Workit Health, Inc. Privacy Policy

Last Updated: June 1, 2022

This Privacy Policy is designed to inform users of how Workit Health, Inc. (“Workit Health”, “we”, “us”, or “our”) and its affiliates gather and use personal information collected by us on or through our Service. For purposes of this Privacy Policy, the “Service” includes: (1) the websites owned or operated by Workit Health or its affiliates, subsidiaries, or related companies, now, or in the future including, but not limited to, www.workithealth.com and app.workithealth.com (collectively, the “Site”); (2) the Workit Health mobile application (the “App”); and (3) Workit Health’s subdomains and all related services and products provided in connection with the App or Site.

1. INTRODUCTION

By using the Service, you accept and hereby expressly consent to the terms of this Privacy Policy and to our use and processing of Personal Information (as defined hereunder) for the purposes set forth herein. “You” or “your” or similar terms refer to you as a user of our Service. By accepting our Privacy Policy during registration, or by using the Service, you expressly consent to our collection, use, disclosure, storage, and processing of your Personal Information (as defined below) in accordance with this Privacy Policy.

2. INFORMATION COVERED BY THIS PRIVACY POLICY

This Privacy Policy covers how Workit Health treats your personally identifiable information that could be used to identify you (“Personal Information”) that Workit Health collects, receives, maintains, stores, or transmits including, but not limited to, information you transmit or submit in connection with your use of, or interaction with, the Service. Your Personal Information includes, but is not limited to, information that individually identifies you or is information about you that can be traced back to you, your IP address, or your location. It may include, but is not limited to, your name, address, email address, phone number, other contact information, and any information you choose to share via the Service.

3. INFORMATION COLLECTED BY THE SERVICE

Workit Health collects Personal Information that you choose to provide to us, including any Personal Information you provide in connection with your use of the Service, regardless of how you provide it. It is always your choice whether or not to provide us with your Personal Information. If you choose not to provide Personal Information, you may not be able to use certain features or functions of the Service. Whenever you use the Service, Workit Health also receives and records information on our server logs from your browser, including your IP address, Workit Health’s cookie information, and the pages you request, and relates it to the Personal Information you provide.

Examples of how and why Workit Health collects Personal Information include:

Registration /

Enrollment

We collect your Personal Information as part of the registration process for our Service. For example, in order to process your registration or enrollment in the Service, we may collect Personal Information such as your email, login, password, phone number, date of birth, your interest in the Service, and how you found the Service. 

Self-Reported Personal Information

We collect Personal Information that you provide or enter during the course of using the Service or that you choose to provide to us through any devices that you use to collect information regarding your health and/or medical condition and related behaviors or that you have others provide on your behalf such as information or records relating to your medical or health history, health status and laboratory testing results, prescriptions, and other health-related information.

Health Care Payer or Employer

If you are receiving the Service through your health insurance or employer, we may receive information as provided by your health care payer or employer, or information provided by a third-party on the health care payer’s or employer’s behalf.

Social Information

We collect information that you provide to us pertaining to the people with whom you consent to share your Personal Information (such as a family member or caregiver), as well as communications between you and such individuals.

User Content 

We collect information that you submit through the Service including messages, chats, reviews, photos, videos, images, folders, data, text and other types of submissions that you provide in connection with the use of the Service.

Automatically Tracked Information

We may also use automated tracking methods such as cookies, flash cookies, web beacons, GPS data, and connected accelerometers to collect information regarding your behaviors relative to the Service including, but not limited to, information related to your equipment, browsing actions and patterns, traffic and location data, the resources you access and use, and information about your internet connection including, but not limited to, your IP address, operating system, and browser type. We may also use these technologies to collect information regarding your interaction with our email messages such as whether you opened, clicked, or forwarded our email.

When you access our Service from a mobile device, we may collect unique identification numbers associated with your device or our App (including, for example, a UDID, Unique ID for Advertisers (“IDFA”), Google AdID, or Windows Advertising ID), mobile carrier, device type, model and manufacturer, mobile device operating system brand and model, phone number, and, depending on your mobile device settings, your geographical location data, including GPS coordinates (e.g., latitude and/or longitude) or similar information regarding the location of your mobile device, or we may be able to approximate a device’s location by analyzing other information, like an IP address. We and our third-party partners may also use cookies and tracking technologies for advertising purposes. 

