Privacy Notice
Effective Date: May 15th, 2025.
At Microhealth, your privacy is our priority. We do our utmost to protect any type of personal data shared with us. This Privacy Policy describes our company’s privacy practices in connection with the Microhealth websites and mobile applications that display it. Learn more about how we use personal data and how to reach us, if you have requests or questions.
You can navigate to any of the sections of this Privacy Policy using the links below:
- Scope
- Personal Information We Collect
- In Connection With the Use of Our Services
- By Automated Means
- Cookie Policy
- How We Use the Personal Information We Collect
- With Your Consent
- As a Result of Our Contractual Relationship With You
- Based on Our Legitimate interests
- In Response to Legal or Regulatory Obligations
- To Protect Your Vital Interests.
- Personal Information We Share
- Use of the Services by Minors
- Your Privacy Rights and Controls
- Obtaining Your Consent
- Your Privacy Rights
- Other Rights and Controls
- Changes to This Privacy Policy
- How We Protect Your Data
- Third Party Content and Links
- Supplemental Notices By Location
- United States
- European Economic Area
- EU – U.S. Data Privacy Framework
- Other Jurisdictions
- Contact Information
1. Scope
General Scope. This Privacy Policy describes the privacy practices of Microhealth in connection with Microhealth’s websites and mobile applications (the “Services”). In addition, this Privacy Policy describes the types of personal information that Microhealth collects and processes, how Microhealth may use and share that information, and the choices that are available to you with respect to Microhealth’s handling of your information. Please note that some functionality described in this Privacy Policy may not be available on our websites or mobile applications to all individuals or at all times.
Jurisdiction-Specific Disclosures. If you are located or reside in any of the following jurisdictions, please see the Jurisdiction-Specific Disclosures linked directly below or shown at the end of this Policy for additional information related to rights you may have under the applicable privacy laws of your jurisdiction and disclosures required by the privacy laws of particular jurisdictions. Note the remainder of this Privacy Policy applies to all jurisdictions.
- If you are in the United States, please see our HIPAA Notice of Privacy Practices and Supplemental United States Privacy Notice in Section 11.
- If you are in the European Economic Area (EEA), the United Kingdom (UK) or Switzerland, please see our Supplemental EEA Privacy Notice in Section 11.
2. Personal Information We Collect
As a result of using the Services, you may, either directly or indirectly, provide certain information to us. We collect information from you directly, voluntarily provided by you, when you visit our websites and our Apps. In addition, we automatically collect some information, such as your IP address and/or browser and device characteristics, when you visit our websites.
-
In Connection With The Use of Our Services. The types of personal information we may collect in connection with your use of our websites and mobile applications include:
- Personal and business contact information, such as your name, email address, mailing address, and phone number;
- Demographic information, such as your gender, birth date, weight, height and location;
- Username and password that you may select in connection with establishing an account on our websites or mobile applications;
- A profile picture (which may be your photograph) that you may choose to associate with your account;
- Medical or health information that you choose to provide to us (whether directly or through third parties), including information about your treatments for medical conditions, symptoms and medications you may take;
- Healthcare professionals’ and medical researchers’ information about their work and research.
-
By Automated Means. We, our service providers, and our business partners may also collect certain information about the use of our websites and mobile applications by automated means, such as cookies, web beacons and other technologies. We and our service providers and business partners may also collect information about your online activities over time and across third-party websites when you use our websites and mobile applications.
Information that may be collected by automated means includes:
-
Details about the devices that are used to access our websites or mobile applications (such as the IP address, and type of operating system and web browser;
-
Dates and times of visits to, and use of, our websites and mobile applications;
-
Information about how our websites and mobile applications are used (such as the content that is viewed on our websites and how users navigate between our web pages, or the features of our mobile application that are used and how users navigate between screens on our mobile application);
-
URLs that refer visitors to our websites; and
-
Search terms used to reach our websites or locate our mobile applications.
Please see the “Your Privacy Rights and Controls” section below for information about how you may opt out of, or limit the use of, your browsing behavior for interest based advertising purposes.
-
-
Cookie Policy. At Microhealth we use a variety of cookies to enable you to move around the site or to provide certain basic features.
-
Strictly necessary cookies; These cookies are necessary for the website to function and cannot be switched off in this website. They are usually only set in response to a request made by you, such as setting your privacy preferences, logging in or filling out forms. These cookies do not store any personally identifiable information.
-
Performance cookies; Performance cookies are used across Microhealth websites for internal purposes to help us to provide you with a better user experience. Information supplied by these cookies helps us understand how our visitors use microhealth.com so that we can improve our content.
You can change your settings for these tools by visiting the preference center in the cookie banner of the Site you are viewing. If you have already closed the cookie banner, you may need to select the cookie icon on the site or click the “cookie settings” icon in the footer to access the preference center. To find out more about cookies, visit www.aboutcookies.org.
-
3. How We Use The Personal Information We Collect
How we use the information we collect depends in part on which Services you use, how you use them, and any preferences you have communicated to us.
We may use your personal information as specified below based on your consent, our contractual relationship with you, our legitimate interests, our legal or regulatory obligations, or your vital interests:
-
With Your Consent. When you visit our Trust Center you can provide your affirmative express consent to how we use your personal information. We will always ask you for your consent to collect and use your personal information where required.
Specifically, through our Trust Center you can consent or decline the following uses:
- Medical Research: We will ask for your consent to share your personal information with medical researchers seeking to improve the future of people living with your health condition. By default, we share your personal information anonymously. However if, as part of a specific protocol in a particular clinical study, researchers should request access to your name or other personal identifiers, we will always make it clear to you in advance and seek a separate informed, affirmative and express consent specific to the study.
- Surveys and Clinical Trials: We will ask for your consent to invite you to participate in paid surveys and clinical trials offered by our partners.
- Sponsored Content: We will ask for your consent to provide you with information from selected life science, patient advocacy and other ecosystem partners relating to the latest research, clinical trials, medications and education related to your specific health condition.
-
As a Result of Our Contractual Relationship with You. We have a contractual relationship with our members. We may need to use personal information you have shared with us so that we can meet our contractual obligations to you. For example, we may use your personal information for the following:
- Establish and maintain an account on our websites or mobile applications.
- Send you related information, including confirmation, technical notices, updates, security alerts and support messages.
- Respond to your comments and questions and provide you with customer services.
- Operate and improve your experience when using our apps and our websites.
- Carry out system maintenance, bug fixes, and other technical patching.
- Combine your information with other personal information we collect through our Services or receive from third parties at your request.
- Send and share your personal health information to your healthcare providers at your election.
- Protecting you and others, as well as, to create and maintain a safe and trusted environment.
-
Based on Our Legitimate Interests. Our legitimate interests are Microhealth’s needs to carry out and manage our business. When we use your personal information for our legitimate interests, we carefully consider and balance any potential impact our activities may have on your privacy rights. We will not use your personal information where, on balance, we assess that your privacy rights override our legitimate interests, unless we have your consent to do so.
We may use your personal information for Microhealth’s legitimate business interests to:
- Operate and improve the services we offer, including our websites and mobile applications (including to develop new services).
- We may also de-identify, anonymize and/or aggregate any personal information that we collect in connection with our websites and mobile applications, such that the information is no longer personally identifiable or attributable to you. We may use such anonymized and/or aggregated information for our own legitimate business purposes without restriction.
- Send you information about our products and services if you are a user of one of our apps.
- Better understand how you use the services to optimize the service based on your interests, preferences and needs.
-
In Response to Legal or Regulatory Obligations. In limited circumstances, we may be legally required to share your personal information to comply with our legal and regulatory obligations. Generally, this will apply to our legal obligations to state or federal authorities, such as tax authorities, consumer authorities, or health authorities.
Examples of when we may use your personal information to comply with a legal or regulatory obligation include:
- Complying with legal requirements, judicial process, and our company policies (including to verify users’ identity in connection with access or correction requests).
