Through the Services, altumAI provides a monitoring system designed to allow employers to analyze data collected from third parties or employees via the Application. We aggregate such data to create a unique risk score for each employee or a Passport status. We then then present that data collected from and about employees to employers, and in some cases, other employees, so that employees and their employer can track certain events, set alerts to monitor changes in behavior, risk score and passport status, and view statistics and analytics about such events over time, all within the Application. Based on the data collected and the risk score or passport status assigned, we provide actionable insights that are designed to improve health and safety and avoid risk of injury or disease on the job. We provide our Services to business customers who purchase our Services for their workforce. If you are using our Services at the request of a business, our use of your information is governed by our enterprise customer agreement with the relevant business. To learn about how a particular business customer handles your personal information, we encourage you to read the business’s privacy statement or contact the business directly. The Application monitors data surrounding your workplace or self, which may include body motion (via the Application or third party devices), and vital signs such as your body temperature and heart rate via sensors or manually recorded in the Application. The Application may provide a Passport status indicator based on the data entered. The Application may also analyze your baseline information and alert you (or our business customers) of a risk score that may indicate risk of injury or onset of illness, prompting you (or your employer) to take action. From time to time, we may need to alter our privacy practices to comply with legal requirements, such as court orders, subpoenas or investigations.
TYPES OF PERSONAL INFORMATION WE COLLECT
To use the Application, we will ask you to share personal information with us. We may also receive information from our business customers (if you are using our Services at the request of a business), and collect certain health, technical, and usage information from your computer and mobile device. We may collect the following types of information:
• Contact Information. We may collect your contact information, such as your name and email address, in connection with our Services.
• Registration Information. When you register for the Services, we may collect your username and password, gender, birthdate, role/industry, other work specific information, and any pre-existing conditions.
• Health Information. During use, the Application may transmit information and metadata related to your body’s biomechanics, biometrics, such as body temperature and heart rate and recorded health symptoms and exposure risks, to our cloud environment for reading and analysis.
• Transaction Information. If you purchase the Application subscription, we collect information about your purchase, such as your order history and billing address.
• Precise Geo-Location and Location History. When you use our Services, you may choose to share with us precise geo-location information using iOS and Android location services. These services may use a combination of GPS, WiFi, Cellular, Bluetooth, and IP address to detect and triangulate your location. You can stop the sharing of location information at any time by changing the preferences on your mobile device.
• Customer Support Information. We will store the information you provide when you contact us with questions or feedback or otherwise correspond with our customer support personnel, and information about your use of our Services.
• Mobile Device, Technical and Usage Information. When you access our Services, we collect information about your mobile device or computer system, including MAC address, IP address and mobile device ID. We also generate usage statistics about your interactions with our Services. This information is typically collected through the use of server log files or web log files, mobile device software development kits, and tracking technologies like browser cookies to analyze certain types of technical information. Some of the cookies our Services places on your computer are linked to a user ID number. When you respond to communications we send you, we may use automated technology to understand how you interact with the communications.
You can usually remove or reject browser cookies through the settings on your browser or device.
At this time we do not recognize automated browser signals regarding tracking mechanisms, which may include ”do not track” instructions.
HOW WE USE YOUR INFORMATION
We use the information we receive:
• To operate our Services as described throughout this Policy, including to facilitate your purchase of the Application, monitor your health and safety, and alert you (and others, with your consent) of risks that may affect your health or safety.
• For internal business purposes that are necessary, reasonable, or appropriate to maintain and improve our Services.
• To communicate with you about our Services, including to respond to inquiries, complaints, and requests for support.
• To analyze the information we collect through cookies and other tracking technologies to help us improve our function and to modify the services and information that we provide.
• For fraud prevention and legal compliance, including to prevent fraud or potentially illegal activities, and enforce our Terms of Service. We may also use your contact information to send you marketing communications about altumAI products and services that you may be interested in. HOW WE SHARE YOUR INFORMATION We may share your information:
• If you are using our Services at the request of one of our business customers, with that business, solely to alert them that you are experiencing risks that may affect your health or safety.
• With government, law enforcement officials or private parties as required by law, when we believe such disclosure is necessary or appropriate to (a) comply with applicable law; (b) enforce the terms and conditions that govern the platform; (c) protect our rights, privacy, safety or property, and/or that of you or others; and (d) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity.
HOW LONG WE RETAIN YOUR INFORMATION
We will retain all information for the period necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required or permitted by law, or an individual requests that we delete information about them.
CREATION OF ANONYMOUS DATA FOR ANALYTICS
We may create anonymous, aggregate or de-identified data from personal information. We make personal information into anonymous, aggregate or de-identified data by excluding information that makes the data personally identifiable to individuals, and use that anonymous, aggregate or de-identified data for our lawful business purposes.
