Privacy Policy
Last updated July 8, 2024
STAT Health Informatics, Inc. dba Lumia™, Lumia Health™, Lumia™, and Lumia Health™ ("STAT," "we," or "us") respects your privacy and is committed to being transparent about our privacy practices. This Privacy Policy describes the types of information we may collect from you when you visit our website at www.lumiahealth.com, or any subdomain thereof, or visit or use our mobile application, known as “Lumia,” including any content or functionality offered on or through any of the foregoing (collectively, the “Application”), or when you access or use the online services we make available on the Application (the “Service”). This Privacy Policy also describes our practices for collecting, using, maintaining, protecting, and disclosing such information.
This Privacy Policy applies to information we collect on the Application, in email, text, or other electronic messages between you and the Application, and through your access to or use of the Service through the Application. Except as otherwise expressly set forth herein, it does not apply to information collected by us offline or through any other means, including on any other website operated by us or any third party, nor to information collected by any other third party, including through any application or content (including advertising) that may link to or be accessible from or on the Application or the Service.
Please read this Privacy Policy carefully before you start to use the Application or the Service to understand our policies and practices regarding how we treat your information. By accessing or using the Application or the Service in any manner, you accept and agree to be bound by this Privacy Policy. If you do not agree with any terms of this Privacy Policy, you may not access or use the Application or the Service for any purpose.
This Privacy Policy may change from time to time (see Updates to Our Privacy Policy, below). Your continued use of the Application or the Service after we make changes is deemed to be acceptance of those changes, so please check the policy periodically for updates.
Privacy of Children
The Application and the Service are not intended for or directed to children. No one under age 16 may provide any information to or on the Application or the Service. We do not knowingly collect or solicit personal information from children under age 16. If you are younger than 16 years of age, do not use or provide any information on the Application or through the Service or any of its features, register on, or make purchases through, or use any of the interactive features of the Application or the Service, or provide any information about yourself to us, including your name, address, telephone number, email address, any biometric data or metrics, or any screen name, user name, or any other identifier you may use. If we learn we have collected or received personal information from a child under age 16, we will delete that information. If you believe we might have any information from a child younger than 16 years of age, please contact us at support@lumiahealth.com.
Information We Collect
When you access the Application or use the Service, we collect certain information about you. This may include information by which you may be personally identified, such as your name, email address, and birth date, as well as information that is about you but may not specifically identify you, such as your gender, certain biometric information and information about your medical history, as well as information about your internet connection, the device you use to access the Application or Service, and usage details, IP addresses, and other information collected through certain tracking technologies (collectively, "personal information").
Information You Provide Us
We collect personal information from various sources, such as directly from you when you access or use the Application or the Service. This may include:
- information that you provide by filling in forms on the Application or through the Service. This includes information provided at the time of registering to use the Application, subscribing to the Service, or requesting further information or services.
- information that you input to the Service to facilitate the tracking and analysis of certain health metrics through the Service, including, without limitation, information regarding your age, gender, height, weight, symptoms, activity level, diagnosis, intake of fluids, medications, and supplements.
- information and content (including, without limitation, videos and images of the user’s left ear) that you provide to facilitate the custom fitting of the wearable device.
- information you provide when setting up our wearable device for use in connection with the Service, including your WiFi’s service set identifier (SSID) and password.
- information that you provide when you utilize our wearable device and connect that device to the Service, including, without limitation, heart rate and other blood flow-related metrics.
- information that you provide when you enter a contest or promotion sponsored by us, or when you report a problem with the Application or the Service.
- information that you provide when seeking customer or technical support.
- records and copies of your correspondence (including email addresses), if you contact us.
- your responses to surveys and questionnaires that we might ask you to complete for research purposes.
- details of transactions you carry out through the Application or the Service, including your purchase of any Service subscription. If you purchase a Service subscription or purchase a place in a waiting list or pre-sale, you may be required to provide financial information at the time you place the order through the Application.
- your search queries on the Application.
Information We Collect by Automatic Means
When you navigate through and interact with the Application, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:
- information about the devices you use to access the Application (such as the IP address and the type of the device, operating system, and web browser);
- dates, times, and duration of use of the Application (including whether you are a repeat or first time visitor);
- information on actions taken when using the Service (such as page views and website navigation patterns); and
- certain geolocational information.
In addition, we may use third-party web analytics services to help us understand your use of the Application and the Service and the popularity of certain content so we can improve your experience. For more information on our use of third-party analytics services, see Third Party Providers below.
Information we collect automatically may be statistical data that does not include personal information. We may maintain or associate any such statistical data with personal information we collect in other ways or receive from third parties. It helps us to estimate our audience size and usage patterns, speed up user experience, and improve and personalize the Service, including enabling us to identify and authenticate users. To the extent that we associate any of this non-personal information with your personal information, we will treat it as personal information under the terms of this Privacy Policy.
Technologies we use for automatic data collection may include cookies. A cookie is a small file placed on your smartphone or on the hard drive of your computer, as applicable. Portions of our Application and our emails may also contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity). For information on our use of cookies and how you can opt out, see Your Choices, below.
Information Provided by Third Party Applications.
If you choose to sign up or log in to the Service using a third party service or application such as Facebook, Google, or Apple, or to connect your STAT user account with any such service or application, we may collect information from such third-party service or application, such as your public profile information, username, and email address. You can choose to unlink your account from a third-party service at any time through your STAT user account or by modifying the permissions within your third-party service account.
Third-Party Use of Cookies and Other Tracking Technologies
Some content or applications on the Application are served by third parties, including content and application providers. These third parties may use cookies alone or in conjunction with web beacons or other tracking technologies to collect information about you when you use our Application. The information they collect may be associated with your personal information or they may collect information, including personal information, about your online activities over time and across different websites and other online services. They may use this information to provide you with interest-based (behavioral) advertising or other targeted content.
We do not control these third parties' tracking technologies or how they may be used. If you have any questions about any targeted content, you should contact the responsible provider directly.
How We Use the Information We Collect
We may use information we obtain about you, or that you provide to us:
- to provide you with our services, including, without limitation, to provide analytics and insights with respect to the data you provide;
- to process orders you place and to complete transactions you initiate through the Application;
- to provide you with information or materials you request;
- to custom-fit the wearable device;
- to respond to your questions and comments and provide customer or technical support;
- to communicate with you about our products, services, offers, and promotions;
- to operate, evaluate, and improve our business and the products and services we offer;
- to analyze trends and statistics regarding use of the Application and the Service and activities supported by the same;
- to facilitate user authentication with respect to the Application and/or the Service;
- to protect against and prevent fraud, unauthorized transactions, claims, and other liabilities, and manage risk exposure, including by identifying potential hackers and other unauthorized users;
- to enforce our Terms of Service and other agreements;
- to comply with applicable legal requirements and industry standards; and
- for any other purpose for which you provide your consent.
We may also use your information to contact you about, or display advertising with respect to, the Service, including (without limitation) through providing you with STAT newsletters and other publications. If you do not want us to use your information in this way, please email support@lumiahealth.com. For more information, see Your Choices, below.
How We Share Your Personal Information
We may disclose aggregated information about our users, and information that does not identify any individual user, without restriction.
We may disclose personal information that we collect or you provide (as described in this Privacy Policy):
- to our subsidiaries and affiliates;
- to contractors, service providers, and other third parties we use to support our business (see Third Party Providers, below);
- to comply with any court order, law, or legal process, including to respond to any government or regulatory request;
- to enforce or apply our Terms of Service and other agreements;
- if we believe disclosure is necessary or appropriate to protect the rights, property, or safety of STAT, users of the Application or Service, and/or others;
- for any other purpose which is incidental to the normal use of the Service; and
- for any other purpose for which you provide your consent.
We also reserve the right to transfer your personal and other information to a buyer or other transferee in the event of a merger, divestiture, restructuring, reorganization, dissolution, sale, or other transfer of some or all of our assets. Should such a sale, merger, or transfer occur, we will use reasonable efforts to direct the transferee to use your information in a manner that is consistent with our Privacy Policy.
Third Party Providers
Without limiting the foregoing, we may also employ or otherwise utilize third party companies and individuals to facilitate our Application and our provision of the Service, and to process data, perform Application-related services, or to assist us in analyzing how the Service is used (collectively, “Third Party Providers”). These Third Party Providers may have access to your personal information for purposes of performing these tasks on our behalf, and may have the right to retain and use personal information or other information through performance of these tasks on an aggregated and de-identified basis in accordance with the terms of the applicable Third Party Provider’s privacy policy. We advise you to review the privacy policies of the Third Party Providers, but note that we have no control over and assume no responsibility for the content, privacy policies or practices of any Third Party Providers, their websites or services.
Third Party Providers may include, but are not limited to, the following:
-
Google Analytics. Google Analytics is an independent web analytics service offered by Google that tracks and reports application traffic. Google uses the data collected to track and monitor the use of our Application. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network. You can learn about Google’s privacy practices at https://www.google.com/intl/en/policies/privacy.
You may opt out of the aggregation and analysis of data collected about you on our Application by Google Analytics by downloading the Google Analytics opt-out browser add-on, available at https://tools.google.com/dlpage/. Please note that if you opt out, analytics companies other than Google Analytics may continue to aggregate and analyze data collected about you on the Application.
- Amazon Web Services. We may use Amazon Web Services for the provisioning of certain infrastructure on which we store data. You can learn about Amazon Web Services’ privacy practices at https://aws.amazon.com/privacy/?nc1=f_pr.
- Stripe. Stripe may be used to process payments when you make a purchase through the Application or the Service. You can learn about Stripe’s privacy practices at https://stripe.com/privacy.
- Memfault. We may use Memfault to collect fault logs and other operational data with respect to the Service and associated hardware. You can learn about Memfault’s privacy practices at https://memfault.com/privacy-policy/.
- MailChimp. We may use MailChimp to facilitate our email communications with users and to track user interactions with our emails. You can learn about MailChimp’s privacy practices at https://www.intuit.com/privacy/statement/.
- Tally. We may use Tally to conduct surveys and administer questionnaires with respect to the Service. You can learn about Tally’s privacy practices at https://tally.so/help/privacy-policy.
- Facebook. We may use Facebook to authenticate you as a user and to allow you to log-in and access the Service through your Facebook account. You can learn more about Facebook’s privacy practices at https://www.facebook.com/privacy/policy/.
- Google. We may use Google to authenticate you as a user and to allow you to log-in and access the Service through your Google account. You can learn more about Google’s privacy practices at https://policies.google.com/privacy?hl=en-US.
- AppleID. We may use Apple to authenticate you as a user and to allow you to log-in and access the Service using your AppleID. You can learn more about Apple’s privacy practices at https://www.apple.com/legal/privacy/data/en/apple-id/.
Security
STAT takes protecting your information seriously, and has implemented reasonable measures to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. However, the safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to the Service or certain parts of the Application, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
Please note that the electronic transmission of information is not completely secure. We cannot guarantee that the security measures we have in place to safeguard information will never be defeated or fail, or that such measures will always be sufficient or effective. Any transmission of information is at your own risk.
Information and Data Transfers
The Service is administered by STAT in the United States. When we obtain information about you through your access to or use of the Application or the Service or when you input or import information to the Service from somewhere other than the United States, we may transfer, process, and store such information in the United States. If you access the Application and/or Service from outside the United States, you do so on your own initiative, at your sole risk, and you are responsible for compliance with all applicable laws. If you are a non-United States resident and provide us with your personal information, or if you use the Service, you consent to the transfer to and processing of such information in the United States, which may have data protection laws less stringent than those in the country in which you reside.
Your Choices
We strive to provide you with choices regarding the personal information you provide to us. We have created mechanisms to provide you with the following control over your information:
Cookies. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. If you disable or refuse cookies, please note that some parts of the Application and the Service may then be inaccessible or not function properly.
Emails. STAT may send Service updates, Service notifications, promotional information (including, without limitation, STAT newsletters) and other communications to you via email. Promotional email communications will contain instructions describing how you can opt out of receiving future promotional emails from us. You may also email us at support@lumiahealth.com to be removed from our mailing list. If you opt out of promotional emails, you may continue to receive non-promotional, transactional emails from us.
Limiting Provided Information. You can choose not to provide us with certain information. If you decline to provide certain information, however, please note that some features of the Application and/or Service may then be inaccessible or not function properly.
“Do Not Track” Requests
Some web browsers have a “Do Not Track” feature. This feature lets you tell websites you visit that you do not want to have your online activity tracked. These features are not yet uniform across browsers. The Application is not currently set up to respond to those signals.
Third Party Applications and Websites
The Application and/or Service may contain links enabling the electronic transfer of data from third-party applications to the Application or the Service, as well as links to third-party websites. STAT is not responsible for the privacy practices or content of these applications or websites, and linking to an application or website does not constitute endorsement by us of that application or website. You should review the privacy policy and terms and conditions of any such third-party application or website prior to using or providing information to the same.
Accessing and Correcting Your Information
Except as otherwise required under applicable law, we will retain your personal information only for so long as required to fulfill the purposes set forth herein and in our Terms of Service, after which time your personal information will be deleted or deidentified. You may also send us an email at any time at support@lumiahealth.com to request access to, correct, or delete any personal information that you have provided to us. Please note, however, that we may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.
Your State Privacy Rights
California Residents. California Civil Code Section 1798.83, also known as the "Shine The Light" law, permits our users who are California residents to request and obtain from us, once a year and free of charge, information about categories of personal information (if any) we disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which we shared personal information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to us by email at support@lumiahealth.com or write to us at the mailing address set forth at the end of this Policy.
Colorado, Connecticut, Virginia, and Utah Residents. Colorado, Connecticut, Virginia, and Utah each provide their state residents with rights to: (i) confirm whether we process their personal information; (ii) access and delete certain personal information; (iii) data portability; and (iv) opt-out of personal data processing for targeted advertising and sales. Additionally, Colorado, Connecticut, and Virginia also provide their state residents with rights to: (v) correct inaccuracies in their personal information, taking into account the information's nature and processing purpose; and (vi) opt-out of profiling in furtherance of decisions that produce legal or similarly significant effects. To exercise any of these rights please submit your request in writing to us by email at support@lumiahealth.com or write to us at the mailing address set forth at the end of this Policy.
Nevada Residents. Nevada provides its residents with a limited right to opt-out of certain personal information sales. Residents who wish to exercise this sale opt-out right may submit a request in writing to us by email at support@lumiahealth.com or to the mailing address set forth at the end of this Policy. However, please know that we do not currently sell data triggering that statute’s opt out requirements.
Updates to Our Privacy Policy
STAT reserves the right to change this Privacy Policy at any time. If we make a material change to this Privacy Policy, we will communicate these changes to you either via email (if we have your email address) or by posting a notification on the Application. The date this Privacy Policy was last revised is at the top of this page. We encourage you to review this Privacy Policy periodically to check for any updates or changes.
Contact Us
If you have any questions about this Privacy Policy or our information practices, please email us at support@lumiahealth.com or write to us at:
STAT Health Informatics, Inc.
119 Braintree Street, Suite 301
Allston, MA 02134