PL Cares® Privacy Policy

Introduction: Scope and Purpose

PL Cares® is a smartphone application with a private digital social support community to help people living with HIV as part of clinic-centered engagement in a care program (“Services”). We offer two main ways to engage: a smartphone application (the “App”) and a web portal using any modern web browser (collectively, the application and the web portal are referenced as the “Platform”). The primary PL Cares user experience is delivered with an application available on Android and iOS devices.

 We have developed this Privacy Policy to inform users (“user(s),” “you,” or “your”) about how we collect information in the course of conducting our business, including providing our Services and Platform to you, how we use the collected information, and a user’s rights with respect to the collected information.

Please read this Privacy Policy carefully. If you do not agree to be bound by this Privacy Policy, then do not access or use the Services and/or Platform. By accessing and/or using the Platform, you accept and agree to be bound by this Privacy Policy. This Privacy Policy is incorporated into our Terms and Conditions [WHT EULA]. Your use of our Services and Information (defined below) you provide through the Platform are subject to this Privacy Policy at all times.

YOU MUST BE AT LEAST EIGHTEEN (18) YEARS OLD TO ACCESS AND USE OUR PLATFORM AND SERVICES. If you are under eighteen (18) years old, you are not permitted to use the Platform or any part of the Services for any reason. California residents under sixteen (16) years of age may have additional rights regarding the collection and sale of their personal information.

If you have any questions about this Privacy Policy, please contact us at support@wht.care, or via our website - https://wht.care/contact

1. Account Types

We have three main user account types: administrators, members, and providers. Each user type
has access to different data and features.

• Administrators: Accounts for managing account creation, passwords and settings, and monitoring activity on the Platform.
• Members: Members submit queries for daily check-ins including meds adherence, mood, and stress. If enabled by Administrators, Members have access to an anonymous community message board to chat with fellow members.
• Providers: Providers can view member activity, share documents, and send private messages to any account using the Platform.

2. Information We Collect

When you use the Services, we process the following types of information: Personal Information and Non-Personal Information.

a. Personal Information
Personal Information means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to certain identifiers. When you register through the Platform, we collect the following Personal Information from you: e-mail address, phone number, first and last name, birth date, and gender. For example, when using the direct messaging feature to communicate with your healthcare provider, or when otherwise making use of the Services, you may choose to provide certain sensitive information to your health, such as your HIV status, prescribed medications, appointments, lab results, and health-related quiz questions and responses. This information is defined as Protected Health Information (“PHI”) under the Health Insurance Portability and Accountability Act of 1996 and is Personal Information defined herein.

b. Non-Personal Information

Non-Personal Information does not identify you, but provides insights regarding your use of the Platform and our Services. Non-Personal Information is information generated through your use of the Platform. We collect information about the activity of different users of the Platform, including but not limited to, Internet connection information, computer equipment information, web browser specifications, websites visited before accessing our Platform, websites visited after leaving the Platform, other similar information about traffic and usage as you navigate to, through, and away from the Platform, information you post or otherwise submit to the Platform, and file upload activity.

Non-Personal Information that we collect may also include “Log Data.” Log Data refers to certain information about how a user uses our Services. Log Data may include the pages or features of the Platform that the user accessed and the time spent on those pages or features, the frequency with which the Platform and Services are used, search terms, the links on our Platform that a user clicked on or used, and related timestamps. This includes determining the actions and activities on Platform filtered by Administrator, Member, or Provider.

Based on the type of user, we collect and use certain Non-Personal Information.

• For Administrators, we determine the total number of member dashboard views, system logins, and message activity.
• For Members, we calculate results for response rates to daily check-ins, community posting activity, application launches, and message activity details.
• For Providers, we determine the total number of Member dashboard views, system logins, and message activity.

You may be given the option to receive push notifications while using our Services. In order to serve push notifications, we may need to collect your IP address and a persistent identifier from your device. You can turn off push notifications in your device settings.

