BRIDGMED PRIVACY POLICY

BridgMed Privacy Policy

BridgMed’s mission is to positively transform the food-health relationship for the individual and extend it to the community and outward through our Culinary Medicine Solution, thereby completely changing the course of today’s dietary-derived disabilities and diseases.

We established this privacy policy to help you understand what information we collect through our websites, apps, devices, and other products and services, how we use it, and what choices you have about it.

Please note this policy does not cover data we handle on behalf of other entities. Those practices are covered by our agreements with those entities. Please see those privacy policies for how they handle your data.

Table of Contents

How we collect information

What we do with the info we collect

How and when we share your information

How long we keep your information

Your rights and choices

Research participation

Transferring your information

California residents

Residents of the EEA, UK, and Switzerland

Changes to this policy

Contact us

How we collect information:
The information we collect depends on how you interact with us, the services you use, and the choices you make. We collect information about you from different sources, and in various ways when you use our services, including information you provide directly, information collected automatically, information from third-party data sources, and data we infer or generate from other data.

Information you provide: When you sign up for or use BridgMed, you share certain information, such as:

Common personal information and identifiers: We collect name, username or alias, and contact details such as email address, postal address, and phone number.
Demographic data: In some cases, we request that you provide or you may offer age, gender, marital status, and similar demographic details.
Payment information: If you make a purchase or other financial transaction, we collect credit card numbers, financial account information, and other payment details.
Contents and files: We collect the photos, documents, or other files you upload to BridgMed, and if you send us email messages or communications, we collect and retain those communications.
Sensitive Personal Information:
Account access information: We collect information such as a username or account number in combination with a password, security or access code, or other credentials that allow access to an account.
Contents of communications: We collect the messages you send in chats and message boards in our apps.
Health data: We collect and analyze information concerning your health, such as weight, mental state, sleep and exercise habits, food intake, and other information as may be contained in your electronic health record (EHR).
Sensitive demographic data: We collect information about racial or ethnic origin, religion, or philosophical beliefs that you may provide or we infer throughout the program in order to better support you.

Technical information collected automatically when you use BridgMed: When you use our website or mobile application, certain internet and electronic network activity information gets created and logged automatically. Here are some of the types of information we collect:

Log data: When you use BridgMed, our servers record information (“log data”), including information that your browser automatically sends whenever you visit a website or that your mobile app automatically sends when you’re using it. This log data includes your IP address, browser type and settings, and the date and time you used BridgMed.
Geolocation data: Depending on your device and app settings, we collect geolocation data when you use our apps or online services. For example, we may infer your general geographic location (such as city, state, and country) based on your IP address.
Cookie data: Our partners and we also use cookies, web beacons, mobile analytics and advertising device IDs, and similar technologies. Our partners and we use these technologies in websites, apps, and online services to collect personal data (such as the pages you visit, the links you click on, and similar usage information, identifiers, and device information) when you use our services, including personal data about your online activities over time and across different websites, apps, or online services. For more information on our use of cookies, please see our Cookie Policy.
Device information: In addition to log data, we collect information about the device you’re using BridgMed on, including the type of device, operating system, settings, unique device identifiers, and crash data.
Usage data and customization: When you’re on BridgMed, we use your activity—such as the foods you typically log— to customize your experience. We also automatically log your other activity on our websites, apps, and connected products, including the URL of the website from which you came to our sites, pages you viewed, how long you spent on a page, access times, and other details about your use of and actions on our website.
Sensor data: We may also receive data from third-party sensors you choose to connect; for example, you may connect your Apple Watch Health App with BridgMed so we can receive and help you based on the data we receive.

Information we create or generate: We infer new information from other data we collect, including using automated means to generate information about your likely preferences or other characteristics (“inferences”). For example, we may infer your BMI from your height and weight or the percentage of your diet that is ultra-processed food (UPFs) from your dietary recall data.

