myStrength

WEB AND MOBILE PRIVACY POLICY

Last updated on February 17, 2021

Teladoc Health, Inc., on its own behalf and its affiliates and/or wholly owned subsidiaries including but not limited to Best Doctors, Inc., HealthiestYou, Inc., Advance Medical Inc., Livongo Health, Inc., myStrength, Inc., InTouch Technologies, and Teladoc Health Medical Group, P.A. (“Teladoc”, “we”, “us” “our”), is committed to maintaining the privacy of your Personal Information. This Privacy Policy describes the types of Personal Information we collect from visitors of our public websites and mobile applications and our practices for using, maintaining, sharing, and protecting it. It also describes the rights and choices you may have with respect to your Personal Information and how you may contact us about our privacy practices. This Privacy Policy applies to visitors to the following public websites that are owned and operated by Teladoc: www.teladoc.com, www.bestdoctors.com, www.askbestdoctors.com, www.healthiestyou.com, www.teladochealth.com, www.mystrength.com, www.advance-medical.net, www.livongo.com, www.intouchhealth.com, and their associated domains and mobile applications (collectively, the “Sites”). For the purposes of this Privacy Policy, “you” and “your” means you as the user of the Sites.

California residents should read the information available in Section 12 below about the categories of personal information to be collected from them and the purposes for which the personal information will be used.

This Privacy Policy does not apply to the collection and use of certain employment-related information. If you are a current or former Teladoc job applicant, employee, owner, director, officer, or contractor, please contact us at [email protected] for the appropriate notice.

This Privacy Policy also does not apply to information collected from visitors who register and log-in (“Members”) to the password-protected and secure portions of our Sites (“Secure Platforms”). The Secure Platforms allow eligible Members to perform certain transactions and use Teladoc’s services (such as telehealth and expert medical services). All information collected and stored by Teladoc or added by our Members into such Secure Platforms is considered Protected Health Information (“PHI”) and/or medical information and is governed by applicable state and federal laws that apply to that information, for example the Health Insurance Portability and Accountability Act (HIPAA). How Teladoc uses and discloses such PHI is in accordance with the applicable Notice of Privacy Practices for the associated Secure Platform. For example, if you have consented to importing data from HealthKit into the Secure Platform, you should review our Notice of Privacy Practices to understand how we use and disclose such PHI. Teladoc will not use or disclose information received from HealthKit for advertising, marketing, or other use-based data mining purposes and will not combine it with other data and will not sell it.

When using our Sites, you may choose to interact with features from third parties that operate independently from Teladoc, such as social media widgets and links to third-party websites. Teladoc has no control over and is not responsible for the privacy practices of such third parties. This Privacy Policy does not apply to the extent Teladoc does not own or control any linked websites or features you visit or use. We recommend that you familiarize yourself with the privacy practices of those third parties.

This Privacy Policy is not a contract and does not create any contractual rights or obligations.


Table of Contents

  1. Types of Personal Information We Collect
  2. How We Collect Personal Information
  3. How We Use Your Personal Information
  4. How We Share Your Personal Information
  5. Social Features
  6. Third Party Websites and Links
  7. Cookies and Information Used for Advertising
  8. Children’s Privacy
  9. Security of Personal Information
  10. Retention of Personal Information
  11. International Users
  12. Notice to California Residents
  13. Updating this Privacy Policy
  14. How to Contact Us

1. TYPES OF PERSONAL INFORMATION WE COLLECT

While using our Sites, you may provide us with certain information about you. We or our advertising partners also may automatically collect information through the use of cookies and other tracking technologies (see below).

Personal Information that we collect through your use of the Sites may include IP Address, Device ID, and online identifier. business contact information (if you provide us with such information). We may use that Personal Information and link it to Internet or other electronic network activity information, and we may draw inferences about you from the information we collect. We may also collect your name, title, business contact information, phone number, date of birth, state, country, zip code, your health plan, email address or login identification information only if you provide us with such information directly to us when you begin registration to use a Secure Platform or complete a web form seeking more information.

2. HOW WE COLLECT PERSONAL INFORMATION

We may collect Personal Information using the following methods:

  • Directly from you when you provide it to us (such as information you enter into web forms, inquiries, responses, activity on the Sites, and during registration to use a Security Platform).
  • From third parties, such as analytics and email marketing service providers.
  • Automatically through tracking technologies (cookies, web beacons, log files), including over time and across third-party websites or other online services.

“Cookies” are small files that a website stores on a user’s computer or device. The Sites may use cookies for various purposes, including to keep the information you enter on multiple pages together. Some of the cookies we use are “session” cookies, meaning that they are automatically deleted from your hard drive after you close your browser at the end of your session. Session cookies are used to optimize performance of the Sites and to limit the amount of redundant data that is downloaded during a single session. We also may use “persistent” cookies, which remain on your computer or device unless deleted by you (or by your browser settings). We may use persistent cookies for various purposes, such as statistical analysis of performance to ensure the ongoing quality of our services. We and third parties may use session and persistent cookies for analytics and advertising purposes, as described herein. Most web browsers automatically accept cookies, but you may set your browser to block certain cookies (see below). In accordance with applicable law, we may obtain your consent separately before collecting information by automated means using cookies or similar devices.

Our Sites may use Google Analytics, a vendor’s service that uses cookies, web beacons, web pixels and/or similar technology to collect and store anonymous information about you. You can learn more about Google Analytics’ privacy policy and ways to opt out from Google Analytics tracking by visiting Google Analytics’ website.

Our Sites may use Adobe’s analytics and on-site personalization services, which use cookies, web beacons, web pixels and/or similar technology to collect and store information about you or your device or browser. You can learn more about how Adobe may handle information collected through our use of its services, and your options for controlling this activity, by visiting Adobe’s website.

For more information about how we use Personal Information collected through tracking technologies and the ways you may be able to manage it, see below.

3. HOW WE USE YOUR INFORMATION

We may use your Personal Information for the following purposes:

  • Operate, maintain, supervise, administer, and enhance the Sites, including monitoring and analyzing the effectiveness of content on the Sites, aggregate site usage data, and other usage of the Sites such as checking your eligibility and assisting you in completing the registration process.
  • Provide you with a tailored and user-friendly experience as you navigate our Sites.
  • Promote and market our Sites to you.
  • To complete the activity you specifically asked for, e.g., register on a Secure Platform, obtain more information, request a demo, or request an RFP.
  • Conduct research on users’ demographics, interests, and behavior based upon information provided during use of our Sites.
  • Anonymize and aggregate information for analytics and reporting.
  • Respond to law enforcement requests and court orders and legal process and carry out our legal and contractual obligations and enforce our rights.
  • Authenticate use, detect potential fraudulent use, and otherwise maintain the security of the Sites and safety of users.
  • Develop, test, improve, and demonstrate the Sites.
  • Any other purpose with your consent.

4. HOW WE SHARE YOUR INFORMATION

We may share Personal Information with third parties in certain circumstances or for certain purposes, including:

  • For business purposes. We may share your Personal Information with vendors and service providers, including our data hosting and data storage partners, analytics and advertising providers, technology services and support, and data security. We also may share Personal Information with professional advisors, such as auditors, law firms, and accounting firms. We may disclose your name, email address, date of birth, phone number, and address if you provided it to us via a form on the website or during an incomplete or failed registration to Service Providers.
  • With your direction or consent. We may share your Personal Information with third parties if you request or direct us to do so. This includes your use of social media widgets on our Sites.
  • With affiliates within our corporate group. We may share your Personal Information with any subsidiaries within our corporate group.
  • Compliance with law. We may share your Personal Information to comply with applicable law or any obligations thereunder, including cooperation with law enforcement, judicial orders, and regulatory inquiries.
  • In the context of a transaction. We may share your Personal Information connection with an asset sale, merger, bankruptcy, or other business transaction.
  • For other business reasons. We may share your Personal Information to enforce any applicable Terms & Conditions and Terms of Use, and to ensure the safety and security of the Sites and/or our users.

We also may disclose deidentified information. Note that if you make any Personal Information publicly available on the Sites, anyone may see and use such information.

5. SOCIAL FEATURES

Certain features of the Sites permit you to initiate interactions between the Sites and third-party services or platforms, such as social networks (“Social Features”). Social Features include features that allow you to click and access Teladoc’s pages on certain third-party platforms, such as Facebook, Twitter and LinkedIn as applicable, and from there to “like” or “share” our content on those platforms. Use of Social Features may entail a third party’s collection and/or use of your data. If you use Social Features or similar third-party services, information you post or otherwise make accessible may be publicly displayed by the third-party service you are using. Both Teladoc and the third party may have access to information about you and your use of both the Sites and the third-party service.

6. THIRD PARTY WEBSITES AND LINKS

Our Sites may contain links to other online platforms operated by third parties. We do not control such other online platforms and are not responsible for their content, their privacy policies, or their use of your information. Information you provide on public or semi-public venues, including information you share on third-party social networking platforms (such as Facebook, LinkedIn or Twitter) may also be viewable by other users of the Sites and/or users of those third-party online platforms without limitation as to its use by us or by a third party. Our inclusion of such links does not, by itself, imply any endorsement of the content on such platforms or of their owners or operators except as disclosed on the Sites. We expressly disclaim any and all liability for the actions of third parties, including but without limitation to actions relating to the use and/or disclosure of Personal Information by third parties. Any information submitted by you directly to these third parties is subject to that third party’s Privacy Policy.

7. COOKIES AND INFORMATION USED FOR ADVERTISING

As discussed above, on our Sites, we may collect information about your online activities for use in providing you with advertising about products and services tailored to your individual interests. This section of our Privacy Policy provides details and explains how to exercise your choices. You may see certain ads on other websites because we participate in advertising networks. Ad networks allow us to target our messaging to users through demographic, interest-based and contextual means. These networks track your online activities over time by collecting information through automated means, including through the use of cookies, web server logs, and web beacons. The networks use this information to show you advertisements that may be tailored to your individual interests. The information our ad networks may collect includes information about your visits to websites that participate in the relevant advertising networks, such as the pages or advertisements you view and the actions you take on the websites. This data collection takes place both on our Sites and on third-party websites that participate in the ad networks. This process also helps us track the effectiveness of our marketing efforts.

Each type of web browser offers ways to restrict and delete cookies. For more information on how to manage cookies visit the appropriate link below.

Microsoft Internet Explorer

Microsoft Edge

Mozilla Firefox

Google Chrome

Apple Safari

You may disable or delete browser cookies through your browser settings. Cookies generally are easy to disable or delete, but the method varies between browsers. If you disable or delete cookies, or if you are running third-party software that intercepts or deletes cookies, please note that some parts of our Sites may not work properly.

You can opt out of third parties collecting your Personal Information for targeted advertising purposes in the United States by visiting the National Advertising Initiative’s (NAI) opt-out page and the Digital Advertising Alliance’s (DAA) opt-out page.

Your browser settings also may allow you to transmit a “Do Not Track” signal when you visit various websites. Some of the Sites may not be configured to respond to “Do Not Track” signals received from browsers. To learn more about “Do Not Track” signals, you can visit here.

If you have further questions regarding the specific information about you that we process or retain, as well as your choices regarding our collection and use practices, please contact us using the information listed below.

8. CHILDREN’S PRIVACY

Our Sites are not intended for children under 16 years of age, and we do not knowingly collect or sell Personal Information from children under 16. If you are under 16, do not use or provide any information on these Sites or through any of its features. If we learn we have collected or received Personal Information from a child under 16 without verification of parental consent, we will delete it. If you are the parent or guardian of a child under 16 years of age whom you believe might have provided us with their Personal Information, you may contact us using the below information to request that it be deleted.

9. SECURITY OF PERSONAL INFORMATION

We take steps to secure Personal Information through administrative, technical, and physical safeguards designed to protect against the risk of accidental, unlawful, or unauthorized destruction, loss, alteration, access, disclosure, or use. Unfortunately, we cannot guarantee the security of information transmitted through the Internet, and where we have given you (or where you have chosen) a password, you are responsible for keeping this password confidential.

10. RETENTION OF PERSONAL INFORMATION

We generally retain records only as long as necessary and as required for our business operations, for archival purposes, and/or to satisfy legal requirements. When determining the appropriate retention period for Personal Information, we take into account various criteria, such as the amount, nature, and sensitivity of the Personal Information; potential risk of harm from unauthorized use or disclosure; purposes for which we process your Personal Information; whether we can achieve those purposes through other means; and business operations and legal requirements. Because we maintain our Sites to protect from accidental or malicious loss and destruction, residual copies of your Personal Information may be retained in our backup and archival systems for a limited period of time, after which the information will be automatically deleted or put beyond use where deletion is not possible

11. INTERNATIONAL USERS

The Sites are controlled and operated by us from the United States and are not intended to subject us to the laws or jurisdiction of any state, country or territory other than that of the United States. Any information you provide to us through use of our Sites may be stored and processed, transferred between and accessed from the United States and other countries that may not guarantee the same level of protection of personal data as the one in which you reside. However, we will handle your Personal Information in accordance with this Privacy Policy regardless of where your Personal Information is stored/accessed.

12. NOTICE TO CALIFORNIA RESIDENTS

If you are a California resident, certain Personal Information that we collect about you is subject to the California Consumer Privacy Act (CCPA).

Please note that the CCPA does not apply to, among other things,

  • Information that is lawfully made available from federal, state, or local government records;
  • Consumer information that is deidentified or aggregated;
  • Medical information governed by the Confidentiality of Medical Information Act (Part 2.6 (commencing with Section 46) of Division 1) (CMIA) or protected health information that is collected by a covered entity or business associate governed by the privacy, security, and breach notification rules issued by the United States Department of Health and Human Services (HHS), Parts 160 and 164 of Title 45 of the Code of Federal Regulations, established pursuant to the Health Insurance Portability and Accountability Act of 1996 (Public Law 104-191) (HIPAA) and the Health Information Technology for Economic and Clinical Health (HITECH) Act (Public Law 111-5); or
  • A provider of health care governed by the CMIA or a covered entity governed by the privacy, security, and breach notification rules issued by HHS, established pursuant to HIPAA, to the extent the provider or covered entity maintains patient information in the same manner as medical information or protected health information under CMIA/HIPAA/HITECH Act.

Collection of Personal Information – Currently and in the Preceding 12 Months

We collect Personal Information as defined by the CCPA, which is information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. Personal Information does not include de-identified or aggregate information; publicly-available information that is lawfully made available from federal, state, or local government records; and information covered by certain sector-specific privacy laws.

Teladoc currently collects and has collected the following categories of Personal Information about consumers in the 12 months preceding the date this Privacy Policy was last modified:

  • Identifiers, Internet Protocol (IP) address, online identifier, device identifier.

We may collect yourname, email address, date of birth, phone number, and address only if you provided it to us via form on the website or during an incomplete or failed registration.

  • Commercial information, business contact information if you have provided it to us via a form (such to register for services, obtain more information, request a demo, request an RFP) on the website, including name, company name, physical address, email address, telephone, and fax number; information on actions taken on our Sites, which may include information about Sites considered and information about preferences and behavior that we collect on our Sites or purchase from third parties in order to target consumers for digital advertisements or to personalize content we deliver on our Sites.
  • Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with the Sites, applications, or advertisements.

Teladoc collects Personal Information from the following categories of sources:

  • Directly and indirectly from you, including through your interaction with the Sites
  • Social media platforms
  • Third party partners such as analytics or marketing providers
  • Automatically through tracking technologies.

See Section 2 for additional detail.

We may use your Personal Information for the following purposes:

  • Operate, maintain, supervise, administer, and enhance the Sites, including monitoring and analyzing the effectiveness of content on the Sites, aggregate site usage data, and other usage of the Sites such as checking your eligibility and assisting you in completing the registration process.
  • Provide you with a tailored and user-friendly experience as you navigate our Sites.
  • Promote and market our Sites to you.
  • To complete the activity you specifically asked for, e.g., register on a Secure Platform, obtain more information, request a demo, or request an RFP.
  • Conduct research on users’ demographics, interests, and behavior based upon information provided during use of our Sites.
  • Anonymize and aggregate information for analytics and reporting.
  • Respond to law enforcement requests and court orders and legal process and carry out our legal and contractual obligations and enforce our rights.
  • Authenticate use, detect potential fraudulent use, and otherwise maintain the security of the Sites and safety of users.
  • Develop, test, improve, and demonstrate the Sites.
  • Any other purpose with your consent.

Disclosure of Personal Information in the Preceding 12 Months

In the 12 months preceding the date of this Privacy Policy, Teladoc has shared Personal Information with the following categories of third parties and has disclosed the following categories of Personal Information for a business purpose, for commercial purpose, to comply law, in the context of a transaction, or for other business reasons:

  1. Personal Information Third Parties
    Identifiers We may disclose IP address,
    device ID, or online identifier
    to service providers,
    advertising networks,
    internet service providers,
    and/or data analytics
    providers. We may disclose
    name, email address, date
    of birth, phone number, and
    address if you provided it to
    us via form on the website or
    during an incomplete or
    failed registration to Service
    providers.
    Commercial
    information
    Service providers
    Internet or other
    electronic
    network activity
    information
    Service providers,
    advertising networks,
    internet service
    providers, and/or data
    analytics providers
    See Section 4 for additional detail. If you are a California resident, and in accordance with the CCPA, you have the right to:
    • Request to know and access the Personal Information we collect, use, and disclose;
    • Request deletion of Personal Information;
    • Opt-out of the sale of Personal Information; and
    • Not receive discriminatory treatment by Teladoc for exercising these rights.
    Requests to Know and Access You have the right to request that we disclose to you the following information:
    • Categories of Personal Information that Teladoc has collected about you, disclosed about you for a business purpose, or sold;
    • Categories of sources from which the Personal Information is collected;
    • Categories of third parties with whom Teladoc shares or to whom Teladoc sells Personal Information;
    • The business or commercial purpose for collecting and selling Personal Information; and
    • Specific pieces of Personal Information that Teladoc has collected about you.
    Instructions for submitting a verifiable request are provided below. You may only make a request for access twice within a 12-month period. Requests to Delete You have the right to request that we delete Personal Information about you that we have collected, subject to certain exceptions. Instructions for submitting a verifiable request are provided below. Requests to not sell your Personal Information Teladoc does not sell your Personal Information. During the past 12 months, we may have engaged in delivering online advertising that was tailored to your interests through the use of analytics and/or targeting cookies. We did not disclose data that would identify you by name, address, or phone number. Going forward, and before using analytics and/or targeting cookies, the Sites will deploy a banner seeking your consent, or opt-in, to the use of such cookies. How to Exercise Your Rights You may submit Requests to Know or Access and Requests to Delete in the following ways: By submitting a written request to: Privacy Officer
    Teladoc Health
    1250 Hancock Street
    Suite 501N
    Quincy, MA 02169 By sending an email to: [email protected] By calling our toll-free number: (855) 213-6709 As required under applicable law, we must take steps to verify your request before we can provide Personal Information to you, delete Personal Information, or otherwise process your request. To verify your request, we may require you to provide your name, physical address, email address, contact information, and information about your account or previous transactions with us. If you have only visited our public Sites and did not provide any Personal Information to us via a web form or through the registration process, we will need you to provide us with your IP address or device ID in order for us to determine if we have that information. We will not be able to determine if we have your IP address or device ID from your name, physical address, email address, contact information, or account information. We will further verify and respond to your request consistent with applicable law, taking into account the type and sensitivity of the Personal Information subject to the request. We may need to request additional Personal Information from you, such as your date of birth or government identifier, in order to protect against fraudulent requests. We will deliver Personal Information that we are required by law to disclose to you in the manner required by law within 45 days after receipt of a verifiable request, unless we notify you that we require additional time to respond, in which case we will respond within such additional period of time required by law. We may deliver the Personal Information to you electronically or by mail at your option. If electronically, then we will deliver the information in a portable and, to the extent technically feasible, in a readily useable format that allows you to transmit the information from one entity to another without hindrance. Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your Personal Information. You may designate an authorized agent to request any of the above rights on your behalf. You may make such a designation by providing the agent with written permission, signed by you, to act on your behalf. Your agent may contact us by the information provided in the “How to Contact Us” section below to make a request on your behalf. Even if you choose to use an agent, we may, as permitted by law, require verification of the agent’s authorization to act on your behalf, require you to confirm you have authorized the agent to act on your behalf, or require you to verify your own identity. Right to Nondiscrimination You have the right to be free from discriminatory treatment for exercising the privacy rights conferred by the CCPA, including not being: denied goods or services; charged different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties; provided a different level or quality of goods or services; or suggested that you will receive a different price or rate for goods or services or a different level or quality of goods or services.

    13. UPDATING THIS PRIVACY POLICY

    This Privacy Policy may be updated periodically to reflect changes in our privacy practices. It is your responsibility to review the Privacy Policy from time to time to view any such changes.

    14. HOW TO CONTACT US

    Should you have any questions about our privacy practices or this Privacy Policy, please email us at [email protected] or contact us at Privacy Officer
    Teladoc Health
    1250 Hancock Street, Suite 501N
    Quincy, MA 02169
    (855) 213-6709 (toll free)