Privacy Statement And Policy

 

This Privacy Policy informs users of the Karrot Health Website and other Karrot Health controlled or operated websites (“Websites”) and other Karrot Health mobile applications (“Apps”) about how Karrot Health Inc., (“Karrot Health” or “we”) gathers and uses (i) personal information submitted to Karrot Health and (ii) aggregated information collected from the Websites, Apps and Karrot Health Services (as defined below). This Privacy Policy applies to the Websites and Apps and other Karrot Health owned websites, domains, services, applications and products (“Karrot Health Services”).

We may modify or amend this Privacy Policy from time to time. If we make material changes, as determined by us, in the way in which personal information is collected, used or transferred, we will notify you of these changes by email and by posting a modified version of this Privacy Policy on our website. Your continued use of Karrot Health Services ten days following any changes means that you accept those changes. Even when we make changes, however, personal information collected by us will be treated in accordance with the version of the Privacy Policy in effect at the time the personal information was collected, unless we obtain your consent otherwise.

 

Collection of Personal Information

Karrot Health collects and uses your personal information to manage and enhance your use and experience of the Websites and Apps and Karrot Health Services. KARROT HEALTH DOES NOT SHARE INFORMATION COLLECTED FROM YOU THAT COULD PERSONALLY IDENTIFY YOU (“Personally Identifiable Information”) WITH ANY THIRD PARTY UNLESS YOU SPECIFICALLY CONSENT TO SUCH SHARING. We may share information that we collect with third parties consistent with this Privacy Policy, but such information will be aggregated and/or modified so as not to enable the identification of any user.

 

Types of Information Collected

User Information. In addition to the above personal information, we collect standard information about Karrot Health users such as:

  • Personal data, including, birthdate, height and weight, and gender.

  • Email address and Karrot Health Password.

  • Any additional information relating to you and your use of the Websites, Apps or Karrot Health Services that you provide to use directly through the Websites, Apps or Karrot Health Services.

  • Calorie and exercise data collected from wearable devices and other sensor equipment.

  • Information collected from promotions with third party companies.

 

Supplemental Information.

Your information may also be supplemented with additional information from other sources, including publicly available sources.

 

Use of Personal Information

We will treat the information we collect as confidential. We will not share Personally Identifiable Information about you without your consent. We may share information collected from you that does not identify you or an individual with third parties, including advertisers and potential business partners.

We may also use or share data that does not identify a user to:

  • Fulfill the services and products you request from us;

  • Operate and improve the Websites, App and Karrot Health Services available to you through Karrot Health, including developing new features and products;

  • Communicate with you, respond to your requests, and manage our relationship;

  • Personalize the products and services provided to you;

  • Measure performance of the products and Karrot Health Services; and

  • Send you marketing notices including promotions of our products and services.

  • For internal purposes, which may require the transfer of such information to other Karrot Health affiliates for administrative purposes, for technical maintenance purposes, the marketing and promotion of products and services that might be of interest to you.

We may disclose your personal information when we reasonably believe that it is required by law, a duly authorized court order, or legal process and to protect and defend the rights and interests of Karrot Health, its affiliates, suppliers, or users. If we are required to disclose your information, we will attempt to provide you with advance notice, unless we are prohibited from doing so by law.

For data auditing purposes only, we disclose your personal information (name and work email) to your employer/insurance company that is providing you with Karrot Health’s services. Your employer/insurer will be able to see how many calories you have burned, and whether or not you reached the set calorie goal.

If your company chooses to add a competition, event, leaderboard, or other social component to their use of Karrot Health’s services, your coworkers may be able to see your activity. This information may contain your first name, last initial, and calories burned. This information may be in the aggregate based on groups, or individuals. For example, they will see “Team A is leading with 30,000 calories burned” or “Jane S. is in the lead with most calories burned this month”.

In the event Karrot Health goes through a business transition, such as a merger, being acquired by another company, or selling a portion of its assets, users' personal information and Data will, in most instances, be part of the assets transferred. We will require as a term of such transition that the entity acquiring users’ personal information and Personal Data treat such information in accordance with this Privacy Policy. 

In some circumstances we may use third party contractors to perform these services on our behalf. In such circumstances, we will only provide the contractor with the information needed to perform the services (for example, name and address if a contractor is delivering a product to you), and all contractors will be required to agree to confidentiality obligations with respect to your personal information.

 

Apple HealthKit

Notwithstanding the foregoing, Karrot Health will not use or disclose to third parties user data gathered from the Apple, Inc. Healthkit framework or Healthkit API for advertising or other use-based data mining purposes other than improving health, or for the purpose of health research. In no event will any information be collected from Healthkit users for use by third parties in compliance with this section without obtaining user consent.

 

Control of Personal information and Opt-Out Options

Karrot Health values the accuracy of the information you provide. You can confirm, change, or update personal information you have provided to us by contacting us directly at support@karrothealth.com.

If you want to opt-out of communications from Karrot Health, you can do so by emailing your request to support@karrothealth.com. If you change your mind, you can opt-in again, by emailing this same address. When you opt-out of promotional communications from us, you may still receive service messages and legally mandated notices.

 

Security of the Information We Collect

We take commercially reasonable precautions in an effort to protect your information against security breaches. For example, we store personal information and data in a secure server, and we use industry-standard firewalls and security software design to protect the security and integrity of your Personal Information. However, this is not a guarantee that your information may not be accessed, disclosed, altered, or destroyed. By using the Websites, Apps and Karrot Health, you acknowledge that you understand and agree to assume these risks.

 

Protection of Children's Privacy

Karrot Health is a general interest website, and we do not knowingly collect any personal information from children. If you are under 18, you are not permitted to use the Websites or App. Consistent with the Children's Online Privacy Protection Act (“COPPA”), the Websites and App are not intended for use by anyone under the age of 18 (COPPA's minimum protections are for minors 13 years of age or under). Karrot Health does not knowingly collect personal information from children through this Web Site or App.

