Privacy Policy
Effective as of April 23, 2021
This Privacy Policy describes the privacy practices of Prosody Health, Inc. (“Prosody”, “we”, “us” or “our”) and how we handle personal information that we collect through our digital properties, including our website, mobile application, and digital health assessments you complete at the direction of your healthcare provider (collectively, the “Services”). We may provide additional or supplemental notices to individuals for specific products or services that we offer at the time we collect personal information.You may access our Services through your healthcare provider. In these instances, Prosody may qualify as a “Business Associate” to the healthcare provider (which would be a “Covered Entity”) under the Health Insurance Portability and Accountability Act of 1996 as amended (“HIPAA”). In these cases, the data that the healthcare provider provides to Prosody about you or the data that we collect from you on behalf of the healthcare provider are also subject to specific terms and conditions under a Business Associate Agreement, as required by HIPAA. When we are acting as a Business Associate, we process your information only on behalf of the healthcare provider.

Index.

Personal information we collectHow we use your personal informationHow we share your personal informationYour choicesOther sites and services SecurityInternational data transferChildrenChanges to this Privacy PolicyHow to contact usYour California privacy rights

Personal information we collect:

Information you provide to us. Personal information you may provide to us through the Services or otherwise includes:

Contact data, such as your first and last name, email address, mailing address, and phone number.

Assessment content, such as answers you may submit to certain questions and/or biometric data that you may submit via the Services.

Questionnaire responses that you voluntarily provide via the Services.

Health information, such as medical conditions or symptoms that you voluntarily provide via the Services.

Demographic information, such as your city, state, country of residence, postal code, and age.

Profile data, such as the username and password that you may set to establish an online account with us, biographical details, and any other information that you add to your account profile.

Communications that we exchange with you, including when you contact us with questions or feedback, through the Services, social media, or otherwise.

Marketing data, such as your preferences for receiving our marketing communications and details about your engagement with them.

Government-issued identification numbers, such as national identification number (e.g. Social Security Number, tax identification number, passport number), state or local identification number (e.g., driver’s license or state ID number), and an image of the relevant identification card.

Payment information needed to complete transactions, including payment card information or bank account number.

Other data not specifically listed here, which we will use as described in this Privacy Policy or as otherwise disclosed at the time of collection.

Third-party sources. We may combine personal information we receive from you with personal information we obtain from other sources, such as:

Healthcare providers, such as your healthcare provider that referred you to the Services and may provide information to us at your direction.

Public sources, such as government agencies, public records, and other publicly available sources.

Data providers, such as information services and data licensors that provide demographic and other information.

Marketing partners, such as joint marketing partners and event co-sponsors.

If you choose to login to the Service via a third-party platform or social media network, or otherwise connect your account on the third-party platform or network to your account through the Services, we may collect information from that platform or network. For example, this information may include your Facebook username, user ID, profile picture, cover photo, and networks to which you belong (e.g. school, workplace). You may also have the opportunity to provide us with additional information via the third-party platform or network, such as a list of your friends or connections and your email address.

Automatic data collection. We, our service providers, and our business partners may automatically log information about you, your computer or mobile device, and your interaction over time with the Services, our communications and other online services, such as:

Device data, such as your computer’s or mobile device’s operating system type and version, manufacturer and model, browser type, screen resolution, RAM and disk size, CPU usage, device type (e.g., phone, tablet), IP address, unique identifiers (including identifiers used for advertising purposes), language settings, mobile device carrier, radio/network information (e.g., Wi-Fi, LTE, 3G), and general location information such as city, state or geographic area.

Online activity data, such as pages or screens you viewed, how long you spent on a page or screen, the website you visited before browsing to the Services, navigation paths between pages or screens, information about your activity on a page or screen, access times and duration of access, and whether you have opened our marketing emails or clicked links within them.

Location data when you authorize our mobile application to access your device’s location.

Cookies and similar technologies. Like many online services, we use the following technologies:

Cookies, which are text files that websites store on a visitor’s device to uniquely identify the visitor’s browser or to store information or settings in the browser for the purpose of helping you navigate between pages efficiently, remembering your preferences, enabling functionality, helping us understand user activity and patterns, and facilitating analytics and online advertising. Our sites may use both session cookies (which expire once you close your web browser) and persistent cookies (which stay on your computer or mobile device until you delete them). Some of these cookies are served by third party service providers or business partners and can be used by these parties to recognize your computer or mobile device when it visits the Services and other online services.

