Privacy Policy
Privacy Policy
Last updated on: 3 March, 2026
Privacy Policy for the Customer
The protection of personal data is extremely important to us, which is why we describe in this Data Management information what personal data we process about you, for what purpose and legal basis. The Data Management Information also contains your rights.
1. Data of the Data Controller
Data controller: MIRA Health Technologies Limited (hereinafter: Data Controller)
Headquarters: Office 15816 182-184 High Street North, East Ham, London, United Kingdom, E6 2JA
Company registration number: 16874079
Website: https://www.mira.health/
Email contact: love@mira.health
2. General legislation on which data management is based
Regulation (EU) 2016/679 of the European Parliament and of the Council (April 27, 2016) on the protection of natural persons with regard to the processing of personal data and on the free flow of such data and on the repeal of Directive 95/46/EC (GDPR )
CXII of 2011 Act on the right to self-determination of information and freedom of information (Infotv.)
Act V of 2013 on the Civil Code (Ptk.)
CXXVII of 2007 Act on General Sales Tax (VAT Act)
Act C of 2000 on accounting (Accounting Act)
CXIX of 1995 Act on the handling of name and address data for the purpose of research and direct business acquisition (DM Act)
CVIII of 2001 Act on certain issues of electronic commercial services and services related to the information society (Eker tv.)
XLVIII of 2008 Act on the Basic Conditions and Certain Limitations of Economic Advertising Activities (Grt.)
3. Concepts
Personal data: any information relating to an identified or identifiable natural person (“Data Subject”); a natural person can be identified directly or indirectly, in particular on the basis of an identifier such as name, number, location data, online identifier or one or more factors relating to the physical, physiological, genetic, mental, economic, cultural or social identity of the natural person can be identified. Such typical personal data in particular: name, address, place and time of birth, mother's name.
Data management: any operation or set of operations performed on personal data or data files in an automated or non-automated manner, such as collection, recording, organization, segmentation, storage, transformation or change, query, insight, use, communication, transmission, distribution or otherwise by making available, coordinating or connecting, limiting, deleting or destroying.
Data controller: the natural or legal person, public authority, agency or any other body that determines the purposes and means of processing personal data independently or together with others; if the purposes and means of data management are determined by EU or member state law, the Data Controller or the special aspects regarding the designation of the Data Controller may also be defined by EU or member state law.
Data processor: the natural or legal person, public authority, agency or any other body that processes personal data on behalf of the Data Controller.
Recipient: the natural or legal person, public authority, agency or any other body to whom the personal data is communicated, regardless of whether it is a third party.
4. Basic principles
The Data Controller takes into account the following basic principles when handling personal data, so personal data:
a. must be handled lawfully and fairly, as well as in a transparent manner for the Data Subject (legality, fair procedure and transparency)
b. be collected only for specific, clear and legitimate purposes, and they should not be handled in a way that is incompatible with these purposes; in accordance with Article 89 (1) of the GDPR, further data processing for the purpose of archiving in the public interest, for scientific and historical research purposes or for statistical purposes (purpose limitation) is not considered incompatible with the original purpose
c. they must be appropriate and relevant from the point of view of the purposes of data management and must be limited to what is necessary (data saving)
d. they must be accurate and, where necessary, up-to-date; all reasonable measures must be taken to immediately delete or correct personal data that is inaccurate for the purposes of data management (accuracy)
e. its storage must take place in a form that enables the identification of the Data Subjects only for the time necessary to achieve the goals of personal data management; personal data may only be stored for a longer period of time if personal data will be processed in accordance with Article 89 (1) of the GDPR for the purpose of archiving in the public interest, for scientific and historical research purposes or for statistical purposes, the rights of the Data Subjects in this regulation and taking into account the implementation of appropriate technical and organizational measures required to protect your freedoms (limited storage capacity)
f. must be handled in such a way that adequate security of personal data is ensured through the application of appropriate technical or organizational measures, including protection against unauthorized or unlawful processing, accidental loss, destruction or damage of data (integrity and confidentiality )
g. The Data Controller is responsible for compliance with the above, and must also be able to prove this compliance (accountability)
5. Data management activity
contact (website)
contact by email
sending a newsletter
filling out a risk assessment questionnaire on the website and in the application
6. Website data management
The Website uses cookies.
