Privacy Policy

Introduction

Digital Therapeutics, Inc. ("Company," "we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Ember platform, including our website, mobile application, and related services (collectively, the "Platform" or "Ember"). Ember is an AI-powered behavioral health support service operated by Digital Therapeutics, Inc.

Please read this Privacy Policy carefully. By accessing or using the Platform, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree, please do not access or use the Platform.

1. Information We Collect

1.1 Information You Provide Directly

We collect information you provide when you create an account, use our services, or communicate with us. This includes: account information such as your name, email address, phone number, and password; profile information including demographic data, preferences, and goals; conversation data including your messages, inputs, and interactions with our AI system; feedback and communications you send to us; and any other information you choose to provide.

1.2 Information Collected Automatically

When you use the Platform, we automatically collect: device information including device type, operating system, unique device identifiers, and browser type; usage data such as pages visited, features used, time spent, click patterns, and session duration; log data including IP address, access times, and referring URLs; and location data at a general geographic level based on your IP address.

1.3 Information from Third Parties

We may receive information about you from your employer or health plan sponsor if you access Ember through an employer-sponsored program, analytics providers, and other third-party services you connect to your account.

2. How We Use Your Information

We use your information for the following purposes:

Service Delivery: To provide, personalize, and improve the Platform and our AI-powered services, including generating responses tailored to your needs and tracking your progress.

AI Development and Improvement: To train, develop, and improve our artificial intelligence and machine learning models. Your interactions may be used to enhance our AI systems' accuracy, safety, and effectiveness. We implement appropriate safeguards including de-identification and aggregation where feasible.

Communications: To send you service-related communications, updates, reminders, and promotional messages (with your consent where required). We may communicate via email, SMS, push notifications, WhatsApp, or other channels.

Analytics and Research: To analyze usage patterns, conduct research, and generate insights to improve our services and understand user needs.

Safety and Security: To detect, prevent, and address fraud, abuse, security risks, and technical issues.

Legal Compliance: To comply with applicable laws, regulations, and legal processes.

3. How We Share Your Information

We may share your information in the following circumstances:

Service Providers: We share information with third-party vendors who perform services on our behalf, including cloud hosting, analytics, customer support, and AI infrastructure providers. These providers are contractually required to protect your information.

Program Sponsors: If you access Ember through an employer or health plan sponsor, we may share aggregated, de-identified usage data and reports with your sponsor. We do not share your individual conversation content with sponsors.

Affiliates: We may share information with our corporate affiliates and subsidiaries for purposes consistent with this Privacy Policy.

Business Transfers: In connection with a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction.

Legal Requirements: We may disclose information when required by law, in response to legal process, or to protect the rights, safety, or property of Digital Therapeutics, Inc., our users, or others.

With Your Consent: We may share information with your explicit consent or at your direction.

4. AI and Machine Learning

Ember uses artificial intelligence and machine learning technology to provide our services. We want you to understand how this affects your data:

Training Data: Your interactions with the Platform may be used to train and improve our AI models. We implement technical measures to protect your privacy, including de-identification and security controls.

Automated Processing: AI systems automatically process your inputs to generate responses and recommendations. No human reviews your individual conversations unless required for safety, quality assurance, or at your request.

Model Outputs: AI-generated content is based on patterns learned from training data and may not always be accurate or appropriate for your specific situation. Please refer to our Terms of Use for important disclaimers.

5. Data Retention

We retain your information for as long as your account is active or as needed to provide services, comply with legal obligations, resolve disputes, and enforce our agreements. When we no longer need your information, we will securely delete or anonymize it. Aggregated or de-identified data that cannot identify you may be retained indefinitely for research and analytics purposes.

6. Data Security

We implement technical and organizational security measures designed to protect your information, including encryption in transit and at rest, access controls, security monitoring, and regular security assessments. However, no method of transmission or storage is completely secure. While we strive to protect your information, we cannot guarantee absolute security.

7. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information:

Access: You may request access to the personal information we hold about you.

Correction: You may request that we correct inaccurate or incomplete information.

Deletion: You may request that we delete your personal information, subject to certain exceptions.

Portability: You may request a copy of your data in a structured, machine-readable format.

Opt-Out: You may opt out of marketing communications at any time by following the unsubscribe instructions or contacting us.

To exercise any of these rights, please contact us at privacy@pelagohealth.com. We will respond to your request within the timeframe required by applicable law.

8. California Privacy Rights

If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), including the right to know what personal information we collect, the right to request deletion, the right to opt out of the sale or sharing of personal information, and the right to non-discrimination for exercising your rights. We do not sell personal information in exchange for monetary consideration. To the extent our use of cookies or similar technologies constitutes a "sale" or "sharing" under California law, you may opt out using the "Do Not Sell My Personal Information" link on our website.

9. International Data Transfers

Your information may be transferred to and processed in the United States or other countries where our servers and service providers are located. These countries may have different data protection laws than your country of residence. By using the Platform, you consent to such transfers. Where required by law, we implement appropriate safeguards such as Standard Contractual Clauses for international transfers.

10. Children's Privacy

The Platform is not directed to individuals under 18 years of age, and we do not knowingly collect personal information from children under 18. If we learn that we have collected information from a child under 18, we will take steps to delete such information promptly. If you believe we have collected information from a child, please contact us at privacy@pelagohealth.com.

11. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect information about your use of the Platform. These include essential cookies required for Platform functionality, analytics cookies to understand usage patterns, and preference cookies to remember your settings. You can control cookies through your browser settings. Please note that disabling certain cookies may affect Platform functionality.

12. Third-Party Links

The Platform may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party sites you visit.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The updated version will be indicated by the "Last Updated" date at the top of this page. We encourage you to review this Privacy Policy periodically. Your continued use of the Platform after changes are posted constitutes your acceptance of the updated Privacy Policy.

14. Contact Us

If you have questions or concerns about this Privacy Policy or our privacy practices, please contact us at: