Privacy Policy

Last Updated: May 2024

Heartbeat Health, Inc. (“Heartbeat,” “us” or “we”) provides this Privacy Policy to describe how we handle Personal Information when you visit our website at heartbeathealth.com, or its affiliated and successor sites (the “Site”), and when you use the products and services we provide through the Site (collectively, the “Services”). As applicable to you, we also encourage you to access and review Heartbeat’s Terms &
Conditions at https://www.heartbeathealth.com/terms/.

Please read this Privacy Policy carefully as it contains important information about our practices regarding your Personal Information.

This Privacy Policy does not apply to “protected health information” that is subject to the Health Insurance Portability and Accountability Act (“HIPAA”). In some cases, we handle protected health information as a “covered entity.” In other cases, we handle protected health information as a “business associate” on behalf of our customers that are covered entities (e.g., health plans). For information about how we
handle protected health information as a covered entity, please review our HIPAA Notice of Privacy Practices available at https://www.heartbeathealth.com/npp/. For information about how we handle protected health information on behalf of our covered entity customers, please contact the applicable customer.

In addition, this Privacy Policy does not apply to the collection and use of information pertaining to job applicants or our employees, contractors, or agents.

This Privacy Policy may change from time to time. Any updated Privacy Policy will be effective when posted. You must check this Privacy Policy periodically for updates.

Our Services are intended for access and use by users that reside within the U.S. and its territories. If you are not a resident of the U.S. or its territories, you should not attempt to access or use our Services.

SECURITY SAFEGUARDS

We use reasonable measures and safeguards to help protect your personal information. You understand and acknowledge that no data management or transmissions system over the Internet or any other public network can be guaranteed to be 100% secure. Also, information collected by third parties may not have the same security protections as information you submit to us, and we are not responsible for protecting
the security of such information.

PERSONAL INFORMATION WE COLLECT

Personal Information you provide. We collect Personal Information about you that you input into forms on our Site, such as your name, email address, phone number, and the content of messages you send to us.

We collect information you choose to provide on public areas of our Site or transmitted to other users of our Services or third parties (collectively, “User-Provided content”). Your User-Provided Content is posted and transmitted to others at your own risk. Note that if you make any Personal Information publicly available on the Site, anyone may see and use such information outside of Heartbeat’s control.

Information collected automatically and through tracking technologies. As you navigate our Services, we may also collect information automatically through cookies, web beacons, and similar technologies. Cookies (e.g., session, persistent and flash) are a type of technology that install a small amount of information on a user’s computer or other device when they visit a website.

Pixels, web beacons, and tags are types of code or transparent graphics. In contrast to cookies, which are stored on a user’s computer hard drive, pixels, web beacons, and tags are embedded invisibly on web pages.

We, and third parties we authorize, may use cookies and other tracking technologies to collect information about your Internet connection, equipment you use to access our Services and usage details, such as IP address, location, cookie ID, device ID, ad ID, traffic data, logs, referring/exit pages, date and time of you use our Services, error information, and other communication data and the resources that you access
through our Services.

You may be able to refuse or disable cookies and other technologies by adjusting your web browser settings. Because each web browser is different, please consult the instructions provided by your web browser (typically in the “help” section). If you choose to refuse, disable, or delete these technologies, some of the functionality of the Services may no longer be available to you.

Some browsers have incorporated Do Not Track (“DNT”) preferences. At this time, we do not honor Do Not Track signals.

HOW WE USE YOUR PERSONAL INFORMATION

We may use Personal Information:

• To provide products and services you request, respond to your inquiries, send you administrative information; to provide you with customer service, verifying customer information; hosting events; and otherwise facilitating your relationship with us.
  
  
• To personalize your experience on our Services by presenting products and offers tailored to you; personalize advertising to you (including by developing product, brand, or services audiences and identifying you across devices/sites); analyze interactions with us or our Services, or to send you newsletters, surveys, questionnaires, or information about events. You can unsubscribe to our email marketing via the link in the email or by contacting us using the information below.
  
  
• For internal research and product improvement purposes, such as verifying and maintaining the quality and safety of our products and services; improving our products and services; designing new products and services; evaluating the effectiveness of our advertising and marketing efforts; and debugging and repairing errors with our systems, networks, and equipment.
  
  
• For internal business purposes, such as day-to-day operation of our business; maintaining internal business records, such as accounting, document management, and similar activities; enforcing our policies and rules; management reporting; auditing; and IT security and administration.
  
  
• For legal, security, or safety reasons, including as necessary or appropriate under applicable law or to comply with legal processes; to respond to requests from government authorities; to enforce our Terms of Conditions; to protect our operations or those of any of our affiliates; to protect our rights, privacy, safety or property, or that of our affiliates, you or others; or to allow us to investigate a security incident or breach of our IT systems and to pursue available remedies or limit the damages that we may sustain.
  
