Irrespective of which country you live in, you authorize us to transfer, store, and use your information in the United States, and any other country where we operate. In some of these countries, the privacy and data protection laws and rules regarding when government authorities may access data may vary from those in the country where you live. Learn more about our data transfer operations in the “International Transfer” section below. If you do not agree to the transfer, storage and use of your information in the United States, and any other country where we operate, please do not use the Sites or Services.
By accessing or using the Sites in any manner, you also agree to be bound by Lark’s Terms and Conditions (the “Agreement”). Please read the Agreement carefully. If you do not accept all of the terms and conditions contained in or incorporated by reference into the Agreement, please do not use the Sites.
We collect information, including personal data, to provide better services to all our Users. We use the term “Personal Data” to refer to any information that identifies or can be used to identify you. Common examples of Personal Data include: full name, email address, digital identity, such as a login name or handle, information about your device, and certain metadata.
“Sensitive Personal Data” refers to a smaller subset of Personal Data which is considered more sensitive to the individual, such as race and ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, genetic or biometric information, physical or mental health information, medical insurance data, or sexual orientation.
When you use our Services, we collect Personal Data and Sensitive Personal Data in the following ways:
You may choose to provide us with Personal Data about yourself, including your name, organization name, title, address, phone number, and email address by completing forms on our website, such as when you request information about our Services or register for a program.
In some instances, you may elect to provide us with location and address information. You may also provide us with Personal Data about yourself when you report a problem or have a question about our services.
The Sites offer interactive and social features that permit you to submit content and communicate with us. You may provide Personal Data to us when you post information in these interactive and social features. Please note that your postings in these areas of the Sites may be publicly accessible or accessible to other Users.
• Mobile Application
Certain information is required when creating an account to use our Services on the mobile application, such as your name, email address and password.
In addition, in order to improve your experience with the Services, you may choose to provide additional information such as your gender, birth date, ethnicity, weight, height, insurance provider, physical activity, eating habits, health goals, diet preferences, sleep tracking data and other health information, such as heart rate, blood pressure and glucose level. You can choose not to provide certain information, but then you may not be able to register for the Lark Services or take advantage of some features of the Services.
In connection with the use of the Services, your mobile device may collect certain data points like activity and sleep habits. When your device syncs with Lark’s application, certain data recorded on your device is transferred from your device to our servers.
• Coaching Services
Our coaching services are a platform for you to communicate with a health, fitness or wellness coach (“Coaching Services”). These Coaching Services may be provided by third parties, such as your employer or insurance company, such as Lark Partners or by our third-party coaching service providers. If you use our Coaching Services, we collect information about such use, including your goals and other information submitted by you for the purpose of using the Coaching Services.
Coaching Services may be offered via online meeting platforms such as Google Meet, which will require the user to access a link via email or create an account with such third-party site. Individuals who do not have access to such online sites or do not wish to access such sites, can call into the meeting via telephone.
We collect certain information automatically, such as your operating system version, browser type, and internet service provider. We also collect information about your interaction with the Services, such as creating or logging into your account, or opening or interacting with the Services on your mobile device. When you use our Site, we automatically collect and store this information in service logs. This includes: details of how you used our Site; internet protocol address; cookies that uniquely identify your browser, the referring web page and pages visited. We may also collect and process information about your actual location. The information we collect automatically is statistical data and may or may not include Personal Data, but we may maintain it or associate it with Personal Data we collect in other ways or receive from third parties.
• Location Data
If you grant us access to your location, Lark may collect information about your location when you use our Sites and Services. Your location can be determined by: GPS, IP address, and information about things near your device, such as Wi-Fi access points and cell towers. When you use our Services via a wireless device, we may solicit your permission to collect your location data. Some features within our application may only function upon confirmation of your location, and therefore such features will not be available if you choose not to provide your location data to us. The specificity of the location data collected may depend on a number of factors, including the device you are using (e.g. laptop, smartphone or tablet) and how you are connected to the Internet (e.g., via cable broadband connection, WiFi). If you enable location services for our mobile application, we may collect location data periodically as you use or leave open our mobile application. We may associate such location data with Personal Data you provide to us. Depending on the platform you use to access our mobile application (e.g., Apple’s iOS, Google’s Android), you may be able to control whether location data is collected from within “Settings” or other controls on your wireless device or the mobile application.
• Device ID
When using our Services, we or our service provider may collect your unique device ID. We may use such information for internal purposes and to provide you a better experience, such as to troubleshoot application problems you may experience. We may associate device ID with personal information you provide to us. You may learn more about opt out of any anonymous device ID collection via the privacy settings available within your mobile device.
