1. Thank You for Using Day Two

1.1. DayTwo, Inc. and its affiliates (“DayTwo”, “us”, “our”, or “we”) provide this Privacy Policy (as will be amended and/or updated, from time to time) (the “Privacy Policy” or “Policy”) to inform you of our policies and procedures regarding the collection, use, share, and disclosure of information that we receive and/or collect from you when you sign up to participate in our wellness coaching and diagnostic services (“Health Program”), access our proprietary mobile application and web-based platform (“App”), or visit https://www.daytwo.com/ any other websites that we may develop in the future (“Website”) (collectively with “App” and “Health Program”, the “Services”).

1.2. By using the Services, you consent to the collection and use of your information in accordance with this Privacy Policy and Our Terms of Service. If you do not feel comfortable with any part of this Policy or our Terms of Service, you should not use or access our Services.

1.3. We may change, amend, and/or update the terms of this Policy from time to time, by posting notice on our Website, App, or the Services. The Privacy Policy will post the date that any change to the policy takes effect. Your continued use of the Services constitutes your explicit consent to this Privacy Policy (including any amendment or change thereof). If you do not agree to this Privacy Policy (including the new or different terms thereof), you should not use the 
Service.

2. HIPAA.

2.1 Please note that some or all of the information you provide through the Health Program or App may be Protected Health Information (“PHI”), which is governed by the Health Insurance Portability and Accountability Act and applicable regulations (“HIPAA”). Specifically, we may act as a Business Associate under HIPAA if we are engaged by a Covered Entity, which may include your healthcare provider, healthcare administrator, or healthcare insurance company (“External Health Team”). To provide the Services, we also work with coaches and dieticians, with whom you may interact on the App (“Health Consultants”). For more information about how Health Consultants use, collect, and disclose PHI, please refer to the HIPAA Notice of Privacy Practices.

2. Information We Collect

2.1. Your use of the Services is totally voluntary. If you are uncomfortable with sharing information about yourself, do not use the Services.

2.2 Collecting Information. By using the Services, you will be providing information about yourself so that we can provide the Services to you. Some of this information may be used to directly or indirectly identify you (“Personal Information” or “PI”). We also collect this PI from you directly and also using external vendors like data analytics providers and other service providers or third parties.  

Category of InformationExamples of Collection
Contact Information and Demographic InformationWe collect this data when you provide it directly to us, or from the External Health Team, when you create an account or sign up for the Health Program, or request to learn more about the Services. This may include your name, address, email address, phone number, date of birth, and gender. This also includes your username and password that you use to access your Health Program account.
Employment or professional informationWe collect this data when you provide it directly to us, or from the External Health Team, when you create an account or  sign up for the Health Program, or request to learn more about the Services. This may include your employer name, industry, job title, and business contact information.
Health InformationWe may collect and process health information submitted by you, or by the External Health Team, when you use the App or participate in our Health Program. Additionally, we may collect this data if you choose to integrate or link the App or Health Program with third-party health or fitness trackers, applications, or other services. Some or all of this information may be considered PHI. Please refer to the HIPAA Notice of Privacy Practices for more information. Health information includes: The identifiers and contact information associated with your Health Program account; Medical insurance details; Information about physical and mental health conditions, diagnoses, or symptoms; Information gathered through third-party health or fitness trackers, applications, or similar tools; Treatments for medical conditions, including medications; Genetic information (all the information that can be derived from bacterial DNA contained in the stool samples that you provide to us for analysis in connection with the Health Program), blood type; Family and individual medical and health history; Physical attributes, physical activity levels, sleep habits, dietary information, and information related to reproduction; Lab samples and lab or diagnostic results, including results from glucose monitors; Photographs you may provide to help us track your progress with the Health Program; Information about your interactions with Health Consultants on or through the App or Health Program, which may be in audio or visual form; Information we derive about you based on health information, such as your personal nutrition recommendations, microbiome analyses, or related insights.
Feedback and CorrespondenceWe may collect the Personal Information you provide when you contact us with questions, feedback, or otherwise correspond with us online through the App or the Website. We may also collect this information through third-party vendors, such as customer service representatives or online chat or messaging providers.
Location InformationWe may collect general location information if you use features on the Website or App that provide location-based services. We may also collect this information through the use of our third-party vendors.
Usage InformationThis includes data that is collected directly from you through automated means, including through the use of our third-party vendors, when you are using the Website or App. This may include: Information about your interactions with and on the Website or App, including the pages you view and your search history. Content you post to the App or Website including messages you send and/or receive and your interactions with our customer service team. Technical data which may include URL information, IP address, device-level data, other technological identifiers, network connectivity data, browser details, and operating system information. For more information about these technologies, including steps you can take to manage these technologies, please read below.