Demographic Information

We may collect demographic information as you continue to use the Service such as your unique username and password, mailing address, age, gender, social security number, driver’s license number, geographic location, preferences, payment information (such as your payment card number, expiration date, and billing address), and insurance information.

Surveys and/or Assessments

From time to time, we may send you assessments and survey questions to help us understand your knowledge of treatment options for substance use disorder and other comorbidities and to provide us with feedback on the Service. We collect any responses that you provide.

Augmenting

From time to time, we may use or augment your Personal Information with information obtained from third parties and sources other than the Service such as, without limitation, our partners, advertisers, or from the Workit Health Clinic (as such term is defined hereunder) and other providers. An example of such a third party includes analytics providers such as Google Analytics (see below for additional information regarding how our Service uses Google Analytics and other similar third parties). If we combine or associate information from our other sources with Personal Information already in our possession, we will treat the combined information as Personal Information subject to this Privacy Policy. 

Cookies, Web Beacons, Research and Analytics, and Other Tracking Technologies

We use technologies to automatically or passively store or collect certain information when you visit or interact with the Service. These technologies include “cookies” and “web beacons” (and subsequent technologies and methods later developed which perform a similar function), which are used to collect and store usage information regarding your use of the Service. We use this information for a variety of purposes, including, but not limited to, assessing the performance of, or enhancing your experience with, the Service.

Cookies 

Cookies are small text files that we, or our third party partners, place in visitors’ computer browsers or devices to store the visitor’s preferences. The use of cookies is standard on the Internet and allows us to tailor your visits to the Service to your individual preferences. We may also contract with third party service providers who assign cookies to conduct site tracking for us. These companies use cookies solely to provide us with aggregate data about traffic to the Service. Although most web browsers automatically accept cookies, you can change your browser to prevent cookies or notify you whenever you are sent a cookie. Cookies may be session-based cookies that are removed after a user leaves a website or persistent cookies that are stored on a user’s computer permanently or until the expiration date. We may use both session cookies and persistent cookies. Users can delete cookies via their browser settings. Cookies themselves do not contain any Personal Information. Please note that if you delete or disable cookies from the Service, you may not be able to utilize the features of the Service to its fullest potential. 

Flash cookies

Flash cookies are locally stored objects that may be incorporated in certain features of the Service to collect and store information about your preferences and navigation to, from and on the Service. Flash cookies are not managed by the same browser settings as are used for browser cookies.

Web beacons

Web beacons (also known as clear gifs, pixel tags, and single pixel gifs) are small pieces of code placed on a web page to monitor the behavior and collect data about the visitors viewing a web page that help Workit Health manage online advertising and traffic. This information enables Workit Health to learn which emails and advertisements bring users to our Service. For example, web beacons can be used to count the users who visit a web page or to deliver a cookie to the browser of a visitor viewing that page. We may use web beacons for this purpose including in our emails to measure the effectiveness of our email campaigns by identifying the individuals who open or act upon an email message, when an email message is opened, how many times an email message is forwarded, the type of software, device, operating system and browser used to deliver the email and any URL accessed through our email message.

 

 

Disabling Cookies

You may set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. Please refer to your browser “Help” instructions to learn more about cookies and other technologies and how to manage their use. If you elect to refuse or delete cookies, you will need to repeat this process if you use another device or change browsers. The Network Advertising Initiative provides instructions and information on how to opt out of communications: http://www.networkadvertising.org/choices/. You can use your browser settings to decide whether to turn on and off cookies for our Service. To learn how you can manage your Flash cookie settings, visit the Flash player settings page on Adobe’s website. If you disable or refuse cookies, please note that some of the Service may be inaccessible or not function properly.

Analytics Tools

We also use analytics tools including Google Analytics and Facebook Pixel to better understand how visitors interact with our Service. These tools provide anonymous information, including, but not limited to, data on where visitors came from, what actions they took while interacting with the Service, and where visitors went when they ceased interacting with the Service.

Google Analytics

We use Google Analytics, a web analytics service provided by Google, Inc. (“Google”) to collect certain information relating to your use of the Service. Google Analytics uses cookies to analyze how users use the Service. You can find out more about how Google uses data by visiting the following website: www.google.com/policies/privacy/partners/. We may also use Google Analytics Advertising Features or other advertising networks to provide you with interest-based advertising based on your online activity. For more information regarding Google Analytics please visit Google’s website, and pages that describe Google Analytics, such as www.google.com/analytics/learn/privacy.html.

Facebook Pixel

We use Facebook Pixel, a web analytics and advertising service provided by Facebook Inc. (“Facebook”) with our Service. The Facebook Pixel service uses cookies, pixel tags and other storage and tracking technology to collect or receive information from our Service based on your usage activity. Facebook uses that information to provide us with marketing and advertising services, including targeted ads, and reports that help us measure the effectiveness of our ads. Using this service, we can keep track of what users do after they see or click on a Facebook advertisement, keep track of users who access our Service or advertisements from different devices, and better provide advertisements to our target audiences. The data from Facebook Pixel is also saved and processed by Facebook. Facebook can connect this data with your Facebook account and use it for its own and others advertising purposes, in accordance with Facebook’s Data Policy found at https://www.facebook.com/about/privacy/. Please click here if you would like to withdraw your consent for use of your data with Facebook Pixel https://www.facebook.com/settings/?tab=ads#_=_.

Other Tools

There may be other tracking technologies now and later devised and used by us in connection with the Service. Further, third parties may use tracking technologies with our Service. We do not control these tracking technologies, and we are not responsible for them. However, you consent to potentially encountering third party tracking technologies in connection with your use of the Service and accept that this Privacy Policy does not apply to the tracking technologies or practices of such third parties. In such cases, you must check with the third party to confirm how your information is collected and used.

California Do Not Track Disclosure

We currently do not support the Do Not Track browser setting or respond to Do Not Track signals. Do Not Track (or DNT) is a preference you can set in your browser to let the websites you visit know that you do not want it collecting certain information about you.

4. HOW WE USE AND DISCLOSE YOUR PERSONAL INFORMATION

In general, we will not rent or sell your Personal Information. Also, we will not share your Personal Information with other people or non-affiliated companies except in connection with providing the Service, when we otherwise have your permission, as permitted or required by the NPP, or as expressly permitted or required under this Privacy Policy, including under the following general circumstances.

Using Your Personal Information

We, or a third party on our behalf, use information we collect on the Service in a variety of ways in providing the Service and operating our business, including, but not limited to, the following:

  • providing you with the Service;
  • providing you with services and information that you request;
    verifying your identity;
  • personalizing your experience with the Service;
  • processing payment card transactions;
  • performing engagement and outreach activities and call monitoring;
  • providing you with information about other goods and services we offer that are similar to those that you have already signed up for or inquired about;
  • notifying you about changes to the Service, the Terms, and/or this Privacy Policy;
  • operating, maintaining, and improving our Service and improving the content and functionality of the Service;
  • administering the Service and for internal operations, including troubleshooting, data analysis, product and functionality development, patient experience, peer review, quality control and assurance, understanding and analyzing usage trends and user preferences, support, testing, research, statistical and survey purposes, responding to law enforcement requests as required by applicable law, investigating and defending ourselves against any claims or allegations, pursue business development opportunities including, but not limited to, evaluating or conducting a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of Workit Health’s assets;
  • responding to user submissions, comments, and questions;
  • creating de-identified datasets, to the extent permitted by applicable law;
  • creating aggregated datasets, to the extent permitted by applicable law;
  • protecting the personal safety of users of the Service and defending and protecting our rights, property, employees, customers or patients;
  • keeping our Service safe and secure;
  • developing, displaying and tracking content and advertising tailored to your interests on our Service and other sites, including providing our advertising to you when you visit other websites or applications;
  • providing services as a business associate on behalf of, or to facilitate the services of, the Workit Health Clinic including, but not limited to, disseminating the NPP, providing you with certain communications via email, text messages, or other means that contain PHI, and sending you appointment reminders; and
  • rendering any services, provide information, or for any other use permitted by applicable law including for research purposes.

