Privacy Policy

Version 4.0

Privacy Policy

Last Revised: January 2025

DarioHealth cares about your privacy and wants you to be familiar withhow we collect, use and disclose personal information aboutyou. References to DarioHealth include our subsidiaries and trade names,including Labstyle Innovation Ltd., Upright, wayForward, and Twill Inc.(collectively, "DarioHealth," "us," "we" or "Company").

The purpose of this DarioHealth Privacy Policy ("Privacy Policy") is toexplain our data collection and privacy practices when you access ourproducts, devices, websites, mobile applications, or other offerings, orinteract with us via our customer service center, social media, productreviews, HTLM-formatted emails, or otherwise (collectively, the"Services"). We encourage you to read the Privacy Policy carefully priorto using the Services, as it describes the types of personal informationwe collect, how we collect it, how we use the information we collect,how long we keep the information and under what circumstances and withwhom your personal information may be disclosed. This Privacy Policyalso describes your rights concerning your personal information andsecurity measures we take to protect your personal information. If youhave any questions about this Privacy Policy, please email us atdpo@mydario.com

For health plan and employee assistance plan users: If you use theServices through your healthcare provider, health plan sponsor, insurer,pharmaceutical partner or related organization or company (each a"Provider Company"), this Privacy Policy is not intended to modify orsupersede any privacy policy provided by your Provider Company. Also, insome cases, your information may be qualify as Protected Healthinformation ("PHI") under the Health Insurance Portability andAccountability Act of 1996 ("HIPAA"). In those instances, we act as a"business associate" on behalf of your Provider Company, and thisPrivacy Policy does not apply. Instead, we will process your PHIconsistent with the obligations in our contract with the ProviderCompany, and you should contact your Provider Company for a copy of therelevant privacy policy.

**TYPES OF INFORMATION WE COLLECT **

  • PERSONAL INFORMATION: DarioHealth may collect personal information in a variety of ways, including:

  • Identifiers -- Including real name, alias, date of birth, postal address, unique personal identifier, online identifier, internet protocol address, email address, account name or other similar identifiers;

  • Demographic information -- Including age, gender (including gender identity and expression), sexual orientation, and other personal information that may be considered a protected classification characteristic under California or federal laws;

  • Internet or other electronic network activity information -- Including your browser type and operating system; browsing history, clickstream data, search history on the Services, and information regarding how you interact with the Services, an internet website, application, email, newsletter, or advertisement, including access logs and other activity information related to your use of the Services; the referring URL, or the website or application that led you to our Services; and, if you link your information associated with your social media account such as your name, username, email address, gender, profile picture, other unique identifier, etc.;

  • Biometric information -- Includingphysical characteristics such as height and weight, blood tests, blood pressure tests, nutrient consumption, exercise activity and motion (e.g., steps, cardio activity, kcal, type and intensity), posture information, gait, physical, mental, and emotional health status

  • Geolocation data where authorized by applicable law and subject to any consent required by applicable law;

  • Audio, electronic, visual or similar information;

  • Financial information -- Including your payment card or online payment account information and billing address;

  • Commercial information -- Including records of your purchase history and transactions with us, as well as purchasing or consuming histories or tendencies;

  • Communications -- Including the content of communications between you and us, or between you and your coach or mental health Providing Company for wayForward users;

  • Professional or employment-related information; and

  • Inferences -- We, and our third-party advertising and analytics partners, may collect inferences drawn from any of the information identified above to create a profile reflecting your preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, or aptitudes.

  • PERSONAL HEALTH INFORMATION: We may collect information regarding your physical and mental health, such as information on medications, medical history, lifestyle habits, pain, fitness and training characteristics, pregnancy, body traits (e.g., posture), exercise activity and motion (e.g., steps, cardio activity, kcal, intensity), height, weight, nutrition (e.g., carbohydrate consumption), blood pressure, blood test results (e.g., last HbA1c), mental or emotional health status, and other health-related information. This may include PHI, whether you provide it only to us (such as answers to self-assessment features) or opt to share it with other users of the Service or your Provider Company. Any personal health information may be treated as sensitive or special category information under applicable laws.

  • SPONSOR ORGANIZATIONS: If an organization, such as your or your partner's, spouse's or parent/guardian's employer, university or health plan (including a Provider Company), is paying for your access to our Services (each a "Sponsor Organization"), use of our Services may require you to provide additional registration information. This information is collected to confirm your eligibility with the Sponsor Organization. Information collected under these circumstances may include, but is not limited to, name, email address, date of birth and phone number. This information is required to confirm program or benefit eligibility and prevent insurance and benefit fraud.

HOW WE COLLECT INFORMATION

  • INFORMATION YOU SHARE WITH US: Directly from you (e.g., when you register for the Services or interact with us or certain Services or DarioHealth features, such as assessments, Dario's artificial intelligence-based ("Al-based") chatbot named Anna, behavioral matrices and click-throughs to third parties within the Services), from devices, including your wearable devices, connected to the Services, your coach or mental health service provider (including for wayForward Services);

  • INFORMATION WE COLLECT AUTOMATICALLY: We and our third-party business partners, including advertising and analytics partners, automatically collect information when you use our Services through cookies, pixel tags, clear GIFs, or similar technologies on our Services, including the information referred to above as "Internet or other electronic network activity," such as your browser type and operating system, web pages you view, your interactions with content or webpages on the Services, links you click, your IP address, device identifier, or other identifiers, the length of time you visit our Services, the referring webpage URL or app that led you to our Services, the information, content, or advertisements you view, hover over, or click on, and the search terms you enter. Our third-party business partners may use these technologies to collect information about your online activities over time and across different websites and services. We also collect information automatically through your wearable devices that are connected to the Services.

  • INFORMATION WE COLLECT FROM THIRD PARTIES: To the extent permitted by applicable law, from public databases, where permitted by law, or from third-party private sources, such as data brokers or our business partners, including advertising and analytics partners. Additionally, you may integrate third-party software development kits ("SDKs") with certain Services, subject to your consent where required by law, and we may collect personal information from these SDKs. Examples of SDKs include those for GPS, Wi-Fi or Bluetooth, accelerometers, or gyroscopes. We also may collect personal information from your employer, employee assistance plan or health plan as well as your coach, mental health service provider, healthcare providers you access through the Services, or other Providing Company provider.

