Privacy Policy

What new?

Who we are

Our website address is: https://preview.medicametrix.com.

Your privacy is important to us. This privacy statement explains the personal data MedicaMetrix collects, how MedicaMetrix processes it, and for what purposes.

MedicaMetrix offers a range of products related to health management and diagnostics. References to MedicaMetrix products in this statement include MedicaMetrix websites, apps, and devices.

Please read the product-specific details in this privacy statement, which provide additional relevant information. This statement applies to the interactions MedicaMetrix has with you and the MedicaMetrix products listed below, as well as other MedicaMetrix products that display this statement.

Personal data we collect

---

MedicaMetrix collects data from you, through our interactions with you and through our products for a variety of purposes described below, including how to operate effectively and provide you with the best experiences with our products. You provide some of this data directly, such as when you create a MedicaMetrix account, submit a search query on the website, register for a MedicaMetrix event, or contact us for support. We gather some information by collecting data about your interactions, use, and experience with our website, products, and communications.

We rely on a variety of legal reasons and permissions (sometimes called “legal bases”) to process data, including with your consent, a balancing of legitimate interests, necessity to enter into and perform contracts, and compliance with legal obligations, for a variety of purposes described below.

We also obtain data from third parties. We protect data obtained from third parties according to the practices described in this statement, plus any additional restrictions imposed by the source of the data. These third-party sources vary over time and include:

• Data brokers from which we purchase demographic data to supplement the data we collect.
• Services that make user-generated content from their service available to others, such as local business reviews or public social media posts.
• Communication services, including email providers and social networks, when you give us permission to access your data on such third-party services or networks.
• Service providers that help us determine your device’s location.
• Partners with which we offer co-branded services or engage in joint marketing activities.
• Developers who create experiences through or for MedicaMetrix products.
• Publicly-available sources, such as open government databases.

You have choices when it comes to the technology you use and the data you share. When asked to provide personal data, you can decline. Many of our products require some personal data to operate and provide you with a service. If you choose not to provide data required to operate and provide you with a product or feature, you cannot use that product or feature. Likewise, where we need to collect personal data by law or to enter into or carry out a contract with you, and you do not provide the data, we will not be able to enter into the contract; or if this relates to an existing product you’re using, we may have to suspend or cancel it. We will notify you if this is the case at the time. Where providing the data is optional, and you choose not to share personal data, features like personalization that use the data will not work for you.

The data we collect depends on the context of your interactions with MedicaMetrix and the choices you make (including your privacy settings), the products and features you use, your location, and applicable law.

The data we collect can include the following:

Name and contact data. Your first and last name, email address, postal address, phone number, and other similar contact data.

Credentials. Passwords, password hints, and similar security information used for authentication and account access.

Demographic data. Data about you such as your age, gender, country, and preferred language.

Payment data. Data to process payments, such as your payment instrument number (such as a credit card number) and the security code associated with your payment instrument.

Subscription and licensing data. Information about your subscriptions, licenses, and other entitlements.

Interactions. Data about your use of MedicaMetrix products. In cases, such as search queries, you provide this data in order to make use of the products. In other cases, such as error reports, we generate this data. Other examples of interactions data include:

• Device and usage data. Data about your device and the product and features you use, including information about your hardware and software, how our products perform, as well as your settings. For example:
  • Payment and account history. Data about the items you purchase and activities associated with your account.
  • Browse history. Data about the webpages you visit.
  • Device, connectivity, and configuration data. Data about your device, your device configuration, and nearby networks. For example, data about the operating systems and other software installed on your device, including product keys. In addition, IP address, device identifiers (such as the IMEI number for phones), regional and language settings, and information about WLAN access points near your device.
  • Error reports and performance data. Data about the performance of the products and any problems you experience, including error reports. Error reports (sometimes called “crash dumps”) can include details of the software or hardware related to an error, contents of files opened when an error occurred, and data about other software on your device.
  • Troubleshooting and help data. Data you provide when you contact MedicaMetrix for help, such as the products you use, and other details that help us provide support. For example, contact or authentication data, the content of your chats and other communications with MedicaMetrix, data about the condition of your device, and the products you use related to your help inquiry. When you contact us, such as for customer support, phone conversations or chat sessions with our representatives may be monitored and recorded.
  • Bot usage data. Interactions with third party bots and skills available through the MedicaMetrix website or associated social media accounts.
• Searches and commands. Search queries and commands when you use MedicaMetrix products with search or related productivity functionality.
• Social data. Information about your relationships and interactions between you, other people, and organizations, such as types of engagement (e.g., likes, dislikes, events, etc.) related to people and organizations.
• Other input. If you attend an in-person event, we collect the data you provide to us when registering for or during the event and if you enter into a prize promotion, we collect the data you input into the entry form.