Information collected from third-party services: We also obtain the types of information described above from third parties. These third-party sources include, for example:

Third-party partners: Third-party applications and services, including social networks you choose to interact with, to connect to our services. What we have access to is dependent on the privacy policies or settings for those accounts.
The information our advertisers share: We also get information about you and your activity from our advertising partners and other third parties we work with. For example, online advertisers or third parties share information with us to measure, report on, or improve the performance of ads for BridgMed.
Co-branding/marketing partners: Partners with which we offer co-branded services or engage in joint marketing activities.
Service providers: Third parties that collect or provide data in connection with work they do on our behalf. For example, companies that determine your device’s location based on its IP address.
When asked to provide your information, you may decline or use browser or device controls to prevent certain types of data collection. In some cases, if you choose not to provide the necessary information, some services or features may not be available or fully functional.

What we do with the info we collect:
We’re committed to providing a service that’s relevant, interesting, and personalized. To do that, we use your information to provide and improve your experience. For example:

Purposes of Use: Product and service delivery. To provide and deliver our services, including troubleshooting, improving, and personalizing those services.

Categories of Information: Contact information, demographic data, payment information, content and files, identifiers and device information, geolocation data, log data, usage data, sensor data, and inferences.

Sensitive Information: Account access information, sensitive demographic data, contents of communications, and health data.

Purposes of Use: Business operations. To operate our business, such as billing, accounting, improving our internal operations, securing our systems, detecting fraudulent or illegal activity, and meeting our legal obligations.

Categories of Information: Contact information, demographic data, payment information, content and files, identifiers and device information, geolocation data, log data, usage data, sensor data, and inferences.

Sensitive Information: Account access information, sensitive demographic data, contents of communications, and health data.

Purposes of Use: Product improvement, development, and research. To develop new services or features and conduct user research (surveys, interviews).

Categories of Information: Contact information, demographic data, payment information, content and files, identifiers and device information, geolocation data, log data, usage data, sensor data, and inferences.

Sensitive Information: Account access information, sensitive demographic data, contents of communications, and health data.

Purposes of Use: Personalization. To understand you and your preferences to enhance your experience and enjoyment using our services.

Categories of Information: Contact information, demographic data, payment information, content and files, identifiers and device information, geolocation data, log data, usage data, sensor data, and inferences.

Sensitive Information: Account access information, sensitive demographic data, contents of communications, and health data.

Purposes of Use: Customer support. To provide customer support and respond to your questions.

Categories of Information: Contact information, demographic data, payment information, content and files, identifiers and device information, geolocation data, log data, usage data, sensor data, and inferences.

Sensitive Information: Account access information, sensitive demographic data, contents of communications, and health data.

Purposes of Use: Communications. To send you information, including confirmations, invoices, technical notices, updates, security alerts, reminders, support, and administrative messages.

Categories of Information: Contact information, demographic data, payment information, content and files, identifiers and device information, geolocation data, log data, usage data, sensor data, and inferences.

Sensitive Information: Sensitive demographic data and health data.

Purposes of Use: Marketing. To communicate with you about new services, offers, promotions, rewards, contests, upcoming events, and other information about our services and those of our selected partners.

Categories of Information: Contact information, demographic data, payment information, content and files, identifiers and device information, geolocation data, log data, usage data, sensor data, and inferences.

Sensitive Information: Sensitive demographic data, health data.

Purposes of Use: Advertising. To display advertising to you.

Categories of Information: Contact information, demographic data, payment information, content and files, identifiers and device information, geolocation data, log data, usage data, sensor data, and inferences.

Sensitive Information: Sensitive demographic data and health data.

Purposes of Use: Product and service delivery. To provide and deliver our services, including troubleshooting, improving, and personalizing those services.

Categories of Information: Contact information, demographic data, payment information, content and files, identifiers and device information, geolocation data, log data, usage data, sensor data, and inferences.

Sensitive Information: Account access information, sensitive demographic data, contents of communications, and health data.

Purposes of Use: Business operations. To operate our business, such as billing, accounting, improving our internal operations, securing our systems, detecting fraudulent or illegal activity, and meeting our legal obligations.

