Privacy Policy
Special Note to SkinCheck Users Interacting with our Contracted Clinical Care Providers: When you visit our website, mobile application, or inquire about or register for our Services, this Privacy Policy applies to the information we collect, use, and share identifying you and relating to your past, present, or future physical or mental health, treatment and services received, and payment for such treatment and services. If this information is collected, used, or shared as part of your treatment relationship with one of our contracted clinical care providers, this information may be considered protected health information (“PHI”) protected by the Health Insurance Portability and Accountability Act of 1996 (as amended) and the Health Information Technology for Economic and Clinical Health Act (collectively, “HIPAA”) and subject to such contracted clinical care providers’ privacy policies and HIPAA Notice of Privacy Practices describing how they use and disclose your PHI.
Special Note to Connecticut, Nevada, and Washington SkinCheck Users and Potential Users. For information on our processing of “consumer health data” subject to the Connecticut Data Privacy Act, as amended, Nevada Consumer Health Data Privacy Law, or Washington My Health My Data Act or, please see Annex A – Supplemental U.S. Consumer Health Data Privacy Notice.
Please carefully review this Privacy Policy and all privacy statements, policies, and notices of privacy practices applicable to you and your personal information. If you do not agree to our stated uses and disclosures, do not use our Services. This Privacy Policy may change from time to time and your continued use of the Services is deemed to be acceptance of those changes, so please check this Privacy Policy periodically for updates.
Introduction
Your privacy is important to Us. This Privacy Policy explains Our practices regarding the collection, use, processing, and disclosure of information that you may provide through the Sites, Services, Content or App.
Please be sure to read this entire Privacy Policy and the Terms of Use before using or submitting information to the Sites, Services, Content or App.
This Privacy Policy applies only to data collected through the Sites, Services, Content or App, and in email, text, and other electronic messages between you and the same. It does not apply to information collected by Us offline or through any other means (unless specifically indicated at collection), including on any other website operated by any third-party, or by any third-party, including through any application or content (including advertising) that may link to or be accessible from or on the Sites, Services, Content or App.
Children Under The Age Of 18
Your Acceptance of this Privacy Policy
Collection of Information
- That may identify you (“Personal Information”), including your first and last name, cell phone number, date of birth, gender, “consumer health data” (as defined in the Supplemental Consumer Health Data Privacy Statement);
- About your location, internet connection, the equipment you use to access Our Sites, Services, Content or the App, and usage details; and
- Any other data or information that you submit through the Sites, Services, Content or App.
- Directly from you when you provide it to Us.
- Automatically as you navigate through the Sites, Services, Content or App. Information collected automatically may include usage details, IP addresses, and information collected through cookies and other tracking technologies.
- From third parties, including our business partners.
Active Collection of Information
- Information that you provide by completing forms on Our Sites. This includes information provided at the time of registering to use Our Sites, posting material or sending messages, or requesting Services. We may also ask you for information when you report a problem with Our Sites.
- Records and copies of your correspondence (including email addresses) if you contact Us.
- Your search queries on the Sites.
- As part of the Services, we may make available a chatbot or other communication channels powered by artificial intelligence to communicate with Service users (“AI Chatbot”). If you communicate with us through a chat or other communication feature offered through our Services, we may monitor and retain those communications and store them with our AI Chatbot service provider.
Passive Collection of Information
- Details of your visits to Our Sites, including traffic data, location data, and other communication data and the resources that you access and use on the Sites.
- Information about your computer and internet connection, including your IP address, operating system, and browser type.
The information We collect automatically is only statistical data and does not include personal information. It helps Us to improve Our Sites and to deliver a better and more personalized service by enabling Us to:
- Estimate Our audience size and usage patterns.
- Store information about your preferences, allowing Us to customize Our Sites according to your individual interests.
- Speed up Your searches.
- Recognize You when You return to our Sites.
- Google Analytics. We use Google Analytics to track how you and others use certain Sites, Services, Content or the App in order to manage and improve them. Google Analytics collects information such as how often Users visit a Site, what pages they visit when they do so, and what other sites they used prior to coming to a Site. Google Analytics collects only the IP address assigned to you on the date you visit a Site, rather than your name or other identifying information. We do not combine the information collected through the use of Google Analytics with personally identifiable information. For information on how Google uses this information, and how you can control the usage of that information, please see https://policies.google.com/privacy?hl=en-US.
