Update Date: May 20, 2025
Dear users, Zhejiang POCTech Co.,Ltd., (hereinafter referred to as "Zhejiang POCTech" or "we") as data operator, attach great importance to the protection of your personal data, and when you access and use the Yuwell Anytime application (hereinafter referred to as the "App" or "Anytime") developed and operated by us, we will protect your personal data in accordance with this privacy Policy (hereinafter referred to as the "Policy")
This Policy is designed to help you understand what personal data we collect, why we collect it, and how we protect it. We will collect and process your personal data in accordance with the Federal Law No. 152-FZ of July 27, 2006 on Personal Data (Personal Data Law), and other relevant laws and regulations and provide services to you.
Before you use Anytime, please be sure to read and understand this Policy carefully and completely, especially the bold and/or underlined parts. If you wish to use the services provided by the App, please express your explicit consent to this Policy by clicking "Read and Agree", otherwise, please do not use the App or provide us with your personal data.
If you have any questions, comments or suggestions about this Policy, you can contact Customer Service Center in helpdesk@yuyue.com.cn or contact Data Protection Officer in zhangxiaoyu@yuyue.com.cn by email.
✧ Related Definitions:
Personal Data: Any data relating to an identified or identifiable natural person (data subject); an identifiable natural person is one who can be identified, directly or indirectly, in particular by means of an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. The personal data in this Policy refers to your personal data that we collect, store, transmit and use in order to provide services to you.
Continuous Glucose Monitoring ("CGM") System ("product") : A monitoring technology that monitors glucose concentrations in subcutaneous tissue fluid through a glucose sensor to reflect glucose ("blood glucose") level. With Yuwell Anytime app, transmitter, and sensor as the main components.
Anytime: The Yuwell Anytime app, a blood glucose data collection and analysis platform developed and operated by Zhejiang POCTech Co.,Ltd..
Sensor: Medical detector for monitoring blood glucose concentration by subcutaneous tissue fluid of users.
Transmitter: The device collect the biological signal generated by the sensor, convert it into blood glucose data and send it to Anytime via Bluetooth.
User: The natural person who meets the qualification requirements of Anytime users and registers and logs in to the Anytime account through the designated method.
Company Group: The company group composed of the parent company of Zhejiang POCTech Co.,Ltd. and its subsidiaries and branches.
Distributor: The organization that sells our products to you.
This Policy will help you understand the following:
Scope of Application
How to Collect and Use Personal Data
How to Share and Transfer Personal Data
Retention Period of Personal Data
How to Protect the Security of Personal Data
Protection of Minors' Personal Data
Your Privacy Rights
How to Contact Us
Update the Privacy Policy
1. Scope of Application
1.1 As an integral part of the CGM system manufactured by Zhejiang POCTech Co.,Ltd., this App can be used to continuously record, analyze and share your blood glucose levels. This Policy only applies to you when you use the product or service of this App, including collecting blood glucose data with sensor and transmitter, viewing blood glucose data and charts, etc.
1.2 This Policy does not apply to services provided to you by third-party. For example, if our third-party service provider provides services to you through our the App, the data you provide to the service provider does not apply to this Policy.
1.3 The App may contain links to third-party website. Any access to and use of such linked website is not governed by this Policy, but rather by the privacy policy of such third-party website. We are not responsible for the data practice of such third-party website.
2. How to Collect and Use Personal Data
Based on your explicit consent, in order to provide you with the product and service, we collect and use the following personal data after taking appropriate security measures. You should provide us with accurate personal data, otherwise you will not be able to use the corresponding products or services accurately.
2.1 We collect and use the following personal data:
2.1.1 Data you provide directly to us
(a) Account Information
We will collect your email address and registration password and send a verification link to your email address to complete the authentication of your account identity, create, activate and manage your account, including verifying your identity and ensuring account security. If you cannot complete the verification by yourself, you can contact us to help activate your account.
(b) Third-Party Account Information
If you invite a third party to bind your account to view your blood glucose data and related reports, we will collect the third-party account in order to identify the bound object.
(c) Personal Profile
If you fill in your personal profile, we may collect your gender, birthday, height, weight, type of diabetes to better analyze your blood glucose level. In addition, you can customize your profile photo, and we may collect your uploaded photo for profile setting.
(d) Blood Glucose Information
While you are wearing this product, we will collect your blood glucose data continuously for the purpose of recording and analyzing your blood glucose level.
