Raiys Privacy Policy

Definitions 

Raiys – Our full name is 'Raiys Ltd'. We are called "we", "us", "our", or "Raiys" in this Privacy Notice). 

We are registered as a Data Controller with the UK Information Commissioners Office with registration number ZB335952 

Platform –We talk about our platform www.raiys.app (the "Site") and our mobile application (the "App") our website or any of our partners white labelled websites managed by us together as Raiys or as our "Platform". 

Services – Raiys provides a behavioural change programme with associated tools to support you successfully make health a, wellbeing and lifestyle changes are as described on the Platform (our "Services"). 

Partners – Our platforms are provided to our Partners who pay us for these being provided they may resell or provide our platform free, either as "Raiys" or a white labelled version under their branding. 

 

If you visit our Platform: 

If you access any of our Services, whether you're just browsing or you have an account, we will automatically collect information from you each time you use our Platforms. This includes technical information about your visit and (if you opt-in) location data including: 

Technical information 

Technical information may include: phone number, Internet Protocol (IP) address, login information, browser type and version, browser plug-in types and versions, device IDs, social log-in ID/email address, time zone setting, operating system and platform, hardware version, device settings (e.g. language and time zone), file & software names and types (associated with your device and/or the Services), battery & signal strength, information relating to your mobile operator or Internet Service Provider (ISP). 

Information about your visit 

Information about your visit may include the full Uniform Resource Locators (URL), clickstream to, through and from our Site (including date and time), pages and services you viewed or searched for, demographic information (including age and gender), page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), traceable campaign links (e.g. in emails, or via tracking URLs), methods used to browse away from the page, and any phone number used to call our customer service number or social media handle used to connect with our customer service team and our social media accounts. 

Location data 

We only collect location data if you give us permission (via our platform cookie banner, or via your app settings). 

Location data includes country location (based on your full or partial IP address and/or Google Analytics information) which we use to provide location services (if you ask or permit us to), so that we can deliver content, advertising or other services that are dependent on knowing where you are, like checking for fraudulent transactions. Location data may be collected in combination with device ID, so we can recognise your mobile browser or device when you return to the Service. 

We use this to understand how individuals use our Platform, and how we can improve it, and ensure content from our site is presented in the most effective manner for you and for your computer. provide you with the information, products and services that you request from us or we think you may be interested in. if you visit our platform and opt-in to cookies, or download our app and opt-in to letting us use your personal data for tracking, we may display Raiys ads to you on other platforms, or send you push notifications – for example, to encourage you to get started using Raiys. You can always change what we have access to in your device settings. 

Our legal reason for this is: 

We do this in our legitimate interests, where we have considered these are not overridden by your rights or with your consent if required (e.g. to non-strictly necessary cookies). 

See for our Cookie Notice for more information on the use of cookies and device identifiers on the Services. If you contact or engage with us in the Raiys service: 

 

If you contact or engage with Raiys 

We will collect your contact information, and the other communications information you provide. 

Contact information includes basic contact information you provide, for example: 

  • email address, 
  • first and last name, 
  • phone number(s), 
  • social media handle (for example, if you engage with us on social media) 
  • address or postcode  
  • date of birth 
  • sex at birth 

Additional personal information in unique research or service evaluation circumstances (specific user opt-ins will be in place in the signup process): 

  • Address 
  • Full name 
  • NHS number 

Communications information includes your correspondence with us, for example if you get in touch with us to ask about a subscription or to report a problem with our Site. This includes: 

  • emails, 
  • texts, in-app messaging & other digital messaging, 
  • calls, 
  • letters, 
  • any in-person conversations you have with us. 

We use this to: 

  • To support you make the behavioural changes that you have aspired to make. 
  • Contact you if you have asked us to do, including to respond to your queries, troubleshoot problems, and help with any issues you may have with our Services. 
  • Provide you with information you might request about our Services. 
  • Provide you with technical and other service updates (for example, if we update our Terms of Service). 

Our legal reason for this is in our legitimate interests. 

We may also do this to take steps to enter any contract with you or to fulfil our obligations under any contract with you (including our Terms of Service). Where required, we may do this with your consent. 

 

If you sign up for updates, offer or other marketing from Raiys: 

We may collect contact information (as explained above), like your name and email address. 

We may also collect marketing preferences, which are our records of what information you would or would not like to receive from us, and if you have opted out of any direct marketing. We use this to: 

  • send you offers, updates, promotions, newsletter(s), insights and other marketing material related to Raiys. 
  • send you personalised marketing, for example about new features we think you may be interested in or habits you've set, related to Raiys. 
  • send you surveys, competitions, promotional campaigns, offers or other occasional activities. 
  • ask you for feedback, including through surveys and other marketing research. 
  • We may send these via push notifications, emails or texts, depending on your preferences. 

