StayWell Privacy Policy

Welcome to The StayWell Company, LLC (sometimes referred to herein as “StayWell”, “us”, “our” or “we”) Web site (the “Site”). Protecting your privacy is important, and we’re committed to clearly explaining how we treat your personal information.

This This Privacy Policy (this “Privacy Policy”) explains how we collect, use, share, and protect your personal information or any other information concerning you, when you visit our Site. Please read this Privacy -Policy carefully and be aware that by accessing and using the Site, you agree that you have read this Privacy Policy and that you accept and consent to the privacy practices described. If you have questions or concerns about this Privacy Policy, please e-mail us at [email protected].

The Information We Collect and How We Collect It

We do not collect any of your personal information except as set forth in this Privacy Policy. The only way we collect personal information of visitors to our Site is if they choose to specifically provide their personal information to us (for example, if you request to receive more information about StayWell through our “Contact Us” form, you may choose to provide your name, mailing address, telephone number, e-mail address, or information about your business). While we use recognized industry safeguards to protect personal information from unauthorized access or use, the sharing and storing of data online has inherent risks, so please take care to share only information that you believe is appropriate.

Account Holders are users of the Site or Services (as defined in the Terms of Use) who choose to create an account by registering with the Site. Account Holders may create a username and password, and may provide information such as credit card information, name, mailing address, telephone number, e-mail address, or information about their business. We protect credit card holder information by complying with the Payment Card Industry (PCI) Data Security Standard (DSS). For more information about
PCI and DSS, see https://www.pcisecuritystandards.org/.

Information from Children

This Site is not designed or intended to attract children, and we do not collect or maintain information from individuals who we actually know are under the age of 13 years. If you are under 13, please do not attempt to register or send any information about yourself to us, including but not limited to your name, address, telephone number, or email address. No one under age 13 may provide any personal information to us. In the event that we learn that we have collected personal information from a child under age 13 without verification of parental consent, we will delete that information as quickly as possible. If you believe that we might have any information from or about a child under 13, please contact us at the address below.

Information We Collect through Cookies

We collect your information (such as your Internet Protocol address, and the software version and domain reported by your browser), by sending “cookies” to your computer. Cookies are used to track visitors as they use our Site. StayWell uses cookies to enhance your online experience, and to learn how you use our services so we can improve the quality of information and resources available on our site. Most Web browsers are set up to accept all cookies, but you can change this setting to disable cookies or to tell you when a Web site is sending you a cookie (although some of our features may not work if you disable them).

How We Use Your Information

We may use or aggregate your non-personal information with the non-personal information of our other users or other non-personal information collected offline. We may use some or all of this information to support our commercial activities such as for general statistical purposes, site tracking, or for any other purpose. Any personal information that we collect is used solely to provide services or products to you that you have requested or authorized, to respond to your questions, to provide better functionality to you, to help us manage our Site, and to comply with applicable law or valid legal process. We do not sell or share the information with any other entity for marketing purposes.

We Use Your Account Holder Information to:

• Send you information about your orders;
• Fulfill your orders;
• Process and collect your payments;
• Customize, analyze, adjust and improve our services and products to better meet your needs;
• Enforce our agreements with you;
• Provide you with important administrative information regarding our products and services, such as changes to this Privacy Policy and our Terms of Use, and other policies;
• Prevent fraud and other prohibited or illegal activities; and
• Comply with requests of law enforcement or data protection agencies.

Third Party Service Providers

We may employ other companies and individuals to perform functions on our behalf, such as but not limited to, as applicable, fulfilling orders, delivering packages, sending postal mail and e-mail, serving ads on our behalf, providing search results and links, processing credit card payments and other services to support our business. These third-party service providers may have access to Account Holder Information needed to perform their functions but may not use it for any other purpose.

Linked Sites

For your reference, our Site contains links to Web sites that are not operated by or affiliated with StayWell. Because these third-party Web sites are not under our control, we cannot be responsible for them, and this Privacy Policy does not apply to the privacy or security practices of those sites. Information you disclose once you access these other Web sites is not subject to this Privacy Policy.

