🎉 First 500 beta users get full access for free – join early!

For Business Join Beta

Privacy Policy – Give Me Five

Last Updated: 20 August 2025

Give Me Five is committed to protecting your privacy and ensuring that your personal and health information is handled safely, securely, and in compliance with applicable privacy laws, including:
– Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth)

– Indian regulations (including the IT Act 2000, IT Rules 2011)
– General Data Protection Regulation (GDPR) for EU users
– Health Insurance Portability and Accountability Act of 1996 (HIPAA) for US users

This Privacy Policy explains how we collect, use, store, and share your information when you use our mental health and wellness application (“App”) and related services.

1. Information We Collect

1.1 Personal Information:
– Name
– Email address
– Contact details
– Account login credentials

1.2 Sensitive Information (Special Category Data / PHI):
As a mental health and wellness app, we may collect sensitive information, including Protected Health Information (PHI) under HIPAA, such as:
– Self-reported mental health and wellness information
– Mood tracking entries
– Journal notes
– Goals, habits, and progress data
– Health-related information you choose to share
– Any information transmitted to or from a covered healthcare provider

We only collect sensitive information with your explicit consent and/or as permitted under HIPAA, GDPR, India law and Australian law.

1.3 Usage & Technical Data:
– IP address
– Device type, operating system, and browser information
– App usage patterns, crash reports, and analytics data

2. How We Collect Your Information

We collect information through:
– Information you provide directly (e.g., account setup, journal entries, mood tracking)
– Passive collection via cookies, analytics tools, and device settings
– Third-party integrations you choose to connect (e.g., wearables, fitness trackers)
– Data received from covered entities or healthcare providers, when applicable

3. HIPAA Compliance Statement

If you are a US-based user or your data is processed by/for a US covered entity:
– We treat all health-related data as Protected Health Information (PHI) under HIPAA when applicable.
– We will enter into a Business Associate Agreement (BAA) with any covered healthcare provider before handling PHI on their behalf.
– We will only use and disclose PHI as permitted or required under the BAA, HIPAA Privacy Rule, and applicable law.
– All PHI is encrypted in transit (TLS 1.2+) and at rest (AES-256).
– You have the right to request an Accounting of Disclosures of your PHI.

4. How We Use Your Information

We use your information to:
– Provide and improve our App and services
– Personalise your experience and recommendations
– Monitor and analyse usage to improve features
– Communicate with you about updates, resources, or support
– Ensure safety, security, and compliance with legal obligations
– Fulfil HIPAA and other privacy law requirements when handling PHI

We will never sell your personal information or PHI.

5. Legal Basis for Processing

We process your personal data under:
– Your consent (for sensitive and optional data)
– Contractual necessity (to provide the services you requested)
– Legitimate interests (improving our app and protecting our systems)
– Legal obligations (when required by law, including HIPAA compliance)

6. How We Store and Protect Your Information

– Data is stored on secure servers located in India Australia / US / other applicable locations.
– PHI and other sensitive data are encrypted using industry-standard security protocols.
– Access to PHI is strictly limited to authorised personnel with HIPAA training.
– We maintain audit logs of PHI access as required under HIPAA.
– We perform regular risk assessments and implement administrative, physical, and technical safeguards in line with HIPAA’s Security Rule.

7. Sharing Your Information

We may share your information only:
– With service providers who assist in operating the App (under strict confidentiality and HIPAA-compliant agreements if PHI is involved)
– With covered entities under a BAA when required to deliver services
– When required by law, regulation, or legal proceedings
– With your explicit consent for integrations or third-party services

8. Data Retention

We retain personal data and PHI only for as long as necessary for the purposes outlined in this Privacy Policy or as required by applicable law.
You may request deletion of your account and data (subject to legal and HIPAA retention requirements).

9. Your Rights

Depending on your location and applicable law, you may have the right to:
– Access your personal data or PHI
– Request correction or deletion of your data
– Withdraw your consent at any time
– Request data portability
– Request an Accounting of Disclosures (HIPAA)
– Lodge a complaint with a relevant privacy authority (OAIC, OCR, ICO, or EU supervisory authority)

10. Managing & Deleting Your Data

You can:
– Access and update your information via App settings
– Request account deletion by contacting [[email protected]]
– Opt out of marketing communications at any time

11. Children’s Privacy

Our App is not intended for children under the age of 16 without parental/guardian consent.
If we learn that we have inadvertently collected personal information from a child without appropriate consent, we will delete it promptly.

12. Data Breach Notification

In the event of a data breach involving your personal information or PHI:
– We will comply with the Australian Notifiable Data Breaches (NDB) scheme, GDPR breach notification requirements, and HIPAA Breach Notification Rule.
– We will notify affected individuals and relevant authorities within legally mandated timeframes.
– Notifications will include details of the breach, information involved, potential impacts, and recommended protective actions.

13. Changes to This Policy

We may update this Privacy Policy from time to time.
Significant changes will be communicated via the App or email before they take effect.

14. Contact Us

Give Me Five
Email: [email protected]
Address: C/- GMP Partners, Tower 2, Suite 2201, Level 22

101 Grafton St, BONDI JUNCTION AUSTRALIA 2022

For HIPAA-related matters (US users):
HIPAA Compliance Officer
Email: [email protected]