Kersh Health Privacy Policy
Who We Are

Kersh Risk Management, LLC (“Kersh”, “we”, “our”, “us”) provides online, telephonic, and on-site health risk management products and services (“services”). We collect personal information in an effort to provide our services and to improve the user experience. Kersh values its users and respects their privacy. We are committed to maintaining the privacy, integrity and security of any personal information we collect.

This Privacy Policy specifically applies to how Kersh collects, uses, stores, and displays personal information on one or more of the websites owned and operated by Kersh, including www.KershHealth.com, www.PoweredByKam.com, and www.KershWellness.com (“site”, “sites”). This Privacy Policy is subject to the provisions of our Terms of Use, which are incorporated by reference.

For the purposes of this Privacy Policy the terms “user” or “you” mean an authorized user of our sites or services.

Personal information gathered on users of our services who do not register for an account on one of our sites is also treated in accordance with the applicable sections of this Privacy Policy.

Children’s Privacy

Kersh’s Sites are not intended for use by children under the age of 13, except as specifically agreed to on a case by case basis. Kersh does not knowingly collect any Personal Information from visitors under the age of 13 unless Kersh reasonably believes the child’s parent or guardian (“Parent”) has consented to such registration and use of the website. If we discover that a child under the age of 13 has provided us with Personal Information without a Parent’s consent, we will take steps to delete the information as soon as possible. If you are a Parent and discover that your child under the age of 13 has a registered account one of Kersh’s Sites without your consent, then you may alert Kersh at support@kershhealth.com and request that Kersh delete that child’s personal information from its systems.

In certain instances, Kersh may work with school organizations to provide our activity management system to children under the age of 13. To participate, a Parent must complete a Parental Consent Form for any child under the age of 13. The following is the Policy and Notice to Parents whose children are under 13 and are authorized to participate in online activity management services with Kersh:

Kersh is the only website operator that will collect your child’s personal information (as described below). You may contact us by mail, phone or email: 2600 Technology Drive, Suite 100, Plano, Texas 75074. (800) 467-3005. support@kershhealth.com.

Kersh will collect your child’s first and last name, date of birth, gender, height, weight, and home address in writing via the Parental Consent Form. This information is used to create an account for your child on our Sites. It is also used to calculate your child’s Resting Metabolic Rate (RMR) so we can accurately convert your child’s KAM points to Calories.

Your child’s physical activity levels are collected directly by a kinetic activity monitor (KAM) that is worn by your child. This information includes calories burned from activity, KAM points, and minutes of activity in three distinct activity zones. This information is stored in the KAM device and then uploaded to our secure servers when docked with a computer using our device driver.

The KAM device may be docked at home or by your child’s teacher. By signing the Parental Consent Form, you agree to let your child’s teacher dock the KAM device, which means the teacher may see your child’s activity data.

Kersh will provide access to a modified version of our activity management site. In order to protect a child’s privacy and limit the requirement for Personal Information, groups that include children under the age of 13 will not have access to the KAM Goals or Friend features. They will also only be able to view leaderboard data for their direct peer group, not the entire population of KAM users. Individuals within your child’s direct peer group (your child’s classmates, your child’s teacher) will be able to view your child’s activity data, first initial, last name, username, and gender via the KAM leaderboards and KAM games (if applicable).

Kersh will not require a child to disclose any information other than that set forth above as a condition of participation in the activity the parent has consented to.

At no time will Kersh disclose Personal Information to any third parties.

You may review or revoke a child’s permission to use the Sites at any time by contacting Kersh by mail, email, or fax at: 2600 Technology Drive, Suite 100, Plano, Texas 75074. (469) 241-2599. support@kershhealth.com. To protect the privacy of your child’s information we require the request to be in writing accompanied by a signature matching the signature on the Parental Consent Form.

What Personal Information We Collect

Kersh will NOT release, sell, rent, or trade your personal information to any third party without your permission, except when we believe in good faith that the law requires it, or as outlined in the Disclosure of Information section of this Privacy Policy.

Kersh recognizes two categories of personal information: user information and personal health information.

User information may include, but not be limited to, name, date of birth, gender, address, telephone number, email address, employee ID, social security number, marital status, employment status, username, and password. This information is collected during the registration process and through the course of providing our services. We may also collect this information from your employer if your employer has contracted with us to provide our services.

Personal health information may include, but not be limited to, height, weight, blood pressure, lipid values, glucose values, medical claims data, diagnosis, medications, lab results, provider(s) names, medical history, and activity data. We receive this information from you via our sites, our KAM device, telephonically, or on forms you complete and mail, fax, or email to us. We may also receive this information from your insurer or from your health care provider if your employer or health care provider has contracted with us to provide our services.