- Protecting against, identifying, investigating, or responding to fraud, illegal activity (such as incidents of hacking or misuse of our websites and mobile applications), and claims and other liabilities, including by enforcing the terms and conditions that govern the use of our websites and mobile applications.
We only honor requests for personal information from law enforcement authorities if the request is by legal authority or supported by a duly executed warrant.
-
To Protect Your Vital Interests. Rarely, we may be required to share your personal health information with a third party where the information is absolutely necessary to provide medical care to you in life or death circumstances. For example, in an emergency, a healthcare provider may require access to information to provide vital care or to contact your next of kin. We would only share personal health information for your vital interests where you are physically or legally incapable of consenting to your personal information being shared.
When deciding whether to share your personal information in such situations, we will always consider whether it is possible for the requester to obtain the same information in an alternative and less intrusive way.
4. Personal Information We Share
Microhealth does not share personal information except as described in this Privacy Policy.
We may share information that we obtain about you with:
- Our affiliates and subsidiaries for the purposes described in this Privacy Policy;
- Our service providers, vendors or consultants that perform services on our behalf;
- We may share de-identified and/or aggregated information with third parties for data analysis, demographic profiling, marketing, advertising, research and other similar purposes; and
- Third parties with whom you ask, consent or authorize us to share your personal information. For example, you may request that we send your personal information (whether on a one-time or recurring basis) to a healthcare provider or a company that maintains your health records or information.
De-identified and/or Aggregate Information. We may de-identify and/or aggregate any personal information that we collect in connection with our websites and mobile applications, such that the information is no longer personally identifiable or attributable to you. We may use such de-identified and/or aggregated information for our own legitimate business purposes.
Sale or transfer of the business or assets. Unless prohibited by applicable law, we reserve the right to transfer the information we maintain in the event we sell or transfer all or a portion of our business or assets. If we engage in such a sale or transfer, where required by applicable law, we will make reasonable efforts to direct the recipient to use your personal information in a manner that is consistent with this Privacy Policy. After such a sale or transfer, you may contact the recipient with any inquiries concerning the processing of your personal information.
Legal or regulatory obligations. In addition, we may share your information to comply with legal requirements, and protect against and prevent fraud, illegal activity (such as identifying and responding to incidents of hacking or misuse of our websites and mobile applications), and claims and other liabilities.
Examples of when we may use your personal information to comply with a legal or regulatory obligation include: complying with legal requirements, judicial process, and our company policies (including to verify users’ identity in connection with access or correction requests); and protecting against, identifying, investigating, or responding to fraud, or illegal activity.
Retention Period of Personal Data. We will only keep your personal information for as long as it is necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required by law (such as HIPAA, tax, accounting or other legal requirements). You may contact us for details on our specific retention periods. When we no longer have your consent or we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it. If this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
Keeping Your Information Safe. We aim to protect your personal information through a system of organizational and technical security measures. We have implemented appropriate technical and organizational security measures designed to protect the security of any personal information we process. For example, we have deployed end-to-end encryption to protect personal health information at rest and in transit. While we do our best to protect your personal information, you should only access our apps or website within a secure environment.
5. Use Of The Services By Minors
At Microhealth, we are committed to protecting and respecting children’s privacy. Our websites and mobile applications are intended for individuals at least 18 years old and we do not intentionally collect personal information from individuals under 18 years old. If you are the parent or legal guardian of a child under the age of 18, you must register in order to manage the account for the minor.
If you are a parent or guardian and you are aware that a child has provided us with their personal information without parental consent, please contact us at privacy@microhealth.com and we will take steps to remove that personal information from our servers.
6. Your Privacy Rights And Controls
Obtaining Your Consent. When you visit our Trust Center you can consent to how we use your personal information. Where required, we will always ask you for your consent to collect and use your personal information.
Specifically, as mentioned in Section 3 of this Privacy Policy, through our Trust Center you can provide your affirmative express consent to the following:
- Medical Research: We will ask for your consent to share your personal information with medical researchers seeking to improve the future of people living with your health condition. By default, we share your personal information anonymously. However if, as part of a specific protocol in a particular clinical study, researchers should request access to your name or other personal identifiers, we will always make it clear to you in advance and seek a separate informed, affirmative and express consent specific to the study.
