Privacy Policy

Last Updated: January 29, 2023

We respect your privacy and are committed to protecting your personal data and the personal data of your clients. This privacy notice tells you about how we look after this data when you visit our website, use our software, or otherwise communicate with us, and it tells you about your privacy rights and how the law protects you.

Happy Path Health Inc. (“Happy Path Health”, “us”, “we”, or “our”) operates the https://labsmarts.com website (the “Website”) and the LabSmarts software, https://site.labsmarts.com (the “Software”, and collectively with the Website, the “Services”). This Privacy Policy informs users of our Services (“users” or “you”) of our policies regarding the collection, use, and disclosure of personal data when you use our Services. By using our Services and providing information to us, you agree to the terms and conditions of this Privacy Policy.

Data We Collect and How We Collect It

When you utilize the Services, we may collect certain information directly from you that you provide to us, as well as, information that is automatically or passively collected from other sources, such as from your browser or device.

Data collected during the set up of a free account in the Software: email, password, first name, last name, and phone number.

Data collected when purchasing a subscription on the Website: first name, last name, billing address, and phone number. The password for this account is generated automatically. We do not collect or store your credit card information. See the Payments section below for information on how your credit card details are collected for payment processing. 

Data collected using the contact form on the Website: name and email.

Data collected automatically when you use our Services: We may also collect information that your browser sends whenever you visit our Website or use our Software (“Log Data”). Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, the pages of our Services that you visit, the time and date of your visit, the time spent on those pages and other statistics.

Data collected by tracking and cookies when you use our Services: We use cookies and similar tracking technologies to track the activity on our Services and hold certain information. Cookies are files with small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyze our Services. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Services. Examples of Cookies we use:

  • Session Cookies: We use Session Cookies to operate our Services.
  • Preference Cookies: We use Preference Cookies to remember your preferences and various settings.
  • Security Cookies: We use Security Cookies for security purposes.

How We Use Your Data

We will only collect personal data that is necessary to fulfill the following purposes:

  • To provide and maintain our Services
  • To notify you about changes to our Services or otherwise communicate with you about our Services
  • To allow you to participate in interactive features of our Services when you choose to do so
  • To provide customer support
  • To respond to your inquiries
  • To sign-you up for an account or subscription
  • For payment processing purposes
  • To gather analysis or valuable information so that we can improve our Services
  • To monitor the usage of our Services
  • To detect, prevent and address technical issues
  • To provide you with educational content, newsletters, offers, promotions, marketing, general information about the Services and other information that we believe may be of interest to you
  • To verify identity
  • To identify your preferences
  • To ensure you receive a high standard of service
  • To meet comply with the law or meet regulatory requirements
  • Other legal reasons as apply to the Services requested and our business
  • Prevent, detect, or investigate security concerns, including fraud
  • You have given us permission to do so
  • The processing is in our legitimate interests and it’s not overridden by your rights

We will make reasonable efforts to ensure that your personal data is accurate and complete. You may request correction to your personal data to ensure its accuracy and completeness. A request must be made via our website or in writing and provide sufficient detail to identify your personal data and the correction being sought.

How We Secure Your Data

We understand that security is very important for you and your clients, and we take the security of all data very seriously. We have implemented several security mechanisms to keep your personal data and your clients’ data safe. See our complete Data Security Policy for more details. However, no data security measures can guarantee 100% security. You should take steps to protect against unauthorized access to your device and account by, among other things, choosing a robust password that nobody else knows or can easily guess and keeping your login and password private.

How We Comply with General Data Protection Regulation (GDPR)

Where EU data protection law applies, and where applicable under other data protection laws, we process your personal data for the following legal bases. Our legal basis for collecting and using the personal data described in this Privacy Policy depends on the personal data we collect and the specific context in which we collect it.

  • Our contract with you. Our processing is necessary to perform our obligations under a contract with you or to perform steps requested by you prior to entering into a contract with you (e.g., to verify the information you have provided to us).
  • Our legitimate interests. Our processing is necessary for our legitimate interests, including to protect the security of our services; to protect the health and safety of you or others; to establish, protect and defend our legal rights and interests; to prevent fraud and verify identity
  • The right of rectification. You have the right to have your personal data rectified if that information is inaccurate or incomplete.
  • The right to object. You have the right to object to our processing of your personal data.
  • The right of restriction. You have the right to request that we restrict the processing of your personal data where (i) you contest the accuracy of the personal data; (ii) the use is unlawful but you do not want us to erase the personal data; (iii) we no longer need the personal data for the relevant purposes, but you require it for the establishment, exercise or defense of legal claims; or (iv) you have objected to our personal data use justified on our legitimate interests pending verification as to whether we have compelling interests to continue the relevant personal data use.
  • The right to data portability. To the extent that we use your personal data on the basis of consent for the performance of a contract and that personal data is processed by automatic means, you have the right to be provided with a copy of the personal data we have on you in a structured, machine-readable and commonly used format, and also to require us to transmit it to another data controller where this is technically feasible.
  • The right to withdraw consent. You also have the right to withdraw your consent at any time where we relied on your consent to process your personal data.

    • Please note that we may ask you to verify your identity before responding to such requests.

    You have the right to complain to a Data Protection Authority about our collection and use of your personal data if you consider that the collection and use of your personal data violates this Privacy Policy or applicable law. For more information, please contact your local data protection authority in the European Union (EU).