2.3 Cookies and Tracking Technologies. As noted above, we automatically collect PI from you when you access the Website or App on your browser or mobile device. We may also use several technologies, including third-party vendors, to receive and/or collect this data. These tracking technologies help us better understand your needs and preferences and tell us which parts of our website you have visited, facilitate and measure the effectiveness of our marketing efforts, and provide consistent and personalized services and experiences. These tracking technologies also help us provide, maintain, repair, and improve the Services, such as by logging user activity and crash information or providing data analysis and analytics tools. Please refer to “Information Sharing, Use, and Disclosure” for a full list of how these third-party vendors may support the Services.

The tracking technologies discussed here gather information about you over time and across different websites, some of which may be personal information as identified above in “Information We Collect”. The Services do not recognize “Do Not Track” signals. However, you can instruct your browser or mobile device to limit some cookie activity. To disable cookies and limit the collection and use of information through them, you can set your browser to refuse cookies or indicate when a cookie is being sent. To find out how to see what cookies have been set on your device, and how to reject and delete the cookies, please visit: https://www.aboutcookies.org/. For information on reviewing or deleting cookies from specific browsers, please visit that browsers site. To disable certain cookies on your mobile device, refer to your mobile device settings. If you do not accept cookies, however, you may not be able to use all portions or all functionality of the Services.

3. Information Sharing, Use, and Disclosure.

3.1 How We Use and Disclose PI. We use and disclose your PI for reasons described below to affiliates, third-party vendors and service providers, business partners, the External Care Team, Health Consultants, and other third parties. This includes your employer in order to facilitate your access to the Services, as well as the External Care Team, healthcare entities, and related parties that directly or indirectly provide or facilitate the Health Program. We use and disclose PI in the following contexts:

(i) to provide, maintain, protect, and operate the Services; (ii) to monitor and analyze your use of the Services and, if required, for the technical administration and troubleshooting of the Services; (iii) to personalize your experience with the Services, including displaying your activity information gathered through third-party health or fitness trackers, applications, or similar tools; (iv) to better understand your needs both on an aggregated and individualized basis in order to improve our Services; (v) to improve the Services, including without limitation to train any artificial intelligence or machine learning engine or system, neural network, or similar system for those provision of Services to you; (vi) benchmarking and statistical analysis; (vii) research including medical research and development of products and services, including with third party(ies) or by third party(ies) such as HMOs, medical institutions, academic institutions, and other commercial entities (Use of personal information for the purpose of research will be subject to your consent); (viii) to provide you announcements and further administrative information regarding your progress with the Services or changes in the Services; (ix) to provide you with offers that you may find useful or interesting; (x) to enforce our Terms of Use and Privacy Policy; (xi) to communicate with you and contact you to obtain feedback from you regarding the Services and the process you are going through; (xii) to transfer to our affiliates, third party vendors, service providers, contractors who are working on our behalf in connection with the Services and related services rendered to you as needed to support the delivery, improvement, and operations of the Services, such as (a) for storage, data processing, customer services and support, and/or back up purposes and (b) as otherwise authorized by You; (xiii) for data security purposes; (xiv) for the purpose of detecting and preventing fraud, misuse of Services, or other illegal actions; (xv) for the purpose of receiving your feedback including by the performance of surveys; (xvi) for the purposes of handling complaints and data subjects access or deletion requests; (xvii) in order to meet legal requirements and regulatory obligations; (xviii) for the purpose of establishing and protecting our legal rights; and (xix) for any other legitimate purpose as permitted by applicable law.

Please note that we do not use information gathered through third-party health or fitness trackers, applications, or similar tools for advertising purposes. Further, where applicable, our collection, use, and disclosure of this information will comply with developer restrictions or codes of conducts. This includes the Limited Use requirements, Google Fit Developer and User Data Policy, and Health Connect Permissions policy for the use of information received from Google Fit and Health Connect, respectively.