Disclosing Your Personal Information

Except as described in this Privacy Policy, we will not disclose Personal Information that we collect on the Service to third parties without your consent. However, we may disclose Personal Information to third parties if you consent to us doing so and, to the fullest extent permitted by law, for the following reasons:

  • we may disclose your Personal Information to the Workit Health Clinic or other providers for treatment, payment processing, or operational purposes;
  • we may disclose your Personal Information to your insurance company, health plan, employer, sponsor, or third-party administrator for purposes of billing and payment for our Service;
  • we may share your Personal Information with certain third parties to provide the Service to you on our behalf under confidentiality agreements, including, but not limited to, our third-party service providers such as website, application development, cloud hosting, maintenance, payment processors, and analytics service providers;
  • we may be required to disclose your Personal Information in response to a legal process, for example, in response to a court order or a subpoena to comply with its applicable legal and regulatory reporting requirements;
    we may disclose your Personal Information in response to a law enforcement agency’s request, or where it is necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of the Terms, to verify or enforce compliance with applicable laws, or as otherwise required or permitted by law, and to take precautions against liability and to protect our property or other legal rights;
  • we may transfer your Personal Information to an entity or individual that acquires, buys, or merges with Workit Health, or our other business units, including during the course of any due diligence process to explore such a transaction, or to explore and complete a divestiture, restructuring, reorganization, dissolution, bankruptcy, or change of control or ownership or sale of its assets (whether in whole or in part);
  • we may license, sell or otherwise share de-identified, aggregated, or non-aggregated versions of your Personal Information with institutional clients, partners, investors and contractors for any purposes related to our marketing, business, and/or research practices;
    we may disclose your Personal Information in accordance with your prior written consent or authorization;
  • we may disclose Personal Information to our subsidiaries, affiliates, and related companies; and
    we may disclose Personal Information to third party advertisers to develop and display advertising tailored to your interests or location.

Use / Disclosure of Information Submitted to Groups

You acknowledge that our Service may include features such as group discussions, discussion boards, forums, profile pages, bulletin boards, instant messaging, polls, and other communication forums (collectively, “Groups”). You acknowledge and agree that any information you submit, post, or disclose to such Groups including, but not limited to, user profile information, user profile pictures, discussion board postings, and any Personal Information included in such postings, may be visible to other users and providers of the Service including, but not limited to, your health coaches, authorized personnel, administrators, and other users of the Service.

IN THE CASE OF YOUR USE OF GROUPS, WE ARE NOT RESPONSIBLE FOR THE USE BY OTHERS OF ANY INFORMATION, INCLUDING PERSONAL INFORMATION, THAT IS DISCLOSED BY YOU OR ON YOUR BEHALF IN SUCH GROUPS. BY DISCLOSING ANY OF YOUR INFORMATION VIA GROUPS, YOU ACKNOWLEDGE AND ACCEPT ANY RISK AND DAMAGE ARISING FROM DISCLOSURE OF SUCH INFORMATION.

5. CONFIDENTIALITY AND SECURITY

We take reasonable steps to ensure that all Personal Information collected will remain secure and in its original form (i.e., free from any alteration). We have put in place appropriate physical, electronic, and administrative safeguards in compliance with federal and state law, including HIPAA, in an effort to help prevent unauthorized access, maintain data security, and correct use of the Personal Information we collect. We cannot, however, ensure or warrant the security of any Personal Information you transmit to us and you do so at your own risk. Once we receive your transmission of information, we use commercially reasonable efforts to ensure the security of our systems. However, please note that this is not a guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or administrative safeguards. Furthermore, your individual user account is protected by a password for your privacy and security. To ensure that there is no unauthorized access to your account and Personal Information, we suggest that you safeguard your password appropriately and limit access to your computer and browser by signing off after you have finished accessing your account.

The Service may contain links to Third Party Offerings (as such term is defined in the Terms). Before using any Third Party Offerings or related services, you must review and accept the terms of use and privacy policies for those sites and/or services. We are not responsible for the privacy policies and/or practices of any Third Party Offerings, and we are not responsible or liable for the availability, reliability, content, functions, performance, accuracy, legality, appropriateness, services, materials, or any other aspect of such Third Party Offerings. This Privacy Policy only governs information collected by our Service. When you access any Third Party Offerings, you do so at your own risk, and you understand and agree that you are solely responsible for reading and understanding any terms of use and/or privacy policies that apply to such Third Party Offerings. Workit Health is not responsible for and will not be a party to any transactions between you and a third party provider of products, information, or services. Workit Health does not monitor such interactions to ensure the confidentiality of your Personal Information. Any separate charges, data records or obligations you incur in your dealings with Third Party Offerings are solely your responsibility.

