Privacy Policy

Effective March 29, 2023

To view our Privacy Shield Verification, please click here.
To view our APEC CBPR Certification, please click here.
 

If you have any questions about our Privacy Policy, you can contact us at privacy@everydayhealth.com and include ‘Privacy Policy’ in the subject line.

  1. Privacy Policy Overview

  2. What Categories of Information We May Process

  3. Sensitive Personal Information

  4. How We Collect or Create Information

  5. Purposes for Which We May Process Your Information

  6. Direct Marketing

  7. Cookies, Similar Technologies and Online Behavioral Advertising

  8. What is the Lawful Basis for Processing Personal Information

  9. What Information We Disclose to Third Parties

  10. International Transfers of Information

  11. Data Security

  12. Data Accuracy

  13. Data Minimization

  14. Data Retention

  15. Your Rights With Respect to Your Personal Information

  16. What Can I Do to Control My Information?

  17. Terms of Service

  18. Contact Details

  19. California Consumers

  20. Texas Sensitive Data Notice

  21. How this Privacy Policy May Change

  22. Consumer Health Data Privacy Policy - WA and NV

 

1. Privacy Policy Overview

Summary – Policy Overview

This Policy explains how we may Process your information. This Policy may be amended or updated from time to time, so please check it regularly for updates. DailyOM, OMFIT and its related applications are operated by Everyday Health.

Everyday Health, Inc., with its parents, affiliates and its subsidiaries (collectively, “Everyday Health”“us”, “our” or “we”), owns, operates, or provides access to, several interactive health, wellness, diet and fitness websites, mobile and connected applications, and other online interactive features and services, including, but not limited to, emails, newsletters, chat areas, forums, communities, sweepstakes and contests for consumers (collectively “Services”). This Privacy Policy applies to all information collected about you when you interact with the Services, regardless of how it is collected or stored, and describes, among other things, the types of information collected about you when you interact with the Services, how your information may be used, when your information may be disclosed, how you can control the use and disclosure of your information, and how your information is protected.

Except as otherwise noted in this Privacy Policy, Everyday Health is a data controller (as that term is used under the EU General Data Protection Regulation (“GDPR”)), which means that we decide how and why the information you provide to us is processed. Contact details are provided in Section 17 below. This Policy may be amended or updated from time to time to reflect changes in our practices with respect to the Processing of your information, or changes in applicable law. We encourage you to read this Policy carefully, and to regularly check this page to review any changes we might make.

This Privacy Policy covers information collected through the DailyOM website and OMFIT application, which are operated by Everyday Health.

 

2. What Categories of Information We May Process

Summary – Categories of Information We May Process

We may Process: your personal details (e.g., your name); demographic data (e.g., your age); your contact details (e.g., your address); records of your consents; purchase details; details of your employer (where relevant); information about your interactions with our content or advertising; and any views or opinions you provide to us.

We may also Process information about you from your use of our Services (e.g., the type of device you are using, the internet service provider, etc.), including your interactions with content and advertising on the Services.

Personal Information” means information that is about any individual, or from which any individual is directly or indirectly identifiable.

Process”, “Processing” or “Processed”means anything that is done with any Personal Information, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

We may Process the following categories of Personal Information about you:

  • Personal details: your name; username or log in details; password; areas or topics of interest; information provided in response to quizzes or surveys or to use certain health-related programs, such as weight goals and caloric intake; and photograph (if you or another user posts a photo on the Service).

  • Demographic information: gender; age/date of birth; nationality; salutation; job title, company information, education, work experience and other professional information; and language preferences.

  • Contact details: postal address; telephone and/or mobile number; email address; and your public social media handles or profile(s).

  • Consent records: records of any consents you may have given, together with the date and time, means of consent and any related information (e.g., the subject matter of the consent).

  • Location information: location data that describes the precise geographic location of your device (“Precise Location Data”).

  • Purchase and payment details: records of purchases and prices; invoice records; payment records; billing address; payment method; cardholder or accountholder name; payment amount; and payment date.

  • Employer details: where you interact with us in your capacity as an employee, the contact information of your employer (including name, address, telephone number and email address) to the extent relevant.

  • Views and opinions: any views and opinions that you or other users choose to send to us, or publicly post about us on social media platforms or in the Services, including on forums.

We also collect other kinds of information from you or other sources, which we refer to as “Other Information” in this Policy, which may include but is not limited to:

  • Information about your use of the Services, such as usage data and statistical information, which may be aggregated.

  • Browsing history including the websites or other services you visited before and after interacting with the Services.

  • Searches for and interactions with e-commerce opportunities, such as merchants and offers contained in the Services.

  • Non-precise information about the approximate physical location (for example, at the city or zip code level) of a user’s computer or device derived from the IP address of such computer or device (“GeoIP Data”).

  • Device identification (“ID”), which is a distinctive number associated with a smartphone or similar handheld device, but is different than a hardware serial number.

  • Advertising ID, which is a unique, user-resettable identification number for advertising associated with a device (e.g., iOS uses the Identifier for Advertising (or “IDFA”) and Android uses Google Advertising ID).

  • Internet Protocol (“IP”) address, which is a unique string of numbers automatically assigned to your device whenever you access the Internet.

  • Information collected through the use of cookies, eTags, Javascript, pixel tags, device ID tracking, anonymous identifiers and other technologies, including information collected using such methods and technologies about (i) your visits to, and interaction and engagement with, the Services, content and ads on third party websites, applications, platforms and other media channels (“Channels”), and (ii) your interaction with emails including the content and ads therein (collectively, “Online Data”).

  • Device type, settings and software used.

  • Log files, which may include IP addresses, browser type, ISP referring/exit pages, operating system, date/time stamps and/or clickstream data, including any clicks on customized links.

  • Web Beacons, which are electronic files that allow a website to count users who have visited that page or to access certain cookies.