3.2  Compliance with Laws, Law Enforcement, and our Legal Interests. We cooperate with government and law enforcement officials and private parties to enforce and comply with the law. We will disclose PI to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate to respond to claims and legal process (including but not limited to subpoenas), to protect our or a third party’s property and rights, to protect the safety of the public or any person, or to prevent or stop any activity we may consider to be, or to pose a risk of being, illegal, unethical, inappropriate, or legally actionable. We may also disclose PI to our attorneys, consultants, accountants, or similar advisors to assess or assert our legal or business interests.

3.3 Other Transfers. In connection with a proposed or actual merger, acquisition, reorganization or sale of all or substantially all our shares or assets, or in the event of our bankruptcy, we may transfer some or all our assets, including among others any information, subject to our Privacy Policy as in effect immediately prior to such a transfer (except if we notify you otherwise). If we believe a transfer results in a material change in the use of the information we’ve collected or received about you, we will give you the opportunity to opt out of the transfer.

3.4 Aggregate, De-Identified, and Non-Identifying Information. We may share aggregate, de-identified, and non-identifying information with third parties for any purpose, including for research purposes, industry analysis, demographic profiling, statistical purposes, and/or any other commercial purposes.

4. Communication Preferences

4.1 Opt-out. We may send you promotional, marketing, or similar content (“Promotional Material”) via email, automated voice-messages, and text messages. Please note, that if you are no longer interested in receiving these Promotional Materials, you can opt-out at any time by following the unsubscribe instructions provided in Promotional Material itself. Following the receipt of an opt-out request, we will remove you from the Promotional Materials distribution list. This opt-out request does not apply to certain transactional or service-related messages that we must send to you, such as your registration materials for the Services, information about your Health Program account, or other items or communications that you specifically request from us.

5. Data Protection and Security.

5.1 We are concerned with safeguarding Your PI. We employ a combination of administrative, technical, personnel, and physical measures designed to protect Your PI from unauthorized access, use, disclosure, and modification. However, we do not promise that any information or private communications will be fully protected from unauthorized disclosure or use.

5.2 Use Caution. You should take steps to protect against unauthorized access to your password, phone, and computer by, among other things, signing off after using a shared computer, choosing a robust password that nobody else knows or can easily guess, and keeping your log-in and password private. If you receive an email asking you to update your information with respect to the Services, do not reply and please contact Us at membercare@daytwo.com. You are solely responsible for maintaining the confidentiality of your login information and for restricting access to your mobile device while logged into the Health Program account. You will be responsible for all activities coming from your Health Program account or from your mobile device, including upload of Information, whether authorized by you. You are solely responsible for adequate protection and backup of your PI. If you cease to use the Services and/or if you transfer your mobile device to someone else, it is your obligation to uninstall the app from your mobile device.

6. International Processing and Transfer.

6.1 You are aware that we may process, maintain, store, and/or or transfer some PI (whether in whole or in part, including some or all Health Information defined in the above table) to countries outside of your state or country (including Israel), where the privacy laws may not be as protective as those in your jurisdiction, and you hereby provide your informed consent to the use and/or process and/or storage and/or transfer of the content (including, without limitations to your PHI to countries outside your state or country).

7. Retention.

7.1 We retain user’s PI for as long as such individuals are using our Services. If a user ceases to use our Services, we may continue to retain certain PI of that user for the period required by our legal and regulatory obligations and/or for accounting purposes (i.e., as required by applicable laws regulating our Services, for bookkeeping purposes, and to have proof and evidence concerning our relationship with that user, should any legal issues arise following the user’s discontinuance of use of our Services). Please note that except as required by applicable law, we will not be obligated to retain your information for any period, and we are free to securely delete it for any reason and at any time, with or without notice to you. Unless otherwise restricted by applicable law, non-PI may be retained indefinitely.

8. Our Policy toward Children.

8.1 The Service is intended for a general, adult audience. We do not knowingly collect PI from minors aged 18 or younger. If a parent and/or legal guardian becomes aware that his or her child has provided us with PI without their consent, he or she should contact us at membercare@daytwo.com.

9. Applicable Law.

9.1 This Privacy Policy shall be governed by and construed in accordance with the laws of the State of Delaware, excluding its choice of law principles (above and hereinafter: “Governing Law”). Any dispute arising in connection with this Privacy Policy shall be subject to the exclusive jurisdiction of the competent court in Wilmington, Delaware.

10. Contacting Us.

10.1 If You have any concerns or questions about this Policy, please contact us at legal@daytwo.com.

Effective Date: April 28, 2023
Updated: May 2, 2024

Copyright © 2024 Day Two, Inc.


https://support.google.com/#limited_use_preview