Privacy Policy

Effective Date: November 12, 2024

Last Updated: November 12, 2024

1. Introduction

Welcome! Your use of the Relevate Health Games LLC d/b/a Level Ex (the “Company”) website located at https://www.levelex.com (the “Website”) and the Level Ex mobile applications (and the services made available through same, the “App”), or interact with experiences hosted on our Remote Play servers (“Remote Play”) (the Website, App and Remote Play together, the “Sites”) constitutes your acceptance of this Privacy Policy (the “Privacy Policy”), which incorporates by reference our Terms and Conditions of Use for the Sites you are using, which Terms and Conditions are set forth therein. If you do not accept this Privacy Policy, you may not use the Sites. If at any time you do not agree to this Privacy Policy, you must cease your use of the Sites.

We value our customers and are committed to protecting their privacy and informing them as to how their personal data will be used. This Privacy Policy sets forth the privacy standards that the Company utilizes to collect, retain, and use personal data obtained from individuals located within the European Union (“EU”), the European Economic Area (“EEA”), and the United Kingdom (“UK”), as well as from individuals located in the United States and elsewhere in the world. It is the Company’s policy to respect, and protect, personally identifiable information obtained from individuals as set forth in this Privacy Policy.

There are certain provisions of this Privacy Policy that only apply to individuals from the EU, the EEA or the UK. Those sections are denoted as “EU/EEA/UK Data Subjects Only.”

There are certain provisions of this Privacy Policy that do NOT apply to individuals from the EU, the EEA or the UK. Those sections are denoted as “Not Applicable to EU/EEA/UK Data Subjects.”

This Privacy Policy does NOT apply to other websites or apps to which we may otherwise link, or to other companies, third-party vendors who provide services to us, or entities who might be listed as third-party contacts on the Sites, each of which may be governed by their own privacy policies. This Privacy Policy also does not apply to information we may obtain from other sources about you. By using the Sites and/or by contacting us and providing any personal data, you consent to the collection, transfer, storage, disclosure and use of information by us in accordance with this Privacy Policy. If we decide to change our Privacy Policy, we will post those changes on this page.

2. Terms

The terms “we“, “us” and “our” refer to the Company, and its officers, directors, owners, employees and agents.

The term “personal data” means any data which relates to a natural person (as opposed to a business or corporate entity) that makes you identifiable. The term “personal data” also includes “personal information” as such term is defined in the California Consumer Privacy Act of 2018 (the “CCPA”) and any other state law, all as applicable. As used herein and in connection with our business, the term personal data may include:

Names and contact information, including phone number, physical address, geographic region, fax and e-mail, all to the extent provided;
Job applicant data;
Service use data;
Device identifiers;
Log data;
Additional content or information you voluntarily provide to us; and/or
Referral source data (i.e., how you ended up at the Sites).

The term “data controller” means the person or entity which decides the purposes for which, and the way in which, any personal data is processed.

The term “data processor” means the person or entity which processes personal data on behalf of the data controller.

The term “processing” means any operation or set of operations performed on personal data. Processing includes, but is not limited to, the collection of data, the organizing of data, the recording or saving/storage of data, the altering of data, the using of data, the disclosing or transfer of data, the deleting or destruction of data, or the making available of data.

3. Why We Collect Information

We collect personal data because: (a) it allows us to provide the Services offered through the Sites; (b) it allows us to respond to questions you or others may have about the Sites or the information provided to you or others on or through the Sites; and (c) it helps us provide and improve the Sites and the information provided from or through the Sites. In addition, your personal data helps us communicate to you through the Sites, as well as to provide additional information related to services, events and other related information about which you might like to hear. We also may correlate your personal data with information from other sources, including personal data we have obtained from or about you through our Sites. For example, we may cross-check the personal data you provide to us against information that might be otherwise available through other entities in order to prevent or detect fraud.

We also collect your personal data, and you hereby consent to our use of your personal data, for the following additional purposes which may be included in, or part of, the Services:

Updating our records;
Monitoring your Sites use history and information reviewed;
Verifying your identity;
Obtaining demographic information of our users;
In connection with any application for employment with the Company;
Internal analysis for our business management purposes;
Any statutory or regulatory purpose which requires the processing of your personal data;
Legal and regulatory compliance;
Fraud and crime prevention;
Internal or external audits; and
Any other purpose for which valid consent is obtained.