- Surveys and Clinical Trials: We will ask for your consent to invite you to participate in paid surveys and clinical trials offered by our partners.
- Sponsored Content: We will ask for your consent to provide you with information from selected life science, patient advocacy and other ecosystem partners relating to the latest research, clinical trials, medications and education related to your specific health condition.
Your Privacy Rights. Microhealth believes that you should have control of your personal information. To that end we provide the following rights to make requests regarding your personal information. You may make these requests by contacting privacy@microhealth.com or (in some cases) by using features within our websites and applications.
- Access. You have the right to know what personal information we collect about you and how we use it. This Privacy Policy serves to inform you about that collection and use. If we have personal information about you, you may also request a copy of that information.
- Correction. You have the right to request the correction of your inaccurate personal information.
- Portability. You may request an export of your personal information in a structured and machine readable format such as a .csv or .pdf. Where feasible, we can send that export to a third party you identify.
- Deletion. You have the right to request, under certain circumstances, the deletion of your personal information that we collect.
- Restriction. You have the right to request that Microhealth restrict the use of your personal information in certain circumstances. Please note that in some cases we may not be able to place a restriction due to the use being necessary for functionality or delivery of the Services.
- No retaliation or discrimination. You have the right not to receive discriminatory or retaliatory treatment for making a request.
Upon receiving your request, we may ask for additional information from you in order to verify the request or confirm how you would like to proceed. We endeavor to respond to a verifiable request without undue delay. If we require an extended amount of time, we will inform you using the email associated with your account or the email you used to make the request.
We do not charge a fee to process your verifiable request unless it is excessive, repetitive, or clearly unfounded. If we determine that your request requires a fee, we will tell you why and provide you with a cost estimate before completing your request.
Your rights are not absolute, and exceptions may apply. These exceptions can arise from different factors including our legal obligations, the rights of others, your or another’s safety, and our ability to bring or defend against legal claims. Additionally, we will not fulfill your request if you do not provide sufficient information to verify your identity or to verify that a third party making the request is authorized to act as your representative.
Some US jurisdictions provide residents with certain rights with respect to their personal information as defined under applicable law. These rights are subject to the specific laws of that jurisdiction and that certain other rights might apply. For additional information on jurisdiction-specific disclosure see Section 11 “Supplemental Notices by Location” below.
Other Rights and Controls. You have certain rights and choices regarding Microhealth’s processing of your personal information:
- You may unsubscribe from receiving marketing or other commercial emails from Microhealth by following the instructions included in the email. However, even if you opt out of receiving such communications, we retain the right to send you non-marketing communications (such as changes in websites on mobile applications terms);
- Your web browser may provide you with the ability to disable receiving certain types of cookies; however, if you disable cookies, some features or functionality of our websites may not function correctly; and
- You may correct, update, or change any information provided and stored in Microhealth’s database by updating your profile. In countries that provide you with a legal right to request that we delete your personal information, or request that we cease some or all processing of your personal information, you may make such a request; however, your choice to exercise these rights may affect your ability to continue to use our websites or mobile applications. If you ask Microhealth to delete your information, Microhealth may retain any information in aggregate form and use and share such aggregate data for its business purposes. We reserve the right to verify user identity in connection with access or correction requests to help ensure that we provide the information to individuals to whom it pertains.
7. Changes To This Privacy Policy
This Privacy Policy is effective as of the “effective date” posted above. We may update this Privacy Policy from time to time to reflect website or app changes, make corrections, improve clarity, reflect changes in our privacy practices, or as required by applicable laws.
When we may make a significant change, such as on how we use your personal information or your rights, we will notify you within the website, app or through another channel such as the email you supplied during account registration. Your use of the Services following these changes means that you accept the revised Privacy Policy. We encourage you to periodically check this Privacy Policy to stay informed about how we handle your personal information.
