Login
Get Started

Privacy Policy

This Privacy Policy (“Privacy Policy”) describes the data protection practices of Bona Health Inc. d/b/a Bona Health (“Bona Health,” “we,” “us,” and “our”), including when you visit any Bona Health website that links to this Privacy Policy (the “Website”); use any affiliated mobile application (the “App”) that link to or contain this Privacy Policy; or otherwise provide data to Bona Health. We refer to the Website, App, and other services provided by Bona Health together in this Privacy Policy as the “Services.” This Privacy Policy is incorporated into our Terms of Use. All capitalized terms used in this Privacy Policy but not defined herein have the meanings assigned to them in the Terms of Use.

We and our service providers comply with the laws and regulations under applicable privacy laws in Canada, specifically the Personal Information Protection and Electronic Documents Act (Canada) and the Personal Health Information Protection Act (Ontario) and the regulations thereunder.

PLEASE READ THIS PRIVACY POLICY CAREFULLY TO UNDERSTAND HOW WE HANDLE YOUR INFORMATION. IF YOU DO NOT AGREE TO THIS PRIVACY POLICY, PLEASE DO NOT USE THE SERVICES.

Table of Contents:

  • Information We Collect
  • How We Use Your Information
  • How We Disclose Your Information To Others
  • How We Protect Your Information
  • Your Choices & Consent
  • Third Party Services and Notice About Health Information
  • Retention of Your Information
  • Right to Your Data
  • Changes to Our Privacy Policy
  • Contact Us

1. Information We Collect

We obtain information about you through the means discussed below when you use the Services. Please note that we need certain types of information so that we can provide the Services to you. If you do not provide us with such information, or ask us to delete it, you may no longer be able to access or use part or all of our Services.

Information You Provide to Us. We collect a variety of information that you provide directly to us. For example, we may collect your name and email address on our Contact Us page so we can reply to a message you post there. We collect your information when you open an Account and when you interact with our medical team on our App. For example, we will collect identification and contact information, such as your name, mailing address, date of birth, and payment information to be able to properly identify you, contact you, and process a credit card payment for your subscription to our Services. We will also collect information that you disclose to our medical team on our App, such as your medical history, surgeries, allergies, and other information that a medical professional may need to determine if you are eligible to receive the Services. You are under no obligation to provide us with all or some of the information required to open an account and to receive the Services, however it might preclude you from receiving our Services.

We may also collect information from you through:

  • Questions, communications, or feedback you submit to us via forms or email
  • Your participation in research and surveys
  • Requests for customer support and technical assistance, including through online chat functionalities
  • Uploads or posts to the Services
  • Employment applications you submit

The exact types of information we collect will depend upon the Services you use, how you use them, and the information you choose to provide. The types of data we collect directly from you includes:

  • Name, address, telephone number, date of birth, and email address
  • Information about your medical conditions, treatment options, physician referrals, lifestyle and personal preferences, prescriptions, and lab results or other related health information, such as your physical and emotional characteristics
  • Log-in credentials, if you create an account
  • Billing information, such as shipping address, credit or debit card number, verification number, expiration date, and identity verification information (e.g., driver’s license or other identifier), collected by our payment processors on our behalf
  • Information about purchases or other transactions with us
  • Information about your customer service and maintenance interactions with us
  • Demographic information such as your gender, race/ethnicity, and age, and similar information in connection with the Services
  • Information about others, such as if you share a family or friend’s email address or contact information to allow access to your information or name them as an emergency contact
  • Any other information you choose to directly provide to us in connection with your use of the Services.

Information We Collect Through Automated Means. We collect certain information about your use of the Services and the devices you use to access the Services, as described in this Section. As discussed further below, we and our service providers (which are third party companies that work on our behalf), may use a variety of technologies, including cookies, SDKs, and similar tools, to assist in collecting this information.

When you use our Services, we collect and analyze information such as your IP address, the geographic location of your IP address, browser types, browser language, operating system, software and hardware attributes (including device IDs) referring and exit pages and URLs, platform type, the number of clicks, files you download, domain names, landing pages, pages viewed and the order of those pages, the amount of time spent on particular pages, the terms you use in searches on our sites, the date and time you used the Services, error logs, and other similar information.

Our Use of Cookies and Similar Online Tools. To collect the information discussed in this Section, we and our service providers use web server logs, cookies, tags, SDKs, tracking pixels, and other similar tracking technologies. We use these technologies to offer you a more tailored experience.

