Brightside Health Privacy Policy

Last updated: February 1, 2018

This policy describes the types of information Brightside Health, dba Measured, Inc. ("Brightside Health," "we," "our," or "us") may collect from you or that you may provide when you visit the website brightside.com (our "Website") and any affiliated mobile application (the "App", collectively, the "Services") and our practices for collecting, using, maintaining, protecting, and disclosing that information.

OVERVIEW

Brightside Health is committed to protecting your privacy. We provide this policy to explain the types of information we collect and how we use your information.. Please read this policy carefully. If any term in this policy is unacceptable to you, please do not use the Services or provide any personal information. By accessing or using the Services, you signify your acknowledgment of this privacy policy. This policy may change from time to time (see Revisions to Our Privacy Policy) and your use of the Services after we make changes is deemed to be acceptance of those changes, so please check the policy periodically for updates.

If you have any questions, please send us a message at info@brighside.com.

HEALTH INFORMATION

State laws and US federal law govern how Brightside Health can use and disclose health information that 'individually identifies' you. We collect your health information when you use the Services and when you communicate with us. State laws and US federal law specify the rights you have over your health information. For more information on how we use and disclose your health information, how we protect that information, and how to exercise your rights over that information, please refer to our Notice of Privacy Practices (NPP).

After you make a request for care through the Services, Brightside Health will nominate one or more of its doctors to work on your request.

HOW WE USE AND DISCLOSE YOUR PERSONALLY IDENTIFIABLE INFORMATION (PII)

We use and disclose your health information to provide you with care, to run our healthcare operations, to take payment, to submit claims to your health insurer, and to comply with state and US federal regulations.

We use your telephone number to call you if we have any questions, to leave you voice messages if you don't answer the telephone when we call you, and to call you to ask for feedback on your experience of using the service. We also use your telephone number to send you SMS /text messages.

To provide treatment and to run our healthcare operations, take payment, and submit claims to insurance we share your PII with selected organizations that provide us with services. As examples, we share your PII with organizations that help us run and maintain the technology and security infrastructure that supports the App, website, and the care we provide. We also may share your health information with medical staff who help ensure that we are providing a service that meets the appropriate standard of care. We share your personal payment information with our online payment processor and with our bank. We share your health and insurance information with the pharmacy if we give you a prescription and with intermediaries who enable us to send prescriptions electronically.

We may use your PII to tell you about other health-related products and services that we offer.

We may share your personal information with a third party if we merge, are acquired or undergo an asset sale.

Wherever possible we strive to make sure that any third parties with whom we share your PII are legally bound by the restrictions of this Privacy Policy.

RISK OF SENDING UNENCRYPTED EMAILS AND TEXT MESSAGES

The emails and text messages we send you are not secure because they are unencrypted. Other people may be able to read and forward the emails and text messages we send you and the emails and text messages you send us. Emails and text messages we send you may include a wide range of identifiers that include but aren't limited to your name, your email address, your visit number, your patient number, the date you used our service, etc. When you create an account on the App or our website we ask you to give us your email address and telephone number. We send email or text messages using the contact information you give us and the messages we send may contain PII, including health information. If you provide us with incorrect contact information we may unknowingly send message that contains your PII and health information to the wrong person.

RISK OF STORING PII ON YOUR MOBILE

When you use the App there is a risk that your PII will be stored unencrypted on your mobile device. We take a variety of technical safeguards to make sure that your PII does not leak onto your mobile device but we cannot guarantee that these safeguards always work.

RISK OF OUR SYSTEMS GETTING HACKED AND COMPROMISED

We take a number of administrative, technical and physical safeguards to look after the PII that we hold electronically on our servers. But despite these safeguards, no system is perfect and we cannot guarantee that our systems and your PII will not be hacked or otherwise compromised by unauthorized third parties.

INFORMATION COLLECTED USING COOKIES AND OTHER WEB TECHNOLOGIES

Like many website owners and operators, we use automated data collection tools such as Cookies and Web Beacons to collect certain information.

"Cookies" are small text files that are placed on your device by a Web server when you access our Services. We may use both session Cookies and persistent Cookies to identify that you've logged in to the Services and to tell us how and when you interact with our Services. We may also use Cookies to monitor aggregate usage and web traffic routing on our Services and to customize and improve our Services. Unlike persistent Cookies, session Cookies are deleted when you log off from the Services and close your browser. Although most browsers automatically accept Cookies, you can change your browser options to stop automatically accepting Cookies or to prompt you before accepting Cookies. Please note, however, that if you don't accept Cookies, you may not be able to access all portions or features of the Services. Some third-party services providers that we engage (including third-party advertisers) may also place their own Cookies on your device. Note that this Privacy Policy covers only our use of Cookies and does not include use of Cookies by such third parties.

