Version: 2
Last Updated: 08/04/2021

Privacy Policy



THIS PRIVACY POLICY APPLIES TO PERSONAL DATA BLUESLEEP COLLECTS FROM USERS OF THE BLUESLEEP PLATFORM (THE “PLATFORM”) AND ANY RELATED SERVICES (THE “SERVICES”).“PERSONAL DATA” INCLUDES ANY INFORMATION THAT CAN BE USED ON ITS OWN OR WITH OTHER INFORMATION IN COMBINATION TO IDENTIFY OR CONTACT ONE OF OUR USERS. WE BELIEVE THAT TRANSPARENCY ABOUT THE USE OF YOUR PERSONAL DATA IS OF UTMOST IMPORTANCE. IN THIS PRIVACY POLICY, WE PROVIDE YOU DETAILED INFORMATION ABOUT OUR COLLECTION, USE, MAINTENANCE, AND DISCLOSURE OF YOUR PERSONAL DATA. THE POLICY EXPLAINS WHAT KIND OF INFORMATION WE COLLECT, WHEN AND HOW WE MIGHT USE YOUR PERSONAL DATA, HOW WE PROTECT PERSONAL DATA, AND YOUR RIGHTS REGARDING YOUR PERSONAL DATA.

SOME OF THE PERSONAL DATA WE COLLECT AND TRANSMIT MAY BE CONSIDERED "PROTECTED HEALTH INFORMATION” OR “PHI” (INFORMATION THAT RELATES TO YOUR PAST, PRESENT, OR FUTURE PHYSICAL OR MENTAL HEALTH OR CONDITION(S); THE PROVISION OF HEALTH CARE TO YOU; OR THE PAST, PRESENT, OR FUTURE PAYMENT FOR THE PROVISION OF HEALTH CARE TO YOU). THEREFORE, OUR PRIVACY PRACTICES ARE INTENDED TO COMPLY WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (“HIPAA“), WHERE APPLICABLE. FOR ADDITIONAL INFORMATION RELATED TO HOW WE USE AND DISCLOSE YOUR PHI PLEASE CONTACT OUR DATA PRIVACY OFFICER AT [email protected].

BY SUBMITTING YOUR PERSONAL DATA THROUGH THE PLATFORM, YOU ARE ACKNOWLEDGING THAT YOU HAVE READ AND AGREE TO THE TERMS OF THIS PRIVACY POLICY. IF YOU DO NOT AGREE, PLEASE DO NOT SUBMIT ANY PERSONAL DATA TO US AND IMMEDIATELY CEASE USE OF THE SERVICES.

PLEASE NOTE THAT WE OCCASIONALLY UPDATE THIS PRIVACY POLICY AND THAT IT IS YOUR RESPONSIBILITY TO STAY UP TO DATE WITH ANY AMENDED VERSIONS. IF WE MODIFY THIS PRIVACY POLICY, WE WILL POST A LINK TO THE MODIFIED TERMS TO THE PLATFORM AND NOTIFY YOU VIA THE EMAIL ADDRESS YOU HAVE PROVIDED TO US. YOU CAN STORE THIS POLICY AND/OR ANY AMENDED VERSION(S) DIGITALLY, PRINT IT, OR SAVE IT IN ANY OTHER WAY. ANY CHANGES TO THIS PRIVACY POLICY WILL BE EFFECTIVE IMMEDIATELY UPON PROVIDING NOTICE, AND SHALL APPLY TO ALL PERSONAL DATA WE MAINTAIN, USE, AND DISCLOSE. IF YOU CONTINUE TO USE THE SERVICES FOLLOWING SUCH NOTICE, YOU ARE AGREEING TO THOSE CHANGES.

If You have any questions or concerns after reading this Privacy Policy, please do not hesitate to contact Us at [email protected]. We appreciate Your feedback.

If at any point You no longer agree to the use and disclosure of Personal Data, as described in this Privacy Policy, You can delete Your account by contacting Us at [email protected]. You may request removal of your Personal Data from our Services by contacting Us at [email protected].

Responsible Entity

Snooze Inc. (“We”, “Us”, “the Company”) is the owner of the Platform and controller of Your Personal Data and may process this data in accordance with this Privacy Policy. If We are processing Personal Data on behalf of a third party that is not an agent or affiliate of Company, the terms of this Privacy Policy do not apply—instead, the terms of that third party’s privacy policy will apply. You can contact Us with any questions about our Privacy Policy at [email protected].

What Personal Data do we collect?