    How We Disclose Your Data

    We will disclose your information to entities as described below:

    • Our affiliates and subsidiaries. Where permitted by law and unless you request otherwise, we will share your information with our affiliates and subsidiaries for the purposes set forth in this Privacy Policy.
    • Other Users. As stated above, you may choose to submit information on a blog or in a forum. Any information that you submit will be available to other users of our Services.
    • General Business Operations. We disclose information where necessary to the administration of our general business, accounting, record keeping and legal functions, to our tax advisors, legal counsel and other professional services entities or agents.
    • In Response to Legal Process. We disclose your information to comply with the law, a judicial proceeding, court order or other legal process, such as in response to a subpoena or warrant.
    • To Protect Us and Others. We disclose your information where we believe it is necessary to investigate, prevent or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety rights, property, or security of Happy Path Health, the Services, or of any person or violations of this Privacy Policy or our Terms of Use.
    • Service Providers. As described in the Services Providers section below.
    • Aggregate and Anonymized Information. We may share aggregate or anonymized information about use of the Services with service providers for marketing, advertising, research, analytics or other similar purposes.

    How We Retain Your Data

    We will retain your personal data for as long as is necessary for the purposes set out in this Privacy Policy. We will also retain and use your personal data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

    We will also retain Log Data for internal analysis purposes. Log Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Services, or we are legally obligated to retain this data for longer time periods.

    Your Data Protection Rights Under GDPR

    If you are a resident of the European Union (EU), you have certain data protection rights. We aim to take reasonable steps to allow you to correct, amend, delete, or limit the use of your personal data.

    If you wish to be informed what personal data we hold about you and if you want it to be removed from our systems, please contact us.

    In certain circumstances, you have the following data protection rights:

    • The right to access, update or to delete the information we have on you. Whenever made possible, you can access, update or request deletion of your personal data directly within your account settings section. If you are unable to perform these actions yourself, please contact us to assist you.
    • The right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete.
    • The right to object. You have the right to object to our processing of your personal data.
    • The right of restriction. You have the right to request that we restrict the processing of your personal information.
    • The right to data portability. You have the right to be provided with a copy of the information we have on you in a structured, machine-readable and commonly used format.
    • The right to withdraw consent. You also have the right to withdraw your consent at any time where we relied on your consent to process your personal information.

    Please note that we may ask you to verify your identity before responding to such requests.

    You have the right to complain to a Data Protection Authority about our collection and use of your personal data. For more information, please contact your local data protection authority in the European Union (EU).

    Service Providers

    We may employ third party companies and individuals (“Service Providers”) to facilitate our Services, to provide the Services on our behalf, to perform Services-related services or to assist us in analyzing how our Services are used.

    These third parties have access to your personal data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

    Do Not Track

    Your browser or device may include “Do Not Track” settings or functionality. Currently, our systems do not recognize browser “Do Not Track” requests. However, you may disable certain tracking on our Website, as discussed above (e.g., by disabling cookies). For more information about Do Not Track signals, please go to: https://allaboutdnt.com.

    Analytics

    We may use third-party Service Providers to monitor and analyze the use of our Services.

    Google Analytics
    Google Analytics is a web analytics service offered by Google that tracks and reports website traffic using cookies. Google uses the data collected to track and monitor the use of our Services. The information generated by the cookies about your use of the Services will be transmitted to and stored by Google on servers in the United States. If you access the Services through different devices, Google may associate your devices with one another. Google has developed the Google Analytics opt-out browser add-on for the Google Analytics JavaScript (ga.js, analytics.js, dc.js). You can prevent Google’s collection and use of the data it collects as defined in its policy by downloading and installing this browser plug-in: https://tools.google.com/dlpage/gaoptout?hl=en-GB. For more information about Google Analytics cookies, please see Google’s help pages (https://support.google.com/analytics/answer/6004245) and privacy policy (https://www.google.com/intl/en/policies/privacy/).

    Payments

    We use third-party services for payment processing (e.g. payment processors).

    We will not store or collect your payment card details. That information is provided directly to our third-party payment processors whose use of your personal data is governed by their Privacy Policy. We are not responsible for these third-party payment processors.

    The payment processors we work with are:

    • Stripe. For more information on the privacy practices of Stripe, please visit https://stripe.com/us/privacy
    • PayPal. For more information on the privacy practices of PayPal, please visit https://www.paypal.com/us/webapps/mpp/ua/privacy-full

    Opt-Out Rights

    You may opt out of receiving marketing materials from us by following the unsubscribe link or instructions provided in any email we send.

    International Transfer

    Your information, including personal data, may be transferred to—and maintained on—computers located outside of your country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction. Under the laws of these other jurisdictions, in certain circumstances foreign courts, law enforcement agencies or regulatory agencies may be entitled to access your personal data without notice to you.

    If you are located outside the United States and choose to provide information to us, please note that we transfer the information, including personal data, to the United States and process it there.

    Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

    Links to Other Sites

    Our Services may contain links to other sites that are not operated by us. If you click on a third party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit.

    We have no control over, and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

    Children’s Privacy Protection

    Persons under the age of majority in their applicable jurisdiction are not eligible to use our Services without the supervision of a parent or guardian. We do not permit children under the age of 13 (or such lesser age as provided by the applicable jurisdiction) to use or access our Services. We will not knowingly collect personal information from children under the age of 13 (or such lesser age as provided by the applicable jurisdiction). If you have reason to believe that a child under the age of 13 (or such lesser age as provided by the applicable jurisdiction) has provided personal data to us without parental consent, please contact us as provided below.

    Changes to this Privacy Policy

    We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

    You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

    If we make any material changes to this Privacy Policy, we will notify you either through the email address you have provided us, or by placing a prominent notice on our website.

    Contact Us

    If you have general inquiries, questions, concerns, or comments about the Privacy Policy, please contact us using the contact form on the Website.