6. ACCESSING AND CHANGING YOUR INFORMATION

You may review and request changes to your Personal Information or request additional information about our collection, use and disclosure of such information by contacting us at hello@workithealth.com. We use best efforts to keep our records as accurate and complete as possible. You can help us maintain the accuracy of your information by promptly notifying us of any changes to your Personal Information. You may update, correct, or delete your profile information and preferences at any time by accessing your account preferences in the Service. Any changes you make will be reflected in active user databases within a reasonable period of time; however, we may retain all information you submit for backups, archiving, prevention of fraud or abuse, analytics, satisfaction of legal obligations, or where we otherwise reasonably believe that we have a legitimate reason to do so. We may not be able to modify or delete your information in all circumstances. In addition, you may request that we provide to you the information we hold about you; however, your rights to access your Personal Information are not absolute. We may deny you access when required and/or permitted by applicable laws or if disclosure would likely reveal personal information about a third party.

7. CHILDREN’S PRIVACY

Our Service is not directed to children under the age of 18, and we do not knowingly collect information from children under the age of 18 without obtaining parental consent. If you are under 18 years of age, then please do not use or access the Service at any time or in any manner. If we learn that a person under 18 years of age has used or accessed the Service or any information has been collected on the Service from persons under 18 years of age, then we will take the appropriate steps to delete this information. If you are a parent or guardian and discover that your child under 18 years of age has obtained an account on or otherwise accessed the Service, then you may alert us at legal@workithealth.com and request that we delete your child’s information from our systems.

8. OPT OUT

You may affirmatively opt-out of receiving future emails from Workit Health and may remove your name from our marketing mailing lists. The opt-out provisions do not apply to information collected by cookies or used internally to recognize you and/or facilitate your use of the Service or information we may retain to comply with legal requirements. Opting out will not prevent your access to the Service and you will continue to receive administrative messages about the Service from us. If you no longer consent to us collecting, using and sharing your Personal Information in accordance with this Privacy Policy, you may disenroll from the Service at any time by emailing Workit Health at hello@workithealth.com.

9. CHANGES TO OUR PRIVACY POLICY

By using the Service, you agree to the current Privacy Policy, as well as our Terms into which this Privacy Policy is incorporated. Workit Health reserves the right, in our sole discretion, to modify or amend this Privacy Policy at any time. Use of information we collect is subject to the Privacy Policy in effect at the time such information is used or disclosed. If we make any material changes to the ways in which Personal Information is collected, used or transferred, as determined by Workit Health, we will notify you of these changes by modification of this Privacy Policy, which will be available for your review through the Service and the effective date or last revision date will be noted at the beginning or end of this Privacy Policy. You should review this Privacy Policy periodically so that you are up to date on our most current policies and practices. Your continued use of the Service after receiving notice signifies your acceptance of any such changes. If the modified Privacy Policy is not acceptable to you, your only recourse is to cease using the Service.

10. PROTECTED HEALTH INFORMATION

The providers you access through the Service are employed by or contracted independently with one or more professional corporations or other professional entities (collectively, the “Workit Health Clinic”), which are affiliated with Workit Health. Workit Health is not a medical group and any telehealth consults obtained through the Service are provided by independent medical providers employed or contracted through the Workit Health Clinic.

Some of the information that you provide to the Workit Health Clinic, or that is created through your use of the Service may be considered “Protected Health Information” or “PHI” as defined in the Health Insurance Portability and Accountability Act (“HIPAA”). PHI is subject to the Workit Health Clinic’s Notice of Privacy Practices (the “NPP”). The NPP describes how the Workit Health Clinic uses and discloses your PHI and also describes your rights with respect to your PHI. To the extent that this Privacy Policy conflicts with the NPP, the NPP will prevail. In addition, to the extent a capitalized term is undefined in this Privacy Policy, it will have the same meaning as prescribed to it in our Terms of Service (the “Terms”). To the extent that this Privacy Policy conflicts with the Terms, this Privacy Policy will control. BY USING THE SERVICE, YOU ACKNOWLEDGE RECEIPT OF THE WORKIT HEALTH CLINIC NPP.

In addition, your use of the Service may involve our receipt of PHI. PHI is Personal Information that relates to

  • your past, present, or future physical or mental health or condition;
  • the provision of health care to you; and
  • your past, present, or future payment for the provision of health care, which is created, received, transmitted, or maintained by us.

This Privacy Policy describes how we protect your privacy as a visitor or general user of our Service. You have additional rights under federal and state law with respect to PHI. For more information on those rights, and how the Workit Health Clinic uses and discloses your PHI, refer to the NPP.