A cookie is a file that is placed on your computer when you visit a website. A cookie is a packet of information that the server sends to the browser, and then the browser sends it back to the server with the data content determined by the server at each request. The purpose of this is to save the Internet settings of the website you are visiting, so that if you visit the same website again from the same device, the page will already remember the set parameters.
Cookies have numerous functions. Cookies are most often used to personalize ads and services, and to analyze website traffic.
According to the currently valid legislation, cookies can only be stored on your device if this is absolutely necessary, i.e. essential for the website to function, these are called "necessary cookies". The use of all other types of cookies requires your consent. You can view and set the cookies currently used on the website in the pop-up window when you enter the website.
Modern browsers allow modification of cookie settings. Some browsers automatically accept cookies by default, but this setting can also be changed so that you can prevent automatic acceptance in the future. In case of conversion, the browser will offer the option to set cookies each time.
Given that the purpose of cookies is to support and facilitate the usability and processes of the website, if cookies are disabled, it cannot be guaranteed that you will be able to fully use all the functions of the website. In this case, the website may function differently than planned in the browser. More detailed information about the cookie settings of the following browsers:
· Firefox
· Microsoft Internet Explorer 11
· Microsoft Internet Explorer 10
· Microsoft Internet Explorer 9
· Microsoft Internet Explorer 8
· Safari
7. Social media
The Data Controller is available on the following social media sites.
The operator of the social website is considered an independent Data Controller, information on data management is available at the following links:
The Data Controller does not record or manage personal data about the user of the given social media site in its internal database and system.
8. Access to data
Competent employees of the Data Controller may access personal data to the extent necessary for the performance of their duties.
9. Data security measures
The Data Controller uses appropriate IT, technical and personal measures to protect the personal data it manages against, among other things, unauthorized access or unauthorized changes.
10. Rights of the Data Subject and their content related to data management
11. Data processing related legal remedies and their content
12. Updating the Data Management Information
The Data Controller reserves the right to unilaterally modify this Data Management Information. This information may be amended especially if it is necessary due to changes in legislation, data protection official practices, business needs, or other circumstances. At the Data Subject's request, the Data Controller will send him a copy of the current information in the form agreed with him.
IGDPR Compliance
1. Who we are
We are Mira Health Technologies Limited., a European medtech company, we aim to support individuals living with carbohydrate metabolism disorder and want to keep a diet with a specific amount of carbohydrates.
As we are committed to transparency regarding the data we collect about you, how we use it and who it is shared with, we would like to provide you all the information you need.
2. Types of personal information we collect about you
As our platform is aimed at digitizing your practice, we collect the following information about you: First and Last name; Contact data (postal address, e-mail address and telephone number); Gender; Birth Date Language preferences; Username and password; Direct marketing preferences; Interests and any additional information volunteered by the customer; Dietetic information and other health and nutritional details required for the provision of services; Anthropometric information; Location data; Information on the use of our products and services; Payment information of professional users; Technical data sent to us by your digital devices (such as computers and mobile devices) as well as information related to cookies and other similar technologies; Recordings of customer service email correspondence and telephone conversations; Campaigns and promotions directed to the customer, as well as their use; Purchase history; Billing, delivery, returns and payment collection data (excluding bank account or credit card information unless needed for reimbursement purposes); Content, correspondence and consequences related to feedback and complaints.
3. How do we collect your personal information?
We collect your personal information by contacting you directly during the course of business or when you register as a customer on our platform. You may give us your contact details or payment information for invoicing purposes when you place an order online, when you visit our stand at a trade event or when you correspond directly with us via post, phone, email or any other form of communication, (all of which are provided by you on a voluntary basis).
This includes personal information you provide when you:
subscribe to our products or publications
create an account on our website
request marketing information to be sent to you
respond to our surveys
provide us with some feedback on our products or services
provide us with your contact details for us to assist you with using our products
connect with us through LinkedIn
interact with us at events and meetings
If you do not provide this information, you will not be able to interact or communicate with us or our services in the ways mentioned above.
4. How does MIRA Health use personal information?
We process your personal information for the purposes listed below:
Keeping you informed from time to time about the solutions we are developing.. We are a small team on a big mission to empower every individual living with carbohydrate metabolism disorder with the best solutions and knowledge.
