App Privacy Policy
Overview
The Whole Communities-Whole Health App is a mobile phone-based application and corresponding backend that provides tools to help study participants provide and receive information and feedback with UT researchers. This privacy policy covers how we treat the data that we gather in support of our study. This app has been developed by researchers at the University of Texas at Austin ("University" or "we"). By using the app, you acknowledge that you have read and understood the contents of this Privacy Policy.
In order to log into the application, you must have previously consented to take part in an Institutional Review Board-approved study at the University. After providing this consent, the study personnel will provide you with credentials that will allow you to access the application.
Your participation in this study is voluntary.
What information do we collect?
The App provides the ability for you to download all of the data it has collected in a human readable format so that you can inspect the data that is being stored and perform your own analyses. It also allows you to delete all of the data stored on your device whenever you wish. If you wish to delete data from our servers, please contact the study team.
To see more detailed information
The detailed information is in the table below. Clicking each title, the detailed information related to the item will show.
| How is it collected? | Why it is collected? | How is it stored? | How long is it retained? | Can it be deleted by the user? | Is this optional? |
|---|---|---|---|---|---|
| You enter this information when you log in. | Email is needed to register you as a study participant. It can also be used to reset your pa ssword if you forget it. | Email addresses are stored securely in a third-party authentication service. | It is retained in the third-party server until the study ends or you request to delete your participant account. | Yes, you can send a request to the study coordinator to have your account and email removed. | No. |
| How is it collected? | Why it is collected? | How is it stored? | How long is it retained? | Can it be deleted by the user? | Is this optional? |
|---|---|---|---|---|---|
| You enter your language preference in the settings menu. | To translate all app text into the preferred language. | Stored only on the device in an encrypted folder. | Language preferences are retained on the App until you delete them. | Yes, you can delete app data using functionality in the settings menu. | Yes, defaults to English. |
| How is it collected? | Why it is collected? | How is it stored? | How long is it retained? | Can it be deleted by the user? | Is this optional? |
|---|---|---|---|---|---|
| Retrieved from the Fitbit server. | Step data is collected for research purposes to analyze the health status of study participants and community. | Securely stored on user’s device and server. | Steps for the past 30 days will be retained on the user’s device. Steps for the duration of the study will be retained indefinitely on the server. | Yes, you can delete this information from the app using functionality in the settings menu. You can contact the study coordinator to delete data from the servers. | Yes. |
| Data Collected | How is it collected? | Why it is collected? | How is it stored? | How long is it retained? | Can it be deleted by the user? | Is this optional? |
|---|---|---|---|---|---|---|
| Reports/Surveys/EMAs | It is collected in questionnaires. You’ll be asked to fill in the questions in surveys, reports, and EMAs. | It is collected for research purposes to assess variables such as food intake, lifestyle/behavior, social factors, demographics, socioeconomic status, psychological factors, health, medication intake, cognition, home environment, life events, hair care/length, and/or study-related feedback. | Stored on the device in an encrypted folder. The submitted surveys/reports/EMAs are sent to the server. | Survey/Reports/EMAs are retained on the server indefinitely. | Yes, you can delete this information from the app using functionality in the settings menu. You can contact the study coordinator to delete data from the servers. | Yes. |
| GPS coordinates | GPS coordinates are only collected when you submit a report/survey/EMA. | The location coordinates provide context for submitted reports/surveys/EMAs. | GPS coordinates are stored on the device in an encrypted folder. It will be sent to an encrypted server along with reports or surveys you submitted. | The GPS coordinates are stored together with the report/survey data, which will be retained on the App until you deleted. Once the reports/surveys is sent to the server, The GPS coordinates will be retained on the server indefinitely. | Yes, you can delete this information from the app using functionality in the settings menu. You can contact the study coordinator to delete data from the servers. | No. In signing the consent to participate in the study, participants agreed to have location data collected. However, if you no longer feel comfortable sharing your location, please contact the study coordinator. |
| How is it collected? | Why it is collected? | How is it stored? | How long is it retained? | Can it be deleted by the user? | Is this optional? |
|---|---|---|---|---|---|
| Screen time usage data are only collected on Android devices. When you first install the App, the App will ask for you permission to share the screen time usage data with the app. | Screen time data are used to analyze the health of participants as well as the amount of time that users access different categories of apps on their phones. | Stored on the device in an encrypted folder and on the server. | The screen time usage data are stored securely in your device until you uninstall the App. | Yes, you can delete this information from the app using functionality in the settings menu. You can contact the study coordinator to delete data from the servers. | Yes, you can choose not to give the App permission for screen time usage data of your device. |
| How is it collected? | Why it is collected? | How is it stored? | How long is it retained? | Can it be deleted by the user? | Is this optional? |
|---|---|---|---|---|---|
| The app scans for available WIFI of your device and whether your device is connected to network when the App is running. | The app sends submitted surveys/reports/EMAs to the server once your device is connected to network, so it’s important for the app to know the network status and available WIFI network of your device. | Stored on the device in an encrypted folder. | It persists on your device as long as the app is on your device. | Yes. You can delete on-App data using functionality in the settings menu. | Yes. You can choose to not give the App permission for accessing your device’s network status, but it’s not recommended, because most of the functionalities require network to function properly. |