We may also collect non-personal information from all visitors to the site, including the number of visitors to the site, the websites from which the visitors enter the site, the pages the visitors visit on the site, the length of the visits, the names of the visitors’ internet providers and internet protocol address, the visitors’ browser information, the speed of the visitors’ connections and the search terms used to find the site. We do this to enhance the site user’s experience.

Personal information (including user information and personal health information) cannot be removed from the system and will be retained for a minimum of 7 years in accordance with our record retention policy. User accounts, however, may be disabled upon written request, using the contact information at the end of this Privacy Policy.

Disclosure of Information

With our Business Partners. We generally may share your personal information with our partners for performing their contractual obligations under agreements with us. We require our partners to protect your personal information.

With Employers. We will NOT share any individually identifiable personal health information with your employers. Unless an employer has a legal right to obtain your personal health information, we will de-identify such personal health information. De-identified information means data that have been separated from information that would tie it to a particular individual. Information may be provided to employers in aggregate form. Any such information will not be personally identifiable.

Other Disclosures. We will not share personal information with a third party without prior authorization, with the following exceptions:

with partners who assist us in providing services to you (only information necessary to providing the services will be shared); to comply with law, rule, regulation, subpoena or other legal processes or to protect the rights, property or safety of us or others; In the event that we or substantially all of our assets are acquired by one or more third parties as a result of an acquisition, merger, sale, reorganization, consolidation or liquidation, in which case personal information may be one of the transferred assets; for purposes of carrying out Treatment or Payment (when applicable). Treatment means the provision, coordination or management of health care and related services, consultation between providers relating to an individual or the referral of an individual to another provider for health care. Payment means activities undertaken to obtain or provide reimbursement for health care, including determinations of eligibility of coverage, billing, collection activities, medical necessity determinations and utilization review. Sharing of information in any of the above cases will only be done when in full compliance with applicable laws.

How We Keep It All Secure

Kersh enforces strict company-wide policies regarding privacy, security and confidentiality. Physical, administrative, operational and technical safeguards have been put in place to protect your personal information. When you register for our services, Kersh requires a password from you for your privacy and security. This password is stored in an encrypted fashion on our systems. We protect your transactions involving personal information over the internet using Secure Socket Layer (SSL) technology. We restrict access to your personal information in our database to our authorized employees, our agents and certain of our authorized partners (see Disclosure of Information).

Cookies

A cookie is a small file a website stores on your computer’s hard drive for record-keeping or other purposes. Kersh uses cookies to enhance your experience while using our sites by storing and tracking your preferences.

If you are concerned about the use of cookies, you may change how your browser settings to erase, block, or warn about cookies. If you reject cookies, some features of our site may not function properly or you may have to enter personal information every time you use our sites.

Information You Share With Others

Kersh will protect your privacy as described in this Privacy Policy. However, if you voluntarily and publically disclose any personal information on our site (via message board, comments, group challenges, etc.) you should be aware that such information is accessible by others and is no longer considered personal information as defined in this Privacy Policy. We are not responsible for the personal information you choose to submit in these areas.

Your Responsibilities

You are solely responsible for maintaining the security of your username, Kersh ID (KID), and password. If you believe that any of these items have been compromised you should immediately change your password.

We provide a “Remember Me” feature for our KAM device that allows you to automatically log in to our site from on one or more selected computers. We recommend this feature be used solely on private computers. You are responsible for ensuring you keep your device safe and secure.

You are also responsible for logging out of your account when using a public computer to access our sites.

We are not responsible if someone else access your account and Personal Information through information they have obtained from you or through a violation by you of this Privacy Policy.

Links to Other Websites

We may include links to other websites on our sites. We do not endorse and are not responsible for the information practices or privacy policies of websites operated by others that may be linked to or from the site. If you decide to access a third party’s website that may be linked to or from the site, you should consult with that website’s privacy policy and terms of use.

Changes To Our Policy

We may update this Privacy Policy at any time, and any changes made will take effect immediately upon posting. Your continued use of the sites following the posting of any such modifications will mean you accept and agree to be bound by the modifications. We will not provide individual notice to you of changes to our Privacy Policy, so we encourage you to check the sites regularly to see if any changes have been made.

The date the Privacy Policy was last updated appears at the bottom of this Privacy Policy.

Questions?

If you have any questions, comments, or concerns about our Privacy Policy or your privacy, please contact us at (800) 467-3005 or support@KershHealth.com.

Last Updated October 2, 2012
© 2015 Kersh Health. All Rights Reserved