  
• In connection with a corporate transaction, such as if we acquire assets of another business or sell or transfer all or a portion of our business or assets, including through a sale in connection with bankruptcy and other forms of corporate change.

We may use anonymized, de-identified, or aggregated information for any purpose permitted by law.

HOW WE DISCLOSE PERSONAL INFORMATION

We share Personal Information of visitors, users, patients, and providers as follows:

• For business purposes. For example, we may share your Personal Information with vendors and service providers who help us manage, maintain, or promote our business. These include our data hosting and data storage partners, analytics and advertising providers, technology services and
  support, and data security vendors. We also may share Personal Information with professional advisors, such as auditors, law firms, and accounting firms. For example, we may disclose your name, email address, date of birth, phone number, and address if you provided it to us via a form on the website or during an incomplete or failed registration to service providers. We may also share your connection and site usage details (such as the equipment you use to access our data and access records) with service providers to improve the Site and the Services.
  
  
• For business purposes. For example, we may share your Personal Information with vendors and service providers who help us manage, maintain, or promote our business. These include our data hosting and data storage partners, analytics and advertising providers, technology services and
  support, and data security vendors. We also may share Personal Information with professional advisors, such as auditors, law firms, and accounting firms. For example, we may disclose your name, email address, date of birth, phone number, and address if you provided it to us via a form on the website or during an incomplete or failed registration to service providers. We may also share your connection and site usage details (such as the equipment you use to access our data and access records) with service providers to improve the Site and the Services.
  
  
• For marketing purposes. For example, we may disclose your Personal Information for marketing purposes relating to our products or services and to third parties to permit them to send marketing communications to you regarding our products or services.
  
  
• With your direction or consent. For example, we may share Personal Information with third parties if you request or direct us to do so.
  
  
• With affiliates within our corporate group. For example, we may share your Personal Information with any affiliates within our corporate group.
  
  
• Compliance with law and other legal, security or safety reasons. For example, we may share your Personal Information to comply with applicable law or any obligations thereunder, including cooperation with law enforcement, judicial orders, and regulatory inquiries.
  
  
• In the context of a transaction. For example, we may share your Personal Information connection with an asset sale, merger, bankruptcy, or other business transaction.
  
  
• For other business reasons. For example, we may share your Personal Information to enforce any applicable terms of use or service, and to ensure the safety and security of the Services and/or our users.

We do not sell any Personal Information for money.

THIRD PARTY WEBSITES AND LINKS

This Privacy Policy does not address the privacy, information or other practices of any third parties, including your health care providers or your health plan, the manufacturer of your mobile device, and any other third party mobile application or website to which the Site may contain a link, including third-party services or platforms such as social media sites. We do not control such third parties and are not responsible for the content of their platforms, their privacy policies, or their use of your information. Any information submitted by you directly to these third parties is subject to that third party’s Privacy Policy.

CHILDREN’S PRIVACY

Our Services are not intended for individuals under 18 years of age, and we do not knowingly collect or sell Personal Information from children under 18. If you are under 18, do not use or provide any information to our Services or through any of their features. If we learn we have collected or received Personal Information from a child under 18 without verification of parental consent, we will delete it. If you are the parent or guardian of a child under 18 years of age whom you believe might have provided us with their Personal Information, you may contact us using the below information to request that it be deleted.

RETENTION OF PERSONAL INFORMATION

We generally retain records only as long as necessary, and as required for our business operations, for archival purposes, and/or to satisfy legal requirements. When determining the appropriate retention period for Personal Information, we consider various criteria, such as the amount, nature, and sensitivity of the Personal Information; potential risk of harm from unauthorized use or disclosure; purposes for which we process your Personal Information; whether we can achieve those purposes through other means; and business operations and legal requirements. Because we maintain our Services to protect from accidental or malicious loss and destruction, residual copies of your Personal Information may be retained in our backup and archival systems for a limited time, after which the information will be automatically deleted or put beyond use where deletion is not possible.

NEVADA RESIDENTS

Individuals may contact us using the contact information at the end of this Privacy Policy to inquire about your right to opt out of the sale of your Personal Information.

CALIFORNIA RESIDENTS

If you are a California resident, you may opt out of sharing your Personal Information subject to California Civil Code §1798.83 (the “Shine the Light law”) with third parties for those third parties’ direct marketing purposes by contacting us using the contact information at the end of this Privacy Policy.

CONTACT US

If you have questions regarding this Privacy Notice, please contact us at hello@heartbeathealth.com.