Privacy Notice

Last Updated: July 10, 2024

This Privacy Notice (“Notice”) explains how information is collected, used, and disclosed by Evidation Health, Inc. and its subsidiaries (collectively, “Evidation,” “we,” “us,” or “our”) in connection with your use of our website at www.evidation.com, or any other online services that link to this Notice (collectively, our “Services”). This Notice applies to only those websites, services, and applications included within the Services. The Notice does not apply to any third-party websites, services, or applications (including those of our partners), even if accessible through the Services.

Evidation provides other offerings and services, which are not subject to this Notice. The Privacy Notice for our consumer platform “Evidation” that rewards healthy actions and helps users participate in research, is available at https://evidation.com/members-privacy. Participation in research or other programs, including sponsored programs, run by Evidation may be subject to specific informed consent and/or disclosures for the relevant research or other program. This Notice does not apply to such offerings.

When you use the Services, you consent to our collection, use, retention, disclosure, and protection of information about you, as described in this Notice.

IF YOU DO NOT AGREE TO THIS NOTICE, PLEASE DO NOT USE THE SERVICES.

This Notice is made up of two parts - a General Privacy Statement and Supplemental Privacy Notice, the latter of which describes specific privacy rights that may apply to you depending on where you live and your use of the Services. The combined Notice contains the following sections:

General Privacy Statement

  • Information We Collect
  • How We Use Your Information
  • How We Share Your Information
  • How We Protect Your Information
  • Retention of Your Information
  • Your Choices
  • Links to Other Sites
  • Children’s Privacy
  • Law Enforcement 
  • International Transfer
  • Contact Us

Supplemental Privacy Notices and Statements by Geographic Area

  • Singapore
  • UK/European Economic Area/Switzerland
  • U.S. States
  • ~California, Colorado, Virginia, Utah, & Connecticut
  • ~Nevada

General Privacy Statement

Information We Collect

As a result of using the Services, you may, either directly or indirectly, provide certain information to us.

In addition to other information and data we might collect, the types of personal information we collect as part of the Services includes:

  • contact information (such as name, postal address, email address (personal and/or professional), company name, title, and phone number), typically from prospective or current customers, partners, and vendors, as well as individuals subscribing to our updates and/or newsletters;
  • other information you submit to us through the Services (such as information provided by filling in forms or sending us emails, which at a minimum would include email address as well as potentially your name and other contact information); and
  • certain other information that may be automatically collected, as described below, or that you may choose to provide to us.

Automatically Collected Information

When you utilize our Services, certain information is automatically collected. For example, we and our third party service providers may automatically collect your Internet Protocol (IP) address (and associated city and state or province or country for the IP address), computer operating system, browser type, other system settings, as well as the language your system uses and the country and time zone where your device is located, device identifiers, the website you visited before our Services, the number of clicks, pages viewed and the order of those pages, the amount of time spent on particular pages, the date and time you used the Services and upload or post content, error logs, and other similar information. Even if you do not register with our Services, or submit information directly to us, our Services may collect this automatically collected information.

Location information: When you use the Services, we and our service providers may automatically collect general location information (e.g., IP address, city/state and or zip code associated with an IP address) from your computer or mobile device.

Cookies & similar technologies: We and our third-party service providers also collect information about you, your usage of the Services and your devices through cookies, web beacons, and similar technologies. A “cookie” is a small data file placed on your device to identify your device in the future. “Cookies” can also help us better understand user behavior, personalize preferences, perform research and analytics, deliver tailored advertising, and improve the products and services we provide. We, or our third-party service providers, may also use certain of these technologies in emails to end users, to help us track email response rates, identify when our emails are viewed, and track whether our emails are forwarded. A “session cookie” disappears after you close your web browser, or may expire after a fixed period of time. A “persistent cookie” remains after you close your web browser and may be accessed every time you use our Services. We and our third-party service providers may use both session and persistent cookies on our Services. You should consult your web browser to modify your cookie settings. Please note that if you delete or choose not to accept cookies from us, some features may be adversely affected up to and including being unable to use certain features of our Services.

We may utilize the services of third parties in conjunction with this automatically collected information. These third parties may collect information about you over time such as about your use of our Services, as well as your online activities across other websites or online services.

Online analytics: We may use third-party web analytics services, such as those provided by Google Analytics. These service providers use cookies and other technologies described in this Notice to help us analyze how users use our Services. The information collected by the technology will be disclosed to or collected directly by these service providers. To prevent Google Analytics from using information for analytics, a user may install the Google Analytics Opt-Out Browser Add-on by clicking here.

We neither have access to, nor does this Notice govern, the use of cookies or other tracking technologies that may be placed on your computer, mobile phone, or other device you use to access the Services by non-affiliated, third-party ad technology, ad servers, ad networks or any other non-affiliated third parties. Those parties that use these technologies may offer you a way to opt out of ad targeting as described below.

Advertising: You may receive tailored advertising on your computer through a web browser. If you are interested in more information about tailored browser advertising and how you can generally control cookies from being put on your computer to deliver tailored advertising, you may visit the Network Advertising Initiative (NAI) NAI Opt-Out link, or the Digital Advertising Alliance’ (DAA) DAA Opt-Out link to opt-out of receiving tailored advertising from companies that participate in those programs. To opt out of Google Analytics for display advertising or customize Google display network ads, you can visit the Google Ads Settings page.

Do Not Track Signals

We do not currently employ technologies that recognize “Do Not Track” signals from your browser. 

You may be able to direct whether other websites you visit will collect or track your browsing data. Many internet browsers allow you to adjust your settings to send requests to the websites you visit to not collect or track your browsing data. In most cases, that option is turned off by default and will need to be turned on by you in your settings. Even if that option is turned on, many websites will still collect and use your browsing data to improve security, provide content, services, ads and recommendations on their websites, and generate reporting statistics.

How We Use Information

We use the information collected to provide our Services to you or as otherwise described in this Notice. For example, we may use your information to:

  • Operate and improve our Services, including development of new features and functionalities;
  • Respond to your feedback, comments, or questions, or to otherwise send you information about our Services;
  • Analyze how you use and interact with our Services;
  • Protect our Services and the information collected against fraudulent, illegal, or otherwise unauthorized activity, including any investigation into such activity;
  • For any other purpose described in this Policy, or the Terms of Use.

We may combine information that we collect from you through the Services with information that we obtain from affiliated and non-affiliated third parties, and information derived from any other products or services we provide.

We may aggregate and/or de-identify information collected through the Services. We may use de-identified or aggregated data for any purpose.

How We Share Information

We will not sell, rent, or otherwise share your information with our customers without your express consent as detailed below.

In certain circumstances, we may share your information with our affiliates, service providers, and third-party business partners. For instance: 

  • Service Providers. We may share your information with third parties that are our service providers to help us operate our business and provide the Services, such as for email management, data hosting, analytics, fraud and safety protection and legal and accounting services. 
  • When Required by Law or as Necessary to Protect Our Users and Services. We may share information when we believe that doing so is necessary to protect, enforce, or defend the legal rights, privacy, safety, or property of Evidation, our employees or agents or users, or if we reasonably believe that is necessary in order to comply with laws, regulations, legal process (such as subpoenas or warrants), or any other legal or regulatory request. 
  • Business Transfers. We may disclose or transfer your information to a third party if we sell, transfer, divest, or disclose all or a portion of our business or assets to another company in connection with or during negotiation of any merger, financing, acquisition, bankruptcy, dissolution, transaction, or proceeding or take steps in anticipation of such a transaction. 
  • Otherwise with Your Consent or at Your Direction. In addition to the sharing described in this Notice, we may share information about you with third parties whenever you consent to or direct such sharing.

How We Protect Your Information

We use technical and administrative safeguards to protect the confidentiality, integrity, and availability of your information. We employ a range of measures that are commensurate with the dynamic cyber-threat landscape to secure information, but we also recognize that electronic communications, and the processing and storage of data, can be inherently insecure and may contain unknown weaknesses. Consequently, while we cannot guarantee absolute security in such a dynamic threat landscape, we are strongly committed to continuously keeping your data as secure as possible.

If you want to report a potential cyber security vulnerability, please contact us at [email protected].

Retention of Your Information

The length of time that we retain your information depends on the purposes for which we collected it, the purposes for which we’re processing your information, and/or as required to comply with applicable laws.  In general, we will retain your Personal Information for so long as reasonably necessary to provide the Services to you and for the period reasonably necessary to support our business operational purposes.

Your Choices

Email & Text Messages. You may opt-out of receiving certain communications from us. To opt-out of any communications, follow the instructions in that communication (for instance, by clicking “unsubscribe”) or visit the settings tab of your Evidation account (if you have one).  You may opt-out of receiving our text messages by replying to a text from us with the words “STOP”, “QUIT”, or “UNSUBSCRIBE.” You will not be able to opt-out of transactional or relationship email messages related to the management of your account or customer support.

Cookies and Other Automated Technologies. For information about opt-out options relating to data collected using cookies and other automated technologies (e.g., for analytics), please review the hyperlinks in the “Automatically Collected Information” section of this Notice, above.

Children's Privacy

Our Services are not intended for minors under the age of 18. If we become aware that we have collected “personal information” (as defined by the United States Children’s Online Privacy Protection Act) from children under the age of 13 without valid parental consent, we will take reasonable steps to delete it as soon as possible, and will not sell the information. To the extent reasonably possible, we will also remove the minor’s access to our Services and prevent or otherwise block the continued use of those Services.

Law Enforcement

We will not release your individually-identifiable personal information to law enforcement, regulators or governmental authorities without your consent, unless legally required to do so. If we receive a request compelling our disclosure of your individually-identifiable personal information, we will closely scrutinize that request. We will only comply with such a request subject to court orders, subpoenas or search warrants that we determine are legally valid, and then only after exercising any appropriate legal processes to limit the scope and applicability of the request.

International Transfer

‍Your information may be transferred to, and maintained on, computers located outside of your state, province, country or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. If you’re located outside the United States and choose to provide your information to us, we may transfer your information to the United States and process it there (or any other country in which we operate). Your submission of information using the Services represents your agreement to such transfer.

Supplemental Privacy Notices and Statements by Geographic Area

Singapore


For the purposes of the Personal Data Protection Act (“PDPA”), we are a “data intermediary” as defined in the Act. Our Global Data Protection Officer can be contacted at [email protected].

UK/European Economic Area/Switzerland


Individuals located in certain countries, including those countries within the European Economic Area (EEA), the United Kingdom (UK), and Switzerland have certain statutory rights in relation to their information (“personal data”). If you are located in the EEA, UK, or Switzerland  and/or are visiting this website from the one of those jurisdictions (or other applicable countries), under the EU General Data Protection Regulation (GDPR), its equivalent in the UK, and the Swiss Data Protection Act, we are considered a Controller of your personal data. When an Evidation customer licenses Evidation’s offerings or services, or when Evidation is otherwise acting on behalf of a customer, Evidation is considered a “processor” of the personal data, and Evidation’s customer is the “controller”. 

Your Rights.  Subject to any exemptions provided by law, you may have the right to request access to personal data we have collected about you, as well as to seek its correction, update, or deletion. You may also have the right to object to our handling of your personal data and to withdraw any consent you have provided. Where we process personal data on behalf of a customer, we may refer the request to the relevant customer and cooperate with their handling of the request, subject to any special contractual arrangement with that customer. To exercise these rights, please contact us at the information provided below.

Legal Bases for Processing Your Personal Data. To the extent that our processing of your personal data is subject to the (UK) GDPR, we process such data pursuant to our legitimate business interests, because it is necessary for our contractual relationship, and/or with your consent. We may also process your personal data for direct marketing purposes, and you may object to our use of your personal data for such direct marketing purposes at any time. As a processor, we process personal data to meet our contractual commitments to our customers, for other purposes requested or permitted by our customers, and for legal compliance.

Contact Us. To submit a request or question regarding any of your personal data that is subject to this section, please reach out to our Data Protection Officer at [email protected]

E.U. Representative. Additionally, for the purposes of Article 27 of the GDPR, we have appointed Reed Smith LLP as our EU Representative. Reed Smith are authorized to receive communications relating to our European personal data practices on our behalf. Reed Smith can be contacted using the following contact details:

UK:
Evidation Health, Inc.
c/o Reed Smith LLP
Ref: COD
1 Blossom Yard
London
E1 6RS
UK
[email protected]

EU:
Evidation Health, Inc.
c/o Reed Smith LLP
Ref: DK/TB
112 Avenue Kléber
75116 Paris
France
[email protected]

United States: California, Colorado, Virginia, Utah, & Connecticut


This section is intended to constitute a Supplemental Privacy Notice (“Supplemental Notice”) that applies only to information collected about California, Colorado, Virginia, Utah, and Connecticut consumers. It provides information required under the California Consumer Privacy Act of 2018 and California Privacy Rights Act of 2020 (collectively, the “CPRA”), the Colorado Privacy Act of 2021 (the “CPA”), the Virginia Consumer Data Protection Act of 2021 (the “VCDPA”), the Utah Consumer Privacy Act of 2022 (the “UCPA”), and the Connecticut Data Privacy Act of 2022 (“CDPA”). 

This Supplemental Notice also provides a brief paragraph regarding California’s Shine the Light law, under the heading “Additional California Privacy Information”.  We also provide a brief paragraph regarding information collected about Nevada consumers under the heading “Nevada Privacy Rights” at the end of this section. The other portions of this Supplemental Notice do not apply to Nevada consumers. 

This Supplemental Notice describes our practices regarding the collection, use, and disclosure of Personal Information and provides instructions for submitting data subject requests. This Supplemental Notice is parallel in scope to the preceding Privacy Notice and should be read to provide additional information to consumers that reside in the applicable states. Some portions of this Supplemental Notice apply only to consumers of particular states. We have included language providing that additional information when it applies.

Definitions

Because these laws have very specific definitions for different terms, we’ve included a definition section to help you better understand how these words will be used in this Supplemental Notice. The terms defined here should be understood to apply only to this Supplemental Notice. 

  • Personal Information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. Personal Information includes “personal data” as that term is defined in the CPA, VCDPA, UCPA, and CDPA. Personal Information also includes “Sensitive Personal Information,” as defined below, except where otherwise noted. Personal Information does not include information that has been aggregated, de-identified, or is considered publicly available. 
  • Sensitive Personal Information” means Personal Information that reveals a consumer’s social security, driver’s license, state identification card, or passport number; account log-in, financial account number, debit card number, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; precise geolocation; racial or ethnic origin, religious beliefs, or union membership; contents of email or text messages (except where we are the intended recipient); and genetic data. Sensitive Personal Information also includes processing of biometric information for the purpose of uniquely identifying a consumer and Personal Information collected and analyzed concerning a consumer’s health, sex life, or sexual orientation. Sensitive Personal Information also includes “sensitive data” as that term is defined in the CPA, VCDPA, UCPA, and CDPA.
  • Third Party” has the meanings afforded to it in the CPRA, CPA, VCDPA, UCPA, and CDPA.
  • Vendor” means a service provider, contractor, or processor as those terms are defined in the CPRA, CPA, VCDPA, UCPA, and CDPA.

To the extent other terms used in this Supplemental Notice are defined under the CPRA, CPA, VCDPA, UCPA, or CDPA they should be read to have the meanings assigned in those statutes, whether or not capitalized in this Supplemental Notice. Since there are some variations between the definitions in each of the various statutes, the definitions applicable to you are those provided in the state in which you are a consumer.  In other words, the rights you may have, and the definition of any specific term, will be based on the state in which you live. For example, if you are a Virginia consumer, terms used in this Supplemental Notice that are defined terms in the VCDPA shall have the meanings afforded to them in the VCDPA when this Supplemental Notice applies to you.

Collection, Processing & Disclosure of Personal Information

Collection. As described in the “Information We Collect” section of our General Privacy Statement, to provide you with the Services, you may either directly or indirectly provide certain information to us. We typically collect information submitted directly by you; for example, through emails and webforms. 

Sources. While we primarily collect Personal Information directly from individuals as part of the Services, we may also collect such information automatically, such as through analytics and cookies as described in the General Privacy Statement. We may also collect Personal Information from joint marketing partners, public databases, providers of demographic data, publications, professional organizations, social media platforms, people with whom you are connected on social media platforms, and Vendors and Third Parties when they share the information with us.

Disclosure. We may disclose your Personal Information to our affiliates and Vendors for the purposes described below, and as stated in our General Privacy Statement. Our Vendors provide us with services for our website and other applications, as well as other products and services, such as web hosting, data analysis, customer service, infrastructure provision, technology services, email delivery services, and other similar services. 

Categories of Personal Information & Purposes for Processing

The following table shows the categories of Personal Information (excluding Sensitive Personal Information) we may have already collected and processed about you in the preceding twelve (12) months, or in the future may collect from you and process, as part of your use of the Services, as well as the source of that information, the specific purpose(s) for Processing that information, and the third parties with which we may disclose that information:

Categories of Personal Information we Collect
Sources of Data
Purposes for which we Collect & Process Personal Information
Categories of Third Parties to which Information is Disclosed
Geolocation - This may include your IP address (including city and state or province or country), device location, or other locations based on systems you use. This does not include “precise” geolocation.
You (Directly)
Provide the Services to you

* See also “General Purposes for Collecting and Processing Personal Information” (below)
Vendors
Identifiers and Contact Information - This may include real name, alias (e.g., professional name), postal address, unique personal identifier, online identifier, Internet Protocol (IP) address, email address (personal or professional), account name, or other similar identifiers.
You (Directly)

Additional sources (described above)
Provide the Services to you

Contacting you about the possibility of partnering with us

Contacting you to support your use of the Services or one of Evidation’s applications, products, or services

Responding to your request for support or contact

Signing you up to receive, and distributing, our newsletters and other updates, documents, or notices

* See also “General Purposes for Processing Personal Information” (below)
Vendors
Professional or Employment-related Information - This may include your employer, job title, and other similar information.
You (Directly)

Additional sources (described above)
Provide the Services to you

Contacting you about the possibility of partnering with us

Responding to your request for support or contact

Signing you up to receive, and distributing, our newsletters and other updates, documents, or notices 

* See also “General Purposes for Processing Personal Information” (below)
Vendors
Electronic Network Activity - such as information on your interaction with or utilization of our website, tool, or application. This may include information from cookies and analytics and system/device usage.
You (Directly)
Provide the Services to you

* See also “General Purposes for Processing Personal Information” (below)
Vendors


Though we do not intend as part of your use of our Services to collect any categories of information other than those listed above, we may also collect, process, and if necessary share with our Vendors any information that you provide us directly as part of your request or contact. For instance, if you upload a document as part of a support request or provide us with additional Personal Information beyond what we have specifically requested to collect.

General Purposes for Collecting and Processing Personal Information

In addition to the specific purposes for processing information listed in the chart above, we, and our Vendors, collect and process the Personal Information (excluding Sensitive Personal Information) described in this Supplemental Notice to:

  • Operate, manage, and maintain our business, do business with you (if applicable), and provide the Services;
  • Provide, develop, improve, repair, and maintain our products and services, including the Services;
  • Identify and correct technical errors in our products and services, including the Services;
  • Personalize, advertise, and market our products and services to you, including the Services; 
  • Conduct research, analytics, and data analysis;
  • Conduct and implement risk and security controls and monitoring, and secure the Services;  
  • Maintaining our facilities and infrastructure; 
  • Detect and prevent fraud; 
  • Comply with law, legal process, and internal policies;
  • Exercise and defend legal claims; and
  • Otherwise accomplish our business purposes and objectives.

Retention of Personal Information

We retain your Personal Information for the period reasonably necessary to provide the Services to you and for the period reasonably necessary to support our business operational purposes, as listed in the above.

Additional Third Party Sharing

We may share or otherwise disclose your Personal Information to certain Third Parties for business purposes and in order to provide the Services to you, as set forth in the “How We Share Information” section of the General Privacy Statement. In general, we do not disclose your Personal Information to Third Parties (as defined in the CPRA) without your consent. We may also disclose your Personal Information to the following categories of Third Parties:

  • At Your Direction. We may disclose your Personal Information to any Third Party with your consent or at your direction.
  • Business Transfers or Assignments. We may disclose your Personal Information to other entities as reasonably necessary to facilitate a merger, sale, joint venture or collaboration, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings).
  • Legal and Regulatory Requirement. We may disclose your Personal Information to government authorities, including regulatory agencies and courts, as reasonably necessary for our business’ operational purposes, to assert and defend legal claims, and otherwise as permitted or required by law.

Disclosure for California Consumers

We have not sold Personal Information about California consumers in the past twelve (12) months. To our knowledge, we have not “shared” (as such term is defined under CPRA) Personal Information about California consumers in the past twelve (12) months.  Relatedly, we do not have actual knowledge that we sell or share Personal Information of California consumers under 16 years of age. For purposes of the CPRA, a “sale” is the disclosure of Personal Information to a Third Party for monetary or other valuable consideration, and a “share” is the disclosure of Personal Information to a Third Party for cross-context behavioral advertising, whether or not for monetary or other valuable consideration.

Disclosure for Colorado, Virginia, Utah, and Connecticut Consumers

We do not sell or share Personal Information to Third Parties or process Personal Information for purposes of targeted advertising, as the terms “sell,” “share,” “process,” and “targeted advertising” are defined in the CPA, VCDPA, UCPA, and CDPA.

Data Subject Rights

Your Rights. California, Colorado, Virginia, Utah, and Connecticut consumers have certain rights with respect to the collection and use of their Personal Information. Those rights vary by state. As required by the CPRA, we provide detailed information below regarding the data subject rights available to California consumers. Colorado, Virginia, Utah, and Connecticut consumers have similar rights and can find more detail by referencing the CPA, VCDPA, UCPA, or CDPA, as applicable.

Non-Discrimination. We will not discriminate against you for exercising your data subject rights. For example, we will not deny goods or services to you, or charge you different prices or rates, or provide a different level of quality for products or services as a result of you exercising your data subject rights.

Data Subject Rights Disclosure for California Consumers. California consumers have the following rights regarding our collection and use of their Personal Information, subject to certain exceptions.

Right to Receive Information on Privacy Practices. You have the right to receive the following information at or before the point of collection:

  • The categories of Personal Information to be collected;
  • The purposes for which the categories of Personal Information are collected or used;
  • Whether or not that Personal Information is sold or shared (as such terms are defined by the CPRA);
  • If we collect Sensitive Personal Information, the categories of Sensitive Personal Information to be collected, the purposes for which it is collected or used, and whether that information is sold or shared (as such terms are defined by the CPRA); and
  • The length of time we intend to retain each category of Personal Information, or if that is not possible, the criteria used to determine that period.

We have provided the information described in the list above in this Supplemental Notice. You may request further information about our privacy practices by contacting our Privacy Office at the contact information provided below.

Right to Know.  You can request that we provide you with the following information about how we have handled your Personal Information in the twelve (12) months preceding your request: 

  • the categories of:
  • ~Personal Information collected about you;
  • ~sources from which we collected the information;
  • ~Personal Information that we have sold or shared about you (as such terms are defined by the CPRA) for a business purpose;
  • ~third parties with whom we shared or disclosed that information;
  • the business or commercial purpose for collecting the information; and
  • the specific pieces of Personal Information that we have collected about you.

Right to Deletion.  You can request that we delete your Personal Information.

Right to Correct.  You can request that we correct any inaccurate Personal Information about you.

Right to Receive Information About Onward Disclosures. You can request that we provide you with the following information about any disclosure of your Personal Information in the twelve (12) months preceding your request:

  • The categories of Personal Information that we have collected about you;
  • The categories of Personal Information that we have sold or shared about you and the categories of Third Parties to whom the Personal Information was sold or shared; and
  • The categories of Personal Information we have disclosed about you for a business purpose and the categories of persons to whom it was disclosed for a business purpose.

Right to Opt-Out of the Sale or Sharing of Personal Information.  We do not and will not sell your personal information (as defined by the CCPA and CPRA).  We will not share your Personal Information with our customers without your express consent as detailed below. In certain circumstances, we may share your information with our affiliates, service providers, and third-party business partners, as described in the General Privacy Statement and this Supplemental Notice.

Right to Non-Discrimination for Exercising your Rights.  You have the right not to be discriminated against if you exercise your privacy rights. We will not discriminate against you for exercising your data subject rights.

Exercising Your Data Subject Rights

Submitting your Data Subject Requests. You may exercise the data subject rights applicable to you under the CPRA, CPA, VCDPA, UCPA, or CDPA by using the contact information listed belowRequests to exercise your rights can also be made through your Evidation account (if you have one), by using the “Submit a Request” function (and selecting “privacy”), or by reaching out to our Privacy Office at [email protected]. If you are unsubscribing from our communications, please follow the instructions in that communication or follow the process described in the “Your Choices” section of the General Privacy Statement. 

Verification of Data Subject Requests. All requests will be verified to ensure it is valid. We may ask you to provide information that will enable us to verify your identity to comply with or fulfill your data subject request. If you have an Evidation account, the easiest way to verify your request is to log-in and either make any necessary changes directly in your profile or submit the request via your Evidation account. If you submit your request via the “Submit a Request” function or by contacting our Privacy Office, we may request the following information to verify your request: name and email, how you’ve used our Services, and other similar information. 

Authorized Agents. You may also nominate an authorized agent to make a request on your behalf. We may request additional information from you to verify that the authorized agent is operating on your behalf. In particular, when a California consumer authorizes an agent to make a request on their behalf, we may require the agent to provide proof of signed permission from you to submit the request, or we may require you to verify your own identity to us or confirm with us that you provided the agent with permission to submit the request. 

Exceptions. In some instances, we may decline to honor your request if an exception applies. We will respond to your request consistent with applicable law.

Appeals. Virginia, Colorado, and Connecticut consumers have the right to appeal our decisions on their data subject requests. This section does not explicitly apply to California or Utah consumers; however, consumers in California or Utah may submit a complaint regarding their data subject request, as set forth below. To appeal our decision on your data subject request, you may contact our Privacy Office by using the contact information listed below or emailing our Privacy Office at [email protected]. In submitting your appeal, please enclose a copy of or otherwise specifically reference our decision on your data subject request, so that we may adequately review and address it. We will respond in accordance with applicable law.

Complaints.  To file a complaint related to your data subject request, our privacy practices, or this Supplemental Notice, you may contact our Privacy Office by using the contact information listed below or emailing our Privacy Office at [email protected]. In submitting your complaint, please enclose a copy of or otherwise specifically reference any relevant information and provide any applicable documentation, so that we may adequately review and address it. We will respond in accordance with applicable law.

Questions. Any queries, questions, or requests in relation to your privacy rights, and specifically any data subject requests, can be made using the contact information listed below.

Other Disclosures

Additional California Privacy Information

Financial Incentives for California Consumers. Under California law, we may provide financial incentives to California consumers who allow us to collect, retain, sell, or share their Personal Information. We will describe such programs to you when we offer them to you.

Shine the Light.  California residents have the right, under certain circumstances, to annually request information from us regarding our disclosure of certain categories of Personal Information” to other entities for their direct marketing purposes in the preceding calendar year. As noted above, we do not share your Personal Information with third parties for their direct marketing purposes unless we have your explicit permission. For any questions regarding this, please contact us using the information below. To better handle your question or request, please be sure to reference or include as the subject in your email “Shine the Light Request”.

Nevada Privacy Rights

Pursuant to Nevada law, you may direct a business that operates an internet website not to “sell” certain ”covered information” (each as defined by such law). As noted above, we do not sell your personal information. For any questions regarding this, please contact us at the information below.

Contact Us

For any questions, complaints, or inquiries regarding this Notice, or our privacy practices, please contact us at:

Evidation Health, Inc.
Attn: Privacy Office
63 Bovet Rd #146
San Mateo, CA 94402
[email protected]

If you are a member of our Evidation consumer platform community and would like to learn more about how we handle Personal Information collected and processed there, you can read more in our separate Privacy Notice for the platform, which is available at https://evidation.com/members-privacy.

Changes to this Notice

We may update this Notice, including the Supplemental Notice, from time to time to reflect changes or updates to our technology, data or privacy practices, and other factors, or otherwise at our discretion. Changes to this Notice will become effective when published in the revised Notice, unless otherwise noted. When we make material changes to this Notice, we will notify you by posting an updated Notice on our website and listing the date of the last revision.  Please check the “Last Updated” date at the top of this page to see when this Notice was last revised. Your continued use of the Services following the effective date of these changes indicates your consent to the practices disclosed in the updated Notice.

Download app