Last updated: April 21, 2026

Privacy Policy

How ElioHealth processes personal data in the private pilot

Effective date: April 21, 2026
Last updated: April 21, 2026

This Privacy Policy explains how Tellme Technology Limited (“ElioHealth”, “we”, “us”, or “our”) processes personal data in connection with the ElioHealth website, application, dashboards, wearable integrations, and related participant services.

ElioHealth is a limited, invite-only wellness pilot. The service is designed to operate on a direct-identifier-free and pseudonymous basis wherever reasonably possible. We aim not to routinely retain names, personal email addresses, phone numbers, postal addresses, or other direct identifiers in the analytics environment. However, wearable wellness data linked to an account, device, or authorization token may still constitute personal data and, in many cases, special category data concerning health under applicable data protection law. We therefore treat the information processed through ElioHealth as regulated personal data and apply heightened privacy and security measures.

ElioHealth is not described as anonymous for legal purposes. Where data can still be linked back to a participant through separately held information, it is treated as pseudonymous personal data and protected accordingly.

1. Controller

The controller of personal data processed through ElioHealth is:

Tellme Technology Limited
Address: UNIT 506, 5/F, NEW WORLD TOWER 1, 18 QUEEN'S ROAD CENTRAL, HONG KONG
Privacy contact: enquiry@eliohealth.app
General support: enquiry@eliohealth.app
Legal contact: enquiry@eliohealth.app
Website: https://eliohealth.app

ElioHealth has not appointed an EU or UK representative for this private Hong Kong pilot. If the service is later offered in a way that requires one, this Policy will be updated.

2. Scope of this Policy

This Privacy Policy applies to:

the ElioHealth website;
the ElioHealth application and dashboards;
current Oura account connection and synchronization;
future supported wearable integrations, if and when launched;
participant-advisor communications conducted within ElioHealth, where enabled; and
support and operational interactions related to the service.

This Policy does not govern processing performed independently by Oura or any other third-party service provider acting under its own privacy policy.

3. Our Privacy Model

ElioHealth is designed around the following privacy principles:

3.1 Data minimization

We request and process only the categories of data reasonably necessary for the pilot features we provide.

For the current pilot, ElioHealth is designed to avoid requesting Oura scopes that are not necessary for the service, including direct-identifier-related scopes unless a specific operational need requires them.

3.2 Direct-identifier-free analytics environment

We do not intentionally store names, personal email addresses, phone numbers, postal addresses, or similar direct identifiers in the analytics database.

3.3 Pseudonymous account structure

Each participant is represented by a random internal identifier and a platform-generated alias. Advisor-facing workflows use the alias rather than direct personal identifiers.

3.4 Separation of systems

OAuth credentials, provider account references, consent records, and any necessary operational contact-routing data are stored separately from the analytics database and are subject to enhanced access restrictions.

3.5 Consent-led visibility

We do not enable advisor, coach, or program-staff visibility into a participant’s wearable-derived data unless that participant has provided explicit consent for such access.

3.6 Security by design

We use encryption, access controls, environment separation, security logging, and deletion workflows to reduce privacy risk.

4. Categories of Data We Process

4.1 Wearable wellness data

If you connect an approved wearable source, we may process selected categories of data that you authorize, which in the current pilot may include data derived from Oura such as:

sleep summaries and sleep stage information;
activity summaries;
readiness or recovery-related summaries;
heart rate and related time-series data;
workout or session summaries;
blood oxygen summaries where supported; and
other wearable-derived wellness metrics that you expressly authorize.

4.2 Connection and authorization data

We may process technical data required to establish and maintain the connection, including:

OAuth authorization codes, access tokens, refresh tokens, and token metadata;
provider-specific application or user references;
synchronization timestamps;
permission grants and revocations; and
error and diagnostic events necessary to maintain the integration securely.

4.3 Participant alias and internal account data

We may process:

a random internal participant identifier;
a platform-generated alias;
consent status and consent history;
service-status flags; and
advisor-assignment status where applicable.

4.4 Communications data

If you choose to communicate with us, receive program updates, or enable a communications channel, we may process:

the content of your messages to us;
support correspondence;
delivery metadata;
and, where strictly necessary, the minimum routing data required for the chosen channel.

Where a communications channel is enabled at your request, the minimum routing data necessary for that channel may be stored separately under enhanced access restrictions.

4.5 Website and security data

We may process limited technical and security information such as:

IP addresses and network metadata;
authentication events;
access logs;
device or browser metadata where needed for security or compatibility; and
audit records relating to privileged access.

5. Data We Do Not Routinely Retain in the Analytics Database

Unless a specific operational or legal need requires otherwise, ElioHealth does not routinely retain the following in the analytics database:

real names;
personal email addresses;
phone numbers;
postal addresses;
government-issued identifiers;
payment card data; or
unrelated location-tracking data.

6. Purposes of Processing and Legal Bases

We process personal data only where we have an appropriate legal basis.

6.1 Service provision and dashboard operation

We process data to operate the platform, synchronize authorized data, display participant dashboards, and maintain the service.

