Privacy Policy

Last updated: 12/14/2024

Introduction

Welcome to ZestLife! We respect your privacy and are committed to protecting your personal data through our compliance with this Privacy Policy.
This Privacy Policy describes the types of information we may collect from you or that you may provide and our practices for collecting, using, maintaining, protecting, and disclosing that information when you visit the website https://getzestlife.com (our “Website ”), use ZestLife’s mobile and desktop applications (our “Applications”), or engage with any other ZestLife Services (collectively, “Services”).
Collectively, our Website, Application, and Services are hereafter referred to as our “Platform”. This Privacy Policy, together with our Terms of Use and incorporated herein by reference, constitute a legal and binding agreement between you (“User” as defined below) and ZestLife, Inc. (“ZestLife,” “Company,” “we,” “us,” and “our”). This Privacy Policy will use the same definition of “User” and “Group Leader” as defined in our Terms of Use.
This Privacy Policy will govern your use of the communication platform offered by ZestLife. We offer an online platform to allow therapists, psychiatrists, psychologists, coaches, social workers, or other licensed or unlicensed professionals (each, a “Group Leader”) and the individuals (each, a “User”) to connect with each other through our Platform. It is the User’s choice to engage in services offered by a Group Leader on the Platform.
This Privacy Policy applies to information we collect:
  • On this Platform.
  • In email, text, and other electronic messages between you and the Company.
  • Through our Applications you download from our Website, Apple App Store, and Google Play Store which provide dedicated non-browser-based interaction between you and our Website.
  • When you interact with our advertising on third-party websites and services, if those advertising include links to this Privacy Policy.
  • Through interactions in other groups on our Platform.
It does not apply to information collected by:
  • Us offline or through any other means, including any other website operated by Company or any third party.
  • Any third party, including our affiliates and subsidiaries, through any means, including advertisement, application or content that may link to or be accessible from or on our Platform.
Please read this Privacy Policy carefully to understand our policies and practices regarding your information and how we will treat it. By accessing or using our Platform, you agree to this Privacy Policy. This Privacy Policy may change from time to time (see Changes to Our Privacy Policy). Your continued use of our Platform after we make changes is deemed to be acceptance of those changes, so please check this Privacy Policy periodically for updates.
By accessing, registering, or using ZestLife’s services, including browsing our Platform, you expressly and unambiguously consent to the collection, processing, storage, and use of your personal information as described in this Privacy Policy. If you disagree with any part of this Policy, please discontinue using our services immediately.

Children Under the Age of 13

Our Platform is not intended for children under 13 years of age. No one under age 13 may provide any Personal Information to or on the Platform without parental consent. We do not knowingly collect Personal Information from children under 13. If you are under 13, do not use or provide any information on the Platform or on or through any of its features, register on the Platform, make any purchases through the Platform, use any of the interactive or public comment features of the Platform, or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or username you may use. If we learn that we have collected or received Personal Information from a child under 13 without parental consent, we will delete that information. If you believe we might have any information from or about a child under 13, please contact us at support@getzestlife.com.

Information ZestLife Collects for Users and How We Collect It

While the information we collect varies depending upon the nature of the Services provided or used on the Platform or our interactions with individuals, we collect several types of information from and about Users of our Platform, including:
  • Personal Information, including name, date of birth, education, nationality, gender, contact information (e.g., address, email, telephone number, third party emergency contact information), as well as any information you choose to share that may identify you.
  • Personal Health Information, including: information related to your personal health (e.g., insurance number, therapy schedule, licensed professional you receive care from on the Platform).
  • Other ZestLife Services related data (e.g., customer requests, statistics), geolocation data with your permission (e.g. geolocation data sent via a mobile device), online identifiers (e.g. IP address, device IDs), and cookie-related data as described below and as detailed in our Third-Party Use of Cookies and Other Tracking Technologies.
  • Pictures or videos uploaded by you.
  • Financial and transaction data (e.g., purchase history, account information, shipping and billing information, including credit card information).
  • Information to verify your identity (e.g., licensure information, education, drivers license, background checks).
  • Background Checks: We collect and store information related to background checks conducted on Group Leaders or other professionals to ensure the safety and integrity of our platform.
  • Information about your internet connection, the equipment you use to access our Platform, and usage details.
We collect this information:
  • Directly from you when you provide it to us; and/or
  • Automatically as you navigate through the site. Information collected automatically may include usage details, IP addresses, and information collected through cookies, analytics (including Google Analytics), and web beacons.
Electronic consents:
  • Electronic Signature: By providing your electronic signature, you agree to enter into legally binding agreements equivalent to signed, written contracts. This consent is legally binding and effective as of the date of your electronic signature.
  • Background Check Consent: By consenting electronically, you authorize ZestLife to conduct a background check and verify the provided information. The results will determine your eligibility to join the ZestLife platform as a Group Leader.
  • Business Associate Agreement (BAA) Consent: By consenting electronically, you agree to the terms of the Business Associate Agreement, including compliance with laws and regulations regarding personal health information (PHI).
  • Service Agreement (SA) Consent: By consenting electronically, you agree to the terms of the Service Agreement and understand your responsibilities and obligations.
By using the ZestLife platform and providing these consents, you acknowledge and agree to these terms and the collection of this information.