  • Pixel Tags, also known as clear GIFs, beacons, spotlight tags or web bugs, which are a method for passing information from the user’s computer to a third party website.

  • Local Shared Objects, such as Flash cookies, and Local Storage, such as HTML5.

  • Mobile analytics to understand the functionality of our mobile applications and software on your phone.

Under certain circumstances and depending on applicable law, some of this Other Information may constitute Personal Information. Personal Information together with Other Information is hereinafter referred to as “User Information”.

 

3. Sensitive Personal Information

Summary – Sensitive Personal Information

Where we need to Process your Sensitive Personal Information for a legitimate purpose, we do so in accordance with applicable law. The Services are not intended for use by children.

To the extent that information we collect is health data or another special category of personal data subject to GDPR, we ask for your explicit consent to process the data. We obtain this consent separately when you take actions leading to our obtaining the data, for example, when you sign up for a newsletter on our site or agree to allow us to track you. You can withdraw your consent at any time by unsubscribing from our newsletters as set out in Section 6 or adjusting your preferences as set out in Section 15.

Children. The Services are not intended for use by children, especially those under 13. No one under the age of 13 should provide any Personal Information or use our public discussion areas, forums or chats. Minors under the age of 18 are not permitted to make purchases through the Services or obtaining coupons or codes from the Services to purchase goods or services on third party websites. If, notwithstanding these prohibitions, your children disclose information about themselves in our public discussion areas, consequences may occur that are not intended for children (for example, they may receive unsolicited messages from other parties). If it is discovered that we have collected Personal Information from someone under 13, we will delete that information immediately.

 

4. How We Collect or Create Information

Summary – Collection and Creation of Information

We may collect or obtain User Information about you: directly from you (e.g., where you contact us); in the course of our relationship with you (e.g., if you make a purchase); when you make your Personal Information public (e.g., if you make a public post about us on social media); when you download, install, or use any of our Services; when you visit our Services; when you register to use any part of the Services; or when you interact with any third party content or advertising on the Services. We may also receive User Information about you from third parties (e.g., social network sites). We may also create User Information about you, such as records of your interactions with us. Everyday Health is not responsible for Personal Information you volunteer about yourself in public areas of the Services. This Policy does not cover the practices of third parties who may provide information about you to Everyday Health.

Collection of User Information: We may collect User Information about you from the following sources:

  • Data you provide: We may obtain your Personal Information when you provide it to us across our Services (e.g., where you sign up for emails, newsletters or SMS messages; register for site membership or create a profile or account on any part of the Services; enter a sweepstakes, contest, competition or prize draw; participate in surveys and quizzes; perform search queries through the Services; contact us via email, telephone or by any other means; make a purchase; etc.).

  • Relationship data: We may collect or obtain your Personal Information in the ordinary course of our relationship with you (e.g., if you purchase a service from us).

  • Data you make public: We may collect or obtain your Personal Information that you clearly choose to make public, including via social media (e.g., we may collect information from your social media profile(s) if you make a public post about us) or through our chats, forums or communities on the Services.

  • Service data: We may collect or obtain your Personal Information when you visit, download, use or register to use any part of our Service.

  • Content and advertising information: If you choose to interact with any third party content or advertising on the Services or Channels, we may receive User Information about you from the relevant third party.

  • Third party information: We may collect or obtain your Personal Information from third parties who provide it to us. This may include offline channels such as through telephone or direct mail efforts; from customers, vendors, suppliers, third parties, commercially available or publicly-available sources (e.g., data brokers, data aggregators, public databases, etc.); third party affiliate network operators; referral sources; and social network sites or services (e.g., Facebook, Twitter, LinkedIn, etc.). If you use a third party connection or log-in (e.g., Facebook Connect, Twitter, or Google+) to access the Services, create a membership or profile on any part of the Services, access our content or forward our content to another person, platform or service, we may also receive your username or email address for those third party services or other information available about you or collected from you on those services.

Please note that Everyday Health is not responsible for the information you volunteer about yourself in the discussions in certain public areas of the Services, such as forums, blogs, wikis, chat rooms, private messages, message boards or other publicly accessible interaction, or information that you choose to make public in your member profile or other areas of the Services that allow users to upload or post content. We discourage users from posting such Personal Information in this fashion. You can change your publicly available information at any time via your profile page. To request removal of your Personal Information from these areas, please see Section 17 in this Privacy Policy for further details. In some cases, we may not be able to remove your Personal Information, in which case we will let you know we are unable to do so and why.

This Privacy Policy does not cover the practices of third parties, including those that may disclose information to Everyday Health.

Creation of User Information. We may also create User Information about you, such as records of your interactions with us and details of your purchase history, for internal administrative purposes and analysis. We may also use User Information you have provided to us with data obtained from third parties to enhance our records or enhance our ability to provide products and services, such as appending additional information to your profile.

 

5. Purposes for Which We May Process Your Information

Summary – Purposes for Which We May Process Your Information

We may Process User Information for the following purposes: providing the Services to you; communicating with you; providing advertising to you on the Services and Channels; analyzing engagement with our audience; observing user engagement and purchase activity across the Service and Channels; offering lead generation services; marketing our services and offerings to current and prospective customers; managing our IT systems; financial management; conducting surveys and quizzes; ensuring the security of our systems; conducting investigations where necessary; compliance with applicable law; and improving our Services.

The purposes for which we may Process User Information, subject to applicable law, include:

  • Provision of the Services to You: providing the Services to you from Everyday Health or its partners including (i) offering of contests, as well as chat areas, forums and communities, (ii) management of your account, and (iii) customer support and relationship management.

  • Offering and Improving the Services: operating and managing the Services for you; providing personalized content to you; communicating and interacting with you via the Services; identifying issues with the Services and planning improvements to or creating new Services; and notifying you of changes to any of our Services.

  • Identification: using information from third parties to verify information about you in order to provide the Services (e.g. verify your mailing address to send you requested products or services.