Security
We base our data protection and security internal policies on applicable law, and regularly validate the controls We have in place through annual assessments and audits. Although We continually take all the necessary steps to protect your information, We do not promise and you should not expect that your Personal Information or other communications will always remain private. To the fullest extent permitted by applicable law, we do not accept liability for unintentional disclosure. As required by applicable law, We will take the necessary actions to keep you informed of any relevant security incidents that may have compromised the privacy or security of your Personal Information.
International Users
How to Contact Us
Changes to This Privacy Policy
Use of Your Information
- to provide you with the Services you request, as provided in Our Terms of Use;
- to assist in managing Your account;
- to respond to Your questions, requests, and comments;
- to measure the interest in and improve the content of our Sites;
- to customize our Sites to match your preferences;
- to provide customer service, resolve disputes or solve problems;
- to improve our Services, conduct quality reviews, contact You about the Services available to You;
- to monitor the qualifications of HCPs (as defined in our Terms of Use);
- to enforce our Terms of Use;
- to comply with legal and/or regulatory obligations (e.g., reporting certain diseases to health authorities, protecting victims of abuse or neglect);
- as otherwise required or permitted by applicable law;
- for payment of our Services; and
- for other purposes specified in this Privacy Policy or described to you at the moment of collection of your Information.
Disclosure of Information
We may disclose your Personal Information in the following circumstances:
- To HCPs as you may direct Us to do so through the Sites;
- To third party vendors, suppliers, providers and partners that We use to support Our Services (e.g., internet service providers, hosting companies, technology suppliers, and companies that provide technical support), in which case We require such third parties to agree to process your information according to this Privacy Policy and the applicable law;
- To comply with any portability requests made by you;
- To comply with legal or regulatory obligations, as well as in response to subpoenas, court orders, or other legal process, to establish or exercise Our legal rights, to defend against legal claims, or as permitted or required by applicable laws or applicable government regulation; and/or
- As otherwise described in this Privacy Policy or at the moment of collection of your Personal Information.
- When you interact with an AI Chatbot, we and our service providers collect the information you communicate to us. If you communicate with us through an AI Chatbot feature, we may monitor and retain those chat communications and store them with our service providers. We may also use these communications to build and improve our machine learning and other artificial intelligence models. For example, we may share Personal Information and chat communications with service providers.
Choices About How We Use And Disclose Your Information
- Tracking Technologies and Advertising. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. To learn how you can manage your Flash cookie settings, visit the Flash player settings page on Adobe's website. If you disable or refuse cookies, please note that some parts of the Sites, Services, Content or App may then be inaccessible or not function properly.
- Information use by SkinCheck. If you do not wish to have your contact information used by SkinCheck to promote Our own or third-party products or services, you can opt-out by sending Us an email stating your request to contact@skincheck.health. If We have sent you a promotional email, you may send Us a return email asking to be omitted from future email distributions.
- We may send you push notifications through the App. You may opt out from receiving these push notifications by changing the settings on your mobile device. With your consent, we may also collect precise location-based information via the App. You may opt out of this collection by changing the settings on your mobile device. To request deletion of your account, please use the standard deletion functionality available via the Services or contact Us using the information set forth in “Making Requests to Opt Out of Targeted Advertising or the Sale of Personal Data” below.]
Access and Correction
If you delete your User Contributions from the Sites, Services, Content or App, copies of your User Contributions may remain viewable in cached and archived pages or might have been copied or stored by other Users. Access and use of information provided on the Sites, Services, Content or App, including User Contributions, is governed by Our Terms of Use.
Your Rights
Your California Privacy Rights
Your Texas Privacy Rights
- Right to Access: The right to know and see what “personal data” (as defined under Texas law) We have collected about You in a usable format
- Right to Delete: The right to request that We delete the personal data We have collected about You, subject to applicable legal exceptions.
- Right to Correct: The right to request that We correct inaccurate personal data.
- Right to Opt Out of Targeted Advertising and Sale of Personal Data: The right to “opt out” of “targeted advertising” and the “sale” of Your personal data (as defined under Texas law).
- Making Access, Deletion, and Correction Requests.
To make an access, deletion, or correction request, please contact Us at Contact@skincheck.health or call +1 (254) 400-5240. Before completing Your request,We may need to verify Your identity. We will send You a link to verify Your email address and may request additional documentation or information solely for the purpose of verifying Your identity. - Making Requests to Opt Out of Targeted Advertising or the Sale of Personal Data
To submit a request to “opt out” of “targeted advertising” or the “sale” of Your “personal data,” You may contact Us at Contact@skincheck.health or call +1 (254) 400-5240, oryou may choose to enable online, where available, a universal tool that automatically communicates Your opt-out preferences, such as the Global Privacy Control (“GPC”).We will process the GPC signal as a request to opt out. - Instructions for Using an Authorized Agent to Make Requests
You may use an authorized agent to submit an access, deletion, correction, or opt-out request on Your behalf. An authorized agent must have Your signed permission to submit a request on Your behalf or provide proof that they have power of attorney in accordance with applicable law. Before completing requests from authorized agents,We may contact You directly to confirm You’ve given your permission and/or to verifyYour identity. Authorized agents may submit requests to Contact@skincheck.health.
To appeal Our decision regarding a request related to these rights, You may email Us at Contact@skincheck.health.
Use of Cookies
We may use Our own cookies or third-party cookies. This means that companies and/or professionals may be hired to perform services based on the use of this information. Therefore, the suppliers themselves will need to install cookies on your device at the time you access the Sites, Services, Content or App. You are not required to accept the installation of cookies on your device, and you can, to do so, block them, review previously granted permissions or activate notifications when cookies are sent to your device. You may also reject/disable advertising and tracking cookies. If the use of these cookies is accepted, the data may be shared for advertising purposes with technology indexers.
Third-Party Use Of Cookies And Other Tracking Technologies
We do not control these third parties' tracking technologies or how they may be used. If you have any questions about an advertisement or other third-party service, you should contact the responsible provider directly.
Interpretation
SUPPLEMENTAL CONSUMER HEALTH DATA PRIVACY STATEMENT
This Supplemental Consumer Health Data Privacy Statement (“Consumer Health Data Privacy Statement”) supplements our Privacy Policy.
This Supplemental Consumer Health Data Privacy Statement only applies to personal information we process that is “consumer health data” subject to the Connecticut Data Privacy Act, as amended (“CTDPA”), Washington My Health My Data Act (“MHMDA”), Nevada’s Consumer Health Data Privacy Law (“NVCHDPL”), or other states with consumer health data privacy laws (as applicable).
Terms used in this Supplemental Consumer Health Data Privacy Statement that are defined in MHMDA, NVCHDPL, or CTDPA will have the meaning set forth in those laws to the extent such laws are applicable.
CONSUMER HEALTH DATA WE COLLECT
Under the MHMDA, “consumer health data” is defined as “personal information that is linked or reasonably linkable to a consumer and that identifies the consumer's past, present, or future physical or mental health status.”
Under NVCHDPL, “consumer health data” is defined as “personally identifiable information that is linked or reasonably capable of being linked to a consumer and that a regulated entity uses to identify the past, present or future health status of the consumer.”
Under CTDPA, “consumer health data” is defined as “any personal data that a controller uses to identify a consumer's physical or mental health condition or diagnosis, and includes, but is not limited to, gender-affirming health data and reproductive or sexual health data.”
Because consumer health data is defined very broadly, many of the categories of personal information that we collect under our Privacy Policy may also be considered consumer health data.
Examples of consumer health data that you may provide to us, or that we may otherwise collect, may include:
- Information that could identify your attempt to seek health care services or information, including services that allow you to assess, measure, improve, or learn about your or another person’s health. For example, we collect your search queries on the Sites, which may include queries or other information concerning nutrition, wellness, fitness, medical conditions, or other health-related topics.
- Information about your health-related conditions, symptoms, status, diagnoses, disease, testing, or treatments.
- Information about social, psychological, behavioral, and medical interventions.
- Information about use or purchase of prescribed medication.
- Information about measurements of bodily functions, vital signs, symptoms, or characteristics.
- Information about diagnoses or diagnostic testing, treatment, or medication.
- Information about surgeries or other health-related procedures.
- Reproductive or sexual health information.
- Information about gender-affirming care.
- Biometric information.
- Genetic data.
- Information about your access to healthcare, including precise location information that could reasonably indicate an attempt to acquire or receive health services or supplies; or
- Information processed to associate or identify an individual with the data listed above that is derived or extrapolated from non-health information.
- Information related to the precise (geo)location information of a consumer used to indicate an attempt by a consumer to receive health care services or products.
- Other information that may be used to infer or derive data related to the above or other consumer health data.
SOURCES OF CONSUMER HEALTH DATA
We collect consumer health data that you provide to us, consumer health data we collect automatically when you use the Sites, and consumer health data from third-party sources, as described in our Privacy Policy and below.
WHY WE COLLECT AND USE CONSUMER HEALTH DATA
We collect and use consumer health data for the purposes and in the manner described in the “Use of your Information” section of our Privacy Policy.
Primarily, we collect and use consumer health data as reasonably necessary to provide you with the products or Services you have requested or authorized. This may include delivering and operating the products or Services and their features, personalization of certain product or Sites features, ensuring the secure and reliable operation of the products or Services and the systems that support them, troubleshooting and improving the products and Services, and other essential business operations that support the provision of the products and Services (such as analyzing our performance and meeting our legal obligations).
We may also use consumer health data for other purposes for which we give you choices and/or obtain your consent as required by law.
SHARING OF CONSUMER HEALTH DATA
We may share each of the categories of consumer health data described above for the purposes described above and in the “Use of your Information” section of our Privacy Policy.
We only share or disclose your consumer health data as needed to provide you with the products or Services that you request, or with your explicit consent. We may share or disclose any or all the above categories of consumer health data to the following entities, who shall use the data only as permitted for the purposes set forth above, and within the bounds of our contracts with them:
These general categories of third parties:
- Business Collaborators
- Product co-promotion partners
- Product co-development partners
- Marketing and Advertising Agencies
- Social Media Companies and Platforms
- Service Providers (including those hosting or analyzing data on our behalf, those assisting with fraud prevention, those assisting in program administration, those assisting in incident management and reporting, those administering our call center and websites, and those who assist with our information technology and security programs)
- Emergency Personnel
- Authorized/legal representatives, family members, and caregivers
- Third parties (including those with whom SkinCheck has joint marketing and similar arrangements, those who provide marketing and data analytics services, those who provide program enrollment or product fulfillment, payment, and authorization, other third parties as necessary to complete transactions and provide products or Services, or where required by law)
- SkinCheck lawyers, auditors, and consultants
- Legal and regulatory bodies.
In addition, we may share or disclose consumer health data as permitted or required by law, such as (i) to an acquiring organization if we are involved in a sale or a transfer of our business, (ii) as needed to prevent, detect, protect against, or respond to security incidents, identity theft, fraud, harassment, malicious or deceptive activities, (iii) in situations that may involve violations of our terms of use or other rules, (iv) to protect our rights and the rights and safety of others, (v) as needed to support external auditing, compliance and corporate governance functions, (vi) as needed to preserve the integrity or security of our systems, or (vii) to investigate, report, or prosecute those responsible for any action that is illegal under applicable state or Federal law.
HOW TO EXERCISE YOUR RIGHTS
The CTDPA, MHMDA, and NVCHDPL provide consumers with certain rights with respect to consumer health data.
Under MHMDA, consumers have the right to: (i) confirm whether SkinCheck is collecting, sharing, or selling consumer health data and to access such data; (ii) withdraw consent from SkinCheck’s collection and sharing of consumer health data; and (iii) request that SkinCheck delete consumer health data.
Under NVCHDPL, consumers have the right to: (i) confirm whether SkinCheck is collecting, sharing or selling consumer health data; (ii) have SkinCheck provide the consumer with a list of all third parties with whom SkinCheck has shared consumer health data relating to the consumer or to whom SkinCheck has sold such consumer health data; (iii) request that SkinCheck cease collecting, sharing, or selling consumer health data relating to the consumer; and (iv) request that SkinCheck delete consumer health data.
Under CTDPA, SkinCheck is required to obtain consumer consent prior to selling or offering to sell, consumer health data. Consumers have the right to: (i) confirm whether SkinCheck is collecting or sharing consumer health data; (ii) have SkinCheck provide the categories of consumer health data that it shares with third parties and the categories of third parties with which it shares consumer health data; and (iii) withdraw consent from SkinCheck’s selling of consumer health data.
The rights afforded to consumers under CTDPA, MHMDA, and NVCHDPL are subject to certain exceptions.
Subject to certain legal limitations and exceptions, you have the following rights with respect to any consumer health data we may collect about you:
- The right to confirm whether we are collecting, sharing, or selling your consumer health data and to access such data, including to receive a list of affiliates or specific third parties with whom we have shared or sold your information, along with contact information such as an active email address for each third party;
- The right to review and request corrections to your consumer health data;
- The right to withdraw consent from our collection or sharing of your consumer health data; and
- The right to request that we delete your consumer health data.
you may submit a request pursuant to any of these rights by contacting us as described in “Making Access, Deletion, and Correction Requests.”
SkinCheck will not discriminate against you for exercising any of your rights. We will make reasonable efforts to respond promptly to your requests in accordance with applicable laws. Please allow 45 days for a response. We may, after receiving your request, require additional information from you to authenticate your request and verify your identity. Please be aware that we may be unable to afford these rights to you under certain circumstances, such as if we are legally prevented from doing so. If we deny your request, you have the right to appeal that denial by contacting us as described in “Making Access, Deletion, and Correction Requests.” We will process and respond to your appeal within the time permitted by applicable law.
If you are a Washington resident and your appeal is unsuccessful, you may file a complaint with the Washington State Attorney General at www.atg.wa.gov/file-complaint.
CHANGES TO OUR CONSUMER HEALTH DATA PRIVACY STATEMENT
We may update this Consumer Health Data Privacy Statement from time to time. When we do update it, for your convenience, we will make the updated statement available on this page. Our intention is to use consumer health data in accordance with the Consumer Health Data Privacy Statement in place at the time the consumer health data was collected.
CONSUMER HEALTH DATA AUTHORIZATION
This Consumer Health Data Privacy Authorization (“Authorization”) supplements SkinCheck, Inc.’s (“SkinCheck”, “we,” “us,” or “our”) Privacy Policy, Supplemental Consumer Health Data Privacy Statement, and the www.skincheck.health/us cookie banner and applies only to “consumer health data” subject to the Connecticut Data Privacy Act, as amended (“CTDPA”), Washington My Health My Data Act (“MHMDA”), Nevada Consumer Health Data Privacy Law (“NVCHDPL”), or other states with consumer health data privacy laws (as applicable).
Terms used in this Authorization defined in CTDPA, MHMDA, NVCHDPL, or other applicable state consumer health data privacy laws will have the meaning set forth in those laws to the extent such laws are applicable.
If you opt-in to “personalized marketing” through the www.skincheck.health/us cookie banner, you allow us to “sell” your consumer health data as described below:
- Specific consumer health data intended for “sale”: Consumer health data collected via cookies and similar technologies including but not limited to browsing activity on our website.
- Purpose of the “sale” of consumer health data: To tailor and deliver personalized advertisements to you.
- How consumer health data purchasers gather and use the data: Consumer health data purchasers will gather the data via cookies and other tracking technologies when you visit www.skincheck.healthus. These purchasers may use the data to assist us to deliver personalized advertisements to you and in accordance with their privacy policies linked below.
- Consumer health data purchasers’ contact information:
- Google: Privacy Policy
- Contact information for SkinCheck:
- Telephone: +1 (254) 400-5240
- Email: contact@skincheck.health
Please note:
- The provision of goods or services may not be conditioned upon you accepting the terms of this Authorization.
- Purchasers may redisclose the consumer health data sold under this authorization and such data may no longer be protected by the CTDPA, MHMDA, NVCHDPL, and/or applicable state consumer health data privacy laws.
- you may revoke this authorization at any time through the www.skincheck.health/us cookie banner. To do so, please be sure the box next to “Personalize marketing” is unchecked and click “Save my choices.” you may also click “Decline all” to decline our use of all cookies not required to operate our website.
- A revocation will not impact previously sold consumer health data. In addition, if you use different browsers or devices, you must indicate your choices on each browser/device used to access www.skincheck.health/us.
If you have any questions about how to revoke your authorization, please contact: contact@skincheck.health.