Privacy Policy
Last updated: June 2026
Kneu Health
Kneu Health Limited, a company registered in the United Kingdom (no. 14492037) with a registered address at Blackwell House, Guildhall Yard, EC2V 5AE (referred to as “Kneu Health,” “we,” “us,” or “our”), provides this privacy policy to inform users of our practices regarding the collection, use, and protection of their personal information.
We comply with applicable U.S. data protection laws, including the CCPA, HIPAA, and relevant state privacy laws.
For privacy-related questions, you can contact our Data Protection Officer at:
- Email: privacy@kneu.com
- By visiting the Contact us page on our website and selecting Data Protection as the subject.
Key Definitions
Personal Data: Any information that identifies, relates to, describes, or can reasonably be linked to an individual.
Data Processing: Any operation on personal data, including collection, storage, use, disclosure, and deletion.
Sensitive Personal Data: Includes health data, financial information, and other categories as defined by laws like HIPAA or state privacy laws.
Kneu Health’s Interactions with Personal Data
Data Controller vs. Data Processor
Kneu Health acts as a data controller when determining the purposes and means of processing your data and as a data processor when processing on behalf of other organizations (e.g., healthcare providers).
When processing on behalf of healthcare providers under HIPAA, we are a Business Associate and comply with the privacy and security requirements of the law.
Personal Data We Collect and Use
1. Website Visitors
We collect non-identifiable data using analytics tools such as Squarespace. Identifiable data maybe collected when submitted via forms.
Cookies: We use cookies to enhance user experience. You can manage cookies through your browser settings.
2. Kneu Health App Users
Personal Data Collected:
- Contact Information: Name, email, phone number, NHS number (if applicable).
- Health Information: Diagnoses, symptom data, app activity logs.
Uses:
- To deliver app functionality and support.
- For healthcare providers to monitor your condition.
- To improve our services (anonymized data).
SMS Messaging:
Kneu Health may send SMS (text) messages to patients and caregivers as part of service delivery on the Kneu Health platform. These messages are transactional and directly related to your use of the platform.
Types of SMS messages we send:
- One-time passcode (OTP) messages for identity verification and authentication
- Onboarding notifications to inform you when your care team has added you to the platform and you are able to complete registration
- Service-related notifications directly tied to your use of the Kneu Health app
Message frequency: Message frequency varies. OTP messages are sent when you log in or verify your identity. Onboarding notifications are sent at most once per user. Kneu Health does not send recurring marketing messages via SMS.
Message and data rates may apply. Charges depend on your mobile carrier and service plan. Kneu Health is not responsible for any messaging or data fees charged by your mobile carrier.
Opt-out: You can opt out of SMS messages at any time by replying STOP to any message from Kneu Health. After opting out you will receive a single confirmation message and no further SMS messages will be sent. Please note that opting out of SMS may affect your ability to verify your identity and complete onboarding on the platform.
Help: Reply HELP to any message from Kneu Health for support information, or contact us at customercare@kneu.com.
Consent and data sharing: SMS opt-in data and consent will not be shared with any third parties or affiliates for marketing or promotional purposes. Your phone number and messaging consent information are used solely for the purposes described in this section.
Carrier liability: Carriers are not liable for any delayed or undelivered messages.
Consent collection: SMS consent is collected separately within the Kneu Health mobile application. At the point of phone number entry, users are informed that their number will be used to send a verification code via SMS. Users must separately and explicitly consent to receiving additional SMS communications (such as onboarding notifications) through a dedicated opt-in control during registration.
Sensitive Data: We handle your health data under strict security and HIPAA-compliant practices.
3. Clinical Dashboard Users
Personal Data Collected: Name, email address, and place of work.
Uses: To confirm identity and grant dashboard access.
4. Research Participants
We collect data for approved research projects based on informed consent. Withdrawal of consent is honored at any stage.
Your Privacy Rights (U.S. Residents)
If you are a U.S. resident, you may have the following rights:
- Right to Know: You can request details about the personal information we collect, use, and share.
- Right to Access: Obtain a copy of your personal information.
- Right to Delete: Request deletion of your personal information, subject to legal exceptions.
- Right to Correct: Request corrections to inaccurate or incomplete information.
- Right to Opt-Out: Opt out of the sale of personal data (we do not sell personal data).
- Right to Data Portability: Receive a copy of your data in a portable format.
- Rights Under HIPAA: Access your medical records and request amendments or restrictions.
- Right to Lodge a Complaint: In the event that we refuse your request under the Rights of Access, we will provide you with a reason as to why.
To exercise these rights, contact us via:
- Email: privacy@kneu.com
- Contact Us form on our website.
Data Security
We implement reasonable safeguards, including encryption and access controls, to protect your data from unauthorized access or disclosure. For health data, we comply with HIPAA’s Security Rule requirements.
Data Retention
We will regularly review personal data held by Kneu Health, if the personal data is no longer required it will be disposed of accordingly.
Third-Party Processing and Data Transfers
We may share data with trusted third parties (e.g., cloud providers, analytics tools) under binding agreements. If transferring data outside the U.S., we ensure compliance with applicable legal frameworks.
Children’s Privacy
Our services are not directed to children under 13, and we do not knowingly collect their data without parental consent, as required by the Children’s Online Privacy Protection Act (COPPA).
Changes to this Policy
We may update this policy periodically to reflect changes in practices or laws. Updates will be posted on our website with the “Last Updated” date revised.