  • A web server log is a file where website activity is stored.
  • An SDK is a set of tools and/or code that we embed in our App and software to allow third parties to collect information about how users interact with the Services.
  • A cookie is a small text file that is placed on your computer or mobile device when you visit a site, that enables us to: (i) recognize your computer/device; (ii) store your preferences and settings; (iii) understand the parts of the Services you have visited and used; (iv), enhance your user experience by delivering and measuring the effectiveness of content and advertising tailored to your interests; (v) perform searches and analytics; and (vi) assist with security and administrative functions.
  • Tracking pixels (sometimes referred to as web beacons or clear GIFs) are tiny electronic tags with a unique identifier embedded in websites, online ads and/or email that are designed to: (1) collect usage information like ad impressions or clicks and email open rates; (2) measure popularity of the Services and associated advertising; and (3) access user cookies.

As we adopt additional technologies, we may also gather information through other methods.

Please note that you can change your settings to notify you when a cookie is being set or updated, or to block cookies altogether. Please consult the “Help” section of your browser for more information (e.g., Internet Explorer; Google Chrome; Mozilla Firefox; or Apple Safari). Please note that by blocking, disabling, or managing any or all cookies, you may not have access to certain features or offerings of the Services.

Information We Collect From Social Media and Other Content Platforms. When you “like” or “follow” us on Facebook, Instagram, Twitter, or other social media sites, we may collect some information from you including your name, email address, and any comments or content you post relevant to us. We also collect your information if you sign up for one of our promotions or submit information to us through social media sites.

If you access the Services through a third-party connection or log-in (e.g., through a social network or third-party authentication tool), you may allow us to have access to and store certain information from such third parties depending on your settings on such services. If you do not wish to have this information shared, do not use these connections to access the Services. For a description of how these third parties handle your information, please refer to their privacy policies and terms of use, which may permit you to modify your privacy settings.

Similarly, if you choose to connect your App to third-party platforms or tools, or with other apps on your device (e.g., health or fitness monitoring platforms or tools, or your contacts, photos, or calendar), such third parties and tools may allow us to have access to and store additional information as it relates to your use of the Services (e.g., to access your calendar to help you schedule an appointment). If you do not wish to have this information shared, do not initiate these connections.

Information We Receive From Other Sources

We work closely with third parties (including, for example, third party intermediaries, such as the physicians, medical professionals, and pharmacies with whom we partner to provide you with the Services and their health care services, sub-contractors in technical, advertising networks, analytics providers, and search information providers). Such third parties will sometimes provide us with additional information about you.

2. How We Use Your Information

In connection with providing you with the Services, we may use your information for our business purposes to:

  • Communicate with you about the Services, your use of the Services, or your inquiries related to the Services and send you communications on behalf of physicians or other health care providers utilizing the Services to meet your needs.
  • Provide you with technical support and customer service, and troubleshoot any technical issues or errors.
  • Communicate with you by email, postal mail, or phone about surveys, promotions, special events or our products and Services and those of our subsidiaries, affiliates, and parent companies and any of their related businesses and those of our third-party partners.
  • Verify your identity and administer your account, including processing your payments and fulfilling your orders.
  • Optimize the content from our Services to ensure it is presented in the most effective manner for you and for your computer or device, to allow you to participate in interactive features of our Services, and as part of our efforts to keep our Services safe and secure.
  • Improve our Services, and better understand our user base. We monitor how you use the Services so we can improve our offerings, user experience, and design new features.
  • To detect and prevent any fraudulent or malicious activity and to make sure that our Website, App, and Services are used fairly and according to our​ Terms of Service.
  • With your consent, to provide you with more relevant advertisements and personalized content, and measure or understand the effectiveness of advertising and content we serve to you and others, and to deliver and customize relevant advertising and content to you.
  • Help us better understand your interests and needs, such as by engaging in analysis and research regarding use of the Services.
  • Comply in good faith with any procedures, laws, and regulations which apply to us where it is necessary for our legitimate interests or the legitimate interests of others.
  • Establish, exercise, or defend our legal rights where it is necessary for our legitimate interests or the legitimate interests of others, such as protecting against malicious, fraudulent, or illegal activity.