The types of Personal Data We collect are described below.

Demographic Data

We collect demographic information, such as your name, birth date, phone number, physical address and email address. Primarily, the collection of Your Personal Data assists us in creating Your User Account, which You can use to securely receive the Services.

Support Data

If You contact Us for support or to lodge a complaint, We may collect technical or other information from You through log files and other technologies, some of which may qualify as Personal Data. (e.g., IP address). Such information will be used for the purposes of troubleshooting, customer support, software updates, and improvement of the Services in accordance with this Privacy Policy. Calls You make to Us may be recorded or monitored for training, quality assurance, customer service, and reference purposes.

Health Data  

In addition to demographic information, We will collect self-reported information regarding Your health conditions, age, gender, weight, height, medical history, symptoms, information from the sleep test contained in the sleep test kit BlueSleep provided to you upon sign up, and other relevant health information. We collect this information to provide you with the Services and We provide it a BlueSleep affiliated healthcare provider to enable the healthcare provider to diagnose and treat Your sleep apnea or other sleep disorder.

Insurance Information

We collect information regarding your health insurance coverage in order to facilitate reimbursement for the BlueSleep healthcare provider who provides Services to you through the Platform.

How will We use Your Personal Data?

We process Your Personal Data based on legitimate business interests, the fulfillment of Our Services to You, compliance with Our legal obligations, and/or Your consent. We only use or disclose Your Personal Data when it is legally mandated or where it is necessary to fulfill those purposes described herein. Where required by law, we will ask for your prior consent before doing so.

Specifically, we process Your Personal Data for the following legitimate business purposes:

●  To fulfill our obligations to You under the Terms of Use
●  To communicate with You about and manage Your User Account
●  To properly store and track Your data within our system
●  To respond to lawful requests from public and government authorities, and to comply with applicable state/federal law, including cooperation with judicial proceedings or court orders.
●  To protect Our rights, privacy, safety or property, and/or that of You or others by providing proper notices, pursuing available legal remedies, and acting to limit Our damages
●  To handle technical support and other requests from You
●  To enforce and ensure your compliance with Our Terms of Use or the terms of any other applicable services agreement We have with You or your employer
●  To manage and improve Our operations and the Platform, including the development of additional functionality
●  To evaluate the quality of service You receive, identify usage trends, and thereby improve Your user experience
●  To keep Our Platform safe and secure for You and for Us
●  To send You information about changes to our terms, conditions, and policies
●  To allow Us to pursue available remedies or limit the damages that We may sustain
●  To create anonymized and aggregated datasets based on Your Personal Data but which datasets cannot be used to identify You
●  To enable you to connect with (or share Personal Data with) the authorized healthcare provider who will monitor your progress and overall condition and follow up with you regarding your healthcare or health status.

Where is your Personal Data processed?

Personal Data We through the Platform will be stored on secure servers in the United States. Personal Data may be transmitted to third parties, which parties may store or maintain the data on their secure servers. These third parties are not permitted to transfer your Personal Data outside of the United States.

Will We share your Personal Data with anyone else?

Yes, with a healthcare provider with whom you choose to allow Us to share such Personal Data via the Platform.

We will share information you enter into the Platform, results of Your sleep study, as well as any reports generated by the Services based on the information you enter, with a healthcare provider with whom you choose to allow Us to share such information. If, at any point, you want to deny access to one or more third parties, you can do so by emailing [email protected].

Yes, with Your insurance provider

We will share relevant and required information with Your insurance provider in order for the BlueSleep healthcare provider to receive reimbursement for certain healthcare Services provided to You through the Platform.

Yes, with third parties that help us power our Services

We have a limited number of service providers and other third parties (“Business Partners”) that help Us run various aspects of Our business. These Business Partners are contractually bound to protect Your Personal Data and to use it only for the limited purpose(s) for which it is shared with Us. Business Partners’ use of Personal Data may include, but is not limited to, the provision of services such as data hosting, IT services, customer service, lab diagnostic services, and mail and package delivery services.  

Yes, with third parties and the government when legal or enforcement issues arise

We may share Your Personal Data, if reasonable and necessary, to (i) comply with legal processes or enforceable governmental requests, or as otherwise required by law; (ii) cooperate with third parties in investigating acts or omissions that violate this Privacy Policy or the Terms of Use; or (iii) bring legal action against someone who may be violating the Terms of Use or who may be causing intentional or unintentional injury or interference to the rights or property of BlueSleep or any third party, including other users of Our Services.

