Hinge Health, Inc. and its affiliates (“Hinge Health”) are deeply committed to protecting the privacy and security of our customers’ data.
This policy applies to information we collect:
through the Services; and
via email, text, or other electronic messages between you and any employee or agent of Hinge Health.
Should you have any questions about this policy or our practices, please send an email to firstname.lastname@example.org.
Telephone Consumer Protection Act
Hinge Health may provide you with notices, including those related to your enrollment or use of the Services, including but not limited to by email, postal mail, SMS, MMS, text message, or other reasonable means now known or hereinafter developed. Hinge Health will provide notice and request consent to receiving text messages at the point of collection for mobile phone numbers. By providing Hinge Health with your telephone number, this gives Hinge Health consent to send you text messages regarding your purchase(s), or for other non-telemarketing purposes, made by an automatic telephone dialing system.
You understand that you may receive email as part of using the Services, and while Hinge Health encrypts all email communications, your email server may not guarantee encryption. If your email provider does not encrypt email, you accept the risk that some PHI could be acquired by someone else.
You understand that you may receive text messages (SMS) as part of using the Services, such as a reminder about an upcoming appointment. SMS messages are encrypted by Hinge Health in transit to your cell phone provider, but cell providers do not guarantee encryption of SMS messages that are stored on your behalf. By using the Services you accept the risk that some PHI could be intercepted by someone else targeting your SMS communications or seen by individuals who have access to your mobile device.
Types of Information Collected
Hinge Health collects the following types of information about our website users: automatically collected information and personal information.
Automatically collected information may include the name of the domain used to access the internet; an internet protocol (IP) address, which can reveal geographic information; the date and time of a website visit; URLS of pages visited on Hinge Health’s website; if present and available, the internet address of the website visited before; and characteristics of devices (such as operating system, web browser, and screen resolution).
Personal information includes identifying information such as your name, e-mail address or other contact information, and whether you are enrolled in your employer sponsored group health plan. Hinge Health collects other personal information about you through the Services including when you voluntarily provide it to us. In connection with your use of the Services, we may also collect or access medical records from your past, current, and future health care providers. This may include information about your existing or past diagnoses, previous treatments, general health, laboratory or pathology test results and reports, social histories, family medical history, and records about phone calls or emails related to your health or test results. If you choose to go through our screening process and/or register for the Services we ask you to provide personal information, including but not limited to: your name, address, telephone number and/or email address, height, weight, and health information in connection with the use of our products or services. We also collect information that will allow you to establish a username and password. You may choose not to provide us with certain information, but that may result in our inability to provide you access to the Services.
How to Review and Change Your Personal Information
If you create a Hinge Health account, you may review your personal information by visiting the Hinge Health mobile applications and accessing the “Settings menu.” To change or remove any information, please contact us through the application, or at email@example.com.
How We Use and Disclose Information That We Collect Online
By using the Services you consent to and authorize Hinge Health and its affiliates to disclose your eligibility for and participation in the Services (i.e., that you meet the enrollment criteria for the Services and that you have elected at your own discretion to participate) among themselves and to others, such as: Hinge Health senior management and administrators, your personal Hinge Health coach (your “Hinge Coach”) and other users of Hinge Health’s Services. In particular, these entities may be able to access a range of information about you, such as your first and last name, picture, and participation in Hinge Health’s program. Moreover, based on Hinge Health’s deployment model, you may be placed into a group of users with similar characteristics who may be co-workers or acquaintances (your “Peer Group”) who will be able to view such information. Only information you explicitly consent to be visible to the peer group will be shared. By default, only your first name is shared, and you may choose to use a pseudonym instead of your real first name.
Other uses include:
(a) Internal Uses - We may use information we collect about you to:
Administer your account, including your assignment and enrollment in your Peer Group;
Allow your Hinge Coach to personalize your experience;
Provide you with access to particular tools and services;
Respond to your inquiries and send you administrative communications;
Obtain your feedback on our websites and our offerings;
Statistically analyze user behavior and activity;
Provide you with more relevant content;
Conduct research and measurement activities;
Send you personalized emails or secure electronic messages pertaining to your health information; or
Contact users about the products and services that we offer.
We may combine personal and non-personal information collected by Hinge Health about you, and may combine this information with information provided by external sources.
(b) Disclosure of Personal Information to Third Parties
We will not disclose any personal information about any of our users to any unaffiliated third-party (excluding our vendors or contractors to whom we may provide such information for the limited purpose of providing services to us and who are obligated to keep the information confidential), unless: (1) you have authorized us to do so; (2) we are legally required to do so, for example, in response to a subpoena, court order or other legal process, and/or (3) it is necessary to protect our property rights related to this website. We also may share aggregate, non-personal information about website usage with unaffiliated third parties, or via scientific research papers regarding our Services. This aggregate information does not contain any identified personal information about our users.