3. How We Disclose Your Information To Others

We may share your information for business purposes in the following ways:

  • Health Care Providers and Services. We share your information with health care providers: (i) to schedule and fulfill appointments and provide health care services as part of the Services, (ii) to whom you send messages through our Services, and (iii) for other treatment, payment or health care operations purposes, including pharmacy services, upon your request.
  • Service Providers. We provide access to or share your information with select third parties who use the information to perform services on our behalf. They provide a variety of services to us, including billing, sales, marketing, advertising, analytics, research, customer service, shipping and fulfillment, data storage, IT and security, fraud prevention, payment processing, and auditing and legal services. These entities may also include health care organizations, pharmacies, and other third parties we use to support our business or in connection with the administration and support of the Services.
  • Protection of Bona Health and Others. By using the Services, you acknowledge and agree that we may access, retain and disclose the information we collect and maintain about you if required to do so by law or in a good faith belief that such access, retention or disclosure is reasonably necessary to: (a) comply with legal process (e.g. a subpoena or court order); (b) enforce our Terms of Use, this Privacy Policy, or other contracts with you, including investigation of potential violations thereof; (c) respond to claims that any content violates the rights of third parties; (d) respond to your requests for customer service; and/or (e) protect the rights, property or personal safety of Bona Health, its agents and affiliates, its users and/or the public. This includes exchanging information with other companies and organizations for fraud protection, and spam/malware prevention, and similar purposes.
  • Aggregate/De-Identified Information. We reserve the right to create Aggregate/De-Identified Data from the information we collect through the Services and our sharing of such Aggregate/De-Identified Data is in our discretion.

4. How We Protect Your Information

We take a variety of technical and organizational security measures to protect your information against unauthorized access, disclosure, theft, or misuse. However, no method of transmission over the Internet, and no means of electronic or physical storage, is absolutely secure. As such, you acknowledge and accept that we cannot guarantee the security of your information transmitted to, through, or on our Services or via the Internet and that any such transmission is at your own risk. Where you have chosen a password that enables you to access the Services, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. The information you share in public areas may be viewed by any user of the Services.

5. Your Choices & Consent

You may instruct us not to use your contact information to contact you by email, postal mail, or phone regarding products, services, promotions and special events that might appeal to your interests by contacting us using the information below. In commercial email messages, you can also opt-out by following the instructions located at the bottom of such emails. Please note that, regardless of your request, we may still use and share certain information as permitted by this Privacy Policy or as required by applicable law. For example, you may not opt out of certain operational emails, such as those reflecting our relationship or transactions with you. You may also withdraw your consent from our further use of your information and close your account. If you do so, we may still use your information for the purposes to which you consented before you withdrew consent and we may keep information about you and your previous transactions with us for audit purposes, to ensure the integrity of our data, and to fulfill legal requirements.

6. Third-Party Services And Notice About Health Information

This Privacy Policy does not address, and we are not responsible for, the privacy, information, or other practices, including data privacy and security processes and standards of any third parties, including physicians and other health care providers using the Services, the manufacturer of your mobile device and other IT hardware and software, and any other third-party mobile application, website, or service to which our Services may contain a link. These third parties may at times gather information from or about you. We have no control over the privacy practices of these third parties. The collection, use, and disclosure of your information will be subject to the privacy policies of the third-party websites or services, and not this Privacy Policy. We urge you to read the privacy and security policies of these third parties.

7. Retention Of Your Information

We keep your information for no longer than necessary for the purposes for which it is processed. The length of time for which we retain information depends on the purposes for which we collected and use it and/or as required to comply with applicable laws.

8. Right To Your Data

You may request a copy of your account information, and we will provide it to you at no charge. You can request your account information by contacting us at hello@bonahealth.ca. Before we grant you access to your account information, we will first authenticate you to confirm your identity. We will handle all access requests promptly, subject to applicable privacy laws.

9. Changes To Our Privacy Policy

We may change this Privacy Policy at any time to reflect changes in the law, our data collection and use practices, the features of our Services, or advances in technology. We will make the revised Privacy Policy accessible through the Services, so you should review it periodically. The date this Privacy Policy was last revised is identified at the top of the document. You are responsible for periodically monitoring and reviewing any updates to the Privacy Policy. If we make a material change to the Privacy Policy, we will provide you with appropriate notice in accordance with legal requirements. Your continued use of our Website or App after such amendments (and notice, where applicable) will be deemed your acknowledgment of these changes to this Privacy Policy.