Content. Content of your files and communications you input, upload, receive, create, and control. For example, if we need to collect the content of an email to deliver it to your inbox, display it to you, enable you to reply to it, and store it for you until you choose to delete it. Other content we collect when providing products to you include:

• Communications, including audio, video, text (typed, inked, dictated, or otherwise), in a message, email, call, meeting request, or chat.
• Photos, images, software, and other media or documents you store, retrieve, or otherwise process with our cloud.

Video or recordings. Recordings of events and activities at MedicaMetrix buildings, retail spaces, and other locations. If you enter a MedicaMetrix location or other facility, or attend a MedicaMetrix event that is recorded, we may process your image and voice data.

Feedback and ratings. Information you provide to us and the content of messages you send to us, such as feedback, survey data, and product reviews you write.

Product-specific sections below describe data collection practices applicable to use of those products.

How we use personal data

---

MedicaMetrix uses the data we collect to provide you rich, interactive experiences. In particular, we use data to:

• Provide our products, which includes updating, securing, and troubleshooting, as well as providing support. It also includes sharing data, when it is required to provide the service or carry out the transactions you request.
• Improve and develop our products.
• Personalize our products and make recommendations.
• Advertise and market to you, which includes sending promotional communications, targeting advertising, and presenting you relevant offers.

We also use the data to operate our business, which includes analyzing our performance, meeting our legal obligations, developing our workforce, and doing research.

For these purposes, we combine data we collect from different contexts (for example, from your use of two MedicaMetrix products). For example, MedicaMetrix may use information from your account to suggest action items in an email, and ProstaMetrix may use information about you to make personalized recommendations. However, we have built in technological and procedural safeguards designed to prevent certain data combinations where required by law. For example, where required by law, we store data we collect from you when you are unauthenticated (not signed in) separately from any account information that directly identifies you, such as your name, email address, or phone number.

Our processing of personal data for these purposes includes both automated and manual (human) methods of processing. Our automated methods often are related to and supported by our manual methods. To build, train, and improve the accuracy of our automated methods of processing data, we manually review some of the predictions and inferences produced by the automated methods against the underlying data from which the predictions and inferences were made.

When we process personal data about you, we do so with your consent and/or as required to provide the products you use, operate our business, meet our contractual and legal obligations, protect the security of our systems and our customers, or fulfill other legitimate interests of MedicaMetrix as described in this section and in the Reasons we share personal data section of this privacy statement. When we transfer personal data from the European Economic Area, we do so based on a variety of legal mechanisms, as described in the Where we store and process personal data section of this privacy statement.

More on the purposes of processing:

• Provide our products. We use data to operate our products. For example, if you enter a search query on the website, we use that query to display search results to you. Additionally, as communications are a feature of various products, programs, and activities, we use data to contact you. For example, we may contact you by phone or email or other means to inform you when a subscription is ending or discuss your account. We also communicate with you to secure our products, for example by letting you know when product updates are available.
• Product improvement. We use data to improve our products, including adding new features or capabilities. For example, we use error reports to improve security features or usage data to determine what new features to prioritize.
• Personalization. Many products include personalized features, such as recommendations that may help improve your health. These features use automated processes based on the data we have about you, such as inferences we make about you and your use of the product and location. For example, if you have a MedicaMetrix account, with your permission, we can sync your settings on several devices. Many of our products provide controls to disable personalized features.
• Product activation. We use data—such as device and application type, location, and unique device, application, network, and subscription identifiers—to activate products that require activation.
• Product development. We use data to develop new products. For example, we use data, often de-identified, to understand our customers’ needs, which can shape the development of new products.
• Customer support. We use data to troubleshoot and diagnose product problems, repair customers’ devices, and provide other customer care and support services, including to help us provide, improve, and secure the quality of our products, services, and training, and to investigate security incidents. Call recording data may also be used to authenticate or identify you based on your voice to enable MedicaMetrix to provide support services and investigate security incidents.
• Help secure and troubleshoot. We use data to help secure and troubleshoot our products. This includes using data to protect the security and safety of our products and customers, detecting malware and malicious activities, troubleshooting performance and compatibility issues to help customers get the most out of their experiences, and notifying customers of updates to our products. This may include using automated systems to detect security and safety issues.
• Safety. We use data to protect the safety of our products and our customers. Our security features and products can disrupt the operation of malicious software and notify users if malicious software is found on their devices. We reserve the right to block delivery of a communication or remove content if it violates our terms.
• Updates. We use data we collect to develop product updates and security patches. For example, we may use information about your device’s capabilities, such as available memory, to provide you a software update or security patch. Updates and patches are intended to maximize your experience with our products, help you protect the privacy and security of your data, provide new features, and ensure your device is ready to process such updates.
• Promotional communications. We use data we collect to deliver promotional communications. You can sign up for email subscriptions and choose whether you wish to receive promotional communications from MedicaMetrix by email, SMS, physical mail, and telephone.
• Relevant offers. MedicaMetrix uses data to provide you with relevant and valuable information regarding our products. We analyze data from a variety of sources to predict the information that will be most interesting and relevant to you and deliver such information to you in a variety of ways. For example, we may predict your interest in gaming and communicate with you about new games you may like.
• Advertising. MedicaMetrix does not use what you say in email, chat, video calls, or voice mail, or your documents, photos, or other personal files to target ads to you. We use data we collect through our interactions with you, through some of our products, and on third-party web properties, for advertising in our products and on third-party properties. We may use automated processes to help make advertising more relevant to you.
• Promotions and events. We use your data to administer promotions and events. For example, if you register for a workshop or event, we will add your name to the list of expected attendees.
• Transacting commerce. We use data to carry out your transactions with us. For example, we process payment information to provide customers with product subscriptions and use contact information to deliver goods purchased from MedicaMetrix.
• Reporting and business operations. We use data to analyze our operations and perform business intelligence. This enables us to make informed decisions and report on the performance of our business.
• Protecting rights and property. We use data to detect and prevent fraud, resolve disputes, enforce agreements, and protect our property. We may use automated processes to detect and prevent activities that violate our rights and the rights of others, such as fraud.
• Legal compliance. We process data to comply with law. We also process contact information and credentials to help customers exercise their data protection rights.
• Research. With appropriate technical and organizational measures to safeguard individuals’ rights and freedoms, we use data to conduct research, including for public interest and scientific purposes.

Reasons we share personal data

---

We share your personal data with your consent or as necessary to complete any transaction or provide any product you have requested or authorized. For example, we share your content with third parties, such as your physician, when you tell us to do so. If you use a MedicaMetrix product provided by an organization you are affiliated with, such as an employer or hospital, or use an email address provided by such organization to access MedicaMetrix products, we share certain data, such as interaction data and diagnostic data to enable your organization to manage the products. When you provide payment data to make a purchase, we will share payment data with banks and other entities that process payment transactions or provide other financial services, and for fraud prevention and credit risk reduction.

In addition, we share personal data among MedicaMetrix-controlled affiliates and subsidiaries. We also share personal data with vendors or agents working on our behalf for the purposes described in this statement. For example, companies we have hired to provide customer service support or assist in protecting and securing our systems and services may need access to personal data to provide those functions. In such cases, these companies must abide by our data privacy and security requirements and are not allowed to use personal data they receive from us for any other purpose. We may also disclose personal data as part of a corporate transaction such as a merger or sale of assets.