We may partner with third parties, such as employers and insurance companies, that offer Lark Services to their employees and customers. In such cases, those companies may provide us with your name, email address, or other personal data, including sensitive personal data, so that we can invite you to participate or determine your eligibility for particular benefits.
To the extent that information we collect is health data or another special category of Personal Data subject to the European Union’s General Data Protection Regulation, we ask for your explicit consent to process the data. We obtain this consent separately when you take actions leading to our obtaining the data. You can use your account tools to withdraw your consent at any time.
Below is a list of the types of information we collect:
|Category||Type of Identifiers We Collect|
|Identifiers||First and last name, address, unique personal identifier, online identifier, date of birth, Internet Protocol address, email address, account name or other similar identifiers|
|Personal information categories||Telephone number, passport number, driver’s license or state identification card number, insurance policy number, medical information, or health insurance information|
|Protected classification characteristics||Age, race, ethnicity, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions)|
|Biometric information||Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as height, weight, gait, heart rate, blood pressure, glucose levels or other physical patterns, and sleep, health, diet preferences and exercise data|
|Google Fit / Apple Health Kit Data||Heart rate, blood glucose, blood pressure, body measurements, physical activity, and location data|
|Geolocation data||Physical location or movements|
|Inferences drawn from other personal information||Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes|
We obtain the categories of Personal Information listed above from the following categories of sources:
We and our partners use various technologies to collect and store information when you visit one of our services, and this may include using cookies or similar technologies to identify your browser or device. We also use these technologies to collect and store information when you interact with services from our partners, such as advertising services. Our third party advertising and analytics partners include Google, Lead Forensics and similar partners.
Web Beacons. Pages of our services or our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags and single-pixel gifs) that permit us, for example, to count Users who have visited those pages or opened an e-mail and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
Clickstream Data. Clickstream data is information collected by our computers when you request Web pages from the Sites. Clickstream data may include information such as the page served, the time spent viewing the page, source of the request, type of browser making the request, the preceding page viewed and similar information. Clickstream data permits us to analyze how visitors arrive at the Sites, what type of content is popular, what type of visitors in the aggregate are interested in particular kinds of content on the Sites.
Mobile Device Identifiers and SDKs. A mobile SDK is the mobile app version of a web beacon (see “Web Beacons” above). The SDK is a bit of computer code that app developers can include in their apps to enable ads to be shown, data to be collected and related services or analytics to be performed.
We share certain data with Social Networks to allow us to target existing Users and customers with highly relevant advertising campaigns. We will not share your name, address, email address, telephone number or other personal information for the purpose of such campaigns. If you do not wish to receive advertisements in this way, please follow the links available here and here.
We use your Personal Data in ways that are compatible with the purposes for which it was collected or authorized by you, including for the following purposes:
We use the information we collect from our Sites to provide, maintain, and improve them, to develop new services, and to protect our company and our Users.
We use Google Fit and Apple Health Kit data (heart rate, blood glucose, blood pressure, body measurements, physical activity, and location data) to assist with coaching our members so that they can maintain a healthy lifestyle. This data is stored in AWS and all PII/PHI is protected and used only by Lark to assist with coaching.
We use information collected from cookies and other technologies, to improve your User experience and the overall quality of our services. We may use your Personal Data to see which web pages you visit at our Site, which website you visited before coming to our Site, and where you go after you leave our Site. We can then develop statistics that help us understand how our visitors use our Site and how to improve it. We may also use the information we obtain about you in other ways for which we provide specific notice at the time of collection.
Whenever we collect Personal Data from you, we may do so on the following legal bases:
Provided that, in each circumstance, we will weigh the necessity of our processing for the purpose against your privacy and confidentiality interests, including taking into account your reasonable expectations, the impact of processing, and any safeguards which are or could be put in place. In all circumstances, we will limit such processing for our legitimate business interest to what is necessary for its purposes.
We do not share Personal Data with companies, organizations and individuals outside of Lark unless one of the following circumstances applies:
• With Your Consent. We will share Personal Data with companies, organizations or individuals outside of Lark when we have your consent to do so. When we share health and fitness Personal Data, we do so for the purpose of improving health management or for purpose of health research.
• Enterprise Accounts. Your employer or your organization may offer you access to our Services. We will share Personal Data with your employer or organization. When we share health and fitness Personal Data, we do so for the purpose of improving health management or for purpose of health research and with your consent. Your employer or organization can review and manage your use of such enterprise Services.
• Your Insurance Provider. We may share your Personal Data with the insurance provider you identify to us (and do so via our Lark Partners) to determine eligibility, or otherwise obtain a benefit plan and other insurance-related information about you. When we share health and fitness Personal Data, we do so for the purpose of improving health management or for purpose of health research and with your consent.