Local storage technologies, like HTML5 and Flash, that provide cookie-equivalent functionality but can store larger amounts of data, including on your device outside of your browser in connection with specific applications.

Web beacons, also known as pixel tags or clear GIFs, which are used to demonstrate that a webpage or email address was accessed or opened, or that certain content was viewed or clicked.

Software Development Kits (SDKs), which are used to incorporate third party computer code into the Services that allows our third party service providers or advertising partners to collect data directly from the Services for a variety of purposes, including to provide us with analytics regarding the use of the Services, to integrate with social media, add features or functionality to the Services, or to facilitate online advertising.

These technologies may be employed for the following purposes:

Advertising. Used by advertising companies to collect information about how you use our websites and other websites over time. These companies use this information to show you ads they believe will be relevant to you within our services and elsewhere, and to measure how the ads perform.

Analytics. Help us understand how our services are performing and being used. These cookies may work with web beacons included in emails we send to track which emails are opened and which links are clicked by recipients. For example, we use Google Analytics to help us understand user activity on the Services. You can learn more about Google Analytics cookies here and about how Google protects your data here. You can prevent the use of Google Analytics relating to your use of our sites by downloading and installing a browser plugin available here.    

Essential. Necessary to allow the technical operation of our services (e.g., remember preferences you set or information you entered on a previous page).

Data about others. Users of the Service may have the opportunity to refer friends or other contacts to us and share their contact information with us. Please do not refer someone to us or share their contact information with us unless you have their permission to do so.

How we use your personal information. We may use your personal information for the following purposes or as otherwise described at the time of collection:

Service delivery. We may use your personal information to:provide, operate and improve the Services and our business; establish and maintain your user profile on the Service; communicate with you about the Services, including by sending announcements, updates, security alerts, and support and administrative messages; understand your needs and interests, and personalize your experience with the Services and our communications; and provide support for the Services, and respond to your requests, questions and feedback.

Research and development. We may use your personal information for research and development purposes, including to analyze and improve the Services and our business. As part of these activities, we may create aggregated, de-identified or other anonymous data from personal information we collect. We make personal information into anonymous data by removing information that makes the data personally identifiable to you. We may use this aggregated, de-identified, or other anonymous data and share it with third parties for our lawful business purposes, including to analyze and improve the Services and promote our business.

Marketing and advertising. We, our service providers and our third-party advertising partners may collect and use your personal information for marketing and advertising purposes as outlined below:

Direct marketing. We may send you Prosody-related or other direct marketing communications as permitted by law. You may opt out of our marketing communications as described in the Opt out of marketing section below.

Interest-based advertising. We may engage third-party advertising companies and social media companies to display ads on our Services and other online services. These companies may use cookies and similar technologies to collect information about your interaction (including the data described in the automatic data collection section above) over time across the Services, our communications and other online services, and use that information to serve online ads that they think will interest you. This is called interest-based advertising. We may also share information about our users with these companies to facilitate interest-based advertising to those or similar users on other online platforms.

Compliance and protection. We may use your personal information to:comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities;protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims); audit our internal processes for compliance with legal and contractual requirements and internal policies; enforce the terms and conditions that govern the Services; and prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft.

With your consent. In some cases, we may specifically ask for your consent to collect, use or share your personal information, such as when required by law.

Retention. We retain personal information as necessary to perform services, to satisfy legal, accounting, or reporting requirements, to establish or defend legal claims, for fraud prevention purposes and as otherwise permitted by law.

How we share your personal information. We may share your personal information with the following parties and as otherwise described in this Privacy Policy or at the time of collection.

Healthcare Providers. Your healthcare provider in connection with providing the Services.

Affiliates. Our corporate parent, subsidiaries, and affiliates, for purposes consistent with this Privacy Policy.

Service providers. Third parties that provide services on our behalf or help us operate the Services or our business (such as hosting, information technology, customer support, email delivery, marketing, and website analytics).

Payment processors. Any payment card information you use to make a purchase on the Services is collected and processed directly by our payment processors. Payment processors may use your payment data in accordance with their respective privacy policies.

Advertising partners. Third-party advertising companies for the interest-based advertising purposes described above.

Professional advisors. Professional advisors, such as lawyers, auditors, bankers and insurers, where necessary in the course of the professional services that they render to us.

Authorities and others. Law enforcement, government authorities, and private parties, as we believe in good faith to be necessary or appropriate for the compliance and protection purposes described above.