10. Contact Us

If you have any questions about this Privacy Policy or Bona Health’s privacy practices, please contact us at:

Bona Health Inc.
777 Hornby Street Suite 600
Vancouver, BC, V6Z 1S4
hello@bonahealth.ca

Privacy Policy

GENERAL

Bona Health, a dba of Bona Health Inc. (“Company” or “we” or “us” or “our”) is publishing this Privacy Policy for its users (“user” or “you”) that use our website located at www.bona.health, including other media forms, media channels, mobile website or mobile application related or connected thereto (collectively, the “Website”). The following Company privacy policy (“Privacy Policy”) is designed to inform you, as a user of the Website, about the types of information that Company may gather about or collect from you in connection with your use of the Website. It also is intended to explain the conditions under which Company uses and discloses that information, and your rights in relation to that information. Changes to this Privacy Policy are discussed at the end of this document. Each time you use the Website, however, the current version of this Privacy Policy will apply. Accordingly, each time you use the Website you should review any changes since the last time you used the Website.

Notice to Users Outside the United States

The Website is hosted in the United States of America and is subject to U.S. state and federal law. If you are accessing our Website from other jurisdictions, please be advised that you may be viewed as transferring your personal information to us in the United States, and by using our Website, you consent to that transfer and use of your personal information in accordance with this Privacy Policy. You also agree to abide by the applicable laws of applicable states and U.S. federal law concerning your use of the Website and your agreements with us. Any persons accessing our Website from any jurisdiction with laws or regulations governing the use of the Internet (including personal data collection, use and disclosure), different from those of the jurisdictions mentioned above may only use the Website in a manner lawful in their jurisdiction. If your use of the Website would be unlawful in your jurisdiction, please do not use the Website. Further, note that your jurisdiction may offer a more limited or different level of protection with respect to the privacy of your data.

BY USING OR ACCESSING THE WEBSITE, YOU ARE ACCEPTING THE PRACTICES DESCRIBED IN THIS PRIVACY POLICY.

GATHERING, USE AND DISCLOSURE OF NON-PERSONALLY-IDENTIFYING INFORMATION

Users of the Website Generally

“Non-Personally Identifying Information” is information that, without the aid of additional information, cannot be directly associated with a specific person. “Personally Identifying Information,” by contrast, is information such as a name or email address that, without more, can be directly associated with a specific person.

Like most website operators, Company gathers from users of the Website Non-Personally Identifying Information of the sort that Web browsers, depending on their settings, may make available. That information includes the user’s Internet Protocol (IP) address, operating system, browser type and the locations of the websites the user views right before arriving at, while navigating and immediately after leaving the Website. Although such information is not Personally Identifying Information, it may be possible for Company to determine from an IP address a user’s Internet service provider and the geographic location of the visitor’s point of connectivity as well as other statistical usage data. Company analyzes Non-Personally Identifying Information gathered from users of the Website to help Company better understand how the Website is being used. By identifying patterns and trends in usage, Company is able to better design the Website to improve users’ experiences, both in terms of content and ease of use.

From time to time, Company may also release the Non-Personally Identifying Information gathered from Website users in the aggregate, such as by publishing a report on trends in the usage of the Website

Web Cookies

A “Web Cookie” is a string of information which assigns you a unique identification that a website stores on a user’s computer, and that the user’s browser provides to the website each time the user submits a query to the website. We use cookies on the Website to keep track of services you have used, to record registration information regarding your login name and password, to record your user preferences, to keep you logged into the Website and to facilitate purchase procedures. Company also uses Web Cookies to track the pages that users visit during each Website session, both to help Company improve users’ experiences and to help Company understand how the Website is being used. As with other Non-Personally Identifying Information gathered from users of the Website, Company analyzes and discloses in aggregated form information gathered using Web Cookies, so as to help Company, its partners and others better understand how the Website is being used. COMPANY USERS WHO DO NOT WISH TO HAVE WEB COOKIES PLACED ON THEIR COMPUTERS SHOULD SET THEIR BROWSERS TO REFUSE WEB COOKIES BEFORE ACCESSING THE WEBSITE, WITH THE UNDERSTANDING THAT CERTAIN FEATURES OF THE WEBSITE MAY NOT FUNCTION PROPERLY WITHOUT THE AID OF WEB COOKIES. WEBSITE USERS WHO REFUSE WEB COOKIES MAY LOSE FUNCTIONALITY OR USE OF CERTAIN FEATURES OF THE WEBSITE.