California Privacy Rights

This section is provided pursuant to the California Consumer Privacy Act of 2018 (the “CCPA”). This section applies solely to Site visitors and Account Holders of our Site who are California residents as defined under the CCPA.

Information We Collect

Within the last twelve (12) months, we have or may have collected the following categories of information from our Site visitors and Account Holders: identifiers; personal information listed under Cal. Civ. Code § 1798.80(e); commercial information; internet or other similar network activity; geolocation data; professional or employment-related information; and inferences drawn from any of the information identified in this section.

Categories of Sources from Which Information is Collected

As described in the “The Information We Collect and How We Collect It” section above, we obtain the categories of personal information listed above from the following categories of sources: directly from you; and directly and indirectly through cookies and other technologies.

Using and Sharing of Personal Information

The personal information described in the categories above may be used for the business purposes listed in the “How We Use Your Information” section above.

We disclose your personal information for a business purpose to the following categories of third parties: (a) service providers and (b) third parties to whom you authorize or direct us to disclose your personal information in connection with our products and services. In the preceding twelve (12) months, we have disclosed the personal information described in the categories listed above for the business purposes listed in the “Third party Service Providers” section above. We may also share your personal information for any other purpose(s) disclosed to you at the time we collect your information or with your consent.

Personal Information “Sold” to Third Parties

In the preceding twelve (12) months, we have not sold your personal information to third parties.

We do not sell the personal information of Site visitors or Account Holders that we know are minors under 16 years of age without affirmative authorization as required under the CCPA.

Your Rights under the CCPA

As of January 1, 2020, California residents, as defined under the CCPA, may take advantage of the following rights:

• You may request, up to two (2) times each year, that we disclose to you, once we receive and confirm your verifiable consumer request: (1) categories and specific pieces of personal information that we have collected about you; (2) categories of sources from which your personal information is collected; (3) business or commercial purpose for collecting your personal information; (4) categories of personal information that we disclosed for a business purpose; (5) categories of personal information that we sold about you; (6) categories of third-parties with whom we have shared your personal information; and (7) business or commercial purpose for selling your personal information.
• Subject to certain exceptions and up to two (2) times each year, you may request that we delete any of your personal information that we collected from you. Once we receive and confirmed your verifiable consumer request for deletion, we will delete (and direct our service providers to delete) such personal information from our records, unless an exception applies.

To exercise the access and deletion rights described above, please contact us through the address or email listed under the “How to Contact Us” section below.

You will be asked to provide certain identifying information, such as your name, email, and residency. While processing your request, we may ask you to provide further verifying documentation. We will only use personal information provided in a request to verify the requestor’s identity or authority to make the request. Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child. If you are making a request through an authorized agent acting on your behalf, such authorized agent must provide proof of written authorization to do so, and you must verify your identity directly with us, unless such authorized agent provides proof of a power of attorney pursuant to Probate Code sections 4000 to 4465.

Non-Discrimination

We will not discriminate against you for exercising any of your rights under the CCPA. Accordingly, and unless permitted by the CCPA, we will not: deny you services; charge you different prices or rates for services; provide you a different level of service; or suggest that you may receive a different price or rate for services or a different level for services. We may charge a different price or rate or provide a different level of service if the difference is reasonably related to the value provided by your personal information.

Advertising and Marketing

StayWell does not accept any advertising of third parties on our Site nor do we receive income from marketing sponsors or advertisers. Any mention of a particular service is not an endorsement and is provided for solely for your convenience.

Note to Site Visitors and Account Holders Outside of the United States

StayWell and our technical infrastructure are located in the United States. The personal information that you provide to us is stored on servers located in the United States. If you are located in another jurisdiction, you should be aware that in order to provide the Services to you, we must transfer your personal information to the United States where it will be stored and processed in accordance with this Privacy Policy. We may transfer your information outside the United States to service providers with operations in other countries. We will take reasonable steps to protect your personal information. Note that the United States and other jurisdictions may not afford the same level of data protection as considered adequate in your own country and your personal information may be available to the United States government or its agencies under legal process made in the United States.