Documents and Verifications

For the purposes of ensuring the quality and credibility of our Group Leaders and the services they offer on our Platform, we may require Group Leaders to upload specific documents. This includes, but is not limited to, documents verifying licensure or credentials, proof of insurance, and signed agreements such as a Business Associate Agreement (BAA) and Service Agreement (SA). By uploading these documents, Group Leaders consent to our processing and storing of these documents for verification, quality control, and legal compliance purposes. All uploaded documents are treated with utmost confidentiality and in alignment with applicable laws and regulations.

Information ZestLife Collects for Employees and Sub-Contractors

Federal law requires us to obtain, verify, and record Personal Information, such as your name, address, and date of birth, in order to confirm your identity, social security number, and banking information.
ZestLife collects, retains, and uses Personal Information from employees and subcontractors including the following:
  • Information ZestLife receives on applications or other forms, including, but not limited to, identifying information such as address, telephone number, email address, social security number, date of birth, mother's maiden name, and medical history.
  • Federal Tax ID #.
  • Medical records.
  • Investment information.
  • Background security checks.

Information We Collect Through Messaging, Announcements, and Message Boards

When you use direct messaging (including 1:1 messaging), view or post Announcements, or participate in Group or Cohort Message Boards, we may collect and store:
  • The content of your messages, Message Board posts, and Announcements;
  • Attachments, including but not limited to documents, images, or videos;
  • Metadata such as sender, recipient, timestamps, and engagement data (e.g., views or responses).
Some of this information may qualify as Protected Health Information (PHI) if you are communicating with a licensed healthcare professional operating in their professional capacity. In such instances, HIPAA or other privacy laws may apply, as described below.

How We Use Messaging, Announcement, and Message Board Information

ZestLife uses this information to:
  • Facilitate communication among Users and Group Leaders, including in Groups, Cohorts, and one-on-one settings;
  • Monitor and moderate content for compliance with our Terms of Use and applicable laws;
  • Investigate and address user support requests, technical issues, or reported violations;
  • Improve the quality, security, and user experience of the Platform;
  • Comply with legal, regulatory, or administrative requests, subpoenas, or court orders, and to protect our rights, interests, or the safety of our Users and third parties.
Important Note on PHI Usage: When handling PHI, ZestLife will comply with applicable privacy laws and regulations, including HIPAA, to the extent we are considered a Business Associate or otherwise legally obligated. PHI will only be used or disclosed in compliance with these laws, and we will not use PHI for marketing or promotional purposes without appropriate authorization. Our use and disclosure of PHI are further governed by any Business Associate Agreements (BAAs) we may have in place with licensed professionals providing healthcare services on our Platform.

Review of Messages and Message Boards

While we do not routinely review private communications, ZestLife may access and review direct messages, Message Board posts, and Announcements for support, compliance, enforcement, or legal purposes as described in the Terms of Use. We apply commercially reasonable privacy and security standards when handling all User data, and we employ heightened safeguards when dealing with PHI. Any PHI reviewed in this process will be handled in accordance with HIPAA and other applicable privacy laws.

Handling PHI and HIPAA Compliance

If you engage with a licensed mental health professional or other healthcare provider on the Platform, and PHI is involved, ZestLife may enter into a BAA and implement additional safeguards as required by HIPAA and applicable law. Under these circumstances:
  • Compliance with HIPAA: To the extent we act as a Business Associate under HIPAA, we will only use and disclose PHI as permitted or required by the BAA or applicable law.
  • Limited Use and Disclosure: ZestLife will not use PHI for non-healthcare related marketing purposes without obtaining the necessary authorization.
  • User Consent: By using the Platform, you understand and acknowledge that certain communications may not be fully protected under HIPAA if they do not occur within the scope of a licensed provider’s healthcare services or if no BAA applies. Users are encouraged to discuss with their provider whether their communications will be subject to HIPAA.

