Privacy Notice
Personify Health, Inc.
General Privacy Notice
Last Updated: November 7, 2024
The Personify Health program (the “Program”) relates to health benefits administration and/or wellness services that encourages healthy lifestyle changes. The Program is paid for by your employer, your spouse’s employer or other sponsoring organization (the “Program Sponsor”) and operated by Personify Health, Inc., a corporation organized under the laws of the State of Delaware, headquartered at 75 Fountain Street, Providence, Rhode Island, 02902 (“Personify Health”, “Us”, “We” or “Our”).
Personify Health offers a number of wellness programs under different program names including Complete Wellbeing, Essential Wellbeing, Core Wellbeing, Go Challenge, and Transform. This Privacy Notice applies to all Personify Health Programs unless there is a specific Privacy Notice published for that program.
We are committed to protecting your rights and your privacy. This Privacy Notice (the “Notice”) explains what data We collect about you and how We store, analyze and share the data We collect about you through the platform (www.personifyhealth.com) and the Personify Health mobile application. This Notice applies to all Personal Information whether collected online or offline. The Notice also explains your rights with regards to your data, and how to contact Us to request access, corrections, transfer, restriction, or deletion of the data We have collected about you.
We have designed this Privacy Notice in a question-and-answer format to make it easy to read and understand. Please read through it carefully. If you do not agree with Our policies and practices contained in this Notice, please do not enroll in the Personify Health Program.
Does Personify Health collect information about me?
Yes. We collect anonymous and Personal Information about you to provide you with the Program and Our services. “Personal Information” means any information, including personal and material circumstances, that allows a person to become identifiable. The Personal Information We collect includes, but is not limited to:
- Your contact information, including your first name and last name, home address, personal and business email addresses and your phone number;
- The email address you use to sign-in;
- Your profile information, including your profile photo and background photo;
- Your gender, date of birth and age;
- Your social security number or employee identification number;
- Biometric information such as your blood pressure or weight;
- Information about your health;
- Information about your fitness and related wellness activities offered within the Program;
- Information about your participation and performance in the Program and related challenges;
- Information you voluntarily share about yourself during any calls you participate in with Our health coaches;
- Information you voluntarily share with Our Member Services team;
- The comments and contributions you may make on the web-based platform or mobile application; and
- Additional information you may provide as you submit queries and requests to Us.
Please keep in mind that the extent of the Personal Information you may be able to share with Us will depend on the Program design and the features made available to you, as well as your level of participation in the Program. You are under no obligation to provide any Personal Information to Us at any time. However, if you choose to withhold some Personal Information, We may be unable to provide you with certain services.
How does Personify Health use my Personal Information?
We will use the Personal Information collected only to provide you with access to Our services, including:
- To administer and manage the Program and corollary features, such as the Personify Health Online Store;
- To administer and manage your Personify Health account and Membership;
- To identify you when you enroll or sign-in;
- To track your progress in the Program and, if applicable, track Program incentives and rewards;
- To provide you with information about the Program and Program features;
- To respond to your questions and requests; and
- To provide appropriate security and confidentiality controls to protect your Personal Information.
Additionally, We may create “Anonymous Data” records by removing any Personal Information (including any contact information) that would allow the remaining data to be linked back to you. We may use the Anonymous Data for internal purposes, such as analyzing patterns and Program usage to improve Our services. Additionally, We may use Anonymous Data to analyze and understand demographic trends, customer behavior patterns and preferences, and information that can help Us enrich the content and quality of the Program.
How does Personify Health communicate with me?
If you have opted to receive push notifications on your mobile device, We may, from time to time, send you push notifications to provide you with reminders and notices. If you no longer wish to receive such communications, you may turn them off at the device level.
From time to time, We may send you e-mails, text messages or newsletters with information about your Program, any available features, or related services. Depending on your country of residence, you may be given the opportunity to opt-in to receive Our communications as you enroll in the platform. Regardless of your initial selection, you may opt-out of Our communications, free of charge, at any time, by updating your preferences in your account profile information, by contacting Member Services directly, or by responding STOP to any text message.
Can Personify Health contact me directly?
You may share your phone number with Us, or We may receive it from your Program Sponsor or third party. If you are a US resident, by accepting the relevant Membership Agreement for your Program, you are consenting to Us contacting you directly, including, but not limited to, via phone, the use of an automated telephone dialing system, prerecorded and/or artificial voice, SMS, MMS, text, fax or other similar means, at any phone number included on your profile. You may update your profile at any time to change where and how We contact you. See the Membership Agreement for more information about text messaging terms.
What is the Waitlist?
If you are attempting to enroll in a Go Challenges Program, the Program may have limited space for participants. Your Program Sponsor may make additional spaces in the Program available after the start of the main challenge. To support that process, We create a temporary list of names of individuals who wish to participate in the Program but have not been able to because of lack of available space (the “Waitlist”). If you added your Personal Information to the Waitlist, you are not yet a Member but the terms of this Notice will apply to Our use of the information you provided for the Waitlist. We will only use the Personal Information provided for the operation of the Waitlist and to notify you if a space in the Program becomes available. The Waitlist will be purged three days after registration formally closes and the Waitlist is no longer needed. If you realize you entered incorrect Personal Information when you joined the Waitlist, or wish to be removed from the Waitlist, please contact Member Services.
How does Personify Health collect my Personal Information?
We collect Personal Information you voluntarily provide as you submit it through the web-based platform and the mobile application, by reviewing your use of the web-based platform and mobile application (for example through the completion of a health assessment), your use of a synched tracking device and when you participate in Our phone or on-site services and events. Depending on the Program design chosen by your Program Sponsor, We may collect Personal Information through your use of additional services such as the Personify Health Activity Tracking Devices and the Health Stations (additional information on these is provided below). We may also collect information about you and your participation in the Program through engagement surveys. Depending on your Program design, your Program Sponsor may have the opportunity to create surveys (the “Personify Health Surveys”) for its Members to complete.
We may also automatically collect additional information when you visit Our web-based platform or mobile application, including the type of browser used, the internet service provider (ISP), referring and exit pages, the files viewed on Our site (e.g., HTML pages, graphics, etc.), date and time stamps of activity on the platform, the accessing IP address (the unique address that identifies your device on the internet) and the operating system your device uses. We use this additional information to derive a broad, non-specific understanding of the locations from which Our Members access Our services, and to enhance the security controls around platform access. We also use it to analyze trends, administer the web-based platform, track Members’ movements on the platform and around the website, and to gather demographic information about Our Member base as a whole.
What information do Personify Health Surveys collect from me?
Depending on your Program design, your Program Sponsor may be able to create and submit customized Personify Health Surveys for its Members to complete. We do not contribute to the creation of the questions in these surveys and do not review the questions in these surveys. If you decide to take part in a Personify Health Survey the results will be shared with your Program Sponsor in aggregated reports. Your Program Sponsor will not be able to identify you from these reports. However, if the survey offered gives you the ability to respond to a question by writing in a response, the response will be shared with the Program Sponsor. If you include identifiable Personal Information in these open-ended responses, your Program Sponsor may be able to identify you.
What information does Personify Health collect through the health assessment?
Depending on your Program design, you may have access to a health assessment questionnaire. Health assessments can be customized by Program Sponsors and may be used to assess your overall health, your lifestyle across multiple areas of wellbeing or both. You do not have to complete the health assessment if you do not want to share this type of information with Us. Your responses to the health assessments will help guide your personalized experience in the Program. Based on your responses, the Program will recommend features and functions designed to specifically help people with similar wellness needs and goals.
Does Personify Health collect Personal Information about children?
As is explained in the Membership Agreement, the Program is designed for adults over the age of 18, but minors as young as 16 may participate in the Program under the supervision of a responsible adult. We do not knowingly collect Personal Information about children under the age of 13. If you have reason to believe that We have collected Personal Information about anyone under the age of 13, you can contact Us to remove the Personal Information.
What are the activity tracking devices and how do they track my activity?
As a Program Member, you will be able to connect goal tracking devices, such as smart watches, smart scales and other devices, to your account. If you choose to synchronize a tracking device with the Program, We will receive limited information about your activity to populate your account. Tracking devices can track a wide number of different aspects of your daily activities, including, among others, your daily steps and fitness activity, your heartbeat and sleep pattern. Depending on the brand and model of tracker you use, the data collected may vary. In general, companies selling tracking devices have specific privacy policies available, which outline what data the specific activity tracking device collects. We strongly suggest you review the right privacy notice to know what specific data points your activity tracking device collects about you.
