Privacy Policy
Last revised: June 11, 2020
CTRL M HEALTH PLATFORM PRIVACY POLICY
Your privacy is important to us. As part of our efforts to facilitate and make your experience with the Ctrl M Health Platform which includes the Ctrl M Health App, Services and E-Commerce Shop (“Platform”) as user-friendly and enjoyable as possible, we may collect and use certain information you provide to us. This Privacy Policy addresses the collection, use, and disclosure of information that Ctrl M Health may gather during your use of the App, Services and E-Commerce Shop.
Please review the entire policy to learn the types of user information Ctrl M Health gathers, how Ctrl M Health uses that user information, what user information is disclosed and to what third parties, and how Ctrl M Health safeguards your user information.
Please also check back periodically as this Privacy Policy may change from time to time. We will notify you of any material changes by publishing the new Privacy Policy on or through the Platform The user information Ctrl M Health gathers is and will be subject to the Privacy Policy in effect at the time the information is gathered. Should you have any questions or concerns at any time, please feel free to contact us.
This Privacy Policy applies only to the Ctrl M Health Platform. This Privacy Policy does not apply to any websites, mobile applications, or online services managed, maintained, and/or hosted by third parties not directly affiliated with Ctrl M Health that you may visit, e.g., via a link provided through the Platform. We encourage you to learn more about the online privacy and data security policies of third party websites, mobile applications, and online services
directly from such third parties, as their policies may differ from ours.
By submitting your information to us and by using the Platform, Ctrl M Health will assume that you have read, understood, and consent to the Agreement and all other applicable Ctrl M Health rules and policies. We also assume that you consent to Ctrl M Health’s use of your information as described in the Agreement and this Privacy Policy. If you do not consent, you should not
access or use the Platform.
1. Information Ctrl M Health Collects
(a) Personal Information and Non-Identifying Information
We may ask you for personally identifiable information if, for example, you contact us requesting information. This refers to information about you that can be used to contact or identify you (“Personal Information”). Personal Information includes, but is not limited to, your full name, email address, shipping address, billing information, and any other information that could be used to personally identify you.
We also collect other information that you provide as part of registration and the administration and personalization of your account with us that does not identify you (“Non-Identifying Information”). Non-Identifying Information includes, but is not limited to, your zip code, gender, age range, employment status, student status, headache history, wellness goals, lifestyle information, educational foundation, health coach interactions, headache and other logs, location data, application usage, product survey information, order history, and individual preferences.
Certain Non-Identifying Information would be considered a part of your Personal Information if it were combined with other identifiers (for example, combining your zip code with your street address) in a way that enables you to be identified. But the same pieces of information are considered Non-Identifying Information when they are taken alone or combined only with other non-identifying information (for example, your gender only or your viewing preferences).
We use your Personal Information (in some cases, in conjunction with your Non-Identifying Information) mainly to provide the Platform, including to provide a personalized wellness plan, product recommendations, create and export personalized wellness reports for you, facilitate and complete transactions for you, and respond to correspondence from you.
We may also use your Personal Information to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. If you decide at any time that you no longer wish to receive such communications from us, please follow the unsubscribe instructions provided in any of the communications or update your account information.
We may also combine your Personal Information with Non-Identifying Information and aggregate it with information collected from other users to attempt to provide you with a better experience, to improve the quality and value of the Platform, and to analyze and understand how the Platform is used.
(b) Usage Data
When you visit the Platform, whether you are logged in or just browsing without logging in, our servers automatically record information that your browser sends whenever you visit a website. The information sent automatically by your browser is referred to as “Usage Data.” This Usage Data may include information such as the manufacturer and model of your device; your Internet Service Provider (ISP); your device’s Internet Protocol (“IP”) address (or other device identifier), browser type, and operating system; referring/exit pages; clickstream data; access times and dates, pages that you visit, the time spent on those pages, and information you search for on the Platform and other statistics.
Usage Data also includes geolocation data. The Platform collects and uses geolocation data for marketing, health coaching, and customer support.
We use this information for technical administration of the Platform, including to monitor and analyze use of the Platform, to increase the functionality and user-friendliness of the Platform, and to better tailor the Platform to users’ needs.
Usage Data may be non-identifying or it may be associated with you. Whenever we associate Usage Data with Personal Information, we will treat it as Personal Information.