4. What Information We Collect About You

We may collect all types of personal data. You agree that we may collect and process all such personal data that you provide to us to enable us to provide the services (the “Services”). These Services may include:

Account and Contact Information, such as your name, email address, physical address, city, postal code, or other details explicitly requested, as well as information to respond to your inquiries and address any concerns.
Job Applicant Data, including your employment and education history, transcript, references and other information you submit when applying for employment through our website.
Service Use Data, including details about your visits to and interactions with our Sites, applications, and Remote Play experiences, such as data about features you use, pages you visit, the time of day you browse, and your referring and exiting pages, and click-stream data.
Device Identifiers, including data about the type of device or browser you use, your device’s operating software, your internet service provider, your device’s regional and language settings, and device identifiers such as IP address and mobile advertiser ID.
Log Data, including records of actions taken by our servers that deliver the Sites to your browser. When you interact with our Sites, certain activities may be logged, such as when you answer a question in a game, answer selection, the time it took you to answer the question, your score, and details about your browser, such as your IP address and any cookies stored in your browser.
Content, including content within any messages you send to us (such as feedback and questions to customer support, and any information you provide while using Remote Play, including responses to questions.

In addition, you may also voluntarily provide other information to us that we do not specifically request from you. In such instances, we have no control over what categories of personal information you provide to us, and how we might use such information in all circumstances. Such additional information is provided to us at your own risk.

In addition to the above, we may also collect other data (apart from personal data) from you which is not personal data, such as anonymized or de-identified or aggregated data (i.e., data which is not and cannot be associated with any particular individual) about our users or our users’ habits using the Sites, such as de-identified geographic information, or information about the types of devices used with the Sites. We may also anonymize or de-identify personal data provided by you, and use such anonymized or de-identified data in connection with our business, our Services or otherwise as we deem appropriate. All such non-personal data (as anonymized or de-identified) is owned exclusively by the Company and the Company may share, sell or use such information or data as it deems appropriate.

Please do not supply the following to us:

Any Protected Health Information (PHI);
Any other person’s personal data, unless the Company explicitly asks you to do so;
Any categories of your personal data that have not been explicitly requested by the Company;
Any confidential, proprietary, secret or legally protected information which you are not explicitly requested by the Company to provide;
Any adverse event reporting information which is not explicitly requested as this information is not otherwise sought, nor do we otherwise monitor for same; or
Any confidential, proprietary, secret or legally protected information which are under any legal obligation to not provide to or share with the Company.

5. How We Collect Information About You

We collect information about you (including personal data) when:

You Give Us Information – You may provide us information when:

You provide it to us by filling out forms or providing/submitting other information on or through the Sites;
You submit information to us through “Get In Touch,” “Contact,” “Reach Out To Learn More,” our “Careers” links, or any other links on any of the Sites;
You sign up for our Newsletter or other marketing or informational opportunities;
You send us e-mail or submit any inquiry on or through the Sites, including in connection with a “contact customer service” request or inquiry;
You provide information via phone or in person;
You provide us with information in writing and send it to us other than via e-mail, phone or in person (i.e., mail, FedEx, etc.);
You provide us with documentation;
You enter into any agreement with us, whether or not same is through the Sites;
You visit us on social media, including but not limited through, Facebook®, LinkedIn®, X (f/k/a Twitter®), or YouTube®;
You provide us information on or through any Company online portal;
You provide us with information which may contain personal data;
You provide us with information in connection with seeking employment with the Company.

We Collect Information Automatically – We automatically collect certain types of information when you visit our Sites (as explained below).

We Collect Information From Other Sources – We may also obtain information about you from outside sources. For example, we may obtain commercially available information about you from third-parties or purchase e-mail lists from third parties for advertising and marketing purposes. We may also receive information from third-parties who provide services for us through web-beacons and other technologies described in this Privacy Policy.

6. Use of Cookies

A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server. Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed. Cookies do not typically contain any information that personally identifies a user, but personal data that we store about you may be linked to the information stored in and obtained from cookies.

You can set your browser or operating system not to accept cookies or to notify you when you are sent a cookie, giving you the opportunity to decide whether or not to accept it. You may also use commonly available tools in your browser to remove cookies which may have been placed onto your computer.

To learn more about cookies, please visit https://www.allaboutcookies.org; https://www.allaboutcookies.org/mobile/

Cookies That We Use

We, as well as possible third parties that provide content or technology on or through the Sites, use cookies for the following purposes related to the Services we provide for and to you and our users:

Authentication – we use cookies to identify users of the Sites and/or the location of individuals accessing the Sites;
Status – we use cookies to help us to determine if you are logged into our Sites;
Personalization – we use cookies to store information about your preferences and to personalize the Sites for you;
Security – we use cookies as an element of the security measures used to protect user accounts, including preventing fraudulent use of login credentials, and to protect our Sites and services generally;
Advertising – we use cookies to help us to display advertisements that will be relevant to you; EU/EEA/UK Data Subjects Only: You can disable advertising cookies as set forth herein. In addition, if you provide us with notice as set forth below, we may be able to show you how to disable advertising cookies. However, because we may derive income related to our services from advertising cookies, if such cookies are disabled, it may impact your ability to use our Sites and/or our Services and/or impact the cost of our Services to you;
Diagnosis – we use cookies to diagnose problems with our Services and servers;
Analysis – we use cookies to help us to analyze the use and performance of our Sites; and
Cookie consent – we use cookies to store your preferences in relation to the use of cookies more generally and in the event you open an account with us.

Cookies Used By Our Service Providers And Vendors

Our service providers and vendors may use cookies and those cookies may be stored on your computer when you visit our Sites. These service providers and vendors include, but may not be limited to: Google Analytics, Google Tag Manager, Sentry, and Mixpanel.

You should review the privacy and cookie policies of the above websites/apps to learn more about the cookies that are used in connection with the above.

There are websites and services you can use to view cookies that are used on the Sites such as https://www.cookieserve.com/. However, we do not and cannot verify that the information provided by such websites or services is accurate or free, and before using, you should review the websites’ or services’ privacy policy and terms and conditions of use as you will be bound by same. We are not affiliated with or connected to any such service or website.

The above websites/apps and cookies may change from time to time as we use different vendors or service providers to provide some or all of the Services offered or provided by the above services and apps, or additional services we decide to include. While we will periodically update our list of such vendors and service providers, the above list may not be complete at any given time.

Managing Cookies

Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. To obtain more information about managing cookies on your mobile device, please see these links: Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Google Chrome mobile, Microsoft Edge Browser, Safari, Safari mobile.

You may also be able to install so-called ad-blockers. However, blocking some or all cookies may have a negative impact upon the usability of the Sites.

The Sites may also include cookie banners, which allow you to consent to the use of certain cookies for certain purposes, including to personalize our Services for you and make the Services easier and more practical to use. Once you have provided your consent, you can revoke it at any time on a going forward basis by calling up the cookie administration via the following link and unchecking the box next to the processing to which you had consented.

7. Use Of Web Beacons, Clear-GIFs, Pixel Tags And JavaScript

Except as set forth herein, our use of web beacons, clear-gifs, pixel tags (including potentially the Facebook/Meta Pixel) and JavaScript is critical to proper functionality our Sites, and disabling them may impact the functionality of the Sites and the Services we provide.

We also may use “pixel tags” (also called “action pixels,” “web beacons” or “clear gifs”) and/or JavaScript plug-ins, placed on the Sites and in our emails to you.

These web beacons and plug-ins are small graphic images (typically that you cannot see) or code on a Sites or in an email message which are used for such things as recording advertisements clicked-on by a user, or for tracking the performance of email marketing campaigns. These devices help us analyze our users’ online and Sites behavior and measure the effectiveness of our Sites and our marketing.

We may also work with third-party service providers that help us track, collect, and analyze this information. Third-party entities with whom we have agreements may place these devices on the Sites and/or in emails to use information obtained from them such as pages viewed, emails opened and items upon which you may click in emails. These third-party providers may also place cookies (or similar trackers) onto your device. Those third-party cookies and trackers may enable us to obtain aggregate demographic information and user statistics about you and your preferences from these third-party sources as well as our information we have about you. These third-party providers may also use certain transactional data to provide analytics to us to help us better serve our customers. See above for more information on our cookies.

EU/EEA/UK Data Subjects Only – You may be able to disable use of web beacons, clear-gifs, pixel tags and JavaScript if you provide us with notice as set forth in below. However, doing so may impact your ability to use our website and/or our services and/or impact the cost of our services to you.

