LAST MODIFIED: SEPTEMBER 22, 2021
- Symptoms checker software applications made available by us for use on or through computers and mobile devices (the “Apps”);
- Our social media pages and apps (collectively, our “Social Media Pages”);
- Offline business interactions you have with us.
Collectively, we refer to the Websites, Apps, Social Media Pages, emails, and offline business interactions as the “Services.”
What Types of Information Do We Collect?
- Personal Information. We and our service providers may collect Personal Information in a variety of ways, including:
- When you use the symptoms checker, we collect “Personal Information,” which is information that identifies you as an individual or relates to an identifiable individual. This information may include your name, phone number, date of birth, gender, location, IP address, billing information (name, physical billing address, payment card information and transaction details), email address, and in some instances, a copy of your driver’s license or other state-issued identification for identity verification purposes.
- Other Information. We collect non-Personal Information, which is un-identified and non-identifiable, both about users who use K anonymously and about users who create an account. This information mainly consists of technical and aggregated usage information, such as browsing activities and browser information, app usage data, information collected through cookies, pixel tags and other technologies.
- Sponsor Organizations. If an organization, such as your or your partner’s, spouse’s, or parent/guardian’s employer, university, or health plan (“Sponsor Organization”) is paying for access to the Services on your behalf, in addition to the information described above, use of the Services through a Sponsor Organization may require you to provide additional registration information. This information is collected to confirm your eligibility with the Sponsor Organization. Further, your Sponsor Organization or the subscriber of your benefits will not be provided this information (you likely already gave them similar information in your employee file or similar record, unless you are a family member of an eligible employee). Information collected under these circumstances may include, but not be limited to, name, email address, date of birth and phone number. The information is required to confirm program or benefit eligibility, your special benefits and to prevent insurance and benefit fraud.
Collection of Personal Information
- Information we collect automatically: When you visit or use our app or website, we may gather, collect and record information about it. We do this ourselves or with the help of third-party services, including through the use of “cookies” and other tracking technologies, as further detailed below. This information may include your IP address (which may also be associated with your domain name or the domain name of your internet service provider), data relating to your use and navigation, unique identification numbers associated with your mobile device or our mobile application and your approximate geographical location.
- Information you direct us to receive, information we receive from third parties and social media: We may collaborate with third parties in connection with providing the Services and these third parties may provide us information about you. For example, if you direct us to receive information held in your electronic medical record, one of our partners may provide us with this information. Additionally, from time to time, we may receive information about you from other third parties (such as Apple’s HealthKit or Fitbit) if you have directed your information to be shared with us.
We need to collect such information in order to provide our services to you. If you do not provide the information requested, we may not be able to provide our services.
Use of Personal Information
We and our service providers use your Personal Information for the following purposes:
- Providing the functionality of the Services and fulfilling your requests.
- To provide the Services’ functionality to you, such as arranging access to your registered account, and providing you with customer service.
- To respond to your inquiries and fulfill your requests, when you contact us via one of our online contact forms or otherwise, for example, when you send us questions, suggestions, compliments or complaints, or when you request other information about our Services.
- To complete your transactions, verify your information, and provide you with related customer service.
- To send administrative information to you, such as changes to our terms, conditions, and policies.
- To allow you to send messages to another person through the Services if you choose to do so.
- Providing you with our information about new services and/or other marketing materials and facilitating social sharing.
- To send you marketing related emails, with information about our services, new products and other news about our company.
- To facilitate social sharing functionality that you choose to use.
- Analyzing Personal Information for providing the Services.
- We may use your Personal Information in order to improve our AI models, so that we are constantly improving the information we provide our users. When you are using K, you are not only learning from people like you, they are also learning from you and your experiences. Over the long term, this growing repository of health experiences and clinical decision-making will accelerate medical research and improve our understanding of human disease. The information we use to improve our machine learning algorithms and technology is always used in an anonymized way, and can never be traced back to you.
- Analyzing Personal Information for business reporting and providing personalized services.
- To analyze or predict our users’ preferences in order to prepare aggregated trend reports on how our digital content is used, so we can improve our Services.
- To better understand your interests and preferences, so that we can personalize our interactions with you and provide you with information and/or offers tailored to your interests.
- To better understand your preferences so that we can deliver content via our Services that we believe will be relevant and interesting to you.
- Aggregating and/or anonymizing Personal Information.
