Your Information does not include “aggregate” or other non-personally identifiable information. Aggregate information is information that we collect about a group or category of products, services, or users that is not personally identifiable or from which individual identities are removed. We may use and disclose aggregate information, and other non-personally identifiable information, for various purposes, including, without limitation, to improve and promote the Service.
Information We Collect
Information you provide us
Personally identifiable Information ("PII" or “Your Information”) means any information that may be used to identify an individual, including, but not limited to, a first and last name, email address, a home, postal or other physical address, and phone number. We collect Your Information in various ways on our Service. More specifically, when you use our Service, we may collect the following:
User Accounts and Profiles. Our Services may give you the ability to register for an account or to create and update a user profile on the applicable Services. If we offer user account or profile functionality on the Services, we will collect Your Information as provided to use in the course of registering for an account or creating or updating a user profile. This information may include, for example, name, postal address and zip code, telephone number, e-mail address, information about your health, and related demographic information. We may indicate that some of Your Information is required for you to register for the account or to create the profile, while some may be optional. Failure to provide any required information may affect your ability to use or enjoy all functionalities of the Service. If you create an account through the Website or the App, we may also collect your title, birth date, gender, occupation, industry, personal interests, and other information that is not considered PII because it cannot be used by itself to identify you.
Interactive Features. Our Services may contain interactive functionality that allows you to engage with the Services, post comments to forums, upload photographs and other content (the “User Materials”), participate in surveys, track certain activities, and otherwise interact with the Services and with other users. If you use any interactive functionality on our Services, we collect that information that you provide to us in the course of using these interactive features.
Correspondence. If you contact us by e-mail, using a contact form on the Services, or by mail, fax, or other means, we collect Your Information as contained within, and associated with, your correspondence.
Certain Outside Activities. We and other business partners may collect information from you about your activities outside of the Services, including but not limited to, your selected providers, treatment plans, and the monitoring of your treatment. In these instances, our business partners may collect Your Information, and such information may be shared with us.
Information we collect automatically
When you visit our Services, some information is collected automatically. This includes:
Your browser type and operating system
Your device type (for example, if you are on a computer or iPhone)
Information Sent by Your Mobile Device. We collect certain information that your mobile device sends when you use our Website, App and Service, like a device identifier, user settings and the operating system of your device, as well as information about your use of our Website, App and Service. You understand that, by logging into the App on your mobile device, some information pertaining to your medical treatment may be stored to your mobile device. We are not responsible for any unauthorized access by any third party to such information on your mobile device.
Your Internet Protocol (IP) address, which can sometimes be used to derive your general geographic location. When you use our App, we may collect and store information about your location by converting your IP address into a rough geo-location or by accessing your mobile device’s GPS coordinates or course location if you enable location services on your device. We may use location information to improve and personalize our App for you. If you do not want us to collect location information, you may disable that feature on your mobile device.
Server logs and other communication data
How you found your way to our Services (for example, if you clicked on a link from a social network)
Actions you take on our Services, and the content, features, and activities that you access and participate in on our Services
Information regarding your interaction with e-mail messages, such as whether you opened, clicked on, or forwarded a message
Information collected through cookies, Web beacons, and other similar Internet technologies
"Web Beacons" (also known as Web bugs, pixel tags or clear GIFs) are tiny graphics with a unique identifier that may be included on our Website, App and Service for several purposes, including to deliver or communicate with cookies, to track and measure the performance of our Website, App and Service, to monitor how many visitors view our Website, App and Service, and to monitor the effectiveness of our advertising. Unlike cookies, which are stored on the user’s hard drive, Web Beacons are typically embedded invisibly on web pages (or in an e-mail).
Information from Other Sources
We may receive information about you, including PHI and personal information from third parties, including our affiliates and any of our service providers, and may combine this information with Your Information that we maintain about you. If we do so, this Policy governs any combined information that we maintain in personally identifiable format.
Use of Your Information
Sharing Your Information
Except as described in this Policy, we will not disclose Your Information that we collect or display on the Services to third parties without your authorization. We may disclose information to third parties if you consent to us doing so, as well as in the following circumstances:
Trusted Third-Party Service Providers. To the extent legally permissible, we may disclose and/or exchange Your Information to third-party service providers (e.g., administrative services companies, marketing partners, application developers, data hosting, and processing providers) that assist us in our operations. We limit the information provided to these service providers to that which is reasonably necessary for them to perform their functions and we require them to agree to maintain the confidentiality of such information.
Health Care Service Providers. To the extent legally permissible, we may also disclose Your Information to your health care service providers for purposes of medical treatment, consultation, appointment reminders, to disclose your use of the Services, and to deliver content specific to your health condition and other similar activities as applicable.
