Fern Privacy Policy

Last Updated: April 13, 2023

SCOPE OF THIS PRIVACY POLICY

This Privacy Policy applies to our Fern platforms, mobile applications, and any other related features, contents, applications, or websites we, Fern Health, Inc. (“Fern,” “we,” “us“), may offer from time to time (collectively, the “Fern Services”). This Privacy Policy explains Fern’s information practices, including:

  • What information we may collect through the Fern Services and how we collect it.
  • How we use the information we collect.
  • How we may share collected information.
  • What choices you have as to how we collect and use information.

This policy does not apply to information collected by:

  • Us offline or through any other means, including on any other website operated by Fern or any third party (including our affiliates and subsidiaries); or
  • Any third party (including our affiliates and subsidiaries), including through any application or content (including advertising) that may link to or be accessible from or on the Fern Services.

This Privacy Policy is incorporated by reference into the Fern Terms of Use. We encourage you to review both documents carefully when using the Fern Services. If you have any questions about our privacy practices, please refer to the end of this Privacy Policy for information on how to contact us. Please read this policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, your choice is not to use our Fern Services. By accessing or using the Fern Services, you agree to this privacy policy. This policy may change from time to time. Your continued use of the Fern Services after we make changes is deemed to be acceptance of those changes, so please check the policy periodically for updates.

INFORMATION WE COLLECT 

In General. Fern’s mission is to help you manage your pain, and we cannot help you do that without collecting certain information, including personal information about you. For purposes of this Privacy Policy, personal information is defined as information that alone or in combination with other information may be used to readily identify, contact, or locate a specific person, such as: name, address, email address, phone number, medical records or certain other health data, insurance information, and financial information. Personal information does not include information that has been anonymized so that it does not allow a third party to easily identify a specific individual.

We collect several types of information from and about users of our Fern Services, including:

  • Personal information, such as name, postal address, e-mail address, and telephone number;
  • Information that is about you but individually does not identify you; and
  • Information about your internet connection, the equipment you use to access our Fern Services, and usage details.

We collect this information:

  • Directly from you when you provide it to us.
  • Automatically as you navigate through the site. Information collected automatically may include usage details, IP addresses, and information collected through cookies and other tracking technologies.
  • From your third party devices when you choose to link such devices to the Fern Services.

We collect information when you:

  • Complete a form and/or registration process to express interest in enrolling in Fern. You may receive a form or other secured portal to express interest in or register for the Fern Services. You will be asked to provide personal information including but not limited to name, employer, email address, phone number, and date of birth.
  • Create a Fern account or download our mobile application. In order to use the Fern Services, you must create an account, and you may choose to download our mobile application. To create a Fern account, you must provide personal information such as name, email address, phone number, date of birth, gender, and an account password. This information will help Fern and others that you collaborate with to identify and communicate with you. When you download our mobile application we also create an encrypted user ID so that we can analyze the performance and use of the application.
  • Build your profile and answer questionnaires. As a Fern member, you can add information to your account, including by answering questionnaires about your health, sleep, and exercise routine, your history, the impact of chronic pain on your activities, and how your pain, activity level, and enjoyment of life change over time as you progress through your personalized care plan. You may choose to provide personal information such as phone number, date of birth, pain stage and levels, visits to providers, and health conditions. We use the information you provide to tailor the Fern Services, collect your feedback, and to help you track your goals.
  • Interact with your health coach. You may communicate with an assigned health coach by phone, by in-app messaging, or other means when you use the Fern Services. If you do, we may collect the substance of those communications. For example, we may collect audio, video, and text files from your interactions with your health coach. Your exercise sessions may be recorded, but only after we obtain your explicit consent.
  • Link your Fern account to services or devices. If you choose to link your Fern account to certain third party services or devices, such as mobile phones, electronic calendars, wearables, scales, fitness trackers, or other health monitoring devices, we may collect information related to your use of such services or devices. When these services or devices are administered by a third party, the information practices and policies for those services or devices are the responsibility of that third party.
  • Request Records.  If you would like to request a copy of records maintained by us regarding your use of the Fern Services, we may ask you to provide personal information as needed to verify your identity and complete a request form to enable us to process your request. If you choose to request health records, we will ask you to provide personal information as needed to complete a request form that complies with the requirements of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). Such personal information may include a Social Security number.
  • Seek assistance from Fern.  If you contact Fern with questions and requests, we may collect information from you in order to assist you.

Use of cookies and other technologies to collect information. We or our third-party service providers use cookies and related tools to provide features and services that enhance your Fern experience. For example, these technologies may allow the Fern Services to recognize your device and log you in automatically, remember your preferences, and analyze how you use the Fern Services so we can improve your experience.