Finally, we will retain, access, transfer, disclose, and preserve personal data, including your content when we have a good faith belief that doing so is necessary to do any of the following:

• Comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies.
• Protect our customers, for example to help prevent the loss of life or serious injury of anyone.
• Operate and maintain the security of our products, including to prevent or stop an attack on our computer systems or networks.
• Protect the rights or property of MedicaMetrix, including enforcing the terms governing the use of the services—however, if we receive information indicating that someone is using our services to traffic in stolen intellectual or physical property of MedicaMetrix, we will not inspect a customer’s private content ourselves, but we may refer the matter to law enforcement.

Please note that some of our products include links to or otherwise enable you to access products of third parties whose privacy practices differ from those of MedicaMetrix. If you provide personal data to any of those products, your data is governed by their privacy policies.

How to access and control your personal data

---

You can also make choices about the collection and use of your data by MedicaMetrix. You can control your personal data that MedicaMetrix has obtained, and exercise your data protection rights, by contacting MedicaMetrix or using various tools we provide. In some cases, your ability to access or control your personal data will be limited, as required or permitted by applicable law. How you can access or control your personal data will also depend on which products you use.

If you want to access or control personal data processed by MedicaMetrix that is not available directly through the MedicaMetrix products you use, you can always contact MedicaMetrix at the address in the How to contact us section.

You can access and control your personal data that MedicaMetrix has obtained about you by contacting MedicaMetrix. For instance:

• If MedicaMetrix obtained your consent to use your personal data, you can withdraw that consent at any time.
• You can request access to, erasure of, and updates to your personal data.

You can also object to or restrict the use of your personal data by MedicaMetrix. For example, you can object at any time to our use of your personal data:

• For direct marketing purposes.
• Where we are performing a task in the public interest or pursuing our legitimate interests or those of a third party.

You may have these rights under applicable laws, including the EU General Data Protection Regulation (GDPR), but we offer them regardless of your location. In some cases, your ability to access or control your personal data will be limited, as required or permitted by applicable law.

If your organization, such as your doctor or hospital, provides you with access to and is administering your use of MedicaMetrix products, contact your organization to learn more about how to access and control your personal data.

You can access and control your personal data that MedicaMetrix has obtained, and exercise your data protection rights, using various tools we provide. The tools most useful to you will depend on our interactions with you and your use of our products. Here is a general list of tools we provide to help you control your personal data; specific products may provide additional controls.

• MedicaMetrix account. If you wish to access, edit, or remove the profile information and payment information in your MedicaMetrix account, change your password, add security information or close your account, you can do so by visiting the MedicaMetrix account.
• MedicaMetrix.com. You can access and update your profile on MedicaMetrix.com by visiting your MedicaMetrix account profile page.

Not all personal data processed by MedicaMetrix can be accessed or controlled via the tools above. If you want to access or control personal data processed by MedicaMetrix that is not available via the tools above or directly through the MedicaMetrix products you use, you can always contact MedicaMetrix at the address in the How to contact us section. We will respond to requests to control your personal data within 30 days.

Your communications preferences

You can choose whether you wish to receive promotional communications from MedicaMetrix by email, SMS, physical mail, and telephone. If you receive promotional email or SMS messages from us and would like to opt out, you can do so by following the directions in that message. If you do not have a personal MedicaMetrix account, you can manage your MedicaMetrix contact preferences by contacting MedicaMetrix. These choices do not apply to mandatory service communications that are part of certain MedicaMetrix products, programs, activities, or to surveys or other informational communications that have their own unsubscribe method.

Cookies and similar technologies

---

Cookies are small text files placed on your device to store data that can be recalled by a web server in the domain that placed the cookie. This data often consists of a string of numbers and letters that uniquely identifies your computer, but it can contain other information as well. Some cookies are placed by third parties acting on our behalf. We use cookies and similar technologies to store and honor your preferences and settings, enable you to sign-in, provide interest-based advertising, combat fraud, analyze how our products perform, and fulfill other legitimate purposes described below. MedicaMetrix apps use additional identifiers, such as the advertising ID in Windows, for similar purposes, and many of our websites and applications also contain web beacons or other similar technologies, as described below.

