Current as of April 1, 2024

Privacy Policy

This Privacy Policy describes how Dimer Health collects and uses Personal Information about you through the use of our Website, mobile application, and through email, text, and other electronic communications between you and Dimer Health

Privacy Policy Change

Dimer Health reserves the right to modify, expand, or remove portions of this Privacy Policy from time to time. Any and all changes to this Privacy Policy will be reflected here and the date new versions are posted will be stated at the bottom of this Privacy Policy. Your continued use of the Sites and the Services indicates your agreement with these modifications and updates. If you do not agree with the changes, then you should stop using the Sites and the Services and notify us that you do not want your Personal Information used in accordance with the changes. If we make significant material changes in the way we handle Personal Information, we will send a notice to you at the email address that we have on file and/or by posting a prominent notice on the Sites.

Personal Information

When referred to in this Privacy Policy, the term “Personal Information” includes any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual or household, including any information that is subject to applicable data protection laws. Personal Information may include “Personal Information” as defined under the California Consumer Privacy Act, Cal. Civ. Code §§ 1798.100 et. seq., as amended (“CCPA”).

Protected Health Information

Dimer Health is also committed to protecting the privacy of your protected health information (“Protected Health Information”). “Protected Health Information” is a subset of Personal Information that is information about you, including demographic information, that may identify you and that relates to your past, present or future physical or mental health or condition; related health care services; or related to the past, present, or future payment for the provision of health care to you. For a description of how we may use and disclose your Protected Health Information to carry out treatment, payment or health care operations and for other purposes that are permitted or required by law, including the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), please refer to our HIPAA Notice of Privacy Practices . Any conflict between this Privacy Policy and the HIPAA Notice of Privacy Practices with respect to such submitted Protected Health Information shall be governed by the HIPAA Notice of Privacy Practices.

Personal Information We Collect

Dimer Health collects information that you provide, including but not limited to:

• Personal and contact information, such as your name, address, telephone number, email address, birth date, gender, race, sexual orientation, gender identity, marital status, ethnicity, electronic signature, and federal or state issued identification;
• Payment information, such as credit card information, insurance information, and billing address;
• Employment information, such as job title, professional experience, education, performance history, salary, and compensation;
• Health information, such physical or psychological state of health (e.g., laboratory data), medical history, medical treatment or diagnosis, and health care provider information
• Information you post, if you comment or otherwise provide information in a public space on the Sites
• Other information you give us when you contact our customer service team or otherwise communicate with us and if you participate in a survey or sweepstakes; includes information needed for you to participate (such as contact information), and to fulfill your prize
• Username and password that you may select in connection with establishing your Account
• Content shared via communications with us through your use of the Services such as when you engage in our telehealth services and/or interact with our in-app messaging services, which may include, chat messaging content any images and/or files, including any medical records uploaded by you.

We may use automated technology such as cookies and other tracking software to collect Personal Information from your computer system or mobile device. We may collect the following information:

• Internet Protocol (IP) address or other device identifier
• Browser type and version
• Browsing information, such as pages you view and the links you click, and whether you access our website via a social media site
• Time zone setting
• Browser plug-in types and versions
• Operating system and platform
• Other portable device information
• With your permission, we may also collect your precise location data. We may also collect the time spent visiting, usage patterns, and the domain name of the website from which you linked to the Sites
• In connection with your appointment with a Provider and with your permission, we may also access certain device information, such as information about speakers, microphone, camera, WiFi information and other device information like Bluetooth signals

In addition to the above, if you are a Provider (as defined in our Terms of Use), we may also collect:

• Information about the Services with which you have engaged
• Details about our interactions with you and the agreements you have executed with us
• Public information related to your practice, such as license information, disciplinary history, legal and regulatory proceedings, and other due diligence information

Notice on COVID-19 and data collection consent

Dimer Health provides members with virtual medical care and mental healthcare, for conditions including but not limited to COVID-19. Dimer Health collects personal data to support a patient's ability to speak with a Board-certified doctor over video through the app and deliver care related to conditions including but not limited to COVID-19. For COVID-19 related purposes, qualified patients may be able to use Dimer Health to: discuss symptoms with a doctor; receive a diagnosis; receive lab orders and results; receive a COVID-19 treatment prescription. Dimer Health only uses the personal data it acquires for COVID-19 related purposes in conjunction with its app's user-facing purpose.