8. How We Protect Your Data
The security of your personal information is important to us. We follow generally accepted standards, practices, and procedures to protect the personal information submitted to us, both during transmission and once it is received. We maintain appropriate technical, administrative and physical safeguards to help protect the security of your personal information against unauthorized access, destruction, loss, alteration, disclosure or misuse.
No security can be fully guaranteed, though. If you have an account with us and you suspect unauthorized use of your account or its credentials, you should contact us immediately using the contact information in Section 9 (“Contact Information” below or contact our privacy team directly at privacy@microhealth.com.
9. Third Party Content And Links
For your convenience and information, we may provide links to websites and other third-party content that is not owned or operated by Microhealth. The websites and third-party content to which we link may have separate privacy notices or policies. Microhealth is not responsible for the privacy practices of any entity that it does not own or control.
This Privacy Policy does not apply to the privacy practices of any clinical study sponsor or its service providers that conduct a clinical study in which you participate, or any research institution, healthcare facility, physician, or any other entity or individual associated with the clinical trial.
10. SUPPLEMENTAL NOTICES BY LOCATION
Depending on your location, you may have additional rights that apply to you under your jurisdiction’s privacy laws. Below we provide supplemental information about our efforts to comply with those additional privacy laws as well as inform you about your rights.
-
United States
We include this section for residents of other US states with privacy laws that may impact them. These privacy laws include the Virginia Consumer Data Privacy Act (“VCDPA”), the Connecticut Data Privacy Act (“CTDPA”), the Utah Consumer Privacy Act (“UCPA”), the Colorado Privacy Act (“CPA”), and the Nevada Privacy Law (“NPL”). This section is intended to comply with these laws by supplementing the information provided elsewhere in the Privacy Policy.
Collection of personal information. Microhealth may collect the personal information described in Section 2 above. Please note that some of this personal information will be considered sensitive under your state’s legal definition which can vary across different states. The personal information we may collect depending on how you use our Services includes mental or physical health information, racial or ethnic origin, and/or about gender identity.
Use of personal information. Microhealth may collect, use, or disclose personal information about US state residents for purposes listed in Section 3 of our Privacy Policy.
Disclosure of personal information. We may disclose your personal information to the categories of service providers and third parties identified in Section 4 of this Privacy Policy, and in ways that are described in that section.
Your privacy rights. We generally provide the privacy rights described in Section 6 above to you regardless of your location. You may exercise the data subject rights applicable to you under the applicable US State Privacy Law by contacting us at privacy@microhealth.com.
While we will make reasonable efforts to accommodate your request, we reserve the right to impose certain restrictions or requirements on your request, if allowed by or required by applicable law.
Non-Discrimination.. You have the right not to receive discriminatory treatment for the exercise of the privacy rights described above.
-
European Economic Area
This Supplemental European Economic Area Privacy Notice applies if you are located in the European Economic Area, the United Kingdom, or Switzerland.
In accordance with article 3(2) Regulation (EU) 2016/679 (“GDPR”), Microhealth, as an entity falling under the scope of the European data protection framework has adapted its processing activities to make them compliant with European standards. Additionally, and in accordance with the applicable European data protection regulations, you, as a data subject in the European Union are hereby informed of the following:
Data Controller: Microhealth is the Data Controller responsible for the processing of your personal data within all its websites and applications. MicroHealth Inc. is an entity domiciled at 2093 Philadelphia Pike #9328, Claymont, DE 19703.
Categories of Personal Data, Purposes of Processing, and Source. See Section 2, 3, and 4 above for categories of personal data that Microhealth collects, for the purposes Microhealth uses your personal data and, if applicable, the circumstances under which it is shared.
Special Category Data. To adequately provide you with the platform services, Microhealth needs to access and process your health data. This type of data is defined by GDPR as “special categories of personal data”. To adequately allow Microhealth to process said data, you hereby expressly consent to the processing of health data. Microhealth hereby declares that it will process your health data strictly for the purposes enshrined in the table above. We remind you that the communication of your health data is voluntary. Nevertheless, please take into account that non-communicating this type of data may render the platform services ineffective.
