Vera Logo

Vera Health™ Privacy Policy

最后更新:2026年2月20日

Please read this Privacy Policy to learn how we treat your personal data. By using or accessing our Services in any manner, you acknowledge that you accept the practices and policies outlined below, and you hereby consent that we will collect, use and disclose your information as described in this Privacy Policy.

Your use of Vera Health's Services is at all times subject to our Terms of Use, which incorporates this Privacy Policy. Any terms we use in this Policy without defining them have the definitions given to them in the Terms of Use.

We may change this Privacy Policy from time to time. We will alert you of material changes by placing a notice on the Vera Health website, by sending you an email or by some other means. Please note that if you've opted not to receive legal notice emails from us (or you haven't provided us with your email address), those legal notices will still govern your use of the Services, and you are still responsible for reading and understanding them. If you use the Services after the effective date of any posted changes to the Privacy Policy, that means you agree to all of the changes.

1. Key Terms

These are some of the important terms used throughout this policy:

  • "Vera Health," "We," "Us," "Our" means Veracity-Health Inc., a Delaware corporation with an address at 2261 Market Street, Suite 22644, San Francisco, California 94114 USA.
  • "Personal data" means any information relating to an identified or identifiable individual.
  • "Sensitive personal data" means personal data revealing a consumer's social security number, driver's license and passport numbers, account numbers and credentials, precise geolocation, racial or ethnic origin, religious beliefs, or union membership, personal data concerning a consumer's health, sex life, or sexual orientation, contents of a consumer's mail, email and text messages where the business is not the intended recipient, genetic data, biometric information, or citizenship and immigration status.

2. What this Privacy Policy Covers

This Privacy Policy covers how we treat personal data that we gather when you access or use our Services. This Privacy Policy does not cover the practices of companies we don't own or control or people we don't manage. It also does not apply to information we collect or maintain relating to Vera Health's employees or contractors.

3. Personal Data

3.1 Categories of Personal Data We Collect

This chart details the categories of personal data that we collect and the types of third parties ("Third Parties") with whom we may share such information:

Category of Personal Data (and Examples)Categories of Third Parties To Whom We May Disclose this personal data
Profile or contact data such as first and last name and email.Service Providers<br>Parties You Authorize, Access or Authenticate
Identifiers such as driver's license number, state identification card, passport number.Service Providers
Commercial data such as usage history (of Vera Health's products) and consumer profiles.Service Providers
Device/IP data such as IP address, device ID, domain server, and type of device/ operating system/ browser used to access the Services.Service Providers<br>Advertising Partners<br>Analytics Partners
Web analytics such as web page interactions, referring webpage/source through which you accessed the Services, non-identifiable request IDs, and statistics associated with the interaction between device or browser and the Services.Service Providers<br>Advertising Partners<br>Analytics Partners
Geolocation data such as IP-address-based location information.Service Providers<br>Advertising Partners<br>Analytics Partners
Categories of data Considered "Sensitive" Under the applicable laws, such as personal identification numbers, including driver's license, passport, or state ID card numbers.Service Providers
Other identifying information that You voluntarily choose to provide such as emails, letters, texts, or other communications you send us.Service Providers

3.2 Our Commercial or Business Purposes for Collecting Personal Data

We collect personal data for the commercial or business purposes described below. In addition, under each section below, we state the GDPR lawful basis for the collection and use (processing) of the personal data at issue.

a) Providing, Customizing and Improving the Services, for example by:

  • Creating and managing your account or other user profiles.
  • Processing orders or other transactions.
  • Providing you with the products, services or information you request.
  • Meeting or fulfilling the reason you provided the information to us.
  • Providing support and assistance for the Services.
  • Improving the Services, including testing, research, internal analytics, and product development.
  • Personalizing the Services, website content, and communications based on your preferences.
  • Doing fraud protection, security, and product debugging.
  • Carrying out other business purposes stated when collecting your personal data or as otherwise set forth in applicable data privacy laws, such as the California Consumer Privacy Act, as amended by the California Privacy Rights Act of 2020 (the "CCPA").
  • GDPR lawful basis: Contractual necessity (Article 6(1)(b)); Consent (Article 6(1)(a))

b) Marketing the Services, for example by:

  • Marketing and providing the Services.
  • Showing you advertisements, including interest-based, online behavioral or targeted advertising.
  • GDPR lawful basis: Legitimate interest (Article 6(1)(f))

c) Communicating with You, for example by:

  • Responding to correspondence that we receive from you, contacting you when necessary or requested, and sending you information about Vera Health or the Services.
  • Sending emails and other communications according to your preferences or that display content that we think will interest you.
  • Verifying your identity and administering your account.
  • GDPR lawful basis: Contractual necessity (Article 6(1)(b))

d) Other Permitted Purposes for Processing personal data

In addition, each of the above referenced categories of personal data may be collected, used, and disclosed with the government, including law enforcement, or other parties to meet certain legal requirements and enforcing legal terms including: fulfilling our legal obligations under applicable law, regulation, court order or other legal process, such as preventing, detecting and investigating security incidents and potentially illegal or prohibited activities; protecting the rights, property or safety of you, Vera Health or another party; enforcing any agreements with you; responding to claims that any posting or other content violates third-party rights; and resolving disputes.

GDPR lawful basis: Contractual necessity (Article 6(1)(b)); Legitimate interest (Article 6(1)(f))

3.3 Categories of Sources of Personal Data

We collect personal data about you from the following categories of sources:

a) You

When you provide such information directly to us, for example:

  • When you create an account or use our interactive tools and Services.
  • When you voluntarily provide information in free-form text boxes through the Services or through responses to surveys or questionnaires.

When you send us an email or otherwise contact us, for example:

  • When you use the Services and such information is collected automatically.
  • Through Cookies (defined in the "Tracking Tools, Advertising and Opt-Out" section below).
  • If you download our mobile application or use a location-enabled browser, we may receive information about your location and mobile device, as applicable.
  • If you download and install certain applications and software we make available, we may receive and collect information transmitted from your computing device for the purpose of providing you the relevant Services, such as information regarding when you are logged on and available to receive updates or alert notices.

b) Third Parties

Vendors, for example:

  • We may use analytics providers to analyze how you interact and engage with the Services, or third parties may help us provide you with customer support.
  • We may use vendors to obtain information to generate leads and create user profiles.

Customers of Vera Health, for example:

  • We may receive information about you from prospective employers that refer you to our Services.
  • We may receive information about you from current employers in connection with our Services.
  • Other customers or users of the Services may refer you to us for potential use of the Services.

Advertising Partners, for example:

  • We receive information about you from some of our vendors who assist us with marketing or promotional services related to how you interact with our websites, applications, products, Services, advertisements or communications.

c) Vera Health

We may infer new information from other data we collect, including using automated means to generate information about your likely preferences or other characteristics. For example, we may infer your location (such as city, state, and country) based on your IP address.

4. How We Share Your Personal Data

We may share your personal data with the categories of service providers and other parties listed in this section. For more information, please refer to the state-specific sections below.

4.1 Service Providers. These parties help us provide the Services or perform business functions on our behalf. They include:

  • Hosting, technology and communication providers.
  • Security and fraud prevention consultants.
  • Support and customer service vendors.

4.2 Advertising Partners. These parties help us market our services and provide you with other offers that may be of interest to you. They include:

  • Ad networks.
  • Marketing providers.

4.3 Analytics Partners. These parties provide analytics on web traffic or usage of the Services. They include:

  • Companies that track how users found or were referred to the Services.
  • Companies that track how users interact with the Services.

4.4 Parties You Authorize, Access or Authenticate

  • Third parties you access through the services.
  • Social media services.

VERA HEALTH HAS WRITTEN AGREEMENTS WITH ALL OF THE SERVICE PROVIDERS, ADVERTISING PARTNERS, AND ANALYTICS PARTNERS WHO ASSIST WITH THE PROVISION OF THE SERVICES (COLLECTIVELY, "SUBPROCESSORS"). OUR AGREEMENTS WITH SUBPROCESSORS LIMIT THEIR USE OF ANY PERSONAL DATA TO THE SERVICES THEY PROVIDE TO VERA HEALTH. A LIST OF SUBPROCESSORS IS AVAILABLE UPON REQUEST.

4.5 Legal Obligations

We may disclose any personal data that we collect with third parties in conjunction with any of the activities set forth under "Other Permitted Purposes for Processing personal data" section above.