  • Surveys and Quizzes: engaging with you for the purposes of obtaining your views on our Services, as well as learning more about your interests, including your interest in third parties and their offerings.

  • Research: analyzing, benchmarking and conducting research based on User Information and your interactions with the Services.

  • Communications: communicating with you via any means (including via email, telephone, text message, social media, post or in person) regarding content and other information in which you may be interested, subject to ensuring that such communications are provided to you in compliance with applicable law; maintaining and updating your contact information where appropriate; and obtaining your prior, opt-in consent where required. We may provide direct marketing to you as set out in Section 6 below.

  • Advertising: providing advertising based on your interests and interactions with the Services and Channels, including using User Information to serve you advertisements on the Services and Channels, as well as licensing segments of User Information to third parties. For further information, please see Section 7 below.

  • Audience Engagement: identification and development of audience engagement, advertising and promotional strategies on various platforms and channels, both within the Service and on Channels.

  • User Engagement and Purchases: tracking purchase traffic and activity across the Service and on Channels, including review of your browsing history (if available); provision of analytics and measurement of cost of traffic against money being made.

  • Commerce Offerings: using cookies to track your browsing history and the amount of money spent at a particular third party merchant’s site to offer coupons and other offers that are relevant to your shopping experience.

  • Lead Generation: producing customer leads that are shared with third party advertisers through marketing campaigns, including but not limited to email marketing and site placements.

  • Marketing to Customers: We may market to current and prospective customers and their employees who have indicated an interest in doing business with, or have previously conducted business with, Everyday Health in order to further generate and promote our business. Such efforts include sending marketing emails or conducting phone calls to drive the purchase of advertising, marketing our lead generation, job boards, and other business services offered by Everyday Health.

  • IT Administration: administration of Everyday Health’s information technology systems; network and device administration; network and device security; implementing data security and information systems policies; compliance audits in relation to internal policies; identification and mitigation of fraudulent activity; and compliance with legal requirements.

  • Security: electronic security measures (including monitoring of login records and access details) to help mitigate the risk of and provide the ability to identify and rectify a security incident.

  • Financial Management: general business and financial management purposes, including: economic, financial and administrative management; planning and reporting; personnel development; sales; accounting; finance; corporate audit; and compliance with legal requirements

  • Investigations: detecting, investigating and preventing breaches of policy, and criminal offences, in accordance with applicable law.

  • Legal Proceedings: establishing, exercising and defending legal rights.

  • Legal Compliance: Subject to applicable law, we reserve the right to release information concerning any user of Services when we have grounds to believe that the user is in violation of our Terms of Service or other published guidelines or has engaged in (or we have grounds to believe is engaging in) any illegal activity, and to release information in response to court and governmental orders, other requests from government entities, civil subpoenas, discovery requests and otherwise as required by law or regulatory obligations. We also may release information about users when we believe in good faith that such release is in the interest of protecting the rights, property, safety or security of Everyday Health, any of our users or the public, or to respond to an emergency.

6. Direct Marketing

Summary – Direct Marketing

We may Process your User Information to contact you with information regarding services that may be of interest to you. You may unsubscribe for free at any time.

We may Process your User Information to contact you via email, telephone, direct mail, or other methods of communication to provide you with information regarding the Services that may be of interest to you. We may send information to you regarding the Services, upcoming promotions and other information that may be of interest to you, using the contact details that you have provided to us and always in compliance with applicable law.

You may unsubscribe from our newsletter lists at any time by following the unsubscribe instructions included in every email we send. We will not send you any emails from a list you have selected to be unsubscribed from, but we may continue to contact you to the extent necessary for the purposes of any other Services you have requested or for additional emails you have signed up for.

7. Cookies, Similar Technologies and Online Behavioral Advertising

Summary – Cookies, Similar Technologies and Online Behavioral Advertising

We may Process your User Information by placing or reading Cookies and similar technologies on the Services and Channels. For more information, please see our Cookie Policy. Certain tracking technologies enable us to assign a unique identifier to you, and relate information about your use of the Services to Other Information about you, including your User Information for the purposes of learning more about you so we can provide you with relevant content and advertising. We and our partners also use these technologies to analyze trends; administer the Services; collect and store information such as user settings, anonymous browser identifiers and video viewing history; supplement to our server logs and other methods of traffic and response measurement; track users’ location and movements around the Services; gather demographic information about our user base; and to improve our understanding of traffic on the Services, visitor behavior, and responses to promotional campaigns.

Everyday Health and/or certain third parties may collect information about you for online behavioral advertising purposes in order for you to receive relevant interest-based advertising on the Services and on other websites, platforms and media channels. We use Online Data as well as other User Information to send you online behavioral ads. Online Data is aggregated with the Other Information and data we collect and/or similar data collected by partners to create groups of users and certain general-interest categories or segments that we have inferred. We use this information to get a more accurate picture of audience interests in order to serve ads we believe are more relevant to your interests.

Everyday Health and its partners may use cookies and other tracking technologies to analyze trends, administer Services, track users’ movements around the Services and on third party sites, devices and applications, and to gather demographic information about our user base. You can control the use of cookies at the individual browser level, but if you choose to disable cookies, it may limit your use of certain features or functions on the Services. To manage Flash cookies, please click here. Please see our Cookie Policy for more information, including a more in-depth explanation of what cookies are, the different types of cookies used on the Services, and how to change or delete them.

Tracking technologies on the Services may be deployed by Everyday Health and/or by our service providers or partners. Certain tracking technologies enable us to assign a unique identifier to you, and relate information about your use of the Services to other information about you, including your User Information. We may match information collected from you through different means or at different times and use such information along with offline and online information obtained from other sources (including from third parties), including, but not limited to, demographic information and updated contact information, for the purposes of learning more about you so we can provide you with relevant content and advertising.