How We Collect Your Personal Information

We may obtain Personal Information:

• When you provide it directly (such as by registering for your Account). We might also collect information if you post a review or contact us
• Automatically when you visit the Sites or use the Services (such as from cookies)
• From your communications with us through your use of the Services such as when you engage in our telehealth services and/or interact with our in-app messaging services
• From third parties (such as when you make payments to us using our payment processor)
• From our affiliates, including the Providers (e.g., professional health care provider) about your participation in the Services

We may combine information from different sources

For example, we may combine information that we have collected offline with information we collect online, or we may combine information we get from a third party with information we already have.

If you submit any Personal Information relating to other people to us, you represent that you have the authority to do so and to permit us to use the information in accordance with this Privacy Policy.

Information Gathered from Cookies and Other Similar Technologies

Dimer Health uses cookies and other similar technologies (such as pixels and advertising tags) to ensure the quality of your visit. In particular, Dimer Health uses cookies to recognize users and their behaviors across our Services, streamline the login process, maintain a Member's state while using our Services, and remember user-specific preferences. You can always set your browser not to accept cookies; however, you should be aware that in some cases, some of our Services may not function as a result.

Strictly Necessary Cookies

These cookies are essential in order to enable you to move around the Sites and use their features. Without these cookies, services you have requested, such as remembering your login details or submitted information, cannot be provided.

Performance Cookies

These cookies collect anonymous information on how people use the Sites. For example, we use Google Analytics cookies to help us understand how individuals arrive at the Sites, browse or use the Sites, and highlight areas where we can improve such as navigation and marketing campaigns. The data stored by these cookies never shows personal details from which your individual identity can be established.

Functionality Cookies

These cookies remember choices you make such as the country from which you visit the Sites, language, and search parameters. These can then be used to provide you with an experience more appropriate to your selections and to make the visits more tailored and pleasant. The information these cookies collect may be anonymized and they cannot track your browsing activity on other websites.

Targeting Cookies or Advertising Cookies

These cookies collect information about your browsing habits in order to make advertising more relevant to you and your interests. They are also used to limit the number of times you see an ad as well as help measure the effectiveness of an advertising campaign. The cookies are usually placed by third party advertising networks. They remember the websites you visit and that information is shared with other parties such as advertisers.

We may use different kinds of cookies including session ID cookies and persistent cookies. Session ID cookies are used to personalize your user experience, to determine ways to improve the Sites and the Services we offer. These cookies are deleted when you close your browser session. Persistent cookies are used to collect information such as IP addresses, browser type, Internet Service Provider (ISP), referring/exit pages, platform type, date/time stamp, and number of clicks.

You can change your settings for cookies and similar technologies by clicking on the cookie consent box on the Sites. In addition, you can refuse or accept cookies from the Sites at any time by activating the settings on your browser. You are always free to decline our cookies if your browser permits, but some parts of the Sites may not work properly if you do. Check the “Help” menu of your browser to learn how to change your cookie preferences. To find out more about cookies, visit www.aboutcookies.org.

We may also use technologies similar to cookies, such as Google Analytics and FaceBook/Meta Analytics. We use Google Analytics to collect anonymized statistics in order to improve the Sites and the Services. We do not combine the information collected through the use of Google Analytics with Personal Information. You can selectively disable Google Analytics by installing the opt-out component provided by Google on your browser. You can refer to the following links for more information: Google Analytics and privacy and Google Analytics opt-out browser.

We use Meta Business tools for conversion tracking, which is an analytics service provided by Meta that connects data from the Meta advertising network with actions performed on the Sites. Information collected includes anonymized usage data of our website, such as specific actions taken on our website, which are tracked and attributed using Meta's pixel. You can refer to the Meta's Privacy Policy for more information

Do Not Track

Many web browsers allow for the use of a “Do Not Track” (“DNT”) function to inform websites that you do not want your online activities tracked. We endeavor to cooperate with DNT signals. When you choose to turn on the DNT setting in your browser, your browser sends a signal to websites, analytics companies, ad networks, plug in providers, and other web services you encounter while browsing to stop tracking your activity. DNT signals are not universal, and in special circumstances, Dimer Health reserves the right to refrain from complying with signals, such as when the signal is indecipherable or incompatible with our processes. Similar to our note about cookies, if you choose to turn on your DNT setting within your browser, some of our Services may not function as a result.

How We Use Your Personal Information

Dimer Health only uses your personal information to provide our services, personalize your experience, comply with security measures as well as the law, or to fulfill business obligations. We may also need to use your personal data to address your own requests for that data, or to comply with your rights.