We use automated information collection tools, such as cookies and web beacons, to collect certain types of Non-Personal Information. You can set your browser to reject cookies, but that may limit your use of some convenience features on the Services.

c. Geolocation Information

When you download the App and install it on your mobile device(s) and/or associated computing device, you acknowledge that the App will access the Global Positioning Systems (“GPS”) functionality within your mobile device, and the App will subsequently share that GPS information with your associated computing device and with our cloud-based software and systems. This geolocation information collection and subsequent sharing of GPS information enables the core functionality of the App, and without receiving geolocation information from your mobile device, the App will not perform correctly. You may choose to allow us to access your location by granting the App access to your location when prompted or through your device’s location services settings. You may change these settings on your device, but this may impact your use of and access to the Services.

d. Third-Party Social Networking Service(s).

If you choose to access, visit, and/or use any third-party social networking service(s) that may be integrated with our Platform, we may receive your Personal Information and other information about you and your computer, mobile, or other device that you have made available to those social networking services, including information about your contacts through those services. For example, some social networking services allow you to push content from our Platform to your contacts or to pull information about your contacts so you can connect with them on or through our Platform. Some social networking services also will facilitate registration or enhance or personalize your experience on our Platform. Your decision to use a social networking service in connection with the Platform is voluntary. However, you should make sure you are comfortable with the information your third-party social networking services may make available by reviewing privacy policies of those providers and/or modifying your privacy settings directly with those networking sites/services.

Personal Information and Non-Personal Information are collectively referenced as “Information.”


3. Use of Information

We use Non-Personal Information collected by clickstream information collection, web pixels, and cookies to store your preferences, improve website navigation, make personalized features and other services available to you, to generate statistical information, monitor and analyze user traffic and usage patterns, monitor and prevent fraud, investigate complaints and potential violations of our policies, to improve the our content and the products, services, and other materials that we describe or make available through the Platform, and otherwise help administer and improve the Platform.

We may identify you from your Personal Information and merge or co-mingle Personal Information and Non-Personal Information. Except as otherwise stated, we may use Information we collect from you for the legitimate business purpose of providing our Services to you, including, but not limited to:

• to respond to your requests and provide user support;
• to evaluate and improve the content of our Services;
• to customize the Services to your preferences;
• to establish accounts to use the Services;
• to communicate information to you (where you have not expressed a preference otherwise);
• to check on your account status and maintain record of activities in connection with your use of the Platform;
• to notify you of any changes to relevant agreements or policies;
• to enforce our agreements, terms, conditions, and policies;
• to work with our service providers who perform certain business functions or services on our behalf and who are bound by contractual obligations consistent with this Privacy Policy;
• to prevent or investigate fraud (or for risk management purposes);
• to comply with a legal obligations, court order, or in order to exercise our legal claims or to defend against legal claims;
• to conduct aggregate or research analysis and develop business intelligence that helps us to enhance, operate, protect, make informed decisions and report on the performances of our Services; and
• to validate your username, e-mail, password, and/or other login credentials.

In addition, we may use third‐party e‐mail providers to deliver communications to you. This is an opt-in e-mail program. If you no longer want to receive these e-mail communications, you may opt-out of receiving e-mail communications through the “unsubscribe” link or by contacting us https://wht.care/contact.

We may, from time to time, invite you to participate in online surveys. The information requested in these surveys may include, but is not limited to, your opinions, beliefs, insights, ideas, activities, and overall experience. The information collected by these surveys is used to research market trends, company growth, community needs, etc. Your input will help us to improve customer experience and shape development of our products and Services.

Users in some jurisdictions may have the right to “opt-out” of the sale of their Personal Information. To opt-out, e-mail us at support@wht.care.

4. How We Share Information

We do not sell or rent Personal Information. However, we may share Information with the following parties pursuant to your express consent and under applicable contractual obligations:

• Corporate affiliates, including corporate parents, subsidiaries, other affiliated entities, and associated entities for the purposes described in this Privacy Policy which are required to treat the information in accordance with this Privacy Policy;

• Service providers that help us administer and provide the Platform (for example, a web hosting company whose services we use to host our platform). These third-party services providers have access to your Personal Information only for the purpose of performing services on our behalf. We have entered into contractual relationships with these service providers and require them to comply with all applicable information privacy laws and regulations and to use the Information only for the purposes for which it was disclosed. We require that any third-party service providers limit their use of your Information solely to providing services to us and that they maintain the confidentiality, security, and integrity of your Information and not make unauthorized use or disclosure of the Information.