“Device fingerprinting” can track devices over time, based on your browser’s configurations and settings. Because each browser is unique, device fingerprinting can identify your device, without using cookies. Since device fingerprinting uses the characteristics of your browser configuration to track you, deleting cookies won’t help. Device fingerprinting technologies are evolving and can be used to track you on all kinds of internet-connected devices that have browsers, such as smart phones, tablets, laptop and desktop computers. For more information please see: https://www.consumer.ftc.gov/articles/0042-online-tracking

Web Beacons

A “Web Beacon” is an object that is embedded in a web page or email that is usually invisible to the user and allows website operators to check whether a user has viewed a particular web page or an email. Company may use Web Beacons on the Website and in emails to count users who have visited particular pages, viewed emails and to deliver co-branded services. Web Beacons are not used to access users’ Personally Identifying Information. They are a technique Company may use to compile aggregated statistics about Website usage. Web Beacons collect only a limited set of information, including a Web Cookie number, time and date of a page or email view and a description of the page or email on which the Web Beacon resides. You may not decline Web Beacons. However, they can be rendered ineffective by declining all Web Cookies or modifying your browser setting to notify you each time a Web Cookie is tendered, permitting you to accept or decline Web Cookies on an individual basis.

Analytics

We may use third-party vendors, including Google, who use first-party cookies (such as the Google Analytics cookie) and third-party cookies (such as the DoubleClick cookie) together to inform, optimize and serve ads based on your past activity on the Website, including Google Analytics for Display Advertising. The information collected may be used to, among other things, analyze and track data, determine the popularity of certain content and better understand online activity. If you do not want any information to be collected and used by Google Analytics, you can install an opt-out in your web browser (https://tools.google.com/dlpage/gaoptout) and/or opt out from Google Analytics for Display Advertising or the Google Display Network by using Google’s Ads help (https://support.google.com/ad/answer/262922?hl=en).

Aggregated and Non-Personally Identifying Information

We may share aggregated and Non-Personally Identifying Information we collect under any of the above circumstances. We may also share it with third parties and our affiliate companies to develop and deliver targeted advertising on the Website and on websites of third parties. We may combine Non-Personally Identifying Information we collect with additional Non-Personally Identifying Information collected from other sources. We also may share aggregated information with third parties, including advisors, advertisers and investors, for the purpose of conducting general business analysis. For example, we may tell our advertisers the number of visitors to the Website and the most popular features or services accessed. This information does not contain any Personally Identifying Information and may be used to develop website content and services that we hope you and other users will find of interest and to target content and advertising.

In addition, Company may make use of de-identified information in accordance with applicable privacy law.

Mobile Device Additional Terms

  • Mobile Device. If you use a mobile device to access the Website or download any of our applications, we may collect device information (such as your mobile device ID, model and manufacturer), operating system, version information and IP address.
  • Geo-Location Information. Unless we have received your prior consent, we do not access or track any location-based information from your mobile device at any time while downloading or using our mobile application or our services, except that it may be possible for Company to determine from an IP address the geographic location of your point of connectivity, in which case we may gather and use such general location data.
  • Push Notifications. We send you push notifications if you choose to receive them, letting you know when someone has sent you a message or for other service-related matters. If you wish to opt-out from receiving these types of communications, you may turn them off in your device’s settings.
  • Mobile Analytics. We use mobile analytics software to allow us to better understand the functionality of our mobile software on your phone. This software may record information, such as how often you use the application, the events that occur within the application, aggregated usage, performance data and where the application was downloaded from. We do link the information we store within the analytics software to some Personally Identifying Information you submit within the mobile application.

SOCIAL MEDIA

We may provide you the option to connect your account on the Website to your account on some social networking sites for the purpose of logging in, uploading information or enabling certain features on the Website. When logging in using your social network credentials, we may collect the Personally Identifying Information you have made publicly available on the social networking site, such as your name, profile picture, cover photo, username, gender, friends network, age range, locale, friend list and any other information you have made public. Once connected, other users may also be able to see information about your social network, such as the size of your network and your friends, including common friends. By connecting your account on the Website to your account on any social networking site, you hereby consent to the continuous release of information about you to us. We will not send any of your account information to the connected social networking site without first disclosing that to you. Each social network may further allow you to set privacy controls around your information on their system, and our collection of information will always follow such controls and permissions. This feature is subject to continuous change and improvement by us and each social networking site involved, and therefore the available features and shared information are subject to change without notice to you.

We may use hyperlinks on the Website which will redirect you to a social network if you click on the respective link. However, when you click on a social plug-in, such as Facebook’s “Like” button, Twitter’s “tweet” button or the Google+, that particular social network’s plugin will be activated and your browser will directly connect to that provider’s servers. If you do not use these buttons, none of your data will be sent to the respective social network’s plugin provider. So for example, when you click on the Facebook’s “Like” button on the Website, Facebook will receive your IP address, the browser version and screen resolution, and the operating system of the device you have used to access the Website. Settings regarding privacy protection can be found on the websites of these social networks and are not within our control.

COLLECTION, USE AND DISCLOSURE OF PERSONALLY-IDENTIFYING INFORMATION

Website Registration

As defined above, Personally Identifying Information is information that can be directly associated with a specific person. Company may collect a range of Personally Identifying Information from and about Website users. Much of the Personally Identifying Information collected by Company about users is information provided by users themselves when (1) registering for our service, (2) logging in with social network credentials, (3) participating in polls, contests, surveys or other features of our service, or responding to offers or advertisements, (4) communicating with us, (5) creating a public profile or (6) signing up to receive newsletters. That information may include each user’s name, address, email address and telephone number, and, if you transact business with us, financial information such as your payment method (valid credit card number, type, expiration date or other financial information). We also may request information about your interests and activities, your gender, age, date of birth, username, hometown and other demographic or relevant information as determined by Company from time to time. Users of the Website are under no obligation to provide Company with Personally Identifying Information of any kind, with the caveat that a user’s refusal to do so may prevent the user from using certain Website features.

BY REGISTERING WITH OR USING THE WEBSITE, YOU CONSENT TO THE USE AND DISCLOSURE OF YOUR PERSONALLY-IDENTIFYING INFORMATION AS DESCRIBED IN THIS “COLLECTION, USE AND DISCLOSURE OF PERSONALLY-IDENTIFYING INFORMATION” SECTION.

Online Postings

Certain Personally Identifying Information collected from users may be disclosed as a matter of course as a result of your use of the Website. We may provide areas on the Website where you can post reviews and other information relating to your activities on the Website. Such postings are governed by our Terms of Use. In addition, such postings may appear on other websites or when searches are executed on the subject of your posting. Also, whenever you voluntarily disclose personal information on publicly-viewable web pages, that information will be publicly available and can be collected and used by others. For example, if you post your email address, you may receive unsolicited messages. We cannot control who reads your posting or what other users may do with the information you voluntarily post, so we encourage you to exercise discretion and caution with respect to your personal information. USERS ASSUME ALL RESPONSIBILITY FOR ANY LOSS OF PRIVACY OR OTHER HARM RESULTING FROM THEIR VOLUNTARY DISCLOSURE OF PERSONALLY IDENTIFYING INFORMATION.

Company Communications

We may occasionally use your name and email address to send you notifications regarding new services offered by the Website that we think you may find valuable. We may also send you service-related announcements from time to time through the general operation of the service. Generally, you may opt out of such emails at the time of registration or through your account settings, though this may not opt you out of all emails, such as notices about your account, including service announcements and administrative messages.

General Use by Company

Company uses the Personally Identifying Information in the file we maintain about you, and other information we obtain from your current and past activities on the Website (1) to deliver the products and services that you have requested; (2) to manage your account and provide you with customer support; (3) to communicate with you by email, postal mail, telephone and/or mobile devices about products or services that may be of interest to you either from us, our affiliate companies or other third parties; (4) to develop and display content and advertising tailored to your interests on the Website and other sites; (5) to resolve disputes and troubleshoot problems; (6) to measure consumer interest in our services; (7) to inform you of updates; (8) to customize your experience; (9) to detect and protect us against error, fraud and other criminal activity; (10) to enforce our Terms of Use; and (11) to do as otherwise described to you at the time of collection. At times, we may look across multiple users to identify problems. In particular, we may examine your Personally Identifying Information to identify users using multiple user IDs or aliases. We may compare and review your Personally Identifying Information for accuracy and to detect errors and omissions. We may use financial information or payment method to process payment for any purchases made on the Website, enroll you in the discount, rebate, and other programs in which you elect to participate, to protect against or identify possible fraudulent transactions and otherwise as needed to manage our business.