Our legal reason for this is we do this with your consent, where required. 

In certain circumstances (for example, if you agree to marketing when you begin a paid subscription), we may do this in our legitimate interests (where we have considered these are not overridden by your rights). 

What do these legal reasons mean? You can opt-out of further marketing at any time by selecting the "unsubscribe" link at the end of all our promotional email updates, or by replying to the email saying unsubscribe. 

 

Key Points to know 

The Raiys platform collects information from you, including things like your name, email, health behaviours, demographics and medical conditions, to tailor the health coaching and content within the service, to be more useful. We never share personally identifiable user information externally, without your explicit permission for example, we may ask if you'd like to be part of a research study, or we may ask you if you'd like to share your Raiys data with your healthcare professional. This would be entirely optional, and we would always explicitly ask for your consent first. 

We do share an overall summary of average insights (otherwise known as aggregated data) with select parties,  

  • Your employer 
  • Your health and wellbeing service provider such as primary care clinics/GP practices and  
  • Researchers. 

To improving care and understanding population health challenges. It is not personally identifiable; therefore, your personal information would not be shared in this way unless you specifically opt in to that. We may also share anonymised insights in the form of user comments, testimonials, or interview snippets, for the purpose of service evaluation. 

Be ACTiv 

Where you agree to enter a challenge as part of our platform for example (Be ACTiv) we will process your data under the rules of the specific challenge that you have agreed to enter. Data is processed and shared with the challenge participants, our suppliers and the organisers of the challenge. This can include the following data: 

  • Your name or email or mobile number used by you the participant in the challenge. 
  • Your physical activity and behavioural data. 
  • Health data that may include weight or nutrition consumption subject to the challenge. 
  • Pictures if you have uploaded these as part of the challenge. 

Third party suppliers may be passed your data where their platforms are used for communications purposes these suppliers may include WhatsApp, Facebook, Messenger and SMS providers. 

Processing of data for our challenges is voluntary, and you agree to consent to this processing as and when you enter a challenge. The lawful reason relied on by Raiys for processing your data is consent. 

Raiys is fully GDPR compliant, meaning we take privacy, data protection, clinical safety and usability very seriously, and meet NHS digital health service standards. If you have any questions on our policies or would like help with something, you can email us at hello@raiys.com  

 

What information do we collect & how do we use it? 

This Privacy Notice will apply to you if: 

  • you visit and browse our platforms or associated platforms such as Ashia.com 
  • you contact or engage with us.
  • you sign up for marketing from Raiys.
  • you use our Services (with or without an account).

We must have a relevant legal reason, called a 'lawful basis' for each way that we use your personal information. We say what our legal reasons are in each section below, and we explain what each one means under 'What do each of these legal reasons mean?'. 

 

If you use or sign up for our Services: 

You must create an account to use Raiys. 

  • You may have access to a limited preview with just a first name. 
  • We'll record which subscription and payment option you choose. (If you are paying for our service). 
  • We'll record your chats which includes which chat options you choose or what you type into the chat. This can include information about your sleep, nutrition, exercise and mental health. 
  • Habits, goals and wellbeing 

We'll collect your health and wellbeing data including: 

  • height & weight (optional, for BMI calculation and building progress diagrams), if relevant, recent blood pressure and HbA1c. 
  • city or first part of your postcode example postcode EC1V 2NX only EC1V 
  •  health & wellbeing goals. 
  • medical conditions, confidence in medication management, (if you are a user of our healthcare management solution)  
  • date of birth and sex at birth  
  • information you share about specific habits including sleep, nutrition, exercise, mental health and lifestyle 
  • Lifestyle data including alcohol use, smoking, use and drug use if applicable 
  • any requests or suggestions you submit to us. 

Healthcare Management 

If you have been asked to use our healthcare management services you will be advised separately of the data being collected, in this circumstance we act as a Data Processor for your (NHS) healthcare provider. 

The lawful basis for processing your data for our healthcare management services is your data is processed under the legal bases of Article 6(1)(e) (public task) and Article 9(2)(h) (provision of health or social care) of the UK GDPR. 

Lawful bases include consent, a contract with you (as a data subject), compliance with our legal obligations and our specified legitimate interests. 

