Privacy Policy

Last Updated: January 9, 2024

1. Introduction

Ursa Health, LLC (“Ursa Health,” “we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy applies to the information that we obtain through your use of our products and websites, including without limitation www.ursahealth.com and our online knowledgebase at docs.ursahealth.com (collectively referred to as our “Sites”), or when you otherwise interact with Ursa Health. This policy sets forth our policies and procedures regarding the collection, use and disclosure of personal information (“Personal Information”) we receive from you. By using our Sites, you consent to the collection, transfer, processing, storage, disclosure and other uses described in this Privacy Policy. If you do not agree to the terms set forth herein, please do not access or use our Sites.

Our current Privacy Policy applies to all Personal Information you have provided to us. Please take the time to read this Privacy Policy. We use the Personal Information we collect only in compliance with this Privacy Policy. By submitting information, including Personal Information, to us, you are expressly and voluntarily accepting the terms and conditions of this Privacy Policy. You have the right to withdraw your consent to our collection and use of your information, but your withdrawal of consent will not be retroactive.

2. How to Contact Us

If you have any questions about this Privacy Policy, please contact us by email at privacy@ursahealth.com, by phone at (888) 933-7671, or in writing at Ursa Health, Attn: Privacy Policy, 3200 West End Ave., Suite 500, Nashville, TN 37203.     

3. Information We Collect

When you use our Sites, we process certain types of information, including Personal Information and Non-Personal Information as described below.

a. Personal Information

“Personal Information” means any information that identifies, relates to, describes, or is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular person or household.  Personal Information that we may collect on the Sites includes first name, last name, title, company name, and e-mail address. When you access or use the Sites, you may provide Personal Information to us, such as when you request to receive information. We also may collect navigational information, including IP address, geographical location, browser type, search terms, referral source, length of visit, and pages viewed, which may or may not identify you.

b. Non-Personal Information

Non-Personal Information does not identify you but provides insights regarding your use of the Sites. For example, we may collect “Navigational Information” including but not limited to your IP address as well as browser type, Internet service provider, referral sources, visit date/time stamp, information you search for, locale and language preferences, and identification numbers associated with your devices. Some Navigational Information may be associated with Personal Information.

We and our analytics provider collect and store analytics information when you use our Sites and/or our products and services to help us improve our Sites, products and services. This analytics information consists of web browsing behavior collected through a combination of HTTP beacons and cookies. Analytics information also consists of data we collect as a result of running queries across our user base for the purposes of generating Usage Data. “Usage Data” is aggregated data about a group or category of services, features or users that does not contain Personal Information. Though we may happen upon Personal Information as we compile Usage Data across users, this is a byproduct of our efforts to understand broader patterns and trends.

As of the date this policy went into effect, we use Google Analytics as an analytics provider. To learn more about the privacy policy of Google Analytics, refer to Google's Policies and Principles. Use the ​ Google Analytics Opt-out Browser Add-on ​ to prevent analytics information from being sent to Google Analytics.

We also use HubSpot’s tools to help us with our automated marketing efforts, please refer to https://legal.hubspot.com/privacy-policy to read about HubSpot’s privacy policy.

Collection of Information

We collect your information in the following ways:

Log Files. We may collect anonymous demographic information, which is not unique to you, such as your ZIP code using log files, when you use our Sites. There is also information about your computer hardware and software that is automatically collected by our Sites. This information may include, but is not limited to, your computer’s Internet Protocol address, browser type, the web page you were visiting before you came to our site, information you search for, domain names, access times and referring website addresses. We may also collect information about the fact that you use certain features and functionality of our service and your responses to our surveys and research initiatives. This information is used by us for the operation of the Sites, to maintain quality of the Sites, and to provide general statistics regarding use of the Site. For these purposes, we do link this automatically-collected data to Personal Information such as name, email address, address, and phone number.

