Privacy Policy

At vitalxchange (collectively with its subsidiaries, “Company,” “the Company,” “we,” “us,” and “our,”), safe-guarding the privacy of customers like you is a core value.  Any information we collect from you will only be used in accordance with this Privacy Policy or your consent.  We are 100% committed to protect your privacy through our compliance with this Privacy Policy (the “Policy”) and will never sell your Personal Information.  No information that directly identifies you will ever be given to a third party without your explicit consent.  

Please read this Policy carefully to understand our practices regarding your information and how we will treat it.  If you do not agree with our policies and practices, then please do not use our website (the “Website”) or related mobile application (the “Application”) (collectively, the “Platform”). By using our Website, you agree to the terms of this Policy.  This Policy may change from time to time (see below, “Changes to Policy”).  Your continued use of our Website after we make changes is deemed to be acceptance of those changes, so please check the Policy periodically for updates. 

This Policy should be read in conjunction with our Website Terms of Use, into which this Policy is incorporated by reference. 

What We Collect and How We Collect It

To ensure that we provide you with the best possible experience on vitalxchange, we only collect, store, use and share information about you in accordance with this Policy.  The information we collect from you will be used for understanding your needs and providing you with your own matched community of people, information, products and services.

Information You Provide to Us

Personal Information is any information that can be used to individually identify you from a larger group, such as data including, but not limited to, your:

  • Email address
  • Demographic information, e.g. age, location; and
  • Comments or messages provided in free text boxes.

The following are examples of other data we collect:

  • Health conditions and indications, e.g. autism, diabetes, anxiety; and
  • Health related interests, e.g. intermittent fasting, alternate therapies.

You may provide us Personal Information when you: 

  • Request information 
  • Subscribe to our emails; 
  • Post comments or messages provided in free text boxes; and
  • Register yourself with the Platform. 

HIPAA Notice.  While much of the information you provide may be health related, or indeed provided to you by a healthcare provider or other entity regulated by the Health Insurance Portability and Accountability Act (“HIPAA”), the Personal Information we process is not Protected Health Information and therefore is not subject to HIPAA or its protections.

The information that you provide in each case will vary. We will ask you to create a username and password that should only be known to you. You will have the ability to modify your privacy settings, update your data and remove any personally identifiable information from your profile at any time.  We take great measures to protect your privacy and the security of your data. Please see the section on “How We Protect Your Information” for more details.

Automated Information Collection

In addition to the information that you provide to us, we may also collect information about you during your visit to our Website.  We collect this information using automated tools that are detailed below.  These tools may collect information about your behavior and your computer system, such as your internet address (IP Address), the pages you have viewed, and the actions you have taken while using the Website (e.g. login times, number of posts).  Some of the tools we use to automatically collect information about you may include:

  1. Cookies.  A “cookie” is a small data file transmitted from a website to your device’s hard drive.  Cookies are usually defined in one of two ways, and we may use both of them: 

    (1) session cookies, which do not stay on your device after you close the Website, and

    (2) persistent cookies, which remain on your device until you delete them or they expire. 

    We may use the following categories of cookies on our Website.
    1. Strictly Necessary Cookies.  These cookies are essential in order to enable you to move around the Website and use its features. Without these cookies, services you have requested cannot be provided.
    2. Performance Cookies.  These cookies collect anonymous information on how people use our Website to help us understand how you arrive at our Website, browse or use our Website and highlight areas where we can improve, such as navigation. The data stored by these cookies never shows personal details from which your individual identity can be established.
    3. Functionality Cookies.  These cookies remember choices you make such as the country from which you visit our Website, your preferred language, and your search parameters. This information can then be used to provide you with an experience more appropriate to your selections and to make your visits to our Website more tailored to your preferences. The information in these cookies may be anonymized.   These cookies cannot track your browsing activity on other websites.
    4. Targeting Cookies or Advertising Cookies. These cookies collect information about your browsing habits in order to make advertising more relevant to you and your interests. They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of an advertising campaign.  The cookies are usually placed by third-party advertising networks.  These cookies remember the websites you visit and that information is shared with other parties.

Of course, if you do not wish to have cookies on your devices, you may turn them off at any time by modifying your internet browser’s settings. However, by disabling cookies on your device, you may be prohibited from full use of the Website’s features or lose access to some functionality.

  1. Web Beacons.  A Web Beacon is an electronic image. Web Beacons can track certain things from your computer and can report activity back to a web server allowing us to understand some of your behavior. If you choose to receive emails from us, we may use Web Beacons to track your reaction to our emails. We may also use them to track if you click on the links and at what time and date you do so. Some of our third-party marketing partners may use Web Beacons to track your interaction with online advertising banners on our Website.  This information is only collected in aggregate form and will not be linked to your Personal Information.  Please note that any image file on a webpage can act as a Web Beacon.
  2. Embedded Web Links.  Links provided in our emails and, in some cases, on third-party websites may include tracking technology embedded in the link. The tracking is accomplished through a redirection system. The redirection system allows us to understand how the link is being used by email recipients.  Some of these links will enable us to identify that you have personally clicked on the link and this may be attached to the Personal Information that we hold about you. This data is used to improve our service to you and to help us understand the performance of our marketing campaigns.