Business transferees. Acquirers and other relevant participants in business transactions (or negotiations and due diligence for such transactions) involving a corporate divestiture, merger, consolidation, acquisition, reorganization, sale or other disposition of all or any portion of the business or assets of, or equity interests in, Prosody or our affiliates (including, in connection with a bankruptcy or similar proceedings).

Your choices You have the following choices with respect to your personal information.

Access or update your information. If you have registered for an account with us through the Services, you may review and update certain account information by logging into the account.

Opt out of marketing communications. You may opt out of marketing-related emails by following the opt out or unsubscribe instructions at the bottom of the email. Please note that if you choose to opt out of marketing-related emails, you may continue to receive service-related and other non-marketing emails. You may also opt out of all SMS messages by replying STOP.

Cookies. Most browsers let you remove or reject cookies. To do this, follow the instructions in your browser settings. Many browsers accept cookies by default until you change your settings. Please note that if you set your browser to disable cookies, the Services may not work properly. For more information about cookies, including how to see what cookies have been set on your browser and how to manage and delete them, visit www.allaboutcookies.org.

Mobile location data. You can disable our access to your device’s precise geolocation in your mobile device settings.

Advertising choices. You can limit use of your information for interest-based advertising by:

Browser settings. Blocking third-party cookies in your browser settings.

Privacy browsers/plug-ins. By using privacy browsers or ad-blocking browser plug-ins that let you block tracking technologies.

Platform settings. Google and Facebook offer opt-out features that let you opt out of use of your information for interest-based advertising.

Ad industry tools. Opting out of interest-based ads from companies participating in the following industry opt-out programs: Network Advertising Initiative Digital Advertising AllianceAppChoices mobile app, which will allow you to opt out of interest-based ads in mobile apps served by participating members of the Digital Advertising Alliance.

Mobile settings. Using your mobile device settings to limit use of the advertising ID associated with your mobile device for interest-based advertising purposes.You will need to apply these opt-out settings on each device from which you wish to opt out.

Do Not Track. Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” or similar signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.

Declining to provide information. We need to collect personal information to provide certain services. If you do not provide the information we identify as required or mandatory, we may not be able to provide those services.

Delete data or close your account. You can choose to delete certain profile data in your account or you can request to close your account by contacting us.

Other sites and servicesThe Services may contain links to websites, mobile applications, and other online services operated by third parties. In addition, our content may be integrated into web pages or other online services that are not associated with us. These links and integrations are not an endorsement of, or representation that we are affiliated with, any third party. We do not control websites, mobile applications or online services operated by third parties, and we are not responsible for their actions. We encourage you to read the privacy policies of the other websites and mobile applications and online services you use.

Security We employ a number of technical, organizational and physical safeguards designed to protect the personal information we collect. However, security risk is inherent in all internet and information technologies and we cannot guarantee the security of your personal information.

International data transferWe are headquartered in the United States and may use service providers that operate in other countries. Your personal information may be transferred to the United States or other locations where privacy laws may not be as protective as those in your state, province, or country.

ChildrenThe Services are not intended for use by children under 13 years of age. If we learn that we have collected personal information through the Service from a child under 13 without the consent of the child’s parent or guardian as required by law, we will delete it.

Changes to this Privacy Policy We reserve the right to modify this Privacy Policy at any time. If we make material changes to this Privacy Policy, we will notify you by updating the date of this Privacy Policy and posting it on the Service. If required by law we will also provide notification of changes in another way that we believe is reasonably likely to reach you, such as via email or another manner through the Service. Any modifications to this Privacy Policy will be effective upon our posting the modified version (or as otherwise indicated at the time of posting). In all cases, your use of the Services after the effective date of any modified Privacy Policy indicates your acceptance of the modified Privacy Policy.

How to contact usEmail: admin@prosodyhealth.com

Mail: 4117 Hillsboro Pike, Suite 103-131, Nashville, Tennessee 37215

Your California privacy rights. Under California’s Shine the Light law (California Civil Code Section 1798.83), California residents may ask companies with whom they have formed a business relationship primarily for personal, family or household purposes to provide the names of third parties to which they have disclosed certain personal information (as defined under the Shine the Light law) during the preceding calendar year for their own direct marketing purposes and the categories of personal information disclosed. You may send us requests for this information to admin@prosodyhealth.com. In your request, you must include the statement “Shine the Light Request,” and provide your first and last name and mailing address and certify that you are a California resident. We reserve the right to require additional information to confirm your identity and California residency. Please note that we will not accept requests via telephone, mail, or facsimile, and we are not responsible for notices that are not labeled or sent properly, or that do not have complete information.