  • Cookies and similar technology. A cookie is a small text file that may be stored on the hard drive of a computer or device when you access a website. When you use the Fern Services, we may assign your device one or more cookies or similar identifiers to facilitate access and to personalize your experience and collect technical information about the performance of the Fern Services. You may refuse the service of cookies to your device or delete any existing cookies by changing your browser and device preferences. As the means by which you can do this vary from browser to browser and device to device, please refer to your browser’s help menu and/or device settings for more information. If you refuse or delete cookies, you may not be able to take advantage of all features and functionality of the Fern Services. To learn more about cookies visit https://www.allaboutcookies.org.
  • Information collected automatically. We may automatically collect information from your browser or device when you use the Fern Services. This information may include an IP address, device identifier, your browser type, access times, the content of any undeleted cookies your browser received from us, and other non-personally identifiable information that can help us optimize the Fern Services.

Third-Party Use of Cookies and Other Tracking Technologies

Some content or applications, including advertisements, on the Fern Services are served by third-parties, including advertisers, ad networks and servers, content providers, and application providers. These third parties may use cookies alone or in conjunction with other tracking technologies to collect information about you when you use our website. The information they collect may be associated with your personal information or they may collect information, including personal information, about your online activities over time and across different websites and other online services. They may use this information to provide you with interest-based (behavioral) advertising or other targeted content.

We do not control these third parties’ tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly.

HOW WE USE INFORMATION WE COLLECT

We use information, including personal information, to deliver and improve the Fern Services.

We may use information, including personal information, to:

  • Communicate with you. We may send email to the email address you provide us to verify your account and for informational and operational purposes, such as account management, customer service, system maintenance, or to provide information we think may be of interest to you. We may also communicate with you through the Fern Services or other means enabled by the Fern Services, such as through text messages, telephone calls, push notifications, or in-app messaging. You may adjust your communications preferences in your Fern account settings at any time or by unsubscribing from our marketing emails using the link provided at the bottom of those emails or by changing your communications preferences in our mobile application.
    • By using the Fern Services or providing a phone number or email address to us, you agree that we may communicate with you electronically regarding security, privacy, and administrative issues relating to your use of the Fern Services.
  • Communicate with others at your request. If you choose to use Fern to share information with others, including communicating with your assigned health coach at the beginning of or during your personalized care program, we may require personal information such as names, email addresses, telephone numbers, or other contact information. You may also communicate through in-app messaging in our mobile application. Please read the “In-App Messaging” section below for more information.
  • Customize your Fern experience. We use information we collect through the Fern Services to customize your Fern experience.
  • Organize and analyze your information. When you share information or we receive it from others, our employees and service providers may review that information to categorize and organize it for you. For example, we analyze the information you share with us, or that we obtain through your interactions with your health coach, to shape your personalized care program.
  • Provide and improve the Fern Services.  We use information, including personal information, for internal and service-related purposes. For instance, when users download our mobile application, we keep track of how many people have downloaded the application and the number of active sessions and users so that we can make sure the application runs smoothly for all users and so that we can analyze and improve the Fern Services.
  • In any other way we may describe to you when you provide the information.
  • For any other purpose with your consent.

We may de-identify data collected through the Fern Services and use such de-identified data for any purpose.

HOW WE MAY SHARE INFORMATION

We do not rent or sell personal information. We do not share your personal information with other people or non-affiliated companies for their direct marketing purposes, unless we have your permission. We may share de-identified data with third parties for any purpose.

We may share information, including personal information, as follows:

  • With your permission.  We may share your personal information or other information about you with third parties when we have your permission or at your direction, including when you direct us to send information to a health care provider or employer.
  • With our subsidiaries and affiliates. We reserve the right to disclose your information to our subsidiaries and affiliates, primarily for business and operational purposes. As part of this sharing of information, this means that once you provide us with information, any one of our related entities may use your information including for marketing purposes, pursuant to the terms of this Privacy Policy.
  • With our vendors and service providers. We may share any information we receive from you with our vendors and service providers to the extent reasonably necessary to enable us to operate, provide, and/or improve the Fern Services. For instance, we store data associated with the service using a third-party cloud storage provider. We also work with an analytics provider who helps us analyze how many people are actively using our mobile application so we can make better decisions about how to improve the Fern Services provided through our mobile application. We will only share your information with vendors and service providers that have agreed to abide by obligations of non-use and confidentiality that are at least as restrictive as those undertaken by us as part of this Privacy Policy and our Terms of Use.
  • As required by law and similar disclosures. We may access, preserve, and disclose your personal information, other account information, and content if we believe doing so is required or appropriate to: comply with law enforcement requests and legal process, such as a court order or subpoena; defend against legal claims; respond to your requests; protect the rights, property, and safety of you, Fern, or others; or as otherwise required by law.
  • In connection with a merger, sale, or other asset transfer. If we are involved in a merger, acquisition, financing, reorganization, or other substantial corporate transaction, or in the unlikely event of bankruptcy, any information we possess, including personal information, may be shared, sold, or transferred as part of such a transaction as permitted by law and/or contract. In such cases, we cannot control how other entities may use or disclose such information.
  • For any other purpose disclosed by us when you provide the information.
  • With your consent.