How We Use Your Information

The information we gather and that you provide is collected to provide you information and the services you request, in addition to various other purposes, including, but not limited to: 

  • Profile Creation. Your email address is used to create, log into, and manage your account on vitalxchange, and is not displayed and is never visible to other members of the community. 
  • Member Matching.  We match and connect you with other members in the community based on your health profile and interests.  Your question or post will be shared with matched members.  Similarly, you may be a match for another member’s post. 
  • Content Matching.  We customize your daily app feed on the Application with member, expert or partner generated content to match your changing interests and needs.   These include articles, surveys, clinical trial opportunities, or curated products and services.
  • Moderation and Safety of Our Members.  We monitor the content being shared on the vitalxchange Platform to provide a safe and enjoyable user experience.
  • Organization Reporting. If your membership is sponsored by an organization, the organization will receive an aggregated summary on its members enable it to better understand their customers. No individually identifiable information will be provided under any circumstances. 
  • Account and Services. We use your email address to provide you with notices about your account and our services.  

Other purposes we use your information for include, but are not limited to: 

  • Assisting you with items such as personalized experiences, facilitation of product usage, and enforcement of Terms of Use.   
  • Preventing malicious activity and providing you with a secure experience.  
  • Providing service and support for services you request.
  • Providing marketing communications that are effective and optimized for you. 
  • Keeping you up-to-date with the latest benefits available from us.
  • Preventing unwanted messages or content.
  • Measuring the performance of our marketing programs. 
  • Contacting you about services and offers that are relevant to you. 

All information on vitalxchange is provided directly by you and stored in a private profile.  You are in complete control to disclose only what you are comfortable disclosing. 

What We Provide Our Partner Organizations

Vitalxchange will engage in partnerships with mission-aligned organizations that are involved in the advocacy, sponsorship or delivery of quality health products and services. Partner organizations may have the opportunity to sponsor vitalxchange memberships for their customer base and, in turn, vitalxchange provides aggregated analytics and reporting on associated members (“Unidentifiable Aggregated Information”). 

Unidentifiable Aggregated Information is statistics and de-identified data from multiple members that is not associated with any individual user account.  Unidentifiable Aggregated Information is not Personal Information. Unidentifiable Aggregated Information is used to run and improve the services provided on or through vitalxchange. This information may also be used by us or provided to our partners for purposes of research and analysis and is intended to provide statistics and feedback on the needs and status of members for the organization to improve its customer engagement and satisfaction.

We create Unidentifiable Aggregated Information from the information that is shared on vitalxchange and use such Unidentifiable Aggregated Information without restriction. This data may include, but is not limited to, user segmentation profiles, user interests and engagement, and user needs and preferences.

When an applicable law requires that we use a method of de-identification, we will comply with that law. Otherwise, we may use a de-identification method that is appropriate under the circumstances and would not reasonably identify you. 

We may use Unidentifiable Aggregated Information in any way that is allowed by law. Some ways in which we might use Unidentifiable Aggregated Information include: to understand, evaluate, or modify the Website services; to use for our own business purposes; or to generate statistical information about the services that we share with our customers and other third parties who are evaluating, analyzing, accrediting or researching vitalxchange’s programs.

How We Protect Your Information

While we can never promise 100% security of information, we do use commercially reasonable technical, physical and administrative to protect your Personal Information from unauthorized access, use, or disclosure. For example, Vitalxchange maintains standard physical and electronic procedural safeguards that limit access to your Personal Information to our employees (or people working on our behalf and under confidentiality agreements) who, through the course of standard business activities, need to access to the information you disclose on our platform.  

Full access to the vitalxchange platform requires secure authentication by using usernames and passwords.  All data in transit between your device or at rest on our cloud servers is encrypted.

You have a responsibility, as well, to safeguard your information through the proper use and security of any online credentials used to access your Personal Information, such as a username and password.  If you believe your credentials have been compromised, please change your password. Please also notify us of any unauthorized use.  

In addition, by downloading the Application from a digital distribution platform such as the Apple App Store or Google Play (a “Mobile App Provider”), the Mobile App Provider and its agents may be able to identify you as a user of our Services. If you have reason to believe that your data or your interactions with us are no longer secure, you may contact us at the email address, mailing address or telephone number listed at the end of this Privacy Policy. In addition, if you have privacy or data security related questions, please feel free to contact the office identified at the end of this Privacy Policy.