Providing our Services

• Operate our business (e.g., manage your Account, provide and personalize our Services, and process payments)
• Provide customer support
• Communicate with you, including about the Services and the related services offered by Providers that treat you (e.g., surveys and feedback)
• Provide you with newsletters, articles, alerts, announcements, invitations, and other information about the Services
• Manage our vendor and partner relationships

Personalizing your Experience

• Better design the Sites to improve users' experiences, both in terms of content and ease of use
• Analyze your interactions with the Services and third parties' online services so we can tailor our advertising in ways we think will interest you

Marketing

• To conduct outreach and engagement communications to make you aware of the Services
• Dimer Health's advertising practices align with industry best practices for internet-based advertising. You may choose not to receive future promotional, advertising, or other Service-related notifications from us by opting out of such advertising on your settings. If you choose not to receive notifications, you may still use the Service but you may not receive, or may be unable to use, certain services that involve our interaction with you.
• To communicate with you about new contests, promotions and rewards, upcoming events, and other news about products and services offered by Dimer Health and our selected partners
• Dimer Health reserves the right to show you sponsored content, which may or may not look similar to non-sponsored content, although we will alert you to the nature of the content by adding a tag (such as “sponsored content” or “advertisement”). If you choose to comment, share or similarly engage with sponsored content, your action may be viewable by your connections on your feed as well as by the sponsor. The choice over whether to engage with sponsored content is yours.
• Dimer Health may generate insights based on information that does not identify you or is not personal to you. For example, Dimer Health may monitor usage patterns across our Services in order to make platform improvements or monitor our content in order to ensure that the tools and services we provide are of interest to you (e.g., how often Members watch the videos we offer or click partner content). In such cases, we do not use this data in a way that would identify you. However, if you view or click on an ad on or off our Services, the ad provider may get a signal that someone visited a page which displayed the ad, and they may, through the use of their own mechanisms such as cookies, determine that the user is you. In such instances, we endeavor to ensure that the advertising services that operate on Dimer Health's platforms comply with this Privacy Policy and, if the advertiser has their own Privacy Policy, we encourage you to consult that policy as well.
• Dimer Health does not share your personal data with any third-party advertisers or ad networks except for in the instance of: (1) hashed IDs, device identifiers, or pseudonymous data (to the extent that they are personal data in some countries); (2) with your separate permission or (3) data already visible to any users of our Services (e.g., profile or public feed data).

Other Instances (Monitoring for Fraud, Complying with Lawful Requests for Data, and More)

• Track and monitor end user interaction with the Services
• Ensure the security and integrity of the Services
• Enforce our Terms of Use and other legal terms and policies
• Protect our and others' interests, rights, and property (e.g., to protect our copyrighted materials)
• Comply with applicable legal requirements, such as tax and other government regulations and industry standards, contracts, and law enforcement requests

Use of Anonymous Information

We may use Anonymous Information (as defined below), or disclose it to third party service providers, to provide and improve the Service. We may also disclose Anonymous Information (with or without compensation) to third parties, including advertisers and partners, for purposes including, but not limited to, targeting advertisements. “Anonymous Information” means information which does not enable identification of an individual user, such as aggregated information about use of the Service.

Sharing of Your Personal Information

YOUR PERSONAL INFORMATION WILL NOT BE SOLD. Nor will Your Personal Information be licensed or disclosed to unaffiliated third-parties, except in connection with the sale, transfer, merger, consolidation or other transaction involving all or part of our company or as may be permitted under applicable law.

Dimer Health will share your Personal Information as described in this Privacy Policy or when you otherwise consent (if required by law). We may share your Personal Information with our partners and affiliates as necessary to contact you or provide you with the requested Services. We may disclose your Personal Information to the Providers, pharmacies, or other persons or entities working on your behalf, including without limitation, for arranging appointments or communications, providing telehealth or other health care services as part of the Services, obtaining medication, or for payment or health care operations purposes.

Dimer Health also may share this Personal Information to outside contractors, advisors, auditors, vendors, consultants, or others engaged by Dimer Health to assist in providing financial or operational activities on Dimer Health's behalf, including technical and processing services and analysis of the Sites' performance. Additionally, we reserve the right to disclose to third parties non-personally identifiable information collected for any lawful purpose, including but not limited to, aggregate or de-identified data.

Dimer Health may disclose your Personal Information to third parties when obligated or permitted to do so by law or if we have a good faith belief that such disclosure is necessary to comply with a current judicial proceeding, court order, or legal process served on Dimer Health or to investigate, prevent, or resolve any suspected or actual unlawful activities, such as potential fraud, or a perceived irregularity in any audits of the accuracy of any documentation or information submitted to Dimer Health by you or on your behalf, as deemed appropriate by Dimer Health.

Dimer Health may be required or permitted by law to share your Personal Information, without prior notice to you, to maintain, safeguard and/or preserve all the rights and/or property of Dimer Health and perform under demanding conditions in an effort to safeguard the personal safety of users of the Sites and/or the general public, including but not limited to, reporting adverse reactions to certain items, product recalls, preventing disease, and for health research purposes. We may dispute such requests when we believe, in our discretion, they are overbroad, vague or lack proper authority, but we do not promise to challenge every demand.

Finally, Dimer Health may disclose or transfer information, including any Personal Information, to a successor entity (or potential buyer) in connection with a proposed or actual corporate merger, acquisition, consolidation, sale of assets, bankruptcy, or other corporate change. In addition, in the event Dimer Health becomes the subject of an insolvency proceeding, whether voluntary or involuntary, Dimer Health or its liquidator, administrator, receiver, or administrative receiver may sell, license, or otherwise dispose of such information in a transaction approved by the court.

Links to Other Websites

The Sites may contain links to other websites that have information we believe may be of interest to you. We do not endorse these websites. While we try to link only to websites that share our high standards and respect for privacy, we are not responsible for the content of the websites or privacy practices employed by other websites. We encourage you to read the privacy policy of each website you visit that may collect information or ask you to disclose Personal Information. This Privacy Policy does not apply to information collected on external websites that may be linked to or through the Sites.

Cross-Border Transfers

All of the information that you provide to Dimer Health will be stored and processed in the United States. If you are accessing the Sites from other jurisdictions, please be advised that you are transferring your Personal Information to us in the United States where data protection and privacy laws may be less stringent than the laws of your country. BY USING THE SITES AND/OR THE SERVICES, YOU CONSENT TO THE TRANSFER AND USE OF YOUR PERSONAL INFORMATION IN ACCORDANCE WITH THIS PRIVACY POLICY.

Retention of Personal Information

Except to the extent prohibited by law, and subject to this Privacy Policy, we will retain and use your Personal Information for as long as it is needed to provide you with the Services you have requested or access to the Sites and the Services, to document our business relationship with you, and as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Security Methods

Dimer Health has implemented commercially reasonable physical, technical, and administrative security measures designed to protect your Personal Information, including a secure firewall and use of security infrastructure. As an additional security measure, your Personal Information is also encrypted during transmission using SSL security, an industry standard secure technology. SSL encryption is indicated on your Web browser by the display of a lock or key on the browser status bar. Nonetheless, no such measure is ever 100% effective; therefore, we do not guarantee that your Personal Information will be secure from theft, loss, or unauthorized access or use, and we make no representation as to the reasonableness, efficacy, or appropriateness of the measures we use to safeguard such Personal Information. We encourage you to use caution when using the Internet. This includes not sharing your passwords.

If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of your Account has been compromised), please immediately notify us by contacting us at contact@dimerhealth.com

Your Rights

Depending on your jurisdiction, you may have certain rights regarding our collection, use, and sharing of your Personal Information. If you have any questions regarding these rights, please contact us at: contact@dimerhealth.com. Please note that we may request additional information to respond to or fulfill any requests regarding your rights under applicable laws or regulations.

You can always opt out of any subscription for emails, involving any updates, information, postings, news, and/or press releases, by clicking “Unsubscribe” at the bottom of the email. We might still send you some important emails, like responding to you by email if you send us a request or comment.

Notice to California Residents

The California Consumer Privacy Act of 2018 (“CCPA”), as amended by the California Privacy Rights Act (“CPRA”, collectively “CCPA”), and other California privacy laws provides California residents (i.e., consumers) with specific rights regarding personal information. This section of the Privacy Notice describes those CCPA rights and how to exercise those rights.

Information Exempt from the CCPA

Note that certain information that is governed by other laws, such as the California Confidentiality of Medical Information Act (CMIA) or the Health Insurance Portability and Accountability Act of 1996, as implemented and amended (HIPAA), is not considered Personal Information with respect to the rights of California residents noted above. However, additional rights might be available under those laws and standards. For more information, please review our HIPAA Notice of Privacy Practices.

As a California resident, you have the right, subject to certain exceptions defined in the CCPA and other applicable laws and regulations, to request that companies disclose certain information to you about their collection and use of your Personal Information over the past twelve (12) months. This right of access includes information about:

• The categories of Personal Information we collected about you
• The categories of sources for the Personal Information we collected about you
• Our business or commercial purpose for collecting that Personal Information
• The categories of third parties with whom we share that Personal Information
• The categories of Personal Information that each recipient received
• The specific pieces of Personal Information we collected about you

You shall have the right to request that the information described above be provided to you in a portable and readily usable format, to the extent technically feasible (“data portability”).