• For Legal Reasons. We will share Personal Data with companies, organizations or individuals outside of Lark if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to:
We attempt to notify Users about legal demands for their Personal Data when appropriate in our judgment, unless prohibited by law or court order or when the request is an emergency. We may dispute such demands when we believe, in our discretion, that the requests are overbroad, vague or lack proper authority, but we do not promise to challenge every demand.
• Business Transfers. If we establish a new related entity, are acquired by or merged with another organization, or if substantially all of our assets are transferred to another organization, Personal Data about our Users is often a transferred business asset. In the event that Lark itself or substantially all of our assets are acquired, Personal Data about our Users may be one of the transferred assets.
• Non-Personal and Aggregate Site Use Information. Lark may compile and share your information in aggregated form (i.e., in a manner that would not personally identify you) or in de-identified form so that it cannot reasonably be used to identify an individual (“De-Identified Information”). We may disclose such De-Identified Information publicly and to third parties, for example, in public reports about exercise and activity, or to Lark Partners under agreement with us. Lark may also disclose De-Identified Information for general research purposes and in research collaborations with third parties, such as universities, hospitals or other laboratories to determine the prevalence of particular conditions among Users or to determine whether a User might be suitable for research or clinical trials. Lark may also use De-Identified Information for commercial collaborations with private companies for purposes such as product design or enhancement of Services.
Your provision of Personal Data is required in order to use certain parts of our services and our programs. If you fail to provide such Personal Data, you may not be able to access and use our Services and/or our programs, or parts of our Services and/or our programs.
We may retain your Personal Data for a period of time consistent with the original purpose for collection. For example, we keep your Personal Data for no longer than reasonably necessary for your use of our programs and Services and for a reasonable period of time afterward. We also may retain your Personal Data during the period of time needed for us to pursue our legitimate business interests, conduct audits, comply with our legal obligations, resolve disputes and enforce our agreements.
Whenever you use our Services, we aim to provide you with choices about how we use your Personal Data. We also aim to provide you with access to your Personal Data. If that information is wrong, we strive to give you ways to update it quickly or to delete it – unless we have to keep that information for legitimate business or legal purposes. Subject to applicable law, you may obtain a copy of personal information we maintain about you or you may update or correct inaccuracies in that information by contacting us. To help protect your privacy and maintain security, we will take steps to verify your identity before granting you access to the information. In addition, if you believe that personal information we maintain about you is inaccurate, subject to applicable law, you may have the right to request that we correct or amend the information by contacting us as indicated in the How to Contact Us section below.
To the extent you request deletion of your account (and Personal Data associated therewith), Lark will mark the account for deletion and retain the data for up to 45 days. During such time, you will not have access to your account or the mobile application, but you may submit to request to undo the deletion and restore your account and Personal Data during this period. After the 45-day period, to the extent no request is made for restoration, all Personal Data marked for deletion shall be purged.
Our Partners may have additional terms and conditions related to the deletion of personal data. If you have any questions about such policies, please contact us as indicated in the How to Contact Us section below.
You may have certain rights relating to your Personal Information, subject to local data protection law. We aim to provide you with choices about how we use your Personal Information. Subject to applicable law, you may obtain a copy of Personal Information we maintain about you. In addition, if you believe that Personal Information we maintain about you is inaccurate, subject to applicable law, you may have the right to request that we correct or amend the information by contacting us as indicated in the “How to Contact Us” section below. To help protect your privacy and maintain security, we will take steps to verify your identity before granting you access to the information.
Privacy Rights Specific to California Residents
Under the California Consumer Privacy Act, California residents have specific rights regarding their personal information. This section describes Californians’ rights and explains how California residents can exercise those rights.
Below we further outline specific rights which California residents may have under the California Consumer Privacy Act.
Exercising Your Rights
If you are a California resident who chooses to exercise your rights, you can:
You may also designate an agent to exercise your privacy rights on your behalf. In order to designate an authorized agent to make a request on your behalf, you must provide a valid power of attorney, the requester’s valid government-issued identification, and the authorized agent’s valid government issued identification.
Our Response to Your Request
Upon receiving your request, we will confirm receipt of your request by sending you an email. To help protect your privacy and maintain security, we may take steps to verify your identity before granting you access to the information. In some instances, such as a request to delete personal information, we may first separately confirm that you would like for us to in fact delete your personal information before acting on your request.
We will respond to your request within forty-five (45) days. If we require more time, we will inform you of the reason and extension period in writing. If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.