How We Share Your Information

We may disclose your Personal Information to our trusted third-party business partners in accordance with this Policy and only for the purposes of providing our services to you.  These third-party partners are under contract to keep your Personal Information secure and not to use it for any reason other than to fulfill the service we have requested from them. Our Platform makes use of Google Analytics.  The Platform sends aggregated, non-Personal Information to Google Analytics for the purpose of providing us with the ability to conduct technical and statistical analysis on the Platform’s performance.  For more information on how Google Analytics supports the Platform and uses information sent from the Platform, please review Google’s privacy policy available at https://policies.google.com/technologies/partner-sites.

Except as described in this Policy, we will not share your Personal Information with third parties without your notice and consent, unless it is under one of the following circumstances: 

  • Disclosure at Your Request. If you ask us to send information about you to a third party such as a friend, family member, or healthcare provider, we will do so if we believe that your request is authentic and we have properly verified your identity. 
  • Lawsuits and Other Legal Disputes. We may use and disclose Personal Information in responding to a court or administrative order, a subpoena, or a discovery request. We may also use and disclose your Personal Information to the extent permitted by law without your authorization, for example, to defend a lawsuit or arbitration. 
  • Law Enforcement Officials. We may disclose your Personal Information to the police, other law enforcement officials or other governmental authorities as required or permitted by law.
  • Security Threats. We may use or disclose Personal Information to assist in investigating or helping prevent security threat. 
  • Company Rights and Property; Safety of Users and Other Individuals. We may use or disclosure Personal Information while enforcing and protecting the rights and properties of the Company and its subsidiaries; and while protecting the rights and personal safety of you, other users or any other individuals as necessary. 

There are circumstances where Company may decide to buy, sell, or reorganize its business.  Under these circumstances, it may be necessary to share or receive Personal Information with prospective or actual partners or affiliates. In such circumstances, Company will ensure your information is used in accordance with this Policy. 

Your Privacy Rights

You can help ensure that your contact information and preferences are accurate, complete, and up to date by ensuring the email address you provide at onboarding is correct. For other Personal Information we hold, we will provide you with access (including a copy) for any purpose including to request corrections to the data if it is inaccurate or delete the data if vitalxchange is not required to retain it by law or for legitimate business purposes.

We may decline to process requests that are frivolous/vexatious, jeopardize the privacy of others, are extremely impractical, or for which access is not otherwise required by local law. We may also decline aspects of deletion or access requests if we believe doing so would undermine our legitimate use of data for anti-fraud and security purposes as described earlier. When you make a request, we will verify your identity and the legitimacy of your request by always asking you for a username and password.

California Residents:  We do not share your Personal Information with third parties for the purposes of marketing third party services to you without your consent.  We are also not currently subject to the requirements of the California Consumer Privacy Act or “CCPA.”  Regardless, we will always process your Personal Information in accordance with this Policy.  

Children

Our services are for users age 18 and over and we do not knowingly collect Personal Information from children under the age of 18. We do not target the Platform to minors, and would not expect them to be engaging with our Platform or services.  

By providing Personal Information of anyone under the age of 18, you are confirming that you are the parent or guardian of such minor child and are authorized to share that child’s Personal Information. 

We encourage parents and guardians to provide adequate protection measures to prevent minors from providing information unwillingly on the internet.  If we are aware of any Personal Information that we have collected about minors, we will take steps to securely remove it from our systems.  If you are a parent or guardian of a child under the age of 18 and believe he or she has disclosed Personal Information to us please contact us at support@vitalxchange.com. 

This Privacy Policy applies only to the vitalxchange Website. This Policy does not apply to websites or other domains that are maintained or operated by third parties or our affiliates. Our Platform may contain links to other websites and services not operated or controlled by us. The links from other websites and services does not imply that we endorse or have reviewed the third-party sites. We encourage you to read any posted privacy policy of the third-party website before using the service or site and providing any information.  

Data Retention

We generally retain personal data for so long as it may be relevant to the purposes identified herein. To dispose of personal data, we may anonymize it, delete it or take other appropriate steps. Data may persist in copies made for backup and business continuity purposes for additional time.

Changes to Policy

This Privacy Policy was last updated on the date indicated above. We reserve the right to update or modify this Privacy Policy at any time and from time to time without prior notice. A revised Policy will be posted on the Website and the date will be reported in the “Last Revised” block above. Please review this policy periodically, and especially before you provide any information. Your continued use of the Services after any changes or revisions to this Privacy Policy shall indicate your agreement with the terms of such revised Privacy Policy.

Contact Information

If you have any questions, concerns or complaints regarding privacy on our website or mobile

application or if you want to make a request to access or correct your Personal Information, please

contact our Privacy Officer at:

By email: 

privacy@vitalxchange.com

By mail:

Privacy Officer

vitalxchange, Inc.

29001 Cedar Road, Suite 510

Cleveland, OH 44124

By phone:

216.925.2534

Privacy Policy Effective Date: March 15, 2020