Virdio Health Privacy Policy

This statement sets forth Virdio Health’s Privacy Policy (“Privacy Policy”) and describes the practices that we will follow with respect to the privacy of the information of users of this site and our mobile applications. By visiting virdiohealth.com and using Virdio Health’s application (collectively, the “Services”) you acknowledge that you accept the practices and policies outlined in this Privacy Policy. “You”, “your”, or similar terms refer to you as a user of the Services.

This policy applies to information we collect:
‍

• Through the Services; and
• via email, text, or other electronic messages between you and any employee or agent of Virdio Health.

This policy does not apply to the actions of any company or entity that we do not control and to individuals who we do not directly employ or manage.  

As used in this Privacy Policy, the terms “using” and “processing” information may include, amongst other things, subjecting such information to analysis, using cookies or web beacons, and managing information in a number of ways, including but not limited to: collection, storing, evaluating, modifying, deleting, using, combining, and/or disclosing. 

Some of the individually identifiable information we collect may constitute protected health information (“PHI”) under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), as amended from time to time.  PHI is subject to special protections under HIPAA. For more information about your rights under HIPAA, please refer to Virdio Health’s HIPAA Notice. To the extent other state or local privacy and data protection laws apply to your data, we will comply with those requirements as well.
‍
‍The Notice of Privacy Practices does not apply to information that is not PHI.  This Privacy Policy supplements the Notice of Privacy Practices for PHI.  If there is ever any conflict between this Privacy Policy and the Notice of Privacy Practices, the Notice of Privacy Practices will apply.

Should you have any questions about this policy or our practices, please send an email to support@virdio.com .  

You understand that you may receive text messages (SMS) as part of using the Services, such as a reminder about an upcoming appointment. SMS messages are encrypted by Virdio Health in transit to your cell phone provider, but cell providers do not guarantee encryption of SMS messages that are stored on your behalf. By using the Services you accept the risk that some PHI could be intercepted by someone else targeting your SMS communications or seen by individuals who have access to your mobile device.

Telephone Consumer Protection Act

Virdio Health may provide you with notices, including those related to your enrollment or use of the Services, including but not limited to by email, postal mail, SMS, MMS, text message, or other reasonable means now known or hereinafter developed.  Virdio Health will provide notice and request consent to receiving text messages at the point of collection for mobile phone numbers.  By providing Virdio Health with your telephone number, this gives Virdio Health consent to send you text messages regarding your purchase(s), or for other non-telemarketing purposes, made by an automatic telephone dialing system.

You understand that you may receive email as part of using the Services, and while Virdio Health encrypts all email communications, your email server may not guarantee encryption. If your email provider does not encrypt email, you accept the risk that some PHI could be acquired by someone else.

You understand that you may receive text messages (SMS) as part of using the Services, such as a reminder about an upcoming appointment. SMS messages are encrypted by Virdio Health in transit to your cell phone provider, but cell providers do not guarantee encryption of SMS messages that are stored on your behalf. By using the Services you accept the risk that some PHI could be intercepted by someone else targeting your SMS communications or seen by individuals who have access to your mobile device.

Types of Information Collected

Virdio Health collects the following types of information about our website users: automatically collected information and personal information.

Automatically collected information may include the name of the domain used to access the internet; an internet protocol (IP) address, which can reveal geographic information; the date and time of a website visit; URLS of pages visited on Virdio Health’s website; if present and available, the internet address of the website visited before; and characteristics of devices (such as operating system, web browser, and screen resolution).

Personal information includes identifying information such as your name, e-mail address or other contact information, and whether you are enrolled in your employer sponsored group health plan.  Virdio Health collects other personal information about you through the Services including when you voluntarily provide it to us. In connection with your use of the Services, we may also collect or access medical records from your past, current, and future health care providers.  This may include information about your existing or past diagnoses, previous treatments, general health, laboratory or pathology test results and reports, social histories, family medical history, and records about phone calls or emails related to your health or test results. If you choose to go through our screening process and/or register for the Services we ask you to provide personal information, including but not limited to: your name, address, telephone number and/or email address, height, weight, and health information in connection with the use of our products or services. We also collect information that will allow you to establish a username and password. You may choose not to provide us with certain information, but that may result in our inability to provide you access to the Services.

How to Review and Change Your Personal Information

If you create a Virdio Health account, you may review your personal information by visiting the Virdio Health applications and accessing the “Settings menu.” To change or remove any information, please contact us through the application, or at support@virdio.com  

How We Use and Disclose Information That We Collect Online

By using the Services you consent to and authorize Virdio Health and its affiliates to disclose your eligibility for and participation in the Services (i.e., that you meet the enrollment criteria for the Services and that you have elected at your own discretion to participate) among themselves and to others, such as: Virdio Health senior management and administrators, your personal Virdio Health Team (your “Virdio Team”) and other users of Virdio Health’s Services. In particular, these entities may be able to access a range of information about you, such as your first and last name, picture, and participation in Virdio Health’s program. Moreover, based on Virdio Health’s deployment model, you may be placed into a group of users with similar characteristics who may be co-workers or acquaintances (your “Community”) who will be able to view such information. Only information you explicitly consent to be visible to the Community will be shared. By default, only your first name is shared, and you may choose to use a pseudonym instead of your real first name.

