Privacy Statement

VIRTUA HEALTH, INC.
Privacy Statement

Last Updated: January 15, 2025

Virtua Health, Inc. and its subsidiaries and affiliates (“Virtua” or “we” or “us”) recognizes the importance of data privacy, and this Privacy Statement sets forth the terms and conditions with respect to how we process your Personal Data. This Privacy Statement describes, among other issues, the types of Personal Data that we collect, the purposes for which we use it, the types of third parties with whom we share it, and any rights and responsibilities you may have with respect to such Personal Data.

This Privacy Statement applies to the Personal Data you provide us when you (i) visit any website that we own, license, or otherwise operate and that links to this Privacy Policy (each, a “Site”) or (ii) visit our offices or otherwise contact or engage with us. However, in the event you receive a separate privacy notice from Virtua that describes how we process your Personal Data in a specific Virtua program (e.g., our daycare services or educational programs), then the separate privacy notice (and not this Website Privacy Statement) shall apply to those data processing activities. 

PLEASE READ THIS PRIVACY STATEMENT CAREFULLY AS IT DESCRIBES YOUR RIGHTS, RESPONSIBILITIES, AND LIABILITIES. BY ACCESSING OR USING THE SERVICES OR OTHERWISE PROVIDING US WITH PERSONAL DATA, YOU ARE CONSENTING TO THE TERMS OF THIS PRIVACY STATEMENT AND OUR TERMS OF USE.

1. Scope

   For purposes of this Privacy Statement, the term “Personal Data” means any information that, alone or in conjunction with other information or data, identifies or is linked to a particular individual or household and that is subject to, or otherwise afforded protection under, a data protection law, statute, or regulation. The term “Personal Data” does not include anonymized or de-identified data that is not attributable to a particular individual or household and that is not otherwise subject to a data protection law, statute, or regulation. Virtua may anonymize or de-identify Personal Data, and such data is not subject to this Privacy Policy, and Virtua may use such data for any purpose.

   THIS STATEMENT DOES NOT APPLY TO INFORMATION YOU PROVIDE OR THAT WE RECEIVE WHEN WE RENDER MEDICAL CARE TO YOU; SUCH INFORMATION IS CALLED “PROTECTED HEALTH INFORMATION” UNDER THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (“HIPAA”). PLEASE NOTE THAT VIRTUA’S HIPAA NOTICE OF PRIVACY PRACTICES IS A SEPARATE DOCUMENT THAT GOVERNS HOW WE PROTECT AND MAY USE OR DISCLOSE OUR PATIENTS’ PROTECTED HEALTH INFORMATION.

2. The Types and Categories of Personal Data We Collect

   Virtua collects Personal Data in order to provide our Services, comply with our legal obligations, promote our business interests, and for the other reasons set forth in this Privacy Statement. When you do not provide Personal Data to Virtua, we may not be able to provide you with the Services or to complete a transaction you requested. Generally, we collect the following types and categories of Personal Data during our business operations:

   Personal Data
   Category	Description/Examples
   Personal Identifiers	Identifiers, such as your name, alias, residential address, email address, account name, telephone number.
   Account Registration Data	Information provided when you register for an account to use the Site, including usernames and passwords.
   Payment Data	Data necessary to confirm that your payment has been processed by our third-party payment processor (such as for a Virtua-sponsored event).
   Online Identifiers (For more information, see “Collection of Technical/Online Data” below)	Persistent identifiers that can be used to recognize you or your device over time and across different services, including a device identifier, an Internet Protocol (IP) address, cookies, beacons, pixel tags, mobile ad identifiers, and similar technology.
   Business Contact Data	Information related to employees, owners, directors, officers, or contractors of a third-party organization (e.g., business, company, partnership, sole proprietorship, nonprofit, or government agency) with whom we conduct, or possibly conduct, business activities.
   Marketing and Communications Data	Information with respect to your marketing preferences and your subscriptions to our publications and alerts.
   Internet and Electronic Network Data	Data pertaining to your access or use of the Site, including browsing history, search history, and information regarding your interaction with the Site or advertisements embedded on the Site or other third-party websites, and information derived from any device that connects to our Wi-Fi services.
   Your Feedback	Information you provide about our Services, which may include data gathered from any Virtua surveys or reviews submitted by you.
   Visitor Information	Information an individual provides when visiting any physical location orpremises of Virtua (e.g., visitor logs and registries, vehicle and parking information).
   Video and Images	In some circumstances, you may provide us with images (e.g., your use of a product or services) or we may record you via a video camera (e.g., on-premises security systems) or through video teleconferencing.
   Geolocation Data	We may collect data about your location, which may be either precise or imprecise. Precise location data can be obtained through Global Navigation Satellite System data, as well as through nearby cell towers and Wi-Fi hotspots when you enable location-based products or features. Imprecise location data includes, for example, a location derived from your device or data that indicates where you are located with less precision, such as an internet protocol (IP) address or a city or postal code.
   Inferences	Inferences drawn from some of the Personal Data categories identified herein and used to create a consumer profile reflecting your purchasing and marketing preferences, characteristics, and behavior.