The Personify Health activity tracking devices are the Max™ and the Max Go™. These devices track your step activity per minute. From this information, We are able to determine your total active fitness minutes and calories consumed. Additionally, if you wear the Max Go to sleep, it can recognize the length of your sleep from how long you lie still. You may choose to connect a personal tracking device to transfer step data into the platform instead of using the Max or the Max Go.
What are Health Stations and what information can I submit by using them?
Depending on the type of Program made available to you by your Program Sponsor, you may have access to Health Stations. Health Stations are measurement tracking stations that allow you to measure your blood pressure and weight and input that information in the Program. Health Stations may be located, for example, in your office. Depending on your Program, you may receive access to Health Stations in your area at no additional cost. Your use of Health Stations is voluntary.
Does Personify Health receive information about me from other sources?
Yes. We may receive information about you from various sources to support the Program and services included in it. The sources may include:
Your Program Sponsor
Depending on your Program design, your Program Sponsor may provide Us your Personal Information to identify you as an individual who is able to join the Program and become a Member. We call this an “Eligibility File”. Please contact your Program Sponsor directly if you wish for your Program Sponsor to stop sending Us information about you. Keep in mind that if you are removed from the Eligibility File you will no longer have access to the Program and will not be able to enroll in the Program.
Other Benefits Providers Selected by your Program Sponsor
In some cases, your Program Sponsor may offer benefits through other providers that integrate with the Program. At the direction of your Program Sponsor, We may exchange data with these other providers to provide Our services to you. We may send them information, such as an employee ID, identifying who you are. They may send Us information about you specifically related to participation in the Program, either before or after you begin participating in the Program.
The Personify Health Program Partners
Depending on your Program design, you may have access to organizations through Our Program that partner with Us to provide you (a) biometric or lab testing services or (b) additional health and related services (Our Program Partners). If you use these services, the Program Partners may share activity information and results with Us. This data sharing would be limited to information necessary to support your wellness goals or manage incentives in the Program.
Your Healthcare Provider
With your prior approval, We may receive healthcare-related information from your healthcare provider and any clinics or organized care facility with which your provider is associated.
Your Insurance Provider
At the direction of your Program Sponsor, your health insurance provider may share claims-related information with Us. We may use this claims-related information (a) to generate aggregate reports to help the Program Sponsor customize an effective Program based on the specific needs of its member base, (b) to recommend specific health and wellness objectives that would be most effective for you, and (c) to help identify effective health and wellness objectives based on changes to your claim history.
Claims Clearinghouse Providers
In the US, we offer an insurance claims navigation feature. Healthcare clearinghouses aggregate insurance claims information from multiple sources. If your Program Sponsor has enabled this feature, we may collect information from healthcare clearinghouses to provide you access to your health insurance claims through our Program.
Public Databases
We may receive information about you from other sources including publicly available databases or third parties from whom We have purchased data. We combine this data with information We already have about you. We may also combine publicly available aggregated census and demographical data with your Personal Information. This can help Us analyze Our records to better evaluate the effectiveness of Our services.
Examples of the types of Personal Information that We may obtain from public databases include:
- Address information about you from third-party sources, such as the U.S. Postal Service, to verify your address before We send you mail or fulfill orders from the Personify Health Online Store;
- The U.S. Federal Do Not Call registry, to verify do not call preferences recorded there;
- Census and other aggregate data sources containing statistical information about people who share some of your traits and demographic markers
- Databases we have licensed from authorized data aggregators to improve the accuracy of our records and to enhance our ability to deliver relevant information to you on behalf of our clients.
What Tools does Personify Health use to Collect my Personal Information?
Personify Health, its Program Partners and vendors use tools such as Cookies, tags, scripts and other similar technologies to enhance and support your experience on the platform. These technologies help Us administer the web-based platform and mobile application, measure traffic patterns and the total number of users, as well as to personalize and customize the platform’s content, so that your settings are “remembered” when you login.
