vitalxchange logo

Vitalxchange Privacy Policy

At Vitalxchange (collectively with its subsidiaries, “Company,” “the Company,” “we,” “us,” and “our”), safeguarding the privacy of customers like you is a core value.  Any information we collect from you will only be used in accordance with this Privacy Policy and/or your consent and U.S. Law.  We are 100% committed to protecting your privacy through our compliance with this Privacy Policy (the “Policy”) and will never sell your Personal Information.  Information you provide will be shared with professionals you choose to engage with, and no information that directly identifies you will be shared with other third-party individuals or organizations without your explicit consent. 

Please read this Policy carefully to understand our practices regarding your information and how we will treat it.  If you disagree with our policies and practices, then us must not use our website (the “Website”) or related mobile application (the “Application”) (collectively, the “Platform”). By using our Platform, you agree to the terms of this Policy.  This Policy may change from time to time (see below, “Changes to Policy”).  Your continued use of our Platform after we make changes is deemed to be acceptance of those changes, so please check the Policy periodically for updates.

This Policy should be read in conjunction with our Website Terms of Use, into which this Policy is incorporated by reference.

THIS NOTICE DESCRIBES HOW HEALTH INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

 

What We Collect and How We Collect It

To ensure that we provide you with the best possible experience on Vitalxchange, we only collect, store, use, and share information about you in accordance with this Policy.  The information we collect from you will be used to understand your needs and provide you with personalized information, products, and services.  For additional details, please see the section entitled “How We Use Your Information”.

Information You Provide to Us

Personal Information is any information that can be used to individually identify you from a larger group, such as data including, but not limited to, your:

  • Email address
  • Demographic information
  • Comments or messages that are provided in free text boxes.

The following are examples of other data we collect:

  • Health conditions and indications
  • Health-related interests.
  • Types of support structures

You may provide us with Personal Information when you:

  • Request information
  • Subscribe to our emails;
  • Post comments or messages provided in free text boxes
  • Register yourself with the Platform.

The information that you provide in each case will vary. We will ask you to create a username using your email address and password, which should only be known to you. You can request an update to your privacy settings, update your data, or remove any personally identifiable information from your profile by using the contact information at the end of this policy.  We take great measures to protect your privacy and the security of your data. For more details, please see the “How We Protect Your Information” section.

 

Automated Information Collection

In addition to the information that you provide, we may also collect information about you during your visit to our Platform.  We collect this information using automated tools, which are detailed below.  These tools may collect information about your behavior and your computer system, such as your internet address (IP Address), the pages you have viewed, and the actions you have taken while using the Platform (e.g., login times, number of posts, etc.).  Some of the tools we use to collect information about you automatically may include:

  • Cookies. A “cookie” is a small data file transmitted from a website to your device’s hard drive.  Cookies are usually defined in one of two ways, and we may use both of them:

    (1) session cookies, which do not stay on your device after you close the Website, and

    (2) persistent cookies, which remain on your device until you delete them or they expire. 

    We may use the following categories of cookies on our Website.

    1. Strictly Necessary Cookies. These cookies are essential in order to enable you to move around the Website and use its features. Without these cookies, services you have requested cannot be provided.
    2. Performance Cookies. These cookies collect anonymous information on how people use our Website to help us understand how you arrive at our Website, browse or use our Website and highlight areas where we can improve, such as navigation. The data stored by these cookies never shows personal details from which your individual identity can be established.
    3. Functionality Cookies. These cookies remember choices you make such as the country from which you visit our Website, your preferred language, and your search parameters. This information can then be used to provide you with an experience more appropriate to your selections and to make your visits to our Website more tailored to your preferences. The information in these cookies may be anonymized.   These cookies cannot track your browsing activity on other websites.
    4. Targeting Cookies or Advertising Cookies. These cookies collect information about your browsing habits in order to make advertising more relevant to you and your interests. They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of an advertising campaign. The cookies are usually placed by third-party advertising networks.  These cookies remember the websites you visit and that information is shared with other parties.

Of course, if you do not wish to have cookies on your devices, you may turn them off at any time by modifying your internet browser’s settings. However, by disabling cookies on your device, you may be prohibited from full use of the Website’s features or lose access to some functionality.

