Last Updated: 13/11/2023
We at Sunrise United States, Inc. (“Us” or “We” or “Our” or “Company”) value your privacy and are committed to keeping your personal data confidential. We use your data solely in the context of providing a telehealth platform (the “Platform”), associated connected equipment and devices (the “Products”), and Website (the “Site(s)”) (collectively, the Platform, the Site(s), and the Products including all relevant content and functionality associated, are collectively referred to as the “Services”) through which you can access Company’s affiliated network of sleep medicine specialists. As part of the Services, we may collect and process personally identifiable information, including Protected Health Information (as this term is defined under the Health Insurance Portability and Accountability Act (“HIPAA”).
👉 Account: The account opened by a User for the purpose of using the Services.
👉 Connected Equipment: Any Product connected to the internet network, mobile application, website, or web application allowing to carry out Data Processing.
👉 Data: Data collected from Users, including, but not limited to, any personally identifiable information and Protected Health Information. Data may include first and last name, physical address, e-mail address, telephone number, Social Security Number, or any other identifier that permits the physical or online contact of that User.
👉 Data Processing: Any operation or set of operations relating to Data, such as collection, storage, or use.
👉 Protected Health Information: This term has the meaning set forth in the Health Insurance Portability and Accountability Act and its implementing regulations.
👉 Partners: Company’s business contacts, customers, providers, and suppliers.
👉 Product(s): All medical equipment and devices, accessories, and software made available by the Company.
👉 Services: This term refers collectively to the Platform, the Site(s), and the Products, including all relevant content and functionality associated with.
👉 Site(s): Any website published and/or hosted by or on behalf of the Company.
👉 User: Any person of legal age accessing theServices.
Privacy notice applicability
For additional information related to how we use and disclose your Data, please contact our Data Privacy Officer at firstname.lastname@example.org.
Agreement To Privacy Notice Terms
By accessing and/or using the services and sites, you are acknowledging that you have read and agree to the terms of this privacy notice ⚠️. If you do not agree, you must immediately cease using the services and sites.
Your withdrawal of consent or your objection to the processing of your Data that is necessary for the performance of Our Services, will result in the termination of Data, and subsequently, will result in the termination of your ability to use Our Services. The termination of Our Services will result in the return of Our Products and/or the cessation of the use of the Products, including the cessation of use of Our mobile applications, Platform and Sites.
Pursuant to applicable law, any Processing of Data carried out prior to your objection or withdrawal of consent to such Data Processing, remains lawful. Data that has been collected and processed prior to your objection or withdrawal of consent will be retained for a specific and specified period of time. In addition to the right to object or withdraw consent, you may exercise your rights with respect to the Data processed prior to such objection or withdrawal of consent, as described above.
Legal basis for data processing
Consent: Where required by law, We will ask for your prior consent before processing or disclosing your Personal Health Information.
Legitimate Interest: We may process Data on the basis of its legitimate business interests for the purposes of marketing Services a, providing customer service, and/or improving Services .
Legal Obligation: We must process certain Data to comply with legal obligations, which may vary in each country.
Purposes of data processing
If we provide you with Product, we will, with your consent, carry out the following Data Processing functions:
The collection and remote processing by electronic transmission of your Data relating to the use of the Product, and
Electronic transmission of usage data to your healthcare provider, if requested and if the Product allows for such transmission.
In addition, we may process your Data for the following legitimate business purposes in compliance with applicable law:
To provide Services and/or Products;
To communicate with you about and manage your Account;
To properly store and track your data within our system;
To respond to lawful requests from public and government authorities, and to comply with applicable state/federal law, including cooperation with judicial proceedings and court orders;
To protect our rights, privacy, safety, or property, and/or that of you or others by providing proper notices, pursuing available legal remedies, and acting to limit our damages;
To handle technical support and other requests from you;
To manage and improve our operations and the Platform and Sites, including the development of additional functionality;
To manage payment processing;
To evaluate the quality of service you receive, identify usage trends, and improve your user experience;
To keep our Platform and Sites safe and secure;
To send you information about changes to our terms, conditions, and policies;
To allow us to pursue available remedies or limit the damages that we may sustain;
To enable you to connect with or share Data with your healthcare provider, which enables that healthcare provider to monitor your progress and overall condition as he/she deems appropriate;
To conduct surveys relating to Our activities and the Services provided; and
To carry out research, study, or evaluation programs that respect your privacy, after all the conditions required by the applicable regulations have been met. This may include: (i) research, study, or evaluation programs of our activities, practices, or materials provided as part of the Services; and (ii) the development, coordination, and/or improvement of our activities, including the materials and tools used in the course of our activities, such as computer tools and/or algorithms.
In addition, for the purpose of continuous improvement of the quality and content of our services, We analyze aggregated statistics in such a way as to guarantee the anonymity and respect of the privacy of our Users.
Collected and processed data
To enable the use of the Services, Products, and/or Sites, the collection and processing of Your Data by the Company is necessary.
We collect five types of information from our Users: (I) demographic data; (II) medical data; (III)support data; (IV) technology data; and (5) economic data. Each category of data is explained in depth below.
1️⃣ Demographic Data: We collect demographic data from Users, which may include, but not be limited to, your name, birth year, gender, height, weight, phone number, and e-mail address. The collection of this demographic data is primarily used to create your Account, which you can use to securely receive the Services.
2️⃣ Medical Data: In addition to demographic information, We may collect information regarding your health conditions, including, but not limited to, images, age, gender, weight, height, medical history, symptoms, and communications between you and your healthcare provider who is providing services to you via the Platform. We collect this information to provide you with the Services and to provide your health care provider with the information required to provide medical treatment through the Platform. As part of our Services, We may also collect sleep and other data that you provide through Products.
4️⃣ Technology Data: We use common information-gathering tools, such as log files, cookies, web beacons, and similar technologies to automatically collect information, which may contain Data from your computer or mobile device as you navigate our Platform or interact with emails or other communications we have sent you. The information we collect may include your IP address (or proxy server), device and application identification numbers, location, browser type, Internet service provider and/or mobile carrier, the pages and files you viewed, your searches, your operating system and system configuration information, and date/time stamps associated with your usage. This information is used to analyze overall trends, help us provide and improve our Services, and ensure the proper functioning and security of the Platform and Services.
5️⃣ Economic Data: We may collect economic and financial data, including payment data and purchase data, if you elect to purchase a Service or Product throughUs.
We may collect this Data directly from you, indirectly on Our Sites, or by Our Partners. Further, this Data may be transmitted via telephone calls, telecommunication services (e.g., via the Internet), or through the automatic remote electronic transmission capabilities of the Products.
In certain instances, We may require you to provide specific Data before accessing a Service or Site. When this occurs, the required Data will be indicated by an asterisk. You will then need to provide this required Data to continue the use of the Services. If you do not wish to provide the required Data, you can stop using the Services.
The proper use of the Products that We provide to you (if applicable) is essential to ensure that the Data collected is accurate. The integrity of the Data and its accuracy is ensured only in the absence of intervention by someone other than our staff or our authorized Partner’s staff.
We maintain reasonable technical controls to ensure the confidentiality, accuracy, durability, and integrity of the Data placed under our responsibility.
Data storage and transfers
Your Data are stored in the United States of America. Your Data may be transferred to and stored in other locations such as the European Economic Area. These locations may be maintained by Us, or Our service providers, or Our Partners. The purpose of the transfer and storage of data in other locations includes, among other things, the provision of support services. By submitting your Data, you consent to such transfer and storage.
Your rights in regard to the data Dreem Health collects
Depending on the legal basis of collection, the location of the collection, and the purpose of the collection, You may have different rights with respect to your Data. These rights may include:
👉 Right of access and correction: You may request access to your Data and, if you believe such data is inaccurate, you may request correction of that Data.
👉 Right to withdraw consent: You may at any time withdraw your consent to the processing of Data concerning you. Any withdrawal of consent will only be valid for the future and will not apply to previously collected or used Data.
👉 Right to object: You may object to the processing of your Data, provided that you give a legitimate reason. A legitimate reason is not necessary if you object to the processing of your Data for a commercial purpose.
👉 Right to be forgotten: You have the right to have your Data erased after a certain period of time.
👉 Right to limitation of processing: You may request that your Data be subject to limited processing in certain circumstances.
👉 Right to portability: You may request (i) a copy of the Data you have provided to Us, or (ii) that We transfer your Data to another entity.
Transmission of Data over the Internet is never 100% secure or error-free. However, We take reasonable and appropriate measures to protect your Data from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. The measures include, but are not limited to, implementation of technical, organizational, and physical controls to safeguard Data.
However, it is your responsibility to safeguard your Account credentials (passwords and User IDs) and to notify Us if you ever suspect that your credentials for Our Services have been compromised. You are solely responsible for any unauthorized use of Our Services conducted via your credentials. We shall not be liable for unauthorized access if it's the User’s fault.
We agree to notify You within the legally required timeframe upon becoming aware of any unauthorized access to your Data that is maintained by Us or one of Our Partners, for fulfillment of Our Services. Notification of any such Data breach is a legal obligation and shall not be construed as an admission of any liability on Our part for its occurrence or operation.
You acknowledge and agree that Our security obligations are limited to the scope of Our Services.
Disclosure of data
1️⃣ Business Partners and Vendors: We share Data with a limited number of Partners, service providers, and other persons/entities who help run our business (collectively, “Business Partners”). Specifically, We may employ third-party companies and individuals to facilitate our Services, provide Services on Our behalf, perform Service-related functions, or assist us in analyzing how Our Services are used. Our Business Partners are contractually bound to protect your Data and to use it only for the limited purpose(s) for which it is shared. Business Partners’ use of Data may include, but is not limited to, the provision of services such as data hosting, IT services, customer services, and payment processing. Additionally, We share Data with our contractors, service providers, and other third parties that help support our Products.
2️⃣ Our Advisors: We may share your Data with third parties that provide Us advisory services , including, but not limited to, our lawyers, auditors, accountants, and banks (collectively, “Advisors”). Data will only be shared with Advisors if We have a legitimate business interest in the sharing of such data.
3️⃣ Provider Users: To use the Services, Users will be affiliated with one or more healthcare providers. As part of the Services, We will share your Data with your assigned healthcare provider. If at any point you want to deny access to one or more healthcare providers, you can do so by emailing email@example.com.
4️⃣ Third Parties Upon Your Direction or Consent: You may direct Us to share your Data with third parties. Upon your request and consent, we may share such Data with those third parties that you identify.
5️⃣ Third Parties Pursuant to Business Transfers: In the event of a reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of Company’s corporate entity, assets, or stock (including in connection with any bankruptcy or similar proceedings), we may share your Data with a third party.
We will not retain Data beyond a reasonable period of time and will only retain it for as long as we have a legal basis to do so. When we no longer have a legitimate ongoing business need or contractual/legal obligation to retain your Data, we will delete or anonymize it or, if this is not possible (for example, because your Data has been stored in a backup archive), then we will store your Data and secure it using the same, or materially similar safeguards, and isolate it from further processing until deletion is possible.
The exact data retention period varies according to the nature of the Data and the processing involved.
What happens to personal data submitted by minors?
We do not knowingly collect Data from individuals under the age of 18. Additionally, our Services are not directed to individuals under the age of 18. We request that these individuals not provide Data to us. If we learn that Data from users under the age of 18 has been collected, we will deactivate the Account associated with that data and take reasonable measures to promptly delete such data from our records. If you are aware of a user under the age of 18 accessing the Services or Platform, please contact us at firstname.lastname@example.org.
If you are a resident of California under the age of 18 and have registered for an Account with us, you may ask us to remove content or information that you have posted to our Platform.
Update, correct, or delete data
You have the right to request restrictions on uses and disclosures of your Data. While we are not required to agree to all restriction requests, we will attempt to accommodate reasonable requests when appropriate.
Except for your email address and your insurance details, You may change or correct information directly in Your Account. Y. If you need to make changes or corrections to other information, you may contact us at email@example.com. In order to comply with certain requests to limit use of your Data, we may need to terminate your ability to access and/or use some or all of the Services. By requesting to limit use of your personal data or delete personal data, You acknowledge and agree that We will not be liable to You for any corresponding limitation in the scope of services or termination of services as necessary to comply with your request.
You have the right to request deletion of any Data directly from your Account. You may also send us a deletion request of your Data to firstname.lastname@example.org and include your login email address and a description of the Data you would like removed. We will respond to all requests for data deletion as soon as reasonably possible.
You understand that it may not be technologically possible to remove all of your Data from our systems. While we will use reasonable efforts to remove your Data, the need to back up our systems to protect information from inadvertent loss means a copy of your Data may exist in a non-erasable form that will be difficult or impossible for us to locate or remove.
Your login email address; and
A statement that you are requesting account deletion.
By terminating your Account, you agree that you will not be able to access any information previously contained in your Account.
Questions Or Concerns