Privacy Policy
At vitalxchange (collectively with its subsidiaries, “Company,” “the Company,” “we,” “us,” and “our,”), safe-guarding the privacy of customers like you is a core value. Any information we collect from you will only be used in accordance with this Privacy Policy or your consent. We are 100% committed to protect your privacy through our compliance with this Privacy Policy (the “Policy”) and will never sell your Personal Information. No information that directly identifies you will ever be given to a third party without your explicit consent.
Please read this Policy carefully to understand our practices regarding your information and how we will treat it. By using our Application (the “Application”), you agree to the terms of this Policy. This Policy may change from time to time (see below, “Changes to Policy”). Your continued use of our Application after we make changes is deemed to be acceptance of those changes, so please check the Policy periodically for updates.
This Policy should be read in conjunction with our Terms of Use, into which this Policy is incorporated by reference.
What We Collect and How We Collect It
To ensure that we provide you with the best possible experience on vitalxchange, we only collect, store, use and share information about you in accordance with this Policy. The information we collect from you will be used for understanding your needs and providing you with your own matched community of people, information, products and services.
Information You Provide to Us
Personal Information is any information that can be used to individually identify you from a larger group, such as data including, but not limited to, your:
- Email address
- Demographic information, e.g. age, location; and
- Comments or messages provided in free text boxes.
The following are examples of other data we collect:
- Health conditions and indications, e.g. autism, diabetes, anxiety; and
- Health related interests, e.g. intermittent fasting, alternate therapies.
You may provide us Personal Information when you:
- Request information
- Subscribe to our emails;
- Post comments or messages provided in free text boxes; and
- Register yourself with the Application.
HIPAA Notice. While much of the information you provide may be health related, or indeed provided to you by a healthcare provider or other entity regulated by the Health Insurance Portability and Accountability Act (“HIPAA”), the Personal Information we process is not Protected Health Information and therefore is not subject to HIPAA or its protections.
The information that you provide in each case will vary. We will ask you to create a username and password that should only be known to you. You will have the ability to modify your privacy settings, update your data and remove any personally identifiable information from your profile at any time. We take great measures to protect your privacy and the security of your data. Please see the section on “How We Protect Your Information” for more details.
Automated Information Collection
In addition to the information that you provide to us, we may also collect information about you during your visit to our Application. We collect this information using automated tools that are detailed below. These tools may collect information about your behavior and your computer system, such as your internet address (IP Address), the pages you have viewed, and the actions you have taken while using the Application (e.g. login times, number of posts). Some of the tools we use to automatically collect information about you may include:
- Embedded Web Links. Links provided in our emails and, in some cases, on third-party websites may include tracking technology embedded in the link. The tracking is accomplished through a redirection system. The redirection system allows us to understand how the link is being used by email recipients. Some of these links will enable us to identify that you have personally clicked on the link and this may be attached to the Personal Information that we hold about you. This data is used to improve our service to you and to help us understand the performance of our marketing campaigns.
- Third-party Websites, Applications and Services. We work with a number of service providers of marketing communications technology. These service providers may use various data collection methods to improve the performance of the marketing campaigns we are contracting them to provide. The information collected can be gathered on our Application and also on the websites where our marketing communications are appearing. For example, we may collect data where our banner advertisements are displayed on third-party websites or other mobile applications.
How We Use Your Information
The information we gather and that you provide is collected to provide you information and the services you request, in addition to various other purposes, including, but not limited to:
- Profile Creation. Your email address is used to create, log into, and manage your account on vitalxchange, and is not displayed and is never visible to other members of the community.
- Member Matching. We match and connect you with other members in the community based on your health profile and interests. Your question or post will be shared with matched members. Similarly, you may be a match for another member’s post.
- Content Matching. We customize your daily app feed with member, expert or partner generated content to match your changing interests and needs. These include articles, surveys, clinical trial opportunities, or curated products and services.
- Moderation and Safety of Our Members. We monitor the content being shared on the vitalxchange Application to provide a safe and enjoyable user experience.
- Organization Reporting. If your membership is sponsored by an organization, the organization will receive an aggregated summary on its members enable it to better understand their customers. No individually identifiable information will be provided under any circumstances.
- Account and Services. We use your email address to provide you with notices about your account and our services.