Cookies. Like most websites, we use “cookies” and web log files to collect information to track site usage and trends, to improve our service, and to deliver a customized experience when you use our Sites and/or our products and services. A cookie is a small data file that is placed on your computer, mobile phone or other device by a web server and enables us to recognize you when you return to our site or log into our service. Cookies are uniquely assigned to you, and can only be read by a web server in the domain that issued the cookie to you. One of the primary purposes of cookies is to provide a convenience feature to save you time – for example, when you return to the same website, the information you previously provided can be retrieved, so you can easily use the features that you customized. We may use “persistent cookies” to save your registration ID and login password for future logins to the site. We may also use “session ID cookies”, which expire after a short period of time or when you close your browser. Session ID cookies are used to identify a particular visit and are used to enable certain features of the site or service, to better understand how you interact with the site and service, and to monitor aggregate usage and web traffic routing on the site. We set a cookie and use local storage in your browser that contains information that we use to identify you with respect to our current third-party vendors HubSpot, Google Ads, Google Tag Manager, Google Analytics and Document360. You have the ability to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you choose to decline cookies, you may not be able to fully experience the interactive features of the Sites. We keep track of the pages you visit on the Sites, in order to determine what parts of our store and the Sites are the most popular.

While Browsing our Sites. We use vendors that may collect Personal Information on our behalf. Please see the list of vendors that we currently use and how they may access and use your data, including links to their respective privacy policies at the end of this Privacy Policy.

Service Providers. We monitor the activity on our Sites using common software tools and third-party service providers. We collect and track information on use of the Sites including referral sources, search terms, network information, IP addresses, computer and browser types, and content viewed. Unless combined with Personal Information, this other data does not personally identify any user of the Sites. We may also use third-party service providers to collect and track statistical information regarding the use of the Sites, and to prevent our servers from being abused.

5. Use of Information

We use Non-Personal Information collected by clickstream information collection, web pixels, and cookies to store your preferences, improve website navigation, make non-personalized features and other services available to you, generate statistical information, monitor and analyze user traffic and usage patterns, monitor and prevent fraud, investigate complaints and potential violations of our policies, improve our content and the products, services, materials, and other content that we describe or make available through the Sites, and otherwise help administer and improve the Sites.

We can identify you from the Personal Information you provide, and we may also be able to identify you when we merge or co-mingle Personal Information and Non-Personal Information. Except as otherwise stated, we may use Information we collect from you for the purpose of providing our Sites to you, including, but not limited to:

• To fulfill or meet the reason you provided the Personal Information. For example, if you share your name and contact information to ask a question about our websites or the products or services we provide, we will use that Personal Information to respond to your inquiry. 
• To provide our websites and our products and services to you and administer your use of our websites and our products and services;
• To provide you with support and to respond to your inquiries, including to address inquiries and to monitor and improve our responses.
• To provide you with information and announcements with respect to our products or services and to provide you with further information and offers from us or carefully selected third parties that we believe you may find useful or interesting, including newsletters, marketing or promotional materials and other information on services and products offered by us or third parties;
• To improve our products, services and websites, and improve your browsing experience by personalizing the websites;
• To notify you of any changes to relevant agreements, policies, or other terms, and to enforce such terms.
• To work with our service providers, who perform certain business functions or services on our behalf and who are bound by contractual obligations consistent with this Privacy Policy.
• To prevent or investigate fraud, or for risk management purposes, and to help maintain the safety, security, and integrity of our Sites.
• To investigate, prevent or take action with respect to suspected or actual illegal activities or to assist government enforcement agencies.
• To prevent infringement of our intellectual property rights in our websites, products and services.
• To enforce our terms of use or your agreements with us.
• To comply with legal obligations, court orders, or in order to exercise any legal claim or to investigate and defend against any legal claim or allegation.
• To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Information held by us about our consumers is among the assets transferred.
• As otherwise described to you when collecting your Personal Information.

Use of Navigational Information. We use Navigational Information to operate and improve the Sites. We may also use Navigational Information alone or in combination with Personal Information to provide you with personalized information about us and our products and services. We use Navigational Information we obtain by technical means (such as the automatic recording performed by our servers or through the use of cookies) for the above purposes as well as to monitor, measure and analyze use of the websites and our products and services, and to generate and derive useful data and information concerning the interests, characteristics and use behavior of our customers and visitors to our Sites and their use of our products and services.

In addition, we may use third‐party e‐mail providers to deliver communications to you.  This is an opt-in e-mail program.  If you no longer want to receive these e-mail communications, you may opt-out of receiving e-mail communications as described in “Opting-Out and Unsubscribing” below.

6. How We Share Information

We never sell Personal Information. We will never sell, rent or otherwise provide your Personal Information to any third party for marketing purposes.