When you receive email messages or newsletters from us, we may use web beacons, customized links, clear GIFs or similar technologies to determine whether the email has been opened and which links you click in order to provide you with more focused email communications or other information, and/or to aggregate that information with other data we collect to use for some or all of the purposes outlined in this Privacy Policy.

We and our partners (including but not limited to e-commerce partners, affiliates, and analytics providers) also may use technologies such as pixel tags, e-tags, IP addresses, Local Shared Objects, Local Storage, Flash cookies and HTML5 to analyze trends; administer the Services; collect and store information such as user settings, anonymous browser identifiers and video viewing history; supplement our server logs and other methods of traffic and response measurement; track users’ location and movements around the Services; gather demographic information about our user base; and to improve our understanding of traffic on the Services, visitor behavior, and responses to promotional campaigns. We may receive reports based on the use of these technologies by these third party companies on an individual and aggregated basis. For example, we may connect information about your IP address to known corporate or User Information and use the associated information related to aggregate content preferences to assist in our efforts to market services to you or the originating corporation(s). Various browsers may offer their own management tools for removing Local Storage. To manage Flash Local Shared Objects please click here.

We may use mobile analytics software to collect data and to better understand the functionality of our mobile software, devices and applications on your phone and other devices. This software may record information such as how often you use the application, the events that occur within the application, aggregated usage, performance data, and where the application was downloaded from. We may link this information to User Information.

Everyday Health and/or certain third parties may collect information about you for online behavioral advertising (“OBA”) purposes in order for you to receive relevant interest-based advertising on the Services and on other websites, platforms and media channels. OBA is also referred to as interest-based advertising.

Everyday Health displays ads on both the Services and on the Channels. We may use Online Data as well as other User Information to send you OBA. For example, if you read an article about a particular subject on the Services, we may use cookies from a vendor to later serve you an advertisement for a particular product or service related to the viewed article. These third party vendors may connect information about pages you visit on the Services with information about pages you visit on other Channels and show you advertising based on this combined information. These advertisements may appear when you are visiting a different section of the Services or on another Channel. Likewise, third party vendors may serve you advertisements when you visit the Services based on your interaction with the Services and other Channels.

The specific providers we use for OBA are subject to change. For a list of some of the applicable providers, click here. For information about how to opt out of tracking methods for these entities and others, click here. For more details about OBA and opting out, see Section 15 below.

Online Data is aggregated with the Other Information and data we collect as described in this Privacy Policy and/or similar data collected by partners to create groups of users and certain general-interest categories or segments that we have inferred based on (a) demographic or interest data and GeoIP Data, (b) the pages you view and links you click when viewing an email or using the Services and those of our partners, and/or (c) the search terms you enter when using certain search services. We use this information to get a more accurate picture of audience interests in order to serve ads we believe are more relevant to your interests. We store page views, clicks, and search terms used for ad personalization, targeting separately from your Personal Information. We may share de-identified data segments with third parties, and where we do, we implement technical measures and contractual requirements to prevent identification.

 

8. What is the Lawful Basis for Processing Personal Information

Summary – Lawful Basis for Processing User Information

We may Process your User Information where: you have given your consent; the Processing is necessary for a contract between you and us; the Processing is required by applicable law; the Processing is necessary to protect the vital interests of any individual; or where we have a valid legitimate interest in the Processing.

In Processing your User Information in connection with the purposes set out in this Policy, we may rely on one or more of the following legal bases, depending on the circumstances:

  • Consent: We may Process your User Information where we have obtained your prior, express consent to the Processing (this legal basis is only used in relation to Processing that is entirely voluntary – it is not used for Processing that is necessary or obligatory in any way);

  • Contractual necessity: We may Process your User Information where the Processing is necessary in connection with any contract that you may enter into with us;

  • Compliance with applicable law: We may Process your User Information where the Processing is required by applicable law;

  • Vital interests: We may Process your User Information where the Processing is necessary to protect the vital interests of any individual; or

  • Legitimate interests: We may Process your User Information where we have a legitimate interest in carrying out the Processing for the purpose of managing, operating or promoting our business, and that legitimate interest is not overridden by your interests, fundamental rights, or freedoms.

 

9. What Information We Disclose to Third Parties

Summary – Disclosure of User Information to Third Parties

We may disclose your User Information to: legal and regulatory authorities; our external advisors; parties who Process User Information on our behalf (“Processors”); any party as necessary in connection with legal proceedings; any party as necessary for investigating, detecting or preventing criminal offences; any purchaser of our business; and any third party providers of advertising, plugins or content used on the Services.

We may disclose your User Information to other entities within the Company group, for legitimate business purposes (including operating the Services, and providing services to you), in accordance with applicable law. In addition, we may disclose your User Information to:

  • legal and regulatory authorities, upon request, or for the purposes of reporting any actual or suspected breach of applicable law or regulation;

  • outside professional advisors (such as accountants, auditors, or lawyers), subject to binding contractual obligations of confidentiality;

  • third party Processors (such as analytic providers; data centers; etc.), located anywhere in the world, subject to the requirements noted below in this Section 9;

  • any relevant party, law enforcement agency or court, to the extent necessary for the establishment, exercise or defense of legal rights;

  • any relevant party for the purposes of prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, including safeguarding against and the prevention of threats to public security;

  • any relevant third party acquirer(s), in the event that we sell or transfer all or any relevant portion of our business or assets (including in the event of a reorganization, dissolution or liquidation);

  • any relevant third party provider, where our Services use third party advertising, plugins or content. If you choose to interact with any such advertising, plugins or content, information about your activities on the Services and Channels to provide you targeted advertising based upon your interests may be shared with the relevant third party provider. If you click or tap on or otherwise interact with an advertisement, the advertiser may assume that you meet its target criteria;

  • any sponsors of contests, competitions, sweepstakes and prize draws, or content offerings, the registration data for such events is to be used by us as part of User Information, and may be shared with the sponsor and others, subject to this Policy and the sponsor’s privacy policy. We may also share your information with third party vendors involved in the administration of such events. For contests, competitions, sweepstakes and prize draws, please read the official rules or terms and conditions carefully before you submit your information; and

  • to third parties whose practices are not covered by this Privacy Policy (e.g., third party providers of goods and services, marketing and advertising companies and agencies, content publishers and retailers). Under applicable law, we may share Other Information with other parties who already possess your Personal Information in order to enhance their records about you or enhance their ability to provide products and services.