  • Web Beacons. A Web Beacon is an electronic image. Web Beacons can track certain things from your computer and can report activity back to a web server allowing us to understand some of your behavior. If you choose to receive emails from us, we may use Web Beacons to track your reaction to our emails. We may also use them to track if you click on the links and at what time and date you do so. Some of our third-party marketing partners may use Web Beacons to track your interaction with online advertising banners on our Website.  This information is only collected in aggregate form and will not be linked to your Personal Information.  Please note that any image file on a webpage can act as a Web Beacon.
  • Embedded Web Links. Links provided in our emails and, in some cases, on third-party websites may include tracking technology embedded in the link. The tracking is accomplished through a redirection system. The redirection system allows us to understand how the link is being used by email recipients.  Some of these links will enable us to identify that you have personally clicked on the link and this may be attached to the Personal Information that we hold about you. This data is used to improve our service to you and to help us understand the performance of our marketing campaigns.

 

How We Use Your Information

The information we gather and that you provide is collected to provide you information and the services you request, in addition to various other purposes, including, but not limited to:

  • Profile Creation. Your email address is used to create, log into, and manage your account on Vitalxchange, and is not displayed and is never visible to other members of the community.
  • Product or Service Matching. We match and connect you with products and services on the Vitalxchange Platform based on your health profile and interests. 
  • Content Matching. We customize recommendations to our expert or partner-generated content to match your changing interests and needs.   These include articles, surveys, assessments, clinical trial opportunities, and curated products and services.
  • Moderation and Safety of Our Members. We monitor the content shared on the Vitalxchange Platform to provide a safe and enjoyable user experience.
  • Organization Reporting. If an organization sponsors your membership, it will receive an aggregated summary of its members, enabling it to better understand their engagement. No individually identifiable information will be provided without your consent or the exceptions listed later in this policy.
  • Account and Services. We use your email address to provide you with notices about your account and our services.
  • Inform Experts: Our experts will use your information to understand your situation better, recommend activities, and recommend other services.

Other purposes we use your information for include, but are not limited to:

  • To provide you with the full functionality of the Platform.
  • Assisting you with items such as personalized experiences
  • Facilitation of product usage
  • Enforcement of Terms of Use.
  • Preventing malicious activity and providing you with a secure experience.
  • Providing service and support for services you request.
  • Providing background information about you to your selected service providers
  • Providing marketing communications that are effective and optimized for you.
  • Keeping you up-to-date with the latest benefits available from us.
  • Preventing unwanted messages or content.
  • Measuring the performance of our marketing programs.
  • For business analytics purposes.
  • For account and network security purposes.
  • To maintain legal and regulatory compliance.
  • To service your account.
  • To notify you when Platform updates are available.
  • To create de-identified information, such as aggregate statistics relating to the use of the Platform.
  • For any other purpose with your consent.

All information on Vitalxchange is provided directly by you and stored in a private profile. 

 

Unidentifiable Aggregated Information

Vitalxchange will engage in partnerships with organizations (e.g., employers, benefits providers, early intervention centers, etc.) involved in the advocacy, sponsorship, reselling or delivery of quality health products and services.  Vitalxchange may provide its partners with aggregated engagement analytics and reporting on associated members (“Unidentifiable Aggregated Information”).

Unidentifiable Aggregated Information is statistics and de-identified data from multiple members that are not associated with any individual user account.  It is intended to provide statistics and feedback on the needs and status of members for the organization to improve its customer engagement and satisfaction.  Unidentifiable Aggregated Information is not Personal Information. Unidentifiable Aggregated Information is used to run and improve the services provided on or through Vitalxchange. We may also use this information for presentations, publications, marketing and PR materials, training, research, and internal development purposes.

We create Unidentifiable Aggregated Information from the information shared on Vitalxchange and use such Unidentifiable Aggregated Information without restriction. This data may include but is not limited to, user profiles, needs, interests, and preferences; utilization and engagement; surveys, questionnaires, assessment data.

When an applicable law requires that we use a method of de-identification, we will comply with that law. Otherwise, we may use an appropriate de-identification method under the circumstances and would not reasonably identify you.

We may use Unidentifiable Aggregated Information in any way that is allowed by law. Some ways in which we might use Unidentifiable Aggregated Information include:

  • To understand, evaluate, or modify the Platform services
  • To use for our own business purposes
  • To generate statistical information about the services that we share with our customers and other third parties who are evaluating, analyzing, accrediting or researching Vitalxchange’s programs.