4.6 Business Transfers; Affiliates

All of your personal data may be transferred to a third party if we undergo a merger, acquisition, asset sale, bankruptcy, or other transaction in which a third party assumes control of our business (in whole or in part). We may also share personal data to our corporate affiliates to help operate our Services and our affiliates' Services.

4.7 Data that is Not Personal Data

We may create aggregated, de-identified or anonymized data from the personal data we collect, including by removing information that makes the data personally identifiable to a particular user. We may use such aggregated, de-identified or anonymized data and disclose it with third parties for our lawful business purposes, including to analyze, build and improve the Services and promote our business, provided that we will not disclose such data in a manner that could identify you.

4.8 Third Party Services

Our Services may contain third party content, integrations or links to third party websites operated by organizations not affiliated with Vera Health. Through these integrations, you may be providing information to the third party as well as to Vera Health. Since we can only control our own Services, we are not responsible for how those third parties collect or use your information so please review the privacy policies of every third-party service that you visit or use, including those third parties you interact with through our Services.

5. Tracking Tools, Advertising, and Opt-Out

Vera Health publishes a comprehensive Cookie Notice that describes the cookies used on the Vera Health website and provides information on how you can accept or reject them. The Cookie Notice is available at https://www.verahealth.ai/cookies.

6. Data Security

We seek to protect your personal data from unauthorized access, use and disclosure using appropriate physical, technical, organizational, and administrative security measures based on the type of personal data and how we are processing that data.

You should also help protect your data by appropriately selecting and protecting your password and/or other sign-on mechanism; limiting access to your computer or device and browser; and signing off after you have finished accessing your account.

Although we work to protect the security of your account and other data that we hold in our records, please be aware that no method of transmitting data over the internet or storing data is completely secure. Of course, Vera Health cannot secure personal data that you release on your own or that you request us to release.

7. Health Insurance Portability and Accountability Act (HIPAA)

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law that includes provisions designed to protect the privacy and security of protected health information (PHI).

HIPAA is applicable to "covered entities" (Health plans, Healthcare clearinghouses, and healthcare providers who transmit health information electronically) and their business associates, including service providers like Vera Health.

If you are a covered entity, a business associate to covered entities, or an agent for such an organization, upon request, Vera Health will enter into a Business Associate Agreement (BAA) with you to provide for the protection of PHI by Vera Health. The BAA also serves to clarify and limit, as appropriate, the permissible uses and disclosures of PHI by Vera Health, based on the services being performed by Vera Health.

Vera Health's BAA can be found at https://www.verahealth.ai/baa.

8. Data Retention

We retain personal data about you for as long as necessary to provide you with the Services or to perform our commercial or business purposes for collecting your personal data. When establishing a retention period for specific categories of data, we consider who we collected the data from, our need for the personal data, why we collected the personal data, and the sensitivity of the personal data. In some cases, we retain personal data for longer, if doing so is necessary to comply with our legal obligations, resolve disputes, or is otherwise permitted or required by applicable law, rule or regulation. We may further retain information in an anonymous or aggregated form where that information would not identify you personally.

For example:

  • We retain your profile information and credentials for as long as you have an account with us.
  • We retain your device/IP data for as long as we need it to ensure that our systems are working appropriately, effectively, and efficiently.

9. User Data Rights and Request Process

9.1 User Rights

We are committed to respecting the privacy and data rights of all our users, regardless of their location. If you wish to request access to, rectification of, deletion of, or restrictions on our use of your personal data from our systems (collectively, "User Rights"), please follow the steps set out below. In responding to your User Rights requests, (a) we will provide the applicable information in a commonly used, machine-readable format, and (b) we may redact or limit the information provided to maintain our proprietary rights or comply with legal requirements.

As part of your User Rights, you may also request information about: the purpose of the processing; the categories of personal data concerned; who else outside Vera Health might have received the data from Vera Health; what the source of the information was (if you didn't provide it directly to Vera Health); and how long it will be stored. You have a right to correct (rectify) the record of your personal data maintained by Vera Health if it is inaccurate. You may request that Vera Health erase that data or cease processing it, subject to certain exceptions. You may also request that Vera Health cease using your data for direct marketing purposes. In many countries, you have a right to lodge a complaint with the appropriate data protection authority ("Supervisory Authority") if you have concerns about how Vera Health processes your personal data. When technically feasible, Vera Health will—at your request—provide your personal data to you or transmit it directly to another controller. To find your local Supervisory Authority, see https://iapp.org/resources/global-privacy-directory.