“Cookies” are small pieces of text sent to your browser by a website you visit. Cookies help Our web-based platform to remember information about your visit, like your preferred settings. Cookies play an important role, they can make your next visit easier and the web-based platform more useful to you. You can learn more about Cookies by visiting www.allaboutcookies.org, where you will also find information about how to block Cookies on different types of browsers. Depending on your location, additional information about Cookies may be presented to you when you visit the web-based platform, and you are given the opportunity to object to the use of Cookies. However, please be aware that by blocking or deleting Cookies you may not be able to take full advantage of the web-based platform or mobile application.
Our web-based platform uses Cookies to collect information about Member usage of the Program. Additionally, some Cookies on Our web-based platform are set by third parties who are delivering services on Our behalf. Within the mobile application, webpages are sometimes displayed. Cookies allow you to avoid having to reenter your login credentials when accessing webpages. You can manage your cookie preferences on our website through our cookie consent manager.
We use Cookies:
- To remember that you have used the website before, allowing Us to identify you, as well as the number of unique visitors We receive and manage capacity;
- To allow you to navigate the website more quickly and easily;
- To remember your log-in session as you move from one page to the next within the platform;
- To store your settings and preferences;
- To customize some aspects of the platform to reflect your interests and preferences; and
- To collect statistical information about how you use the website, allowing Us to improve Our services over time.
Does Personify Health use mobile analytics?
We use mobile analytics software to allow Us to review the functionality of Our mobile software on your phone, and how to improve its quality and Our services. The mobile analytics software may record information such as how often you use the mobile application, the events that occur within the mobile application, crash reports and performance data, where the application was downloaded from and other metrics, such as aggregated usage. The information collected by the mobile analytics software is managed separately from other Personal Information you submit within the mobile application.
Are there links to third party websites and mobile applications on the Personify Health platform or mobile application?
Our web-based platform and mobile application may contain links to other websites that We do not own or control. We provide these links and connections for your convenience. We have no control over these third parties, their privacy policies, and the content they display on their websites or mobile applications. If you choose to submit Personal Information while visiting these websites or using these mobile applications, please be aware your rights will be governed by the third parties’ privacy policies. We strongly encourage you to carefully read the privacy notice of any website or mobile application you visit or use.
Who at Personify Health has access to my Personal Information?
We rely on role-based access and only grant access to Our employees, contractors and agents who are involved with delivering the Program services to you according to Our policies and procedures. As a global company, We have a number of offices and subsidiaries around the world. We have office locations or subsidiaries in the United States, the United Kingdom, Canada, Bosnia, Switzerland, Singapore and Australia. Our employees at these locations may be required to access your Personal Information to provide you with quality services, including Member Services through the Personify Health Call Center. Our employees are obligated to respect the confidentiality of your Personal Information and are only authorized to access your Personal Information as necessary to provide you with services or support. Examples of the employees who have access to your Personal Information include Our member services staff, Our wellness coaching staff, billing staff and Our data reporting staff.
Can other Members or my Program Sponsor view my Personify Health profile?
You can become “Friends” with other members of the Program offered by your Program Sponsor. You are able to send “Friend” requests to other Members taking part in your Program, and they will be able to send you “Friend” requests. You can choose to accept or decline these “Friend” requests. You can also choose to remove a “Friend” any time after adding him or her. If you become “Friends” with another Member, that person will have access to (a) certain portions of your profile, (b) the number of steps you have taken in challenges you choose to participate in, and (c) other activity data related to your participation in the Program.
By joining a challenge, your name, profile picture (if you add one) and challenge performance information (step information added to your account) will be visible to other Members in the Program. Additionally, some performance information such as a leaderboard may be shared with your Program Sponsor on an individual or team basis.
Additionally, the Program may make message boards and messaging forums available to you. Please be aware that any information disclosed in these settings may become public information. You should exercise caution if disclosing Personal Information while using these features.
Does Personify Health disclose or share my personal information with my Program Sponsor?
The type of information We share with your Program Sponsor depends on who your Program Sponsor is. In general, across all types of Program Sponsors, We share anonymized and aggregated data with your Program Sponsor. Your Program Sponsor will not be able to use such anonymized or aggregated data to directly identify you. Your Program Sponsor may use the anonymized information in its discretion, including to evaluate the overall program, as well as to provide additional benefits, programs and services.