Account setup and administration: We use your personal information such as your name, email and domain address, phone number, and additional information to set up and administer your account, provide technical and customer support.
Personalisation of diet: In order to create personal diet plans, we use your information regarding food preferences, allergies, medical conditions, cooking capability and availability.
Hosted services: Some of our services provide data and document storage as an integral part of the product or solution offering. Documents and data stored by our customers may contain personal information and our access to this information is limited to MIRA Health personnel with a critical business reason.
5. With whom do we share your personal information?
The MIRA Health Kft. only shares or discloses personal information when necessary to provide its services or conduct our business operations as described below. When we share personal information, we do so in accordance with our documented data privacy and security requirements. We may occasionally share non-personal, anonymised, and statistical data with third parties, including survey findings from our online consumer panels, employees and clients. Below are the parties with whom we may share your personal information and the reasons that we share that information.
*The recipients mentioned above are based in the European Union.
*The list of the companies with whom we share your data in an anonym form:
6. Securing your personal information
The MIRA Health Kft. uses appropriate technologies, policies, processes and procedures to protect personal information. Our information security policies and procedures are closely aligned with widely accepted international standards and are reviewed and updated regularly to reflect changes in legislation and business needs.
All data is stored on dedicated servers by Hetzner and a Google Cloud Platform which uses server-side encryption keys to encrypt stored data. This is the default method for Cloud Storage encryption and additional information can be found on Google’s Cloud Storage Documentation.
Our servers are located in Finland and are compliant with the EU General Data Protection Regulation.
7. How long do we keep your data?
We will only retain your personal information for as long as necessary to fulfill our business requirements and service to you, including for the purposes of satisfying any legal, accounting, or reporting requirements.
8. Your rights
The EU’s GDPR (General Data Protection Regulation) and other applicable data protection laws provide you with rights over your personal information.
Mira Health respects your right to access and control your information, and we will respond to requests for information and, where applicable, will correct, amend, or delete your personal information.
If you wish to exercise any of your rights, please contact our Data Protection team by email at love@mira.health.
Privacy Policy for the Customer
The protection of personal data is extremely important to us, which is why we describe in this Data Management information what personal data we process about you, for what purpose and legal basis. The Data Management Information also contains your rights.
1. Data of the Data Controller
Data controller: MIRA Health Technologies Limited (hereinafter: Data Controller)
Headquarters: Office 15816 182-184 High Street North, East Ham, London, United Kingdom, E6 2JA
Company registration number: 16874079
Website: https://www.mira.health/
Email contact: love@mira.health
2. General legislation on which data management is based
Regulation (EU) 2016/679 of the European Parliament and of the Council (April 27, 2016) on the protection of natural persons with regard to the processing of personal data and on the free flow of such data and on the repeal of Directive 95/46/EC (GDPR )
CXII of 2011 Act on the right to self-determination of information and freedom of information (Infotv.)
Act V of 2013 on the Civil Code (Ptk.)
CXXVII of 2007 Act on General Sales Tax (VAT Act)
Act C of 2000 on accounting (Accounting Act)
CXIX of 1995 Act on the handling of name and address data for the purpose of research and direct business acquisition (DM Act)
CVIII of 2001 Act on certain issues of electronic commercial services and services related to the information society (Eker tv.)
XLVIII of 2008 Act on the Basic Conditions and Certain Limitations of Economic Advertising Activities (Grt.)
3. Concepts
Personal data: any information relating to an identified or identifiable natural person (“Data Subject”); a natural person can be identified directly or indirectly, in particular on the basis of an identifier such as name, number, location data, online identifier or one or more factors relating to the physical, physiological, genetic, mental, economic, cultural or social identity of the natural person can be identified. Such typical personal data in particular: name, address, place and time of birth, mother's name.
Data management: any operation or set of operations performed on personal data or data files in an automated or non-automated manner, such as collection, recording, organization, segmentation, storage, transformation or change, query, insight, use, communication, transmission, distribution or otherwise by making available, coordinating or connecting, limiting, deleting or destroying.
Data controller: the natural or legal person, public authority, agency or any other body that determines the purposes and means of processing personal data independently or together with others; if the purposes and means of data management are determined by EU or member state law, the Data Controller or the special aspects regarding the designation of the Data Controller may also be defined by EU or member state law.
