Privacy Policy

Last Updated: May 1, 2017

This privacy policy (this “Policy”) describes the collection of personal information by Thistle Health Inc., a Delaware corporation (“Thistle,” “Company,” “we,” or “us”) from users that access or use the websites, mobile applications or blogs provided by us (collectively, (the “Sites”), as well as all related applications, widgets, software, tools, and other services provided by us and on which a link to this Policy is displayed (collectively, together with the Site, our “Services”).

This Policy also describes our use and disclosure of such information. By using our Services, you consent to the collection, use, and disclosure of Personal Information (as defined below) in accordance with this Policy. This Policy is incorporated by reference into the Company Terms of Use and subject to the provisions of the Terms of Use. Thistle reserves the right to change or modify this Privacy Policy at any time and in our sole discretion. If we make changes to this Privacy Policy, we will provide notice of such changes, such as by sending an email notification, providing notice through the Sites or updating the “Last Updated” date at the beginning of this Privacy Policy. We encourage you to review this Privacy Policy whenever you use or access the Sites or Services or otherwise interact with us to stay informed about our information practices and the ways you can help protect your privacy.

Personal Information

Personal Information,” as used in this Policy, is information that specifically identifies an individual, such as an individual's name, address, telephone number, or e-mail address. Personal Information also includes information about an individual’s activities, such as information about his or her activity on our Services, and demographic information, such as date of birth, gender, geographic area, and preferences, when any of this information is linked to Personal Information that identifies that individual. Personal Information does not include “aggregate” or other non-personally identifiable information. Aggregate information is information that we collect about a group or category of products, services, or users that is not personally identifiable or from which individual identities are removed. We may use and disclose aggregate information, and other non-personally identifiable information, for various purposes.

This Policy does not apply to the practices of third parties that we do not own or control, including but not limited to any third party websites, services and applications ("Third Party Services") that you elect to access through the Services or to individuals that we do not manage or employ. While we attempt to facilitate access only to those Third Party Services that share our respect for your privacy, we cannot take responsibility for the content or privacy policies of those Third Party Services. We encourage you to carefully review the privacy policies of any Third Party Services you access.

Collection of Information

Collection of Voluntarily-Provided Information

We collect Personal Information that our users provide to us in a variety of ways on our Services. These include the following:

Information We Collect Automatically

When you access or use the Services, the types of information we may automatically collect about you include:

Information from Other Sources

We may receive information about you, including Personal Information, from third parties, and may combine this information with other Personal Information we maintain about you. If we do so, this Policy governs any combined information that we maintain in personally identifiable format.

Use of Personal Information

We use Personal Information to provide services and information that you request; to enhance, improve, operate, and maintain our Services, our programs, services, Web sites, and other systems; to prevent fraudulent use of our Services and other systems; to prevent or take action against activities that are, or may be, in violation of our Terms of Use or applicable law; to tailor advertisements, content, and other aspects of your experience on and in connection with the Services; to maintain a record of our dealings with you; for other administrative purposes; and for any other purposes that we may disclose to you at the point at which we request your Personal Information, and pursuant to your consent.

We may also use Personal Information you provide to contact you regarding products, services, and offers, both from ourselves and from our third party promotional partners, that we believe you may find of interest. We allow you to opt-out from receiving marketing communications from us as described in the “Choice” section below.

Use of cookies: The Thistle.co website uses cookies, tracking pixels and related technologies. Cookies are small data files that are served by our platform and stored on your device. Our site uses cookies dropped by us or third parties for a variety of purposes including to operate and personalize the website. Also, cookies may also be used to track how you use the site to target ads to you on other websites.

You can opt out of receiving targeted advertising via www.aboutads.info or networkadvertising.org/choices

Disclosure of Personal Information

Except as described in this Policy, we will not disclose your Personal Information that we collect on the Services to third parties without your consent. We may disclose information to third parties if you consent to us doing so, as well as in the following circumstances:

Service Providers

We may disclose Personal Information to third-party service providers (e.g., payment processing and data storage and processing facilities) that assist us in our work. We limit the Personal Information provided to these service providers to that which is reasonably necessary for them to perform their functions, and we require them to agree to maintain the confidentiality of such Personal Information.

Public Areas and Syndicated Services

Some features on our Services may allow you to upload, post, or otherwise transmit User Materials to public areas of the Services, such as content that you post in a public profile on the Services. We may make these User Materials available for display upon Company properties that are not governed by this Policy, as well as to services operated by third parties that display content from the Website (collectively, “Syndicated Services”). Please be aware that any Personal Information that you include within any User Materials will be made available to other users of the Services, and to users of Syndicated Services, who view it. You include Personal Information in User Materials at your sole risk. We may allow you to select privacy options that limit access to some types of Personal Information in User Materials, but no security measures are impenetrable or perfect. Additionally, even after information posted on the Website is removed, caching and archiving services may have saved that information, and other users or third parties may have copied or stored the information available on the Services. We cannot warrant or guarantee that any Personal Information that you provide on and in connection with the Services will not be accessed, viewed, or used by unauthorized persons.

