REACT HEALTH

Privacy Policy

 

3B Medical, Inc. d/b/a React Health manufactures and distributes CPAP machines (“Devices”), which are designed for Users who have been diagnosed by a Medical Professional with a sleep disorder.  The Devices collect information about the User’s treatment while the Device is used (“Usage Data”). 

React Health Plus, a software application (“APP”), can be used by Users to monitor their Usage Data.  This Privacy Policy applies to Users of the APP, and Users consent to this Privacy Policy when they download, install, and open the APP.  The APP can receive Usage Data in two different ways.  Users can use the APP to scan QR Codes generated by the Device if the Device supports QR code generation.  The QR Codes contain encoded Usage Data that is displayed in the APP and transmitted to secure servers maintained by React Health in the U.S.A.  Secondly, Users can choose to enter Personal Information into the APP to create an account within the APP and register their Device.  Any Usage Data and Personal Information received by the secured servers for the User’s Device, via any method, will be automatically synchronized to the APP and presented to the User.  All transmission of data in both directions between the secure servers and the APP uses the User’s mobile device internet connection.  React Health respects the privacy of Users and strives to collect and protect Usage Data and Personal Information by complying with applicable laws.  This Privacy Policy provides information about the rights of Users and the privacy practices of React Health.

 

Why does React Health collect, process, and store Usage Data and Personal Information (“UDPI”)?

 

React Health digitally receives, processes, and stores Usage Data only to make such Usage Data available to Medical Professionals of the Users.  React Health is required to obtain explicit consent from Users to process certain information that applicable laws have classified as “Special Category of Usage Data.”  In accordance such relevant laws, React Health may process Usage Data without seeking explicit consent:

 

·         to perform legal duties or obligations,

 

·         to respond to an emergency, including a public health emergency, as mandated by governmental health agencies,

 

·         to maintain the safe and stable operation of the Device, including the detection and removal of malfunctions, or

 

·         in any other circumstances stipulated by laws and governmental agencies.

 

To create an account and register the Device, the User may choose to enter the User’s name, e-mail address, birthdate, and the Device serial number (“Personal Information”).  React Health digitally receives and stores Personal Information only when Users create an account and register the Device.

 

What data is collected?

 

The following Categories of Usage Data are collected as being necessary for the proper functioning of the APP:

 

1.       Usage Data:

 

Time/duration of use, air/breathing pressure, respiratory indices (AHI, AI, HI, CAI), leak information, serial number, and other information related to the Users treatment.

 

React Health does not intentionally collect, and do not want Users to provide, any information regarding their race or ethnic origin, political opinions, religious or philosophical beliefs, or other sensitive information.

 

2.       Feedbacks and questions that Users submit.

 

When Users voluntarily submit feedback or questions through the APP, Users may share e-mail address, online logs, Device logs and serial number, and any additional information Users wish to share voluntarily.

 

3.       Personal Information.

 

Personal Information is collected if the User creates an account and registers the Device.

 

How are UDPI collected?

 

Usage Data is received digitally through a modem in the Device, if available, via SD card upload by a Medical Provider, or by scanning QR Codes generated by the Device using the APP.  Personal Information is received digitally from the APP.

 

How are UDPI protected?

 

UDPI received and stored in the secure server remains strictly confidential.  UDPI may be accessed internally only to relevant personnel who need such UDPI to perform their duties.  All necessary precautions are taken to protect the security of UDPI, in particular, to prevent it from being altered, damaged, or accessed by unauthorized third parties.  A combination of technical and administrative security controls are utilized to maintain the security of UDPI.  Although reasonable efforts are made to protect UDPI, no one can guarantee the total security of any information transmitted through wireless data.  If a breach is confirmed, the affected Users will be notified as required by applicable laws.  When using the APP, Users should enable additional security in the form of PIN, fingerprint security, or facial recognition function on the smart device (refer to the smart device user guide), enable the remote data wipe function on the smart device as this allows Users to remotely erase UDPI from the smart device if it is misplaced or lost (refer to the user guide), and keep the operating system up-to-date with security patches.  The latest version of the APP should be installed on the smart device as well.  React Health is not responsible or liable for any damage resulting from the transmission of UDPI.

 

With whom are UDPI shared?

 

UDPI will only be accessible to those persons who need access to it for the purposes indicated above and/or when required by law.  UDPI may be shared in a controlled and secured manner with third-party service providers engaged to provide data processing, hosting services, maintenance services, compliance risk assessments, data analysis, and customer services.  Contractual guarantees are imposed to ensure that such service providers apply adequate security and confidentiality measures.  In doing so, UDPI is adequately protected and processed only in accordance with instructions so that such service providers may not use UDPI for any other purpose.  UDPI may be shared with any affiliate, subsidiary, or company owned or controlled by React Health.  UDPI may be shared if some or all business is transferred to another entity by way of merger, sale of assets, or otherwise.  UDPI is shared in accordance with this Privacy Policy, with User consent, or only to the extent permitted or required by applicable law. 

 

Where are UDPI stored and processed?

                                         

UDPI is stored and processed in a secure cloud infrastructure in the U.S.A.

 

How long are UDPI retained?

 

UDPI is retained for ten (10) years from the date of receipt.

 

Your UDPI rights.

 

In accordance with applicable laws, Users have the right to:

 

·         To access UDPI via the APP.

·         Request information on the recipients of UDPI and the purposes of access.

·         Request restrictions on the access of UDPI.

 

Users may exercise their rights by contacting React Health.  Users may delete UDPI in the APP by deleting the APP.

 

Facial Recognition API Usage.

 

The APP may use facial recognition an Application Programming Interface (“API”) to enhance User experience by tracking head and face movements for Augmented Reality (“AR”) interactions.

 

For mask fitting, which is an optional feature in the APP, the APP requests camera permission and temporarily scans facial geometry to determine the correct mask size.  No facial data or images are shared or stored.

 

·         On Apple devices, the TrueDepth API is used, adhering to Apple’s privacy standards.

·         On Android devices, the Augmented Faces API is used, adhering to Google’s privacy standards.

 

 

Use of the APP by children.

 

The APP is not intended for, or directed to, minors.  In the event a child uses the APP, the parent or legal guardian may contact React Health.

 

Consent.

 

Users consent to the collection, processing, and storage of UDPI.

 

Applicable law, competent jurisdiction, and policy update.

 

This Privacy Policy is governed by the laws of Delaware, U.S.A.  All disputes shall be brought in the federal or state courts in Delaware and the parties to the dispute shall be subject to the jurisdiction and venue of such courts in Delaware.  This Privacy Policy may change from time to time.  Any changes to this Privacy Policy will be posted on the APP under the “About” section.  When required by law, Users will be notified.  The continued use of the APP by the User following such updates or notices will signify acceptance of such changes by the User.  This Privacy Policy was last updated in March 2024.

 

Contact information.

 

If Users have any questions or concerns about privacy, please contact:

Address:  React Health, 5101 Fruitville Road, Suite 200, Sarasota, Florida 34232 U.S.A.

Website:  www.reacthealth.com/contact-us

E-mail:  info@reacthealth.com