Privacy Policy for CoreHealth Customer Websites

Introduction

CoreHealth and Wellness Checkpoint are products of the Carebook group of companies (hereinafter “Carebook“, “we” or “us“), formed by Carebook Technologies Inc. and its subsidiaries. We value your privacy and are committed to protecting your personal data in accordance with applicable data protection and privacy laws.

Carebook, as controller and/or processor of your personal data (see below), consists of the following companies:

Carebook Companies

Name	Registered Office Address	Corporation Number / Business Number	Contact Details
Carebook Technologies Inc.	410 Adelaide Street West, TORONTO, ON, M5V 1S8 Canada	1-334-4631	Privacy Officer: Demyan Hyworon EEA Representative: VeraSafe Ireland Ltd., Ireland
Corehealth Technologies Inc.	410 Adelaide Street West, TORONTO, ON M5V 1S8 Canada	866-396-2673
Infotech Inc.	410 Adelaide Street West, TORONTO, ON M5V 1S8 Canada	866-396-2673

This privacy policy applies to the personal data processed by Carebook from data subjects residing in the European Economic Area (EEA) via all products, services, websites and mobile applications offered by us in relation to CoreHealth and Wellness Checkpoint (the “Carebook Privacy Policy“). We collectively refer to these products, services, websites and mobile applications as the “Services“. Personal data is data that can be used to identify an individual person directly or indirectly.

Carebook will primarily act as the data processor for CoreHealth and Wellness Checkpoint (collectively the “Carebook Products“). However, in some cases Carebook could act as a data controller, please see sections 2 “To whom does this Carebook Privacy Policy apply to?” and 8 “Who is your data controller?” below.

1. To whom does this Carebook Privacy Policy apply to?

1.1 General

We refer to “you” a lot in this Carebook Privacy Policy. You can be considered either a “Sponsor” or a “User”. To better understand what information is most relevant to you, see the following useful definitions:

• Sponsor: You are selected by your company or organization (a “Sponsor Organization”) as point of contact and/or administrator with regard to the selected Carebook Product, and you only use the administrative features of the Carebook Products for example:
  • in your role as HR manager for an employer;
  • in your role as sales or product manager for an insurance company or other benefits provider and/or reseller of the Carebook Products.
• User: You are an end-user of either CoreHealth or Wellness Checkpoint, because your or your family members’ or other designated third persons’ employer, insurer or other benefits provider makes one of the Carebook Products available to you for your personal and/or professional use. We process your personal data primarily on behalf of Sponsor Organizations, as their Data Processor (see further explanations under title 2.3).

To create a transparent overview of the personal data we process about you, we will use the abovementioned definitions as categories and indicate where differences between CoreHealth and Wellness Checkpoint lie.

1.2 Sponsor

1.2.1 Which personal data do we process from Sponsors?

We may collect and process the following personal data that we received directly from you or from our other contacts within your organization:

• User account management: provisioning of accounts to administrator and reporting tools, such as DataBanker LIVE allowing to consult on-demand reports for Wellness Checkpoint;
• Contact information: such as your first name, last name, professional position, email address or other addresses, time zone, language, company information and registration information you provide to us via the use of our Services, an interaction with us, or by any other means that allows us to communicate with you;
• Account registration and contractual information: you need an account and contract with Carebook before you can use our Services and enroll our Services within your organization or resell them to other organizations. Our Services are mainly directed to Sponsor Organizations so when you register for an account, we collect certain information on your Sponsor Organization, such as its name, its registration number and its address. In this process we also collect the name, phone number, and email address of the legal representative(s) of the company/organization and of other contact persons within the account. Our contract may include limited additional personal data (e.g. signature);
• Billing information: we require you to provide the billing details of your Sponsor Organization, a name, address, e-mail address and financial information corresponding to your selected method of payment;
• Account settings: when you wish to enroll our Services within your Sponsor Organization, you are asked to provide us with information about individuals within your or your clients’ Sponsor Organization who can act as a User within the account. The information we may collect in this regard, is listed under Sections 2.3.1 and 2.3.2;
• Communication and Sponsor feedback: in engaging in and managing our contractual relationship, we will process communications sent to and received from you (e.g. email messages, messages sent via the contact form on our websites, letters, etc.). We may also request your feedback on our Services;
• Electronic identification and usage data: such as IP address, browser type, location data, via which webpage you arrived at our website, the type of device you use to visit our website, the web pages visited, the way you navigate on the web pages visited. This data is processed mainly through the use of cookies. For more details on the specific subject of cookies, please refer to our separate Cookie Policy for our main website (www.carebook.com), our Cookie Policy for our CoreHealth sales website (https://corehealth.flywheelstaging.com/) and our Cookie Policy for our Wellness Checkpoint sales website (https://wellnesscheckpoint.com/).

1.2.2 How we process your personal data and why?

We may collect and process the above personal data for the following purposes and based on the following legal grounds:

The processing is necessary to establish the services contract and to deliver the contractually agreed upon Services to your Sponsor Organization:

• This is the case for your account registration and contractual information, user account management, your billing information and your account settings to run your account, establish and manage our contractual relationship, provide you with our Services, bill you for our Services, provide you with customer support and contact you about your account or our Services, and to send you key communications of a transactional nature related to service announcements, billing related matters, changes to our Services or policies, a welcome e-mail upon your first registration as a Sponsor (communications of which you cannot opt-out).

The processing is necessary for the purposes of the legitimate interests pursued by Carebook:

• Promoting our commercial activities, by using your contact information to send marketing materials to you, via email or other channels, as part of our existing relationship with you as a Sponsor and for similar Services to the ones you have already purchased or requested from us, up to a reasonable time after your last purchase or use of our Services. You have an absolute right to object to this processing, after which we must stop this processing;
• The improvement of the Carebook Products based on your feedback on them as Sponsor, or analyzing your interest in products not yet offered with a view to the possible expansion of our offerings as a company, including through market research and customer satisfaction surveys;
• To ensure the possibility of the establishment, exercise or defense of legal claims or to otherwise enforce our rights in or outside court, if we believe that our interests are being harmed and legal or other proceedings are imminent (e.g., judicial collection of an unpaid invoice), or if legal action should be taken against us by a person who feels aggrieved by us (e.g., for organizing our defense against a liability claim for defects in the delivery of our Services).

The processing is necessary for compliance with a legal obligation to which Carebook is subject;

• As a company, we may be required to use your relevant personal data to fulfill our legal obligations, such as in terms of data protection and tax/accounting obligations.

1.2.3 Your rights

You may wish to exercise a right to obtain information about yourself or to correct, update or delete your personal data. Some of these rights may be subject to some exceptions or limitations in local law.

We will take reasonable steps to verify your identity and we will respond to your request to exercise these rights without undue delay (and in all cases within 1 month of receiving a request, which can be extended to 3 months only under the conditions provided by data protection laws). Below you can find a list of the Data Protection Rights you are entitled to exercise.

• You always have a right of access to your personal data. This allows you to check what personal data we process about you and to get a copy of it;
• You always have a right to rectify your personal data. This allows you to correct or complete incorrect or incomplete personal data that we process about you;
• You have a right to erasure of your personal data. This allows you to permanently delete personal data that we process about you. We are not always obliged to delete your personal data at your request – this right only applies in the cases and to the extent provided for by law;
• You have a right to restrict the processing of personal data relating to you. This allows you to freeze the use of your personal data by us, without deleting it. We are not always obliged to restrict your personal data at your request – this right only applies in the cases and to the extent provided for by law;
• You have the right to object to the processing of your personal data that is based on our or third parties’ legitimate interests. This allows you to oppose the further processing of your personal data. We are not always obliged to honor your objection, in particular when we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms.
  You always have the right to object to the processing of your personal data for direct marketing purposes (e.g. via clicking on the unsubscribe button);
• You have the right to withdraw your consent at any time where the processing of your personal data is carried out on the basis of your consent;
• You have the right to data portability. This allows you to transfer, copy or forward personal data easily from one data controller to another. This right can only be exercised if the processing is based on your consent or on an agreement we have with you.

If you wish to exercise any of the rights mentioned above, please send your request to our Privacy Officer via the contact details provided under title 1. In addition, Carebook has appointed representatives in the EEA for the CoreHealth and Wellness Checkpoint products, as required by the GDPR for data controllers and data processors without an EU establishment. You can find their contact details under title 1 as well and are free to address any queries regarding the processing of your personal data to them.

In addition to your Data Protection Rights mentioned above, you also have the right to lodge a complaint with your data protection supervisory authority. You can do so with the supervisory authority of the EEA member state where you usually reside, where you have your place of work or where the alleged infringement has taken place. For further information and the contact details of the supervisory authority of each EEA member state, please refer to this website page of the European Data Protection Board with all relevant contact details. In addition, you may always file a claim with the competent civil court for compensation.

1.3 User

As Carebook acts as a Data Processor regarding Users, Carebook will in principle only process their personal data as instructed by the relevant Sponsor Organization, who act as Data Controller regarding Users.

As an exception, the Sponsor Organization may contractually authorize us to process the personal data of Users of the Wellness Checkpoint product as Data Controller for our own benchmarking purposes. For these purposes, we utilize a separate benchmark database where de-identified, pseudonymous personal data is imported. In addition to pseudonymization we also clear personal data that is not necessary for achieving the benchmarking purposes and where possible, also make personal data less specific (e.g. if we have a city location of the User, only the country will be reported in the separate benchmarking database). As a result, after aggregation in our benchmarking database, we consider this data anonymized. Sponsor Organizations can access our benchmarking database and compare their own aggregated results against the also aggregated results of other companies in the same or similar sectors and/or with similar business properties.

Hereafter we will set out all processing activities that take place via the CoreHealth and Wellness Checkpoint products, for which we act as Data Processor. As this Carebook Privacy Policy addresses two products provided by Carebook, we address the data collection by these products with regards to our Users separately (see 2.3.1 and 2.3.2).

1.3.1 CoreHealth: Personal data we collect from our Users

We may process the below personal data from Users of CoreHealth. The extent to which we process these categories of personal data from you, will depend on your specific situation, such as your preferences, the features you decide to use on the Carebook Products, and the data you add to your profile.

• User account details:
  • Account set-up data: such as your first name, last name, organization codes, employee identifier, membership number, department and working location, health plan participation codes, function, gender, date of birth, provided to us by the Data Controller for setting-up your User account (the exact dataset will depend on the configuration as determined by the Sponsor).
  • Content and activities related data: calendar, ongoing and completed challenges, goals, lessons, activities, coaching programs, activities as volunteer, rank and leaderboard positions, progress, messages and comments, likes.
  • Rewards related data: account balance and redeemed gift cards and other earned rewards.
  • User profile and account personalization: username, first name, last name, nickname, avatar / profile picture, date of birth, time zone, language, address, contact details (mobile phone and e-mail address), e-mailing preferences for updates and program information, and notification settings, security question, as managed by you via the user profile menu.
  • Communications: personal inbox consisting of received and sent messages.
• Electronic identification and usage data:
  • such as IP address, browser type, location data, via which webpage you arrived at our web platform, the type of device you use to visit our web platform, the web pages visited, the way you navigate on the web pages visited. This data is processed mainly through the use of cookies. Whether analytic cookies are being used, depends on the choice of the Data Controller. For more details on the specific subject of cookies, please refer to our separate Cookie Policy for the CoreHealth web platform.
  • Identifiers and usage data (e.g. counted daily steps) from linked devices or applications such as fitness trackers and devices on which the mobile application is accessed.
  • Technical data necessary for the operation of the product (e.g. traffic volumes for capacity planning).
• Health and lifestyle data:
  • data collected via your responses on our health risk assessment questionnaires, such as health-related habits and parameters (e.g. smoking, nutrition, work-life balance, mental wellbeing, social life, blood pressure, stress levels), consumption data (e.g. fluids and food intake, use of alcohol), physical exercise (e.g. daily/weekly amounts), physical properties (e.g. gender, birth date, weight, height and other measurements, cholesterol levels, and health-related interests inferred from your responses (e.g. chronic diseases), and pre-existing medical conditions (e.g. diabetes);
  • outcome of health risk assessment questionnaires: risk factors and levels (e.g. exercise, smoking), points of attention and recommendations.
  • data collected via your participation in healthy living programs, including through surveys (e.g. spending habits, stress levels, happiness);
  • physical activity tracked and logged in the product.

1.3.2 Wellness Checkpoint: Personal data we collect from our Users

We may process the below personal data from Users of Wellness Checkpoint. The extent to which we process these categories of personal data from you, will depend on your specific situation, such as your preferences, the features you decide to use on the Carebook Products, and the data you add to your profile.

• User account details:
  • Account set-up data: such as your first name, last name, organization codes, employee identifier, membership number, department and working location, health plan participation codes, function, gender, date of birth, provided to us by the Data Controller for setting-up your User account (the exact dataset will depend on the configuration as determined by the Sponsor).
  • Content and activities related data: calendar, ongoing and completed challenges, goals, lessons, activities, coaching programs, activities as volunteer, rank and leaderboard positions, progress, messages and comments, likes.
  • Rewards related data: account balance and redeemed gift cards and other earned rewards.
  • User profile and account personalization: username, first name, last name, nickname, avatar / profile picture, date of birth, time zone, language, address, contact details (mobile phone and e-mail address), e-mailing preferences for updates and program information, and notification settings, security question, as managed by you via the user profile menu.
  • Communications: personal inbox consisting of received and sent messages.
• Electronic identification and usage data:
  • such as IP address, browser type, location data, via which webpage you arrived at our web platform, the type of device you use to visit our web platform, the web pages visited, the way you navigate on the web pages visited. This data is processed mainly through the use of cookies. Whether analytic cookies are being used, depends on the choice of the Data Controller. For more details on the specific subject of cookies, please refer to our separate Cookie Policy for the CoreHealth web platform.
  • Identifiers and usage data (e.g. counted daily steps) from linked devices or applications such as fitness trackers and devices on which the mobile application is accessed.
  • Technical data necessary for the operation of the product (e.g. traffic volumes for capacity planning).
• Health and lifestyle data:
  • data collected via your responses on our health risk assessment questionnaires, such as health-related habits and parameters (e.g. smoking, nutrition, work-life balance, mental wellbeing, social life, blood pressure, stress levels), consumption data (e.g. fluids and food intake, use of alcohol), physical exercise (e.g. daily/weekly amounts), physical properties (e.g. gender, birth date, weight, height and other measurements, cholesterol levels, and health-related interests inferred from your responses (e.g. chronic diseases), and pre-existing medical conditions (e.g. diabetes);
  • outcome of health risk assessment questionnaires: risk factors and levels (e.g. exercise, smoking), points of attention and recommendations.
  • data collected via your participation in healthy living programs, including through surveys (e.g. spending habits, stress levels, happiness);
  • physical activity tracked and logged in the product.

1.3.3 CoreHealth: how we process your personal data and why?

Hereunder you can find a general description of the processing purposes for CoreHealth. However, the Sponsor Organization is free to enable or disable modules, and to add customized content. For more specific information adapted to the specific set-up of the product in your case, please contact the Data Controller.

Via CoreHealth, we may collect and process the above personal data for the following purposes:

• we need to fulfill our contractual responsibility to deliver the Services to the Sponsor Organization and to you as eligible User: the core services of CoreHealth consist of the provision of a highly customizable wellness platform (via web platform and mobile application) with the aim of connecting Users within an organization and increasing their health, happiness, and personal satisfaction, including by:
  • Carrying out questionnaire-based health-risk assessments, based upon the model selected or provided by the Sponsor Organization, with the aim of providing insight into potential future health risks and the potential impact of positive lifestyle changes.
  • Making available the Sponsor Organization’s health and wellness library for your consultation and allowing you to rate and add content to your favorites. Thereby we will display tailored content, based upon logic-based checks (your health status as deduced from the data you insert into the product) and your preferences. Conditional content is primarily provided by the Sponsor Organization, who sets the conditions under which they display (e.g. Users located within certain countries may be given information about local programs offered to them; information about quitting smoking will be presented only to Users who indicated they are smoker).
  • Allowing the Sponsor Organization to organize and allowing you to partake in corporate or organizational health challenges and other health-related contests and events (e.g. regarding walked steps, performed healthy activities, water hydration level). Doing so you can be eligible to earn points which can be traded in for rewards provided by the third-party service providers selected by the Sponsor.
  • Allowing the Sponsor Organization to set up health-related coaching programs and you to partake in and follow-up on them with your coach.
  • Allowing you to track your health-related habits and activities based upon self-reporting.
  • Allowing you to connect your personal devices (e.g. fitness tracker) and to automatically import your relevant personal data into the product.
  • Delivering email and text notifications to you, based upon your preferences as communicated to us via the user profile menu.
  • Making available in-app chatting and conferencing, and e-mail and text messaging, for communication with other Users within your organization.
  • Providing technical support.
  • As described in our separate CoreHealth Cookie Policy.

1.3.4 Wellness Checkpoint: how we process your personal data and why?

Hereunder you can find a general description of the processing purposes for Wellness Checkpoint. However, the Sponsor Organization is free to enable or disable modules, and to add customized content. For more specific information adapted to the specific set-up of the product in your case, please contact the Data Controller.

Via Wellness Checkpoint, we may collect and process the above personal data for the following purposes:

• we need to fulfill our contractual responsibility to deliver the Services to the Sponsor Organization and to you as eligible User: the core services of Wellness Checkpoint consist of the provision of a wellness platform (via web platform and mobile application) focused on health risk assessments, including by:
  • Carrying out questionnaire-based health-risk assessments, based upon the model selected or provided by the Sponsor Organization, with the aim of providing insight into potential future health risks and the potential impact of positive lifestyle changes. We provide Sponsor Organizations with aggregated reports on the results of health risk assessments conducted under its Users, as to allow Sponsor Organizations to draw general conclusions on health risks that may be relevant for (sub-)population(s) consisting of its employees / customers / other beneficiaries. Based upon these reports, the Sponsor Organization may engage in general health campaigns such as with the aim of motivating and supporting its employees, customers or other beneficiaries to quit smoking. For further explanations, please refer to title 2.3.6;.
  • Making available our or the Sponsor Organization’s health and wellness library for your consultation. Thereby we will display tailored content, based upon logic-based checks (your health status as deduced from the data you insert into the product) and your preferences. Conditional content is primarily provided by the Sponsor Organization, who sets the conditions under which they display (e.g. Users located within certain countries may be given information about local programs offered to them; information about quitting smoking will be presented only to Users who indicated they are smoker).
  • Allowing you to set up your personal health challenges and other health-related goals (e.g. physical exercise).
  • Allowing you to track your health-related habits and activities based upon self-reporting.
  • Allowing you to connect your personal devices (e.g. fitness tracker) and to automatically import your relevant personal data into the product.
  • Delivering in-app and text notifications to you, based upon your preferences as communicated to us via the user profile menu.
  • Providing technical support.
  • As described in our separate Wellness Checkpoint Cookie Policy.

1.3.5 Based upon which legal grounds do we process your personal data?

The Sponsor Organization is responsible, as Data Controller over your personal data, for determining the appropriate legal bases for processing your personal data via the CoreHealth and Wellness Checkpoint products. In general, the Sponsor Organization will process your personal data, as detailed in this Carebook Privacy Policy, based upon your consent (as use of the products is completely optional and voluntary) and its legitimate interests. For the use of relevant features, additional consents will be requested where necessary under data protection laws.

Your health data, as a ‘special category of personal data’, is processed based upon your separate, explicit consent, requested before your first use of the product and upon the use of relevant features involving such health data.

For more detailed explanations on the legal bases for processing your personal data in your specific case, please directly contact the Data Controller.

1.3.6 To which personal data does the Data Controller have access?

The access rights of the Data Controller to your personal data depend upon the enrolled product(s), and its configuration which may be customized at the request of the Sponsor Organization:

• CoreHealth:
  • the Data Controller’s designated administrators may have access to individualized data on the use of CoreHealth by each User. However, as access is controlled through a role-based permission system, the Data Controller can reconfigure roles to restrict access rights. For more information on the access rights currently in place according to the configuration put in place at the direction of the Data Controller, please directly contact your Data Controller;
• Wellness Checkpoint:
  • the Data Controller does not have, nor will they have, access to individualized health data processed via Wellness Checkpoint as contained in responses to health risk assessments. The Data Controller only receives such data on an aggregated level to ensure an adequate level of data protection for our Users, in the form of reports that show aggregate values and group trends. As default setting, we only report results on a minimum group of 5 individuals, however the Data Controller is free to further increase this threshold.
  • Other personal data may however be shared with the Data Controller on an individualized basis, when this is necessary for the provision of our Services and as foreseen in the applicable Terms of Use. In particular, this may be the case where the Data Controller wants to award all or a select amount of employees who fill in the health risk assessment with an incentive or reward. When you are eligible for or entitled to such reward, and provide your consent insofar deemed necessary by the Data Controller, we will provide your name and contact details to our relevant contact person with the Data Controller or directly to the incentive provider selected by the Data Controller.

1.3.7 Your rights

If you are a User, you will need to reach out directly to the company or organization acting as Data Controller, to exercise your Data Protection Rights. We are not in control of your data and, accordingly, are not in a position to directly handle these requests in relation to your personal data, unless as specifically instructed by the Sponsor Organization. If you are having difficulties finding the Sponsor Organization, you can contact us through the contact details provided under title 1, and we will try our best to help you and forward the request as necessary.

If this feature is enabled by the Data Controller, you can directly request account deletion by clicking the ‘Delete profile’ button in the user profile menu.

2. Do we share personal data with third parties?

We only use the personal data we receive for the purposes described above. In that regard, we may need to share your personal data with third parties, other than the Sponsor Organization, so-called ‘recipients’:

• 2.1 External service providers: we may use external service providers to provide or perform services and functions on our behalf. We may make personal data available to them solely to perform these services and functions, whereby these parties will act as our (sub-)processor (such as providers of data centers and customer support services). We have taken the necessary technical and organizational measures to ensure compliance with data protection provisions and also require external service providers to do so. You can find the list of our (sub-)processors below:
  • 2.1.1 Microsoft Azure is our cloud provider for the CoreHealth and Wellness Checkpoint products. However, the personal data is only being processed by Microsoft in encrypted format so that there is no access to any readable, unencrypted personal data.
  • 2.1.2 Intuit Inc. is our provider for the Mandrill e-mailing service, a MailChimp add-on which we use on the CoreHealth and Wellness Checkpoint products to send one-to-one transactional emails triggered by user actions.
  • 2.1.3 Twilio Inc. is our provider for SMS services which we use on the CoreHealth platform to send one-to-one transactional SMS triggered by user actions.
  • 2.1.4 Cloudflare is our provider for protection against DDoS attacks and bad bots, web application firewall (WAF), protection against infrastructure attacks and other website security services. Cloudflare scans web traffic for attack patterns, known attack tools, suspicious patterns, protocol violations, requests causing large amounts of origin errors, excessive traffic hitting the origin or cache, and additional attack vectors.
• 2.2 Authorities and justice system: we may also make personal data available to public or judicial authorities, law enforcement personnel and agencies as required by law, including to meet national security or law enforcement requirements, and including to agencies and courts in the countries where we operate. Where permitted by law, we may also disclose such information to third parties (including legal counsel) when necessary for the establishment, exercise or defense of legal claims or to otherwise enforce our rights, protect our property or the rights, property or safety of others, or as needed to support external audit, compliance and corporate governance functions;
• 2.3 Potential acquirers of Carebook: in the event of a sale, merger, liquidation, dissolution, or other, certain personal data may be disclosed to the party (and/or its legal counsels) acquiring all or part of the equity or assets of Carebook or its business operations. If this proves to be necessary, we will take the necessary precautions (e.g. need-to-know-basis only, enter into confidentiality agreements and apply other industry best practices) to protect your privacy at all times.
• 2.4 For Users: additionally, the relevant personal data of Users, may be shared with the following third parties at the request and direction of the Data Controller, in which case any necessary additional agreements will be concluded:
  • 2.4.1 third-party service providers as selected by the Data Controller, including incentive providers and client vendors, e.g. when trading in points for gift cards or other rewards, or in the context of a raffle, contest or other event. For more information on relevant initiatives and data exports and transfers to third parties taking place in this regard in your specific case, please directly contact the Data Controller.

3. Do we transfer personal data outside of the European Economic Area (EEA)?

Carebook, provider of the Carebook Products, is based in Canada and maintains datacenters in Canada, the United States and Germany. Carebook ensures that its products have an appropriate level of protection satisfying the GDPR requirements that apply when personal data leaves the EEA. The default location for the storage of personal data of Users, and the provision of account administration and support services, is Canada. Carebook ensures that any data transfer to Canada is in compliance with the Adequacy decision between the EU and Canada. In addition, transfers of personal data to the United States may take place in the context of our usage of the Microsoft Azure cloud service (offered by Microsoft Corporation) and the Mandrill e-mailing service (offered by Intuit Inc.), under the EU-US Data Privacy Framework.

4. How long do we retain personal data?

We may retain your personal data no longer than necessary for the purposes for which they were collected or as required by applicable law.

If you are a Sponsor, we generally do not delete the data in your account as long as your account is active in order to maintain and expand our relationship with you and in order to provide proof and evidence concerning our relationship with you. Once your account becomes inactive we will retain your personal data as long as necessary to comply with our legal obligations.

If you are a User, your personal data will be retained in accordance with the instructions of the Data Controller. By default, your data will be retained until the provision of our Services to the Sponsor Organization is terminated. However, you are free to file a request to delete your personal data with the Data Controller at any time.

5. Data portability

If you are a Sponsor, this means that you are also the data owner. It is completely your decision on where and with whom your data must reside. You can contact us to help you export the data and transfer it to the third parties designated by you.

6. Security

We apply appropriate technical, physical and organizational measures that are reasonably designed to protect personal information against accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access, and against other unlawful forms of processing. Access to personal data is restricted to authorized recipients on a need-to-know basis. We maintain a comprehensive information security program that is proportionate to the risks associated with the processing. The program is continuously adapted to mitigate operational risks and to protect personal information, taking into account industry-accepted practices.

7. Who is your data controller?

The data controller determines the purposes and means of the processing of your personal data. You can determine your data controller based on the following:
If you are a Sponsor, it is either yourself or your Sponsor Organization who has provided us with your relevant personal data, in your capacity as point of contact and/or administrator with regard to the selected Carebook Product. Carebook will process that information as a Data Controller as described under title 2.2, as this processing activity relates to the commercial activity of Carebook. As Data Controller, we will directly address requests in relation to these processing activities.

If you are a User of the Carebook products, it is your or your family members’ or other designated third persons’ Sponsor Organization (employer, insurer or other benefits provider) who has provided us with the necessary personal data to set up your User account (see titles 2.3.1 and 2.3.2 for the personal data that may be provided to us in this context). You can reach out to your organization in case of any questions or concerns as they will act as Data Controller and be responsible for answering any requests related to the processing of your personal data within this context, whereby we may provide specific assistance at the request of the Data Controller. Therefore, to exercise the above rights or for any other questions or concerns, please directly contact the designated privacy, HR or account management contact persons within the Data Controller’s organization as communicated to you by it. Alternatively, you may also contact us via the contact details provided under title 1, in which case we will redirect your question, request or complaint to the relevant organization acting as controller over your personal data for further follow-up.

8. Unsubscribe from our communication

If you want to unsubscribe, as a User, from our marketing communications, you can do so by clicking on the “Unsubscribe” link provided at the bottom of the emails, updating your communication preferences, or by sending an email to us via the contact details provided under title 1.

Please note that Users cannot unsubscribe from transactional emails which relate to their account or the provision of the Services.

As a User, you can manage your preferences in terms of notifications and communications, at all times via the user profile menu.

9. Changes to this Carebook Privacy Policy

We may update this Carebook Privacy Policy from time to time. In circumstances where a change will materially change the way in which we collect or use your personal data, we will send a notice of this change to all Sponsors and Users.

10. Do you have any questions, a complaint or you want to exercise your rights?

If you have any comments, questions, complaints or if you wish to exercise any of the rights mentioned above, please do not hesitate to contact our Privacy Officer or our representatives in the European Economic Area (EEA) via the contact details provided under title 1.