 

How We Protect Your Information

While we can never promise 100% security of information, we use commercially reasonable technical, physical, and administrative techniques to protect your Personal Information from unauthorized access, use, or disclosure. For example, Vitalxchange maintains standard physical and electronic procedural safeguards that limit access to your Personal Information to our employees (or people working on our behalf and under confidentiality agreements) who, through the course of standard business activities, need to access to the information you disclose on our platform.

Full access to the Platform requires secure authentication by using usernames and passwords.  All data in transit between your device or at rest on our cloud servers is encrypted.

Using the Platform and providing us with your cell phone number and email address permits us to communicate with you by SMS, text message, and email. You may also ask us to stop by modifying your account settings or by contacting us at privacy@vitalxchange.com. You understand that you may have to pay data costs to receive SMS text messages that we send to your mobile phone. Text messages and emails are not always secure because they travel over unencrypted networks we do not control.

You have a responsibility, as well, to safeguard your information through the proper use and security of any online credentials used to access your Personal Information, such as a username and password.  If you believe your credentials have been compromised, please change your password. Please also notify us of any unauthorized use using the contact information at the end of this policy.  

In addition, by downloading the Application from a digital distribution platform such as the Apple App Store or Google Play (a “Mobile App Provider”), the Mobile App Provider and its agents may be able to identify you as a user of our Services. If you have reason to believe that your data or your interactions with us are no longer secure, you may contact us at the email address, mailing address, or telephone number listed at the end of this Privacy Policy. In addition, if you have privacy or data security-related questions, please feel free to contact the office identified at the end of this Privacy Policy.

 

How We Share Your Information

We may disclose your Personal Information to our trusted third-party business partners in accordance with this Policy and only for the purposes of providing our services to you.  These third-party partners are under contract to keep your Personal Information secure and not to use it for any reason other than to fulfill the service we have requested from them. Our Platform makes use of Google Analytics.  The Platform sends aggregated information to Google Analytics for the purpose of providing us with the ability to conduct technical and statistical analysis on the Platform’s performance.  For more information on how Google Analytics supports the Platform and uses information sent from the Platform, please review Google’s privacy policy available at https://policies.google.com/technologies/partner-sites.

Except as described in this Policy, we will not share your Personal Information with third parties without your notice and consent, unless it is under one of the following circumstances: 

  • Disclosure at Your Request/Consent. If you ask us to send information about you to a third party such as a friend, family member, or healthcare provider, we will do so if we believe that your request is authentic and we have properly verified your identity.
  • When you engage a professional on the Vitalxchange platform (e.g., engaging in a chat, scheduling a video appointment, etc..), we consider this a request for disclosure of your information to facilitate this conversation.
  • Lawsuits and Other Legal Disputes. We may use and disclose Personal Information in responding to a court or administrative order, a subpoena, or a discovery request. We may also use and disclose your Personal Information to the extent permitted by law without your authorization, for example, to defend a lawsuit or arbitration.
  • Law Enforcement Officials. We may disclose your Personal Information to the police, other law enforcement officials or other governmental authorities as required or permitted by law.
  • Security Threats. We may use or disclose Personal Information to assist in investigating or helping prevent security threat.
  • Company Rights and Property; Safety of Users and Other Individuals. We may use or disclosure Personal Information while enforcing and protecting the rights and properties of the Company and its subsidiaries; and while protecting the rights and personal safety of you, other users or any other individuals as necessary.

There are circumstances where Company may decide to buy, sell, or reorganize its business.  Under these circumstances, it may be necessary to share or receive Personal Information with prospective or actual partners or affiliates. In such circumstances, Company will ensure your information is used in accordance with this Policy.

 

Authorizations

Other than the uses and disclosures described above, we will not use or disclose health information about you without you or your personal representative’s “authorization” – or signed permission. In some instances, we may wish to use or disclose health information about you, and we may contact you to ask you to sign an authorization form. In other instances, you may contact us to ask us to disclose health information, and we will ask you to sign an authorization form.

If you sign a written authorization allowing us to disclose health information about you, you may later revoke (or cancel) your authorization in writing (except in very limited circumstances related to obtaining insurance coverage). If you would like to revoke your authorization, you may email or write us a letter revoking your authorization. If you revoke your authorization, we will follow your instructions except to the extent that we have already relied upon your authorization and taken some action.

 

Your Privacy Rights

You can help ensure that your contact information and preferences are accurate, complete, and up to date by ensuring the email address you provide at onboarding is correct. For other Personal Information we hold, we will provide you with access (including a copy) for any purpose, including to request corrections to the data if it is inaccurate or delete the data if Vitalxchange is not required to retain it by law or for legitimate business purposes.

Limitations on deletion of information.

We may decline to process requests that are frivolous/vexatious, jeopardize the privacy of others, are extremely impractical, or for which access is not otherwise required by local law. We may also decline aspects of deletion or access requests if we believe doing so would undermine our legitimate use of data for anti-fraud and security purposes, as described earlier.

You may request the deletion of your personal information by us. However, we may be required (by law or otherwise) to keep this information and not delete it (or keep it for a specific time, in which case we will comply with your deletion request only after we have fulfilled such requirements). When we delete personal information, it will be deleted from the active database but may remain in our archives (subject to applicable law), and we may also retain anonymous information about your use of our services. Once we disclose some of your personal information to third parties, we may not be able to access that personal information any longer and cannot force the deletion or modification of any such information by the parties to whom we have made those disclosures. After we delete personal information, we may retain de-identified information and will continue to use de-identified information as permitted under this Privacy Policy.

When you make a deletion request, we will verify your identity and legitimacy by always asking you for a username and password.

 

Right to a Copy of This Notice

You have a right to have a copy of our Notice of Privacy Practices at any time. A copy shall be available at https://vitalxchange.com/privacy-policy at all times.

Right to Request Restrictions on Uses and Disclosures

You have the right to request that we limit the use and disclosure of health information about you for treatment, payment, and healthcare operations. Under federal law, we must agree to your request and comply with your requested restriction(s) if:

  • Except as otherwise required by law, the disclosure is to a health plan for purpose of carrying out payment of healthcare operations (and is not for purposes of carrying out treatment); and,
  • The health information pertains solely to a healthcare item or service for which the healthcare provided.

Once we agree to your request, we must follow your restrictions (except if the information is necessary for emergency treatment). You may cancel the restrictions at any time. In addition, we may cancel a restriction at any time as long as we notify you of the cancellation and continue to apply the restriction to information collected before the cancellation.

You also have the right to request that we restrict disclosures of your health information and healthcare treatment(s) to a health plan (health insurer) or other party.

 

California Residents

The California Consumer Privacy Act provides California consumers with certain rights, such as the right to obtain from us information about the personal information about you that we collect, use, and disclose as set forth below.

 

Disclosure of Personal Information We Collect About You

You have the right to know:

  • The categories of personal information we have collected about you;
  • The categories of sources from which the personal information is collected;
  • Our business or commercial purpose for collecting or selling personal information;
  • The categories of third parties with whom we share personal information, if any; and
  • The specific pieces of personal information we have collected about you.

Please note that we are not required to:

  • Retain any personal information about you that was collected for a single one-time transaction if, in the ordinary course of business, that information about you is not retained;
  • Reidentify or otherwise link any data that, in the ordinary course of business, is not maintained in a manner that would be considered personal information; or
  • Provide the personal information to you more than twice in a 12-month period.

 

Personal Information Sold or Used for a Business Purpose

  • We do not sell personal information.

 

Right to Deletion

Subject to certain exceptions set out below, on receipt of a verifiable request from you, we will:

  • Delete your personal information from our records; and
  • Direct any service providers to delete your personal information from their records.


Please note that we may not delete your personal information if it is necessary to:

  • Complete the transaction for which the personal information was collected, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, provide a good or service requested by you, or reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform a contract between you and us;
  • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity;
  • Debug to identify and repair errors that impair existing intended functionality;
  • Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law;
  • Comply with the California Electronic Communications Privacy Act;
  • Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when our deletion of the information is likely to render impossible or seriously impair the achievement of such research, provided we have obtained your informed consent;
  • Enable solely internal uses that are reasonably aligned with your expectations based on your relationship with us;
  • Comply with an existing legal obligation; or
  • Otherwise, use your personal information internally in a lawful manner that is compatible with the context in which you provided the information.

