Privacy Policy

Effective as of:  February 7, 2025

Sprinter Health, Inc. and its subsidiaries and managed entities (collectively, “Sprinter Health”) is committed to protecting your privacy. This “Privacy Notice” describes how and why we collect information from you or about you through our website at sprinterhealth.com (our “Website”), how we might use or disclose this information and how you may update or delete certain information about you from our system. The words “you” and “your” herein refer to each Website visitor or user and “we,” “us,” and “our” refer to Sprinter Health.

By accessing, browsing, and/or using this Website, you are deemed to have accepted the terms of this Privacy Notice. If you do not agree with any part of this Privacy Notice, please do not use this Website.

Please note this Privacy Notice does not cover our collection, use or disclosure of your Protected Health Information (“health information”) under the Health Insurance Portability and Accountability Act (“HIPAA”).  For more information about your rights, as well as Sprinter Health’s obligations, with respect to your health information under HIPAA, please see our Notice of Privacy Practices. This Privacy Notice also does not cover personal information that may be collected about you as an applicant for a job at Sprinter Health or as a member of Sprinter Health’s workforce.

We may revise this Privacy Notice from time to time. If we make significant changes to this Privacy Notice, we will post the revised Privacy Notice on this Website. Each version of this Privacy Notice will be identified at the top of the page by its effective date.

HOW WE COLLECT AND USE PERSONAL DATA

When you visit our Website, we will collect certain personally identifiable information about you (collectively, “Personal Data”, as further described below). Such personally identifiable information includes your e-mail address, name, home or work address, telephone number, and other personally identifiable information which you provide to us to learn more about products or services we offer or which may be offered through third parties.  Personal Data does not include “aggregate” or other non-personally identifiable information.  Aggregate information is information that we collect about a group or category of products, services, or users that is not personally identifiable or from which individual identities are removed. We may use and disclose aggregate information, and other non-personally identifiable information, for various purposes, including, without limitation, to improve and promote this Website.
‍
Forms:
You may choose to provide Personal Data to complete forms on our Website through which you may request information from us, such as newsletters or other information about products and services that may be of interest to you. Personal Data is required so that we can provide the requested information to you.  You may opt out of receiving such information as described more fully below.

Cookies and Web Beacons:
In addition, we may collect certain Personal Data by automated means, such as cookies and web beacons, when you visit our Website. . This information includes your IP address, unique device identifier, browser characteristics, device characteristics, operating system, language preferences, and general geographic location. We may also collect domain names, referring website addresses, information on pages visited and actions taken, and dates and times of activity when you visit our Website. We use Personal Data collected via cookies, web beacons, and other automatic means to help us administer and improve your experience with the Website, to understand how visitors are using the Website, to understand who our Website visitors are and gather demographic information about them, to perform statistical analysis (e.g., monitoring traffic flow to and from the Website), to deliver content (including advertising) tailored to our users' interests and the manner in which our users browse the Website, and to track whether a recipient opens an email we send. It may also be used to measure the popularity of services and programs that we offer and manage our business.  
‍
We also use third-party analytics tools that collect information about visitor traffic on our Website. Some third-party services providers that we engage (including third-party advertisers) may also place their own cookies on your computer. Note that this Privacy Notice covers only our use of cookies and does not include use of cookies by such third parties.
‍
Most web browsers automatically accept cookies, but you can usually modify your browser settings to restrict or prevent the acceptance of certain cookies, and cookies may be deleted at any time. The “help” section located in the toolbar of most web browsers will provide instructions for restricting or disabling the acceptance of certain cookies.
‍
Third-Party Links:
Our Website may contain links to sites that are not operated by Sprinter Health. You may be asked by those sites to provide Personal Data or to release information you may have provided on our Website. You are not required to provide or release any Personal Data. We encourage you to review the privacy policies of any third-party websites you choose to link from our Website so that you can understand how those websites collect, use, and share your information. Sprinter Health does not control, and is therefore not responsible, for the privacy practices of third-party websites.

Compliance:
We also use Personal Data to (i) protect against, identify and prevent fraud and other prohibited or illegal activity, claims and other liabilities; (ii) comply with applicable legal requirements and our policies; (iii) establish, exercise and defend legal claims; and (iv) monitor and report compliance issues.

HOW WE SHARE AND DISCLOSE PERSONAL DATA

Website Service Providers:
We may contract with third-party service providers to help us provide and administer our Website and related services. These service providers will only have access to your Personal Data for performing the contracted services or complying with legal requirements and are expressly obligated not to use or disclose your Personal Data for any other purpose.  

Online Tracking Technology Providers:  
Personal Data is collected automatically via cookies, web beacons, etc. when you visit our Website by the third parties who provide those online tracking technologies for the purposes described above and for those parties’ own purposes, such as to advertise or market products or services that may be of interest to you.
 