Consent: – We'll use your personal information to send you promotional or marketing content (for example, updates or newsletters) if you have consented (where required by law). We may also send direct marketing based on our legitimate interests (see below). You can opt-out of further marketing at any time by selecting the "unsubscribe" link at the end of all our promotional updates and marketing to you, or by replying to the email saying unsubscribe. 

We also rely on consent for some of the cookies we use (see our Cookie Notice for more detail). 

Contract: – We use your personal information if it is necessary to perform a contract you have with us (for example, our Terms of Service), or if you have asked us to take specific steps before entering that contract. We may send you service updates based on your contract with us (for example, about your subscription payments). 

Legitimate interests: Raiys collects only the minimum information needed to provide a useful and personalised coaching service. We may use your personal information if it is necessary for our legitimate interests or the legitimate interests of a third party, provided those interests are not outweighed by your rights and interests. Our legitimate interests include: 

  • Administering, improving and expanding our Platform and services 
  • Getting your feedback and reviews 
  • Providing our Platform, and ensuring technical bugs are identified and resolved 
  • Gathering information and developing insights about how people use and benefit from Raiys, including aggregating individuals' data 
  • Developing and improving Raiys 
  • Customising Raiys for our users 
  • Implementing and improving our security measures 
  • Growing our business and informing our marketing strategy. 
  • Marketing and promoting Raiys to an organisation you work for or provide services to. 
  • Measuring or understanding the effectiveness of advertising we serve to you and others and delivering relevant advertising to you (including when you visit other platforms). 

In each case, these legitimate interests are only valid if they are not outweighed by your rights and interests. If you would like further information about how we assess our legitimate interests, please contact us at hello@raiys.com    

 

Who do we share your information with? 

We may share your personal information with: 

  • Our service providers, organisations who support the services we offer through the Platform and only process your personal information on our behalf, following our instructions and data protection law 
  • Service providers help us with things like platform and data hosting, payment processor, distributing communications, supporting or updating marketing lists, customer service, facilitating feedback on our services, digital invoicing and payment processing providers, and IT support services. 
  • We may provide aggregated and anonymised data to your employer, your health and wellbeing service provider, academic institutions, service delivery partners (for example healthcare providers), or research bodies. We may anonymise user feedback that has been shared with our team (via app, interviews, email and surveys) for use in service evaluations. Personally identifiable user data will not be shared outside of Raiys without explicit user permission. 
  • If we run surveys, competitions, promotional campaigns, offers or other occasional activities and you opt-in with a partner (for example, if you chose to enter a prize draw we manage with a partner organisation). We will provide more detailed privacy information at the time. 
  • Our auditors, legal advisers and other professional advisers including potential investors, or if we sell or buy any business or assets then a potential seller or buyer. 
  • Any person to whom disclosure is necessary for us to protect our rights, property, or safety, our clients, or other third parties, and to enforce our rights under this Notice or under any agreement (for example, our Terms of Service) with you. This includes exchanging information with other companies and organisations for the purposes of detecting and preventing fraud and cyber-crime. 
  • If required to do so by court order or if we are under a duty to disclose your information to comply with (and/or where we believe we are under a duty to comply with) any legal obligation.  
  • Raiys has appointed Stripe www.stripe.com as its data processor for the purpose of processing payment data. Raiys does not process any payment data for Guests or users this function is outsourced to Stripe see Payments section below. 

Where do we store your information? 

Raiys is based in the United Kingdom, and we store and process your data in the United Kingdom. We will not transfer your data outside the European Economic Area (EEA) without notifying you first and allowing you to object to any proposed transfer.  

 

How do we protect your information? 

All information you provide to us is stored on our servers. Our platforms use secure end-to-end encryption to protect your information. All connections into our platform are secured using industry standard security and encryption. 

All data we capture is stored in secured databases and data storage systems with strict access limitations. All data access requests are logged and monitored in accordance with any threat detection policies. 

Unfortunately, the transmission of information via the internet is not completely secure. We do our best to protect your personal information, but we cannot guarantee the security of your data transmitted to us, any transmission is at your own risk. Once we have received your information, we use strict procedures and security features to try to prevent unauthorised access. 

 

Payments 

Raiys outsource its payments processing to Stripe see www.stripe.com. In the UK Stripe payment processor Stripe Payments Europe, Limited ("SPEL"), an Irish company operating under Irish law acting as a Data Processor,  

Stripe collects payment data from your customers during online or in-person transactions. This may include: 

  • Name and contact details, such as email addresses, phone numbers, and billing/shipping addresses 
  • Payment method details, such as credit/debit card numbers, bank account info, or card images 
  • Purchase amounts and transaction dates 

Stripe may also cross-check this data with other sources, such as public records, identity verification services, financial institutions, and previously collected data from other Stripe Business Users. 