Under the following conditions, we may share Personal Information with the following parties:

• Service providers that help us administer and provide the Sites or our products and services (for example, a web hosting company whose services we use to host our knowledgebase or in order to market our products and services, provide customer service, conduct customer research or satisfaction surveys, or help us perform statistical analysis). These third-party services providers have access to your Personal Information only for the purpose of performing services on our behalf. We have entered into contractual relationships with these service providers and require them to comply with all applicable information privacy laws and regulations and to use the Information only for the purposes for which it was disclosed.  We require that any third-party service providers limit their use of your Personal Information solely to providing services to us and that they maintain the confidentiality, security, and integrity of your Personal Information and not make unauthorized use or disclosure of the Information;
• Third parties in the event of any reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings) and you agree that any such third party will have the right to continue to use your Personal Information and other information that you provide to us or which we obtain through your use of the Sites;
• As we believe necessary: (i) under applicable law; (ii) to enforce applicable terms and conditions; (iii) to protect our rights, privacy, safety or property, and/or that of our affiliates, you, or others; (iv) to detect, prevent, or otherwise address fraud, security or technical issues; (v) to respond to claims that contact information (e.g. name, e-mail address, etc.) of a third-party has been posted or transmitted without their consent or as a form of harassment; and (vi) to respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, which may include authorities outside your country of residence; and
• Pursuant to your express consent.

7. Information Security

We take reasonable steps online and offline to safeguard the Personal Information that you provide to us, including:

• SOC 2 Type II and ISO 27001 certified data center partners, which provide N+1 redundancy to all power, network, and HVAC services.
• Top-end in-transit encryption, advanced SSL/TLS (1.0, 1.1, and 1.2) protocols, and 2,048-bit keys.

Use of a high-grade web application firewall and tightly controlled network-level firewalling. It is common knowledge that transmission of information via the Internet is not wholly secure, and we cannot guarantee or warrant the security of your Personal Information, or any other information, transmitted to or through our Sites or otherwise provided to us, and we cannot be responsible for the theft, destruction, or inadvertent disclosure of such information. Any transmission of information is at your own risk.

If you have any questions about security on our Sites, or if you become aware of or suspect a security breach, notify us immediately by emailing us at privacy@ursahealth.com or by calling us at (888) 933-7671. 

8. Information Retention

We retain Personal Information we receive as described in this Privacy Policy for as necessary to fulfill the purpose(s) for which it was collected, provide our products and services, resolve disputes, establish legal defenses, conduct applicable audits, pursue legitimate business purposes, enforce our agreements, and comply with applicable laws. When the personal data that we have collected is no longer required, we will delete it in a secure manner. We will delete this information from our servers at an earlier date if you so request, as described in “Opting-Out and Unsubscribing” below.

 9. Children’s Privacy

Children under the age of 13 are not eligible to use our Sites. We do not knowingly collect personally identifiable information from children under 13. If a parent or guardian becomes aware that his or her child has provided us with Personal Information without their consent, he or she should contact us at privacy@ursahealth.com. If we become aware​ that a child under 13 has provided us with Personal Information, we will delete such information from our files.

10. European Privacy Rights

We adhere to applicable data protection laws in the United Kingdom, Switzerland and the European Economic Area, which, if applicable, practicable, and required under the UK and EU General Data Protection Regulation, include the
following rights:

• If our processing of personal information is based on your consent, you have a right to withdraw consent at any time for future processing;
• You have a right to request from us, where we act as a Controller as defined in the law, access to and rectification of your personal information;
• You have a right to object to the processing of your personal information; and
• You have a right to lodge a complaint with the applicable local public authority.

These are in addition to the rights you have in Section 14 below. When we process personal information about you, we do so with your consent or as necessary to comply with our legal and regulatory obligations; to provide the products and services you use; for the performance of our contract with you or to take steps at your request before entering into a contract; or for our other legitimate interests or those of a third party.

11. Forums

We may offer publicly accessible message boards, blogs, and community forums, including the ability to post comments in our knowledgebase. Please keep in mind that if you directly disclose any information through our public message boards, blogs, or forums, including our knowledgebase, this information may be made public and may be collected and used by others. We will correct or delete any information you have posted on our servers if you so request, as described in “Opting-Out and Unsubscribing” below.

