Privacy Policy

Introduction
This Privacy Policy (“Policy) describes SetPoint Medical Corporation (or “SetPoint”) policies on the collection, use and disclosure of Personal Information when you use the SetPoint website(s) and or the services where this Policy is posted or otherwise provided by SetPoint (interchangeably referred to in this Policy as the “Site” or the “Services”). Some of the information we collect when you visit the Site or use the Services may be Personal Information as defined below. SetPoint understands the importance of privacy to our customers, visitors, suppliers, business partners, employees and other individuals (also: “you” or the “user” or the “participant” or “data subject”). We are committed to protecting and respecting your privacy.

SetPoint (referred to as either “SetPoint”, “We”, “Us” or “Our” in this Agreement) refers to SetPoint Medical Corporation, located at 25101 Rye Canyon Loop, Valencia, CA 91355.

This Policy applies only to information collected through the website on which it is posted or for services where it is referenced. It does not apply to third-party platforms or other SetPoint-operated platforms on which it is not posted. It also does not apply to information collected through other channels where it is not linked or referenced, such as by phone or in person, or as part of a clinical study.

If you visit this Site or use the Services, we may collect, use, disclose, and transfer Personal Information as described in this Policy (and any Privacy Notices that apply to you). In other cases, specific Privacy Notices may be required to comply with the privacy laws where we do business. If you have questions about this Policy, or any Privacy Notice, please contact us using the information provided below.

If you have a disability, you may request access to this Policy in an alternative format by contacting [email protected].

State-specific provisions:

HIPAA

When we provide certain services to our customers, we may receive protected health information (“PHI”) as a business associate of a covered entity under the Health Insurance Portability and Accountability Act (“HIPAA”). This information is used and shared differently from the other Personal Information discussed in this Policy. See the Notice of Privacy Practices from your health care provider or health insurance plan, as applicable, for information about how this PHI may be used and shared, and how to exercise your rights under HIPAA.

Complete agreement
Except as written or communicated in any other disclaimers, policies, or other notices (e.g., related to information you submit in response to a survey) on this Site, this Policy, and the Terms of Use of which it is a part, form the complete agreement between you and SetPoint with respect to your use of this Site. There may be additional terms that apply to particular materials on or sections of this Site.

What is Personal Information?
Personal Information is any information that relates to an identified or identifiable individual. Generally, Personal Information means any information that identifies, relates to, describes or is capable of being associated with, or could reasonably be linked, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, or an online identifier, with you.

Changes to this Policy
SetPoint reserves the right to update or modify this Policy and any Privacy Notice, at any time and without prior notice, by posting the revised version of the Policy or Privacy Notice on this Site. These changes will only apply to the information we collect after we have posted the revised Policy or Privacy Notice on this Site.

Your use of this Site or the Services following any such change constitutes your agreement that all information collected from or about you after the revised Policy is posted will be subject to the terms of the revised Policy. You may access the current version of this Policy at any time by clicking on the link marked “Privacy Policy” at the bottom of each page of the public areas of this Site.

Information We Collect

Personal Information You Manually Provide.
SetPoint collects the information you manually provide when you use this Site or our Services, for example, we collect the information you provide if you choose to complete a questionnaire or survey, contact us with questions (such as by e-mail), or otherwise interact with this Site or our Servces. Some of the information you may choose to manually provide will be Personal Information including but not limited to:

  • Contact data: such as name, title, address, phone number, mailing address, and email.
  • Other identifiers: such as device ID or serial number, various types of personal health information (e.g., health insurance information, medical information, and the like), online identifiers, and other similar identifiers.
  • Communication data submitted by you: such as questions and feedback.
  • Demographic data: such as language, age, and gender.
  • Marketing preferences: such as e-mail subscription and frequency preferences.

Information Automatically Collected
SetPoint collects information that is sent to us automatically by your web browser or mobile device. This information includes but is not limited to:

  • Product use and application data (including date and time of your visit)
  • IP address
  • The browser you are using (including name and version)
  • Your location and other geographic data
  • The website you came from and the website you visit after leaving
  • Pages viewed on the Site
  • Links clicked on the Site
  • Time spent on a particular page of the Site or the Site as a whole
  • Site data used to facilitate the use of the Site such as login and technical data
  • Videos you may view on the Site

The information we receive may depend on your browser or device settings. The information we receive from your web browser and device typically is not, in and of itself, personally identifiable. However, we may combine it with other information that may identify you or we may combine it with information that does identify you.