Lawful Basis for Processing. Microhealth relies on one or more legal bases to process your personal information under applicable law, including:
-
with your consent, which you may withdraw at any time;
-
when the processing is necessary to perform our contractual obligations to you, like under our Terms of Service;
-
when necessary to pursue our legitimate interests as further detailed below;
-
when necessary for our compliance with our legal obligations such as a request or order from courts, law enforcement or other government authorities.
See additional information on these lawful bases for processing in Section 3 above.
Additional Privacy Rights. Individuals in the European Economic Area have privacy rights under the GDPR and/or UK equivalent. We will work to respond to your verified request within a month’s time unless we request an extension. Section 6 (“Your Privacy Rights and Controls”) above generally covers these privacy rights but EU and UK residents also have the following:
-
Right not to be subject to automated decision making – You have the right not to be subject to a decision based solely on automated processing. Please know that we do not currently make decisions about you in this manner.
-
Right to lodge a complaint – You may also have the right to lodge a complaint about our data collection and processing actions with the appropriate supervisory authority. Please see below for more information.
Data Storage. All data collected from users is stored within either our (1) United States (“US”) or (2) European Union (“EU”) server environment. Our US server is located within the United States geographic area, while our EU server is located in France. All data stored within the warehouse is encrypted at rest and in transit. This means that any data currently stored within the warehouse is encrypted, as well as any data moving in or out of the digital warehouse.
International Data Transfers. Your information may be transferred to, and maintained on, computers located outside of your state, province, country or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. All information processed by us may be transferred, processed, and stored anywhere in the world, including, but not limited to, France, Spain, the United States or other countries, which may have data protection laws that are different from the laws where you live. Our websites and mobile applications are not intended to subject MicroHealth to the laws or jurisdiction of any state, country or territory other than that of the United States, but we endeavor to safeguard your information consistent with the requirements of applicable laws.
Contact Information. MicroHealth has appointed the following representative established in the Union to deal with any data protection matters within the EU:
Microhealth España, S.L.
Calle Felipe Sanclemente, 6,
50001, Zaragoza, Spain
B-99311284
Email: privacy@microhealth.comAny questions or concerns regarding this Privacy Policy may be addressed to the Representative established in the European Union.
If you are resident in the European Economic Area and you believe we are unlawfully processing your personal information, you also have the right to make a complaint to your local data protection supervisory authority. You can find their contact details below. Our EU Supervisory Authority is:
Agencia Española de Protección de Datos (AEPD)
C/ Jorge Juan, 6,
28001, Madrid,
Spain
+34 901 100 099 – +34 91 266 35 17 -
-
Data Privacy Framework
Microhealth, Inc. complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Microhealth, Inc. has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom in reliance on the UK Extension to the EU-U.S. DPF. Microhealth, Inc. has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and Swiss-U.S. DPF Principles require that we remain potentially liable if any third-party processing personal data on our behalf fails to comply with EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, or Swiss-U.S. DPF Principles (except to the extent we are not responsible for the event giving rise to any alleged damage).Microhealth, Inc.’s compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and Swiss-U.S. DPF is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.
Please contact us as described below with any questions or concerns relating to our EU-U.S. DPF, the Swiss-U.S. DPF, or UK Extension to the EU-U.S. DPF Certifications. In compliance with the EU-U.S. DPF, the Swiss-U.S. DPF, and the UK Extension to the EU-U.S. DPF, Microhealth, Inc. commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF, Swiss-U.S. DPF and the UK Extension to the EU-U.S. DPF to JAMS, an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://www.jamsadr.com/dpf-dispute-resolution for more information or to file a complaint. The services of JAMS are provided at no cost to you. Under certain conditions, you may also be entitled to invoke binding arbitration for complaints not resolved by other means. If there is any conflict between the terms in this Privacy Policy and the EU-U.S. DPF, the Swiss-U.S. DPF, or the UK Extension to the EU-U.S Principles, those Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
Your Choices. There is no law or contract between you and us stating that individuals in the EEA, Switzerland, or UK have to use our Services. We ask you to provide your name, organization, and eligibility information to verify your eligibility to receive certain Services from us, certain essential details about yourself and your lifestyle in an intake form and initial questionnaire so that we may recommend Providers and a coaching program to you, and your payment details to administer our late-cancellation and no-show policies. We cannot provide you with a recommendation or access to coaching services unless you provide such information. You do not have to provide personal data that is not shown as required to receive our Services (as indicated within the platform); the only consequence of not providing this personal data is that it will not be taken into consideration when we recommend coaching services to you and when you receive such services. You do not have to consent to our use of personal data for advertising purposes. If you do not allow us to collect the data we automatically collect from users of our Services, some of our Services may not work properly or be as tailored to you as they could otherwise be, but they will still generally be usable.