You may refuse to disclose certain information to us, but please notethat this may prevent or limit your ability to use certain Services orfeatures within a Service.

**HOW WE MAY USE PERSONAL INFORMATION **

  • PROVIDING THE SERVICES:

  • To provide the Services' functionality to you, such as arranging and authenticating access to your registered account, fulfilling your purchases, providing you with relevant information and insights about your health and tools to manage it, send you reminders based on location and activity, and providing you with customer service;

  • To personalize our recommendations for better health management and wellness promotion (including through community learning tools, Apple HealthKit, etc.);

  • To respond to your inquiries and fulfill your requests, when you contact us via one of our online contact forms or otherwise, for example, when you send us questions, suggestions, compliments, reviews, or complaints, or when you request other information about our Services;

  • To verify your information and provide related customer service;

  • To send you administrative information, such as changes to our terms, conditions and policies;

  • To provide rewards programs if you enroll in them; and

  • To allow you to send messages to another person through the Services.

PHI is typically used within the Services for treatment purposes. Inaddition to the above examples, you may elect to use your PHI to billfor your use of the Services.

For processing your personal information for the above purposes werely on the necessity to process your personal information for theestablishment and performance of the DarioHealth, Inc. Terms andConditions. We also may rely on your consent for the above processingactivities to the extent required by applicable law, such as when therelevant data is PHI or you use certain Services from the EEA/EU orUK. Whenever we rely on your consent, you can withdraw your consentanytime contacting dpo@mydario.com. However, please note thatwithdrawing your consent may limit or preclude your ability to accesscertain Services or features within a Service, to the extent therelevant data or processing activity was necessary for the provisionof the Service or feature of a Service.

  • PROVIDING YOU WITH INFORMATION ABOUT NEW SERVICES AND/OR MARKETING MATERIALS AND FACILITATE SOCIAL SHARING:

  • To send you marketing-related communications about our services, new products and other company news. Our third-party business partners, including our advertising and analytics partners, may use your personal information to communicate with you about new features, events, or products that may be of interest to you, including based on your interactions with our Services. Our third-party business partners may also use your personal information to analyze and track your interactions and movement around the Services and elsewhere on the internet for our and their own purposes. We and our third-party business partners may merge, co-mingle, or otherwise combine information, including your personal information, in furtherance of these purposes.

Where required by applicable data protection laws, such as where youuse certain Services from the EEA/EU or UK, we rely on your consentfor processing your personal information for sending email marketing,which we ask for when you register for your account. You can withdrawyour consent anytime by contacting dpo@mydario.com, or by clicking onthe \'unsubscribe\' link at the end of the email marketingcommunication.

  • IMPROVING OUR SERVICES: We may use your personal information to the extent necessary for the purposes of our legitimates interests in improving our Services.

  • PROVIDING PERSONALIZED SERVICES: We may use your personal information to the extent necessary for the purposes of our legitimate interests in better understanding your interests and preferences so we can personalize our interactions with you and provide you with information and/or offers tailored to your interests.

  • AGGREGATING AND/OR ANONYMIZING PERSONAL INFORMATION: We may aggregate, deidentify and/or anonymize personal information that it will no longer be considered personal information, subject to your consent where required by applicable law (which we may ask for when you register an account).

  • ACCOMPLISHING OUR BUSINESS PURPOSES: We may further use your personal information to the extent necessary for the purposes of our legitimate interests in achieving the following objectives:

  • For data analysis to, for example, improve our efficiency;

  • For audits to verify that our internal processes function as intended and to address legal, regulatory or contractual requirements;

  • For fraud prevention and security monitoring to, for example, detect and prevent cyberattacks and identity theft;

  • For developing new products and services;

  • For enhancing, improving, repairing, maintaining or modifying our current products and services, as well as undertaking quality and safety assurance measures;

  • For identifying usage trends; For determining the effectiveness of our promotional campaigns.

Where we rely on legitimate interests as the basis for processing, weconduct a legitimate interest assessment to the extent required byapplicable law.

DISCLOSURE OF PERSONAL INFORMATION

  • AFFILIATES: We may disclose your personal information (excluding your PHI in identifiable form) with our affiliates for the purposes described in this Privacy Policy. Note, however, that DarioHealth does NOT disclose personal information to third parties in exchange for money. 

  • PARTNERS: We may disclose your personal information (excluding your PHI in identifiable form) with other companies, such as companies with whom we jointly offer products and services, SDK providers, and our third-party advertising and analytics partners. These third parties may access your information through cookies, pixels, clear GIFs, and similar technologies deployed on our Services.

  • THIRD-PARTY SERVICE PROVIDERS: We may disclose personal information with certain service providers whose services and solutions complement, facilitate and enhance our own. These include hosting and server services, communications and content delivery networks (CDNs), data and cybersecurity services, performance measurement services, data optimization and marketing services, content providers and our legal and financial advisors.

  • INFORMATION YOU SHARE: DarioHealth enables you to share your personal information with others, including healthcare providers, friends and contacts via social media, our app or other platforms. Please use caution when sharing your personal information with others. The information you share will be shared according to your instructions and actions, and we have no control over what happens with your information once you share it with others. 

OTHER USES AND DISCLOSURES OF PERSONAL INFORMATION

  • APPLICABLE LAW: We may disclose personal information to comply with applicable law and regulations, which may include laws outside your country of residence. Where we transfer data outside the country you are located in, we ensure that we have appropriate safeguards in place to protect your personal data in accordance with data protection laws. If you would like more information on how to obtain a copy of the appropriate safeguards in place, please email dpo@mydario.com.

  • DISCLOSURE OF PHI: In accordance with HIPAA and any relevant instructions or contractual obligations with your Provider Company, you may ask us share your PHI with family, close friends, or others involved in your care or to share your personal information in a disaster relief situation. If you are unable to tell us your preferences (e.g., if you are unconscious), we may share your PHI if we believe it is in your best interest, subject to applicable law. We also may share your PHI if we believe it is necessary to lessen a serious and imminent threat to health or safety. We will never share your PHI for marketing purposes or sell your PHI without your and your Providing Company's consent. Further, we may disclose your PHI in ways that contribute to the public good (e.g., public health and research), so long as we meet certain HIPAA requirements before such disclosure. These disclosures include those that help with public health and safety issues (e.g., preventing disease, helping with recalls, reporting adverse reactions, suspected abuse, neglect or domestic violence or preventing or reducing a serious threat to anyone's health or safety).  We also may share your PHI for health research or if state or federal laws require it, to respond to court or administrative orders or to address workers' compensation, law enforcement and other government requests.  In addition, we may disclose your PHI to respond to organ and tissue donation requests or to work with a medical examiner, coroner or funeral director.