In some cases our ability to uphold these rights for you may depend upon our obligations to process Personal Information for security, safety, fraud prevention reasons, compliance with regulatory or legal requirements, listed below, or because processing is necessary to deliver the services you have requested. Where this is the case, we will inform you of specific details in response to your request.
We may deny your deletion request if retaining the information is necessary for us or our service providers to:
Rights Specific to European Union Residents
The European Union’s General Data Protection Regulation (“GDPR”), and corresponding legislation in the United Kingdom, provide European and United Kingdom residents with certain rights in connection with Personal Data you have shared with us. If you are resident in the European Economic Area, you may have the following rights:
If you need further assistance regarding your rights, please contact us using the contact information provided below and we will consider your request in accordance with applicable law. To make these requests, you may contact us using the contact information below, and we will consider your request in accordance with applicable laws. For your protection, we may need to verify your identity before responding to your request, such as verifying that the email address from which you send the request matches your email address that we have on file. If we no longer need to process Personal Data about you in order to provide our Services or our Sites, we will not maintain, acquire or process additional information in order to identify you for the purpose of responding to your request.
In some cases our ability to uphold these rights for you may depend upon our obligations to process personal information for security, safety, fraud prevention reasons, compliance with regulatory or legal requirements, or because processing is necessary to deliver the services you have requested. Where this is the case, we will inform you of specific details in response to your request.
You may update or correct information about yourself by making changes to your profile by emailing us at firstname.lastname@example.org. If you completely delete all such information, then your account may become deactivated. We may retain an archived copy of your records as required by law, to comply with our legal obligations, to resolve disputes, to enforce our agreements or for other legitimate business purposes.
We may contact you to request that you update your Personal Data on a regular basis to ensure its integrity for the purposes of ongoing data management.
We currently provide the following opt-out opportunities:
As described above, we or third party partners may place or recognize a unique cookie on your browser when you visit our Sites for the purpose of serving you targeted advertising (also referred to as “online behavioral advertising” or “interest-based advertising”). You may find more information about entities involved in online advertising and additional choices you may make, including opt-out of having your information used for internet-based advertising, through the Network Advertising Initiative (“NAI”) at the NAI Service, and the Digital Advertising Alliance (the “DAA”) at the DAA consumer choice service. Lark is a participant in the online industry’s self-regulatory program administered by the DAA and has agreed to adhere to the DAA’s principles applicable to interest-based ads.
The tools provided at the DAA opt-out page and the NAI opt-out page are provided by third parties, not Lark. Lark does not control or operate these tools or the choices that advertisers and others provide through these tools.
The Sites may contain links to web pages operated by parties other than Lark. We do not control such websites and are not responsible for their contents or the privacy policies or other practices of such websites. Our inclusion of links to such websites does not imply any endorsement of the material on such websites or any association with their operators. Further, it is up to the User to take precautions to ensure that whatever links the User selects or software the User downloads (whether from this Site or other websites) is free of such items as viruses, worms, trojan horses, defects and other items of a destructive nature. These websites and services may have their own privacy policies, which the User will be subject to upon linking to the third party’s website. Lark strongly recommends that each User review the third party’s terms and policies.
We are committed to complying with applicable laws, regulations and mandatory government standards regarding the protection of Personal Data.
If we transfer your Personal Data out of your jurisdiction, we will implement suitable safeguards and rely on legally-provided mechanisms to lawfully transfer data across borders to ensure that your Personal Data is protected.
Lark maintains administrative, technical and physical safeguards designed to protect the User’s Personal Data and information against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use. We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, taking into account technological reality, cost, the scope, context and purposes of processing weighted against the severity and likelihood that the processing could threaten individual rights and freedoms. For example, we restrict access to personal information to Lark employees, contractors, business partners and agents who need to know that information in order to operate, develop or improve our services. These individuals are bound by confidentiality obligations and may be subject to discipline, including termination and criminal prosecution, if they fail to meet these obligations. We use commercially reasonable security measures such as encryption, firewalls, and Secure Socket Layer software (SSL) or hypertext transfer protocol secure (HTTPS) to protect Personal Data.
If Lark collects account information for payment or credit, Lark will use the information only to complete the task for which the account information was offered.
The Site is not intended for use by children. We do not intentionally gather Personal Data about United States visitors who are under the age of 13 or about European Union, United Kingdom or Swiss visitors who are under the age of 16. If a child has provided us with Personal Data, a parent or guardian of that child may contact us to have the information deleted from our records. If you believe that we might have any information from a child under the ages of 13 or 16 in the applicable jurisdictions, please contact us at email@example.com. If we learn that we have inadvertently collected the personal information of a child under the minimum age depending on jurisdiction, we will take steps to delete the information as soon as possible.