| How is it collected? | Why it is collected? | How is it stored? | How long is it retained? | Can it be deleted by the user? | Is this optional? |
|---|---|---|---|---|---|
| You can connect study materials to your account when you scan a barcode on the study material. | This will link water samples, biological samples, Fitbit fitness trackers, and other study materials to your user account. | Stored on the device in an encrypted folder and stored in encrypted server database. | This information will be retained on the phone until you delete it. It will be retained indefinitely on the server. | Yes, you can delete this information from the app using functionality in the settings menu. You can contact the study coordinator to delete data from the servers. | Yes. |
| How is it collected? | Why it is collected? | How is it stored? | How long is it retained? | Can it be deleted by the user? | Is this optional? |
|---|---|---|---|---|---|
| Passively collected. | Statistics calculated from location information will be used to assess social and travel behaviors of study participants. | Location information and statistics are stored on the device in an encrypted folder. Statistics will be stored in an encrypted server database. | Location information and statistics are retained until deleted by you on the App for three weeks. Statistics will be retained on the server indefinitely. | Yes, you can delete this information from the app using functionality in the settings menu. You can contact the study coordinator to delete data from the servers. | Yes. |
How do we process and use your information?
We may process and use the information listed above to support the following purposes:
- To provide users with services. These services include (1) a dashboard where you can observe your results from the study, such as number of steps in a day, pollen levels, and air quality; (2) a page to report environmental or community issues to the research team, such as a bad odor, water quality, or other issues of importance to you; (3) a central location to fill out surveys and ecological momentary assessments to provide data as part of the study; (4) functionality to allow you to check-out and check-in study materials; and (5) the ability to easily contact the study team.
- To provide the University with certain information, namely your login credentials for the purpose of connecting your responses and information received from the app with other information that you are providing through other methods within the study.
- To provide the University with aggregate anonymized information. Through the information collected by the app, we may also generate anonymized community reports from data collected within the study. This information may be shared in aggregate form with the community in general. This information will not be linked to any identifiable information.
- To continuously analyze the use of our services. We also analyze your use of our features and services as feedback to improve and administer the app, including to provide user support, to develop new features, and to ensure the app and the data it collects remain secure.
- To comply with legal obligations. We may use data collected to comply with any applicable laws and to defend against legal claims or to exercise our legal rights.
We may also use your information for other purposes disclosed to you; these purposes will be disclosed at the time that we collect the information and the use will occur only with your consent. Such consent, if provided, can also be withdrawn at any time by contacting us through our study team. Withdrawing consent does not impact the use of the data before consent was withdrawn. You will be able to delete all of the data stored on the app at any time, as described in the table above.
How do we store and protect your information? Who do we share your information with?
We will protect your data from unauthorized access or disclosure using best practice security measures, informed by the particular type of data, the use, and the destination. Data stored on your phone will be encrypted. Data transfers will be encrypted during transmission using SSL, and data stored by our servers will be encrypted. Multiple users will not be able to use the same App. Once you have logged into the App for the first time, only you will be able to log into the App in the future (using the same credentials as the first login). Logging in using different credentials will delete all of the data previously collected by the App.
Data will be maintained indefinitely on our servers.
If it becomes necessary for the Institutional Review Board to review the study records, information that can be linked to you will be protected to the extent permitted by law. Your research records will not be released without your consent unless required by law or a court order.
We may share your data or samples with other researchers for future research studies that may be similar to this study or may be very different. The data shared with other researchers will not include information that can directly identify you.
We plan to publish the results of this study. To protect your privacy, we will not include any information that could directly identify you.
Changes to this privacy policy
We may modify this privacy policy from time to time. We will notify you of any changes through an alert sent through the app, via email, or by some other mechanism. If you continue to use the app after such a change, this indicates your acceptance of the revised privacy policy. The use of information collected through the app is subject to the privacy policy in effect at the time the information is collected.
It is possible that the Institutional Review Board may require informed consent to be obtained again if substantive changes are made to this privacy policy. If this occurs, details regarding the changes will be included in a new consent form.
Contact us
Contact Information for the Study Team: Prior, during or after your participation you can email the study team at wcwhcommunity@austin.utexas.edu with any questions.
Contact Information for Questions about Your Rights as a Research Participant: If you have questions about your rights as a research participant, or wish to obtain information, ask questions, or discuss any concerns about this study with someone other than the researcher(s), please contact the following:
The University of Texas at Austin Institutional Review Board
Phone: 512-232-1543
Email: irb@austin.utexas.edu
Please reference study number: STUDY00001345