Frame Health Privacy Policy

Revised as of October 3, 2020

Privacy Summary

Frame Health respects the privacy of its users, and we understand the importance of the information you entrust to us. We have adopted the following policy to advise you of our use of your personal information online and your choices regarding that use. This policy describes what types of information we gather about you, how we use it, under what circumstances we disclose it to third parties, and your rights to update correct or delete it.

Scope of Policy

This policy applies to all Frame Health-branded services, applications and websites (which we refer to as the 'Services'). This policy does not apply to other companies' or organizations' web sites to which we link. You should carefully review the privacy policies of those web sites in order to determine how they treat your personal information. This privacy policy forms a part of your legal agreement with us, along with the Frame Health Terms of Use.

Changes to Privacy Policy

We reserve the right, to modify, add or delete provisions of this privacy policy at any time. When we make material changes to this privacy policy, we will inform you by either emailing you or posting a notice on the page from which you access this privacy policy. Revisions shall take effect as of the date of posting. We display the effective date of this privacy policy at the top of this page. Your use of any of our Services after the effective date of any such modification, means you accept and agree to be bound by the privacy policy, as modified. You should come back to this web page and review this privacy policy regularly so that you remain aware of the terms and conditions that apply to you.

HIPAA and HITEC Compliance

The Health Insurance Portability and Accountability Act governs "covered entities" and their "business associates." 'Covered entities' under HIPAA include health plans (insurance companies, HMOs, etc.); health care clearinghouses (entities that convert health information into or out of standard formats for billing or other purposes); and most health care providers (physicians, hospitals, etc.). 'Business associates' are entities that contract with covered entities to provide certain services that involve the use or disclosure of individually identifiable health information. Frame Health is not a covered entity under HIPAA, but, in some circumstances, we may act as a business associate. In such circumstances, our policy is to comply with the rules of the Department of Health and Human Services under both HIPAA and the Health Information Technology Act for Economic and Clinical Health Act that apply to business associates. These include rules relating to security of personal health information and rules requiring notification of security breaches of unsecured protected health information.

Information we may Collect

We collect information that can identify you ("personal information"):

We also may collect other types of information in the following ways when you or others use our Services and applications:

Children

Our Services are currently not intended for children under the age of 13 and we do not knowingly solicit or collect information from children under the age of 13. If you are a parent or guardian of a child under the age of 13 and believe he or she has provided personal information to us please notify us at privacy@FrameHealth.com. If you are 13 or older but still a minor in the state in which you reside (typically 18), you must obtain the consent of your parent or guardian before using our Sites. To the extent that we make our Services available for use by children under the age of 13 in the future, we will update our policies and procedures, including this privacy policy, to comply with applicable laws and regulations, including the Children's Online Privacy Protection Act of 1998.

How we may Use Information we Collect

We may use information to:

With whom we may Share Information we Collect

We will not share your personal information with others except as indicated in this policy, or except when we inform you in advance and give you the opportunity to opt out. We may share personal information with:

Communications from Frame Health

We may from time to time send you updates on new features, content, services and premiums available on our Services. We may also send you invitations or offers for new products and services from Frame Health, or special offers from our affiliates and sponsors. These communications are sent to you directly from Frame Health. We do not share your personally identifiable information with any third parties in connection with these communications.

Mandatory Communications

Frame Health reserves the right to communicate with you from time to time about important administrative, policy, legal, credit card, and billing matters, which will affect your use of our web sites, including without limitation any alleged violations of our Terms of Services. These communications are mandatory.

Your Choices

At any time, you can change choices you have previously made as to use of your personal information. You may choose:

Your California Privacy Rights

If you are a resident of California, in addition to the rights set forth above, you have the right to request information from us regarding the manner in which we share certain categories of personal information with third parties for their direct marketing purposes. California law gives you the right to send us a request at a designated address to receive the following information:

We may provide this information in a standardized format that is not specific to you. The designated email address for these requests is support@framehealth.com.

Security

We maintain a reasonable standard of security and try to limit information access to individuals who need to have access to perform their responsibilities associated with our Services. For example, we encrypt your Personal Information when it is stored in and transmitted by our systems. We host the personal information collected on our services on secured servers stored behind firewalls that are backed up regularly. Furthermore, we maintain a real-time intrusion detection system that identifies attempts at breaking or circumventing the security of our networks and systems. Despite these efforts, no system can ever be 100% secure. As a result, we cannot guarantee that the personal information stored on our servers will be free from unauthorized access. By using our Services you are agreeing to assume this risk and any and all responsibility and liability that may arise. In the event that we experience a data breach, our policy is to comply with all applicable state and federal laws that require mitigation, remediation and notification of security breaches.

Sale of our Business

In the event that Frame Health and/or its business units or subsidiaries are ever sold, acquired, merged, liquidated, reorganized, or otherwise transferred, we reserve the right to transfer our user databases together with any personally identifiable information contained therein, to a third-party acquiring our assets. In the event we do so, we will place a notice of the sale on the homepage of our site, with links to information as to how you can change your privacy preferences.

Changes to our Privacy Policy

We may occasionally update our privacy policy to reflect changes in our practices and services. If we make material changes in the way we collect, use, or share your personal information, we may notify you by sending you an email to the email address you most recently provided to us, and/or by updating this page. Updates posted to this page will take effect ten days after posting. Be sure to review our policy frequently for any updates.

How to Contact Us

If you have any questions about this privacy policy or our information practices, please contact us by email. support@framehealth.com.

© 2020 Frame Health, Inc. All rights reserved.