Last updated: August 21, 2019
Overlap Health, Inc. (“Overlap,” “us,” “we,” or “our”) respects the privacy of your information. This Privacy
Statement (“Privacy Statement”) informs you of our privacy policies and practices with respect to information that
we may collect or come into possession of as a result of your or our business customers’ use of our website
(https://www.overlaphealth.com, our “Site”), mobile applications, web applications or services (collectively,
“Services”).
We will not use or share your information with anyone except as described in this Privacy Statement.
The goal of this Privacy Statement is to enable you to make informed choices regarding disclosing your information to
us in connection with visiting our Site or using our Services. This Privacy Statement explains:
- What information we collect from and about you or your business when you visit our websites and/or use our
products and services; - How we use and share the information we collect;
- How you can access, correct and request that we delete the information we maintain about you;
- The choices we offer you in how we use and disclose your information, and how to exercise those choices;
- How we safeguard the information; and
- How you can ask questions about our privacy practices and seek resolution of your concerns regarding our
handling of your personal information.
Information Collection and Use
While using our Services, you may be asked to provide us with certain personally identifiable information (“PII”).
PII means information that can identify or locate you such as your contact information (like your name, address,
telephone number, e-mail address, and other similar information).
We may also collect or receive the following information:
- Information about your application usage (e.g., how long an application is used or which features you use);
- location data including location change data;
- sensed and/or self-reported mobile health data;
- mobile health information from third-parties, such as steps from your phone or sleep data from a wearable such
as a Fitbit; - self-reported mobile health data, like mood or anxiety surveys; and
- medical record data, such as medication lists or readings.
Device Data. Data collected from devices varies depending on which device you use and can include data
to estimate a variety of metrics like the number of steps you take, distance travelled, calories burned,
weight, heart rate, active minutes and location.Location Data. The Services may include features that use precise location data, including GPS
signals, device sensors, Wi-Fi access points, and cell tower IDs. We only collect this type of data if you
grant us access to your location. You can always remove our access using your wearable device or mobile
device settings. We may also derive your approximate location from your IP address.Health and Other Special Categories of Personal Data. To the extent that information we collect or are
provided is health data or another special category of personal data, we ask for your explicit consent to
process the data. We obtain this consent separately when you take actions leading to our obtaining the data.
There are methods to withdraw your consent at any time which may include by stopping use of a feature,
removing our access by removing the third-party service using our Services, unpairing your device, or
deleting your data or your account.
We collect this information only as necessary for the purpose of providing the applicable Services which you have
accessed and/or have agreed to use through customers of ours which use our Services, identifying and communicating
with you, responding to your requests/inquiries directly or indirectly through our partners (e.g., your clinician
and/or health care providers), and improving our Services, and for other general business purposes, such as website
management, marketing, advertising, research and development.
Our customers (e.g., your clinician and/or health care providers) who provide information to us for use as part of
our Services may have their own privacy practices and privacy notices. Overlap is not responsible for those third
parties’ privacy practices and we encourage you to review such policies.
Finally, we may preserve or disclose information about you to comply with a law, regulation, legal process, or
governmental request; to assert legal rights or defend against legal claims; or to prevent, detect, or investigate
illegal activity, fraud, abuse, violations of applicable terms, or threats to the security of the Services or the
physical safety of any person.
Aggregated Data. We may share non-personal information that is aggregated or de-identified so that it cannot
reasonably be used to identify an individual. We may disclose such information publicly and to third parties, for
example, to customers under agreement with us.
We also reserve the right to transfer personal information we have about you in the event we sell, merge or transfer
all or a portion of our business or assets. In such event, we will require any such buyer to agree to treat PII in
accordance with this Privacy Statement.