Information Collected by Cookies and Other Technologies
A cookie is a small piece of text sent to your browser by a website you visit. It helps the site remember information about your visit, which can make it easier to visit the site again and make the site more useful to you.
We use “cookies” and other technologies to collect information and support certain features of this Site. For example, we may use these technologies to:

  • Collect information about the ways visitors use this Site—which pages they visit, which links they use, and how long they stay on each page
  • Support the features and functionality of this Site—for example, to save you the trouble of reentering information already in our database or to prompt the settings you established on previous visits
  • Personalize your experience when you use this Site; and
  • Improve our marketing efforts, including through use of targeted advertising.

The information we collect using cookies and similar technologies is not, in and of itself, personally identifiable, but we may link it to Personal Information that you provide. If you do not wish to receive cookies, you may set your browser to reject cookies or to alert you when a cookie is placed on your computer. Although you are not required to accept cookies when you visit this Site, you may be unable to use all of the functionality of this Site if your browser rejects our cookies.

We use both session and persistent Cookies for the purposes set out below:

Necessary / Essential Cookies

  • Type: Session Cookies
  • Administered by: Us
  • Purpose: These Cookies are essential to provide You with services available through the Website and to enable You to use some of its features. They help to authenticate users and prevent fraudulent use of user accounts. Without these Cookies, the services that You have asked for cannot be provided, and We only use these Cookies to provide You with those services.

Cookies Policy / Notice Acceptance Cookies

  • Type: Persistent Cookies
  • Administered by: Us
  • Purpose: These Cookies identify if users have accepted the use of cookies on the Website.

Functionality Cookies

  • Type: Persistent Cookies
  • Administered by: Us
  • Purpose: These Cookies allow us to remember choices You make when You use the Website, such as remembering your login details or language preference. The purpose of these Cookies is to provide You with a more personal experience and to avoid You having to re-enter your preferences every time You use the Website.

Tracking and Performance Cookies

  • Type: Persistent Cookies
  • Administered by: Third Parties
  • Purpose: These Cookies are used to track information about traffic to the Website and how users use the Website. The information gathered via these Cookies may directly or indirectly identify you as an individual visitor. This is because the information collected is typically linked to a pseudonymous identifier associated with the device you use to access the Website. We may also use these Cookies to test new advertisements, pages, features or new functionality of the Website to see how our users react to them.

Information Collected by Third-Party Cookies
In addition to the cookies SetPoint delivers to your computer or mobile device through this Site, certain third parties may deliver cookies to you for a variety of reasons. For example, we use Google Analytics, a web analytics tool that helps us understand how visitors engage with our Sites. To learn more about Google Analytics, click here. We may also use other similar third parties. We also use SurveyMonkey for surveys on our Site, such as to help evaluate if you qualify for a clinical study. To learn more about SurveyMonkey, click here.

Other third parties may deliver cookies to your computer or mobile device for the purpose of tracking your online behaviors over time and across nonaffiliated websites and/or delivering targeted advertisements either on this Site or on other websites.

You have choices about the collection of information by third parties on our Sites. For example, if you don’t want information about your visit to this Site sent to Google Analytics, you may download an Opt-out Browser Add-on by clicking here. Please note that the Add-on does not prevent information from being sent to SetPoint.

In addition, if you would like to opt-out of having interest-based information collected by certain entities during your visits to this Site or other websites, please click here. You will be directed to an industry-developed website that contains mechanisms for choosing whether each listed entity may collect and use data for online behavioral advertising purposes. It may be that some of the third parties that collect interest-based information on this Site do not participate in the industry-developed optout website, in which case the best way to avoid third-party tracking of your online behaviors may be through your browser settings and deletion of cookies. Please note that the industry-developed opt-out mechanism is device and browser specific. If you wish to opt-out from having interest-based information collected by participating entities across all devices and browsers, you need take the steps outlined above from each device and browser.

How We Use Your Information
We may use the information we collect through this Site to provide you with access to the Site. Additionally, we may keep and use your information to:

  • provide you with access to this Site.
  • respond to your requests.
  • personalize your access to our Site.
  • develop records (including records of your Personal Information).
  • contact you with pertinent information about products, clinical studies, or important safety information, and about products and services of ours and of others.
  • evaluate your eligibility or interest to enroll in clinical studies.
  • perform analysis, research, develop, and improve programs, products, services, and content.
  • remove your personal identifiers. Once we have de-identified information so that it is considered non-Personal Information, we may treat it like other non-Personal Information.
  • enforce this Policy and other rules about your use of this Site.
  • protect someone’s health, safety, or welfare.
  • protect our rights or property.
  • comply with a law or regulation, court order or other legal process, such as preventing, detecting and investigating security incidents and potentially illegal or prohibited activities.

