INLIGHTBP PRIVACY STATEMENT
Version 1.0 – November 2025
Scope
This InLightBP Privacy Statement ("Privacy Statement") applies in the locations where the InLightBP App is made available, including the European Economic Area (“EEA”), the United Kingdom (“UK”), Switzerland, and other relevant locations where we operate. The InLightBP Privacy Statement, together with the InLightBP Terms of Use ("Terms of Use") applies to your use of:
• Mobile application software 'InLightBP’ and any updates or supplements to it ("App"), once you have downloaded a copy of InLightBP onto your smartphone or other handheld device ("Device"); and
• Remote blood pressure measurement powered by LifeLight (Xim Limited) (“Service”) which is available for a limited amount of time upon downloading
For the purpose of applicable EEA, UK, Swiss, and other relevant data protection legislation in locations where we operate, the data controller responsible for this App is OMRON Healthcare Co., Ltd ("OMRON" or “We”) based in Japan. OMRON Healthcare Europe B.V. acts as OMRON's representative in the European Union ('EU'), OMRON Healthcare UK Limited acts as OMRON’s representative in the UK, and OMRON Electronics AG acts as OMRON’s representative in Switzerland. They shall serve as a point of contact for any inquiries.
This Privacy Statement sets out the basis on which any personal data OMRON collects from you, or that you through the App or Services, provide to OMRON will be processed by OMRON.
The App is not intended for children, and OMRON does not knowingly collect data relating to children under the age of 18.
Please read the following carefully to understand OMRON’s views and practices regarding your personal data and how OMRON will treat it.
Information OMRON may collect from you
All personal data OMRON may collect from you will be encrypted with up-to-date encryption techniques to assure that your personal data cannot easily be accessed and/or read by unauthorized third parties.
OMRON collects and processes the following data about you and your Device:
1. Information that you give OMRON about yourself if you contact OMRON for support, in which case OMRON will keep a record of that correspondence.
This information may include:
• your name and e-mail address (“Contact Information”);
• the model of Device you use, your mobile operating system, , storage capacity and available storage information of the Device, application error log, your region and selected account country (“Technical Information”).
2. Details of your use of the App including, but not limited to traffic data, application usage data, other communication data, (“Log Information”);
3. Your e-mail address(“Contact Information”).
When you use the App with the Service, OMRON will additionally collect and process, either directly or by making use of third parties, the following information about you and your Device:
1. your height, gender, age , (“User Profile Information”);
2. the model of Device you use, your mobile operating system,) (“Technical Information”);
3.Signal-derived red, green and blue (RGB) average numbers based on analysis of tiny colour changes of the face with each pulse beat, blood pressure estimation, , (“Measurement Information”);
4. general trackers information, entered manually as part of in-app survey (“General Trackers Information”).
How OMRON use your information
OMRON use information held about you in the following ways:
For the performance of OMRON’s agreement with you:
• Contact Information: handle your enquiries.
• General Trackers Information: to operate the Service, to handle your enquiries
• Log Information: to operate the Service, to handle your enquiries
• Measurement Information: to operate the Service, to handle your enquiries
• Technical Information: to operate the Service, to handle your enquiries.
• User Profile Information: to operate the Service, to handle your enquiries.
For OMRON’s legitimate commercial interests:
• General Trackers Information: to develop or improve our products and services and to analyse anonymized, aggregated data to understand usage trends.
• Log Information: to develop and improve our products and services.
• User Profile Information: to ask you to fill in questionnaires, to develop or improve our products and services, to provide healthy lifestyle advice or promotional information, and to analyze anonymized , aggregated data to understand usage trends
Following your explicit consent:
• Contact Information: to inform you of products and/or services OMRON offers.
• Measurement information: to operate the Service
Disclosure of your information
In line with this Privacy Statement, OMRON may engage third parties to support the processing of certain personal data from the categories listed below, strictly for the outlined purposes:
Category of data | Recipient | Purpose |
Technical Information Contact Information User Profile Information Measurement Information General Trackers Information Log Information | Xim Limited | Delivering measurement results Customer support |
Log information Technical Information | Google Ireland Limited (GA4) | Application usage analytics |
Log Information General Trackers Information | Google Ireland Limited (Google SDK) Meta Platforms Ireland Limited | Marketing Communications |
Technical Information Contact Information General Trackers Information | OMRON Healthcare Europe B.V. | Data analysis and marketing Customer support |
OMRON may disclose your personal information to (other) third parties:
• In the event that OMRON sell or buy any business or assets, in which case OMRON may disclose your personal data to the seller or buyer of such business or assets.
• If OMRON is under a duty to disclose or share your personal data in order to comply with any legal or regulatory obligation or request.
• In order to:
• Enforce or apply the InLightBP Terms of Use or to investigate potential breaches; or
• Protect the rights, property or safety of OMRON, OMRON’s customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection.
Transfer of your information outside the EEA
Generally, the data that OMRON collects from you will be transferred to, and stored at, a destination inside the European Economic Area (“EEA”). Your personal data may also be transferred to and used in countries outside the EEA for the purposes described in this Privacy Statement. Such countries may not have the same level of protection for your information as the country in which you reside.