In specific circumstances and for limited purposes, such as to ensure proper Program administration or to support tax compliance, We may share reports containing identifiable information with your Program Sponsor. In these circumstances, We limit the Personal Information to the least amount necessary to support the specific, necessary purpose.
If your activity information indicates there may be an abnormality or Program abuse, We may share your activity information with your Program Sponsor and make adjustments, or suspend or terminate your account, in accordance with your Program Sponsor’s instructions.
Medical care providers
When your Program Sponsor is also your medical care provider, We may share your Personal Information, including detailed health and wellness related information, to facilitate treatment activities.
Health Insurance Providers
If your Program Sponsor is your Health Plan, We may share additional information about you and your participation in the Program, to ensure you are provided access to any additional services or engagement opportunities and benefits that may be offered through your Health Plan.
Coaching Providers
Some Program Sponsors hire their own wellness coaches who use Our systems to deliver their coaching services. These coaches are employees of the Program Sponsor and are subject to their own privacy notice. We may share Personal Information with these coaches as necessary for them to provide wellness coaching services directly to you. If you are unclear about whether your wellness coach is a Personify Health employee or employed by your Program Sponsor, you can ask your coach.
Does Personify Health disclose or share my Personal Information to third parties?
We may, from time to time, share your Personal Information with third parties to allow Us to provide you with Our services. If We need to share your Personal Information with third parties, We will limit the information disclosed to the minimum amount necessary to ensure the provision and quality of the services We offer you. We never use, disclose, or share your Personal Information collected through the Program for third-party marketing purposes, and We never sell, rent or lease your Personal Information to third parties. At the request of your Program Sponsor, we may combine Personal Information from third-party databases with Personal Information from the Program to deliver you targeted messages related to the Program. Combining data sets for a client in this way may be deemed to constitute a sale of Personal Information under certain laws. Subject to any limitations imposed by applicable laws, We reserve the right to disclose Anonymous Data at Our discretion.
In certain situations, Personify Health may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
In the event that We (a) undergo reorganization or liquidation under bankruptcy, or (b) are sold to a third party, any Personal Information We hold about you may be transferred to the reorganized entity or third party, in accordance with applicable laws. In any such event, the new entity will continue to use your Personal Information in accordance with and within the limits of this Notice to ensure continuation of service.
Who else does Personify Health disclose my Personal Information to?
Benefits Distributors and Aggregators
Your Program Sponsor may have engaged Our services through a distributor or aggregator service. If directed to do so by your Program Sponsor, We may share limited amounts of Personal Information with these services related to your participation in the Program to facilitate coordination of services across multiple health and wellness providers.
Third Party Providers
We may use or disclose your Personal Information to allow your participation in additional third-party provided wellness services or to support the administration of the Program. These third parties may be Our partners (“Program Partners”), your Program Sponsor, or other entities your Program Sponsor contracts with directly (“Third Party Providers”).
We may provide information in an anonymous and aggregated format or provide your Personal Information in a group format to third parties that process that Personal Information (“Analytics Processors”) to generate Anonymous Information and derive analytical information. The Analytics Processors do not have any independent right to use your Personal Information, except to provide the aggregation and analysis services.
Our Program Partners are industry leading health, wellness and wellbeing providers We select to enhance your experience. In certain instances, the use of such Program Partners may require you to provide additional Personal Information and data to these Program Partners. If you choose to use Program Partner services or you provide additional Personal Information and data to these Program Partners, you will be subject to the Program Partner’s privacy notice and terms of use. You can see a list of these partners for your Program by selecting Devices & Apps from under your profile picture in Our application.
Government entities
We may be required to disclose your Personal Information if:
- Legally required to do so by governments, tribunals, law enforcement and regulatory agencies (for example as part of an ongoing investigation, subpoena, similar legal process or proceeding);
- As otherwise required under any applicable law, regulation, or rule; and
- If We believe, in good faith, that such disclosure is necessary to protect or defend Our rights or the rights of others, to assist in an investigation or to prevent illegal activity.
