Oura’s Compliance With CCPA and GDPR Policies

Oura is compliant with both CCPA (California Consumer Privacy Act) and GDPR (General Data Protection Regulation) policy guidelines. This article outlines specific policy details and what they mean for your Oura data.

What is CCPA?

If you’re a California resident, additional privacy rights are in place to protect you and your personal data. These are provided under the California Consumer Privacy Act (CCPA), which was designed to give consumers more control over their personal information. CCPA went into effect beginning January 1st, 2020. Please read the proceeding sections to understand the rights you hold relative to your Oura data.

CCPA & Oura Users

Right to Know

Under the CCPA, you have the right to request that we disclose specific pieces of your personal information we have collected over the prior 12 months, which we do after we receive and validate your request. Once we confirm your consumer request, we will disclose to you:

  • The categories of personal information collected.
  • The categories of personal information we've disclosed.
  • The categories of sources for the personal information collected.
  • Our business or commercial purpose for collecting or selling any personal information.
  • Third parties with whom we share any personal information.
  • The specific pieces of personal information collected (also called a data portability request).

Right of Deletion

You have the right to request the erasure of your personal information, subject to certain exceptions. After we receive and validate your request, we will delete your personal information, and direct our service providers to delete your personal information as well, unless an exception applies.

For more in-depth information, please read Oura's updated Privacy Policy (updated starting January 1st, 2020).

What is the GDPR?

GDPR, the new European Union general data protection regulation, is a regulation in data protection and privacy for all individuals within the EU and the EEA. GDPR came into effect on May 25, 2018, and is designed to harmonize data privacy laws in Europe and give individuals control over their personal data.

GDPR & Oura Users

Oura is compliant with GDPR and has integrated an explicit consent mechanism for the processing of measurement data, and for providing more detailed and transparent information about how our users' data is handled.

To read an overview of how your Oura data is gathered, managed, and protected, click here.

For more in-depth information, check out Oura's updated Privacy Policy.

Was this article helpful? 7 out of 16 found this helpful
More questions? Submit a request here.