YOUR CHOICES 

Fern offers you a number of ways to control collection and use of your information when you use the Fern Services. Your options include:

  • Modifying your account information. You can review the information you or others have shared by logging into your Fern account through our mobile application. You can modify or delete any information that you have provided us at any time. You may also choose to modify and delete information that others have shared with you.
  • Modifying your account settings.  Fern account settings are designed to provide you with control over the information that you share. We encourage you to review your account settings and adjust them in accordance with your preferences. You may adjust your communications preferences in your Fern account settings at any time or by unsubscribing from marketing emails using the link provided at the bottom of those emails.
  • Closing your account.  If you no longer desire to use the Fern Services, you may close your account by sending us an email to support@fernhealth.com and you may remove our mobile application from your device. After you close your account, you will not be able to sign in to our mobile application or access any of your information. If you close your Fern account, we have no obligation to retain your information and may delete any or all of your account information without liability. We may retain and use your information as described in “Data Retention” below. Please note: if you have provided or shared information to third parties, retention of that information will be subject to those third parties’ policies and practices.
  • Do Not Track. “Do Not Track” is a privacy preference that users can set in their web browsers and mobile devices. When a user turns on the Do Not Track signal, the browser or device sends a message to online services requesting them not to track the user. At this time, we do not respond to Do Not Track browser and device settings or signals. For information about Do Not Track, please visit: www.allaboutdnt.org.

DATA RETENTION

We will retain your personal information for as long as reasonably necessary to fulfill the purposes we collected for which we collected the personal information, including for so long as your account is active or as needed to continue providing the services to you, and to maintain a record of your transactions for financial reporting purposes. We will also retain and use your personal information as necessary to comply with our legal, regulatory, tax, accounting, or reporting obligations, to resolve disputes, and to enforce our agreements.

To decide the appropriate retention period, we consider the amount, nature and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

By law we have to keep basic information about our users (including contact, identity, financial and transaction data) for   six years after they cease being users for tax purposes.

In some circumstances you can manually delete or ask us to delete your personal information: see “Your Choices” above for further information.

In some circumstances we will anonymize your personal information (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

IN-APP MESSAGING

The Fern Services allow you to communicate with your assigned health coach through a secure web portal. You may opt in to receive SMS text messages and emails from Fern that will notify you when you have a new message waiting by checking the box marked “Yes” at the appropriate screen when you initially enroll in the Fern services. If you opt-in to receive messages from Fern, we will send you a message to notify you when you have a new message from your assigned health coach. When you click the link as provided in our message, you will be directed to the secure web portal to view and respond to your message.

As SMS text and email messages are not considered a secure method of communication, the messages you receive from Fern will not receive any personal or health related information. Our messages will contain only language notifying you that you have a new message available to read and a link to the portal to access your message.

If you choose not to opt-in to receive messages from Fern, you will not receive notifications alerting you to new message, but you will still be able to access and respond to the new message by accessing the secure web portal through the Fern app. You may also choose to turn on alerts on your mobile device to be notified when you have a new message from your assigned health coach waiting in the app.

You may change your preferences regarding our SMS program at any time after enrollment by texting “STOP” to in response to any of our text messages if you are enrolled and no longer wish to receive text messages from Fern, or following the directions to unsubscribe in an email.

INFORMATION SECURITY

We take steps to ensure that information is treated securely and in accordance with this Privacy Policy. Unfortunately, neither the Internet nor any form of electronic storage can be guaranteed to be 100 percent secure, and we cannot ensure or warrant the security of any information provided to us. We do not accept liability for any unintentional disclosure.

The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Fern Services, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

CHILDREN’S PRIVACY

We do not knowingly collect, maintain, or use personal information from children under 13 years of age, and no part of the Fern Services are designed for or directed to children under the age of 13. If you learn that your child has provided us with personal information without your consent, you may alert us at support@fernhealth.com. If we learn that we have collected any personal information from children under 13, we will promptly take steps to delete such information and terminate any account created by such children.

If you are the parent or guardian of a child under the age of 13, you may choose to manage your child’s health information through your Fern account.

STATE PRIVACY LAWS

We do not meet the conditions as outlined in Section 1798.140 of the California Consumer Privacy Act of 2018 (the “CCPA”) and therefore are not subject to CCPA requirements. We also do not meet the eligibility conditions outlined in the Virginia Consumer Data Protection Act, Colorado Privacy Act, Connecticut Data Privacy Act, or Utah Consumer Privacy Act and are therefore are not subject to the requirements of these laws. For specific information related to your ability to access and correct your personal information, see How We May Share Information above.

CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time to reflect changes to our information practices. If we decide to change this Privacy Policy, we will post the changes on this page so that you are aware of our practices and update the “Last Updated” date above. If we make a material change in how we collect, use, or disclose personal information, we will make reasonable efforts to provide notice through the Fern Services and obtain consent to any such uses as may be required by law. We encourage you to periodically review this page for the latest information on our privacy practices.

CONTACT US

Fern Health, Inc.
360 Mt. Kemble Avenue, 3rd FL, Suite 3
Morristown. NJ 07960
support@fernhealth.com