For some of our Services, we may make some information, such as the name of our users, their mailing address, phone number, email address—and in certain circumstances their employer’s name, company size and other industry data—available on a rental or other basis (e.g., sale) to third party providers of goods and services, for example, when such information is provided in connection with certain content available on our websites. Depending on where you reside, when you register for certain Services, we may share the Personal Information you provide with certain advertisers and sponsors.

Some of the Services may include websites that Everyday Health operates on behalf of third parties (“Licensors”). Where applicable, we may share some or all of your Personal Information with the Licensor; however this privacy policy does not cover the user of your Personal Information by a Licensor. The privacy practices of Everyday Health's Licensors may differ from this policy and we encourage you to contact those third parties directly if you have questions regarding their use of your Personal Information. When you use a co-branded service (a service operated with a partner of Everyday Health), or register or otherwise provide information on a co-branded site, where applicable, we may pass the collected information back to that partner, which may include third party service providers whose services are embedded into and/or appear within the Services.

With respect to surveys and quizzes, in the event that responses are publicly disclosed, users will be notified at the time they take the survey or quiz. Otherwise we will disclose only aggregate information regarding its users’ responses in surveys or quizzes to other participants in the survey. Where surveys or quizzes allow users to submit written comments, and where Everyday Health advises users of the possibility of such disclosure at the time they take the survey or quiz, Everyday Health reserves the right to disclose any information provided by users, provided that no User Information identifying a specific user is disclosed.

Everyday Health and some of our advertisers may use third party advertising service companies to serve advertisements, for OBA or otherwise, and perform related services when you interact with the Services. Often, these third party advertising companies employ cookies and other technologies to measure the effectiveness of website, app and email advertisements and to create a record of interaction with our content that they use in conjunction with their advertising which appears on other sites or applications, or for reporting website traffic, app use, statistics, advertisement data and/or other activities on the Services. We also engage third party providers to assist with the segmentation of this data.

We may also sell or transfer Online Data to certain third parties such as advertisers who will use this data to serve ads that they believe are relevant to your interests, and who agree to maintain the confidentiality of this information. Some of these third parties may combine the Online Data with their own data about you to form a more detailed picture.

We may engage third party providers to assist with the collection, storage and segmentation of Online Data and the providers are required to maintain the confidentiality of this information. These third party providers may collect User Information from our Services for their own purposes, including but not limited to monitoring fraud around the web.

We may also engage third parties for the purpose of recognizing our users and delivering interest-based content and advertisements to them. We may share your User Information with our partners such as your name, postal address, email, or other identifier. Our partners may also: (i) collect information directly from your device, such as your IP address, device ID, advertising ID, and information about your browser or operating system; (ii) combine User Information about you received from Everyday Health with information about you from other sites or services; and (iii) place or recognize a unique cookie on your browser.

If we engage a third-party Processor to Process your User Information, the Processor will be subject to binding contractual obligations to: (i) only Process the User Information in accordance with our prior written instructions; and (ii) use measures to protect the confidentiality and security of the User Information; together with any additional requirements under applicable law.

The Services contain links to other sites or partners whose information practices may be different from ours. You should consult the privacy policy of these third parties to learn how your privacy is protected.

 

10. International Transfers of Information

Summary – International Transfers of Information

We may transfer your Personal Information to recipients in other countries. Where we transfer User Information from the European Economic Area (“EEA”) to a recipient outside the EEA that is not in an adequate jurisdiction, we do so on the basis of standard contractual clauses.

We may transfer your information to recipients in other countries. Everyday Health, through its parent company Ziff Davis, Inc., participates in the E.U.-U.S. Data Privacy Framework, the UK extension to the EU-U.S. DPF, the Swiss-U.S. Privacy Framework and the APEC Cross Border Privacy Rules System. Where we transfer information from the European Economic Area (“EEA”) to a recipient outside the EEA that is not in an adequate jurisdiction, we do so on the basis of standard contractual clauses.

Because of the international nature of our business, we may need to transfer your information within the Ziff Davis Inc. group of companies, and to third parties as noted above, in connection with the purposes set out in this Policy. For this reason, we may transfer your information to other countries that may have different laws and data protection compliance requirements to those that apply in the country in which you are located.

Everyday Health complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce.  Everyday Health has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF.  Everyday Health has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.  If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern.  To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov

We are committed to staying current with developments related to the Data Privacy Framework and may update our transfer mechanisms and safeguards as necessary to remain compliant. Any updates will be reflected in this Privacy Policy.   

>If you are a European individual with a privacy related complaint, concern or question about Ziff Davis’ privacy practices, please contact us through our privacy portal. Under certain conditions, more fully described on the Data Privacy Framework website, European individuals may invoke binding arbitration when other dispute resolution procedures have been exhausted.

Where we transfer your personal information from the EEA to recipients located outside the EEA who are not in a jurisdiction that has been formally designated by the European Commission as providing an adequate level of protection for information, we do so on the basis of standard contractual clauses. You may request a copy of the relevant standard contractual clauses using our privacy portal. Please note that when you transfer any personal information directly to an entity established outside the EEA, we are not responsible for that transfer of your information. We will nevertheless process your information, from the point at which we receive the data, in accordance with the provisions of this policy.

Enforcement Authority 

The Federal Trade Commission has jurisdiction over our compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF). 