OMRON ensures that all such data transfers are in accordance with applicable data protection legislation, including the General Data Protection Regulation (EU) 2016/679 ("GDPR"), the United Kingdom General Data Protection Regulation ("UK GDPR"), the Data Protection Act 2018 ("DPA 2018"), the Swiss Federal Act on Data Protection ("FADP"), and other relevant data protection laws in locations where we operate.
OMRON relies on Standard Contractual Clauses (“SCCs”) in its latest versions as approved by the relevant authorities, adequacy decisions where applicable, or other appropriate legal instruments ensuring appropriate safeguards, to ensure that any personal data leaving the EEA, UK, Switzerland or other locations where we operate, will be transferred in compliance with applicable data protection laws. SCCs are standardized contractual clauses used in agreements between data exporters and data importers (e.g., controllers (such as OMRON) and their data processors) to ensure that personal data transfers comply with EEA, UK, Swiss and other data protection laws.
Security measures
OMRON has implemented technical and organizational measures to protect your information against unauthorized access, use and disclosure. All information you provide to us is stored on secure servers. Any data transfer will be encrypted using Secured Sockets Layer technology..
Unfortunately, the transmission of information via the internet is not completely secure. Although We will do our best to protect your personal data, OMRON cannot guarantee the security of your data transmitted to the Service; any transmission is at your own risk. Once OMRON have received your information, OMRON will use strict procedures and security features to prevent unauthorised access.
Retention of your information
OMRON will retain your information in compliance with the applicable law. No account creation is required to use the app. We do not collect or store personally identifiable information for registration or login purposes.The measurement functionality is available for a limited period of 14 days from the date of download. Measurement results are not stored within the app. All readings are processed securely by Xim Limited through the integrated LifeLight SDK.
The data processed by Xim Limited through the LifeLight SDK is used exclusively to deliver measurement results and improve the accuracy of the service. It is not used for marketing, profiling, or shared with third parties for commercial purposes.
As the legal manufacturer of the device, xim Ltd is required to retain data related to measurements, including biometrics, signal quality, and generated results, for a period of 10 years. This is in compliance with regulatory requirements to ensure data availability for verifying device performance and safety.
The SDK operates within strict boundaries and does not access other device features such as contacts, location, or media files. Users may disable measurement functionality at any time by uninstalling the app or contacting support.
Your rights
Based on European data protection legislation you have several rights with regards to our processing of your personal data, including:
• Right of access. You may ask us for confirmation as to whether We process your personal data. If so, We will grant you access to that personal data and provide you with a copy of the data upon request.
• Right of rectification. If you discover errors in the personal data that is being processed by us, you have the right of rectification. Likewise, you have the right to complete the data if incomplete.
• Right to erasure. You may ask us for erasure of your personal data. Please refer to the process described in section ‘How to cancel your account’.
• Right to restrict processing. If you want to restrict processing, you cannot continue to use the Service. Please refer to the process described in section ‘How to cancel your account’. You may decide to continue to use the App without using the Service.
• Right to object to processing. You may object to the processing of your personal data where it is based on legitimate interests. If you exercise this right, OMRON will assess whether there are compelling legitimate grounds to continue processing. You also have the right to object at any time to the processing of your personal data for direct marketing purposes, in which case OMRON will cease such processing immediately.
• Right to withdraw consent. If you want to withdraw your consent to our processing of your personal data, you cannot continue to use the Service. Please refer to the process described in section ‘How to cancel your account’. You may decide to continue to use the App without using the Service. • Right to data portability. You can export your personal data by using the ‘export’ function in the App to get a copy of your personal data in a structured, commonly used and machine-readable format.
• Right to lodge a complaint. In case you may have a question or complaint about how We process your personal data, you may contact us as described in the ‘Contact’ section. Alternatively, you may consider lodging a complaint with a supervisory data protection authority, including the UK Information Commissioner's Office (ICO), the relevant EU Data Protection Authority, or the Swiss Federal Data Protection and Information Commissioner (FDPIC) or other, depending on the country of personal data processing.
Partners
The App may contain links to and from OMRON’s partners and affiliates. If you follow any of these links, please note that they (OMRON’s partners and affiliates) have their own privacy policies and that OMRON do not accept any responsibility or liability for these policies or for any personal data that may be collected by them. Please check their policies before you submit any personal data to them.
Changes to privacy statement and our duty to inform you of changes
We keep OMRON’s privacy policy under regular review.
This version was last updated in November 2025 . It may change and if it does, any material changes will be notified to you when you next start the App. The new policy may be displayed on-screen, and you may be required to read and accept the changes to continue your use of the App or the Services. If you choose to not accept these changes, you cannot continue to use the App.
It is important that the personal data We hold about you is accurate and current. Please keep OMRON informed if your personal data changes during OMRON’s relationship with you.
Contact
If you have any concerns, questions, comments related to data protection you can contact us using the following mail address: [email protected].
You can contact us also through our representatives in the EU via email to Healthcare@[email protected] , the ‘contact us’ function within the App, or by regular mail to:
OMRON Healthcare Europe B.V., Marketing and Communication Department
Wegalaan 73, 2132 JD Hoofddorp The Netherlands
OMRON Healthcare UK Limited
Opal Dr, Milton Keynes MK15 0DG United Kingdom
OMRON Electronics AG
Blegistrasse 3, 6340 Baar Switzerland
OMRON Healthcare Co., Ltd.
53 Kunotsubo, Terado-cho, Muko, Kyoto Japan