Data Privacy Policy.

Last updated: August 10, 2023

This Privacy Policy describes how EHE Health (“EHE,” “we” or “us”) collects, uses, and discloses information about you that you provide through the EHE website, myEHE portal, mobile applications, and any other websites or mobile applications that we own and operate, and that link to this Privacy Policy (collectively, the “Services”).  Certain parts of the Services are available only to individuals who create an account on the Services (“Users”).

If information you provide through the Services is protected health information, we will use and disclose that information only as stated in the applicable Notice of Privacy Practices. If you have any questions about which policy applies to information you provide, please contact us at the contact information provided in the “Contact Us” section below.

If you do not want us to collect, use or disclose information about you as described in this Privacy Policy, then you should not use the Services. By using the Services (including visiting the EHE website, using myEHE portal, and using any of our mobile apps), you are accepting the practices set out in this Privacy Policy.

INFORMATION WE COLLECT AND HOW WE USE THAT INFORMATION

We may collect different types of information about you based on your use of our Services and our business relationship with you.

Specifically, we collect the following personal information, and may have collected such information in the past 12 months:

Category Specific Information Collected Source and Purpose
Identifiers Name, email address, physical address, phone number, Social Security number (this is considered sensitive information under some laws), employee identification number Collected from you during registration and from employers, for the purposes of providing the Services and for marketing via the contact information that you provide
Protected information per Cal. Civ. Code § 1798.80(e) Name, address, phone number, age, insurance policy number, Social Security number, employee identification number Collected from you during registration and from employers, for the purposes of providing the Services
Characteristics of protected classifications Age, sex, medical condition, medical symptoms, information from your wearable devices Collected from you, your healthcare providers, and from partners on our platform with which Users interact, for the purpose of providing the Services
Commercial Information Records of services and products used Collected automatically when users make purchases for purposes of providing our Service, promoting our services, and analyzing and improving our services
Internet or other electronic network activity information Information regarding your interaction with the Services, including your IP address and your device identifier Collected automatically when you use our Services (for example, when you visit our website or sign in to myEHE or to our mobile apps), for purposes of analytics, improving the Services, and for marketing
Inferences from information we collect when you visit our sites, information collected from third parties or information about consumer preferences Information regarding your preferences, behavior, and abilities Collected from you and from wearable devices for the purposes of providing the Services

 

In addition to the purposes listed above, we may use the information we collect for the following purposes:

  • Provide you with a better customer experience when you use our Services.
  • Communicate with you regarding service updates, offers, and promotions.
  • Deliver customized content and advertising that may be of interest to you.
  • Maintain the security of our products, services, and systems.
  • Protect our rights, property, and safety or the rights, property, and safety of others.
  • Improve our level of service or develop new products or services; and
  • Comply with our legal obligations.

We retain personal information for as long as required under applicable laws and contractual obligations.

ONLINE ACTIVITY TRACKING

When you visit our website, we gather certain information automatically and store it. This information may include internet protocol (IP) addresses, browser type, internet service provider), referring/exit pages, operating system, date/time stamp, and clickstream data. EHE, our partners, and analytics or service providers use technologies such as cookies, beacons, tags, and scripts, to analyze trends, administer and track utilization of the website.

We may collect information about your computer, including where available your IP address, operating system, and browser type. We use “cookies” to remember your settings and for authentication. A cookie is a piece of data stored on a site visitor’s hard drive to help us improve your access to our site and identify repeat visitors to our site. For instance, when we use a cookie to identify you, you would not have to log in a password more than once, thereby saving time while on our site. Cookies can also enable us to deliver personalized experience on our site. Cookies will not be used to store personally identifiable information.  We use beacons and tags to analyze and administer the use of our website and to optimize marketing.

You can control the use of cookies with your browser settings. If you reject cookies, you may not be able to log in to our website or use all its features.

Throughout our websites you may encounter social media features that provide the option to “follow us.” These social media features may collect your IP address and enable cookies. The social media features found on our website are hosted by a third party or hosted directly by our website. Your interactions with these features are governed by the privacy policy of the company providing it.

 

HOW WE SHARE INFORMATION

We do not sell your personal information to anyone for direct marketing purposes without your consent.

We may share your information with the following third parties:

  • Our subsidiaries and affiliates.
  • Contractors, service providers, and other third parties we use to support our business and provide you with our Services (such as advisors, lawyers, web analytics providers, and data management vendors) and who are bound by contractual obligations to keep personal information confidential and secure, and to use it only for the purposes for which we disclose it to them.
  • Partners on our mobile app platform who offer health or wellness services that may be of interest to you, for the purposes of facilitating such services to you.
  • Buyers or other successors in the event of a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all our assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which personal information held by us is among the assets transferred.
  • Government entities or other parties to comply with court order, law, or legal process, including responding to a government, court, or regulatory request.
  • Government entities, third-party cybersecurity experts, or other parties as necessary and appropriate to ensure the security and integrity of our networks, or otherwise protect the rights, property, or safety of EHE, our customers, or others.
  • Third-party entities to enforce or apply our terms of use and other agreements, or otherwise protect or assert our legal rights, including for billing and collection purposes.
  • Your health plan or employer, if our services are part of a program or benefit that they offer to you, or to your health care providers as part of our products or services.

