California Privacy Addendum V1.0

If you are using the Unmind platform and live in the United States of America (USA), when we collect and use personal information about you, we may be subject to the California Consumer Protection Act (CCPA). This means that we are responsible for protecting your personal information in compliance with the CCPA as well as with our own UK data protection legislation.

Therefore, we ask that you make some time to read the additional information contained in this privacy addendum alongside our Global Privacy Policy so that you understand your rights and choices relating to your personal information as a resident of the USA. 

We review this addendum and our Global Privacy Policy every year.

What information have we collected in the last 12 months?

The categories of personal information that we have collected in the last 12 months can be viewed in our Global Privacy Policy in the types of information we collect section. We update this table annually, so you can be sure that we are actively reflecting the categories of information we are collecting about you.

Where do we collect your information from?

We explain how we collect your information in the how we collect your information section of our Global Privacy Policy, you can also read more about our purpose for collecting your information in the how we use your information section.

Disclosure of your information for business purposes

We disclose, for business purposes, the information identified in the types of Information we collect section of our Global Privacy Policy.

We disclose this personal information to our third-party service providers as described in the who we share your information with section of our Global Privacy Policy.

Selling your personal information 

We do not, under any circumstances, sell your personal information to external third parties, businesses or any other entities.

The CCPA provides our users within scope of this legislation with the following rights:

• Request access to your personal data: You have the right to access your information (if we’re processing it) so that you can check we are processing it in alignment with the CCPA.
• Request erasure of your personal data: You can ask us to delete any information we hold about you. Be careful, this isn’t a general right to erasure; there are exceptions. But we strive to meet your requests where we can. 
• Right of disclosure for sale of data or use for business purpose: You can ask us to provide you with the categories personal data and third parties we disclose for sale or business purposes in certain circumstances. Unmind does not sell your personal data under any circumstances, but you may wish to request this for the times when Unmind discloses your personal information for a business purpose.
• Data portability: You have rights to obtain and reuse your personal information for your own purposes across different services. If you ask us for your information in a portable format, then that means we will give it to you in an accessible and machine-readable, for example as a csv file. You can also ask us to safely transfer it to another system for you.
• Right to opt-out: This enables you to opt-out of the sale of your personal information by Unmind another third party. Unmind does not sell your personal information under any circumstances, so this right does not apply with Unmind.
• Right to withdraw consent: At Unmind, we don’t always rely on consent as our legal basis for processing your information (make sure you read the section How we use your information in our Global Privacy Policy). But, if you have given your consent , for example, for us to email you, then you can change your mind at any time. All you have to do is let us know (e.g., by clicking the unsubscribe button at the bottom of an email, or by emailing us at privacy@unmind.com. 
• Right to non-discrimination: Unmind will never discriminate against you in any way or under any circumstance for exercising any of these rights under the CCPA.

Changes to your personal data

It is important that the personal information we hold about you is accurate and current. If you can’t change make the updates you want to make via your account settings on the Unmind app, please contact us at privacy@unmind.com and ask us to make those changes for you.

How will Unmind respond?

If you exercise any of your rights under the CCPA, then we may need to request specific information from you to help us confirm your identity (e.g., photo ID) and that you are entitled to make such a request. We may also ask you more questions about the exact information you are referring to in your request. This is to ensure that personal information is not accidentally provided to the wrong person or someone acting maliciously and to make sure that we are handling the information relevant to your request. 

Unmind identifies as a Business Associate under the Health Insurance Portability and Accountability Act 1996 (HIPAA). We do not expressly collect protected health information. However, given that we provide an opportunity for all of our users to enter information about their mental wellbeing into our check-in feature, we feel it is important for us to act in compliance with the privacy requirements of HIPAA.

Our information security measures are HIPAA compliant, if you have questions about this, then please get in touch with us at infosec@unmind.com.

Upon termination of your account, we de-identify your check in and usage data such that it can never be reconstructed to identify you as an individual.

At Unmind, we take the protection of your personal information very seriously, so we have appointed a Data Protection Officer (DPO) to oversee our compliance with the CCPA. If you have any questions about this addendum or our Privacy Policy, then please contact our DPO at privacy@unmind.com.