Categories of Information: Contact information, demographic data, payment information, content and files, identifiers and device information, geolocation data, log data, usage data, sensor data, and inferences.

Sensitive Information: Account access information, sensitive demographic data, contents of communications, and health data.

Purposes of Use: Product improvement, development, and research. To develop new services or features and conduct user research (surveys, interviews).

Categories of Information: Contact information, demographic data, payment information, content and files, identifiers and device information, geolocation data, log data, usage data, sensor data, and inferences.

Sensitive Information: Account access information, sensitive demographic data, contents of communications, and health data.

Purposes of Use: Personalization. To understand you and your preferences to enhance your experience and enjoyment using our services.

Categories of Information: Contact information, demographic data, payment information, content and files, identifiers and device information, geolocation data, log data, usage data, sensor data, and inferences.

Sensitive Information: Account access information, sensitive demographic data, contents of communications, and health data.

Purposes of Use: Customer support. To provide customer support and respond to your questions.

Categories of Information: Contact information, demographic data, payment information, content and files, identifiers and device information, geolocation data, log data, usage data, sensor data, and inferences.

Sensitive Information: Account access information, sensitive demographic data, contents of communications, and health data.

Purposes of Use: Communications. To send you information, including confirmations, invoices, technical notices, updates, security alerts, reminders, support, and administrative messages.

Categories of Information: Contact information, demographic data, payment information, content and files, identifiers and device information, geolocation data, log data, usage data, sensor data, and inferences.

Sensitive Information: Sensitive demographic data and health data.

Purposes of Use: Marketing. To communicate with you about new services, offers, promotions, rewards, contests, upcoming events, and other information about our services and those of our selected partners.

Categories of Information: Contact information, demographic data, payment information, content and files, identifiers and device information, geolocation data, log data, usage data, sensor data, and inferences.

Sensitive Information: Sensitive demographic data, health data.

Purposes of Use: Advertising. To display advertising to you.

Categories of Information: Contact information, demographic data, payment information, content and files, identifiers and device information, geolocation data, log data, usage data, sensor data, and inferences.

Sensitive Information: Sensitive demographic data and health data.

We combine data we collect from different sources for these purposes and to give you a more seamless, consistent, and personalized experience. See “Your rights and choices” for information about how to update or change your preferences.

How and when we share your information:
We may share your information with, for example:

Other services: Other services, at your direction, when you decide to link your BridgMed account to those services. If you link your BridgMed account to any of those third parties or allow us to share your information with them, that data is governed by their privacy policies.
Service providers: We provide your information to vendors or agents working on our behalf for the purposes described in this policy. For example, companies we’ve hired to provide customer service support or assist in protecting and securing our systems and services may need access to your information to provide those functions.
Financial services and payment processing: When you provide payment data, for example, to make a purchase, we will disclose payment and transactional data to banks and other entities as necessary for payment processing, fraud prevention, credit risk reduction, analytics, or other related financial services.
Corporate transactions: We may disclose your information as part of a corporate transaction or proceeding such as a merger, financing, acquisition, bankruptcy, dissolution, or a transfer, divestiture, or sale of all or a portion of our business or assets.
Legal and law enforcement: We will access, disclose, and preserve your information when we believe doing so is necessary to comply with applicable law or respond to valid legal processes, including from law enforcement or other government agencies.
Safety, security, and protecting rights:
We will also disclose your information if we believe it is necessary to:

Protect our customers and others; for example, to prevent spam or attempts t commit fraud or to help prevent the loss of life or serious injury.

Operate and maintain the security of our services, including preventing or stopping an attack on our computer systems or networks.

Protect the rights or property of ourselves or others, including enforcing our agreements, terms, and policies.

