This Consumer Health Data Privacy Policy supplements our Privacy Policy and is intended only for residents of Washington and Nevada. If similar laws apply in other jurisdictions, we will comply with those laws as well.
We do not intentionally collect "consumer health data," and we do not use data we collect to identify or make inferences about your past, present, or future physical or mental health status. Because "consumer health data" is defined so broadly in some jurisdictions, however, the information we may collect from or about you from time to time may be considered "consumer health data" under laws in those jurisdictions. Like other data we collect, the main reason we use this information is to provide our service to you and help you connect with other members. We also confirm that SMS opt-in/opt-out records, delivery logs, or transactional notifications are not used to infer health status, and are processed solely for account security, authentication, and user communications.
We may share consumer health data with the following categories of third parties when necessary for the purposes described above:
• Other users. You share information with other users when you voluntarily disclose information on the service for others to see (e.g., your public profile).
• Service providers. We share information with vendors who help us operate our service. They provide us services such as data hosting and maintenance, customer care, and security operations. We share consumer health data with service providers only to the extent reasonably necessary to perform services such as data hosting and maintenance, customer care, and security operations. Any SMS infrastructure vendors that support delivery of account-related notifications are contractually prohibited from using data for health-related purposes.
• Affiliates. We may share information with affiliates who assist us in data processing operations, as service providers. This assistance may include processing operations, such as data hosting and maintenance, customer care, data security and fighting against spam, abuse, fraud and other wrongdoings.
• Parties to a corporate transaction. We may disclose your information if we are involved, whether in whole or in part, in a merger, sale, acquisition, divestiture, restructuring, reorganization, dissolution, bankruptcy or other change of ownership or control. Any disclosure of consumer health data in connection with a corporate transaction will be subject to applicable law and limited to the minimum necessary for the transaction, with contractual obligations to maintain confidentiality.
• Law enforcement authorities / Legal Processes. We may disclose your data to: (i) comply with a legal process, such as a court order, subpoena or search warrant, government / law enforcement investigation or other legal requirements; (ii) assist in the prevention or detection of crime; (iii) protect the safety of any person; and (iv) establish, exercise or defend legal claims. Where disclosure involves SMS-related records, such disclosure will be limited to what is legally required and will not be used to draw health-related inferences.
You can exercise your privacy rights under applicable law by submitting a request to our customer care team here. We will verify your identity before processing your request and will respond within the timeframe required by applicable law.
For SMS consent or opt-out records, you may also request access, correction, or deletion as permitted under applicable Washington or Nevada consumer health data laws. Withdrawing SMS consent will not affect your ability to receive essential transactional communications (e.g., verification codes or fraud alerts).