 

Use of Cookies and Tracking Technology

Cookies. When you visit the Websites, a cookie may be saved on your computer (if your computer accepts cookies), and if you return to the Websites the cookie may be read. A “cookie,” is a small text file placed on the user's hard drive to track usage of the Websites and collect basic information, which may include certain of your preferences.

We use cookies to gain knowledge of Internet usage, improve content and advertisements, collect the site visitation data described above and in some cases to deliver specialized content. Cookies also help to prevent you from having to register or re-enter your information every time you visit the Web Site in a streamlined fashion. Some of our advertisers and partners occasionally use cookies as well. Karrot Health does not have any control over the cookies used by advertisers and partners.

If you would like to avoid cookies, your web browser may have an option that enables you to disable or not accept cookies. It should be noted, however, that should you disable or not accept cookies, portions of the Web Site may not properly function.

Web Beacons. We may also use web beacons, clear gif technology, or action tags as mechanisms to collect aggregate site visitation data by tracking how users navigate to and through our Websites. We may also use this technology to track the delivery of HTML email messages. Data collected through this mechanism is not linked to personal information. A web beacon is an electronic image and string of code that is imbedded in a web page or email which allows us to track web page views/hits or the opening of an email containing a beacon. We may use web beacon in conjunction with cookies to track web site activity on www.karrothealth.com. Web beacon tracking by Karrot Health does not identify the name or email address of the web user or mail recipient.

 

Mobile Analytics

In addition, Karrot Health or our partners may use analytics technology to track anonymous traffic data about use of the Apps. Such partners have the right to retain and use the anonymous traffic data collected by through the analytics service from users of the Websites or the Apps.

 

Links to Other Websites

Our Websites may contain links to other websites. Please be aware that we are not responsible for the privacy practices of these other sites, and we encourage you to review the policies of each site you use. We cannot control the actions of such third parties or be held responsible for their use of any information that you provide directly to them.

 

Legal Bases for Processing Your Information

We rely on the following legal grounds to process your personal information:

  • Performance of a contract – If you choose to make a purchase or receive money through the Websites or Apps, we need to collect and use your personal information to perform our agreement with you.

  • Consent – We may use or disclose some of your personal information as described in this Privacy Policy subject to your consent.

  • Legitimate interests – We may use your personal information for our legitimate interests to improve our products and services. Consistent with our legitimate interests and any choices that we offer or consents that may be required under applicable laws, we may use technical information as described in this Privacy Policy and use personal information for our marketing purposes.

Transfer and Processing of Data

For users within the United States, we process data in data centers located in the United States. We have adopted reasonable physical, technical, and organizational safeguards against accidental, unauthorized, or unlawful destruction, loss, alteration, disclosure, access, use, or processing of user data in our possession. We comply with state and federal laws governing the protection of personal information.

For users within the European Union, we transfer data from the European Union to data centers located in the United States for processing. The European Commission has determined that the law of the United States does not provide a level of protection adequate to satisfy the requirements of Regulation 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and free movement of such data, known as the General Data Protection Regulation (“GDPR”). As to users residing in the EU, however, we extend the rights provided for by the GDPR – as detailed below – including the imposition of required safeguards with respect to accidental, unauthorized or unlawful destruction, loss, alteration, disclosure, access, use or processing of data. Transfers of EU resident data from the EU to the United States from third parties (such as third party payment processors) are conducted in accordance with appropriate transfer mechanisms under the GDPR, principally contractual clauses approved by the European Commission.

If you are a resident of the EU, you have the right to:

  • request an accounting of all personal information that we possess that pertains to you in an electronically portable format (e.g., electronic copies of information attached to an email).

  • request that we change any personal information that pertains to you.

  • request that we delete any personal information that pertains to you.

  • fully or partially withdraw your consent to the collection, processing, and/or transfer of your personal information.

To request an accounting of your personal information, a change to your personal information, deletion of your personal information, or to withdraw your consent to the collection, processing, and/or transfer of your personal information, contact support@karrothealth.com. Once we have received notification that you withdraw your consent, we will no longer process your information for the purpose(s) to which you originally consented unless there are compelling legitimate grounds for further processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.

If you believe that we have misused your personal data, you also have a right to lodge a complaint with a national Data Protection Authority. Each European Union member nation has established its own Data Protection Authority; you can find out about the Data Protection Authority in your country here: http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm.

 

Data Retention and Deletion

We will only retain your personal information for as long as necessary to fulfill the purposes for which it was collected and processed, including for the purposes of satisfying any legal, regulatory, accounting or reporting requirements.

In some circumstances, we may anonymize your personal information so that it can no longer be associated with you, in which case it is no longer personal information.

It is our policy to retain personal information for 6 months once such personal information is no longer necessary to deliver the Website and Apps and to delete such personal information thereafter. This means that, if you close your account with us, we will delete personal information associated with your account after 6 months.

Regarding other types of information we collect as described in this policy, it is our policy to retain such personal information for 6 months and to delete such personal information thereafter.

 

DO NOT TRACK DISCLOSURE

Karrot Health does not track its customers over time and across third party websites to provide targeted advertising and therefore does not respond to Do Not Track (DNT) signals. However, some third party sites do keep track of your browsing activities when they serve you content, which enables them to tailor what they present to you. If you are visiting such sites, your browser may be able to set the DNT signal so that third parties (particularly advertisers) know you do not want to be tracked.

 

Contact Information

We welcome your input on our privacy statement. If you have any questions or suggestions regarding our privacy statement, please contact us at support@karrothealth.com.

 

Last Updated: 08/12/2018