Why may Personify Health disclose my Personal Information?
From time to time We may need to disclose limited amounts of your Personal Information. We limit Our disclosures to the least amount of information required to meet the permissible purpose. We disclose your Personal Information for the following limited purposes:
- At your request to whomever you direct Us to disclose the information;
- To administer the Program, services and the Personify Health Online Store;
- To coordinate enrollment in additional services made available to you;
- To enhance your Program experience;
- To provide you with information about the services available to you through the Program and platform or provided to you by a Program Partner or a Third-Party Provider;
- To ensure that you receive appropriate rewards for participation in Our services and other similar services provided by your Program Sponsor or Third-Party Providers;
- To evaluate the overall quality and effectiveness of the program(s) you may participate in;
- To conduct in depth analytics about the Program;
- To assess your eligibility for other programs that your Program Sponsor or Third-Party Providers may offer; or
- To comply with applicable laws.
Where and how is my Personal Information and other data stored?
All your data, including any Personal Information We collect about you, may be stored at Amazon Web Services data centers located in the United States of America (USA). If your data is stored on USA soil, it may be subject to USA laws, including the “Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001” (USA PATRIOT Act), as well as the jurisdiction of the USA government, tribunals, law enforcement and regulatory agencies, which may require Us to grant them access to your data.
In other circumstances, We may store Eligibility Files for some of Our clients outside the USA at Amazon Web Services data centers located in the EU if your Program Sponsor so chooses.
How does Personify Health secure my Personal Information?
We are committed to protecting your data and your privacy. To ensure data security, We follow reasonable physical, electronic and managerial procedures designed to safeguard and secure your data and Personal Information. However, no company can fully eliminate security risks associated with the provision of online services.
Among the security features We use to protect your Personal Information and other data, We require that you create and use a username and unique password to access the web-based platform and mobile application. We use multiple layers of security to protect your Personal Information and data, including firewalls, intrusion detection tools and antivirus software.
How does Personify Health protect my Personal Information during transfers with authorized parties?
When We receive Personal Information from a third party, or share Personal Information with a third party, We execute appropriate written agreements based on the applicable jurisdiction. For example, We execute EU approved standard contractual clauses with EU-based Program Sponsors that send Us Eligibility Files as the data importer, as that term is defined in the GDPR. We also execute EU approved standard contractual clauses with Our subcontractors that assist us in processing EU based data, as the data exporter. In the context of an onward transfer Personify Health has responsibility for the processing of personal information it receives under the Data Privacy Framework and subsequently transfers to a third party acting as an agent on its behalf. Personify Health shall remain liable under the Principles if its agent processes such personal information in a manner inconsistent with the Principles, unless the organization proves that it is not responsible for the event giving rise to the damage.
What data protection rights do I have?
Various laws from around the world establish varying levels of data subject rights. At Personify Health We strive to provide a similar level of data rights to all Our members, regardless of where they live, but some of those rights are governed by local laws. In addition to the basic rights of confidentiality, those rights include:
- The right of access, explained in more detail below;
- The right to amend or change your data, explained in more detail below;
- The right to transfer your data to another provider, explained in more detail below;
- The right to delete your data, also called the right to be forgotten, explained in more detail below;
- The right to object to processing activities, explained in more detail below;
- The right to restrict processing activities, explained in more detail below;
- The right to submit data protection related complaints to Us and to relevant government agencies, as referenced above;
- The right to opt out of selling your data, explained in more detail below;
- The right to opt out of having your Personal Information used to profile you in order to recommend Personify Health services that may be suitable for you.
You can use Our online data management tool, available on your profile page, to submit data subject rights requests.
Can I access or change the Personal Information Personify Health has collected about me?
Yes, you can review and change your Personal Information by logging into the platform or mobile application. All Our Members, regardless of residency, except in specific circumstances identified by local laws, have a legal right to access and correct or update the information We have collected about you. You can also request a copy of all the Personal Information and data We hold about you. We will provide you with a copy of all the data We have collected about you in a standard format (such as Excel) through a secure channel. You can contact Us to request a copy of all your Personal Information or to request a change in your Personal Information through the “Data Requests” option in the platform or mobile application. We will respond to your request within a reasonable timeframe.