Our use of cookies and similar technologies

MedicaMetrix uses cookies and similar technologies for several purposes, depending on the context or product, including:

• Storing your preferences and settings. We use cookies to store your preferences and settings on your device, and to enhance your experiences. For example, if you enter your city or postal code to get local news or weather information on a MedicaMetrix website, depending on your settings, we store that data in a cookie so that you will see the relevant local information when you return to the site. Saving your preferences with cookies, such as your preferred language, prevents you from having to set your preferences repeatedly. If you opt out of interest-based advertising, we store your opt-out preference in a cookie on your device.
• Sign-in and authentication. We use cookies to authenticate you. When you sign in to a website using your personal MedicaMetrix account, we store a unique ID number, and the time you signed in, in an encrypted cookie on your device. This cookie allows you to move from page to page within the site without having to sign in again on each page. You can also save your sign-in information so you do not have to sign in each time you return to the site.
• Security. We use cookies to process information that helps us secure our products, as well as detect fraud and abuse.
• Storing information you provide to a website. We use cookies to remember information you shared. When you provide information to MedicaMetrix, such as when you add products to a shopping cart on MedicaMetrix websites, we store the data in a cookie for the purpose of remembering the information.
• Social media. Some of our websites include social media cookies, including those that enable users who are signed in to the social media service to share content via that service.
• Analytics. We use first- and third-party cookies and other identifiers to gather usage and performance data. For example, we use cookies to count the number of unique visitors to a web page or service and to develop other statistics about the operations of our products.
• Performance. MedicaMetrix uses cookies to understand and improve how our products perform. For example, we use cookies to gather data that helps with load balancing; this helps ensure that our websites remain up and running.

Some of the cookies we commonly use are listed below. This list is not exhaustive, but it is intended to illustrate the primary purposes for which we typically set cookies. If you visit one of our websites, the site will set some or all of the following cookies:

• MUID, MC1, and MSFPC. Identifies unique web browsers visiting MedicaMetrix sites. These cookies are used for advertising, site analytics, and other operational purposes.
• ANON. Contains the ANID, a unique identifier derived from your MedicaMetrix account, which is used for advertising, personalization, and operational purposes. It is also used to preserve your choice to opt out of interest-based advertising from MedicaMetrix if you have chosen to associate the opt-out with your MedicaMetrix account.
• CC. Contains a country code as determined from your IP address.
• PPAuth, MSPAuth, MSNRPSAuth, KievRPSAuth, WLSSC, MSPProf. Helps to authenticate you when you sign in with your MedicaMetrix account.
• MC0. Detects whether cookies are enabled in the browser.
• MS0. Identifies a specific session.
• NAP. Contains an encrypted version of your country, postal code, age, gender, language and occupation, if known, based on your MedicaMetrix account profile.
• MH. Appears on co-branded sites where MedicaMetrix is partnering with an advertiser. This cookie identifies the advertiser, so the right ad is selected.
• childinfo, kcdob, kcrelid, kcru, pcfm. Contains information that MedicaMetrix account uses within its pages in relation to child accounts.
• MR. Used to collect information for analytics purposes.
• x-ms-gateway-slice. Identifies a gateway for load balancing.
• TOptOut. Records your decision not to receive interest-based advertising delivered by MedicaMetrix.

In addition to the cookies MedicaMetrix sets when you visit our websites, third parties can also set cookies when you visit MedicaMetrix sites. For example:

• Companies we hire to provide services on our behalf, such as site analytics, place cookies when you visit our sites. See opt-out links below.

Certain features of MedicaMetrix products depend on cookies. If you choose to block cookies, you cannot sign in or use some of those features, and preferences that are dependent on cookies will be lost. If you choose to delete cookies, any settings and preferences controlled by those cookies are deleted and will need to be recreated.

Our use of web beacons and analytics services

Some MedicaMetrix webpages contain electronic tags known as web beacons that we use to help deliver cookies on our websites or count users who have visited those websites. We also include web beacons or similar technologies in our electronic communications to determine whether you open and act on them.