8. Device Identifiers

A “device identifier” is a mechanism whereby we may automatically collect an IP address, mobile advertising identifier or other unique user identifier information for the computer, mobile or other device being used to access the Sites or third-party websites or apps to which we may link for advertising purposes. A device identifier attaches a number that is automatically assigned to your computer or device that identifies it, similar to a cookie. We may use the device identifier to administer the Sites, help diagnose problems, analyze trends, track a user on the Sites, deliver advertising or obtain general demographic data. Most computers and mobile devices will allow you to turn off, block or delete device identifiers.

9. Server Logs

A “server log” is a record of activity created by a computer or device that delivers certain information to you. Certain activities that you perform on our Sites may record information in server logs. For example, if you enter a search term into a search box located in the Sites, the server log may record the search term, the link you clicked on and/or information about your operating system.

10. Search Queries On The Sites

We may provide you with options to search for information on our Sites. If you enter information in a search query box, we may store that information and we may aggregate that information with other information we may have about the operating system or device from which the search query originated.

11. Third Parties

We may use third party service providers to serve advertisements on our behalf across the Internet and sometimes on the Sites. These companies may use information (not including your name, address, email address or telephone number) about your visits to the Sites and other websites in order to provide advertisements on our Sites, and other forms of media about goods and services of interest to you. This anonymous information is collected through the use of pixel tags or similar technologies which are industry standard technologies used by most major apps, and which are explained in more detail above.

You can read more about online marketing practices and the technologies that support them by visiting the Network Advertising Initiative’s Website. If you would like to know your choices about not having this information used by these companies, check out Network Advertising.org.

In addition, we may from time-to-time contract with third party vendors to serve advertisements to our customers on our behalf across the Internet to whom we think may be interested in our Services. To do this, the vendors may collect anonymous information about your visits to the Sites and your interaction with our Services. This anonymous information is collected through the use of an app cookie or pixel tag – industry standard technology used by most major apps, and which is explained in more detail above. No personally identifiable information is to be collected in this process. They may also pool the anonymous information that they collect with other sources of information not collected during your visit to our Sites, which may include your name and mailing address, for purposes of determining whether you might be interested in receiving more information.

Social MediaPlatforms

We may link to certain Company social media platforms on Facebook®, LinkedIn®, X (f/k/a Twitter®), or YouTube® or other platforms. When you engage with our content at or through these social media platforms, you may be asked to share certain information about these interactions with us. Please review the privacy policies/notices and privacy settings with each such social media platform you use so you understand how this data and information may be used, and to choose your options for the sharing of such data and information.

12. How We Use the Information We Collect

We use the information we collect in a variety of ways. Generally, we use the information we collect, including information provided by you, your personal data, and aggregate/de-identified data, to provide and improve the Services.

We may also use the information we collect internally in our business for many business purposes, such as to: (i) provide the Services you may seek or which are available on the Sites; (ii) respond to inquiries from you; (iii) personalize your experience on the Sites and using the Services; (iv) optimize the functionality of the Sites, including stability, security and performance; (v) enhance marketing efforts; (vi) track user behavior of the Sites as explained herein; (vii) provide aggregated or other data to third parties concerning the results of your reporting and monitoring on and through the Sites, with or without other aggregated data; (viii) analyze trends and conduct research; (ix) learn about users’ and customers’ needs; (x) track traffic patterns and Sites usage; (xi) provide customer service and technical support; (xii) correlate information with other commercially available information to identify demographics, reporting and monitoring needs, trail conditions, user impact and any other service or information offered on or through the Sites; (xiii) address information security and/or privacy practices, network functioning, engineering, and troubleshooting issues; (xiv) investigate claims and/or legal actions, violations of law or agreements, and compliance with relevant applicable laws and legal process; (xv) comply with law, or based on our good faith belief that it is necessary to conform or comply with the law, or otherwise to disclose information to prevent fraud to reduce credit risks, to cooperate with police and other governmental authorities, or to protect the rights, property or safety of visitors to the Sites, our partners or customers, or the public; and (xvi) process or engage in a sale of all or part of our business/organization(s), or if we go through a reorganization or merger.