(c) Disclosure of Information by You
Through your use of the Services, you may choose to make certain elements of your information, including PHI that you post and/or disclose in the course of engaging with the Services, available to other participants and users. While we take considerable efforts to protect your privacy, we cannot take and expressly disclaim responsibility for whether and how other users, including your Peer Group, will use or disclose information disclosed by you through the Services. As discussed above, the Services provide you the ability to share personal information, including regarding your medical condition and history to your Peer Group. Any information you voluntarily choose to provide through the Services may be visible to your Peer Group and Hinge Coach. As such, you should only provide information you feel comfortable disclosing to other members of your Peer Group and Hinge Coach.
Cookies and Web Beacons
Certain Hinge Health websites, like many other commercial websites, may use standard technologies called “cookies” and “web beacons” to collect information about how our website is used. Cookies were designed to help a website operator determine that a particular user had visited the site previously and thus save and remember any preferences that may have been set. This information also allows us to statistically monitor how many people are using our website and for what purpose. We may also make use of “persistent” or “memory based” cookies, which remain on your computer’s hard drive until you delete them. You have the ability to modify your browser to either accept all cookies, notify you when a cookie is sent, or reject all cookies, but it may not be possible to utilize our Services if you reject all cookies.
Web beacons are small pieces of code (also called pixels) that are embedded on the pages of websites and that can report your visit or use to a third party. We use web beacons to collect automatic information about our visitors but not personal information. Hinge may use these tools for the purposes of web analytics, marketing, and error management. You may modify your browser to prevent web beacons from collecting automatic information about you.
How We Protect Information Online
We exercise great care to protect your personal information through various administrative, technical and physical safeguards. This includes, among other things, using industry standard techniques such as firewalls, encryption, and intrusion detection for information stored on our systems. However, while we strive to protect your personal information, we cannot ensure or warrant the security of any information you transmit to us or receive from us while that information is in transit. This is especially true for information you transmit to us via email since we have no way of protecting that information until it reaches us since email does not have the security features that are built into our websites.
In addition, we limit our employees’ and contractors’ access to personal information. Only those employees and contractors with a business reason to know have access to this information, and then may only access or use the minimum necessary for the task at hand. We educate our employees about the importance of maintaining confidentiality of user information.
We also periodically review our security arrangements and safeguards.
How can you help protect your information?
If you are using a Hinge Health website or mobile application for which you registered and choose a password, we recommend that you do not share your password to anyone. We will never ask you for your password in an unsolicited phone call or in an unsolicited email. Always remember to sign out of the Hinge Health website and close your browser window when you have finished using the Services. This is to ensure that others cannot access your personal information and correspondence to us if others have access to your computer or mobile device.
The Hinge Health websites and Services are not designed to be used by or intended to attract children under the age of 13. Individuals who we actually know are under the age of 13 will not be permitted to use the Hinge Health websites and Services and we will not collect their personal information. If you are a parent or guardian and you are aware that your child who is under the age of 13 has provided us with identifiable personal data, please contact us. If we become aware that we have inadvertently collected data from children under the age of 13 without verification of parental consent, we will timely remove that information from our servers to the extent permissible by law.
Links to Other Websites
We want to provide website visitors valuable information, services, and products. Featured programs and other Hinge Health website content may link our users to third-party websites. Hinge Health does not control and is not responsible for privacy or security practices of any third party websites.
Do Not Track
Do Not Track is an optional setting that enables you to express your preferences regarding the collection of information about your online activities over time and across third-party websites. Your browser sends Do Not Track signals to the websites you visit expressing your preference not to be tracked. However, because there is no industry-standard approach to responding to Do Not Track signals, we do not process or respond to Do Not Track signals.
If you are a California resident, California law provides you with additional rights regarding our collection, use, and disclosure of your personal information under the California Consumer Privacy Act or “CCPA” (Cal. Civ. Code § 1798.100 et seq.), Shine the Light law (Cal. Civ. Code § 1798.83), and Do Not Track law (Cal. Bus. & Prof. Code BPC § 22575). To learn about the personal information we collect, use, and disclose along with information regarding your additional California privacy rights, visit the CCPA Privacy Notice. Please note that the CCPA does not govern medical information or PHI that is collected by a covered entity or business associate that is governed by HIPAA.
Last updated December 21st, 2021