If you are visiting us from the European Union or European Economic Area, please be sure to read to section entitled “Additional Information for European Union Users” for information on how we comply with privacy laws applicable to you.
When registering to use the Services or if you express an interest in obtaining additional information about the Services, we may require or ask you to provide certain personally identifiable information (these are referred to below as your “Personal Contact Information”), The Personal Contact Information that we require you to provide may include, but is not limited to, the following:
Our Services are designed to provide tools for you to use to reduce stress, anxiety, and depression. In order to improve the value of the Services for you, we may give you the option of providing certain information about your mood and goals for using the Services when you register and as you use the Services. We may also give you the option to let us know whether you are working with a mental health professional. We refer to this information, together with any other information we request about your goals, mood, health habits, thoughts, and any responses to behavioral health assessments as Wellness Information.
Providing us with Wellness Information is always optional. You can refuse to provide any or all of such information to us. But providing us Wellness Information can help us tailor our Services to you and make them more effective.
When purchasing the Services, we will require you to provide financial and billing information, such as billing name and address, and credit card number (“Billing Information”).
Your Personal Contact Information, your Wellness Information, and your Billing Information are collectively referred to as your “Personal Information.”
We may use your Personal Information to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. We do not use your Wellness Information for this purpose. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send.
Data, Diagnostic & Login Information
You may be able to create, upload, publish, transmit, distribute, display, store or share information, data, text, graphics, video, messages or other materials using our Services (this is collectively referred to below as “Data”). Some of this Data may be stored and maintained on our servers. If you run into technical errors in the course of using the Services, we may request your permission to obtain a crash report along with certain logging information from your system documenting the error (“Diagnostic Information”). Such information may contain information regarding your Operating System version, hardware, browser version (and .NET version information in case of Windows systems), and your email address, if provided. Additionally, certain login information may be maintained in a cookie stored locally on your personal computing device (i.e. not on a server) in order to streamline the login process (“Login Information”).
Apple’s Health App and the Apple HealthKit API
Certain features of the Services may actively record information about yourself as you use the Services. This tracking is accomplished through integration with Apple’s HealthKit API and the Apple Health App. Such information is referred to as “Apple Health Data.”
As you use our Services, we may also collect information through the use of commonly-used information-gathering tools, such as cookies, log files, and Web beacons. Such Information may include standard information regarding your mobile device, browser type, browser language, Operating System, Internet Protocol (“IP”) address, and the actions you take on our web site (such as the web pages viewed and the links clicked) or while using the Services. Collectively, this information is referred to as “Analytics Information.”
We only collect your real-time geo-location in order to provide location-based search results in our Therapist Directory. We do not log this location or use your geo-location in any other way while using the Services. However, we may do so at some point in the future. We will request your permission before collecting such information.
We use the information we collect in the following ways:
Personal Contact Information
We use this information solely for the purpose of providing you with health-related feedback and self-care suggestions. This information is not used for advertising or other use-based data mining purposes. Your Wellness Information is not accessible by other users of the Services and we will not share such information with third parties without your consent, except as provided in the sections below.
We use credit card information to manage your account, to provide the Services, and to check the financial qualifications of prospective customers and to collect payment for the Services. We may use a third-party service provider to manage credit card processing. If we do so, such a service provider will not be permitted to store, retain, or use Billing Information except for the sole purpose of credit card processing on our behalf.
Data, Diagnostic Information and Login Information
We use this information for the purpose of administering and improving our Services to you. We may also use this information in a de-identified, anonymous way in conjunction with an analytics service such as Google Analytics to monitor and analyze use of the Services, for the Services’ technical administration, to increase the Services’ functionality and user-friendliness, and for other legitimate business purposes.
Apple Health Data
We use this information solely for the purpose of providing you with health-related feedback and self-care suggestions. This information is not used for advertising or other use-based data mining purposes. Your Apple Health Data is not accessible by other users of the Services and we will not share such information with third parties without your consent, except as provided in the sections below.
We use this information to provide you with the Services. We may also use your Analytics Information in a de-identified, anonymous way in conjunction with an analytics service such as Google Analytics to monitor and analyze use of the Services, for the Services’ technical administration, to increase the Services’ functionality and user-friendliness, and to verify users have the authorization needed for the Services to process their requests.
Your information, including Personal Information, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.
If you are located outside United States and choose to provide information to us, please note that we transfer the data, including Personal Data, to United States and process it there.
From time to time we may employ third parties as contractors to help us provide and/or improve the Services. These third parties may have limited access to Personal Information solely for the purpose of helping us to provide and/or improve the Services and they will be subject to contractual restrictions prohibiting them from using the information about our members for any other purpose. Such agents or third parties do not have any rights to use Personal Information beyond what is necessary to assist us. Wherever possible, these third parties will not be provided with access to your Apple Health Data.
We may disclose your Personal Information to your Medical Professional who you connect with through the Services.
We may also disclose your Personal Information with your consent.
We may disclose your Personal Information to third parties without your consent if we have reason to believe that disclosing this information is necessary to identify, contact or bring legal action against someone who may be causing injury to or interference with (either intentionally or unintentionally) our rights or property, other users of the Services, or anyone else (including the rights or property of anyone else) that could be harmed by such activities. We may disclose Personal Information when we believe in good faith that such disclosure is permitted or required by and in accordance with the law.
The security of your Personal Information is important to us. We use commercially reasonable efforts to store and maintain your Personal Information in a secure environment. Communications between the mobile applications and our servers takes place over secure HTTPS connections and your data is encrypted when it is stored on our servers. We also use commercially reasonable technical, administrative, and physical safeguards to preserve the integrity and security of the Personal Information that you provide to us. We have implemented procedures designed to limit the dissemination of your Personal Information to only such designated staff as are reasonably necessary to carry out the stated purposes we have communicated to you.
You are also responsible for helping to protect the security of your Personal Information. For instance, never give out your password, and safeguard your user name, password and personal credentials when you are using the Services, so that other people will not have access to your Personal Information. Furthermore, you are responsible for maintaining the security of any personal computing device on which you utilize the Services.
If we learn of a security breach, we may attempt to notify you electronically so that you can take appropriate protective steps. We may also post a notice on our website if a security breach occurs. Depending on where you live, you may have a legal right to receive notice of a security breach in writing.
You may be able to share Personal Information with third parties, including other Pacifica Labs users and with other services, through use of the Services.
Our Services provide social networking features that allow you to share information with other users through message boards and chat groups. Any information you share through our social networking features will be made available to all users of our Services. We cannot control how our other users will use this information. We strongly recommend that you think carefully about what information you provide through our social networking features. For example, please do not share any information that other users could use to identify you personally, such as your real name, email address, telephone number, or social security number. You are welcome to share Wellness Information through the social networking features of our Services. But remember that any such information will be available to all of our other users who will be free to use it in any way they desire.
You have the right to access the Personal Information we hold about you in order to verify the Personal Information we have collected in respect to you and to have a general account of our uses of that information. Upon receipt of your written request, we will provide you with a copy of your Personal Information, although in certain limited circumstances we may not be able to make all relevant information available to you, such as where that information also pertains to another user. In such circumstances we will provide reasons for the denial to you upon request. We will endeavor to deal with all requests for access and modifications in a timely manner.
We will make every reasonable effort to keep your Personal Information accurate and up-to-date, and we will provide you with mechanisms to correct, amend, delete, or limit the use of your Personal Information. As appropriate, this amended Personal Information will be transmitted to those parties to which we are permitted to disclose your information. Having accurate Personal Information about you enables us to give you the best possible service.
In certain circumstances, you have the right:
You have the right to data portability for the information you provide to us. You can request to obtain a copy of your Personal Information in a commonly used electronic format so that you can manage and move it.
Please note that we may ask you to verify your identity before responding to such requests.
Under California Civil Code Sections 1798.83-1798.84, California residents are entitled to ask us for a notice identifying the categories of Personal Information which we share with our affiliates and/or third parties for marketing purposes, and providing contact information for such affiliates and/or third parties. If you are a California resident and would like a copy of this notice, please submit a written request to: email@example.com.
We may employ third party companies and individuals to facilitate our Services (“Service Providers”), to provide the Services on our behalf, to perform Service-related services or to assist us in analyzing how our Services is used. These third parties have access to your Personal Information only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
A list of our current Service Providers can be found at the following URL: http://thinkpacifica.com/serviceproviders (the “Service Provider List”). The Service Provider List will be updated from time-to-time, as Service Providers are added and removed. The Service Provider List contains instructions on how to sign up to receive an email from us when updates are made the Service Provider List.
You can help by keeping us informed of any changes such as a change of email address or telephone number. If you would like to access your information, if you have any questions, comments or suggestions of if you find any errors in our information about you, please contact us at:
Pacifica Labs, Inc.
1521 Guerrero St.
San Francisco, CA 94110
If you have a complaint concerning our compliance with applicable privacy laws, we will investigate your complaint and if it is justified, we will take appropriate measures.
Last Updated: May 20th, 2018
ADDITIONAL INFORMATION FOR EUROPEAN UNION USERS
Controller and Data Protection Officer
Pacifica Labs is the controller of your personal information for purposes of European data protection legislation. You can contact our Data Protection Officer at firstname.lastname@example.org.
Lawful Basis for Data Processing
We will only collect, store, and process your personal information where a lawful basis for such processing exists, which will typically fall under one of the following scenarios:
(2) Processing is necessary for the performance of a contract to which you, the Data Subject, are party;
(3) Processing is necessary for compliance with a legal obligation to which Pacifica Labs as a Controller is subject;
(4) Processing is necessary for the purposes of the legitimate interests pursued by us as the Controller, or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of you, the Data Subject, which require protection of your personal information.
Use for new purposes
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.
By law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Information) for six years after they cease being customers for tax purposes.
In some circumstances we may anonymize your personal information (so that it can no longer be associated with you) in which case we may use this information indefinitely without further notice to you.
European data protection laws give you certain rights regarding your personal information. You may ask us to take the following actions in relation to your personal information that we hold:
Cross-Border Data Transfer
Whenever we transfer your personal information out of the EEA to countries not deemed by the European Commission to provide an adequate level of personal information protection, the transfer will be based on one of the safeguards recognized by the European Commission as providing adequate protection for personal information, where required by EU data protection legislation.