13. With Whom Do We Share Your Data?

We may share both personally identifiable and non-personally identifiable information in accordance with the practices described in this Privacy Policy. The types of entities we may have shared information with or with whom we may share information in the future includes the following:

Affiliates and Business Partners. We may share information with our related entities including our parent and sister companies for business purposes such as customer support, marketing, product development, and technical operations. who help us provide operational services for the Sites and our business, which might include, but is not necessarily limited to: business entities that provide e-mail address management and communication contact services, network equipment and application management providers and hosting entities, judicial, administrative and/or legal or financial accounting providers in the event that information must be reviewed or released in response to civil and/or criminal investigations, claims, lawsuits, or if we are subject to judicial or administrative process (such as a subpoena) to release your information or to prosecute or defend legal actions, and other service providers which may be involved in the other types of services and activities otherwise discussed in this Privacy Policy

Business Customers. We may share your information with our business customers in connection with us processing information on their behalf when they engage us to use our Services with their end-users, or in connection with the use or prospective use of their products or services.

Third-Party Service Providers. We may share information with service providers that process information on our behalf for our business purposes, including to assist in the operation of our Sites, providing email management, communication services, retargeting services, analytic services, as well as legal, administrative and financial services.

Consent and Law. We may also use your personal data to contact you in ways other than e-mail or regular mail, such as via telephone contact or facsimile. All use of personally identifiable information will be as permitted by applicable law.

14. Business Transfers

If the Company or substantially all of its assets were acquired, or in the unlikely event that the Company goes out of business or enters bankruptcy, user information would be one of the assets that is transferred or acquired by a third party. You acknowledge that such transfers may occur, and that any acquirer of the Company may continue to use your personal data as set forth in this Privacy Policy.

15. International Transfers Of Your Personal Data

For EU/EEA/UK Data Subjects Only

In this Section, we provide information about the circumstances in which your personal data may be transferred to countries outside the EEA (Austria, Belgium, Bulgaria, Czech Republic, Cyprus, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Liechtenstein, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden), the UK or Switzerland.

Relevate Health Games LLC, is a limited liability company with its principal place of business located at 8044 Montgomery Road, Suite 700-7384 Cincinnati, Ohio 45236 (United States). The European Commission has made an “adequacy decision” with respect to the data protection laws of the United States. In the event the Company transfers any of your personal data to a third party in the United States or elsewhere outside of the EU/EEA/UK, such transfers will be protected by appropriate safeguards through the use of standard data protection clauses adopted or approved by the European Commission or the UK, a copy of which can be obtained from https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en.

By providing your personal data to the Company, you are agreeing to the transfer and processing of your personal data to and in the United States in accordance with this Privacy Statement.

By using our Services, you are agreeing to the transfer and processing of your personal data to and in the United States in accordance with this Privacy Statement.

16. Your Choices About The Information We Collect

If you do not consent to the way in which we may use your personal data, please do not submit any personal data to us. Please note that if you do not provide us with certain personal data the Company may be unable to allow you to use or access the Sites, or the Services and/or information on or through the Sites may not be as good as they otherwise could be.

If you do not wish to receive emails from us, click the unsubscribe link located in our emails or opt out in your account profile within the App if applicable.

If you do not wish to receive other marketing materials from us and/or if you do not want us to share your personal data with other entities as stated in this Privacy Policy, please provide us with your exact name and address and advise us that you wish to opt-out for information sharing or receiving information from us or both as the case may be. Please note that de-identified and aggregate data including your personal data may still be shared, but it will not be identified or identifiable to you. Please direct your opt-out request to the following contacts, including with the words “LEVEL EX – PRIVACY” in ALL CAPS in the subject line:

E-mail Address: privacy@anthony-outeiralrelevatehealth-com

Postal Address:

Relevate Health Games LLC

8044 Montgomery Road, Suite 700-7384
Cincinnati, Ohio 45236

(United States)

Attention: Privacy Officer

18. Your Rights – EU/EEA/UK Data Subjects Only

In this Section, we have summarized the rights that EU/EEA/UK data subjects have under applicable data protection law, including the GDPR. Some of the rights are complex, and not all of the details have been included in our summaries. Accordingly, you should read the relevant laws and guidance from the regulatory authorities for a full explanation of these rights.

Your principal rights under data protection law are:

The right to access;
The right to rectification;
The right to erasure;
The right to restrict processing;
The right to object to processing;
The right to data portability;
The right to complain to a supervisory authority; and
The right to withdraw consent under certain circumstances.