To the extent that you have given consent, you can withdraw your consent at any time with future effect by contacting us as described below. Such a withdrawal will not affect the lawfulness of the processing prior to the withdrawal of consent.
Data Retention. See Section 4 for information on Microhealth’s data retention practices. Generally, your personal data will be stored by us/our service providers only to the extent necessary for the performance of our obligations and strictly for the time necessary to achieve the purposes for which the personal data is collected.
Your Rights. In the EEA, Switzerland and the UK you have the following rights relating to your personal data, subject to the conditions under the GDPR and/or applicable local data protection law:
-
Right to request access to personal data: You have the right to obtain from us confirmation as to whether your personal data is being processed, and, where that is the case, to request access to that personal data and details about how we process your personal data, including the categories of personal data processed, the purpose of the processing and the recipients or categories of recipients, the existence of automated decision-making, including profiling and you have the right to obtain copies of the personal data. However, this is not an absolute right and the interests of other individuals may restrict your right of access.
-
Right to rectification: You have the right to obtain from us the rectification of inaccurate personal data concerning you. Depending on the purposes of the processing, you may have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
-
Right to erasure (right to be forgotten): You have the right to ask us to erase your personal data.
-
Right to object: Under certain circumstances, you may have the right to object, on grounds relating to your particular situation, at any time, to the processing of your personal data, including profiling, by us. This includes the right to object to our processing of your personal data where we are pursuing our legitimate interests or those of a third party. If we process your personal data based on our legitimate interests or those of a third party, you can object to this processing, and we will cease processing your personal data, unless the processing is based on compelling legitimate grounds or is needed for legal reasons. Moreover, if your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing. In this case your personal data will no longer be processed for such purposes by us.
-
Right to restriction of processing: In limited circumstances, you have the right to request restriction of processing of your personal data, in which case, it would be marked and processed by us only for certain purposes.
-
Right to data portability: You have the right to receive your personal data which you have provided to us in a structured, commonly used and machine-readable format and you have the right to transmit the personal data to another entity without hindrance from us.
-
You also have the right to lodge a complaint with a supervisory authority (only for EEA and UK).
In some jurisdictions such as France, if applicable pursuant to local law, you also have the right to provide us with guidelines as to the processing of your personal data after your death.
You can exercise your rights by completing this form.
You may view a list of supervisory authorities in the EEA, UK and Switzerland and their respective contact information here (however, you have the right to lodge a complaint in the Member State of your habitual residence, place of work or an alleged infringement of the GDPR):
Jurisdiction Data Protection Authority’s Website EEA https://edpb.europa.eu/about-edpb/board/members_en United Kingdom https://ico.org.uk/global/contact-us/ Switzerland https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/contact.html -
-
Other Jurisdictions
If you do not see your jurisdiction above please do not interpret that to mean that we do not respect your privacy: we encourage you to still contact us using the contact details above with your questions or concerns.
11. Contact Us
If you have any questions, concerns or inquiries about this Privacy Policy or any other of our privacy practices, please contact us by email at privacy@microhealth.com or by regular mail at:
Microhealth, Inc.
Attn: Privacy Officer
2093 Philadelphia Pike #9328
Claymont, DE 19703
We look forward to hearing from you.