In the myEHE portal, you control who can access your health information. By default, you are the only user who can view your information. If you choose to, you can share your information with others.  Only your healthcare providers can upload data onto your Online Medical Record on the myEHE portal. If there is an omission, error, or issue with the data in your Online Medical Record, immediately contact the applicable healthcare provider.

If you use any bulletin board, chat room, comment posting feature, or other public communication service, forum, or feature offered through the Services, or post any information available for viewing by other Users, any of the information that you share will be visible to other Users. The information that you make available can be read, used, and collected by other Users to send you unsolicited messages outside of EHE products and services. EHE is not responsible for the manner in which the information that you decide to share will be used by other Users.

ANONYMOUS & AGGREGATE INFORMATION

We collect some information on an anonymous basis. We also may anonymize or de-identify the information we collect about you so that it can no longer be linked to you, and we may combine or aggregate this data, or engage service providers to do so on our behalf. We may use and share this data with third parties to perform data analytics and research, including to improve our products or services or develop new products or services.

OUR ONLINE PRIVACY POLICY FOR CHILDREN

Our products and services are not designed to attract children under the age of 13. We do not knowingly collect personally identifying information from anyone under the age of 13. Any information about a child under the age of 13 must be provided by that child’s parent or legal guardian. If you are the parent or legal guardian of a child under the age of 13 and become aware that the child has provided personal information through the Service without your consent, please notify us promptly. If we become aware that a child under age 13 has provided us with personal information without parental/guardian consent, we will take steps to remove it.

USE OF GOOGLE APIS

Where Pulse by EHE Health uses and / or transfers information received from Google APIs to any other app, it will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

YOUR CHOICES

Residents of certain states, including California, Virginia, Colorado, and Utah may have or will have the right to: (1) know what personal information we collect, use, disclose, and sell; (2) request that we delete your personal information; (3) access and obtain a copy of your personal information that we collect; (4) request correction of inaccurate personal information; (5) opt out of targeted advertising; or (6) limit the use and disclosure of certain sensitive information. We will honor your request to exercise any of these rights to the extent required by applicable law and will make a good faith effort to honor your request in all other cases.  If you disagree with our response to your request, you may appeal the request by submitting supporting documentation to privacy@ehe.health.

With respect to deletion requests, we cannot delete your personal information except by also deleting your user account. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.

We may not discriminate against you for exercising any of your rights. This means that we may not deny you services or charge you different prices or rates for services or provide you with a different level or quality of services (or suggest that we will do so), in response to these requests. However, we may charge different prices or rates, or provide a different level or quality of services, where that difference is reasonably related to the value provided to us by your personal information.

You may request to exercise the foregoing rights by:

  • Emailing us at privacy@ehe.health
  • Calling us toll-free at 1.800.362.8671

Please note that we may take steps to verify your identity before granting you access to information or acting on your request to exercise your rights, as required or permitted by law. We may limit our response to your exercise of the above rights as permitted by law.

EMAIL AND TEXT COMMUNICATIONS

We may communicate with you, using the contact information provided by you or your employer, electronically or via telephone, including by SMS (text) about our programs, products, services, offers or general health information. We may communicate with you via unencrypted methods, such as by text or unencrypted email.  You acknowledge and accept that communications by text or email involve some risk of unauthorized disclosure or interception of the contents of these communications. You may customize your preferences on our app or myEHE portal for some communications, including delivery options, and update your contact information, including telephone number and email address. It is your responsibility to provide us with true, accurate, and complete contact information, and to make any changes to that information promptly. You understand that failing to update your contact information may delay or prevent us providing you with communications that rely on that contact information.

THIRD PARTIES AND LINKS

The Services allow you to use the services of our partners, such as healthcare providers participating on our mobile app platform.  If you provide your information to any third party (such as healthcare provider partners) via the Services, you understand that EHE is not responsible for such third parties’ use or misuse of your information. You should review the privacy and information sharing practices of such third parties. Additionally, EHE may offer links to or from the Services to other sites, so that you can conveniently visit our vendors and advertisers or locate other content likely to be of interest. We are not responsible for the content, practices or policies of sites operated by third parties and urge you to inquire about them before providing any personally identifiable information.

INFORMATION SECURITY

We employ industry standard administrative, physical, and technical measures designed to safeguard and protect information under our controlled authorized access, use, and disclosure.  Access to your personal information is restricted to only authorized EHE employees and certain authorized partners involved in the delivery of our services. While we use encryption to protect sensitive electronic information, we also protect your information offline. Only employees who need the information to perform a specific, necessary function are granted access to personally identifiable information. The computers/servers in which we store personally identifiable information are kept in a secure environment.

DATA SUBJECT ACCESS REQUEST

To submit a Data Subject Access Request, please complete this DSAR Form.

CHANGES TO OUR PRIVACY POLICY

We may make changes to our Privacy Policy from time to time. When we do so, we will post the revised Privacy Policy on our Services and change the “Effective Date”. Please check the Effective Date at the top of this page to determine if the policy has been modified since you last reviewed it. Your continued use of the Services after that date means you agree to this Privacy Policy and any changes to it.

 

CONTACT US

You may contact us at the following addresses:

  • Email: privacy@ehe.health
  • Address:

EHE Health
Privacy & Security Officer
600 Fifth Avenue, 5th Floor
New York, NY 10020