Privacy & Security
End-User Privacy & Security Policy
Privacy and security with care.coach Avatar™
When the avatar is awake or the cuckoo bird is active, to engage in meaningful interactions with you, care.coach receives an audiovisual stream from your avatar device. While the avatar and the cuckoo bird are not visibly looking (e.g. the avatar is asleep, and the cuckoo bird is inside its clock house), care.coach does not receive an audiovisual stream.
When you’d like privacy, simply ask the avatar to give you privacy, or adjust its privacy settings on-screen (our support team is available to guide you through the on-screen process, if needed). During privacy periods, neither the avatar nor the cuckoo bird will wake or engage with you. If the avatar is awake and notices a situation that would reasonably call for privacy, it may inform you that it will be proactively giving you privacy before going to sleep.
To start a conversation with the avatar when the avatar is asleep, please pat the avatar on its head. It does not listen for any "wake-up" word. The avatar may occasionally wake up to proactively check if you would like to chat, unless you request privacy or request that the avatar never wakes up proactively.
When asleep, the avatar produces a gentle snoring sound for reassurance. If you do not like the sound, you can wake up the avatar and ask it to stop snoring. When waking up, the avatar stops snoring and produces a gentle wake-up sound.
Privacy and security with care.coach Video Visits™
Our video visits platform is end-to-end encrypted between all video visit participants. We neither monitor nor record video visit sessions. No HIPAA PHI (personally identifiable health information) is stored within this software system, which serves only as a secure conduit for communication.
Protections against unauthorized access
We will never request your password from you. If anyone claiming to be from care.coach asks for your password, please notify our security team immediately at email@example.com.
When contacting care.coach by phone or via an unauthorized email address to request account information or changes, clients are required to provide verification information, including an ID associated with the account in question.
We trust the authenticity of emails from authorized addresses sent using industry-standard TLS (“Transport Layer Security”), so please keep any authorized email account secure, and do not share access with anybody.
How we collect and use (process) your personal information
care.coach corporation collects personal information about its website visitors and customers. With a few exceptions, this information is generally limited to:
any other information site visitors choose to disclose on the contact form
We use this information to provide prospects and customers with services.
We do not sell personal information to anyone and only share it with third parties who are facilitating the delivery of our services.
From time to time, care.coach corporation receives personal information about individuals from third parties. Typically, information collected from third parties will include further details on your employer or industry. We may also collect your personal data from a third party website (e.g. LinkedIn).
Use of the care.coach corporation website
As is true of most other websites, care.coach corporation’s website collects certain information automatically and stores it in log files. The information may include internet protocol (IP) addresses, the region or general location where your computer or device is accessing the internet, browser type, and other usage information about the use of care.coach corporation’s website, including a history of the pages you view. We use this information to help us design our site to better suit our users’ needs. We may also use your IP address to help diagnose problems with our server and to administer our website, analyze trends, track visitor movements, and gather broad demographic information that assists us in identifying visitor preferences.
care.coach corporation has a legitimate interest in understanding how members, customers and potential customers use its website. This assists care.coach corporation with providing more relevant products and services, with communicating value to our sponsors and corporate members, and with providing appropriate staffing to meet member and customer needs.
Cookies and tracking technologies
Sharing information with third parties
The personal information care.coach corporation collects from you is stored in one or more databases hosted by third parties located in the United States. These third parties do not use or have access to your personal information for any purpose other than cloud storage and retrieval. On occasion, care.coach corporation engages third parties to send information to you, including information about our products, services, and events.
A list of our third party sub processors can be found here:
We do not otherwise reveal your personal data to non-care.coach corporation persons or businesses for their independent use unless: (1) you request or authorize it; (2) it’s in connection with care.coach corporation-hosted and care.coach corporation co-sponsored conferences as described above; (3) the information is provided to comply with the law (for example, compelled by law enforcement to comply with a search warrant, subpoena, or court order), enforce an agreement we have with you, or to protect our rights, property or safety, or the rights, property or safety of our employees or others; (4) the information is provided to our agents, vendors or service providers who perform functions on our behalf; (5) to address emergencies or acts of God; or (6) to address disputes, claims, or to persons demonstrating legal authority to act on your behalf. We may also gather aggregated data about our services and website visitors and disclose the results of such aggregated (but not personally identifiable) information to our partners, service providers, advertisers, and/or other third parties for marketing or promotional purposes.