(e) Event Record
We may collect the event (including basic insulin, prandial insulin, GLP-1RA, oral medicine, diet, exercise) recorded by you in the App to better analyze your blood glucose change levels.
2.1.2 Data Collected Automatically
In order to ensure the consistency of this App and provide you with services that better meet your needs, we may collect:
(a) Log Information
We need to keep the necessary logs in order to comply with the applicable GDPR and related laws.
(b) Device and Network Information
We will collect data of the device you use according to the specific permissions you explicitly agree to open when installing and using the App, to provide corresponding services:
| Device Permissions have been Obtained | Information Collected | Purpose of Collection |
|---|---|---|
| Camera, Flashlight | Available or not | Upload photo |
| Front-desk Location Background Location | ACCESS COARSE LOCATION ACCESS FINE LOCATION ACCESS BACKGROUND LOCATION | We don't use the collected location information. The location permission of users of Android 13 and previous versions would be turned on by default at the same time when turning on Bluetooth, the users of after Android 13 and IOS do not turn on location permission and no location data collection. |
| Bluetooth | Available or not | Check whether data can be transmitted |
| Storage | Storage Information | Read the information of the storage space or store information in storage space |
| Network | Available or not | Check whether the network environment meets the use conditions of products or services |
| Vibrate | Available or not | To alert users of events |
| Notification | Available or not | Check whether notification can be sent to the user |
| Modify configuration (such as language, keyguard) | Configuration setting information | Determine under what configuration to provide products or services |
2.2 How we use your personal data
We will use your data in accordance with the purposes and methods disclosed in this Policy, and if we need to change the above purposes and types of data, or if we use the data for other purposes not specified in this Policy, or use the data collected for specific purposes for other purposes, we will obtain your explicit consent in advance as required by related personal data protection laws.
3. How to Share and Transfer Personal Data
3.1 We will not share your personal data with other organizations and individuals except in the following circumstances:
(a) Sharing by companies within the company group: After obtaining your explicit consent, we may share your personal data with companys within company group as data processors when it is necessary for the relevant entities according to their functions, and ensure the security of personal data through secure transmission and division of authority.
(b) Sharing with distributors: If you feedback the possible problems of the product to distributors for support, we will reply to you through the original channel after troubleshooting the problems. This process may involve us sharing your personal data with distributors, and we will take access control and other means to ensure the safety of personal data.
(c) Sharing in the Event of a Merger or Division of a Company:In the event of a merger, acquisition or bankruptcy liquidation between us and another legal entity, or other circumstances involving a merger, acquisition or bankruptcy liquidation, if the transfer of personal data involved, we will require the new organization holding your personal data to continue to be bound by this Policy and obtain your explicit consent again.
3.2 We provide you with the option to transfer your personal data:
(a) Transferring to Bound Users through "Follow": If you use the "Follow" function of the App, after you provide the recipient account, we will transmit your blood glucose data to the third-party user bound to you through secure transmission based on your request, and you should confirm the identity of the third party and whether the account is accurate before initiating the sharing.
(b) Transferring to glooko:In order to provide you the blood glucose analysis report that meets glooko's standards, we will share your information with glooko in a secure manner based on your request after you visit glooko website through the App. For the subsequent processing of your personal data, please refer to glooko website.
3.3 Due to global data management, these recipients may be located in countries other than the country in which the personal data was originally collected. These countries may not have the same data protection laws as the country in which you initially provided the data. When we transfer your personal data to recipients in other countries, we will implement appropriate safeguards to ensure an adequate level of data protection under applicable law. This may include selecting partners located in countries that are recognized as providing an adequate level of data protection (such as the membership of Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data) and, where applicable, implementing the protective measures stipulated by relevant laws or notifying the Roskomnadzor or other competent authorities in accordance with the law.
3.4 We will sign strict Confidentiality Agreement and Data Protection Agreement with the receivers, and require them to process your personal data in accordance with laws, this Policy and take any necessary security measures.
4. Retention Period of Personal Data
We will retain your personal data for the period necessary to provide you with services, however, if laws and regulations provide otherwise for the retention period, you agree to retain it for a longer period, ensure the safety and quality of services, achieve the purpose of dispute resolution, and it is technically difficult to achieve it, we will extend the retention period after the expiration of the aforesaid retention period, in accordance with the law, in accordance with the agreement or within a reasonable range. After the retention period has expired, we will delete or anonymize your personal data in accordance with the statutory provisions.