Optional app integrations 

You have the option to share information from wearable device (including phones. watches, scales and rings) from our healthcare API platform offers plug-and-play connectivity with over 500 wearables and health data sources including Apple HealthKit, Fitbit, Garmin, and Samsung Health. Our solution standardizes and harmonizes data, enabling digital health providers, insurers, and researchers to turn fragmented health signals into meaningful, actionable insights—instantly and at scale.  

You can decide which data you would like Raiys to read, including Active Energy, Blood Type, Body Temperature, Carbohydrates, Cycling Distance, Dietary Sugar, Fibre, Heart Rate, Height, Protein, Resting Energy, Resting Heart Rate, Gender, Sodium, Steps, Total Fat, Walking and Running Distance, Walking Heart Rate Average, Water, Weight and Workouts. 

We use this to provide our services to you and healthcare partners, including: 

  1. Providing personalised information and recommendations (e.g. articles, videos, activity challenges) for you across sleep, nutrition, exercise and mental health. Enabling you to set goals and track your habits. 
  1. Understanding user experience and health changes over time, so that we can improve future designs, and understanding the potential impact of using Raiys 

Our legal reason for this is our legitimate interests and consent. We do this to comply with our contract with you (e.g. our Terms of Service). We may also do this in our legitimate interests. GDPR enables users to opt out of user profiling. User profiling does not apply to the Raiys service in its current service design. 

 

Other platforms 

We may sometimes link to other platforms (including other apps). The platforms will have their own privacy information, which you should read before using or sharing personal information with the site. 

Whilst we have conducted data security assessments on our service partners and their platforms, we are not responsible or liable for these platforms, any content on them, or their policies and notices. A link does not mean we endorse the views of the linked platform. We have no control over the availability of any of these platforms. 

 

How long do we keep your information for? 

If you freeze your account or terminate the account, we will retain your personal information while it is frozen. If your account goes fully inactive, we will delete your data 2 years after it has ceased to be used, for personally identifiable data, and 10 years after for non-personally identifiable data. 

We will usually keep personal information: 

  • for as long as necessary for the original reasons we collected it (for example, for as long as you have an account with us), and 
  • for up to ten years after that for statistical monitoring purposes or to identify any issues and resolve any legal proceedings. 

If you request us to stop processing your data or withdraw your consent, we will delete any personal identifiable data within 45 days of your request. We will retain any anonymous non identifiable data and process this for statistical processing data purposes. 

Healthcare Management 

If your data is being processed as part of our healthcare management service, then any request to delete your data should be made to your (NHS) healthcare provider who will instruct us as their data processor how the data should be processed. 

 

Anonymised data 

We may anonymise your personal data to create anonymised data (like aggregated statistics). You cannot be identified from anonymised data, and it cannot be reverse engineered to re-identify individuals. This kind of data is no longer personal data. 

We may keep and use this anonymised data to help us provide, develop and improve our Platform and services, including to: 

  • better understand how people use Raiys 
  • develop useful insights and improvements to Raiys 
  • to provide partners or academic organisation with insight into service usage and aggregated outcomes information 

 

What rights do you have over your personal information? 

In certain circumstances, you have the following rights: 

  • to be provided with a copy of your personal information, 
  • to ask us to correct or delete your personal information, 
  • to request us to restrict how we use your personal information (for example, while we investigate your concerns about the accuracy of data, or lawfulness of a certain use), 
  • to object to the further use of your personal information, including the right to object to marketing from us, 
  • to request that your provided personal data be moved to a third party, and 
  • where you have consented, to withdraw consent. 

If you would like to exercise any of these rights in relation to the personal information we hold about you, you can contact us at hello@raiys.com . We will respond to user data requests as quickly as possible or within 1 month If you have any concerns, you have the right to lodge a complaint with a data protection supervisory authority. The Information Commissioner's Office (ICO) is the supervisory authority in the UK and can provide further information about our rights, an organisation's obligation in relation to your personal information, as well as deal with any complaints that you may have. You can visit their platform at www.ico.org.uk . 

 

How can you contact us? 

We would love to hear from you. If you have any questions or feedback or concerns about Raiys or its Data Processor(s), please get in touch at  

email  hello@raiys.com  
Office  124 City Road London EC1V 2NX United Kingdom 
Telephone  + 44 (0) 203 954 2536 

 

Updating this Privacy Notice 

This Notice was last updated 20/10/2025 we may update this Notice from time to time and will publish updates on our platforms