- We may aggregate and/or anonymize Personal Information so that it will no longer be considered Personal Information. We may use the information we collect in order to improve our AI models, so that we are constantly improving the information we provide our users. As described above, when you are using our Services, you are not only learning from people like you, but they are also learning from you and your experiences. Over the long term, this growing repository of health experiences and clinical decision-making will accelerate medical research and improve our understanding of human disease. The information we use to improve our machine learning algorithms and technology is always used in an aggregated and anonymized way and can never be traced back to you. We may use and disclose this information for any purpose, as it no longer identifies you or any other individual.
- Accomplishing our business purposes.
- For data analysis, for example, to improve the efficiency of our Services;
- For audits, to verify that our internal processes function as intended and to address legal, regulatory, or contractual requirements;
- For fraud prevention and fraud security monitoring purposes, for example, to detect and prevent cyberattacks or attempts to commit identity theft;
- For developing new products and services;
- For enhancing, improving, repairing, maintaining, or modifying our current products and services, as well as undertaking quality and safety assurance measures;
- For identifying usage trends, for example, understanding which parts of our Services are of most interest to users;
- For determining the effectiveness of our promotional campaigns, so that we can adapt our campaigns to the needs and interests of our users; and
- For operating and expanding our business activities, for example, understanding which parts of our Services are of most interest to our users so we can focus our energies on meeting our users’ interests.
Disclosure of Personal Information
We may share your Personal Information with third parties in the following manners and instances:
- Partners: We may share your data with other companies, such as companies with whom we jointly offer products and services.
- Third-Party Service Providers: We may share Personal Information with certain service providers, whose services and solutions complement, facilitate and enhance our own. These include hosting and server services, communications and content delivery networks (CDNs), data and cybersecurity services, billing and payment processing services, performance measurement services, data optimization and marketing services, content providers, and our legal and financial advisors. Such service providers may have access to Personal Information according to their particular roles and purposes.
- Our Affiliated Doctors, Mental Health Professionals, and Pharmacy: If you choose to use our telemedicine, tele-mental health, or pharmacy services (available only in certain areas), we will share Personal Information with our affiliated doctors, mental health professionals, and/or pharmacy, in order for them to provide you care or coordinate your treatment. If you opt to use our telemedicine, tele-mental health, or pharmacy services, our handling of your Personal Information will be governed by our affiliates’ joint Notice of Privacy Practices.
- Third Party Services: We also provide options within the Services where you can elect to receive additional services from a third party. For example, you may elect to have lab work conducted at one of our partners. We will share your information as needed so you can received these services. Your information will be treated in accordance with those third parties’ privacy policies and we are not responsible for their practices.
- Information You Share: K enables you to share your Personal Information with others, including healthcare providers, friends and contacts via social media, via our app or otherwise. Please use caution when sharing your Personal Information with others. The information you share will be shared according to your instructions and actions, and we have no control over what happens with your information once you share it with others.
Other Uses and Disclosures of Personal Information
We may also use and disclose your Personal Information as necessary or appropriate, in particular when we have a legal obligation to do so:
- Applicable Law. We may share Personal Information to comply with applicable law and regulations, which may include laws outside your country of residence.
- Transactions, Liquidation: We may share Personal Information with third parties in connection with a transaction, such as a merger, sale of company assets or shares, reorganization, financing, change of control or acquisition of all or a portion of our business, or in the event of a bankruptcy or related or similar proceedings.
- Public and Government Authorities, Law Enforcement: Where permitted or required by applicable data protection laws, we may disclose your Personal Information pursuant to a legal request, or in compliance with applicable laws, if we have good faith belief that the law requires us to do so, with or without notice to you.
- Protecting Rights and Safety: Where permitted or required by law, we may share your Personal Information with others if we believe in good faith that it will help protect the rights, property or personal safety of K, any of our users, or any member of the general public, with or without notice to you.
“Other Information” is any information that does not reveal your specific identity or does not directly relate to an identifiable individual. The Services collect Other Information such as:
- Browser and device information
- App usage data
- Information collected through cookies, pixel tags and other technologies
- Demographic information and other information provided by you that does not reveal your specific identity
- Information that has been aggregated in a manner such that it no longer reveals your specific identity
Collection of Other Information
We and our service providers may collect Other Information in a variety of ways, including:
- Your browser or device.
- Certain information is collected by most browsers or automatically through your device, such as your Media Access Control (MAC) address, computer type (Windows or Mac), screen resolution, operating system name and version, device manufacturer and model, language, Internet browser type and version and the name and version of the Services (such as the App) you are using. We use this information to ensure that the Services function properly.
- Your use of the App.
- When you download and use the App, we and our service providers may track and collect App usage data, such as the date and time the App on your device accesses our servers and what information and files have been downloaded to the App based on your device number.
- Pixel tags and other similar technologies.
- Pixel tags. Pixel tags (also known as web beacons and clear GIFs) may be used to, among other things, track the actions of users of the Services (including email recipients), measure the success of our marketing campaigns, and compile statistics about usage of the Services and response rates.
- Physical Location.
- We may collect the physical location of your device by, for example, using satellite, cell phone tower or WiFi signals. We may use your device’s physical location to provide you with personalized location-based services and content. In some instances, you may be permitted to allow or deny such uses and/or sharing of your device’s location.
Uses and Disclosures of Other Information
Your Choices Regarding Personal Information
Your choices regarding our use and disclosure of your Personal Information:
- Notifications. We may send you push notifications and similar forms of communication from us, which you can control within the Services. If you choose to use our chat-based virtual visit, you will receive notifications to your mobile device when your physician responds.
- Email and SMS Messaging. We may also use your email address or phone number to send you messages, such as changes to features of the Services and special offers. If you do not want to receive such notifications, you may opt-out or change your preferences by contacting our support team at email@example.com. Opting out may prevent you from receiving notification including notices regarding updates, improvements, or offers. You will not be able to opt-out from receiving service and payment-connected notifications from us.
- Marketing. We give you choices regarding our use and disclosure of your Personal Information for marketing purposes. You may opt out from:
- Receiving marketing-related emails from us. If you no longer want to receive marketing related emails from us on a going-forward basis, you may opt out by contacting us via the Contact Us information below.
We will try to comply with your request(s) as soon as reasonably practicable. Please note that if you opt out of receiving marketing related emails from us, we may still send you important administrative messages, from which you cannot opt out.
Access, Change, or Delete your Personal Information
If you would like to request to access, correct, update, suppress, restrict, or delete Personal Information, object to or opt out of the processing of Personal Information, or if you would like to request to receive a copy of your Personal Information for purposes of transmitting it to another company (to the extent these rights are provided to you by applicable law), you may contact us in accordance with the “Contact Us” section below. We will respond to your request consistent with applicable law. If you are a California resident, please refer to the “Information for California Residents” section at the end of this Policy for more information about the requests you may make under the CCPA.
In your request, please make clear what Personal Information you would like to have changed or whether you would like to have your Personal Information suppressed from our database. For your protection, we may only implement requests with respect to the Personal Information associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will try to comply with your request as soon as reasonably practicable.
Please note that we may need to retain certain information for recordkeeping purposes and/or to complete any transactions that you began prior to requesting a change or deletion (e.g., when you make a purchase, you may not be able to change or delete the Personal Information provided until after the completion of such purchase).
We use third-party advertising companies to serve advertisements regarding goods and services that may be of interest to you when you access and use the Services and other websites or online services.
In addition, we are not responsible for the information collection, use, disclosure, or security policies or practices of other organizations, such as Facebook, Apple, Google, Microsoft, RIM, or any other app developer, app provider, social media platform provider, operating system provider, wireless service provider, or device manufacturer, including with respect to any Personal Information you disclose to other organizations through or in connection with our app or website.
Third-Party Payment Service
We will keep your Personal Information for as long as your user account is active, in order to allow you to have access to your information and to provide you with our services.
We may continue to retain your Personal Information even after you deactivate your user account or stop using K, as reasonably necessary to comply with our legal obligations, to resolve disputes regarding our users, enforce our agreements or protect our legitimate interests, consistent with applicable law.
When your Personal Information is no longer required, we will ensure it is deleted.
We seek to use reasonable organizational, technical and administrative measures to protect Personal Information within our organization. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us in accordance with the “Contact Us” section below.
Information for California Residents
If you are a California resident, California Civil Code Section 1798.83 permits you to request information regarding the disclosure of your personal information by K Health to third parties for the third parties’ direct marketing purposes. To make such a request, please send an email to firstname.lastname@example.org or write to us using the mailing address provided in the “Contact Us” section below.
Currently, various browsers — including Internet Explorer, Firefox, and Safari — offer a “do not track” or “DNT” option that relies on a technology known as a DNT header, which sends a signal to Web sites’ visited by the user about the user’s browser DNT preference setting. We do not currently respond to browsers’ DNT signals with respect to sites we provide, in part, because no common industry standard for DNT has been adopted by industry groups, technology companies or regulators, including no consistent standard of interpreting user intent.
Pursuant to the California Consumer Privacy Act of 2018 (“CCPA”), we are providing the following additional details regarding the categories of Personal Information that we collect, use, and disclose about California residents.