Data Security and Limitations

ZestLife employs reasonable measures to secure data related to messages, Announcements, and Message Boards, including encryption in transit and at rest, access controls, and intrusion detection systems. However, no data transmission or storage system is completely secure. By using these features, you acknowledge these inherent risks and agree that ZestLife shall not be liable for any unauthorized access, breaches, or misuse of your information. When PHI is involved, we will follow HIPAA’s Security Rule standards and other applicable laws to implement appropriate safeguards.

Information We Collect Through Automatic Data Collection Technologies

As you navigate through and interact with our Website, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:
  • Details of your visits to our Website, including traffic data, location data, logs, and other communication data and the resources that you access and use on the Website.
  • Information about your computer and internet connection, including your IP address, operating system, and browser type.
We also may use these technologies to collect information about your online activities over time and across third-party websites or other online services (behavioral tracking). The information we collect automatically is statistical data and may include Personal Information. We may maintain it or associate it with Personal Information we collect in other ways or receive from third parties. It helps us improve our Website and deliver a better and more personalized service, including by enabling us to:
  • Estimate our audience size and usage patterns.
  • Store information about your preferences, allowing us to customize our Website according to your individual interests.
  • Speed up your searches.
  • Recognize you when you return to our Website.
The technologies we use for this automatic data collection may include:
  • Cookies (or Browser Cookies). A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting you may be unable to access certain parts of our Website. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Website.
  • Flash Cookies. Certain features of our Website may use local stored objects known as Flash cookies to collect and store information about your preferences and navigation to, from, and on our Website. Flash cookies are not managed by the same browser settings as are used for browser cookies.
  • Web Beacons. Pages of our Website and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company to collect website statistics, such as the number of users who have visited those pages or opened an email or the popularity of certain website content, and to verify system and server integrity.

Third-Party Use of Cookies and Other Tracking Technologies

Some content or applications, including advertisements, on the Website are served by third-parties, including advertisers, ad networks and servers, content providers, and application providers. These third parties may use cookies alone or in conjunction with web beacons or other tracking technologies to collect information about you when you use our website. They may collect information associated with your Personal Information or information, including Personal Information, about your online activities over time and across different websites and other online services. They may use this information to provide you with interest-based (behavioral) advertising or other targeted content.
We do not control these third parties' tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly.

How We Use Your Information

We use information that we collect about you or that you provide to us, including any Personal Information:
  • To present our Platform and its contents to you.
  • To provide you with information, products, or services that you request from us.
  • To fulfill any other purpose for which you provide it.
  • To provide you with notices about your account, including expiration and renewal notices.
  • To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection.
  • To notify you about changes to our Platform or any products or services we offer or provide through it.
  • To allow you to participate in interactive features on our Platform.
  • In any other way we may describe when you provide the information.
  • For any other purpose with your consent.
  • For Group Leaders that post public profiles and groups, some information may be used publicly throughout the Platform.
  • To send you reminders, technical notices, updates, security alerts and support, and administrative messages.
  • Manage our everyday business needs such as Platform administration, analytics, fraud prevention, or to comply with the law.
We may use the information we have collected from you to enable us to display advertisements to our advertisers' target audiences. Even though we do not disclose your Personal Information for these purposes without your consent, if you click on or otherwise interact with an advertisement, the advertiser may assume that you meet its target criteria.

Disclosure of Your Information

We may disclose aggregated information about our users, and information that does not identify any individual, without restriction.
We may disclose Personal Information that we collect or you provide as described in this Privacy Policy:
  • To our subsidiaries and affiliates.
  • To contractors, service providers, and other third parties we use to support our business and who are bound by contractual obligations to keep Personal Information confidential and use it only for the purposes for which we disclose it to them.
  • To Group Leaders who facilitate and lead Groups offered on the Platform. This includes sharing your name, email address, and phone number with a Group Leader when you join a group or make a cohort reservation, to facilitate communication, coordination, and the provision of services.
  • To Group Leaders who facilitate and lead Groups offered on the Platform.
  • To professional licensing boards to check Therapists’ credentials.
  • To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of ZestLife's assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Information held by ZestLife about our Website users is among the assets transferred.
  • To third parties to market their products or services to you if you have consented to or not opted out of these disclosures; however, we will never share Personal Health Information without consent and will fully comply with Health Insurance Portability and Accountability Act (“HIPAA”) regulations.
  • To fulfill the purpose for which you provide it. For example, if you give us an email address to use the "email a friend" feature of our Website, we will transmit the contents of that email and your email address to the recipients.
  • For any other purpose disclosed by us when you provide the information with your consent.
We may also disclose your Personal Information:
  • To comply with any court order, law, or legal process, including to respond to any government or regulatory request.
  • To enforce or apply our Terms of Use and other agreements, including for billing and collection purposes.
  • If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of ZestLife, our users, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
We may share Non-Personal Data with analytics companies to learn information about how our Users interact with the Platform. This enables us to optimize the Services and improve our efforts. These analytics services may use cookies, web beacons and other devices and technologies to track traffic data. Data that they collect typically includes, but is not limited to, your IP address, your ISP, the browser you use to visit our Site. This Privacy Policy does not apply to, and we are not responsible for, such technologies placed by third party analytics services.