You have the right to confirmation as to whether or not we process your personal data and, where we do, access to the personal data, together with certain additional information. That additional information includes details of the purposes of the processing, the categories of personal data concerned and the recipients of the personal data. Providing the rights and freedoms of others are not affected, we will supply to you a copy of your personal data. The first copy will be provided free of charge, but additional copies may be subject to a reasonable fee.

You have the right to have any inaccurate personal data about you rectified and, taking into account the purposes of the processing, to have any incomplete personal data about you completed.

In some circumstances you have the right to the erasure of your personal data without undue delay. Those circumstances include: the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed; you withdraw consent to consent-based processing where no other legitimate basis for retention exists; you object to the processing under certain rules of applicable data protection law; the processing is for direct marketing purposes; and the personal data have been unlawfully processed. However, there are exclusions of the right to erasure. The general exclusions include where processing is necessary: for exercising the right of freedom of expression and information; for compliance with a legal obligation (including contractual obligations); or for the establishment, exercise or defense of legal claims.

In some circumstances you may have the right to restrict the processing of your personal data. Those circumstances are: you contest the accuracy of the personal data; processing is unlawful but you oppose erasure; we no longer need the personal data for the purposes of our processing, but you require personal data for the establishment, exercise or defense of legal claims; and you have objected to processing, pending the verification of that objection. Where processing has been restricted on this basis, we may continue to store your personal data. However, we will only otherwise process it: with your consent; for the establishment, exercise or defense of legal claims; for the protection of the rights of another natural or legal person; or for reasons of important public interest.

You have the right to object to our processing of your personal data on grounds relating to your particular situation, but only to the extent that the legal basis for the processing is that the processing is necessary for: the performance of a task carried out in the public interest or in the exercise of any official authority vested in us; or the purposes of the legitimate interests pursued by us or by a third party. If you make such an objection, we will cease to process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the establishment, exercise or defense of legal claims.

You have the right to object to our processing of your personal data for direct marketing purposes (including profiling for direct marketing purposes). If you make such an objection, we will cease to process your personal data for this purpose.

You have the right to object to our processing of your personal data for scientific or historical research purposes or statistical purposes on grounds relating to your particular situation, unless the processing is necessary for the performance of a task carried out for reasons of public interest.

If you consider that our processing of your personal data infringes data protection laws, you have a legal right to lodge a complaint with a supervisory authority responsible for data protection. You may do so in the EU/EEA member state of your habitual residence (or the UK, as applicable), your place of work or the place of the alleged infringement.

To the extent that the legal basis for our processing of your personal data is consent, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing before the withdrawal.

If you do not wish to receive emails about special offers and other promotions from us, click the unsubscribe link located in our emails.

If you do not wish to receive other marketing materials from us and/or if you do not want us to share your personal data with other entities as stated in this Privacy Policy, please provide us with your exact name and address and advise us that you wish to opt-out for information sharing or receiving information from us or both as the case may be. Please note that de-identified and aggregate data including your personal data may still be shared, but it will not be identified or identifiable to you. Please direct your opt-out request, or your request to exercise any of your rights in relation to your personal data by written notice to us at the below contact information with the words “LEVEL-EX – GDPR” in the heading:

Relevate Health Games LLC

8044 Montgomery Road, Suite 700-7384
Cincinnati, Ohio 45236 (United States)

Attention: Privacy Officer (privacy@relevatehealth.com)

With a copy (including the words “LEVEL EX – GDPR” in the subject line) to:

OlenderFeldman LLP

422 Morris Avenue

Summit, NJ 07901 (United States)

Attention: Michael J. Feldman, Esq.

(mfeldman@olenderfeldman.com)

Your Rights – FOR CALIFORNIA, COLORADO, CONNECTICUT, OREGON, NEVADA, TEXAS, UTAH, and VIRGINIA RESIDENTS ONLY

If you are a resident of California, Colorado, Connecticut, Oregon, Nevada, Texas, Utah or Virginia and to the extent such state law(s) is applicable to us, your state law may provide you with additional rights regarding our use of your personal information. To learn more about your privacy rights, visit:

