging into the App.

4) Personal Data We Collect

You may voluntarily provide the following Personal Data to us through your use of the Site:

–Contact Us: When you complete our online form, we will collect your email address and any additional Personal Data you choose to provide, including your first and last name.

–Subscribing to our Newsletter or Blog: To subscribe to our newsletter or blog posts, we will collect your email address.

–Chatbox: If you choose to utilize our Site’s chat-box, we will collect any Personal Data that you choose to provide.

–Purchase: If you purchase a product through our online store, we [through our third-party payment processor] will collect your email address, first and last name, shipping address, phone number, and credit card and billing information.

–Customer Account: To create a customer account on our online store, we will collect your email address and you will create a password. The password is masked so we do not collect or store your password. You will use these credentials to login to your customer account.

–Dashboard: If you subscribe to our Services, we will collect your email address and password when you register and login to the Healium Dashboard.

We automatically collect the following Personal Data through your use of the Site, App, and Services:

–Usage Information: We collect information such as which of the pages on the Site or App you access, the frequency of access, and what you click on while on the Site and App.

–Device Information: We collect information about the device you are using, such as hardware model, operating system, application version number, and browser.

–Mobile Device Information: In addition to device information listed above, when you access the App or access our Site via a browser on your mobile device, we collect and aggregate information about whether you are accessing the Site via a mobile device or tablet, device type, and carrier.

–Location Information: We collect location information from Site and App visitors on a city-regional basis.

If you use our App, we will collect the Personal Data outlined in the table below. The table is organized into four parts:

– Field Category: This tells the type of data that we are collecting.

-Direct/Indirect: There are generally two ways that the data collected in each category are associated with a person, either directly or indirectly. Directly related means that the data collected, by itself, can identify you as an individual. Indirectly related means that the data collected are related to you as an individual but would only be able to be connected to you if other direct identifiers were also present.

–Description: Details regarding the category of data collected are provided.

–Purpose: An explanation as to the reason why we need to collect this data is provided.

Types of Data We Process

5) Cookies & Other Tracking Technologies

–How We Use Cookies:

Like many other companies, we use cookies and other tracking technologies (such as pixels and web beacons) (collectively, “Cookies”). “Cookies” are small files of information that are stored by your web browser software on your computer hard drive, mobile or other devices (e.g., smartphones or tablets).

We may use Cookies to:

  • Estimate audience size and usage patterns;
  • Understand and save your preferences for future visits, allowing us to customize the Site, App, and Services to your individual needs;
  • Advertise new content and services that relate to your interests;
  • Keep track of advertisements and search engine results;
  • Compile aggregate data about site traffic and site interactions to resolve issues and offer better site experiences and tools in the future; and
  • Recognize when you return to the Site or App.

We set some Cookies ourselves and others are set by other entities. We use Cookies set by other entities to provide us with useful information to help us improve our Site, App, and Services, to conduct advertising, and to analyze the effectiveness of advertising. For example, we use Cookies from Google, Facebook and other similar companies.

–How You Can Opt-Out of Cookies:

Browser Settings

Cookies can be blocked by changing your Internet browser settings to refuse all or some Cookies.  If you choose to block all Cookies (including essential Cookies) you may not be able to access all or parts of the Site.

You can find out more about Cookies and how to manage them by visiting or

Platform Controls 

You can opt out of Cookies set by specific entities by following the instructions found at these links:

Advertising Industry Resources

You can understand which entities have currently enabled Cookies for your browser or mobile device and how to opt-out of some of those Cookies by accessing the Network Advertising Initiative’s website or the Digital Advertising Alliance’s website. For more information on mobile specific opt-out choices, visit the Network Advertising Initiative’s Mobile Choices website.

Please note that these opt-out mechanisms are specific to the device or browser on which they are exercised. Therefore, you will need to opt out on every browser and device that you use.

–“Do Not Track” Signals:

Some internet browsers incorporate a “Do Not Track” feature that signals to websites you visit that you do not want to have your online activity tracked. Given that there is not a uniform way that browsers communicate the “Do Not Track” signal, the Site does not currently interpret, respond to or alter its practices when it receives “Do Not Track” signals.

6) Third Party Processors

To ensure that your Personal Data receives an adequate level of protection, we have put in place appropriate procedures with the service providers we share it with to ensure that it is treated consistent with applicable data security and privacy laws. For example, we use third-party payment processors to process online orders and Amazon Web Services.

–Google Analytics: We use Google Analytics, a web analytics service provided by Google, Inc.  Google Analytics uses Cookies or other tracking technologies to help us analyze how users interact with the Site and Services, compile reports on their activity, and provide other services related to their activity and usage.  The technologies used by Google may collect information such as your IP address, time of visit, whether you are a returning visitor, and any referring website.  The technologies used by Google Analytics do not gather information that personally identifies you.  The information generated by Google Analytics will be transmitted to and stored by Google and will be subject to Google’s privacy policies.  To learn more about Google’s partner services and to learn how to opt-out of tracking of analytics by Google, click here.

–Google reCAPTCHA: We use Google reCAPTCHA, a free service provided by Google, Inc., to protect our Site from spam and abuse. Google reCAPTCHA uses advanced risk analysis techniques to decipher humans and bots. Google reCAPTCHA works differently depending on what version is deployed.  For example, you may be asked to check a box indicating that you are not a robot or Google reCAPTCHA may detect abusive traffic without user interaction.  Google reCAPTCHA works by transmitting certain types of information to Google, such as the referrer URL, IP address, visitor behavior, operating system information, browser and length of the visit, cookies, and mouse movements.  Your use of Google reCAPTCHA is subject to Google’s Privacy Policy and Terms of Use.  More information as to Google reCAPTCHA and how it works is available here.