• Authorized third parties, who are parties directly authorized by you to receive the applicable Information, such as when you authorize a third-party application provider to access your account or authorize your healthcare provider to access your information. The use of your Information by an authorized third party is subject to the third party’s privacy policy;

• Third parties in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings), in which case we will require the recipient to use such information in accordance with this Privacy Policy;

• As we believe necessary: (i) under applicable law; (ii) to enforce applicable terms and conditions; (iii) to protect our rights, privacy, safety or property, and/or that of our affiliates, you, or others; (iv) to detect, prevent, or otherwise address fraud, security or technical issues; (v) to respond to claims that contact information (e.g. name, e-mail address, etc.) of a third-party has been posted or transmitted without their consent or as a form of harassment and (vi) to respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, which may include authorities outside your country of residence;


5. Information Security

Warm Health Technology, Inc. takes the security and privacy of Information, especially your Personal Information, very seriously. We take reasonable steps online and offline to safeguard the Personal Information that you provide to us, including receiving and transmitting data through an encrypted, secure connection. We have implemented technical, administrative, and physical safeguards, which are designed to protect your information from unauthorized use and access. For example, access to the Platform requires a successful login with an account created by an Administrator, and you will be automatically logged out from the Platform if it is closed or otherwise becomes unavailable (e.g., switching applications, locking phone, power off, sleep). Phone push notification messages display generic announcements to keep information private and confidential. Administrators set and reset passwords for Platform users. Passwords must be at least 8 characters long. Longer passwords, including special characters are encouraged, but not required. Platform Administrators can create more complex passwords and password rules at their discretion.

Prudent security practices dictate that some of our procedures cannot be disclosed in detail. If you have any questions about security on our Platform, or if you become aware of any unauthorized use of an account, loss of your account credentials, or suspect a security breach, notify us immediately via email at support@wht.care. If our security system is breached, we will notify you of the breach to the extent required under applicable law.

6. Information Retention

We retain the Personal Information we receive as described in this Privacy Policy for as long as you use our Services or as necessary to fulfill the purpose(s) for which it was collected, provide our Services, resolve disputes, establish legal defenses, conduct audits, pursue legitimate business purposes, enforce our agreements, and comply with applicable laws.

7. Links to Third Party Sites
The Platform may contain links to other sites that are not operated by us. If you click on a third-party link, you will be directed to that third party’s site. Such links do not constitute an endorsement by us of those other websites, their content or services, or the persons or entities associated with those websites. This Privacy Policy does not apply to third-party websites. We have no control over, and assume no responsibility for, the content, privacy policies, or practices of any third-party sites or services. We encourage you to review the privacy policies and terms of all third-party websites or services that you may visit.

8. Children’s Privacy
We do not sell products or services for purchase by anyone under the age of thirteen (13). In accordance with the Children’s Online Privacy Protection Act (“COPPA”), we will never knowingly request or solicit Personal Information from anyone under the age of thirteen (13) without verifiable parental consent. In the event that we receive actual knowledge that we have collected such Personal Information without the requisite and verifiable parental consent, we will delete that information from our database as quickly as is practical. If you suspect or know that we have inadvertently obtained the Personal Information of anyone under the age of thirteen (13), please notify us immediately at support@wht.care, so that we can delete that information. We reserve the right to request proof of age at any stage so that we can verify that minors are not using the Service(s).

9. Your California Privacy Rights
California Civil Code Section 1798.83 permits California residents to request and obtain a list of what Personal Information (if any) we disclosed to third parties for direct marketing purposes in the preceding calendar year and the names and addresses of those third parties. Requests may be made only once a year and are free of charge. Under Section 1798.83, California residents are entitled to request and obtain such information, by e-mailing a request to support@wht.care.

10. Changes in the Privacy Policy
We reserve the right to modify and update this Privacy Policy at any time by posting an amended version of the statement on our Platform. Please refer to this Privacy Policy regularly. If at any time we decide to use Personal Information in a manner different from that stated at the time it was collected, we will notify you either on the panel home page of the Platform or via e-mail.

11. How to Contact Us
Because protecting your privacy is important to us, you may always submit concerns regarding our Privacy Policy on the contact us page. We will attempt to respond to all reasonable concerns and inquiries expeditiously.

If you have any questions or comments about our Privacy Policy, please contact us at:

By e-mail: support@wht.care
By the website: https://wht.care/contact

The PL Cares word mark and logo are registered trademarks of Warm Health Technology, Inc in the US.

4846-6606-4040.7