  • TRANSACTION, LIQUIDATION: We may disclose personal information with third parties in connection with a transaction, such as a merger, sale of company assets or shares, reorganization, financing, change of control or acquisition of all or a portion of our business, or in the event of a bankruptcy or related or similar proceedings in compliance with applicable laws. 

  • PUBLIC AND GOVERNMENT AUTHORITIES, LAW ENFORCEMENT: Where permitted or required by applicable data protection laws, we may disclose your personal information pursuant to a legal request or in compliance with applicable laws, if we have good faith belief that the law requires us to do so, with or without notice to you. 

  • THIRD-PARTY ADVISORS: We may share personal information with third party advisors, such as consultants or legal advisors, in the context of our relationship with you.

  • PROTECTING RIGHTS AND SAFETY: Where permitted or required by law, we may disclose your personal information with others, including law enforcement, if we believe in good faith that it will help protect the rights, property or personal safety of DarioHealth, any of our users or any member of the general public, with or without notice to you. 

HOW WE MANAGE CONSENT

We may collect, use and disclose your personal information with yourconsent, except as required or permitted by law. When you use ourServices, you are providing consent to the collection, use anddisclosure of your personal information in accordance with this PrivacyPolicy.

Your consent can be withdrawn at any time, subject to legal orcontractual restrictions, by providing us with written notice. Uponreceipt of notice of withdrawal of consent, we will inform you of thelikely consequences of withdrawing your consent before we process yourrequest, which may include the inability of DarioHealth to provide youwith certain information, products, features or Services.

**YOUR CHOICES REGARDING PERSONAL INFORMATION **

  • EMAIL AND SMS MESSAGING: With your consent or subject to applicable law, e may use your email address or phone number to send you messages, such as feature changes and special offers. If you do not want to receive such notifications, you may opt-out or change your preferences by contacting our support team at dpo@mydario.com. You also may click the 'unsubscribe' link at the bottom of any marketing email or reply 'STOP' to any marketing SMS. Subject to regulatory requirements, opting out may prevent you from receiving notification including notices regarding updates, improvements or offers. We will honor your opt-out as soon as reasonably practicable and within legally prescribed timeframes. Please note that if you opt out of receiving marketing related emails from us, we may still send you important administrative messages that are not promotional in nature. 

  • MARKETING: We give you choices regarding our use and disclosure of your personal information for marketing purposes. You may always revoke your consent for the disclosure of your personal information for this purpose.

ACCESS, CHANGE, OR DELETE YOUR PERSONAL INFORMATION

If you would like to request to access, correct, update, suppress,restrict or delete personal information, object to or opt out of theprocessing of personal information, or if you would like to request acopy of your personal information for purposes of transmitting it toanother company (to the extent these rights are provided to youby applicable law), you may contact us per the "Contact Us" sectionbelow. We will respond to your request consistent with applicable law.

In your request, please clarify what personal information you would liketo have changed or whether you would like to have your personalinformation suppressed from our database. We may need to verify youridentity before implementing your request. We will comply with yourrequest to the extent required by applicable law.

If you reside in California or a U.S. state with a similar privacy law,please refer to the "Information for California Residents" section atthe end of this Privacy Policy for more information about the requestsyou may make under California law. If you are in the EEA, EU or UK,please refer to the "Information for Users in the EEA, EU and UK"section at the end of this Privacy Policy.

**THIRD-PARTY WEBSITES **

This Website may contain SDKs or links to third-party owned and/oroperated websites. DarioHealth is not responsible for the privacypractices or the content of such websites. Third-party websites haveseparate privacy and data collection practices, and DarioHealth has noresponsibility or liability relating to them. 

For example, if you choose to integrate the Apple HealthKit with theServices, we can add personal information to your HealthKit, at whichtime your personal information is subject to Apple\'s privacypolicy and we are no longerresponsible or in control of what happens to that personal information.

HOW WE ADVERTISE

We use third-party advertising companies to serve advertisementsregarding goods and services that may interest you when you access anduse the Services and other websites or online services. You may receiveadvertisements based on information relating to your access to and useof the Services and other websites or online services on any of yourdevices, as well as on information received from third parties. Thesecompanies place or recognize a unique cookie on your browser (includingthrough the use of pixel tags). They also use these technologies, alongwith information they collect about your online use, to recognize youacross the devices you use, such as mobile phone and laptop.

  • HOW NOT TO RECEIVE ONLINE ADVERTISING: For more information about this practice and how to opt out, please visit [http://optout.aboutads.info/#/]{.underline} and [http://optout.networkadvertising.org/#/]{.underline}. You also may download the AppChoices app at [www.aboutads.info/appchoices]{.underline} specifically for mobile.

HOW WE MAY USE COOKIES AND OTHER TRACKING TECHNOLOGIES

When providing our Services, we, and our third-party business partners,including advertising and analytics partners, may place and/or storecode or other types of information on your device or within yourbrowser, such as cookies, locally shared objects, and similar trackingtechnologies for the purposes set out in this Privacy Policy. Thesetechnologies can track web activity over time and across third-partyservices. Cookies and local storage may be set and accessed on yourcomputer. Upon your first visit to the Website and Services, a cookie orlocal storage may be sent to your device that uniquely identifies yourbrowser. (Cookies and local storage are small files containing a stringof characters sent to your computer\'s browser and stored on your devicewhen you visit a website. Many web-based services use cookies to provideuseful features for their users. Each website can send its own cookie toyour browser. Most browsers are initially set up to accept cookies.) Weand third party business partners may independently or in conjunctionuse these technologies in connection with the Service in a way thatcollects personal information for the purposes described in ourrespective privacy policies, including without limitation to determinewhether you have seen a particular advertisement before on the same ordifferent device and to otherwise control and tailor the display of adsto you based on your perceived preferences by collecting data to trackthe movements of individual users through the Service and elsewhere onthe internet over time and across unaffiliated websites, apps, anddevices, as well as to help diagnose problems with servers, to gatherbroad demographic information, to conduct research, to recordregistration and personalization information, to inform offers that wemay make to you, and to otherwise administer the Service.