    
3. Collection of Technical/Online Data

   In addition, when you access the Site, we collect certain data automatically using technical means and tools. This data relates to your device, as well as your experience on the Site and other websites, including the following:

   Usage and Device Data. When you access and use the Site, we automatically collect details of your access to and use of the Site, including traffic data, usage logs and other communication data, and the resources that you access and use on or through the Site (e.g., browsing history, search history). We may also collect information about your device and internet connection, including the device’s unique identifier (e.g., device type, IMEI, Wi-Fi MAC, IP address), operating system, browser type, and mobile network information. The Site may collect “diagnostic” data related to your use of the Site, such as crash data and logs, performance data (e.g., launch time, hang rate, or energy use), and any other data collected for the purposes of measuring technical diagnostics.

   Cookies and Tracking Data; Social Media. We use “cookies” and other tracking technologies within the Site. A cookie is a small file placed on your smartphone or other device. It may be possible to refuse to accept cookies by activating the appropriate setting on your smartphone or device. However, if you select this setting, some parts of the Site may become inaccessible or not function properly. In addition, the Site may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit us to analyze data on your use of the Site (e.g., recording the popularity of certain content and verifying system and server integrity). The Site may collect data about the advertisements you have seen or engaged. For more information, see, where available, the Cookie Policy on each Site. From time to time, we may use certain third-party cookies and pixels on our Site that are provided to us by our marketing partners, including social media companies. To the extent we use such third-party cookies and pixels, you hereby agree to the terms and conditions set forth by those third parties, which may include Meta, X (formerly Twitter), TikTok, and LinkedIn, among others.

   Site Monitoring. Please be aware that we, and our service providers and partners, use cookies and other tracking technologies within the Site to monitor and record any and all activities and communications to, from, and on, the Site. For the avoidance of doubt, you hereby acknowledge, agree, and consent to, such monitoring and recording by us and our service providers and partners.

   Non-Cookie Technologies. We may deploy on our Site certain types of “Non-Cookie Technologies” provided by our service providers to support our digital advertising programs.  These technologies often include browser cache, locally stored objects, or the creation of a statistical identifier wherein an identifier, much like a cookie identifier, is calculated based on the characteristics of a browser or device that distinguishes it from other browsers or devices. These identifiers are calculated either from the data your browser or device shares automatically or with additional data specifically requested from your browser or device. For more information, see here.

4. Sources of Information

   We collect Personal Data from the following sources:

5. How We Use your Information / Purpose of Collection

   We may use the Personal Data we collect about you in order to perform our Services, comply with our legal obligations, and promote our business interests. Please see below for more information on how we use Personal Data:

   Personal Data
   Category	Description/Examples
   Personal Identifiers	Identifiers, such as your name, alias, residential address, email address, account name, telephone number.
   Account Registration Data	Information provided when you register for an account to use the Site, including usernames and passwords.
   Payment Data	Data necessary to confirm that your payment has been processed by our third-party payment processor (such as for a Virtua-sponsored event).
   Online Identifiers (For more information, see “Collection of Technical/Online Data” below)	Persistent identifiers that can be used to recognize you or your device over time and across different services, including a device identifier, an Internet Protocol (IP) address, cookies, beacons, pixel tags, mobile ad identifiers, and similar technology.
   Business Contact Data	Information related to employees, owners, directors, officers, or contractors of a third-party organization (e.g., business, company, partnership, sole proprietorship, nonprofit, or government agency) with whom we conduct, or possibly conduct, business activities.
   Marketing and Communications Data	Information with respect to your marketing preferences and your subscriptions to our publications and alerts.
   Internet and Electronic Network Data	Data pertaining to your access or use of the Site, including browsing history, search history, and information regarding your interaction with the Site or advertisements embedded on the Site or other third-party websites, and information derived from any device that connects to our Wi-Fi services.
   Your Feedback	Information you provide about our Services, which may include data gathered from any Virtua surveys or reviews submitted by you.
   Visitor Information	Information an individual provides when visiting any physical location orpremises of Virtua (e.g., visitor logs and registries, vehicle and parking information).
   Video and Images	In some circumstances, you may provide us with images (e.g., your use of a product or services) or we may record you via a video camera (e.g., on-premises security systems) or through video teleconferencing.
   Geolocation Data	We may collect data about your location, which may be either precise or imprecise. Precise location data can be obtained through Global Navigation Satellite System data, as well as through nearby cell towers and Wi-Fi hotspots when you enable location-based products or features. Imprecise location data includes, for example, a location derived from your device or data that indicates where you are located with less precision, such as an internet protocol (IP) address or a city or postal code.
   Inferences	Inferences drawn from some of the Personal Data categories identified herein and used to create a consumer profile reflecting your purchasing and marketing preferences, characteristics, and behavior.

    
6. Sharing Information / Third-Party Disclosures

   We may share your Personal Data with certain organizations and third parties in accordance with applicable law, including as set out below. However, we do not share Personal Data with third parties that we have reason to believe use such information for their own direct marketing purposes.

   Intra-Group Transfers. We share Personal Data, to our parent organization, and to and among Virtua affiliates and subsidiaries, to efficiently manage the operation of our business.

   Service Providers. We may share your Personal Data with companies that provide services on our behalf, such as hosting and analyzing the Site, conducting surveys and marketing on our behalf, processing transactions, tracking and responding to questions or complaints, and performing analyses to improve the quality of our Services.

   Payment Card Transactions. Any payments for purchases made through the Site are completed using a third-party vendor’s online payment system. Virtua does not have access to your credit card information and does not store or disclose your full credit card information. Any personal or financial information you provide to our online payment system is subject to the third party’s privacy policy and terms of use, and we recommend you review these policies before providing any personal or financial information.

   Distributors and Business Partners. We may share your Personal Data with third parties that distribute our marketing materials.

   Business Restructuring. Circumstances may arise where, for strategic or other business reasons, Virtua decides to sell, buy, divest, merge or otherwise reorganize our businesses. We may disclose your Personal Data to the extent reasonably necessary to proceed with the negotiation or with the completion of a merger, acquisition, member substitution, affiliation, divestiture, sale or purchase of all or a portion of Virtua or another entity’s assets.

   Legal; Compliance; Legitimate Interests. We may disclose Personal Data (i) if required by law, a government order, or a legal process, (ii) to cooperate with law enforcement when we determine, in our sole reasonable judgement, that such cooperation is in Virtua’s interest (iii) to protect and defend our rights or property, or (iv) in urgent circumstances, to protect the health and personal safety of any individual. In addition, Virtua may disclose your Personal Data with any third party when we believe such disclosure is necessary to defend or protect our legal, regulatory, or business interests.

   Surveillance Disclaimer. We install and use video surveillance equipment to monitor our property and premises. We may, from time to time, disclose our video recording activities with property owners or managers, insurance companies, law enforcement and regulatory agencies upon their request or when we believe such disclosure promotes our legitimate business interests, including ensuring the safety and security of our employees, patients, and visitors.

   Consent; Legally Permitted. In addition to the reasons for disclosure set forth herein, we may also disclose your Personal Data upon your consent or when such disclosure is consistent with Virtua’s other legal obligations.