In addition to the permitted uses of Personal Information that are set forth in this Privacy Policy, we may use your Personal Information to

  • send you communications on behalf of the Workit Health Clinic and to facilitate the provision of health care services to you by the Workit Health Clinic; and
  • invite you to participate in IRB-approved research studies regarding the Service.

In addition to the permitted disclosures of Personal Information that are set forth in this Privacy Policy, and to the extent permitted by applicable law, we may, in our sole discretion and as we deem necessary or otherwise appropriate, disclose your Personal Information to an appropriate health care provider to address concerns regarding the safety and well-being of a user.

11. SPECIAL NOTICE TO CALIFORNIA RESIDENTS

THIS SECTION APPLIES ONLY TO CALIFORNIA RESIDENTS.

Personal Information Definition and Categories

Under Section 11 of this Privacy Policy, “you” and “your” refers only to California residents. Under Section 11 of this Privacy Policy, “Personal Information” means only information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. Personal Information includes, but is not limited to, the following if it identifies, relates to, describes, is reasonably capable of being associated with, or could be reasonably linked, directly or indirectly, with a particular consumer or household:

  • Identifiers such as a real name, alias, postal address, unique personal identifier, online identifier, internet protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers (“Identifiers”).
  • Any categories of personal information described in subdivision (e) of Section 1798.80.
  • Characteristics of protected classifications under California or federal law.
  • Commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
  • Biometric information.
  • Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an internet website, application, or advertisement.
  • Geolocation data.
  • Audio, electronic, visual, thermal, olfactory, or similar information.
  • Professional or employment-related information.
  • Education information, defined as information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (20 U.S.C. Sec. 1232g; 34 C.F.R. Part 99).
  • Inferences drawn from any of the information identified in this subdivision to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

Personal Information does not include information that is:

  • publicly available information from government records;
  • de-identified or aggregated consumer information; or
  • certain information excluded from the scope of the CCPA (for example, PHI covered under HIPAA and medical information covered under the California Medical Information Act).

Collection of Personal Information for a Business Purpose

Workit Health may collect your Personal Information for business purposes. In the preceding twelve (12) months, Workit Health has collected Personal Information from the following categories from its consumers:

  • Identifiers;
  • Any categories of personal information described in subdivision (e) of Section 1798.80;
  • Characteristics of protected classifications under California or federal law;
  • Internet or other similar network activity;
  • Geolocation data;
  • Sensory data; and
  • Professional or employment-related information.

Sources of Personal Information

Workit Health obtains Personal Information from the following categories of sources:

  • Directly from you – For example, from forms you complete or products or services you purchase;
  • Indirectly from you – For example, from observing your actions on the Service;
  • Other people – For example, from individuals who may refer you to Workit Health or otherwise provide information about you to Workit Health.

Disclosures of Personal Information for a Business Purpose

Workit Health may disclose your Personal Information to a third party for business purposes. When Workit Health discloses Personal Information for a business purpose, it is pursuant to a contract between Workit Health and the third party recipient. This contract sets forth the purpose for the disclosure and the third-party service provider’s obligations to protect the confidentiality of the Personal Information.

In the preceding twelve (12) months, Workit Health has disclosed the following categories of Personal Information for a business purpose to third-party service providers:

  • Identifiers;
  • Personal information categories listed in the California Customer Records statute;
  • Internet or other similar network activity;
  • Geolocation data.

Sales of Personal Information

In the preceding twelve (12) months, Workit Health has not sold Personal Information.

California Consumer Privacy Act (“CCPA”) Rights for California Residents

The CCPA provides you with specific rights regarding their Personal Information. This section describes a California resident’s rights under the CCPA.

Access to Specific Information and Data Portability Rights

You have the right to request that Workit Health disclose certain information to you about its collection and use of your Personal Information over the past twelve (12) months. Promptly following receipt of a verifiable consumer request, Workit Health will disclose to you:

  • The categories of Personal Information we collect about you;
  • The categories of sources for the Personal Information we collected about you;
  • Our business or commercial purpose for collecting or selling that Personal Information;
  • The categories of third parties with whom Workit Health shares Personal Information;
  • The specific pieces of Personal Information that Workit Health collected about you (also called a data portability request);
  • If Workit Health sold or disclosed your Personal Information for a business purpose, two separate lists disclosing (i) sales, identifying the Personal Information categories that each category of recipient purchased and (ii) disclosures for a business purpose, identifying the Personal Information categories that each category of recipient obtained.