SECURITY OF YOUR INFORMATION
We have implemented a number of security measures designed to protect your information, including encrypting all personal information in transit and at rest. We identify your biomechanical information using a unique MAC address tied to a designated wearable or a mobile phone, which we store in a cloud environment separate from your contact and other identifying information. We associate your health information with your contact and other identifying information only when necessary to alert you (or others, with your consent) that you are experiencing risks that may affect your health or safety. It is important that you protect and maintain the security of your account, and you should immediately notify us of any unauthorized use of your account. No website, mobile application or Internet transmission is completely secure, and therefore we cannot guarantee that unauthorized access, hacking, data loss, or other breaches or other type of misuse will never occur. Be careful where and how you share personal information—use public WiFi spots wisely and avoid clicking unfamiliar links or using unfamiliar devices. We may post a notice via our Services or notify you via email if a security breach occurs. Depending on where you live, you may have a legal right to receive written notice of a data privacy or security breach.
You can make the following choices regarding your personal information:
• Application. You can stop all collection of information by our Services by uninstalling the Application. You may use the standard uninstall processes as may be available as part of your mobile device or via the mobile application marketplace or network.
• Updating your account. You may update the information in your Application account by logging into your account and navigating to your account settings.
• Deleting your account. You may delete your Application account by emailing us at support@altumAI.com. We may retain anonymous, aggregate or de-identified data to improve our products and services.
• Mobile device permissions. You may revoke any permissions you previously granted to us, such as permission to access your precise geo-location data or permission to send you push notifications, through 4 the settings on your mobile device. Please note that if you withdraw consent to our use of geo-location data or push notifications, you may no longer be able to use some features of our Services.
• Marketing communications. You may opt out of marketing-related emails by clicking on a link at the bottom of each such email. You may continue to receive service-related and other non-marketing emails.
• Cookies. If you decide at any time that you no longer wish to accept cookies from our Services for any of the purposes described above, then you can instruct your browser, by changing its settings, to stop accepting cookies or to prompt you before accepting a cookie from the websites you visit. Consult your browser’s technical information. If you do not accept cookies, however, you may not be able to use all or portions of our Services. If you have any questions about how to disable or modify cookies, please let us know at the contact information provided below.
• Do-Not-Track. Some web browsers transmit “do not track” signals to the websites and other online services with which your web browser communicates. There is currently no standard that governs what, if anything, websites should do when they receive these signals. The Application currently does not take action in response to these signals. If and when a standard is established, altumAI may revise its policy on responding to these signals.
• Third-party platforms. If you choose to connect to the Services via a third-party platform, such as by using Google or Facebook login, you may have the ability to limit the information that we may obtain from the third party at the time you login to the Services using the third party’s authentication service or otherwise connect your account. Subsequently, you may be able to control your settings through the third party’s platform or service. If you withdraw our ability to access certain information from a third-party platform, that choice will not apply to information that we have already received from that third party.
Our Services are not directed towards individuals under the age of 13, and we do not intentionally gather personal information about individuals who are under the age of 13. If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us at support@altumAI.com. We will delete such information from our files as soon as reasonably practicable.
INTERNATIONAL DATA TRANSFER
altumAI is headquartered in the United States and has service providers in other countries, and your personal information may be transferred to and accessed from the United States or other locations outside of your state, province, country or other governmental jurisdiction where privacy laws may not be as protective as those in your jurisdiction.
NOTICE TO CALIFORNIA USERS
We are required by the California Consumer Privacy Act of 2018 (“CCPA”) to provide to California residents an explanation of how we collect, use and share their personal Information, and of the rights and choices we offer California residents regarding our handling of their personal information. This notice and the privacy rights it describes do not apply to information related to our business contacts, job applicants, or employees, or to enterprise users of our Services. altumAI is a service provider under the CCPA in relation to our enterprise Services, and our business customers are responsible for addressing CCPA compliance with respect to enterprise users of our Services. Please note that we do not sell personal information. The CCPA grants California residents the following rights:
• Access. You can request a copy of the personal information that we have collected about you.
• Deletion. You can ask us to delete the personal information that we maintain about you.
Please note that the CCPA limits these rights by, for example, prohibiting us from providing certain information we maintain for compliance in response to an access request and limiting the circumstances in which we must comply with a deletion request. If we deny your request, we will communicate our decision to you.
You are entitled to exercise the rights described above free from discrimination, as prohibited by the CCPA.
How to Submit a Request
• To request access to or deletion of personal information: Email: support@altumAI.com
• Identity verification. We will need to confirm your identity and California residency to process your requests to exercise your information, access or deletion rights. We cannot process your request if you do not provide us with sufficient detail to allow us to understand and respond to it.
• Authorized agents. California residents can empower an “authorized agent” to submit requests on their behalf. We will require the authorized agent to have a written authorization confirming that authority.