 

Protection Against Discrimination

You have the right to not be discriminated against by us because you exercised any of your rights under the CCPA. This means we cannot, among other things:

  • Deny goods or services to you;
  • Charge different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties;
  • Provide a different level or quality of goods or services to you; or
  • Suggest that you will receive a different price or rate for goods or services or a different level or quality of goods or services.

Please note that we may charge a different price or rate or provide a different level or quality of goods and/or services to you if that difference is reasonably related to the value provided to our business by your personal information.

If you would like to exercise any of these rights, please:

  • Email us at the Contact Information below.
  • Please note that you may only request a CCPA-related data access or portability disclosure twice within 12 months.
  • If you choose to contact us directly by email, you will need to provide us with:
    • Enough information to identify you (e.g., your full name, address and customer or matter reference number);
    • Proof of your identity and address (e.g., a copy of your driving license or passport and a recent utility or credit card bill); and
    • A description of what right you want to exercise and the information to which your request relates.
  • We are not obligated to make a data access or data portability disclosure if we cannot verify that the person making the request is the person about whom we collected information or if someone is authorized to act on such person’s behalf.

Any Personal Information we collect from you to verify your identity in connection with your request will be used solely for verification.

If you exercise your privacy rights, you will not receive discriminatory treatment or lesser service from us. Some actions, such as remarketing or statistical analysis, may be considered “sales” under some interpretations of the CCPA. You have the right to opt out of the sale of your Personal Information. This means that we will abide by your request whenever you ask us to stop selling your personal information. Such requests can be made freely, anytime, by emailing us using the contact information below.

 

Nevada Residents

We do not sell any personal information for business purposes.

 

Children

Our services are for users ages 18 and over, and we do not knowingly collect Personal Information from children under 18. We do not target the Platform to minors and would not expect them to be engaging with our Platform or services. 

By providing the Personal Information of anyone under 18, you confirm that you are the parent or guardian of such minor child and are authorized to share that child’s Personal Information.

We encourage parents and guardians to provide adequate protection measures to prevent minors from providing information unwillingly on the Internet.  If we are aware of any Personal Information collected directly from minors, we will take steps to securely remove it from our systems.  If you are a parent or guardian of a child under 18 and believe he or she has disclosed Personal Information to us, please get in touch with us at privacy@vitalxchange.com.

 

Links to Other Websites

This Privacy Policy applies only to the Vitalxchange Website and Platform. This Policy does not apply to websites or other domains that are maintained or operated by third parties or our affiliates. Our Platform may contain links to other websites and services not operated or controlled by us. The links from other websites and services does not imply that we endorse or have reviewed the third-party sites. We encourage you to read any posted privacy policy of the third-party website before using the service or site and providing any information. 

 

Data Retention

We generally retain personal data for so long as it may be relevant to the purposes identified herein. To dispose of personal data, we may anonymize it, delete it or take other appropriate steps. Data may persist in copies made for backup and business continuity purposes for additional time.

 

Changes to Policy

This Privacy Policy was last updated on the date indicated above. We reserve the right to update or modify this Privacy Policy at any time and from time to time without prior notice. A revised Policy will be posted on the Website and the date will be reported in the “Last Revised” at the end of this document. Please review this policy periodically, and especially before you provide any information. Your continued use of the Services after any changes or revisions to this Privacy Policy shall indicate your agreement with the terms of such revised Privacy Policy.

 

Complaints

If you believe that your privacy rights have been violated or if you are dissatisfied with our privacy policies or procedures, you may file a written complaint either with us or with the federal government.  To file a written complaint with us, you may email your complaint to the  Privacy Officer or you may mail it to the address indicated in the Contact Information section.

 

Contact Information

If you have any questions, concerns or complaints regarding privacy on our website or mobile

application or if you want to make a request to access or correct your Personal Information, please contact our Privacy Officer at:

By email:

privacy@vitalxchange.com

By mail:

Privacy Officer

Vitalxchange, Inc.

4283 Eagle Point

North Royalton, OH 44133

By phone:

            +1 216.505.4119

Privacy Policy Effective Date: January 17, 2025

ABOUT US

Work with us

SUPPORT

Resources

Facebook Twitter Youtube Instagram Pinterest Linkedin
© 2025 All Rights Reserved Vitalxchange