How We Share Your Information
SetPoint will not share Personal Information about you collected from this website with an unrelated third-party except as provided in this Policy. We may share for the following purposes.

With Third–Party Vendors
In the ordinary course of business, we share some information collected through this Site with third-party vendors who act for us or on our behalf. For example, we may use third-party vendors to design and operate this Site; to conduct surveys and clinical studies; and to help us with our promotional efforts. These third-party vendors may need information about you to perform their functions on our behalf. In general, we require our third-party service providers and vendors to restrict their use of any personally identifiable information to the intended purposes.

With Third-Party Social Media Platforms
We may, where permitted by law and using appropriate safeguards, also use Third-Party Social Media Services to offer you interest-based ads. To offer such ads, we may convert your email address into a unique value which can be matched by social media service vendors with a user on their platform. Although we do not provide any directly identifiable Personal Information to these social media service vendors, they may be able to link these unique values to individual users on their platforms and gain insights about individuals who respond to the ads we serve.

In Aggregate or De-Identified Form

We use information collected through this Site and Services to create a compiled, aggregate view of usage patterns. We may share aggregate information with third parties for various purposes including so they can better understand our user base. We may also share with third parties information about how individuals use this Site and the Services, but only on a de-identified basis. This data is not personally identifiable, but it does reflect the usage patterns of a particular Site or Services user, as opposed to Site or Services users collectively. For clarity, we may use and share aggregated or de-identified data without restriction.

As Part of a Business Transfer
Your information may be transferred to successor organization if, for example, we transfer the ownership or operation of this Site to another organization or if we merge with another organization or liquidate our assets. If such a transfer occurs, the successor organization’s use of your information will still be subject to this Policy and applicable privacy preferences you have expressed to us.

Business Partners
In the ordinary course of business, we share some information collected through this Site with business partners such as clinical study sites or health care providers. For example, we may share information with a clinical study site if you provide us with information indicating your interest in a clinical study. We may also share information with health care providers. Our business partners will generally be bound to confidentiality requirements applicable to their organizations.

To Comply with Laws or Protect Rights
We may disclose your information when we, in good faith, believe disclosure is appropriate to comply with the law, a court order or a subpoena. We may also disclose your information to prevent or investigate a possible crime, such as fraud or identity theft; to protect the security of this Site; to enforce this or other agreements; or to protect our own rights or property or the rights, property or safety of our users or others.

As Described in a Privacy Notice or Click-Through Agreement

We reserve the right to disclose your information as described in any Privacy Notice posted on a page of this Site or provided in connection with the Services where you provide that information. By providing your information on that page you will be agreeing to or consenting to the use and disclosure of your information as described in that privacy notice. We also reserve the right to disclose your information as described in any click–through agreement to which you have agreed.

Other Privacy Notice, Consent, or Agreement
This Policy may be supplemented or amended from time to time by additional privacy notices (“Privacy Notices”), provided at the time we collect your information. For example, certain pages of this Site may contain Privacy Notices providing more details about the information we collect on those particular pages, why we need that information, and choices you may have about the ways we use that information. In other cases, specific Privacy Notices may be required to comply with the privacy laws of one of the countries, provinces, or states in which we do business. We reserve the right to disclose your information as described in any Privacy Notice posted on a page of this Site, or provided to you in connection with our Services, where you provide that information or in accordance with any consent or authorization you otherwise provide.

How We Protect Your Information

We take reasonable precautions to provide a level of security appropriate to the sensitivity of the information we collect. Although we use reasonable measures to help protect your information against unauthorized use or disclosure, we cannot guarantee the security of information provided over the Internet or stored in our databases and will not be responsible for breaches of security beyond our reasonable control.

Transfer and Storage of Your Personal Information

We store, collect, transfer, and process your Personal Information in the United States. Privacy and data protection laws in the U.S. may be different than your country. By submitting your Personal Information, you agree and acknowledge such transfers, storage, and processing, including onward transfers.

Retention of Your Information
SetPoint retains the Personal Information collected on this Site to meet our business purposes, legal obligations, and as permitted or required by applicable law.

Children’s Privacy
We value the online privacy of children. We will not intentionally collect Personal Information about children under the age of 18. If you believe we may have collected Personal Information from a child under the age of 18, please contact us.

Marketing E-mail Opt-out
We may contact you to provide information about products, services and content that may be of interest to you. You may revoke your consent for the receipt of communications that we send to you at any time by using the “unsubscribe” functionality included in our emails to you or by contacting us directly.

You should note that this will not affect all communications from us, for example, we are legally required to provide notices such as notification of a data breach in which case you should expect to receive a notification via email. We may also respond to communications from you, such as if you submit an online form on our Site.

