LAST UPDATED: August 11, 2024

Healthy.io (US), Inc. (together with its affiliates, “Healthy.io”) is a medical technology company that leverages smartphones and cloud services to help healthcare professionals improve patient care.

This Privacy Policy describes how Healthy.io collects, uses, or discloses personal information we receive through our mobile apps, website portal, and any related online services for the wound assessment and monitoring tool and services that we provide (as used herein, the “Services”).

More information on Healthy.io’s Minuteful™ for Wound services can be found on our website: healthy.io/services/wound.

This Privacy Policy does not apply to other Healthy.io websites or services.

Please read the Privacy Policy carefully before you start to use our Services. By using the Services, you agree to be bound and abide by our posted Terms of Use (“Terms”) and this Privacy Policy, which is incorporated by reference to the Terms. If you do not agree to both our Terms and Privacy Policy, or if you violate them in any way, your right to access or use the Services is terminated.

The decision to use the Services with any patient is entirely the healthcare Provider’s clinical decision. Used in this manner, it also constitutes part of the Clinician’s treatment of, and plan of care for, a patient. Therefore, by their use, Clinicians acknowledge and agree that a patient’s Consent to Treatment and receipt of a Notice of Privacy Practices, by their definition, encompass and include the Services provided by Healthy.io. It follows that any communications that may take place between a patient and the staff at Healthy.io, whether via telephone calls, SMS texting, or email, will take place solely as a result of Healthy.io providing its Services to the patient on behalf of the Clinician.

Clinician(s) shall bear the responsibility of informing patients who they determine will be receiving these Services that a necessary element of the Services will include: i) sharing of a patient’s PHI (solely for purposes of gathering and sending a wound scan to the Healthcare Provider for analysis) and ii) may include some communication with the staff at Healthy.io (solely for the purpose of confirming connectivity to a patient’s cell and to offer assistance in gathering wound scans to be used as part of the Service). After being informed of these two processes, the patient’s decision to proceed with use of the Services offered by their Healthcare Provider constitutes their acknowledgement and consent to the use of their contact information by Healthy.io.

NOTE TO MINUTEFUL™ FOR WOUND AT HOME MOBILE APPLICATION USERS: Your Healthcare Provider or Clinician will offer you the use of our Services as part of your on-going care or treatment. As part of our Services, your Healthcare Provider or Clinician will need to share some of your contact information so that we may connect to your cell phone. You will use your cell phone to gather a wound scan that your Healthcare Provider will interpret and use to gauge your on-going care. We will also use your contact information to offer you assistance in going through the wound scan gathering and sharing process. This is the only way in which we will use your contact information. In accepting the offer from your Healthcare Provider to use our Services, you are consenting to the sharing of your contact information with us, and to our using it to assist you in the process of taking, collecting, and sharing a wound scan with your Healthcare Provider. Because we are providing your Clinician with an additional method of providing care for you, our Services are part of your overall Consent to Treatment by your Healthcare Provider.

1. How We Collect Information

We may collect information about you by various means, including:

• Directly from you
• From the organization that has entered into a relationship with us (e.g., a healthcare provider).
• Through our Services, including by third-party services (e.g., usage analytics services)

2. Types of Information We Collect

Patients’ data:

• Contact information, including full name, and phone number (only relevant where the Minuteful™ for Wound at Home service is provided).
• Date of birth.
• Wound assessment data including scan or assessment date, scan images, scan calculations, and care plan prescribed by healthcare providers.
• Smartphone information, such as carrier, OS, device model, app version and IP address (only relevant where the Minuteful™ for Wound at Home service is provided).
• Survey information in response to questions we may send you through the Services, such as for research or feedback purposes (only relevant where the Minuteful™ for Wound at Home service is provided).
• Communications between you and us, such as via e-mail, mail, phone or other channels.

Healthcare providers’ data:

• Contact information, including full name and email address.
• Professional title and organization.
• Smartphone information, such as carrier, OS, device model, app version and IP address.
• Survey information in response to questions we may send you through the Services, such as for research or feedback purposes.
• Communications between you and us, such as via e-mail, mail, phone or other channels.

If you provide us with information regarding another individual, you represent that you have that person’s authorization and consent to give us his or her information and to permit us to use the information in accordance with this policy.