12. Third-Party Websites

Our Sites may provide links to other websites. We do not control, and are not responsible for, the content or practices of these other websites. Our provision of such links does not constitute our endorsement of these other websites, their content, their owners, or their practices. This Privacy Policy does not apply to these other websites, which are subject to any privacy and other policies they may have. You should use caution and review the privacy policies of any web sites, services or third-party providers that you visit from our Sites or our products to learn more about their information practices, which may be significantly different from ours.

13. Changes in the Privacy Policy

We reserve the right to modify and update this Privacy Policy at any time by posting an amended version of the statement on our Site, updating the “Last Updated” date at the top of this Privacy Policy. In some cases, where appropriate, we may provide you with additional notice (such as adding a statement to the login screen or sending you an email notification). Please refer to this policy regularly. We encourage you to review our Privacy Policy whenever you use our Sites to stay informed about our information practices and the ways you can help protect your privacy. Using our Sites or continuing to provide Personal Information to us after a notice of changes has been sent to you or published on our Sites shall constitute consent to the changed terms and practices. If you disagree with any changes to this Privacy Policy, you will need to stop using our Sites.

14. Opting Out and Unsubscribing

If you provide us with your Personal Information, you have the following rights with respect to that information:

• To review the user information that you have supplied to us
• To request that we correct any errors, outdated information, or omissions in user information that you have supplied to us
• To request that your user information not be used to contact you
• To request that your user information be removed from any solicitation list that we use
• To request that your user information be deleted from our records
• To otherwise opt out of receiving solicitations

To exercise any of these rights, please contact us by email at privacy@ursahealth.com, by phone at (888) 933-7671, or in writing at Ursa Health, Attn: Privacy Policy Inquiry, 3200 West End Ave., Suite 500, Nashville, TN 37203. We will promptly change, correct, or delete your information.

To Unsubscribe From Our Communications. You may unsubscribe from our marketing communications by clicking on the “unsubscribe” link located on the bottom of our emails or by contacting us by email at privacy@ursahealth.com, by phone at (888) 933-7671, or in writing at Ursa Health, Attn: Privacy Policy Inquiry, 3200 West End Ave., Suite 500, Nashville, TN 37203.      

How You Can Opt Out of Web Tracking. There are several ways to opt out of web tracking:          

Most browsers allow you to block third-party cookies or prevent cross-domain tracking. This will limit the cookies that can be set by third-party scripts. This will not completely eliminate tracking by some third-party services though as they may use first-party cookies.

Most browsers also allow you to ask not to be tracked (it sends the “Do Not Track” request header). If you have enabled this feature, we will not track the pages you visit in a way that enables us to connect them to your personal information. Your page views may still be collected anonymously; however, many of the third-party services we use for collecting anonymous data also respect the Do Not Track setting.

15. Third-Party Vendors

Some of the vendors we use that may collect or use Personal Information on our behalf are as follows:

HubSpot: We use HubSpot to manage registrations on our websites, to collect and store consent, and to send consent-based email communications. We also use HubSpot to track web visits if you have registered on our website. Read HubSpot’s privacy policy here: https://legal.hubspot.com/privacy-policy

Zoom: We use Zoom for web conferencing. Web conferencing is used as an umbrella term for various types of online collaborative services including web seminars, webcasts, and peer-level web meetings. Read Zoom’s privacy policy here: https://zoom.us/terms

Google Ads: We use Google Ads to launch retargeting campaigns. Code is added to our footer to recognize an individual on any page of our website. By associating the visitor we can offer them an appropriate ad they might be interested in. Read Google Ads’ privacy policy here: https://policies.google.com/technologies/ads

Google Tag Manager: We use Google Tag Manager to manage and deploy marketing tags (snippets of code or tracking pixels) on our website. Read Google Tag Manager’s privacy policy here: https://www.google.com/analytics/tag-manager/use-policy/

Google Analytics: We use Google Analytics to review data on website visits, including geographical information, browser information, platform information, page information, visit duration, referring site, time of visits, and click-throughs. The data is used to improve our site. Read the Google Analytics privacy policy here: https://policies.google.com/privacy?hl=en

Document 360: We use Document 360 to provide our knowledgebase platform. Read Document 360’s privacy policy here: https://document360.com/privacy/