Transferring personal data to the U.S.
care.coach corporation has its headquarters in the United States. Information we collect about you will be processed in the United States. By using care.coach corporation’s services, you acknowledge that your personal information will be processed in the United States. The United States has not sought nor received a finding of “adequacy” from the European Union under Article 45 of the GDPR. Pursuant to Article 46 of the GDPR, care.coach corporation is providing for appropriate safeguards by entering binding, standard data protection clauses, enforceable by data subjects in the EEA and the UK. These clauses have been enhanced based on the guidance of the European Data Protection Board and will be updated when the new draft model clauses are approved.
Depending on the circumstance, care.coach corporation also collects and transfers to the U.S. personal data with consent; to perform a contract with you; or to fulfill a compelling legitimate interest of care.coach corporation in a manner that does not outweigh your rights and freedoms. care.coach corporation endeavors to apply suitable safeguards to protect the privacy and security of your personal data and to use it only consistent with your relationship with care.coach corporation and the practices described in this Privacy Statement. care.coach corporation also enters into data processing agreements and model clauses with its vendors whenever feasible and appropriate. Since it was founded, care.coach corporation has received zero government requests for information.
For more information or if you have any questions, please contact us at firstname.lastname@example.org.
Data subject rights
The European Union’s General Data Protection Regulation (GDPR) and other countries’ privacy laws provide certain rights for data subjects. Data Subject rights under GDPR include the following:
Right to be informed
Right of access
Right to rectification
Right to erasure
Right to restrict processing
Right of data portability
Right to object
Rights related to automated decision making including profiling
This Privacy Notice is intended to provide you with information about what personal data care.coach corporation collects about you and how it is used.
If you wish to confirm that care.coach corporation is processing your personal data, or to have access to the personal data care.coach corporation may have about you, please contact us.
You may also request information about: the purpose of the processing; the categories of personal data concerned; who else outside care.coach corporation might have received the data from care.coach corporation; what the source of the information was (if you didn’t provide it directly to care.coach corporation); and how long it will be stored. You have a right to correct (rectify) the record of your personal data maintained by care.coach corporation if it is inaccurate. You may request that care.coach corporation erase that data or cease processing it, subject to certain exceptions. You may also request that care.coach corporation cease using your data for direct marketing purposes. In many countries, you have a right to lodge a complaint with the appropriate data protection authority if you have concerns about how care.coach corporation processes your personal data. When technically feasible, care.coach corporation will—at your request—provide your personal data to you.
Reasonable access to your personal data will be provided at no cost. If access cannot be provided within a reasonable time frame, care.coach corporation will provide you with a date when the information will be provided. If for some reason access is denied, care.coach corporation will provide an explanation as to why access has been denied.
For questions or complaints concerning the processing of your personal data, you can email us at email@example.com. Alternatively, if you are located in the European Union, you can also have recourse to the European Data Protection Supervisor or with your nation’s data protection authority.
We do not knowingly attempt to solicit or receive information from children.
Commitment to compliance and transparency
We are pursuing SOC 2 Type II certification, and our trust report and certification will be made available upon request.
We treat all client information and data as confidential, and if you receive care.coach services through a HIPAA covered entity such as your health plan, any PHI (personally identifiable health information) is covered under our HIPAA BAA (healthcare business agreement) with the covered entity. Among a wide variety of physical, administrative, and technical safeguards, all care.coach data is encrypted and securely stored within the United States.
Should you need any changes, deletion, or a copy of your data, please contact our support team at firstname.lastname@example.org.
Data Protection Officer
care.coach corporation is headquartered in Millbrae, CA in the United States. care.coach corporation has appointed an internal data protection officer for you to contact if you have any questions or concerns about care.coach corporation’s personal data policies or practices. If you would like to exercise your privacy rights, please direct your query to care.coach corporation’s data protection officer. care.coach corporation’s data protection officer’s name and contact information are as follows:
199 California Drive Ste. 199, Millbrae, CA 94030
1-855-437-4569 ext. 1
Questions, concerns or complaints
If you have questions, concerns, complaints, or would like to exercise your rights, please contact us at:
199 California Drive Suite 199, Millbrae, CA 94030
855-437-4569 ext. 1
This policy is approved as of July 25, 2023 by the institutional executive, Victor Wang.