Advertising providers: Third-party analytics and advertising companies also collect personal data through our website and apps, including identifiers and device information (such as cookie IDs, device IDs, and IP address), geolocation data, log data, and inferences based on and associated with that data, as described in our Cookie Policy. These third parties may combine this data across multiple sites to improve analytics for their own purposes and for others. For example, we use Google Analytics on our website to help us understand how users interact with our website; you can learn how Google collects and uses the information at http://www.google.com/policies/privacy/partners.

Some of the information disclosures to these third parties may be considered a “sale” or “sharing” of personal information as defined under the laws of California and other U.S. states. Please see “Your rights and choices” and “California residents” below for more details.

How long we keep your information:
We keep your information only so long as we need it to provide our services to you, fulfill the purposes described in this policy, comply with our legal obligations, resolve disputes, and enforce our agreements. Actual retention periods can vary significantly based on your expectations and consent, the sensitivity of the data, the availability of automated controls, and our legal or contractual obligations.

Your rights and choices:
Our goal is to give you simple and meaningful choices regarding your information. If you have a BridgMed account, many of these controls are built directly into your settings. For example, you can:

Edit information in your profile at any time.
Link or unlink your BridgMed account from other services.
Choose whether BridgMed will be customized using your inputs (for example, by adding or removing your food entries).
Close your account at any time. When you close your account, we’ll deactivate it and delete your account data. (Please note that there may be legal reasons to keep your data, such as if we receive a law enforcement request asking us to preserve data.)
In some jurisdictions, these controls and choices may be enforceable as rights under applicable law.

Access and portability of your information: We can usually share this with you in a portable format within 30 days of you asking us. To request data export, please get in touch with us at support@BridgMed.health using the email address tied to your BridgMed account.

Correction and deletion of your information: You can log into your profile to update your information or delete your data anytime by closing your account. Please note that there may be legal reasons to keep your data, such as if we receive a law enforcement request asking us to preserve data. To request account deletion, please get in touch with us at support@BridgMed.health using the email address tied to your BridgMed account.

Object to us processing your information: You can ask us to stop using your information for certain purposes, including when we use your information to send you marketing emails or SMS messages. If you opt out of receiving marketing messages from us, we may still send you updates about your account, such as when you request reminders to log in.

Targeted advertising: To learn how to opt-out from or change your preferences for targeted advertising, please visit our Cookie Policy.

Data sharing or sales: Some privacy laws define “data sharing” or “sales” to include some of the disclosures described in “How and when we share your information” above. Please follow the “Your Privacy Choices” link to opt out of these disclosures.

Browser or device controls: To learn how to use browser and device controls to express your choices, including the Global Privacy Control, please visit our Cookie Policy. If you have questions, please don’t hesitate to contact us.

Research participation:
We are committed to validating our approach to lifelong behavior change using science. We publish using only aggregated, de-identified data. If you would not like your information used in our studies, please get in touch with support@BridgMed.health.

Transferring your information:
The information we collect may be stored and processed in your country or region or in any other country where we or our affiliates, subsidiaries, or service providers process data. Currently, we primarily use data centers in the United States. These locations were chosen to operate efficiently and improve our performance.

We take steps to protect your information as described in this policy wherever the data are located, some of which have not been determined by the European Commission to have an adequate level of data protection. When we do so, we use legal mechanisms, including contracts, to help ensure your rights and protections. To learn more about the European Commission’s decisions on the adequacy of personal data protection, please visit https://ec.europa.eu/commission/presscorner/detail/en/ip_22_7631.

California residents:
If you are a California resident, you have certain rights you should know about:

Notice at Collection: You have a right to receive notice of our practices before or when we collect your information, including the categories of information and sensitive personal information collected, the purposes for which such information is collected or used, whether such information is sold or shared, and how long such information is retained. You can find those details in this policy under the headers above.

Right to Know: You have a right to see the information we have collected about you. You may request your information by contacting us at support@BridgMed.health using the email address tied to your BridgMed account. You also have a right to request additional information about our collection, use, disclosure, selling, or sharing of such information. You can find those details in this policy under the headers above.

Rights to Request Correction or Deletion: You also have the right to request that we correct inaccurate information about you or delete your information. You can log into your profile to update your information or delete your data at any time by logging into your account or by contacting us at support@BridgMed.health using the email address tied to your BridgMed account. Please note that there may be legal reasons to keep your data, such as if we receive a law enforcement request asking us to preserve data.

Right to Opt-Out/Right to Limit Use and Disclosure of Sensitive Personal Information: You have a right to opt-out from the “sale” or “sharing” of your personal information. BridgMed does not sell your personal information. However, we do use services that help deliver interest-based marketing and advertising to you outside of BridgMed.

You also have a right to limit our use of sensitive personal information for purposes other than to provide BridgMed. As a wellness service, the information we collect often pertains to your health.

Please visit “Your Privacy Choices” if you do not wish for our partners or us to share information relating to your use of BridgMed for marketing and advertising purposes.

BridgMed does not sell or share the personal information of children or teens.

Right Against Discrimination: BridgMed will never discriminate against you for exercising these rights.

You may designate, in writing or through a power of attorney, an authorized agent to exercise these rights on your behalf. Before accepting such a request from an agent, we will require the agent to provide proof that you have authorized them to act on your behalf, and we may need you to verify your identity directly with us.

Lastly, under California Civil Code section 1798.83, also known as the “Shine the Light” law, California residents who have provided personal information to a business with which they have established a business relationship for personal, family, or household purposes (“California Customers”) may request information about whether the business has disclosed personal information to any third parties for the third parties’ direct marketing purposes.

Residents of the EEA, UK, and Switzerland:
If the processing of your information is subject to the European Economic Area (EEA), United Kingdom (UK), or Swiss data protection law, you have certain rights with respect to that data:

You can request access to and rectification or erasure of your information by contacting us at support@BridgMed.health using the email address tied to your BridgMed account;
If any automated processing of your information is based on your consent or a contract with you, you have a right to transfer or receive a copy of the personal data in a usable and portable format;
If the processing of your information is based on your consent, you can withdraw consent at any time for future processing;
You can object to, or obtain a restriction of, the processing of your information under certain circumstances; and
For residents of France, you can send us specific instructions regarding the use of your data after your death.
To make such requests, please get in touch with us at support@BridgMed.health. When we are processing data on behalf of another party that is the “data controller,” you should direct your request to that party. You also have the right to lodge a complaint with a supervisory authority, but we encourage you to contact us first with any questions or concerns.

We rely on different lawful bases for collecting and processing your information. For example, with your consent or as necessary to provide the services you use, operate our business, meet our contractual and legal obligations, protect the security of our systems and our customers, or fulfill other legitimate interests.

If you have any questions about our data processing activities, please get in touch with us at support@BridgMed.health.

If you think that we haven’t complied with data protection laws, you have a right to lodge a complaint with the Data Protection Commission in Ireland or with your local supervisory authority.

Changes to this policy:
We may change this policy from time to time, and if we do, we’ll post any changes on this page. If you continue to use BridgMed after those changes are in effect, you agree to the new policy. If the changes are significant, we may provide more prominent notice or obtain your consent to the changes.

Contact us: The best way to get in touch with us is by emailing support@BridgMed.health.
COOKIE POLICY

Cookie Policy

Our Privacy Policy describes how we collect and use the information and what choices you have. One way we collect information is through the use of a technology called “cookies,” pixels or web beacons, local storage, mobile device IDs, and software development kits (SDKs). These and similar technologies help us and our partners collect data, including usage data, identifiers, and device information.

What’s a cookie?
Our partners and we use a variety of ways to automatically collect data when you visit our sites and use our apps. This Cookie Policy refers to these technologies collectively as “cookies.”

When you go online, you use a program called a “browser” (like Firefox, Safari, or Chrome). Most websites store a small amount of text in the browser called a “cookie.” A cookie can later be read when your browser connects to a web server in the same domain that placed the cookie. The text in a cookie contains a string of numbers and letters that may uniquely identify your device and can contain other information as well. This allows the web server to recognize your browser each time it connects to that web server.

We use session cookies (that last until you close your browser) or persistent cookies (that last until you or your browser delete them). For example, we use persistent cookies to store your language preferences or other settings, so you don’t have to set them up every time you visit BridgMed.

Web beacons are electronic images (also called single-pixel or clear GIFs) contained within a website or email. When your browser opens a webpage or email that contains a web beacon, it automatically connects to the web server that hosts the image (typically operated by a third party). This allows that web server to log information about your device and to set and read its own cookies. In the same way, third-party content on our websites (such as embedded videos and plug-ins) results in your browser connecting to the third-party web server that hosts that content. We also include web beacons in our email messages to tell us if you open and interact with them.

Mobile analytics and advertising IDs are generated by operating systems for mobile devices (iOS and Android). They can be accessed and used by apps in much the same way that websites access and use cookies. Our apps contain software that enables us and our third-party analytics and advertising partners to access these mobile IDs.

Some of the cookies we use are associated with your BridgMed account (including information about you, such as the email address you gave us), and other cookies are not.

How our partners and we use cookies.
We, and our analytics and advertising partners, use these technologies in our websites, apps, and online services to collect personal data (such as the pages you visit, the links you click on, and similar usage information, identifiers, and device information) when you use our services, including personal data about your online activities over time and across different websites or online services. There are four categories for which third parties and we may use cookies.

Essential cookies. We may use essential cookies to enable you to sign in, help protect you and your data, and remember your settings and preferences, like the language you prefer and your privacy settings.

Analytics cookies. We use analytics cookies to make BridgMed better. For example, these cookies help us analyze how our websites and apps perform and tell us how many people use a certain feature and how popular it is.

Personalization cookies. We may use cookies to help us remember your preferences, including which websites you’ve interacted with, so we can show you related content you might like.

Marketing cookies. Our advertising and social media partners and we may use cookie data to track your interaction with the site or app, develop inferences, and deliver and tailor interest-based advertising, including marketing BridgMed on other websites and apps.

We and/or our partners also share the data we collect or infer with third parties for these purposes. For more information about the third-party analytics and advertising partners that collect personal information on our services, please see the section “What we do with the info we collect.” in our Privacy Policy.

Your rights and choices.
There are a few ways you can choose how cookies are used on BridgMed:

Cookie controls. You can Manage Cookies at any time. If you’ve consented to a category of non-essential cookies and later change your mind, you can click on “Reject All” from the Manage Cookies panel.

There are also online tools used by our partners such as:

United States: NAI (http://optout.networkadvertising.org) and DAA (http://optout.aboutads.info/)

Canada: Digital Advertising Alliance of Canada (https://youradchoices.ca/)

Europe: European Digital Advertising Alliance (http://www.youronlinechoices.com/)

These allow you to choose how cookies by some of our partners are used throughout the web-based on the device and browser you are using.

Your browser or device may also give you cookie choices. Your browser may let you delete or block “third-party cookies” from sites other than the one you’re visiting. Those options vary from browser to browser, so check your browser settings for more info.

Note that if you choose to delete or block cookies, this could affect certain features or services on our website.

Mobile Advertising ID controls. Similarly, your mobile device typically has settings that allow you to control how ad partners can track and use information about you for targeted advertising. You can opt out of ad tracking and reset your advertising ID through your device settings.

Global Privacy Control. Some browsers support the “Global Privacy Control” (GPC) or similar controls that can send a signal to the websites you visit, indicating your choice to opt out from certain things, including data sales and targeted advertising. When we detect such a signal, we will work to respect your choices.

Email controls. Lastly, most email clients have settings that allow you to prevent the automatic downloading of images, including pixels and web beacons.

Changes to this policy.
We may change this policy from time to time, and if we do, we’ll post any changes on this page. If you continue to use BridgMed after those changes are in effect, you agree to the new policy.

Contact us: The best way to get in touch with us is by emailing support@BridgMed.com.