In addition to placing web beacons on our own websites, we sometimes work with other companies to place our web beacons on their websites or in their advertisements. This helps us to, for example, develop statistics on how often clicking on an advertisement on a MedicaMetrix website results in a purchase or other action on the advertiser’s website.

Finally, MedicaMetrix products often contain web beacons or similar technologies from third-party analytics providers, which help us compile aggregated statistics about the effectiveness of our promotional campaigns or other operations. These technologies enable the analytics providers to set or read their own cookies or other identifiers on your device, through which they can collect information about your online activities across applications, websites, or other products. However, we prohibit these analytics providers from using web beacons on our sites to collect or access information that directly identifies you (such as your name or email address). You can opt out of data collection or use by some of these analytics providers by clicking any of the following links: Adjust, AppsFlyer, Clicktale, Flurry Analytics, Google Analytics (requires you to install a browser add-on), Kissmetrics, Mixpanel, Nielsen, Acuity Ads, WebTrends or Optimizely.

MedicaMetrix account

---

Personal data associated with your MedicaMetrix account includes credentials, name and contact data, payment data, device and usage data, your contacts, information about your activities, and your interests and favorites. Signing into your MedicaMetrix account enables personalization and enables other features.

Other important privacy information

---

Below you will find additional privacy information, such as how we secure your data, where we process your data, and how long we retain your data.

Security of personal data

---

MedicaMetrix is committed to protecting the security of your personal data. We use a variety of security technologies and procedures to help protect your personal data from unauthorized access, use, or disclosure. For example, we store the personal data you provide on computer systems that have limited access and are in controlled facilities. When we transmit highly confidential data (such as a credit card number or password) over the internet, we protect it through the use of encryption. MedicaMetrix complies with applicable data protection laws, including applicable security breach notification laws.

Where we store and process personal data

---

Personal data collected by MedicaMetrix may be stored and processed in your region, in the United States, and in any other country where MedicaMetrix or its affiliates, subsidiaries, or service providers operate facilities. Typically, the primary storage location is in the customer’s region or in the United States, often with a backup to a data center in another region. The storage location(s) are chosen in order to operate efficiently, to improve performance, and to create redundancies in order to protect the data in the event of an outage or other problem. We take steps to ensure that the data we collect under this privacy statement is processed according to the provisions of this statement and the requirements of applicable law wherever the data is located.

We transfer personal data from the European Economic Area, the United Kingdom, and Switzerland to other countries, some of which have not yet been determined by the European Commission to have an adequate level of data protection. For example, their laws may not guarantee you the same rights, or there may not be a privacy supervisory authority there that is capable of addressing your complaints. When we engage in such transfers, we use a variety of legal mechanisms, including contracts, to help ensure your rights and protections travel with your data.

MedicaMetrix Corporation complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union, the United Kingdom, and Switzerland to the United States. MedicaMetrix Corporation has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If third-party agents process personal data on our behalf in a manner inconsistent with the principles of either Privacy Shield framework, we remain liable unless we prove we are not responsible for the event that gave rise to the damage. The controlled U.S. subsidiaries of MedicaMetrix Corporation, as identified in our self-certification submission, also adhere to the Privacy Shield Principles.

If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.

If you have a question or complaint related to participation by MedicaMetrix in the EU-U.S. or Swiss-U.S. Privacy Shield, we encourage you to contact us. For any complaints related to the Privacy Shield frameworks that MedicaMetrix cannot resolve directly, we have chosen to cooperate with the relevant EU Data Protection Authority, or a panel established by the European data protection authorities, for resolving disputes with EU individuals, and with the Swiss Federal Data Protection and Information Commissioner (FDPIC) for resolving disputes with Swiss individuals. Please contact us if you’d like us to direct you to your data protection authority contacts. As further explained in the Privacy Shield Principles, binding arbitration is available to address residual complaints not resolved by other means. MedicaMetrix is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).

Our retention of personal data

---

MedicaMetrix retains personal data for as long as necessary to provide the products and fulfill the transactions you have requested, or for other legitimate purposes such as complying with our legal obligations, resolving disputes, and enforcing our agreements. Because these needs can vary for different data types, the context of our interactions with you or your use of products, actual retention periods can vary significantly.

