Privacy Policy

PURPOSE

This Policy is to disclose the ways Story Health uses and protects any information provided when you use Story Health websites, such as http://storyhealth.ai.

POLICY

Story Health Corporation (“Story Health”, “we”, “our,” or “us”) values your privacy and the privacy of our other customers and visitors to our website, including storyhealth.ai (collectively, with any successor websites, the “Websites”), online interactions, and any other services owned or operated by Story Health that link to this Privacy Notice. Visitors to the Websites are, collectively, referred to herein as “Users.”

This Privacy Notice describes what information Story Health gathers from you via the Websites, how we use that information, and what we do to protect it.

This Privacy Notice does not apply to information that is protected health information (“PHI”) under the Health Insurance Portability and Accountability Act (“HIPAA”). Any information Story Health collects that constitutes PHI is governed by, and will be used and disclosed solely as permitted under, the business associate agreement between Story Health and your healthcare provider (each, a “Provider”), as required by law, to safeguard PHI. For more information about the privacy of PHI, please contact your Provider. Any information provided directly to a Provider is treated in accordance with that Provider’s notice of privacy practices, and we encourage you to ask the Provider for information about their practices before providing any information to them.

This Privacy Notice may be revised periodically without further notice to you and this will be reflected by a “last modified” date above. Any updated Privacy Notice will be effective when posted. Please revisit this page to stay aware of any changes. If required by law, we will contact you directly to provide you with an updated Privacy Notice.

1. Sources of Personal Data

“Personal Data” is data that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. Personal Data does not include publicly available information, de-identified or aggregated information, or information covered by certain federal and state laws (such as HIPAA).

We collect Personal Data about you from the following sources:

  • Directly from you. We may collect Personal Data you provide to us directly, such as when you contact us through the Websites.
  • Data collected automatically and through tracking technologies. We may automatically collect information or inferences about you, such as through cookies and other tracking technologies, when you interact with the Websites. This may include information about how you use and interact with the Websites or otherwise interact with us online, information about your device, and internet usage information.
  • Data collected automatically and through tracking technologies. We may automatically collect information or inferences about you, such as through cookies and other tracking technologies, when you interact with the Websites. This may include information about how you use and interact with the Websites or otherwise interact with us online, information about your device, and internet usage information.

We may combine and use information and make inferences from information that we receive from the various sources described in this Privacy Notice. We may also use or disclose the combined information and inferences for the purposes identified below.

2. Types of Personal Data We Collect

We may collect the following types of Personal Data:

  • Identifiers, such as your name, email address, physical address, telephone number, business contact information, account number, and device identifiers (e.g., cookie IDs and IP address).
  • Internet or other electronic network activity information, such as your browsing history, search history, and other information regarding your interactions with and use of the Websites. For more information about cookies and other device data, please see the Cookies and Other Tracking Technologies section.
  • Records about you, such as preference information (including marketing and communication preferences), and the content, timing and method of communications you have with us, including messages you submit through the Websites or by email.
  • Non-precise geolocation data, such as your approximate location based on your IP address.
  • Inferences drawn from any of the information we collect to assess the level of interest in our products and services based on frequency of visits and contact and determine your preferred frequency for receiving offers.
3. How We Use Personal Data

We may use Personal Data for the following purposes:

  • To provide you with the Websites and other services, such as providing the Websites or other services; providing customer service; communicating with you about our services; responding to requests, complaints, and inquiries; and providing similar services or otherwise facilitating your relationship with us.
  • For our internal business purposes, operating the Websites and customizing the content; maintaining internal business records; enforcing our policies and rules; conducting organizational analysis; and managing our assets and global workforce.
  • For our internal research and product improvement purposes, such as verifying or maintaining the quality or safety of our Websites or other services; improving our Websites or other services; designing new Websites, products, and services; evaluating the effectiveness of our advertising or marketing efforts; and debugging and repairing errors with our systems, networks, and equipment.
  • For legal, safety or security reasons, such as complying with legal requirements, processes, or orders; fulfilling reporting and similar requirements; complying with government inspections and other requests from government or other public authorities; pursuing legal rights and remedies; investigating and responding to claims against us and our customers and employees; protecting our, your, our customers’, and other individuals’ safety, property or rights; addressing security and health and safety issues (including managing spread of communicable diseases) and malicious, deceptive, fraudulent, or illegal activity; and receiving legal advice or approval.
  • In connection with a corporate transaction, such as if we acquire, or some or all of our assets are acquired by, another entity, including through a sale in connection with bankruptcy and other forms of corporate change.

We may use anonymized, de-identified, or aggregated information for any purpose permitted by law.

No mobile information will be shared with third parties/affiliates for marketing/promotional purposes.

4. How We Disclose Personal Data

We may disclose Personal Data to third parties, including the categories of recipients described below:

  • Affiliates and subsidiaries, including parent entities, corporate affiliates, subsidiaries, business units, and other companies that share common ownership.
  • Service providers that work on our behalf to provide the products and services you request or support our relationship with you, such as IT providers, internet service providers, web hosting providers, data analytics providers, and companies that provide business support services, financial administration, or event organization.
  • Professional consultants, such as accountants, lawyers, financial advisors, and audit firms.
  • Law enforcement, government agencies, and other recipients for legal, security, or safety purposes, such as when we share information to comply with law or legal requirements, to enforce or apply our Terms of Use and other agreements or policies, and to protect our, your, our customers’, or other third parties' safety, property, or rights.
  • Other entities in connection with a corporate transaction, such as if we, or some or all of our assets, are acquired by another entity, including through a sale in connection with bankruptcy or other forms of corporate change.
  • Business partners that may use Personal Data for their own purposes, such as companies that operate cookies and other tracking technologies, social media companies, data brokers, marketing and advertising partners, and other business partners for their own marketing, research, or analytics purposes. Where required by law, we will obtain your consent prior to disclosing your Personal Data to our business partners. Where recipients use your Personal Data for their own purposes independently from us, we are not responsible for their privacy practices or personal data processing policies. You should consult the privacy notices of those third-party services for details on their practices.
  • Entities to which you have consented to the disclosure.

5. Cookies and Other Tracking Technologies

The Websites and authorized third parties may use cookies and other tracking technologies to collect information about you, your device, and how you interact with the Websites. This section contains additional information about:

  • The types of tracking technologies we use and the purposes for which we use them
  • The types of information we collect using these technologies
  • How we disclose or make information available to others
  • Choices you may have regarding these technologies

Types of cookies and tracking technologies we use

We and the third parties that we authorize may use the following tracking technologies:

  • Cookies, which are a type of technology that install a small amount of information on a user's computer or other device when they visit a website. Some cookies exist only during a single session and some are persistent over multiple sessions over time.
  • Pixels, web beacons, and tags, which are types of code or transparent graphics. In addition to the uses described below, these technologies provide analytical information about the user experience and help us customize our marketing activities. In contrast to cookies, which are stored on a user's computer hard drive, pixels, web beacons, and tags are embedded invisibly on web pages.
  • Session replay tools, which record your interactions with the Websites, such as how you move throughout the Websites and engage with our webforms. In addition to the uses described below, this information helps us improve the Websites and identify and fix technical issues visitors may be having with the Websites.
  • Embedded scripts and SDKs, which allow us to build and integrate custom apps and experiences on the Websites.

Purposes for using these technologies

We and authorized third parties use these technologies for purposes including:

  • Personalization, such as remembering language preferences and pages and products you have viewed in order to enhance and personalize your experience when you visit the Websites;
  • Improving performance, such as maintaining and improving the performance of the Websites;
  • Analytics, such as analyzing how our websites are used. For example, we use Google Analytics to help us improve the user experience.  Google Analytics may use cookies and other tracking technologies to perform their services.  To learn how Google Analytics collects and processes data, please visit: “How Google uses data when you use our partners’ sites or apps” located at www.google.com/policies/privacy/partners; and
  • Security, such as preventing fraud and malicious behavior

Information collected using these technologies

These tracking technologies collect data about you and your device, such as your IP address, location (both approximate and precise) cookie ID, device ID, Ad ID, operating system, browser used, browser history, search history, and information about how you interact with the Websites (such as pages on the Websites that you have viewed).

Disclosures of your information collected through these technologies

We may disclose information to third parties or allow third parties to directly collect information using these technologies on the Websites, such as social media companies, advertising networks, companies that provide analytics including ad tracking and reporting, security providers, and others that help us operate our business and the Websites.

Your choices regarding these technologies

Some of the third parties we work with participate with the Digital Advertising Alliance ("DAA") and Network Advertising Initiative ("NAI"). The DAA and NAI provide mechanisms for you to opt out of interest-based advertising performed by participating members at http://www.aboutads.info/choices/ and https://optout.networkadvertising.org/. We adhere to the DAA’s Self-Regulatory Principles for Online Behavioral Advertising. You may also click on the AboutAds icon on a Company advertisement and follow the instructions on how to opt out.

You can also refuse or delete cookies using your browser settings. If you refuse or delete cookies, some of the Websites’ functionality may be impaired. Please refer to your browser’s Help instructions to learn more about how to manage cookies and the use of other tracking technologies. If you change computers, devices, or browsers; use multiple computers, devices, or browsers; or delete your cookies, you may need to repeat this process for each computer, device, or browser. Opting out of interest-based advertising will not opt you out of all advertising, but rather only interest-based advertising from us or our agents or representatives.

Some browsers have incorporated Do Not Track (“DNT”) preferences.  At this time, we do not honor Do Not Track signals.

6. Your Choices

You may, of course, decline to share your Personal Data with Story Health, in which case Story Health will not be able to provide to you some of the features and functionality found on the Websites.

7. Our Commitment to Children's Privacy

Protecting the privacy of young children is especially important to Story Health. For that reason, Story Health does not knowingly collect or maintain Personal Data on Websites from persons under 13 years-of-age, and no part of Websites is directed to persons under 13. If you are under 13 years of age, then please do not use or access the Websites at any time or in any manner. If Story Health learns that Personal Data of persons less than 13-years-of-age has been collected without verifiable parental consent, then Story Health will take the appropriate steps to delete this information.

8. Our Commitment to Data Security and Data Retention

Story Health uses commercially reasonable physical, administrative, and technical safeguards to preserve the integrity and security of your Personal Data. We cannot, however, ensure or warrant the security of any information you transmit to Story Health, and you do so at your own risk. Once we receive your transmission of information, Story Health makes commercially reasonable efforts to ensure the security of our systems. However, please note that this is not a guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards.

Your Personal Data will be retained as long as necessary to fulfill the purposes we have outlined above unless we are required to do otherwise by applicable law. This includes retaining your Personal Data to provide you with the products or services you have requested and interact with you; maintain our business relationship with you; improve our business over time; ensure the ongoing legality, safety and security of our services and relationships; or otherwise in accordance with our internal retention procedures. Once you have terminated your relationship with us, we may retain your Personal Data in our systems and records in order to ensure adequate fulfillment of surviving provisions in terminated contracts or for other legitimate business purposes.

9. External Links

The Websites may contain links to external sites or other online services that we do not control, including those embedded in third party advertisements or sponsor information. We are not responsible for the privacy practices or data collection policies of such third-party services. You should consult the privacy notices of those third-party services for details on their practices.

10. International Visitors

Personal Data collected on the Websites may be stored and processed in the United States or any other country in which Story Health or its affiliates, subsidiaries or agents maintain facilities. By using the Websites or otherwise interacting with us online, you consent to any such transfer of information outside of your country.

11. Shine the Light Disclosure

The California "Shine the Light" law gives residents of California the right under certain circumstances to request information from us regarding the manner in which we share certain categories of personal information (as defined in the Shine the Light law) with third parties for their direct marketing purposes. We do not share your Personal Data with third parties for their own direct marketing purposes.

12. Contact information

Please contact us with any questions or comments about this Privacy Notice, your Personal Data, our third-party disclosure practices, or your consent choices at: Story Health 20823 Stevens Creek Blvd. Ste 400, Cupertino, CA 95014, or via email at [email protected].