3. Online User Activity Analytics

We and our service providers may collect information about your use of our Services by such automated means, including but not limited to pixels, SDKs and other similar technologies. Such technologies can help us automatically identify you when you return to our web or mobile apps. When you use the Services, the information we may collect by automated means includes, for example:

• Usage details about your interaction with our Services (such as the date, time, and length of use, and frequency of the use).
• Device Information including the IP address and other details of a device that you use to connect with our Services (such device type and model and operating system information

4. How We Use Information We Collect

We may use the information we obtain about you for purposes allowed by applicable laws, including:

• Providing our Services, including to establish and maintain any account created for our Services.
• Operating, evaluating and improving the Services and to diagnose or fix technology problems
• Complying with and enforcing as needed applicable legal requirements, industry standards, our policies and our contractual rights.
• Subject to our contractual obligations, and in order to improve the Services. We may use anonymized information for internal testing, research, analysis, and product development and demonstration.
• Responding to your requests, questions and comments and providing customer support.
• Any other purposes with your consent

5. How We Share Your Information

We may share personal information with third parties in certain circumstances or for certain purposes, including:

• Our business purposes. Subject to our contractual obligations, we may share your personal information with our affiliates, vendors, service providers, and business partners, including our data hosting and data storage partners, analytics and advertising providers, technology services and support, and data security advisors. We may also share your Personal Information with our professional advisors, such as our auditors, law firms, and accounting firms.
• With your consent. We may share your personal information if you request or direct us to do so.
• Compliance with law. We may share your personal information to comply with applicable law or any obligations thereunder, including cooperation with law enforcement, judicial orders, and regulatory inquiries.
• Business Transfer. We may share your personal information to a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of a bankruptcy, liquidation, or similar proceeding, in which personal information held by us about our users are among the assets transferred.
• De-identified information. Subject to our contractual obligations, we may also disclose de-identified information, so that it cannot be reasonably used to identify any individual.
• To enforce our rights. We may share your personal information to enforce any applicable terms and conditions and Terms of Service, and to ensure the safety and security of our Services and our users

6. Links to Other Websites and Third-Party Content

Our Services may contain links to other websites or apps. Please be aware that we are not responsible for the content or privacy practices of such other websites or apps, and we encourage you to be aware when you leave our Services and to read the privacy statements of any other website or app that collects personal information.

7. Data Security

We endeavor to maintain reasonable administrative, technical and physical safeguards designed to protect the personal information we maintain against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use. However, we cannot ensure the security of any information you transmit to us, or guarantee that this information will not be accessed, disclosed, altered, or destroyed. We will make any legally required disclosures in the event of any compromise of personal information. To the extent the law allows us to provide such notification via e-mail or conspicuous posting on the Services, you agree to accept notice in that form.

8. Privacy Rights

Certain laws and regulations may provide you with additional rights regarding our use of personal information. Individual rights requests are the responsibility of the organization that has entered into a contractual relationship with us for the provision of the Services. Any individual rights requests that are made directly to Healthy.io will be reported to these organizations for them to process and confirm actions required to be taken by Healthy.io.

9. Children

We do not knowingly collect personal data from children under the age of 18 on our Services. If you have reason to believe that a child under the age of 18 has provided personal information to us through our Services, please contact us, and we will endeavor to delete that information from our systems. In the event that we learn that we have collected personal information from a child under age 18 without parental consent, we will endeavor to delete that information as quickly as possible. If you believe that we might have any information from or about a child under 18, please contact us as directed below.

10. Updates to Our Privacy Policy

We may update our Privacy Policy periodically to reflect changes in our privacy practices, laws, and best practices, by updating this posting. You are responsible for periodically accessing the Services and reviewing this Privacy Policy to check for any changes, so you are aware of any such revisions to which you are bound. Your continued use of the Services after revisions to this Privacy Policy shall constitute your agreement to the revised Privacy Policy.

11. Contacting Us

If you have any questions, concerns or comments about this Privacy Policy, our privacy practices, or if you would like us to update information or preferences you provided to us, please contact us by email at [email protected].

Copyright © 2024, Healthy.io Ltd. All rights reserved.