If you are a California resident, your User Rights are more fully set out in Section 11 (California Resident Rights), below.

9.2 How to Submit a Request

To make a request pursuant to your User Rights, contact us by emailing privacy@vera-health.ai with the subject line "User Rights Request."

Include your full name, email address associated with your account, and any additional information that could help us verify your identity and process your request.

For security purposes, we may need to verify your identity before processing your User Rights request. We may ask for additional information to confirm your identity.

We will acknowledge your request and initiate processing within 30 days of receipt. In certain circumstances, where more time is needed, we will inform you and provide an updated timeline.

In general, we will work to respond to your User Rights request within the time period required by applicable law. We will not charge you a fee for making a User Rights request unless your request is excessive, repetitive or manifestly unfounded. If we determine that your User Rights request warrants a fee, we will notify you of the fee and explain that decision before completing your request.

Once the request is processed, we will modify our handling of your personal data as described in the response. Note that we may always retain personal data as necessary to comply with legal obligations, resolve disputes, or as otherwise described in this Privacy Policy.

You may also authorize an agent (an "Authorized Agent") to exercise User Rights on your behalf. To do this, you must provide your Authorized Agent with written permission to exercise your rights on your behalf, and we may request a copy of this written permission from your Authorized Agent when they make a request on your behalf.

To exercise the your User Rights, you or your Authorized Agent must send us a request that (a) provides sufficient information to allow us to verify that you are the person about whom we have collected personal data, and (b) describes your request in sufficient detail to allow us to understand, evaluate and respond to it. We may not respond to requests that do not meet these criteria. We will only use personal data provided in connection with a User Rights Request to verify your identity and complete your request. You do not need an account to submit a User Rights Request.

For further assistance, or if you encounter any issues with your data User Rights request, please reach out to us at privacy@vera-health.ai.

10. Personal Data of Children

We do not knowingly collect or solicit personal data from children under 13 years of age; if you are a child under the age of 13, please do not attempt to register for or otherwise use the Services or send us any personal data. If we learn we have collected personal data from a child under 13 years of age, we will delete that information as quickly as possible. If you believe that a child under 13 years of age may have provided personal data to us, please contact us at privacy@vera-health.ai.

11. California Resident Rights

If you are a California resident, you have the rights set forth in this section. Please note that we may process personal data of our customers' authorized users or employees in connection with our provision of certain services to our customers. Additionally, please note that these rights are subject to certain conditions and exceptions under applicable law, which may permit or require us to deny your request.

If there are any conflicts between this section and any other provision of this Privacy Policy and you are a California resident, the portion that is more protective of personal data shall control to the extent of such conflict.

11.1 Access

You have the right to request certain information about our collection and use of your personal data. In response, we will provide you with the following information in the past 12 months:

  • The categories of personal data that we have collected about you.
  • The categories of sources from which that personal data was collected.
  • The business or commercial purpose for collecting and using your personal data.
  • The categories of third parties with whom we have shared your personal data.
  • The specific pieces of personal data that we have collected about you.

If we have disclosed your personal data to any third parties for a business purpose over the past 12 months, we will identify the categories of personal data shared with each category of third-party recipient.

You may request the above information beyond the 12-month period, but no earlier than January 1, 2022. If you do make such a request, we will provide that information unless doing so proves impossible or would involve disproportionate effort.

11.2 Deletion

You have the right to request that we delete the personal data that we have collected about you. Under the CCPA, this right is subject to certain exceptions: for example, we may need to retain your personal data to provide you with the Services or complete a transaction or other action you have requested, or if deletion of your personal data involves disproportionate effort. If your deletion request is subject to one of these exceptions, we may deny your deletion request.

To request deletion of your personal data, send an email from a verified email address associated with your account to privacy@vera-health.ai requesting the deletion.