Business Decisions. To the extent legally permissible, we may disclose Your Information to third parties if we are involved in a merger, acquisition, or sale of any or all of our business and/or our assets to a third party.
Legal Compliance. We cooperate with government and law enforcement officials or private parties to enforce and comply with the law. To the extent legally permissible, we may disclose Your Information if we have a good faith belief that disclosure is necessary to:
respond to claims;
comply with applicable laws, regulations, legal process (such as a subpoena), or enforceable government request;
as required in accordance with HIPAA or related applicable local, state or federal laws (please refer to the HIPAA Policy);
stop any activity that we consider illegal, unethical or legally actionable activity;
protect against harms to the rights, property, or safety of Steady Health, our users, or the public as required or permitted by law.
If you authorize integration of your PHI into the Services, you may revoke this authorization at any time by contacting firstname.lastname@example.org.
Review and Correction of Your Information
Third Party Websites
Steady Health’s Services may contain links to other websites, including those of third parties or business partners. If you choose to visit or use any third-party sites or products or services available on or through such third-party sites, please be aware that this Policy will not apply to your activities or any information you disclose while using those third-party sites or any products or services available on or through such third-party sites. We are not responsible for the content, privacy or security practices of any third parties. To protect your information, we encourage you to learn about the privacy policies of those third parties. Additionally, please be aware that the Services may contain links to Web sites and services that we operate but that are governed by different privacy policies. We encourage you to carefully review the privacy policies applicable to any Web site or service you visit other than the Services before providing any of Your Information on them.
We will abide by the Children’s Online Privacy Protection Act (“COPPA”) and will never knowingly request personally identifiable information from anyone under the age of 14. In the event we discover we have collected information from a child under 14 years of age in a manner inconsistent with COPPA’s requirements, we will either delete the information or immediately seek the parent’s consent for such collection. Notwithstanding the foregoing, we may collect PII about children between the ages of 14 and 18 that parents or guardians provide to us when establishing an account for their children’s records.
International Visitors and the Privacy Shield
Our Services are hosted and operated in the United States (“US”). By using the Services, you are consenting to the transfer of your personal information to the US. If you are accessing our Services from outside the US, please be advised that US law may not offer the same privacy protections as the law of your jurisdiction. Those who choose to access and use the Service from outside the U.S. do so on their own initiative, at their own risk, and are responsible for compliance with applicable laws.
California Privacy Rights
California law allows California residents to ask companies with whom they have an established business relationship to provide certain information about the companies’ sharing of personal information with third parties for direct marketing purposes. Under California Civil Code Section 1789.3, California users are entitled to the following specific consumer rights notice: If you have a question or complaint regarding the Website, please send an email to email@example.com. You may also contact us by writing to Steady Health Inc., 100 Bush Street, Suite 1600, San Francisco, CA 94104. California residents may reach the Complaint Assistance Unit of the Division of Consumer Services of the California Department of Consumer Affairs may be contacted in writing at 400 R Street, Suite 1080, Sacramento, California 95814, or by telephone at (916) 445-1254 or (800) 952-5210.
Under California Civil Code Sections 1798.83-1798.84, California residents are entitled to ask for a notice identifying the categories of PII which we share with certain third parties for direct marketing purposes under certain circumstances and providing contact information for such third parties. If you are a California resident and would like a copy of this notice, please submit a written request to: Steady Health Inc., 100 Bush Street, Suite 1600, San Francisco, CA 94104.
We do not share any California consumer personal information with third parties for marketing purposes without consent.
California customers who wish to request further information about our compliance with this law or have questions or concerns about our privacy practices may contact us using the contact information set forth below.
Your Information as provided to us through the Services will be stored in a secure manner. We have implemented a variety of commercially standard encryption and security technologies and procedures to protect Your Information stored in our computer systems from unauthorized access. Please be aware, however, that no data security measures can be guaranteed to be completely effective. Consequently, we cannot ensure or warrant the security of any information that you provide to us. You transmit information to us at your own risk.
Updates to this Policy
We may occasionally update this Policy. When we do, we will also revise the “last updated” date at the beginning of the Policy. Your continued use of our Services after such changes will be subject to the then-current policy. If we change this Policy in a manner that is materially less restrictive of our use or disclosure of Your Information, we will use reasonable efforts to notify you of the change and to obtain your consent prior to applying the change to any of Your Information that we collected from you prior to the date the change becomes effective. We encourage you to periodically review this Policy to stay informed about how we collect, use, and disclose Your Information.
If you have any questions or comments about this Policy, please email us at firstname.lastname@example.org or send us a letter at:
ATTN: Privacy Officer
100 Bush Street,
San Francisco, CA 94104
Updated: March 11, 2019