 

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Ziff Davis commits to resolve DPF Principles-related complaints about our collection and use of your personal information.  EU and UK individuals and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF should first contact Ziff Davis at privacy@everydayhealth.com

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Ziff Davis commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF to TrustArc, an alternative dispute resolution provider.  The services of Trustarc are provided at no cost to you.  For further information please visit https://trustarc.com/dispute-resolution/.  

Under certain conditions, a binding arbitration option may be available to you in order to address complaints not resolved by any other means. For further information, please see Annex I of the EU-U.S. Data Privacy Framework Principles at: https://www.dataprivacyframework.gov/

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Ziff Davis commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of human resources data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF in the context of the employment relationship. 

For a list of our subsidiaries and affiliates who also adhere to the DPF Principles, please click here

Our privacy practices described in this Policy comply with the Asia-Pacific Economic Cooperation (“APEC”) Cross Border Privacy Rules System. To learn more about this program, please click here.

 

11. Data Security

Summary – Data Security

We implement appropriate technical and organizational security measures to protect your User Information. Please ensure that any Personal Information that you send to us is sent securely.

We have implemented appropriate technical and organizational security measures designed to protect your User Information against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, unauthorized access, and other unlawful or unauthorized forms of Processing, in accordance with applicable law. In certain instances we may use Secure Sockets Layer encryption and/or transfer certain User Information in a non-human readable format to provide protection. However, we cannot guarantee there will not be a breach, and we are not responsible for any breach of security or for the actions of any third parties.

Because the internet is an open system, the transmission of information via the internet is not completely secure. Although we will implement reasonable measures to protect your information, we cannot guarantee the security of your data transmitted to us using the internet. Any such transmission is at your own risk and you are responsible for ensuring that any Personal Information that you send to us are sent securely.

 

12. Data Accuracy

Summary – Data Accuracy

We take every reasonable step to ensure that your User Information is kept accurate and up-to-date and are erased or rectified if we become aware of inaccuracies.

We take every reasonable step to ensure that your User Information that we Process is accurate and, where necessary, kept up to date, and any of your User Information that we Process that you inform us is inaccurate (having regard to the purposes for which they are Processed) is erased or rectified.

 

13. Data Minimization

Summary – Data Minimization

We take every reasonable step to limit the volume of your User Information that we Process to what is necessary.

We take every reasonable step to ensure that your User Information that we Process is limited to the User Information reasonably necessary in connection with the purposes set out in this Policy or as required to provide you services or access to the Services.

14. Data Retention

Summary – Data Retention

We take every reasonable step to ensure that your User Information is only retained for as long as they are needed. Online Data related to OBA is kept by Everyday Health for not more than 180 days after which it will expire, subject to certain conditions.

We take every reasonable step to ensure that your User Information is only Processed for the minimum period necessary for the purposes set out in this Policy. The criteria for determining the duration for which we will keep your User Information are as follows: we will retain copies of your User Information in a form that permits identification only for as long as is necessary in connection with the purposes set out in this Policy, unless applicable law requires a longer retention period. Unless there is a specific legal requirement for us to keep the information, we plan to retain it for no longer than is necessary to fulfill a legitimate business need.

Except as may be set forth in this Privacy Policy, Online Data related to OBA is retained by Everyday Health for not more than 180 days after which it shall expire. However, the 180 day period may commence again if the same user subsequently visits or interacts with an ad, email, the Services or a Channel.

 

15. Your Rights With Respect To Your Personal Information

Your rights: 

  • Right to Withdraw Consent: Where you are requested to consent to the processing of your personal information, you have the right to withdraw your consent at any time.

    • Right to Know: You have a right to know what personal information we collect, process, and share or sell. This policy is meant to provide transparency with regard to your data. If you have additional questions, you can email us at privacy@everydayhealth.com.  

    • Right of Access: You can request a copy of the personal information we have collected about you from us. 

    • Right to Delete/Erase: You can request us to delete all the information we have collected about you. It is important to note that by exercising your right to deletion you may lose access to your account and any purchases, points or features associated with it. If you wish to cancel your account or request that we no longer use some or all of your information to provide you services, Contact Us

    • Right to Request Rectification: If you find that any of your information that we are processing is inaccurate, you can contact us to have your information corrected. In response, we will cancel or remove your information but may retain and use copies of your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. For certain requests, we may require additional information.

    • (California) Right to Opt-out of the Sale or Sharing for Targeted Ads: Under some circumstances we may sell or share the personal data you provide to us to provide ads to you that align with your interests. If you would prefer not to have your data sold or shared, you can opt-out of selling or sharing by submitting a request via privacy portal or by emailing privacy@everydayhealth.com. We may ask for additional information to verify your request.

    • Right to Object to the Processing: You can object to our processing of your personal information via our privacy portal, under certain circumstances. By objecting to processing, you may not be able to access some or all of our services. This right is limited to personal data processed for commercial purposes. 

    • Right to Object to the Use of Sensitive Personal Information: You have the right to object to our use of your sensitive personal information. Sensitive personal information is information about your health, race, religion, sexual orientation, gender identity, political opinions or philosophical beliefs. You should always be mindful about the personal information you share online, especially when it is sensitive in nature. 

    • Right to Object to Automated Processing: You have a right to object to the processing of your data for the purposes of automated decision making about you. 

    • Right to not be Discriminated Against: You have a right to not be discriminated against for exercising your rights. 

    • Right to Complain (EU,UK, Switzerland): Should you wish to raise a complaint about the collection or use of your information, you have the right to do so without prejudice to any other rights you may have. You may lodge a complaint with your local data protection authority.

    • Right to an Authorized Agent (CA): If you would like to make a request on behalf of a California consumer who is a current or former customer, please provide an email from the email address we have on file for the customer authorizing the request. You may also make a request under the California Consumer Privacy Act on behalf of a California consumer if you provide (1) a signed, written permission from the consumer to act on your behalf, and the consumer verifies their own identity directly with us; or (2) proof that the consumer has provided you with power of attorney pursuant to Probate Code sections 4000 to 4465. We may deny a request from an agent that does not submit proof that they have been authorized by the consumer to act on their behalf.