As applicable, please see the State Privacy Addendums to understand your rights.

Data Subject Rights

Your rights will vary depending on which laws apply, and different laws may apply depending on where you or your data reside. You may make a request to exercise any rights that you may have, and we will seek to comply with any laws that apply. You may have the following rights:

  • Know. You may have the right to know about and confirm the existence of Personal Information about you, how we use or share it, what categories of Personal Information we process, our purposes of processing, and categories of parties we disclosed Personal Information to.
  • Access and portability. You may have the right to access your Personal Information, specific pieces of information, and know of third parties Personal Information was disclosed. You may have a right to obtain a copy of your data, including in a machine-readable format or have it transferred to someone else.
  • Correction. You may have the right to correct or amend your data if it is incomplete, inaccurate, or outdated.
  • Deletion or elimination. You may have the right to request your Personal Information be deleted or eliminated. Subject to applicable law, we may de-identify this data in certain circumstances.
  • Restriction. You may have a right to restrict processing of your data in some circumstances, such as if processing is excessive or unlawful, the accuracy of the data is contested, the controller no longer needs the data for its primary processing purposes but is needed for legal or compliance purposes, or if the data is sensitive Personal Information (e.g., health information) and it is being used for purposes beyond those reasonably necessary to perform services or provide goods requested.
  • Objection and optout. You may have the right to object to or opt-out of processing of Personal Information about you in certain circumstances. This can include cases where that data is used for direct marketing (including email or telephonic marketing), shared with third parties for their own marketing or for retargeting or cross-contextual marketing, sold to third parties, used to make certain automated or artificially-generated decisions or profiles about you, used for historical or scientific research, or used to contact you with automated/prerecorded voice telephonic messages in some cases.
  • Consent and cancelation of consent. You may have the right to consent, and to withhold or cancel that consent, for some practices, including processing of sensitive Personal Information (such as health information) or data on children, or where we use consent as our lawful basis for processing or transfer. If you cancel your consent, we will not further collect or process the Personal Information on the basis of that consent unless allowed or required by applicable law.
  • Nondiscrimination. We will not discriminate against you for exercising your rights. This does not necessarily include, where permitted by applicable law in your jurisdiction, cases where a difference in price or services offered is reasonably related to the value provided by Personal Information you provide, or where you consent to participate in a voluntary program offering incentives (such as a loyalty program).
  • Appeal. You may have the right to appeal decisions we make about the exercise of your rights. To submit an appeal to a decision we made about the exercise of your rights, you may send an email to [email protected]. Please enclose a copy, or otherwise specifically reference our decision on your data subject request, to allow us to address your appeal. We will strive to comply with applicable law when we respond to your appeal.
  • Make a complaint. You may have the right to complain to regulators, such as your state attorney general, local data protection agency or authority, or other public bodies responsible for data protection and privacy enforcement. If you are not satisfied with our response to your request or if you have concerns about our data practices.

Submitting a Request or Inquiry

  • If you want to submit a request or inquiry to us regarding privacy rights you may have, you or your authorized agent (someone acting on your behalf) can contact us using our contact information below. You do not have to create an account with us to submit a request.
  • Your request will be confirmed within ten days of receipt and we will respond within 45 days, unless shorter periods are required by law. If we need more than 45 days, we will notify you that your request is being delayed.
  • We can only respond to your request if it is verifiable. This means we are obligated to take reasonable steps to verify your identity or your authorized agent’s authority and your right to access the information you request. In the process of verifying your request, we may contact you to ask for additional information that will help us do so, including government-issued IDs containing your name and address, utility bills containing that same information, and/or unique identifiers like usernames. We will only use that additional information in the verification process, and not for any other purpose. Once we have received and verified the requested information from you, we will contact you with our response to your request, including any data, if applicable. If we do not hear from you or are unable to verify your identity for the request, we will contact you to inform you that we cannot process your request because we cannot verify your identity.
  • We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
  •  We will respond to reasonable requests in accordance with applicable law and subject to legal and contractual restrictions. We will not discriminate against you for exercising these rights.
  • There may be times where we cannot comply with your request. For example, if such disclosure would interfere with the privacy of others or if it would result in a breach of confidentiality. We will provide an explanation for our refusal to grant access. 
  • Residents of states which provide consumer health data with specific protections, please see the Consumer Health Data section for more details.

Data Subject Rights Contact

SetPoint Medical Corp.

25101 Rye Canyon Loop

Valencia, CA 91355

(661) 750 6140

[email protected]

Links to Other Websites
This Site may also contain links to websites that are not operated by or on behalf of SetPoint or its affiliates. These links are provided for your reference and convenience only and do not imply any endorsement of the products sold or information provided through these websites, nor any association with their operators. SetPoint does not control these websites and is not responsible for their data practices. Any information you provide to third parties on their websites is covered under their privacy and data collection policies and is not covered by this Policy. We urge you to review the privacy policy posted on any site you visit before using the site or providing any Personal Information

Contact Us
If you have any questions regarding this policy or about our privacy practices or need to contact us for purposes related to this Privacy Policy, please contact us at [email protected].

Addendum: California Residents Privacy Notice
Effective April 1, 2021

“Do Not Track” Policy as Required by California Online Privacy Protection Act (CalOPPA)
Our Service does not respond to Do Not Track signals. However, some third-party websites do keep track of your browsing activities. If you are visiting such websites, you can set your preferences in your web browser to inform websites that you do not want to be tracked. You can enable or disable DNT by visiting the preferences or settings page of your web browser.

California’s Shine the Light law
Under California Civil Code Section 1798 (California’s Shine the Light law), California residents with an established business relationship with us have the right to request information once a year about the sharing of their Personal Information with third parties for the third parties’ direct marketing purposes. However, SetPoint Medical does not share California residents’ data for the direct marketing purposes of any third parties.

If you are a California resident, you can contact us with any inquiries using the contact information provided in this Policy.

Addendum: Nevada Opt-Out Rights

Your Nevada Opt-Out Rights

We do not sell your Personal Information, but nevertheless we offer an opt out to sales of consumer data in an overabundance of caution as required by, and to ensure compliance with, Nevada law.  Verified requests under Nevada law (NRS 603A) to not make any sale of any covered information we have collected or will collect regarding a consumer, as defined in that law, may be sent to [email protected]. Please include in any such request email “Request for Nevada Opt-Out” in the subject line and in the body of the message. 

Addendum: Consumer Health Data Policy

(including Washington, Nevada, Connecticut)

Effective: July 31, 2025

Various U.S. state laws provide protections for “consumer health data”. This addendum applies to such information by applicable law. Please see the “Exercising Your Rights” section below for instructions regarding how to exercise these rights.

“Consumer Health Data” is used in this addendum as it is defined in the Washington My Health My Data Act (MHMDA) and other laws applicable to the same or similar data. It generally includes any information that is linked or reasonably linkable to an individual and that identifies that individual’s past, present, or future physical or mental health status. Excluded from Consumer Health Data are certain types of health information, such as when we must collect, use, and disclose health information to meet our regulatory obligations or as part of a clinical trial. We do not collect, share, or sell Consumer Health Data except as described in this Privacy Policy and this Addendum or with your consent.

Categories of Consumer Health Data We Collect and Share

We process limited Consumer Health Data and may collect Consumer Health Data from various categories including, individual health conditions, treatment, diseases, or diagnosis; dynamics interventions, health-related surgeries or procedures; use or purchase of prescribed medication; bodily functions, vital signs and symptoms; diagnoses or diagnostic testing, treatment, or medication; genetic data; precise location information that could reasonably indicate a consumer’s attempt to acquire or receive health services or supplies (i.e., geofencing); and data that identifies a consumer seeking health care services.

Sources of Consumer Health Data

We collect Consumer Health Data directly from you, including when you submit information through our website, or other services or platforms we operate.

How SetPoint Medical Uses Consumer Health Data

We use consumer health data to provide consumers information and education about SetPoint Medical’s products and help connect them to a provider that can provide them diagnosis and treatment options.

How SetPoint Medical May Share Consumer Health Data

We may share Consumer Health Data, including the categories of Consumer Health Data, with SetPoint Medical-affiliated companies, service providers acting on our behalf, and others, including health care providers that you select, as necessary to provide you with the products or services you request, or that your authorized representatives request on your behalf.

Exercising Your Rights

Based on applicable laws in your state, you may have the right to:

  • Confirm whether SetPoint Medical is collecting, sharing, or selling Consumer Health Data concerning you and to access this data, including:
    • A list of all third parties and affiliates with or to whom SetPoint Medical has shared or sold the Consumer Health Data
    • Access an active email address or other online mechanism that you may use to contact these third parties
  • Withdraw consent from SetPoint Medical to collect and share your consumer health data
  • Request to have Consumer Health Data concerning you deleted and exercise that right by informing SetPoint Medical of your request for deletion
  • Appeal if SetPoint Medical does not address an attempt to exercise one or more of these rights to your satisfaction

You may request that SetPoint Medical take the actions outlined in the paragraphs above to exercise rights you may have by submitting a request, at any time, to SetPoint Medical. SetPoint Medical will seek to respond within forty-five (45) days.