Please keep in mind that We may not be able to accommodate your request if We reasonably believe the change would violate any laws or cause the information to be inaccurate or incorrect. Additionally, We may not be able to fulfill a request where it would impose a burden on Us that is disproportionate to the risk to your privacy, or where your request may affect another individual’s rights to privacy. If We are unable to fulfill a request, We will provide you with the reasons why We are unable to comply.
Can I request that my Personal Information and other data be transferred to a different company?
Yes, you can request that all your Personal Information and other data be transferred to a different wellness services provider. To complete the transfer, We will require additional information about the new vendor to ensure a secure channel is used, so that your Personal Information and other data remain protected. Depending on the circumstances, We may be unable to support a transfer. However, We will be able to provide you with your Personal Information which you will be able to disclose to anyone you choose. To request such transfer, you may contact Us through the “Data Requests” option in the platform or mobile application. We will respond to your request within a reasonable timeframe.
Can I request that my Personal Information and data be deleted from Personify Health databases?
Yes, you can request that We delete your identifying information from Our system. You may terminate your Program Membership at any time by submitting a deletion request to Our Member Services team, or through the “Data Requests” option in the platform or mobile application. Your Membership will terminate thirty (30) days after We receive your request. We will delete your identifying information We collected from your participation in the Program permanently and irreversibly at the end of an additional thirty (30) day grace period.
Following your deletion request, We may still receive some information about you on your Program Sponsor provided Eligibility Files or in the claims-related information discussed earlier in this Notice. To remove your information from these sources you will need to submit that request directly to your Program Sponsor.
Your Personal Information will also be permanently and irreversibly deidentified, in accordance with the timelines above, once the Program ends and your account is cancelled in accordance with the terms of the Membership Agreement. You will not be able to claim any incentive rewards after We terminate your Membership.
Can I request that Personify Health restrict processing for some of my data?
Beyond the information necessary for enrollment, you are not required to share any additional information with Us, however, choosing not to share information may limit your ability to earn Rewards if they are made available to you by your Program Sponsor. You can choose to limit the data you share with Us by not inputting or not using certain features. However, once you have shared information, We are unable to accommodate requests to restrict the processing of certain sets of data. If you wish for Us to stop processing parts of your data, you can request that all data be deleted by cancelling your account.
Can I object to Personify Health’s processing of my data?
Yes, you can object to Our processing of your data by contacting the Privacy Officer and notifying Us that you wish for your account to be suspended while your concerns about the processing of your data are resolved. Once you feel comfortable resuming use of the Program, you can contact Us to unlock your account. If you realize during the time your account is suspended that you do not feel comfortable resuming use of the Program, you can cancel your account. Your data will be deleted in accordance with Our standard process, except that you will not be able to access your account while the cancellation process takes place unless you first request for the suspension to be lifted.
Can I opt-out of Personify Health selling my Personal Information?
Personify Health recognizes that you may have a right to opt-out of any “sale” of your Personal Information. In the US we may combine Personal Data from third-party databases containing publicly-available information with our communications services in a way that could be deemed a sale of personal data under applicable laws. If you would like to opt out of any activity that could be deemed a sale under applicable laws, please email [email protected].
How does Personify Health make changes to this Privacy Notice?
We may update this Notice from time to time to reflect changes in Our information practice and services offered. If We make any material changes to this Notice, you will be notified via an update notification, and you will be given the opportunity to review and accept the new Notice prior to being able to access the platform or continue to use the Program. The date indicating the last update can be found at the top of the Notice. If there are typographical mistakes, like grammar or spelling errors, in the Notice We may correct them without notifying you.
What should I do if I have a concern or complaint against Personify Health and its data privacy practices?
If you have an unresolved privacy or data use concern that We have not addressed satisfactorily, please contact Our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, more fully described at https://www.dataprivacyframework.gov/, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
What laws, regulations or frameworks does Personify Health comply with?
We comply with any applicable laws and regulations based on the geographical location you select. You are asked to input your country and, if applicable state, of residence during enrollment. Any discrepancy between your true residence and the information disclosed to Us, and how that may affect the functionality of the platform, remains your responsibility.