11.3 Correction

You have the right to request that we correct any inaccurate personal data we have collected about you. Under the CCPA, this right is subject to certain exceptions: for example, if we decide, based on the totality of circumstances related to your personal data, that such data is correct. If your correction request is subject to one of these exceptions, we may deny your request.

11.4 Personal Data Shares Opt-Out

As described in the "Tracking Tools, Advertising and Opt-Out" section above, we have incorporated Cookies from certain third parties into our Services. These Cookies allow those third parties to receive information about your activity on our Services that is associated with your browser or device. Those third parties may use that data to serve you relevant ads on our Services or on other websites you visit. You can opt out of such sharing by following the instructions in this section.

We share your personal data to the following categories of third parties:

  • Ad Networks (i.e. retargeted advertising cookie providers).

Over the past 12 months, we have shared the following categories of your personal data to categories of third parties listed above:

  • Web Analytics Data.
  • Device/IP Data.

We have shared the foregoing categories of personal data for the following business or commercial purposes:

  • Marketing and providing the Services.
  • Showing you advertisements, including interest-based or online behavioral advertising.

If you are a California resident, you may opt-out from any "shares" of personal data by emailing us at privacy@vera-health.ai.

Once you have submitted an opt-out request, we will not ask you to reauthorize the sharing of your personal data for at least 12 months.

To our knowledge, we do not share the personal data of minors under 16 years of age.

11.5 Limit the Use of Sensitive Personal Data

Consumers have the right to request that we limit the use or sharing disclosure of their sensitive personal data ("Right to Limit"). However, since our use and disclosure of Sensitive Information are limited to the purposes set forth in section 7027(m) of the CCPA regulations, including: (a) performing the services or providing the goods reasonably expected, (b) preventing, detecting, and investigating security incidents, (c) resisting malicious, deceptive, fraudulent, or illegal actions, (d) ensuring physical safety of natural persons, (e) for short-term transient use, (f) performing services on behalf of the business, (g) verifying or maintaining quality or safety of a product or service, and (h) collecting or processing sensitive personal data but not for the purpose of inferring characteristics, we do not offer a way for you to submit such a request.

11.6 We Will Not Discriminate Against You for Exercising Your Rights Under the CCPA

We will not discriminate against you for exercising your rights under the CCPA. We will not deny you our goods or services, charge you different prices or rates, or provide you with a lower quality of goods and services if you exercise your rights under the CCPA. However, we may offer different tiers of our Services as allowed by applicable data privacy laws (including the CCPA) with varying prices, rates or levels of quality of the goods or services you receive related to the value of personal data that we receive from you.

11.7 Additional California Resident Rights

Under California Civil Code Sections 1798.83-1798.84, California residents are entitled to ask us to prevent disclosure of personal data to third parties for such third parties' direct marketing purposes; in order to submit such a request, please contact us at privacy@vera-health.ai.

Your browser may offer you a "Do Not Track" option, which allows you to signal to operators of websites and web applications and services that you do not wish such operators to track certain of your online activities over time and across different websites. Our Services do not support Do Not Track requests at this time. To find out more about "Do Not Track," you can visit www.allaboutdnt.com.

12. International Transfers of Personal Data

The Services are hosted and operated in the United States ("U.S.") by Vera Health and its service providers, and if you do not reside in the U.S., laws in the U.S. may differ from the laws where you reside.

By using the Services, you acknowledge that any personal data, regardless of whether provided by you or obtained from a third party, is being provided to Vera Health in the U.S. and will be hosted on servers located in the U.S., and you authorize Vera Health to transfer, store and process your information to and in the U.S., and possibly other countries.

Vera Health also enters into data processing agreements and model clauses with its service providers, suppliers, and customers whenever feasible and appropriate.

13. Contact Information

If you have any questions or comments about this Privacy Policy, the ways in which we collect and use your personal data or your choices and rights regarding such collection and use, please do not hesitate to contact us at:

privacy@vera-health.ai, or

Veracity-Health Inc. d/b/a Vera Health 2261 Market Street, Suite 22644 San Francisco, California 94114 USA

To contact our Data Protection Officer: Email: security@verahealth.ai Phone Number: +1 (516) 523-8438

Please note that if you contact us to assist you, we may need to verify your identity before fulfilling your request.

[END OF PRIVACY POLICY]