Other uses include:

(a) Internal Uses - We may use information we collect about you to:

• Administer your account, including your assignment and enrollment in your Community;
• Allow your Virdio Team to personalize your experience;
• Provide you with access to particular tools and services;
• Respond to your inquiries and send you administrative communications;
• Obtain your feedback on our websites and our offerings;
• Statistically analyze user behavior and activity;
• Provide you with more relevant content;
• Conduct research and measurement activities;
• Send you personalized emails or secure electronic messages pertaining to your health information; or
• Contact users about the products and services that we offer.

We may combine personal and non-personal information collected by Virdio Health about you, and may combine this information with information provided by external sources.  

(b) Disclosure of Personal Information to Third Parties We will not disclose any personal information about any of our users to any unaffiliated third-party (excluding our vendors or contractors to whom we may provide such information for the limited purpose of providing services to us and who are obligated to keep the information confidential), unless: (1) you have authorized us to do so; (2) we are legally required to do so, for example, in response to a subpoena, court order or other legal process, and/or (3) it is necessary to protect our property rights related to this website. We also may share aggregate, non-personal information about website usage with unaffiliated third parties, or via scientific research papers regarding our Services. This aggregate information does not contain any identified personal information about our users.  

(c) Disclosure of Information by You Through your use of the Services, you may choose to make certain elements of your information, including PHI that you post and/or disclose in the course of engaging with the Services, available to other participants and users.  While we take considerable efforts to protect your privacy, we cannot take and expressly disclaim responsibility for whether and how other users, including your Peer Group, will use or disclose information disclosed by you through the Services. As discussed above, the Services provide you the ability to share personal information, including regarding your medical condition and history to your Peer Group. Any information you voluntarily choose to provide through the Services may be visible to your Peer Group and Virdio Coach. As such, you should only provide information you feel comfortable disclosing to other members of your Peer Group and Virdio Coach.

Cookies and Web Beacons

Certain Virdio Health websites, like many other commercial websites, may use standard technologies called “cookies” and “web beacons” to collect information about how our website is used. Cookies were designed to help a website operator determine that a particular user had visited the site previously and thus save and remember any preferences that may have been set. This information also allows us to statistically monitor how many people are using our website and for what purpose. We may also make use of “persistent” or “memory based” cookies, which remain on your computer’s hard drive until you delete them. You have the ability to modify your browser to either accept all cookies, notify you when a cookie is sent, or reject all cookies, but it may not be possible to utilize our Services if you reject all cookies.

Web beacons are small pieces of code (also called pixels) that are embedded on the pages of websites and that can report your visit or use to a third party. We use web beacons to collect automatic information about our visitors but not personal information. Virdio may use these tools for the purposes of web analytics, marketing, and error management.  You may modify your browser to prevent web beacons from collecting automatic information about you.

How We Protect Information Online

We exercise great care to protect your personal information through various administrative, technical and physical safeguards. This includes, among other things, using industry standard techniques such as firewalls, encryption, and intrusion detection for information stored on our systems. However, while we strive to protect your personal information, we cannot ensure or warrant the security of any information you transmit to us or receive from us while that information is in transit. This is especially true for information you transmit to us via email since we have no way of protecting that information until it reaches us since email does not have the security features that are built into our websites.

In addition, we limit our employees’ and contractors’ access to personal information. Only those employees and contractors with a business reason to know have access to this information, and then may only access or use the minimum necessary for the task at hand. We educate our employees about the importance of maintaining confidentiality of user information. We also periodically review our security arrangements and safeguards.

How can you help protect your information?

If you are using a Virdio Health website or application for which you registered and choose a password, we recommend that you do not share your password to anyone. We will never ask you for your password in an unsolicited phone call or in an unsolicited email. Always remember to sign out of the Virdio Health website and close your browser window when you have finished using the Services. This is to ensure that others cannot access your personal information and correspondence to us if others have access to your computer or mobile device.

Children
‍
The Virdio Health websites and Services are not designed to be used by or intended to attract children under the age of 13. Individuals who we actually know are under the age of 13 will not be permitted to use the Virdio Health websites and Services and we will not collect their personal information. If you are a parent or guardian and you are aware that your child who is under the age of 13 has provided us with identifiable personal data, please contact us.  If we become aware that we have inadvertently collected data from children under the age of 13 without verification of parental consent, we will timely remove that information from our servers to the extent permissible by law.

Links to Other Websites

We want to provide website visitors valuable information, services, and products. Featured programs and other Virdio Health website content may link our users to third-party websites. Virdio Health does not control and is not responsible for privacy or security practices of any third party websites.  

Do Not Track

Do Not Track is an optional setting that enables you to express your preferences regarding the collection of information about your online activities over time and across third-party websites. Your browser sends Do Not Track signals to the websites you visit expressing your preference not to be tracked. However, because there is no industry-standard approach to responding to Do Not Track signals, we do not process or respond to Do Not Track signals.

California Residents

If you are a California resident, California law provides you with additional rights regarding our collection, use, and disclosure of your personal information under the California Consumer Privacy Act or “CCPA” (Cal. Civ. Code § 1798.100 et seq.), Shine the Light law (Cal. Civ. Code § 1798.83), and Do Not Track law (Cal. Bus. & Prof. Code BPC § 22575).

This Privacy Policy does not apply to any collection or utilization of employment-related information.  If you are a current or former job applicant, employee, owner, director, officer, or contractor of Virdio Health, Inc. or any of its affiliates please contact support@virdio.com for more information. Note As we continually update and improve our services, we may periodically make changes to this Privacy Policy.  Or, we may modify this Privacy Policy to reflect new changes in laws or regulations.

Last updated May 8, 2023