If you do not want cookies, you may set your browser to refuse allcookies or to indicate when a cookie is being sent. However, if youreject cookies, you will not be able to sign into or take full advantageof our Services. Additionally, if you clear all cookies on your browserat any point after setting your browser to refuse all cookies orindicate when a cookie is being sent, you will need to reset yourbrowser to refuse all cookies or indicate when a cookie is being sent. 

Learn more about cookies at[http://www.allaboutcookies.org/]{.underline} and

[www.youronlinechoices.com/uk]{.underline}. 

To support our Services, we, and our third party advertising andanalytics partners, may use one or more of the following cookie orsimilar tracking technologies for the purposes set forth in this PrivacyPolicy: 

  • **TYPES OF TRACKING TECHNOLOGIES AND PURPOSES: **

  • Analytics and Performance Cookies -- To collect information about how and when our Services are accessed. We use this information to help operate our Services more efficiently, to gather broad demographic information and monitor activity levels. Note that we also use Google Analytics for this purpose. Google Analytics uses its own cookies. Learn about [Google Analytics cookies here]{.underline} and [Google's own privacy policy here]{.underline}. You can prevent the use of Google Analytics relating to your use of our Services by downloading and installing the browser plugin available here: [Google Analytics Opt-out Browser Add-on]{.underline} 

  • Essential Cookies -- To provide our Services to you. For example, essential cookies allow you to log into secure Services areas and help load content quickly.. Without these cookies, Services you requested could not be provided. 

  • Functionality Cookies -- To allow our Services to remember your user choices, such language preferences, login details, polls you voted in, poll results and any other customizable parts of our Services..

  • Social Media Cookies -- Used when you share information from our Services to your social media account(s). This may include selecting "share" or "like" from our Services platform or engaging with our content on our social media accounts. The social network will record that you have done this.

  • Pixel Tags -- These small graphic files allow us and third parties to monitor and collect data about your visit, such as the IP address of the computer that downloaded the page where the tag appears, how long you remained on the page, which browser you used to get there, and the identification number of any cookie previously placed by that server on your computer. We may use pixel tags provided by us or by third party advertisers, service providers and ad networks in combination with our cookies to provide offers and information of interest to you. Pixel tags also may enable ad networks to serve you targeted advertisements. 

For more information, please visit [www.allaboutdnt.com]{.underline}.

If you are accessing our Services from the EEA/EU or UK, please refer toour [Cookie Policy]{.underline} for more information.

**CHILDREN **

DarioHealth is committed to children\'s privacy. DarioHealth does notknowingly permit any person under 13 years of age to register directlyfor our Services. If you are under 13, do not use or provide anypersonal information to the Services. If you are 13-17 years old, wewill collect your parents' consent for your use of the Services asrequired by applicable law.

If DarioHealth learns that personal information of persons under 13years of age has been collected through the Services without parentalconsent, then we will take appropriate steps to remove the informationor maintain and use such information (in accordance with the otherprovisions of this Privacy Policy) in order to notify and obtain consentfrom the parent/guardian and/or for other purposes permitted underapplicable law.

If you are a parent or guardian and discover that your child under theage of 13 has a registered account with the Services without yourconsent, please alert DarioHealth at dpo@mydario.com to either provideconsent, request that we change your child's account settings, orrequest that DarioHealth remove the child's personal information. Pleaseprovide the child's name, address and email address when you notify us. 

**RETENTION PERIOD **

We will keep your personal information for as long as necessary toachieve the purposes set forth above. The criteria used to determine howlong we retain personal information include: (i) the length of time wehave an ongoing relationship with you and provide the Services to you;(ii) whether there is a legal obligation to which we are subject; or(iii) whether retention is advisable in light of our legal position(such as applicable statutes of limitations, litigation or regulatoryinvestigations). We will keep personal information associated with aregistered account for so long as your account is active. 

We may continue to retain your personal information after you deactivateyour user account or stop using the Services, as reasonably necessary tocomply with our legal obligations, to resolve disputes regarding ourusers, enforce our agreements or protect our legitimate interests, ineach case consistent with applicable law. 

SECURITY

We seek to use reasonable organizational, technical and administrativemeasures to protect personal information within our organization.Unfortunately, no data transmission or storage system can be guaranteedto be 100% secure. If you have reason to believe that your interactionwith us is no longer secure, please immediately notify us by emailing[dpo@mydario.com]{.underline}. 

**ADDITIONAL INFORMATION FOR USERS OUTSIDE THE USA **

The Services are operated in the United States of America. If you arelocated in another jurisdiction, please be aware that information youprovide to us and that we otherwise collect about you as explained inthis Privacy Policy may be transferred to, stored and processed in theU.S. No transfer of any data will occur without pursuing the appropriatesafeguards, including standard contractual clauses approved by theEuropean Commission, and all necessary measures to provide adequateprotection as required by applicable data protection law.  Insofar as wedisclose your personal information with affiliates, partners andthird-party service providers (as described above in the section"DISCLOSURE OF PERSONAL INFORMATION") that are located in the USA orother countries outside your jurisdiction that do not provide a level ofdata protection as considered adequate to your jurisdiction, wherenecessary, we have implemented appropriate safeguards and supplementarymeasures according to applicable data protection laws, including, forthe EEA/EU and the UK, the execution of standard contractual clausesapproved by the European Commission/ICO with the respective recipients,ensuring that the data processed by such recipients is adequatelyprotected. For more information on the recipients and third countriesconcerned, the safeguards implemented, and for obtaining a copy of thesesafeguards, please contact us at dpo@mydario.com.

To request to limit the use and disclosure of your personal information,please submit a written request to dpo@mydario.com. In certainsituations, we may be required to disclose personal data in response tolawful requests by public authorities, including to meet nationalsecurity or law enforcement requirements.

DarioHealth is committed to resolving complaints about your privacy andour collection or use of your personal information transferred to theUSA pursuant to applicable data protection law.

ADDITIONAL INFORMATION FOR USERS IN THE EEA, EU and UK, AND USERS INJURISDICTIONS WITH SIMILAR PRIVACY LAWS

If you are in the European Economic Area (EEA), European Union (EU) orUnited Kingdom (UK), or a jurisdiction with a similar privacy law (suchas Quebec), your personal information may be protected by the EuropeanUnion General Data Protection Regulation (GDPR), the United Kingdom DataProtection Act and United Kingdom GDPR, or a similar privacy law(collectively, and specifically including jurisdictions with similarprivacy laws, "EU/UK Privacy Laws"). For individuals whose personalinformation is protected by the EU/UK Privacy Laws, please know thatDarioHealth, Inc. is the data controller responsible for the collection,use, and disclosure of your personal information under this PrivacyPolicy.

If your personal information is protected by the EU/UK Privacy Laws, youmay have the following rights in relation to your personal information: 

  • The right to access: You have the right to request from us a copy of the personal information we hold about you.

  • The right to rectification: You have the right to request that we correct any personal information about you that is inaccurate, and to request that we complete the personal information we hold about you where you believe it is incomplete.

  • The right to erasure: You have the right to request that we erase your personal information, under certain conditions. In the event of an erasure request, we may retain a copy of your personal information for our record keeping purposes and to avoid entering your personal information in our systems after your request.

  • The right to restrict processing: You have the right to request that we restrict the processing of your personal information, under certain conditions.

  • The right to object to processing: You have the right to object to our processing of your personal information, under certain conditions, and you have an unconditional right to object to the processing of your personal information for direct marketing purposes.

  • The right to data portability: You have the right to request that we transfer the personal information we have collected about you to another organization, or directly to you, under certain conditions. You can also request a copy of your personal information in a structured, common, and machine-readable format.

  • The right to withdraw consent: Where we rely on your consent to process your personal information, you have the right to withdraw that consent at any time. Your withdrawal of consent does not impact the lawfulness of our processing up to the point of consent withdrawal.

  • The right not to be subject to a decision based solely on automated processing which produces legal effects concerning you or significantly affects you in a similar way, if the legal requirements are not met. An automated decision making process is not carried out by DarioHealth.

  • The right to make a complaint to your data protection regulator. Here is a list of the data protection regulatory authorities in the EU: [https://edpb.europa.eu/about-edpb/board/members_en]{.underline}. The UK data protection regulatory authority is the Information Commissioner's Office (ICO). You can contact the ICO via their website: https://ico.org.uk/global/privacy-notice/how-you-can-contact-us/#email

Please note that there are exceptions to the various rights listedabove. As an example, in certain circumstances we may have a legalobligation to retain some of your personal information.

You can submit requests to exercise these rights byemailing dpo@mydario.com. We try to respond to all legitimate requestswithin one month or quicker if legally required to do so. Occasionallyit may take us longer than a month if your request is particularlycomplex or you have made a number of requests. In this case, we willnotify you and keep you updated.

We may need to request specific information from you to help us confirmyour identity and ensure your right to access your personal informationor to exercise any of your other rights. This is a security measure toensure that personal information is not disclosed to any person who hasno right to receive it. We may also contact you to ask you for furtherinformation in relation to your request to speed up our response.

If you would like to submit a complaint regarding our practices inrelation to your personal information, please email our Data ProtectionOfficer at [dpo@mydario.com]{.underline}. We will reply to yourcomplaint as soon as we can.

INFORMATION FOR U.S. RESIDENTS WHO RESIDE IN STATES WITH ACOMPREHENSIVE PRIVACY LAW

In accordance with applicable U.S. state privacy laws, such as theCalifornia Consumer Privacy Act of 2018, as amended by the CaliforniaPrivacy Rights Act ("CCPA"), in each case as such laws come into effectand are amended from time to time, the following section providesadditional details regarding the categories of personal information wecollect, use, and disclose about residents in states with suchapplicable privacy laws.

In this section, "personal information" means information that qualifiesas "personal information" or a similar term under an applicable U.S.state privacy law, including information that identifies, relates to,describes, is reasonably capable of being associated with, or couldreasonably be linked, directly or indirectly, to a particular person.Personal information does not include de-identified or anonymizedinformation; publicly available information that is lawfully madeavailable from federal, state, or local government records; andinformation covered by certain sector-specific privacy laws, like HIPAA.

Categories of personal information

The following chart includes: (1) the categories of personal informationthat we have collected within the preceding 12 months; and (2) thecategories of third parties to which we disclosed personal informationfor our business or commercial purposes within the preceding 12 months. 

+----------------------------------+------+---------------------------+| Category of Personal | Bu | Category of Recipients || Information Collected & Examples | sine | (sales or sharing noted || of Personal Information Within | ss | by *) || Each Category | or | || | Co | || | mmer | || | cial | || | Purp | || | oses | || | for | || | Pr | || | oces | || | sing | || | (co | || | mmer | || | cial | || | purp | || | oses | || | n | || | oted | || | by | || | \ | || | *) | |+==================================+======+===========================+| Identifiers | ** | - Advertising networks* || | •  | || A real name, alias, postal | P | - Social networks* || address, date of birth, online | rovi | || identifier, Internet Protocol | sion | - Service providers || address, email address, other | of | || similar identifiers | Serv | - Affiliates || | ices | || | | || | ** | || | •  | || | Busi | || | ness | || | Op | || | erat | || | ions | || | and | || | Man | || | agem | || | ent\ | || | ** | || | •  | || | Cust | || | omer | || | Ser | || | vice | || | /Com | || | muni | || | cati | || | ons\ | || | | || | * Pa | || | ymen | || | t/Fi | || | nanc | || | ial\ | || | * | || | | || |  Ser | || | ving | || | Ad | || | s*\ | || | | || | * Ad | || | A | || | dmin | || | istr | || | atio | || | n*\ | || | * | || | | || |  Qua | || | lity | || | and | || | Saf | || | ety\ | || | • | || | ** S | || | ecur | || | ity\ | || | •* | || | * Re | || | cord | || | keep | || | ing\ | || | • | || | ** L | || | egal | || | /Com | || | plia | || | nce\ | || | ** | || | •  | || | Rese | || | arch | || | and | || | Deve | || | lopm | || | ent\ | || | ** | || | •  | || | Purp | || | oses | || | D | || | iscl | || | osed | || | at | || | C | || | olle | || | ctio | || | n*\ | || | •* | || | * Le | || | giti | || | mate | || | Busi | || | ness | || | Purp | || | oses | |+----------------------------------+------+---------------------------+| Personal information | ** | - Service providers || categories listed in the | •  | || California Customer Records | P | - Affiliates || statute (Cal. Civ. Code § | rovi | || 1798.80(e)) | sion | || | of | || A name, address, telephone | Serv | || number, health insurance | ices | || information, payment card | | || information, date of birth, age, | ** | || physical characteristics (e.g., | •  | || weight, height), medical | Busi | || information | ness | || | Op | || | erat | || | ions | || | and | || | Man | || | agem | || | ent\ | || | ** | || | •  | || | Cust | || | omer | || | Ser | || | vice | || | /Com | || | muni | || | cati | || | ons\ | || | | || | * Pa | || | ymen | || | t/Fi | || | nanc | || | ial\ | || | * | || | | || |  Qua | || | lity | || | and | || | Saf | || | ety\ | || | • | || | ** S | || | ecur | || | ity\ | || | | || | * Re | || | cord | || | keep | || | ing\ | || | • | || | ** L | || | egal | || | /Com | || | plia | || | nce\ | || | ** | || | •  | || | Rese | || | arch | || | and | || | Deve | || | lopm | || | ent\ | || | ** | || | •  | || | Purp | || | oses | || | D | || | iscl | || | osed | || | at | || | C | || | olle | || | ctio | || | n*\ | || | | || | * Le | || | giti | || | mate | || | Busi | || | ness | || | Purp | || | oses | |+----------------------------------+------+---------------------------+| Protected classification | ** | - Service providers || characteristics under California | •  | || or federal law | P | - Affiliates || | rovi | || Age, race, ancestry, marital | sion | || status (in relation to how | of | || family members are related), | Serv | || pregnancy, medical condition, | ices | || physical or mental disability, | | || sex (including gender, gender | ** | || identity, gender expression) | •  | || | Busi | || | ness | || | Op | || | erat | || | ions | || | and | || | Man | || | agem | || | ent\ | || | ** | || | •  | || | Cust | || | omer | || | Ser | || | vice | || | /Com | || | muni | || | cati | || | ons\ | || | \ | || | * | || | *• | || |  Ser | || | ving | || | Ad | || | s*\ | || | | || | * Ad | || | A | || | dmin | || | istr | || | atio | || | n*\ | || | * | || | | || |  Qua | || | lity | || | and | || | Saf | || | ety\ | || | • | || | ** S | || | ecur | || | ity\ | || | | || | * Re | || | cord | || | keep | || | ing\ | || | • | || | ** L | || | egal | || | /Com | || | plia | || | nce\ | || | ** | || | •  | || | Rese | || | arch | || | and | || | Deve | || | lopm | || | ent\ | || | ** | || | •  | || | Purp | || | oses | || | D | || | iscl | || | osed | || | at | || | C | || | olle | || | ctio | || | n*\ | || | | || | * Le | || | giti | || | mate | || | Busi | || | ness | || | Purp | || | oses | |+----------------------------------+------+---------------------------+| Internet or other electronic | ** | - Advertising networks* || network activity | •  | || | P | - Data analytics || Browsing history, search | rovi | || history, information on a | sion | - Social networks* || consumer's interaction with an | of | || internet website, application, | Serv | - Service providers || or advertisement | ices | || | | - Affiliates || | ** | || | •  | || | Busi | || | ness | || | Op | || | erat | || | ions | || | and | || | Man | || | agem | || | ent\ | || | ** | || | •  | || | Cust | || | omer | || | Se | || | rvic | || | e/Co | || | mmun | || | icat | || | ions | || | | || | * | || | *• | || |  Ser | || | ving | || | Ad | || | s*\ | || | •* | || | * Ad | || | A | || | dmin | || | istr | || | atio | || | n*\ | || | | || | * Pa | || | ymen | || | t/Fi | || | nanc | || | ial\ | || | * | || | | || |  Qua | || | lity | || | and | || | Saf | || | ety\ | || | • | || | ** S | || | ecur | || | ity\ | || | •* | || | * Re | || | cord | || | keep | || | ing\ | || | • | || | ** L | || | egal | || | /Com | || | plia | || | nce\ | || | ** | || | •  | || | Rese | || | arch | || | and | || | Deve | || | lopm | || | ent\ | || | ** | || | •  | || | Purp | || | oses | || | D | || | iscl | || | osed | || | at | || | C | || | olle | || | ctio | || | n*\ | || | •* | || | * Le | || | giti | || | mate | || | Busi | || | ness | || | Purp | || | oses | |+----------------------------------+------+---------------------------+| Biometric Data | ** | - Service providers || | •  | || Physical characteristics such as | P | - Affiliates || height and weight, blood tests, | rovi | || blood pressure tests, nutrient | sion | || consumption, exercise activity | of | || and motion (e.g., steps, cardio | Serv | || activity, kcal, type and | ices | || intensity), posture information, | | || gait, physical, mental, and | ** | || emotional health status | •  | || | Busi | || | ness | || | Op | || | erat | || | ions | || | and | || | Man | || | agem | || | ent\ | || | ** | || | •  | || | Cust | || | omer | || | Ser | || | vice | || | /Com | || | muni | || | cati | || | ons\ | || | | || | * Pa | || | ymen | || | t/Fi | || | nanc | || | ial\ | || | * | || | | || |  Qua | || | lity | || | and | || | Saf | || | ety\ | || | • | || | ** S | || | ecur | || | ity\ | || | | || | * Re | || | cord | || | keep | || | ing\ | || | • | || | ** L | || | egal | || | /Com | || | plia | || | nce\ | || | ** | || | •  | || | Rese | || | arch | || | and | || | Deve | || | lopm | || | ent\ | || | ** | || | •  | || | Purp | || | oses | || | D | || | iscl | || | osed | || | at | || | C | || | olle | || | ctio | || | n*\ | || | | || | * Le | || | giti | || | mate | || | Busi | || | ness | || | Purp | || | oses | |+----------------------------------+------+---------------------------+| Geolocation data | ** | - Data Analytics || | •  | || Physical location or movements | P | - Service providers || and device location | rovi | || | sion | - Affiliates || | of | || | Serv | || | ices | || | | || | ** | || | •  | || | Busi | || | ness | || | Op | || | erat | || | ions | || | and | || | Man | || | agem | || | ent\ | || | •* | || | * Le | || | giti | || | mate | || | Busi | || | ness | || | Purp | || | oses | |+----------------------------------+------+---------------------------+| Audio, electronic, visual, | ** | - Service providers || thermal, olfactory, or similar | •  | || information | P | - Affiliates || | rovi | || Audio, video, photos, | sion | || testimonials. | of | || | Serv | || | ices | || | | || | ** | || | •  | || | Busi | || | ness | || | Op | || | erat | || | ions | || | and | || | Man | || | agem | || | ent\ | || | ** | || | •  | || | Cust | || | omer | || | Ser | || | vice | || | /Com | || | muni | || | cati | || | ons\ | || | ** | || | •  | || | Purp | || | oses | || | D | || | iscl | || | osed | || | at | || | C | || | olle | || | ctio | || | n*\ | || | | || | * Le | || | giti | || | mate | || | Busi | || | ness | || | Purp | || | oses | |+----------------------------------+------+---------------------------+| Financial information | ** | - Service providers || | •  | || Payment card or online payment | P | - Affiliates || account information and billing | rovi | || addres | sion | || | of | || | Serv | || | ices | || | | || | ** | || | •  | || | Busi | || | ness | || | Op | || | erat | || | ions | || | and | || | Man | || | agem | || | ent\ | || | ** | || | •  | || | Cust | || | omer | || | Ser | || | vice | || | /Com | || | muni | || | cati | || | ons\ | || | | || | * Pa | || | ymen | || | t/Fi | || | nanc | || | ial\ | || | * | || | | || |  Qua | || | lity | || | and | || | Saf | || | ety\ | || | • | || | ** S | || | ecur | || | ity\ | || | | || | * Re | || | cord | || | keep | || | ing\ | || | • | || | ** L | || | egal | || | /Com | || | plia | || | nce\ | || | ** | || | •  | || | Purp | || | oses | || | D | || | iscl | || | osed | || | at | || | C | || | olle | || | ctio | || | n*\ | || | •* | || | * Le | || | giti | || | mate | || | Busi | || | ness | || | Purp | || | oses | |+----------------------------------+------+---------------------------+| Commercial information | ** | - Service providers || | •  | || Records of your purchase history | P | - Affiliates || and transactions with us, | rovi | || purchasing or consuming | sion | || histories or tendencies | of | || | Serv | || | ices | || | | || | ** | || | •  | || | Busi | || | ness | || | Op | || | erat | || | ions | || | and | || | Man | || | agem | || | ent\ | || | ** | || | •  | || | Cust | || | omer | || | Ser | || | vice | || | /Com | || | muni | || | cati | || | ons\ | || | | || | * Pa | || | ymen | || | t/Fi | || | nanc | || | ial\ | || | * | || | | || |  Qua | || | lity | || | and | || | Saf | || | ety\ | || | • | || | ** S | || | ecur | || | ity\ | || | | || | * Re | || | cord | || | keep | || | ing\ | || | • | || | ** L | || | egal | || | /Com | || | plia | || | nce\ | || | ** | || | •  | || | Purp | || | oses | || | D | || | iscl | || | osed | || | at | || | C | || | olle | || | ctio | || | n*\ | || | | || | * Le | || | giti | || | mate | || | Busi | || | ness | || | Purp | || | oses | |+----------------------------------+------+---------------------------+| Communications | ** | - Service providers || | •  | || Content of communications | P | - Affiliates || between you and us, or between | rovi | || you and your coach or mental | sion | || health Providing Company for | of | || services | Serv | || | ices | || | | || | ** | || | •  | || | Busi | || | ness | || | Op | || | erat | || | ions | || | and | || | Man | || | agem | || | ent\ | || | ** | || | •  | || | Cust | || | omer | || | Ser | || | vice | || | /Com | || | muni | || | cati | || | ons\ | || | | || | * Pa | || | ymen | || | t/Fi | || | nanc | || | ial\ | || | * | || | | || |  Qua | || | lity | || | and | || | Saf | || | ety\ | || | | || | * Re | || | cord | || | keep | || | ing\ | || | • | || | ** L | || | egal | || | /Com | || | plia | || | nce\ | || | ** | || | •  | || | Rese | || | arch | || | and | || | Deve | || | lopm | || | ent\ | || | ** | || | •  | || | Purp | || | oses | || | D | || | iscl | || | osed | || | at | || | C | || | olle | || | ctio | || | n*\ | || | | || | * Le | || | giti | || | mate | || | Busi | || | ness | || | Purp | || | oses | |+----------------------------------+------+---------------------------+| Professional or | ** | - Service providers || employment-related information | •  | || | P | - Affiliates || Current or past job history | rovi | || | sion | || | of | || | Serv | || | ices | || | | || | ** | || | •  | || | Busi | || | ness | || | Op | || | erat | || | ions | || | and | || | Man | || | agem | || | ent\ | || | ** | || | •  | || | Cust | || | omer | || | Ser | || | vice | || | /Com | || | muni | || | cati | || | ons\ | || | | || | * Le | || | giti | || | mate | || | Busi | || | ness | || | Purp | || | oses | |+----------------------------------+------+---------------------------+| Inferences | ** | - Service providers || | •  | || Profile reflecting your | P | - Affiliates || preferences, characteristics, | rovi | || psychological trends, | sion | || predispositions, behavior, | of | || attitude, intelligence, | Serv | || abilities, aptitude. | ices | || | | || | ** | || | •  | || | Busi | || | ness | || | Op | || | erat | || | ions | || | and | || | Man | || | agem | || | ent\ | || | ** | || | •  | || | Cust | || | omer | || | Ser | || | vice | || | /Com | || | muni | || | cati | || | ons\ | || | * | || | | || |  Qua | || | lity | || | and | || | Saf | || | ety\ | || | | || | * Re | || | cord | || | keep | || | ing\ | || | • | || | ** L | || | egal | || | /Com | || | plia | || | nce\ | || | ** | || | •  | || | Rese | || | arch | || | and | || | Deve | || | lopm | || | ent\ | || | ** | || | •  | || | Purp | || | oses | || | D | || | iscl | || | osed | || | at | || | C | || | olle | || | ctio | || | n*\ | || | | || | * Le | || | giti | || | mate | || | Busi | || | ness | || | Purp | || | oses | |+----------------------------------+------+---------------------------+