Disclosure Regarding Third-Party Access to Non-Secure Communications

When utilizing the Services, including by sending emails or messages to other Users, Group Leaders, various technicians and administrators who maintain these Services may have access to the content of your communications. Hackers can also gain access. In some cases, these accesses are more likely than in others. Make careful consideration when using a work email, school, or institutional email addresses. For example, if you use your work email to communicate, your employer may have legal access your email communications.
Additionally, people that can access your computer, mobile phone, and/or other devices may also have access to your email or messages that you receive from the Services. Think about who has access to which email accounts and devices you use.

Choices About How We Use and Disclose Your Information

We strive to provide you with choices regarding the Personal Information you provide to us. We have created mechanisms to provide you with the following control over your information:
  • Tracking Technologies and Advertising. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. To learn how you can manage your Flash cookie settings, visit the Flash player settings page on Adobe's website. If you disable or refuse cookies, please note that some parts of this site may then be inaccessible or not function properly.
  • Choosing to Unsubscribe. You can opt out of receiving our emails by following the unsubscribe instructions included in each such email or by contacting support@getzestlife.com.
  • Requesting Deletion of Your Information. You can request to delete Personal Information you have provided to us by contacting support@getzestlife.com. We retain your information only for as long as needed to provide you the services or as long as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
We do not control third parties’ collection or use of your information to serve interest-based advertising. However, these third parties may provide you with ways to choose not to have your information collected or used in this way. You can opt out of receiving targeted ads from members of the Network Advertising Initiative on its website.

Accessing and Correcting Your Information

You can review and change your Personal Information by logging into our Platform and visiting your account profile page.
You may also send us an email at support@getzestlife.com to request access to, correct or delete any Personal Information that you have provided to us. We cannot delete your Personal Information except by also deleting your user account. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.
If you delete your User Contributions from the Platform, copies of your User Contributions may remain viewable in cached and archived pages and/or may have been copied or stored by other Users. Proper access and use of information provided on the Platform, including User Contributions, is governed by our Terms of Use.

Handling of Protected Health Information (PHI)

ZestLife recognizes the sensitive nature of Protected Health Information (PHI) and is deeply committed to ensuring its confidentiality, security, and proper handling. As we facilitate the platform, we want you to be confident about how we manage and protect your data. Here’s how we ensure its security:
  • Storage. We store select components of PHI, like names, addresses, group details, and payment data, adhering strictly to the HIPAA Security Rule.
  • Payment & Transactions. Payments processed by ZestLife from Users to Group Leaders might require accessing certain PHI. All such processes are compliant with HIPAA's privacy and security standards.
  • Support & Queries. For customer support, we might refer to PHI, but always in a manner consistent with HIPAA guidelines.
  • Reminders. We utilize PHI for sending timely reminders to Users about sessions or appointments, ensuring the highest privacy standards.
  • Feedback & Reviews. We might use contact details from PHI to solicit feedback after group sessions. We urge users not to share sensitive health data in reviews.
  • Data Minimalism. At all times, ZestLife uses or requests the least amount of PHI necessary for service provision.
By engaging with ZestLife’s platform and services, you entrust us with your information, and we commit to upholding the highest standards of data security and privacy.

Data Aggregation

ZestLife reserves the right to aggregate user data in a manner where individual users are not identifiable. This aggregated data may be used for business analysis, market research, platform improvements, and other business-related purposes beneficial to ZestLife's growth and operational efficiency.

User Responsibility

Users are responsible for safeguarding their account details, including passwords, usernames, and other authentication details. ZestLife will not be held liable for any losses, damages, or unauthorized access resulting from users' negligence in securing their own accounts.
Our Privacy Policy pertains exclusively to the ZestLife platform. We may have links to external websites or platforms, and we are not responsible for their content, operations, or privacy policies. Users are encouraged to review the privacy policies of any third-party websites they visit.