- Collection and Disclosure of Personal Information
- The following chart includes: (1) the categories of Personal Information, as listed in the CCPA, that we plan to collect and have collected and disclosed within the preceding 12 months; and (2) the categories of third parties to which we disclosed Personal Information for our operational business purposes within the preceding 12 months. For a description of the third parties listed below, please see the “Disclosure of Personal Information” section above.
Categories of Personal Information Disclosed to Which Categories of Third Parties for Operational Business Purposes Identifiers, such as name, contact information, unique personal identifiers, IP address that can reasonably be linked or associated with a particular consumer or household online identifiers, and government-issued identifiers (e.g., Social Security number and driver’s license number) Affiliated doctors, mental health professionals, and pharmacy; third-party service providers; and joint partners. Personal information as defined in the California customer records law/strong>, such as name, contact information, signature; financial account number; insurance policy number; medical, insurance, financial, education and employment information; physical characteristics or description. Affiliated doctors, mental health professionals, and pharmacy; third-party service providers; and joint partners. Protected Class Information, such as characteristics of protected classifications under California or federal law, such as sex, age, gender, race, medical conditions, genetic information, sexual orientation, gender identity and expression, and marital status. Affiliated doctors, mental health professionals, and pharmacy. Commercial Information, such as transaction information and purchase history, including purchases considered. Affiliated doctors, mental health professionals, and pharmacy; third-party service providers; and joint partners. Internet or network activity information, such as browsing history, search history and interactions with our online properties or ads. Third-party service providers. Geolocation Data, such as device location and approximate location derived from IP address. Affiliated doctors, mental health professionals, and pharmacy; and third-party service providers.
Under the CCPA, if a business sells Personal Information, it must allow California residents to opt out of the sale of their Personal Information. However, we do not “sell” and have not “sold” Personal Information for purposes of the CCPA in the last 12 months. For example, and without limiting the foregoing, we do not sell the Personal Information of minors under 16 years of age.
- Sources of Personal Information
As described in the “Collection of Personal Information” section above, we collect this information from you and third parties.
- Use of Personal Information
As described in the “Use of Personal Information” section above, we may use this Personal Information to operate, manage, and maintain our business, to provide our products and services, to fulfill your requests, and to accomplish our business purposes and objectives, including, for example, to: develop, improve, repair, and maintain our products and services; personalize, advertise, and market our products and services; conduct research, analytics, and data analysis; create aggregated and/or anonymized data; maintain our facilities and infrastructure; undertake quality and safety assurance measures; conduct risk and security control and monitoring; detect and prevent fraud; perform identity verification; perform accounting, audit, and other internal functions, such as internal investigations; comply with law, legal process, and internal policies; maintain records; and exercise and defend legal claims.
If you are a California resident, you may make the following requests under the CCPA:
Request to Know
- You may request that we disclose to you the following information covering the 12 months preceding your request:
- The categories of Personal Information we collected about you and the categories of sources from which we collected such Personal Information;
- The specific pieces of Personal Information we collected about you;
- The business or commercial purpose for collecting (if applicable) Personal Information about you;
- The categories of Personal Information about you that we otherwise shared or disclosed, and the categories of third parties with whom we shared or to whom we disclosed such Personal Information (if applicable).
Request to Delete.
You may request that we delete Personal Information we collected from you. To make a Request to Know or a Request to Delete, please contact us in accordance with the “Contacting Us” section below. We will verify and respond to your request consistent with applicable law, taking into account the type and sensitivity of the Personal Information subject to the request. Note the following:
- We may require you to log into the servicers to make the request or request additional Personal Information from you, such as your K ID number, in order to verify your identity and protect against fraudulent requests.
- If you maintain a password-protected account with us, we may verify your identity through our existing authentication practices for your account and require you to re-authenticate yourself before disclosing or deleting your Personal Information.
- If you make a Request to Delete, we may ask you to confirm your request before we delete your Personal Information.
If you want to make a Request to Know or a Request to Delete as an authorized agent on behalf of a California resident, you may use the submission methods noted above. As part of our verification process, we may request that you provide, as applicable, proof concerning your status as an authorized agent, which also may include:
- Proof of your registration with the California Secretary of State to conduct business in California;
- Proof of a power of attorney from the resident pursuant to Probate Code sections 4121-4130.
If you are an authorized agent and have not provided us with a power of attorney from the resident pursuant to Probate Code sections 4121-4130, we may also require the resident to:
- Verify the resident’s own identity directly with us; or
- Directly confirm with us that the resident provided you permission to make the request.
You have the right to be free from unlawful discriminatory treatment for exercising your rights under the CCPA.