    In order to make privacy requests please visit our privacy portal and fill out the form. You can also email us at privacy@everydayhealth.com. Our contact information can be found in the “Contact Details” section below. 

    You may be required to verify your identity before we can give effect to these rights. If you are making a request on behalf of a user, we require a signed authorization letter from the consumer.

    16. What Can I Do to Control My Information?

    Summary – What Can I Do to Control My Information?

    You can directly take steps to change your preferences for newsletters and online behavioral advertising as outlined in this section.

    If you are an EU resident, you may have certain rights including: the right not to provide your Personal Information to us; the right of access to your Personal Information; the right to request rectification of inaccuracies; the right to request the erasure, or restriction of Processing, of your Personal Information; the right to object to the Processing of your Personal Information; the right to have your Personal Information transferred to another controller; the right to withdraw consent; and the right to lodge complaints with supervisory authorities. We may require proof of or need to verify your identity before we can give effect to these rights.

    You may directly take steps to change your preferences as follows:

    Your Newsletter and Email Subscriptions. You can opt out or unsubscribe from a newsletter or other email list at any time by following the instructions at the end of the newsletters or emails you receive. Please allow five to ten business days for changes to take effect. On some Services, member service-related communications are an integral part of such Services to which you subscribe and you may continue to receive emails as part of that particular portion of the Services unless you cancel your account, even if you opt out of the newsletters or email list. If you have provided more than one email address to us, you may continue to be contacted unless you request to unsubscribe each email address you have provided.

    Push Notifications. We send you push notifications from time-to-time in order to update you about any events or promotions that we may be running. If you no longer wish to receive these types of communications, you may turn them off at the device level. To ensure you receive proper notifications, we will need to collect certain information about your device such as operating system and user identification information.

    Location Based Services. You may opt-out of having your Precise Location Data collected by Everyday Health at any time by editing the appropriate setting on your mobile device (which is usually located in the Settings area of your device).

    OBA. Everyday Health is a subsidiary of Ziff Davis, LLC, a member of the Digital Advertising Alliance (“DAA”) in the U.S., E.U. and Canada and uses third party assurance platforms to comply with the DAA principles. Everyday Health strives to adhere to the self-regulatory organization principles for the DAA (US), the DAAC (Canada) and the EDAA (EU). Online ads on the Services using Online Data are delivered with the DAA Ad Marker Icon http://www.ziffdavis.com/wp-content/uploads/2016/10/zd_adchoices.png, which helps users understand how their data is being used and provides choices for users who want more control. This icon is also on each of our web pages and applications where Online Data is collected that will be used for OBA purposes. 

    The DAA Ad Marker Icon AdChoices provides information (and links to other information) on online behavioral ads, who is collecting and using your Online Data, how you can opt out and more. If you would prefer that we not collect Online Data that may be used to help determine which advertisements to serve you, opt out by clicking this icon AdChoices, which can be found on most of our webpages and mobile applications.

    • European Union and Switzerland residents should visit the European DAA by clicking here.

    • Canadian residents should visit the DAA of Canada by clicking here.

    • U.S. residents and residents of all other countries or territories not listed above can click here for the DAA site to learn more about the use of cookies, your opt-out choices, and more. You may also opt-out of targeted advertising by submitting a request to opt-out of the sale of your personal information via https://dsar.everydayhealth.com/.

    When you use our website, we share information that we collect from you, such as your email (in hashed form), IP address, or information about your browser or operating system, with our identity partners/service providers. These partners return an online identification code that we may store in our first-party cookie for our use in online, in-app, and cross-channel advertising, and it may be shared with advertising companies to enable interest-based and targeted advertising. To opt-out of this use, please click here.

    Cookies and Pixel Tags. You may stop or restrict cookies and pixel tags on your computer or purge cookies from your browser by adjusting your web browser preferences. However, if you “turn off,” purge, or disable cookies or pixel tags, although you may still use the Services, you may not be able to use all of the features, functions, or services available on the Services.

    California Residents. In accordance with the California Online Privacy Protection Act, we may collect Personal Information about your online activities when you use the Services. While we give our users many avenues to opt out of providing Personal Information, we do not respond to Web browsers’ “do not track” signals. California’s “Shine the Light” law, Civil Code Section 1798.83, permits our users who are California residents to periodically request and obtain certain information about any Personal Information disclosed to third parties for direct marketing purposes. If you are a California resident and wish to make such a request or if you wish for us to refrain from gathering your Personal Information, please submit your request in writing to the contact details set out in Section 17 below.

    EU Residents. GDPR provides certain rights for EU residents. You may decline to share certain information with us, in which case we may not be able to provide some of the features and functionality of the Services. These rights include, in accordance with applicable law, the right to object to or request the restriction of processing of your information, and to request access to, rectification, erasure and portability of your own information. Where we process your information on the basis of your consent, you have the right to withdraw that consent (noting that such withdrawal does not affect the lawfulness of any Processing performed prior to the date on which we receive notice of such withdrawal, and does not prevent the Processing of your Personal Information in reliance upon any other available legal bases). Requests should be submitted by contacting us (using the contact instructions in Section 17 below). If you are an EU resident and have any unresolved privacy concern that we have not addressed satisfactorily after contacting us, you have the right to contact the appropriate EU Supervisory Authority and lodge a complaint.

    You may access, correct, or request deletion of your personal information by logging into your account, contacting us through our DSAR Portal, or emailing us at privacy@everydayhealth.com regardless of your citizenship or location.

     

    17. Terms of Service

    Summary – Terms of Service

    For more information concerning your use of the DailyOM website and OMFIT application, please see our Terms of Service.

    For more information concerning your use of the DailyOM website and the OMFIT application, please consult the Terms of Service, which is incorporated by reference into this Privacy Policy. We recommend that you review the Terms of Service regularly, in order to review any changes we might make from time to time.