Business Transfers

Information about our users, including Personal Information, may be disclosed and otherwise transferred to an acquirer, or successor or assignee as part of any merger, acquisition, debt financing, sale of company assets, or similar transaction, as well as in the event of an insolvency, bankruptcy, or receivership in which Personal Information is transferred to one or more third parties as one of our business assets.

To Protect our Interests

We also disclose Personal Information if we believe that doing so is legally required, or is in our interest to protect our property or other legal rights (including, but not limited to, enforcement of our agreements), or the rights or property of others, or otherwise to help protect the safety or security of our Services and other users of the Services.

Choice

If you receive commercial e-mail from us, you may unsubscribe at any time by following the instructions contained within the e-mail. You may also opt-out from receiving commercial e-mail from us, and any other promotional communications that we may send to you from time to time (e.g., by postal mail) by sending your request to us by e-mail at hello@thistle.co or by writing to us at the address given at the end of this policy. Additionally, if we offer user account functionality on the Services, we may allow you to view and modify settings relating to the nature and frequency of promotional communications that you receive from us.

Please be aware that if you opt-out of receiving commercial e-mail from us, it may take up to ten business days for us to process your opt-out request, and you may receive commercial e-mail from us during that period. Additionally, even after you opt-out from receiving commercial messages from us, you will continue to receive administrative messages from us regarding our Services.

Access

If we offer the ability to create user accounts or profiles on our Services, you may have the ability to access and update many categories of personal information that you provide to us by logging in to your account and accessing your account settings. If you wish to access or amend any other personal information we hold about you, you may contact us at hello@thistle.co.

If you request that we delete your account on any of our Services (via a user settings page, by e-mail, or otherwise), we will do so within a reasonable period of time, but we may need to retain some of your Personal Information in order to satisfy our legal obligations, or where we reasonably believe that we have a legitimate reason to do so.

Links

The Services may contain links to other Web sites, products, or services that we do not own or operate. The Services also may contain links to Third-Party Sites such as social networking services. If you choose to visit or use any Third-Party Sites or products or services available on or through such Third-Party Sites, please be aware that this Policy will not apply to your activities or any information you disclose while using those Third-Party Sites or any products or services available on or through such Third-Party Sites. We are not responsible for the privacy practices of these Third-Party Sites or any products or services on or through them. Additionally, please be aware that the Services may contain links to Web sites and services that we operate but that are governed by different privacy policies. We encourage you to carefully review the privacy policies applicable to any Web site or service you visit other than the Services before providing any Personal Information on them.

International Visitors

Our servers and data centers are located in the United States. If you choose to use the Services from outside the U.S., then you should know that you are transferring your Personal Information outside of your region and into the U.S. for storage and processing. By providing your Personal Information to us through your use of the Service, you agree to that transfer, storage, and processing in the U.S. Also, we may transfer your data from the U.S. to other countries or regions in connection with storage and processing of data, fulfilling your requests, and operating the Services. You should know that each region can have its own privacy and data security laws, some of which may be less stringent as compared to those of your own region.

Security

We use reasonable security measures that are designed to protect personal information from accidental loss, disclosure, misuse, and destruction. Please be aware, however, that no data security measures can be guaranteed to be completely effective. Consequently, we cannot ensure or warrant the security of any information that you provide to us. You transmit information to us at your own risk.

Updates to this Policy

We may occasionally update this Policy. When we do, we will also revise the “last updated” date at the beginning of the Policy. Your continued use of our Services after such changes will be subject to the then-current policy. If we change this Policy in a manner that is materially less restrictive of our use or disclosure of your Personal Information, we will use reasonable efforts to notify you of the change and to obtain your consent prior to applying the change to any Personal Information that we collected from you prior to the date the change becomes effective. We encourage you to periodically review this Policy to stay informed about how we collect, use, and disclose personal information.

Your California Privacy Rights

California law permits residents of California to request certain details about how their information is shared with third parties for direct marketing purposes. If you are a California resident, you may request this information once per calendar year by writing to us at Thistle Health Inc., Attn: General Counsel, 1663 Mission Street, Ste. 720, San Francisco, CA 94103.

Contacting Us

If you have any questions or comments about this Policy, please send us a detailed message using the following contact information:

Thistle Health Inc., 1345 4th Street, Berkeley, CA 94107

hello@thistle.co