Data processor: the natural or legal person, public authority, agency or any other body that processes personal data on behalf of the Data Controller.
Recipient: the natural or legal person, public authority, agency or any other body to whom the personal data is communicated, regardless of whether it is a third party.
4. Basic principles
The Data Controller takes into account the following basic principles when handling personal data, so personal data:
a. must be handled lawfully and fairly, as well as in a transparent manner for the Data Subject (legality, fair procedure and transparency)
b. be collected only for specific, clear and legitimate purposes, and they should not be handled in a way that is incompatible with these purposes; in accordance with Article 89 (1) of the GDPR, further data processing for the purpose of archiving in the public interest, for scientific and historical research purposes or for statistical purposes (purpose limitation) is not considered incompatible with the original purpose
c. they must be appropriate and relevant from the point of view of the purposes of data management and must be limited to what is necessary (data saving)
d. they must be accurate and, where necessary, up-to-date; all reasonable measures must be taken to immediately delete or correct personal data that is inaccurate for the purposes of data management (accuracy)
e. its storage must take place in a form that enables the identification of the Data Subjects only for the time necessary to achieve the goals of personal data management; personal data may only be stored for a longer period of time if personal data will be processed in accordance with Article 89 (1) of the GDPR for the purpose of archiving in the public interest, for scientific and historical research purposes or for statistical purposes, the rights of the Data Subjects in this regulation and taking into account the implementation of appropriate technical and organizational measures required to protect your freedoms (limited storage capacity)
f. must be handled in such a way that adequate security of personal data is ensured through the application of appropriate technical or organizational measures, including protection against unauthorized or unlawful processing, accidental loss, destruction or damage of data (integrity and confidentiality )
g. The Data Controller is responsible for compliance with the above, and must also be able to prove this compliance (accountability)
5. Data management activity
contact (website)
contact by email
sending a newsletter
filling out a risk assessment questionnaire on the website and in the application
6. Website data management
The Website uses cookies.
A cookie is a file that is placed on your computer when you visit a website. A cookie is a packet of information that the server sends to the browser, and then the browser sends it back to the server with the data content determined by the server at each request. The purpose of this is to save the Internet settings of the website you are visiting, so that if you visit the same website again from the same device, the page will already remember the set parameters.
Cookies have numerous functions. Cookies are most often used to personalize ads and services, and to analyze website traffic.
According to the currently valid legislation, cookies can only be stored on your device if this is absolutely necessary, i.e. essential for the website to function, these are called "necessary cookies". The use of all other types of cookies requires your consent. You can view and set the cookies currently used on the website in the pop-up window when you enter the website.
Modern browsers allow modification of cookie settings. Some browsers automatically accept cookies by default, but this setting can also be changed so that you can prevent automatic acceptance in the future. In case of conversion, the browser will offer the option to set cookies each time.
Given that the purpose of cookies is to support and facilitate the usability and processes of the website, if cookies are disabled, it cannot be guaranteed that you will be able to fully use all the functions of the website. In this case, the website may function differently than planned in the browser. More detailed information about the cookie settings of the following browsers:
· Firefox
· Microsoft Internet Explorer 11
· Microsoft Internet Explorer 10
· Microsoft Internet Explorer 9
· Microsoft Internet Explorer 8
· Safari
7. Social media
The Data Controller is available on the following social media sites.
The operator of the social website is considered an independent Data Controller, information on data management is available at the following links:
The Data Controller does not record or manage personal data about the user of the given social media site in its internal database and system.
8. Access to data
Competent employees of the Data Controller may access personal data to the extent necessary for the performance of their duties.
9. Data security measures
The Data Controller uses appropriate IT, technical and personal measures to protect the personal data it manages against, among other things, unauthorized access or unauthorized changes.
10. Rights of the Data Subject and their content related to data management
11. Data processing related legal remedies and their content
12. Updating the Data Management Information
The Data Controller reserves the right to unilaterally modify this Data Management Information. This information may be amended especially if it is necessary due to changes in legislation, data protection official practices, business needs, or other circumstances. At the Data Subject's request, the Data Controller will send him a copy of the current information in the form agreed with him.
Mira Health
Your journey toward managing insulin resistance starts here
Mira Health
Your journey toward managing insulin resistance starts here
Mira Health
Your journey to Insulin Resistance Healing - starts here.