     

    18. Contact Details

    Summary – Contact Details

    You may contact us at the addresses set out below or by emailing privacy@everydayhealth.com

    Everyday Health
    Attention: Legal Department
    114 5th Avenue, 15th Floor
    New York, NY 10011

    If you are an EU resident, you may contact our Data Protection Officer at dpo@everydayhealth.com

    If you have any comments, questions or concerns about any of the information in this Policy, or any other issues relating to the Processing of User Information carried out by us, or on our behalf, please contact:

    Everyday Health

    Attention: Legal Department

    114 5th Avenue, 15th Floor

    New York, NY 10011

    privacy@everydayhealth.com

    Our Data Protection Officer may be contacted at dpo@everydayhealth.com.

    If you have an unresolved concern regarding your privacy or our use of data that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) by clicking here.

    19. California Consumers

    Pursuant to the California privacy regulations, our consumer rights metrics can be found on our Regulatory Information Site
     

    20. Texas Sensitive Data Notice

    NOTICE: We may sell your sensitive personal data, as defined under and in accordance with Texas law.

    21. How this Privacy Policy May Change

    We may change this Privacy Policy from time to time, and all changes will be effective at the time we post them. If we believe there is a significant change to this Privacy Policy or our data collection and use practices, we will indicate on our websites that our Privacy Policy has changed prior to the change becoming effective. The then-posted version of the Privacy Policy supersedes all prior versions. Your continued access to or use of any of the Services shall be deemed your acceptance of the Privacy Policy.

    We urge you to come back to this web page and review this Privacy Policy regularly so that you remain aware of the terms and conditions that apply to you.

    22. Consumer Health Data Privacy Policy - WA and NV

 

A. Categories of health data collection, purpose and source: 

 

  • Voluntarily provided information related to health interests, conditions, or concerns. 

  • Inferred data related to your interests and concerns based on your use of our digital properties.

  • Information collected through the use of cookies, eTags, Javascript, pixel tags, device ID tracking, anonymous identifiers, and other technologies, including information collected using such methods and technologies about (i) your visits to, and interaction and engagement with, the Services, content and ads on third party websites, applications, platforms and other media channels (“Channels”), and (ii) your interaction with emails including the content and ads therein (collectively, “Online Data”).

  • Device type, settings, and software used.

  • Log files, which may include IP addresses, browser type, ISP, referrer, accessed pages, operating system, date/time stamps and clicks.

  • Web Beacons, which are electronic files that allow a website to count users who have visited that page or to access certain cookies.

  • Pixel Tags, also known as clear GIFs, beacons, spotlight tags or web bugs, which are a method for passing information from the user’s computer to a third party website.

 

B. Third parties and affiliates we share your consumer health data with:

 

Everyday Health is owned by Ziff Davis Inc. We share your information with other businesses owned by Ziff Davis, Inc. (“Ziff Davis Companies”) to assist us in operating our services, improving them, and further developing them.

 

We also share information with other Ziff Davis Companies and our partners for the purposes of targeted advertising. If you would like to opt out of the sale or sharing of your data, you can do so via our Privacy Portal.

 

With respect to quizzes and surveys, in the event that responses are or will be publicly disclosed, users will be notified at the time they take such quizzes or surveys. Otherwise, we will disclose only aggregate information to other participants. Where quizzes or surveys allow users to submit written comments, and where Everyday Health advises users of the possibility of such disclosure at the time they take the quiz or survey, Everyday Health reserves the right to disclose any information provided by users, provided that no User Information identifying a specific user is disclosed.

 

Everyday Health and some of our advertisers may use third party advertising service companies to serve advertisements, for OBA or otherwise, and perform related services when you interact with the Services. Often, these third party advertising companies employ cookies and other technologies to measure the effectiveness of website, app and email advertisements and to create a record of interaction with our content that they use in conjunction with their advertising that appears on other sites or applications, or for reporting website traffic, app use, statistics, advertisement data and/or other activities on the Services. We also engage third party providers to assist with the segmentation of this data.

 

We may also sell or transfer your information to certain third parties, such as advertisers who will use this data for marketing purposes, including serving ads that they believe are relevant to your interests. Some of these third parties may combine the information you provide to us with their own data about you to form a more detailed picture. If you would like to opt out of the sale or sharing of your data, you can do so via our Privacy Portal.

 

We may engage third party providers to assist with the collection, storage and segmentation of your information and the providers are required to maintain the confidentiality of this information. These third party providers may collect User Information from our Services for additional purposes, such as to monitor fraud around the internet.

 

We may also engage third parties for the purpose of recognizing our users and delivering interest-based content and advertisements to them. We may share your User Information with our partners such as your name, postal address, email, or other identifier. Our partners may also: (i) collect information directly from your device, such as your IP address, device ID, advertising ID, and information about your browser or operating system; (ii) combine User Information about you received from Everyday Health with information about you from other sites or services; and (iii) place or recognize a unique cookie on your browser.

 

If we engage a third-party Processor to Process your User Information, the Processor will be subject to binding contractual obligations to: (i) only Process the User Information in accordance with our prior written instructions; and (ii) use measures to protect the confidentiality and security of the User Information, together with any additional requirements under applicable law.

 

The Services contain links to other sites or partners whose information practices may be different from ours. You should consult the privacy policy of these third parties to learn how your privacy is protected.

 

C. How to exercise your rights:

 

In order to exercise your rights with respect to your health data, please visit our Privacy Portal and fill out the form. You can use this portal to request a copy of your data, corrections, delete your data, or other rights applicable to you. 

 

You can also email us at privacy@everydayhealth.com. For more information on your rights, please see the heading “Your Rights With Respect to Your Personal Information.” 

 

D. Changes to this policy

 

This policy may be amended or updated from time to time at our discretion. For additional information, please refer to the heading “How This Policy May Change.”