Yes, with third parties that provide advisory services

We may share your Personal Data with third parties that provide use services, including but not limited to, Our lawyers, auditors, accountants, or banks, when We have a legitimate business interest in doing so.

Yes, with third parties in the event of a reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of BlueSleep’s corporate entity, assets, or stock (including in connection with any bankruptcy or similar proceedings)

If We share Your Personal Data with a third party other than as provided above, You will be notified at the time of data collection or transfer, and You will have the option of not permitting the transfer.

How long do We retain Personal Data?

We will retain Your Personal Data for as long as You maintain a User Account and for only that amount of time required to comply with federal or state laws after the account is closed. The exact period of retention will depend on the type of Personal Data, Our contractual obligation to You, and applicable law. We keep Your Personal Data for as long as necessary to fulfill the purpose for which it was collected, unless otherwise required or necessary pursuant to a legitimate business purpose outlined in this Privacy Policy. At the end of the applicable retention period, We will remove Your Personal Data from our databases and will request that our Business Partners remove Your Personal Data from their databases. If there is any data that We are unable, for technical reasons, to delete entirely from our systems, we will put in place appropriate measures to prevent any further processing of such data. We retain anonymized data indefinitely.

NOTE: Once we disclose your Personal Data to third parties, we may not be able to access that Personal Data any longer and cannot force the deletion or modification of any such information by the parties to whom we have made those disclosures. Written requests for deletion of Personal Data other than as described should be directed to [email protected].

What is Our Cookie Policy?

Cookies are small files that a web server sends to Your computer or device when You visit a web application that uses cookies to keep track of your activity on that site. Cookies also exist within applications when a browser is needed to view certain content or display certain content within the application. Cookies hold a small amount of data specific to a web application, which can later be used to help remember information You enter into the application (like Your email or username), preferences selected, and movement within the application. If You return to a previously visited web application (and your browser has cookies enabled), the web browser sends the small file to the web server, which tells it what activity You engaged in the last time You used the web application, and the server can use the cookie to do things like expedite logging in and retrieving user data and keeping Your browser session secure.

We use cookies and other technologies to, among other things, better serve You with more tailored information, and to facilitate efficient and secure access to the Services. We only use essential cookies. Essential cookies are those necessary for Us to provide services to You. We have provided, below, a full list of Our cookies, categorized as described above. We have described the purpose of each, whether they are Our cookies or Third-Party cookies, and how to withdraw consent to their use. We have also indicated which cookies are “session cookies” (which last for as long as You keep Your browser open) and “persistent cookies” (which remain on Your hard drive until You delete them or they expire).

We may also collect information using pixel tags, web beacons, clear GIFs or other similar technologies. These may be used in connection with some website pages and HTML-formatted email messages to, among other things, track the actions of users and email recipients, and compile statistics about usage and response rates.

How can You “Opt Out” of Cookies?

If You prefer, You can usually choose to set Your browser to remove cookies and reject cookies. If You enable a do not track (DNT) signal or otherwise configure Your browser to prevent Us from collecting cookies, You will need to reenter Your username each time You visit the login page.

How do We Protect Your Personal Data?

We are committed to protecting the security and confidentiality of Your Personal Data. We use a combination of reasonable physical, technical, and administrative security controls to maintain the security and integrity of Your Personal Data, to protect against any anticipated threats or hazards to the security or integrity of such information, and to protect against unauthorized access to or use of such information in our possession or control that could result in substantial harm or inconvenience to You. However, internet data transmissions, whether wired or wireless, cannot be guaranteed to be 100% secure. As a result, We cannot ensure the security of information You transmit to Us. By using the Services, You are assuming this risk.

Safeguards

We store Your Personal Data on secure servers, and protect this data using a combination of technical, administrative, and physical security safeguards, such as authentication, encryption, backups, and access controls, in accordance with federal privacy laws. If We learn of a security concern, We may attempt to notify You and provide information on protective steps to mitigate any potential harm, if available, through the e-mail address that You have provided to Us. Depending on where You live, You may have a legal right to receive such notices in writing.

You are solely responsible for protecting information entered or generated via the BlueSleep that is stored on Your device and/or removable device storage. We have no access to or control over Your device’s security settings, and it is up to You to implement any device level security features and protections You feel are appropriate (e.g., password protection, encryption, remote wipe capability, etc.). We recommend that You take any and all appropriate steps to secure any device that You use to access Our Services.