7) Legal Basis for Personal Data Processing

The legal basis for collecting and using the Personal Data described above will depend on the Personal Data concerned and the specific context in which we collect it, which is discussed below.

–Consent: The App requests your consent upon download and asks you to renew that consent as signified by each time you login and use the application. You have the right to withdraw your consent at any time without affecting the lawfulness of the processing based on consent before its withdrawal.

–Our Legitimate Interests: We may process your Personal Data if doing so is necessary for our legitimate interests and your rights as an individual do not override those legitimate interests. For example, we process your Personal Data to carry out fraud prevention activities and activities to increase network and information security, identify usage trends, determine the effectiveness of promotional campaigns, expand our business activities and improve our services and the content and functionality of our Sites.

–To Perform a Contract: We may process your Personal Data to administer and fulfill contractual obligations to you.

–To Enable Us to Comply with a Legal Obligation: We may process your Personal Data to comply with legal obligations to which we are subject. This may include any requirement to produce audited accounts, any legal obligation to share information with law enforcement agencies, public or governmental authorities, and to comply with legal process.

–Necessary for the Exercise or Defense of Legal Claims: If you bring a claim against us or we bring a claim against you, we may process your Personal Data in relation to that claim.

If you have any questions about or need further information concerning the legal basis on which we collect and use your Personal Data for any specific processing activity, please contact us using the “Contacting Healium” section below.

8) Storage & Retention of Personal Data

The data collected and used by the Healium application can be found in two places:

–On your smart device to which you downloaded the App. This data is then processed into new data that tells you the progress you are making in an active session. This new data is then transmitted to the cloud.

–Healium utilizes a medical-grade data security solution to store our data. The cloud-based environment stores information on servers located in the United States of America.

We will retain your Personal Data for as long as necessary to fulfill the purposes for which we collect it and as set out in this Privacy Notice and for the purpose of satisfying any legal, accounting, or reporting requirements that apply to us.

9) Rights of the Individual 

  1. a) Individuals whose data are processed by Healium have the following rights related to protecting personal information:

–Right to Know: The individual has a right to obtain from us confirmation as to whether or not we are processing their Personal Data and, if so, the right to be provided with the information contained in this Privacy Notice.

–Right to File Complaint: Individual may file a complaint with Healium about concerns related to how data is being processed. If, for whatever reason, the individual feels we do not meet the standards expected of us, they are also entitled to make a complaint with a local supervisory authority (as applicable):

EU Data Protection Authorities (DPAs)

Swiss Federal Data Protection and Information Commissioner (FDPIC)

Information Commissioner’s Office (United Kingdom)

–Right to Access: Individuals have a right to access information about data being stored about them.

–Right to Rectify: Individuals have the right to rectify inaccurate Personal Data and to have incomplete Personal Data completed.

–Right to Restrict Use: Individuals have the right to place restrictions on our use of their Personal Data if they contest the accuracy of the Personal Data that we hold and we are verifying its accuracy; if we have used their Personal Data unlawfully (and they request restriction of its use rather than erasure); if we no longer need the Personal Data for the purpose(s) for which we collected it but they need it to deal with a legal claim; or they have objected to our use and we are analyzing whether our legitimate grounds override their right to object.

–Right to Object: Individuals have the right to object to our use of their Personal Data where our reason for using it is based on our legitimate interest or their consent.

–Right to Data Portability: Individuals have the right to have their Personal Data transferred in electronic copy to them or another party of their choosing. This right applies to Personal Data we are processing to service a contract with the individual and to Personal Data we are processing based on the individual’s consent. All requests to access data by an individual and is approved per legal requirements will be provided through a common data format. These formats will either be a comma-separated values file or a PDF document.

–Right to be Forgotten: An individual may request that their individual data, contained within Healium, is erased. However, this is not an absolute right. A request for eraser will be reviewed, and a decision communicated to the requestor as required by law.

  1. b) To exercise any of these rights, please contact us per below.

10) Security

We maintain commercially reasonable security measures to protect the Personal Data we collect and store from loss, misuse, destruction, or unauthorized access. However, no security measure or modality of data transmission over the Internet is 100% secure. Although we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee absolute security.

11) Third-Party Links

The Site contains links that will let you leave the Site and access another website. Linked websites are not under our control. This Privacy Notice applies solely to Personal Data that is acquired by us on our Site, App, and through our Services. We accept no responsibility or liability for these other websites.

12) Children’s Privacy

The Site, App, and Services are not intended for children under 13 years of age. We do not knowingly collect, use, or disclose personal information from children under 13.

13) Notice to Nevada Residents

Nevada law allows Nevada residents to opt-out of the sale of certain types of personal information. Subject to several exceptions, Nevada law defines “sale” to mean the exchange of certain types of personal information for monetary consideration to a person for the person to license or sell the information to additional persons. We do not currently sell personal information as defined in the Nevada law. However, if you are a Nevada resident, you still may submit a verified request to opt-out of sales and we will record your instructions and incorporate them in the future if our policy changes. Opt-out requests may be sent to .

14) Notice to California Residents

We do not disclose personal information obtained through our Site, App, or Services to third parties for their direct marketing purposes. Accordingly, we have no obligations under California Civil Code § 1798.83.

15) Contacting Healium

If you want to exercise your data privacy rights or you have any questions about this privacy notice, please contact us by one of the following methods:

1906 Corona

Suite 200

Columbia, Missouri 65203

Attn: Data Privacy Officer



16) Updates to this Privacy Notice

Healium reserves the right to change this privacy notice as needed. If we do, we will post an amended version on our website here:

View our Terms and Conditions

No notifications