The categories of sources from which we collect personal information andour business and commercial purposes for using personal information areset forth above.

As indicated, we may also collect personal information that qualifies assensitive data under applicable data protection laws ("SensitivePersonal Information"). Sensitive Personal Information may include raceor ethnicity, geolocation, and health data. We collect race/ethnicitydata for clinical data and research purposes; we may also use aggregaterace/ethnicity data for customer reporting purposes. We limit the usesof geolocation data and health data we collect to those that arenecessary to provide the relevant Services. We may share this data forbusiness purposes with service providers. You have the right to requestthat we limit the use of your Sensitive Personal Information. If youwould like to limit how we use this information, please contactdpo@mydario.com

DarioHealth will retain this data as long as you: 1) remain aDarioHealth user and 2) have not affirmatively withdrawn your consent. DarioHealth does not sell or share your Sensitive Personal Information.

"Sales" or "sharing" of personal information. DarioHealth does notsell your personal information in exchange for money. However, under thebroad definitions in U.S. state privacy laws, DarioHealth may "sell" or"share" personal information through the use of cookies and pixels onour corporate website. We use these cookies and pixels for the solepurpose of providing targeted behavioral advertising based on yourinterest in DarioHealth. You may adjust your cookie preferences on yourdevice or remove them by adjusting your browser or devices preferences,as they permit, and email dpo@mydario.com to request that we do notcollect or use your personal information for behavioral advertising.DarioHealth does not otherwise, in any way, sell your personalinformation.  We also do not have actual knowledge of any "sale" or"sharing" of personal information of minors under 16 years of agewithout requisite consent.

**Submitting Personal Information Rights Requests. **

Depending on where you live, you may have certain rights with respect toyour personal information that we process. Those rights may include:

  • Access/Data Portability: You may request confirmation as to whether we are processing your personal information, to receive a copy of your personal information delivered electronically in a portable and readily useable format (if reasonably feasible), to know specific pieces of personal information collected about you, or to know how or why categories personal information are sourced, used, or disclosed;

  • Deletion: You may request that we delete your personal information;

  • Correction: You may request that we correct or update personal information that is inaccurate or incomplete;

  • Opt-Out of Sales, Sharing, and Targeted Advertising: You may request that we do not sell or share, or process for targeted advertising, your personal information; and

  • Limit Use of Sensitive Information: You may request that we limit that we refrain from certain processing of your Sensitive Personal Information.

  • Non-Discrimination: You have the right to not receive discriminatory treatment by us for the exercise of their rights conferred by applicable law.

DarioHealth currently does not engage in profiling activities that giverise to any opt-out right under state privacy laws. You may submit averifiable consumer request to us to exercise any of these rights byemailing dpo@mydario.com or calling 833-914-3796. To opt out of sales,sharing, and disclosures of personal information for targetedadvertising, please clickhere.To protect your and others' privacy, we will take reasonable steps toverify your identity before fulfilling your request, which may includeasking you for additional information to allow us to reasonably confirmthat you are the person about whom the relevant personal information wascollected. We will endeavor to respond to your request as soon aspossible, and if we cannot respond within 45 days, we will let you knowthat we require additional time, to the extent consistent by applicablelaw. We will process your rights requests in accordance with applicablelaws.

For other requests you may have or to register your appeal regarding ourresponses to requests you have made, please contact us atdpo@mydario.com. We ask that you provide your name and contactinformation, and we may ask for additional information about yourinteractions with us to verify your identity. If you have additionalconcerns about the result of an appeal, your local laws may afford youthe right to contact your state attorney general for further assistance.

Authorized Agents. Only you, or someone legally authorized to act onyour behalf, may make a verifiable consumer request related to yourpersonal information using the contact information stated in thisPrivacy Policy. You may designate an authorized agent to make requestson your behalf. You must provide an authorized agent written permissionto submit a request on your behalf, and we may require that you verifyyour identity directly with us and/or that the authorize agent verifytheir right to act on your behalf.

Notice of Financial Incentives. In connection with the Healthiesrewards program, we may offer the following financial incentives and/orprice or service differences in exchange for our use of your personalinformation:

  • [Healthies Rewards Points]{.underline}: We offer rewards points and other exclusive incentives for participating in the Healthies program and taking certain actions in the Services that generate and earn points, such as taking bodily measurements, sending chat messages, reading an article, and communicating with a Dario coach. To offer these rewards, we must track your personal information, such as your use of the Services and the information you provide when doing so and performing the actions described above. We must also collect your contact information to send you rewards that you are eligible for. The value we place on the personal information in connection with these rewards is calculated by determining the approximate additional use of the Services and additional purchases per user, per year compared to individuals who are not enrolled in Healthies.

If you are enrolled in our Healthies program, you are automaticallyeligible for these benefits.

To withdraw from the Healthies program, please contact us by email atdpo@mydario.com, or by phone at 833-914-3796. You may also unsubscribefrom Healthies program-related promotional offers at any time byclicking the "unsubscribe" link at the bottom of such emails.

**CHANGES TO THIS PRIVACY POLICY **

DarioHealth reserves the right to change or update this Privacy Policyat any time by posting an updated Privacy Policy within the Services. Wealso will notify users via email and/or any other reasonable meansacceptable under state and federal law, to the extent required byapplicable law.

**CONTACT US **

DarioHealth is the controller of your personal information, except wherewe act as a processor to a Provider Company. If you have any questionsor comments about this Privacy Policy, or to contact DarioHealth as thecontroller of your personal information, please email our DataProtection Officer at [dpo@mydario.com]{.underline} or send a letter to:

DarioHealth

Attn: DPO

18 W. 18^th^ Street

New York, NY 10011 USA