Last Revised: June 10, 2022
Your privacy is very important to us. We are committed to conducting our business in accordance with the following principles to ensure the confidentiality of personal information is protected and maintained.
Information We Collect
Device Data. Your Device collects data to measure and monitor skin temperature, blood pressure, pulse rate, oxygen saturation level, and respiratory rate (“Device Data”). The data collected may vary depending on your Device and the settings you have chosen for your Device or our App. You control how you wish to share this Device Data with us and your Providers. This information may include the date and time of usage from your Device and your responses to our follow-up questions.
Information that your Providers provide. You understand and agree that the Providers may contact us or you, we may contact them or you, they may share with us or you, and we may share with them or you any information about you that is necessary or useful to enable us to provide the Services that you request of us. Such information may include, among other information, User Health Data and other information described in the Information you provide paragraph above.
Information Automatically Collected; Cookies; Tags. When you access or use the Services, we may collect information about you and your computer or device, including through the use of both session and persistent “cookies,” “pixel tags,” or “web beacons” (collectively, “Tags”). “Cookies” are small data files stored on your hard drive, and “pixel tags” or “web beacons” are small graphic files placed on a website or within the body of an email for the purpose of tracking your internet activity and tracking when emails are opened or accessed. A “session” Tag will not collect information once you close the program used to access the Tag (e.g., a web browser), while a persistent Tag will collect information until it is deleted.
The type of information we automatically collect when you access or use the Services may include the IP (Internet Protocol) address of your computer or device; information about Tags on your computer or device; pages you viewed on the Site; how long you spent accessing each page; how long you used an App; times and dates that you accessed or used the Services; your computer or device type and operating system type; browser type and language; and other information about how you accessed or used the Services.
How We use and share Information
We also analyze your information and your access and use of the Services in order to improve and customize your experience, including remembering information so you will not have to reenter it. We may also use such information to contact you regarding changes, system maintenance and outage issues, account or membership issues, or otherwise troubleshoot problems related to the Site, Services, or Apps.
We may share with your Providers any information about you that is necessary or useful to enable us to provide the Services that you request of us.
Communications with your Providers. We may share your information with your Providers, including information collected from your Device and which you choose to share with us, including User Health Data, through our App or third-party messaging partner. We cannot control how any Provider may use or disclose of the information you may make available through the use of the Service.
Improving our Products and Services. We may use your data, including your User Health Data, to improve our algorithms, technology, products, and services, including to train our software, and to gain a greater understanding of the factors involved in controlling and monitoring COVID health. For these purposes, we will anonymize or de-identify your User Health Data in a way that complies with HIPAA requirements so that such User Health Data is not identifiable or linkable to you.
Service providers. We will disclose your information to our service providers that assist with the Site, Services, or Apps. For example, we may use a third-party messaging service to gather additional information about your symptoms based on information collected by the Device. We contractually require our service providers not to use or share your information for purposes other than as needed to provide the applicable services.
Marketing Communications. We may in the future distribute a newsletter or other marketing or promotional communications to inform our users about promotions, upcoming events, and other news about products and services offered by us and our selected partners. Prior to sending you any such newsletter or other marketing communications, we will obtain your consent. Thereafter, our marketing emails will tell you how to “opt out.” If you opt-out, we may still send you non-marketing emails, including emails about purchase confirmations, invoices, technical notices, security alerts, and support and administrative messages.
Corporate events. If we become involved in a merger, acquisition, or any form of sale of some or all of our assets, your information may be included in the assets sold or transferred to the acquirer. You agree that we may transfer or assign the information we have collected about you in connection with any such event. In the event of a bankruptcy, insolvency, reorganization, receivership, or assignment for the benefit of creditors, we may not be able to control how your personal information is treated, transferred, or used.
California requires operators of websites or similar services to make certain disclosures to users who reside in California regarding their rights, specifically:
Shine the Light. For clarity, we will not trade, rent, share or sell your Personal Information to third parties unless you ask or authorize us to do so. However, if we disclose Personal Information that is primarily used for personal, family, or household purposes of a California user to a third party for said third party’s direct marketing purposes, we will identify such third party along with the type of personal data disclosed, upon your request. For further clarification, please refer to the “Contact Us” section below. Under California law, businesses are only required to respond to a user’s request once during any calendar year.
Do-Not-Track. Some browsers give individuals the ability to communicate that they wish not to be tracked while browsing the Internet. California law requires that we disclose to users how we treat do-not-track requests. The Internet industry has not yet agreed on a definition of what “Do Not Track” means, how compliance with “Do Not Track” would be measured or evaluated, or a common approach to responding to a “Do Not Track” signal. We do not track our users’ movements across the web, nor have we developed features that would recognize or respond to browser-initiated Do Not Track signals in response to California law.
Accessing and updating personal information
You may update, change, or correct your personal information through the App, the Services, or by contacting us at firstname.lastname@example.org. We will update your account, membership, or information as requested, provided, that we may decline to update information if we determine the request to be impractical (for instance, requests concerning information residing on backup tapes or other historical data) or to be inconsistent with our data retention practices (described above). In any case, where we provide information access and correction, we perform this service free of charge, except if doing so would require a disproportionate effort.
Third-party sites AND INFORMATION COLLECTION, SHARING, AND USE
Social media sites. We may have pages or other presence on various social networking sites or services, such as Facebook, Twitter, and the like. Any information you post or provide through such sites and services will be subject to the policies of those sites and services.
Disclaimer and release. We cannot control how any Providers or third parties might use or disclose your information, so be sure that you trust them and that you are comfortable with the information that may be shared with them. You are responsible for designating your Providers and for keeping your list of Provider’s current, so please add, remove, or modify relevant information about Providers as such information changes.
Location of Servers
Information of Children
The Site, Services, and Apps are not intended for use by minors under the age of 18, unless through a parent or guardian. If we learn that a child under the age of 18 has provided us with personal information without parental consent, we will promptly take reasonable and appropriate actions to remove such users and delete any personal information from our servers.
HIPAA; Data security
In certain situations, we are a "Business Associate," as defined by HIPAA (the federal Health Insurance Portability and Accountability act) of certain “covered entities”, and have certain federal, state and contractual restrictions as to how we can use your "protected health information" (PHI), including with respect to the Providers. In other situations, we are required by federal and state data protection laws to protect the confidentiality of your Personally Identifiable Information (PII). When acting as a Business Associate, we may only use or disclose your PHI and PII as required by law or, in the case of PHI, as permitted by the Business Associate Agreements (BAAs) we have with our customers including Providers. Please be aware that when you give others access to your data (including PHI and PII), they may be able to use, reproduce, distribute, display, transmit, and/or communicate that data to others and the public. Please consider carefully what you choose to share or make public. We shall not have any responsibility for access, use, or disclosure of your data by people you authorized to have access to your user account. If you are using the Service in coordination with your Providers or as part of a research study, you are granting access to your health information (including PHI and PII) to the Providers and study personnel. You expressly consent to the access and disclosures outlined in this section.
In the absence of such a business associate agreement or provider agreement, you understand and agree that your information is not protected under HIPAA. However, we will take reasonable security measures to protect against unauthorized access to or unauthorized alteration, disclosure, or destruction of your information. However, we cannot guarantee your information will be absolutely secure or that unauthorized persons will not access or use your personal information for improper purposes. In the event of a breach of security affecting the personal information that you or Providers have provided to us, or the personal information that we have collected, we will take remedial actions as required by applicable laws, which might include providing you notice of such breach. You agree that we may send you such notices via the Site, Services, Apps, email, or mail.
Questions or suggestions