"Web Beacons" (also known as Web bugs, pixel tags or clear GIFs) are tiny graphics with a unique identifier that may be included on our Services for several purposes, including to deliver or communicate with Cookies, to track and measure the performance of our Services, to monitor how many visitors view our Services, and to monitor the effectiveness of our advertising. Unlike Cookies, which are stored on the user's device, Web Beacons are typically embedded invisibly on web pages (or in an e-mail).

INFORMATION RELATED TO USE OF THE SERVICES

Our servers automatically record certain information about how a person uses our Services (we refer to this information as "Log Data"), including both Account holders and non-Account holders (either, a "User"). Log Data may include information such as a User's Internet Protocol (IP) address, browser type, operating system, the web page that a User was visiting before accessing our Services, the pages or features of our Services to which a User browsed and the time spent on those pages or features, search terms, the links on our Services that a User clicked on and other statistics. We use Log Data to administer the Services and we analyze (and may engage third parties to analyze) Log Data to improve, customize and enhance our Services by expanding their features and functionality and tailoring them to our Users' needs and preferences. We may use a person's IP address to generate aggregate, non-identifying information about how our Services are used.

INFORMATION SENT BY YOUR MOBILE DEVICE

We collect certain information that your mobile device sends when you use our Services, like a device identifier, user settings and the operating system of your device, as well as information about your use of our Services.

LOCATION INFORMATION

When you use our App, we may collect and store information about your location by converting your IP address into a rough geo-location or by accessing your mobile device's GPS coordinates or coarse location if you enable location services on your device. We may use location information to improve and personalize our Services for you. If you do not want us to collect location information, you may disable that feature on your mobile device.

INFORMATION THAT WE SHARE WITH THIRD PARTIES

We will not share any PII that we have collected from or regarding you except as described below:

Information Shared with Our Services Providers.

We may engage third-party services providers to work with us to administer and provide the Services. These third-party services providers have access to your PII only for the purpose of performing services on our behalf and are expressly obligated not to disclose or use your PII for any other purpose.

Information Shared with Third Parties.

We may share aggregated information and non-identifying information with third parties for industry research and analysis, demographic profiling and other similar purposes.

Information Disclosed in Connection with Business Transactions.

Information that we collect from our users, including PII, is considered to be a business asset. Thus, if we are acquired by a third party as a result of a transaction such as a merger, acquisition or asset sale or if our assets are acquired by a third party in the event we go out of business or enter bankruptcy, some or all of our assets, including your PII, may be disclosed or transferred to a third party acquirer in connection with the transaction.

Information Disclosed for Our Protection and the Protection of Others.

We cooperate with government and law enforcement officials or private parties to enforce and comply with the law. We may disclose any information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate: (i) to respond to claims, legal process (including subpoenas); (ii) to protect our property, rights and safety and the property, rights and safety of a third party or the public in general; and (iii) to stop any activity that we consider illegal, unethical or legally actionable activity.

YOUR CHOICES

We offer you choices regarding the collection, use and sharing of your PII and we'll respect the choices you make. Please note that if you decide not to provide us with the PII that we request, you may not be able to access all of the features of the Services.

Opt-Out. We may periodically send you free newsletters and e-mails that directly promote our Services. When you receive such promotional communications from us, you will have the opportunity to "opt-out" (either through your Account or by following the unsubscribe instructions provided in the e-mail or text messages you receive). We do need to send you certain communications regarding the Services and you will not be able to opt out of those communications - e.g., communications regarding updates to our Terms of Service or this Privacy Policy or information about billing.

Modifying Your Information. You can access and modify the PII associated with your Account by contacting info@brightside.com. If you want us to delete your PII and your Account, please contact us at info@brightside.com with your request. We'll take steps to delete your information as soon we can, but some information may remain in archived/backup copies for our records or as otherwise required by law.

OUR POLICY TOWARDS CHILDREN

Our Services are not directed to children under 13 and we do not knowingly collect PII from children under 13. If we learn that we have collected PII of a child under 13 we will take steps to delete such information from our files as soon as possible.

QUESTIONS?

If you have questions about this Privacy Policy, please submit them to:
Privacy Officer, Brad Kittredge
44 Montgomery St. Third Floor, San Francisco, CA 94104
privacy@brightside.com

EFFECTIVE DATE

This Notice is effective dated 1 February 2018.

CHANGES TO THIS NOTICE

If we change the terms of this Privacy Policy then we will post the new Privacy Policy on our website and on the App. Any new Privacy Policy will apply to all PII that we maintain, including health information that was created prior to the change.