NOTWITHSTANDING ANY OF THE STEPS TAKEN BY US, IT IS NOT POSSIBLE TO GUARANTEE THE SECURITY OR INTEGRITY OF DATA TRANSMITTED OVER THE INTERNET. THERE IS NO GUARANTEE THAT YOUR PERSONAL DATA WILL NOT BE ACCESSED, DISCLOSED, ALTERED, OR DESTROYED DESPITE THE IMPLEMENTATION OF OUR PHYSICAL, TECHNICAL, OR ADMINISTRATIVE SAFEGUARDS. THEREFORE, WE DO NOT AND CANNOT ENSURE OR WARRANT THE SECURITY OR INTEGRITY OF ANY PERSONAL DATA YOU TRANSMIT TO US AND YOU TRANSMIT SUCH PERSONAL DATA AT YOUR OWN RISK.

In instances where you have authorized the Company to use and disclose your Personal Data for certain purposes, you may withdraw your consent in the future. You may withdraw your consent by sending your request in writing to: [email protected] or Snooze Inc., 15 Broad Street, suite 2414, New York, NY 10005. Please note that your withdrawal will not be effective until We receive your request, and will not apply to uses and disclosures that We have already made in reliance on your consent.

How Can You Protect Your Personal Data?

In addition to securing Your device, as discussed above, We will NEVER send You an e-mail requesting confidential information such as account numbers, usernames, passwords, or social security numbers, and You should NEVER respond to any e-mail requesting such information. If You receive such an e-mail that looks like it is from Us, DO NOT RESPOND to the e-mail and DO NOT click on any links and/or open any attachments in the e-mail, and notify BlueSleep support at [email protected].

You are responsible for taking reasonable precautions to protect Your user ID, password, and other User Account information from disclosure to third parties, and You are not permitted to circumvent the use of required encryption technologies. You should immediately notify Us at [email protected] . if You know of or suspect any unauthorized use or disclosure of Your user ID, password, and/or other User Account information, or any other security concern.

Your rights

You have certain rights relating to your Personal Data, subject to local data protection laws. These rights may include:

●  to access Your Personal Data held by Us
●  to erase/delete Your Personal Data, to the extent permitted by applicable dataprotection laws
●  to receive communications related to the processing of Your personal data that are concise, transparent, intelligible and easily accessible;
●  to restrict the processing of Your Personal Data to the extent permitted by law (while we verify or investigate Your concerns with this information, for example);
●  to object to the further processing of Your Personal Data, including the right to object to marketing;
●  to request that Your Personal Data be transferred to a third party, if possible;
●  to receive Your Personal Data in a structured, commonly used and machine-readableformat;
●  to lodge a complaint with a supervisory authority;
●  to rectify inaccurate Personal Data and, taking into account the purpose of processing the Personal Data, ensure it is complete;
●  to not be subject to a decision based solely on automated processing, including profiling, which produces legal effects ("Automated Decision-Making"); and

Where the processing of Your Personal Data by BlueSleep is based on consent, You have the right to withdraw that consent without detriment at any time or to exercise any of the rights listed above by emailing Company Name at [email protected].

If you are a California resident, the California Consumer Privacy Act (“CCPA”) may apply to you. To the extent it applies, please see the CCPA attachment.

If you are an EU data citizen, the GDPR may apply to you. To the extent it applies, please see the GDPR attachment.

How can You update, correct, or delete Personal Data?

You can change your e-mail address and other contact information by contacting Us at [email protected]. If You need to make changes or corrections to other information, You may access the BlueSleep Platform portal and make changes in the Platform or contact Us at [email protected]. Please note that in order to comply with certain requests to limit use of Your Personal Data, We may need to terminate Your account and Your ability to access and use the Services, and You agree that We will not be liable to You for such termination or for any refunds of prepaid fees paid by You. You can deactivate your account by contacting Us at [email protected].

Although We will use reasonable efforts to do so, You understand that it may not be technologically possible to remove from Our systems every record of Your Personal Data. The need to back up Our systems to protect information from inadvertent loss means a copy of Your Personal Data may exist in a non-erasable form that will be difficult or impossible for Us to locate or remove.
‍WE AT BLUESLEEP VALUE YOUR PRIVACY AND ARE COMMITTED TO KEEPING YOUR PERSONAL DATA CONFIDENTIAL. WE USE YOUR DATA SOLELY IN THE CONTEXT OF PROVIDING YOU WITH ACCESS TO THE BLUESLEEP PLATFORM WHICH WILL ALLOW YOU TO SET UP APPOINTMENTS WITH HEALTHCARE PROVIDERS TREATING SLEEP APNEA AND OTHER SLEEP DISORDERS, ATTEND TELEVISITS WITH PROVIDERS, AND RECEIVE DEVICES TO HELP TREAT SLEEP APNEA.