Lark does not respond to Do Not Track (DNT) signals. However, some third party sites do keep track of your browsing activities when they serve you content, which enables them to tailor what they present to you. If you are visiting such sites, your browser may include controls to block and delete cookies, web beacons and similar technologies, to allow you to opt out of data collection through those technologies.
California residents are entitled to contact us to request information about whether we have disclosed personal information to third parties for the third parties’ direct marketing purposes. Lark does not disclose personal information to third parties for their direct marketing purposes. California users may request further information about our compliance with this law by emailing us at firstname.lastname@example.org.
• Lark Partner Information. We collect information about individuals within our Lark Partners organization (“Partner Information”). Partner Information may include information related to the Partner’s account, name, work email address, work phone number, job title or similar kinds of information. We use Partner Information to support the Partner account, maintain our business relationship with the Partner, respond to Partner inquiries, or perform accounting functions. Lark Partners may update personal information and password by logging into the Lark Platform and updating their account. Lark Partners may contact Lark support in order to delete their Personal Data. In some cases, we may not be able to delete Partner Information, and in such cases we will tell you why.
• Information about our Partners’ Contacts. We collect information about any contacts, such as practice groups, employees, insured parties, and others, that may be uploaded into the Lark Platform (“Information about our Partners’ Contacts”). Information about our Partner’s Contacts may include name, e-mail address, phone number, job title, or similar kinds of information. We use Information about our Partner’s Contacts for the purposes of providing Services to such contacts. Lark Partners may update or delete Information about their contacts in the Lark Platform. Lark Partners may also contact Lark support in order to update and delete such information. In some cases, we may not be able to delete such information, and in such cases we will tell you why.
• Archival Information. We collect User information for archival purposes on behalf of, and as directed by, our Lark Partners for the purpose of improving health management. This information may include User Personal Data, User communications with health coaches, User medical measurements, among other forms of data or electronic communications (“Archival Information”). Our Lark Partner’s privacy policies or practices apply to Archival Information, the purposes for which the Lark Partner collects Archival Information, how the Lark Partner may use Archival Information and what choices the individual may have with respect to Archival Information. Individuals must contact the applicable Lark Partner in order to correct, amend, or delete their information, or to opt out of any collection, uses or disclosure of their information by our Lark Partner.
• Automatically Collected Information. We collect information automatically about how our Lark Partners use our services (“Automatically Collected Information”). We do this via data collection technologies such as cookies, web beacons, gifs or other tracking technologies. We collect this information in order to monitor, support and improve our services or to provide Lark Partners with certain customized features. We may use Automatically Collected Information to tell us how our Lark Partners use our services, to improve our services or develop new products, services or features. We may combine this information with other information we collect.
We treat Partner Information, Information about our Partner’s Contacts, Archival Information and Automatically Collected Information as the confidential and proprietary information of our Lark Partners, subject to the terms of the Lark Terms and Conditions and any other service agreement between Lark and the Partner. We do not share Partner Information, Information about our Partner’s Contacts, Archival Information or Automatically Collected Information with third parties unless directed to do so by our Partner, as may be necessary to provide services to the Partner, to our advisors, affiliates, representatives, agents, service providers, in connection with a business transaction (such as a merger or sale), as allowed under the terms of our agreement with our Partner, or in response to a court order, subpoena, warrant or to comply with a legal requirement or to cooperate with an investigation. We may disclose Partner Information, Information about our Partner’s Contacts, Archival Information or Automatically Collected Information for the aforementioned reasons, or in order to protect our rights or the rights of our affiliates, Lark Partners, business partners or service providers.
We will retain Partner Information we process on behalf of our Lark Partners for as long as needed to provide services to our Partner, or for the period of time requested by a particular Partner.
With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, Lark is subject to the regulatory and enforcement powers of the U.S. Federal Trade Commission.
Pursuant to the Privacy Shield Frameworks, EU and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under Privacy Shield, should direct their query to email@example.com. If requested to remove data, we will respond within a reasonable timeframe.
We will provide an individual opt-out choice, or opt-in for sensitive data, before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to firstname.lastname@example.org.
In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Lark’s accountability for personal data that it receives in the United States under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, Lark remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Principles, unless Lark proves that it is not responsible for the event giving rise to the damage.
In compliance with the Privacy Shield Principles, Lark commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield. European Union and Swiss individuals with Privacy Shield inquiries or complaints should first contact Lark by email at email@example.com or via post at:Lark Technologies, Inc.
Lark has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint. This service is provided free of charge to you.
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction.
Send email to: firstname.lastname@example.org
Send mail to our address:Lark Technologies, Inc.