GDPR Article 6 basis: performance of a contract, or legitimate interests where appropriate
GDPR Article 9 basis: explicit consent for health data, where applicable

6.2 Advisor support and participant guidance

Where you explicitly consent, we process your wearable data so authorized advisors or staff can review trends and provide wellness guidance.

GDPR Article 6 basis: consent and, where applicable, performance of a contract
GDPR Article 9 basis: explicit consent

6.3 Security, fraud prevention, and service integrity

We process technical and security data to secure the service, investigate incidents, enforce access controls, and maintain availability.

GDPR Article 6 basis: legitimate interests
GDPR Article 9 basis: not ordinarily applicable unless health data is necessarily involved in incident handling

6.4 Legal compliance and claims

We may process personal data to comply with legal obligations, respond to lawful requests, establish or defend legal claims, and maintain legally required records.

GDPR Article 6 basis: legal obligation or legitimate interests, as applicable
GDPR Article 9 basis: Article 9(2)(f) or another applicable condition where required

6.5 Aggregated or anonymized analytics

We may create aggregated or anonymized statistics to understand pilot performance, service quality, and usage trends. Where data has been rendered anonymous so that no individual is identifiable, it is no longer personal data.

GDPR Article 6 basis: legitimate interests for preparatory processing, where applicable

7. Special Category Data

Wearable wellness data may constitute data concerning health and therefore fall within special category data under the GDPR. We process such data only where we have a valid Article 9 condition, typically your explicit consent.

8. Consent

Where we rely on consent:

consent is requested clearly and separately where appropriate;
you may withdraw consent at any time;
withdrawal does not affect processing already carried out lawfully before withdrawal; and
if you revoke your wearable authorization or withdraw from the pilot, we stop collecting new data and delete retained personal data unless we are legally required to keep it.

9. Recipients of Data

We may disclose personal data only to the following categories of recipients, and only where necessary:

hosting, infrastructure, database, logging, and security providers acting as processors;
customer support or operational tooling providers acting as processors;
authorized advisors, coaches, or program staff, but only where you have explicitly consented to such access;
professional advisers, auditors, insurers, or legal counsel where necessary;
competent authorities or courts where required by law.

We do not sell personal data and do not disclose wearable health data for advertising purposes.

10. International Transfers

Your personal data may be processed in jurisdictions outside your country of residence. Where required by law, we implement appropriate safeguards for international transfers, which may include:

adequacy decisions;
standard contractual clauses; or
other lawful transfer mechanisms.

You may contact us to request more information about relevant safeguards.

11. Data Retention

We retain personal data only for as long as reasonably necessary for the purposes described in this Policy.

Unless a longer period is required by law or needed to establish, exercise, or defend legal claims, our general retention approach is:

active pilot participation: for the duration of your participation;
after revocation or withdrawal: deletion or irreversible de-identification within 30 days, unless a shorter or longer period is legally required;
security and audit logs: retained for a limited period reasonably necessary for security and accountability;
anonymous aggregates: may be retained for product, research, or evaluation purposes where they no longer identify any individual.

12. Security Measures

We implement appropriate technical and organizational measures designed to protect personal data, including:

encryption in transit;
encryption at rest;
environment separation and access segmentation;
role-based access control and least-privilege administration;
privileged access logging and audit trails;
key and secret management controls;
deletion and revocation workflows; and
regular review of security practices.

Private participant-advisor messaging is described as end-to-end encrypted only where the implemented feature ensures that message content is inaccessible to the platform operator in plaintext.

13. Data Breach Response

If a personal data breach occurs, we will assess the incident promptly and, where required by applicable law:

notify the relevant supervisory authority without undue delay;
notify affected individuals where the breach is likely to result in a high risk to their rights and freedoms; and
take appropriate steps to contain, investigate, and remediate the incident.

14. Your Rights

Subject to applicable law, you may have the right to:

request access to your personal data;
request rectification of inaccurate data;
request erasure of your personal data;
request restriction of processing;
object to certain processing;
request data portability where applicable; and
withdraw consent at any time where processing is based on consent.

You may also have the right to lodge a complaint with your local data protection authority. For Hong Kong matters, this may include the Office of the Privacy Commissioner for Personal Data.

To exercise your rights, contact us at enquiry@eliohealth.app.

15. Children

ElioHealth is not intended for individuals under 18 years of age, and we do not knowingly collect personal data from children.

16. Third-Party Services

The current pilot phase uses Oura as the first supported wearable integration. Your use of Oura and any related Oura services is governed by Oura’s own terms and privacy policy:

Oura account: Oura on the Web
Oura privacy policy: Oura Privacy Policy
Oura terms: Oura Terms and Conditions

ElioHealth is an independent service and is not responsible for the independent acts, omissions, availability, or policies of Oura or any other third party.

17. Changes to this Policy

We may update this Privacy Policy from time to time. If we make material changes, we will provide notice appropriate to the nature of the change and update the “Last updated” date above.

18. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact: