Psyntel Privacy Policy

Effective Date: 03/15/2024

This privacy policy (the “Policy”) is intended to inform you of the types of information Psyntel, Inc. (“we” or “us” or “Psyntel”) collects, as well as our policies and practices regarding the collection, use, and disclosure of that information through the web pages at www.psyntel.com (the “Site”) and the Psyntel Platform (“Platform”).

Please read this Policy carefully, because by using the Site and/or Platform, you are acknowledging that you understand and agree to the terms of this Policy, and consent to the types of information and the manner in which we may collect, use and disclose such information. If you do not agree to the terms of this Policy, please do not use the Site or Platform.

We reserve the right to change the provisions of this Policy at any time. We will alert you that changes have been made by indicating on the Policy the date it was last updated and we will use commercially reasonable efforts to notify you of all material changes. We encourage you to review this Policy from time to time to make sure that you understand how any information you provide will be used. Each time you access the Site or use the Platform, the most recent version of the Policy will apply. Your continued use of the Site or Platform following the posting of changes to these terms will mean you accept those changes.

We will ensure that all Personal Information (as defined below) that we collect and maintain will be (i) processed lawfully, fairly, and in a transparent manner; (ii) collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; (iii) adequate, relevant, and limited to what is necessary; (iv) accurate and kept up to date; and (v) processed in a manner that ensures appropriate security of the Personal Information, including protection against unauthorized or lawful processing and against accidental loss, destruction or damage.

In certain situations, we may be considered a Business Associate as defined by HIPAA (the federal Health Insurance Portability and Accountability Act) of certain Covered Entities (as also defined in HIPAA), and as such we may have certain federal, state and contractual restrictions on how we can use your Protected Health Information (“PHI”). When acting as a Business Associate, we may only use or disclose your PHI or Personal Information as required by law or as permitted by the [Business Associate Agreement](#businessassociate) (“BAA”) that we have in place with a specific Covered Entity. Please be aware that when you give other individuals access to your PHI or Personal Information, they may be able to use, reproduce, distribute, display, transmit, and/or communicate the data to others and the public. We shall not have any responsibility for access, use, or disclosure of your PHI or Personal Information by people you authorized to have access to your user account.

If you are using the Site or Platform in coordination with your physician or other healthcare provider (“Medical Provider”), you are granting access to and use of your PHI and Personal Information to the Medical Providers and study personnel. You expressly consent to the access, use and disclosures outlined in this paragraph.

I. Information we collect

Personal Information You Provide to Us

When you register for and access or use the Platform, we may collect (i) personal information, including name, email address, phone number, username, password, demographic information (such as age, height, weight, gender, occupation); (ii) information about your mental health including past and current diagnoses; and (iii) any other information that you may provide while accessing or using the Platform. All collectively referred to us “Personal Information”.

We only have access to and collect personal information that you voluntarily give us by filling out our online forms and surveys which are part of the Platform, granting us access to your health records, or via email or other direct contact from you, such as: your name, date of birth, telephone number, email address, and email preferences. Information collected via the Platform may include medication adherence, medication side effects, severity of depressive state, depressive symptoms, activity, and sleep data, including data obtained by third party devices and applications (such as fitness watch).

If you do not want this information to be shared with our employees, service providers and subcontractors, upon your request, we will not share your information. However, your ability to access and use the Site and/or Platform, and request services, may be limited or interrupted.

Information Collected by Automated Means

Whenever you use the Site, we and/or our service providers, may use a variety of technologies that automatically collect information about how the Site is accessed and used (“Usage Information”). Usage Information may include, in part, browser type, operating system, the page viewed, the time, how many users visited the Site, and the website you visited immediately before the Site. This statistical data provides us with information about the use of the Site, such as how many visitors visit a specific page on the Site, how long they stay on that page, which websites they are coming from and which hyperlinks, if any, they “click” on. Usage Information helps us to keep the Site user friendly and to provide visitor’s with readily accessible and helpful information. We may also use your Usage Information to troubleshoot issues with access or use of our Site. Usage Information is generally non-identifying, but if we associate it with you as a specific and identifiable person, we treat it as Personal Information.

We believe that such technology usage is fair, lawful, and proportional to the legitimate interest and needs of our business, and that our methodology fairly addresses each user’s legitimate rights and expectations in view of the context and purpose for the collection and use of the information collected.

II. How Do We Use Your Information?

We will use your information to respond to you regarding the reason you contacted us. We will also use your information as follows:

Registration – A user may need to complete a registration form and create an account with us in order to use certain aspects of our Site or Platform. During registration, a user is required to give certain information (such as name and email address). This information is used to contact you about the products/services on our Site and/or Platform in which you have expressed interest or subscribed to and allow you to easily update your Personal Information.

Customer Service – Unless you ask us not to, we may contact you via email in the future to tell you about changes to our services, or changes to this Policy.
If at any time you wish that we cease communication with you, please notify us using the contact information provided below in the “Contact Us” section.

III. Do We Share Your Information?

Except as provided herein, we will not trade, rent, share or sell your Personal Information to third parties. Please note that with the exception of certain limited information as specified in the Platform, your Medical Providers and clinicians will have access to the information that you input into the Platform. Specifically, your Medical Provider will be able see data you input around severity of depressive symptoms, function, mood, activity, and any data related to your treatment or diagnosis. Your Personal Information and PHI may be included by your Medical Provider as part of your health records and use of such information by your Medical Provider will be governed by your Medical Provider’s privacy and other policies.

Except as provided herein, unless you ask or provide your consent to do so, we will not share your Personal Information with any third party outside of our organization, except as necessary with our service providers and subcontractors in order to troubleshoot issues you may have with our Site, the Platform or your account. Only employees, service providers and subcontractors who need the Personal Information to perform a specific job are granted access to Personal Information. The computers/servers in which we store Personal Information are kept in a secure environment.

We will disclose Personal Information when we believe in good faith that such disclosures (a) are required by law, including, for example, to comply with a court order or subpoena, or (b) will help to: enforce our policies; protect your safety or security, including the safety and security of property that belongs to you; and/or protect the safety and security of our Site, the Platform us, our employees, our service providers, our subcontractors, other third parties, or equipment that belongs to us, our service providers, or our subcontractors. Disclosures in this limited scenario would be made to a court of law, law enforcement, or other public or government authority.

We may use non-identifiable anonymous data that is based on users’ access or use of the Site and/or Platform that may be used by us to improve the Site and/or the Platform. We may also use anonymized data based on your use of the Platform, including de-identified health data and combine such de-identified data with data or other anonymous data (“Aggregate Data”). Aggregate Data may include information that describes the habits, usage patterns, survey responses and/or demographic information of users as a group, but does not identify any particular users. We may provide anonymized data and Aggregate Data to our third party collaborators and partners.

Your Access to and Control Over Your Information

We offer you choices regarding the collection, use, and sharing of your Personal Information. Neither our Site nor Platform currently respond to browser-based do-not-track signals. You can choose to have your computer warn you each time a cookie is being set, or you can choose to turn off all cookies. You do this through your browser settings. Each browser is different, so look at your browser's Help menu to learn the proper way to modify your browser’s cookies setting.

If you disable cookies, some features may be disabled that make your Site experience more efficient and some of our services may not function properly.
You may do the following at any time by contacting us via the email address or mailing address provided on our Site:

• See what data we have about you; if any.
• Change or correct any data we have about you.
• Have us delete any data we have about you.

Your request will be processed within 30 days of the date on which we receive it.

If you do not want your information to be shared with our employees, service providers and subcontractors, upon your request, we will not share your information. However, your ability to access and use the Site and the Platform may be limited or interrupted.
IV. What Steps Do We Take to Protect Your Information?

We take measures designed to protect your Personal Information in an effort to prevent loss, misuse, and unauthorized access, disclosure, alteration, and destruction. We provide physical, electronic, and procedural safeguards to protect Personal Information we process and maintain. Please be aware, however, that despite our efforts, no security measures are perfect or impenetrable and no method of data transmission can be guaranteed against any interception or other types of misuse. Please advise us immediately if you believe your account has been accessed without your authorization. If you have reason to believe that your interaction with us is no longer secure, if you feel that the security of any account you might have with us might have been compromised, or if you suspect that someone else is using your account, please contact us immediately using the contact information provided below in the “Contact Us” Section.

V. Does This Policy Apply to Other Websites Linked to Or from the Site?

The Site or Platform may contain links to other websites. Any Personal Information you provide on linked pages or sites is provided directly to that third party and is subject to that third party’s privacy policy. This Policy does not apply to such linked sites, and we are not responsible for the content or privacy and security practices and policies of these websites or any other sites that are linked to or from the Site and/or the Platform. We encourage you to learn about their privacy and security practices and policies before providing them with Personal Information.

VI. Do We Collect Information from Children Under the Age of 13?

The Site and the Platform is not intended for use by children under the age of 13, and Psyntel does not knowingly collect or use any Personal Information from such children. If we become aware that we have unknowingly collected Personal Information from a child under the age of 13, we will make commercially reasonable efforts to delete such Personal Information from our database. If you become aware that we have collected such Personal Information, please let us know immediately by using the information provided below.

VII. What if I am resident of California?

Pursuant to the California Consumer Privacy Act (“CCPA”), we may collect the following categories of Personal Information:

• Identifiers, such as name and government-issued identifier
• Personal information, as defined in the California safeguards law, such as contact and financial information
• Characteristics of protected classifications under California or federal law, such as age, gender, medical conditions, and marital status
• Commercial information, such as transaction information and purchase history
• Internet or network activity information, such as browsing history and interactions with our websites
• Geolocation data, such as device location
• Audio, electronic, visual and similar information, such as call and video recordings

We may collect this Personal Information directly from California residents themselves, medical providers, or caregivers.

We may use this Personal Information for legitimate business purposes to operate, manage, and maintain our business, to provide our products and services, for our employment purposes, and to otherwise accomplish our business purposes and objectives. Our business purposes and objectives include, for example, developing, improving, repairing, and maintaining our products and services;, and marketing our products and services; conducting research, analytics, and data analysis; maintaining our facilities and infrastructure; undertaking quality and safety assurance measures; conducting risk and security controls and monitoring; detecting and preventing fraud; performing identity verification; performing accounting, audit, and other internal functions, such as internal investigations; complying with law, legal process, and internal policies; maintaining records; and exercising and defending legal claims.

We may disclose the following Personal Information to our affiliates and third parties, such as our service providers, for the operation of our legitimate business purposes:

• Identifiers, such as name and government-issued identifier
• Personal information, as defined in the California safeguards law, such as contact and financial information
• Characteristics of protected classifications under California or federal law, such as age, gender, medical conditions, and marital status
• Commercial information, such as transaction information and purchase history
• Internet or network activity information, such as browsing history and interactions with our websites
• Geolocation data, such as device location
• Audio, electronic, visual and similar information, such as call and video recordings

We have not “sold” Personal Information for purposes of the CCPA. For purposes of this CCPA Notice, “sold” or “sale” means the disclosure of Personal Information for monetary or other valuable consideration but does not include, for example, the transfer of Personal Information as an asset that is part of a merger, bankruptcy, or other disposition of all or any portion of our business.

If you are a California resident, you may request that we:

• Disclose to you the following information covering the 12 months preceding your request:
• The categories of Personal Information we collected about you and the categories of sources from which we collected such Personal Information
• The specific pieces of Personal Information we collected about you
• The business or commercial purpose for collecting Personal Information about you
• The categories of Personal Information about you that we otherwise shared or disclosed and the categories of third parties with whom we shared or to whom we disclosed such Personal Information
• Delete Personal Information we collected from you
• Correct any inaccurate Personal Information that we have collected

To make a request for the disclosures, deletion, or correction described above, please contact us at using the information provided below. In some instances, we may decline to honor your request where an exception applies, such as where the disclosure of Personal Information would adversely affect the rights and freedoms of another California resident.

You have the right to be free from unlawful discrimination for exercising your rights under the CCPA.

VIII. Miscellaneous

This Policy and the privacy practices of Psyntel will be subject exclusively to the laws of the United States. Please note that Psyntel uses cloud computing servers located in the United States. Psyntel makes no representation that this Policy and our practices comply with the laws of any other country or jurisdiction. Users of the Site who reside outside the United States do so on their own initiative and are responsible for compliance with local laws, if and to the extent local laws are applicable. If you reside outside of the United States, by using the Site or Platform, you consent to the transfer, processing, and use of your information outside of your country.

If we become involved in a merger, acquisition, or any form of sale of some or all of our assets, the Site, our Platform, and your information as collected, processed and maintained through our Platform may be included in the assets sold or transferred to the acquirer. You agree that we may transfer or assign the information we have collected about you in connection with any such event. In the event of a bankruptcy, insolvency, reorganization, receivership or assignment for the benefit of creditors, we may not be able to control how your personal information is treated, transferred, or used.

IX. Contact Us

If you have any questions about this Policy, please contact us at 1441 Woodmont Lane NW Suite 1104, Atlanta, GA 30318 or via email us at: team@psyntel.com. To exercise any of your rights in this Privacy Policy please contact us in writing, via email or postal mail as indicated above, so that we may consider your request under applicable law. Please be aware that your request will not be accepted for review unless you provide the following:

• The name, user ID, pseudonym, email address, or other identifier that you have used to use the Site or Platform, or if you are not a registered user of the service, or have not otherwise previously interacted with us, your first and last name and an address where we can correspond with you.
• State or Country in which you are located.
• Clear description of the information or content you wish to receive or to be deleted or corrected, or the action you wish to be taken; and
• Sufficient information to allow us to locate the content or information to be deleted, removed or corrected

For your protection, we may only implement requests with respect to the Personal Information associated with the particular email address that you use to send us your request.

In addition, please note that, depending on the nature of your inquiry, request or complaint, we may need to verify your identity before implementing your request and may require proof of identity, such as in the form of a government issued ID and proof of geographical address.
We will attempt to comply with your request as soon as reasonably practicable.