2. Collection of Information
Ctrl M Health may use a number of different techniques and technologies to collect Personal Information, Non-Identifying Information, and Usage Data. For example, Ctrl M Health may use cookies, log files, clear gifs, pixel tags, embedded scripts, and/or other technology used to monitor your use of the Platform.
(a) Forms
We request certain information from you through the use of forms when you send us correspondence through the Platform.
(b) Cookies
As is regular practice on many websites, the Platform use cookies and other technologies to help us understand which parts of the Platform are more popular and how much time users spend there. A cookie is a small amount of data that is sent to and stored on your device from our server. Cookies may, for example, allow a user to enter a password less frequently or remember a user’s preferences during an online session.
The Platform uses cookies to determine whether a user is active, track user sessions for ease of access and analytics/marketing purposes, for third-party embedded video access, and for other business purposes.
The Platform may include first-party cookies (i.e., cookies that send data directly to Ctrl M Health and agents and contractors acting on behalf of Ctrl M Health, including cookies used to monitor, analyze, and administer the Platform) and third-party cookies (i.e., cookies that send data to our contractors for their commercial use) including from Google Analytics and Vimeo.
The cookies on our Platform may also track Internet activity across different websites.
Since cookies are now used as industry standard, most devices automatically accept cookies, but you can usually change your device’s settings to decline them. If you prefer not to enable cookies, you may choose to disable them; however, please note that certain features on the Platform will not be available to you once cookies are disabled.
(c) Usage Data
Usage Data are collected automatically by the Platform’s servers and software. For example, because the Platform automatically collect Usage Data for all users, your session will be tracked. You agree that we may collect and use technical data and related information, including technical information about your device, system and application software, and peripherals, to maintain and support the Platform generally.
Additionally, in some of our email messages, Ctrl M Health may use a “click-through URL” linked to content on the Platform. When a user clicks onto one of these URLs, the user will pass through our server before arriving at the destination Web page. Ctrl M Health tracks this click-through data to help us determine user interest in certain subject matter and measure the effectiveness of these user communications. You can avoid being tracked in this way by not clicking text or graphic links in emails from Ctrl M Health.
Finally, we may use clear gifs or pixel tags, which are tiny graphic images, in order: (i) to advise us of what parts of the Platform users have visited, (ii) to measure the effectiveness of any searches users perform, and (iii) to enable us to send emails in a format that users can read and tell us whether such emails have been opened in order to ensure us that we are sending messages that are of interest to users.
(d) Tracking
Some Web browsers may be configured to send Do Not Track signals to websites, or users may use similar mechanisms, to indicate a user’s preference that certain web technologies not be used to track the user’s online activity. The App does not accept or process such Do Not Track signals or similar mechanisms.
(e) Public Communications
Please note that if you use any bulletin board, chat room, comment posting feature, or other public communication service, forum, or feature offered through the Platform, or post any information available for viewing by other users, any of the information that you share will be visible to other users. The information that you make available can be read, used, and collected by other users to send you unsolicited messages outside of the Platform. Ctrl M Health is not responsible for the manner in which the Personal Information that you decide to share will be used by other users.
3. Use and Sharing of Information by Ctrl M Health
The user information that Ctrl M Health collects may be added to our databases and used for business purposes, including for marketing and promotional purposes, for a statistical analysis of users’ behavior, for product development, for educational improvement, for wellness management analytics, for content improvement, or to customize the content and layout of the Platform.
In addition, Ctrl M Health will, on occasion, send emails to you about the Platform or third-party products. If you do not want to receive email from us, visit the “Opt Out” or “Unsubscribe” link at the bottom of any Ctrl M Health email to remove yourself from continued receipt of such email messages. Ctrl M Health may send system emails connected with use of the Platform which do not have an unsubscribe feature.
Ctrl M Health’s policy is not to share the user information it collects with third parties other than as specified below, or where a user expressly consents to our sharing of certain information with a third party. We may share user information with third parties under the following circumstances:
(a) Business Partners and Vendors
We may employ third-party companies and individuals for any of the following: to facilitate the Platform; to provide the Platform or portions of the Platform on our behalf; to perform related services, including without limitation, maintenance services, database management, fulfillment, web analytics, and improvement of the features or functionality; or to assist us in analyzing how the Platform is being used.