   In the event that you facilitate a transaction with Virtua, or request information from or otherwise engage with us, and such activities require Virtua to share your Personal Data with a service provider or other third party, you hereby consent to such disclosure and/or direct Virtua to intentionally disclose your Personal Data to the service provider or third party.

7. Social Media/ Platform Data Rights

   We may engage with you on various social media platforms (e.g., Facebook, Twitter, Pinterest, Instagram). If you contact us on a social media platform for support or for other reasons, we may contact you via the social media’s direct message tools. Those communications to and from us are governed by this Privacy Statement. However, your use of a social media platform is also subject to the policies and terms of the relevant social media platform. Certain social media platforms may also automatically provide us with your Personal Data, and the information we receive will depend on the terms that govern your use of the social media platform(s) and any privacy settings you may have set. The Site includes social media features and widgets (e.g., the “Facebook Like” button, the “Share This” button) or interactive mini-programs that run on the Site. These features may collect your IP address and which Site page you are accessing and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on the Site. Your interactions with these features are governed by the privacy statement of the relevant social media platform that provides them.

   According to the terms and conditions governing certain social media platforms, you may request that the information, data, or other content we obtain from or through the social media platform (“Platform Data”) be deleted or modified.  If you would like Platform Data related to you deleted or modified, please contact us in accordance with the “Contact Us” section below and (i) identify the social media platform at issue and (ii) the Platform Data that you would like deleted and/or modified, and if modified, the modification to said Platform Data. We may also delete Platform Data if requested by the social media platform.

8. Links to Other Websites; Your Direct Third-Party Disclosures

   As a resource to you, the Site may include links to third-party websites or provide you the opportunity to disclose information directly to third parties. Our Privacy Policy does not apply to such third-party websites or organizations. You assume all privacy, security, and other risks associated with providing any data, including Personal Data, to third parties via the Services. For a description of the privacy protections associated with providing information to third parties, you should refer to the privacy statements, if any, provided by those third parties.

9. Data Retention and Localization

   The period during which we retain your Personal Data varies depending on the purpose of the data processing. For example, we retain Personal Data for as long as needed to provide you with our Services, to facilitate transactions you have requested, to comply with our legal obligations (e.g., tax filings), to engage in marketing activities, and for as long as is necessary to defend our legal or business interests. In all other cases, we retain your Personal Data for as long as is needed to fulfill the purposes outlined in this Privacy Statement.

   Virtua is located in the United States, has a principal purpose of delivering health care to customers located in the United States, and the Personal Data we collect is governed by U.S. law. The Services described in this Privacy Statement are directed only to customers located in the United States. If you are not located in the United States when you use the Services, by accessing or using the Services or otherwise providing Personal Data to us, you consent to your Personal Data being transferred to, stored, or processed in the United States and/or maintained on computers or servers located in the United States, where the privacy laws may not be as protective as those in your jurisdiction.

10. Security

    We seek to protect the security of your Personal Data and use a variety of security technologies and procedures to help protect your Personal Data from unauthorized access, use, or disclosure. HOWEVER, NO INFORMATION SYSTEM CAN BE FULLY SECURE, AND WE CANNOT GUARANTEE THE ABSOLUTE SECURITY OF YOUR PERSONAL DATA. MOREOVER, WE ARE NOT RESPONSIBLE FOR THE SECURITY OF PERSONAL DATA YOU TRANSMIT TO THE SITE AND/OR THE SERVICES OVER NETWORKS THAT WE DO NOT CONTROL, INCLUDING THE INTERNET AND WIRELESS NETWORKS, AND YOU PROVIDE US WITH ANY PERSONAL DATA AND DATA AT YOUR OWN RISK. TO THE EXTENT PERMITTED BY LAW, WE SHALL NOT BE LIABLE OR OTHERWISE RESPONSIBLE FOR ANY DATA INCIDENT OR EVENT THAT MAY COMPROMISE THE CONFIDENTIALITY, INTEGRITY, OR SECURITY OF YOUR PERSONAL DATA CAUSED BY A THIRD PARTY. The safety and security of your Personal Data also depends on you. Where we have given you (or where you have chosen) a username and password to access our Services, you are responsible for maintaining the security and confidentiality of those credentials and not revealing them to others. You must contact us immediately (and in any event within twenty-four (24) hours) if you have reason to believe that your username or password to our Services has been compromised. You acknowledge and agree that we may contact you via email or other electronic communications in the event we are legally required to notify you of a data security incident or event related to your Personal Data.