Dimer Health does not sell your personal information.

Deletion and/or Correction Request Rights

You have the right, subject to certain exceptions defined in the CCPA and other applicable laws and regulations, to request that Dimer Health delete and/or correct any of your Personal Information that it has collected from you and retained.

To the extent that Dimer Health can delete or correct your Personal information, once Dimer Health receives and confirms your verifiable consumer request, Dimer Health will delete and/or correct (and direct our service providers to delete) your Personal Information, unless an exception applies.

We may deny your deletion request if retaining the information is necessary for us or our service providers to:

• Complete the transaction for which we collected your Personal Information, provide a goodor service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, your employer, or your health plan carrier, or otherwise perform ourServices.
• Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity,or prosecute those responsible for suchactivities.
• Debug products to identify and repair errors that impair existing intended functionality.
• Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
• Comply with the California Electronic Communications Privacy Act (Cal. Penal Code §1546 seq.).
• Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information's deletion may likely render impossible or seriously impair the research's achievement, ifyou previously provided informed consent.
• Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
• Comply with a legal obligation.
• Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

Additionally, Dimer Health may deny your deletion and/or correction request if the information sought to be deleted is protected health information disclosed to us as part of your participation in an employer-sponsored group health plan and/or your health plan carrier through which you have purchased a health plan or other benefits.

We may deny your correction request if, after considering the totality of the circumstances, we determine that the information is more likely accurate than not.

Non-Discrimination

California consumers also have the right not to receive discriminatory treatment if they exercise the rights listed herein.

Under the CCPA, California residents have the right to limit the use of their sensitive personal information (“SPI”) to only those purposes that are necessary for the business to provide products or services to the consumer. Dimer Health does not use any of your SPI for any other purposes than to provide the services to you.

Exercising Your Access, Data Portability, and Deletion Rights

To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to Accolade by either:

• visiting the Data Subjects Rights Portal located here;
• calling the following toll-free number at 1 (888) 914-9661, and using PIN# 494 202 to identify that you are calling with respect to Accolade.

Virginia Residents

Accolade and its affiliates are exempt from the Virginia Consumer Data Protection Act (“VCDPA”).

The VCDPA and other Virginia privacy laws provide Virginia residents (i.e., consumers) with specific rights regarding personal information. The VCDPA applies to for-profit and business-to-business companies that interact with Virginia residents, or process personal data of Virginia residents on a relatively larger scale. However, VCDPA DOES NOT apply to covered entities or business associates under the Health Insurance Portability and Accountability Act (“HIPAA”) and the Health Information Technology for Economic and Clinical Health Act. Accolade and its affiliates (including Dimer Health) are covered entities and/or business associates and are not subject to VCDPA.

Nevada Residents

Although Dimer Health does not sell Personal Information, Nevada residents have the right to submit a verified request directing Dimer Health not to sell their Personal Information. If you are a Nevada resident, and would like to submit such a request, please send your request to contact@dimerhealth.com.

Additional Terms for EU Visitors

The Sites are intended only for users located in the United States. To the extent that you are accessing this website from a location within the European Union, the following information shall apply to the collection and processing of your Personal Information.

The data controller for this Site is Dimer Health, Inc. Dimer Health processes Personal Information it collects through the Site for Dimer Health's legitimate business purposes, for example to fulfill any requests you may make in connection with your submission of personally identifiable information, to monitor and improve the quality of the Site, and to protect and defend our rights, property or safety or that of our Members and other users of the Site. You may have the right to access and/or obtain a copy of your Personal Information, correct inaccuracies in your Personal Information, request the erasure of your Personal Information and restrict the processing of your Personal Information. For more information about how you can access, rectify and erase your Personal Information or make any other requests relating to your Personal Information or to contact Dimer Health, please see the “Contact Us” section of this Privacy Notice below.

Children

This Service is neither directed to nor structured to attract children under the age of 13 years. Accordingly, we do not intend to collect Personal Information from anyone we know to be under 13 years of age. We will direct potential users under 13 years of age not to use the Service. If we determine that such information has been inadvertently collected on anyone under the age of 13, we will take the necessary steps to ensure that such information is deleted from our system's database. If you are a parent or guardian and become aware that your child has provided us with information, please contact us using one of the methods specified below.

Applicable Law

This Privacy Policy should be read in conjunction with our Terms of Use and as such shall be governed by and construed in accordance with the laws of the state of California.

Contact Us

If you have any questions about this Privacy Policy or the practices of Dimer Health, please feel free to contact us.