Under certain circumstances, you may avoid having Ctrl M Health share your information with its business partners and vendors by not granting Ctrl M Health permission to share your information. Not granting Ctrl M Health permission to share your information with its business partners or vendors may limit your access to their services through the Platform.
(b) Promotions
From time to time, we may offer promotions through the Platform that require a separate registration. By participating in such a promotion, you agree to the official rules for the promotion, which may require that you provide certain information. Information collected in connection with a promotion will be used consistently with the promotion’s official rules and this Privacy Policy.
(c) Business Transfers
As we continue to develop our business, we may buy, sell, or share assets in connection with, for example, a merger, acquisition, reorganization, sale of assets, or bankruptcy. In such transactions, information about users generally is often a transferred business asset. In the event that Ctrl M Health itself or substantially all of Ctrl M Health’s assets are acquired, information about our users may be one of the transferred assets.
(d) Compliance with Law and Protection of Ctrl M Health and Others
We may release user information when we believe, in our sole discretion, that release is appropriate: to comply with the law, including but not limited to, in response to a subpoena served on Ctrl M Health; to enforce or apply the Agreement and other applicable agreements, rules, and policies; to protect the rights, property, or safety of Ctrl M Health, our users, or others; or to prevent activity that we believe, in our sole discretion, may be or may become illegal, unethical, or legally actionable (including exchanging user information with other companies and organizations for fraud protection).
(e) Aggregate User Information
We may release aggregate user information (without revealing any Personal Information about you) to advertisers and other third parties in order to promote or describe use of the Platform.
4. International Transfer
By accessing and using the Platform, you acknowledge and agree that Ctrl M Health controls and operates all parts of the Platform from its offices in the United States of America and that the Platform is intended for use by users located in the United States of America.
Unless expressly stated to the contrary, Ctrl M Health makes no representation that the Platform is appropriate or will be available for use in other locations.
If you access the Platform from outside the United States, you acknowledge and agree that your information may be transferred to and maintained on computers and servers located outside of your state, province, country, or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. Your consent to the Agreement followed by your submission of such information represents your agreement to the transfer of such information to the United States and the collection, use, and disclosure of your information in accordance with United States law and our Privacy Policy.
5. Changing or Deleting Your Information
All users who have created an account through the Platform may review, update, correct or delete the Personal Information in their registration profile by contacting us. If you completely delete all such information, then your account may become deactivated. We may retain an archived copy of your records as required by law or for legitimate business purposes.
6. Security
We employ administrative, physical, and electronic measures designed to protect your information from unauthorized access. For example, we use commercially reasonable security measures such as encryption and firewalls to protect user information.
Please note that no security system is impenetrable. Accordingly, we do not guarantee the security of our databases, nor that information you supply will not be intercepted while being transmitted to us over the Internet or other network. Any information you transmit to Ctrl M Health, you do at your own risk. We will make any legally required disclosures of any breach of the security, confidentiality, or integrity of your unencrypted electronically stored “personal data” (as defined in applicable state statutes on security breach notification) to you via email or conspicuous posting through the Platform in the most expedient time possible and without unreasonable delay, as consistent with (i) the legitimate needs of law enforcement or (ii) any measures necessary to determine the scope of the breach and restore the reasonable integrity of the data system.
7. Minimum Age Requirement & Privacy
We are committed to protecting the privacy of children. Users must be at least eighteen (18) years of age to access and use the Platform. Any access to or use of the Platform by anyone under the age of eighteen (18) is unauthorized, unlicensed, and in violation of the Agreement. By using the Platform, you represent and warrant that you are eighteen (18) years of age or older and that you agree to and agree to abide by all of the terms and conditions of the Agreement. If Ctrl M Health believes that you are under the age of eighteen (18) or that you are not old enough to consent to and be legally bound by the Agreement, Ctrl M Health may, at any time, in its sole discretion, and with or without notice: (i) terminate your access to or use of the Platform (or any portion, aspect, or feature of them), or (ii) delete any content or information that you have posted through the Platform.
8. Contacting Us
If you have any questions about this Privacy Policy, please contact us at:
Ctrl M Health, Inc.
The Curtis Center
601 Walnut Street, Suite 170W
Philadelphia, PA 19106
support@ctrlmwpprod.wpengine.com