Deletion Request Rights

You have the right to request that Workit Health delete any of the Personal Information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm a verifiable consumer request for deletion, Workit Health will delete (and direct our service providers to delete) your Personal Information from our records unless an exception applies.

Workit Health may deny a deletion request if retaining the Personal Information is necessary for Workit Health or our service providers to:

  • Complete the transaction for which Workit Health collects the Personal Information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you;
  • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities;
  • Debug products to identify and repair errors that impair existing intended functionality;
  • Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law;
  • Comply with the California Electronic Communications Privacy Act (Cal. Penal Code Section 1546 et seq.);
  • Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent;
  • Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with Workit Health;
  • Comply with a legal obligation;
  • Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

Exercising Access, Data Portability, and Deletion Rights

To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to Workit Health by using any of the following methods:
Telephone:    (734) 292-4020
Email:              hello@workithealth.com
Postal:             Workit Health, Inc., 3300 Washtenaw Ave., Ste. 280, Ann Arbor, MI 48104
Website:         www.workithealth.com

Please provide your first and last name, details of your request, along with your preferred method of contact so that Workit Health can respond to your request. Only you, a California resident, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your Personal Information. You may also make a verifiable consumer request on behalf of your minor child. We may deny requests from authorized agents who do not submit proof that they are authorized by you to act on your behalf.

A California resident may only make two (2) verifiable consumer requests for access or data portability within a twelve (12) month period. The verifiable consumer request must provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information or an authorized representative and describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

Workit Health cannot respond to your request or provide you with Personal Information if Workit Health cannot verify your identity or authority to make the request and confirm the Personal Information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use Personal Information provided in a verifiable customer request to verify the requestor’s identity or authority to make the request.

Selling Personal Information

Workit Health does not sell your Personal Information to third parties.

Response Timing and Format

Workit Health endeavors to respond to a verifiable consumer request within forty-five (45) days of its receipt. If reasonably necessary, Workit Health may extend its duty to respond to the request by one additional forty-five (45) day period, provided that Workit Health gives you written notice of the extension within the first forty-five (45) day period. Workit Health will deliver its written response by mail or electronically, at the consumer’s option. For data portability requests delivered electronically, Workit Health will select a format to provide your Personal Information that is readily usable and should allow you to transmit your Personal Information from Workit Health to another entity without hindrance.

Any disclosures Workit Health provides will only cover the twelve (12) month period preceding the verifiable consumer request’s receipt. Workit Health’s response will also explain the reasons it cannot comply with a request, if applicable.

Workit Health will not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If Workit Health determines that the request warrants a fee, Workit Health will tell you why it made that decision and provide you with a cost estimate before completing your request.

Non-Discrimination

Workit Health will not discriminate against a California resident who exercises a CCPA right. Unless permitted by the CCPA, Workit Health will not:

  • deny you goods or services;
  • charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties;
  • provide you a different level or quality of goods and services; or
  • suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

12. USERS OUTSIDE THE UNITED STATES

The Service may only be used within certain jurisdictions within the United States as set forth in the Terms. Accordingly, this Privacy Policy, and our collection, use, and disclosure of your information, is governed by U.S. law, and by using the Service, you acknowledge that the Service will be governed by U.S. law. Using the Service from outside the United States is prohibited under our Terms and may subject you to termination of your use of the Service under such Terms. In no event will Workit Health or any of its officers, directors, employees, consultants, subsidiaries, agents, and affiliated entities, including the Workit Health Clinic be liable for any losses or damages arising from your use of the Service outside of the United States, and you waive any claims that may arise under the laws of your location outside the United States. Notwithstanding the foregoing, we do not represent or warrant that the Service is appropriate or available for use in any particular jurisdiction. If you choose to use the Service from the European Union or other regions of the world with laws governing data collection and use that may differ from U.S. law, then please note that you are transferring your personal information outside of those regions to the United States for storage and processing. Also, we may transfer your data from the United States to other countries or regions in connection with storage and processing of data, fulfilling your requests, and operating the Service. By providing any information, including PHI, on or to the Service, you consent to such transfer, storage, and processing.

13. QUESTIONS AND SUGGESTIONS

If you have questions or suggestions, or wish to correct your profile information, please email Workit Health at hello@workithealth.com or write to us at Workit Health Inc., 3300 Washtenaw Ave., Ste. 280, Ann Arbor, MI 48104.