5. How to Protect the Security of Personal Data
5.1 We take the security of your personal data very seriously. In order to ensure the security of your personal data, we have taken appropriate data security protection measures to protect your personal data from unauthorized access, use, modification, public disclosure, damage or loss. For example:
(a) Ensure the security of personal information from many aspects such as security management organization and policy.
(b) Implement security management measures such as database EBS snapshot strategy and status alarm strategy to effectively protect the integrity and security of personal data.
(c) Implement data authority management for employees, and gradually establish a data classification and grading system to ensure that only authorized personnel can access personal data;
(d) Implement strict Confidentiality Management for personnel involved in data use and security management, and regularly carry out training related to data security protection.
5.2 In the unfortunate event of a personal data security incident (such as unauthorized access, use, modification, public disclosure, damage or loss), we will promptly inform you of the basic situation and possible impact of the security incident, the measures we have taken or will take to deal with it, the suggestions you can take to prevent and reduce the risk independently, and the remedial measures for you in accordance with the requirements of laws and regulations. When it is difficult to notify the personal data subject one by one, we will make an announcement in a reasonable and effective manner.
5.3 At the same time, we will report the handling situation of personal data security incidents as soon as possible in accordance with the requirements of the regulatory authorities.
5.4 If our products and services cease to operate, we will take reasonable steps to protect the security of your personal data, including promptly stopping activities that collect data. Notification of cessation of operation will be notified in the form of a notice or announcement on a case-by-case basis, and the stored personal data will be deleted or anonymized.
6. Protection of Minors' Personal Data
We take the protection of minor's information very seriously. Please be aware that our products and services are only intended for adults over the age of 18, minors under 18 should not use this product. If you accidentally use this product on a minor under 18, please immediately notify us to take reasonable steps to delete the relevant personal data. If we become aware that we have collected personal data from a minor under 18 without the authorization of parent or guardian, we will take reasonable steps to delete it as soon as possible.
7. Your Privacy Rights
7.1 We will strive to safeguard your rights in our personal data processing activities, including but not limited to:
(a) Right of Access
Request access to the personal data we hold about you. Your request should include a detailed and accurate description of the personal data you wish to access.
(b) Right to Rectification
Request to correct data that you believe is inaccurate or incomplete.
(c) Right to Restriction of Processing
Ask us to limit or restrict our use of your personal data according to your legal requirements and specific circumstances.
(d) Right to Data Portability
Ask us to offer the personal data you have provided to us in a structured, commonly used, machine-readable and reasonable format and, where technically feasible, to transfer the data to other entity. This right only applies to providing us with your personal data with your consent or as a party to the contract.
(e) Withdrawal of Consent
Withdraw your consent to the use of your personal data that you have previously provided to us. If you do so, this will not affect the lawfulness of the personal data we processed before you withdraw your consent.
(f) Right to Erasure
Request us to delete your personal data. Please note that we may not be able to delete all your personal data. In this case, we will clearly tell you the reason and take appropriate measures to protect your personal data and ensure that it will not be used again.
(g) Right to Complaint
If you have any suggestions on our protection of your privacy rights, you can contact us directly to feedback, and you also have the right to complain to the supervisory authority.
7.2 If you wish to exercise your rights, please contact us as specified in the "How to Contact Us" section below. We may ask you to confirm your identity before we process your request.
7.3 Respond to your request
We will respond to your request within the time limits stipulated by the Federal Law No. 152-FZ of July 27, 2006 on Personal Data and other relevant laws. If you are not satisfied with our response, you can continue to contact us through the contact information described in this Policy.
8. How to Contact Us
8.1 If you have any questions or suggestions about the content of this Policy, or wish to exercise your rights or have other matters, you can contact Customer Service Center in helpdesk@yuyue.com.cn or contact Data Protection Officer in zhangxiaoyu@yuyue.com.cn by email. You can also write to the following address:
Data Protection Officer
Zhejiang POCTech Co.,Ltd.
No.1633 Hongfeng Road
Building 11 & 12
Huzhou City
Zhejiang
313000
China
8.2 We have an Europe representative:
Representative name: Metrax GmbH
Representative address: Rheinwaldstr. 22, 78628 Rottweil, Germany
9. Update the Privacy Policy
Our Privacy Policy may be updated periodically to reflect changes in the way we process personal data, and the updated time will be marked at the beginning of the Privacy Policy. We will not limit your rights under this Policy without your explicit consent. We will use reasonable efforts to prompt you to read the updated Privacy Policy.