Personify Health, Inc. complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Personify Health, Inc. has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. Personify Health, Inc. has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/. Personify Health is subject to the Federal Trade Commission’s regulatory authority for compliance with the DPF.
In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Personify Health, Inc. commits to resolve DPF Principles-related complaints about our collection and use of your personal information. EU and UK individuals and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF should first contact Personify Health, Inc. at: [email protected].
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Personify Health, Inc. commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact Truste, our U.S.-based third-party dispute resolution provider, (free of charge) at https://feedback-form.truste.com/watchdog/request.
As noted above, you have the following rights under GDPR:
- The right of access, explained in more detail above
- The right to amend or change your data, explained in more detail above
- The right to transfer your data to another provider, explained in more detail above
- The right to delete your data, also called the right to be forgotten, explained in more detail above
- The right to object to processing activities, explained in more detail above
- The right to restrict processing activities, explained in more detail above
- The right to submit data protection related complaints to Us and to relevant government agencies, as referenced above
- The right to opt out of selling your data, explained in more detail above
- The right to opt out of having your Personal Information used to profile you in order to recommend Personify Health services that may be suitable for you
- The right to opt-out, or an opt-in choice for sensitive data, before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized.
You can use Our online data management tool, available on your profile page, to submit data subject rights requests or contact [email protected] and provide your request. You may also contact Prighter. Prighter gives you an easy way to exercise your privacy-related rights (e.g., requests to access or erase personal data). If you want to contact us via Our representative Prighter or make use of your data subject rights, please visit: https://prighter.com/q/12992072071.
As noted above, in certain situations, Personify Health may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Finally, please note you may have the right, under certain conditions, to invoke binding arbitration when you have a certain complaint with respect to Personify Health’s compliance with the GDPR Data Privacy Framework. You may demand binding arbitration. You may deliver a binding arbitration notice to Personify Health at: [email protected].
Personify Health’s privacy practices, described in this Privacy Notice, comply with the APEC Cross Border Privacy Rules System. The APEC CBPR system provides a framework for organizations to ensure protection of personal information transferred among participating APEC economies. Visit apec.org for more information about the APEC.
Personify Health’s practices comply with the Colorado Consumer Privacy Act (CPA), the Connecticut Personal Data Privacy Act (CTDPA) and the Virginia Consumer Data Protection Act (CDPA). Personify Health also complies with the California Consumer Privacy Act (CCPA), the California Privacy Rights Act (CPRA), and similar state laws. If you are California Resident, please see our Supplemental Privacy Notice for California Residents located at personifyhealth.com/legal/ccpa.
How Long will Personify Health Keep My Personal Information? Anonymized Data?
Personify Health will keep your Personal Information for the duration of your membership. Your Personal Information will be deleted not more than thirty-two (32) days after (i) your Program Sponsor terminates its agreement with Personify Health or (ii) you terminate your membership, whichever comes first. Personify Health is permitted to keep your personal information as permitted or required by law.
Personify Health will keep anonymized data for the period set forth in its retention policy.
Which Translation of the Personify Health Privacy Notice is the Official Version?
Please note that any translation of this Notice is intended solely to facilitate your access to this information. The English version is the only official version of this Notice, and any translation inaccuracies or discrepancies are not binding and have no legal effect for compliance or enforcement purposes.
How can I contact Personify Health or its Data Protection Officer (DPO)?
If you have general questions about your Program, you can contact Member Services by calling 1-888-671-9395 (in the US) or by sending an email to [email protected].
If you have any questions, comments or concerns, about this Notice, or your rights and obligations under this Notice, you may contact Us via email at [email protected] or via the “Contact Us” section of the Personify Health web-based platform and mobile application.
Alternatively, you can contact Us by writing to:
Personify Health, Inc.
Attn: Privacy Officer
75 Fountain Street
Providence, Rhode Island 02903
United States
Representation for data subjects in the EU
We value your privacy and your rights as a data subject and have therefore appointed Prighter as Our privacy representative and your point of contact.
Prighter gives you an easy way to exercise your privacy-related rights (e.g., requests to access or erase personal data). If you want to contact us via Our representative Prighter or make use of your data subject rights, please visit: https://prighter.com/q/12992072071.