California: https://oag.ca.gov/privacy/privacy-laws;
Colorado: https://coag.gov/resources/colorado-privacy-act/;
Connecticut: https://portal.ct.gov/AG/Sections/Privacy/The-Connecticut-Data-Privacy-Act;
Oregon: https://olis.oregonlegislature.gov/liz/2023R1/Downloads/MeasureDocument/SB619/Enrolled;
Nevada: https://www.leg.state.nv.us/NRS/NRS-603A.html;
Texas: https://statutes.capitol.texas.gov/Docs/BC/htm/BC.541.htm#C;
Utah: https://le.utah.gov/~2022/bills/static/SB0227.html;
Virginia: https://law.lis.virginia.gov/vacodefull/title59.1/chapter53/

Requests for Information – California Residents

Under Section 1798.83 of the California Civil Code, residents of California have the right to request from a business, with whom the California resident has an established business relationship, certain information with respect to the types of personal information the business shares with third parties for those third parties’ direct marketing purposes, and the identities of the third parties with whom the business has shared such information during the immediately preceding calendar year. To exercise your rights, you may make one request each year by emailing us at privacy@relevatehealth.com with “Request for California Privacy Information” in the subject line and explicitly makes such request. Be sure to provide in the request sufficient information to properly identify you and/or the members of your family to whom the request applies.

Marketing – CALIFORNIA, COLORADO, CONNECTICUT, OREGON, NEVADA, TEXAS, UTAH, and VIRGINIA RESIDENTS

We collect various types of personal data about you during the course of your relationship with us. Under applicable law, if you are a resident of California, Colorado, Connecticut, Oregon, Nevada, Texas, Utah or Virginia, you may make a written request to us to disclose the categories or personal data of yours which we have shared with third parties, for the third parties’ direct marketing purposes during the prior year. In response to your written request, we are allowed to provide you with a notice describing the cost-free means to opt-out of our sharing your information with third parties with whom we do not share the same brand name, if the third party will use such information for its direct marketing purposes.

If you would like to exercise your rights under California, Colorado, Connecticut, Oregon, Nevada, Texas, Utah or Virginia law, please send your written request to the e-mail address or postal address below with the words “[INSERT APPLICABLE STATE NAME] OPT-OUT” in ALL CAPS in the subject line or clearly set forth elsewhere. Please include your postal address in your request. Within thirty (30) days of receiving your written request, we will provide you with a Third-Party Direct Marketing Opt-Out Form so you may request that your personal data not be disclosed to third parties for their direct marketing purposes.

E-mail Address:

privacy@relevatehealth.com

Attention: Privacy Officer

Postal Address:

Relevate Health Games LLC

8044 Montgomery Road, Suite 700-7384
Cincinnati, Ohio 45236 (United States)

Attention: Privacy Officer

Phone:

(877) 238-8500

Consumer Rights Under the California Consumer Privacy Act of 2018 (the CCPA) and the California Privacy Rights Act of 2020 (the CPRA) AND for residents ofCOLORADO, CONNECTICUT, OREGON, NEVADA, TEXAS, UTAH, and VIRGINIA

To the extent the California Consumer Privacy Act or other state law is applicable, with certain exceptions and, including but not limited to in connection with data subject to federal regulation (i.e., the Health Insurance Portability and Accountability Act (HIPAA), the Gramm-Leach Bliley Act California (GLBA), the Fair Credit Reporting Act (FCRA), as applicable, the California Financial Information Privacy Act (CFIPA), the Federal Farm Credit Act of 1971, the Drivers’ Privacy Protection Act (DPPA), the Confidentiality of Medical Information Act (CMIA), certain laws concerning clinical trials data, the First Amendment and related law), contractual rights and obligations, and certain other exceptions based upon applicable state law, we provide California, Colorado, Connecticut, Oregon, Nevada, Texas, Utah or Virginia residents with the following rights with respect to our data collection and data processing of such residents’ personal data (excluding de-identified or aggregate data) which is collected in that resident’s state, processed in that resident’s state, or part of a transaction occurring in such state:

The right to know whether your personal data was collected by us.

In large part, the personal data we collect is set forth above in this Privacy Policy.

(2) The right to request the categories and specific pieces of personal data that we have collected about you in the past 12 months, the categories of sources for which that information is collected, the business purposes for collecting or selling/sharing the information, and the categories of third parties with whom the information is shared or sold.

In large part, these categories and specific pieces of personal data that we have collected is set forth above in this Privacy Policy.