Other purposes we use your information for include, but are not limited to:
- Assisting you with items such as personalized experiences, facilitation of product usage, and enforcement of Terms of Use.
- Preventing malicious activity and providing you with a secure experience.
- Providing service and support for services you request.
- Providing marketing communications that are effective and optimized for you.
- Keeping you up-to-date with the latest benefits available from us.
- Preventing unwanted messages or content.
- Measuring the performance of our marketing programs.
- Contacting you about services and offers that are relevant to you.
All information on vitalxchange is provided directly by you and stored in a private profile. You are in complete control to disclose only what you are comfortable disclosing.
What We Provide Our Partner Organizations
Vitalxchange will engage in partnerships with mission-aligned organizations that are involved in the advocacy, sponsorship or delivery of quality health products and services. Partner organizations may have the opportunity to sponsor vitalxchange memberships for their customer base and, in turn, vitalxchange provides aggregated analytics and reporting on associated members (“Unidentifiable Aggregated Information”).
Unidentifiable Aggregated Information is statistics and de-identified data from multiple members that is not associated with any individual user account. Unidentifiable Aggregated Information is not Personal Information. Unidentifiable Aggregated Information is used to run and improve the services provided on or through vitalxchange. This information may also be used by us or provided to our partners for purposes of research and analysis and is intended to provide statistics and feedback on the needs and status of members for the organization to improve its customer engagement and satisfaction.
We create Unidentifiable Aggregated Information from the information that is shared on vitalxchange and use such Unidentifiable Aggregated Information without restriction. This data may include, but is not limited to, user segmentation profiles, user interests and engagement, and user needs and preferences.
When an applicable law requires that we use a method of de-identification, we will comply with that law. Otherwise, we may use a de-identification method that is appropriate under the circumstances and would not reasonably identify you.
We may use Unidentifiable Aggregated Information in any way that is allowed by law. Some ways in which we might use Unidentifiable Aggregated Information include: to understand, evaluate, or modify the Application services; to use for our own business purposes; or to generate statistical information about the services that we share with our customers and other third parties who are evaluating, analyzing, accrediting or researching vitalxchange’s programs.
How We Protect Your Information
While we can never promise 100% security of information, we do use commercially reasonable technical, physical and administrative to protect your Personal Information from unauthorized access, use, or disclosure. For example, vitalxchange maintains standard physical and electronic procedural safeguards that limit access to your Personal Information to our employees (or people working on our behalf and under confidentiality agreements) who, through the course of standard business activities, need to access to the information you disclose on our platform.
Full access to the vitalxchange Application requires secure authentication by using usernames and passwords. All data in transit between your device or at rest on our cloud servers is encrypted.
You have a responsibility, as well, to safeguard your information through the proper use and security of any online credentials used to access your Personal Information, such as a username and password. If you believe your credentials have been compromised, please change your password. Please also notify us of any unauthorized use.
In addition, by downloading the mobile application from a digital distribution platform such as the Apple App Store or Google Play (a “Mobile App Provider”), the Mobile App Provider and its agents may be able to identify you as a user of our Services. If you have reason to believe that your data or your interactions with us are no longer secure, you may contact us at the email address, mailing address or telephone number listed at the end of this Privacy Policy. In addition, if you have privacy or data security related questions, please feel free to contact the office identified at the end of this Privacy Policy.
How We Share Your Information
We may disclose your Personal Information to our trusted third-party business partners in accordance with this Policy and only for the purposes of providing our services to you. These third-party partners are under contract to keep your Personal Information secure and not to use it for any reason other than to fulfill the service we have requested from them.
Google Analytics. Our Application makes use of Google Analytics. The Application sends aggregated, non-Personal Information to Google Analytics for the purpose of providing us with the ability to conduct technical and statistical analysis on the Application’s performance. For more information on how Google Analytics supports the Application and uses information sent from the Application, please review Google’s privacy policy available at https://policies.google.com/technologies/partner-sites.
Except as described in this Policy, we will not share your Personal Information with third parties without your notice and consent, unless it is under one of the following circumstances:
- Disclosure at Your Request. If you ask us to send information about you to a third party such as a friend, family member, or healthcare provider, we will do so if we believe that your request is authentic and we have properly verified your identity.