California Consumer Privacy Act

---

If you are a California resident, we process your personal data in accordance with the California Consumer Privacy Act (CCPA). This CCPA section of our Privacy Statement contains information required by the CCPA and supplements our Privacy Statement.

Sale. We do not sell your personal data. So, we do not offer an opt-out to the sale of personal data.

Rights. You have the right to request that we (i) disclose what personal data we collect, use, disclose, and sell and (ii) delete your personal data. You may make these requests yourself or through an authorized agent. If you use an authorized agent, we can provide your agent with guidance on how to exercise your CCPA rights.

If you have a MedicaMetrix account, you may contact MedicaMetrix at the address in the How to contact us section. If you do not have an account, you may exercise your rights by contacting us as described above. We may ask for additional information, such as your country of residence, email address, and phone number, to validate your request before honoring the request.

You have a right not to receive discriminatory treatment if you exercise your CCPA rights. We will not discriminate against you if you exercise your CCPA rights.

Personal Information Processing. In the bulleted list below, we outline the categories of personal data we collect, the sources of the personal data, our purposes of processing, and the categories of third-party recipients with whom we share the personal data. For a description of the data included in each category, please see the Personal data we collect section.

Categories of Personal Data

• Name and contact data
  • Sources of personal data: Interactions with users and partners with whom we offer co-branded services
  • Purposes of Processing (Collection and Sharing with Third Parties): Provide our products; respond to customer questions; help, secure, and troubleshoot; and marketing
  • Recipients: Service providers and user-directed entities
• Credentials
  • Sources of personal data: Interactions with users and organizations that represent users
  • Purposes of Processing (Collection and Sharing with Third Parties): Provide our products; authentication and account access; and help, secure and troubleshoot
  • Recipients: Service providers and user-directed entities
• Demographic data
  • Sources of personal data: Interactions with users and purchases from data brokers
  • Purposes of Processing (Collection and Sharing with Third Parties): Provide and personalize our products; product development; help, secure, and troubleshoot; and marketing
  • Recipients: Service providers and user-directed entities
• Payment data
  • Sources of personal data: Interactions with users and financial institutions
  • Purposes of Processing (Collection and Sharing with Third Parties): Transact commerce; process transactions; fulfill orders; help, secure, and troubleshoot; and detect and prevent fraud
  • Recipients: Service providers and user-directed entities
• Subscription and licensing data
  • Sources of personal data: Interactions with users and organizations that represent users
  • Purposes of Processing (Collection and Sharing with Third Parties): Provide, personalize, and activate our products; customer support; help, secure, and troubleshoot; and marketing
  • Recipients: Service providers and user-directed entities
• Interactions
  • Sources of personal data: Interactions with users including data MedicaMetrix generates through those interactions
  • Purposes of Processing (Collection and Sharing with Third Parties): Provide and personalize our products; product improvement; product development; marketing; and help, secure and troubleshoot
  • Recipients: Service providers and user-directed entities
• Content
  • Sources of personal data: Interactions with users and organizations that represent users
  • Purposes of Processing (Collection and Sharing with Third Parties): Provide our products; safety; and help, secure, and troubleshoot
  • Recipients: Service providers and user-directed entities
• Video or recordings
  • Sources of personal data: Interactions with users and publicly available sources
  • Purposes of Processing (Collection and Sharing with Third Parties): Provide our products; product improvement; product development; marketing; help, secure, and troubleshoot; and safety
  • Recipients: Service providers and user-directed entities
• Feedback and ratings
  • Sources of personal data: Interactions with users
  • Purposes of Processing (Collection and Sharing with Third Parties): Provide our products; product improvement; product development; customer support; and help, secure, and troubleshoot
  • Recipients: Service providers and user-directed entities

While the bulleted list above contains the primary sources and purposes of processing for each category of personal data, we also collect personal data from the sources listed in the Personal data we collect section, such as developers who create experiences through or for MedicaMetrix products. Similarly, we process all categories of personal data for the purposes described in the How we use personal data section, such as meeting our legal obligations, developing our workforce, and doing research.