11. No Data Collected from Children

    The Site is not directed at, nor intended for use by, children. As a result, if you are under the age of seventeen (17), you are prohibited from accessing or using the Services (including the Site) or from providing us with your Personal Data.

12. Your Responsibilities

    You are permitted, and hereby agree, to only provide Personal Data to Virtua if such Personal Data is accurate, reliable, and relevant to our relationship and only to the extent such disclosure will not violate any applicable data protection law, statute, or regulation or infringe upon a person’s data privacy rights or privileges. IF YOU PROVIDE PERSONAL DATA (INCLUDING PERSONAL DATA CONCERNING A THIRD PARTY) TO VIRTUA, YOU EXPRESSLY REPRESENT AND WARRANT TO VIRTUA THAT YOU HAVE THE FULL RIGHT AND AUTHORITY TO PROVIDE VIRTUA WITH SUCH PERSONAL DATA (INCLUDING PERSONAL DATA CONCERNING A THIRD PARTY) AND THAT VIRTUA’S USE AND PROCESSING OF SUCH PERSONAL DATA AS SET FORTH HEREIN WILL NOT VIOLATE ANY PERSON’S RIGHTS OR PRIVILEGES, INCLUDING RIGHTS TO PRIVACY. YOU HEREBY AGREE TO FULLY AND COMPLETELY INDEMNIFY VIRTUA FOR ANY CLAIMS, HARM, OR DAMAGES THAT MAY ARISE FROM YOUR PROVISION OF PERSONAL DATA (INCLUDING PERSONAL DATA CONCERNING A THIRD PARTY) TO VIRTUA.

13. Updating Your Information

    It is important that the Personal Data that you provide to us is accurate and reliable. In certain circumstances, you may have the ability to directly edit your account to update and change your Personal Data (e.g., name, telephone number, email, address), and you must do so when such changes are warranted. If our Site does not provide these capabilities, then you must write to us in accordance with the Contact Us section below so we can update our records.

14. SMS/Text Marketing and Your Rights

    Virtua offers a Mobile Messaging Program in which we send you text messages related to our Services, marketing programs, general health information, appointment reminders (if you are a patient), or emergency notifications. By providing your Personal Data through the Services, you agree to receive autodialed or prerecorded marketing mobile messages, and you understand that you are not required to make any purchase from us to participate in our Mobile Messaging Program.  You hereby agree to immediately notify us, in writing, in the event you no longer own, license, or use the telephone number to which you used to enroll into our Mobile Message Program. 

15. New Jersey Residents’ Privacy Rights

    Data Privacy Rights. Pursuant to New Jersey privacy law, you may have the following privacy rights with respect to your Personal Data:

    Submit a Privacy Request. To submit these abovementioned privacy requests, please complete your request at https://www.virtua.org/forms/consumer-data-request or contact us in accordance with the “Contact Us” section below.

    Privacy Request Verification Process. If you make any request related to your Personal Data, Virtua will ascertain your identity to the degree of certainty required or permitted under the law before addressing your request. None of your privacy rights are absolute, and such rights are subject to exceptions and exemptions.

    Privacy Requests Appeals Process. If you would like to appeal a decision Virtua has made with respect to your privacy request, please email us at DSRappeals@virtua.org, with the subject line “ATTN: Privacy Appeals,” and describe the nature of your request, and the reason for requesting an appellate review.

    Opt-Out Rights / The Sale of Personal Data. You have the right to opt out of the “sale” of your Personal Data. However, Virtua does not sell your Personal Data to third parties for monetary consideration or other valuable consideration, and therefore we do not provide opt-out request processes for the sale of Personal Data (because we do not undertake such activities).

    Opt-Out Rights / Targeted Advertising. You have the right to opt out of having your Personal Data used for targeted advertising purposes. Virtua may, from time to time, use third-party analytical and targeted advertising features on our Site and similar web tools provided by our marketing partners. To opt out of the use of your Personal Data for targeted advertising purposes, please click on the cookie management tool, where available, on the footer of the Site to set your cookie preferences.