- Lawsuits and Other Legal Disputes. We may use and disclose Personal Information in responding to a court or administrative order, a subpoena, or a discovery request. We may also use and disclose your Personal Information to the extent permitted by law without your authorization, for example, to defend a lawsuit or arbitration.
- Law Enforcement Officials. We may disclose your Personal Information to the police, other law enforcement officials or other governmental authorities as required or permitted by law.
- Security Threats. We may use or disclose Personal Information to assist in investigating or helping prevent security threat.
- Company Rights and Property; Safety of Users and Other Individuals. We may use or disclosure Personal Information while enforcing and protecting the rights and properties of the Company and its subsidiaries; and while protecting the rights and personal safety of you, other users or any individuals.
There are circumstances where Company may decide to buy, sell, or reorganize its business. Under these circumstances, it may be necessary to share or receive Personal Information with prospective or actual partners or affiliates. In such circumstances, Company will ensure your information is used in accordance with this Policy.
Your Privacy Rights
You can help ensure that your contact information and preferences are accurate, complete, and up to date by ensuring the email address you provide at onboarding is correct. For other Personal Information we hold, we will provide you with access (including a copy) for any purpose including to request corrections to the data if it is inaccurate or delete the data if vitalxchange is not required to retain it by law or for legitimate business purposes.
We may decline to process requests that are frivolous/vexatious, jeopardize the privacy of others, are extremely impractical, or for which access is not otherwise required by local law. We may also decline aspects of deletion or access requests if we believe doing so would undermine our legitimate use of data for anti-fraud and security purposes as described earlier. When you make a request, we will verify your identity and the legitimacy of your request by always asking you for a username and password.
Your California Rights
Pursuant to California Civil Code Section § 1798.83, we will not disclose or share your Personal Information with third parties for the purposes of third-party marketing to you without your prior consent.
Other than as disclosed in this Policy, the Platform does not track users over time and across third-party websites to provide targeted advertising. Therefore, the Platform does not operate any differently when it receives Do Not Track (“DNT”) signals from your internet web browser.
CCPA Notice. Our company is not currently subject to the California Consumer Privacy Act of 2018.
Children
Our services are for users age 18 and over and we do not knowingly collect Personal Information from children under the age of 18. We do not target the Application to minors, and would not expect them to be engaging with our Application or services.
We encourage parents and guardians to provide adequate protection measures to prevent minors from providing information unwillingly on the internet. If we are aware of any Personal Information that we have collected about minors, we will take steps to securely remove it from our systems. If you are a parent or guardian of a child under the age of 18 and believe he or she has disclosed Personal Information to us please contact us at support@vitalxchange.com.
By providing Personal Information of anyone under the age of 18, you warrant and represent that you are the parent or guardian of such minor child, or otherwise have the legal authority to share that child’s Personal Information.
Links to Other Websites
This Privacy Policy applies only to the vitalxchange Application. This Policy does not apply to websites or other domains that are maintained or operated by third parties or our affiliates. Our Application may contain links to other websites and services not operated or controlled by us. The links from other websites and services does not imply that we endorse or have reviewed the third-party sites. We encourage you to read any posted privacy policy of the third-party website before using the service or site and providing any information.
Data Retention
We generally retain personal data for so long as it may be relevant to the purposes identified herein. To dispose of personal data, we may anonymize it, delete it or take other appropriate steps. Data may persist in copies made for backup and business continuity purposes for additional time.
Changes to Policy
This Privacy Policy was last updated on the date indicated above. We reserve the right to update or modify this Privacy Policy at any time and from time to time without prior notice. A revised Policy will be posted on the Application and the date will be reported in the “Last Revised” block above. Please review this policy periodically, and especially before you provide any information. Your continued use of the Services after any changes or revisions to this Privacy Policy shall indicate your agreement with the terms of such revised Privacy Policy.
Contact Information
If you have any questions, concerns or complaints regarding privacy on our website or mobile
application or if you want to make a request to access or correct your Personal Information, please
contact our Privacy Officer at:
By email: privacy@vitalxchange.com
By mail:
Privacy Officer
vitalxchange, Inc.
29001 Cedar Road, Suite 510
Cleveland, OH 44124
By phone:
216.925.2534
—
Privacy Policy Effective Date: March 15, 2020