We use Google Analytics to understand the way that our Website’s visitors interact with it. We have enabled the following Google Analytics features: Google Analytics Demographics and Interest Reporting and certain other Google services that may enable Google Analytics to collect data for advertising purposes, including via advertising cookies and identifiers. You may opt out of Google Analytics tracking by installing the Google Analytics Opt-Out Browser Add-On. You can find additional information regarding the Google Analytics Opt-Out Browser Add-On at https://tools.google.com/dlpage/gaoptout.
‍
We also may disclose Personal Data about you (i) if we are required to do so by law, regulation or legal process (such as a court order or subpoena), (ii) in response to requests by government agencies, such as law enforcement authorities, or (iii) when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss or in connection with an investigation of suspected or actual illegal activity. We reserve the right to transfer any Personal Data we have about you in the event we sell or transfer all or a portion of our business or assets (including in the event of a merger, acquisition, reorganization, dissolution or liquidation).

DO NOT TRACK SIGNALS
“Do Not Track” signals are requests by web browsers to disable a web application’s tracking of website or cross-site traffic. Our Website does not have the capability to respond to any Do Not Track configuration set in your web browser, so we do not disable tracking or take any other action in response.

CHILDREN’S PRIVACY
Our Website is not directed to or intended for children under the age of 13 and we do not knowingly collect personal information from such children without parental consent. If we find out that we have inadvertently collected personal information from a child under the age of 13, we will take steps to remove such information from our systems. If you are under the age of 13, please consult a parent or guardian for help.

OPT-OUT
As noted previously, we may send you free newsletters and/or promotional information about products or services that we provide. When you receive such communications from us, you will have the opportunity to “opt out” by following the unsubscribe instructions provided in the email you receive.
‍
NOTICE TO CALIFORNIA USERS AND RESIDENTS
California law allows California residents to ask companies with whom they have an established business relationship to provide certain information about the companies’ sharing of personal information with third parties for direct marketing purposes. Under California Civil Code Section 1789.3, California users are entitled to the following specific consumer rights notice: If you have a question or complaint regarding our Website, please send an email to support@sprinterhealth.com. You may also contact us by writing to Sprinter Health, Inc., 4600 Bohannon Dr., Suite 100, Menlo Park, CA 94025. California residents may contact the Consumer Information Center of the California Department of Consumer Affairs in writing at 1625 North Market Blvd., Suite N-112, Sacramento, California 95834, or by telephone at (916) 445-1254 or (800) 952-5210.
‍
Under California Civil Code Sections 1798.83-1798.84, California residents are entitled to ask for a notice identifying the categories of Personal Data that we share with certain third parties for direct marketing purposes under certain circumstances and providing contact information for such third parties. If you are a California resident and would like a copy of this notice, please submit a written request to: Sprinter Health, Inc., 4600 Bohannon Dr., Suite 100, Menlo Park, CA 94025.

CHANGING OR DELETING PERSONAL DATA

If you wish to update, delete, or correct any Personal Data you have provided through our Website, you may:

Send a written request to: Sprinter Health, Inc., 4600 Bohannon Dr., Suite 100, Menlo Park, CA 94025.

Send an electronic request to: privacy@sprinterhealth.com

Call (913) 777-4680 to submit a verbal request.

HOW WE PROTECT PERSONAL DATA

We maintain administrative, technical and physical safeguards designed to protect the Personal Data you provide to us against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use.

SECURITY

Data Security
Sprinter Health encrypts all data at rest and in transit. We use tools like AWS's KMS to manage encryption keys and AWS's CloudWatch / CloudTrail to record all data access both internally and externally, in line with industry best practices. We secure the data entrusted to us by our patients and partners with both role-based and individual-based authorization controls at a granularity consistent with the principle of least privilege.

Application Security
Sprinter Health regularly engages some of the industry’s best application security experts for third-party penetration tests. Our penetration testers evaluate both the running application and the deployed environment for possible vulnerabilities and misconfigurations. Sprinter Health also uses high-quality static analysis tools like Snyk and GitHub's Dependabot to secure our product at every step of the development process.

Infrastructure Security
Sprinter Health uses Amazon Web Services to host our application. We make full use of the security products embedded within the AWS ecosystem, including KMS, GuardDuty, Inspector, Secrets Manager, and Config, as well as Vanta for continuously monitoring our infrastructure, devices, vendors, and people for adherence to our security / compliance policies. Our application is entirely serverless, meaning we do not manage servers or EC2 instances in production, leveraging AWS managed services whenever possible. 

OTHER QUESTIONS OR COMMENTS

If you have any questions about this Privacy Notice, or any questions or concerns about our collection, use, or disclosure of your Personal Data, please contact us using any of the methods listed above.