Company Disclosures

Company will disclose Personally Identifying Information under the following circumstances:

  • By Law or to Protect Rights. When we believe disclosure is appropriate, we may disclose Personally Identifying Information in connection with efforts to investigate, prevent or take other action regarding illegal activity, suspected fraud or other wrongdoing; to protect and defend the rights, property or safety of Company, our users, our employees or others; to comply with applicable law or cooperate with law enforcement; to enforce our Terms of Use or other agreements or policies, in response to a subpoena or similar investigative demand, a court order or a request for cooperation from a law enforcement or other government agency; to establish or exercise our legal rights; to defend against legal claims; or as otherwise required by law. In such cases, we may raise or waive any legal objection or right available to us.
  • Marketing Communications. Unless users opt-out from receiving Company marketing materials upon registration, Company may email users about products and services that Company believes may be of interest to them. If you wish to opt-out of receiving marketing materials from Company, you may do so by following the unsubscribe link in the email communications, by going to your account settings (if applicable) or contacting us using the contact information below.
  • Third-Party Marketing Communications. Unless users opt-out from receiving marketing materials upon registration, Company may provide users’ email information to third parties, so that those third parties may directly contact them about additional products and services. To cease having your email information provided to third parties, you may do so by going to your account settings (if applicable) or contacting us using the contact information below. Even after opting-out, you may continue to receive marketing emails from third parties to whom Company already has provided your email information. You will be responsible for directly contacting such third parties to request cessation of further marketing emails.
  • Third-Party Service Providers. We may share your Personally Identifying Information, which may include your name and contact information (including email address) with our authorized service providers that perform certain services on our behalf. These services may include fulfilling orders, providing customer service and marketing assistance, performing business and sales analysis, supporting the Website’s functionality and supporting contests, sweepstakes, surveys and other features offered through the Website. We may also share your name, contact information and credit card information with our authorized service providers who process credit card payments. These service providers may have access to personal information needed to perform their functions but are not permitted to share or use such information for any other purpose. Company may transfer personal data collected from you to processors located in countries outside of the U.S. such as the United Kingdom and know that the United Kingdom may not have the same level of data protection as the U.S., however, Company's collection, storage, access and use of your personal data will continue to be governed by this Privacy Policy. By using or accessing our Website you consent to the transfer of your personal data to data processors located in countries outside of the U.S.
  • Business Transfers; Bankruptcy. Company may disclose all Personally Identifying Information in its possession to a successor organization in the event of a merger, acquisition, bankruptcy or other sale of all or a portion of Company’s assets. Other than to the extent ordered by a bankruptcy or other court, the use and disclosure of all transferred Personally Identifying Information will be subject to this Privacy Policy, or to a new privacy policy if you are given notice of that new privacy policy and are given an opportunity to affirmatively opt-out of it. Personally Identifying Information submitted or collected after a transfer, however, may be subject to a new privacy policy adopted by the successor organization.
  • Employees, Contractors, and Consultants: Some Company employees and operations contractors, and consultants, such as health coaches and lifestyle coaches, may have limited access to your Personal Information in the course of providing services to you, including for the purpose of providing Company’s services, troubleshooting problems and/or resolving complaints. These contractors include vendors and suppliers that provide us with technology, services, and/or content for the operation and maintenance of the Website. Access to your Personal Information is limited to the information reasonably necessary for the employee or contractor to provide services, perform the function needed to resolve the issue, or to provide or improve the service.

Your Ability to Change Personally Identifying Information; Account Termination

You may at any time review or change your Personally Identifying Information by going to your account settings (if applicable) or contacting us using the contact information below. Upon your request, we will deactivate or delete your account and contact information from our active databases. Such information will be deactivated or deleted as soon as practicable based on your account activity and accordance with our deactivation policy and applicable law. To make this request, either go to your account settings (if applicable) or contact us as provided below. We will retain in our files some Personally Identifying Information to prevent fraud, to troubleshoot problems, to assist with any investigations, to enforce our Terms of Use and to comply with legal requirements as is permitted by law. Therefore, you should not expect that all your Personally Identifying Information will be completely removed from our databases in response to your requests. Additionally, we keep a history of changed information to investigate suspected fraud with your account.

Children's Personally Identifying Information

The features, programs, promotions and other aspects of our service requiring the submission of Personally Identifying Information are not intended for anyone under 13 years of age. We do not knowingly collect Personally Identifying Information from children under the age of 13 other than minor children receiving the service through registration by their parent or legal guardian. If you are under 13 then you may not use or access our website or services at any time or in any manner. If you are a parent or guardian of a child under the age of 13 and believe he or she has disclosed Personally Identifying Information to us please contact us at privacy@bona.health. A parent or guardian of a child under the age of 13 may review and request deletion of such child’s Personally Identifying Information as well as prohibit the use thereof.

COLLECTION AND USE OF INFORMATION BY THIRD PARTIES GENERALLY

Company contractually prohibits its vendors, suppliers, employees and contractors, such as Company’s health and lifestyle coaches, from disclosing Personally Identifying Information received from Company, other than in accordance with this Privacy Policy. However, third parties are under no obligation to comply with this Privacy Policy with respect to Personally Identifying Information that users provide directly to those third parties, or that those third parties collect for themselves. These third parties include other providers, including but not limited to licensed practitioners, physicians, naturopaths, dieticians, nutritionists, and advertisers, providers of games, utilities, widgets and a variety of other third-party applications accessible through the Website. Company neither owns nor controls the third-party websites and applications accessible through the Website. Thus, this Privacy Policy does not apply to information provided to or gathered by the third parties that operate them. Before visiting a third party, or using a third-party application, whether by means of a link on the Website, directly through the Website or otherwise, and before providing any Personally Identifying Information to any such third party, users should inform themselves of the privacy policies and practices (if any) of the third party responsible for that website or application, and should take those steps necessary to, in those users’ discretion, protect their privacy, including, but not limited to, agreeing to the third party’s privacy policy and terms of use.

SECURITY

We use reasonable electronic, personnel and physical measures to protect it from loss, theft, alteration or misuse. However, please be advised that even the best security measures cannot fully eliminate all risks. We cannot guarantee that only authorized persons will view your information. We are not responsible for third-party circumvention of any privacy settings or security measures.

We are dedicated to protect all information on the Website as is necessary. However, you are responsible for maintaining the confidentiality of your Personally Identifying Information by keeping your password confidential. You should change your password immediately if you believe someone has gained unauthorized access to it or your account. If you lose control of your account, you should notify us immediately.

Despite our efforts to protect your Personally Identifiable Information, there is always some risk that an unauthorized third party may find a way around our security systems or that transmissions of your information over the Internet may be intercepted. We do not utilize encryption systems for emails from us to you. Therefore, we make no representations or warranties regarding the sufficiency of the above security measures. No data transmission over the Internet or through mobile devices can be guaranteed to be 100% secure. While we strive to protect your personal information from unauthorized access, use or disclosure, we cannot ensure or warrant the security of any information you transmit to us on the Website. There is no guarantee that information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. It is your responsibility to protect the security of your login information. Therefore, the Company is not responsible for any actual or consequential damages that result from a lapse in compliance with this Privacy Policy because of a security breach or technical malfunction.

PRIVACY POLICY CHANGES

Company may, in its sole discretion, change this Privacy Policy from time to time. Any and all changes to Company’s Privacy Policy will be reflected on this page and the date new versions are posted will be stated at the top of this Privacy Policy. Unless stated otherwise, our current Privacy Policy applies to all information that we have about you and your account. Users should regularly check this page for any changes to this Privacy Policy. Company will always post new versions of the Privacy Policy on the Website. However, Company may, as determined in its discretion, decide to notify users of changes made to this Privacy Policy via email or otherwise. Accordingly, it is important that users always maintain and update their contact information.

CALIFORNIA PRIVACY RIGHTS

California Civil Code Section 1798.83, also known as the "Shine The Light" law, permits our users who are California residents to request and obtain from us, at least once a year and free of charge, information about the Personally Identifying Information (if any) we disclosed to third parties for direct marketing purposes in the preceding calendar year. If applicable, this information would include a list of the categories of the Personally Identifying Information that was shared and the names and addresses of all third parties with which we shared Personally Identifying Information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to our privacy officer as listed below.

DO-NOT-TRACK POLICY

Most web browsers and some mobile operating systems include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. The Website does currently respond to DNT browser signals or mechanisms.

QUESTIONS OR COMPLAINTS

If you have any questions regarding our Privacy Policy or complaints regarding your privacy rights, please submit your complaint in writing our Privacy Officer at:

Bona Health Inc. (Bona Health)

Attn: Privacy Officer

privacy@bona.health

We will not retaliate against you for filing a complaint.

EFFECTIVE DATE

This Privacy Policy is effective as of Dec 7, 2024, and, was last updated on Dec 7, 2024.

Changes to this Notice

If we change the terms of this Privacy Policy, then we will post the new Privacy Policy on our Website. Any new Privacy Policy will apply to all the information that we maintain, including information that was created prior to the change.