Cookies and Log Data
In addition, when you visit our Site, we may collect certain information by automated means, such as cookies and web
beacons. A “cookie” is a text file that websites send to a visitor’s computer or other Internet-connected device to
uniquely identify the visitor’s browser or to store information or settings in the browser. A “web beacon,” also
known as an Internet tag, pixel tag or clear GIF, is used to transmit information back to a web server. We also may
use third-party website analytics tools (such as Google Analytics) that collect information about visitor traffic on
our sites. The information we may collect by automated means includes:
- Information about the devices our visitors use to access the Internet (such as the IP address and the type of
the device, its operating system type and web browser); - URLs that refer visitors to our sites, including whether you visited the website directly or were referred from
another website or link; - Dates, times and duration of visits to our sites (including whether you are a repeat or first time visitor);
and - Information on actions taken on our sites (such as page views and site navigation patterns, the pages, icons and
other parts of the website on which you click or which you access during your visit).
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. The Help feature on
most browsers provide information on how to accept cookies, disable cookies or to notify you when receiving a new
cookie.
Do Not Track Disclosure
Overlap does not track its customers over time and across third party websites to provide targeted advertising and
therefore does not respond to Do Not Track (“DNT”) signals. However, some third party sites do keep track of your
browsing activities when they serve you content, which enables them to tailor what they present to you. You should
check those third parties’ policies with respect to DNT.
Service Providers
We may employ third party companies and individuals to facilitate our Services, to provide the Service on our behalf,
to perform Service-related services and/or to assist us in analyzing how our Services are used.
These third parties have access to your Personal Information only as necessary perform specific tasks on our behalf
and are obligated not to disclose or use your information for any other purpose.
Communications
We may use your PII to contact you with newsletters, marketing or promotional materials and other information that
may be of interest to you. You may opt out of receiving any, or all, of these communications from us by following
the unsubscribe link or instructions provided in any email we send.
Security
The security of your Personal Information is important to us, and we strive to implement and maintain reasonable,
commercially acceptable security procedures and practices appropriate to the nature of the information we store in
order to protect it from unauthorized access, destruction, use, modification, or disclosure. We use commercially
reasonable efforts to safeguard the confidentiality of your personal information, including the use of encryption,
firewalls and Secure Socket Layers. To help safeguard personal information against loss and unauthorized access, we
employ many different security techniques, including, for example, regulating the physical and virtual access to our
databases, servers, back-ups, encryption keys or other network and security-related infrastructure components. In
addition, we encrypt certain information in storage.
However, please be aware that no method of transmission over the Internet, or method of electronic storage is 100%
secure and there is no guarantee as to the absolute security of the information we have collected from you.
International Transfer
Your information, including Personal Information, may be transferred to — and maintained on — computers located
outside of your state, province, country or other governmental jurisdiction where the data protection laws may
differ than those from your jurisdiction.
If you are located outside United States and choose to provide information to us, please note that we transfer the
information, including Personal Information, to United States and process it there.
Your submission of such information represents your agreement to that transfer.
Links To Other Sites
Our Service may contain links to other sites that are not operated by us. If you click on a third party link, you
will be directed to that third party’s site. We strongly advise you to review the Privacy Statement of every site
you visit.
We have no control over, and assume no responsibility for the content, privacy policies or practices of any third
party sites or services.
Children’s Privacy
Only persons age 13 or older have permission to access our Service. Our Services do not address anyone under the age
of 13 (“Child” or “Children”).
We do not knowingly collect personally identifiable information from Children. If you are a parent or guardian and
you learn that your Child has provided us with Personal Information, please contact us. If we become aware that we
have collected Personal Information from a Child without verification of parental consent, we take steps to remove
that information from our servers.
Changes to this Privacy Statement
This Privacy Statement may be updated periodically and without prior notice to you to reflect changes in our personal
information practices. You should check this Privacy Statement periodically. We will post a prominent notice on our
Site to notify you of any significant changes to our Privacy Statement and indicate at either the top or bottom of
the notice when it was most recently updated. Your continued use of the Services after we post any modifications to
the Privacy Statement on this page will constitute your acknowledgment of the modifications and your consent to
abide and be bound by the modified Privacy Statement.
Contact Us
If you have any questions about this Privacy Statement or if you would like us to update the information we have
about you or your preferences, please contact us by email at privacy@overlaphealth.com.