Disclosures of personal data for business or commercial purposes. As indicated in the Reasons we share personal data section, we share personal data with third parties for various business and commercial purposes. The primary business and commercial purposes for which we share personal data are the purposes of processing listed in the table above. However, we share all categories of personal data for the business and commercial purposes in the Reasons we share personal data section.

Advertising

---

Advertising allows us to provide, support, and improve some of our products. MedicaMetrix does not use what you say in email, chat, video calls or voice mail, or your documents, photos, or other personal files to target ads to you. We use other data, detailed below, for advertising in our products and on third-party properties. For example:

• MedicaMetrix may use data we collect to select and deliver some of the ads you see on MedicaMetrix web properties, such as MedicaMetrix.com.
• We may share data we collect with partners, such as Facebook, so that the ads you see in our products and their products are more relevant and valuable to you.

The ads that you see may be selected based on data we process about you, such as your interests and favorites, your location, your transactions, how you use our products, your search queries, or the content you view. The ads that you see may also be selected based on other information learned about you over time using demographic data, location data, or search queries.

Further details regarding our advertising-related uses of data include:

• Health-related ad targeting. In the United States, we might provide personalized advertising based on a limited number of standard, non-sensitive health-related interest categories, including healthy eating, healthy heart, or men’s health.
• Children and advertising. We do not deliver personalized advertising to children whose birthdate in their MedicaMetrix account identifies them as under 16 years of age.
• Data retention. For personalized advertising, we retain data for no more than 13 months, unless we obtain your consent to retain the data longer.
• Data sharing. In some cases, we share with advertisers reports about the data we have collected on their sites or ads.

Data collected by other advertising companies. Advertisers sometimes include their own web beacons (or those of their other advertising partners) within their advertisements that we display, enabling them to set and read their own cookie. Additionally, MedicaMetrix partners with third-party ad companies to help provide some of our advertising services, and we also allow other third-party ad companies to display advertisements on our sites. These third parties may place cookies on your computer and collect data about your online activities across websites or online services. These companies currently include, but are not limited to: Facebook.

Collection of data from children

---

When a MedicaMetrix product collects age, and there is an age in your jurisdiction under which parental consent or authorization is required to use the product, the product will either block users under that age or will ask them to provide consent or authorization from a parent or guardian before they can use it. We will not knowingly ask children under that age to provide more data than is required to provide for the product.

Once parental consent or authorization is granted, the child’s account is treated much like any other account. The child can access services and can freely communicate and share data with other users of all ages.

Parents can change or revoke the consent choices previously made, and review, edit, or request the deletion of the personal data of children for whom they provided consent or authorization.

Changes to this privacy statement

---

We update this privacy statement when necessary to provide greater transparency or in response to:

• Feedback from customer, regulators, industry, or other stakeholders.
• Changes in our products.
• Changes in our data processing activities or policies.

When we post changes to this statement, we will revise the “last updated” date at the top of the statement and describe the changes on the Change history page. If there are material changes to the statement, such as a change to the purposes of processing of personal data that is not consistent with the purpose for which it was originally collected, we will notify you either by prominently posting a notice of such changes before they take effect or by directly sending you a notification. We encourage you to periodically review this privacy statement to learn how MedicaMetrix is protecting your information.

How to contact us

---

If you have a privacy concern, complaint, or question for the MedicaMetrix Chief Privacy Officer or EU Data Protection Officer, please contact us by mail. We will respond to questions or concerns within 30 days. You can also raise a concern or lodge a complaint with a data protection authority or other official with jurisdiction.

When MedicaMetrix is a controller, unless otherwise stated, MedicaMetrix Corporation and, for those in the European Economic Area, the United Kingdom, and Switzerland, MedicaMetrix Ireland Operations Limited are the data controllers for personal data we collect through the products subject to this statement. Our address is:

• MedicaMetrix Privacy, MedicaMetrix LLC, 600 Suffolk Street, Suite 220, Lowell, MA 01854, USA. Telephone: +1 (617) 297-7650.

---