Additional Information for Visitors from the European Economic Area (EEA) and the UK

The EU General Data Protection Regulation and UK General Data Protection Regulation (together the “GDPR”) require certain information to be provided to data subjects located in the EEA and the UK, and grant them certain rights regarding their personal information. This section applies solely to the processing activities that are governed by the GDPR.

Data Controller and EEA Representative

StayWell is the controller of the personal information provided to, collected by or for, or processed in relation with, the Site and Services. StayWell has appointed Aptus Health International France SAS as its representative in the EEA. StayWell’s Data Protection Officer can be contacted at [email protected].

Legal Bases for Processing

When you use the Site, we collect, store, use and otherwise process your personal information as described in this Privacy Policy. We rely on a number of legal bases to process your information, including where necessary to perform a contract with you to deliver the Services that you have requested, or to take certain steps prior to entering into such contract. Additionally, we may also process your information based on our legitimate interest: (i) in keeping the Site safe and secure; (ii) in complying with a legal obligation such as a law, regulation, search warrant, subpoena, or court order, (iii) in exercising or defending legal claims; and (iv) where necessary to protect our vital interests or those of others. Lastly, we may also process your information when you have consented to such processing, particularly when you have consented to receiving certain content and advertising.

Where we rely on your consent to process your personal information, you have the right to decline consent or withdraw your consent at any time. Where we rely on our legitimate interests to process your personal information, you have the right to object.

Your Rights Under the GDPR

If you are a Site visitor or Account Holder in the EEA, you can: (i) access personal information we have about you (we will try to provide information within 30 days of your request); (ii) have your personal information corrected or deleted (in most cases you can correct personal information you have submitted to us through your account); (iii) in certain circumstances, you can object to our processing of your personal information and we will discontinue such processing unless we have compelling legitimate grounds to continue; (iv) withdraw consent previously provided (including, in limited circumstances, the right to ask us to stop processing your personal information, with some exceptions, by contacting us); or (v) if you believe that we have not complied with applicable data protection laws, you may lodge a complaint with your local supervisory authority. If you wish to inquire as to whether we maintain any of your personal information and if so, whether you wish to exercise any of those rights that are available to you with respect to such personal information, you may contact us as described in the “How to Contact Us” section below. We will respond to your request within a reasonable timeframe.

We will retain your personal information for as long as necessary to provide the Services to you and fulfill the purposes described in this Privacy Policy. This is also the case for third parties within whom we share your information to perform services on our behalf. When we no longer need to use your personal information and there is no need for us to keep it to comply with our legal or regulatory obligations, we will either remove it from our systems or anonymize it.

Transfers Outside the EEA and the UK

We are located in the United States. Accordingly, as the controller, we process your personal information in the United States. We may also transfer your personal information outside the United States to service providers with operations in other countries. For more information, please refer to the “Note to Site Visitors and Account Holders Outside of the United States” section above.

Automated Decision Making

We do not make automated decisions that create legal effects or otherwise significantly affect you.

Changes to this Privacy Policy

From time to time, we may change this Privacy Policy and our privacy practices because of changes in legal or regulatory requirements, in our business practices, in our attempts to better meet your needs, or for any other reason. We reserve the right to revise this Privacy Policy in our sole discretion. When we do, we will post a revised privacy policy on this Site. Any changes will be effective immediately upon posting. You are responsible for checking the privacy policy for these changes.

How to Contact Us

Should you have questions or concerns about this Privacy Policy or any other matter pertaining to our privacy practices, please contact us at: [email protected] or at 866-788-3907.

or

The StayWell Company, LLC
800 Township Line Rd, Suite 100
Yardley, PA 19067
Attn: Legal Department

Copyright © 2020. The StayWell Company, LLC. StayWell is a registered trademark of The StayWell Company, LLC or its affiliates.

Revised May 14, 2021