SMS Service

At Bluesleep, your privacy is our topmost priority. The information you provide when opting into our SMS marketing service is utilized to send you text notifications/reminders about your appointments. No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.



Can You “OPT OUT” of receiving communications from Us?

We pledge not to market third party services to You without Your consent. The only emails We send to You without your consent are those regarding Your account or the Services. You can choose to filter these e-mails using Your e-mail client settings, but We do not provide an option for You to opt out of these e-mails.

If you consent to Our sending you marketing or other commercial emails or SMS text messages not related to your account and services, we will provide you with the option to opt out of such marketing emails and SMS text messages within the applicable message.

Information submission by minors

We do not knowingly collect Personal Data from individuals under the age of 18. Our Services are not directed to individuals under the age of 18. We request that these individuals not provide Personal Data to Us. If We learn that Personal Data from users less than 18 years of age has been collected, We will deactivate the account and take reasonable measures to promptly delete such data from our records. If You are aware of a user under the age of 18 using the Web Site, please contact Us at [email protected].

Contact Us

If You have any questions about this Privacy Policy, please contact Us by email at [email protected] or 15 Broad Street, suite 2414, New York, NY 10005. Please note that email communications are not always secure; so please do not include sensitive information in Your emails to Us.

CALIFORNIA CONSUMER PRIVACY ACT PRIVACY RIGHTS ADDENDUM

To the extent that the California Consumer Privacy Act applies to You, You have the following additional data privacy rights:

Privacy; Confidential Information

If You are an individual user and Your employer purchased the online service to which this Privacy Policy applies, all of the information described in this Privacy Policy is subject to Your employer’s policies regarding deletion, encryption, export, monitoring, passwords, and retention of data associated with the Services.

We may aggregate or de identify any Personal Data that We collect in connection with our Services, such that the information is no longer personally identifiable or attributable to You. We may use such aggregated information for Our own legitimate business purposes without restriction.

Sale of Information

We have not disclosed or sold Personal Data to third parties for a business or commercial purpose in the preceding 12 months, and we will not sell your Personal Data.

Your Rights:

You have the right
1. to request that We disclose what information We collect, use, disclose, and sell.
2. to request that We delete any Personal Data We have collected about You.

To submit a request for (1) or (2) above, you may email us at [email protected]

For your protection, any request you send to Us to delete your Personal Data is subject to the following verification procedure: We will require a written request from Your email on file.

We reserve the right to deny Your request if we cannot verify Your identity. If We deny Your request in whole or in part, We will notify You of the denial and provide the reasons for the denial.

We will not discriminate against you for exercising any of your above rights.

You may designate an authorized agent to make a request to exercise Your rights on Your behalf. Your authorized agent must be able to provide to Us proof of your authorization. For Your protection, We reserve the right to deny any request from an agent who does not submit proof that they have been authorized to act on Your behalf.

GENERAL DATA PROCESSING REGULATION RIGHTS ADDENDUM

If you are an EU data citizen, the GDPR may apply to the Personal Data We collect from you. If so, You have the following rights:

● to access Your Personal Data held by Us
●  to erase/delete Your Personal Data
●  to receive communications related to the processing of Your Personal Data that are concise, transparent, intelligible and easily accessible;
●  to restrict the processing of Your Personal Data to the extent permitted by law (while we verify or investigate Your concerns with this information, for example);
●  to object to the further processing of Your Personal Data, including the right to object to marketing;
●  to request that Your Personal Data be transferred to a third party, if possible;
●  to receive Your Personal Data in a structured, commonly used and machine-readable format
●  to lodge a complaint with a supervisory authority
●  to correct inaccurate Personal Data and, taking into account the purpose of processing the Personal Data, ensure it is complete
●  to not be subject to a decision based solely on automated processing, including profiling, which produces legal effects ("Automated Decision-Making"); and

Where the processing of Your Personal Data by BlueSleep is based on consent, You have the right to withdraw that consent without detriment at any time or to exercise any of the rights listed above by emailing Us at [email protected].

Contact Information

If you have any questions or comments about this notice, our Privacy Statement, the ways in which we collect and use your personal information, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us at:

Data Protection/HIPAA Privacy Officer
245 Fifth Avenue, 3rd floor
New York, NY 10016
[email protected]
212-683-0174