    Opt-Out Rights / Profiling. You may have the right to opt out of having your Personal Data used for profiling in furtherance of decisions that produce legal or similarly significant effects. However, Virtua does not engage in such activities.

    Complaints. You may file a complaint about our data processing activities with the New Jersey Division of Consumer Affairs at: https://www.njconsumeraffairs.gov/.

16. Marketing Preferences

    You may, at any time, opt-out from receiving marketing emails from us. To opt-out from such marketing, please use the “unsubscribe” or “preference” features within our email communications, contact us in accordance with the “Contact Us” section below.

17. Do-Not-Track Signals

    Some web browsers may transmit “do-not-track” signals to the website with which the user communicates. Because of differences in how web browsers incorporate and activate this feature, it is not always clear whether users intend for these signals to be transmitted, or whether they are even aware of them. Unless otherwise required by law, we currently do not take action in response to these signals.

18. Persons with Disabilities

    Virtua strives to ensure that every person has access to information related to our Services, including this Privacy Policy. Please contact us if you would like this Privacy Statement provided in an alternative format, and we will seek to meet your needs.

19. Events and Video Teleconferencing

    Virtua hosts and uses video teleconferencing platforms to facilitate conferences, meetings, training events, and other programs. We often use online platforms that are owned and administered by a third-party service provider (e.g., Microsoft Teams, Google, Zoom, Webex, Skype for Business). Please be aware that our video teleconferencing may record the content, conversations, and discussions thereon, and such records may be stored or retained by our third-party service providers. By participating in our events and video teleconferencing, you hereby consent to the collection and retention of any information provided therein, and you hereby consent to the recording of such activities.

20. Changes to the Privacy Statement

    We reserve the right to amend this Privacy Statement at any time. We will notify you if this Privacy Statement is amended by updating the “Last Updated” section listed above. It is your responsibility to periodically review the Privacy Statement to determine whether any amendments have been made hereto. Your use of the Services and continued use of the Services after any amendments are made to this Privacy Statement, signifies your consent to this Privacy Statement and any amendments hereto. We may, in our sole discretion, provide you communications, including via email or text messages, about changes to our Privacy Statement; however, such communications do not abrogate or otherwise limit your responsibility to periodically review the Privacy Statement to determine whether any amendments have been made hereto.

21. Contact Us

• First Party / Direct Collection. We collect Personal Data directly from you when you use our Services or whenever you directly engage with us, such as when you visit our offices or premises or otherwise contact us.
• Automated Collection. As described above, we may collect information and data, such as usage data and cookies, through automated means when you use the Site (see “Technical Data” above).
• Third-Party Sources. We also obtain data from third parties. These third-party sources vary over time, but they are sources deemed credible by us and may be publicly available or available on a commercial basis. They can include: data brokers from which we purchase demographic data to supplement the data we collect; partners with whom we offer branded services or engage in joint marketing activities; fraud prevention agencies or credit reporting agencies in connection with credit determinations, if applicable; publicly available sources such as open government databases or other data in the public domain; social networking providers; advertising companies; and, third-party references.

• To confirm whether we are processing your Personal Data and to access such Personal Data.
• To correct inaccuracies in your Personal Data, taking into account the nature of the Personal Data and the purposes of the processing of your Personal Data.
• To delete Personal Data provided by, or obtained about, you.
• To obtain a copy of your Personal Data processed by us, in a portable and, to the extent technically feasible, readily usable format that allows you to transmit the data to another entity without hindrance.
• To opt out from having your Personal Data sold to third parties, or used for targeted advertising purposes or for certain types of profiling (see below for more information).

If you have questions regarding this Privacy Statement or our handling of your Personal Data, would like to request more information from us, or would like to exercise a data privacy right, please contact us at https://www.virtua.org/forms/consumer-data-request; (mail) Virtua Health Privacy Officer, 303 Lippincott Drive, 3rd Floor, Marlton, NJ 08053; or (email) privacyofficer@virtua.org.