(3) The right to know what information we are collecting about you and the purposes for which it is being used.

In large part, the type of information we collect and the purpose for which it is collected is set forth above in this Privacy Policy.

(4) The right to not allow us to sell or share any of your personal information.

If you do not want any of your personal information sold or shared with third parties for their purposes, please click our “Do Not Sell/Share My Personal Information” button and provide us with the information requested therein.

(5) The right to limit our use of your sensitive personal information.

We do not sell or share your sensitive personal information, and we do not seek to collect or use any of your sensitive personal information.

(6) The right to have your personal information deleted, subject to certain exceptions.

These exceptions may include:

Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
Debug products to identify and repair errors that impair existing intended functionality.
Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.).
Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
Comply with a legal obligation.
Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

(7) The right to have your personal information corrected, subject to certain exceptions.

(8) The right to know the length of data retention.

Unless indicated otherwise elsewhere or required pursuant to any applicable law, we generally retain your personal information for up to ten (10) years.

(9) The right to not be discriminated against for exercising any of the above rights.

We will not discriminate against you if you exercise any of the above rights. However, as explained, some or all of our Services necessarily require us to process your personal information, and share your personal information with certain third parties in connection with providing the Services. Therefore, and as explained above, exercise by you of certain of the above rights may impact our ability to provide the Services to you.

TO THE EXTENT APPLICABLE, AND TO EXERCISE ANY OF THE ABOVE RIGHTS, PLEASE CONTACT US AT ANY OF THE BELOW AND INCLUDE THE WORDS “EXERCISE MY RIGHTS” IN ALL CAPS IN THE SUBJECT LINE, OR BE CLEAR BY PHONE THAT YOU WANT TO EXERCISE YOUR RIGHTS and CLEARLY LET US KNOW: (1) Your address and state of residency; and (2) the rights you seek to exercise.

E-mail Address:

privacy@relevatehealth.com

Attention: Privacy Officer

Postal Address:

Relevate Health Games LLC

8044 Montgomery Road, Suite 700-7384
Cincinnati, Ohio 45236 (United States)

Attention: Privacy Officer

19. Your Choices About Information We Collect

Not Applicable to EU/EEA/UK Data Subjects

If you do not consent to the way in which we may use your personal data, please do not submit any personal data to us. Please note that if you do not provide us with certain personal data the Company may be unable to provide you with its Services, or those Services may not be as good as they otherwise could be.

If you do not wish to receive emails about special offers and other promotions from us, click the unsubscribe link located in our emails. If you do not wish to receive other marketing materials from us and/or if you do not want us to share your personal data with other entities as stated in this Privacy Policy, please provide us with your exact name and address and advise us that you wish to opt-out for information sharing or receiving information from us or both as the case may be. Please note that de-identified and aggregate data including your personal data may still be shared, but it will not be identified or identifiable to you. Please direct your opt-out request with the words “LEVEL EX – PRIVACY” in the subject line to the following contacts:

Relevate Health Games LLC

8044 Montgomery Road, Suite 700-7384
Cincinnati, Ohio 45236 (United States)

Attention: Privacy Officer (privacy@relevatehealth.com)

With a copy (including the words “LEVEL EX – PRIVACY” in the subject line) to:

OlenderFeldman LLP

422 Morris Avenue

Summit, NJ 07901 (United States)

Attention: Michael J. Feldman, Esq.

(mfeldman@olenderfeldman.com)

20. Retaining And Deleting Personal Data

This Section sets out our data retention policies and procedures, which are designed to help ensure that we comply with our legal obligations in relation to the retention and deletion of personal data.

Personal data that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.

In some cases it is not possible for us to specify in advance the periods for which your personal data will be retained. In such cases, we will determine the period of retention based upon the performance of our Services, and any applicable industry and governmental standards.

We may also retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

21. Privacy of Children Who Visit The Sites

We recognize the importance of children’s safety and privacy. The Sites are not designed to attract children, and is not intended for use by any children under the age of 18. We do not request, or knowingly collect, any personally identifiable information from children under the age of 18. If you are under age 18, you do not have permission to use the Sites or our Services.

22. Questions / Changes in Notice

If you have questions or concerns with respect to our Privacy Policy, you may contact us at privacy@relevatehealth.com. We may elect to change or amend our Privacy Policy; in such event, we will post the notice changes in our Privacy Policy on the Sites.