Service Fees

For operational reasons, ZestLife retains certain transaction-related data to ensure accurate fee calculations and proper distribution of payments to Group Leaders. This data is stored securely and is solely used for billing and payment purposes.

Feedback And Reviews

By providing feedback, comments, or reviews on our platform, users grant ZestLife the unrestricted right to use, reproduce, and distribute such content for promotional or business purposes without seeking further consent from the user.

Geographical Data

ZestLife may collect geographical data based on IP addresses. This data typically provides city-level precision and is used to connect users with local Groups or offerings. The accuracy of this data is not guaranteed, and users are encouraged to provide precise location data if required.

Notifications

By registering on our platform, users consent to receive various notifications from ZestLife. These can include platform updates, reminders, feedback requests, promotional messages, and other relevant communications. While users have the option to opt-out of marketing emails, crucial platform-related notifications are mandatory for ensuring a smooth user experience. Opting out of essential notifications may be done at the user's risk, and ZestLife is not responsible for any inconvenience or missed opportunities resulting from such opt-outs.

Data Security

We have implemented measures designed to secure your Personal Information from accidental loss and from unauthorized access, use, alteration, and disclosure. All information you provide to us is stored on our secure servers behind firewalls. Any payment transactions and personal health information will be encrypted using SSL technology.
All Personal Health Information will be secured in compliance with HIPAA.
The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Platform, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. We urge you to be careful about giving out information in public areas of the Platform like message boards, chats, and group pages. The information you share in public areas may be viewed by any User or Group Leader.
Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your Personal Information transmitted to our Platform. Any transmission of Personal Information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Platform.

Limitation Of Liability

ZestLife undertakes reasonable measures to protect your personal data from loss, misuse, and unauthorized access or disclosure. However, we cannot guarantee the security of your personal information transmitted through our Platform. ZestLife shall not be held responsible or liable for any unauthorized access, breaches, hacking, or malware attacks on your data. By using our platform, you acknowledge and accept these risks.

Third-Party Group Leaders

While ZestLife provides a platform for Group Leaders to offer their services, we do not monitor or control how these independent professionals handle personal data shared with them by users. Group Leaders are solely responsible for ensuring the privacy and security of user data they access or obtain. ZestLife disclaims any liability regarding the misuse of personal data by Group Leaders.

Indemnification

You agree to indemnify, defend, and hold harmless ZestLife, its officers, directors, employees, agents, licensors, suppliers, and any third-party information providers to the Platform against all losses, expenses, damages, and costs, including reasonable attorneys' fees, resulting from any violation of this Privacy Policy or any activity related to your account (including negligent or wrongful conduct) by you or any other person accessing the Platform using your Internet account.

Changes to Our Privacy Policy

It is our policy to post any changes we make to our Privacy Policy on this page. If we make material changes to how we treat our users’ Personal Information, we will notify you by email to the primary email address specified in your account or through a notice on the Website home page. The date that the Privacy Policy was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date, active, and deliverable email address for you, and for periodically visiting our Website and this Privacy Policy to check for any changes.

No Warranty on Security

While ZestLife employs commercially reasonable security measures to protect the data of our users, we cannot guarantee that unauthorized third parties won't be able to bypass these measures or use your personal information for improper purposes. You acknowledge that you provide your personal information at your own risk.

Contact Information

To ask questions or comment about this Privacy Policy and our privacy practices, contact us at support@getzestlife.com.

Forum of Dispute

Any dispute arising from or relating to this Privacy Policy, the Platform, or our Services must be initiated in a court of competent jurisdiction in the State of California within one (1) year after the claim or cause of action arises. After this period, such claim or cause of action is permanently barred. If you fail to bring a dispute in compliance with this section, we may make a motion to dismiss your claim, and you will be responsible for all of our reasonable attorneys' fees, costs, and disbursements involved in making such a motion.

Additional Privacy Rights for California Residents

If you are a California resident, California law may provide you with additional rights regarding our use of your personal information. To learn more about your California privacy rights, visit https://www.oag.ca.gov/privacy/ccpa. Additionally, we follow and comply with the Confidentiality of Medical Information Act (CMIA).
California's “Shine the Light” law (California Civil Code Section § 1798.83) permits users of our Platform that are California residents to request certain information regarding our disclosure of Personal Information to third parties for their direct marketing purposes. To make such a request, please send an email to support@getzestlife.com.